[systemd-devel] Questions on setting up a Truecrypt volume management service
Jakob Hetzelein
nasenatmer at posteo.de
Wed Oct 17 07:33:35 PDT 2012
Dear Lennart & Matthew,
after taking some time to wrap my mind around the %I mechanism, I came
to the conclusion that a service file written by Matthew is the most
pragmatic while still flexible solution for this use case.
Since installing another programme (Plymouth) isn't a true option (and
doesn't solve the problem of Truecrypt's inflexibility) and employing
the sysemd-ask-password logic together with using crypttab seems to be
more cumbersome than rewarding in any way, I'm subscribing to Matthew's
approach which means:
1) Use this service to encrypt & map the volumes with truecrypt (enabled
via "systemctl enable truecrypt at dev-sda2.service"):
truecrypt at .service----------------------------------------------------
[Unit]
Description=Truecrypt Setup for %I
DefaultDependencies=no
Conflicts=umount.target
Before=umount.target
After=systemd-readahead-collect.service systemd-readahead-replay.service
[Service]
RemainAfterExit=yes
StandardInput=tty-force
ExecStart=/usr/bin/truecrypt --filesystem=none %I
ExecStop=/usr/bin/truecrypt --filesystem=none -d %I
[Install]
WantedBy=cryptsetup.target
======================================================================
2) And insert a line into fstab:
/dev/mapper/truecrypt1 /path/to/mnt/point ext4 defaults 0 2
to have the fs monitored by fsck.
This is also archived in the arch wiki now:
https://wiki.archlinux.org/index.php/TrueCrypt#Mount_volumes_using_a_systemd_service
Thanks again for your hints Lennart and for your patience, Matthew!
Best, Jakob
--
Digitally signed with PGP key 0x3D23016E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20121017/83741c9d/attachment.pgp>
More information about the systemd-devel
mailing list