[systemd-devel] Preserve all active encrypted device when shutting down into initramfs
Ivan Kabaivanov
chepati at yahoo.com
Sun Jul 24 08:25:39 UTC 2016
sorry for top-replying, yahoo web client is braindead.
This is how I got around this:
diff -Naurw systemd-230.original/src/core/shutdown.c systemd-230/src/core/shutdown.c --- systemd-230.original/src/core/shutdown.c 2016-05-22 01:31:29.000000000 +0300+++ systemd-230/src/core/shutdown.c 2016-07-23 13:17:58.008983291 +0300@@ -272,6 +272,10 @@ log_error_errno(r, "Failed to detach loop devices: %m"); } + if (!in_container && !in_initrd() &&+ access("/run/initramfs/shutdown", X_OK) == 0) {+ log_info("Keeping all DM devices attached for easy access in the initramfs", r);+ } else { if (need_dm_detach) { log_info("Detaching DM devices."); r = dm_detach_all(&changed);@@ -283,6 +287,7 @@ else log_error_errno(r, "Failed to detach DM devices: %m"); }+ } if (!need_umount && !need_swapoff && !need_loop_detach && !need_dm_detach) { if (retries > 0)
Judging by your response, this is unlikely to be accepted, so I have to maintain it myself, but as long as it does what I need, that's fine.
Thanks,IvanK.
On Friday, July 22, 2016 9:28 PM, Lennart Poettering <lennart at poettering.net> wrote:
On Fri, 22.07.16 17:24, Ivan Kabaivanov (chepati at yahoo.com) wrote:
> Hi,
> I'm running LFS (Linux From Scratch) with systemd-230, compiled from source. I have three LUKS-encrypted devices:
> /dev/mapper/swap/dev/mapper/root/dev/mapper/home
> I want to drop into initramfs and do some maintenance work, for which I require all three of these encrypted devices to remain active.
> I create /run/initramfs with a populated and working initramfs. I create /run/initramfs/shutdown with permissions 0755 and the following content:
> #/bin/shexec busybox sh
> When I issue the shutdown command I get dropped into the initramfs and I get the busybox shell. Howerver, only /dev/mapper/root (my / ) remains active. /dev/mapper/swap and /dev/mapper/home point to non-existent /dev/dm-* block devices.
> Manually trying cryptsetup open /dev/sdaN label just hangs without activating the device.
> I'm guessing systemd goes on a killing spree and kills all the crypt processes, except the ones associated with / (/oldroot in the initramfs).
> Is there a way to tell systemd to keep the encrypted devices active, even if it unmounts their filesystems?
No, this is currently not available. The killing spree will try to
unmount everything it can, detach all loopbacks it can, and
disassemble all DM devices it can (of which LUKS is one type). You are
shutting down after all...
Lennart
--
Lennart Poettering, Red Hat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20160724/9d2b8711/attachment.html>
More information about the systemd-devel
mailing list