Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: How can I manually mount external encrypted media with system

  1. #11
    Join Date
    Sep 2012
    Posts
    5,503

    Default Re: How can I manually mount external encrypted media with system

    Quote Originally Posted by robin_listas View Post
    However... is
    this a bug, or did I do something wrong?
    I'd say neither. The primary use case for these unit files is mapping of /etc/crypttab and /etc/fstab. So as long as this works, it can be considered as minor inconvenience.

    It is probably still worth discussion on systemd-devel.

  2. #12
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How can I manually mount external encrypted media with system

    On 2013-06-30 20:26, arvidjaar wrote:
    >
    > robin_listas;2568544 Wrote:
    >> However... is
    >> this a bug, or did I do something wrong?
    >>

    >
    > I'd say neither. The primary use case for these unit files is mapping
    > of /etc/crypttab and /etc/fstab. So as long as this works, it can be
    > considered as minor inconvenience.


    But it does not work. An encrypted device with a dash on the name does
    not work. I had to rename it.

    > It is probably still worth discussion on systemd-devel.


    If you want to comment it there, go ahead; it is not the place for me. I
    can mention the issue on a bugzilla at Novell.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  3. #13
    Join Date
    Sep 2012
    Posts
    5,503

    Default Re: How can I manually mount external encrypted media with system

    Quote Originally Posted by robin_listas View Post
    But it does not work. An encrypted device with a dash on the name does
    not work.
    It does work for intended use case. It generates correct dependencies between units so when top-level unit that needs encrypted container is activated, encrypted container is activated too.
    Code:
    linux-1a7f:~ # cat /etc/crypttab
    cr-test /dev/sdb none noauto
    linux-1a7f:~ # grep cr-test /etc/fstab
    /dev/mapper/cr-test /test    ext2    noauto,nofail    0 0
    linux-1a7f:~ # systemctl start test.mount
    Please enter passphrase for disk QEMU_HARDDISK (cr-test) on /test! ****
    linux-1a7f:~ # df /test
    Filesystem          1K-blocks  Used Available Use% Mounted on
    /dev/mapper/cr-test      7931    45      7314   1% /test
    linux-1a7f:~ # systemctl status test.mount
    test.mount - /test
       Loaded: loaded (/etc/fstab)
       Active: active (mounted) since Mon 2013-07-01 08:34:40 MSK; 12s ago
        Where: /test
         What: /dev/mapper/cr-test
      Process: 1983 ExecMount=/bin/mount /dev/mapper/cr-test /test -t ext2 -o noauto,nofail (code=exited, status=0/SUCCESS)
    
    Jul 01 08:34:40 linux-1a7f systemd[1]: Mounting /test...
    Jul 01 08:34:40 linux-1a7f systemd[1]: Mounted /test.
    linux-1a7f:~ # systemctl status systemd-cryptsetup@cr\\x2dtest.service
    systemd-cryptsetup@cr\x2dtest.service - Cryptography Setup for cr-test
       Loaded: loaded (/etc/crypttab)
       Active: active (exited) since Mon 2013-07-01 08:34:40 MSK; 39s ago
         Docs: man:systemd-cryptsetup@.service(8)
               man:crypttab(5)
      Process: 1942 ExecStart=/usr/lib/systemd/systemd-cryptsetup attach cr-test /dev/sdb none noauto (code=exited, status=0/SUCCESS)
    
    Jul 01 08:34:39 linux-1a7f systemd-cryptsetup[1942]: Set cipher aes, mode xts-plain64, key size...b.
    Jul 01 08:34:40 linux-1a7f systemd[1]: Started Cryptography Setup for cr-test.
    linux-1a7f:~ # systemctl --no-pager show -p After -p Requires test.mount
    Requires=-.mount
    After=local-fs-pre.target systemd-journald.socket dev-mapper-cr\x2dtest.device -.mount
    linux-1a7f:~ # systemctl --no-pager show -p After -p Requires dev-mapper-cr\\x2dtest.device
    Requires=systemd-cryptsetup@cr\x2dtest.service
    After=
    Remember, it was never intended as general purpose crypto-container management interface, but rather as a way to provide support for /etc/crypttab on boot. After boot there are many ways to manage them, including udisks2

  4. #14
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How can I manually mount external encrypted media with system

    On 2013-07-01 06:56, arvidjaar wrote:
    >
    > robin_listas;2568604 Wrote:
    >>
    >> But it does not work. An encrypted device with a dash on the name does
    >> not work.

    > It does work for intended use case. It generates correct dependencies
    > between units so when top-level unit that needs encrypted container is
    > activated, encrypted container is activated too.


    You are not getting the point. It works on all, but it fails on one of
    the mounts, it fails if there is a dash in the name. You are skipping
    commenting on this fact. Why does it fail? Why the escaping?


    > Remember, it was never intended as general purpose crypto-container
    > management interface, but rather as a way to provide support for
    > /etc/crypttab on boot. After boot there are many ways to manage them,
    > including udisks2


    As far as I'm concerned, it is a replacement for SuSE script
    /etc/init.d/boot.crypto. I expect no more and no less than what that
    script did. After all, systemd is touted as a drop in replacement for
    systemv. The partitions I'm using are several years old, and they worked
    fine with it.


    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  5. #15
    Join Date
    Sep 2012
    Posts
    5,503

    Default Re: How can I manually mount external encrypted media with system

    Quote Originally Posted by robin_listas View Post
    it fails if there is a dash in the name. You are skipping
    commenting on this fact.
    My message that you replied to shows that it works for crypto container with dash in name.

    > Remember, it was never intended as general purpose crypto-container
    > management interface, but rather as a way to provide support for
    > /etc/crypttab on boot. After boot there are many ways to manage them,
    > including udisks2

    As far as I'm concerned, it is a replacement for SuSE script
    /etc/init.d/boot.crypto. I expect no more and no less than what that
    script did. After all, systemd is touted as a drop in replacement for
    systemv.
    systemd is touted as drop in replacement of sysvinit. It does not try to mimic all possible overloaded usages of initscripts that extend beyond what is required to boot and shutdown system.

  6. #16
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How can I manually mount external encrypted media with system

    On 2013-07-01 14:36, arvidjaar wrote:
    >
    > robin_listas;2568681 Wrote:
    >> it fails if there is a dash in the name. You are skipping
    >> commenting on this fact.

    > My message that you replied to shows that it works for crypto container
    > with dash in name.


    Escaping it. I don't accept that as "working".

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  7. #17
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How can I manually mount external encrypted media with system

    On 2013-07-01 16:38, Carlos E. R. wrote:
    > On 2013-07-01 14:36, arvidjaar wrote:
    >>
    >> robin_listas;2568681 Wrote:
    >>> it fails if there is a dash in the name. You are skipping
    >>> commenting on this fact.

    >> My message that you replied to shows that it works for crypto container
    >> with dash in name.

    >
    > Escaping it. I don't accept that as "working".


    yesterday night I stopped those services - it claimed success, but some
    of the partitions were in use, were not disabled and got no error
    message. Some of the partitions were not in use, they were umounted, but
    the mapped encrypted device was not removed. I had to use dmsetup
    directly to remove them.

    Ie, I will have to create my own script to handle encripted partitions,
    like the old systemv scripts, because systemd is not up to the task :-(

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  8. #18
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How can I manually mount external encrypted media with system

    On 2013-07-02 12:13, Carlos E. R. wrote:
    > On 2013-07-01 16:38, Carlos E. R. wrote:



    > yesterday night I stopped those services - it claimed success, but some
    > of the partitions were in use, were not disabled and got no error
    > message. Some of the partitions were not in use, they were umounted, but
    > the mapped encrypted device was not removed. I had to use dmsetup
    > directly to remove them.
    >
    > Ie, I will have to create my own script to handle encripted partitions,
    > like the old systemv scripts, because systemd is not up to the task :-(


    Proof was still in the terminal:

    Code:
    
    > Telcontar:~ # systemctl stop systemd-cryptsetup@cr_Aux_01
    > Telcontar:~ # mount
    > devtmpfs on /dev type devtmpfs (rw,relatime,size=4089500k,nr_inodes=1022375,mode=755)
    > tmpfs on /dev/shm type tmpfs (rw,relatime)
    ....
    > /dev/mapper/cr_Aux_01 on /data/aux_01 type xfs (rw,relatime,attr2,inode64,noquota)
    > gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    > gvfsd-fuse on /var/run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    > Telcontar:~ # l /dev/mapper/cr_Aux_01
    > lrwxrwxrwx 1 root root 7 Jun 30 19:43 /dev/mapper/cr_Aux_01 -> ../dm-3
    > Telcontar:~ # umount /data/aux_01
    > umount: /data/aux_01: target is busy.
    >         (In some cases useful info about processes that use
    >          the device is found by lsof(8) or fuser(1))
    > Telcontar:~ # umount /data/aux_01
    > Telcontar:~ # systemctl stop systemd-cryptsetup@cr_Aux_01
    > Telcontar:~ # l /dev/mapper/cr_Aux_01
    > lrwxrwxrwx 1 root root 7 Jun 30 19:43 /dev/mapper/cr_Aux_01 -> ../dm-3
    > Telcontar:~ # l /dev/mapper/
    > total 0
    > drwxr-xr-x  2 root root     160 Jul  1 22:41 ./
    > drwxr-xr-x 20 root root    7040 Jul  1 22:41 ../
    > crw-------  1 root root 10, 236 Jun 24 11:43 control
    > lrwxrwxrwx  1 root root       7 Jun 30 19:43 cr_Aux_01 -> ../dm-3
    > lrwxrwxrwx  1 root root       7 Jun 24 14:55 cr_Datum -> ../dm-2
    > lrwxrwxrwx  1 root root       7 Jun 24 11:44 cr_cripta -> ../dm-0
    > lrwxrwxrwx  1 root root       7 Jun 24 14:55 cr_other -> ../dm-1
    > lrwxrwxrwx  1 root root       7 Jun 30 19:49 crmm_Min_Rimmon -> ../dm-4
    > Telcontar:~ # dmsetup remove crmm_Min_Rimmon
    > Telcontar:~ # dmsetup remove cr_Aux_01
    > Telcontar:~ # l /dev/mapper/
    > total 0
    > drwxr-xr-x  2 root root     120 Jul  2 03:13 ./
    > drwxr-xr-x 20 root root    7000 Jul  2 03:13 ../
    > crw-------  1 root root 10, 236 Jun 24 11:43 control
    > lrwxrwxrwx  1 root root       7 Jun 24 14:55 cr_Datum -> ../dm-2
    > lrwxrwxrwx  1 root root       7 Jun 24 11:44 cr_cripta -> ../dm-0
    > lrwxrwxrwx  1 root root       7 Jun 24 14:55 cr_other -> ../dm-1
    > Telcontar:~ #

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •