[arch-projects] [mkinitcpio] systemd in initramfs
Thomas Bächler
thomas at archlinux.org
Sun Aug 18 05:52:04 EDT 2013
Am 18.08.2013 02:48, schrieb Tom Gundersen:
> On Sun, Aug 18, 2013 at 12:45 AM, Thomas Bächler <thomas at archlinux.org> wrote:
>> Am 17.08.2013 17:08, schrieb Thomas Bächler:
>>> 3) encrypt: I created the sd-encrypt hook, you can find it here:
>>> https://paste.xinu.at/8xUYPI/. This changes the command line syntax, the
>>> new syntax can be found in the manpage for systemd-cryptsetup-generator.
>>> However, the syntax is less powerful than before - for that reason, I
>>> added /etc/crypttab.initrd as /etc/crypttab to the initrd, which should
>>> support almost everything. There were some problems with adding the same
>>> crypttab for initrd and the main system, but that may be my stupiditiy -
>>> I hope the separate crypttab is something we can get rid of.
>>
>> Okay, this one has the wrong help, but otherwise it's what I'm going to
>> use now: https://paste.xinu.at/0PXjlV/
>>
>> It now adds /etc/crypttab to initramfs. You can make sure that only the
>> necessary devices are activated in initramfs by using the rd.luks.uuid=
>> options on the command line. You can also use rd.luks.uuid= without any
>> crypttab entries, but then you can't set extra options (for me:
>> allow_discards).
>
> We should make it possible to do this without having to put
> /etc/crypttab in the initramfs.
There's more problems: When using the same crypttab in initrd and
system, systemd tries to shut down the volume on shutdown, which leads
to a delay of about 2 seconds.
Right now, I am running with luks.crypttab=no rd.luks.crypttab=yes to
avoid this.
So either we need two separate crypttabs or we need to specify all
options on the command line.
> I guess we basically want to mimic what the fstab generator does: 1)
> allow options to be specified on the kernel commandline and,
> optionally, 2) allow further options to be read from
> /sysroot/etc/cryttab once that has been mounted.
Seems fine to me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-projects/attachments/20130818/b81109b1/attachment.asc>
More information about the arch-projects
mailing list