From ed5678903964de92ba74baf2e5597914a3d44583 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 18 Jun 2014 00:07:56 +0200
Subject: [PATCH] cryptsetup: introduce new cryptsetup-pre.traget unit so that
services can make sure they are started before and stopped after any LUKS
setup
https://bugzilla.redhat.com/show_bug.cgi?id=1097938
(cherry picked from commit 9542239eaf481decca6c254dffb3f2b4e716545e)
---
Makefile.am | 3 ++-
man/systemd.special.xml | 22 ++++++++++++++++++++++
src/cryptsetup/cryptsetup-generator.c | 2 +-
units/cryptsetup-pre.target | 11 +++++++++++
4 files changed, 36 insertions(+), 2 deletions(-)
create mode 100644 units/cryptsetup-pre.target
diff --git a/Makefile.am b/Makefile.am
index cb9b1fa8..75d62f06 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3846,7 +3846,8 @@ systemgenerator_PROGRAMS += \
systemd-cryptsetup-generator
dist_systemunit_DATA += \
- units/cryptsetup.target
+ units/cryptsetup.target \
+ units/cryptsetup-pre.target
systemd_cryptsetup_SOURCES = \
src/cryptsetup/cryptsetup.c
diff --git a/man/systemd.special.xml b/man/systemd.special.xml
index cda6edd4..f29cc23c 100644
--- a/man/systemd.special.xml
+++ b/man/systemd.special.xml
@@ -52,6 +52,7 @@
<filename>bluetooth.target</filename>,
<filename>ctrl-alt-del.target</filename>,
<filename>cryptsetup.target</filename>,
+ <filename>cryptsetup-pre.target</filename>,
<filename>dbus.service</filename>,
<filename>dbus.socket</filename>,
<filename>default.target</filename>,
@@ -841,6 +842,27 @@
<variablelist>
<varlistentry>
+ <term><filename>cryptsetup-pre.target</filename></term>
+ <listitem>
+ <para>This passive target unit
+ may be pulled in by services
+ that want to run before any
+ encrypted block device is set
+ up. All encrypted block
+ devices are set up after this
+ target has been reached. Since
+ the shutdown order is
+ implicitly the reverse
+ start-up order between units
+ this target is particularly
+ useful to ensure that a
+ service is shut down only
+ after all encrypted block
+ devices are fully
+ stopped.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
<term><filename>local-fs-pre.target</filename></term>
<listitem>
<para>This target unit is
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index f4eeb2ad..dfdca1e4 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -127,7 +127,7 @@ static int create_disk(
"Conflicts=umount.target\n"
"BindsTo=dev-mapper-%i.device\n"
"IgnoreOnIsolate=true\n"
- "After=systemd-readahead-collect.service systemd-readahead-replay.service\n",
+ "After=systemd-readahead-collect.service systemd-readahead-replay.service cryptsetup-pre.target\n",
f);
if (!nofail)
diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target
new file mode 100644
index 00000000..65353419
--- /dev/null
+++ b/units/cryptsetup-pre.target
@@ -0,0 +1,11 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+[Unit]
+Description=Encrypted Volumes (Pre)
+Documentation=man:systemd.special(7)
+RefuseManualStart=yes