fstab-generator: optional read addtional fstab lines from credentials

Fixes: #27260

diff --git a/man/systemd-fstab-generator.xml b/man/systemd-fstab-generator.xml
index e21115f173ffb2397c72c6c8d2dd48847b0da433..46f2390234913af2ac5fc6367c9220ab4f243e5e 100644 (file)
--- a/man/systemd-fstab-generator.xml
+++ b/man/systemd-fstab-generator.xml
@@ -269,6 +269,21 @@ systemd.swap=/dev/sda2:x-systemd.makefs</programlisting>
     </variablelist>
   </refsect1>
 
+  <refsect1>
+    <title>System Credentials</title>
+
+    <variablelist class='system-credentials'>
+      <varlistentry>
+        <term><varname>fstab.extra</varname></term>
+
+        <listitem><para>This credential may contain addition mounts to establish, in the same format as
+        <citerefentry
+        project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>, with
+        one mount per line. It is read in addition to <filename>/etc/fstab</filename>.</para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
   <refsect1>
     <title>See Also</title>
     <para>

diff --git a/man/systemd.system-credentials.xml b/man/systemd.system-credentials.xml
index ceb84d29b9fab22c8edda5f99215d1d3c922da5a..6fd69ead30c413b4b2f6b20091a98f9fe7a90d37 100644 (file)
--- a/man/systemd.system-credentials.xml
+++ b/man/systemd.system-credentials.xml
@@ -186,6 +186,15 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><varname>fstab.extra</varname></term>
+
+        <listitem>
+          <para>Additional mounts to establish at boot. For details, see
+          <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><varname>vconsole.keymap</varname></term>
         <term><varname>vconsole.keymap_toggle</varname></term>

diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c
index 23358ae8a2985653f0de40f8b55e718d0d0c1c02..14a46c4c4e8254325b9f7408f322b76c5dce6ea6 100644 (file)
--- a/src/fstab-generator/fstab-generator.c
+++ b/src/fstab-generator/fstab-generator.c
@@ -8,6 +8,7 @@
 #include "bus-error.h"
 #include "bus-locator.h"
 #include "chase.h"
+#include "creds-util.h"
 #include "efi-loader.h"
 #include "env-util.h"
 #include "fd-util.h"
@@ -1281,6 +1282,40 @@ static int add_mounts_from_cmdline(void) {
         return ret;
 }
 
+static int add_mounts_from_creds(void) {
+        _cleanup_free_ void *b = NULL;
+        struct mntent *me;
+        int r, ret = 0;
+        size_t bs;
+
+        r = read_credential_with_decryption(
+                        in_initrd() ? "fstab.extra.initrd" : "fstab.extra",
+                        &b, &bs);
+        if (r <= 0)
+                return r;
+
+        _cleanup_fclose_ FILE *f = NULL;
+        f = fmemopen_unlocked(b, bs, "r");
+        if (!f)
+                return log_oom();
+
+        while ((me = getmntent(f))) {
+                r = parse_fstab_one(
+                                "/run/credentials",
+                                me->mnt_fsname,
+                                me->mnt_dir,
+                                me->mnt_type,
+                                me->mnt_opts,
+                                me->mnt_passno,
+                                /* initrd = */ false,
+                                /* use_swap_enabled = */ true);
+                if (r < 0 && ret >= 0)
+                        ret = r;
+        }
+
+        return ret;
+}
+
 static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
         int r;
 
@@ -1513,6 +1548,10 @@ static int run_generator(void) {
         if (r < 0 && ret >= 0)
                 ret = r;
 
+        r = add_mounts_from_creds();
+        if (r < 0 && ret >= 0)
+                ret = r;
+
         return ret;
 }