meson: move systemd-cryptsetup to /usr/bin

This was requested, though I think an issue was never filed. If people are
supposed to invoke it, even for testing, then it's reasonable to make it
"public".

diff --git a/man/fido2-crypttab.sh b/man/fido2-crypttab.sh
index c29c0245f42234282a0fe800ccc30bbe8344aa23..43654a523644ae58d84e76febc1fa96d7a2da5c3 100644 (file)
--- a/man/fido2-crypttab.sh
+++ b/man/fido2-crypttab.sh
@@ -5,7 +5,7 @@
 sudo systemd-cryptenroll --fido2-device=auto /dev/sdXn
 
 # Test: Let's run systemd-cryptsetup to test if this worked.
-sudo /usr/lib/systemd/systemd-cryptsetup attach mytest /dev/sdXn - fido2-device=auto
+sudo systemd-cryptsetup attach mytest /dev/sdXn - fido2-device=auto
 
 # If that worked, let's now add the same line persistently to /etc/crypttab,
 # for the future. We don't want to use the (unstable) /dev/sdX name, so let's

diff --git a/man/systemd-cryptsetup@.service.xml b/man/systemd-cryptsetup@.service.xml
index 1697ccc0f3cd2097196c59c0430bfdb616ddb3f3..91a4f2eb9d8d3538bb5f51021f3c9d3d0c80fc3a 100644 (file)
--- a/man/systemd-cryptsetup@.service.xml
+++ b/man/systemd-cryptsetup@.service.xml
@@ -27,7 +27,7 @@
   <refsynopsisdiv>
     <para><filename>systemd-cryptsetup@.service</filename></para>
     <para><filename>system-systemd\x2dcryptsetup.slice</filename></para>
-    <para><filename>/usr/lib/systemd/systemd-cryptsetup</filename></para>
+    <para><filename>systemd-cryptsetup</filename></para>
   </refsynopsisdiv>
 
   <refsect1>

diff --git a/man/systemd-measure.xml b/man/systemd-measure.xml
index 3568fb54350fc09825f628cf9ac09644fb7349ea..4d5595e721bef9f5e492443b5ee5c7ebdf9c6e74 100644 (file)
--- a/man/systemd-measure.xml
+++ b/man/systemd-measure.xml
@@ -294,7 +294,7 @@ $ openssl rsa -pubout -in tpm2-pcr-private.pem -out tpm2-pcr-public.pem
 
      <para>And then unlock the device with the signature:</para>
 
-     <programlisting># /usr/lib/systemd/systemd-cryptsetup attach \
+     <programlisting># systemd-cryptsetup attach \
      volume5 /dev/sda5 - \
      tpm2-device=auto,tpm2-signature=/path/to/tpm2-pcr-signature.json</programlisting>
 

diff --git a/man/tpm2-crypttab.sh b/man/tpm2-crypttab.sh
index b457fc2306f922a4b6415f64c5e5b4821c98c026..2be349959fd8b7daf51448544f12b3833fa6caf9 100644 (file)
--- a/man/tpm2-crypttab.sh
+++ b/man/tpm2-crypttab.sh
@@ -5,7 +5,7 @@
 sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/sdXn
 
 # Test: Let's run systemd-cryptsetup to test if this worked.
-sudo /usr/lib/systemd/systemd-cryptsetup attach mytest /dev/sdXn - tpm2-device=auto
+sudo systemd-cryptsetup attach mytest /dev/sdXn - tpm2-device=auto
 
 # If that worked, let's now add the same line persistently to /etc/crypttab,
 # for the future. We don't want to use the (unstable) /dev/sdX name, so let's
@@ -16,7 +16,7 @@ udevadm info -q -r symlink /dev/sdXn
 sudo bash -c 'echo "mytest /dev/disk/by-uuid/... - tpm2-device=auto" >>/etc/crypttab'
 
 # And now let's check that automatic unlocking works:
-sudo /usr/lib/systemd/systemd-cryptsetup detach mytest
+sudo systemd-cryptsetup detach mytest
 sudo systemctl daemon-reload
 sudo systemctl start cryptsetup.target
 systemctl is-active systemd-cryptsetup@mytest.service

diff --git a/man/yubikey-crypttab.sh b/man/yubikey-crypttab.sh
index d355afbd1b2bfe0d9317cc8c1ab4b583bc532b8f..a66a88fe1ce3bd9864c72ea9b3633f087b7b2226 100644 (file)
--- a/man/yubikey-crypttab.sh
+++ b/man/yubikey-crypttab.sh
@@ -21,7 +21,7 @@ rm pubkey.pem
 sudo systemd-cryptenroll --pkcs11-token-uri=auto /dev/sdXn
 
 # Test: Let's run systemd-cryptsetup to test if this all worked.
-sudo /usr/lib/systemd/systemd-cryptsetup attach mytest /dev/sdXn - pkcs11-uri=auto
+sudo systemd-cryptsetup attach mytest /dev/sdXn - pkcs11-uri=auto
 
 # If that worked, let's now add the same line persistently to /etc/crypttab,
 # for the future. We don't want to use the (unstable) /dev/sdX name, so let's

diff --git a/meson.build b/meson.build
index bf25bcba43ed6fbe5a7d8ee538b08b9053d53530..df506b78735b82d0dbe3a94b8900fa4b8cdf8db0 100644 (file)
--- a/meson.build
+++ b/meson.build
@@ -226,7 +226,7 @@ conf.set_quoted('SYSTEMCTL_BINARY_PATH',                      bindir / 'systemct
 conf.set_quoted('SYSTEMD_BINARY_PATH',                        libexecdir / 'systemd')
 conf.set_quoted('SYSTEMD_CATALOG_DIR',                        catalogdir)
 conf.set_quoted('SYSTEMD_CGROUPS_AGENT_PATH',                 libexecdir / 'systemd-cgroups-agent')
-conf.set_quoted('SYSTEMD_CRYPTSETUP_PATH',                    libexecdir / 'systemd-cryptsetup')
+conf.set_quoted('SYSTEMD_CRYPTSETUP_PATH',                    bindir / 'systemd-cryptsetup')
 conf.set_quoted('SYSTEMD_EXPORT_PATH',                        libexecdir / 'systemd-export')
 conf.set_quoted('SYSTEMD_FSCK_PATH',                          libexecdir / 'systemd-fsck')
 conf.set_quoted('SYSTEMD_GROWFS_PATH',                        libexecdir / 'systemd-growfs')

diff --git a/src/cryptsetup/meson.build b/src/cryptsetup/meson.build
index 6f7aa3c796d6f8acabb179cd04299942427e6e45..e034cb7d244a3c24dadc6fbddd9725996c2154ed 100644 (file)
--- a/src/cryptsetup/meson.build
+++ b/src/cryptsetup/meson.build
@@ -16,8 +16,9 @@ if conf.get('HAVE_TPM2') == 1
 endif
 
 executables += [
-        libexec_template + {
+        executable_template + {
                 'name' : 'systemd-cryptsetup',
+                'public' : true,
                 'conditions' : ['HAVE_LIBCRYPTSETUP'],
                 'sources' : systemd_cryptsetup_sources,
                 'dependencies' : [
@@ -32,3 +33,10 @@ executables += [
                 'sources' : files('cryptsetup-generator.c'),
         },
 ]
+
+if conf.get('HAVE_LIBCRYPTSETUP') == 1
+        # symlink for backwards compatibility after rename
+        meson.add_install_script(sh, '-c',
+                                 ln_s.format(bindir / 'systemd-cryptsetup',
+                                             libexecdir / 'systemd-cryptsetup'))
+endif