From: Ondrej Kozina <okozina@redhat.com>
Date: Mon, 24 Aug 2020 10:54:14 +0000 (+0200)
Subject: cryptsetup-generator: Add support for header device in crypttab
X-Git-Tag: v247-rc1~33^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=13445d9775614367d521204d677c5775b5e53bea;p=thirdparty%2Fsystemd.git

cryptsetup-generator: Add support for header device in crypttab
---

diff --git a/man/crypttab.xml b/man/crypttab.xml
index ee54499bfe7..2c0a8266a59 100644
--- a/man/crypttab.xml
+++ b/man/crypttab.xml
@@ -112,7 +112,12 @@
         relevant for LUKS devices. See
         <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
         for possible values and the default value of this
-        option.</para></listitem>
+        option.</para>
+
+        <para>Optionally, the path may be followed by <literal>:</literal> and an fstab device specification
+        (e.g. starting with <literal>UUID=</literal> or similar); in which case, the path is relative to the
+        device file system root. The device gets mounted automatically for LUKS device activation duration only.
+        </para></listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index ea9965d6c44..cd40cb42084 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -789,7 +789,8 @@ static int add_crypttab_devices(void) {
         }
 
         for (;;) {
-                _cleanup_free_ char *line = NULL, *name = NULL, *device = NULL, *keyspec = NULL, *options = NULL, *keyfile = NULL, *keydev = NULL;
+                _cleanup_free_ char *line = NULL, *name = NULL, *device = NULL, *keyspec = NULL, *options = NULL,
+                                    *keyfile = NULL, *keydev = NULL, *headerdev = NULL, *filtered_header = NULL;
                 crypto_device *d = NULL;
                 char *l, *uuid;
                 int k;
@@ -829,7 +830,20 @@ static int add_crypttab_devices(void) {
                 if (r < 0)
                         return r;
 
-                r = create_disk(name, device, keyfile, keydev, d ? d->headerdev : NULL, (d && d->options) ? d->options : options, arg_crypttab);
+                if (options && (!d || !d->options)) {
+                        r = filter_header_device(options, &headerdev, &filtered_header);
+                        if (r < 0)
+                                return r;
+                        free_and_replace(options, filtered_header);
+                }
+
+                r = create_disk(name,
+                                device,
+                                keyfile,
+                                keydev,
+                                (d && d->options) ? d->headerdev : headerdev,
+                                (d && d->options) ? d->options : options,
+                                arg_crypttab);
                 if (r < 0)
                         return r;