API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 20th, 2018
284
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.99 KB | None | 0 0
raw download clone embed print report
  1. Create a mount unit for your thumbdrive, e.g. foo.mount (see mounts in /run/systemd/generator for examples), e.g.:
  2. [Unit]
  3. ...
  4. ConditionPathExists=/dev/disk/by-uuid/THUMBDRIVE
  5. Before=systemd-cryptsetup@ENCRYPTED.service
  6. ...
  7.  
  8. [Mount]
  9. Where=/keys
  10. What=/dev/disk/by-uuid/THUMBDRIVE
  11. Type=ext4
  12. Options=defaults
  13.  
  14. Important bits there ^ are ConditionPathExists and Before systemd-cryptsetup@
  15.  
  16. Have two cryptsetup units (again, look into /run/systemd/generator for examples).
  17. First with none, when no flash available:
  18. [Unit]
  19. ...
  20. After=foo.mount
  21. ConditionPathExists=!/keys/foo.key
  22. ...
  23.  
  24. [Service]
  25. ...
  26. ExecStart=/usr/lib/systemd/systemd-cryptsetup attach 'storage' '/dev/disk/by-uuid/e1ed67cf-6eee-4cbf-af31-25fb9b3f20c6' 'none' 'luks'
  27. ...
  28.  
  29. Another one opposite:
  30. [Unit]
  31. ...
  32. After=foo.mount
  33. ConditionPathExists=/keys/foo.key
  34. ...
  35.  
  36. [Service]
  37. ...
  38. ExecStart=/usr/lib/systemd/systemd-cryptsetup attach 'storage' '/dev/disk/by-uuid/e1ed67cf-6eee-4cbf-af31-25fb9b3f20c6' '/keys/foo.key' 'luks'
  39. ...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!