Hi, I'm trying to order my units and targets during early boot so that:1. A symlink to the specific FIDO2 token I'm using gets created. I already have a udev rule in place for this and it successfully creates the symlink under /dev. Because I have two tokens I need to specify which one to use. 2. The unit for systemd-cryptsetup@root.service has to wait for this unit. The unit gets generated from systemd-cryptsetup-generator so I can't just add Requires= stanzas to the unit. I do have a /etc/crypttab file.
I have the following shell code generating everything a the right time within dracut, but this hasn't solved my problem.
cat > /etc/systemd/system/dev-yubico\x2dfido2.device << EOF [Unit] Description=Device for Yubico FIDO2 token DefaultDependencies=no RequiredBy=cryptsetup-pre.target [Install] WantedBy=cryptsetup-pre.target EOF systemctl enable dev-yubico\x2dfido2.device systemctl add-wants cryptsetup.target cryptsetup-pre.targetAny help here is appreciated. The issue is that the FIDO2 token shows up on the USB bus after the disk is detected and the unit systemd-cryptsetup@root.service starts. I don't have a TPM2 chip so that rules out using a TPM instead.
Thanks in advance, Michael Cassaniti, Australia
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
