Re: Ordering units and targets with devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Do, 25.08.22 10:50, Michael Cassaniti (michael@xxxxxxxxxxxxxxx) wrote:

> It seems to be somewhat more complicated than that, and perhaps it has more
> to do with my setup. Here's my /etc/crypttab which just might explain a bit:
>
>     # Mount root and swap
>     # These will initially have an empty password
>     root /dev/disk/by-partlabel/root - fido2-device=/dev/yubico-fido2,token-timeout=0,try-empty-password=true,x-initrd.attach
>     swap /dev/disk/by-partlabel/swap - fido2-device=/dev/yubico-fido2,token-timeout=0,try-empty-password=true,x-initrd.attach
>
> I think the fact that both of these get setup at boot and will concurrently
> try to access the FIDO2 token is causing issues. That crypttab is included
> in the initrd.

There was an issue with concurrent access to FIDO2 devices conflicting
with each other. This was addressed in libfido2 though, it will now
take a BSD lock on the device while talking to it, thus synchronizing
access properly.

See this bug:

https://github.com/systemd/systemd/issues/23889

Maybe it's sufficient to update libfido2 on your system?


Lennart

--
Lennart Poettering, Berlin
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux