25.09.2024 18:28, aplanas wrote:
Hi! An user have /home in a different encrypted partition via pcrlock. After the initrd, during the normal boot process, the systemd-cryptsetup generator is reading this file to open the devices in /dev/mapper/$name. But this is happening before /var gets mounted, and this contains the pcrlock.json file requires to unlock the home device. Is there a way to indicate this dependency for the generator, as a "RequiresMountsFor=" for .mount services or x-systemd.requires= in fstab?
This dependency only exists for pcrlock and only if there are reasons to have pcrlock.json in /var and not in /etc by default.
RequiresMountsFor sounds wrong here (normally systemd-cryptsetup falls back to interactively asking for passphrase), but WantsMountsFor=/var looks suitable. And I would actually expect systemd-cryptsetup-generator to add it automatically. This should not involve manual configuration.
