Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1477757 - [RFE] allow cryptsetup block device units to appear after networking comes up
[RFE] allow cryptsetup block device units to appear after networking comes up
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: systemd (Show other bugs)
7.5
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: systemd-maint
Frantisek Sumsal
: FutureFeature
Depends On:
Blocks: 1475406
  Show dependency treegraph
 
Reported: 2017-08-02 16:33 EDT by Nathaniel McCallum
Modified: 2018-06-15 09:00 EDT (History)
10 users (show)

See Also:
Fixed In Version: systemd-219-47.el7
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-04-10 07:21:21 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:0711 None None None 2018-04-10 07:22 EDT

  None (edit)
Description Nathaniel McCallum 2017-08-02 16:33:08 EDT 
Currently, systemd generates cryptsetup unit files directly from /etc/crypttab. Due to dependencies, these unit files are always started before networking comes up.

In some cases, clevis can answer the systemd-ask-password prompts for these block devices automatically. But in most of those cases, network access is required. In attempting to properly order this setup, a circular dependency arises.

We have a few options.

First, we could try to auto-detect the clevis policy dependencies from the disk. This is doable via udev. The problem is that units are generated from /etc/crypttab whether the disks or present or not. This creates a race-condition when devices aren't connected to the system before the generation of unit files. This solution would be more comprehensive, but would also be more work.

Second, we could implement a _netdev like option in /etc/crypttab. This would be less featureful and less dynamic, but would also help iSCSI people. For an existing RFE, see: https://github.com/systemd/systemd/issues/4642
Comment 1 Nathaniel McCallum 2017-08-02 16:34:41 EDT 
This is also related: https://github.com/systemd/systemd/issues/5182
Comment 13 Lukáš Nykrýn 2017-09-26 03:47:13 EDT 
fix merged to upstream staging branch -> https://github.com/lnykryn/systemd-rhel/pull/141 -> post
Comment 16 Nathaniel McCallum 2017-10-12 17:00:54 EDT 
This is apparently an incomplete fix. See this for more detail:

https://github.com/systemd/systemd/pull/7078
Comment 18 Lukáš Nykrýn 2017-10-31 05:30:12 EDT 
fix merged to staging branch -> https://github.com/lnykryn/systemd-rhel/pull/166 -> post
Comment 20 Lukáš Nykrýn 2017-11-01 10:24:35 EDT 
fix merged to staging branch -> https://github.com/lnykryn/systemd-rhel/pull/167 -> post
Comment 25 errata-xmlrpc 2018-04-10 07:21:21 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0711
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.