On 25/09/2021 21:30, Canek Peláez Valdés wrote:
On Sat, Sep 25, 2021 at 1:48 PM antlists <antli...@youngman.org.uk
<mailto:antli...@youngman.org.uk>> wrote:
[...]
Bear in mind, integritysetup is not in my initrd, so ...
I think you would need to put it in your initrd.
If I've got my root on it (which is the plan, but that means learning
how to cut my own stuff into the initrd ...)
It looks to me like grub switches to the real root partition read-only
before firing stuff off, so if I tell my integritysetup.service to run
before local-fs.target, does that mean everything should be working
before systemd runs fstab?
Bear in mind dm-integrity is on my raw partitions, and I'm running lvm
and md-raid, I'm guessing they're part of local-fs-pre.target? So I
really need to run dm-integrity before that? Or preferably add
dm-integrity TO that - how do I do that?
The problem is this isn't all that discoverable - even digging around
/etc/systemd, it's hard to find clues ...
As Rich already mentioned it, noauto != remove mount point from fstab.
That's the first thing.
Well, it's working, which is the important thing. I just want to
understand WHY it's working - especially since when it was working the
other way it broke Wayland ... which was why it was weird ...
Then you need to specify that home.mount should run *after* md/LVM,
which in turn runs after your integrity setup service. The problem is:
you have root (/) on md/LVM too; I know they are different
RAIDs/volumes, but there is one *service* for RAID and LVM, at least
out-of-the-box, in systemd. You could try to split different instances
using templates (the units with @ in their names), but the simplest
solution is to put your integrity logic in the initrd (with the added
benefit that you can mount it in emergencies if something goes wrong
with root).
At the moment, with root on lvm but not anything else, gentoo takes care
of all that for me. I'm not ready for the next learning curve of doing
all that myself in the initrd ...
If you have the integrity logic in early boot, then your integrity setup
service should have:
Before=mdmonitor.service lvm2-lvmetad.service
And I think that should be enough? The home.mount unit depends on the
underlying device being available, and that will happen only after md
and LVM have done it's thing.
I'll try that. lvm should act on the root (sda3) device directly, but
integrity needs to run before md will join sda4 and sdc4, and then lvm
will run on the raid to make home available for fstab.
I'll play with that and get rid of the home.mount, and hope that all
that doesn't break Wayland. What I don't understand was that when
home.mount was enabled, it worked but broke Wayland, now I've disabled
it it still appears to be working, but Wayland is working too! That's
what I'd like to understand.
Although if fixing it how you suggest fixes everything, then I'll have
an understandable, working system, and I'll be happy.
Cheers,
Wol
