Re: [systemd-devel] Systemd user service needs to wait for encrypted $HOME to be decrypted
>> Assuming a user has an encrypted $HOME, I need a user service that will: >> >> >> 1) Wait for the $HOME to be decrypted, then run ExecStart, and >> 2) Run ExecStop before the user closes the encryption again. >> 3) Totally ignore the encryption requirement if the user has no >> encryption setup, ie just run normally. > > But you want to do all this from the system instance of systemd? > > How do you encrypt your $HOME? With LUKS? How is that set up? Only > /home or actually /home/$USER? > Yes, using LUKS. I have it setup for /home currently, but would this work if each user had his own /home/$USER that was encrypted? >> RequiresMountsFor=/home/ > > This line should actually be all you need to make this work, as long > as /home is on LUKS. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Systemd user service needs to wait for encrypted $HOME to be decrypted
On Fri, 04.09.15 21:10, John (da_audioph...@yahoo.com) wrote: > Assuming a user has an encrypted $HOME, I need a user service that will: > > > 1) Wait for the $HOME to be decrypted, then run ExecStart, and > 2) Run ExecStop before the user closes the encryption again. > 3) Totally ignore the encryption requirement if the user has no > encryption setup, ie just run normally. But you want to do all this from the system instance of systemd? How do you encrypt your $HOME? With LUKS? How is that set up? Only /home or actually /home/$USER? > RequiresMountsFor=/home/ This line should actually be all you need to make this work, as long as /home is on LUKS. Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Systemd user service needs to wait for encrypted $HOME to be decrypted
Assuming a user has an encrypted $HOME, I need a user service that will: 1) Wait for the $HOME to be decrypted, then run ExecStart, and 2) Run ExecStop before the user closes the encryption again. 3) Totally ignore the encryption requirement if the user has no encryption setup, ie just run normally. I haven't dealt this requirement before so I'm asking for suggestions. The following is the current user service file draft which works as expected without the encryption requirement. Thank you in advance for your suggestions. [Unit] Description=Profile-sync-daemon Documentation=man:psd(1) man:profile-sync-daemon(1) Documentation=https://wiki.archlinux.org/index.php/Profile-sync-daemon Wants=psd.timer Wants=local-fs.target RequiresMountsFor=/home/ After=winbindd.service [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/bin/profile-sync-daemon resync ExecStop=/usr/bin/profile-sync-daemon unsync [Install] WantedBy=default.target ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
