| Message ID | 20231016-b4-systemd-tpm2-crypt-plugin-v1-1-21fef10601ff@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | systemd: fix packaging tpm2 plugin for cryptsetup | expand |
Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda, 16/10/2023 à(s) 13:02: > When building with `cryptsetup` and `tpm2` in the > PACKAGECONFIG, this plugin will be emitted. > > Cc: Kristian Klausen <kristian@klausen.dk> > Cc: Mikko Rapeli <mikko.rapeli@linaro.org> > Cc: Javier Tia <javier.tia@linaro.org> > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG") > Signed-off-by: Erik Schilling <erik.schilling@linaro.org> > --- > meta/recipes-core/systemd/systemd_254.4.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb > b/meta/recipes-core/systemd/systemd_254.4.bb > index 77724eb822..6ecfbaf293 100644 > --- a/meta/recipes-core/systemd/systemd_254.4.bb > +++ b/meta/recipes-core/systemd/systemd_254.4.bb > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \ > ${sysconfdir}/X11/xinit/xinitrc.d/* \ > ${rootlibexecdir}/systemd/* \ > ${rootlibdir}/systemd/libsystemd-core* \ > + > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \ > The systemd-cryptenroll was packed in the systemd-extra-utils so packing the plugin on the main systemd package is a bit weird. I wonder if a new package like systemd-crypt is better appropriate for this where we going to put the systemd-cryptenroll and all the plugins available in ${rootlibdir}/cryptsetup Jose ${libdir}/pam.d \ > ${nonarch_libdir}/pam.d \ > ${systemd_unitdir}/* \ > > --- > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726 > > Best regards, > -- > Erik Schilling <erik.schilling@linaro.org> > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#189288): > https://lists.openembedded.org/g/openembedded-core/message/189288 > Mute This Topic: https://lists.openembedded.org/mt/101993740/5052612 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > quaresma.jose@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote: > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda, > 16/10/2023 à(s) 13:02: > > > When building with `cryptsetup` and `tpm2` in the > > PACKAGECONFIG, this plugin will be emitted. > > > > Cc: Kristian Klausen <kristian@klausen.dk> > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org> > > Cc: Javier Tia <javier.tia@linaro.org> > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG") > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org> > > --- > > meta/recipes-core/systemd/systemd_254.4.bb | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb > > b/meta/recipes-core/systemd/systemd_254.4.bb > > index 77724eb822..6ecfbaf293 100644 > > --- a/meta/recipes-core/systemd/systemd_254.4.bb > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \ > > ${sysconfdir}/X11/xinit/xinitrc.d/* \ > > ${rootlibexecdir}/systemd/* \ > > ${rootlibdir}/systemd/libsystemd-core* \ > > + > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \ > > > > The systemd-cryptenroll was packed in the systemd-extra-utils so packing > the plugin > on the main systemd package is a bit weird. > I wonder if a new package like systemd-crypt is better appropriate for this > where we > going to put the systemd-cryptenroll and all the plugins available in > ${rootlibdir}/cryptsetup Ah, did not realize that... I agree that breaking up systemd into smaller packages would probably be a good thing. Currently building an image with systemd in the initramfs and main image gives little choice over which components go where... I will try a systemd-crypt variant. Will also take a look at how other distros solve this. - Erik > > Jose > > ${libdir}/pam.d \ > > ${nonarch_libdir}/pam.d \ > > ${systemd_unitdir}/* \ > > > > --- > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726 > > > > Best regards, > > -- > > Erik Schilling <erik.schilling@linaro.org> > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#189288): > > https://lists.openembedded.org/g/openembedded-core/message/189288 > > Mute This Topic: https://lists.openembedded.org/mt/101993740/5052612 > > Group Owner: openembedded-core+owner@lists.openembedded.org > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > > quaresma.jose@gmail.com] > > -=-=-=-=-=-=-=-=-=-=-=- > > > >
Hi Erik, Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça, 17/10/2023 à(s) 06:51: > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote: > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda, > > 16/10/2023 à(s) 13:02: > > > > > When building with `cryptsetup` and `tpm2` in the > > > PACKAGECONFIG, this plugin will be emitted. > > > > > > Cc: Kristian Klausen <kristian@klausen.dk> > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org> > > > Cc: Javier Tia <javier.tia@linaro.org> > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG") > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org> > > > --- > > > meta/recipes-core/systemd/systemd_254.4.bb | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb > > > b/meta/recipes-core/systemd/systemd_254.4.bb > > > index 77724eb822..6ecfbaf293 100644 > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \ > > > ${sysconfdir}/X11/xinit/xinitrc.d/* \ > > > ${rootlibexecdir}/systemd/* \ > > > ${rootlibdir}/systemd/libsystemd-core* \ > > > + > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \ > > > > > > > The systemd-cryptenroll was packed in the systemd-extra-utils so packing > > the plugin > > on the main systemd package is a bit weird. > > I wonder if a new package like systemd-crypt is better appropriate for > this > > where we > > going to put the systemd-cryptenroll and all the plugins available in > > ${rootlibdir}/cryptsetup > > Ah, did not realize that... I agree that breaking up systemd into > smaller packages would probably be a good thing. Currently building an > image with systemd in the initramfs and main image gives little choice > over which components go where... I will try a systemd-crypt variant. > Will also take a look at how other distros solve this. > I've been using this systemd-crypt package on my distro for some time now but I've forgotten to send it. In this package additionally to the TPM plugin I also have another for the PKVS#11. I have all of these in a bbappend and I can easily extract. So you don't have to worry, I still do it today. Jose > - Erik > > > > > Jose > > > > ${libdir}/pam.d \ > > > ${nonarch_libdir}/pam.d \ > > > ${systemd_unitdir}/* \ > > > > > > --- > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726 > > > > > > Best regards, > > > -- > > > Erik Schilling <erik.schilling@linaro.org> > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > Links: You receive all messages sent to this group. > > > View/Reply Online (#189288): > > > https://lists.openembedded.org/g/openembedded-core/message/189288 > > > Mute This Topic: https://lists.openembedded.org/mt/101993740/5052612 > > > Group Owner: openembedded-core+owner@lists.openembedded.org > > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub > [ > > > quaresma.jose@gmail.com] > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > >
On Tue Oct 17, 2023 at 10:51 AM CEST, Jose Quaresma wrote: > Hi Erik, > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça, > 17/10/2023 à(s) 06:51: > > > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote: > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda, > > > 16/10/2023 à(s) 13:02: > > > > > > > When building with `cryptsetup` and `tpm2` in the > > > > PACKAGECONFIG, this plugin will be emitted. > > > > > > > > Cc: Kristian Klausen <kristian@klausen.dk> > > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org> > > > > Cc: Javier Tia <javier.tia@linaro.org> > > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG") > > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org> > > > > --- > > > > meta/recipes-core/systemd/systemd_254.4.bb | 1 + > > > > 1 file changed, 1 insertion(+) > > > > > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb > > > > b/meta/recipes-core/systemd/systemd_254.4.bb > > > > index 77724eb822..6ecfbaf293 100644 > > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb > > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb > > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \ > > > > ${sysconfdir}/X11/xinit/xinitrc.d/* \ > > > > ${rootlibexecdir}/systemd/* \ > > > > ${rootlibdir}/systemd/libsystemd-core* \ > > > > + > > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \ > > > > > > > > > > The systemd-cryptenroll was packed in the systemd-extra-utils so packing > > > the plugin > > > on the main systemd package is a bit weird. > > > I wonder if a new package like systemd-crypt is better appropriate for > > this > > > where we > > > going to put the systemd-cryptenroll and all the plugins available in > > > ${rootlibdir}/cryptsetup > > > > Ah, did not realize that... I agree that breaking up systemd into > > smaller packages would probably be a good thing. Currently building an > > image with systemd in the initramfs and main image gives little choice > > over which components go where... I will try a systemd-crypt variant. > > Will also take a look at how other distros solve this. > > > > I've been using this systemd-crypt package on my distro for some time now > but I've forgotten to send it. > In this package additionally to the TPM plugin I also have another for the > PKVS#11. > I have all of these in a bbappend and I can easily extract. Ah that sounds great! > So you don't have to worry, I still do it today. Sorry, I do not understand what you mean here. Did you mean that you plan to send a patch? - Erik > > > > > > ${libdir}/pam.d \ > > > > ${nonarch_libdir}/pam.d \ > > > > ${systemd_unitdir}/* \ > > > > > > > > --- > > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d > > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726 > > > > > > > > Best regards, > > > > -- > > > > Erik Schilling <erik.schilling@linaro.org> > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > Links: You receive all messages sent to this group. > > > > View/Reply Online (#189288): > > > > https://lists.openembedded.org/g/openembedded-core/message/189288 > > > > Mute This Topic: https://lists.openembedded.org/mt/101993740/5052612 > > > > Group Owner: openembedded-core+owner@lists.openembedded.org > > > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub > > [ > > > > quaresma.jose@gmail.com] > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > > > > > >
Erik Schilling <erik.schilling@linaro.org> escreveu no dia quarta, 18/10/2023 à(s) 07:33: > On Tue Oct 17, 2023 at 10:51 AM CEST, Jose Quaresma wrote: > > Hi Erik, > > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça, > > 17/10/2023 à(s) 06:51: > > > > > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote: > > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda, > > > > 16/10/2023 à(s) 13:02: > > > > > > > > > When building with `cryptsetup` and `tpm2` in the > > > > > PACKAGECONFIG, this plugin will be emitted. > > > > > > > > > > Cc: Kristian Klausen <kristian@klausen.dk> > > > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org> > > > > > Cc: Javier Tia <javier.tia@linaro.org> > > > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG") > > > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org> > > > > > --- > > > > > meta/recipes-core/systemd/systemd_254.4.bb | 1 + > > > > > 1 file changed, 1 insertion(+) > > > > > > > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb > > > > > b/meta/recipes-core/systemd/systemd_254.4.bb > > > > > index 77724eb822..6ecfbaf293 100644 > > > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb > > > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb > > > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \ > > > > > ${sysconfdir}/X11/xinit/xinitrc.d/* \ > > > > > ${rootlibexecdir}/systemd/* \ > > > > > ${rootlibdir}/systemd/libsystemd-core* \ > > > > > + > > > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \ > > > > > > > > > > > > > The systemd-cryptenroll was packed in the systemd-extra-utils so > packing > > > > the plugin > > > > on the main systemd package is a bit weird. > > > > I wonder if a new package like systemd-crypt is better appropriate > for > > > this > > > > where we > > > > going to put the systemd-cryptenroll and all the plugins available in > > > > ${rootlibdir}/cryptsetup > > > > > > Ah, did not realize that... I agree that breaking up systemd into > > > smaller packages would probably be a good thing. Currently building an > > > image with systemd in the initramfs and main image gives little choice > > > over which components go where... I will try a systemd-crypt variant. > > > Will also take a look at how other distros solve this. > > > > > > > I've been using this systemd-crypt package on my distro for some time now > > but I've forgotten to send it. > > In this package additionally to the TPM plugin I also have another for > the > > PKVS#11. > > I have all of these in a bbappend and I can easily extract. > > > Ah that sounds great! > > > > So you don't have to worry, I still do it today. > > Sorry, I do not understand what you mean here. Did you mean that you > plan to send a patch? > I apologize for not being clear. I sent the patch serie yesterday [1] https://patchwork.yoctoproject.org/project/oe-core/list/?series=17834 > > - Erik > > > > > > > > > ${libdir}/pam.d \ > > > > > ${nonarch_libdir}/pam.d \ > > > > > ${systemd_unitdir}/* \ > > > > > > > > > > --- > > > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d > > > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726 > > > > > > > > > > Best regards, > > > > > -- > > > > > Erik Schilling <erik.schilling@linaro.org> > > > > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > Links: You receive all messages sent to this group. > > > > > View/Reply Online (#189288): > > > > > https://lists.openembedded.org/g/openembedded-core/message/189288 > > > > > Mute This Topic: > https://lists.openembedded.org/mt/101993740/5052612 > > > > > Group Owner: openembedded-core+owner@lists.openembedded.org > > > > > Unsubscribe: > https://lists.openembedded.org/g/openembedded-core/unsub > > > [ > > > > > quaresma.jose@gmail.com] > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > > > > > > > > > > > >
On Wed Oct 18, 2023 at 11:26 AM CEST, Jose Quaresma wrote: > Erik Schilling <erik.schilling@linaro.org> escreveu no dia quarta, > 18/10/2023 à(s) 07:33: > > > On Tue Oct 17, 2023 at 10:51 AM CEST, Jose Quaresma wrote: > > > Hi Erik, > > > > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça, > > > 17/10/2023 à(s) 06:51: > > > > > > > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote: > > > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda, > > > > > 16/10/2023 à(s) 13:02: > > > > > > > > > > > When building with `cryptsetup` and `tpm2` in the > > > > > > PACKAGECONFIG, this plugin will be emitted. > > > > > > > > > > > > Cc: Kristian Klausen <kristian@klausen.dk> > > > > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org> > > > > > > Cc: Javier Tia <javier.tia@linaro.org> > > > > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG") > > > > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org> > > > > > > --- > > > > > > meta/recipes-core/systemd/systemd_254.4.bb | 1 + > > > > > > 1 file changed, 1 insertion(+) > > > > > > > > > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb > > > > > > b/meta/recipes-core/systemd/systemd_254.4.bb > > > > > > index 77724eb822..6ecfbaf293 100644 > > > > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb > > > > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb > > > > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \ > > > > > > ${sysconfdir}/X11/xinit/xinitrc.d/* \ > > > > > > ${rootlibexecdir}/systemd/* \ > > > > > > ${rootlibdir}/systemd/libsystemd-core* \ > > > > > > + > > > > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \ > > > > > > > > > > > > > > > > The systemd-cryptenroll was packed in the systemd-extra-utils so > > packing > > > > > the plugin > > > > > on the main systemd package is a bit weird. > > > > > I wonder if a new package like systemd-crypt is better appropriate > > for > > > > this > > > > > where we > > > > > going to put the systemd-cryptenroll and all the plugins available in > > > > > ${rootlibdir}/cryptsetup > > > > > > > > Ah, did not realize that... I agree that breaking up systemd into > > > > smaller packages would probably be a good thing. Currently building an > > > > image with systemd in the initramfs and main image gives little choice > > > > over which components go where... I will try a systemd-crypt variant. > > > > Will also take a look at how other distros solve this. > > > > > > > > > > I've been using this systemd-crypt package on my distro for some time now > > > but I've forgotten to send it. > > > In this package additionally to the TPM plugin I also have another for > > the > > > PKVS#11. > > > I have all of these in a bbappend and I can easily extract. > > > > > > Ah that sounds great! > > > > > > > So you don't have to worry, I still do it today. > > > > Sorry, I do not understand what you mean here. Did you mean that you > > plan to send a patch? > > > > I apologize for not being clear. I sent the patch serie yesterday > [1] https://patchwork.yoctoproject.org/project/oe-core/list/?series=17834 Thanks a lot! Will try it out in the next days! - Erik > > > > > > - Erik > > > > > > > > > > > > ${libdir}/pam.d \ > > > > > > ${nonarch_libdir}/pam.d \ > > > > > > ${systemd_unitdir}/* \ > > > > > > > > > > > > --- > > > > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d > > > > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726 > > > > > > > > > > > > Best regards, > > > > > > -- > > > > > > Erik Schilling <erik.schilling@linaro.org> > > > > > > > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > Links: You receive all messages sent to this group. > > > > > > View/Reply Online (#189288): > > > > > > https://lists.openembedded.org/g/openembedded-core/message/189288 > > > > > > Mute This Topic: > > https://lists.openembedded.org/mt/101993740/5052612 > > > > > > Group Owner: openembedded-core+owner@lists.openembedded.org > > > > > > Unsubscribe: > > https://lists.openembedded.org/g/openembedded-core/unsub > > > > [ > > > > > > quaresma.jose@gmail.com] > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > > > > > > > > > > > > > > > > > >
Hi Alexandre, This patch is still on master-next but It is no longer necessary because [2] was merged on master and contains the same fixes. [2] https://git.yoctoproject.org/poky/commit/?id=64f76114da1f2d79e24a6a79572f2682b6379452 Jose Erik Schilling <erik.schilling@linaro.org> escreveu no dia quarta, 18/10/2023 à(s) 11:40: > On Wed Oct 18, 2023 at 11:26 AM CEST, Jose Quaresma wrote: > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia quarta, > > 18/10/2023 à(s) 07:33: > > > > > On Tue Oct 17, 2023 at 10:51 AM CEST, Jose Quaresma wrote: > > > > Hi Erik, > > > > > > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça, > > > > 17/10/2023 à(s) 06:51: > > > > > > > > > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote: > > > > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia > segunda, > > > > > > 16/10/2023 à(s) 13:02: > > > > > > > > > > > > > When building with `cryptsetup` and `tpm2` in the > > > > > > > PACKAGECONFIG, this plugin will be emitted. > > > > > > > > > > > > > > Cc: Kristian Klausen <kristian@klausen.dk> > > > > > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org> > > > > > > > Cc: Javier Tia <javier.tia@linaro.org> > > > > > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG") > > > > > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org> > > > > > > > --- > > > > > > > meta/recipes-core/systemd/systemd_254.4.bb | 1 + > > > > > > > 1 file changed, 1 insertion(+) > > > > > > > > > > > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb > > > > > > > b/meta/recipes-core/systemd/systemd_254.4.bb > > > > > > > index 77724eb822..6ecfbaf293 100644 > > > > > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb > > > > > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb > > > > > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \ > > > > > > > ${sysconfdir}/X11/xinit/xinitrc.d/* \ > > > > > > > ${rootlibexecdir}/systemd/* \ > > > > > > > ${rootlibdir}/systemd/libsystemd-core* \ > > > > > > > + > > > > > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \ > > > > > > > > > > > > > > > > > > > The systemd-cryptenroll was packed in the systemd-extra-utils so > > > packing > > > > > > the plugin > > > > > > on the main systemd package is a bit weird. > > > > > > I wonder if a new package like systemd-crypt is better > appropriate > > > for > > > > > this > > > > > > where we > > > > > > going to put the systemd-cryptenroll and all the plugins > available in > > > > > > ${rootlibdir}/cryptsetup > > > > > > > > > > Ah, did not realize that... I agree that breaking up systemd into > > > > > smaller packages would probably be a good thing. Currently > building an > > > > > image with systemd in the initramfs and main image gives little > choice > > > > > over which components go where... I will try a systemd-crypt > variant. > > > > > Will also take a look at how other distros solve this. > > > > > > > > > > > > > I've been using this systemd-crypt package on my distro for some > time now > > > > but I've forgotten to send it. > > > > In this package additionally to the TPM plugin I also have another > for > > > the > > > > PKVS#11. > > > > I have all of these in a bbappend and I can easily extract. > > > > > > > > > Ah that sounds great! > > > > > > > > > > So you don't have to worry, I still do it today. > > > > > > Sorry, I do not understand what you mean here. Did you mean that you > > > plan to send a patch? > > > > > > > I apologize for not being clear. I sent the patch serie yesterday > > [1] > https://patchwork.yoctoproject.org/project/oe-core/list/?series=17834 > > Thanks a lot! Will try it out in the next days! > > - Erik > > > > > > > > > > > - Erik > > > > > > > > > > > > > > > ${libdir}/pam.d \ > > > > > > > ${nonarch_libdir}/pam.d \ > > > > > > > ${systemd_unitdir}/* \ > > > > > > > > > > > > > > --- > > > > > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d > > > > > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726 > > > > > > > > > > > > > > Best regards, > > > > > > > -- > > > > > > > Erik Schilling <erik.schilling@linaro.org> > > > > > > > > > > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > Links: You receive all messages sent to this group. > > > > > > > View/Reply Online (#189288): > > > > > > > > https://lists.openembedded.org/g/openembedded-core/message/189288 > > > > > > > Mute This Topic: > > > https://lists.openembedded.org/mt/101993740/5052612 > > > > > > > Group Owner: openembedded-core+owner@lists.openembedded.org > > > > > > > Unsubscribe: > > > https://lists.openembedded.org/g/openembedded-core/unsub > > > > > [ > > > > > > > quaresma.jose@gmail.com] > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
diff --git a/meta/recipes-core/systemd/systemd_254.4.bb b/meta/recipes-core/systemd/systemd_254.4.bb index 77724eb822..6ecfbaf293 100644 --- a/meta/recipes-core/systemd/systemd_254.4.bb +++ b/meta/recipes-core/systemd/systemd_254.4.bb @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \ ${sysconfdir}/X11/xinit/xinitrc.d/* \ ${rootlibexecdir}/systemd/* \ ${rootlibdir}/systemd/libsystemd-core* \ + ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \ ${libdir}/pam.d \ ${nonarch_libdir}/pam.d \ ${systemd_unitdir}/* \
When building with `cryptsetup` and `tpm2` in the PACKAGECONFIG, this plugin will be emitted. Cc: Kristian Klausen <kristian@klausen.dk> Cc: Mikko Rapeli <mikko.rapeli@linaro.org> Cc: Javier Tia <javier.tia@linaro.org> Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG") Signed-off-by: Erik Schilling <erik.schilling@linaro.org> --- meta/recipes-core/systemd/systemd_254.4.bb | 1 + 1 file changed, 1 insertion(+) --- base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726 Best regards,