udev question

udev question

[Mr Dash Four]

A simple question: in /etc/udev/rules.d/ (on the root partition!) I have 
a .rules file for one of my smartcard devices which has, among other 
things, this statement:

PROGRAM="/bin/sleep 0.1"

This program is not on the initramfs image, but it is in the /bin 
directory on the root partition. I was under the impression that root is 
not mounted until udev has finished its job - is that not the case? If 
so, how is this program executed then? I also have a lot of other 
statements with RUN+=... which also refer to executables not present in 
initramfs - they are all present in the root partition. When/How do 
these execute then?

Am I missing something fundamental here?

Re: udev question

[Harald Hoyer]

On 10/25/2010 07:46 PM, Mr Dash Four wrote:
> A simple question: in /etc/udev/rules.d/ (on the root partition!) I have a
> .rules file for one of my smartcard devices which has, among other things, this
> statement:
>
> PROGRAM="/bin/sleep 0.1"
>
> This program is not on the initramfs image, but it is in the /bin directory on
> the root partition. I was under the impression that root is not mounted until
> udev has finished its job - is that not the case? If so, how is this program
> executed then? I also have a lot of other statements with RUN+=... which also
> refer to executables not present in initramfs - they are all present in the root
> partition. When/How do these execute then?
>
> Am I missing something fundamental here?

udev runs a second time in the real root, just because of this limitation of the 
initramfs.

Re: udev question

[Mr Dash Four]

>>
>> Am I missing something fundamental here?
>
> udev runs a second time in the real root, just because of this 
> limitation of the initramfs.
Yeah, I sort of figured it out yesterday after running a 'probe' version 
of the '90crypt; module. I have another udev-related query though - if 
multiple rules register for the same udev triggers (like 
ENV{ID_FS_TYPE}=='crypto_LUKS') how are they executed and can the order 
of execution be controlled?

The reason I am asking this is because, as it turns out, I may need to 
design a separate module for smartcard tokens to be used with LUKS and 
the way I see this is when LUKS partition gets matched by udev the 
smartcard module needs to get the first go (for all smartcard-specified 
LUKS partitions) then 90crypt (with key file login, possibly falling 
back on password authentication if the key file data is not successful - 
though this, as far as I can see, is not yet implemented!).

Unfortunately, my udev knowledge is not that much to know is that 
possible, hence the my query.

Re: udev question

[Harald Hoyer]

On 10/26/2010 01:20 PM, Mr Dash Four wrote:
>
>>>
>>> Am I missing something fundamental here?
>>
>> udev runs a second time in the real root, just because of this limitation of
>> the initramfs.
> Yeah, I sort of figured it out yesterday after running a 'probe' version of the
> '90crypt; module. I have another udev-related query though - if multiple rules
> register for the same udev triggers (like ENV{ID_FS_TYPE}=='crypto_LUKS') how
> are they executed and can the order of execution be controlled?
>
> The reason I am asking this is because, as it turns out, I may need to design a
> separate module for smartcard tokens to be used with LUKS and the way I see this
> is when LUKS partition gets matched by udev the smartcard module needs to get
> the first go (for all smartcard-specified LUKS partitions) then 90crypt (with
> key file login, possibly falling back on password authentication if the key file
> data is not successful - though this, as far as I can see, is not yet
> implemented!).
>
> Unfortunately, my udev knowledge is not that much to know is that possible,
> hence the my query.

place it in a udev rules file with a lower number... first come, first serve.

Re: udev question

[Mr Dash Four]

>> Unfortunately, my udev knowledge is not that much to know is that 
>> possible,
>> hence the my query.
>
> place it in a udev rules file with a lower number... first come, first 
> serve.
In other words if I do udev/rules.d/65token.rules that should be enough, 
right? I also presume that once the /tmp/crypt-root-asked-$2 is set 
90crypt won't touch it. Is that right?