[PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[Erik Schilling]

When building with `cryptsetup` and `tpm2` in the
PACKAGECONFIG, this plugin will be emitted.

Cc: Kristian Klausen <kristian@klausen.dk>
Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
Cc: Javier Tia <javier.tia@linaro.org>
Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG")
Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
---
 meta/recipes-core/systemd/systemd_254.4.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-core/systemd/systemd_254.4.bb b/meta/recipes-core/systemd/systemd_254.4.bb
index 77724eb822..6ecfbaf293 100644
--- a/meta/recipes-core/systemd/systemd_254.4.bb
+++ b/meta/recipes-core/systemd/systemd_254.4.bb
@@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \
                 ${sysconfdir}/X11/xinit/xinitrc.d/* \
                 ${rootlibexecdir}/systemd/* \
                 ${rootlibdir}/systemd/libsystemd-core* \
+                ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \
                 ${libdir}/pam.d \
                 ${nonarch_libdir}/pam.d \
                 ${systemd_unitdir}/* \

---
base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d
change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726

Best regards,
-- 
Erik Schilling <erik.schilling@linaro.org>

Re: [OE-core] [PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[Jose Quaresma]

[-- Attachment #1: Type: text/plain, Size: 2254 bytes --]

Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda,
16/10/2023 à(s) 13:02:

> When building with `cryptsetup` and `tpm2` in the
> PACKAGECONFIG, this plugin will be emitted.
>
> Cc: Kristian Klausen <kristian@klausen.dk>
> Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
> Cc: Javier Tia <javier.tia@linaro.org>
> Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG")
> Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
> ---
>  meta/recipes-core/systemd/systemd_254.4.bb | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/meta/recipes-core/systemd/systemd_254.4.bb
> b/meta/recipes-core/systemd/systemd_254.4.bb
> index 77724eb822..6ecfbaf293 100644
> --- a/meta/recipes-core/systemd/systemd_254.4.bb
> +++ b/meta/recipes-core/systemd/systemd_254.4.bb
> @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \
>                  ${sysconfdir}/X11/xinit/xinitrc.d/* \
>                  ${rootlibexecdir}/systemd/* \
>                  ${rootlibdir}/systemd/libsystemd-core* \
> +
> ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \
>

The systemd-cryptenroll was packed in the systemd-extra-utils so packing
the plugin
on the main systemd package is a bit weird.
I wonder if a new package like systemd-crypt is better appropriate for this
where we
going to put the systemd-cryptenroll and all the plugins available in
${rootlibdir}/cryptsetup

Jose

                 ${libdir}/pam.d \
>                  ${nonarch_libdir}/pam.d \
>                  ${systemd_unitdir}/* \
>
> ---
> base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d
> change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726
>
> Best regards,
> --
> Erik Schilling <erik.schilling@linaro.org>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#189288):
> https://lists.openembedded.org/g/openembedded-core/message/189288
> Mute This Topic: https://lists.openembedded.org/mt/101993740/5052612
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> quaresma.jose@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>

-- 
Best regards,

José Quaresma

[-- Attachment #2: Type: text/html, Size: 4233 bytes --]

Re: [OE-core] [PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[Erik Schilling]

On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote:
> Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda,
> 16/10/2023 à(s) 13:02:
>
> > When building with `cryptsetup` and `tpm2` in the
> > PACKAGECONFIG, this plugin will be emitted.
> >
> > Cc: Kristian Klausen <kristian@klausen.dk>
> > Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
> > Cc: Javier Tia <javier.tia@linaro.org>
> > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG")
> > Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
> > ---
> >  meta/recipes-core/systemd/systemd_254.4.bb | 1 +
> >  1 file changed, 1 insertion(+)
> >
> > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb
> > b/meta/recipes-core/systemd/systemd_254.4.bb
> > index 77724eb822..6ecfbaf293 100644
> > --- a/meta/recipes-core/systemd/systemd_254.4.bb
> > +++ b/meta/recipes-core/systemd/systemd_254.4.bb
> > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \
> >                  ${sysconfdir}/X11/xinit/xinitrc.d/* \
> >                  ${rootlibexecdir}/systemd/* \
> >                  ${rootlibdir}/systemd/libsystemd-core* \
> > +
> > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \
> >
>
> The systemd-cryptenroll was packed in the systemd-extra-utils so packing
> the plugin
> on the main systemd package is a bit weird.
> I wonder if a new package like systemd-crypt is better appropriate for this
> where we
> going to put the systemd-cryptenroll and all the plugins available in
> ${rootlibdir}/cryptsetup

Ah, did not realize that... I agree that breaking up systemd into
smaller packages would probably be a good thing. Currently building an
image with systemd in the initramfs and main image gives little choice
over which components go where... I will try a systemd-crypt variant.
Will also take a look at how other distros solve this.

- Erik

>
> Jose
>
>                  ${libdir}/pam.d \
> >                  ${nonarch_libdir}/pam.d \
> >                  ${systemd_unitdir}/* \
> >
> > ---
> > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d
> > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726
> >
> > Best regards,
> > --
> > Erik Schilling <erik.schilling@linaro.org>
> >
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#189288):
> > https://lists.openembedded.org/g/openembedded-core/message/189288
> > Mute This Topic: https://lists.openembedded.org/mt/101993740/5052612
> > Group Owner: openembedded-core+owner@lists.openembedded.org
> > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> > quaresma.jose@gmail.com]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
> >

Re: [OE-core] [PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[Jose Quaresma]

[-- Attachment #1: Type: text/plain, Size: 3363 bytes --]

Hi Erik,

Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça,
17/10/2023 à(s) 06:51:

> On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote:
> > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda,
> > 16/10/2023 à(s) 13:02:
> >
> > > When building with `cryptsetup` and `tpm2` in the
> > > PACKAGECONFIG, this plugin will be emitted.
> > >
> > > Cc: Kristian Klausen <kristian@klausen.dk>
> > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
> > > Cc: Javier Tia <javier.tia@linaro.org>
> > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG")
> > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
> > > ---
> > >  meta/recipes-core/systemd/systemd_254.4.bb | 1 +
> > >  1 file changed, 1 insertion(+)
> > >
> > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb
> > > b/meta/recipes-core/systemd/systemd_254.4.bb
> > > index 77724eb822..6ecfbaf293 100644
> > > --- a/meta/recipes-core/systemd/systemd_254.4.bb
> > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb
> > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \
> > >                  ${sysconfdir}/X11/xinit/xinitrc.d/* \
> > >                  ${rootlibexecdir}/systemd/* \
> > >                  ${rootlibdir}/systemd/libsystemd-core* \
> > > +
> > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \
> > >
> >
> > The systemd-cryptenroll was packed in the systemd-extra-utils so packing
> > the plugin
> > on the main systemd package is a bit weird.
> > I wonder if a new package like systemd-crypt is better appropriate for
> this
> > where we
> > going to put the systemd-cryptenroll and all the plugins available in
> > ${rootlibdir}/cryptsetup
>
> Ah, did not realize that... I agree that breaking up systemd into
> smaller packages would probably be a good thing. Currently building an
> image with systemd in the initramfs and main image gives little choice
> over which components go where... I will try a systemd-crypt variant.
> Will also take a look at how other distros solve this.
>

I've been using this systemd-crypt package on my distro for some time now
but I've forgotten to send it.
In this package additionally to the TPM plugin I also have another for the
PKVS#11.
I have all of these in a bbappend and I can easily extract.
So you don't have to worry, I still do it today.

Jose


> - Erik
>
> >
> > Jose
> >
> >                  ${libdir}/pam.d \
> > >                  ${nonarch_libdir}/pam.d \
> > >                  ${systemd_unitdir}/* \
> > >
> > > ---
> > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d
> > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726
> > >
> > > Best regards,
> > > --
> > > Erik Schilling <erik.schilling@linaro.org>
> > >
> > >
> > > -=-=-=-=-=-=-=-=-=-=-=-
> > > Links: You receive all messages sent to this group.
> > > View/Reply Online (#189288):
> > > https://lists.openembedded.org/g/openembedded-core/message/189288
> > > Mute This Topic: https://lists.openembedded.org/mt/101993740/5052612
> > > Group Owner: openembedded-core+owner@lists.openembedded.org
> > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
> [
> > > quaresma.jose@gmail.com]
> > > -=-=-=-=-=-=-=-=-=-=-=-
> > >
> > >
>
>

-- 
Best regards,

José Quaresma

[-- Attachment #2: Type: text/html, Size: 5761 bytes --]

Re: [OE-core] [PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[Erik Schilling]

On Tue Oct 17, 2023 at 10:51 AM CEST, Jose Quaresma wrote:
> Hi Erik,
>
> Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça,
> 17/10/2023 à(s) 06:51:
>
> > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote:
> > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda,
> > > 16/10/2023 à(s) 13:02:
> > >
> > > > When building with `cryptsetup` and `tpm2` in the
> > > > PACKAGECONFIG, this plugin will be emitted.
> > > >
> > > > Cc: Kristian Klausen <kristian@klausen.dk>
> > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
> > > > Cc: Javier Tia <javier.tia@linaro.org>
> > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG")
> > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
> > > > ---
> > > >  meta/recipes-core/systemd/systemd_254.4.bb | 1 +
> > > >  1 file changed, 1 insertion(+)
> > > >
> > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb
> > > > b/meta/recipes-core/systemd/systemd_254.4.bb
> > > > index 77724eb822..6ecfbaf293 100644
> > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb
> > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb
> > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \
> > > >                  ${sysconfdir}/X11/xinit/xinitrc.d/* \
> > > >                  ${rootlibexecdir}/systemd/* \
> > > >                  ${rootlibdir}/systemd/libsystemd-core* \
> > > > +
> > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \
> > > >
> > >
> > > The systemd-cryptenroll was packed in the systemd-extra-utils so packing
> > > the plugin
> > > on the main systemd package is a bit weird.
> > > I wonder if a new package like systemd-crypt is better appropriate for
> > this
> > > where we
> > > going to put the systemd-cryptenroll and all the plugins available in
> > > ${rootlibdir}/cryptsetup
> >
> > Ah, did not realize that... I agree that breaking up systemd into
> > smaller packages would probably be a good thing. Currently building an
> > image with systemd in the initramfs and main image gives little choice
> > over which components go where... I will try a systemd-crypt variant.
> > Will also take a look at how other distros solve this.
> >
>
> I've been using this systemd-crypt package on my distro for some time now
> but I've forgotten to send it.
> In this package additionally to the TPM plugin I also have another for the
> PKVS#11.
> I have all of these in a bbappend and I can easily extract.


Ah that sounds great!


> So you don't have to worry, I still do it today.

Sorry, I do not understand what you mean here. Did you mean that you
plan to send a patch?

- Erik

> > >
> > >                  ${libdir}/pam.d \
> > > >                  ${nonarch_libdir}/pam.d \
> > > >                  ${systemd_unitdir}/* \
> > > >
> > > > ---
> > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d
> > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726
> > > >
> > > > Best regards,
> > > > --
> > > > Erik Schilling <erik.schilling@linaro.org>
> > > >
> > > >
> > > > -=-=-=-=-=-=-=-=-=-=-=-
> > > > Links: You receive all messages sent to this group.
> > > > View/Reply Online (#189288):
> > > > https://lists.openembedded.org/g/openembedded-core/message/189288
> > > > Mute This Topic: https://lists.openembedded.org/mt/101993740/5052612
> > > > Group Owner: openembedded-core+owner@lists.openembedded.org
> > > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
> > [
> > > > quaresma.jose@gmail.com]
> > > > -=-=-=-=-=-=-=-=-=-=-=-
> > > >
> > > >
> >
> >

Re: [OE-core] [PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[Jose Quaresma]

[-- Attachment #1: Type: text/plain, Size: 4138 bytes --]

Erik Schilling <erik.schilling@linaro.org> escreveu no dia quarta,
18/10/2023 à(s) 07:33:

> On Tue Oct 17, 2023 at 10:51 AM CEST, Jose Quaresma wrote:
> > Hi Erik,
> >
> > Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça,
> > 17/10/2023 à(s) 06:51:
> >
> > > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote:
> > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda,
> > > > 16/10/2023 à(s) 13:02:
> > > >
> > > > > When building with `cryptsetup` and `tpm2` in the
> > > > > PACKAGECONFIG, this plugin will be emitted.
> > > > >
> > > > > Cc: Kristian Klausen <kristian@klausen.dk>
> > > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
> > > > > Cc: Javier Tia <javier.tia@linaro.org>
> > > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG")
> > > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
> > > > > ---
> > > > >  meta/recipes-core/systemd/systemd_254.4.bb | 1 +
> > > > >  1 file changed, 1 insertion(+)
> > > > >
> > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > b/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > index 77724eb822..6ecfbaf293 100644
> > > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \
> > > > >                  ${sysconfdir}/X11/xinit/xinitrc.d/* \
> > > > >                  ${rootlibexecdir}/systemd/* \
> > > > >                  ${rootlibdir}/systemd/libsystemd-core* \
> > > > > +
> > > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \
> > > > >
> > > >
> > > > The systemd-cryptenroll was packed in the systemd-extra-utils so
> packing
> > > > the plugin
> > > > on the main systemd package is a bit weird.
> > > > I wonder if a new package like systemd-crypt is better appropriate
> for
> > > this
> > > > where we
> > > > going to put the systemd-cryptenroll and all the plugins available in
> > > > ${rootlibdir}/cryptsetup
> > >
> > > Ah, did not realize that... I agree that breaking up systemd into
> > > smaller packages would probably be a good thing. Currently building an
> > > image with systemd in the initramfs and main image gives little choice
> > > over which components go where... I will try a systemd-crypt variant.
> > > Will also take a look at how other distros solve this.
> > >
> >
> > I've been using this systemd-crypt package on my distro for some time now
> > but I've forgotten to send it.
> > In this package additionally to the TPM plugin I also have another for
> the
> > PKVS#11.
> > I have all of these in a bbappend and I can easily extract.
>
>
> Ah that sounds great!
>
>
> > So you don't have to worry, I still do it today.
>
> Sorry, I do not understand what you mean here. Did you mean that you
> plan to send a patch?
>

I apologize for not being clear. I sent the patch serie yesterday
[1] https://patchwork.yoctoproject.org/project/oe-core/list/?series=17834


>
> - Erik
>
> > > >
> > > >                  ${libdir}/pam.d \
> > > > >                  ${nonarch_libdir}/pam.d \
> > > > >                  ${systemd_unitdir}/* \
> > > > >
> > > > > ---
> > > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d
> > > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726
> > > > >
> > > > > Best regards,
> > > > > --
> > > > > Erik Schilling <erik.schilling@linaro.org>
> > > > >
> > > > >
> > > > > -=-=-=-=-=-=-=-=-=-=-=-
> > > > > Links: You receive all messages sent to this group.
> > > > > View/Reply Online (#189288):
> > > > > https://lists.openembedded.org/g/openembedded-core/message/189288
> > > > > Mute This Topic:
> https://lists.openembedded.org/mt/101993740/5052612
> > > > > Group Owner: openembedded-core+owner@lists.openembedded.org
> > > > > Unsubscribe:
> https://lists.openembedded.org/g/openembedded-core/unsub
> > > [
> > > > > quaresma.jose@gmail.com]
> > > > > -=-=-=-=-=-=-=-=-=-=-=-
> > > > >
> > > > >
> > >
> > >
>
>

-- 
Best regards,

José Quaresma

[-- Attachment #2: Type: text/html, Size: 7219 bytes --]

Re: [OE-core] [PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[Erik Schilling]

On Wed Oct 18, 2023 at 11:26 AM CEST, Jose Quaresma wrote:
> Erik Schilling <erik.schilling@linaro.org> escreveu no dia quarta,
> 18/10/2023 à(s) 07:33:
>
> > On Tue Oct 17, 2023 at 10:51 AM CEST, Jose Quaresma wrote:
> > > Hi Erik,
> > >
> > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça,
> > > 17/10/2023 à(s) 06:51:
> > >
> > > > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote:
> > > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia segunda,
> > > > > 16/10/2023 à(s) 13:02:
> > > > >
> > > > > > When building with `cryptsetup` and `tpm2` in the
> > > > > > PACKAGECONFIG, this plugin will be emitted.
> > > > > >
> > > > > > Cc: Kristian Klausen <kristian@klausen.dk>
> > > > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
> > > > > > Cc: Javier Tia <javier.tia@linaro.org>
> > > > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG")
> > > > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
> > > > > > ---
> > > > > >  meta/recipes-core/systemd/systemd_254.4.bb | 1 +
> > > > > >  1 file changed, 1 insertion(+)
> > > > > >
> > > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > > b/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > > index 77724eb822..6ecfbaf293 100644
> > > > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \
> > > > > >                  ${sysconfdir}/X11/xinit/xinitrc.d/* \
> > > > > >                  ${rootlibexecdir}/systemd/* \
> > > > > >                  ${rootlibdir}/systemd/libsystemd-core* \
> > > > > > +
> > > > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \
> > > > > >
> > > > >
> > > > > The systemd-cryptenroll was packed in the systemd-extra-utils so
> > packing
> > > > > the plugin
> > > > > on the main systemd package is a bit weird.
> > > > > I wonder if a new package like systemd-crypt is better appropriate
> > for
> > > > this
> > > > > where we
> > > > > going to put the systemd-cryptenroll and all the plugins available in
> > > > > ${rootlibdir}/cryptsetup
> > > >
> > > > Ah, did not realize that... I agree that breaking up systemd into
> > > > smaller packages would probably be a good thing. Currently building an
> > > > image with systemd in the initramfs and main image gives little choice
> > > > over which components go where... I will try a systemd-crypt variant.
> > > > Will also take a look at how other distros solve this.
> > > >
> > >
> > > I've been using this systemd-crypt package on my distro for some time now
> > > but I've forgotten to send it.
> > > In this package additionally to the TPM plugin I also have another for
> > the
> > > PKVS#11.
> > > I have all of these in a bbappend and I can easily extract.
> >
> >
> > Ah that sounds great!
> >
> >
> > > So you don't have to worry, I still do it today.
> >
> > Sorry, I do not understand what you mean here. Did you mean that you
> > plan to send a patch?
> >
>
> I apologize for not being clear. I sent the patch serie yesterday
> [1] https://patchwork.yoctoproject.org/project/oe-core/list/?series=17834

Thanks a lot! Will try it out in the next days!

- Erik

>
>
> >
> > - Erik
> >
> > > > >
> > > > >                  ${libdir}/pam.d \
> > > > > >                  ${nonarch_libdir}/pam.d \
> > > > > >                  ${systemd_unitdir}/* \
> > > > > >
> > > > > > ---
> > > > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d
> > > > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726
> > > > > >
> > > > > > Best regards,
> > > > > > --
> > > > > > Erik Schilling <erik.schilling@linaro.org>
> > > > > >
> > > > > >
> > > > > > -=-=-=-=-=-=-=-=-=-=-=-
> > > > > > Links: You receive all messages sent to this group.
> > > > > > View/Reply Online (#189288):
> > > > > > https://lists.openembedded.org/g/openembedded-core/message/189288
> > > > > > Mute This Topic:
> > https://lists.openembedded.org/mt/101993740/5052612
> > > > > > Group Owner: openembedded-core+owner@lists.openembedded.org
> > > > > > Unsubscribe:
> > https://lists.openembedded.org/g/openembedded-core/unsub
> > > > [
> > > > > > quaresma.jose@gmail.com]
> > > > > > -=-=-=-=-=-=-=-=-=-=-=-
> > > > > >
> > > > > >
> > > >
> > > >
> >
> >

Re: [OE-core] [PATCH] systemd: fix packaging tpm2 plugin for cryptsetup

[Jose Quaresma]

[-- Attachment #1: Type: text/plain, Size: 5095 bytes --]

Hi Alexandre,

This patch is still on master-next but It is no longer necessary because
[2] was merged on master and contains the same fixes.

[2]
https://git.yoctoproject.org/poky/commit/?id=64f76114da1f2d79e24a6a79572f2682b6379452

Jose

Erik Schilling <erik.schilling@linaro.org> escreveu no dia quarta,
18/10/2023 à(s) 11:40:

> On Wed Oct 18, 2023 at 11:26 AM CEST, Jose Quaresma wrote:
> > Erik Schilling <erik.schilling@linaro.org> escreveu no dia quarta,
> > 18/10/2023 à(s) 07:33:
> >
> > > On Tue Oct 17, 2023 at 10:51 AM CEST, Jose Quaresma wrote:
> > > > Hi Erik,
> > > >
> > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia terça,
> > > > 17/10/2023 à(s) 06:51:
> > > >
> > > > > On Mon Oct 16, 2023 at 6:31 PM CEST, Jose Quaresma wrote:
> > > > > > Erik Schilling <erik.schilling@linaro.org> escreveu no dia
> segunda,
> > > > > > 16/10/2023 à(s) 13:02:
> > > > > >
> > > > > > > When building with `cryptsetup` and `tpm2` in the
> > > > > > > PACKAGECONFIG, this plugin will be emitted.
> > > > > > >
> > > > > > > Cc: Kristian Klausen <kristian@klausen.dk>
> > > > > > > Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
> > > > > > > Cc: Javier Tia <javier.tia@linaro.org>
> > > > > > > Fixes: 7b7dfbfaed ("systemd: Add tpm2 PACKAGECONFIG")
> > > > > > > Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
> > > > > > > ---
> > > > > > >  meta/recipes-core/systemd/systemd_254.4.bb | 1 +
> > > > > > >  1 file changed, 1 insertion(+)
> > > > > > >
> > > > > > > diff --git a/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > > > b/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > > > index 77724eb822..6ecfbaf293 100644
> > > > > > > --- a/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > > > +++ b/meta/recipes-core/systemd/systemd_254.4.bb
> > > > > > > @@ -645,6 +645,7 @@ FILES:${PN} = " ${base_bindir}/* \
> > > > > > >                  ${sysconfdir}/X11/xinit/xinitrc.d/* \
> > > > > > >                  ${rootlibexecdir}/systemd/* \
> > > > > > >                  ${rootlibdir}/systemd/libsystemd-core* \
> > > > > > > +
> > > > > > > ${rootlibdir}/cryptsetup/libcryptsetup-token-systemd-tpm2* \
> > > > > > >
> > > > > >
> > > > > > The systemd-cryptenroll was packed in the systemd-extra-utils so
> > > packing
> > > > > > the plugin
> > > > > > on the main systemd package is a bit weird.
> > > > > > I wonder if a new package like systemd-crypt is better
> appropriate
> > > for
> > > > > this
> > > > > > where we
> > > > > > going to put the systemd-cryptenroll and all the plugins
> available in
> > > > > > ${rootlibdir}/cryptsetup
> > > > >
> > > > > Ah, did not realize that... I agree that breaking up systemd into
> > > > > smaller packages would probably be a good thing. Currently
> building an
> > > > > image with systemd in the initramfs and main image gives little
> choice
> > > > > over which components go where... I will try a systemd-crypt
> variant.
> > > > > Will also take a look at how other distros solve this.
> > > > >
> > > >
> > > > I've been using this systemd-crypt package on my distro for some
> time now
> > > > but I've forgotten to send it.
> > > > In this package additionally to the TPM plugin I also have another
> for
> > > the
> > > > PKVS#11.
> > > > I have all of these in a bbappend and I can easily extract.
> > >
> > >
> > > Ah that sounds great!
> > >
> > >
> > > > So you don't have to worry, I still do it today.
> > >
> > > Sorry, I do not understand what you mean here. Did you mean that you
> > > plan to send a patch?
> > >
> >
> > I apologize for not being clear. I sent the patch serie yesterday
> > [1]
> https://patchwork.yoctoproject.org/project/oe-core/list/?series=17834
>
> Thanks a lot! Will try it out in the next days!
>
> - Erik
>
> >
> >
> > >
> > > - Erik
> > >
> > > > > >
> > > > > >                  ${libdir}/pam.d \
> > > > > > >                  ${nonarch_libdir}/pam.d \
> > > > > > >                  ${systemd_unitdir}/* \
> > > > > > >
> > > > > > > ---
> > > > > > > base-commit: 97f0a73c0a9db5506310328cd29f165eab3c509d
> > > > > > > change-id: 20231016-b4-systemd-tpm2-crypt-plugin-5064c458e726
> > > > > > >
> > > > > > > Best regards,
> > > > > > > --
> > > > > > > Erik Schilling <erik.schilling@linaro.org>
> > > > > > >
> > > > > > >
> > > > > > > -=-=-=-=-=-=-=-=-=-=-=-
> > > > > > > Links: You receive all messages sent to this group.
> > > > > > > View/Reply Online (#189288):
> > > > > > >
> https://lists.openembedded.org/g/openembedded-core/message/189288
> > > > > > > Mute This Topic:
> > > https://lists.openembedded.org/mt/101993740/5052612
> > > > > > > Group Owner: openembedded-core+owner@lists.openembedded.org
> > > > > > > Unsubscribe:
> > > https://lists.openembedded.org/g/openembedded-core/unsub
> > > > > [
> > > > > > > quaresma.jose@gmail.com]
> > > > > > > -=-=-=-=-=-=-=-=-=-=-=-
> > > > > > >
> > > > > > >
> > > > >
> > > > >
> > >
> > >
>
>

-- 
Best regards,

José Quaresma

[-- Attachment #2: Type: text/html, Size: 8939 bytes --]