| 4 Oct 2024 |
 mjm | it's hard to say, the unlock service seems to start just before the target gets reached, and ends some time after | 03:04:47 |
| mjm | but also like...maybe systemd is smart enough to do the right thing with the TPM for those credentials? idk | 03:05:35 |
 ElvishJerricco | maybe systemd blocks until a TPM shows up? | 03:05:46 |
| ElvishJerricco | I'll test some stuff out | 03:06:07 |
| mjm | it might | 03:06:12 |
| mjm | In reply to @mjm:midna.dev
i think there may be something else weird here with impermanence, it makes this create-needed-for-boot-dirs service in initrd that is failing, not sure why yet. it's possible it was failing before though, since it doesn't seem to be blocking boot confirmed this is not an issue specifically with the new generator. this service is new in impermanence as of like a week ago, and it seems like it's not properly accounting for encrypted filesystems that need to be unlocked | 03:15:41 |
| mjm | so i guess i'll file an issue about that | 03:16:07 |
| ElvishJerricco | mjm: I'm trying to figure out what this service is even doing and I don't think it makes any sense? | 03:18:06 |
| ElvishJerricco | systemd already creates the mount points before starting mount units | 03:18:14 |
| mjm | hmm | 03:18:35 |
| mjm | well, it's not creating the mount points | 03:18:57 |
| mjm | it's creating the source of the bind mount, not the target | 03:19:07 |
| ElvishJerricco | well of course not | 03:19:13 |
| ElvishJerricco | it's ordered before sysroot.mount | 03:19:17 |
| ElvishJerricco | oh | 03:19:19 |
| ElvishJerricco | no it makes the mounts | 03:19:21 |
| ElvishJerricco | and then unmounts them | 03:19:27 |
| mjm | it mounts the persistent FS in a temp dir | 03:19:32 |
| mjm | then creates the directories the bind mounts will be mounting from | 03:19:43 |
| mjm | and then unmounts it | 03:19:46 |
| ElvishJerricco | yea I'm pretty sure you just don't need to do that in systemd initrd | 03:19:58 |
| ElvishJerricco | I have a feeling they made this for scripted initrd and assumed it needed a systemd initrd implementation | 03:20:12 |
| mjm | maybe? | 03:20:19 |
| mjm | it's not clear to me, if you have a bind mount from /persist/foo to /foo, it makes sense to me that systemd will ensure /foo exists before mounting. but will it create /persist/foo? | 03:20:58 |
| mjm | because that's what this is doing | 03:21:03 |
| mjm | it would be reasonable for systemd to assume it already exists imo | 03:21:28 |
| ElvishJerricco | oh | 03:21:31 |
| ElvishJerricco | yea | 03:21:32 |
| ElvishJerricco | that does make sense | 03:21:35 |
| ElvishJerricco | I mean I don't think that's how I'd do it | 03:21:46 |
