system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-10-01 13:55:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

units: Order pcrlock services after systemd-remounts-fs.service

Browse source 
These write to /var and as such need to wait until after the rootfs
has been remounted read-write.
This commit is contained in:
Daan De Meyer 2024-01-26 11:29:35 +01:00 committed by Luca Boccassi
parent 678bd12cfc
commit 09e6921758
7 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
units/systemd-pcrlock-file-system.service.in
View file

@ -13,6 +13,7 @@ Documentation=man:systemd-pcrlock(8)
DefaultDependencies=no
Conflicts=shutdown.target
Before=sysinit.target shutdown.target systemd-pcrlock-make-policy.service
After=systemd-remount-fs.service var.mount
ConditionPathExists=!/etc/initrd-release
ConditionSecurity=measured-uki

2
units/systemd-pcrlock-firmware-code.service.in
View file

@ -12,7 +12,7 @@ Description=Lock Firmware Code to TPM2 PCR Policy
Documentation=man:systemd-pcrlock(8)
DefaultDependencies=no
Conflicts=shutdown.target
After=systemd-tpm2-setup.service
After=systemd-tpm2-setup.service systemd-remount-fs.service var.mount
Before=sysinit.target shutdown.target systemd-pcrlock-make-policy.service
ConditionPathExists=!/etc/initrd-release
ConditionSecurity=measured-uki

2
units/systemd-pcrlock-firmware-config.service.in
View file

@ -12,7 +12,7 @@ Description=Lock Firmware Configuration to TPM2 PCR Policy
Documentation=man:systemd-pcrlock(8)
DefaultDependencies=no
Conflicts=shutdown.target
After=systemd-tpm2-setup.service
After=systemd-tpm2-setup.service systemd-remount-fs.service var.mount
Before=sysinit.target shutdown.target systemd-pcrlock-make-policy.service
ConditionPathExists=!/etc/initrd-release
ConditionSecurity=measured-uki

1
units/systemd-pcrlock-machine-id.service.in
View file

@ -13,6 +13,7 @@ Documentation=man:systemd-pcrlock(8)
DefaultDependencies=no
Conflicts=shutdown.target
Before=sysinit.target shutdown.target systemd-pcrlock-make-policy.service
After=systemd-remount-fs.service var.mount
ConditionPathExists=!/etc/initrd-release
ConditionSecurity=measured-uki

1
units/systemd-pcrlock-make-policy.service.in
View file

@ -14,6 +14,7 @@ DefaultDependencies=no
Conflicts=shutdown.target
After=systemd-tpm2-setup.service
Before=sysinit.target shutdown.target
After=systemd-remount-fs.service var.mount
ConditionPathExists=!/etc/initrd-release
ConditionSecurity=measured-uki

1
units/systemd-pcrlock-secureboot-authority.service.in
View file

@ -14,6 +14,7 @@ DefaultDependencies=no
Conflicts=shutdown.target
After=systemd-tpm2-setup.service
Before=sysinit.target shutdown.target systemd-pcrlock-make-policy.service
After=systemd-remount-fs.service var.mount
ConditionPathExists=!/etc/initrd-release
ConditionSecurity=measured-uki

1
units/systemd-pcrlock-secureboot-policy.service.in
View file

@ -14,6 +14,7 @@ DefaultDependencies=no
Conflicts=shutdown.target
After=systemd-tpm2-setup.service
Before=sysinit.target shutdown.target systemd-pcrlock-make-policy.service
After=systemd-remount-fs.service var.mount
ConditionPathExists=!/etc/initrd-release
ConditionSecurity=measured-uki