obel1x/fedora-OEMDRV
0
0
Fork 1
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

mount_ecrypt_home: run gocryptfs in foreground to fix premature ExecStop

Browse Source 
Without -fg, gocryptfs forks to background and the parent exits,
causing systemd to consider the service done and immediately call
ExecStop (fusermount -u). With -fg, gocryptfs stays as the tracked
service process so ExecStop only fires on explicit service stop at
logout.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Daniel unbrot Pätzold
2026-05-07 17:55:28 +02:00
parent 815fa46daa
commit b9d13e821d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
system_setup/mount_ecrypt_home.sh
+1 -1
View File
@@ -97,7 +97,7 @@ systemd-run --user --unit=gocryptfs-home \
--property="ExecStop=/usr/bin/fusermount -u ${DECRYPTEDDATADIR}" \ --property="ExecStop=/usr/bin/fusermount -u ${DECRYPTEDDATADIR}" \
--property=KillMode=none \ --property=KillMode=none \
--property=TimeoutStopSec=30 \ --property=TimeoutStopSec=30 \
gocryptfs -noprealloc -allow_other -passfile ${XDG_RUNTIME_DIR}/IPAVAULTKEY -config ${HOME}/.config/gocryptfs/gocryptfs.conf ${ENCRYPTEDDATADIR} ${DECRYPTEDDATADIR} >/dev/null gocryptfs -fg -noprealloc -allow_other -passfile ${XDG_RUNTIME_DIR}/IPAVAULTKEY -config ${HOME}/.config/gocryptfs/gocryptfs.conf ${ENCRYPTEDDATADIR} ${DECRYPTEDDATADIR} >/dev/null
RETVAL=$? RETVAL=$?
# Service starts asynchronously - wait for the FUSE mount to appear before removing # Service starts asynchronously - wait for the FUSE mount to appear before removing
# the passfile, otherwise gocryptfs may not have read it yet # the passfile, otherwise gocryptfs may not have read it yet