unbrot/fedora-OEMDRV
1
0
Fork 0
forked from obel1x/fedora-OEMDRV
Code Pull Requests Activity

mount_ecrypt_home: wait for FUSE mount before removing passfile

Browse Source 
systemd-run service mode returns as soon as the start request is
accepted, before gocryptfs has read the passfile. Poll /proc/mounts
for up to 10 seconds so the passfile is only removed after the mount
is confirmed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Daniel unbrot Pätzold
2026-05-07 17:39:55 +02:00
parent 588f669a60
commit 815fa46daa
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
system_setup/mount_ecrypt_home.sh
+8 -1
View File
@@ -99,7 +99,14 @@ systemd-run --user --unit=gocryptfs-home \
--property=TimeoutStopSec=30 \ --property=TimeoutStopSec=30 \
gocryptfs -noprealloc -allow_other -passfile ${XDG_RUNTIME_DIR}/IPAVAULTKEY -config ${HOME}/.config/gocryptfs/gocryptfs.conf ${ENCRYPTEDDATADIR} ${DECRYPTEDDATADIR} >/dev/null gocryptfs -noprealloc -allow_other -passfile ${XDG_RUNTIME_DIR}/IPAVAULTKEY -config ${HOME}/.config/gocryptfs/gocryptfs.conf ${ENCRYPTEDDATADIR} ${DECRYPTEDDATADIR} >/dev/null
RETVAL=$? RETVAL=$?
rm ${XDG_RUNTIME_DIR}/IPAVAULTKEY # Service starts asynchronously - wait for the FUSE mount to appear before removing
# the passfile, otherwise gocryptfs may not have read it yet
_t=0
while [ "${_t}" -lt 10 ] && ! grep -q "${DECRYPTEDDATADIR}" /proc/mounts 2>/dev/null; do
sleep 1
_t=$((_t + 1))
done
rm -f ${XDG_RUNTIME_DIR}/IPAVAULTKEY
cd ${EXECDIR} cd ${EXECDIR}
if [ ${RETVAL} -eq 0 ]; then if [ ${RETVAL} -eq 0 ]; then
echo "Sucessfully mounted encrypted private Directory ${DECRYPTEDDATADIR}" echo "Sucessfully mounted encrypted private Directory ${DECRYPTEDDATADIR}"