mirror of
https://https.git.savannah.gnu.org/git/guix.git/
synced 2025-07-10 08:30:39 +02:00
mapped-devices/luks: Add support for --allow-discards.
* gnu/system/mapped-devices.scm (open-luks-device): Support opening LUKS devices with the --allow-discards option. * gnu/system/mapped-devices.scm (luks-device-mapping-with-options): Pass through the allow-discards? keyword argument. * doc/guix.texi (Mapped Devices): Update documentation for the luks-device-mapping-with-options procedure. Co-authored-by: Sisiutl <sisiutl@egregore.fun> Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Change-Id: Iff82d7d548486f028d19f6aa35dd30ca194f57cc
This commit is contained in:
parent
8984d4bbb2
commit
7aa855b05b
2 changed files with 32 additions and 17 deletions
|
@ -194,9 +194,10 @@ option of @command{guix system}.\n")
|
|||
;;; Common device mappings.
|
||||
;;;
|
||||
|
||||
(define* (open-luks-device source targets #:key key-file)
|
||||
(define* (open-luks-device source targets #:key key-file allow-discards?)
|
||||
"Return a gexp that maps SOURCE to TARGET as a LUKS device, using
|
||||
'cryptsetup'."
|
||||
'cryptsetup'. When ALLOW-DISCARDS? is true, the use of discard (TRIM)
|
||||
requests is allowed for the underlying device."
|
||||
(with-imported-modules (source-module-closure
|
||||
'((gnu build file-systems)
|
||||
(guix build utils))) ;; For mkdir-p
|
||||
|
@ -234,17 +235,20 @@ option of @command{guix system}.\n")
|
|||
(loop (- tries-left 1))))))
|
||||
(error "LUKS partition not found" source))
|
||||
source)))
|
||||
;; We want to fallback to the password unlock if the keyfile fails.
|
||||
(or (and keyfile
|
||||
(zero? (system*/tty
|
||||
#$(file-append cryptsetup-static "/sbin/cryptsetup")
|
||||
"open" "--type" "luks"
|
||||
"--key-file" keyfile
|
||||
partition #$target)))
|
||||
(zero? (system*/tty
|
||||
#$(file-append cryptsetup-static "/sbin/cryptsetup")
|
||||
"open" "--type" "luks"
|
||||
partition #$target)))))))))
|
||||
(let ((cryptsetup #$(file-append cryptsetup-static
|
||||
"/sbin/cryptsetup"))
|
||||
(cryptsetup-flags (cons*
|
||||
"open" "--type" "luks" partition #$target
|
||||
(if #$allow-discards?
|
||||
'("--allow-discards")
|
||||
'()))))
|
||||
;; We want to fallback to the password unlock if the keyfile
|
||||
;; fails.
|
||||
(or (and keyfile
|
||||
(zero? (apply system*/tty cryptsetup
|
||||
"--key-file" keyfile cryptsetup-flags)))
|
||||
(zero? (apply system*/tty cryptsetup
|
||||
cryptsetup-flags))))))))))
|
||||
|
||||
(define (close-luks-device source targets)
|
||||
"Return a gexp that closes TARGET, a LUKS device."
|
||||
|
@ -286,13 +290,15 @@ option of @command{guix system}.\n")
|
|||
((gnu build file-systems)
|
||||
#:select (find-partition-by-luks-uuid system*/tty))))))
|
||||
|
||||
(define* (luks-device-mapping-with-options #:key key-file)
|
||||
(define* (luks-device-mapping-with-options #:key key-file allow-discards?)
|
||||
"Return a luks-device-mapping object with open modified to pass the arguments
|
||||
into the open-luks-device procedure."
|
||||
(mapped-device-kind
|
||||
(inherit luks-device-mapping)
|
||||
(open (λ (source targets) (open-luks-device source targets
|
||||
#:key-file key-file)))))
|
||||
(open (λ (source targets)
|
||||
(open-luks-device source targets
|
||||
#:key-file key-file
|
||||
#:allow-discards? allow-discards?)))))
|
||||
|
||||
(define (open-raid-device sources targets)
|
||||
"Return a gexp that assembles SOURCES (a list of devices) to the RAID device
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue