I have an external USB drive with an encrypted LUKS partition, which should be unlocked at boot if attached. If it is not attached systemd should just ignore the missing device, not throw any errors, and continue booting without waiting for the device. This seems to be a usecase for the nofail crypttab option, as it is described in the manual page: > nofail > The system will not wait for the device to show up and be unlocked at boot, and not fail the boot if it doesn't show up. Thus the relevant line in /etc/crypttab looks like this: > onetouch3 UUID=e3c24abf-143a-4d84-92b1-113f02a49a16 /root/luks/onetouch3 nofail For testing purposes the unlocked partition was not mounted in fstab nor by a unit. But still, using the option does not have the desired effect. systemd waits for the device until it times out, as indicated by two entries in journalctl -b: > Aug 29 14:57:10 pineapple systemd[1]: Job dev-disk-by\x2duuid-e3c24abf\x2d143a\x2d4d84\x2d92b1\x2d113f02a49a16.device/start timed out. > Aug 29 14:57:10 pineapple systemd[1]: Job dev-mapper-onetouch3.device/start failed with result 'dependency'. > Aug 29 14:57:10 pineapple systemd[1]: Job systemd-cryptsetup@onetouch3.service/start failed with result 'dependency'. > Aug 29 14:57:10 pineapple systemd[1]: Job dev-disk-by\x2duuid-e3c24abf\x2d143a\x2d4d84\x2d92b1\x2d113f02a49a16.device/start failed with result 'timeout'. > Aug 29 14:58:44 pineapple systemd[1]: Job dev-disk-by\x2duuid-e3c24abf\x2d143a\x2d4d84\x2d92b1\x2d113f02a49a16.device/start timed out. > Aug 29 14:58:44 pineapple systemd[1]: Job dev-mapper-onetouch3.device/start failed with result 'dependency'. > Aug 29 14:58:44 pineapple systemd[1]: Job systemd-cryptsetup@onetouch3.service/start failed with result 'dependency'. > Aug 29 14:58:44 pineapple systemd[1]: Job dev-disk-by\x2duuid-e3c24abf\x2d143a\x2d4d84\x2d92b1\x2d113f02a49a16.device/start failed with result 'timeout'. I am using Arch Linux and the following packages and their versions might be relevant: linux 3.5.3-1 systemd 189-3 cryptsetup 1.5.0-2
It looks like "nofail" applies to cryptsetup.target. So while your device failed, cryptsetup.target succeeded without it. It seems like what you want to do is reduce the timeout for dev/disk/by/uuid/e3c24abf-143a-4d84-92b1-113f02a49a16.device
On 2012-09-26 at 20:57 +0000 Matthew Monaco <dgbaley27@0x01b.net> wrote: > It looks like "nofail" applies to cryptsetup.target. So while > your device failed, cryptsetup.target succeeded without it. I had missed that. With the nofail option the status of cryptsetup.target is "active" and without it it is "inactive (dead)". However in both cases the boot process is the same. systemd waits until the device times out and then continues booting normally. > It seems like what you want to do is reduce the timeout for > dev/disk/by/uuid/e3c24abf-143a-4d84-92b1-113f02a49a16.device How do I do that? The timeout option described in man:crypttab(5) is for the timeout of the password prompt and not of the device. Is there something like fstab's x-systemd.device-timeout for crypttab? Moreover I think that crypttab's manual page suggests that the nofail already implies an immediate timeout: > The system will not wait for the device to show up (...) As I see it this is a mismatch between the documentation and the implementation and probably the source of my confusion.
After having used systemd for a while I now have a better grasp of this issue. In the meantime systemd has also improved in this respect. For example the timeout for a non-existing device seems to be shorter and there is more and more accurate status output. Generally the nofail option causes the generated units to be added to systemd-cryptsetup.target.wants instead of systemd-cryptsetup.target.requires. It doesn't change any timeouts. If the device is not present the job times out after the default 1.5 minutes. This is all just fine. But a device-timeout option for crypttab analogous to fstab's x-systemd.device-timeout is clearly missing in order to decrease the timeout for removable storage devices.
Fixed in http://cgit.freedesktop.org/systemd/systemd/commit/?id=8eea868708.
Thanks, Zbigniew. x-systemd.device-timeout isn't documented in crypttab's manual page, yet.
http://cgit.freedesktop.org/systemd/systemd/commit/?id=dc5cd2b772
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.