From: Harald Hoyer <***@redhat.com>

The password query for a crypto device currently times out after 90s,
which is too short to grab a cup of coffee when a machine boots up.

The resulting decrypted device /dev/mapper/luks-<uuid> might not
be a mountpoint (but part of a LVM PV or raid array)
and therefore the timeout cannot be controlled by the settings
in /etc/fstab. For this reason this device should not carry its own timeout.

Also the encrypted device /dev/disk/by-*/* already has a timeout and
additionally the timeout for the password query is set in /etc/crypttab.

This patch disables the timeout of the resulting decrypted devices by creating
<device-unit>.d/50-job-timeout-sec-0.conf files with "JobTimeoutSec=0".
---
src/cryptsetup/cryptsetup-generator.c | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)

diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index 6b9bc55..33604f7 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -213,6 +213,35 @@ static int create_disk(
return -errno;
}

+ if (!noauto && !nofail) {
+ free(p);
+ p = strjoin(arg_dest, "/dev-mapper-", e, ".device.d/50-job-timeout-sec-0.conf", NULL);
+ if (!p)
+ return log_oom();
+
+ mkdir_parents_label(p, 0755);
+
+ if (f)
+ fclose(f);
+ f = fopen(p, "wxe");
+ if (!f) {
+ log_error("Failed to create unit file %s: %m", p);
+ return -errno;
+ }
+
+ fprintf(f,
+ "# Automatically generated by systemd-cryptsetup-generator\n\n"
+ "[Unit]\n"
+ "JobTimeoutSec=0\n" /* the binary handles timeouts anyway */
+ );
+ fflush(f);
+
+ if (ferror(f)) {
+ log_error("Failed to write file %s: %m", p);
+ return -errno;
+ }
+ }
+
return 0;
}

Well, LVM does not care about proper dependencies. They still are so
naive to assume they are run at a point in time where all devices are
probed.

Whether or not .device units exist is pretty much ignored by LVM.
Well, not an excuse to make the same mistake... ;-)

Lennart