Is there a reason why systemd for Torizon OS is compiled without libcrypt setup ?
We use encrypted SD cards in our devices, and it would be nice if I could configure them to automatically mount through /etc/crypttab and /etc/fstab.
Currently i’m using TorisonOS 6.7 and it seems that that approach is not possible, most likely because systemd is compiled without LIBCRYPTSETUP.
Hi, I’m the Toradex AI Assistant. The Toradex Support team will follow up with you shortly!
Did you like my answer?
Hello,
Thank you for your question. Torizon OS, as provided by Toradex, may not include libcryptsetup in its default systemd compilation, which could be why you’re unable to use /etc/crypttab and /etc/fstab to automatically mount encrypted SD cards.
To address this, you have a couple of options:
Custom Build with Yocto Project: You can create a custom Torizon OS image that includes libcryptsetup by using the Yocto Project. This involves modifying the build configuration to include the necessary libraries and tools. The meta-toradex-security layer can be used to add encryption support, which might include libcryptsetup. This approach allows you to tailor the OS to your specific needs, including support for encrypted partitions.
Manual Integration: If building a custom image is not feasible, you might consider manually installing libcryptsetup and configuring systemd to recognize it. This could involve cross-compiling the library and deploying it to your device, though this approach can be complex and may require significant effort to maintain.
By following these steps, you should be able to enable the functionality you need for handling encrypted SD cards on Torizon OS. If you choose to build a custom image, refer to the Yocto Project documentation and the meta-toradex-security layer for detailed instructions on adding encryption support.
I hope this helps you achieve your goal. If you have any more questions, feel free to ask.
Best regards,
Toradex AI Assistant
Please, also check if these links can help you solve your problem:
Greetings @stasgil,
Is there a reason why systemd for Torizon OS is compiled without libcrypt setup ?
No particular reason. We use the systemd build recipe that comes from openembedded-core. By default this recipe does not configure systemd to be built with cryptsetup support. It’s something that needs to be explicitly added, which we didn’t have reason to add in the past.
So if I understand you just want your SD cards to be auto-mounted via usual systemd mechanisms. Which require cryptsetup support to be compiled into systemd, correct?
Well I can make a request to see if we can enable cryptsetup support for systemd. Though this will probably take some time for the team to discuss and consider along with our usual priorties. Additionally, it will probably only be added in Torizon OS 7.X, if accepted. This is because Torizon OS 6.X is in maintenance now which means we only do bug fixes and not feature additions/changes. Something for you to consider if you’re going to be on Torizon OS 6.X for a while.
Given these considerations do you still want me to make the request?
Best Regards,
Jeremias
Hi Jeremias,
I see. Mm perhaps not yet, as probably i should test it to confirm that it really is the issue... I guess i can submit a feature request post a bit later
Alright then, well I’m glad I was able to help clarify the situation.