Ensure TCSD is started before Clevis for tpm1 pin functionality

This is a weak requirement, so when TCSD is missing, it does not influence
the Clevis askpass service startup. Similarly if the TCSD startup fails,
it does not affect the Clevis askpass service startup.

Signed-off-by: Oldřich Jedlička <[email protected]>

Author: oldium

src/luks/systemd/clevis-luks-askpass.service.in

@@ -2,6 +2,8 @@
 Description=Forward Password Requests to Clevis
 Documentation=man:clevis-luks-unlockers(7)
 DefaultDependencies=no
+After=tcsd.service
+Wants=tcsd.service
 Before=shutdown.target
 Conflicts=shutdown.target
 

src/luks/systemd/clevis-tcsd.conf

@@ -0,0 +1,6 @@
+[Unit]
+DefaultDependencies=no
+After=local-fs.target
+Requires=local-fs.target
+Before=shutdown.target
+Conflicts=shutdown.target

src/luks/systemd/meson.build

@@ -12,6 +12,7 @@ if systemd.found() and sd_reply_pass.found()
   data.set('SYSTEMD_REPLY_PASS', sd_reply_pass.path())
 
   unitdir = systemd.get_pkgconfig_variable('systemdsystemunitdir')
+  tcsdoverridedir = join_paths(unitdir, 'tcsd.service.d')
 
   configure_file(
     input: 'clevis-luks-askpass.service.in',
@@ -28,6 +29,7 @@ if systemd.found() and sd_reply_pass.found()
   )
 
   install_data('clevis-luks-askpass.path', install_dir: unitdir)
+  install_data('clevis-tcsd.conf', install_dir: tcsdoverridedir)
 else
   warning('Will not install systemd support due to missing dependencies!')
 endif