Is the special systemd build still needed?

[franklouwers]

Is the special systemd build still needed? On my test box with a TPM2 module, it is detected by systemd-cryptenroll --tpm2-device=/dev/tpm0 --tpm2-pcrs=7? Only thing which would be needed would be the cryptsetup patches...

[wmcelderry]

Hi Frank! Glad to hear from you.

I'm not 100% sure on this: I get the impression that the answer is "no[ it is not needed]" from the conclusion of this bug report, but it depends on the systemd version.

I wrote this before the bug report and fix was integrated, so I've left it here for now to be sure.

[wmcelderry]

(It would be great to hear if you have success without it and I'll update the readme and change the script to skip that step by default.)

[wmcelderry]

This bug report shows some progress towards [the functionality of] the patches you refer to [being integrated in to Ubuntu], but I've not heard back since I've flagged the patches I've made.

NB: edited after publishing to make more sense, edits denoted by '[edited text]'

[wmcelderry]

I've just read some more. I think it is currently needed, but will not be needed as of the Ubuntu release '22.10 aka kinetic', though there may be a back-port.

Could be wrong though, so always worth a try.

[guruevi]

I'm currently running on the latest updates on Ubuntu 22 LTS Server

TPM2 support is properly integrated in the latest mainstream updates. I just ran the script with
install_docker compile_systemd_with_tpm2 install_systemd_with_tpm2 commented out. Works perfectly fine.

[wmcelderry]

Thanks - sounds like the answer is well and truly 'not any more'. I'll update the scripts when I get a chance.

[wmcelderry]

scripts updated - closing this issue.