tails-remove-overlayfs-dirs.service 1.13 KB
Newer Older
1 2 3 4
[Unit]
# We have to empty the tmpfs where the upperdir and
# workdir of the overlayfs are residing on, else
# the memory will not be cleaned.
5
Description=Remove the overlayfs directories
6
Documentation=https://tails.boum.org/contribute/design/memory_erasure/
7 8 9 10 11 12
# We want to remove the overlayfs directories late in the
# shutdown process. Because at shutdown, units with an
# ordering dependency are stopped in reverse order, we
# want this service to be started very early
# during boot, i.e. before the sysinit.target.
Before=sysinit.target shutdown.target
13
Conflicts=shutdown.target
14
DefaultDependencies=no
15 16 17 18 19

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStop=/bin/rm -rf /lib/live/mount/overlay/rw /lib/live/mount/overlay/work
20 21 22 23 24 25 26
# Tails sets a very small DefaultTimeoutStopSec= value, that this
# service inherits. There's a risk that this default timeout is too
# short for our ExecStop= step to complete successfully. Were this to
# happen, the impact would be incomplete erasing of memory on
# shutdown, which is not great. So let's reset this timeout to the
# default systemd one for this service.
TimeoutStopSec=90s
27 28 29

[Install]
WantedBy=multi-user.target