Thank you for the pointers! That’s very valuable!
Does anyone have a spare (non daily driver) SFOS device with full encryption turned on, in order to test which part of Defender causes the hang?
(My XA2 is my daily driver, my X currently needs Android so I can use the local covid tracking app in my country).
@peterleinchen has already pointed out the steps in this comment, basically:
- turn out everything that is installed by defender (3 systemd units: path, service, timer).
- try turning them on.
My hunch is that the .path unit (which require the nemo user’s home path to be available) is somehow creating a unresolvable circular dependency loop on fully-encrypted devices.
I would be better:
- move the requirement into the .service which is started by timer (or even implement a check in the python code).
- rewrite the dependency of .service as a “after=” pointing to the service in charge of unlocking.
- rewrite other parts of the code to handle the new situation were the main user isn’t necessarily called ‘nemo’ anymore (i.e.: there are a few hard-coded “/home/nemo” instances which should be changed to environment variables, and the installer script should install the units as user sessions).