[Pkg-cryptsetup-devel] Re: RFC: Adding a lvm parameter to crypttab

Jonas Meurer jonas at freesources.org
Wed Apr 26 19:18:15 UTC 2006


On 22/04/2006 David Härdeman wrote:
> >a more general solution, and one that seems better to me, is to run
> >cryptdisks twice in boot/halt process. once before lvm/evms/... have
> >been started/stopped, and once after.
> >at start, cryptsetup starts only the existing devices anyway, and is
> >quiet for nonexistant ones.
> >at stop, it stops only devices which are not busy anymore.
> >
> >so all we would have to do, is make "cryptsetup stop" silent for busy
> >devices, and install additional symlinks in the /etc/rc{S,0,6} dirs.
> >unfortunately update-rc.d has no support for that yet, and i'm not sure
> >if it's allowed by policy at all.
> >
> >but from a technical point of view, i see no problems with running an
> >initscript twice in the boot process.
> >
> >what do you think?
> 
> I don't have any strong opinions on the matter. Adding the lvm option to 
> cryptsetup would be something like 15 extra lines (I just tried it), but 
> the init change wouldn't be big either, and it would add support for 
> lvm/evms/whatever. It's your call :)
>
> [...]
>
> I think a simpler solution would be to create one common script with 99% 
> of the functionality and two separate init scripts which source that 
> common script.

i liked your idea of including the same shell-script twice and thus
having two different initscripts. i've implemented that now in svn, and
it seems to work well. feel free to comment on it.

> This would also allow us to provide different log message "Starting 
> primary cryptdisks", "Starting secondary cryptdisks", and it would mean 
> that no infrastructure changes would be needed (which would probably 
> take much longer).

i decided to call them "early cryptdisks" and "remaining cryptdisks".

> The disadvantage would be the confusion to the end-user if they want to 
> do this manually (oh by the way, you have to run cryptsetup-secondary 
> stop, lvm stop, evms stop, cryptsetup-primary stop....). But that might 
> be acceptable since there is not many scenarios where one would need to 
> shut the mappings down manually and a complex setup like mixing crypt 
> and lvm/evms is bound to bring *some* complexity.

the user can continue to use /etc/init.d/cryptdisks. the second script
for the "remaining cryptdisks" hasn't been renamed. only the first one
is called cryptdisks-early.

...
 jonas



More information about the Pkg-cryptsetup-devel mailing list