[Pkg-cryptsetup-devel] Implementing a robust check-system

gebi at sbox.tugraz.at gebi at sbox.tugraz.at
Fri Feb 3 17:26:23 UTC 2006


i'v just added a short description of my ideas of a robust checksystem  
for cryptdisks to svn.

main ideas:
- only check things per default if one of OUR actions causes dataloss!
- don't check for all filesystems and hope not to find one!

for swap:
- disable luks for swap usage in cryptdisks.
- if partitions is of type swap wipe it (if user sets / to type swap  
it's his fault not ours!).

for plain cryptsetup:
- make postcheck required, because IMHO it's impossible to check for  
all filesystems out there + there combinations with raid/lvm/evms (if  
no one is given complain loudly about this but do as the user said).
    - if the postcheck succeeds everything is fine
    - if the postcheck fails, abort (in interactive mode reask the pw  
and retry).

such a checksystem should be pretty robust against errors and don't  
imply impossible actions.

what do you think about the ideas outlined above?

please read the doc in svn (cryptsetup/trunk/debian/checksystem_doc)  


More information about the Pkg-cryptsetup-devel mailing list