[Pkg-cryptsetup-devel] Implementing a robust check-system
gebi at sbox.tugraz.at
gebi at sbox.tugraz.at
Fri Feb 3 17:26:23 UTC 2006
Hi,
i'v just added a short description of my ideas of a robust checksystem
for cryptdisks to svn.
main ideas:
- only check things per default if one of OUR actions causes dataloss!
- don't check for all filesystems and hope not to find one!
for swap:
- disable luks for swap usage in cryptdisks.
- if partitions is of type swap wipe it (if user sets / to type swap
it's his fault not ours!).
for plain cryptsetup:
- make postcheck required, because IMHO it's impossible to check for
all filesystems out there + there combinations with raid/lvm/evms (if
no one is given complain loudly about this but do as the user said).
- if the postcheck succeeds everything is fine
- if the postcheck fails, abort (in interactive mode reask the pw
and retry).
such a checksystem should be pretty robust against errors and don't
imply impossible actions.
what do you think about the ideas outlined above?
please read the doc in svn (cryptsetup/trunk/debian/checksystem_doc)
carefully.
greets,
Michael
More information about the Pkg-cryptsetup-devel
mailing list