[Pkg-cryptsetup-devel] Bug#414326: cryptsetup: cryptsetup starting its disks should have "verify" as default

Joerg Jaspert joerg at ganneff.de
Sun Mar 18 23:37:35 CET 2007


On 10962 March 1977, Jonas Meurer wrote:

>> It also silently changes behaviour between sarge and etch.


>> The thing is simple - as subject says the option "verify" should be
>> default for entries in crypttab. One can always type one letter wrong,
>> and should not be left with a broken system. (Imaging having all of the
>> system except / on cryptofoo).

> So you suggest to ask for the passphrase twice at normal cryptsetup
> startup? Do you suggest it for 'cryptsetup create' only, or also for
> 'cryptsetup luksOpen'?

luksOpen.
And maybe verify isnt the right option to use, but to fail immediately
right after one error is plain wrong. Try an older cryptsetup package,
it asked 3 times if you entered a passphrase wrong.

> I also don't understand why you claim this bug being (IYO) release
> critical.

It does work differently to sarge, in a broken way. You dont even have
the chance to correct a simple typo.

> Your interpretation that it "breaks [...] (the whole system)" is illogical.
> Typos are user mistakes, I don't see how i may prevent them from a
> maintainers point of view.

Just ask 3 times. Or more than once.

> In fact you may find thousands of examples where user mistakes end up in
> the system being unbootable. Are all these release-critical bugs in your
> eyes?

If they change a perfectly working behaviour from earlier revisions,
yes.


-- 
bye Joerg




More information about the Pkg-cryptsetup-devel mailing list