[pkg-cryptsetup-devel] Several minor questions (hopefully) ;)
Christoph Anton Mitterer
calestyo at scientia.net
Tue Dec 16 22:17:20 UTC 2008
Ah I forgot:
On Mon, 2008-12-15 at 22:19 +0100, Jonas Meurer wrote:
> No, functions like log_sucess_msg, panic, etc. are lsb functions meant
> to be used in initscripts, and provided by /lib/lsb/init-functions.
> You're free to use /lib/lsb/init-functions for your custom scripts,
> though.
Ok,.. I'm a little bit unsure about these,.. but there will be time
later to ask you
What's more important (ok at least for me is to resolve these issues):
1) How are we going to handle timeout/tries. As mentioned before I'd
suggest timeout is handled above the keyscripts,.. tries are handled
form the keyscripts.
Perhaps we put tries as 2nd parameter to the keyscripts
2) Do we differ between keyscript or no keyscript? I think we
shouldn't... The case with no keyscript (just plain passphrase) should
simply use a default keyscript that uses askpass (perhaps not directly,
because I would say it's not askpass's job to handle tries)
3) About the same question goes for passdev. I'd say passdev is also
just a helper like askpass.
It should be generally allowed to use the device:path syntax (perhaps it
would even be wise to separate these in /etc/crypttab,... not sure about
this)... and all decrypt-scripts should have to support this (expect
those decrypt scripts which doesn't use any key file at all,.. e.g. the
askpass-wrapper-script.
If we'd do all that,.. it would be definitely good to have passdev
working on already mounted devices...
What do you think of this?
Thanks,
Chris :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5108 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20081216/538f9476/attachment.bin
More information about the pkg-cryptsetup-devel
mailing list