[pkg-cryptsetup-devel] Several minor questions (hopefully) ;)

Jonas Meurer jonas at freesources.org
Wed Dec 17 21:22:42 UTC 2008


On 16/12/2008 Christoph Anton Mitterer wrote:
> > > 3) Would it be possible to move the location from the keyscripts within the
> > > iniramdisk to the same location as in the normal system? I mean from
> > > /keyscripts/ to /lib/cryptsetup/scripts/. Would be more consistent IMHO,
> > > and might be of advantage when you look for these files from other scripts
> > > or so.
> >
> > I think that the initial reason to change the keyscript diretory was
> > that the initramfs is meant to be as small as possible, and some extra bytes
> > for deeper directory structures as well as longer pathnames already do make
> > a difference here. Not sure about that one though.
>
> *g* Ok... perhaps we can ask David about this,... I think the way we're
> creating our initramdisk images is already very generous (I think we
> depend on busybox, on the keyboard mapping, and IIRC we include "most"
> cipher modules, righ?) so it's probably not worth looking at these few
> bytes we save by that....

In general, you're correct. It would be cleaner to have the keyscripts
available at the same path both in initramfs and normal system. But
currently I'm not willed to make such changes to the package as I want
to wait for lenny being released first. If it's an important point for
you, please report a wishlist bug about that issue. and if you do so,
please try to ask for _one_ feature in _one_ bugreport, and open several
bugreports in case that you have multiple feature requests. that makes
it far more easy to maintain the reports.

> Apropos passdev: I've read the source and I'd have two ideas for
> improvement ;)
> 1) Some of the messages written to stderr are lacking "\n" in the end
> (these are probably minor typos). Could you please fix this?

what I wrote above applies here too :-)

> 2) Currently the script tries to mount <device> somewhere and then read
> <path>. It could easily happen that device is already mounted, but then
> the whole thing fails.
> It would be great if passdev recognizes this and then bind-mount (of
> course also ro). (btw: I don't know if this works, when the original
> mount was rw).

see above. 

> > That's something to be yet decided. I just completely removed support
> > for timeouts from cryptdisks initscripts, and initramfs never even
> > supported it.
>
> Oh :-( how sad... shouldn't this be quite easy to implement? e.g. using
> a timeout script when running the keyscript?

Maybe we'll readd timeout support later, but currently we don't see a
solution for clean implementation, so we dropped it.

greetings,
 jonas



More information about the pkg-cryptsetup-devel mailing list