[Pkg-cryptsetup-devel] gpg support for cryptsetup and decrypt_* scripts

Christoph Anton Mitterer christoph.anton.mitterer at physik.uni-muenchen.de
Tue Feb 19 10:19:11 UTC 2008

On Tue, 2008-02-19 at 08:48 +0100, David Härdeman wrote:
> I've considered that, but it doesn't guarantee backward
> compatibility...the script might simply hang forever waiting for some kind
> of input whether it is executed with or without the command line parameter
> (or the env parameter for that matter). The advantage of the env parameter
> is that argv handling doesn't need to change for the scripts.
IMO, the solution with the env parameter is not so clean as with an
Sometimes it's necessary for progress to break with old things.

> We probably have to implement it with *some* user visible changes...so it
> will probably have to be communicated via NEWS, yes. But we can at least
> minimize the problems.

> > The most easiest thing is probably to use /dev/tty instead of writing to
> > stderr (of course only if this make sense). So I think errors (like
> > "\nMaximum number of attempts exceeded") should obviously be written to
> > stderr, but what's with informal messages like
> > "\nDecrypting ssl key $1..."?
> I'm not sure what you're talking about now...how the gpg keyscript should
> handle input/output in initramfs?
Yes,.. the gpg script and all others too (I think they should all work
the same way)

> If you're not interested in supporting
> usplash,
What about supporting splashy? Any requirements here?

> it should be enough to redirect stdin, stdout and stderr to
> /dev/console
Not sure if I understand you correctly,.. I thought only the key itself
should be written to stdout?

> (if we're talking about a initramfs script). If you're
> talking about something else I need clarification :)
No,.. it's ok ;)


More information about the Pkg-cryptsetup-devel mailing list