[pkg-cryptsetup-devel] Bug#560034: Bug#560034: please include the "Cryptsetup OpenPGP Scripts"

Jonas Meurer jonas at freesources.org
Tue Mar 2 12:16:28 UTC 2010 

hey christoph,

On 23/02/2010 Christoph Anton Mitterer wrote:
> Anything new here? Are you going to include them?

i just took a look at your implementation again, and i have to repeat
that i'm not willed to include the scripts you sent in the way they are.

i already explained the reasons to you several times, but i'll repeat
them a last time. if you don't accept the reasons, i fear you'll have to
wait until i've enough time to modify the scripts on my own.

both scripts are cluttered with empty lines, useless documentation and
asciiart. please take a look at cryptopensc-hook/cryptopenct-hook script
as references for a simple and easy implementation of a initramfs hook
script. the same holds for the keyscript itself. you've added tons of
now useless functions to it. 

for example you implement a timeout function while the whole cryptdisks/
cryptroot implementation doesn't support timeouts at all. feel free to
add timeout support to your openpgp implementation once it is added to
the package. but now it's useless.

also it's ok to check whether /usr/bin/gpg exists, but a initramfs hook
is definitely the wrong place to query apts package database.

you should use "rootfs" or "root filesystem" instead of "/"-filesystem
in documentation.

the implementation uses gnupg, so it should be called gnupg_decrypt and
cryptgnupg-hook instead of openpgp...

please don't get me wrong. i'd really like to add a working opengpg
implementation to the package. but i as the maintainer am the one who
has to maintain the code in future. i need to fix bugs, answer questions
and so on. thus I'd like to keep the code simple. that doesn't mean that
i'm against features, but i don't like features that don't make sense to
me, and i don't like cluttered code.

if you don't like my aproach that's fine. maybe then i'll write a
gnupg_decrypt script on my own sometimes in the future.

greetings,
 jonas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20100302/de318f8e/attachment.pgp>

More information about the pkg-cryptsetup-devel mailing list