[pkg-cryptsetup-devel] Bug#560034: Bug#560034: Bug#560034: marked as done (please include the "Cryptsetup OpenPGP Scripts")

Christoph Anton Mitterer christoph.anton.mitterer at physik.uni-muenchen.de
Thu Mar 4 21:23:52 UTC 2010


On thing I forgot:

I think you should somehow standardise how keyscript developers may
specify options (especially multiple) for the keyscripts.

You see already from your own scripts, that multiple options are
necessary (passdev: device, file[, timeout]).
You've seen all the options that I offered,.. and you can imagine what
other people want... specifying an network interface, where the key
should be read from, or specifying a card reader (there could be
multiple attached), and a key slot on a smartcard... etc. etc.

I'd say the best idea is to put all in crypttab, both options for
keyscripts, as well as options for the respective hooks...

There should be just a "standard" how to specifiy them, e.g. thrid field
of crpyttab, multiple separated by commas, mustn't contain commas (as
long as we have no quotation algorithm for this).

The way I did it in mine,.. is basically stolen from how you did this
for parsing crypttab,... I just modified the regexp a bit.
As you can see I used ":" as separator as you (or David) did in
passdev,... but I'd think "," would be nicer, as you already use this in
the conf.d file in the initramfs...


Cheers,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3387 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20100304/e0ff77a8/attachment.bin>


More information about the pkg-cryptsetup-devel mailing list