[pkg-cryptsetup-devel] Bug#653194: Acknowledgement (cryptsetup: cryptroot hook for update-initramfs silently ignores the key file listed in crypttab)
Ryan
t2w9dhseu6 at snkmail.com
Sun Dec 25 01:14:16 UTC 2011
Here's a patch that fixes the problem, but I think further discussion on how
to handle this in a way that is safe/correct is needed. Since there's no
*requirement* that the "key file" used with a keyscript is an actual file,
it's hard to know for sure whether the intent is to use a file or just give
and argument to the keyscript. My solution assumes that anything with a
leading / is a file, but this will give spurious warnings if someone sets
something like /dev/ttyS0 or /dev/sdXX as the key file. It also might be
best if some attempt was made not to copy a file from an encrypted filesystem
to an unencrypted initramfs image.
-Ryan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cryptroot.patch
Type: text/x-diff
Size: 1634 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20111224/fa5193dd/attachment.patch>
More information about the pkg-cryptsetup-devel
mailing list