[pkg-cryptsetup-devel] Bug#653241: improve cryptroot initramfs script
HP
debian at spahan.ch
Sun Dec 25 20:59:25 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Package: cryptsetup
Version: 2:1.3.0-3
Tags: patch
encrypted root can be remote unlocked with dropbear ssh in initramfs.
The current initramfs script can be set up so it will wait for a file
containing the password and feed trough a keyscript (as explained in
/usr/share/doc/cryptsetup/README.remote)
However, the current script does not recognize if a disk had been
unlocked manually outside the script (eg the ssh-user runs cryptsetup
instead passing the password to the script).
As far as i have observed, the cryptsetup command then simply fails
and the script is stuck.
The patch adds a simple test if the device apears to already been
unlocked (by checking that the required device-mapper file exists, the
same test is done after cryptsetup was successfull to ensure all is
fine) and will try continue the process (eg, try active lvm or alike
as it would do if cryptsetup has worked).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk73jqoACgkQjLvx8ViUjYJ3HACgukIqCXbmuogKpolSzf1l+mRr
WnsAoKgZXAMNz5yV4zCXaozNp4a+Yav3
=mxHB
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cryptroot-script.patch
Type: text/x-patch
Size: 673 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20111225/6cf20c09/attachment.bin>
More information about the pkg-cryptsetup-devel
mailing list