[pkg-cryptsetup-devel] Bug#626641: Bug#626641: cryptsetup: bug #587220 re-introduced

Henrique de Moraes Holschuh hmh at debian.org
Tue May 17 01:25:45 UTC 2011 

On Tue, 17 May 2011, Christoph Anton Mitterer wrote:
> >  For that reason, the situation that initscripts are
> > still around but the daemon/application they start/stop/whatever isn't,
> > is quite common. And it would be absurd if initscripts would exit wit $?
> > != 0 in that case.
> Here the problem is simply:
> - dm-crypt devices might be open
> - cryptsetup might be removed but not purged
> - a user does /etc/init.d/cryptdisks stop (perhaps even from a script)
> and believes in good faith that if $?=0 (and especially as even no
> warnings appeared anyway) that his data is now secured
> - but it is not.

Because the initscript returned status 0 when there were still
cryptsetup-managed dm-crypt devices active?  If it does that, it is
broken.

Because the package allowed itself to be uninstalled while the initscript
was returning an error?  If it does that, it is broken IMO.

Because the initscript returned status 0 when there were NO
cryptsetup-managed dm-crypt devices, but some other sort of dm-crypt
device?  The user should have known better.

Yes, the package will be unremovable [unless you edit the initscript]
until all crypt devices are closed.  That's how it is supposed to work in
the first place IMHO.

But I don't feel strongly about this.

> > In case that this needs to be discussed, we should discuss the reasons
> > why initscripts are treated as conffiles in the first place, instead of
> > discussion symptoms of this decision.
> Phew I guess there are already some requests against the policy open,..
> both for this config-file-weirdness and for adhering to the (not so
> unreasonable) LSB exit codes.

The conffile issue is not going to change, ever.  Our respect for the
local administrator during package upgrades It is one of the major things
that sets Debian apart from the rest.

Initscript status codes could be changed, but that would require a very
very large amount of work.  THAT is out-of-topic for this thread.

> > I fully agree with Henrique here. My opinion is as simple as: If people
> > want do do something called serious, then they _really_ should know what
> > they're talking about. And if these people do remove a package from
> > their system, they should _not_ assume that it's functionality is still
> > provided.

Note that I am against cryptsetup allowing itself to be removed while
devices *it manages* are still open in the first place.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

More information about the pkg-cryptsetup-devel mailing list