[pkg-cryptsetup-devel] Bug#626641: Bug#626641: Bug#626641: cryptsetup: bug #587220 re-introduced
Christoph Anton Mitterer
calestyo at scientia.net
Fri May 20 17:40:22 UTC 2011
On Tue, 2011-05-17 at 13:48 +0200, Jonas Meurer wrote:
> - cryptsetup is not the only userspace tool which manages dm-crypt
> devices. Low-level tools like dmsetup, udev, hal; commandline tools
> like cryptmount and gui applications like gnome-mount etc. might
> unlock/lock encrypted devices as well.
That's a good point, I've completely forgot, when I've said in another
email, that I _could_ live with a cryptsetup package whose removal fails
if the are still open devices left.
> - the cryptdisks initscript only manages dm-crypt devices which are
> listed in the crypttab. Therefore otherwise unlocked devices are
Though this is another issue:
Wouldn't it make sense to try at the very end "just before
shutdown/reboot" to close any remaining _non managed_ dm-crypt devices?
Perhaps we should as Milan, if the same effect is automatically done by
the kernel itself.
> > Still, the IMHO best solution would be:
> > - let any scripts fail with $? != 0 if the action they're expected to
> > perform failed
> > => this however does not comply with the crude Debian init-scripts
> > policy
> Sorry Christoph, but this is simply not an option.
Out of curiosity: Did someone from the policy guys came and request this
from you? Cause we had it that way for some time now.
> > - if cryptsetup is removed OR purged, give a big fat debconf-prio-low
> > warning that devices a b c are still open, and cannot be closed using
> > cryptsetup, if the user decides to continue.
> At the moment I consider this as the best solution.
Nice to hear :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5677 bytes
Desc: not available
More information about the pkg-cryptsetup-devel