[pkg-cryptsetup-devel] Bug#782024: /usr/share/initramfs-tools/bin directory in cryptsetup package? (was: Bug#782024: cryptsetup: [patch] fix remote unlock of encrypted root when plymouth is installed)

Jonas Meurer jonas at freesources.org
Wed Dec 23 22:19:32 UTC 2015 

Hi Ben,

a quick question to you as initramfs-tools maintainer: are you ok with
us adding a directory '/usr/share/initramfs-tools/bin' to the cryptsetup
package? We would like to place a script 'cryptroot-unlock' there which
is installed into /bin/ in initramfs. Thus the directory
'/usr/share/initramfs-tools/bin' seems most appropriate for us.

See the buglog[1] and below for further details.

Cheers
 jonas

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782024

Am 23.12.2015 um 23:11 schrieb Jonas Meurer:
> Am 19.12.2015 um 18:50 schrieb Guilhem Moulin:
>> On Fri, 18 Dec 2015 at 19:16:56 -0500, Richard Hansen wrote:
>>>  * why SIGKILL instead of SIGTERM?  seems too aggressive
>>>  * perhaps add a waitpid() after the kill() to ensure that a second
>>>    plymouth won't be run before the first one exits
>>
>> Agreed, but unfortunately plymouth doesn't terminate on SIGTERM.
>>
>>>  * why does cryptroot-unlock use /bin/ash instead of /bin/sh?
>>>  * there are lots of BusyBox ashisms in the cryptroot-unlock script,
>>>    many of which can be easily replaced with POSIX conformant code
>>
>> POSIX's read builtin doesn't support the -s flag.  Sure we can replace
>> with stty with a trap to restore echo, but since busybox is a dependency
>> anyway I don't think it's worth it :-P
>>
>> I've addressed the rest in the updated patch.  Thanks for your input!
> 
> I've incorporated the patch into SVN now, with some minor tweaks:
> 
> * bin/unlock in the initramfs is renamed to bin/cryptroot-unlock.
> * some minor coding style changes.
> 
> Also I don't really like that we create the directory
> '/usr/share/initramfs-tools/bin'. This place belongs to initramfs-tools
> package in my eyes and we should at least ask the maintainers before
> introducing it. I'll ask Ben in another ping mail to bug #807527 about
> his option.
> 
> Guilhem, can you test the latest SVN version and verify that it works fo
> you?
> 
> Cheers
>  jonas
> 
> 
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20151223/8b6a2f59/attachment.sig>

More information about the pkg-cryptsetup-devel mailing list