[pkg-cryptsetup-devel] Bug#901795: cryptsetup-initramfs: please provide documented shell functions to validate/sanitize cryptroot entries in 3rd party hook files
Guilhem Moulin
guilhem at debian.org
Sat Jul 7 02:08:37 BST 2018
On Sat, 07 Jul 2018 at 01:52:46 +0200, Christoph Anton Mitterer wrote:
> So the use case is, that people may also wish to modify parts of the
> ../cryptroot/crypttab file from their hook scripts... and that it
> could be nice to have an interface for that as well.
That adds too much complexity for the benefit of a too specific use
case, IMHO. Since you already “abuse” CRYPTTAB_KEY and parse/split its
value in your hook and keyscript, you could as well but both the source
and destination path there:
device=…:pathsrc=…:pathdst=…
Or have a static destination path that uniquely depends on $CRYPTTAB_NAME,
for instance [$DESTINATION]/cryptroot/keyfiles/$CRYPTTAB.key.
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20180707/bd12400b/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list