[pkg-cryptsetup-devel] Bug#994219: cryptsetup: support and/or document alternative location(s) for keyscripts
Christoph Anton Mitterer
calestyo at scientia.net
Sun Sep 19 01:12:18 BST 2021
Hey.
One more on this.
Did I observe correctly, and cryptroot places *any* keyscript into:
/lib/cryptsetup/scripts/
?
Cause that would likely mean that if the "systemwide" keyscript in
/lib/cryptsetup/scripts/ and one with any other path (which is then
specified as keyscript=/foo/bar/baz.sh) share the same name, ...
including both fails.
I guess the simplest solution would be to include any keyscripts into
one fixed area with the whole path, so e.g.
/cryptroot/keyscripts/<fullpath>
Even doing something like:
- all from /lib/cryptsetup/scripts/ into /lib/cryptsetup/scripts/ within the initramfs
- all not from /lib/cryptsetup/scripts/ into /lib/cryptsetup/scripts/$PATH
wouldn't really fix that 100%; cause a user could specify a keyscript
as "/decrypt_gnupg".
Cheers,
Chris.
More information about the pkg-cryptsetup-devel
mailing list