[pkg-cryptsetup-devel] Bug#1092977: debian-installer: systemd-cryptsetup package not installed on encrypted system
Pascal Hambourg
pascal at plouf.fr.eu.org
Sat May 24 18:32:23 BST 2025
On 24/05/2025 at 18:43, Guilhem Moulin wrote:
> On Sat, 24 May 2025 at 17:41:42 +0200, Cyril Brulebois wrote:
>> If we were to pull systemd-cryptsetup in the mix, should there by any
>> restrictions/checks before deciding to do so?
Is tweaking d-i to not install systemd at all (like Devuan) a supported
use case ?
> IMHO an ideal fix would be to install cryptsetup-initramfs only when
> some device needs to be unlocked by initramfs-tools, and only install
> systemd-cryptsetup if there are remaining encrypted devices.
It depends which criteria are used to define "ideal", e.g. minimal set
of installed packages vs maximum versatility.
Queuing cryptsetup-initramfs was convenient because it pulled all other
cryptsetup packages at once.
> AFAIK d-i won't allow setting up a system *requiring* systemd-cryptsetup
> out of its menu
I just did it with manual partitioning, not "out of its menu".
Create an encrypted volume and use it as /home, /srv or whatever is not
mounted in the initramfs.
>> How are things between systemd-cryptsetup and cryptsetup itself? Is that
>> a peaceful cohabitation/cooperation, or is that going to look like some
>> competition, with race conditions and the like?
>
> I have both installed on many systems and AFAIK they cohabit well.
> cryptsetup's init scripts are inert
They are masked by systemd. I tried to unmask them but the passphrase
prompt is not displayed.
More information about the pkg-cryptsetup-devel
mailing list