[Pkg-systemd-maintainers] Bug#618862: systemd: ignores keyscript in crypttab
Christoph Anton Mitterer
calestyo at scientia.net
Wed Jan 1 19:11:49 GMT 2014
Oh and I forget (but it seems this is already clear as well):
keyscripts may make use of arbitrary other programs... OpenSSL, pcscd,
gpg, etc. pp.
I've just attached my own keyscript to give an example (just the script,
not the initramfs-tools hook or documentation).
The biggest problem is likely stuff that requires terminal input (AFAIU
systemd takes this over or at least should do so).
In Debians cryptsetup, there's /lib/cryptsetup/askpass which I for
example use to gather the passphrase (which is used to decrypt the
OpenPGP encrypted actual key).
So I guess that needs to be adapted somehow as well... either this, or
properly documented how to do things in the systemd-way.
And of course, any keyscripts would then need to support both,... a
systemd-way of interactive input (if there is any)... and the
traditional via e.g. askpass (AFAIU, the tech-ctte decision will just
define a new default init,... but not forbid any others).
Cheers,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: decrypt_openpgp
Type: application/x-shellscript
Size: 9560 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20140101/a2a30d37/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5165 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20140101/a2a30d37/attachment-0005.bin>
More information about the Pkg-systemd-maintainers
mailing list