Bug#618862: systemd: ignores keyscript in crypttab
Michael Biebl
biebl at debian.org
Mon Mar 30 21:41:34 BST 2015
Am 30.03.2015 um 19:39 schrieb Ivan Jager:
> On Mon, Mar 30, 2015 at 11:28 AM, Marco d'Itri <md at linux.it> wrote:
>> I should add some code to preinst to abort the installation if the
>> keyscript directive is used in crypttab.
>
> Would that still leave the system in a broken state though? Is preinst
> early enough to avoid breakage due to uninstalling other packages?
>
> I guess leaving the system unbootable with warning is a bit better
> than without warning, but still...
Keep in mind, that on upgrades, we retain the sysvinit binary, which you
can boot via the init=/lib/sysvinit/init kernel comman line parameter
for this very reason, i.e. systemd failing to boot your system.
Grub will even automatically create a boot menu for your (it's under
advanced settings)
So maybe, instead of aborting in preinst, we could simply show a warning
in pointing people at that possibility? And telling them, that they can
switch back fully via "apt-get install sysvinit-core".
> Out of curiosity, how difficult would it be to have systemd fall back
> to using the cryptdisks init scripts if it detects options it doesn't
> recognize? Or could it be easily modified to always use the
> initscripts until the built in replacement is mature enough to replace
> it?
I don't think this would work. Systemd's mount mechanisms are highly
dynamic and event based. That simply doesn't fit with how the cryptsetup
SysV init script works.
> I'm assuming this should be taken with a mountain of salt, but
> http://www.freedesktop.org/wiki/Software/systemd/ claims, "systemd
> supports SysV and LSB init scripts and works as a replacement for
> sysvinit".
For functionality, like cryptsetup, which integrates so deeply in the
boot process, you can't just use the old SysV init scripts, that's correct.
As a rough approximation, every SysV init script which runs in
/etc/rcS.d/ would should ideally be converted to integrate properly.
For SysV init scripts which run in runlevel 2-5, the backwards
compatibility is quite good.
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20150330/07a3d289/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list