Bug#814013: systemd: systemd-cryptsetup-generator doesn't work well with passdev in crypttab

Michael Biebl biebl at debian.org
Mon Feb 8 01:30:50 GMT 2016


Control: forcemerge 618862 -1

Am 07.02.2016 um 16:16 schrieb Ɓukasz Stelmach:
> I've discovered that systemd-cryptsetup-generator doesn't work well in
> Debian. It seems that the reason is the way Debina abuses/extends the
> meaning of the third column of /etc/crypttab. By definition:
> 
>        The third field, key file, describes the file to use as a key for
>        decrypting the data of the source device. Note that the entire
>        key file will be used as the passphrase; the passphrase must not
>        be followed by a newline character.
> 
> To enable storing of key file on portable/pluggable device Debian
> provides passdev which accepts an extended format of the filed which
> includes a device node and a file name separated by a colon.
> systemd-cryptsetup-generator recognises such file name as a device name
> altogether and makes the respective cryptsetup unit depend on a
> nonexsitent device.
> 
> For example, in my crypttab I've got the following entry:
> 
>     crypt-root UUID=9c9f0311-2647-4bfc-abcd-516edbd99363 /dev/disk/by-uuid/0396339f-904a-42d7-abcd-95d5549bff94:/key_root luks,keyscript=passdev

systemd-cryptsetup-generator doesn't support keyscripts.
Merging with existing bug reports.

Regards,
Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20160208/db86b2b6/attachment-0002.sig>


More information about the Pkg-systemd-maintainers mailing list