[pkg-cryptsetup-devel] [Pkg-cryptsetup-devel] Questions about cryptsetup/initramfs

Tue Jul 8 22:15:57 UTC 2008

Sorry for the delay, but I was busy the last days and had to prepeare
some lectures...

I hope I can work everything up now ;)

On Tue, 2008-07-01 at 20:31 +0200, David Härdeman wrote:
> >I've already looked through it before and was not able to find anything
> >where a LABEL could be stored, can you?
> >I've even contacted Clemens Furwith some days ago,.. but he seems to be
> >busy.
> Exactly, that was my point, LUKS headers do not support any labels so 
> we can't support any label for luks headers.
Yes,... but (at least
in) /usr/share/initramfs-tools/scripts/local-top/cryptroot "you" seem to
use it.
As far as I understand, parse_options() parses the option for the LUKS
partition, right?
And there we have:
>elif [ ${cryptsource#LABEL=} != $cryptsource ]; then
>	cryptsource="/dev/disk/by-label/${cryptsource#LABEL=}"
However this code will not work, as far as I understand, as LUKS
partitions (perhaps I should say the LUKS container filesystem) does not
(yet) support labels, thus we won't get any symlinks in .../by-label/
Or am I wrong?

> I think the point of my previous mail was that you should/could 
> investigate that yourself rather than asking us.
I had a little discussion about this with Jonas. I see your point of
view, but you should also see that I have only limited time, too, and
for me this is only a little project (not cryptsetup, but that what I'd
like to contribute to it).
And for some of the questions that seem to be simple for you, I'd
require a lot of time to find the answer,... understand what I mean? :-)

> >If for example I use LABEL in fstab but device-names in crypttab,... the
> >root-filesystem is not found,... and the initrd doesn't contain the
> >necessary stuff.
> I see, that is probably something we should fix.
Is there a way I can help you with this?

> >btw: In the meantime Werner Koch found out why gpg (and perhaps other
> >applications, too) have this no-tty-found problem in an initrd...
> >While my current but surely poor workaround (move /dev/tty away and ln
> >-s console to it) works it is probably no very professional.
> >The reasons seems to be that there is no controlling terminal available
> >at all and one would have to be set up (which seems to be not very
> >easy).
> I'm guessing that it might be sufficient to call gpg with the proper 
> redirections....something like:
> 
> gpg < /dev/console > /dev/console 2>&1
I've tried exactly the same (and all other possible redirections that
made sense for me),... but non of them worked...
If you like I could forward you the eMails from Werner.

Thanks for your time,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5108 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20080709/f9ab99bc/attachment.bin 