[pkg-cryptsetup-devel] Bug#601314: Bug#601314: please allow adding extra devices to conf.d/cryptsetup in your hook script

[Jonas Meurer]

Hey Marc,

On 25/10/2010 Marc Haber wrote:
> I have a system where the keyscript used to unlock the root fs needs
> another crypto file system to be unlocked previously. To do that, I
> would like to have that file system added to conf.d/cryptsetup, and to
> do that, I'd have to go though pretty much the same motions that
> /usr/share/initramfs-tools/hooks/cryptroot already does.
> 
> Please consider adding a method to have your hook script handle
> additional devices other than the root and the resume devices. It
> would be necessary to set some marker to tell the hook script to
> handle that device as well. Searching /etc/fstab would probably not be
> appropriate since my device will unmounted and locked again after the
> root was mounted.
> 
> Having the device in crypttab, specially marked, would probably be ok.
> 
> Please indicate how you would like to tell the hook script about
> additional devices to handle, and I'll provide a patch.

What kind of device are you talking about? Another dm-crypt encrypted
device which contains the key?

I'm happy to consider patches, but in order to tell you anything about
the prefered implementation details, I need to know more about your
setup.

If this is just about additional dm-crypt devices, which should be
unlocked in initramfs along with the root and suspend devices, it would
probably be the best to add a new crypttab option 'initramfs'. the
initramfs cryptroot hook could then add this device to conf.d/cryptsetup
regardless whether it's the root or a suspend device.

greetings,
 jonas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20110224/41d71227/attachment.pgp>