Re: [PATCH] Enable partman-crypto to work with keys on removable devices
On Mon, May 19, 2008 01:24, Frans Pop wrote:
> On Tuesday 13 May 2008, David Härdeman wrote:
>> In the "setup encrypted volumes" stage of partman, the user will be
>> given a list of partitions known to partman and after selecting one, a
>
> It should probably also support plugging in a USB key on demand to be
> really useful.
I agree that it would be useful. Right now I use the
"partition_tree_choices" function from /lib/partman/lib/base.sh to
generate the user-friendly list of partitions that are known. It should be
simple (provided it has no side-effects) to add a line saying "Rescan
partitions" or something like that which restarts partman.
However, perhaps that should be added to the "partition_tree_choices"
proper since I imagine that it could be useful in the general partman UI
as well?
> I've done a very quick and basic look through the patch; comments below.
> I'm afraid I won't have an opportunity for anything more that that in
> the near future.
Thanks :)
> General: could you please start using the preferred method for case
> statements (4 space indent for tests; single tab indent for code)?
Umm, the patch didn't add any case statements?
> (See also the coding style doc under installer/doc/devel/.)
Will do.
> Index: lib/crypto-base.sh
...
> + if ! log-output -t blockdev-keygen \
> + mount "$device" "$mountpoint" > /dev/null 2>&1; then
> + return 1
> + fi
>
> Please use log-output for things like this as it at least gives us a
> clue what goes wrong if there are errors. Same for unmounts.
Umm, it does use log-output?
> + if [ "$filesize" -lt "$keybytes" ]; then
>
> Is it somehow OK if filesize is larger?
Yes, if you have a keyfile with (say) 128 bytes of random data, only the
first 32 will be used for a 256 bit key, that shouldn't be a problem.
Will submit a new patch later...also, Christian - could you check the new
templates this introduces to see that they are appropriate?
--
David Härdeman
Reply to: