On 24/05/2025 at 18:43, Guilhem Moulin wrote:
On Sat, 24 May 2025 at 17:41:42 +0200, Cyril Brulebois wrote:If we were to pull systemd-cryptsetup in the mix, should there by any restrictions/checks before deciding to do so?
Is tweaking d-i to not install systemd at all (like Devuan) a supported use case ?
IMHO an ideal fix would be to install cryptsetup-initramfs only when some device needs to be unlocked by initramfs-tools, and only install systemd-cryptsetup if there are remaining encrypted devices.
It depends which criteria are used to define "ideal", e.g. minimal set of installed packages vs maximum versatility.
Queuing cryptsetup-initramfs was convenient because it pulled all other cryptsetup packages at once.
AFAIK d-i won't allow setting up a system *requiring* systemd-cryptsetup out of its menu
I just did it with manual partitioning, not "out of its menu".Create an encrypted volume and use it as /home, /srv or whatever is not mounted in the initramfs.
How are things between systemd-cryptsetup and cryptsetup itself? Is that a peaceful cohabitation/cooperation, or is that going to look like some competition, with race conditions and the like?I have both installed on many systems and AFAIK they cohabit well. cryptsetup's init scripts are inert
They are masked by systemd. I tried to unmask them but the passphrase prompt is not displayed.