Bug#585609: linux-base: postinstall script fails on loop-aes partitions

[Winfried Tilanus <winfried@tilanus.com>]

On 06/12/2010 01:28 PM, Ben Hutchings wrote:

Hi,

> I don't think this is fixable.  Since these partitions are encrypted we
> cannot read the filesystem label or UUID before they are mounted.

If this isn't fixable, the script should not fail (leaving the system in
an inconsistent state) but warn it can't use UUID's or labels on some
file systems, including the warning that the system might not boot
correctly.

> Note
> also that loop-aes is not included in squeeze.  I strongly recommend you
> switch to dm-crypt.

I am happy to switch to dm-crypt if somebody can help me to setup
dm-crypt with the following characteristics:
- master key gpg encrypted, decryptable with multiple private gpg keys
- gpg private keys stored on gpg card, no storage of gpg private keys on
disk
- mounting of volumes early during boot
Until I know how to do that with dm-crypt, I stay with loop-aes.

best wishes,

Winfried