On Friday 10 July 2009, Gabriel wrote: > The 'problem' with this way of preseeding is, if you want to use > two seperate crypted partitions you cannot use two different > passphrases.
Why do you say "cannot"? Wouldn't both partitions just get the same passphrase with your changes? I don't think that is desirable at all, but I think that is what would happen. OTOH, I'm not sure that you can even specify a recipe with two encrypted partitions... But this is a very important comment, not only for preseeding. Your patch will make partman crypto behave quite differently from its current behavior when multiple partitions/devices are encrypted interactively. In that case the fields really should be reset before the questions are asked a second time. I also still think that the emptying of the passwords is done as a security measure. One option could be to instead reset the template (value and seen flag) *after* the question has been asked and the value has been used. That would still allow to preseed for a single encrypted partition, but would They should also be reset on error, so that you don't end in an endless loop. All and all, IMO this change is fine as an ad-hoc change if you really want to preseed a single encrypted partition, but I don't think it is suitable for inclusion in the package in its current form. I would also prefer to see comments from the original authors of partman-crypto before this patch is committed. Cheers, FJP -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
