Hi Jonas,
> > No. Testing takes time and I want to do that in one chunk. Furthermore I
> > need to rewrite the patch first. The patch doesn't permit an infinite
> > number of retries by setting tries=0. I'll tell you when I'm finished.
I verified that the attached patch works as expected.
> I object against support for infinite retries. Upstream cryptsetup
> doesn't support this, and I don't like to divert from cryptsetup
> behaviour in the initramfs scripts.
The feature doesn't hurt. It doesn't degrade anything.
> Even if initramfs stuff supports tries=0 for infinite retries, starting
> the mapping through /etc/init.d/cryptdisks will give you just one try.
I don't see a use for the initscript, but within initramfs it should be
possible to prevent booting without a password using tries=0.
If you don't want to take my patch, please clone this bugreport and tag
it as wontfix, upstream.
Helmut
--- cryptroot 2008-02-16 18:39:57.000000000 +0100
+++ cryptroot_helmut 2008-02-21 13:33:06.000000000 +0100
@@ -43,6 +43,7 @@
cryptlvm=""
cryptkeyscript=""
cryptkey="" # This is only used as an argument to an eventual keyscript
+ crypttries=3
local IFS=" ,"
for x in $cryptopts; do
@@ -78,6 +79,11 @@
cryptkey=${x#key=}
fi
;;
+ tries=*)
+ if [ "${x#tries=}" -ge 0 ]; then
+ crypttries=${x#tries=}
+ fi
+ ;;
esac
done
@@ -179,7 +185,7 @@
# Try to get a satisfactory password three times
count=0
- while [ $count -lt 3 ]; do
+ while [ $crypttries -le 0 -o $count -lt $crypttries ]; do
count=$(( $count + 1 ))
if [ -n "$cryptkeyscript" ]; then
