When trying to unlock a device with a crypttab entry udisksctl asks for a password. If the keyfile contains binary data, the unlocking will usually fail no matter what password is entered. If the keyfile contains a passphrase the device will be unlocked successfully no matter what password is entered.
There are at least 3 small parts to this issue: - udisks doesn't handle binary keyfiles properly (uses NUL-terminated strings). This will be very easy to fix once the patch for [1] is merged. - currently udisks always uses the crypttab entry if available. I suggest a boolean option @use_crypttab or similar that forces udisks to use only the crypttab entry (if available) and fail otherwise. If set to false, udisks should always use the password entered by the user. If unspecified, there are two options: [a] use the current behaviour (=use crypttab entry if available), or, [b] default to False (which I'd prefer actually) - udisksctl needs to check if the device can be unlocked without a user-supplied password. Using the suggested @use_crypttab option, this will be easy (and fast) to do. Note: I'll be happy to work on this once [1] is merged. [1] https://bugs.freedesktop.org/show_bug.cgi?id=54828
signature.asc
Description: OpenPGP digital signature
_______________________________________________ devkit-devel mailing list devkit-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/devkit-devel
