Hello, I’ve got some problems with cryptomount, trying to make a superportable script that could automatically detect any sort of OS or bootable thing and offer options to boot it. I’ve encountered multiples problems since beginning (like the fact I can have to enter a same password twice for instance for GRUB login and cryptomount, or syslinux sourcing not working yet), but now here a new that I think could be fixed improving cryptomount features (again):
I have a whole harddisk GPT-partitionned with one big LUKS partition containing a LVM volume that contain two partitions: root and swap (it’s useful to have it encrypted, especially for secure hibernation). The first problem I noticed is this one: doing cryptomount -a I see “(crypto0)” as “(lvm/LVM713-root)” appear and that’s fine, but if I want to mount only my harddisk, or to mount devices one after other to mount only some devices (for example only external (ata, usb, fd) or internal ones, or not to mount already mounted devices and save time), I noticed “cryptomount (ahci0,gpt1)” makes “(crypto0)” appear, but not “(lvm/LVM713-root)”. There’s no command to mount LVM, normally it’s automatically done when detecting a new device, but actually cryptomount do it only with option “-a”. The second problem I got is because of the first: I’m forced to use -a, but I can’t try to mount only internal or external devices with -a, and thus I’m forced to make GRUB check *again* internal devices when I only want it to check for possible new encrypted external devices. The third problem is that when it checks for possible new encrypted external devices (via a submenu I made for external devices, so that it get refreshed at the time you enter in it) it takes a lot of time to *check again already checked* devices. Thus it not only takes lot of time the first time I enter the submenu to decrypt what’s to decrypt, that’s normal and fine, but it takes lot of time also *second* time I go in this submenu, without asking for password (which is normal: there’s nothing more to decrypt&mount), so when entering in it the screen remain void a lot of time (which is quite annoying, and yet creepy for an unaware user). That either could be solved trying to cryptomount each device once after once if it’s new, checking that storing UUIDs of all present devices in a variable before each check and then trying to cryptomount only what’s not present in it. That’s a great amount of complexity but the worst is I have the problem of being forced to use “-a” to mount LVM. Thus just fixing the LVM problem could solve all the other problems, but adding features not to check twice a device (and even not having to check UUIDs for internal devices for that since they normally won’t change) inside cryptomount could really be great, it would decrease config complexity and make it more usable (and I don’t see how any problem a such systematic new device check not to systematically loose time internally checking could cause problems).
signature.asc
Description: PGP signature
_______________________________________________ Help-grub mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-grub
