-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 08/02/2017 07:05 PM, Patrik Hagara wrote: > On 07/26/2017 03:21 PM, Patrik Hagara wrote: >> On 07/25/2017 08:48 PM, Rusty Bird wrote: >>> Patrik Hagara: >>>> Would it be OK if I squashed all the commits so far into a >>>> single large one (as there's already quite a lot of reverts >>>> and design changes anyway). > >>> Yes, please do. > >> Done, along with some refactoring (plus an implementation of your >> RO/RW manual unplugging suggestion). Feel free to start >> reviewing. :) > > > Just a quick update: code review is in progress (see  for > comments), with various small changes and fixes being made . > > > Cheers, Patrik > > >  > https://github.com/phagara/qubes-antievilmaid/commit/715abbc13a7d59b8d 4a > > 72ec6696b621fa76e2a95 >  https://github.com/phagara/qubes-antievilmaid/commits/master
Finally managed to track down why unlocking disk with unsealed and decrypted LUKS key file didn't work on a clean Qubes OS installation. While starting to develop this feature, I added the key file path to my /etc/crypttab and had forgotten about it. Fresh Qubes of course didn't have this change. Combined with one weird systemd incompatibility (the B point in this  forum post), it had caused the key file to get completely ignored. There are two ways to work around this issue , neither of which is perfect . Both solutions' downsides are pretty insignificant and most likely not applicable to 99.99% of existing Qubes OS installations. For now, I've decided to go with the second option (ignoring crypttab even for hostonly dracut setups). For any brave souls out there trying out Qubes 4.0 rc1 already, able to compile their own packages using the qubes-builder and having Intel TXT on their machines, you're welcome to try the latest commit from my repo  and reporting back with any issues or comments (even unclear documentation!). Cheers, Patrik  https://fedoraforum.org/forum/showpost.php?p=1681988&postcount=43  https://github.com/phagara/qubes-antievilmaid/commit/715abbc13a7d59b8d4a 72ec6696b621fa76e2a95#commitcomment-23617394  https://github.com/phagara/qubes-antievilmaid/commit/715abbc13a7d59b8d4a 72ec6696b621fa76e2a95#commitcomment-23617493  https://github.com/phagara/qubes-antievilmaid -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJZj2x6AAoJEFwecd8DH5rlJnEQAI8+ouvRkXwzsz0CpN5UgOqB 1qmvua0NgBK1SC15gPeXjuOABXqO8IxJcVpuOoIL3wdZaHvvNgpGmXiKWUu6YTwi h1yhS5w8/2rMhfLRT86AyP6H9SRwdC0DgrjCbBzsQtWZH4kBg8ItOK3q2XWrwhhC 3hckSJ4KbZNgT86q0PABCInLfDrxADiFnI+oOQBvHInq/hWuJRibDBWAnNG4AetA KCkKpMGSSZTBzl6hBfczqtdWc/K7lIhPAO26ht87046ZRN+RjpOl588M2gsw2zYT z3AHDQAY0+m8qAMv89luklyoYJCcg4RiMTOrPrGtBDFuHGB+rylUFDLujI+AaDH1 lLWNaPXBWUXsKBUqaHOWjP7ek+iK3Nl0yotqkngpiDZ+SNvrCCUa4xaG8j6NjVX6 jd8J/OsWzeiSDygzLKY4mitjNIT4d9yoHND4STte3UcWwAeq1vXlb4Ypvn7z7MNJ w9ZDveawLv5Z6ZPLKMUsCml4JrGiLnK74jYi/GSMulB8ZMA2mfJGr9IAgMF8hp9b +Aw2O0kkU3PMp5tTGgIsMAFI3nJcUN2TibiP5OA9898kVO0HXzpYFUfKhQATgjzf g+1PIJwmO2WHvPGO1uYD0SwXyM7joXmg7z5lUEKqo40sU5nW3T/6qrpxymlP+Sy1 1AfgopK/R9mbwGrmvqgs =SBa8 -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/1a5287c1-cd1c-402f-e91a-dd94e258a725%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Description: PGP signature