Re: Grub2 plain dm-crypt support
On 09/11/14 05:21, Andrei Borzenkov wrote: No, I do not think anything has changed since then. I feared that would be the answer! You could start with git branch mentioned above. I've looked at git. The branch peter/devmapper mentioned in the other thread is over a year old. I presume the relevant that files that implement the cryptomount command are ./include/grub/cryptodisk.h ./grub-core/disk/cryptodisk.c I can't see any changes in their git logs that refer to plan dm-crypt. Being unfamiliar with the code, I don't really know what I am looking for. I'd hoped there would be a specific branch that I could check out and build, as building isn't a problem for me. But, if I have to modify code to implement it, then that's a step too far. Do you mean - modules implementing crypto routines? I'm afraid, the only documentation is in sources. Ok, thanks. I meant generally for all modules but specifically for the crypto stuff that I am currently trying to use. I have looked through the source but am none the wiser. All I know is there is a cryptmount command. ___ Help-grub mailing list Help-grub@gnu.org https://lists.gnu.org/mailman/listinfo/help-grub
Cryptomount is blind (useless systematic check, lvm, etc.)
Hello, I’ve got some problems with cryptomount, trying to make a superportable script that could automatically detect any sort of OS or bootable thing and offer options to boot it. I’ve encountered multiples problems since beginning (like the fact I can have to enter a same password twice for instance for GRUB login and cryptomount, or syslinux sourcing not working yet), but now here a new that I think could be fixed improving cryptomount features (again): I have a whole harddisk GPT-partitionned with one big LUKS partition containing a LVM volume that contain two partitions: root and swap (it’s useful to have it encrypted, especially for secure hibernation). The first problem I noticed is this one: doing cryptomount -a I see “(crypto0)” as “(lvm/LVM713-root)” appear and that’s fine, but if I want to mount only my harddisk, or to mount devices one after other to mount only some devices (for example only external (ata, usb, fd) or internal ones, or not to mount already mounted devices and save time), I noticed “cryptomount (ahci0,gpt1)” makes “(crypto0)” appear, but not “(lvm/LVM713-root)”. There’s no command to mount LVM, normally it’s automatically done when detecting a new device, but actually cryptomount do it only with option “-a”. The second problem I got is because of the first: I’m forced to use -a, but I can’t try to mount only internal or external devices with -a, and thus I’m forced to make GRUB check *again* internal devices when I only want it to check for possible new encrypted external devices. The third problem is that when it checks for possible new encrypted external devices (via a submenu I made for external devices, so that it get refreshed at the time you enter in it) it takes a lot of time to *check again already checked* devices. Thus it not only takes lot of time the first time I enter the submenu to decrypt what’s to decrypt, that’s normal and fine, but it takes lot of time also *second* time I go in this submenu, without asking for password (which is normal: there’s nothing more to decryptmount), so when entering in it the screen remain void a lot of time (which is quite annoying, and yet creepy for an unaware user). That either could be solved trying to cryptomount each device once after once if it’s new, checking that storing UUIDs of all present devices in a variable before each check and then trying to cryptomount only what’s not present in it. That’s a great amount of complexity but the worst is I have the problem of being forced to use “-a” to mount LVM. Thus just fixing the LVM problem could solve all the other problems, but adding features not to check twice a device (and even not having to check UUIDs for internal devices for that since they normally won’t change) inside cryptomount could really be great, it would decrease config complexity and make it more usable (and I don’t see how any problem a such systematic new device check not to systematically loose time internally checking could cause problems). signature.asc Description: PGP signature ___ Help-grub mailing list Help-grub@gnu.org https://lists.gnu.org/mailman/listinfo/help-grub
Re: Cryptomount is blind (useless systematic check, lvm, etc.)
В Sun, 09 Nov 2014 16:53:50 +0100 Garreau\, Alexandre galex-...@galex-713.eu пишет: Hello, I’ve got some problems with cryptomount, trying to make a superportable script that could automatically detect any sort of OS or bootable thing and offer options to boot it. I’ve encountered multiples problems since beginning (like the fact I can have to enter a same password twice for instance for GRUB login and cryptomount, or syslinux sourcing not working yet), but now here a new that I think could be fixed improving cryptomount features (again): I have a whole harddisk GPT-partitionned with one big LUKS partition containing a LVM volume that contain two partitions: root and swap (it’s useful to have it encrypted, especially for secure hibernation). The first problem I noticed is this one: doing cryptomount -a I see “(crypto0)” as “(lvm/LVM713-root)” appear and that’s fine, but if I want to mount only my harddisk, or to mount devices one after other to mount only some devices (for example only external (ata, usb, fd) or internal ones, or not to mount already mounted devices and save time), I noticed “cryptomount (ahci0,gpt1)” makes “(crypto0)” appear, but not “(lvm/LVM713-root)”. There’s no command to mount LVM, normally it’s automatically done when detecting a new device, but actually cryptomount do it only with option “-a”. There is no such thing as mount in grub. Every file name includes device identification (explicitly or implicitly as $root). Some commands like ls or cryptomount -a scan all devices, which probably you interpret as mount. When you try access (lvm/LVM713-root) grub will *always* scan available devices to find this volume. There is no need to mount it. The second problem I got is because of the first: I’m forced to use -a, but I can’t try to mount only internal or external devices with -a, and thus I’m forced to make GRUB check *again* internal devices when I only want it to check for possible new encrypted external devices. The third problem is that when it checks for possible new encrypted external devices (via a submenu I made for external devices, so that it get refreshed at the time you enter in it) it takes a lot of time to *check again already checked* devices. Thus it not only takes lot of time the first time I enter the submenu to decrypt what’s to decrypt, that’s normal and fine, but it takes lot of time also *second* time I go in this submenu, without asking for password (which is normal: there’s nothing more to decryptmount), so when entering in it the screen remain void a lot of time (which is quite annoying, and yet creepy for an unaware user). That either could be solved trying to cryptomount each device once after once if it’s new, checking that storing UUIDs of all present devices in a variable before each check and then trying to cryptomount only what’s not present in it. That’s a great amount of complexity but the worst is I have the problem of being forced to use “-a” to mount LVM. Thus just fixing the LVM problem could solve all the other problems, but adding features not to check twice a device (and even not having to check UUIDs for internal devices for that since they normally won’t change) inside cryptomount could really be great, it would decrease config complexity and make it more usable (and I don’t see how any problem a such systematic new device check not to systematically loose time internally checking could cause problems). signature.asc Description: PGP signature ___ Help-grub mailing list Help-grub@gnu.org https://lists.gnu.org/mailman/listinfo/help-grub
Re: grub renders png menu icons without semi-transparency
В Sun, 9 Nov 2014 19:38:28 +0200 Alexander Shashkevych a...@stunpix.com пишет: Hello, I'm customizing my grub config to use my own theme. Theme contains menu icons with alpha channel and font was taken from other theme where it renders with antialiasing, but in my case everything is rendered non-antialiased. Here is how it looks: http://i.imgur.com/cdjLl0n.png Is it possible somehow to enable semi-transparency and antialiasing? Someone who understands how to do it needs to help implement it. Best regards, Alexander --- Best regards, Alexander Shashkevych ___ Help-grub mailing list Help-grub@gnu.org https://lists.gnu.org/mailman/listinfo/help-grub ___ Help-grub mailing list Help-grub@gnu.org https://lists.gnu.org/mailman/listinfo/help-grub
