On Mon, 09.07.12 23:14, Tollef Fog Heen (tfh...@err.no) wrote: > > ]] Lennart Poettering > > > I wonder what the precise usecases for this are, and whether we can't > > find better solutions for these usecases... I mean, we already have the > > password agent logic, that is asynchronous, and way more powerful: > > It's also much harder to write something for. > > A use case for keyscript is something like > https://github.com/tfheen/ykfde/blob/master/helper which (while not > really a keyscript as it is) implements integration with Yubikeys. Doing > that with the full password agent proposal is much, much harder and > doesn't really gain us anything in this case.
Well, but this script is very racy as it expects yubikeys to be instantly available at boot. This really needs to be async and watch both for yubikeys as they are plugged in and for new passwords as they are queired. Also this script expects an interactive console, which is extra racy... I am fully aware that writing proper agents is harder than scripting things, but it is also, well, much more correct. Given that I actually own a yubikey (which i don't use), I am actually tempted to fix this properly. Would be really cool to use that for LUKS decryption. Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
