On Tue, 25.03.14 09:32, Benjamin SANS (b...@ziirish.info) wrote: > * On Monday, 24 March 2014 23:24, Lennart Poettering <lenn...@poettering.net> > wrote: > > > > No grokking what this is about really? What do you need the param for, > > why isn't the existing agent logic good enough for this? Do you need > > some identifier to pass across, or what is supposed to be included > > there? > > > > The goal here is to be able to reuse "handlers" that have been developed for > Debian. > The original "keyscript" options comes from them and this implementation uses > the "key_file" field of the crypttab as an argument to the "keyscript". > This "key_file" does not have necessary to be a real "key_file". > > For instance, you could have something like that in your crypttab: > > crypt1 /dev/sda UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx,FILE=toto.key > luks,keyscript=/usr/bin/mykeyscript > crypt2 /dev/sdb > UUID=yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy,FILE=tata.key > luks,keyscript=/usr/bin/mykeyscript
I really don't think keyscript and thus also some extensions to the password field is something I want to see in systemd-cryptsetup. We have a the password agent stuff and you can plug in there whatever you want. But I want programs to be able to make sense of /etc/crypttab, and they really shouldnt become programs of their own or something that cannot be understood anymore without knowing what the "keyscript" is doing. Really, this is a bad idea... Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
