Le 24/11/2014 19:17, Zbigniew Jędrzejewski-Szmek a écrit :
On Mon, Nov 24, 2014 at 07:03:27PM +0100, Quentin Lefebvre wrote:
Le 24/11/2014 19:01, Zbigniew Jędrzejewski-Szmek a écrit :
On Mon, Nov 24, 2014 at 06:44:25PM +0100, Quentin Lefebvre wrote:
Hi,
I tested your patch and actually it doesn't solve the bug.
For example, if "hash=sha512" is provided in /etc/crypttab, the
first > if (!streq(arg_hash, "plain"))
is true, and the
+ } else if (!key_file)
is not reached.
This is be design. My patch is quite different from your patch,
which I tried to make clear in the description.
If you specify hash=sha512, then you get hash=sha512.
Yes, and this is the problem.
cryptsetup ignores the hash, so that we should obtain hash=NULL for
it to work.
Systemd is not going to work around a bug in a different package.
Specifying a hash in the configuration if you don't want a hash
is an error, please just fix it there.
I understand your point.
Still you have a cryptsetup tool in systemd, so I would expect it
behaves as the "true" cryptsetup program.
The problem here is compatibility, you do something with cryptsetup and
then your system fails to boot because of a different behaviour of systemd.
But it's up to you, that may just get users and installers into trouble.
Best regards,
Quentin
PS: Actually, the good practice is to have a key file obtained from
/dev/random, with the correct key size, so I'm not sure hashing the key
file matters.
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
