Re: helper program to set up block device for mount?

Tue, 26 Jun 2007 01:34:12 -0700 

On Thu, Jun 21, 2007 at 03:21:28PM +0200, Ludwig Nussel wrote:
> Karel Zak wrote:
> > On Mon, Jun 18, 2007 at 05:36:31PM +0200, Ludwig Nussel wrote:
> > > should only list the mount options. Since there are already means to
> > > process /etc/crypttab mount does not need to do that itself. So what
> > > about adding support for an fstab option that specifes a helper
> > > program to set up the real block device? I'd imagine something like
> > > this in fstab:
> > > 
> > > /dev/sdc1 /bar ext2 noauto,user,bhelper=/sbin/crypttabhelper 0 0
> > 
> >  I think you have to define final (mapped) device in the /etc/fstab
> >  file. It means:
> > 
> >  /dev/device-mapper/foo  /bar ext2 noauto,user
> 
> Makes sense for fsck but is inconvenient for loop devices. OTOH if
> dm-loop works there is probably no reason to use the old loop
> devices anymore.

 I think we will support the classic loop devices for pretty long
 time or forever. We have to follow kernel...

> >    mount /bar
> >      identification
> >        --> libblkid/libvolume_id
> >          --> fstype=LUKS
> >      initialization
> >        --> dlopen(/lib/mount/mnt-luks.so)
> >          --> read /etc/crypttab
> >          --> create /dev/device-mapper/foo
> >      re-identification
> >        --> fstype=ext3
> >      mount
> >        --> mount(/dev/device-mapper/foo, /bar, ext3, 0, NULL)
> 
> That squence only works for LUKS. Plain dm-crypt encrypted volumes

 Good point.

> cannot be identified, they appear to be random garbage so there
> needs to be an option that specifies a plugin.

 Yes, I expect something like namespaces for options. It means plugin
 specific options (e.g "dmcrypt:foo=bar")

> > > Does anyone have an opinion on that? Does any distro maybe already
> > > ship with a method to allow unprivileged user to manually setup and
> > > mount dm-crypt stuff?
> > 
> >  Many people (for example around Fedora, see fedora-devel list
> >  archive) are waiting for a filesystem with a cryptographic support --
> >  this thing is more useful in some scenarios than dm-crypt. The
> >  dm-crypt is very nice solution for swap area or laptops where you
> >  need fully encrypted devices.
> 
> It would be nice to be able to mount encrypted images on demand as
> user nevertheless. Hmm, maybe I can abuse hal for that.

 Yeah, the gnome-mount (so HAL) already supports LUKS devices.

    Karel

-- 
 Karel Zak  <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to