On Saturday 05 November 2011 01:04:46 Thomas Bächler wrote:
Am 04.11.2011 23:08, schrieb Tom Gundersen:
The reason I haven't touched the latter is that I hate the crypttab format we use. If anyone would like to help (preferably someone who uses any of this), that would be highly appreciated.
I always planned on dropping the crypttab format and only keep a crypttab parser for legacy systems. Instead, I was planning to have a "one crypto mapping per file" configuration in /etc/cryptsetup.d/ or so, where you would have bash-style KEY=value pairs. This would improve flexibility and extensibility - all the new requested features would be more straight-forward to implement.
Hm, interesting My issue is with allowing passwords to be written "inline", as well as the fact that we intepret the file as bash rather than plaintext. If we skip those possibilities and move closer to the Debian format from which (I assume) we started, things should be simpler. I also heard that Gnome should soon get support for dealing with the Debian- style crypttab format from a GUI, which we might want to take advantage of (not that I use Gnome, but it sounded neat). I'll do as you suggest and keep the old parser for backwards compatibility though. Cheers, Tom