[arch-dev-public] Rewriting crypto support in initscripts

Aaron Griffin aaronmgriffin at gmail.com
Sat Oct 3 17:00:24 EDT 2009


On Sat, Oct 3, 2009 at 6:09 AM, Thomas Bächler <thomas at archlinux.org> wrote:
> I keep getting many init feature requests for more fancy and cool features
> in crypttab. Now, the crypttab file format is unflexible and extending it
> makes the code pretty much unreadable an unmaintainable.
>
> This is what I am planning:
> - Rewrite crypto support in initscripts, with a new configuration scheme
> (our normal sourced bash-files) - adding all the features from feature
> requests on the bugtracker.
>
> - crypto support will be in a function outside of rc.sysinit for more
> readability - that function will be POSIX sh compatible (see below)
>
> - Add a compatibility layer that converts crypttab entries into the new
> scheme at runtime so crypttab will still work, but will be deprecated.
>
> - Add the optional possibility to also configure the root device like this,
> so mkinitcpio will add a config file to the initramfs and use the same code,
> making crypto configuration more straight-forward. The cryptdevice= logic on
> the kernel command line will override such a configuration and won't be
> deprecated.
>
> I am in the stage of designing the configuration layout, you'll see patches
> in git soon.

Sounds good to me, assuming, of course, that vanilla crypttab still
works if I want it to. Note that I've ever done any of this, so don't
consider my opinion the authority here :)


More information about the arch-dev-public mailing list