[arch-dev-public] crypttab support
Tom Gundersen
teg at jklm.no
Sun Jul 15 19:25:00 EDT 2012
Hi guys,
I'm about to push a new version of initscripts in the next few days,
but before moving it to testing I thought I'd bring it to everyone's
attention as the change is likely to cause some questions/discussion.
As discussed on the arch-projects ML [0], with this initscripts
release we gain support for systemd's /etc/crypttab syntax [1] (which
is used by debian and ubuntu in addition to all the distros using
systemd).
Furthermore, we deprecate the support for our old crypttab syntax
(with a warning at boot), but retain the functionality for
compatibility (in the same way we still have support for the old
network syntax, this is likely to stay around for a while).
While the syntax is different, the functionality does not change much.
We gain a few minor features and lose the ability to read a decryption
key from a removable device (i.e. one that needs to be mounted by the
cryptsetup code). People who want to use this feature are advised to
stay with the old syntax for now.
The reason for making this change is mainly that we want to share the
syntax of crypttab with as many distros as possible, in the same way
as the syntax of fstab is shared. Furthermore, as systemd becomes more
and more popular amongst arch users and devs it is a benefit that we
don't need to keep around two syntaxes for the same functionality.
Finally, I was never very comfortable with maintaining this code, as I
hardly use it and it is rather fragile. With this move we are able to
outsource almost all of the cryptsetup handling to systemd and should
benefit from their testing and bugfixes.
If anyone would like to take this for a spin, I uploaded it to gerolde [2].
When this eventually moves to [core], I'll put a news item
highlighting the change to avoid to much worry about the deprecation
warning.
Cheers,
Tom
[0]: <http://mailman.archlinux.org/pipermail/arch-projects/2012-July/003067.html>
[1]: <http://0pointer.de/public/systemd-man/crypttab.html>
[2]: <http://dev.archlinux.org/~tomegun/initscripts-2012.07.1-1-any.pkg.tar.xz>
More information about the arch-dev-public
mailing list