Hi there, I've been working on the cryptsetup init script since it's been falling to pieces for a while now. I think the new ebuild and init script I have will solve the following bugs: bug 242376 - post_mount executed when mount point not found bug 243216 - Fails to ask for a passphrase bug 255528 - Startup script not POSIX bug 262838 - Install scripts to /$(get_libdir)/ rather than /lib/ bug 266546 - gpg keyfile support requires extra argument bug 273029 - Timeout on removable media breaks config parsing also, it would be a perfect time to solve bug 242778 (a patch just waiting to be applied). The new init script changes the /etc/conf.d/dmcrypt format, so that instead of trying to manually parse the file (causing several bugs such as 243216, 273029 and others), it lets openrc populate the necessary environment variables. It also no longer accepts pre_mount and post_mount conditions, but expects those with such specific needs to override post_start in dmcrypt and post_start in localmount (which can be done in the conf.d files). The addons files are no longer installed (they were getting messy and only necessary for legacy reasons, the scripts could be refactored back into the addons form if necessary), also I've tried to make the script POSIX compliant (although I'll need to ask the guy on bug 255528 about that). It should also be much easier to solve bug 189901 (although I have yet to implement that). It would be best to see how bug 270646 pans out before pushing this to the main tree, so we know how to do proper detection of baselayout-2, but it's not vital (and therefore not a dependency) as long as we require baselayout-2 to be installed. Unfortunately I don't have most of the unusual cryptfs setups to test this script out on. I thought that probably the best way to sort this out was to post the information here, and block all the bugs that could be fixed by this. The new ebuild, initscript and patch are all available in my overlay (ikelos) which can be access via layman, but is also available at [1] directly or via git. I've marked the ebuild as -* since I don't want anyone using my overlay to suddenly encounter potential breakage, but I would like to ask anyone using baselayout-2 and cryptsetup/dmcrypt if they could try out the ebuild and report back any issues. Similarly if the base-system team have any time, I'd appreciate a look over/review of the init script. If it looks good, I'll be happy to push the changes to the tree. I can also add myself as a maintainer if base-system would prefer that, but as I say I don't have the most unusual dmcrypt setup ever... Thanks... [1] http://git.overlays.gentoo.org/gitweb/?p=dev/ikelos.git
A couple of quick updates (already in git) fix an issue where all partitions (rather than just loopback parititons) are losetup removed.
I have moved this out of the "baselayout" component since it isn't a bug with baselayout/openrc. However, we should find out the status of this bug. Does cryptsetup work well with openrc?
I've been running this since I posted this and haven't had a problem. I've also updated this for cryptsetup-1.0.7, available (masked) in my overlay. However, I haven't seen or heard of anyone else testing it, so the options I can see are either pushing it to the tree and waiting for the inevitable fallout (since there's quite a significant change to the config file layout), or I can leave it go. I haven't checked if there are still "you're using old rc_addin code that'll go away" warnings with the old ebuild, but this ebuild definitely works fine with baselayout-2.0 (I'm pretty certain it does NOT work with baselayout-1.*)...
if there's any outstanding issues, let's take care of it in the respective bugs. we've moved way past 1.0.6 at this point.
