Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 357227

Summary: sys-fs/cryptsetup init-script should support "keyscript"
Product: Gentoo Linux Reporter: Stefan Briesenick (RETIRED) <sbriesen>
Component: New packagesAssignee: Gentoo's Team for Core System packages <base-system>
Status: CONFIRMED ---    
Severity: enhancement CC: leho, wolfram
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Stefan Briesenick (RETIRED) gentoo-dev 2011-03-03 15:00:32 UTC 
when using debian/ubuntu, you can use so called keyscripts to return the actual key, which is then piped to cryptsetup. The 'key' is then just a paramter for the script.

e.g.:

key="foo"
keyscript="/lib/cryptsetup/scripts/decrypt_derived"

will do basically this:

$keyscript "$key" | cryptsetup --key-file=- luksOpen ...

this is extremely handy, if you don't have a real keyfile somewhere, but want to calculate it somehow (the decrypt_derived script gets the key from an already unlocked LUKS device via dmsetup table).

But the current /etc/init.d/dmcrypt init-script don't support this. You can only specify a real keyfile. It would be nice to add 'keyscript' support. Shouldn't be a problem. Just add a new keyword 'keyscript', and if specified, use the method described above. Don't forget to use "$key" as a parameter for $keyscript.

thanks!


Reproducible: Always
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2011-03-04 16:33:03 UTC 
You forgot to assign the bug report? Try base-system@
Comment 2 Stefan Briesenick (RETIRED) gentoo-dev 2011-04-02 23:51:27 UTC 
changed "assigned to".
Comment 3 Stefan Briesenick (RETIRED) gentoo-dev 2011-07-10 13:20:53 UTC 
any news?
Comment 4 Stefan Briesenick (RETIRED) gentoo-dev 2012-08-09 23:41:05 UTC 
well, it would be nice to get at least a comment... I feel ignored... :-/
Comment 5 Stefan Briesenick (RETIRED) gentoo-dev 2013-01-24 22:20:08 UTC 
ping
Comment 6 SpanKY gentoo-dev 2015-04-12 22:18:48 UTC 
*** Bug 380795 has been marked as a duplicate of this bug. ***
Comment 7 SpanKY gentoo-dev 2015-04-12 22:19:09 UTC 
sample patch here:
https://bugs.gentoo.org/attachment.cgi?id=285027
Comment 8 SpanKY gentoo-dev 2015-04-12 22:19:34 UTC 
*** Bug 344409 has been marked as a duplicate of this bug. ***
Comment 9 Leho Kraav (:macmaN @lkraav) 2015-04-12 22:44:24 UTC 
I'm in the systemd camp these days, so this issues has sort of lost relevance to me :/