| Summary: | sys-fs/cryptsetup: Migrate from /etc/conf.d/dmcrypt to /etc/crypttab | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Samuli Suominen (RETIRED) <ssuominen> |
| Component: | Current packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
| Status: | CONFIRMED --- | ||
| Severity: | normal | CC: | alexander, andrew.bugs, ao, candrews, fturco, gentoo, gentoo, genzilla, leho, lukas.schneiderbauer, nikoli, systemd, zoltan |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: | https://bugs.gentoo.org/show_bug.cgi?id=429390 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Samuli Suominen (RETIRED)
2012-08-05 08:05:25 UTC
i could have sworn there was already a bug open on this topic, but i can't find it atm. maybe it was just mentioned in passing. (In reply to comment #1) > i could have sworn there was already a bug open on this topic, but i can't > find it atm. maybe it was just mentioned in passing. You and I talked about it a while back (before the bug was made) and Samuli and I talked about it before he made this bug. Is it documented somewhere yet what I have to do? In the middle of converting a server from OpenRC here. (In reply to Leho Kraav (:macmaN @lkraav) from comment #3) > Is it documented somewhere yet what I have to do? In the middle of > converting a server from OpenRC here. This is a todo for us to change the format of our cryptsetup config file. So its likely unrelated to your situation. OK. Itmw I managed to migrate to /etc/crypttab with some googling. Mostly painless, once newest lvm2 discovered all VGs and some minutes were spent really going through man crypttab. (In reply to Leho Kraav (:macmaN @lkraav) from comment #5) > OK. Itmw I managed to migrate to /etc/crypttab with some googling. Mostly > painless, once newest lvm2 discovered all VGs and some minutes were spent > really going through man crypttab. I have been unable to use /etc/crypttab to mount plain (not luks) encrypted partitions that use a keyfile rather than a password. (see https://forums.gentoo.org/viewtopic-t-972332-highlight-.html) Are you able and willing to give me any guidance? (In reply to Leho Kraav (:macmaN @lkraav) from comment #5) > OK. Itmw I managed to migrate to /etc/crypttab with some googling. Mostly > painless, once newest lvm2 discovered all VGs and some minutes were spent > really going through man crypttab. Ignore my above comment. Everything works just fine for me now. (In reply to Andrew from comment #7) > (In reply to Leho Kraav (:macmaN @lkraav) from comment #5) > > OK. Itmw I managed to migrate to /etc/crypttab with some googling. Mostly > > painless, once newest lvm2 discovered all VGs and some minutes were spent > > really going through man crypttab. > > Ignore my above comment. Everything works just fine for me now. Glad to hear that. I'm totally swamped at the moment, wasn't trying to ignore your help request. (Looks like some people hit this while moving to systemd) How would this change affect OpenRC users? Mainly considering the use case, where some partitions/block devices are not opened during boot, but later by the user/root on first login. E.g: 1) The init filesystem has symlinks to dmcrypt for different devices: $ ls -l /etc/init.d/dm* /etc/init.d/dmcrypt /etc/init.d/dmcrypt.storage -> dmcrypt /etc/init.d/dmcrypt.swap -> dmcrypt ... 2) Separate partitions/block devices have their own config: $ cat /etc/conf.d/dmcrypt.storage ... target=crypt-storage source='/dev/disk/by-uuid/...' ... $ cat /etc/conf.d/dmcrypt.swap ... swap=crypt-swap source='/dev/sda2' ... 3) There is another runlevel 'unlocked' $ rc-update ... dmcrypt.storage | unlocked dmcrypt.swap | boot ... Use case for above setup is, when server is not physically accessible (e.g. co-located, on travel from home box, etc.) and drive is unlocked by ssh-ing in after reboot and swiching runlevel and passing in password/key. |