I've made an initial attempt at support for creating LUKS-encrypted partitions at install time. A patch is available here: http://dlehman.fedorapeople.org/anaconda-fscrypto-20071109.patch The basic idea is a class to represent a generic encrypted device, with a subclass for dm-crypt, and another for LUKS (the LUKS class inherits from the dm-crypt class, not the base class). The fsset Device classes all get a member containing either a pass-through encryption device or a LUKS one. The main operations on the Device objects are reworked slightly so that, down to the encryption class code, the code paths are identical for encrypted and non-encrypted devices. Some notes: - My testing was done on rawhide from 24 October, although the patch I posted is against rawhide as of now. - I tested basic LVM (LUKS PVs), RAID 0 (LUKS mdX), and normal partitions. - Code to load the needed crypto kmods is non-existent. I've been using a hacked up /sbin/anaconda for that, but it's not for keeps. - Although I think the building blocks are there, there is no support whatsoever for existing LUKS partitions. Have a look, if interested, and provide feedback. Dave _______________________________________________ Anaconda-devel-list mailing list Anaconda-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/anaconda-devel-list
