hey milan, sorry for the late reply. On 19/01/2010 Milan Broz wrote: > On 01/19/2010 05:08 AM, Bryan Kadzban wrote: > > >>> Would it be possible to drop askpass into the cryptsetup package here? > >> > >> IMHO, the best way would be to provide askpass as cryptsetup/contrib > >> content. > > > > Yeah, stuffing it into a contrib/ directory would work for me. What do > > the cryptsetup maintainers say? (If you aren't one of them, that is.) > > If you mean upstream cryptsetup, I would be happy if we can commit these > Debian additional programs upstream and not patch distro later. > > Just send patches to me or create new issue requesting it on project pages > http://code.google.com/p/cryptsetup/ > > Just a few notes: > - license must be compatible with GPL2 > > - I do not want anything working with network/sockets etc. in base cryptsetup > or libcryptsetup. No problem with specialized programs/wrappers. > > - but please, if possible, use new libcryptsetup and not pipe passphrase > to cryptsetup binary, libcryptsetup should provide all needed callbacks now, > including optional locking of memory to avoid swapping some buffer with passphrase > (but maybe this is not possible because wrapper is used even for other > purposes) i like the idea to incorporate passdev and askpass into upstream cryptsetup, but i don't have resources to rewrite them for libcryptsetup. if you intend to do it on your own, please keep the possibility to use both utils without cryptsetup, in order to support custom keyscripts which do further processing of the keyfile/passphrase. ideally, even /etc/crypttab handling would be supported upstream. the cryptdisks_start and cryptdisks_stop scripts could be reimplemented in c, using the libcryptsetup api. greetings, jonas
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt