RE: [RFC] utility for SED management

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Jun 12, 2019 at 01:40:08PM +0000, Karel Zak wrote:
> From my point of view (and maybe I'm wrong ;-)) it seems complex enough to keep it as an independent stand-alone project ("sed-utils").
> Not sure if it makes sense to push it to generic util-linux package.

It sounds to me that your major concern for inclusion sedcli into util-linux is
its complexity. What would be the best method to understand if sedcli fits into
util-linux?

Thx,
Andrzej

-----Original Message-----
From: util-linux-owner@xxxxxxxxxxxxxxx [mailto:util-linux-owner@xxxxxxxxxxxxxxx] On Behalf Of Karel Zak
Sent: Wednesday, June 12, 2019 3:40 PM
To: Jakowski, Andrzej <andrzej.jakowski@xxxxxxxxx>
Cc: util-linux@xxxxxxxxxxxxxxx
Subject: Re: [RFC] utility for SED management

On Tue, Jun 11, 2019 at 06:30:51AM +0000, Jakowski, Andrzej wrote:
> We have built prototype code covering these functionalities and now we 
> would like to productize it. We are looking for the right place to 
> publish our SW, considering util-linux project as one of the options. 
> The SW will likely consist of:
>  * Libsed - shared object exposing programmatic interface for security
>    management (Opal) of disk
>  * Sedcli - command line utility covering both client and data center flows.
>    Sedcli will use libsed for interaction with the drive, libkmip for
>    interaction with OASIS KMIP based key manager and tpm2-tss to interact with
>    TPM2 key manager
>  * Udev rules - will be used to invoke sedcli to auto-provision or auto-unlock
>    when new device is added to the OS (e.g. hot insert)
>  * System.d  scripts - will be used to invoke sedcli when key needs to be 
>    retrieved from network attached key manager
>  * Config file - will define policies for example on which disk should be 
>    security managed or not
> 
> We would like to contribute that SW into util-linux project. What do 
> you think about adding this SW into util-linux?

>From my point of view (and maybe I'm wrong ;-)) it seems complex enough to keep it as an independent stand-alone project ("sed-utils").
Not sure if it makes sense to push it to generic util-linux package.

    Karel

--
 Karel Zak  <kzak@xxxxxxxxxx>
 http://karelzak.blogspot.com
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux