On Sat, 2010-06-12 at 15:23 +0200, Winfried Tilanus wrote: > On 06/12/2010 01:28 PM, Ben Hutchings wrote: > > Hi, > > > I don't think this is fixable. Since these partitions are encrypted we > > cannot read the filesystem label or UUID before they are mounted. > > If this isn't fixable, the script should not fail (leaving the system in > an inconsistent state) but warn it can't use UUID's or labels on some > file systems, including the warning that the system might not boot > correctly.
It does not leave the system in an inconsistent state. You need to reconfigure linux-base and answer the questions differently. It is really a problem of the loop-aes package that it changes the semantics of the fstab type and options. > I am happy to switch to dm-crypt if somebody can help me to setup > dm-crypt with the following characteristics: > - master key gpg encrypted, decryptable with multiple private gpg keys > - gpg private keys stored on gpg card, no storage of gpg private keys on > disk > - mounting of volumes early during boot > Until I know how to do that with dm-crypt, I stay with loop-aes. I expect that cryptsetup supports this. Ben. -- Ben Hutchings Once a job is fouled up, anything done to improve it makes it worse.
signature.asc
Description: This is a digitally signed message part
