[Bug 1451032] Re: keyscript option in crypttab not implemented

2021-09-27 Thread TJ
Update: Lennart's AF_SOCKET solution was added to systemd v248 in: commit e2c2f868b28f1445e061bf7eb475b0c49efe3ac2 Author: Lennart Poettering Date: Wed Nov 4 17:24:53 2020 +0100 cryptsetup: port cryptsetup's main key file logic over to read_full_file_full() Previously, we'd load

[Bug 1451032] Re: keyscript option in crypttab not implemented

2021-09-27 Thread TJ
This really should not be marked Invalid since it represents a very real regression on recommended and documented functionality that many installs using LUKS rely upon. Workarounds of varying security quality abound as a result instead of a single, well designed and integrated solution. Indeed, in

[Bug 1451032] Re: keyscript option in crypttab not implemented

2021-09-26 Thread Bug Watch Updater
** Changed in: systemd (Debian) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1451032 Title: keyscript option in crypttab not implemented To manage notifica

[Bug 1451032] Re: keyscript option in crypttab not implemented

2021-06-30 Thread Dan Streetman
please reopen if this is still an issue ** Changed in: systemd (Ubuntu) Status: Triaged => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1451032 Title: keyscript option in crypttab n

[Bug 1451032] Re: keyscript option in crypttab not implemented

2015-09-03 Thread TJ
The latest discussion about this on the systemd mailing-list: http://lists.freedesktop.org/archives/systemd- devel/2014-August/022014.html "Also note that we really should redesign the entire scheme around the kernel keyring as only transport for the keys (and the bus for signalling). I am a bit

[Bug 1451032] Re: keyscript option in crypttab not implemented

2015-08-30 Thread TJ
This really needs to be solved. Unlocking secure systems that use some external key device that requires a specific helper script to access is a significant use case. According to the Debian bug report discussion it seems that upstream systemd aren't prepared to finish their replacement implementa

[Bug 1451032] Re: keyscript option in crypttab not implemented

2015-05-04 Thread Martin Pitt
** This bug is no longer a duplicate of bug 1432265 does not ask for multiple LUKS passphrases without plymouth -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1451032 Title: keyscript option in cr

[Bug 1451032] Re: keyscript option in crypttab not implemented

2015-05-04 Thread GOo
*** This bug is a duplicate of bug 1432265 *** https://bugs.launchpad.net/bugs/1432265 Thank you for the explanation. I forgot about the root partition being unlocked from within initramfs. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to

Re: [Bug 1451032] Re: keyscript option in crypttab not implemented

2015-05-04 Thread Martin Pitt
*** This bug is a duplicate of bug 1432265 *** https://bugs.launchpad.net/bugs/1432265 GOo [2015-05-04 16:18 -]: > I have three luks partitions in /etc/crypttab ( /, /home/, /var) all > of them with a keyscript definition. Systemd doesn't unlock /var > and /home, whereas the root partitio

[Bug 1451032] Re: keyscript option in crypttab not implemented

2015-05-04 Thread GOo
*** This bug is a duplicate of bug 1432265 *** https://bugs.launchpad.net/bugs/1432265 I have three luks partitions in /etc/crypttab ( /, /home/, /var) all of them with a keyscript definition. Systemd doesn't unlock /var and /home, whereas the root partition gets unlocked without problems, s

[Bug 1451032] Re: keyscript option in crypttab not implemented

2015-05-03 Thread Alberto Salvia Novella
*** This bug is a duplicate of bug 1432265 *** https://bugs.launchpad.net/bugs/1432265 @ Martin Pitt "Triaged" doesn't only mean that we think the bug is genuine, but also that we have performed all these checks: ** Changed in: syst