[cryptsetup] Add support for detached LUKS header to encrypt hook (original) (raw)

Comment by John Lane (starfry) - Wednesday, 17 December 2014, 13:22 GMT

A minor detail, but there is an inconsistency between how this patch works and when the header is on the "rootfs" and the similar keyfile functionality. This patch requires a syntax of "rootfs::path" whereas the keyfile uses a more sensible "rootfs:path". This can be resolved by amending line 26 of the patch from "cheaderfile=$chpath" to "cheaderfile=$chfs".
"

Comment byMaarten de Vries (de-vri-es) - Saturday, 10 October 2015, 12:02 GMT

I needed the same functionality, went about it a bit different. Decided to take header=... from $cryptoptions. Allows the user to choose the name of the header file. Not very important, this was just the first thing I thought of. It does give a smaller patch though.

No matter how it's done precisely, it would be nice to have this feature in hook.

Comment byMaarten de Vries (de-vri-es) - Saturday, 10 October 2015, 12:08 GMT

Ah, looks like the original patch supports header files on other file systems too. So that seems better.

Comment byEli Schwartz (eschwartz) - Monday, 06 November 2017, 06:37 GMT

Comment by nl6720 (nl6720) - Friday, 03 April 2020, 17:09 GMT

This is still an issue.

Comment by Maxim Baz (maximbaz) - Thursday, 03 September 2020, 23:14 GMT

I adapted the proposed patch to match exactly how the hook deals with `cryptkey` parameter today - this adds support for a block device in addition to file on a device, and achieves full syntax consistency.

I also put it on AUR and intend to keep it up-to-date with future changes to the upstream hook until this issue gets fixed.

https://aur.archlinux.org/packages/mkinitcpio-encrypt-detached-header/

Comment byBuggy McBugFace (bugbot) - Tuesday, 08 August 2023, 19:11 GMT

This is an automated comment as this bug is open for more then 2 years. Please reply if you still experience this bug otherwise this issue will be closed after 1 month.

Toggle Selected Tasks related to this task (0) Duplicate tasks of this task (0)

Loading...