On 22/01/2006 Tuomo Valkonen wrote: > On 2006-01-22 18:33 +0100, Jonas Meurer wrote: > > unix systems rely on the responsibility of system admins, /bin/rm or > > /bin/dd don't check what they remove/override before doing so too. > > The difference is that crypsetup at boot is automated, and the configuration > may have changed for various reasons which might not be predictable without > being completely paranoid about it (and therefore always setting up swap > manually). Given the let's-map-everything-to-random-SCSI-devices > insanity, I have zero trust for it to not happen.
i just implemented the precheck and postcheck/retry options based on a patch from A Mennucc to the /etc/init.d/cryptdisk script in cryptsetup 1:1.0.1-13. the prechecks are run against the source device before the target device is created, and the postchecks are run against the target device after creation, repeated as often as specified by retry when they fail. debs and sources are available from the pkg-cryptsetup alioth-projectpage http://alioth.debian.org/projects/pkg-cryptsetup or from debian/unstable after it has passed the incoming queue. if you like to have a swap test, just write a precheck script for swap partitions at /usr/share/cryptsetup/prechecks/swap, and add the option "precheck=swap" to the relevant entry in /etc/crypttab. i'll happily add it into the package if you send me a copy. i don't know how to check for swap partitions, as fdisk is no general option for reasons like lvm, and i don't know other ways. therefore i'm not able to provide such a script currently. a start could be this anyway: --- snip /usr/share/cryptsetup/checks/swap --- #!/bin/sh case "$1" in /dev/[ehsx]d[a-h][0-9][0-9]) drive=`echo $1| sed -e 's/[0-9]//g'` if /sbin/fdisk $drive | grep $1 | grep -q "swap"; then exit 0 else echo "The device $1 is not a SWAP partition." exit 1 fi ;; *) echo "WARNING: Could not check the device $1 for a swap partition." exit 0 ;; esac --- snip --- > > would you object against closing this bug? > > I'd rather see it fixed in order to not have to use custom scripts. ok, i'll keep this bug open as withlist item. it doesn't hurt. and maybe we have a useful swap check script soon. ... jonas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
