Hey. One more on this.
Did I observe correctly, and cryptroot places *any* keyscript into: /lib/cryptsetup/scripts/ ? Cause that would likely mean that if the "systemwide" keyscript in /lib/cryptsetup/scripts/ and one with any other path (which is then specified as keyscript=/foo/bar/baz.sh) share the same name, ... including both fails. I guess the simplest solution would be to include any keyscripts into one fixed area with the whole path, so e.g. /cryptroot/keyscripts/<fullpath> Even doing something like: - all from /lib/cryptsetup/scripts/ into /lib/cryptsetup/scripts/ within the initramfs - all not from /lib/cryptsetup/scripts/ into /lib/cryptsetup/scripts/$PATH wouldn't really fix that 100%; cause a user could specify a keyscript as "/decrypt_gnupg". Cheers, Chris.
