On Thu, 16 Sep 2021 at 17:41:17 +0200, Christoph Anton Mitterer wrote: > I think it would be nice if askpass was only included when actually > needed. > > That seems to be the case, when no keyscript is set, and the KEY field is > none, > cause: > […] > Does the attached patch seem reasonable (haven't had the time to test it).
That logic is a no-go because the cryptopts= kernel boot argument might require askpass and the hook can't foresee whether that will be used or not. A safe approach is to add a hook option to *opt-out* from `askpass` (and `cryptroot-unlock` which is useless without askpass) inclusion and save these meager kiB. -- Guilhem.
signature.asc
Description: PGP signature
