On Thu, 14 Oct 2021 at 23:43:32 +0200, Christoph Anton Mitterer wrote: > I've noted that when there is no explicit tries=n in crypttab, that > CRYPTTAB_OPTION_tries isn't set either for the keyscripts.
There is a 1:1 mapping between CRYPTTAB_OPTION_* and known options in crypttab's 4th column, and I think we should keep that invariant. I guess the default tries=3 is extremely unlikely to change because it's arguably part of the API. 3rd party scripts might have hardcoded it and changing it might break things. I suggest you hardcode it as well. An alternative would be to add CRYPTTAB_TRIES_LEFT, but I'm not sure it's worth the trouble. -- Guilhem.
signature.asc
Description: PGP signature
