Hey Christoph, On 14/05/2011 Christoph Anton Mitterer wrote: > On Sat, 2011-05-14 at 13:47 +0200, Jonas Meurer wrote: > > > I guess it's not required, because if the initscripts are there, that > > > file > > > is also there,.. unless people broke their packages manually, which we can > > > never prevent or always check for. > > > > If people 'break' their system, it will not be secure anymore. If they > > either remove the cryptsetup package while it's still used on the > > system, or simply remove the cryptdisks.functions file, that's a > > perfectly good example of breaking their system. > > Well what I wrote there is only half of the truth... because in Debian, > init-scripts are unfortunately and wrongly considered as configuration > files... and it's perfectly valid to remove a package but not purge > it... > So people don't have to "break" their system to get in a situation where > they can end up in a situation where they execute > e.g. /etc/init.d/cryptdisks stop but their stuff is actually not > stopped.
If people remove the package cryptsetup from their system, I hope they know what they do. And I hope that they don't remove the package in case that they still need it. Once the cryptsetup package is removed, they will not be able to setup and/or unlock encrypted dm-crypt devices anyway. And if people really remove the cryptsetup package and still expect its initscript to work afterwards, we really cannot help them. Greetings, jonas
signature.asc
Description: Digital signature
