[dm-crypt] contribution offer and questions - LUKS system encryption with detached header
corsac at corsac.net
Tue Oct 23 13:19:57 CEST 2012
On mar., 2012-10-23 at 05:44 -0400, Jim F wrote:
> Thanks for your reply, Arno.
> > The reason there are no such scripts in the cryptsetup package
> > is that it would not make sense to put them in there, as they
> > would be completely different for different distributions.
> Perhaps we're using the word 'package' differently. If one executes
> "dpkg -L cryptsetup" on Debian, Ubuntu or Mint, one does see the
> associated init crypto scripts. I was saying I don't see them in the
> source code at http://code.google.com/p/cryptsetup
They seem to be maintained in svn at
> I understand now that the scripts can be specific to the distribution.
> But I've also observed that they're identical or virtually so for
> Debian, Ubuntu & Mint for each release of cryptsetup. For example, the
> cryptroot scripts are exactly the same for deb-test-121015 & kubuntu
> 12.10. FWIW, they're both at cryptsetup 1.4.3.
Indeed, they flow from Debian to derivatives.
> One thing I still don't understand is where the scripts are for (say)
> cryptsetup 1.5.1. I haven't seen a distribution for that version. Does
> that mean they don't exist yet?
> I've seen that the scripts may need to
> be modified as functionality is added to cryptsetup, e.g.
> --allow-discards. So while my use of cryptsetup 1.4.1 with my modified
> 1.1.3 scripts worked for my purpose, that system I created doesn't
> support discards/TRIM requests even though the option is in cryptsetup.
> Accordingly, the scripts can also be specific to the cryptsetup
> version. That might suggest that someone is enhancing the scripts as
> features are added to cryptsetup.
Yup, although isn't discard supported in /etc/crypttab ?
> Regarding your recommendations, I'll make the changes to the 1.4.3
> scripts and submit them to Debian. Can someone tell me how to do that?
> I looked at debian.org and see maybe hundreds of mailing lists but
> nothing obvious about the submission process if it's not a bug.
Well, that's considered a bug anyway. Just use reportbug cryptsetup and
set the severity to wishlist.
> Regarding Mint, I thought it is based on Debian via Ubuntu. It looks
> like I would use the "idea module" of the Mint web site. But is there
> an advantage to submitting to Mint, too, since as you say, it should
> eventually propagate down?
My advice would be to fix it in Debian first and let it flow down to
More information about the dm-crypt