curtin-dev team mailing list archive

Thread
Date

Re: [Merge] ~dbungert/curtin:cryptoswap-dmc-type into curtin:master

To: mp+460874@xxxxxxxxxxxxxxxxxx
From: Michael Hudson-Doyle <mp+460874@xxxxxxxxxxxxxxxxxx>
Date: Thu, 22 Feb 2024 20:57:13 -0000
In-reply-to: <170847181925.1257830.3995862107394773622.launchpad@juju-98d295-prod-launchpad-17>
Reply-to: mp+460874@xxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Review: Needs Fixing

Can you expand the commit message a whole bunch please? This is about the case where /dev/random is used as a keyfile, in which case the dm type of the device would be created as luks in the live system but then be plain in the installed system and changing to a world where it will be plain in both?

Code changes look good but I have a worry about temporary file handling.

Diff comments:

> diff --git a/curtin/commands/block_meta.py b/curtin/commands/block_meta.py
> index 9fde9c6..e2e99e3 100644
> --- a/curtin/commands/block_meta.py
> +++ b/curtin/commands/block_meta.py
> @@ -1710,6 +1712,7 @@ def dm_crypt_handler(info, storage_config, context):
>  
>              util.subp(cmd)
>  
> +    if open_dmcrypt:
>          cmd = ["cryptsetup", "open", "--type", luks_type, volume_path, dm_name,
>                 "--key-file", keyfile]

Does the temporary keyfile still get deleted in the case where the key is in the config directly?

>  


-- 
https://code.launchpad.net/~dbungert/curtin/+git/curtin/+merge/460874
Your team curtin developers is subscribed to branch curtin:master.

References

[Merge] ~dbungert/curtin:cryptoswap-dmc-type into curtin:master
From: Dan Bungert, 2024-02-20