[systemd-bugs] [Bug 52630] systemd-cryptsetup handles keyfile differently from cryptsetup on plain mode

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Sun Nov 30 17:23:41 PST 2014 

https://bugs.freedesktop.org/show_bug.cgi?id=52630

Zbigniew Jedrzejewski-Szmek <zbyszek at in.waw.pl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|---                         |NOTABUG

--- Comment #10 from Zbigniew Jedrzejewski-Szmek <zbyszek at in.waw.pl> ---
(In reply to Quentin Lefebvre from comment #9)
> Hi,
> 
> I reopened (again) this bug report. Please read the following before getting
> angry...
Hi,

sorry for my ternseness. I'm not angry, I'm trying to solve the problem in the
best way, same as you. But I think we reached a point where the situation is
clear, everything has been articulated clearly, and the differences stem only
from different priorities, not misunderstanding. I understand that for you
keeping current cryptsetup-compatible setups functional is more important, but
for me sensible and consistent systemd behaviour is more important. More words
will not help the issue.

> Actually, cryptsetup(8) makes it quite clear that hash processing is only
> used on *passphrases*. See the "NOTES ON PASSPHRASE PROCESSING FOR
> PLAIN MODE" section. So, IMHO that's not a bug in cryptsetup, but
> rather the intended and documented way it works.
I read the man page (on Fedora, I'm not sure if it is the same) and while it's
true that it talks about "passphrase processing", it also does not explictly
say that hash will be ignored for a file. That section even talks about hashing
input read from stdin, and also about reading stuff from a file. So even if
cryptsetup ignores --hash when reading from a key file, it seems to be more by
mistake then by design, at least when judging by the man page.

As discussed on the ml, we'll keep current behaviour.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-bugs/attachments/20141201/72909316/attachment.html>

More information about the systemd-bugs mailing list