[systemd-devel] [PATCH] cryptsetup-generator: allow specifying options in /proc/cmdline
Harald Hoyer
harald.hoyer at gmail.com
Thu Sep 12 03:10:12 PDT 2013
On 09/11/2013 05:35 PM, Lennart Poettering wrote:
> On Mon, 19.08.13 00:15, Tom Gundersen (teg at jklm.no) wrote:
>
>> The main usecase for this is to make it possible to use cryptsetup in
>> the initrd without it having to include a host-specific /etc/crypttab.
>
> Hmm, I contrast to Harald I think adding luks.options= would actually be
> OK.
>
> I don't think we really strictly need something here that can cover
> everything. I think it is OK if we have a minimal, easy,
> reduced-functionality way to configure luks disks via the kernel cmdline
> and a full-blown one with /etc/crypttab. It's a bit weird but I think
> not totally incomprehensible to users. Hence adding luks.options= and
> rd.luks.options= sounds like a very simple minimal addition here.
>
> If people really want per-device options, then one day we could on top
> of this just extend the preexisting luks.uuid= syntax to also take a key
> file and an option string via some ";" based syntax (i.e. taking up
> Harald's idea, but voerloading it into luks.uuid=).
>
> Or in other words, have this syntax now:
>
> luks.uuid=UUID
> luks.key=KEY
> luks.options=OPTIONS
>
> (and the allow discards thing would be subsumed under luks.options)
>
> And then one day maybe optionally allow this syntax too:
>
> luks.uuid=UUID;KEY;OPTIONS
>
> Does that make sense?
>
> So yeah, Tom, I think you patch looks good and should go in (but please
> update kernel-command-line(7) too), unless Harald violently opposes? ;-)
>
> Lennart
>
I do not violently oppose. Only pointing out, that, if we extend luks, we also
might want have one option instead to rule them all.
More information about the systemd-devel
mailing list