[systemd-devel] [PATCH] cryptsetup-generator: allow specifying options in /proc/cmdline

[Tom Gundersen]

On Thu, Sep 12, 2013 at 12:10 PM, Harald Hoyer <harald.hoyer at gmail.com> wrote:
> On 09/11/2013 05:35 PM, Lennart Poettering wrote:
>> On Mon, 19.08.13 00:15, Tom Gundersen (teg at jklm.no) wrote:
>>
>>> The main usecase for this is to make it possible to use cryptsetup in
>>> the initrd without it having to include a host-specific /etc/crypttab.
>>
>> Hmm, I contrast to Harald I think adding luks.options= would actually be
>> OK.
>>
>> I don't think we really strictly need something here that can cover
>> everything. I think it is OK if we have a minimal, easy,
>> reduced-functionality way to configure luks disks via the kernel cmdline
>> and a full-blown one with /etc/crypttab. It's a bit weird but I think
>> not totally incomprehensible to users. Hence adding luks.options= and
>> rd.luks.options= sounds like a very simple minimal addition here.
>>
>> If people really want per-device options, then one day we could on top
>> of this just extend the preexisting luks.uuid= syntax to also take a key
>> file and an option string via some ";" based syntax (i.e. taking up
>> Harald's idea, but voerloading it into luks.uuid=).
>>
>> Or in other words, have this syntax now:
>>
>>    luks.uuid=UUID
>>    luks.key=KEY
>>    luks.options=OPTIONS
>>
>> (and the allow discards thing would be subsumed under luks.options)
>>
>> And then one day maybe optionally allow this syntax too:
>>
>>    luks.uuid=UUID;KEY;OPTIONS
>>
>> Does that make sense?
>>
>> So yeah, Tom, I think you patch looks good and should go in (but please
>> update kernel-command-line(7) too), unless Harald violently opposes? ;-)
>>
>> Lennart
>>
>
> I do not violently oppose. Only pointing out, that, if we extend luks, we also
> might want have one option instead to rule them all.

Ok, so I pushed this for now. Let's get back to a fully generic
version in the future if it turns out we need that...

-t