[systemd-devel] [PATCH] core/cryptsetup: Add WantsMountFor option to enable fallback to password request for crypt mounts. Signed-off-by: Przemek Rudy <prudy1 at o2.pl>

[Lennart Poettering]

On Mon, 28.04.14 17:22, Przemyslaw Rudy (prudy1 at o2.pl) wrote:

> >> This patch is a proposal for a problem with not falling back to password request
> >> if the device with unlocking key for crypt volumes is not mounted for
> >> defined time.
> > 
> > Can you elaborate on the usecase? I mean, this would still result in in
> > 90s timeout, right? Or what's your idea here?
>
> This does not change any cryptsetup timeout. It simply allows using it.
> As when the key device is not in place the cryptsetup is not started at
> all and thus its internal timeout does not work either.

Not sure I follow here.. I mean, if it's listed in crypttab, and pulled
in via Wants or Requires then a .device job will be queued for the
device. And we weill wait for it, up to 90s. After those 90s we will go
on, and hence things won't totally fail.

Are you saying that you are OK with waiting the 90s until you get the
password prompt?

> 
> > 
> >> +int config_parse_unit_wants_mounts_for(
> >> +                const char *unit,
> >> +                const char *filename,
> >> +                unsigned line,
> >> +                const char *section,
> >> +                unsigned section_line,
> >> +                const char *lvalue,
> >> +                int ltype,
> >> +                const char *rvalue,
> >> +                void *data,
> >> +                void *userdata) {
> >> +}
> > 
> > Sounds like a call to unify with
> > config_parse_unit_requires_mounts_for(), and use the "ltype" param to
> > distuingish them.
>
> Yes, duplicated code. However still the question what is worth more -
> duplicate one loop or add a parameter change body adding two if-f and
> then replace all original calls to original function...
> I do not insists on any, keep this for purists.

Yes, no duplicate code please... And instead of having large "if" blocks,
just determine the variables you need to operate on, and then run the
same code on those variables...

> > Totally not funny anymore...
> Same answer to all, duplicate few loops or do more changes?
> 
> So do I understand correctly, you want this to be funny somehow? What
> are the preferences tehn, using parameter to all common functions?
> I'll wait anyway few days for any more comments on this, if no more I
> can do the changes.

Sorry for not responding more timely.

Yeah, I am not a fan of duplicated code. Please try to figure out the
params early, and then operate on that, with common code, if you follow
what I mean...

Lennart

-- 
Lennart Poettering, Red Hat