Jookia <166...@gmail.com> skribis:
> So I've come up with the following hack commit that effectively
> stops any sort of dependency management and adds some new targets
> for LVM and LUKS with a keyfile.
>
> Here's my current setup, take note that order of mapped devices
> matter since there's no dependency management:
>
> (mapped-devices (list (mapped-device
> (source "/dev/sda")
> (target "hdd")
> (type (luks-device-keyfile-mapping
> (local-file "/root/keyfile"))))
> (mapped-device
> (source "/dev/mapper/hdd")
> (target "matrix")
> (type lvm-device-mapping))))
>
> (file-systems (cons (file-system
> (device "/dev/mapper/matrix-root")
> (title 'device)
> (mount-point "/")
> (type "ext4"))
> %base-file-systems))
>
> (swap-devices '("/dev/mapper/matrix-swap"))
As you note, and as discussed on IRC, this is not OK because the private
key ends up being stored world-readable in the store. :-/
Am I missing the part you wanted to discuss?
Thanks,
Ludo’.
PS: I still intend to look at the patch series you sent ;-), just
prioritizing things that relate to 0.9.1.
