subject:"Bug#1053678\: partman\-crypto\: Requires separate \/boot partition, even if not required"

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

2024-05-06 Thread Luca Boccassi

On Tue, 7 May 2024 at 00:18, Cyril Brulebois  wrote:
>
> Luca Boccassi  (2024-05-06):
> > Pending at:
> > https://salsa.debian.org/installer-team/partman-crypto/-/merge_requests/8
>
> I'm not sure how often we change template types, but I suppose this
> particular instance (error → boolean) makes sense and isn't problematic.
>
> Please mention “GRUB” (instead of “grub”) for consistency with upstream
> and the rest of d-i though. (I know this is very minor but better catch
> that early to avoid another l10n round later on.)

Sure, fixed, thanks

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

2024-05-06 Thread Cyril Brulebois

Luca Boccassi  (2024-05-06):
> Pending at:
> https://salsa.debian.org/installer-team/partman-crypto/-/merge_requests/8

I'm not sure how often we change template types, but I suppose this
particular instance (error → boolean) makes sense and isn't problematic.

Please mention “GRUB” (instead of “grub”) for consistency with upstream
and the rest of d-i though. (I know this is very minor but better catch
that early to avoid another l10n round later on.)


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Processed: Re: Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

2024-05-06 Thread Debian Bug Tracking System

Processing control commands:

> tags -1 patch
Bug #1053678 [partman-crypto] partman-crypto: Requires separate /boot 
partition, even if not required
Added tag(s) patch.

-- 
1053678: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053678
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

2024-05-06 Thread Luca Boccassi

Control: tags -1 patch

On Sun, 08 Oct 2023 17:57:01 -0400 Nicholas D Steeves 
wrote:
> Jonathan Hettwer  writes:
> 
> > Package: partman-crypto
> > Version: 121
> > Severity: normal
> > Tags: d-i
> > X-Debbugs-Cc: j24...@gmail.com
> >
> > Dear Maintainer,
> >
> > The `crypto_check_mountpoints` script prevents you from setting up
an
> > encrypted root filesystem without an additional unencrypted /boot
> > filesystem.
> > While this may be a requirement for e.g. grub2, it is not
> > necessarily required when not using grub2 but using UKIs to build
EFI
> > executables that can directly mount the encrypted root filesystem.
> > While UKIs aren't currently supported, I would still expect
partman-crypto
> > to let me partition an encrypted root filesystem without separate
/boot
> > filesystem, at least after having ignored the warnings or in
combination
> > with the `nobootloader` udeb.
> 
> Quick note: systemd-boot works with kernel images + initramfs,
without
> UKI.  After the systemd-boot menu, the user is prompted for the
master
> LUKS password, as usual, and I use the derived key script to then
> unlocks a couple LUKS volumes.  No LVM, no /boot.  It seems to work
> well, but yeah, it's not possible to do this with fresh install (I
> manually migrated an old installation to new hardware).

Pending at:

https://salsa.debian.org/installer-team/partman-crypto/-/merge_requests/8

Test iso built by CI can be found here:

https://salsa.debian.org/bluca/partman-crypto/-/jobs/5694502/artifacts/browse/debian/output/

Any help testing would be welcome

-- 
Kind regards,
Luca Boccassi


signature.asc
Description: This is a digitally signed message part

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

2023-10-08 Thread Nicholas D Steeves

Jonathan Hettwer  writes:

> Package: partman-crypto
> Version: 121
> Severity: normal
> Tags: d-i
> X-Debbugs-Cc: j24...@gmail.com
>
> Dear Maintainer,
>
> The `crypto_check_mountpoints` script prevents you from setting up an
> encrypted root filesystem without an additional unencrypted /boot
> filesystem.
> While this may be a requirement for e.g. grub2, it is not
> necessarily required when not using grub2 but using UKIs to build EFI
> executables that can directly mount the encrypted root filesystem.
> While UKIs aren't currently supported, I would still expect partman-crypto
> to let me partition an encrypted root filesystem without separate /boot
> filesystem, at least after having ignored the warnings or in combination
> with the `nobootloader` udeb.

Quick note: systemd-boot works with kernel images + initramfs, without
UKI.  After the systemd-boot menu, the user is prompted for the master
LUKS password, as usual, and I use the derived key script to then
unlocks a couple LUKS volumes.  No LVM, no /boot.  It seems to work
well, but yeah, it's not possible to do this with fresh install (I
manually migrated an old installation to new hardware).

Regards,
Nicholas

signature.asc
Description: PGP signature

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

2023-10-08 Thread Jonathan Hettwer

Package: partman-crypto
Version: 121
Severity: normal
Tags: d-i
X-Debbugs-Cc: j24...@gmail.com

Dear Maintainer,

The `crypto_check_mountpoints` script prevents you from setting up an
encrypted root filesystem without an additional unencrypted /boot
filesystem.
While this may be a requirement for e.g. grub2, it is not
necessarily required when not using grub2 but using UKIs to build EFI
executables that can directly mount the encrypted root filesystem.
While UKIs aren't currently supported, I would still expect partman-crypto
to let me partition an encrypted root filesystem without separate /boot
filesystem, at least after having ignored the warnings or in combination
with the `nobootloader` udeb.

I would suggest letting users ignore the warning and continue if they
really want to, similar to the warning by LVM2.

-- System Information:
Debian Release: trixie/sid
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-9-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Enforcing - Policy name: bauen1-policy

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

Processed: Re: Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

Bug#1053678: partman-crypto: Requires separate /boot partition, even if not required

6 matches

Site Navigation

Mail list logo

Footer information