Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Friday 06 October 2006 04:16, Frans Pop wrote:
After reading the discussion again, I realized that I had accidentally
replaced guided by automatic, so below a new proposed first p-a
screen.
Attached a proposed patch that:
- implements the dialog changes (with a few changes from the last
proposal)
- implements confirmation of changes before LVM volumes are created
- adds some explicit warnings that data will be lost in other dialogs
TODO:
- show which disk is being used when selecting the recipe
Please review. A review of the new wording of templates would be
appreciated (before being committed for translation).
/me was surprised how easy it was to implement these changes; compliments
to David for his restructuring of the p-a-* scripts
Cheers,
FJP
Index: partman-auto/debian/changelog
===
--- partman-auto/debian/changelog (revision 41357)
+++ partman-auto/debian/changelog (working copy)
@@ -6,12 +6,13 @@
[ Frans Pop ]
* Activate LVM support in recipes for hppa.
+ * Implement selection of method before disk for regular guided partitioning.
[ Simon Huggins ]
* Add a raid method so we get multiple disk partitioning functionality back
again.
- -- Frans Pop [EMAIL PROTECTED] Wed, 04 Oct 2006 14:03:43 +0100
+ -- Frans Pop [EMAIL PROTECTED] Sat, 7 Oct 2006 03:33:30 +0200
partman-auto (57) unstable; urgency=low
Index: partman-auto/debian/partman-auto.templates
===
--- partman-auto/debian/partman-auto.templates (revision 41357)
+++ partman-auto/debian/partman-auto.templates (working copy)
@@ -22,18 +22,24 @@
Type: select
Choices: ${CHOICES}
_Description: Partitioning method:
- This installer can guide you through partitioning a disk for use by
- Debian, or if you prefer, you can do it manually. If you do choose to
- use the guided partitioning tool, you will still have a chance later to
- review and customise the results.
+ The installer can guide you through partitioning a disk (using different
+ standard recipes) or, if you prefer, you can do it manually. With guided
+ partitioning you will still have a chance later to review and customise
+ the results.
+ .
+ If you choose guided partitioning for an entire disk, you will next be
+ asked which disk should be used.
Template: partman-auto/purge_lvm_from_device
Type: boolean
Default: false
-_Description: Remove all logical volume data?
+_Description: Remove existing logical volume data?
The selected device already contains logical volumes and/or
volume groups from a previous LVM installation, which must be removed
from the disk before creating any partitions.
+ .
+ Note that this will also permanently erase any data currently on the
+ logical volumes.
Template: partman-auto/cannot_purge_lvm_from_device
Type: error
@@ -56,6 +62,8 @@
Type: select
Choices: ${CHOICES}
_Description: Partitioning method:
+ If you choose guided partitioning for an entire disk, you will next be
+ asked which disk should be used.
Template: partman-auto/choose_recipe
Type: select
@@ -89,30 +97,31 @@
Template: partman-auto/text/use_biggest_free
Type: text
# TRANSLATORS: This is a menu entry. Keep in under 55 columns/characters
-_Description: Use the largest continuous free space
+_Description: Guided - use the largest continuous free space
Template: partman-auto/text/use_device
Type: text
# TRANSLATORS: This is a menu entry. Keep in under 55 columns/characters
-# The string replacing ${DEVICE} may be very long, so make your translation
-# as short as possible and keep the variable AT THE END
-# for example Erase entire disk: IDE0 master - Maxtor 46L489
-_Description: Erase entire disk: ${DEVICE}
+_Description: Guided - erase entire disk
Template: partman-auto/select_disk
Type: select
Choices: ${CHOICES}
_Description: Select disk to partition:
+ Note that all data on the disk you select will be erased, but not before
+ you have confirmed that you really want to make the changes.
Template: partman-auto/select_disks
Type: multiselect
Choices: ${CHOICES}
_Description: Select disk(s) to partition:
+ Note that all data on the disk(s) you select will be erased, but not before
+ you have confirmed that you really want to make the changes.
Template: partman-auto/text/custom_partitioning
Type: text
# TRANSLATORS: This is a menu entry. Keep in under 55 columns/characters
-_Description: Manually edit partition table
+_Description: Manual
Template: partman-auto/text/auto_free_space
Type: text
Index: partman-auto/automatically_partition/some_device/choices
===
--- partman-auto/automatically_partition/some_device/choices (revision 41357)
+++ partman-auto/automatically_partition/some_device/choices (working copy)
@@ -1,21 +1,4 @@
#!/bin/sh
-. /lib/partman/definitions.sh
-
-mypart=''
-mysize=0
-
-for dev in $DEVICES/*;
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Thu, October 5, 2006 2:07, Frans Pop said: I personally would prefer to consistently delay disk selection to a second level in _all_ cases and explain what the next step will be in the description; something like: example ... Automatic - use the largest continuous free space Automatic - erase entire disk Automatic - erase entire disk and set up LVM Automatic - erase entire disk and set up encrypted LVM Manual /example Strange, it sounds familiar...oh yes...it's what I've been suggesting all along [1]. So I think its safe to say that we fully agree. I can whip up a patch or two once I have confirmation that this is the final decision on this issue. This may need to be revised again when we can offer RAID1, but that depends on the implementation and could probably be solved by mentioning that option in the description. In which way would the scheme need to change for RAID1? It would probably be a could idea to repeat the fact that existing data will be erased after selecting a method that does and we need to add an extra confirmation dialog before the partition table is written when using LVM anyway (see #368633). Yup BTW. I also noticed that with Use the largest continuous free space there is currently no indication of what disk will actually be used or how big the free space is. It is of course kind of implied (whichever disk has the largest free space), but IMO it would be kind of nice to tell the user before it is done. Perhaps we should add the select disk dialogue to the Use the largest continuous free space choice as well...with the modification that we only present disks with free space? -- David Härdeman [1] http://lists.debian.org/debian-boot/2006/08/msg00854.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Thursday 05 October 2006 09:48, David Härdeman wrote: Strange, it sounds familiar...oh yes...it's what I've been suggesting all along [1]. So I think its safe to say that we fully agree. :-) I can whip up a patch or two once I have confirmation that this is the final decision on this issue. We should probably allow Joey and Colin to comment as they were the ones proposing the current solution. This may need to be revised again when we can offer RAID1, but that depends on the implementation and could probably be solved by mentioning that option in the description. In which way would the scheme need to change for RAID1? Current text only talks of disk (singular). And we'd have to make clear what type of RAID is supported (only RAID1, possibly degraded or with spare). BTW. I also noticed that with Use the largest continuous free space there is currently no indication of what disk will actually be used or how big the free space is. It is of course kind of implied (whichever disk has the largest free space), but IMO it would be kind of nice to tell the user before it is done. Perhaps we should add the select disk dialogue to the Use the largest continuous free space choice as well...with the modification that we only present disks with free space? Well, that would defeat the use _the_ largest continuous free space phrasing of the current option. Maybe it would make sense (post-etch) to add an option select free space to use. What I was thinking of is displaying the selected disk and size of free space selected in either a separate dialog or in the recipe selection dialog. pgpH9y5S6uQEC.pgp Description: PGP signature
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
David Härdeman wrote: Strange, it sounds familiar...oh yes...it's what I've been suggesting all along [1]. So I think its safe to say that we fully agree. I'm not going to say anything more on this issue, except that I still think that Kamion and my argument has merit, and if it's ignored now, we'll just have to fix it later when you get the reports back from the users who hate this. -- see shy jo signature.asc Description: Digital signature
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Friday 06 October 2006 01:30, Joey Hess wrote: David Härdeman wrote: Strange, it sounds familiar...oh yes...it's what I've been suggesting all along [1]. So I think its safe to say that we fully agree. I'm not going to say anything more on this issue, except that I still think that Kamion and my argument has merit, I have reread the IRC discussion you mailed and also taken a look at Colin's proposal for Ubuntu [1]. I do agree that your arguments have merit, but I am not convinced that asking for the disk first is the better solution. In the current context there are arguments for and against both implementations. And, as said before, I really dislike the current hybrid solution. Personally, I would be much more anxious if I had to choose a disk first: I'd wonder what the hell was going to happen with it. With my current proposal it is completely obvious what is going to happen to a disk the user selects and also that there _is_ going to be a selection (which, if the system only has one disk, will merely be a confirmation). Choosing the disk first may be if better option if the total concept from Colin could be implemented (especially the bit about partman-auto-resize), but that is not on the cards for Etch. We should make sure that there are confirmation dialogs for all methods before anything is written to disk (preferably with an explicit warning that all existing data will be erased) and we should probably also display the selected disk in the recipe selection dialogs. I will work on that tomorrow. After reading the discussion again, I realized that I had accidentally replaced guided by automatic, so below a new proposed first p-a screen. example The installation system allows you to either use guided partitioning (using different standard recipes), or set up partitions manually. If you choose guided partitioning for an entire disk, you will next be asked which disk should be used. Partitioning method: Guided - use the largest continuous free space Guided - erase entire disk Guided - erase entire disk and set up LVM Guided - erase entire disk and set up encrypted LVM Manual /example There's a lot of text that could be added on this screen, but too little space. Maybe we should consider adding a help option here? - What happens if you choose manual partitioning (overview of existing partition layout + full control over any changes) - Extra info about the largest continuous free space option - That the installer will always ask for confirmation before writing to disk Another option could be to add a screen View detected disks and partitions on the first screen. This would lead to partman's main screen, but with only a return option. Both these options are post-Etch (or at least post-RC1) though. and if it's ignored now, we'll just have to fix it later when you get the reports back from the users who hate this. I accept that. Cheers, FJP P.S. In some respects Colin's proposal for Ubuntu reminds me of a M$ wizzard where the user is taken by the hand and slowly guided through the available options. Great for really newbie users, but I'm not really sure if that's in line with basic concept of d-i as it will lead to more questions being asked and is likely to annoy more experienced users. [1] https://wiki.ubuntu.com/UbuntuExpress/PartitioningTool pgpRKLbTPwZmr.pgp Description: PGP signature
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
Package: partman-auto-crypto Severity: critical Justification: causes serious data loss Hi! I have tried to use partman-auto-crypto by selecting Automatically set up encrypted LVM in the partman menu. I initially thought that it was going to use the free space which was available on the hard-drive. But, while it was wiping the partition, I had a doubt. So one Alt+F2 + fdisk -l later, I had the bad surprise to discover that it had actually repartioned the whole drive asking me if it was what I really wanted... I definetly think that a confirmation screen would be needed here. :D Regards, -- Jérémy signature.asc Description: Digital signature
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Wednesday 04 October 2006 19:19, Jérémy Bobbio wrote: I have tried to use partman-auto-crypto by selecting Automatically set up encrypted LVM in the partman menu. I initially thought that it was going to use the free space which was available on the hard-drive. David: Where has the Erase entire disk and ... part of this menu entry (and the one for auto-lvm disappeared to? IIRC that was in the original discussion. pgpvEbY9sW9Gg.pgp Description: PGP signature
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Wed, Oct 04, 2006 at 08:23:29PM +0200, Frans Pop wrote: On Wednesday 04 October 2006 19:19, Jérémy Bobbio wrote: I have tried to use partman-auto-crypto by selecting Automatically set up encrypted LVM in the partman menu. I initially thought that it was going to use the free space which was available on the hard-drive. David: Where has the Erase entire disk and ... part of this menu entry (and the one for auto-lvm disappeared to? IIRC that was in the original discussion. It is currently only used on the first menu for the regular partitioning method. I understand the confusion this may cause...so perhaps the best solution would be to expand the partman-auto/select_disk and partman-auto/select_disks templates. They currently say: Select disk to partition: list-of-available-disks How about changing them to: Select disk to partition (please note that the entire disk will be erased): -- David Härdeman
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Wednesday 04 October 2006 22:06, David Härdeman wrote: Where has the Erase entire disk and ... part of this menu entry (and the one for auto-lvm disappeared to? IIRC that was in the original discussion. It is currently only used on the first menu for the regular partitioning method. I understand the confusion this may cause...so perhaps the best solution would be to expand the partman-auto/select_disk and partman-auto/select_disks templates. [...] How about changing them to: Select disk to partition (please note that the entire disk will be erased): What's against bringing it back in the method dialog?
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Wed, Oct 04, 2006 at 11:05:51PM +0200, Frans Pop wrote: On Wednesday 04 October 2006 22:06, David Härdeman wrote: Where has the Erase entire disk and ... part of this menu entry (and the one for auto-lvm disappeared to? IIRC that was in the original discussion. How about changing them to: Select disk to partition (please note that the entire disk will be erased): What's against bringing it back in the method dialog? Nothing, it's a matter of taste (meaning it's up to you to decide) :) But I think it might be a bit confusing to see the regular entries on the method dialog and a similar entry for the other methods but without the disk: Erase entire disk: IDE1 Master (hda) - 1.1Gb Qemu harddisk Erase entire disk: IDE2 Master (hdb) - 1.1Gb Qemu harddisk ... Erase entire disk and automatically set up encrypted lvm The user would probably be left wondering which disk the last option refers to...not knowing that the disk choice will be the subject of the next dialogue? -- David Härdeman
Bug#391071: partman-auto-crypto: No confirmation before hard-drive wiping
On Thursday 05 October 2006 00:03, David Härdeman wrote: What's against bringing it back in the method dialog? Nothing, it's a matter of taste (meaning it's up to you to decide) :) The user would probably be left wondering which disk the last option refers to...not knowing that the disk choice will be the subject of the next dialogue? I see what you mean, but I don't think it should be delayed. To be honest, I've never been really happy with the inconsistency that was decided on in that menu: having individual disks listed for the normal method, but not for the others. But I had kind of decided to let that pass for Etch. This issue brings it back though. I personally would prefer to consistently delay disk selection to a second level in _all_ cases and explain what the next step will be in the description; something like: example The installation system allows you to either automatically partition a disk for the new system (using different standard recipes), or set up partitions manually. If you choose to automatically partition an entire disk, you will next be asked which disk should be used. Partitioning method: Automatic - use the largest continuous free space Automatic - erase entire disk Automatic - erase entire disk and set up LVM Automatic - erase entire disk and set up encrypted LVM Manual /example This may need to be revised again when we can offer RAID1, but that depends on the implementation and could probably be solved by mentioning that option in the description. It would probably be a could idea to repeat the fact that existing data will be erased after selecting a method that does and we need to add an extra confirmation dialog before the partition table is written when using LVM anyway (see #368633). BTW. I also noticed that with Use the largest continuous free space there is currently no indication of what disk will actually be used or how big the free space is. It is of course kind of implied (whichever disk has the largest free space), but IMO it would be kind of nice to tell the user before it is done. pgpMI7jPpTu3q.pgp Description: PGP signature
