FS#56222 - [minor][cryptsetup] Do not ask to repeat password for non-LUKS encrypted root partition

Attached to Project: Arch Linux
Opened by Maxim (mxfm) - Friday, 03 November 2017, 20:34 GMT
Last edited by Doug Newgard (Scimmia) - Saturday, 04 November 2017, 01:18 GMT
Task Type Support Request
Category Packages: Core
Status Closed
Assigned To No-one
Architecture All
Severity Very Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description: Do not ask to repeat password for non-LUKS encrypted root partition.

Currently 'encrypt' hook from cryptsetup package (which is installed as /lib/initcpio/hooks/encrypt) asks to repeat password for non-LUKS encrypted root. The relevant line is 113 from cryptsetup package at https://git.archlinux.org/svntogit/packages.git/tree/cryptsetup/trunk/encrypt_hook

Current behavior is to ask to repeat password and to fail if passwords do not match. However, if password is asked once and it is wrong the boot process fails anyway, because decrypted root partition cannot be mounted. The only technical benefit to keep current behavior is to issue 'passwords do not match error' instead of mounting error at the expense of double typing the passwords.

I propose to disable this. If passwords do not match, there is no option to repeat, and the boot process fails anyway and user is thrown into rescue shell. It is reasonable to assume that users of plain dm-crypt are aware that partition mounting errors are sign of bad password. The wiki page warns users about using plain dm-crypt. Also, asking to repeat the password is not the default behavior of cryptsetup.

Additional info:
* cryptsetup 1.7.5-1
* mkinitcpio 24-2
This task depends upon

Closed by  Doug Newgard (Scimmia)
Saturday, 04 November 2017, 01:18 GMT
Reason for closing:  Duplicate
Additional comments about closing:   FS#45172 
Comment by Maxim (mxfm) - Friday, 03 November 2017, 20:41 GMT
Meh, it is duplicate of issue #45172.

Loading...