From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.7.2) Gecko/20040809 Epiphany/1.3.8 Description of problem: The fstab-sync utility that is included in hal does a great job of ensuring /etc/fstab gives users the ability to mount removable media. It would be great if this was also the case when the media contained an encrypted filesystem. I have written a patch against hal that demonstrates this concept. The patch is nowhere near complete (and breaks a few minor things) but does work and illustrates the idea well. I am submitting it now hoping to get some dialog going. Basically, if an entry corresponding to a device's USB serial number exists in /etc/crypttab like this: test SERIAL=230760A44039A55F /etc/test-key cipher=aes then fstab-sync will treat the disk as encrypted using the kernel's dm-crypt interface. Fstab-sync will create the appropriate entry in /dev/mapper using cryptsetup before updating /etc/fstab. /etc/fstab is updated with /dev/mapper/test instead of /dev/sda1. Some issues I have not yet figured out: USB serial numbers are great, but what about Firewire, etc.? Can I tie this into gnome-keyring so that the key does not have to exist in plain sight on the filesystem (/etc/test-key above)? Is my patch approaching this in the right manner? How do I support multiple partitions using the SERIAL= technique? Version-Release number of selected component (if applicable): hal-0.2.98-4 How reproducible: Always Steps to Reproduce: Notice that fstab-sync does not handle encrypted disks. Additional info:
Created attachment 104250 [details] Proof of concept for adding support for encrypted filesystems to fstab-snyc
See also: http://freedesktop.org/pipermail/hal/2004-September/001051.html.
Since you raised this upstream on the hal mailing list I suggest that we continue the discussion there. Thanks, David