and plymouth is in use. Previously, this would use plymouth's
ask-for-password action, passing it a --command argument that
included a pipeline (line 206 in previous version of 00-crypt.sh).
As plymouth does not shell-interpret its command however, this fails.
In this version, we create a temporary script file with the necessary
pipeline command in it, and pass this temporary script to plymouth instead.
The temporary script is deleted after use.
(In theory, it should be possible to construct a "/bin/sh -c 'cmd'"-style
invocation for the --command, thereby avoiding this, but I have had no
luck with this approach, due to plymouth's argument parser.)
This reduces the likelihood of generating a very long string that
could trigger a cryptsetup log error:
log_err(NULL, _("DM-UUID for device %s was truncated.\n"), name);
It is now possible to pass multiple crypt_roots= and crypt_swaps=
parameters (mind the "s") and have multiple devices concurring to
building the final root device and swap areas activated.
The change is backward compatible and crypt_root=, crypt_swap= is
still fully supported.
This change makes possible to support multiple device mapper block
devices grouped together into aggregated software raid devices.
For instance, two individual luks devices can be now used to build
a single raid0 or raid1 md device.
Moreover, genkernel-next initramfs now supports multiple encrypted
swap devices.
When cryptsetup is in use for the root filesystem, user was either
forced to have root=/dev/mapper/root or no root= in cmdline.
However, grub2 sets its own root= variable and we should really
respect it if it's a /dev/mapper entry
sakaki
Fabio Erculiani
t0b3