[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [PATCH] Possible fix for some encryption related bugs during the Custom Layout editation (#495848)

From: David Lehman <dlehman redhat com>
To: Discussion of Development and Customization of the Red Hat Linux Installer <anaconda-devel-list redhat com>
Subject: Re: [PATCH] Possible fix for some encryption related bugs during the Custom Layout editation (#495848)
Date: Thu, 16 Apr 2009 13:09:46 -0500

On Thu, 2009-04-16 at 14:01 -0400, Martin Sivak wrote:
> But of course, that would cause problems with just LUKS + filesystem... hmm any way how to allow modification of LUKS if there is only filesystem or nothing else on top of it?
> 
> > Hi,
> > 
> > right, but now I'm thinking just about:
> > 
> > +        elif device.format.type == "luks":
> > +            try:
> > +                luksdev = self.devicetree.getChildren(device)[0]
> > +            except IndexError:
> > +                pass
> > +            else:
> > +                return "There is %s on top of this encrypted device."
> > % luksdev.format.name
> > 
> > Because I do not care if the devices on top of LUKS are mutable. I
> > just want to disallow modifying the LUKS when there any devices on top
> > of it.

Remember, we don't treat the LUKS device as a separate device. If they
want to delete a partition that has a LUKS format, then can. If they
just want to remove the LUKS formatting (and implicitly destroy the
LUKSDevice) then they simply deactivate the "Encrypt" checkbox in the
partition editor.

Checking the mutability of the LUKSDevice is the only thing that makes
sense since it is what will contain the formatting we are interested in,
such as pv, mdraid, &c.

Dave

> > 
> > Martin
> > 
> > ----- "David Lehman" <dlehman redhat com> wrote:
> > 
> > > I think you're on the right track, but you probably want something
> > > more
> > > like this:
> > >
> > > diff --git a/storage/__init__.py b/storage/__init__.py
> > > index f12c6c3..744d608 100644
> > > --- a/storage/__init__.py
> > > +++ b/storage/__init__.py
> > > @@ -520,6 +520,13 @@ class Storage(object):
> > >                      else:
> > >                          return _("This device is part of a LVM
> > volume
> > > "
> > >                                   "group.")
> > > +        elif device.format.type == "luks":
> > > +            try:
> > > +                luksdev = self.devicetree.getChildren(device)[0]
> > > +            except IndexError:
> > > +                pass
> > > +            else:
> > > +                return self.deviceImmutable(luksdev)
> > >          elif isinstance(device, PartitionDevice) and
> > > device.isExtended:
> > >              reasons = {}
> > >              for dep in self.deviceDeps(device):
> > >
> > >
> > > Dave
> > >
> > > On Thu, 2009-04-16 at 13:47 +0200, Martin Sivak wrote:
> > > > ---
> > > >  storage/__init__.py |   19 +++++++++++++++++++
> > > >  1 files changed, 19 insertions(+), 0 deletions(-)
> > > >
> > > > diff --git a/storage/__init__.py b/storage/__init__.py
> > > > index 8678b6e..af24af6 100644
> > > > --- a/storage/__init__.py
> > > > +++ b/storage/__init__.py
> > > > @@ -327,6 +327,18 @@ class Storage(object):
> > > >          return partitions
> > > >
> > > >      @property
> > > > +    def lukses(self):
> > > > +        """ A list of the LUKS devices in the device tree.
> > > > +
> > > > +            This is based on the current state of the device tree
> > > and
> > > > +            does not necessarily reflect the actual on-disk state
> > > of the
> > > > +            system's disks.
> > > > +        """
> > > > +        lukses = self.devicetree.getDevicesByType("luks")
> > > > +        lukses.sort(key=lambda d: d.name)
> > > > +        return lukses
> > > > +
> > > > +    @property
> > > >      def vgs(self):
> > > >          """ A list of the LVM Volume Groups in the device tree.
> > > >
> > > > @@ -519,6 +531,13 @@ class Storage(object):
> > > >                      else:
> > > >                          return _("This device is part of a LVM
> > > volume "
> > > >                                   "group.")
> > > > +        elif device.format.type == "luks":
> > > > +            for luksdev in self.lukses:
> > > > +                #If we are checking LUKS, check also devices
> > which
> > > are on top of it
> > > > +                msg = self.deviceImmutable(luksdev)
> > > > +                if msg:
> > > > +                    #remove the tailing dot to construct the
> > > message
> > > > +                    return " ".join(msg[:-1], "on top of LUKS
> > > device %s." % (luksdev.name,))
> > > >          elif isinstance(device, PartitionDevice) and
> > > device.isExtended:
> > > >              reasons = {}
> > > >              for dep in self.deviceDeps(device):
> > >
> > > _______________________________________________
> > > Anaconda-devel-list mailing list
> > > Anaconda-devel-list redhat com
> > > https://www.redhat.com/mailman/listinfo/anaconda-devel-list
> 
> _______________________________________________
> Anaconda-devel-list mailing list
> Anaconda-devel-list redhat com
> https://www.redhat.com/mailman/listinfo/anaconda-devel-list

References:
- Re: [PATCH] Possible fix for some encryption related bugs during the Custom Layout editation (#495848)
  - From: Martin Sivak

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]