partman-crypto: use UUID-based LUKS mapping names (!9) · Merge requests · Debian Installer / partman-crypto

David Härdeman requested to merge Alphix/partman-crypto:luks-uuid-mapping into master Jul 12, 2024

Right now, if e.g. /dev/vda2 is used as a LUKS source device, the mapping will be called vda2_crypt during the installation and this will be persisted into the target system, meaning it will end up looking something like this (assuming LVM isn't used):

  /etc/crypttab:
    vda2_crypt UUID=<uuid> none luks,discard

  /etc/fstab:
    /dev/mapper/vda2_crypt / ext4 ...

Note that crypttab already uses the UUID to find the source device since partman-crypto 39 (commit 082d0596). The mapping name can be potentially misleading if e.g. /dev/vda and /dev/vdb end up being swapped at the next boot since the right source device will be used, but the mapping name will hint at the wrong source device.

This patch changes the mapping name to not include the original source device name, preferring to use uuids everywhere, so instead of e.g. vda2_crypt, the mapping will be called luks-<uuid> in both the installer and in the target system:

  /etc/crypttab:
    luks-<uuid> UUID=<uuid> none luks,discard

  /etc/fstab:
    /dev/mapper/luks-<uuid> / ext4 ...

This naming isn't arbitrary, it happens to match what dracut uses/expects (and initramfs-tools doesn't have a preference).

partman-crypto: use UUID-based LUKS mapping names

Merge request reports