This adds support for partitioning with preexisting encrypted devices. The basic
idea is that we scan for encrypted devices before reading the initial partition
layout in partitions.setFromDisk. We prompt for passphrases for encrypted devic
es we find. Those devices for which we obtain a valid passphrase get the encrypt
ion data added to the RequestSpec. The information is then used by the partition
ing interface so users can create filesytems on these preexisting encrypted devi
ces. They can also remove the encryption from said devices, provided they are wi
lling to reformat the filesystem. It is also possible to do one edit of a partit
ion to delete the LUKS header and then, on a subsequent edit, create a new LUKS header on the same device.

The main thing that needs work IMO is some dependency resolution to provide orde
ring for device access. Currently we just loop through opening all encrypted dev
ices twice -- once before activating RAID and LVM, and once afterward. Ideally,
we could see which devices need RAID and/or LVM to be active before we can try t
o access them. The hammer seems to do the job in the meantime.

Comments are welcome, of course.

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list