Add crypttab option silent #19619
Add crypttab option silent #19619
Conversation
Adds a crypttab option 'silent' that enables the AskPasswordFlag ASK_PASSWORD_SILENT. This allows usage of systemd-cryptsetup to default to silent mode, rather than requiring the user to press tab every time.
|
LGTM. |
|
Hmm, I don't like the name of this, it's too generic. i.e. reading a crypttab option with this flag set would make me think that it would suppress interactivity and error reporting or so. But this is not what it does. Hence, I think the crypttab option should get a more, precise accurate name. maybe "hide-password-asterisks" or "silent-password-query" or so. It's fine if that#s a bit longer a string, given that I doubt this will be used in the majority of cases. Any chance you can prep a follow-up patch renaming the crypttab option? (the setting internally is fine if called "silent", i am really just not happy with the name as exposed in crypttab) |
|
"asterisks" is pretty hard to type from memor for non-native speakers and people with dyslexia. "hide-password-asterisks" even more so... I'm not against changing the name, but let's keep it succinct. "quiet" or "noecho" mabe? |
|
"quiet" isn't much better than "silent", since it still suggests we'd hide error messages or so tht way. internally, we have three levels: "echo", regular operation, and "silent". The former means we'll echo the pw literally as it is typed in, the regular operation is to show the asterisks, and the "silent" operation is to hide everything. Maybe we should hence expose this as a setting taking a value: password-prompt=echo|no-echo|silent? what i also don't like about this patch is that it only applies to auth-via-password right now. auth via security token (where we ask for a PIN typically, using the very same mechanisms) is excluded from this, but it should apply there too. Also, I think the "systemd-ask-password" tool should really get a cmdline switch exposing similar behaviour. It currently does not. |
|
I opened #19763 I don't have an opinion on the config option, but I can rename it to whatever you'd like. For another suggestion, i can add equivalent flags to the systemd-ask-password and systemd-cryptenroll binaries if we decide on an argument name. |
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in systemd#19619
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in systemd#19619
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in systemd#19619
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in systemd#19619
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in systemd#19619
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in #19619
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in systemd#19619
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in systemd/systemd#19619
Use the option name 'password-echo' instead of the generic term 'silent'. Make the option take an argument for better control over echoing behavior. Related discussion in systemd/systemd#19619
Adds a crypttab option 'silent' that enables the AskPasswordFlag
ASK_PASSWORD_SILENT. This allows usage of systemd-cryptsetup to default
to silent mode, rather than requiring the user to press tab every time.