summaryrefslogtreecommitdiffstats
path: root/TODO
diff options
context:
space:
mode:
authorRichard Jones <rjones@redhat.com>2010-07-21 19:50:06 +0100
committerRichard Jones <rjones@redhat.com>2010-07-21 20:48:40 +0100
commit637f8df83726ab9b50e8a6d2181bd1e0e93ec13e (patch)
tree77e97218a0f9c570bb93b3c913a3f77c51866b4e /TODO
parent581a7965faa5bf242ab3f8b7c259ab17c2e967f4 (diff)
downloadlibguestfs-637f8df83726ab9b50e8a6d2181bd1e0e93ec13e.tar.gz
libguestfs-637f8df83726ab9b50e8a6d2181bd1e0e93ec13e.tar.xz
libguestfs-637f8df83726ab9b50e8a6d2181bd1e0e93ec13e.zip
New APIs: Support for opening LUKS-encrypted disks.
This adds support for opening LUKS-encrypted disks, via three new APIs: luks_open: Create a mapping for an encrypted disk. luks_open_ro: Same, but read-only mapping. luks_close: Close a mapping. A typical guestfish session using this functionality looks like this: $ guestfish --ro -a encrypted.img ><fs> run ><fs> list-devices /dev/vda ><fs> list-partitions /dev/vda1 /dev/vda2 ><fs> vfs-type /dev/vda2 crypto_LUKS ><fs> luks-open /dev/vda2 luksdev Enter key or passphrase ("key"): ><fs> vgscan ><fs> vg-activate-all true ><fs> pvs /dev/dm-0 ><fs> vgs vg_f13x64encrypted ><fs> lvs /dev/vg_f13x64encrypted/lv_root /dev/vg_f13x64encrypted/lv_swap ><fs> mount /dev/vg_f13x64encrypted/lv_root / ><fs> ll / total 132 dr-xr-xr-x. 24 root root 4096 Jul 21 12:01 . dr-xr-xr-x 20 root root 0 Jul 21 20:06 .. drwx------. 3 root root 4096 Jul 21 11:59 .dbus drwx------. 2 root root 4096 Jul 21 12:00 .pulse -rw-------. 1 root root 256 Jul 21 12:00 .pulse-cookie dr-xr-xr-x. 2 root root 4096 May 13 03:03 bin NOT included in this patch: - An easier way to use this from guestfish. - Ability to create LUKS devices. - Ability to change LUKS keys on existing devices. - Direct access to the /dev/mapper device (eg. if it contains anything apart from VGs).
Diffstat (limited to 'TODO')
-rw-r--r--TODO13
1 files changed, 13 insertions, 0 deletions
diff --git a/TODO b/TODO
index fc6b3fd8..d0196c88 100644
--- a/TODO
+++ b/TODO
@@ -356,3 +356,16 @@ Progress of long-running operations
For example, copying in virt-resize. How can we display the progress
of these operations? This is a basic usability requirement, and
frequently requested.
+
+Better support for encrypted devices
+------------------------------------
+
+Currently LUKS support only works if the device contains volume
+groups. If it contains, eg., partitions, you cannot access them.
+We would like to add:
+
+ - An easier way to use this from guestfish.
+ - Ability to create LUKS devices.
+ - Ability to change LUKS keys on existing devices.
+ - Direct access to the /dev/mapper device (eg. if it contains
+ anything apart from VGs).