LUKS support used to work best if the LUKS device resided on a partition,
and contained a Physical Volume for an LVM Volume Group. This scheme, also
called LVM-on-LUKS, is commonly created by installers of various Linux
distributions. (See RHBZ#1451665.)
Libguestfs now also supports the scheme wherein the LUKS device resides on
an LVM Logical Volume, and contains a filesystem. This is called
LUKS-on-LVM, it is the inverse of the above scheme, and is created by
installers of other Linux distributions. (See RHBZ#1658126.)
Both schemes are now decrypted by libguestfs-based utilities when
inspection is enabled (such as in "guestfish -i", virt-inspector,
virt-v2v), through the inspect_mount() function in utilities written in C,
and through the "inspect_decrypt" function in ones written in OCaml.
We don't seem to need an API like "list-luks-devices", as
"list-dm-devices" returns decrypted (i.e., opened) LUKS devices too; for
example, in the LUKS-on-LVM case:
><fs> list-dm-devices
/dev/mapper/luks-0d619854-ccd5-43b1-8883-991fec5ef713
/dev/mapper/luks-4e9e7a6f-a68c-42fd-92b4-8f4f2579a389
Thus, the subject TODO section is now out of date, and it's unclear what
remains "to do" there; let's just remove the section.
Bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1658126
Signed-off-by: Laszlo Ersek <lersek(a)redhat.com>
---
TODO | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/TODO b/TODO
index 064386ac2dce..6fb11d5ecdd4 100644
--- a/TODO
+++ b/TODO
@@ -161,16 +161,6 @@ Could we make guestfish interactive if commands are used without
params?
Image name? disk.img
Size of image? 10M
-Better support for encrypted devices
-------------------------------------
-
-Currently LUKS support only works if the device contains volume
-groups. If it contains, eg., partitions, you cannot access them.
-We would like to add:
-
- - Direct access to the /dev/mapper device (eg. if it contains
- anything apart from VGs).
-
Display image as PS
-------------------
--
2.19.1.3.g30247aa5d201