if [ -n "$ENCRYPT_HOME_OPT" ] && [ -e $ROOT/etc/crypttab ]; then
# Zero out all encrypted swap partitions. It is assumed that
# passwords are not used beyond this point in the install.
# cryptswap0 /dev/sda5 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
# Ideally we would set up a new progress bar here, but we're
# inside finish-install's and cdebconf doesn't support nested
# progress bars. db_progress INFO user-setup/progress/wipe-swap while read name device source options; do if echo "$options" | grep -q "swap"; then if swapoff $device; then dd if=/dev/zero of=$device 2>/dev/null || true fi fi done < $ROOT/etc/crypttab
fi
some testing for blockdevices and files (if [ -b $device ] ...) needs to be added here.
in case a file is detected, the size needs to be handed over to dd.
the problematic code in user-setup-apply is:
if [ -n "$ENCRYPT_HOME_OPT" ] && [ -e $ROOT/etc/crypttab ]; then aes-cbc- essiv:sha256
db_progress INFO user-setup/ progress/ wipe-swap
while read name device source options; do
if echo "$options" | grep -q "swap"; then
if swapoff $device; then
dd if=/dev/zero of=$device 2>/dev/null || true
fi
fi
done < $ROOT/etc/crypttab
# Zero out all encrypted swap partitions. It is assumed that
# passwords are not used beyond this point in the install.
# cryptswap0 /dev/sda5 /dev/urandom swap,cipher=
# Ideally we would set up a new progress bar here, but we're
# inside finish-install's and cdebconf doesn't support nested
# progress bars.
fi
some testing for blockdevices and files (if [ -b $device ] ...) needs to be added here.
in case a file is detected, the size needs to be handed over to dd.