Christian PERRIER wrote: > _Description: Continue with cryptsetup removal? > Some unlocked dm-crypt devices (${cryptmap}) are in use on this system. If ${cryptmap} expands to a plain whitespace-separated list it's less ugly to move it to the end. And here's a shorter way of avoiding second person: This system has unlocked dm-crypt devices: ${cryptmap} > . > If these devices are managed with cryptsetup, you might be unable to > lock the devices after the package removal, though other tools can be > used for managing dm-crypt devices. As a consequence, any further > system shutdown or reboot is likely to lock the devices. You've lost the tools for locking them, and *therefore* a reboot will lock them? That sounds more like a "however". I'd suggest reverting it slightly to just: Any system shutdown or reboot will lock the devices. [...] >> Package: cryptsetup [...] >> Description: configures encrypted block devices > > "encrypted devices management tools"? > > A verb sentence is discouraged in synopsis. Better use a noun phrase. > > I'm unsure whether crypsetup provides tools for general encrypted > devices management or only tools to set them up, but you get the point. It seems to me that all this talk of devices is more abstract and technical than there's any call for in a synopsis. Users searching for cryptsetup aren't necessarily thinking in terms of needing to configure a device - they're more likely to be looking for a way to "lock my home directory"... I won't try to dumb it all the way down to that level, but maybe we could use something like: Description: disk encryption support - commandline tools (And then of course "- library", "- development files", etc. The word "commandline" is promoted out of the description, thus allowing us not to use that word in the description for the library etc.) >> Cryptsetup provides a command-line interface for configuring encrypted >> devices. This is done using the Linux kernel device mapper target >> dm-crypt. This version of cryptsetup has integrated support for LUKS. It doesn't configure devices which are encrypted, it sets up encryption on devices. Meanwhile we've lost "block devices" in the synopsis, but here there's room for all that plus a parenthesised outbreak of handholding. Cryptsetup provides an interface for configuring encryption on block devices (such as /home or swap partitions), using the Linux kernel device mapper target dm-crypt. I've demoted the bit about LUKS into the second paragraph on suspicion of being stale news about an implementation detail. >> . >> cryptsetup is backwards compatible with the on-disk format of cryptoloop, >> but also supports more secure formats. This package includes support for >> automatically configuring encrypted devices at boot time via the config >> file /etc/crypttab. Additional features are cryptoroot support through >> initramfs-tools and several supported ways to read a passphrase or key. > > Maybe avoid the leading lowercase in 2nd paragraph, which always looks > ugly. Otherwise, no comment. It's especially odd given that the first para had "Cryptsetup". We might as well say "It". I spent a while trying to turn this into a bulleted list, but on second thoughts the original format is fine. It features integrated LUKS (Linux Unified Key Setup) support, and is backwards compatible with the on-disk format of cryptoloop, but also supports more secure formats. This package includes support for automatically configuring encrypted devices at boot time via the config file /etc/crypttab. Additional features are cryptoroot support through initramfs-tools and several supported ways to read a passphrase or key. (Or would it make more sense to mention LUKS alongside the "more secure formats"?) -- JBR with qualifications in linguistics, experience as a Debian sysadmin, and probably no clue about this particular package
Attachment:
control.jbr.gz
Description: Binary data
Attachment:
cryptsetup.templates.jbr.gz
Description: Binary data
���