[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Root filesystem encryption update



Thomas Swan schrieb:
Here's another go. This patch applies to the current mkinitrd SRPM set (except the mkinitrd.spec file) and the patched mkinitrd package is available via yum at < http://www.cygnetech.com/linux/repos/>

I incorporated the feedback I have received and have changed the patches to use options stored in /etc/sysconfig/mkinitrd.

I have one option in development that will let you boot and reference the root filesystem by UUID, but it's not finished yet. The current developmental UUID hack relies on bash and find included in the initrd image, but I want a static binary or cryptsetup patch.

I'm also exploring creating some screens for anaconda, but that's a steep learning curve.

Should encryption be an option on the disk partition option or an option to pick the type of installation right after the greeting?



UUID support needs a patch in e2fsprogs which I've submitted upstream for
review some time ago. This makes bash hacks obsolete. My system is running
with UUIDs only in fstab and crypttab, there are no hardcoded device names
required anymore.
Please note that I've achieved this with the mkinitrd patch available in
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124789 , but I'll take
a look at your patch as well.
There's also a wiki page about encryption at
http://fedoraproject.org/wiki/Releases/FeatureEncryptedFilesystems

 Regards

    Karsten


--
 Karsten Hopp        | Mail: karsten redhat de
 Red Hat Deutschland | Tel: +49-711-96437-0
 Hauptstaetterstr.58 | Fax: +49-711-613590
 D-70178 Stuttgart   | http://www.redhat.de


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]