Root filesystem encryption update

Wed Jun 20 14:27:55 UTC 2007

Thomas Swan wrote:

> I think we might be putting the cart before the horse.

I'm *sure* we're putting the cart before the horse -- that's what Jeremy 
and I have been getting at.  It's possible to solve these problems, but 
there are other things that need to be done before we'll have a good 
solution.  More on that below.

> A user would be thawing from hibernation on a machine with an
> *existing* installation. Therefore language, and keymaps would have
> been chosen (during installation) prior to the hibernate operation.

Yeah, we can definitely store something that's right /some/ of the time. 
Just be aware that there are lots of corner cases.  As an example, I 
often suspend my laptop before driving to work in the morning.  When it 
resumes, it's in a docking station and there's a different keyboard, 
with a somewhat different key map.

It's not that getting a password from the user on resume is an 
intractable problem, but that there are steps to be taken before we can 
solve it in a way that maintains the level of quality and support 
expected of Fedora.  We've got (some of) the filesystem technology to do 
this, and that's one piece.  Another piece is getting video mode setting 
into the kernel so we can display the graphics required for non-European 
languages early on in a cleaner way than e.g. svgalib, without having to 
pull in all of X.  There's work going forward on this.

Point being, it's a complex feature, and a lot of the traffic on the 
list seems to ignore many aspects of why.

-- 
   Peter