Re: RFC: writing kernel cmdline options to grub.conf for dracut

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hans de Goede wrote:
Hi,

This morning I've been talking to Harald Hoyer about what sort
of commandline options dracut will be needing to find the /
filesystem beside root=UUID=1234567890 .

In most cases (normal disks, dmraid, mdraid, lvm, dmcrypt)
root=UUID=1234567890 should suffice.

However in certain cases for example dracut will need additional
info to find the disks.

We've come to the following plan for iscsi targets:
1) Extend the dhcp_root dhcp variable iscsi syntax to
   be able include a username password, so:
   iscsi:192.168.50.2::::iqn.2009-06.dracut:target66
   Can become:
   iscsi:user:pass@xxxxxxxxxxxx::::iqn.2009-06.dracut:target66
   Or:
iscsi:user:pass:reverse_user:reverse_pass@xxxxxxxxxxxx::::iqn.2009-06.dracut:target66

2) Pass root-path=iscsi:... on the kernel cmdline, for each needed iscsi target, so if necessary this will be passed multiple times, dracut will be modified to be able
   handle multiple root-path arguments being passed in

3) chmod /proc/cmdline 400, so that it cannot be read by ordinary users, plugging
   the passwork leak problem

This does not really plug the leak. Just boot until initramfs is loaded, pull the network plug and wait until dracut drops us to a (root-)shell.


Now the remaining question is how to implement the adding of the needed
cmdline options to grub.conf.

Question: Is it really necessary to provide username/password to dracut? Wouldn't it be better to ask the user? I mean if a mount is password protected, be it cryptroot, nfs4 or whatever, shouldn't the user enter the data?

Regards,
Philippe

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list

[Index of Archives]     [Kickstart]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]
  Powered by Linux