Mr. Ruusu: Wow, I must admit that I had switched from Mandrake back to RedHat for compatibility reasons in terms of installing software, but I am very happy a distribution has found it useful to incorporate loop-aes into its process of installing itself! I do hope RedHat does the same! Mandrake is a very nice distribution in my view, but they do not debug things quickly and perfectly enough for me, thus I feel it lacks some stable aspects I get with RedHat. If it does become more commercialized one day, it would definitely interest me to switch back to it! Problem for me is, that I do consulting and I have to use a distribution that is stable enough that it can also be deployed for commercial applications, and I do not feel Mandrake is capable of that kind of load or even if they offer 24/7 support for it at the moment, nor (from my experience) is their quality control very good as I have seen them release (in their last issue) a version which was chalk full of bugulance, that is unacceptable for me to use in any distribution which is destined for customers. I think that perhaps it would be prudent for us to work on part of the installation process of RedHat to see if RedHat's installer could be made to be loop-aes friendly. If that could be done, perhaps RedHat would also think about making loop-aes inclusive to their distribution and install process? If anyone is willing to make the modifications to the RedHat installer I am willing to burn the modifications onto a CD-RW and boot up the modified CD-ROM and see if it works. Very Respectfully, Stuart Blake Tener, IT3 (E-4), USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, January 26, 2002 8:47 AM -----Original Message----- From: linux-crypto-bounce@nl.linux.org [mailto:linux-crypto-bounce@nl.linux.org] On Behalf Of Jari Ruusu Sent: Sunday, April 07, 2002 10:47 AM To: Michel Bouissou Cc: vdanen@mandrakesoft.com; warly@mandrakesoft.com; linux-crypto@nl.linux.org; pplf Subject: Re: SECURITY: Patch for broken rc.sysinit in Mandrake 8.2 Michel Bouissou wrote: > Mandrake 8.2 comes with a kernel RPM including loop-aes. > > It is supposed to be able to do a lot of useful things with it, including > automatically encrypt swap partitions if wanted. [snip] > Feel free to give me your feedback and comments. Not directly related to Mandrake init scripts, but next version of loop-AES will setup encrypted swap _without_ changes to init scripts. All user needs to do is to add "loop=/dev/loop?" and "encryption=AES128" options to swap lines in /etc/fstab and "swapon -a" and "swapoff -a" will take care of all encrypted swap setup work. Example of /etc/fstab line: /dev/hda666 none swap sw,loop=/dev/loop6,encryption=AES128 0 0 ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^ I have attached new util-linux patches if someone wants to try them. Compile and install like this: bzip2 -d -c util-linux-2.11o.tar.bz2 | tar xvf - cd util-linux-2.11o patch -p1 <../util-linux-2.11o-1.diff patch -p1 <../util-linux-2.11o-2.diff ./configure make SUBDIRS="lib mount" cd mount install -m 4755 -o root mount umount /bin install -m 755 losetup swapon /sbin rm -f /sbin/swapoff && ( cd /sbin && ln -s swapon swapoff ) rm -f /usr/man/man8/{mount,umount,losetup,swapon,swapoff}.8.gz install -m 644 mount.8 umount.8 losetup.8 swapon.8 swapoff.8 /usr/man/man8 rm -f /usr/man/man5/fstab.5.gz install -m 644 fstab.5 /usr/man/man5 mandb Regards, Jari Ruusu <jari.ruusu@pp.inet.fi> - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
