noah wrote: > Is luksClose really called when a system with encrypted _root_ > filesystem is rebooted? > Imagine something like: initrd -> luksOpen some device -> mount fs > from encrypted volume -> pivot_root to the fs on the encrypted volume > -> boot system -> reboot system > > Just curious since the kernel complains about not being able to > unmount the root filesystem when it's encrypted; I *think* it merely > remounts it R/O, syncs it and then reboot. > This is a fairly hard problem. The moment you remove the mapping for the encrypted root filesystem, you suddenly can't exec /sbin/halt anymore, because it isn't there! This is obviously, in one sense, the desired behavior. The first solution which comes to mind is to create a tmpfs filesystem, put a statically linked halt command in it, dmsetup suspend the encrypted root, and then call halt from the tmpfs. But it's the distro maintainers who have to worry about this. (Unless you're a paranoid **** like me...) -- Homeland Stupidity <http://www.homelandstupidity.us/> --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
