On Mon, 16 Aug 2004 01:23, Steve G <linux_4ever@xxxxxxxxx> wrote: > First comment, this sounds cool. I suspect you want feedback so here it goes: > >It is hard-coded for the sevice names that I use (/dev/V0/fc2enc for > >the encrypted LVM volume) > > This sounds very tied to fc2. I would recommend a name that's not tied to a > distribution release number. Naturally. That just happens to be the name I used on my own system, it isn't expected to work for anyone else. The Volume Group name "V0" is also specific to my system. Anyone who wants to do the same will have to change the device name as appropriate for their system. > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124789 > > You may want to work with this effort. One thing that has just occurred to me is that using a /etc/crypttab file in the same format as Debian will make things a lot easier. Here is a sample crypttab: # <target device> <source device> <key file> <options> swap /dev/V0/swap /dev/random swap root /dev/V0/fc2 /etc/root-key defaults For example the above file would specify that the device /dev/mapper/swap would be /dev/V0/swap encrypted with a key from /dev/random. In Debian the "swap" parameter at the end of the line indicates that after the encrypted device is setup the command "mkswap" should be run on it. Now mkinitrd could check /etc/fstab, see that the root device is /dev/mapper/root, look for the appropriate entry in /etc/crypttab then know it needs to put /etc/root-key in the initrd and do the mapping from /dev/V0/fc2 . I've just added the above text to the bugzilla entry for 124789. > >Currently the statically linked version of cryptsetup is 780K in size. > > I bet its not stripped either. No, that's 780K stripped! -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
