On Monday 15 November 2004 06:16, "W. Michael Petullo" <mike@xxxxxxxx> wrote: > 2. Encrypted root filesystem. > > Red Hat Bug #182479 discusses adding support for an encrypted root It's #124789. > filesystem to Fedora. The bug contains a patch for mkinird that > facilitates this. Eventually it would be nice to see support in anaconda > for this, but #182479 is the first step. One thing you miss in the latest patch is support for an encrypted root device on top of an LVM volume. With your patch the code does the following starting at about line 730 in mkinitrd: if [ "$kernelmajor" == "2.4" ]; then # kernel 2.4.x LVM stufff elif [ -n "$root_enc" ]; then # crypto-root stuff else # kernel 2.6.x LVM stuff fi What you really want is to have the crypto root stuff occurring outside the if statement in question. Also inside the "if [ -n "$root_enc" ]; then" block you want to have "if [ -z $root_lvm ]; then" around the "mkdmnod" bit so that mkdmnod doesn't get called twice. Also in recent kernels the AES module is aes-i586 (maybe we should have an alias in the module-init-tools config). -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
