On 08/26/2013 04:03 PM, Benjamin Kingston wrote: > One more thing to add. There is a systemd target in > /etc/systemd/system that mentions the ext4 filesystem on the pin > protected flash drive by uuid > > On Mon, Aug 26, 2013 at 6:13 AM, Benjamin Kingston <list@xxxxxxxxxxxxxxx> wrote: >> My commandline is as follows: >> BOOT_IMAGE=/vmlinuz-3.10.9-200.fc19.x86_64 >> root=UUID=b5855018-5b09-4cbd-a7fc-0516dd5e7a0a ro >> rd.lvm.vg.uuid=gK6vvj-uE7w-E6i0-nZOr-WtbN-cJbJ-gxd82v rd.dm=0 >> rd.luks.uuid=luks-770c95fa-3ce3-4908-a491-8710d679fa68 >> rd.md.uuid=613e00b8:220a6e5b:0caa4d15:e981bbb1 >> rd.md.uuid=01f167fc:5607540d:b2274dec:482834f2 vconsole.keymap=us >> rd.fips fips=0 intel_iommu=pt rhgb quiet LANG=en_US.utf8 >> >> The disk never gets mounted to my knowledge. When booted, autofs >> mounts the disk in /mnt/usb/boot and the /boot folder is a symlink >> that points there. Inside the initramfs this is duplicated (/boot >> symlink to /mnt/usb/boot), which contains the encryption keyfile. >> >> On Sun, Aug 25, 2013 at 11:23 PM, Harald Hoyer <harald@xxxxxxxxxx> wrote: >>> On 08/26/2013 12:58 AM, Benjamin Kingston wrote: >>>> I have my boot partition on a pin protected flash drive and have >>>> embedded the encryption keyfile for my filesystem in my initramfs >>>> image to automate unlocking my computer with just the flash pin. The >>>> issue with this comes when generating the initramfs through dracut, >>>> because the boot disk is mounted and listed in /proc/self/mountinfo >>>> and gets a systemd entry that requires it to be brought online. >>>> >>>> Since the keyfile is embedded in the image in ram the boot disk is not >>>> needed to be brought online, but since the USB is reset, this requires >>>> me to enter the pin on the flash drive a second time, just to unlock >>>> the volume to satisfy systemd. >>>> >>>> is there a way to ignore a particular device when running dracut, or >>>> at least change its timeout and systemd status to not be boot >>>> effecting? >>> >>> >>> What is your kernel cmdline? >>> Where is the disk mounted in the initramfs? >>> Why did you specify rd.fips and probably include the fips module? Just to get /boot mounted? -- To unsubscribe from this list: send the line "unsubscribe initramfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
