encrypted root fs

[Steve G]

Hi,

First comment, this sounds cool. I suspect you want feedback so here it goes:

>It is hard-coded for the sevice names that I use (/dev/V0/fc2enc for 
>the encrypted LVM volume)

This sounds very tied to fc2. I would recommend a name that's not tied to a
distribution release number.

>Also with my patch you need to put "--with=dm-crypt --with=aes" on the 
>mkinitrd command-line.

I don't see that in the patch you attached. The patch appears to remove the
normal block device stuff and replace it with yours. It should take command line
parameters as you say, and branch around normal stuff.

>I'll release my code patches once I get them tidied up a bit.

Are they sync'ed with the patches current pending against mkinitrd? BZ #129673.
mkinitrd 4.0.5 doesn't work at all for many people. It is accidentally working
for everyone else. I have seen people leaving comments saying the patches I
submitted clear up their problems, so my guess is some or all of the patch will
get into mkinitrd 4.0.6 rsn.

Looking at bugzilla, there's already people trying to do the same thing. Look at

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124789

You may want to work with this effort.

>Currently the statically linked version of cryptsetup is 780K in size.

I bet its not stripped either.

Good Luck with this.

-Steve Grubb


		
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail