[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Root filesystem encryption patch set

From: Bill Nottingham <notting redhat com>
To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
Cc: Florian La Roche <laroche redhat com>
Subject: Re: Root filesystem encryption patch set
Date: Thu, 26 Apr 2007 23:37:08 -0400

Bruno Wolff III (bruno wolff to) said: 
> I think there had been an assumption that this person had been watching
> the bugzilla entry for encrypted file systems and would include patches
> posted there once people reported they were working OK. That assumption seems
> to have been incorrect.

The patches, as posted, are broken:

- they introduce a new configuration file when mkinitrd already has one
- they hardcode device names in the exact same way that /etc/crypttab
  does, meaning that it will fail in the exact same way with hotplugged
  drives or device ordering changes that /etc/crypttab does (and does
  with a vengeance in any FC6 -> F7 upgrade). Considering this is the
  root device, that's *bad*.

Bill

Follow-Ups:
- Re: Root filesystem encryption patch set
  - From: Thomas Swan

References:
- Root filesystem encryption patch set
  - From: Thomas Swan
- Re: Root filesystem encryption patch set
  - From: Josh Boyer
- Re: Root filesystem encryption patch set
  - From: Thomas Swan
- Re: Root filesystem encryption patch set
  - From: Josh Boyer
- Re: Root filesystem encryption patch set
  - From: Will Woods
- Re: Root filesystem encryption patch set
  - From: Bruno Wolff III
- Re: Root filesystem encryption patch set
  - From: Florian La Roche
- Re: Root filesystem encryption patch set
  - From: Bruno Wolff III

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]