Root filesystem encryption patch set
notting at redhat.com
Fri Apr 27 03:37:08 UTC 2007
Bruno Wolff III (bruno at wolff.to) said:
> I think there had been an assumption that this person had been watching
> the bugzilla entry for encrypted file systems and would include patches
> posted there once people reported they were working OK. That assumption seems
> to have been incorrect.
The patches, as posted, are broken:
- they introduce a new configuration file when mkinitrd already has one
- they hardcode device names in the exact same way that /etc/crypttab
does, meaning that it will fail in the exact same way with hotplugged
drives or device ordering changes that /etc/crypttab does (and does
with a vengeance in any FC6 -> F7 upgrade). Considering this is the
root device, that's *bad*.
More information about the fedora-devel-list