Root filesystem encryption patch set

Bill Nottingham notting at
Fri Apr 27 03:37:08 UTC 2007

Bruno Wolff III (bruno at said: 
> I think there had been an assumption that this person had been watching
> the bugzilla entry for encrypted file systems and would include patches
> posted there once people reported they were working OK. That assumption seems
> to have been incorrect.

The patches, as posted, are broken:

- they introduce a new configuration file when mkinitrd already has one
- they hardcode device names in the exact same way that /etc/crypttab
  does, meaning that it will fail in the exact same way with hotplugged
  drives or device ordering changes that /etc/crypttab does (and does
  with a vengeance in any FC6 -> F7 upgrade). Considering this is the
  root device, that's *bad*.


More information about the fedora-devel-list mailing list