Root filesystem encryption update
pjones at redhat.com
Wed Jun 20 14:27:55 UTC 2007
Thomas Swan wrote:
> I think we might be putting the cart before the horse.
I'm *sure* we're putting the cart before the horse -- that's what Jeremy
and I have been getting at. It's possible to solve these problems, but
there are other things that need to be done before we'll have a good
solution. More on that below.
> A user would be thawing from hibernation on a machine with an
> *existing* installation. Therefore language, and keymaps would have
> been chosen (during installation) prior to the hibernate operation.
Yeah, we can definitely store something that's right /some/ of the time.
Just be aware that there are lots of corner cases. As an example, I
often suspend my laptop before driving to work in the morning. When it
resumes, it's in a docking station and there's a different keyboard,
with a somewhat different key map.
It's not that getting a password from the user on resume is an
intractable problem, but that there are steps to be taken before we can
solve it in a way that maintains the level of quality and support
expected of Fedora. We've got (some of) the filesystem technology to do
this, and that's one piece. Another piece is getting video mode setting
into the kernel so we can display the graphics required for non-European
languages early on in a cleaner way than e.g. svgalib, without having to
pull in all of X. There's work going forward on this.
Point being, it's a complex feature, and a lot of the traffic on the
list seems to ignore many aspects of why.
More information about the fedora-devel-list