[arch-projects] [PATCH initscripts 0/4] allow random seed to be loaded before cryptsetup
From: Matthew Monaco
From: Matthew Monaco
From: Matthew Monaco
From: Matthew Monaco
From: Matthew Monaco
Hi Matthew,
On Wed, Mar 14, 2012 at 1:27 AM, Matthew Monaco
The ultimate goal here is FS#17131. I couldn't quite tell the best approach in some places from looking at the existing code because there's a little bit of everything.
Thanks for the patches. I'll just make some high-level remarks and I'll look at the details later: Patch 1, 2 and 4 look good in principle. However, patch 3 (implementing the FS) has an issue (which is the reason this has not been implemented yet). That is, it will not work as expected if /var is encrypted. In my opinion the proper solution for this is to split the crypttab handling into two parts: one that does not use /dev/urandom and one that does (which should be done after the random seed has been initialized. I know that Dave has been looking into refactoring the crypttab stuff, and hopefully that should make it much easier to make this happen.
I wanted to keep the status text in rc.sysinit. Is this worthwhile?
I think that is a good idea wherever possible. -t
On 03/13/2012 07:46 PM, Tom Gundersen wrote:
Hi Matthew,
On Wed, Mar 14, 2012 at 1:27 AM, Matthew Monaco
wrote: The ultimate goal here is FS#17131. I couldn't quite tell the best approach in some places from looking at the existing code because there's a little bit of everything.
Thanks for the patches. I'll just make some high-level remarks and I'll look at the details later:
Patch 1, 2 and 4 look good in principle.
However, patch 3 (implementing the FS) has an issue (which is the reason this has not been implemented yet). That is, it will not work as expected if /var is encrypted.
This is why prior to cryptsetup is just an attempt. If that isn't possible, then it's still performed in the same spot as before.
In my opinion the proper solution for this is to split the crypttab handling into two parts: one that does not use /dev/urandom and one that does (which should be done after the random seed has been initialized. I know that Dave has been looking into refactoring the crypttab stuff, and hopefully that should make it much easier to make this happen.
Yes, it'd be nice to run cryptsetup on as much as possible early, and then use volums with a major/minor 1/{8,9} later.
I wanted to keep the status text in rc.sysinit. Is this worthwhile?
I think that is a good idea wherever possible.
-t
On Wed, Mar 14, 2012 at 1:53 AM, Matthew Monaco
On 03/13/2012 07:46 PM, Tom Gundersen wrote:
However, patch 3 (implementing the FS) has an issue (which is the reason this has not been implemented yet). That is, it will not work as expected if /var is encrypted.
This is why prior to cryptsetup is just an attempt. If that isn't possible, then it's still performed in the same spot as before.
Yeah, your approach is strictly speaking better than what we have now, and if there was no other way I'd go with it. However, since it still leaves out one usecase (encrypted /var + encrypted swap) that can be fixed by reshuffling the crypttab stuff a bit, I'd rather we do that. -t
participants (2)
-
Matthew Monaco
-
Tom Gundersen