On Wed, Aug 05, 2009 at 12:43:15AM +0200, Thomas Penteker wrote:
Hello together,
Hello Thomas,
just like before the CRUX 2.5 release I packed together a test iso with support for an ecrypted root partition (on setup-time).
I'd really like to get your feedback on this.
First thanks for you work, but again you are very late with it, because we released an official 2.6-test1 already. Adding new features after that is something we should avoid.
Technically speaking there were not much changes that had to be done to the ISO repository, the diff [1] is really tiny.
Cryptsetup and dependencies should be added to packages.opt if we need them as packages on the ISO. Adding opt/popt to the ISO might create hidden problems, because other (core)ports will link against popt if installed. Currently our ISO bootstrap process can not prevent that, so we have to carefully check all packages after the bootstrap.
A new package named cryptsetup-initrd got added and its name makes its purpose quite obvious: it will enable you to build the required initial ram disk that allows the system to decrypt / during startup. I put the raw package [2] up for review, too.
I guess your final idea is to have a versioned tarball somewhere for download and not to provide the two binaries within the port? Do we really need a binary port at all? It should be possible to create cryptsetup-static in opt/cryptsetup? Is the busybox binary in any kind special for cryptsetup or can we use a new busybox port for that purpose? TBH I'm not convinced yet. I'd like to see a more general way/recipe for CRUX to switch to an initrd based startup as an alternative. This might be necessary for other things as well, e.g. I've heard that the kernel md-autodetect feature will be removed sometimes so you have to configure your raid with mdadmin at boot-time. best regards Juergen -- Juergen Daubert | mailto:jue@jue.li Korb, Germany | http://jue.li/crux