[crux-devel] CRUX 2.6 Testiso with dm-crypt support
jue at jue.li
Wed Aug 5 08:52:56 UTC 2009
On Wed, Aug 05, 2009 at 12:43:15AM +0200, Thomas Penteker wrote:
> Hello together,
> just like before the CRUX 2.5 release I packed together a test iso with
> support for an ecrypted root partition (on setup-time).
> I'd really like to get your feedback on this.
First thanks for you work, but again you are very late with it,
because we released an official 2.6-test1 already. Adding new
features after that is something we should avoid.
> Technically speaking there were not much changes that had to be done to the
> ISO repository, the diff  is really tiny.
Cryptsetup and dependencies should be added to packages.opt if we
need them as packages on the ISO.
Adding opt/popt to the ISO might create hidden problems, because
other (core)ports will link against popt if installed. Currently
our ISO bootstrap process can not prevent that, so we have to
carefully check all packages after the bootstrap.
> A new package named cryptsetup-initrd got added and its name makes its purpose
> quite obvious: it will enable you to build the required initial ram disk that
> allows the system to decrypt / during startup.
> I put the raw package  up for review, too.
I guess your final idea is to have a versioned tarball somewhere for
download and not to provide the two binaries within the port?
Do we really need a binary port at all? It should be possible to
create cryptsetup-static in opt/cryptsetup? Is the busybox binary
in any kind special for cryptsetup or can we use a new busybox port
for that purpose?
TBH I'm not convinced yet. I'd like to see a more general way/recipe
for CRUX to switch to an initrd based startup as an alternative.
This might be necessary for other things as well, e.g. I've heard that
the kernel md-autodetect feature will be removed sometimes so you have
to configure your raid with mdadmin at boot-time.
Juergen Daubert | mailto:jue at jue.li
Korb, Germany | http://jue.li/crux
More information about the crux-devel