[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto
Subject:    Re: Questions on boot time crypto-swap for Debian
From:       Marc Mutz <Marc () Mutz ! com>
Date:       2002-03-31 16:33:41
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sunday 31 March 2002 16:51, Dale Amon wrote:
> I'm trying to work out how to cleanly integrate a
> cryptoswap option into the normal rcS.d scripts, but
> seem to be stuck in a catch-22.
>
> I have to set up the swap partition before the first
> swapon -a; this occurs in S10checkroot.sh.
>
> Since a system might be running devfs, I also have
> the constraint of doing it after S01devfsd; so all
> would seem okay... except that I need /dev/urandom,
> and it is not available until S55urandom because it
> writes files in /var/lib.

is the urandom script the one that restores the entropy pool? If so, why does 
it come so late? This should only require reading a file and cat'ing it to 
/dev/random.

> The root fs is not writeable until after S10checkroot.sh,
> so I can't change the sequence.
>
> Does anyone see a way out of this quandary?

What's wrong with adding a S56encrypted-swap with essentially
swapoff -a
<for each swap device>
  <set up>
  <mkswap>
<done>
swapon -a

Marc

- -- 
Marc Mutz <mutz@kde.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8pzpl3oWD+L2/6DgRAj7hAJ9hdQDIqf/nlCbswgtQrvUF7mmqbgCfR8xn
72RrWxy5hgUzV5piOzA/15U=
=Bi0u
-----END PGP SIGNATURE-----

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

[prev in list] [next in list] [prev in thread] [next in thread]