:: Re: [DNG] Giving Devuan sans-initra…
Top Page
Delete this message
Reply to this message
Author: Rainer Weikusat
Date:  
To: dng
Subject: Re: [DNG] Giving Devuan sans-initramfs capabilities
Brad Campbell <lists2009@???> writes:
> On 02/01/16 02:18, Rainer Weikusat wrote:
>> Steve Litt <slitt@???> writes:
>>
>> [...]
>
>> For a real deployment, this is usually just humbug and can be replaced
>> with a kernel containing the drivers necessary for mounting a root
>> filesystem.
>
> That's nice, until you want to do something like an encrypted root, or
> encrypted swap with suspend/resume. That's pretty hard without an
> initramfs.


That's a different use-case: In this case, the initramfs is not needed
because the kernel needs to load an a priori unknown set of modules in
order to mount the root filesystem (although this will usually be done,
too) but because "userspace stuff" is needed to make the filesystem
accessible (LVM is another example of that).

OTOH, there's litte reason to encrypt / unless the filesystem consists
of a single, large partition and hence, it holds possibly sensitive
information. The 'standard filesystem layout' I've meanwhile gravitated
to is composed of three partitions, /, /usr and /data, the latter being
used to hold /home, /var and /tmp (with / being a sychronously mounted
ext2). Were I to use 'disk encryption', I would thus encrypt the data
partition but not the other two.