:: Re: [DNG] /usr to merge or not to m…
Top Page
Delete this message
Reply to this message
Author: Olaf Meeuwissen
Date:  
To: Dr. Nikolaus Klepp
CC: dng
Subject: Re: [DNG] /usr to merge or not to merge... that is the question??
Hi Nik,

Dr. Nikolaus Klepp writes:

> [...] The initrams tool provide a handy way to inspect/modify/rebuild
> initrd. But the debian documentation on how initrd works is wrong: it
> assumes a one part archive (which is what you would expect), but in
> fact it is a 2 part archive (first part uncomressed, second
> compressed). Take a look at /usr/bin/unmkinitramfs line 50 ff to see
> how it works. Also look at the referenced linux/lib/earlycpio.c for
> further detail. The most important point is this: processes started
> in initrd survive switch_root. There goes your "full disk encryption"
> myth.


Not sure I understand what's going on but if you have an unencrypted
/boot, you, by definition, don't have full disk encryption.

I'm using libreboot as my BIOS and have *all* of /dev/md0 encrypted. My
BIOS asks me for a password to decrypt whatever is in /boot.

Are you implying that even in my scenario the "full disk encryption"
myth goes out of my window?

Hope this helps,
--
Olaf Meeuwissen, LPIC-2            FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Software                        https://my.fsf.org/donate
 Join the Free Software Foundation              https://my.fsf.org/join