initrd, nash and encrypted hda

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



hello group

i am trying to encrypt my hard disk with fc3 test3, device-mapper and dm-crypt. i found out that this task is much more difficult than i toughed... so if i may ask some questions?

1.) whats the difference between 
      kernel /vmlinuz-2.6.8-1.541 rw root=LABEL=/
    and
      kernel /vmlinuz-2.6.8-1.541 rw root=/dev/ram0
in grub.conf. What is this LABEL-thing for? Where is defined /=>hda3?

2.) nash isn't capable to read userinput. what's the right solution to get around that? 

3.) why is bash started from nash not able to read userinput as well? 
it produces "read: read error: 0: Bad file descriptor"

4.) if i replace nash completely with bash i've got trouble with the "kernel"-line in grub.conf (the root=/dev/ram0) and the device_mapper. even if i say:

echo $pass | /bin/cryptsetup create rootfs /dev/hda3
/bin/mount -r -n -t ext3 /dev/mapper/rootfs /mnt

in the init, hda2 gets mapped to root somhow?!

5.) what is the "mkrootdev /dev/root" in init for? from where it gets the information of the rootfs-location?

Uhhh, any help on this topic really appreciated. Maybe someone knows a tutorial on this topic (with kernel 2.6 and dm-crypt)?

Thanks you very much

bernd


System Setup:
-------------

Ramdisk:
.
|-- bin
|   |-- bash
|   |-- cryptsetup
|   |-- hotplug -> /sbin/nash
|   |-- insmod
|   |-- modprobe -> /sbin/nash
|   |-- nash
|   |-- udev
|   `-- udevstart -> udev
|-- dev
|   |-- console
|   |-- null
|   |-- ram
|   |-- systty
|   |-- tty1
|   |-- tty2
|   |-- tty3
|   `-- tty4
|-- etc
|   `-- udev
|       `-- udev.conf
|-- init
|-- lib
|   |-- BusLogic.ko
|   |-- aes-i586.ko
|   |-- dm-crypt.ko
|   |-- dm-mod.ko
|   |-- ext3.ko
|   |-- jbd.ko
|   |-- ld-linux.so.2
|   |-- libc.so.6
|   |-- libdevmapper.so.1.00
|   |-- libdl.so.2
|   |-- libtermcap.so.2
|   |-- scsi_mod.ko
|   `-- sd_mod.ko
|-- loopfs
|-- mount-crypt.sh
|-- proc
|-- sbin -> bin
|-- sys
`-- sysroot

--- begin init -------------------------------------------------------
#!/bin/nash
mount -t proc /proc /proc
setquiet
echo Mounted /proc filesystem
echo Mounting sysfs
mount -t sysfs none /sys
echo Creating /dev
mount -o mode=0755 -t tmpfs none /dev
mknod /dev/console c 5 1
mknod /dev/null c 1 3
mknod /dev/zero c 1 5
mkdir /dev/pts
mkdir /dev/shm
echo Starting udev
/sbin/udevstart
echo -n "/sbin/hotplug" > /proc/sys/kernel/hotplug
echo "Loading scsi_mod.ko module"
insmod /lib/scsi_mod.ko
echo "Loading sd_mod.ko module"
insmod /lib/sd_mod.ko
echo "Loading BusLogic.ko module"
insmod /lib/BusLogic.ko
echo "Loading jbd.ko module"
insmod /lib/jbd.ko
echo "Loading ext3.ko module"
insmod /lib/ext3.ko
echo "Loading aes-i586.ko module"
insmod /lib/aes-i586.ko
echo "Loading dm-mod.ko module"
insmod /lib/dm-mod.ko
echo "Loading dm-crypt.ko module"
insmod /lib/dm-crypt.ko
echo Creating root device
mkrootdev /dev/root
umount /sys
echo Mounting root filesystem
/mount-crypt.sh
mount -t tmpfs --bind /dev /sysroot/dev
echo Switching to new root
switchroot /sysroot
umount /initrd/dev
--- end init ---------------------------------------------------------

--- begin mount-crypt.sh ---------------------------------------------
#!/bin/bash
pass1="sux"
count="0"
while [ "$pass1" != "$pass2" ]
do
        if [ "$count" = "3" ] ; then
                echo "System halted!"
                exit 0
        fi
        if [ "$count" != "0" ] ; then
                echo "Passwords don't match!"
        fi
        echo -n "Password for mounting root fs: "
        read -s pass1
        echo
        echo -n "Repeat: "
        read -s pass2
        echo
        count=$(( $count + 1 ))
done
echo "Ok! mounting root file system"
pass=$pass2
echo $pass | /bin/cryptsetup create rootfs /dev/root
/bin/mount -r -n -t ext3 /dev/mapper/rootfs /sysroot
--- end mount-crypt.sh -----------------------------------------------






[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux