--rqzD5py0kzyFAOWN
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Feb 03, 2007 at 09:22:28PM +0100, Jan Danielsson wrote:
> Lubomir Sedlacik wrote:
> [---]
> > fyi, cgd(4) can handle / for quite some time.  i use this setup for
> > almost two years, since Apr 2005:
> [---]
>=20
>    Hey -- that's cool!
>=20
>    But ... how? :-)
>=20
> I need to store some files in /etc/cgd/. Keeping /etc encrypted would
> create a Catch-22 situation for me. How do you get around that problem?

there is some information in:

 http://ftp.NetBSD.org/pub/NetBSD/misc/salo/init-chroot/

all the paches are in the tree for almost a year.

basically, you boot a kernel with a very simple md(4) image which
contains all you need to configure/fsck/mount the cgd(4) volume and then
run init(8) in a chroot from within.  you can even store it on an
external device, e.g., usb disk on key. (i personally boot my laptop
=66rom LAKS Memory watches: http://tinyurl.com/yuzkpz )

i've been meaning to write a HOWTO into the cgd(4) chapter of the NetBSD
Guide for some time now, but i still haven't gotten around to do it..

also, it would be nice to have some more elegant way how to build
a kernel with a custom ramdisk within build.sh.

let me know if you want my current ramdisk source for testing.


regards,

--=20
-- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org>   --

--rqzD5py0kzyFAOWN
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (NetBSD)

iD8DBQFFxPHziwjDDlS8cmMRAkerAKCKqsnM0WH8kZw88jvE9v6SvgkkfQCfdPFV
y+nkMHpWv5OY5loUmqR+pB0=
=kcOE
-----END PGP SIGNATURE-----

--rqzD5py0kzyFAOWN--