On Wed, 08 Aug 2007, der Mouse wrote:
> >>> As for root on cgd, are you aware of the init.root sysctl?
> 
> If this does what the code looks as though it will to single-user boots
> (strands you in the teensy cleartext root) it won't be acceptable for
> what I want.

Yes, that's what it does.

You can have a little script in the outer root filesystem to do whatever
you like, such as mount the encrypted disk and run another shell
chrooted inside it.  I make my outer /etc/rc take command line flags
for various special purposes, and I run "sh /etc/rc -foo" from the
single-user shell.  You could possibly even automate it via the outer
/.profile or /.shrc.

--apb (Alan Barrett)