NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: root-on-cgd revisited



On Mon, Aug 17, 2009 at 3:38 AM, Jan
Danielsson<jan.m.danielsson%gmail.com@localhost> wrote:
> Hello,
>
>   Some background: I used to use an encrypted root when I was running
> NetBSD/i386 4.0. Then I upgraded to an "amd64"-system, and the
> root-on-cgd wouldn't work any longer. See PR 36963
> (http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=36963). The
> method I was using was to boot to a memory disk based file system, and
> use sysctl init.root to switch root after cgd had been configured on top
> of wd0a.

<snip>

>   - I feel that the kernel solution is much more "natural" (to the end
> user). You just set the root device to cgd0 in the kernel config, set up
> the appropriate parameters for cgd0, and boot the kernel off a memory
> stick or cd.
>   - Adding root-on-cgd-support to sysinstall would be trivial.
>   - No special memory disk kernel is required. Even the GENERIC one
> would suffice. You only need to be able to specify the root device and
> cgd parameters in boot.cfg.
>


I don't know if I requiring a netboot/cdrom is really "natural" as it
limits your flexibility a fair amount.



>   Arguments against specific kernel support:
>
>   - Security issues. Asking the user for input directly in kernel code
> is a bad idea. While I agree with this argument conceptually, a simple
> password prompt is easy to get right. We're not going to echo any
> characters even. There's no complicated readline:ish interface.
>   - Requires changes to the kernel, whereas the init.root doesn't.
> Well, that's not entirely true. The init.root method requires PR 36963
> to be fixed.
>
>   Arguments for the init.root solution:
>   - There's a nifty shell you drop out to if you shut down to single
> user mode, which can be used for maintenance.
>

Does this open the door for any other really great features?  Live
kernel updates or something?

>
>   Also, I'd like to add two additional points:
>   - I believe init.root should be fixed. Having the possibility to drop
> out to a maintenance memory disk image is a neat idea, if you have use
> for such a thing. But for me spending time trying to fix init.root won't
> fix the other issues I have with it (as listed above).
>   - I have no idea if my kernelized solution will work in the end. :)
>  But I'm giving it a try.
>


Home | Main Index | Thread Index | Old Index