Re: cgd on root

To: tech-kern%netbsd.org@localhost
Subject: Re: cgd on root
From: Cem Kayali <cemkayali%eticaret.com.tr@localhost>
Date: Sun, 10 Feb 2008 19:38:35 -0800 (PST)



Jan Danielsson-3 wrote:
> 
> Hello all,
> 
>    I have a new laptop, on which I want to use a cgd'd root. I assumed I
> would run into the same problems I encountered on my other computer, and
> I was right (see PR 36963). In fact, it was even worse -- I couldn't
> even get it to create multiple ttyE's; I was stuck with the console.
> Installing without init.root makes the system a lot more useful. (Both
> systems are running NetBSD/amd64 4.0).
> 
>    So, it's pretty obvious what I need to do: I need to implement an
> alternative way of getting cgd on root (or, rather, root on cgd).
> 
>    I've been reading source code for the last couple of days, to get an
> idea of where to start.
> 
>    This is what I am thinking.
> 
>    The following are added to the kernel-config:
> 
>       option CGD_IS_ROOT
>       option CGDROOT_HW_DEV    wd0a
>       option CGDROOT_DEV       cgd0
>       option CGDROOT_PARAMFILE rootkey0
> 
>    So, what does this mean? The first option is straightforward. The
> second tells the kernel which slice which contains the cgd'd root. The
> third the cgd device, and the fourth requires some explaining.
> 
>    The big question is where to store the cgd parameter file. My goal is
> to be able to boot from an USB memory stick. It should contain the
> kernel I boot from, and the parameter file, so I have a separation
> between the hard drive containing the root, and the parameter file.
> 
>    But how do I read the parameter file without a root file system (I
> don't want to have to mount root on the memory key, because then I'd be
> stuck with it, afaict. And a memory disk would just lead to the troubles
> of init.root). I was thinking about sticking the parameter file in a
> kernel device. Something like "mdsetimage", but which stores an
> arbistrary file in a kernel image.
> 
>    makekerndevfile <kernel> <devname> <filename>
> 
>    # makekerndevfile netbsd rootkey0 ~/rootkey.cgd
> 
>    When the kernel boots, it can access the contents of the file as a
> device (rootkey0), without using a filesystem. I'm not particularly fond
> of this idea, to be honest, but it'll get the work done.
> 
>    I got the tip, on IRC, to look into using property lists for storing
> the parameter file. Is this a route I should look into more? What files
> are relevant to read if I want to understand more about them?
> 
>    The problems, as far as I can see:
> 
>    1) N-factor keys won't be supported (easily).
> 
>    2) Hardcoding root to be located on the 'a'-slice in the cgd-device
> maybe isn't the neatest of solutions, but it'll do for now.
> 
>    3) Recursive cgd container configurations aren't supported (are they
> normally?).
> 
>    Come to think of it, it would be much better if CGD_IS_ROOT,
> CGDROOT_HW_DEV, CGDROOT_DEV, CGDROOT_PARAMFILE could simply use the
> "config netbsd root on ? type ?" configuration specification in some
> manner.
> 
>    config netbsd root on cgd0a
> 
>    Hmm.. I need to look into that.
> 
>    Ideas, hints, tips, requests are very welcome.
> 
> 
>    Questions will surely follow.
> 
> -- 
> Kind regards,
> Jan Danielsson
> 
> 
> 
>  
> 

If you want to protect /root only, why not create a symlink for root "ln -s
/home/root /root"? /home is in cgd of course. It works.

Regards,



-----
  
  
  
----------------

Cem Kayalı

-- 
View this message in context: 
http://www.nabble.com/cgd-on-root-tp15396126p15405101.html
Sent from the tech-kern mailing list archive at Nabble.com.

Follow-Ups:
- Re: cgd on root
  - From: Jan Danielsson

References:
- cgd on root
  - From: Jan Danielsson

Prev by Date: Re: cgd on root
Next by Date: Re: cgd on root
Previous by Thread: Re: cgd on root
Next by Thread: Re: cgd on root
Indexes:

Home | Main Index | Thread Index | Old Index