Hi, this question does not pertain specifically to debian-boot, but it deals with things which i think the readers of this list have a particular knowledge of, so here goes:
My main root partition is /dev/hda2, and it is encrypted via ppdd. I have a "maintenance"/"fake" root partition at /dev/hda6. Right now my system boots to an initrd, which runs a linuxrc written by the ppdd author which basically prompts you for a password, mounts the "real" root, and then for its finale does a pivot_root/chroot to the encrypted partition via a 'exec chroot . sh -c "exec init"'. or something like that. i've been banging my head against the wall trying to figure out a way to "inject" a sshd in there somewhere, so you can enter your passwords over the net. (i'm aware of the security implicatation, but it would be nice for emergency situations). I've tried: 1 calling cryptcat in the linuxrc script. this works, but then i can't enter passwords at the tty ! apparently signals (ctrl-c) cannot be caught in the linuxrc script either ? i tried a script that catches this signal then asked for the passwords from the tty. 2 just booting into a stripped down (single user like) mode. then executing a script to mount the encrypted partition, and doing a "exec chroot . sh -c 'exec init 3'". init doesn't like this cause it is not PID 1. it can't talk to this pipe /dev/initctl in the chroot environment i guess. Could I make a symbolic link from the chroot'ed /dev/initctl file to the original /dev/initctl you think ? I've also thought about just running minit in the chroot environment. I was thinking, since all programs are either started from a tty or from ssh, if i just ran minit and spawned some gettys and started up sshd, then all processes would inherit this new chroot environment. 3 Interestingly, if i boot into single user mode, and then execute the change_to_encrypted_root script, init is not bothered. this is no doubt because of the "wait" in the inittab (i think). ~~:S:wait:/sbin/sulogin somehow i don't think ~~:S:wait:/usr/sbin/sshd would work ... %^) Is there any reason not to use minit as a sort of "sub" process root ? I noticed a lsof shows init still "rooted" to the old root (now at /mnt/hda6/sbin/init). Is there anything amatter with this ? cheers, e -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
