On Fri, 2010-08-20 at 15:10 +0000, The Fungi wrote: > This argument is somewhat circular, in that the machine from which > I'm typing this message has /usr as part of the / filesystem, all of > which is LUKS encrypted, and the generic Debian initrd is handling > it just fine. Some built-in logic to look for a keyfile on > removeable media when decrypting / would be a nice addition, but at > least there are scripts available which make this fairly easy to > enable manually. Of course,.. but only because your /usr is on the root-fs.
And there are many good reasons to put it on its own fs, as already outlayed here... And there is not only dmcrypt,... for other techniques it might make sense to apply them not to the root-fs but only to the others,... If we'd put all the necessary logic into the initrd, they'd get much bigger, which is not the best thing. Cheers, Chris. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1282337104.3231.27.ca...@fermat.scientia.net
