Brad Campbell <lists2...@fnarfbargle.com> writes: > On 02/01/16 02:18, Rainer Weikusat wrote: >> Steve Litt <sl...@troubleshooters.com> writes: >> >> [...] > >> For a real deployment, this is usually just humbug and can be replaced >> with a kernel containing the drivers necessary for mounting a root >> filesystem. > > That's nice, until you want to do something like an encrypted root, or > encrypted swap with suspend/resume. That's pretty hard without an > initramfs.
That's a different use-case: In this case, the initramfs is not needed because the kernel needs to load an a priori unknown set of modules in order to mount the root filesystem (although this will usually be done, too) but because "userspace stuff" is needed to make the filesystem accessible (LVM is another example of that). OTOH, there's litte reason to encrypt / unless the filesystem consists of a single, large partition and hence, it holds possibly sensitive information. The 'standard filesystem layout' I've meanwhile gravitated to is composed of three partitions, /, /usr and /data, the latter being used to hold /home, /var and /tmp (with / being a sychronously mounted ext2). Were I to use 'disk encryption', I would thus encrypt the data partition but not the other two. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
