Re: RFC: live-initramfs 2.x features
Michael Prokop wrote:
>> what do you understand under 'display executed code', something like
>> what you'd see from set -x?
>
> Jepp. This would allow users to debug initramfs (and provide
> screenshots/logs to developers) without having to rebuild it
> manually (which sometimes just isn't possible at all).
if you boot current live-initramfs with e.g. debug=1, you do get
something almost like that already.
> Now, being annyoing for users it's something that can be fixed with
> the uuid approach that AFAICS comes from Ubuntu's Casper originally.
never used it myself, but will look into it that, at least, have this
method properly working. for normal users this is a good way to have the
problem solved.
> But if you're working in IT forensics and/or have special security
> requirements this won't be enough. Someone could prepare a device
> that fullfills the uuid requirements but provides a hacked
> filesystem which does "something you definitely don't want". ;) So
> you need additional ways to make sure you're booting the correct
> filesystem and that's what I'm currently working on.
once you have worked it out, and once we have the core features ready
again, please send patches ;)
--
Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email: daniel.baumann@panthera-systems.net
Internet: http://people.panthera-systems.net/~daniel-baumann/
Reply to: