 |
 |
 |
 |
| Security and Privacy Sadly, malware, spyware, hackers and privacy threats abound in today's world. Let's be paranoid and secure our penguins, and slam the doors on privacy exploits. |
22nd December 2009, 01:27 AM
|
|
Registered User
|
|
Join Date: Feb 2009
Posts: 13
 
|
|
|
how to remove boot mount of dm-crypt LUKS md1
Hello,
When I upgraded from FC11 to FC12 of the encrypted raid partitions started to request password on boot (in FC11 not having references to encrypted md1 in fstab and crypttab, was enough for FC11 not to ask for passwords on boot) despite the fact that I removed /etc/crypttab and there is nothing in /etc/fstab relating to encrypted md1 (raid array). I want my machine to boot w/o asking me passwords for encrypted devices, and I will open and mount them myself manually after boot. Any ideas and/or help will be appreciated.
|
22nd December 2009, 06:17 AM
|
|
Registered User
|
|
Join Date: Feb 2009
Posts: 13
|
|
Quote:
Originally Posted by JEO
|
Thanks, thats exactly it.
I wonder if there is a possible workaround though.
Last edited by skiffx; 22nd December 2009 at 06:20 AM.
|
22nd December 2009, 10:17 PM
|
|
Registered User
|
|
Join Date: Jan 2006
Posts: 2,769
|
|
|
Fedora 11 used the mkinitrd package instead of dracut. If mkinitrd is still available for F12 it may be possible to use it instead. (at least until they fix dracut)
---------- Post added at 02:17 PM CST ---------- Previous post was at 10:17 AM CST ----------
Follow up:
Yes, mkinitrd is still available for F12 but not installed by default. I installed it with yum and renamed the initramfs file in /boot and used mkinitrd to generate a new initramfs file and it booted ok on my system.
|
23rd December 2009, 05:10 AM
|
|
Registered User
|
|
Join Date: Aug 2009
Location: Hungary
Age: 37
Posts: 17
|
|
|
Jeo thanks for your tip on using mkinitrd instead of dracut. Can you give me a step-by-step method howto recreate the initramfs file properly?
I preupgraded from F11 to F12, have encrypted / and /home partitions and dracut always tries to open all other encrypted partitions on boot (there are 3 more encrypted luks partitions I rarely use). Moreover the rd_LUKS_UUID=... kernel parameter doesn't work with the current version of dracut.
Thanks in advance.
|
23rd December 2009, 06:13 AM
|
|
Registered User
|
|
Join Date: Feb 2009
Posts: 13
|
|
Quote:
Originally Posted by guybrush
Jeo thanks for your tip on using mkinitrd instead of dracut. Can you give me a step-by-step method howto recreate the initramfs file properly?
I preupgraded from F11 to F12, have encrypted / and /home partitions and dracut always tries to open all other encrypted partitions on boot (there are 3 more encrypted luks partitions I rarely use). Moreover the rd_LUKS_UUID=... kernel parameter doesn't work with the current version of dracut.
Thanks in advance.
|
Add your name to the buglist on RH link above so they will notice us faster.
|
23rd December 2009, 04:45 PM
|
|
Registered User
|
|
Join Date: Jan 2006
Posts: 2,769
|
|
|
Step by step,
1) install mkinitrd package
su -
yum install mkinitrd
2) Use it
cd /boot
ls -ld init*
(from the output of the previous command note the current initramfs file and rename it, yours won't necessarily be the same as mine).
mv initramfs-2.6.31.6-166.fc12.i686.img initramfs-2.6.31.6-166.fc12.i686.old
(to see all the mkinitrd options type mkinitrd --help)
mkinitrd -v initramfs-2.6.31.6-166.fc12.i686.img 2.6.31.6-166.fc12.i686
3) make sure you can access the grub boot menu in case something goes wrong, ensure the timeout is nonzero in /boot/grub/grub.conf, and it's a good idea to have a rescue media handy. I use the netinstall iso since it's the smallest in size.
|
23rd December 2009, 06:55 PM
|
|
Registered User
|
|
Join Date: Feb 2009
Posts: 13
|
|
|
guybrush, if you are going to try it, let us know if you succeed.
|
23rd December 2009, 07:52 PM
|
|
Registered User
|
|
Join Date: Aug 2009
Location: Hungary
Age: 37
Posts: 17
|
|
Fabulous...
Re-creating the initramfs image with mkinitrd did the trick. There are no error messages at boottime and the boot itself is much quicker. So it works.
Interestingly the newly created image is much smaller than the original one...
One more question: do I have to always re-create the image whenever a new kernel appears in the repos?
Thanks again JEO. 
|
23rd December 2009, 08:02 PM
|
|
Registered User
|
|
Join Date: Jan 2006
Posts: 2,769
|
|
|
The image size is smaller because mkinitrd only puts the kernel boot driver modules in that it detects that you actually need, whereas dracut provides all possible kernel boot modules (so the ramdisk file is over 10MB with dracut and under 4MB with mkinitrd).
You will have to run mkinitrd again after each kernel update because kernel updates for F12 will call dracut.
|
24th December 2009, 03:22 AM
|
|
Registered User
|
|
Join Date: Aug 2009
Location: Hungary
Age: 37
Posts: 17
|
|
Yesterday I had no time to check everything was fine.
Now I discovered the following message in my .xsession-error right after logging in to Gnome:
shm_open() failed: Permission denied
Now the permission for /dev/shm/ is:
Code:
drwxr-xr-x. 2 root root 40 2009-12-24 04:02 /dev/shm
With the dracut-style initramfs image it was:
drwxrwxrwt.
Where can I set those permissions back to 777 permamently?
|
24th December 2009, 05:40 AM
|
|
Registered User
|
|
Join Date: Jan 2006
Posts: 2,769
|
|
|
Try adding the following line to /etc/rc.d/rc.local
chmod 1777 /dev/shm
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
Current GMT-time: 08:03 (Saturday, 25-05-2013)
|
|
 |
 |
 |
 |
|
|
