X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from mail-la0-f45.google.com (mail-la0-f45.google.com [209.85.215.45]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id B994FDC0110 for ; Tue, 11 Feb 2014 08:07:36 +0000 (UTC) Received: by mail-la0-f45.google.com with SMTP id b8so5580853lan.18 for ; Tue, 11 Feb 2014 00:07:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:in-reply-to:references :mime-version:content-type:content-transfer-encoding; bh=e+ri7g7OXlUyAs6UPmJCrCt6wYxaWu0tuKTNW+rs5yk=; b=QoEUcjrDZFKckfTnkcrjACneBUAxI2KVpB0klKH0kqadSrdkd96/7Y99GwkJzIWTtK 4PM9qQqjbNqyvEGD2LjsRG7Cb7537RsOzFMWoSdhkWXiuDcssZX8sLbzi45rz1oMxx/u XzogwVVL/ClcWPpT9Xyxsw9TfW4F2vVrmUjG7pqgMbDFjj4MR1NADAPCNxjFxXP7fXWA 90577NFnmdBN9piI8qAe9QZerctLApNdbPiV+kykwygDzxoiFWXPWhVxwNIBH0R69rt1 AWet7MCb2J3r6VqVBeB9gejhBAUM6xzXIZ/SgX6oqM74RPwDVJV1VSp9mjN7WexNmJgr wfCQ== X-Received: by 10.112.180.72 with SMTP id dm8mr24191602lbc.28.1392106052233; Tue, 11 Feb 2014 00:07:32 -0800 (PST) Received: from vostro ([2001:1bc8:101:f402:21c:23ff:fefc:bf0b]) by mx.google.com with ESMTPSA id yq2sm26348275lab.3.2014.02.11.00.07.32 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Feb 2014 00:07:32 -0800 (PST) Sender: =?UTF-8?Q?Timo_Ter=C3=A4s?= Date: Tue, 11 Feb 2014 10:08:12 +0200 From: Timo Teras To: IT Offshore Cc: alpine-devel@lists.alpinelinux.org Subject: Re: [alpine-devel] [PATCH] Main/linux-grsec - small patch for LUKS initramfs (revised) Message-ID: <20140211100812.02dcc2ac@vostro> In-Reply-To: <1392087272-21022-1-git-send-email-developer@it-offshore.co.uk> References: <1392087272-21022-1-git-send-email-developer@it-offshore.co.uk> X-Mailer: Claws Mail 3.9.3 (GTK+ 2.24.20; i486-alpine-linux-uclibc) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Tue, 11 Feb 2014 02:54:32 +0000 IT Offshore wrote: > ** revised patch putting the update message inside the if statement > ----------------------------------------------------------------------- > Installing a new kernel does not trigger the regeneration of > initramfs & vmlinuz with cryptsetup included leading to an unbootable > system. > > If /etc/crypttab contains "luks" initramfs is regenerated. If > people with LVM partitions also have this problem - the if condition > could be changed to check for /dev/mapper in /etc/fstab > > Maybe update the wiki for a LUKS installation with my notes at: > > http://bugs.alpinelinux.org/issues/2684 > > This is the only issue I've had running LVM on top of LUKS. > --- > main/linux-grsec/linux-grsec.post-install | 17 +++++++++++++++++ > 1 file changed, 17 insertions(+) > create mode 100644 main/linux-grsec/linux-grsec.post-install > > diff --git a/main/linux-grsec/linux-grsec.post-install > b/main/linux-grsec/linux-grsec.post-install new file mode 100644 > index 0000000..98bb01e > --- /dev/null > +++ b/main/linux-grsec/linux-grsec.post-install > @@ -0,0 +1,17 @@ > +#!/bin/sh > + > +NORMAL="\033[1;0m" > +STRONG="\033[1;1m" > +GREEN="\033[1;32m" > + > +print_green() { > + local prompt="${GREEN}${STRONG}$1 ${NORMAL}" > + printf "${prompt} %s\n" > +} > + > +if grep luks /etc/crypttab 1>/dev/null; then > + print_green "Rebuilding Initramfs for LUKS / Cryptsetup" > + apk fix linux-grsec > +fi > + > +exit 0 NACK. This is the wrong place and wrong way to do it. Calling apk from apk hook can dead-lock. Additionally, this means you'd need to add it to _all_ kernel images, which is not good. You should instead modify mkinitfs trigger to monitor /boot and make it regenerate things if /boot is changed and luks is found in crypttab. - Timo --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---