** revised patch putting the update message inside the if statement
-----------------------------------------------------------------------
Installing a new kernel does not trigger the regeneration of initramfs &
vmlinuz with cryptsetup included leading to an unbootable system.
If /etc/crypttab contains "luks" initramfs is regenerated. If
people with LVM partitions also have this problem - the if condition
could be changed to check for /dev/mapper in /etc/fstab
Maybe update the wiki for a LUKS installation with my notes at:
http://bugs.alpinelinux.org/issues/2684
This is the only issue I've had running LVM on top of LUKS.
---
main/linux-grsec/linux-grsec.post-install | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
create mode 100644 main/linux-grsec/linux-grsec.post-install
diff --git a/main/linux-grsec/linux-grsec.post-install b/main/linux-grsec/linux-grsec.post-install
new file mode 100644
index 0000000..98bb01e
--- /dev/null+++ b/main/linux-grsec/linux-grsec.post-install
@@ -0,0 +1,17 @@
+#!/bin/sh++NORMAL="\033[1;0m"+STRONG="\033[1;1m"+GREEN="\033[1;32m"++print_green() {+ local prompt="${GREEN}${STRONG}$1 ${NORMAL}"+ printf "${prompt} %s\n"+}++if grep luks /etc/crypttab 1>/dev/null; then+ print_green "Rebuilding Initramfs for LUKS / Cryptsetup"+ apk fix linux-grsec+fi++exit 0
NACK.
This is the wrong place and wrong way to do it. Calling apk from apk
hook can dead-lock.
Additionally, this means you'd need to add it to _all_ kernel images,
which is not good.
You should instead modify mkinitfs trigger to monitor /boot and make it
regenerate things if /boot is changed and luks is found in crypttab.
- Timo
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---