| 1 |
>On Sun, 2007-04-08 at 14:28 +0000, Nelson Batalha wrote: |
| 2 |
> > I chose Luks, (...) this will force us to use two loops, (performance |
| 3 |
>issues?). An |
| 4 |
> > alternative is loop-aes -> one loop only. |
| 5 |
> |
| 6 |
>Why do you need two loops? |
| 7 |
|
| 8 |
|
| 9 |
It's the way they work. Luks is ment for devices only, so we need to make |
| 10 |
one for him to work with, and then he unencrypts it in a new one. loop-aes |
| 11 |
is embedded in losetup, so when mounting squashfs we just need to give it a |
| 12 |
key ;). |
| 13 |
|
| 14 |
|
| 15 |
>OK. You're already steering off course. If you add cryptsetup to |
| 16 |
>boot/kernel/$kname/packages, genkernel will include it with --luks, so |
| 17 |
>you don't need to do anything in an initramfs overlay. |
| 18 |
|
| 19 |
Thanks, I wasn't sure how it worked, so I just mentioned a hack for now (it |
| 20 |
wasn't stupid :P). |
| 21 |
|
| 22 |
http://bugs.gentoo.org/show_bug.cgi?id=173766 |
| 23 |
|
| 24 |
>I'm not sure I'm following, but everything that goes into the squashfs |
| 25 |
>is already available to catalyst. We don't need to copy it all *again* |
| 26 |
>since it is at (by |
| 27 |
>default) /var/tmp/catalyst/tmp/default/livecd-stage2-whatever already. |
| 28 |
|
| 29 |
I follow you, but the problem is that we need to know the size of the final |
| 30 |
squashfs. |
| 31 |
|
| 32 |
Thing is, with luks, we need a "stupid" file initially that is going to be |
| 33 |
looped to be formatted in a squashfs. To create it, we need to know its |
| 34 |
size, preferebly not greater then necessary, since I *think* it's not |
| 35 |
possible to change the size of a file in a loop. |
| 36 |
|
| 37 |
*Unless* we know an estimate of how big will the squashfs be, the option is |
| 38 |
to make one and then create that file with the exact size. The problem is |
| 39 |
not *getting* the files, is to make the *exact* room for them ;). |
| 40 |
|
| 41 |
>I would much rather incorporate the support in catalyst directly, rather |
| 42 |
>than adding yet another spec file key that isn't necessarily a |
| 43 |
>single-purpose key. |
| 44 |
|
| 45 |
Cool, I'll look into it. If anyone offers to patch the *.py files I can do |
| 46 |
the rest and specify what it needs to be done. |
| 47 |
|
| 48 |
_________________________________________________________________ |
| 49 |
Express yourself instantly with MSN Messenger! Download today it's FREE! |
| 50 |
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ |
| 51 |
|
| 52 |
-- |
| 53 |
gentoo-catalyst@g.o mailing list |
Archives