Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Michael Decker <MDecker@×××××.de>
To: gentoo-hardened@l.g.o
Subject: [gentoo-hardened] rsbac_init and initrd / I don't get it to run
Date: Fri, 14 Jul 2006 06:59:27
Message-Id: 44B73FDD.9070606@tesis.de
1 Hi,
2
3 after last mailings I tried some different calls without any result...
4
5 I've encrypt my root with LUKS. I try to start with RSBAC... It doesn't
6 work... Here the important part of the initrd script [1]:
7 --- SNIP ---
8 mount /dev/mapper/root /new
9 cd /new
10 mkdir initrd
11 pivot_root . initrd
12
13 # Start init and flush ram device exec
14 chroot . /bin/sh <<- EOF >/dev/console 2>&1
15 umount initrd
16 rm -rf initrd
17 blockdev --flushbufs /dev/ram0
18 exec /usr/bin/rsbac_init /dev/mapper/root
19 EOF
20 --- SNAP ---
21
22 cryptsetup set the encrypted access to:
23 /dev/mapper/root
24
25 So I've tried some different calls of rcbac_init:
26 --- SNIP ---
27 /usr/bin/rsbac_init /
28 --
29 Error: RSBAC_EINVALIDTARGET
30 Kernel panic - not syncing : Attempted to kill init!
31 --------
32 /usr/bin/rsbac_init
33 --
34 /usr/bin/rsbac_init (RSBAC 1.2.5)
35 ***
36 /usr/bin/rsbac_init root_dev
37
38 root_dev: root device to initialize from, e.g. /dev/sda1
39 Kernel panic - not syncing : Attempted to kill init!
40 --------
41 /usr/bin/rsbac_init /new
42 --
43 Error: No such file or directory
44 Kernel panic - not syncing : Attempted to kill init!
45 --------
46 /usr/bin/rsbac_init /dev/mapper/root
47 --
48 Error: No such file or directory
49 Kernel panic - not syncing : Attempted to kill init!
50 --- SNAP ---
51
52 None works...
53
54 How should I change my script, that it could work?
55
56 Thanks a lot
57
58 Best regards,
59 Michael
60
61 [1]
62 http://gentoo-wiki.com/SECURITY_Encrypting_Root_Filesystem_with_DM-Crypt_with_LUKS#Initrd_Scripts
63 --
64 Michael Decker Michael.Decker@×××××.de
65 TESIS SYSware GmbH http://www.tesis.de
66 Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0
67
68 --
69 gentoo-hardened@g.o mailing list
Report Message
Find on MARC Find on Google Groups