| 1 |
Hi, |
| 2 |
|
| 3 |
does no one have an idea, what here happens? |
| 4 |
|
| 5 |
Best regards, |
| 6 |
Michael |
| 7 |
|
| 8 |
-------- Original Message -------- |
| 9 |
From: Michael Decker <MDecker@×××××.de> |
| 10 |
To: RSBAC Discussion and Announcements <rsbac@×××××.org>, |
| 11 |
gentoo-hardened@l.g.o |
| 12 |
Subject: [gentoo-hardened] Gentoo / RSBAC / Encrypted Root / Unmount fails |
| 13 |
Date: Tue Jul 11 2006 10:11:43 GMT+0200 |
| 14 |
|
| 15 |
|
| 16 |
> Hi, |
| 17 |
> |
| 18 |
> could somebody help me to solve this problem. I try to encrypting whole |
| 19 |
> root device by doing this howto: |
| 20 |
> |
| 21 |
> |
| 22 |
> So my booting fails caused by an unmount error. |
| 23 |
> |
| 24 |
> On booting an own created initrd will be started to open luks encrypted |
| 25 |
> filesystem, so this last steps of linuxrc-script [2] fails (on umount |
| 26 |
> command): |
| 27 |
> |
| 28 |
> --- SNIP --- |
| 29 |
> pivot_root . initrd |
| 30 |
> |
| 31 |
> # Start init and flush ram device exec |
| 32 |
> chroot . /bin/sh <<- EOF >/dev/console 2>&1 |
| 33 |
> umount initrd |
| 34 |
> rm -rf initrd |
| 35 |
> blockdev --flushbufs /dev/ram0 |
| 36 |
> exec /sbin/init ${CMDLINE} |
| 37 |
> EOF |
| 38 |
> --- SNAP --- |
| 39 |
> |
| 40 |
> So I get this error: |
| 41 |
> --- SNIP --- |
| 42 |
> EXT3 FS on dm-0, internal journal |
| 43 |
> EXT3-fs: dm-0: 1 orphan inode deleted |
| 44 |
> EXT3-fs: recovery complete. |
| 45 |
> EXT3-fs: mounted filesystem with journal data mode. |
| 46 |
> 0000000037|rsbac_free_dat_dentry(): freeing dat dir dentries |
| 47 |
> 0000000038|do_umount() [sys_umount()]: umount failed -> calling |
| 48 |
> rsbac_mount for Device 01:00 |
| 49 |
> --- SNAP --- |
| 50 |
> |
| 51 |
> I've run the kernel with this options: |
| 52 |
> --- SNIP --- |
| 53 |
> Kernel command line: root=/dev/ram0 rw init=/linuxrc rsbac_softmode |
| 54 |
> console=ttyS0,57600 console=tty0 |
| 55 |
> --- SNAP --- |
| 56 |
> |
| 57 |
> Is this a RSBAC problem? Do I have to modify the script [2]? Perhaps |
| 58 |
> could somebody give a suggestion? |
| 59 |
> |
| 60 |
> Best regards, |
| 61 |
> Michael Decker |
| 62 |
> |
| 63 |
> [1] |
| 64 |
> http://gentoo-wiki.com/SECURITY_Encrypting_Root_Filesystem_with_DM-Crypt_with_LUKS |
| 65 |
> [2] |
| 66 |
> http://gentoo-wiki.com/SECURITY_Encrypting_Root_Filesystem_with_DM-Crypt_with_LUKS#Initrd_Scripts |
| 67 |
|
| 68 |
-- |
| 69 |
Michael Decker Michael.Decker@×××××.de |
| 70 |
TESIS SYSware GmbH http://www.tesis.de |
| 71 |
Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0 |
| 72 |
|
| 73 |
-- |
| 74 |
gentoo-hardened@g.o mailing list |
Archives