On Sat, 2006-04-29 at 14:03 +0100, Karanbir Singh wrote: > > I've made a modified version of the initscript package. This adds > > support for using dm-crypt encrypted filesystems on boot. > > > > It allows encrypted swap, and encrypted storage directories. However, > > it's not really designed for having an encrypted root filesystem > > (although it could possibly be adapted without too much hassle). > > > > I have a source RPM available here: > > http://www.jethrocarr.com/packages/SRPMS/initscripts-7.93.24.EL-1.1.1.centos4.jethrocarr.src.rpm > > can you post a diff -u .patch for the buildroot ? or do it for Source > and one for .spec Patch for the source code available here: http://patches.jethrocarr.com/initscripts-7.93.24.EL-encryptedfs.patch Patch for the .spec file attached to this email. > > I wasn't sure what to name it, so I added a .1 and my name to the > > release name. Feel free to change this to suit if you do decide to add > > it to one of the repos. :-) > > look at some of the .specs from the centosplus repo ( which is where > this package will head into, if accepted. ) - specially look at the > ?dist tag added in Release: the buildsystem will replace those > DistTag's to make some sense automatically. hmm... The packages in the centosplus repo all appear to have different naming schemes. :-/ If you pointed me at an example that you think is the right way, I can take a look at it. :-) > > Usage details and configuration for the encrypted filesystems are > > in /etc/sysconfig/enc-fstab. > > One thing that is important is that for packages you do submit mod's for > - do you intend to keep maintaining them and ensure that any security / > bug fix related errata from upstream / developers is incorporated in a > timely fashion ? > > ( not sure how relevant that would be here, since dm-crypt and > cryptsetup is already in the distro and tracked from upstream ) Because it is an extra package, I will reapply the patch and create a new RPM if a newer version of the initscripts RPM is released. I like to keep the packages that I use secure. :-) I'm going to see if there is any encrypted fs support in the latest version of fedora - if the patch went upstream to the initscripts developers it would be nice - could end up in future releases of RHEL. ;-) -- Jethro Carr www.jethrocarr.com www.jethrocarr.com/index.php?page=cv/cv.php -------------- next part -------------- A non-text attachment was scrubbed... Name: initscripts-spec.patch Type: text/x-patch Size: 1831 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20060430/f40f0463/attachment-0007.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20060430/f40f0463/attachment-0007.sig>