encrypted root fs

ankscorek · 01-31-2006, 02:00 AM

i have done everything successfully that is required to create an encrypted file system

my lilo.conf

# Partition 1: Linux GUI mode
image = /boot/vmlinuz
root = /dev/hdb1
label = linux
append = ""
read-only

# Partition 2: Linux
image = /boot/vmlinuz-2.6.12
root = /dev/hdb1
label = 2.6.12
append = ""
read-only
# Partition 3: Linux
image = /boot/tamu/vmlinuz-slackware-hda1
root = /dev/hda1
label = slackware-hda1
read-only

# Partition 4: Linux
image = /boot/vmlinuz-2.6.12
root = /dev/ram0
#init=/linuxrc
initrd=/boot/myinitrd
label = vector-hdb5
read-only

partition 4 is my encrypted partition.. when i do this
#lilo
i get no error

when i tyr to boot into this crypted fs i ge ta kernel panic saying that no init found..

the corresponding grub entry is as under

default 0
timeout 5
splashimage=(hd0,0)/grub/splash.xpm.gz

title=Linux (2.6.11)
root (hd0,0)
kernel (hd0,0)/bzImage-2.6.11 root=/dev/ram0 rw init=/linuxrc
initrd (hd0,0)/myinitrd

pl help

and yes i forgot here is the o/p of

#lilo -v

LILO version 22.5.9, Copyright (C) 1992-1998 Werner Almesberger
Development beyond version 21 Copyright (C) 1999-2004 John Coffman
Released 08-Apr-2004 and compiled at 00:18:50 on May 21 2004.

Warning: LBA32 addressing assumed
Reading boot sector from /dev/hda
Warning: Kernel & BIOS return differing head/sector geometries for device 0x80
Kernel: 38792 cylinders, 16 heads, 63 sectors
BIOS: 1023 cylinders, 240 heads, 63 sectors
Warning: Kernel & BIOS return differing head/sector geometries for device 0x81
Kernel: 16383 cylinders, 255 heads, 63 sectors
BIOS: 1023 cylinders, 240 heads, 63 sectors
Using BITMAP secondary loader
Calling map_insert_data
Warning: The boot sector and map file are on different disks.
Mapping bitmap file /boot/bitmap/boot.bmp -> boot-shine256.bmp
Calling map_insert_file

Boot image: /boot/vmlinuz -> vmlinuz-scsi-2.4.29
Added linux *

Boot image: /boot/vmlinuz-2.6.12
Added 2.6.12

Boot image: /boot/tamu/vmlinuz-slackware-hda1
Added slackware-hda1

Boot image: /boot/vmlinuz-2.6.12
Mapping RAM disk /boot/myinitrd
Added vector-hdb5

Writing boot sector.
/boot/boot.0300 exists - no boot sector backup copy made.

qwijibow · 02-01-2006, 08:14 PM

Quote:

#init=/linuxrc

because you hashed out the init= line.

when booting an initrd, you need to pass init=/path/to/de-crypt-script to the kernel.. usually people name this /linuxrc.

ankscorek · 02-03-2006, 01:10 AM

when i had not hashed it our it was not recognising the init line

after i hashed it out it gave me th eabove o/p

qwijibow · 02-03-2006, 01:09 PM

is the initrd path correct ?
does the initrd filesystem contain a linuxrc script
is the linuxrc script executable ?

ankscorek · 02-03-2006, 10:50 PM

here is the linuxrc file

#chown -x /linuxrc

#!/bin/sh
export PATH=/bin:/sbin

# Get cmdline from proc
mount -t proc proc /proc
CMDLINE=`cat /proc/cmdline`
# Create /dev/mapper/control nod for udev systems
sh devmap_mknod.sh
umount /proc

# Mount real root and change to it
sleep 1
cryptsetup -y luksOpen /dev/hdb5 root
while test $? -ne 0; do
cryptsetup -y luksOpen /dev/hdb5 root;
done
# If you use JFS, check the filesystem before mounting to make sure it's clean.
# If it's not clean, mounting will fail.
# fsck.jfs /dev/mapper/root
mount /dev/mapper/root /new
cd /new
mkdir initrd
pivot_root . initrd

# Start init and flush ram device
exec chroot . /bin/sh <<- EOF >/dev/console 2>&1
umount initrd
rm -rf initrd
blockdev --flushbufs /dev/ram0
exec /sbin/init ${CMDLINE}
EOF