Hi,
after last mailings I tried some different calls without any
result...
I've encrypt my root with LUKS. I try to start with
RSBAC... It doesn't
work... Here the important part of the initrd script [1]:
--- SNIP ---
mount /dev/mapper/root /new
cd /new
mkdir initrd
pivot_root . initrd
# Start init and flush ram device exec
chroot . /bin/sh <<- EOF >/dev/console 2>&1
umount initrd
rm -rf initrd
blockdev --flushbufs /dev/ram0
exec /usr/bin/rsbac_init /dev/mapper/root
EOF
--- SNAP ---
cryptsetup set the encrypted access to:
/dev/mapper/root
So I've tried some different calls of rcbac_init:
--- SNIP ---
/usr/bin/rsbac_init /
--
Error: RSBAC_EINVALIDTARGET
Kernel panic - not syncing : Attempted to kill init!
--------
/usr/bin/rsbac_init
--
/usr/bin/rsbac_init (RSBAC 1.2.5)
***
/usr/bin/rsbac_init root_dev
root_dev: root device to initialize from, e.g. /dev/sda1
Kernel panic - not syncing : Attempted to kill init!
--------
/usr/bin/rsbac_init /new
--
Error: No such file or directory
Kernel panic - not syncing : Attempted to kill init!
--------
/usr/bin/rsbac_init /dev/mapper/root
--
Error: No such file or directory
Kernel panic - not syncing : Attempted to kill init!
--- SNAP ---
None works...
How should I change my script, that it could work?
Thanks a lot
Best regards,
Michael
[1]
http://gentoo-w
iki.com/SECURITY_Encrypting_Root_Filesystem_with_DM-Crypt_wi
th_LUKS#Initrd_Scripts
--
Michael Decker Michael.Decker tesis.de
TESIS SYSware GmbH http://www.tesis.de
Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0
--
gentoo-hardenedgentoo.org mailing list
|