Package: live-initramfs Version: 1.154.3-1 Severity: wishlist Tags: patch To use live-initramfs for the Gibraltar firewall distribution, I ported two missing features from my own mkinitrd-cd package to work as scripts/hooks within the initramfs-tools framework and plug into live-initramfs. Although most can be implemented this way, a minor patch is required for the "live" script to: - Call another set of scripts after finding the loopback image that is about to be mounted but just before actually mounting it. This allows to perform further checks at this stage. - Completely bypass the unionfs mounts so that this can be handled by custom distribution scripts during bootup. The reason is that even larger parts of the filesystem should remain read-only for security reasons. The attached patch is quite minor and non-intrusive and will not change any current functionality when the added options are not used. Please consider applying it so that the Debian package can be used without further changes. Thanks, Rene -- Package-specific info: -- System Information: Debian Release: 5.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.27-11-generic (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages live-initramfs depends on: ii busybox 1:1.10.2-2 Tiny utilities for small and embed ii file 4.26-2 Determines file type using "magic" ii initramfs-tools 0.92n tools for generating an initramfs ii sudo 1.6.9p17-1 Provide limited super user privile ii udev 0.125-7 /dev/ and hotplug management daemo ii user-setup 1.23 Set up initial user and password Versions of packages live-initramfs recommends: pn eject <none> (no description available) ii uuid-runtime 1.41.3-1 universally unique id library ii wget 1.11.4-2 retrieves files from the web Versions of packages live-initramfs suggests: pn curlftpfs <none> (no description available) pn genext2fs <none> (no description available) pn httpfs2 <none> (no description available) pn loop-aes-utils <none> (no description available) pn mtd-tools <none> (no description available) ii squashfs-tools 1:3.3-7 Tool to create and append to squas -- no debconf information
diff -r 6619a22cc6aa usr/share/initramfs-tools/scripts/live
--- a/usr/share/initramfs-tools/scripts/live Sun Dec 21 21:14:42 2008 +0100
+++ b/usr/share/initramfs-tools/scripts/live Mon Dec 22 14:25:13 2008 +0100
@@ -427,6 +427,11 @@
export PLAIN_ROOT
;;
+ skipunion)
+ SKIP_UNION_MOUNTS="Yes"
+ export SKIP_UNION_MOUNTS
+ ;;
+
root=*)
ROOT="${ARGUMENT#root=}"
export ROOT
@@ -1085,6 +1090,12 @@
do
imagename=$(basename "${image}")
+ export image devname
+ maybe_break live-realpremount
+ log_begin_msg "Running /scripts/live-realpremount"
+ run_scripts /scripts/live-realpremount
+ log_end_msg
+
if [ -d "${image}" ]
then
# it is a plain directory: do nothing
@@ -1242,8 +1253,12 @@
mount --bind ${exposedrootfs} ${rootmnt} || \
panic "bind mount of ${exposedrootfs} failed"
- cow_dirs='/var/tmp /var/lock /var/run /var/log /var/spool
- /home /var/lib/live'
+ if [ -z "${SKIP_UNION_MOUNTS}" ]; then
+ cow_dirs='/var/tmp /var/lock /var/run /var/log /var/spool
+ /home /var/lib/live'
+ else
+ cow_dirs=''
+ fi
for dir in ${cow_dirs}; do
mkdir -p /cow${dir}
Attachment:
signature.asc
Description: This is a digitally signed message part.