<Adithya.Balakumar@toshiba-tsip.com> writes:
> Hi Philip
>
>> Very sorry about the slow reply -- a combination of debconf and family
>> holidays being rather distracting.
>
> No problem, Thanks for helping out with this.
>
>> I think I'd looked for that, and failed to find where the file was being
>> used.
>
> As I explained before, the created tmp file (tmpkbd.*) is referenced
> by in a script named `setupcon`(which is generated here[1]). This
> script is actually kept in '/bin/setupcon' in the initrd.
This conversation is probably not made clearer by the fact that there's
setupcon (outside the initrd) which generates setupcon (inside the
initrd) *sigh*
AFAICS $TMPFILE (configured to be tmpkbd.*) is being used in the (outer)
setupcon script in order to record the commands used in the (initrd)
setupcon that is being written to "$setupdir"/bin/setupcon
codesearch.debian.net seems to show that the two lines in (outer)
setupcon that refer to 'tmpkbd' are the only places where the string
'tmpkbd' occurs in Debian, so I'm assuming that $TMPFILE is the source
of your entropy -- please correct me if that's wrong.
$TMPFILE is then used to store a list of things that will need to be
copied to the initrd, and that list is then used to create
"$setupdir"/morefiles, but $TMPFILE looks like it ought to be in either
/run or /tmp, and those should be removed by the trap, so if it's ending
up under $setupdir, what is copying it there?
Your patch seems to assume that it is being copied in fileargs(), which
seems to imply that the tmpkbd.* filename is being passed as an argument
to one of the run() calls (if I'm reading the script correctly), but I
don't see where that's happening, and I don't yet understand why it's
happening.
If that _is_ what's happening, and if there's a good reason for it, then
I would think that the right place to fix the nondeterminism would be in
the run() call that's causing the copy to be made, rather than by
modifying the filename in fileargs(), but until I've understood what's
actually causing the 'tmpkbd.*' file to be copied into the initrd, it's
really quite hard to tell.
> Now, this script ('/bin/setupcon') is used in the initrd by the 'keymap' initrd script [2].
> In fact the 'keymap' hook script [3] is what is calling the setupcon script with the --setup-dir option.
>
> In my use case, this issue surfaced due to the use of the cryptsetup-initramfs package which triggers the run of the 'keymap' hook script by setting 'KEYMAP=y' here[4].
>
> There *maybe*(speculating, not sure) more packages which triggers this 'keymap' hook script.
>
> Apologies for this long answer. I hope this gives some context.
No, that's great, thanks -- anyway, my reply is longer :-/
The question that's still bothering me is:
Does anything within the resulting initrd actually make use of the
'keymap.*' file, and if so, where?
Cheers, Phil.
--
Philip Hands -- https://hands.com/~phil
Attachment:
signature.asc
Description: PGP signature