[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFH: dropbear initramfs support

On 06/27/2015 02:19 PM, Guilhem Moulin wrote:
> Alright, that's it :-)  The changelog is pretty heavy because I also
> lintian-cleaned and modernized (using dh_* tools) the packages, as well as
> fixed most bugs:
> [...]
>     + Bring down interfaces and flush network configuration before existing
>       the ramdisk, to avoid misconfigured network in the regular kernel.
>       (Closes: #715048, #720987, #720988.)

Having just read the debian-devel thread: isn't it dangerous to do
that unconditionally?

Sure, if you have a normal system then you want to down your network
configuration for the aforementioned reasons, but if you additionally
also have root on NFS or iSCSI or something similar, then this would
break that. Also, dropbear didn't do that in the past, so this could
be seen as a regression for those kinds of systems.


 - activate the new feature by default (because that's probably the
   majority use case, root on network is probably not commonly used
   in this combination), but provide an option to switch it off

 - create a debian/NEWS entry informing people of this change (so
   they are informed on package upgrades) and they can then
   deactivate the setting if they need to

Just my 2 cents...

Other than that: thanks a lot for taking care of this as somebody
who's planning to use dropbear in initramfs soon (having stumbled
upon this just now in fact). It's very much appreciated.


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: