Bug#536195: dropbear remote boot feature exposes initramfs host keys to regular users
hi!
maximilian attems wrote:
>> package defaults, /usr/share/initramfs-tools -> package defaults" were
>> in this manpage, too, that would have helped against people like me
>> not getting it. :)
>
> taking patches ;)
> latest git is on
> http://git.debian.org/?p=kernel/initramfs-tools.git;a=summary
ok, patch attached, please feel free to correct/improve as necessary.
>> hm. i just know about uswsusp dropping a file there, setting
[...]
> indeed that one should move please file wishlist bug against uswsusp
ok, will do that next.
> what be more neat is to have the initramfs of linux-2.6 the modules
> build on build time and just concatenated with the staff that is
> going on on your box, should reduce build time a lot too.
> this something for squeeze +1
sorry but i don't get that.
regards,
Chris
diff --git a/initramfs-tools.8 b/initramfs-tools.8
index 55d413a..4998dbd 100644
--- a/initramfs-tools.8
+++ b/initramfs-tools.8
@@ -9,9 +9,13 @@ will be used during different phases of execution. Each of these will be
discussed separately below with the help of an imaginary tool which performs a
frobnication of a lvm partition prior to mounting the root partition.
-Valid boot and hook scripts names consist solely of alphabetics, numerics
+Valid boot and hook script names consist solely of alphabetics, numerics
and underscores. Other scripts are discarded.
+Where two directories exist for the same task, the one below
+/usr/share/initramfs-tools/ is meant for scripts added by other packages,
+while the one below /etc/initramfs-tools/ is meant for manually added scripts.
+
.SS Hook scripts
These are used when an initramfs image is created and not included in the
image itself. They can however cause files to be included in the image.
diff --git a/mkinitramfs.8 b/mkinitramfs.8
index 5d3c42b..8f1fc7d 100644
--- a/mkinitramfs.8
+++ b/mkinitramfs.8
@@ -89,6 +89,7 @@ This option queries if mkinitramfs can create ramdisks for kernel version
The default configuration file for the script. See
.BR initramfs.conf (5)
for a description of the available configuration parameter.
+For configuration by other packages, files in /usr/share/initramfs-tools/conf-hooks.d/ will also be used for the same purpose. They will be sourced after initramfs.conf, thus settings from files from this directory will override settings from initramfs.conf.
.TP
.I /etc/initramfs-tools/modules
@@ -96,12 +97,14 @@ Specified modules will be put in the generated image and loaded when the system
.I /etc/modules,
which is described in
.BR modules (5).
+For configuration by other packages, files in /usr/share/initramfs-tools/modules.d/ will additionally be used for the same purpose.
.TP
.I /etc/initramfs-tools/conf.d
The conf.d directory allows to hardcode bootargs at initramfs build time
via config snippets. This allows to set ROOT or RESUME.
This is especially useful for bootloaders, which do not pass an root bootarg.
+For (default) configuration by other packages, files in /usr/share/initramfs-tools/conf.d/ will also be used for the same purpose (files from /usr/share/initramfs-tools/conf.d/ will be ignored if a file with the same name exists in /etc/initramfs-tools/conf.d/).
.TP
.I /etc/initramfs-tools/DSDT.aml
Reply to: