init, pivot_root, chroot, etc ...
this question does not pertain specifically to debian-boot,
but it deals with things which i think the readers of this list have a
particular knowledge of, so here goes:
My main root partition is /dev/hda2, and it is encrypted via ppdd.
I have a "maintenance"/"fake" root partition at /dev/hda6.
Right now my system boots to an initrd, which runs a linuxrc written by
the ppdd author which basically prompts you for a password, mounts the
"real" root, and then for its finale does a pivot_root/chroot to the
encrypted partition via a 'exec chroot . sh -c "exec init"'.
or something like that.
i've been banging my head against the wall trying to figure out a way to
"inject" a sshd in there somewhere, so you can enter your passwords over
the net. (i'm aware of the security implicatation, but it would be nice
for emergency situations).
calling cryptcat in the linuxrc script. this works, but then i can't
enter passwords at the tty ! apparently signals (ctrl-c) cannot be caught in
the linuxrc script either ? i tried a script that catches this signal
then asked for the passwords from the tty.
just booting into a stripped down (single user like) mode.
then executing a script to mount the encrypted partition, and doing a
"exec chroot . sh -c 'exec init 3'".
init doesn't like this cause it is not PID 1.
it can't talk to this pipe /dev/initctl in the chroot environment i
guess. Could I make a symbolic link from the chroot'ed /dev/initctl
file to the original /dev/initctl you think ?
I've also thought about just running minit in the chroot environment.
I was thinking, since all programs are either started from a tty or from
ssh, if i just ran minit and spawned some gettys and started up sshd,
then all processes would inherit this new chroot environment.
Interestingly, if i boot into single user mode, and then execute the
change_to_encrypted_root script, init is not bothered.
this is no doubt because of the "wait" in the inittab (i think).
somehow i don't think ~~:S:wait:/usr/sbin/sshd would work ...
Is there any reason not to use minit as a sort of "sub" process root ?
I noticed a lsof shows init still "rooted" to the old root (now at
/mnt/hda6/sbin/init). Is there anything amatter with this ?