[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Serveur with encrypted partition : 2 steps boot.

Le 22/04/2013 01:19, Bob Proulx a écrit :
Erwan David wrote:
Ok, here is a policy-rc.d which does not work :
Since I led you down this road I set up a test system.  I have been
using policy-rc.d in chroots seemlingly forever and they definitely
work there.  They definitely prevent package upgrades from starting

   invoke-rc.d: policy-rc.d denied execution of restart.

But that is through dpkg and postinst scripts.  When I set up a test
VM system and booted it I was shocked to find that it didn't work.
Just like you found the daemons were still started at boot time.

   Starting Postfix Mail Transport Agent: postfix.

Am I completely misunderstanding the documentation on this?  Maybe.
If so then I am sorry for misleading you along with me.  I am
researching the problem.  I think this is completely against the
documented interface.


I added some traces in my policy-rc.d (to a file in /root), and got the following resullt : boot does not use it (should be startpar), /sbin/service does not use it, only invoke-rc.d, which seems to be only used in postinst for restarting a service.

My solution for the moment is to disable those services (thus losing the information about their starting order) through update-rc.d disable (which also means each upgrade will now get polluted by messages saying their start runlevel are different from default) and starting them from my encrypted partition mounting script.

Reply to: