[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?



I read the prior discussion as taking for granted the idea that one
must have only one method of identifying individual partitions, and
that that method must be the latest to have arrived on the scene. For
example, if everyone else in the world accepts your idea that
LABEL=sda1 on the partition that was /dev/sda1 when Debian was
installed is something that should *not*be*done*, *then* I can be very
confident that my disk will not cause problems *because*of*an*identity*
*clash*. The whole scenario is false anyway. Who would let a disk
arrives at his facility in the hands of a stranger be *mount*ed
without first putting it in a USB disk carrier and using some system
tools to take a look at what is recorded on it?  And why would I offer
my disk to anyone without *telling* them how it is labeled?

I see the argument here, mine as well as yours, as a clash of wildly
imaginative false scenarios. 

Peace.

On 20150401_1619-0500, David Wright wrote:
> Quoting Paul E Condon (pecondon@mesanetworks.net):
> 
> > You can also use disk LABEL=. As implemented, the LABEL is actually
> > applied to individual partition. As long as every partition has a
> > different LABEL values there is no ambiguity. You only need to have
> > unique values for partitions that you feel you will be mounting and
> > umounting. Partitions with no LABEL value set never get compared by
> > LABEL value.
> 
> That may be a problem for anyone using wheezy as it only appears to
> have UUIDs and LABELs, and not PARTUUIDs and PARTLABELs available.
> As discussed, only PARTXXXs are persistent. (If ever I let the Debian
> installer loose on my labelled swap partition, I have to relabel it
> afterwards.)
> 
> > The system has always insisted on setting a unique UUID
> > value on every partition. Its done that way because of a design
> > decision of Debian developers.
> 
> The world has decided that, not just DDs.
> 
> > But it has a tiny flaw that you can
> > avoid by using LABEL values, which YOU can be sure are unique because
> > you didn't do repeats, whereas UUIDs are randomly generated and there
> > is a tiny, but non-zero chance of repeats for UUIDs.
> 
> Oh, please. "Assuming uniform probability for simplicity, the
> probability of one duplicate would be about 50% if every person on
> earth as of 2014 owned 600 million GUIDs." (Wikipedia)
> 
> What if you're running a disk farm of several thousand drives?
> No, LABELs don't scale well.
> 
> > If I read your message above, you are having trouble understanding how
> > to use the UUID/PARTUUID system for identifying partitions on disks.
> > I suggest that you don't need to use it, and if you don't use it you
> > don't need to understand it.
> 
> That's ok until Debian does something behind your back that catches
> you out. For example, GRUB uses UUIDs, whereas I prefer LABELs. But I
> have to understand what GRUB/Debian Installer/Upgrade is doing so I
> can mitigate the effects.
> 
> > I was once troubled by a similar situation when Debian first started to
> > use UUID, until I realized that for some disks, I had no intention
> > of ever changing the partion structure that was put there initially.
> 
> Hm. Never say never.

Yes.

> 
> > For disks that I did have some special use and some ideas about how
> > that special use might change in the future, I put LABEL=... on their
> > partitions and used LABEL= paradigm to identify the partitions. This
> > is what I do with all my external drives. And I put sticker on the
> > outside of the drive enclosure with the LABEL= value written with a
> > ball point pen on it. It is my personal responsibility to myself that
> > I never put the same LABEL= value on two different disks.
> 
> I agree. All my disks, internal and external are named and labelled
> just so. But I have so few, and all in different rôles. If I had lots,
> I wouldn't bother.
>
> > You can even
> > put a LABEL= value on the root system disk that is always /dev/sda1
> > during installation. I suggest that you use LABEL=sda1.
> 
> Bad idea. The names should not be loaded with extra meaning. My
> partition labelling *is* overloaded: mama01, 02 ... but I'm prepared
> to live with the necessary constraints: creating them in the correct
> order, and not resizing/creating new partitions afterwards unless I
> make a clean sweep of it.
> 
> What if you/(s)he were to take a disk labelled sda1 and put it in
> another computer to clone/recover/whatever it. Now it sits in a box
> where there's a /dev/sda1 and a /dev/sdb1 but the latter is called
> sda1. A recipe for disaster.
> 
> > As I see it, the only benefit that you the user get from using the
> > UUID/PARTUUID system is that if some Linux user is browsing through
> > the internals of what is written on your disk, he may wonder where
> > you got the software to do that and treat you with a little more
> > respect. Let me assure you, you are not Rodney Dangerfield
> 
> Eh?
A very wild scenario, not to be taken seriously

> 
> Cheers,
> David.
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 20150401211903.GB21721@alum.home">https://lists.debian.org/[🔎] 20150401211903.GB21721@alum.home
> 

-- 
Paul E Condon           
pecondon@mesanetworks.net


Reply to: