hi!
maximilian attems wrote:
> egrep UMASK /etc/initramfs-tools/initramfs.conf
> UMASK=0077
>
> this was not yet documented in initramfs.conf.5,
> will be in next upload.
ah ic.
in this case i guess it were a good idea to automatically set UMASK=0077 in the
initramfs config when installing dropbear.
regarding initramfs-tools:
when trying to locate the best[tm] place to put this, i first got a bit
confused, and concluded with these findings regarding intramfs-tools in the end:
/etc/initramfs-tools/conf.d/ modularized 'initramfs.conf',
i.e. used to configure mkinitramfs et al.
/usr/share/initramfs-tools/conf-hooks.d/ like
/etc/initramfs-tools/conf.d/.
/usr/share/initramfs-tools/conf.d/ copied to the initramfs into
conf/, i.e. used to configure stuff when booting the initramfs.
/etc/initramfs-tools/hooks/ hook scripts used to create
initramfs.
/usr/share/initramfs-tools/hooks/ like
/etc/initramfs-tools/hooks/.
/etc/initramfs-tools/scripts/ scripts used when booting the
initramfs.
/usr/share/initramfs-tools/scripts/ like
/etc/initramfs-tools/scripts/.
/usr/share/initramfs-tools/hooksconf.d/ unused?
/etc/initramfs-tools/modules modules to load when booting
the initramfs.
/usr/share/initramfs-tools/modules like
/etc/initramfs-tools/modules.
/usr/share/initramfs-tools/modules.d/ modularized 'modules'
i find duplicate places to put something quite a bit irritating. is there some
functional advantage i just don't get?
otherwise i'd suggest adding an /etc/initramfs-tools/modules.d/, removing all
the duplicate places keeping the /etc/initramfs-tools/* versions, and removing
the hooksconf.d/. also i don't think it would be wrong to move the
/usr/share/initramfs-tools/conf.d/ to something like
/etc/initramfs-tools/initramfs-conf.d/, and also move the hook-functions and
init to /etc/initramfs-tools/ - so the whole /usr/share/initramfs-tools/ could
be spared.
in case of general approval, i'd provide a patch for this and could also take
care to provide patches for the packages currently using /usr/initramfs-tools/
as far as i know of them (currently that would be: cryptsetup, dropbear,
uswsusp, udev).
hm. actually that could be optimized even more. for example when building a
cryptroot+dropbear initramfs, the host keys and authorization info for the
initramfs is created and saved into /etc/initramfs-tools/ (in etc/ and root/).
a kind of 'initramfs template root' could be created (e.g.
/etc/initramfs-tools/template/ or /etc/initramfs-tools/initramfs/), and the
mentioned etc/ and root/ could be moved there. scripts/, conf/conf.d/,
conf/modules and conf/modules.d/ (i.e. all the stuff that is meant to end up in
the initramfs) could be moved there, too, so when creating an initramfs, this
template dir could simply be used as a starting point. this way mkinitramfs
could be reduced in complexity quite a bit i guess, while this should also add
some degree of transparency and also flexibility for future features (esp.
features by other packages, i guess).
of course i'd also be happy to provide a patch for this, in case it is regarded
as a good thing [tm].
and to answer my initial question, i guess using conf.d/ for modularized
configs done by other packages is a good idea. :)
regarding dropbear:
patch for the dropbear package attached.
gerrit, in case you approve of this patch but would like me to open a bug for
dropbear with this patch, please just drop me a short note.
regards,
Chris
diff -pruN ../a/dropbear-0.52/debian/initramfs/dropbear-conf ./dropbear-0.52/debian/initramfs/dropbear-conf
--- ../a/dropbear-0.52/debian/initramfs/dropbear-conf 2010-03-25 11:42:21.000000000 +0100
+++ ./dropbear-0.52/debian/initramfs/dropbear-conf 2010-03-25 11:48:38.000000000 +0100
@@ -6,3 +6,12 @@
#
#DROPBEAR=y
+
+#
+# UMASK: [ 4-DIGIT OCTAL UMASK ]
+#
+# umask to use when creating an initramfs
+#
+
+UMASK=0077
+
diff -pruN ../a/dropbear-0.52/debian/rules ./dropbear-0.52/debian/rules
--- ../a/dropbear-0.52/debian/rules 2010-03-25 11:42:21.000000000 +0100
+++ ./dropbear-0.52/debian/rules 2010-03-25 12:13:46.000000000 +0100
@@ -92,9 +92,9 @@ install: deb-checkdir deb-checkuid build
'$(DIR)'/usr/share/initramfs-tools/scripts/init-bottom
install -m0755 debian/initramfs/bottom-dropbear \
'$(DIR)'/usr/share/initramfs-tools/scripts/init-bottom/dropbear
- install -d -m0755 '$(DIR)'/usr/share/initramfs-tools/conf-hooks.d
+ install -d -m0755 '$(DIR)'/etc/initramfs-tools/conf.d
install -m0644 debian/initramfs/dropbear-conf \
- '$(DIR)'/usr/share/initramfs-tools/conf-hooks.d/dropbear
+ '$(DIR)'/etc/initramfs-tools/conf.d/dropbear
# man pages
install -d -m0755 '$(DIR)'/usr/share/man/man8
for i in dropbear.8 dropbearkey.8; do \
