2015-09-11 19:03 GMT+01:00 Tuomas Tynkkynen <[email protected]>:
> 2015-09-11 15:05 GMT+03:00 Tomasz Czyż <[email protected]>: > > > > > > > Mhm, that's definitely not cool. I thought it will appear only inside > initrd > > image :[ > > A copy of the initrd is always kept in /nix/store, but also the .drv file > and > potentially any generated scripts (for building the initrd) might > contain the key. > > > Do you think is there any other way to put this key in initrd? > > GRUB supports loading multiple initrd images at once. For example, > on Arch Linux the generated grub.cfg contains this: > > menuentry 'Arch Linux' --class arch --class gnu-linux /* etc. */ { > # ... > initrd /boot/intel-ucode.img /boot/initramfs-linux.img > } > > So one approach would be to create a initrd with just the keyfile > (outside Nix), place it on the /boot partition, and then somehow > make the grub.cfg generator emit the proper initrd line(s). > wow, I was not aware that stuff is even possible. I have to read more about how to access stuff from the other initrd. Btw, I search through /nix/store and the key copied with "echp ${key} > /key" is not there, so probably it's only inside a script, which is still bad. Thanks a lot. Tom
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
