On Mon, 20 Nov 2023 at 11:24:00 +0100, Yannik Sembritzki wrote: > I just had a look at your patch. I think it's the right idea to rather use > what is already there, instead of always creating our own stuff/overwriting > existing /etc/passwd and /etc/nsswitch. > > Thank you!
You're welcome :-) > There is only one thing I don't understand: > The patch still uses a random /root-XXXXX if a root directory doesn't exist > yet. (As is the case with default initramfs-tools) > I understand that I can fix that with the custom hook, but why not just make > this deterministic by default? > Right now, this creates an extra hurdle for users to find what is breaking > the reproducability, understand the dropbear hook (or find this bug) and > create the custom hook. > Is this really necessary? I'm not keen to use a name containing ‘dropbear’ since ~root doesn't belong to src:dropbear, and creating a generic name has a risk of collision with hooks from other packages (and/or custom hooks). Furthermore, using a deterministic name now with the option to change later might cause trouble to people hardcoding the name (not something recommended of course, but people do that anyway). IMHO the remaining part of the fix belongs to initramfs-tools. If the maintainers want to take care of setting up the root user and its homedir we'll remove the fallback in dropbear-initramfs and just tighten the version number of its dependency. -- Guilhem.
signature.asc
Description: PGP signature
