Hi all, On Tue, 12 Sep 2006 16:33:07 +0200, Lionel Elie Mamane wrote: > > what you want is a conf dir for build specific package specific > > settings. > > Actually, if we look at the details, I'm not sure the loopaes-utils > package should unconditionally set the umask of initramfs-tools, as > a significant portion of the users may have the package installed, > but not an encrypted _root_ filesystem. So in the best case, we would > want the loopaes hooks to be able to decide whether they touch the > umask or not at runtime (runtime = building the initramfs), but this > seems difficult at best. So, I suppose that the next best thing would > be to give the _administrator_ a way to change the umask. But that's > up to the maintainer of loopaes-utils, naturally.
The hook could still abort if it detects an encrypted root filesystem with a too permissive setting of UMASK, no? If it can do that, I think relying on the admin to configure it appropriately before it'll work would be reasonable. A configuration directory like the mkinitramfs.d maks described would still be very useful for setting up encrypted root on loop-AES from inside d-i (partman-crypto) though, as we will need to take care of configuration there and set UMASK=077 before the first initrd gets created. cheers, Max -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]