Bug 475399 - livecd-tools: use ext2, fill crypt target with /dev/urandom first, handle password typos
livecd-tools: use ext2, fill crypt target with /dev/urandom first, handle pas...
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: livecd-tools (Show other bugs)
rawhide
All Linux
low Severity medium
: ---
: ---
Assigned To: Jeremy Katz
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-12-08 22:05 EST by Matt Domsch
Modified: 2008-12-19 13:57 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-12-19 13:57:10 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
livecd.patch (1.71 KB, patch)
2008-12-08 22:05 EST, Matt Domsch
no flags Details | Diff

  None (edit)
Description Matt Domsch 2008-12-08 22:05:08 EST
Created attachment 326256 [details]
livecd.patch

Description of problem:
1) ext2 should be nicer than ext3 for flash.  There's no good reason to journal with the flash, and it just chews up write cycles.

2) if you're going to use an encrypted volume, it's best to pre-fill the volume with random data.  Using /dev/urandom, it's fast enough.  Only do this for non-sparse-file-backed encrypted home.  Could arguably drop sparse-file-backed encrypted home and do this everywhere, but that would definitely be slower.

3) if any of the cryptsetup commands fail (bad password typed), keep trying.  Otherwise, a typo means the whole process dies badly and you have to start from scratch.

Version-Release number of selected component (if applicable):
git head
Comment 1 Jeremy Katz 2008-12-19 13:57:10 EST
Not journaling increased the chances of ending up with a corrupted /home in cases of, eg, just turning the computer off.

Went ahead and pushed the other bits, though

Note You need to log in before you can comment on or make changes to this bug.