Subject: Re: cgd root [was Re: enabling cgd by default]
To: None <tech-kern@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-kern
Date: 08/08/2007 23:16:50
>> Well, once cgd grows the prompt-from-kernel - see below.
> I'm not clear that there's a concrete difference between
> prompt-from-kernel and cgdconfig(8)-linked-into-kernel-image.
When restricted to use with root-on-cgd, I'm not sure there is. When
not so restricted, there definitely is - I mentioned some of the
differences briefly a few messages upthread.
>> I dunno. I don't like that sort of "boot a minimalist root and run
>> some userland, then switch to the _real_ root" setup, but I haven't
>> managed to pin down a basis for my dislike enough to say anything
>> useful about it. It's certainly better from a "mechanism, not
>> policy" point of view, so I'm not sure what I dislike about it.
>> I'll have to think about this.
I think maybe I have some idea now. It feels to me like going too far
in the "mechanism not policy" direction. It's kind of like, "what do
you mean you want a C compiler? you can do in assembly anything you can
do in C": this is going to rather extreme lengths constructing
elaborate scaffolding to work around the lack of a conceptually fairly
simple feature.
This is not really surprising; as the Jargon File mentions, part of the
hacker psychology is a tendency to take uninteresting problems,
generalize them enough to make them interesting, and solve the
generalizations, thereby solving the original problems as special
cases. This strikes me as an example of that tendency carried a good
deal too far; I think that's what I dislike about it. Or part of, at
least; it occurs to me that another part is that it is doing a
conceptually simple thing (encrypting "the whole disk") in a way that
demands skill with some fairly arcane and difficult-to-use tools. Even
with all my years working with BSDs, I don't know how to go about
building an md root into the kernel; and, while *I* am competent to
build a filesystem image to go into the ramdisk, as long as FFS is ok,
I wouldn't expect most people - or even most sysadmins who want to
encrypt their disks - to be.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@rodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B