On Sun, 10 Nov 2024 at 20:28:10 -0400, k...@va1der.ca wrote: > However, I suggest whether or not the network adapter requirement is > documented (even if it wasn't documented it's a no-brainer), the resulting > behaviour of the script in the absence of a network adapter added to > /etc/initramfs-tools/modules is a bug and should be gracefully detected.
The hooked has been working since the beginning (for >10y). Autodetection for MODULES=dep would arguably warrant a *wishlist* bug (not #-1). It's impossible to cover all cases though, for instance a removable dongle not being plugged in at `update-initramfs` time. (That shortcoming is similar to what happens today with detachable keyboards and other devices.) > Imagine the scenario someone installs dropbear-initramfs and does not yet > get around to reading the full documentation. A reboot of the system at > that point can very easily cause loss of control of the system. Someone sets up remote unlocking and goes away without trying it first? YOLO… Also the package requires setting up authorized_keys and rebuilding the initramfs image for remote access to work, so will never be able to work outside the box. It's no different to openssh-server requiring post-install configuration (authorized_keys setup and possibly sshd_config adjustment) for remote access to the main system. > A package install alone should never render a system unbootable, which > this one can. No, preventing remote access to the initramfs image does not yield an unbootable system. -- Guilhem.
signature.asc
Description: PGP signature
