| Wyzard | cast: You can encrypt your entire system by using a dm-crypt volume as an LVM PV |
| sn0 | oh i see the notebook pic now |
| Wyzard | cast: You'll just need a small partition for /boot which isn't encrypted |
| sn0 | cool :) |
| cast | Wyzard: well, i don't want that. there's no point encrypting /bin/ lib/, /usr etc...when all that stuff is directly downloadable off the net |
| Wyzard | cast: yeah, but it's simpler to set up |
| cast | Wyzard: i want to minimise the performance hit by only encrypting what should be |
| Wyzard | cast: If you just encrypt /var you'll have to set up some custom script to do the cryptsetup thing at the right time during startup cast: If you encrypt the whole system, the initrd will do the cryptsetup (and its password prompt) automatically |
| cast | Wyzard: well, without LVM the debian installer sets everything up fine with just /var being encrypted |
| Wyzard | cast: Including getting it unlocked prior to mounting it? |
| cast | Wyzard: yes, it halts the boot sequence and asks for the pass before it tries to do anything in /var |
| SlackRat | nite folks...... |
| Wyzard | cast: hmm, ok cast: At any rate, encrypting stuff in /bin etc. doesn't seem to be much of a performance hit |
| GuHHH | dexomsrc: just a second :) |
| cast | Wyzard: its still a waste of time though :P |
| Guerin | Wyzard: but is also mostly pointless |
| Wyzard | cast: It's only really noticeable when doing heavy I/O, like reading and writing big files cast: Anyway, it should be fine to just tell the installer to use one of your LVs as a dm-crypt volume |
| cast | hmmm. alright, i shall do that |
| GuHHH | dexomsrc: can u try disabling pam? |
| dexomsrc | guhhh: How? |
| GuHHH | dexomsrc: sorry, wrong channel hehe |
| cast | oh, and the LVM howto mentions that in order to make a snapshot you want the fs to be in a consistant state at the time of the snapshot [makes sense] and mentions that many of the filesystems in 2.6 do this automatically when the snapshot is taken [without any additional patching, like was needed with LVM1 [VFS-lock patch]]. anyone know which filesystems that howto would be refering to? |
| action | cast loads splitlong.pl |
| cast | loads splitlong.pl |
| action | cast should [and proceeds to] ask in the lvm roo |
| cast | should [and proceeds to] ask in the lvm roo m |
| Hoxzer | as mobster |
| frankr | whats the new testing called? |
| Wyzard | frank: lenny |
| Hoxzer | :E Lenny brings pr0nstart to my mind |
| frankr | cools |
| Hoxzer | just wanted to note. |
| peerless | where is the appropriate place to specify that I want alt-tab to switch between windows? (debian unstable) |
| stew | peerless: that depends entirely on which window manager you are usin g |
| peerless | metacity |
| alaya | that would be a window-manager specific option |
| stew | i'm suprised that is not the default in metacity |