On 13/01/2012 14:09, Harald Hoyer wrote:
> On 13.01.2012 15:06, Harald Hoyer wrote:
>> On 13.01.2012 12:55, Alastair Scobie wrote:
>>> Apologies if this is the incorrect mailing list to discuss this issue..
>>>
>>> Does anyone know if there is a way to configure dracut such that
>>> it will not attempt to mount USB mass-storage devices at boot time,
>>> but will still allow mounting of such devices once a system (in our
>>> case ScientifcLinux6) is fully booted?
>>>
>>> Why do we want to do this? We run several large teaching labs running
>>> SL6 desktops. We mount filesystems by UUID. We are concerned that our
>>> students could install a USB memory stick, at boot time, with a
>>> filesystem with the same UUID as the "official" root filesystem so
>>> fooling dracut into mounting a trojan filesystem.
>>>
>>> Thanks, in advance, for any ideas..
>>>
>>> Alastair Scobie
>>>
>>>
>>
>> specifying "root=UUID=<uuid> rd.shell=0" will do exactly what you want. Then you
>> also want to secure grub (or any other bootloader) with a password.
>
> Ah, sorry, only read half of it. You might want to blacklist the USB storage
> kernel driver then.
>
> "rd.driver.blacklist=usb-storage"
Would that blacklist apply only during dracut - would the usb-storage
module still be loadable if a user inserted a USB stick after login? ...
> or choose one of the by-path symlinks with e.g.
> "root=/dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0-part1"
... otherwise, this looks like the best approach.
Thanks
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
--
To unsubscribe from this list: send the line "unsubscribe initramfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Home]
[Linux USB Devel]
[Video for Linux]
[Linux Audio Users]
[Photo]
[Yosemite News]
[Yosemite Photos]
[Free Online Dating]
[Linux Kernel]
[Linux SCSI]
[XFree86]
