1e057b352a
add PARTLABEL and PARTUUID
12 years ago
32bd2fbb4c
use "rm --" to guard against filenames beginning with "-"
12 years ago
26a077fc7e
fips: do not fail immediatly after loading the crypto modules
...
Fail only if tcrypt insmod failed.
12 years ago
6f4c2dada4
fixed fips mode
...
- preserve timestamps
- copy /lib*/hmaccalc files
- run sha512hmac after kernel module loading
- add more fips kernel modules
12 years ago
0fc0dcff60
bye bye iscsi_wait_scan ... officially gone for kernel 3.6
13 years ago
c9a9968dfc
fips: set /boot as symlink to /sysroot/boot if no boot= parameter
...
otherwise sha512hmac will error out with:
sha512hmac -c /sysroot/boot/.vmlinuz-2.6.32-220.el6.x86_64.hmac
Error opening "/boot/vmlinuz-2.6.32-220.el6.x86_64": No such file or directory.
13 years ago
4257798f8a
fips: forward port RHEL-6 fips changes
...
- also support FIPS on separate LVM partition
- use small settle loop to get /boot
- "set -e" has no effect, if we use "||"
- make fips work with encrypted root and seperate boot
- moved to pre-pivot to support /boot in /
14 years ago
d125a47061
mkdir always with -m 0755
14 years ago
02c1bd6bb6
fips: add "rd.fips.skipkernel" boot option
14 years ago
01583ae4ad
fips: fixed "boot=<dev>" handling
14 years ago
10b5dca0f7
fips/fips.sh: do not load tcrypt with "noexit" parameter
...
"noexit=1" is the default mode for the tcrypt module now.
[forward ported 7e7308158c9149c33309c0d36a6e1126e690fb58]
14 years ago
b60d5e90a5
fips/fips.sh: die(), if boot=<device> is not present or has wrong format
14 years ago
674bdee804
fips/fips.sh: only trigger udev, if device node of boot is not present
14 years ago
e2d86d001a
fips: s/==/=
14 years ago
cc02093d69
reformat source code
...
removed tabs and set indention to 4 spaces
added emacs and vi format headers
15 years ago
719cc30626
fips: udev trigger with action=add
15 years ago
c2bcc5be2f
fips: add shebang to fips.sh
15 years ago
03d8ec2601
add module fips
16 years ago
Harald Hoyer