The loop-aes-utils sets a umask in its update-initramfs configuration,
causing initrds to have "0600" permissions which causes boot failures
when offering the files over netboot or similar.
The justification given by loop-aes is that, as it supports encrypting
against embedded GPG keyrings, the keys would be compromised if the files
were group- or world- readable. However, as live-helper does not support
this feature, it is safe to simply correct the permissions.
By using APT_OPTIONS and APTITUDE_OPTIONS in config/common,
one can manipulate the default options wich is made to each
and every apt and aptitude call.
At the moment this only works with the root volume
on nfs as well. If we add a switch to configure the
network early in the boot process then this option
could be made available for other root mediums. This
option works reliably on the latest kernel 2.6.23.1
On earlier kernels I experienced frequent oopses.
This option allows you to expose the root read only. Using
this option a person could upgrade the root filesystem or
add packages without requiring the user to reboot. The root
filesystem could be kept on an nfs volume or some other
persistent medium. Multiple clients could then be booted off
the same root fs. I used LTSP as a template to determine which
directories to make rw.
Daniel Baumann
Chris Lamb
Jesse Hathaway