ndctl icon indicating copy to clipboard operation
ndctl copied to clipboard
verified publisher icon pmem

ndctl needed in initramfs

Open jah63 opened this issue 6 years ago • 3 comments

As load-keys is a sub-command of ndctl and is load-keys needed to unlock the dimms during boot, ndctl needs to be in the initramfs. I understand from earlier email conversation that distro partners are being requested to include this command in the initramfs so this issue is here for completeness and verification that such an approach is being done and is sufficient. Thanks

jah63 avatar Oct 25 '19 21:10 jah63

I'd consider this issue a duplicate of https://github.com/pmem/ndctl/issues/117

djbw avatar Oct 25 '19 22:10 djbw

Hello, we also encounter the same problem. The system needs to use the ndctl command during the boot process, but the initramfs file does not contain the ndctl package /usr/bin/ndctl:No such file or directory message is displayed. Are there any plans to solve the problem?

yanglongkanglo avatar Dec 07 '21 02:12 yanglongkanglo

A better approach is to change the current behavior to lazy-load the keys later in the boot process once the network is up, so we can reach keys stored locally or remotely in a key manager/vault.

We can add the nofail option to pmem mount entries in the /etc/fstab or move them to systemd services and have them depend on another ndctl-load-keys systemd service, for example.

sscargal avatar Dec 07 '21 15:12 sscargal