overlayroot 0.27ubuntu1 / etc / overlayroot.conf

This file is indexed.

/etc/overlayroot.conf is in overlayroot 0.27ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
# This is the overlayroot config file
# By default, overlayroot is not enabled.
# To enable overlayroot:
#   1) edit the 'overlayroot' definition below
#   2) reboot
#
# Supported values:
#  * overlayroot=tmpfs or overlayroot=tmpfs:PARAMETERS
#    write all changes to a temporary (ram only) backing device
#    A tmpfs mount will be created, and usable filesystem can
#    grow to 1/2 available memory.
#
#    available parameters:
#     * see COMMON PARAMETERS
#
#    examples:
#     overlayroot=tmpfs
#     overlayroot=tmpfs:swap=1
#
#  * overlayroot=DEVICE or overlayroot=device:PARAMETERS
#    mount DEVICE as overlayfs and write changes there
#    device must already have kernel mountalbe filesystem on it.
#
#    available parameters are:
#     * dev: default: "" [REQUIRED]
#       use given device for backing filesystem.
#       Note, 'overlayroot=/dev/vdb' is translated to
#             'overlayrooot=device:dev=/dev/vdb'
#     * timeout: default: 0
#       if 'dev' provided does not exist, wait up to many seconds for
#       it to appear.
#     * see COMMON PARAMETERS
#
#    examples:
#      overlayroot=/dev/xvdb
#      overlayroot=/dev/vdb
#      overlayroot=device:dev=/dev/sdb,timeout=180
#      overlayroot=device:dev=LABEL=my-flashdrive,timeout=180
#
#  * overlayroot=crypt:PARAMETERS
#    use an encrypted [dmcrypt] device as the backing device. Parameters
#    are comma delimited key=value pairs.
#
#    available parameters are:
#     * dev: default: "" [REQUIRED]
#       use given device for backing filesystem.
#     * mapname: default: "secure"
#       the name of the map device to be created in /dev/mapper
#     * pass: default: ""
#       if not provided or empty, password is randomly generated
#     * fstype: default: "ext4"
#       mapname=mapper,pass=foo,fstype=ext4,mkfs=1
#     * mkfs: default: 1
#         0: never create filesystem
#         1: if pass is given and mount fails, create a new one
#            if no pass given, create new
#         2: if pass is given and mount fails, fail
#            if no pass given, create new
#     * timeout: default: 0
#       if 'dev' provided does not exist, wait up to many seconds for
#       it to appear.
#     * see COMMON PARAMETERS
#
#    examples:
#      crypt:mapname=mapper,pass=foo,fstype=ext4,mkfs=1,dev=vdb
#      crypt:mapname=mapper,pass=foo,fstype=ext3,mkfs=1,dev=/dev/disk/by-label/my-jumpdrive,timeout=120
#      crypt:dev=xvdb
#
#  * overlayroot=disabled
#    if set explicitly to 'disabled', or an empty string, then
#    overlayroot will do nothing.
#
#
# COMMON PARAMETERS:
#   The following parameters are supported for each of overlayroot=
#   values above.
#   * swap: default: 0
#     allowed values: 0, 1
#     indicate if swap partitions should be allowed.  By default swap entries
#     are removed from /etc/fstab to disable swap.
#     Swap *files* are always disabled, independent of this setting.
#
#   * recurse: default: 1
#     allowed values: 0, 1
#     indicate if all mounts should be made read-only, or just /.
#     if set to 1, then all filesystems will be mounted read-only.
#     if set to 0, only root will be set to read-only, and changes
#     to other filesystems will be permenant.  For example, if
#     /home is on a separate partition from / and recurse set to 0
#     then changes to /home will go through to the original device.
#
#  * debug: default: 0
#     allowed values: 0, 1
#     enable debug output if set to 1
#
#  * dir: default: "/overlay"
#    the directory under the filesystem to use for writes
#    default is to use top level directory.  For example, use
#    'dir=my-tests/run1' and later 'dir=my-tests/run2'
#
# overlayroot_cfgdisk:
#  * default: 'disabled'
#    If this variable is set, it references a disk/filesystem that
#    may exist, and include a 'overlayroot.conf' file in it's root directory
#    If a such a device exists, then it's overlayroot.conf file can
#    set overlayroot as above.
#
#    examples:
#    * overlayroot_cfgdisk="LABEL=OROOTCFG"
#    * overlayroot_cfgdisk="/dev/vdb"
#
#    Note: if you enable this setting, then you must be careful to be sure
#          that no filesystems are created that match this without your
#          knowledge.  This is because code on that filesystem is executed
#          as root in the initramfs environment.
#
# Notes:
#  * This file is managed by dpkg as a conffile, so changes to it
#    will force dpkg config file prompts on package updates that contain a
#    change.  Instead of putting changes here, put them in
#    /etc/overlayroot.local.conf
#  * you can pass the same 'overlayroot=' parameters on the kernel
#    command line, and they will override any values set here.
#    This includes 'overlayroot=' or 'overlayroot=disabled' to disable
#    a value set in this file.
#  * if you specify crypt:dev=/dev/vdb, then DATA WILL BE LOST
#    on /dev/vdb.  A safer value would be to use
#     crypt:dev=/dev/vdb,pass=somepassword,mkfs=0
#    However, you would then have to have previously set up the luks device.
#    Do that like the following:
#      $ MAPNAME="secure"; DEV="/dev/vdg"; PASSWORD="foobar"
#      $ sudo wipefs -a $DEV
#      $ printf "%s" "$PASSWORD" |
#         sudo cryptsetup luksFormat "${$DEV}" --key-file -
#      $ printf "%s" "$PASSWORD" |
#         sudo cryptsetup luksOpen "${DEV}" "${MAPNAME}" --key-file -
#      $ sudo mke2fs -t "ext4" "/dev/mapper/${MAPNAME}"
#
# Security Note:
#    IT IS INSECURE TO SET THIS PASSWORD HERE IN THIS CLEARTEXT CONFIGURATION
#    FILE OR ON THE KERNEL COMMAND LINE.
#    Randomly generated passwords are more secure, but you won't be able to
#    read your encrypted disk on reboot.
#    Randomly generated passwords are generated by calculating the sha512sum
#    of a concatenation of:
#      - stat -L /dev/* /proc/* /sys/*
#        + some unpredictability of access/modify times of a number of kernel
#          files, directories, and block devices
#      - /proc/sys/kernel/random/boot_id
#        + 16-bytes uuid, consider this a 'salt'
#      - /proc/sys/kernel/random/uuid
#        + 16-bytes uuid, consider this psuedo randomness
#      - /dev/urandom
#        + 4096-bytes of psuedo randomness
#      - $DEV
#        + 4096-bytes from the head of the disk
#        + security-paranoid users can write 4096-bytes of randomness to
#          this device and specify mkfs=1 before rebooting into an
#          crypt+overlayroot setup
#    The result is stored in r-------- /dev/.initramfs/overlayroot.XXXXXXX,
#    which is a tmpfs in memory.
overlayroot_cfgdisk="disabled"
overlayroot=""

APT Browse - Built by Thomas Orozco.