When to mount /lib and /usr/lib ?

Siggy Brentrup ubuntu at psycho.i21k.de
Wed Sep 16 23:03:37 BST 2009

I'm really unsure whether this is the list to ask this question on
with upstart not yet implementing a dependency based boot sequence the
upstart-devel list seems inappropriate to me.

In the course of my tiny usb-booster project [1] security
considerations (cf [2]) make it necessary to verify the SHA256 sum
before mounting /lib resp. /usr/lib partitions from a memory stick.

The question now is if it's early enough to mount /lib when rc?.d
scripts are run or should it even be done early in inittab?  Also take
into consideration that calculating the SHA256 sum of the whole /lib
partition takes about 20s while /usr/lib requires an ample 90s.

If interested you may also want to refer to [3] where I try to give
some motivation, caveats and outline how to use the approach.

If anything seems unclear feel free to use the "Ask a question" button on

Thanks in advance for your comments

[1] https://launchpad.net/booster
[2] https://bugs.launchpad.net/booster/+bug/426362
[3] http://bazaar.launchpad.net/~bsb/booster/trunk/annotate/head%3A/README

ps: Please let me repeat what I wrote when pushing the code to lp:
    DON'T YET USE THE CODE, IT'S WORK IN PROGRESS, I intend to release
    it RSN.
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org+
|30 days until|bsb-at-psycho-dot-informationsanarchistik-dot-de|
|www.Ubucon.de|or:                bsb-at-psycho-dot-i21k-dot-de|
+-------> ceterum censeo javascriptum esse restrictam <--------+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20090917/da26154f/attachment-0002.pgp 

More information about the ubuntu-devel mailing list