On Tue, 2013-06-11 at 12:01 +0200, Per Jessen wrote:
Linda Walsh wrote:
Brian K. White wrote:
On 6/11/2013 2:23 AM, Per Jessen wrote:
Now that we do have the luxury of enough RAM, it's difficult to see the advantage of not using an initrd.
It's nearly twice as slow than w/o it?
It's easier to slip something unseen into your initrd than it is the kernel?
just to think of a few...
No doubt those are valid reasons, although I had more functionality- oriented ones in mind. For my situation, those two reasons don't really apply: loading the initrd only takes slightly longer than loading the kernel, so a total of a few seconds (apprx 4Mb kernel + 6M initrd). In comparison, most servers take much longer to initiate/run the POST. I guess someone could "slip" something into mkinitrd and therefore into the initrd, but as I trust the distro and I trust mkinitrd, it's a "risk" I can live with.
And if needed components are all reterived as separate files via NFS, how does that protect against insertion? I would think that initrd is easier to monitor as it is a single file with a <fill in your favorite single file change detection mechanism>. As a minimum, changes from the last time it was deemed correct are straight forward to detect. An NFS mounted directory hierarchy would seem trickier (at least not easier) to monitor for things being slipped in. FYI, in our diskless use, the root file system is mounted over the network via a vblade server. So it does require any special amount of RAM on the machine. Blocks are retrieved as needed, much as would happen from a traditional hard disk. Perhaps a similar mechanism could be used for initrd. Yours sincerely, Roger Oberholtzer Ramböll RST / Systems Office: Int +46 10-615 60 20 Mobile: Int +46 70-815 1696 roger.oberholtzer@ramboll.se ________________________________________ Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden www.rambollrst.se -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org