1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
minitramfs is a minimal initramfs generator, in the "suckless" style: it does
exactly what I need. You need something else? Patch it, it's only 80 lines. Or
use mkinitcpio or dracut, I won't feel bad.
Features:
- uses existing system tools
- LUKS password unlock
- SSH remote unlock
- firmware loading
- extremely fast initramfs creation with no temporary root:
COMPRESSOR=cat: ~80ms cold cache, ~30ms warm
COMPRESSOR="lz4 --best": 1.6s
- udev/mdev-free module loading
- minimal runtime overhead
- minimal code: 80 SLOC total (init + make + Makefile + unlock)
Drawbacks:
- uses existing system tools
- requires exact module list
Usage:
0. Read (skim) https://wiki.gentoo.org/wiki/Custom_Initramfs.
1. Install busybox, dropbear, e2fsprogs for e2fsck, and C toolchain for
gen_init_cpio.
2. Adjust ./init as required:
a) Adjust networking as required. For example, use static IP instead of
DHCP, or you don't use eth0, but remember that minitramfs has no udev, so
no predictable interface names. For PCI path based naming, try something
like $(cd /sys/bus/pci/devices/0000:08:00.0/net; echo *).
b) Adjust root device name
c) Change or remove fsck for non-ext4 roots
d) Put whatever you want: usr mount, NFS root, whatever.
3. Adjust ./make as required. Mainly, put your needed commands in gen_cpio_list.
4. Customize cpio_list.txt with your required non-executable files.
5. Add your public keys to authorized_keys.
6. make && sudo make install
8. Configure your boot loader/manager to use initramfs.img.
9. Use as usual. For remote unlock, SSH to port 2222 and "exec unlock".
|