summaryrefslogtreecommitdiff
path: root/README
blob: 323f402b8342dccb241079c3322ad63926dabea3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
This is my initramfs generator. I use this on my desktop Gentoo system. For my
laptop Arch system, I use mkinitcpio.

Basically, it's a suckless initramfs generator: it does exactly what I need.
You need something else? Patch it, it's only 117 lines.

Features:

- uses existing system tools, no compilation necessary
- password LUKS unlock
- SSH remote unlock
- firmware loading (trivial, done by kernel)
- extremely fast initramfs creation: compression off: ~70ms cold cache, ~30ms
  warm; lz4 --best: 1.6s
- no temporary files during creation
- extremely fast initramfs runtime: ~zero overhead compared to direct kernel
  loading
- minimal code: 117 SLOC total (init + make + Makefile + unlock)
- pure POSIX shell + POSIX Makefile

Drawbacks:

- uses existing system tools, no compilation possible
- no modprobe support. custom kernel is required to use myinitramfs. if you
  want configurability, probably better to use mkinitcpio or dracut.
- pure POSIX shell + POSIX Makefile

Usage:

0. Read (skim) https://wiki.gentoo.org/wiki/Custom_Initramfs.

1. Install busybox, dropbear, e2fsprogs if you use ext4, and C toolchain for
   building gen_init_cpio.

2. Adjust ./init as required:
   a) Adjust networking as required (e.g. maybe static IP instead of DHCP, or
      you don't use eth0, but remember that myinitramfs has no udev, so no
      predictable interface names)
   b) Adjust UUID (most likely yours is not the same as mine)
   c) Change or remove fsck for non-ext4 roots
   d) Put whatever you want: usr mount, NFS root, whatever.

3. Adjust ./make as required:
   a) Put your needed commands in gen_cpio_list.
   b) Select your desired compressor at the end. Try make comp_bench for a comparison.
      summary: lz4 is usually best, xz if storage is important above all (saves
      a few MB but adds ~0.5s to boot), gzip is mediocre on both size and
      speed, lzo is usually worse than gzip, never use bzip2 or lzma.

4. Customize cpio_list.txt with your required files. Remember that commands
   must go in ./make (for library detection), and device files except
   /dev/console and non-empty directories can be omitted.

5. Add your public keys to authorized_keys. Note that dropbear only supports
   RSA and ECDSA keys.

6. make

7. sudo make install

8. Configure your boot loader/boot manager to use initramfs.img.

9. Use as usual. For remote unlock, SSH to port 2222 and "exec unlock".