summaryrefslogtreecommitdiff
path: root/README
blob: c755e6d1f502835b015af8e3f73eb53ecd41dd76 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
minitramfs is a minimal initramfs generator, in the "suckless" style: it does
exactly what I need. You need something else? Patch it, it's only 80 lines. Or
use mkinitcpio or dracut, I won't feel bad.

Features:

- uses existing system tools
- LUKS password unlock
- SSH remote unlock
- firmware loading
- extremely fast initramfs creation: compression off: ~80ms cold cache, ~30ms
  warm; lz4 --best: 1.6s
- udev/mdev-free module loading
- no temporary files during creation
- minimal runtime overhead
- minimal code: 80 SLOC total (init + make + Makefile + unlock)
- pure POSIX shell + POSIX Makefile

Drawbacks:

- uses existing system tools
- requires exact module list
- pure POSIX shell + POSIX Makefile

Usage:

0. Read (skim) https://wiki.gentoo.org/wiki/Custom_Initramfs.

1. Install busybox, dropbear, e2fsprogs for e2fsck, and C toolchain for
   gen_init_cpio.

2. Adjust ./init as required:
   a) Adjust networking as required. For example, use static IP instead of DHCP, or
      you don't use eth0, but remember that myinitramfs has no udev, so no
      predictable interface names. For PCI path based naming, try something like
      $(cd /sys/bus/pci/devices/0000:08:00.0/net; echo *).
   b) Adjust UUID (most likely yours is not the same as mine)
   c) Change or remove fsck for non-ext4 roots
   d) Put whatever you want: usr mount, NFS root, whatever.

3. Adjust ./make as required. Mainly, put your needed commands in gen_cpio_list.

4. Customize cpio_list.txt with your required non-executable files.

5. Add your public keys to authorized_keys.

6. make && sudo make install

8. Configure your boot loader/manager to use initramfs.img.

9. Use as usual. For remote unlock, SSH to port 2222 and "exec unlock".