1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
minitramfs is a minimal initramfs generator, in the "suckless" style: it does
exactly what I need. You need something else? Patch it, it's only 80 lines. Or
use mkinitcpio or dracut, I won't feel bad.
Features:
- uses existing system tools
- LUKS password unlock
- SSH remote unlock
- firmware loading
- extremely fast initramfs creation: compression off: ~80ms cold cache, ~30ms
warm; lz4 --best: 1.6s
- udev/mdev-free module loading
- no temporary files during creation
- minimal runtime overhead
- minimal code: 80 SLOC total (init + make + Makefile + unlock)
- pure POSIX shell + POSIX Makefile
Drawbacks:
- uses existing system tools
- requires exact module list
- pure POSIX shell + POSIX Makefile
Usage:
0. Read (skim) https://wiki.gentoo.org/wiki/Custom_Initramfs.
1. Install busybox, dropbear, e2fsprogs for e2fsck, and C toolchain for
gen_init_cpio.
2. Adjust ./init as required:
a) Adjust networking as required. For example, use static IP instead of DHCP, or
you don't use eth0, but remember that myinitramfs has no udev, so no
predictable interface names. For PCI path based naming, try something like
$(cd /sys/bus/pci/devices/0000:08:00.0/net; echo *).
b) Adjust UUID (most likely yours is not the same as mine)
c) Change or remove fsck for non-ext4 roots
d) Put whatever you want: usr mount, NFS root, whatever.
3. Adjust ./make as required. Mainly, put your needed commands in gen_cpio_list.
4. Customize cpio_list.txt with your required non-executable files.
5. Add your public keys to authorized_keys.
6. make && sudo make install
8. Configure your boot loader/manager to use initramfs.img.
9. Use as usual. For remote unlock, SSH to port 2222 and "exec unlock".
|