| Age | Commit message (Collapse) | Author |
|---|
|
This does many little things. First, this changes the `function <name>`
syntax to `<name>()`. This also moves referencse from `echo` to
`printf`. It also switches out the bash `[[ ]]` conditional blocks to
more ubiquitous `[ ]`. This also simplifies the `get_first_path`
function (which will later be replaced as it is pretty bad).
Finally, this rewrites the `check_crypto_support` function. Rather than
copy in all of the kernel modules, then removing unneeded ones, it has
become easier to only copy what is needed, which further reduces the
initramfs size.
|
|
This switches the readme over to markdown which has a much smaller
interpreter than asciidoc (welcome commonmark!).
Also, the cryptroot option was removed a few commits back, so this
removes its documentation from the readme.
|
|
This reduces the terminfo directory, which is currently over 40 MB
uncompressed, to just copy in the `l` directory, as the bootup tty is a
`linux` terminal, so we only need terminfo for that.
This also adds additional removals from the kernel device drivers
directory for modules that are not required during the boot process.
|
|
This function was overly abstracted, as all it did was reorder arguments
to call the mount function. Replaced the one call to this with the mount
call.
Also fixed one if statement syntax.
|
|
Both the clear and cat commands are not technically required, as they
have bash builtin equivelants. This will shave off tens of kilobytes
(very little unfortunately).
This also changes the syntax of the parse_cmdline function to something
more reasonable, also no longer using cat but using a bash builtin.
|
|
This option existed previously to handle luks encrypted root volumes.
However, recent changes allow the init process to detect at runtime
encrypted root volumes that are set with the `root` option, so this
option is no longer needed and effectively does nothing at this point
besides break encrypted device detection when used next to `root`. It is
required to only use `root` now.
|
|
|
|
With the `/dev/disk` directory tree now filled out, we no longer need
blkid and cut to determine device paths based on aliases such as
partlabel or uuid. This also simplifies the code, using bash-native
parameter expansion to cut substrings.
|
|
|
|
|
|
Previously block device aliases did not load correctly, so the direct
`/dev/nvme*` path for example was required as `/dev/disk/by-*` was not
available at all for mounting by partlabel or uuid.
This adds the udevadm and udevd binaries so the /dev/disk directory tree
can be populated during init, allowing for block device aliases. This
also does some cleanup and organization to improve the over code
quality.
|
|
|
|
Previously dm-crypt had to be statically compiled into the kernel, which
is cumbersome, not well documented, and makes the kernel larger.
This supports dm-crypt being an external module, adding rmmod and
modprobe to the initramfs, and copying in the relevant kernel modules
directory, stripping out graphics device support, bluetooth, sound,
virtualization, and networking support modules.
This also updates the copyright year.
|
|
This makes the process a bit more transparent and easier to troubleshoot
when things break.
|
|
The new version 2 of cryptsetup requires libgcc_s.so to be installed at
decrypt time, or the following error message will occur:
libgcc_s.so.1 must be installed for pthread_cancel to work
Note that this only affects luks containers using the new version 2
spec. Version 1 containers use a different process that does not require
libgcc_s.
|
|
|
|
The kernel has supported this all along, but now the init process for
mkinitramfs supports it as well.
|
|
|
|
This checks the init script for any syntax errors, which could prevent
producing an unbootable initramfs archive, should the end user make
manual changes to the init script that contain syntax errors.
|
|
The screen_init function was dependent on the value of the QUIET
variable, which previously was set after this function was called.
Moving this down allows for the QUIET variable to be set before it is
needed.
Also removed the 'Parsing command line options' log message.
|
|
Previously all logs were printed, no matter what. Now we read the global
variable QUIET (which is set by the presence of the kernel cmdline
variable 'quiet') to determine if certain messages should be displayed.
If quiet is enabled, info messages are not printed, but anything else
is. If quiet is not enabled, all messages print.
|
|
Previously, we were calling `init 6` to perform a reboot on failed
decryption operations. This caused the init script to call itself. Being
an init script for an initramfs, it ignored runlevels when called, so
this just restarted the boot process.
Now we use the sysrq trigger to perform the reboot.
|
|
Previously, terminals could execute various commands (namely `clear`)
because the terminals database could not be found in the initramfs. This
ensures that the terminals database is present on boot so certain
commands run without error or warning.
|
|
|
|
|
|
The cryptsetup utility contains a 'isLuks' command which makes this
function uneeded. Updated call to this function with the cryptsetup
directive.
|
|
Moved expected path for msg to /etc/msg, rather than res_path/msg.
Quoted paths on install commands.
|
|
|
|
The cryptroot directive allows the user to specify a new root that might
appear post-decryption of the main root device. This allows users to
have encrypted devices that contain a partition table with multiple
partitions.
Updated README to reflect these changes. Also updated it to be a bit
more standard, added examples, reformatted directive descriptions, etc.
|
|
|
|
Previously, it was assumed that the encrypted device contained a single
filesystem. Now we run a partprobe on decrypt to detect an existing
partition table inside the container. Behavior with devices that just
contain a single filesystem is unaffected.
This adds the partprobe binary to the initramfs.
|
|
|
|
There is still some distance to go to make this script almost or
completely posix compliant. However, these changes will make the script
a bit more portable, as this commit removes certain bash-specific
functionalities. Also made a few changes to increase stability in edge
cases.
* Renamed "function name {...}" syntax to "name() {...}"
* Changed all if statements from bash specific [[ ]] to [ ].
* Quoted conditional variables
* Scoped a few function variables that were not previously
|
|
|
|
Previously, the device wait was hardcoded, regardless of device
presence. Now we wait 10 seconds, but if the device is present early,
the script can proceed before the threshold is reached. This should
speed up boot time by a few seconds.
|
|
|
|
|
|
|
|
Added a sleep 2 before attempting to access the specified root device to
allow for device settling (usb devices sometimes weren't ready yet and
causes init to fail). This needs to be replaced later by a
'wait_for_dev' function.
Added breakpoint to allow debugging for when the specified root device
does not exist.
Added a breakpoint for an init script not being detected in the
destination root fs.
Added breakpoint for failed switch_root.
Added many more log messages.
|
|
|
|
Install supports -D and -m switches to create leading paths if they
don't exist yet, and set destination permissions on copy. These make the
script more reliable and shorter.
Updated cache directory setup function to create fewer directories since
the install command handles much of that now.
Cleaned up some parent directory determination logic as a result of this
new functionalty as well.
Also added reboot command to binaries to be installed.
|
|
Interactive was spelled wrong. Also, the bash call was relative, not
absolute, which was causing kernel panics when interactive mode was
requested.
|
|
|
|
|
|
Includes a description, usage instructions, and a list of kernel
arguments and what each does.
|
|
|
|
Now we support uuid specifications and labels through the use of blkid.
|
|
|
|
Drops the boot sequence into an interractive bash shell, just prior to
mounting the new root fs (the first step where real issues may occur).
This is mostly useful for debugging to see what the environment looks
like, manually mount partitions, etc.
|
|
Removed unused get_bin_deps function
Added function comments for all functions in mkinitramfs.
Added GPLv3 LICENSE file
Added GPLv3 licence header to mkinitramfs
Miscellaneous other code comments.
Added execute switch to mkinitramfs and init scripts
|
