logo

bootstrap-initrd

Linux initrd generator to bootstrap a POSIX-ish system from a reasonably small binary seed git clone https://hacktivis.me/git/make-initrd.git
commit: 899c53f1a51dbb9b33d38944b269acbd7e913391
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Mon, 12 Mar 2018 11:18:53 +0100

Initial Commit


Diffstat:


AREADME9+++++++++


Ainit75+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Amake-initrd.bash74++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


3 files changed, 158 insertions(+), 0 deletions(-)

diff --git a/README b/README
@@ -0,0 +1,9 @@
+# make-initrd
+
+A custom initrd (aka initramfs) generator. It’s quite at the first steps, configuration is mainly done in ``init`` and ``make-initrd.bash`` scripts at this point but it works (I use it in production actually).
+
+## Tested systems
+All are running Gentoo (GNU+)Linux with ZFS on LUKS.
+* arm musl
+* amd64 musl
+* amd64 Hardened glibc (tends to have bugs because of how broken glibc is)
diff --git a/init b/init
@@ -0,0 +1,75 @@
+#!/bin/sh
+# Copyright 2017-2018 Haelwenn (lanodan) Monnier <contact@hacktivis.me>
+# Distributed under the terms of the ISC license
+
+export PATH=/bin:/sbin:/usr/bin:/usr/sbin
+export init=/sbin/init newroot=/newroot root=zroot/ROOT/gentoo sh=/bin/sh level=3\ -a dev_hotplug=mdev
+
+
+rescueshell() {
+	export PS1='rsh:$(tty | cut -c6-):$PWD # '
+	if which setsid $>/dev/null; then
+		setsid $sh -i -0<$console 1>$console 2>&1
+	else
+		$sh -i 0<$console 1>$console 2>&1
+	fi
+}
+
+die() {
+	echo -e "$@"
+	echo -e "Dropping into a rescueshell..."
+	rescueshell || exec $sh -i
+}
+
+getdev() {
+	echo $(blkid | grep $1 | cut -d: -f1)
+}
+
+set -v
+
+umask 0077
+mount -t proc proc /proc
+mount -t sysfs sysfs /sys
+if grep devtmpfs /proc/filesystems &>/dev/null; then
+	mount -t devtmpfs devtmpfs /dev
+else
+	mount -t tmpfs tmpfs /dev
+fi
+
+for arg in $(cat /proc/cmdline); do
+	case $arg in
+		rescue*) export rescue=1;;
+		single) export level=2;;
+		level*|init*|root*|crypt_root*|sh*|dev_hotplug*) export $arg;;
+	esac
+done
+
+
+$dev_hotplug -s || die
+
+echo $(which $dev_hotplug) > /proc/sys/kernel/hotplug
+
+[ -h /dev/fd     ] || ln -fs /proc/self/fd     /dev/fd
+[ -h /dev/stderr ] || ln -fs /proc/self/stderr /dev/stderr
+[ -h /dev/stdin  ] || ln -fs /proc/self/stdin  /dev/stdin
+[ -h /dev/stdout ] || ln -fs /proc/self/stdout /dev/stdout
+: ${console:=/dev/console}
+exec 0<$console 1>$console 2>&1
+
+#root=$(getdev $crypt_root)
+#[ $root ] || root=/dev/sda2
+#cryptsetup open $root root || die
+#
+#mount /dev/mapper/root $newroot || die
+
+modprobe zfs || die
+
+cryptsetup open /dev/sda2 cryptrpool || die
+
+zpool import -d /dev/mapper -d /dev -N rpool || die
+
+mount -t zfs -o rw,zfsutil $root $newroot || die
+
+umount -l /{sys,dev,proc}
+
+exec switch_root $newroot ${init:-/sbin/init} $level || die
diff --git a/make-initrd.bash b/make-initrd.bash
@@ -0,0 +1,74 @@
+#!/bin/bash
+# Copyright 2017-2018 Haelwenn (lanodan) Monnier <contact@hacktivis.me>
+# Distributed under the terms of the ISC license
+
+kv=${1:-$(uname -r)}
+arc=$(getconf LONG_BIT)
+out_base=initramfs-${kv}
+elves="lvm busybox blkid lsblk cryptsetup mksh zfs zpool"
+WORKDIR="$(pwd)"
+
+function docp() {
+	local link=${1} prefix
+	[[ -n ${link} ]] || return
+	cp -a {,.}${link}
+
+	[[ -h ${link} ]] &&
+	while true; do
+		prefix=${link%/*}
+			link=$(readlink ${link})
+			[[ ${link%/*} == ${link} ]] && link=${prefix}/${link}
+			cp -a {,.}${link} || die
+			[[ -h ${link} ]] || break
+	done
+
+	return 0
+}
+
+test -e $out_base && rm -fr $out_base
+mkdir -p $out_base && pushd $out_base
+mkdir -p {usr/,}{bin,lib$arc} dev proc sys newroot etc
+ln -s lib{$arc,}
+ln -s /proc/mounts etc/mtab
+pushd usr && ln -s lib{$arc,} && popd
+
+mkdir -p lib/modules ; cp -pr /lib/modules/$kv lib/modules
+
+mknod -m 600 dev/console c 5 1
+mknod -m 666 dev/urandom c 1 9
+mknod -m 666 dev/random  c 1 8
+mknod -m 640 dev/mem     c 1 1
+mknod -m 666 dev/null    c 1 3
+mknod -m 666 dev/tty     c 5 0
+mknod -m 666 dev/zero    c 1 5
+mknod -m 640 dev/tty1    c 4 1
+
+[[ $(echo "$kv" | cut -d'.' -f1 ) -eq 3 ]] &&
+	[[ $(echo "$kv" | cut -d'.' -f2) -ge 1 ]] &&
+	mknod -m 600 /dev/loop-control c 10 237
+
+for i in $elves; do
+	cp $(which $i) bin
+done
+
+cp "${WORKDIR}/init" . && chmod 755 init || exit
+ln bin/mksh bin/sh
+bin/busybox --install usr/bin
+
+for bin in $(find bin); do
+	ldd $bin >/dev/null || continue
+	for lib in $(ldd $bin | sed -nre 's,.* (/.*lib.*/.*.so.*) .*,\1,p' \
+		-e 's,.*(/lib.*/ld.*.so.*) .*,\1,p')
+	do
+		mkdir -p ${lib%/*} && docp {,.}$lib
+	done
+done
+
+if find . -print0 | cpio --null -ov --format=newc | xz -9 --check=crc32 > ../${out_base}.cpio.xz; then
+	test -e /boot/${out_base}.cpio.xz && mv /boot/${out_base}.cpio.xz /boot/${out_base}.cpio.xz.old
+	cp ../${out_base}.cpio.xz /boot
+fi
+
+popd
+
+unset -v arc kv out_base elves