View previous topic :: View next topic |
Author |
Message |
aralkis n00b
Joined: 20 Feb 2013 Posts: 3
|
Posted: Thu Feb 21, 2013 5:57 pm Post subject: Help with dracut and initramfs |
|
|
I'm installing gentoo into an encrypted root partition. I'm using lvm2 and cryptsetup/luks. the partitions are all set, stage 3 hardened tarballs are installed, 3.7.5-hardened kernel source files and kernel configured and I am just about to compile the kernel.
But to be able to boot, as I understand I need a to build a initramfs image, sort of a temporary filesystem so I can run cryptsetup luksOpen to decrypt my root partition, so then I can mount it.
Problem is I had difficult building static binaries of lvm2 and cryptsetup (they fail to emerge) to make initramfs manually, so I found out about dracut and had been tring to use it to create the initramfs. Now the problem is to make dracut to use my own /init script.
I tryed basically to things, put my init script in the /etc/conf.d/ as it is stated that files in this directory are going to be inserted in the initramfs and i tried the "dracut --include" option wich should inject a file inside the initramfs image. None of wich worked, as i checked if there was any modification in the initramfs with the lsinitrd tool.
So the question is: how do I get dracut to use my own init script instead of the default one?
So, if someone could help me, it would be really appreciated
PS: I'm brazilian, so sorry for any english mistakes. |
|
Back to top |
|
|
gabrielg Tux's lil' helper
Joined: 16 Nov 2012 Posts: 134
|
Posted: Thu Feb 21, 2013 7:44 pm Post subject: |
|
|
I don't know much about dracut, but why not try genkernel? That should create the right initramfs and comes with support for LUKS and lvm. |
|
Back to top |
|
|
cach0rr0 Bodhisattva
Joined: 13 Nov 2008 Posts: 4123 Location: Houston, Republic of Texas
|
Posted: Sat Feb 23, 2013 5:29 am Post subject: |
|
|
have a peek; for just doing crypto, dracut, genkernel, these are excessive
http://whitehathouston.com/documentation/gentoo/initramfs_howto.htm
three caveats:
1) one way or another, you WILL have to get busybox and cryptsetup built as static.
2)you must have initramfs support built into your kernel
3)make sure you include devtmpfs support in the kernel; it will save you some headache. You should also have your HDD controller driver, and filesystem driver (at least for root) as built-in, not modules
my new shiny Thinkpad T420 (I just got it last Friday, and no, the excitement hasn't yet worn off!) is also hardened-sources 3.7.5
i have 3 partitions - /boot, luks (swap), and luks (root)
the initramfs handles unlocking and mounting root
openrc handles unlocking swap, fstab handles doing a swapon
to get you around the busybox hurdles, here are the /etc/portage/package.use I used
Code: |
# cat /etc/portage/package.use/staticstuff
sys-apps/busybox static mdev
sys-fs/cryptsetup static static-libs
dev-libs/libgcrypt static-libs
sys-apps/util-linux static-libs static
sys-libs/e2fsprogs-libs static-libs static
dev-libs/popt static-libs
dev-libs/libgpg-error static-libs
sys-fs/lvm2 static-libs
|
once you get cryptsetup and busybox built as static binaries, you should be able to use my guide. _________________ Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
Back to top |
|
|
aralkis n00b
Joined: 20 Feb 2013 Posts: 3
|
Posted: Sat Feb 23, 2013 7:44 pm Post subject: |
|
|
thx for the help both of you.
I follow the advice of using genkernel. I couldn't get it to work at first. I used cpio to extract the initramfs genkernel generated and edited its init script. I just simplified the startLUKS (it wasn't doing exactly what I wanted) function so it would do a simple
cryptsetup luksOpen /dev/sda2 enc-pv and set USE_LVM_NORMAL=1.
I couldn't make my own init because i could't write my self the code do make /dev/sda2 appear
I learned a lot in the process and I can almost write my initscript by now...but one way or the other I got it to work and for now that is what matter.
Case solved
Now I move on to step 11 |
|
Back to top |
|
|
cach0rr0 Bodhisattva
Joined: 13 Nov 2008 Posts: 4123 Location: Houston, Republic of Texas
|
Posted: Sun Feb 24, 2013 12:12 am Post subject: |
|
|
aralkis wrote: |
I couldn't make my own init because i could't write my self the code do make /dev/sda2 appear
|
in the 'init' file, there is only one line that controls that:
Code: |
mount -t devtmpfs none /dev
|
that will create everything you need, including /dev/sda2, under /dev
actually, more specifically, it will create all devices under /dev that the kernel supports; so, if your HDD controller support is built into the kernel, it will create device nodes for your HDD controller, and your disks' partitions.
the alternative, if you do not use devtmpfs at all, is to cp the /dev/sda2 from your install CD, into your initramfs directory (e.g. cp -a /dev/sda2 /usr/src/initramfs/dev/ )
as long as you have your HDD controller support built into the kernel, this should work - both the devtmpfs way and the manual cp way)
(this is in that guide i linked) _________________ Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
Back to top |
|
|
frostschutz Advocate
Joined: 22 Feb 2005 Posts: 2977 Location: Germany
|
Posted: Sun Feb 24, 2013 2:40 am Post subject: Re: Help with dracut and initramfs |
|
|
aralkis wrote: | Problem is I had difficult building static binaries of lvm2 and cryptsetup (they fail to emerge) |
Which commands did you use and what errors did you get. Also your emerge --info. Would probably go a long way to help us help you solve whatever problem it is you're having. |
|
Back to top |
|
|
aralkis n00b
Joined: 20 Feb 2013 Posts: 3
|
Posted: Sun Feb 24, 2013 6:27 pm Post subject: |
|
|
Quote: |
MensagemColocada: Dom Fev 24, 2013 12:12 am Assunto:
aralkis escreveu:
I couldn't make my own init because i could't write my self the code do make /dev/sda2 appear
in the 'init' file, there is only one line that controls that:
Código:
mount -t devtmpfs none /dev | Ok, i will test this. I infact tried to copy /dev/sda2 to the initramfs mannually, but it took so long that I thought something was wrong.
frostschutz, I will answer you when I have kde installed. But basically, it appears to be a conflict with udev scripts 23. Right now udev is in conflict with lvm2 static. But I will soon post the full logs so you can see by your self.
Thx again |
|
Back to top |
|
|
truc Advocate
Joined: 25 Jul 2005 Posts: 3199
|
Posted: Mon Feb 25, 2013 9:55 am Post subject: |
|
|
cach0rr0 wrote: | 1) one way or another, you WILL have to get busybox and cryptsetup built as static. |
No you won't! You can include the required libs and you're good to go, that's actually what I am doing and it's working fine.
But now, if you ask me, I find dracut really interesting and plan to migrate to it very soon. If you look how it works, it's basically exactly what the homepage says: "This is all driven off of device availability", you can customize also your dracut initramfs.
I also have a luks-encrypted root(just in case the laptop get stolen, nothing really serious), and from what I have read so far, this should not be a problem with dracut. _________________ The End of the Internet! |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|