diff options
author | Karel Kočí <cynerd@email.cz> | 2017-10-12 21:14:52 +0200 |
---|---|---|
committer | Karel Kočí <cynerd@email.cz> | 2017-10-12 21:14:52 +0200 |
commit | 5fe047ebc4de0666dfa83dc83ff4f6aec3ac23c8 (patch) | |
tree | ae7b0dcc8832a13ee6728f74acea50cfe87db53e /sys-boot/myinitramfs | |
parent | 2eec23e530ffe94ada11d9cb3f4f2fac6db6dfcd (diff) | |
download | gentoo-personal-overlay-5fe047ebc4de0666dfa83dc83ff4f6aec3ac23c8.tar.gz gentoo-personal-overlay-5fe047ebc4de0666dfa83dc83ff4f6aec3ac23c8.tar.bz2 gentoo-personal-overlay-5fe047ebc4de0666dfa83dc83ff4f6aec3ac23c8.zip |
Add myinitramfs encryption use
Diffstat (limited to 'sys-boot/myinitramfs')
-rwxr-xr-x | sys-boot/myinitramfs/files/init.enc (renamed from sys-boot/myinitramfs/files/init) | 0 | ||||
-rwxr-xr-x | sys-boot/myinitramfs/files/init.plain | 94 | ||||
-rw-r--r-- | sys-boot/myinitramfs/myinitramfs-1.2.ebuild (renamed from sys-boot/myinitramfs/myinitramfs-1.1.ebuild) | 8 |
3 files changed, 100 insertions, 2 deletions
diff --git a/sys-boot/myinitramfs/files/init b/sys-boot/myinitramfs/files/init.enc index 134d85c..134d85c 100755 --- a/sys-boot/myinitramfs/files/init +++ b/sys-boot/myinitramfs/files/init.enc diff --git a/sys-boot/myinitramfs/files/init.plain b/sys-boot/myinitramfs/files/init.plain new file mode 100755 index 0000000..08a47b8 --- /dev/null +++ b/sys-boot/myinitramfs/files/init.plain @@ -0,0 +1,94 @@ +#!/bin/busybox sh +# vim:ft=sh + +# Init must have pid 1 otherwise switch_root won't work. +if [ $$ -ne 1 ]; then + echo "init must have pid 1!" + exit 1 +fi + +# Predefice colors +C_NO="\e[0m" +C_GRAY="\e[1;30m" +C_RED="\e[1;31m" +C_GREEN="\e[1;32m" +C_YELLOW="\e[1;33m" + +PATH="$PATH:/bin:/sbin" + +# disable kernel message from terminal and clear screen +echo 0 > /proc/sys/kernel/printk +clear + +# TODO print some welcome ascii art :-) + +# Function called if we fail. Argument is error message. +fail() { + echo -e "${C_RED}$@${C_NO}" + echo -e "${C_YELLOW}Dropping to interactive shell${C_NO}" + busybox --install -s + while true; do + echo -e "${C_GRAY}Mount root to /mnt/root and exit shell to switch root.${C_NO}" + # Note: this is hack to enable job control + setsid sh -c 'exec sh </dev/tty1 >/dev/tty1 2>&1' + echo + exec switch_root /mnt/root /sbin/init || echo -e "${C_RED}Root switch failed!${C_NO}" + done +} + +# Preliminary mounts +busybox mount -t proc none /proc || fail "/proc mount failed!" +busybox mount -t sysfs none /sys || fail "/sys mount failed!" +busybox mount -t devtmpfs none /dev || fail "/dev mount failed!" + +# Now open and mount root +root="" +rootflags="" +recovery=false + +for opt in $(cat /proc/cmdline); do + case "$opt" in + root=*) + root=${opt:5} + ;; + rootflags=*) + rootflags=${opt:10} + ;; + recovery) + recovery=true + ;; + BOOT_IMAGE=*|initrd=*) + # Ignore those + ;; + *) + echo -e "${C_YELLOW}Unknown kernel argument: $opt${C_NO}" + ;; + esac +done + +$recovery && fail "Requested recovery." + +[ -z "$root" ] && fail "Missing root argument!" + +echo -ne "${C_GRAY}Waiting for root ($root)..." +CNT=10 +while [ ! -e "$root" ] && [ $CNT -gt 0 ]; do + CNT=$(expr $CNT - 1) + sleep 1 + echo -n " $CNT" +done +echo -e "${C_NO}" +[ -e "$root" ] || fail "Root not located!" + +echo -e "${C_GREEN}Mounting root...${C_NO}" +mount -t btrfs -o "$rootflags" "$root" /mnt/root \ + || fail "Mounting root failed! /proc/cmdline=$(cat /proc/cmdline)" + + +echo -e "${C_GREEN}Switching to real root${C_NO}" + +# First clean up. The init process will remount proc, sys and dev later on +busybox umount /dev /sys /proc || fail "Unmouns failed!" + +# Now do switch +exec switch_root /mnt/root /sbin/init || fail "Root switch failed!" diff --git a/sys-boot/myinitramfs/myinitramfs-1.1.ebuild b/sys-boot/myinitramfs/myinitramfs-1.2.ebuild index 9e8e999..8d1ed52 100644 --- a/sys-boot/myinitramfs/myinitramfs-1.1.ebuild +++ b/sys-boot/myinitramfs/myinitramfs-1.2.ebuild @@ -12,7 +12,7 @@ SRC_URI="" LICENSE="GPLv2" SLOT="0" KEYWORDS="amd64 x86" -IUSE="" +IUSE="+encrypted" DEPEND="sys-fs/cryptsetup sys-fs/btrfs-progs @@ -28,7 +28,11 @@ src_unpack() { src_compile() { # TODO generate list dynamically cp "${FILESDIR}"/list list - echo "file /init ${FILESDIR}/init 755 0 0" >> list + if use encrypted; then + echo "file /init ${FILESDIR}/init.enc 755 0 0" >> list + else + echo "file /init ${FILESDIR}/init.plain 755 0 0" >> list + fi gen_init_cpio list > initramfs.cpio gzip initramfs.cpio } |