summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--profiles/base/amd64/package.accept_keywords1
-rw-r--r--profiles/base/amd64/packages1
-rwxr-xr-xsys-boot/myinitramfs/files/init93
-rw-r--r--sys-boot/myinitramfs/files/list35
-rw-r--r--sys-boot/myinitramfs/myinitramfs-1.0.ebuild40
5 files changed, 170 insertions, 0 deletions
diff --git a/profiles/base/amd64/package.accept_keywords b/profiles/base/amd64/package.accept_keywords
new file mode 100644
index 0000000..b025ab2
--- /dev/null
+++ b/profiles/base/amd64/package.accept_keywords
@@ -0,0 +1 @@
+sys-apps/linux-misc-apps ~amd64
diff --git a/profiles/base/amd64/packages b/profiles/base/amd64/packages
index 74632d0..ec7f01b 100644
--- a/profiles/base/amd64/packages
+++ b/profiles/base/amd64/packages
@@ -7,3 +7,4 @@ sys-apps/smartmontools
# Linux
sys-boot/efibootmgr
sys-boot/syslinux
+sys-boot/myinitramfs
diff --git a/sys-boot/myinitramfs/files/init b/sys-boot/myinitramfs/files/init
new file mode 100755
index 0000000..3cd6ce9
--- /dev/null
+++ b/sys-boot/myinitramfs/files/init
@@ -0,0 +1,93 @@
+#!/bin/busybox sh
+# vim:ft=sh
+
+# Init must have pid 1 otherwise switch_root won't work.
+if [ $$ -ne 1 ]; then
+ echo "init must have pid 1!"
+ exit 1
+fi
+
+# Predefice colors
+C_NO="\e[0m"
+C_GRAY="\e[1;30m"
+C_RED="\e[1;31m"
+C_GREEN="\e[1;32m"
+C_YELLOW="\e[1;33m"
+
+PATH="$PATH:/bin:/sbin"
+
+# disable kernel message from terminal and clear screen
+echo 0 > /proc/sys/kernel/printk
+clear
+
+# TODO print some welcome ascii art :-)
+
+# Function called if we fail. Argument is error message.
+fail() {
+ echo -e "${C_RED}$@${C_NO}"
+ echo -e "${C_YELLOW}Dropping to interactive shell${C_NO}"
+ busybox --install -s
+ while true; do
+ echo -e "${C_GRAY}Mount root to /mnt/root and exit shell to switch root.${C_NO}"
+ # Note this is hack to enable job control
+ setsid sh -c 'exec sh </dev/tty1 >/dev/tty1 2>&1'
+ echo
+ exec switch_root /mnt/root /sbin/init || echo -e "${C_RED}Root switch failed!${C_NO}"
+ done
+}
+
+# Preliminary mounts
+busybox mount -t proc none /proc || fail "/proc mount failed!"
+busybox mount -t sysfs none /sys || fail "/sys mount failed!"
+busybox mount -t devtmpfs none /dev || fail "/dev mount failed!"
+
+# Now open and mount root
+root=""
+rootflags=""
+
+for opt in $(cat /proc/cmdline); do
+ case "$opt" in
+ root=*)
+ root=${opt:5}
+ ;;
+ rootflags=*)
+ rootflags=${opt:10}
+ ;;
+ BOOT_IMAGE=*|initrd=*)
+ # Ignore those
+ ;;
+ *)
+ echo -e "${C_YELLOW}Unknown kernel argument: $opt${C_NO}"
+ ;;
+ esac
+done
+
+[ -z "$root" ] && fail "Missing root argument!"
+
+echo -ne "${C_GRAY}Waiting for root ($root)..."
+CNT=10
+while [ ! -e "$root" ] && [ $CNT -gt 0 ]; do
+ CNT=$(expr $CNT - 1)
+ sleep 1
+ echo -n " $CNT"
+done
+echo -e "${C_NO}"
+[ -e "$root" ] || fail "Root not located!"
+
+# TODO mount boot parition and look for key saved there (on unlock remove it)
+
+echo -e "${C_GREEN}Unlocking root...${C_NO}"
+cryptsetup open "$root" encroot || fail "Unlocking root failed! /proc/cmdline=$(cat /proc/cmdline)"
+
+echo -e "${C_GREEN}Mounting root...${C_NO}"
+mount -t btrfs -o "$rootflags" /dev/mapper/encroot /mnt/root \
+ || fail "Mounting root failed! /proc/cmdline=$(cat /proc/cmdline)"
+
+
+echo -e "${C_GREEN}Switching to real root${C_NO}"
+
+# First clean up. The init process will remount proc, sys and dev later on
+busybox umount /dev /sys /proc || fail "Unmouns failed!"
+
+# Now do switch
+exec switch_root /mnt/root /sbin/init || fail "Root switch failed!"
diff --git a/sys-boot/myinitramfs/files/list b/sys-boot/myinitramfs/files/list
new file mode 100644
index 0000000..9645521
--- /dev/null
+++ b/sys-boot/myinitramfs/files/list
@@ -0,0 +1,35 @@
+# Dirs
+dir /bin 755 0 0
+dir /dev 755 0 0
+dir /etc 755 0 0
+dir /lib 755 0 0
+dir /lib64 755 0 0
+dir /mnt 755 0 0
+dir /mnt/root 755 0 0
+dir /proc 755 0 0
+dir /root 755 0 0
+dir /sbin 755 0 0
+dir /sys 755 0 0
+
+# Binaries
+file /bin/busybox /bin/busybox 755 0 0
+file /sbin/cryptsetup /sbin/cryptsetup 755 0 0
+file /sbin/btrfs /sbin/btrfs 755 0 0
+
+# Ld
+file /lib64/ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2 755 0 0
+# Libraries
+file /lib64/libblkid.so.1 /lib64/libblkid.so.1 755 0 0
+file /lib64/libc.so.6 /lib64/libc.so.6 755 0 0
+file /lib64/libdevmapper.so.1.02 /lib64/libdevmapper.so.1.02 755 0 0
+file /lib64/liblzo2.so.2 /lib64/liblzo2.so.2 755 0 0
+file /lib64/libm.so.6 /lib64/libm.so.6 755 0 0
+file /lib64/libpthread.so.0 /lib64/libpthread.so.0 755 0 0
+file /lib64/librt.so.1 /lib64/librt.so.1 755 0 0
+file /lib64/libudev.so.1 /lib64/libudev.so.1 755 0 0
+file /lib64/libuuid.so.1 /lib64/libuuid.so.1 755 0 0
+file /lib64/libz.so.1 /lib64/libz.so.1 755 0 0
+file /lib64/libcryptsetup.so.4 /usr/lib64/libcryptsetup.so.4 755 0 0
+file /lib64/libgcrypt.so.20 /usr/lib64/libgcrypt.so.20 755 0 0
+file /lib64/libgpg-error.so.0 /usr/lib64/libgpg-error.so.0 755 0 0
+file /lib64/libpopt.so.0 /usr/lib64/libpopt.so.0 755 0 0
diff --git a/sys-boot/myinitramfs/myinitramfs-1.0.ebuild b/sys-boot/myinitramfs/myinitramfs-1.0.ebuild
new file mode 100644
index 0000000..9e8e999
--- /dev/null
+++ b/sys-boot/myinitramfs/myinitramfs-1.0.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+# TODO support encrytion and btrfs only as option
+
+EAPI=6
+
+DESCRIPTION="My personal initramfs (verry simple with encryption support)"
+HOMEPAGE=""
+SRC_URI=""
+
+LICENSE="GPLv2"
+SLOT="0"
+KEYWORDS="amd64 x86"
+IUSE=""
+
+DEPEND="sys-fs/cryptsetup
+sys-fs/btrfs-progs
+sys-apps/linux-misc-apps
+sys-apps/busybox[static]"
+RDEPEND="${DEPENDS}"
+
+src_unpack() {
+ # Well we have no sources so just create empty directory
+ mkdir -p "${S}"
+}
+
+src_compile() {
+ # TODO generate list dynamically
+ cp "${FILESDIR}"/list list
+ echo "file /init ${FILESDIR}/init 755 0 0" >> list
+ gen_init_cpio list > initramfs.cpio
+ gzip initramfs.cpio
+}
+
+src_install() {
+ dodir /boot
+ insinto /boot
+ newins initramfs.cpio.gz initramfs-gentoo
+}