View previous topic :: View next topic |
Author |
Message |
mortonP Tux's lil' helper
Joined: 22 Dec 2015 Posts: 94
|
Posted: Wed Jan 01, 2025 11:43 am Post subject: suggestion for customized initramfs |
|
|
I got this old installation for creating initramfs
Code: | Fri Feb 22 17:19:12 2019 >>> sys-kernel/genkernel-next-69
|
which now really pushing hard for EOL:
Code: |
* ERROR: sys-kernel/genkernel-next-69::x-portage failed (depend phase):
* toolchain-funcs: EAPI 6 not supported
|
amongst dependency challenges (https://forums.gentoo.org/viewtopic-t-1171777.html)
I guess I - finally - have to come up with a new initramfs...
...but which one to choose?
genkernel?
dracut?
....
Want:
be able to remove unnecessary kernel modules to cut down size.
support adding of extra/custom files
no systemd support
support LUKS encrypted rootfs
support injection of custom code/script to obtain LUKS key file for root mount
...the last customisation (done years ago) kept the current setup so long - "it just works" - and forward porting this .... well... I guess I finally have to do it now?
Suggestions what to use as starting point appreciated! |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54742 Location: 56N 3W
|
Posted: Wed Jan 01, 2025 12:03 pm Post subject: |
|
|
mortonP,
Do it yourself.
Your initramfs can be like firmware, fixed for the life of of the system. No kernel modules included.
My systems last so long, I forget how to do it from one to the next.
That guide does not yet cover LUKS. Feel free to contribute. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
bstaletic Guru
Joined: 05 Apr 2014 Posts: 457
|
Posted: Wed Jan 01, 2025 12:33 pm Post subject: |
|
|
Quote: | I got this old installation for creating initramfs |
5 years is going to be a ride, but it's doable.
Quote: | Code: | * toolchain-funcs: EAPI 6 not supported |
|
That's because portage/eclass/toolchain-funcs does not support EAPI 6 any more and sys-kernel/genkernel-next-69 is from an overlay and still uses EAPI 6?
EAPI 6 was dropped 3 months ago: https://github.com/gentoo/gentoo/commit/408ab46afe18d455c3603bedb04610f52f5acc28
I'd upgrade in smaller steps:
- Upgrade to an older point. Maybe just 3 months ago is fine, but I think you'll encounter other issues too. 6 months at a time, maybe?
- Fix problems as they appear.
- Repeat
As for kernel config itself, Pietinger's wiki page is very valuable.
https://wiki.gentoo.org/wiki/User:Pietinger#Subpages |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54742 Location: 56N 3W
|
Posted: Wed Jan 01, 2025 12:57 pm Post subject: |
|
|
mortonP,
5 years ... is that all ?
The update will teach you things about portage you can learn no other way.
There is no need to 'faff about' with git any longer if your kernel supports squashfs.
There are old snapshots on line, back to April 2016.
You may have problems finding older source files.
The idea is to do the updates you missed in 6 month or so steps. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
zen_desu Tux's lil' helper
Joined: 25 Oct 2024 Posts: 105
|
Posted: Wed Jan 01, 2025 6:22 pm Post subject: |
|
|
If you don't want to make it fully custom, I recommend my tool ugrd: https://github.com/desultory/ugrd
I think it does most of what you want. It avoids systemd/udev, makes tiny images, and it has a rather robust kmod dependency/ignore system.
it's integrated with installkernel and automatically handles most LUKS config for you so "just works".
I'm considering removing this 'feature' but at the moment, it leaves the build dir in /tmp/initramfs_build where you can modify or repack it. This is a bit of a vestigial feature, as ugrd was designed using the custom initrmafs wiki page as a guide. Now, it implements its own CPIO packer and does not need to copy files, but does to make the build more transparent to the user.
ugrd allows users to disable all builtin modules and simply use it as an automated dependency resolution script (runs lddtree, etc)
the LUKS key handling stuff already works by key command injection https://github.com/desultory/ugrd/blob/main/src/ugrd/crypto/gpg.toml#L9
it's also designed so users can specify a custom key command without actually making a new module. _________________ µgRD dev
Wiki writer |
|
Back to top |
|
|
sdauth l33t
Joined: 19 Sep 2018 Posts: 667 Location: Ásgarðr
|
Posted: Wed Jan 01, 2025 7:41 pm Post subject: |
|
|
Although the repo is now read-only, I've been using this for years now: https://github.com/fff7d1bc/better-initramfs
It builds a tiny initramfs with binaries statically linked (musl)
Assuming no modules is needed, this is a good choice. In my case, everything crucial is built-in so I only need cryptsetup + busybox for my setup.
The whole xz compressed initramfs is 1.7M (4.0M uncompressed) |
|
Back to top |
|
|
mortonP Tux's lil' helper
Joined: 22 Dec 2015 Posts: 94
|
Posted: Wed Jan 01, 2025 10:18 pm Post subject: |
|
|
Quote: | 5 years is going to be a ride |
World is up to date - I just saved the genkernel-next ebuild in a local overlay to keep it available.
The dependencies required continue to deteriorate, of course, so this was only a time extension...
Quote: | Your initramfs can be like firmware, fixed for the life of of the system. No kernel modules included. |
Actually I did do a kernel+initramfs upgrade only about yearly - from LTS to LTS kernel.
I ran a long time with no kernel modules, just compiled in, it worked great for years - but
then I had to finally enable kernel modules some time ago - I can no longer remember why it was needed.
I am honored by your confidence in my abilities, master *bows*
Quote: | EAPI 6 was dropped 3 months ago |
Yeah, so either I port the genkernel-next ebuild to a newer EAPI and extend the clock somewhat,
or finally choose now a new initramfs...
Quote: | I recommend my tool ugrd |
Interesting, will take a look at it, had not heard of it before.
Quote: | I've been using this for years now: |
Also nice to know, maybe some inspiration there.
Thank you for the suggestions so far, I have to figure out a time-efficient setup+test+debug to get this going... |
|
Back to top |
|
|
zen_desu Tux's lil' helper
Joined: 25 Oct 2024 Posts: 105
|
Posted: Wed Jan 01, 2025 10:34 pm Post subject: |
|
|
If you want to try ugrd, you can simply add the USE flag to installkernel, and make install on sources or running emerge --config on dist-kernel should handle the rest for you.
It autodetects LUKS mounts and requires no additional config unless keyfiles are used.
Unlike genkernel it does not make any attempt to configure your kernel, but will attempt to pull required kmods or check that they are builtin. _________________ µgRD dev
Wiki writer |
|
Back to top |
|
|
mortonP Tux's lil' helper
Joined: 22 Dec 2015 Posts: 94
|
Posted: Wed Jan 01, 2025 11:01 pm Post subject: |
|
|
zen_desu wrote: | simply add the USE flag to installkernel, and make install on sources or running emerge --config on dist-kernel should handle the rest for you.
|
Don't know about installkernel.
I build my kernel, copy bzImage and initramfs to /boot and edit one line in grub.cfg - done.
Guess I'm too old fashioned? |
|
Back to top |
|
|
zen_desu Tux's lil' helper
Joined: 25 Oct 2024 Posts: 105
|
Posted: Wed Jan 01, 2025 11:04 pm Post subject: |
|
|
mortonP wrote: | zen_desu wrote: | simply add the USE flag to installkernel, and make install on sources or running emerge --config on dist-kernel should handle the rest for you.
|
Don't know about installkernel.
I build my kernel, copy bzImage and initramfs to /boot and edit one line in grub.cfg - done.
Guess I'm too old fashioned? |
That is the "old" way and it does work. If you're not using installkernel you can simply run "ugrd --kver <version string> /boot/initramfs.img" or wherever you want to target.
I recommend giving installkernel a try because it helps automate a process that doesn't really change much between runs. It'll also configure your bootloader for you, so you truly just need to run "make install". _________________ µgRD dev
Wiki writer |
|
Back to top |
|
|
sublogic Guru
Joined: 21 Mar 2022 Posts: 300 Location: Pennsylvania, USA
|
Posted: Wed Jan 01, 2025 11:48 pm Post subject: |
|
|
zen_desu wrote: | I'm considering removing this 'feature' but at the moment, it leaves the build dir in /tmp/initramfs_build where you can modify or repack it. This is a bit of a vestigial feature, as ugrd was designed using the custom initrmafs wiki page as a guide. Now, it implements its own CPIO packer and does not need to copy files, but does to make the build more transparent to the user. | I hope you keep it as an option, it came in handy during my install.
Back to the original thread now... |
|
Back to top |
|
|
zen_desu Tux's lil' helper
Joined: 25 Oct 2024 Posts: 105
|
Posted: Wed Jan 01, 2025 11:54 pm Post subject: |
|
|
sublogic wrote: | zen_desu wrote: | I'm considering removing this 'feature' but at the moment, it leaves the build dir in /tmp/initramfs_build where you can modify or repack it. This is a bit of a vestigial feature, as ugrd was designed using the custom initrmafs wiki page as a guide. Now, it implements its own CPIO packer and does not need to copy files, but does to make the build more transparent to the user. | I hope you keep it as an option, it came in handy during my install.
Back to the original thread now... |
If you could elaborate, that would help. the "issue" is that I'm considering implementing support for ugrd to work under alternate "ROOT"s, where it gets dependency files from another path. This isn't that hard to implement as it is, but if I made it directly add files to the CPIO it makes, that could skip a step and make it easier to handle alternate paths. I'm glad you said something because I've asked around a bit and few people even realize it does that.
I somewhat considered making it have an option to extract the output CPIO on completion, so you can explore the output dir. Currently, you could possibly explore the build dir if there was a failure, but I'm not sure this would be helpful as a base for making an image.
https://forums.gentoo.org/viewtopic-p-8850332.html#8850332 _________________ µgRD dev
Wiki writer |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54742 Location: 56N 3W
|
Posted: Thu Jan 02, 2025 11:05 am Post subject: |
|
|
mortonP,
A monolithic kernel is not required for the DIY initrd approach.
As there is nowhere to load modules from until root is mounted, the kernel code to achieve mounting root must be built in. Other things can sttll be modules.
zen_desu,
The kernel provided script Code: | /usr/src/linux/usr/gen_init_cpio | builds the initrd from an arbitrary location. It's GPL-2 too so you are allowed to borrow ...
-- edit --
Granny ... eggs :) _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
zen_desu Tux's lil' helper
Joined: 25 Oct 2024 Posts: 105
|
Posted: Thu Jan 02, 2025 4:59 pm Post subject: |
|
|
NeddySeagoon wrote: | mortonP,
A monolithic kernel is not required for the DIY initrd approach.
As there is nowhere to load modules from until root is mounted, the kernel code to achieve mounting root must be built in. Other things can sttll be modules.
zen_desu,
The kernel provided script Code: | /usr/src/linux/usr/gen_init_cpio | builds the initrd from an arbitrary location. It's GPL-2 too so you are allowed to borrow ...
-- edit --
Granny ... eggs |
I included gen_init_cpio in ugrd before, I stopped using it because I needed more features and it became a bit challenging to build around it. It may not have been the best method but at the time I included the source for that in the module and had it compile that at runtime if it was not already compiled. Overall not great design, but PyCPIO works quite well, especially for adding files to the archive which are not in the build root, such as device nodes. https://github.com/desultory/ugrd/commit/ee842114c98faad979231f9bbd36275763f80ac6 _________________ µgRD dev
Wiki writer |
|
Back to top |
|
|
|