Am Samstag, 17. November 2018 schrieb Steve Litt: > On Fri, 16 Nov 2018 21:10:54 +0100 > Irrwahn <irrw...@freenet.de> wrote: > [...] > > as an initrd is nothing more than an > > (optionally compressed) cpio archive, loaded by the Linux kernel > > itself. > > The preceding is exactly like saying, "as an init system is nothing > more than a PID1 and either some rc scripts, a process supervisor, or a > combination of both". The nature of an initramfs can be changed just > like the nature of an init can, and I have a feeling it could be done > without changes to the kernel. Like an init system only more so, an > initramfs runs in its own environment and is difficult to get your > voltmeter probes into, so experimentation and troubleshooting necessary > to back out PRF (Poettering/Redhat/Freedesktop) mods is difficult and > time consuming. > > SteveT
Ahm, no. The initrams tool provide a handy way to inspect/modify/rebuild initrd. But the debian documentation on how initrd works is wrong: it assumes a one part archive (which is what you would expect), but in fact it is a 2 part archive (first part uncomressed, second compressed). Take a look at /usr/bin/unmkinitramfs line 50 ff to see how it works. Also look at the referenced linux/lib/earlycpio.c for further detail. The most important point is this: processes started in initrd survive switch_root. There goes your "full disk encryption" myth. Nik -- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ... _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
