Hi, systemd definitely already has all the stuff in place to do this on it's own. The stuff creating the root partition would be sd-repart which just needs a corresponding partition description.
A good example of how this can be used is particleOS https://github.com/systemd/particleos which is an experiment to implement a OS based on the blog post you mentioned. It uses mkosi https://github.com/systemd/mkosi to create the image which in turn will generate a purely systemd based initrd. Cheers, Nils On Mon, Mar 3, 2025, 11:45 Emanuele Giuseppe Esposito <eespo...@redhat.com> wrote: > Hello everyone, > > As you might know already, I tried to submit a new dracut module that > implements the hermetic-usr approach described by Lennart in his > blogpost "Fitting everything together": > https://0pointer.net/blog/fitting-everything-together.html. > > The PR is here: https://github.com/dracut-ng/dracut-ng/pull/1234 > > While there are some small things to fix, it works well, at least in the > environments that I tried. > > It is able to recreate the whole root from scratch, provided that /usr > is existing in a separate partition.It creates a LUKS as well as > plaintext root, and supports plaintext /usr as well as dm-verity > protected one. > > Zbigniew pointed me that a dracut module might not be the best way to > achieve this, and there might be work in progress already in systemd to > achieve the same goal with a separate systemd component. > > Can you point me to the work that is being done in systemd? More > specifically, if there is something similar to what I implemented that > puts together systemd-repart with systemd-tmpfiles and sysusers and > creates a root. Is there some project already going on that does this? > > My module uses only 3 systemd units, and most of this stuff could be > reused, if you want. Or maybe is it better to continue the work on dracut? > > Let me know, > Emanuele > >
