Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/defaults/linuxrc
Commit message (Collapse)AuthorAgeFilesLines
* Plymouth support for genkernel (squashed).FlyingWaffle2023-08-301-2/+17
| | | | | | Bug: https://bugs.gentoo.org/753617 Signed-off-by: FlyingWaffle <flyingwaffle@pm.me> Signed-off-by: Sam James <sam@gentoo.org>
* Fixes a mistake with quotation usage when testing for LVM flag.FlyingWaffle2022-05-281-1/+1
| | | | Signed-off-by: FlyingWaffle <flyingwaffle@pm.me>
* Additional test to allow for hibernation resume...FlyingWaffle2022-05-281-1/+2
| | | | | | ...on a broader range of system configurations, including LVM and swapfiles. Signed-off-by: FlyingWaffle <flyingwaffle@pm.me>
* genkernel: add keyctl support for loading LUKS passphrase into a keyringMaciej S. Szmigiero2022-05-221-2/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cryptsetup LUKS2 format comes with an ability to automatically unlock multiple devices (root, swap, etc.) sharing the same passphrase, without retyping it for each of them, by loading it into the user keyring. This commit adds such (optional) genkernel support for loading LUKS passphrase into the user keyring on boot. In the default mode of operation the newly added key is (possibly) used only to unlock root and swap devices and is removed soon after that. By providing appropriate kernel command line parameter the key can be left in the keyring instead (with an optional timeout) for unlocking other LUKS devices post-initramfs time. Because one of the most common use cases of this functionality will be having an encrypted swap for doing suspend to disk (hibernation) let's also make sure that we don't unlock the root device when doing so is unnecessary (when we are resuming the system from hibernation). Since the security of a FDE passphrase is of paramount importance in this solution significant care has been taken not to leak it accidentally: * The passphrase is read directly by keyctl to avoid storing it in the shell, * If the passphrase is used only to unlock root and swap devices (which is the default mode of operation) the init script will check whether its removal from keyring has actually succeeded and, if not, reboot the system rather than continue while leaving it exposed, * keyutils includes a patch (already upstreamed) to wipe the passphrase from memory when no longer needed. Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
* linuxrc: do not rely on chroot evaluating PATHAndreas K. Hüttel2022-05-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When trying to install a new kernel on catbus.sparc.dev.gentoo.org, the newly built initrd consistently claimed that it could not find init, and dropped to the rescue shell. However, init was there just fine in /newroot (as before). I dug out the command that is actually run inside linuxrc, elif ! chroot "${CHROOT}" test -x /${init#/} 1>/dev/null 2>&1 and tried to run that manually, which led to a rather strange error message rescueshell / # chroot /newroot test -x /lib/systemd/systemd chroot: can't execute 'test': File name too long Some more research led me to the busybox manpage (where here chroot comes from): https://busybox.net/downloads/BusyBox.html#chroot chroot chroot NEWROOT [PROG [ARGS]] Run PROG with root directory set to NEWROOT Note, the third argument is *not* a command (as with usual chroot, see the manpage from coreutils chroot) but a program! Bug: https://bugs.gentoo.org/842027 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
* Add support for LUKS detached headerDmitry Baranov2021-08-071-0/+18
| | | | Signed-off-by: Dmitry Baranov <reagentoo@gmail.com>
* linuxrc: Don't mess with console log level in quiet modeThomas Deutschmann2021-07-061-3/+6
| | | | | | Fixes: d5f7d79b ("linuxrc: Refactor handling of console log level") Bug: https://bugs.gentoo.org/788970 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Fix log messageThomas Deutschmann2021-03-261-1/+1
| | | | | Fixes: 60ecb8b6d ("linuxrc: Move global variables to initrd.defaults") Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Adjust resume device messagesThomas Deutschmann2021-03-211-1/+3
| | | | | | Use same messages we use for root device. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Move global variables to initrd.defaultsThomas Deutschmann2021-03-211-19/+6
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Use same $CRYPT_SILENT styleThomas Deutschmann2021-03-211-1/+1
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Refactor handling of console log levelThomas Deutschmann2021-03-201-7/+11
| | | | | Closes: https://github.com/gentoo/genkernel/pull/24 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Fix QUIET modeThomas Deutschmann2021-03-201-7/+7
| | | | | | | This commit will ensure that we really don't output anything when running in QUIET mode -- only errors will be shown. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Refactor switch_root error handlingThomas Deutschmann2021-03-141-22/+51
| | | | | | | | | | | | | | | | | | | | | | | Previous idea (commit 93bf318e5114233f3cacc4575ab2e58d60e785c7) never worked: Exec will replace initramfs' init (PID 1) with specified command so that any further line will never be reached. If that command will fail now, init basically ended which will trigger a kernel panic: !! A fatal error has occured since /sbin/openrc-init did not !! boot correctly. Trying to open a shell ... + exec /bin/bash /init: exec: line 1366: /bin/bash: not found [ 55.060649] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00007f00 The new error handling will keep init running in loop which will allow user to fix every detected problem until we are confident that switch_root call has a chance to succeed. In case the user cannot fix the problem (maybe because of gk.userinteraction.disabled), we will call the newly added gk.emergency action (reboot, poweroff or halt). Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Rename rundebugshell() -> run_debug_shell()Thomas Deutschmann2021-03-141-3/+3
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Skip loading embedded boot font for serial consolesThomas Deutschmann2021-03-141-1/+7
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Drop "console" kernel argument handlingThomas Deutschmann2021-03-141-21/+0
| | | | | | | It was never really used; Kernel's console handling already did the work. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Mark kernel command-line argument lvmraid as deprecatedThomas Deutschmann2021-03-141-2/+1
| | | | | | Not used anymore since we moved to (e)udev. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Determine active consoleThomas Deutschmann2021-03-141-0/+1
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Reformat exec codeThomas Deutschmann2021-03-141-2/+2
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Don't delete /linuxrcThomas Deutschmann2021-03-141-5/+0
| | | | | | It's not clear why this was ever added via commit c4e37560598d4dc59ef3619084f3822df71e8aef. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: load btrfs module manuallyThomas Deutschmann2021-02-151-0/+8
| | | | | | | | | | There is no trigger/rule in UDEV/btrfs-progs to load btrfs module. The only known trigger via mount command could be too late or is maybe insufficient depending on used BTRFS {meta,}data profile. Bug: https://bugs.gentoo.org/739892 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Add gk.preserverun.disabledThomas Deutschmann2021-02-081-0/+15
| | | | | | | | | | | | When this boolean option is set and enabled, genkernel initramfs will unmount /run before calling switch_root. This can help in SELinux context for example where labeling is required which is not supported by genkernel. Bug: https://bugs.gentoo.org/739424 Bug: https://bugs.gentoo.org/740576 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: add kernel command-line argument to allow user to pass additional ↵Thomas Deutschmann2021-02-071-1/+12
| | | | | | | | | | | | | | | | | options to cryptsetup Cryptsetup supports additional options like "--perf-no_read_workqueue" or "--perf-no_write_workqueue". While it is recommended to use LUKS2 format and make these activiation flags permanent, you can also make use of the new kernel command-line arguments "crypt_root_options" for root device or "crypt_swap_options" for swap device to pass additional options to cryptsetup. These arguments can be specified multiple times or separate multiple options with a comma. Bug: https://bugs.gentoo.org/755587 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* Remove "dobtrfs" kernel command-line argumentThomas Deutschmann2020-09-111-6/+0
| | | | | | | This is no longer necessary with the switch to UDEV. Bug: https://bugs.gentoo.org/739892 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/initrd.scripts: openLUKS(): Trigger module loading when mounting ↵Thomas Deutschmann2020-09-021-0/+6
| | | | | | | | | {root,swap}_keydev We need to do the same we do for rootfs since commit 05f968fda2c6839744b36c442b3feaa6de974e63 also for {root,swap}_keydev. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: fix typoKarlson2k (Evgeny Grin)2020-08-301-1/+1
| | | | | | Signed-off-by: Karlson2k (Evgeny Grin) <k2k@narod.ru> Closes: https://github.com/gentoo/genkernel/pull/19 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Add gksosreportThomas Deutschmann2020-08-281-2/+2
| | | | | | | | | | To help debugging, 'gksosreport' was added (idea was borrowed from dracut): Whenever a user run into a problem and get to a rescue shell, running "gksosreport" will generate /run/initramfs/gksosreport.txt containing useful debug information suitable to attach to bug reports. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Try to determine filesystem typeThomas Deutschmann2020-08-281-1/+5
| | | | | | | | | 'mount -t auto' will not trigger module loading for filesystem kernel modules. Therefore we try to determine filesystem to trigger module loading in case filesystem isn't built into the kernel. Bug: https://bugs.gentoo.org/739250 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Add gk.udev.debug to run udevd in debug modeThomas Deutschmann2020-08-281-1/+9
| | | | | | | When gk.udev.debug=yes is set (boolean option), udevd will run in debug mode. Output will be written to /run/initramfs/udevd.log. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Log udevd debug output into /run/initramfs/udevd.logThomas Deutschmann2020-08-281-1/+1
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Always preserve logThomas Deutschmann2020-08-281-33/+6
| | | | | | | | | | Now that we are using UDEV and have to preserve /run, we can also use /run to always store log from initramfs. This will make debugging easier because user don't have to explicit enable logging (disabling is still possible). Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* Use switch_root from util-linuxThomas Deutschmann2020-08-281-30/+2
| | | | | | | | | | switch_root from busybox does not move /dev, /sys, /proc and /run. If we do that manually there is a small window for a race condition when /dev, /sys or /proc is still needed but already moved. switch_root from util-linux will move these mounts on its own and will therefore avoid any potential problems. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Make use of PATH (2)Thomas Deutschmann2020-08-281-3/+4
| | | | | | Don't use absolute paths. Use 'hash' to test if command is available. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Support devices with symlinks (2)Thomas Deutschmann2020-08-281-1/+1
| | | | | | Follow up for commit 0048f44c081dce2e296b48c71a208abf2a815c84. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Add debug breakpoint before udevd startThomas Deutschmann2020-08-281-0/+3
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Disable processing of modules_load file by defaultThomas Deutschmann2020-08-261-8/+18
| | | | | | | | | | | Now that we are using (e)udev with kmod support, we can rely on UDEV to load required kernel modules. Old module loading based on modules_load file can still be enabled via boolean "gk.hw.use-modules_load" kernel command-line option which is inverting and replacing previous "nodetect" kernel command-line option. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Hide first output until cmdline was parsedThomas Deutschmann2020-08-241-2/+2
| | | | | | | | This will make us honor QUIET kernel command-line argument and allow full silent boot. Link: https://forums.gentoo.org/viewtopic-t-1117988.html Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Process /etc/initramfs.mounts multiple timesThomas Deutschmann2020-08-191-34/+7
| | | | | | | | | | | | | | We need to mount mountpoints listed in /etc/initramfs.mounts before validating REAL_INIT in case init is located on seperate mount. In addition the code was moved to a dedicated function named process_initramfs_mounts() to allow to run it multiple times which is needed if REAL_INIT wasn't verified (in case system was booted from livecd). Link: https://forums.gentoo.org/viewtopic-t-1117762.html Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* Unify grep usageThomas Deutschmann2020-08-011-2/+2
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* bcache: Switch to UDEV usageThomas Deutschmann2020-07-241-10/+0
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* mdadm: Switch to UDEV usageThomas Deutschmann2020-07-241-3/+0
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* Switch from MDEV to UDEVThomas Deutschmann2020-07-241-14/+54
| | | | | | | | | We need to switch from using MDEV to UDEV to avoid boot problems due to timeouts caused by some UDEV rules from real system when real system is using systemd. Bug: https://bugs.gentoo.org/706434 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Make use of PATHThomas Deutschmann2020-07-241-8/+8
| | | | | | Don't use absolute paths. Use 'hash' to test if command is available. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Support devices with symlinksThomas Deutschmann2020-07-231-1/+4
| | | | | | | /dev/vg/foo can be a symlink to ../dm-1. This commit will allow to use such a value for devices, i.e. ROOT=/dev/vg/foo. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* linuxrc: Add gk.userinteraction.disabledThomas Deutschmann2020-07-161-0/+8
| | | | | | | | When this option is set and enabled, genkernel initramfs will not prompt on errors, i.e. this will disable any user interaction, e.g. for a kiosk system. Bug: https://bugs.gentoo.org/730966 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Fix mounting of /procThomas Deutschmann2020-07-161-1/+1
| | | | | | Cannot use `run` before root was mounted writable. Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: Disable unnecessary udev timeout in zpool importRichard Yao2020-06-121-1/+0
| | | | | | | | | | | | This is a regression that was introduced in sys-fs/zfs-kmod-0.7.0. It was originally fixed by 2eb1d04cfbfa397b58a0b388f8ed28688fd114d8, but this neglected to handle the case where booting is done via arguments such as "root=ZFS" or "root=ZFS=rpool/ROOT/gentoo" on the kernel commandline. This handles it. Signed-off-by: Richard Yao <ryao@gentoo.org> Closes: https://github.com/gentoo/genkernel/pull/16 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/initrd.scripts: ignore SC2045Thomas Deutschmann2020-04-111-0/+2
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
* defaults/linuxrc: help shellcheck sourcing scriptsThomas Deutschmann2020-04-111-0/+3
| | | | Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>