From: Steffen Nurpmeso <steffen@sdaoden.eu>
To: (Norman Wilson) <norman@oclsc.org>
Cc: tuhs@tuhs.org
Subject: [TUHS] Re: Unix install & "standalone" package
Date: Tue, 05 Sep 2023 00:10:59 +0200 [thread overview]
Message-ID: <20230904221059.sF2G0%steffen@sdaoden.eu> (raw)
In-Reply-To: <9A989054DE79CE5059CBA74797391E39.for-standards-violators@oclsc.org>
Norman Wilson wrote in
<9A989054DE79CE5059CBA74797391E39.for-standards-violators@oclsc.org>:
|I don't remember any special many-programs-in-one binary
|like busybox in any Unix from the days when Unix was simple
|enough for me to understand. That covers the entire lifetime
|of the Research systems, but also System V and the BSDs and
|their sundry offspring up into at least the 1990s.
...
|Perhaps the question to ask is why such a magic program is
|needed at all. Is it just because programs like the shell
|have become so large and unwieldy that they won't fit in
|a small environment suitable for loading into an initramfs?
AlpineLinux as used on my vserver has busybox by default and can
cover most utitilities like that. The lead developer Copa once
said something like "The idea is you install explicitly [if you
want something better]". (It is a symlink farm that is
selectively replaced by installing "real" packages iirc.)
For my laptop it allows me easy boot management.
To save you the chatter ("Chatten" is the name of my tribe .. most
likely; could be Franken, Sueben .. and you know how it is): this
approach is much easier and smaller than having lots of static
binaries to copy around etc.
I do not use secure boot, i have on EFI only a kernel, busybox and
cryptsetup, and scripts (the laptop is named "kent")::
...
drwxr-xr-x 4 root root 4096 Jul 15 2021 EFI/
...
-rwxr-xr-x 1 root root 272 Feb 1 2022 kent.sh*
-rwxr-xr-x 1 root root 313 Feb 1 2022 kent-direct.sh*
drwxr-xr-x 1 root root 252 Oct 9 2022 ../
-rwxr-xr-x 1 root root 4596 Feb 4 2023 linux-init-s1.sh*
-rwxr-xr-x 1 root root 3646 Feb 4 2023 linux-init-lib.sh*
-rwxr-xr-x 1 root root 5480120 Feb 11 2023 cryptsetup.static*
-rwxr-xr-x 1 root root 1978368 Aug 15 18:51 busybox.static*
-rwxr-xr-x 1 root root 10112672 Aug 26 18:44 ideapad-stage1.efi*
So kent.sh can be init(8) for the ideapad-stage1.efi Linux kernel
started via EFI as setup via efibootmgr(8)
Boot0001* kent HD(1,GPT,5d6d756b-5de2-4e5d-b043-8d4ae1bb6eb0,0x800,0x82000)/File(\ideapad-stage1.efi)root=/dev/nvme0n1p1 rootfstype=vfat init=/kent.sh
#!/busybox.static sh
#@ kent, step 1., via EFI.
PART_ROOT=/dev/nvme0n1p8
ROOT_DECRYPT='-t btrfs -o defaults,subvol=/crux/kent/root'
PART_ROOT1=/dev/nvme0n1p8
ROOT_DECRYPT1='-t btrfs -o defaults,subvol=/crux/kent/root.old'
INIT_S2=/boot/kent-2.sh
. /linux-init-s1.sh
and that allows me to unlock the harddisk.
We then boot via $INIT_S2 and kexec(8) a kernel from the encrypted
harddisk, so no code from EFI partition keeps on running. (We
byte-compare the data from EFI with equal /boot/ files after
booting the real system.)
This allows nice and easy properties: only three files to track
(cryptsetup, busybox, kernel), almost same set of files in /boot/
and /media/efi aka EFI. And ideapad-stage1.efi is the same kernel
that later runs, but later we have also additional dynamic modules
available. Ie, every few weeks i copy /boot/ideapad-6_1.efi over
to be the new -stage1.efi.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
next prev parent reply other threads:[~2023-09-04 22:11 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-04 14:44 [TUHS] " Norman Wilson
2023-09-04 14:55 ` [TUHS] " Vincenzo Nicosia
2023-09-04 17:20 ` Warner Losh
2023-09-04 19:05 ` Clem Cole
2023-09-05 17:03 ` Paul Winalski
2023-09-05 18:02 ` Clem Cole
2023-09-04 19:59 ` Theodore Ts'o
2023-09-04 23:51 ` Warner Losh
2023-09-04 17:18 ` Warner Losh
2023-09-04 22:10 ` Steffen Nurpmeso [this message]
2023-09-05 15:53 ` Steffen Nurpmeso
2023-09-06 17:50 ` Warner Losh
2023-09-07 0:11 ` Steffen Nurpmeso
2023-09-07 16:05 ` Warner Losh
2023-09-08 14:58 ` Theodore Ts'o
2023-09-08 13:56 ` Michael Kjörling
2023-09-08 23:38 ` Steffen Nurpmeso
2023-09-09 22:43 ` Steffen Nurpmeso
2023-09-11 4:10 ` Theodore Ts'o
2023-09-11 22:05 ` Steffen Nurpmeso
2023-09-05 1:07 ` Jonathan Gray
-- strict thread matches above, loose matches on Subject: below --
2023-09-04 9:57 [TUHS] " Paul Ruizendaal via TUHS
2023-09-04 14:53 ` [TUHS] " emanuel stiebler
2023-09-04 17:07 ` Warner Losh
2023-09-04 18:21 ` Dan Cross
2023-09-05 11:15 ` Paul Ruizendaal via TUHS
2023-09-05 14:15 ` Clem Cole
2023-09-05 17:03 ` Warner Losh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230904221059.sF2G0%steffen@sdaoden.eu \
--to=steffen@sdaoden.eu \
--cc=norman@oclsc.org \
--cc=tuhs@tuhs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).