From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HTML_MESSAGE,MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 28473 invoked from network); 6 Sep 2023 17:51:17 -0000 Received: from minnie.tuhs.org (50.116.15.146) by inbox.vuxu.org with ESMTPUTF8; 6 Sep 2023 17:51:17 -0000 Received: from minnie.tuhs.org (localhost [IPv6:::1]) by minnie.tuhs.org (Postfix) with ESMTP id 5EDD7402E2; Thu, 7 Sep 2023 03:51:10 +1000 (AEST) Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) by minnie.tuhs.org (Postfix) with ESMTPS id 2FE89402DF for ; Thu, 7 Sep 2023 03:51:00 +1000 (AEST) Received: by mail-lf1-x129.google.com with SMTP id 2adb3069b0e04-50079d148aeso45892e87.3 for ; Wed, 06 Sep 2023 10:51:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20230601.gappssmtp.com; s=20230601; t=1694022657; x=1694627457; darn=tuhs.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=06cZb7NN7A51K0Nv4I2LQwgyDrsfHoh6zk5Z/xU9fUY=; b=CiGPmQ9eOzWHiVCHnZoNCLN4+AJh4DBkUxixKIfPoQUPmAI9HZY7hoMcTXYj1Zb3gY P903AIoAB+7bx6Asxvr3Sof4ObJGcErDcNmjUamBbBr654rICmytwlBEjj2OAf86jI+u JmL8ir4W0zVSVnCwJZc58y4/EyVToojXTMRS/H143asfwO91Rto4+aFot1kG4EDnXhtD Y1+zKfW5WTb1TjKr2/9DACu2payRo3SLPf6YRuntdO0Dq+OO2JFH/PV9/XKLEEsF+egE dM8UywTRCQ/oRbi47jKVISt/wj07APoL0T/NeeVOqUIHdzk+20XXUnwgfSkXIiuoHlMu zySg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1694022657; x=1694627457; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=06cZb7NN7A51K0Nv4I2LQwgyDrsfHoh6zk5Z/xU9fUY=; b=HdgPU+8KA99qFwwDL17CJYNXDDWfnCPKNKJIMCdjk43AvGbXwmPvxBgPeYgBbh/AZg /r5IMdiEv10slksDuUNUvNcipQlVGlzzxqGLoYv54i5k98hRm9vxDoKSczyj07dUkQ4Q 0SKHIcrIZJ3GQMvtQ9FWf/mr9BePMfJxO3jK/V7oviLL5bMOaPzEgEs4F1+4ZcE8o0eB YXSJe/qtTOwwU4mwMdw8Op93WUnOQ9fySWM1utgPdA1mgPi0iBLdqje/TMRY3b4V9mn/ VZ9cW1niZGfU88gqT9l7RmvuDP7WcHNVmwPLVA1kVt4hw6J1QU8Dy6ktoG9AfIpUqEvd rx4Q== X-Gm-Message-State: AOJu0YxAr4adBLNMi0Fs7tso6UOuPZqedfAmmtBXD93dxSV2N277B4MI v+hjCiieO1cO379Oo7vpGxzOEc6XZb3iTdpywu0mr5rdX5/v/o/q X-Google-Smtp-Source: AGHT+IEWaGpxvSfzjAUTEFGkTSp8/A+vP7dsAAewSzwBIUJLLdzvM7YnYoPEagAd5+WF2SjGSbbRf5l8ZaJD6r/dHss= X-Received: by 2002:a05:6512:259:b0:4fe:2c6:1d76 with SMTP id b25-20020a056512025900b004fe02c61d76mr2465997lfo.21.1694022657249; Wed, 06 Sep 2023 10:50:57 -0700 (PDT) MIME-Version: 1.0 References: <9A989054DE79CE5059CBA74797391E39.for-standards-violators@oclsc.org> <20230904221059.sF2G0%steffen@sdaoden.eu> <20230905155301.mIziN%steffen@sdaoden.eu> In-Reply-To: <20230905155301.mIziN%steffen@sdaoden.eu> From: Warner Losh Date: Wed, 6 Sep 2023 11:50:45 -0600 Message-ID: To: Norman Wilson , tuhs@tuhs.org Content-Type: multipart/alternative; boundary="000000000000ba2ffa0604b4627b" Message-ID-Hash: PR3DGLR3TSJFE2HYA5UJOVDEWWEPTUMD X-Message-ID-Hash: PR3DGLR3TSJFE2HYA5UJOVDEWWEPTUMD X-MailFrom: wlosh@bsdimp.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.6b1 Precedence: list Subject: [TUHS] Re: Unix install & "standalone" package List-Id: The Unix Heritage Society mailing list Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --000000000000ba2ffa0604b4627b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Sep 5, 2023 at 9:53=E2=80=AFAM Steffen Nurpmeso wrote: > Steffen Nurpmeso wrote in > <20230904221059.sF2G0%steffen@sdaoden.eu>: > |Norman Wilson wrote in > | <9A989054DE79CE5059CBA74797391E39.for-standards-violators@oclsc.org>: > ... > ||Perhaps the question to ask is why such a magic program is > ||needed at all. Is it just because programs like the shell > ||have become so large and unwieldy that they won't fit in > ||a small environment suitable for loading into an initramfs? > ... > |For my laptop it allows me easy boot management. > ... > | -rwxr-xr-x 1 root root 4596 Feb 4 2023 linux-init-s1.sh* > | -rwxr-xr-x 1 root root 3646 Feb 4 2023 linux-init-lib.sh* > | -rwxr-xr-x 1 root root 5480120 Feb 11 2023 cryptsetup.static* > | -rwxr-xr-x 1 root root 1978368 Aug 15 18:51 busybox.static* > | -rwxr-xr-x 1 root root 10112672 Aug 26 18:44 ideapad-stage1.efi* > > Only to add that this is because of Linux and the way it is doing > things. If i would use FreeBSD on bare metal, then i would have > an EFI boot loader on EFI that knows (only) enough to ask for > passphrase (correct me if i am wrong), and can then boot the > kernel from FFS or ZFS. (You have to choose dedicated ZFS boot > loader iirc, but despite that...) > No, you don't have to choose the dedicated ZFS boot loader, at least not anymore. Also, you can use boot1.efi to load loader.efi from the root filesystem to load the kernel, or you could use loader.efi directly on the ESP to load the kernel. boot1 barely knows anything (and has only one choice of what to boot). loader.efi is the full deal, and can do rather a lot of sophisticated things. > I know GRUB (and maybe other) Linux bootloaders can do all that, > but they are huge, are badly maintained, or under-documented, let > alone with local manuals, and i am too stupid to configure them > (due to all that). refind is ok, however. But.. be aware of > typos in the configuration.. > > But anyhow. With an EFI_STUB Linux kernel i can save me all that, > with busybox i get a complete environment (i then even create an > initrd in /boot/ on the fly so i do not have to type the password > a second time, that can (optionally) be cached, and is, actually > > -rw------- 1 root root 4495987 May 29 16:29 .kent.initrd.0 > > Unfortunately cryptsetup is needed even though, i think, the > kernel has anything needed; you just cannot access it. cryptsetup > is only needed for "$cs open $PART_ROOT p_root --key-file -". > Of course i am no real Linux expert but only a do-it-yourself guy. > busybox allows me to manage this easily, to answer your question. > You could do that on FreeBSD with a loader.efi that has a ram disk built into it as well, including a 'beastie box' thing that's akin to busybox. It will boot in one step and no no further I/O to get a running system. Others have used this for secure boot and to boot a small ram disk that's later discarded as userland decides what root should be. But it's much less automated than in Linux... Warner --000000000000ba2ffa0604b4627b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Tue, Sep 5, 2023 at 9:53=E2=80=AFA= M Steffen Nurpmeso <steffen@sdaode= n.eu> wrote:
Steffen Nurpmeso wrote in
=C2=A0<20230904221059.sF2G0%steffen@sdaoden.eu>:
=C2=A0|Norman Wilson wrote in
=C2=A0| <9A989054DE79CE5059CBA74797391E39.f= or-standards-violators@oclsc.org>:
=C2=A0...
=C2=A0||Perhaps the question to ask is why such a magic program is
=C2=A0||needed at all.=C2=A0 Is it just because programs like the shell
=C2=A0||have become so large and unwieldy that they won't fit in
=C2=A0||a small environment suitable for loading into an initramfs?
=C2=A0...
=C2=A0|For my laptop it allows me easy boot management.
=C2=A0...
=C2=A0|=C2=A0 -rwxr-xr-x=C2=A0 1 root root=C2=A0 =C2=A0 =C2=A04596 Feb=C2= =A0 4=C2=A0 2023=C2=A0 linux-init-s1.sh*
=C2=A0|=C2=A0 -rwxr-xr-x=C2=A0 1 root root=C2=A0 =C2=A0 =C2=A03646 Feb=C2= =A0 4=C2=A0 2023=C2=A0 linux-init-lib.sh*
=C2=A0|=C2=A0 -rwxr-xr-x=C2=A0 1 root root=C2=A0 5480120 Feb 11=C2=A0 2023= =C2=A0 cryptsetup.static*
=C2=A0|=C2=A0 -rwxr-xr-x=C2=A0 1 root root=C2=A0 1978368 Aug 15 18:51=C2=A0= busybox.static*
=C2=A0|=C2=A0 -rwxr-xr-x=C2=A0 1 root root 10112672 Aug 26 18:44=C2=A0 idea= pad-stage1.efi*

Only to add that this is because of Linux and the way it is doing
things.=C2=A0 If i would use FreeBSD on bare metal, then i would have
an EFI boot loader on EFI that knows (only) enough to ask for
passphrase (correct me if i am wrong), and can then boot the
kernel from FFS or ZFS.=C2=A0 (You have to choose dedicated ZFS boot
loader iirc, but despite that...)

No, y= ou don't have to choose the dedicated ZFS boot loader, at least not
anymore.

Also, you can use boot1.efi to loa= d loader.efi from the root filesystem to
load the kernel, or you = could use loader.efi directly on the ESP to load
the kernel. boot= 1 barely knows anything (and has only one choice of
what to boot)= . loader.efi is the full deal, and can do rather a lot of
sophist= icated things.
=C2=A0
I know GRUB (and maybe other) Linux bootloaders can do all that,
but they are huge, are badly maintained, or under-documented, let
alone with local manuals, and i am too stupid to configure them
(due to all that).=C2=A0 refind is ok, however.=C2=A0 But.. be aware of
typos in the configuration..

But anyhow.=C2=A0 With an EFI_STUB Linux kernel i can save me all that,
with busybox i get a complete environment (i then even create an
initrd in /boot/ on the fly so i do not have to type the password
a second time, that can (optionally) be cached, and is, actually

=C2=A0 -rw------- 1 root root=C2=A0 4495987 May 29 16:29 .kent.initrd.0

Unfortunately cryptsetup is needed even though, i think, the
kernel has anything needed; you just cannot access it.=C2=A0 cryptsetup
is only needed for "$cs open $PART_ROOT p_root --key-file -".
Of course i am no real Linux expert but only a do-it-yourself guy.
busybox allows me to manage this easily, to answer your question.

You could do that on FreeBSD with a loader.efi t= hat has a ram disk
built into it as well, including a 'beasti= e box' thing that's akin to busybox.
It will boot in one = step and no no further I/O to get a running system.
Others have u= sed this for secure boot and to boot a small ram disk that's
= later discarded as userland decides what root should be. But it's much = less
automated than in Linux...

Warner
--000000000000ba2ffa0604b4627b--