Auteur: Dr. Nikolaus Klepp Datum: Aan: dng Onderwerp: Re: [DNG] /usr to merge or not to merge... that is the question??
Am Samstag, 17. November 2018 schrieb Steve Litt: > On Fri, 16 Nov 2018 21:10:54 +0100
> Irrwahn <irrwahn@???> wrote:
> [...]
> > as an initrd is nothing more than an
> > (optionally compressed) cpio archive, loaded by the Linux kernel
> > itself.
>
> The preceding is exactly like saying, "as an init system is nothing
> more than a PID1 and either some rc scripts, a process supervisor, or a
> combination of both". The nature of an initramfs can be changed just
> like the nature of an init can, and I have a feeling it could be done
> without changes to the kernel. Like an init system only more so, an
> initramfs runs in its own environment and is difficult to get your
> voltmeter probes into, so experimentation and troubleshooting necessary
> to back out PRF (Poettering/Redhat/Freedesktop) mods is difficult and
> time consuming.
>
> SteveT
Ahm, no. The initrams tool provide a handy way to inspect/modify/rebuild initrd. But the debian documentation on how initrd works is wrong: it assumes a one part archive (which is what you would expect), but in fact it is a 2 part archive (first part uncomressed, second compressed). Take a look at /usr/bin/unmkinitramfs line 50 ff to see how it works. Also look at the referenced linux/lib/earlycpio.c for further detail.
The most important point is this: processes started in initrd survive switch_root. There goes your "full disk encryption" myth.
Nik
--
Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ...