So for my 8.0 system I was lazy and just used betterinitramfs to boot from my LUKS LVM system. For my 8.1 system I wanted to see if I could do it differently, using tools within BLFS. This has been done before, as evidenced by threads like this one:
https://www.linuxquestions.org/quest...es-4175603530/
Browsing through the 8.1 BLFS book, I saw that it has full instructions for doing this, including two scripts to copy and paste. One to make the initrd, the other to act as the init within the initrd. Cool!
The book says that this script will not handle encrypted partitions, but I found that it was not difficult to add that capability. I got it to work. My 8.1 system boots fine. One shortcut I took to make things easier on myself: all the crypt, lvm, USB and HID stuff needed to boot was compiled into the kernel, not as modules.
diff from the book's init.in to mine:
Code:
2c2,4
<
---
> # This gets copied in to be the initrd's "init" script
> # They put it in /usr/share/mkinitramfs/
> # we'll put it in /etc/lfs_initramfs/
77a80
> enc_root=* ) enc_root=${param#enc_root=} ;;
94a98
> # start up udev daemon
98a103,108
> # Open the encrypted partiton enc_root. It will
> # become /dev/mapper/waffles. Do this *before*
> # any lvm operations!
> /sbin/cryptsetup luksOpen $enc_root waffles
>
> # mdadm appears to deal with RAID devices
99a110
> # become aware of available lvm volumes, activate them
107a119
>
Mostly what I added was comments to myself. I added the "enc_root" parameter. One has to pass that from the boot loader to kernel command line.
So "enc_root=/dev/sda6" or some such.
"waffles" is a silly name for a device, but is clearly distinguished from a command or a parameter to a command.
Oh: and my init.in file is named init.in.txt just to make it clear to my future self what is going on. My initrd maker script expects it by that name.
diff from the books's initrd maker to mine:
Code:
3a4
> # they put it in /sbin/
53,54c54,55
< DATADIR=/usr/share/mkinitramfs
< INITIN=init.in
---
> DATADIR=/etc/lfs_initramfs
> INITIN=init.in.txt
64a66,68
> # Create directory needed for cryptsetup
> mkdir -pv $WDIR/usr/sbin
>
103a108,115
> # Add cryptsetup if present. Bit of a kludge, because it is in /usr/sbin
> # and this script expects everything to be in sbin
> echo "begin copying cryptsetup from /usr/sbin to work directory /sbin"
> cp -pv /usr/sbin/cryptsetup $WDIR/sbin/
> # Add needed libraries to to-copy queue via the variable "unsorted"
> ldd /usr/sbin/cryptsetup | sed "s/\t//" | cut -d " " -f1 >> $unsorted
> # end cryptsetup handling
>
106a119
> # For the given binaries, determine which libraries are needed
186a200,201
>
>
The big things here are the hard-coded copying of the cryptsetup program (I attempted conditional copying and failed) and some of the libraries. The reason: I had its library in a directory that the script was not expecting.
Note:
My script hard-codes things. Not flexible. Works fine but not easily modified for future changes.
Works on my machine. Might not work on yours.
I'm sure it can be improved.
p.s.
The coding style of the original versions of these two scripts in the LFS is clean: this helps understanding and allows not-to-difficult modification. Thumbs up.
