Debian initramfs: Difference between revisions
No edit summary |
No edit summary |
||
Line 4: | Line 4: | ||
Our initramfsen are current constructed with [http://wiki.debian.org/DebianInstaller debian-installer] on a lenny or sid. Since I happen to be working from an F-7 machine located at MIT, I built an appropriate Debian chroot by running |
Our initramfsen are current constructed with [http://wiki.debian.org/DebianInstaller debian-installer] on a lenny or sid. Since I happen to be working from an F-7 machine located at MIT, I built an appropriate Debian chroot by running |
||
sudo su - |
|||
yum install debootstrap |
yum install debootstrap |
||
mkdir sid-root |
mkdir sid-root |
Revision as of 20:24, 7 March 2008
Because of our firmware security model, we regularly use signed initramfsen such as olpcrd/olpcrd-rootskel to handle deployment and security related tasks on laptops which may be unactivated, activated but not individuated, or fully indivduated (i.e. configured for a specific user). This article describes the method we use for constructing these initramfsen.
Our initramfsen are current constructed with debian-installer on a lenny or sid. Since I happen to be working from an F-7 machine located at MIT, I built an appropriate Debian chroot by running
sudo su - yum install debootstrap mkdir sid-root debootstrap --arch i386 sid sid-root/ http://debian.lcs.mit.edu/debian/
as root. NB: debootstrap requires that lots of things from /sbin and /usr/sbin be accessible on $PATH. Be careful if you're using sudo to exercise root privilege.
(If you're making your own chroot, please choose a suitable Debian mirror)
Once we've got the chroot up, we need to do some configuration inside the chroot:
chroot sid-root /bin/su - mount -t proc proc /proc mount -t sysfs sys /sys mount -t devpts devpts /dev/pts echo 'deb-src http://debian.lcs.mit.edu/debian sid main' >> /etc/apt/sources.list apt-get update
Then we'll install the build-dependencies of the initramfs:
apt-get install git-core pbuilder yaird debhelper python-pyrex netpbm apt-get build-dep debian-installer
Next, we'll check out the source code of the initramfs:
git clone git://dev.laptop.org/users/cscott/olpcrd git clone git://dev.laptop.org/users/cscott/olpcrd-rootskel cd olpcrd-rootskel git submodule init git submodule update
Finally, we'll fill in appropriate paths and run make:
cd ../olpcrd $EDITOR Makefile # patch up the paths in the first three environment variables. All we need are the paths to /root/olpcrd and /root/olpcrd-rootskel # In particular, set OLPC=$(HOME), ROOTSKEL=$(HOME)/olpcrd-rootskel, and DI=$(HOME)/olpcrd make di
To change the initramfs, modify the source files in ~/olpcrd-rootskel/olpc-src/ then re-run make di from ~/olpcrd.