mkosi icon indicating copy to clipboard operation
mkosi copied to clipboard
verified publisher icon systemd

Support adding arbitrary files to the initrd

Open standaloneSA opened this issue 4 years ago • 6 comments

It looks like we're not currently using the dracut --include functionality. It would be nice to allow arbitrary file inclusion in the initrd. I'm currently injecting binaries in by including them in a dracut module, but this seems limiting, when we could use the already built functionality.

Does this seem reasonable?

standaloneSA avatar Dec 07 '21 17:12 standaloneSA

Thanks for the input, @standaloneSA! I'm not familiar with that option, where and how exactly would you like this to be used?

behrmann avatar Dec 07 '21 18:12 behrmann

Sure! So, from https://man7.org/linux/man-pages/man8/dracut.8.html under "Injecting custom files":

You can specify a single file:

The --include option let you specify a source path and a target path. For example # dracut --include cmdline-preset /etc/cmdline.d/mycmdline.conf initramfs-cmdline-pre.img will create an initramfs image, where the file cmdline-preset will be copied inside the initramfs to /etc/cmdline.d/mycmdline.conf. --include can only be specified once.

Or you can specify a directory: # dracut --include rd.live.overlay / initramfs-rd.live.overlay.img

This will put the contents of the rd.live.overlay directory into the root of the initramfs image

It seems like mimicing the IncludeDirectory / --include-directory functionality would be sensible, with something like IncludeInitDirectory / --include-init-directory accepting a path argument, which could be passed to dracut in dracut_unified_kernel_install.sh in the same vein as the other optional arguments like KERNEL_IMAGE.

standaloneSA avatar Dec 07 '21 20:12 standaloneSA

BTW, if this seems sensible, I can submit a PR. I just wanted to broach the subject to see if it would be a thing you'd be interested in having.

standaloneSA avatar Dec 08 '21 06:12 standaloneSA

Piping this option through to dracut_unified_kernel_install.sh is a bit difficult, as that needs to follow the API for kernel-install scripts (see man kernel-install). This might also go counter to @poettering's (long-term) idea of having fat initrds distributed by distributions and it might be too dracut specific for @keszybz's ideas of using mkosi to generate initrds with mkosi, since there already are plenty of ways to add files into images already.

From the above example this sounds like something I'd try to do in a postinst or finalise script at the moment, but at the moment no use case for this comes to my mind. I'm not saying I'm opposed to this, but it would be great if you could sketch a specific use case for this. :)

behrmann avatar Dec 08 '21 10:12 behrmann

In my case, I am embedding a supplicant, of sorts, into the image, to allow me to acquire a LUKS key from a remote service.

standaloneSA avatar Dec 08 '21 17:12 standaloneSA

I'm slightly hesitant about adding this as is. This seems like it'd be super easy with mkosi-initrd if we allowed providing prebuilt initrds to mkosi, since with mkosi-initrd you could just use the existing options for adding things to the initrd to add stuff like this.

DaanDeMeyer avatar Jun 16 '22 18:06 DaanDeMeyer

We now support using prebuilt initrds using the new --initrd option. The prebuilt initrd can be built using mkosi and with --extra-tree you can put whatever files you want in that initrd, so this should be possible now.

DaanDeMeyer avatar Apr 11 '23 18:04 DaanDeMeyer