similar to: [PATCH 0/8] switch_root() enhancements

initramfs-tools wants to validate the real init program before running it, as there is no way out once it has exec'd run-init. This is complicated by the increasing use of symlinks for /sbin/init and for /sbin itself. We can't simply resolve them with 'readlink -f' because any absolute symlinks will be resolved using the wrong root. Add a dry-run mode (-n option) to run-init

The following patches come from Debian and/or Ubuntu packages of klibc. Ben. Ben Hutchings (1): [klibc] run-init: Add dry-run mode Jay Vosburgh (1): [klibc] ipconfig: Use separate sockets for DHCP from multiple interfaces Mathieu Trudel-Lapierre (1): [klibc] ipconfig: Set broadcast when sending DHCPREQUEST and DHCPDISCOVER YunQiang Su (1): [klibc] mips: setjmp.S: don't

systemd supports switching back to the initramfs during shutdown in order to make it easier to clean up the root file system. This is desirable in order to allow us to remove keys from RAM before rebooting, making it harder to obtain confidential information by rebooting into an environment that scrapes RAM contents. --- debian/changelog | 4 +

This patchset applies to klibc mainline. As is it will probably collide with Maximilian's recent patch to rename run-init to switch_root posted last week. To boot an untrusted environment with certain capabilities locked out, we'd like to be able to drop the capabilities up front from early userspace, before we actually transition onto the root volume. This patchset implements this by

Building on the work in ff0a614bd724f6c4c6a5014a9955dc1bc028f336, this moves the capability code down into the run-init library, so that run-init can use it as well, via the new "-d" flag. Signed-off-by: Kees Cook <kees at outflux.net> --- usr/kinit/Kbuild | 3 +-- usr/kinit/capabilities.h | 10 ++++++++++ usr/kinit/kinit.c | 6 +++---

Commit-ID: 10059fddba9f8bec6aeb0d37d217df6d65e64c3b Gitweb: http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=10059fddba9f8bec6aeb0d37d217df6d65e64c3b Author: Ben Hutchings <ben at decadent.org.uk> AuthorDate: Sun, 17 Jan 2016 19:50:28 +0000 Committer: Ben Hutchings <ben at decadent.org.uk> CommitDate: Wed, 2 Jan 2019 03:08:04 +0000 [klibc] run-init: Add dry-run mode

Hello, While some people might scuba dive, let's summarize recent progress and state (People cc'ed have either patches in queue or are involved): * Patches pending review, allmost ready for klibc ------------------------------------------------- - mikew/drop_cap - kinit: Add drop_capabilities support adds the ability to kinit to allow the dropping of POSIX capabilities. (patch even

systemd supports switching back to the initramfs during shutdown in order to make it easier to clean up the root file system. This is desirable in order to allow us to remove keys from RAM before rebooting, making it harder to obtain confidential information by rebooting into an environment that scrapes RAM contents. Signed-off-by: Matthew Garrett <mjg59 at google.com> ---

Commit-ID: 603f1bb024a03d9c50a89e7256ae7814292baf06 Gitweb: http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=603f1bb024a03d9c50a89e7256ae7814292baf06 Author: Matthew Garrett <matthewgarrett at google.com> AuthorDate: Thu, 18 Apr 2019 12:12:27 -0700 Committer: Ben Hutchings <ben at decadent.org.uk> CommitDate: Sat, 20 Apr 2019 17:11:34 +0100 [klibc] run-init: Allow

Hello, I was using a bunch of cpios in initramfs as a working system, and wondering why the unused files weren't being paged out to swap. So I reread ramfs-rootfs-initramfs.txt and now I know. So I wrote the attached utility. It creates a tmpfs, moves all files on the initramfs, moves / and executes the real init. It works, even with hardlinks, but it isn't the correct approach. Have

Hi, I am recovering a CentOS 5.4 system. I've copied all partitions into the recovery system. I've installed grub boot loader. However, the original system is using /dev/sdb1 for root (/), while the recovery system is using LVM (/dev/vg0/lv1) for root (/). When recovery system boots, I got the panic error: * Mounting /dev/sdb1 on /sysroot * Mount: mounting

So, today, I'm using kinit from our initramfs to handle early boot up sequence. Our init is actually a shell script that does a some setup stuff (plugging values into appropriate proc files mostly), and the script currently passes on to kinit by finishing with "exec /kinit "$@"". I have a situation now though, where due to some ubuntu weirdness, I seem to need to do

Hi I had some doubts regarding what all the init application should do: >> so, that should that application do? >> - mount /dev/hda1 /new-root >> - cd /new-root >> - run-init 1. Of what I understand, before exitting, init should mount the realroot and execute the init process. Is realroot the '/' or the empty directory created (in the cpio archive) ?

On Sun, Feb 11, 2018 at 11:27 PM, Darren Tucker <dtucker at dtucker.net> wrote: > Sigh. If you could provide the server's identity string (eg from "ssh > -v yourthing") we could add a bug bit to stop it from being sent. $ ssh -v nathan at 10.0.0.1 OpenSSH_7.4p1, LibreSSL 2.5.0 [snip] debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version

https://bugzilla.mindrot.org/show_bug.cgi?id=3168 Bug ID: 3168 Summary: libssh.a(utf8.o): undefined reference to symbol 'strcasestr@@GLIBC_2.17' Product: Portable OpenSSH Version: 8.2p1 Hardware: ARM64 OS: Linux Status: NEW Severity: critical Priority: P5

Hi all, I've been working with the ext3-fs for several months (since 0.0.2c), and it works pretty fine for me, but I haven't found out, how I works to migrate my root-partition from ext2 to ext3. I tried it with the commands at the lilo-prompt, but it didn't work. I only received a kernel panic. Any ideas, how I can migrate to ext3 on my root-partition? tnx, Joachim -- Joachim

Hi In run-init.c there is a minor bug which can cause major problems i.e. not able to boot systems with udev-enabled initramfs on systems with multiple cdrom drives. In nuke_dirent () in run-init.c the stat call should be replaced with a lstat call, else nuking symbolic links which have been created before the link target will fail. Was somewhat tricky to debug... The bug gets triggered by udev

Hi guys, I followed this article to install my first xen project to compare its CPU/memory and I/O performance with a kvm domain on CentOS 6.4. http://www.virtuatopia.com/index.php/Building_a_Xen_Virtual_Guest_Filesystem_on_a_Disk_Image_%28Cloning_Host_System%29 In the initial tests whit super.pi benchmarck the CPU performance of my xen domai was extremely worst than my kvm domain. Well, I am

Hey all, The IUTF8 tty mode support added to the client in 7.3 unfortunately appears to have broken interop with a handful of noncompliant server implementations that immediately close the connection when they are sent an opcode that they know nothing about, rather than ignore it. Setting the value to 0 is not enough: its mere presence regardless of value is enough to cause the server to bomb

Hi, everybody! My pxelinux.0/default file is: LABEL linux KERNEL vmlinuz-2.6.16 APPEND initrd=initrd-2.6.16.img root=192.168.4.110:/clients/192.168.4.100/root When mounting I get: switchroot: mount failed: 22 Kernel panic - not syncing: Attempted tp kill init! Before it I get some messages about: Can't find /dev/console. /clients/192.168.4.100/root/dev was empty. I've copied my