1 |
On Wed, Jul 18, 2012 at 4:02 PM, Rich Freeman <rich0@g.o> wrote: |
2 |
> On Wed, Jul 18, 2012 at 3:40 PM, Michael Mol <mikemol@×××××.com> wrote: |
3 |
>> So your initramfs doesn't include network tools such as ping, |
4 |
>> traceroute or wget. Fine. Fundamentally speaking, why shouldn't |
5 |
>> someone else's? |
6 |
> |
7 |
> So, an initramfs is just a piece of kernel functionality. You can do |
8 |
> almost ANYTHING in an initramfs, subject to the limitation that it is |
9 |
> stored in RAM without any backing store. |
10 |
|
11 |
Yup. IIRC, it has effectively the same underlying implementation as |
12 |
tmpfs, using always-dirty file cache pages. |
13 |
|
14 |
> |
15 |
> There are lots of reasons to use an initramfs, and the biggest ones |
16 |
> don't pertain much to Gentoo. Here are some of the big use cases: |
17 |
> |
18 |
> 1. One-size-fits-all kernel. You want to support root and /usr on |
19 |
> any filesystem, on any kind of hard drive, or on a SAN, or who knows |
20 |
> where. That either means saying Y to every driver in the kernel, or |
21 |
> saying M and using an initramfs to load what is needed to get to root. |
22 |
> |
23 |
> 2. One-size-fits-all grub config. You put the smarts in the |
24 |
> initramfs, and use filesystem labels and such to identify partitions. |
25 |
> |
26 |
> 3. Use of labels/UUIDs on partitions. When mdadm decides to renumber |
27 |
> half your devices on a whim or you add a drive and everything bubbles |
28 |
> down by one, your system still boots. |
29 |
> |
30 |
> 4. Cleaner mounting of root, ability to fsck on initial mount, etc. |
31 |
> |
32 |
> 5. When something goes wrong you can get a dash/bash shell instead of |
33 |
> a grub shell. The former is clearly more useful even if you don't |
34 |
> have firefox+X11 in your initramfs. |
35 |
> |
36 |
> 6. Support for booting off of stuff that the kernel can't find on its |
37 |
> own, like SANs/etc. That might require network support in the |
38 |
> initramfs, and that usually isn't a big deal. If somebody can spoof |
39 |
> DNS on your fiber channel interface you've got bigger problems. |
40 |
> |
41 |
> Sure, the more you do with the initramfs the bigger the potential |
42 |
> security risks. Most distros don't have users build either kernels or |
43 |
> initramfs which means they can just push updates, but that requires #1 |
44 |
> above, which I think most Gentoo users would not appreciate. |
45 |
|
46 |
I fall into use cases 3 and 5, myself. Incidentally, bash is also |
47 |
network-aware. (Not sure if the default USE flag set allows it, |
48 |
though.) Were I to explicitly add network-aware tools, I'd probably |
49 |
add either ssh/sftp/scp or links. |
50 |
|
51 |
> |
52 |
> However, the initramfs shouldn't leave much of anything running after |
53 |
> it chroots, so the window should be fairly small. |
54 |
|
55 |
So is the window for spoofing DNS responses. That didn't stop DNS |
56 |
hijacking from being fairly easy. (And why there was a large |
57 |
coordinated, cross-vendor effort to add source-port randomization once |
58 |
it was shown to be easy.) |
59 |
|
60 |
Multi-threaded native code has been my day job for the last five |
61 |
years. I may be a bit biased when it comes to race conditions. |
62 |
|
63 |
-- |
64 |
:wq |