This file is part of https://github.com/random-archer/mkinitcpio-systemd-tool
Never write another mkinitcpio hook again: use systemd-tool.
Provisioning tool for systemd in initramfs (systemd-tool):
Core features provided by the hook:
- unified systemd + mkinitcpio configuration
- automatic provisioning of binary and config resources
- on-demand invocation of mkinitcpio scripts and in-line functions
Features provided by the included service units:
- initrd debugging
- early network setup
- interactive user shell
- remote ssh access in initrd
- cryptsetup + plymouth support
- cryptsetup + custom password agent
Useful issues resolved in the past
Basic usage steps:
-
study and practice system recovery
-
install the package
pacman -S mkinitcpio-systemd-tool
- activate required hooks in
/etc/mkinitcpio.conf:
HOOKS=(base ... systemd systemd-tool)
- configure, override and enable/disable provided units, for example:
for remote unlocking of luks root withcryptsetupandtinysshduse:
edit /etc/mkinitcpio-systemd-tool/config/crypttab
edit /etc/mkinitcpio-systemd-tool/config/fstab
systemctl enable initrd-cryptsetup.path
systemctl enable initrd-tinysshd.service
systemctl enable initrd-debug-progs.service
systemctl enable initrd-sysroot-mount.service
- build image, review content and finally reboot:
mkinitcpio -v -p linux > /tmp/initrd.log
lsinitcpio -l /boot/initramfs-linux.img | grep initrd
systemctl reboot
pacman install actions:
- take a look in arch repo and make file
- provision user config and vendor systemd units into:
/etc/mkinitcpio-systemd-tool(with backup)/usr/lib/systemd/system(with silent overwrite)
mkinitcpio install hook actions:
- look for enabled units in the
/etc/systemd/system - include in initrd units containing marker
/etc/initrd-release - activate transitively in initrd any discovered systemd service units
- auto provision into initramfs resources declared inside initrd service units
what is the mkinitcpio hook entry provided by this package?
- hook name:
systemd-tool - required hooks are:
base systemd systemd-tool - recommended hooks are:
base autodetect modconf block filesystems keyboard fsck systemd systemd-tool
how can I customize installed service units?
- follow regular approaches to editing provided units
- create service unit override with
systemctl edit $unit_name - enable/disable with
systemctl enable $unit_name/systemctl disable $unit_name
how can I review generated /boot/initramfs-linux.img?
- to review
initramfs.imgaftermkinitcpiobut beforereboot, use: - visually, with midnight commander or scripted, with mkinitcpio lsinitcpio
how systemd unit transitive dependency provisioning works?
- see
mkinitcpio-install.sh/add_systemd_unit_X() - units found in
[Unit]/Requires|OnFailureare recursively installed
what is the purpose of [X-SystemdTool] section in service unit files?
- see systemd/systemd#3340
- this section provides configuration interface for
mkinitcpioprovisioning actions - directives:
InitrdPathInitrdLinkInitrdBinaryInitrdBuildInitrdCallInitrdUnit
how can I auto-provision my custom service unit binaries into initramfs?
- use
InitrdBinary=/path/target-execto provision service binary - also will be provisioned all
Exec*entries such asExecStart=/usr/bin/program
how can I auto-provision my custom service unit resources into initramfs?
- use
InitrdPath=/path/to/host/folder-or-file
how can I relocate folder during provisioning?
- not implemented, source and target folder must use the same location
how can I relocate file and/or change file mode during provisioning?
- use
InitrdPath=/target-file source=/source-file mode=NNN
how can I filter directory content during provisioning?
- use
InitrdPath=/target-folder glob=*.example
how can I provision optional folder or file?
- use
InitrdPath=/target-file source=/source-file optional=yes
is there a way to create empty folder or file?
- for empty dir, use
InitrdPath=/path/target-dir/ create=yesnote trailing SLASH - for empty file, use
InitrdPath=/path/target-file create=yesnote NO trailing slash
how can I provision a symbolic link?
- use
InitrdLink=/path-to-link/link-name target=/path-to-target/target-name - note that link target
/path-to-target/target-namemust be provisioned separately
can I invoke a provisioning script related to my service during mkinitcpio build time?
- use
InitrdBuild=/path-to/script.sh command=function_name
can I call a little provisioning script snippet during mkinitcpio build time?
- check for available
mkinitcpiofunctions in/usr/lib/initcpio/functions.sh - use
InitrdCall=inline-bash-code-hereto call these functions
how can I provide custom interactive user shell for ssh client
- change sample shell file located in
/usr/lib/mkinitcpio-systemd-tool/initrd-shell.sh
which ssh user keys are used by initramfs sshd server(s)?
- they come from host
/etc/mkinitcpio-systemd-tool/config/authorized_keys
there is a initrd-shell.sh script provided, what does it do?
- it is used as both interactive login shell and as a systemd service
- when crypto disks are present, it acts as password agent
- when in ssh console, it offers simple interactive menu
- when in systemd service mode, it acts as service
how can I review initrd-shell.sh actions during last boot?
- use
journalctl -b -t shell
what does CTRL-C do to initrd-shell.sh in different modes?
initrd-shell.shprovides appropriate reaction to interrupt, depending on the context- while in
sshterminal password agent prompt, it will start a menu forminitrd-shell.sh - while in
/dev/ttylocal debug console, it will exit frominitrd-shell.sh - while in
/dev/consolepassword agent prompt, it will restart theinitrd-shell.shservice
is there a silent or no-echo mode during password entry in initrd-shell.sh?
- there are two ways to enter silent mode (see
systemd-ask-password.c): - either by pressing
BACKSPACEas first key or by pressingTABat any time - then the prompt will show extra text:
(no echo)