[TUHS] Re: Unix install & "standalone" package

Norman Wilson wrote in <9A989054DE79CE5059CBA74797391E39.for-standards-violators(a)oclsc.org>: |I don't remember any special many-programs-in-one binary |like busybox in any Unix from the days when Unix was simple |enough for me to understand. That covers the entire lifetime |of the Research systems, but also System V and the BSDs and |their sundry offspring up into at least the 1990s. ... |Perhaps the question to ask is why such a magic program is |needed at all. Is it just because programs like the shell |have become so large and unwieldy that they won't fit in |a small environment suitable for loading into an initramfs? AlpineLinux as used on my vserver has busybox by default and can cover most utitilities like that. The lead developer Copa once said something like "The idea is you install explicitly [if you want something better]". (It is a symlink farm that is selectively replaced by installing "real" packages iirc.) For my laptop it allows me easy boot management. To save you the chatter ("Chatten" is the name of my tribe .. most likely; could be Franken, Sueben .. and you know how it is): this approach is much easier and smaller than having lots of static binaries to copy around etc. I do not use secure boot, i have on EFI only a kernel, busybox and cryptsetup, and scripts (the laptop is named "kent"):: ... drwxr-xr-x 4 root root 4096 Jul 15 2021 EFI/ ... -rwxr-xr-x 1 root root 272 Feb 1 2022 kent.sh* -rwxr-xr-x 1 root root 313 Feb 1 2022 kent-direct.sh* drwxr-xr-x 1 root root 252 Oct 9 2022 ../ -rwxr-xr-x 1 root root 4596 Feb 4 2023 linux-init-s1.sh* -rwxr-xr-x 1 root root 3646 Feb 4 2023 linux-init-lib.sh* -rwxr-xr-x 1 root root 5480120 Feb 11 2023 cryptsetup.static* -rwxr-xr-x 1 root root 1978368 Aug 15 18:51 busybox.static* -rwxr-xr-x 1 root root 10112672 Aug 26 18:44 ideapad-stage1.efi* So kent.sh can be init(8) for the ideapad-stage1.efi Linux kernel started via EFI as setup via efibootmgr(8) Boot0001* kent HD(1,GPT,5d6d756b-5de2-4e5d-b043-8d4ae1bb6eb0,0x800,0x82000)/File(\ideapad-stage1.efi)root=/dev/nvme0n1p1 rootfstype=vfat init=/kent.sh #!/busybox.static sh #@ kent, step 1., via EFI. PART_ROOT=/dev/nvme0n1p8 ROOT_DECRYPT='-t btrfs -o defaults,subvol=/crux/kent/root' PART_ROOT1=/dev/nvme0n1p8 ROOT_DECRYPT1='-t btrfs -o defaults,subvol=/crux/kent/root.old' INIT_S2=/boot/kent-2.sh . /linux-init-s1.sh and that allows me to unlock the harddisk. We then boot via $INIT_S2 and kexec(8) a kernel from the encrypted harddisk, so no code from EFI partition keeps on running. (We byte-compare the data from EFI with equal /boot/ files after booting the real system.) This allows nice and easy properties: only three files to track (cryptsetup, busybox, kernel), almost same set of files in /boot/ and /media/efi aka EFI. And ideapad-stage1.efi is the same kernel that later runs, but later we have also additional dynamic modules available. Ie, every few weeks i copy /boot/ideapad-6_1.efi over to be the new -stage1.efi. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)