- Jan 03, 2025
-
-
Luca Boccassi authored
0020-read-only: iterate over all devices + improve console message layout See merge request !60
-
Luca Boccassi authored
fromiso features See merge request !59
-
There might be block devices other than /dev/sd* + /dev/vd* (like /dev/nvme0n*). Instead of hardcoding a static list, let's iterate over all of them, and then ignore all symlinks (pointing to the actual devices) and consider only actual block devices. Also ensure that the device exists (checked via `blockdev --getsz ...`) before executing `blockdev --setro ...` on it. Reworked the according console message: using printf with field width allows us to make this look a bit nicer and better integrate into the boot sequence look-alike. JFTR: it would be nice to send output also to `/boot.log` (which ends up as `/var/log/live/boot.log` on the booted system), but if we do this then the output is visible twice during startup, as `/boot.live` is sent to console via `tail -f`. If changing this to only list it via `/boot.live` it might not be always guaranteed to be visible on screen, so we didn't change this yet. This work was funded by Grml-Forensic. [zeha@d.o: forward upstream]
-
Luca Boccassi authored
Activate LVM volumes if needed See merge request !58
-
Previously, it wasn't possible to use fromiso with a Linux software RAID or LVM device. The code handling lvm/mdadm devices has been moved around and the fromiso feature split up, so that lvm/mdadm devices are now started as necessary even when fromiso has been passed. The usual caveats apply: if you start from an lvm/mdadm device *without* using the toram feature, the original volume will be kept mounted, so it's not safe to mount the volume containing the grml image after booting it. With the toram feature, this is not an issue, since all the data is read into a ramdisk and the original volume unmounted. [zeha@d.o: rebase, forward upstream]
-
The overriding feature can be turned on/used by prefixing the file system type to the path, separated from the device node with a colon. Example (good override): ext4:/dev/vda49/path/to/grml.iso If the file system specification contains any non-alphanumerical characters other than '-' or '_', it will be treated as part of the actual path, since, at least currently, all known file systems match this rule. Example (no override): cra$$$yf§:/dev/sr0/another_path/to/grml.iso In the former example, no file system type override is detected, which means that the code will eventually search for a device called 'cra$$$yf§:/dev/sr0' (which, granted, doesn't make a lot of sense). Sometimes it's necessary or at least handy to specify the file system used for mounting the fromiso backing device directly. For instance, putting the ISO file on a RAID1-backed device will fail to mount it through autodetection (which, really, in most cases is a good thing to not corrupt the array). This change also mounts the backing device read-only, which should enable safe usage and mounting even on RAID1 devices. Note, though, that read-only mounts are not really very much "read-only", since they actually sometimes still change on-disk file system metadata, like the last time the device was mounted). This said, it should be safe enough and users can easily re-sync the array to ensure consistency later on. [zeha@d.o: rebase, forward upstream]
-
Luca Boccassi authored
Fix RAID detection for findiso See merge request !57
-
An update to the Debian lvm2 package removed a script in the initrd that would activate any LVs that are required to access the root volume. Due to this change, grml failed to find its live media when it was stored on an LVM volume. Add an explicit activation of any LVs mentioned in the `live-media` or `bootfrom` kernel arguments, so that the live media can be found again. Reference: https://github.com/grml/grml/issues/200 [zeha@d.o: forward upstream]
-
Luca Boccassi authored
9990-misc-helpers.sh: append to boot.log, do not overwrite it See merge request !56
-
Luca Boccassi authored
live-netdev: accept a MAC address for picking device See merge request !55
-
mdadm 3.4-2 (Debian stretch) dropped the local-top mdadm script, and replaced it with a local-block script and some systemd parts. Use the "new" local-block mdadm script instead. This one won't allow us to select a specific device to assemble, so just let it start all of them and hope for the best. Reference: https://github.com/grml/grml/issues/125 [zeha@d.o: forward upstream, reword]
-
boot.log might exist already when try_mount fails. Append the log message instead of truncating it.
-
Have live-netdev accept a MAC address to pick the network device to use. Correct format is: "live-netdev=xx:xx:xx:xx:xx:xx" [mika@d.o: use tabs, drop noop assignment] [zeha@d.o: improve commit message and log messages, forward upstream]
-
Luca Boccassi authored
Remove support for legacy live location See merge request !54
-
Luca Boccassi authored
Avoid executing memdiskfind under Secure Boot See merge request !53
-
Chris Hofstaedtler authored
Remove code that was supposed to go away before the bullseye release. Finalize the migration started in c6a17c7b. Keeping the old path around breaks running update-initramfs *on* a live system, where backend/initramfs-tools/live.hook will copy libnss_dns.so.*, libnss_files.so.* from both /usr/lib and /usr/lib/live/mount/... into the initramfs.
-
memdiskfind displays an ugly error message when running under Secure Boot where access to /dev/mem is restricted: | cannot open /dev/mem: Operation not permitted If reading from /dev/mem fails, skip memdiskfind and instead display a warning message.
-
Chris Hofstaedtler authored
-
Chris Hofstaedtler authored
Same code, just in a new file.
-
- Nov 12, 2024
-
-
Thomas Goirand authored
* Non-maintainer upload. * Add fix to get DHCP from all nics, not only the first one seen with link up (Closes: #1069048).
-
Thomas Goirand authored
The current behavior of live-boot is to search 5 times for network interfaces with the carrier link up. If there is more than one interface, but only one is found during a run, then it currently gives-up searching for other interfaces and exits. This works if one is lucky, or if only the interfaces with DHCP have an actual ethernet link. For cases where there is more than one interface with the link up, but only one is connected to a DHCPd server, it is possible that it will fail (depending which card will have the link first). This patch changes the behavior: it makes sure that all cards with a link that is up are reported in /conf/param.conf before exiting, so that live-boot will try to get an IP address from all cards with link up. Each card continues to have a 15 seconds timeout (by default) to get the IP address from DHCP.
-
- May 25, 2024
-
-
Luca Boccassi authored
-
Luca Boccassi authored
-
Luca Boccassi authored
Gbp-Dch: ignore
-
Luca Boccassi authored
-
Luca Boccassi authored
-
Luca Boccassi authored
Added exfat support to the initramfs See merge request !49
-
- Apr 24, 2024
-
-
MexIT authored
-
- Apr 22, 2024
-
-
Luca Boccassi authored
CI update See merge request !51
-
MexIT authored
-
- Apr 09, 2024
-
-
Luca Boccassi authored
Use "tmpfs" instead of "/dev/shm" as tmpfs device name See merge request !46
-
- Apr 02, 2024
-
-
Luca Boccassi authored
setup_loop: simplify and fix dependency on kernel defaults See merge request !47
-
- Feb 24, 2024
-
-
Thore Sommer authored
This removes some of the options that are the same for every caller. We now use losetup -f to detect free loop devices. This has the advantage that this also works when the kernel is compiled with: CONFIG_BLK_DEV_LOOP_MIN_COUNT=0
-
- Feb 07, 2024
-
-
Jan Schär authored
A tmpfs does not have a device, so usually, "tmpfs" is used as the device name. When "/dev/shm" is used instead, this confuses systemd, which repeatedly prints this error in system logs: Failed to open /dev/shm device, ignoring: Inappropriate ioctl for device
-
- Mar 18, 2023
-
-
Luca Boccassi authored
Introduce lukslabel option + fix for is_active_luks_mapping() See merge request !44
-
Thore Sommer authored
When "lukslabel" is set for persistence-encryption then live-boot only tries to open containers that have the label "persistence" set. It takes precedence over the "luks" option. The behavior of the "luks" option is to prompt the user to open any LUKS container. This was required for LUKS1 because it did not support labels, but LUKS2 does. On systems were there are multiple encrypted containers this is not ideal, because for users it is not clear why they should decrypt their internal hard drive to boot a live system.
-
Thore Sommer authored
cryptsetup status also works on other device mapper devices that are not LUKS or LUKS2.
-
- Jan 31, 2023
-
-
Luca Boccassi authored
-
- May 15, 2022
-
-
Luca Boccassi authored
fix dm-verity installation for non merged /bin and /usr/bin See merge request !43
-
Luca Boccassi authored
set redirect=on for overlayfs unions See merge request !42
-