I want to present to your attention a framework called boobstrap, written in POSIX shell, for creating boot images with GNU/Linux distributions. The framework allows you to go all the way in three simple steps: from deploying the system to the chroot, creating an initramfs image that includes the system from the chroot, and ultimately booting the ISO image. boobstrap includes the three utilities mkbootstrap, mkinitramfs and mkbootisofs respectively.
mkbootstrap installs the system in a separate directory, there is native support for CRUX, and in the case of Arch Linux / Manjaro and Debian based distributions, third party utilities pacstrap, basestrap and debootstrap should be used respectively.
mkinitramfs creates an initramfs image, you can use the installed system in a directory as an "overlay", compressed with SquashFS, or boot into the system and work directly in tmpfs. For example, the command mkinitramfs `mktemp -d` --overlay "arch-chroot/" --overlay "/home" --squashfs-xz --output initrd will create an initrd file including two overlays with the "arch-chroot/" system and your "/home" compressed with SquashFS, which you can then PXE into tmpfs, or create a bootable ISO image with this initrd.
mkbootisofs creates a BIOS/UEFI bootable ISO image from the specified directory. It is enough to put /boot/vmlinuz and /boot/initrd into the directory.
boobstrap does not use busybox, and to create a working initramfs environment, it copies the minimum set of programs using ldd necessary to boot and switch to the system. The list of programs to copy, like everything else, can be configured through the configuration file /etc/boobstrap/boobstrap.conf. Also, you can install any minimalistic distribution in a separate chroot/, from which you can then create a full-fledged initramfs environment. As such a minimalistic, but at the same time a full-fledged environment, it is proposed to use the crux_gnulinux-embedded template, which after xz takes a compromise 37mb. busybox, besides its size, 3-5mb versus 30-50mb of a full-fledged GNU / Linux environment, no longer offers any advantages, so using busybox in the project does not seem appropriate.
How to quickly check the operability and get started? Install and run.
# git clone https://github.com/sp00f1ng/boobstrap.git
# cd boobstrap
# make install# boobstrap/tests/crux_gnulinux-download-and-build
You also need to install dependencies, namely: cpio, grub, grub-efi, dosfstools, xorriso. Using squashfs-tools is optional, you can run tmpfs with the right amount of RAM. In case something is missing in the system, boobstrap will report it at startup.
To simplify the creation of configurations, boobstrap suggests using "templates" and "systems", the essence of which is to use "templates" (bootstrap-templates/) to quickly install systems from a file, but directly "systems" (bootstrap-systems/) use to set final configurations.
So for example, running the script boobstrap/bootstrap-templates/crux_gnulinux-embedded.bbuild will set the minimum configuration of the CRUX GNU/Linux system and store it in the crux_gnulinux-embedded.rootfs file, then you run boobstrap/bootstrap-systems/default/crux_gnulinux.bbuild which will load the primary configuration from the mentioned file, do all the necessary configuration and prepare a bootable ISO. This is convenient when, for example, many systems use the same configuration: in order not to describe the same set of packages each time, you use one template, on the basis of which you already create boot images of systems with the final configuration.
Where to use all this?
You set up the system in a file once and by running it you build and/or update it. The system runs in tmpfs, which makes it disposable, in fact. In the event of a system failure, you return to the original state with one click of the Reset button. You can safely run rm -rf /.
You can configure all your systems locally, create images, test them in a virtual machine or a separate hardware, then upload them to a remote server and run just two commands kexec -l /vmlinuz --initrd=/initrd && kexec -e update all the entire system by reloading it into tmpfs.
Similarly, you can transfer all systems, for example, on VDS, to work in tmpfs, and encrypt the /dev/vda disk and use it only for data, without the need to keep the operating system on it. The only "information leak point" in this case will be only a "cold dump" of the memory of your virtual machine, and in case of a system compromise (for example, by guessing the ssh password or vulnerability in exim), you can download a new ISO through the "control panel" of your provider, to bring VDS back into operation, while not forgetting to edit the system configuration by closing all vulnerabilities. It's faster than reinstalling, then setting up and/or restoring from a backup, because the bootable ISO with your system is your backup. "Seven Troubles - One Reset."
In the end, you can create any distribution kit for your needs, burn it to a USB drive and work in it, updating it as needed and overwriting it again on a USB drive. All data is stored in the clouds. You no longer need to worry about the safety of the system and make a backup when the system, I repeat, has essentially become “one-time”.
Your wishes, suggestions and comments are welcome.
In the repository at the link below, a detailed README file (in English) with a description of each utility and examples of use, there is also detailed documentation in Russian and development history, available at the link: Boobstrap Boot Script Complex.
Source: linux.org.ru