Skip to content

Instantly share code, notes, and snippets.

@packz

packz/000.mkd

Created November 15, 2012 09:06
Show Gist options
  • Save packz/4077532 to your computer and use it in GitHub Desktop.
Save packz/4077532 to your computer and use it in GitHub Desktop.
Download ZIP
Static cryptsetup
Raw
000.mkd

I suppose you use Debian-like systems

$ mkdir rootdir && cd rootdir && export ROOTDIR=$PWD

$ apt-get source libdevmapper1.02.1
$ apt-get source cryptsetup

$ cd lvm2-2.02.95
$ ./configure --enable-static_link
$ make
$ make install DESTDIR=${ROOTDIR}/system/

$ cd ../cryptsetup-1.4.3
$ ./configure --enable-static-cryptsetup   --enable-static  \
  DEVMAPPER_CFLAGS="-I$ROOTDIR/system/usr/include/" \
  DEVMAPPER_LIBS="-L$ROOTDIR/system/usr/lib/ -ldevmapper"
$ make
$ make install DESTDIR=$ROOTDIR/system/

In order to create an initrd image use the following

$ /usr/src/linux-git/usr/gen_init_cpio cpio_list | gzip -9 -n > initrd.gz

where linux-git is the directory of the linux kernel source.

Raw
cpio_list
# A simple initramfs needed in order to load a LUKS partition
# at boot time
dir /dev 0755 0 0
nod /dev/console 0600 0 0 c 5 1
dir /root 0700 0 0
dir /sbin 0755 0 0
dir /bin 0755 0 0
dir /run 0755 0 0
dir /mnt 0755 0 0
dir /mnt/lulz 0755 0 0
file /init init.sh 0755 0 0
file /sbin/busybox /opt/busybox/busybox 0755 0 0
file /sbin/setsid /opt/busybox/busybox 0755 0 0
file /sbin/cryptsetup /tmp/porcodio/usr/sbin/cryptsetup.static 0755 0 0
file /sbin/losetup /opt/busybox/busybox 0755 0 0
slink /bin/sh /sbin/busybox 0755 0 0
slink /bin/losetup /sbin/busybox 0755 0 0
slink /bin/dd /sbin/busybox 0755 0 0
slink /sbin/chroot /sbin/busybox 0755 0 0
slink /sbin/mount /sbin/busybox 0755 0 0
slink /bin/mkdir /sbin/busybox 0755 0 0
slink /bin/ls /sbin/busybox 0755 0 0
slink /sbin/mknod /sbin/busybox 0755 0 0
Raw
init.sh
#!/bin/sh
echo "Loading, please wait..."
[ -d /dev ] || mkdir -m 0755 /dev
[ -d /root ] || mkdir -m 0700 /root
[ -d /sys ] || mkdir /sys
[ -d /proc ] || mkdir /proc
[ -d /tmp ] || mkdir /tmp
mkdir -p /var/lock
mount -t sysfs -o nodev,noexec,nosuid sysfs /sys
mount -t proc -o nodev,noexec,nosuid proc /proc
# Note that this only becomes /dev on the real filesystem if udev's scripts
# are used; which they will be, but it's worth pointing out
tmpfs_size="10M"
if [ -e /etc/udev/udev.conf ]; then
. /etc/udev/udev.conf
fi
mkdir /dev/pts
mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts || true
mount -t tmpfs -o "nosuid,size=20%,mode=0755" tmpfs /run
if [ -e /dev/sda ]
then
cryptsetup luksOpen /dev/sda lulz
mount /dev/mapper/lulz /mnt/lulz
else
echo "No LUKS device found"
fi
exec setsid sh -c 'exec sh </dev/tty1 >/dev/tty1 2>&1'
# Chain to real filesystem
#exec chroot ${rootmnt} ${init} <${rootmnt}/dev/console >${rootmnt}/dev/console
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment