• Edit
  • Delete

initramfs-tools / busybox / dropbear

http://manpages.ubuntu.com/manpages/bionic/man8/initramfs-tools.8.html

Available hooks:

  • /usr/share/initramfs-tools/hooks

Interesting examples: (probably needs apt install dropbear)

  • vi /usr/share/initramfs-tools/hooks/dropbear
  • vi /usr/share/initramfs-tools/hooks/cryptroot-unlock
    • adds message to /etc/motd (message of the day)

Create custom hook to include an executable in initramfs

  • vi /etc/initramfs-tools/hooks/dbclient
    • #!/bin/sh
      
      # add hookscripts which need to be executed before this script
      PREREQ="dropbear"
      
      prereqs() {
          echo "$PREREQ"
      }
      
      case "$1" in
          prereqs)
              prereqs
              exit 0
          ;;
      esac
      
      # Load helper functions
      . /usr/share/initramfs-tools/hook-functions
      
      # Helper function to copy an executable to be available in initramfs
      copy_exec /usr/bin/dbclient /bin
  • chmod 755 /etc/initramfs-tools/hooks/dbclient
  • update-initramfs -u

/bin/dbclient (dropbear ssh client) is now available in initramfs busybox

Add Curl

  • vi /etc/initramfs-tools/hooks/curl
    • #!/bin/sh
      
      # add hookscripts which need to be executed before this script
      PREREQ="dropbear"
      
      prereqs() {
          echo "$PREREQ"
      }
      
      case "$1" in
          prereqs)
              prereqs
              exit 0
          ;;
      esac
      
      # Load helper functions
      . /usr/share/initramfs-tools/hook-functions
      
      # Helper function to copy an executable to be available in initramfs
      copy_exec /usr/bin/curl /bin
  • chmod 755 /etc/initramfs-tools/hooks/curl
  • update-initramfs -u

Note: to query an ssl site, you need to use "curl --insecure". This skips certificate check, as we have no ssl certificates available in busybox

 

 

Add jq

JSON parser

  • vi /etc/initramfs-tools/hooks/jq
    • #!/bin/sh
      
      # add hookscripts which need to be executed before this script
      PREREQ="dropbear"
      
      prereqs() {
          echo "$PREREQ"
      }
      
      case "$1" in
          prereqs)
              prereqs
              exit 0
          ;;
      esac
      
      # Load helper functions
      . /usr/share/initramfs-tools/hook-functions
      
      # Helper function to copy an executable to be available in initramfs
      copy_exec /usr/bin/jq /bin
  • chmod 755 /etc/initramfs-tools/hooks/jq
  • update-initramfs -u

 

Add some programs

  • vi /etc/initramfs-tools/hooks/addons
    • #!/bin/sh
      
      # add hookscripts which need to be executed before this script
      PREREQ="dropbear"
      
      prereqs() {
          echo "$PREREQ"
      }
      
      case "$1" in
          prereqs)
              prereqs
              exit 0
          ;;
      esac
      
      # Load helper functions
      . /usr/share/initramfs-tools/hook-functions
      
      # Helper function to copy an executable to be available in initramfs
      copy_exec /usr/bin/jq /bin
      copy_exec /usr/bin/curl /bin
      copy_exec /usr/bin/dbclient /bin
      copy_exec /bin/netstat /bin
      copy_exec /bin/nano /bin
  • chmod 755 /etc/initramfs-tools/hooks/addons
  • update-initramfs -u