blob: ff5b9efd6cc673161187ecc5fcf4717d8a3f9937 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
# mkinitcpio-hook-neoshy
[](https://aur.archlinux.org/packages/mkinitcpio-hook-neoshy)
[](LICENSE)
[](#)
[](#)
Custom mkinitcpio hook to mount a container image from a block device before running the `encrypt` hook.
## What it does
This hook is intended for use cases where your encrypted root filesystem is stored *inside a container file* on a block device, rather than on the block device itself.
It:
1. Mounts the block device specified by `src_dev=...`
2. Locates the container image file on that device via `src_img=...`
3. Attaches it to a loop device
4. Makes the loop device available to the `encrypt` hook, via standard `cryptdevice=...` kernel parameter
## Kernel cmdline usage
You must add the following parameters to your kernel cmdline:
src_dev=/dev/your_block_device src_img=/relative/path/to/container.img cryptdevice=/dev/loop0:your_crypt_name root=/dev/mapper/your_crypt_name
Example:
src_dev=/dev/nvme0n1p3 src_img=/crypto/rootfs.img cryptdevice=/dev/loop0:cryptroot root=/dev/mapper/cryptroot
## On Arch-based distros you can install this package from AUR:
paru -S mkinitcpio-hook-neoshy (Of cause you can use another aur-helper :) )
or just makepkg -i in source directory
## Installation on another distros:
make install
Then add `neoshy` **before** `encrypt` in your `/etc/mkinitcpio.conf` HOOKS-section:
HOOKS=(base udev autodetect modconf block keyboard `neoshy` `encrypt` filesystems fsck)
Then rebuild your initramfs:
sudo mkinitcpio -P
## License
MIT
---
Author: Andrei A. Bykov <andrei.a.bykov@hotmail.com>
|