最近睡太少身体开始亮红灯Orz
来逐步解剖一下Alpine initramfs的init script当作知识储备:
/bin/busybox mkdir -p /usr/bin /usr/sbin /proc /sys /dev $sysroot \
/media/cdrom /media/usb /tmp /run/cryptsetup
# Spread out busybox symlinks and make them available without full path
/bin/busybox --install -s
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Make sure /dev/null is a device node. If /dev/null does not exist yet, the command
# mounting the devtmpfs will create it implicitly as an file with the "2>" redirection.
# The -c check is required to deal with initramfs with pre-seeded device nodes without
# error message.
[ -c /dev/null ] || mknod -m 666 /dev/null c 1 3
mount -t sysfs -o noexec,nosuid,nodev sysfs /sys
mount -t devtmpfs -o exec,nosuid,mode=0755,size=2M devtmpfs /dev 2>/dev/null \
|| mount -t tmpfs -o exec,nosuid,mode=0755,size=2M tmpfs /dev
# Make sure /dev/kmsg is a device node. Writing to /dev/kmsg allows the use of the
# earlyprintk kernel option to monitor early init progress. As above, the -c check
# prevents an error if the device node has already been seeded.
[ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11
mount -t proc -o noexec,nosuid,nodev proc /proc
# pty device nodes (later system will need it)
[ -c /dev/ptmx ] || mknod -m 666 /dev/ptmx c 5 2
[ -d /dev/pts ] || mkdir -m 755 /dev/pts
mount -t devpts -o gid=5,mode=0620,noexec,nosuid devpts /dev/pts
# shared memory area (later system will need it)
[ -d /dev/shm ] || mkdir /dev/shm
mount -t tmpfs -o nodev,nosuid,noexec shm /dev/shm
上面起头的逻辑相对的非常简单,busybox把该要的directory建好,然後自我安装。
接下来把基础的sysfs跟devtmpfs拉起来,以供後续的mounting跟housekeeping使用。
接着建好pty的char dev,这样以後才有办法作pty的population。
# read the kernel options. we need surve things like:
# acpi_osi="!Windows 2006" xen-pciback.hide=(01:00.0)
set -- $(cat /proc/cmdline)
myopts="alpine_dev autodetect autoraid chart cryptroot cryptdm cryptheader cryptoffset
cryptdiscards cryptkey debug_init dma init init_args keep_apk_new modules ovl_dev
pkgs quiet root_size root usbdelay ip alpine_repo apkovl alpine_start splash
blacklist overlaytmpfs rootfstype rootflags nbd resume s390x_net dasd ssh_key
BOOTIF zfcp"
for opt; do
case "$opt" in
s|single|1)
SINGLEMODE=yes
continue
;;
console=*)
opt="${opt#*=}"
KOPT_consoles="${opt%%,*} $KOPT_consoles"
continue
;;
esac
for i in $myopts; do
case "$opt" in
$i=*) eval "KOPT_${i}"='${opt#*=}';;
$i) eval "KOPT_${i}=yes";;
no$i) eval "KOPT_${i}=no";;
esac
done
done
如注解所说,上面是init script正在把kernel boot arg爬下来、转换成它自己的syntax (KOPT_xxx
),後面要根据这些option做事。
echo "Alpine Init $VERSION" > /dev/kmsg
[ "$KOPT_quiet" = yes ] || echo "Alpine Init $VERSION"
# enable debugging if requested
[ -n "$KOPT_debug_init" ] && set -x
# set default values
: ${KOPT_init:=/sbin/init}
# pick first keymap if found
for map in /etc/keymap/*; do
if [ -f "$map" ]; then
ebegin "Setting keymap ${map##*/}"
zcat "$map" | loadkmap
eend
break
fi
done
# start bootcharting if wanted
if [ "$KOPT_chart" = yes ]; then
ebegin "Starting bootchart logging"
/sbin/bootchartd start-initfs "$sysroot"
eend 0
fi
# The following values are supported:
# alpine_repo=auto -- default, search for .boot_repository
# alpine_repo=http://... -- network repository
ALPINE_REPO=${KOPT_alpine_repo}
[ "$ALPINE_REPO" = "auto" ] && ALPINE_REPO=
# hide kernel messages
[ "$KOPT_quiet" = yes ] && dmesg -n 1
# optional blacklist
for i in ${KOPT_blacklist//,/ }; do
echo "blacklist $i" >> /etc/modprobe.d/boot-opt-blacklist.conf
done
# determine if we are going to need networking
if [ -n "$KOPT_ip" ] || [ -n "$KOPT_nbd" ] || \
is_url "$KOPT_apkovl" || is_url "$ALPINE_REPO"; then
do_networking=true
else
do_networking=false
fi
Alpine init的debug log正式出现,开始处理initramfs的option。
其中最重要的是 alpine_repo
,Alpine原始状态下,会使用该option指向的 repo mirror,去抓取最新(或指定版本)的package下来组他真正的rootfs。
然而如果它指向的是一个网路URI 例如:
http://alpine.ccns.ncku.edu.tw/alpine/edge/main/
他就会需要作网路设定的逻辑,本文後面会提及。
# make sure we load zfs module if root=ZFS=...
rootfstype=${KOPT_rootfstype}
if [ -z "$rootfstype" ]; then
case "$KOPT_root" in
ZFS=*) rootfstype=zfs ;;
esac
fi
# load available drivers to get access to modloop media
ebegin "Loading boot drivers"
modprobe -a $(echo "$KOPT_modules $rootfstype" | tr ',' ' ' ) loop squashfs 2> /dev/null
if [ -f /etc/modules ] ; then
sed 's/\#.*//g' < /etc/modules |
while read module args; do
modprobe -q $module $args
done
fi
eend 0
if [ -n "$KOPT_cryptroot" ]; then
cryptopts="-c ${KOPT_cryptroot}"
if [ "$KOPT_cryptdiscards" = "yes" ]; then
cryptopts="$cryptopts -D"
fi
if [ -n "$KOPT_cryptdm" ]; then
cryptopts="$cryptopts -m ${KOPT_cryptdm}"
fi
if [ -n "$KOPT_cryptheader" ]; then
cryptopts="$cryptopts -H ${KOPT_cryptheader}"
fi
if [ -n "$KOPT_cryptoffset" ]; then
cryptopts="$cryptopts -o ${KOPT_cryptoffset}"
fi
if [ "$KOPT_cryptkey" = "yes" ]; then
cryptopts="$cryptopts -k /crypto_keyfile.bin"
elif [ -n "$KOPT_cryptkey" ]; then
cryptopts="$cryptopts -k ${KOPT_cryptkey}"
fi
fi
if [ -n "$KOPT_nbd" ]; then
# TODO: Might fail because nlplug-findfs hasn't plugged eth0 yet
configure_ip
setup_nbd || echo "Failed to setup nbd device."
fi
# zpool reports /dev/zfs missing if it can't read /etc/mtab
ln -s /proc/mounts /etc/mtab
# check if root=... was set
if [ -n "$KOPT_root" ]; then
if [ "$SINGLEMODE" = "yes" ]; then
echo "Entering single mode. Type 'exit' to continue booting."
sh
fi
ebegin "Mounting root"
nlplug-findfs $cryptopts -p /sbin/mdev ${KOPT_debug_init:+-d} \
$KOPT_root
if echo "$KOPT_modules $rootfstype" | grep -qw btrfs; then
/sbin/btrfs device scan >/dev/null || \
echo "Failed to scan devices for btrfs filesystem."
fi
if [ -n "$KOPT_resume" ]; then
echo "Resume from disk"
if [ -e /sys/power/resume ]; then
printf "%d:%d" $(stat -Lc "0x%t 0x%T" "$KOPT_resume") >/sys/power/resume
else
echo "resume: no hibernation support found"
fi
fi
if [ "$KOPT_overlaytmpfs" = "yes" ]; then
mkdir -p /media/root-ro /media/root-rw $sysroot/media/root-ro \
$sysroot/media/root-rw
mount -o ro $KOPT_root /media/root-ro
mount -t tmpfs root-tmpfs /media/root-rw
mkdir -p /media/root-rw/work /media/root-rw/root
mount -t overlay -o lowerdir=/media/root-ro,upperdir=/media/root-rw/root,workdir=/media/root-rw/work overlayfs $sysroot
else
if [ "$rootfstype" = "zfs" ]; then
prepare_zfs_root
fi
mount ${rootfstype:+-t} ${rootfstype} \
-o ${KOPT_rootflags:-ro} \
${KOPT_root#ZFS=} $sysroot
fi
eend $?
cat /proc/mounts | while read DEV DIR TYPE OPTS ; do
if [ "$DIR" != "/" -a "$DIR" != "$sysroot" -a -d "$DIR" ]; then
mkdir -p $sysroot/$DIR
mount -o move $DIR $sysroot/$DIR
fi
done
sync
exec /bin/busybox switch_root $sysroot $chart_init "$KOPT_init" $KOPT_init_args
echo "initramfs emergency recovery shell launched"
exec /bin/busybox sh
fi
然而如果bootarg有指定rootdev的 root=/path/to/rootdev
,那便是Alpine的世界观里有permanant installation的状态,那就会在处理完rootfs type(ZFS/有没有加密过/是否有透过overlayfs去打造读写分离...)後,便会直接mount好、并且switch_root过去。
而这边有个Alpine重要的辅助tool在上篇有提及,那就是 nlplug-findfs
,下篇将会深入来看他的选项与逻辑,这边先想成威力加强版的mount
就好。
if $do_networking; then
repoopts="-n"
else
repoopts="-b $repofile"
fi
# locate boot media and mount it
ebegin "Mounting boot media"
nlplug-findfs $cryptopts -p /sbin/mdev ${KOPT_debug_init:+-d} \
${KOPT_usbdelay:+-t $(( $KOPT_usbdelay * 1000 ))} \
$repoopts -a /tmp/apkovls
eend $?
# Setup network interfaces
if $do_networking; then
configure_ip
fi
# early console?
if [ "$SINGLEMODE" = "yes" ]; then
echo "Entering single mode. Type 'exit' to continue booting."
sh
fi
# mount tmpfs sysroot
rootflags="mode=0755"
if [ -n "$KOPT_root_size" ]; then
echo "WARNING: the boot option root_size is deprecated. Use rootflags instead"
rootflags="$rootflags,size=$KOPT_root_size"
fi
if [ -n "$KOPT_rootflags" ]; then
rootflags="$rootflags,$KOPT_rootflags"
fi
mount -t tmpfs -o $rootflags tmpfs $sysroot
if [ -z "$KOPT_apkovl" ]; then
# Not manually set, use the apkovl found by nlplug
if [ -e /tmp/apkovls ]; then
ovl=$(head -n 1 /tmp/apkovls)
fi
elif is_url "$KOPT_apkovl"; then
# Fetch apkovl via network
MACHINE_UUID=$(cat /sys/class/dmi/id/product_uuid 2>/dev/null)
url="${KOPT_apkovl/{MAC\}/$MAC_ADDRESS}"
url="${url/{UUID\}/$MACHINE_UUID}"
ovl=/tmp/${url##*/}
wget -O "$ovl" "$url" || ovl=
else
ovl="$KOPT_apkovl"
fi
# parse pkgs=pkg1,pkg2
if [ -n "$KOPT_pkgs" ]; then
pkgs=$(echo "$KOPT_pkgs" | tr ',' ' ' )
fi
# load apkovl or set up a minimal system
if [ -f "$ovl" ]; then
ebegin "Loading user settings from $ovl"
# create apk db and needed /dev/null and /tmp first
apk add --root $sysroot --initdb --quiet
unpack_apkovl "$ovl" $sysroot
eend $? $errstr || ovlfiles=
# hack, incase /root/.ssh was included in apkovl
[ -d "$sysroot/root" ] && chmod 700 "$sysroot/root"
pkgs="$pkgs $(cat $sysroot/etc/apk/world 2>/dev/null)"
fi
好的,这边就提到Alpine很重要的开机世界观:〝Boot media〞,前面有说对於Alpine预设而言,它会从alpine_repo去捞package来组rootfs,而alpine_repo的来源有很多,网路是最简单的,但是如选项所示,他其实也可以是其他blockdev,所以他才会有个usb wait的选项让nlplug-findfs
去等USB dev能够被正确识别(这边牵扯到kerenel device hotplug的uevent机制、有点复杂,下一篇谈nlpluf-findfs时会想办法一并带过)
然而一个重点是可以看到configure_ip
这个,该shell function会展开成:
# Default (when configure_ip is called without setting ip=):
# ip=dhcp
#
configure_ip() {
[ -n "$MAC_ADDRESS" ] && return
local IFS=':'
set -- ${KOPT_ip:-dhcp}
unset IFS
local client_ip="$1"
local gw_ip="$3"
local netmask="$4"
local device="$6"
local autoconf="$7"
local dns1="$8"
local dns2="$9"
case "$client_ip" in
off|none) return;;
dhcp) autoconf="dhcp";;
esac
[ -n "$device" ] || device=$(ip_choose_if)
if [ -z "$device" ]; then
echo "ERROR: IP requested but no network device was found"
return 1
fi
if [ "$autoconf" = "dhcp" ]; then
# automatic configuration
if [ ! -e /usr/share/udhcpc/default.script ]; then
echo "ERROR: DHCP requested but not present in initrd"
return 1
fi
ebegin "Obtaining IP via DHCP ($device)"
ifconfig "$device" 0.0.0.0
udhcpc -i "$device" -f -q
eend $?
else
# manual configuration
[ -n "$client_ip" -a -n "$netmask" ] || return
ebegin "Setting IP ($device)"
if ifconfig "$device" "$client_ip" netmask "$netmask"; then
[ -z "$gw_ip" ] || ip route add 0.0.0.0/0 via "$gw_ip" dev "$device"
fi
eend $?
fi
# Never executes if variables are empty
for i in $dns1 $dns2; do
echo "nameserver $i" >> /etc/resolv.conf
done
MAC_ADDRESS=$(cat /sys/class/net/$device/address)
}
从逻辑来看,如果以QEMU + SLIRP (usernet)的方式,最简单就是bootarg直接 ip=dhcp
让它自动抓。
if [ -f "$sysroot/etc/.default_boot_services" -o ! -f "$ovl" ]; then
# add some boot services by default
rc_add devfs sysinit
rc_add dmesg sysinit
rc_add mdev sysinit
rc_add hwdrivers sysinit
rc_add modloop sysinit
rc_add modules boot
rc_add sysctl boot
rc_add hostname boot
rc_add bootmisc boot
rc_add syslog boot
rc_add mount-ro shutdown
rc_add killprocs shutdown
rc_add savecache shutdown
rc_add firstboot default
rm -f "$sysroot/etc/.default_boot_services"
fi
这边也是一个重点,他在建OpenRC要的init files,rc_add
会展开成:
# add a boot service to $sysroot
rc_add() {
mkdir -p $sysroot/etc/runlevels/$2
ln -sf /etc/init.d/$1 $sysroot/etc/runlevels/$2/$1
}
而其中 /etc/init.d
对我来说是个有点阴阳魔界的状态,到现在我还在对initramfs log来查他的来源,到底在Alpine aports的哪个package会组件出来。
if [ "$KOPT_splash" != "no" ]; then
echo "IMG_ALIGN=CM" > /tmp/fbsplash.cfg
for fbdev in /dev/fb[0-9]; do
[ -e "$fbdev" ] || break
num="${fbdev#/dev/fb}"
for img in /media/*/fbsplash$num.ppm; do
[ -e "$img" ] || break
config="${img%.*}.cfg"
[ -e "$config" ] || config=/tmp/fbsplash.cfg
fbsplash -s "$img" -d "$fbdev" -i "$config"
break
done
done
for fbsplash in /media/*/fbsplash.ppm; do
[ -e "$fbsplash" ] && break
done
fi
if [ -n "$fbsplash" ] && [ -e "$fbsplash" ]; then
ebegin "Starting bootsplash"
mkfifo $sysroot/$splashfile
config="${fbsplash%.*}.cfg"
[ -e "$config" ] || config=/tmp/fbsplash.cfg
setsid fbsplash -T 16 -s "$fbsplash" -i $config -f $sysroot/$splashfile &
eend 0
else
KOPT_splash="no"
fi
if [ -f $sysroot/etc/fstab ]; then
has_fstab=1
fstab=$sysroot/etc/fstab
# let user override tmpfs size in fstab in apkovl
mountopts=$(awk '$2 == "/" && $3 == "tmpfs" { print $4 }' $sysroot/etc/fstab)
if [ -n "$mountopts" ]; then
mount -o remount,$mountopts $sysroot
fi
# move the ALPINE_MNT if ALPINE_DEV is specified in users fstab
# this is so a generated /etc/apk/repositories will use correct
# mount dir
relocate_mount "$sysroot"/etc/fstab
elif [ -f /etc/fstab ]; then
relocate_mount /etc/fstab
fi
# hack so we get openrc
pkgs="$pkgs alpine-base"
# copy keys so apk finds them. apk looks for stuff relative --root
mkdir -p $sysroot/etc/apk/keys/
cp -a /etc/apk/keys $sysroot/etc/apk
# generate apk repositories file. needs to be done after relocation
find_boot_repositories > $repofile
# silently fix apk arch in case the apkovl does not match
if [ -r "$sysroot"/etc/apk/arch ]; then
apk_arch="$(apk --print-arch)"
if [ -n "$apk_arch" ]; then
echo "$apk_arch" > "$sysroot"/etc/apk/arch
fi
fi
# generate repo opts for apk
for i in $(cat $repofile); do
repo_opt="$repo_opt --repository $i"
done
# install new root
ebegin "Installing packages to root filesystem"
if [ "$KOPT_chart" = yes ]; then
pkgs="$pkgs acct"
fi
# add openssh
if [ -n "$KOPT_ssh_key" ]; then
pkgs="$pkgs openssh"
rc_add sshd default
fi
# use swclock if no RTC is found
if rtc_exists || [ "$(uname -m)" = "s390x" ]; then
rc_add hwclock boot
else
rc_add swclock boot
fi
# enable support for modloop verification
if [ -f /var/cache/misc/*modloop*.SIGN.RSA.*.pub ]; then
mkdir -p "$sysroot"/var/cache/misc
cp /var/cache/misc/*modloop*.SIGN.RSA.*.pub "$sysroot"/var/cache/misc
pkgs="$pkgs openssl"
fi
apkflags="--initramfs-diskless-boot --progress"
if [ -z "$MAC_ADDRESS" ]; then
apkflags="$apkflags --no-network"
else
apkflags="$apkflags --update-cache"
fi
if [ "$KOPT_quiet" = yes ]; then
apkflags="$apkflags --quiet"
fi
if [ "$KOPT_keep_apk_new" != yes ]; then
apkflags="$apkflags --clean-protected"
[ -n "$ovlfiles" ] && apkflags="$apkflags --overlay-from-stdin"
fi
mkdir -p $sysroot/sys $sysroot/proc $sysroot/dev
mount -o bind /sys $sysroot/sys
mount -o bind /proc $sysroot/proc
mount -o bind /dev $sysroot/dev
if [ -n "$ovlfiles" ]; then
apk add --root $sysroot $repo_opt $apkflags $pkgs <$ovlfiles
else
apk add --root $sysroot $repo_opt $apkflags $pkgs
fi
umount $sysroot/sys $sysroot/proc $sysroot/dev
eend $?
# unmount ovl mount if needed
if [ -n "$ovl_unmount" ]; then
umount $ovl_unmount 2>/dev/null
fi
# remount according default fstab from package
if [ -z "$has_fstab" ] && [ -f "$sysroot"/etc/fstab ]; then
relocate_mount "$sysroot"/etc/fstab
fi
# generate repositories if none exists. this needs to be done after relocation
if ! [ -f "$sysroot"/etc/apk/repositories ]; then
find_boot_repositories > "$sysroot"/etc/apk/repositories
fi
# respect mount options in fstab for ALPINE_MNT (e.g if user wants rw)
if [ -f "$sysroot"/etc/fstab ]; then
opts=$(awk "\$2 == \"$ALPINE_MNT\" {print \$4}" $sysroot/etc/fstab)
if [ -n "$opts" ]; then
mount -o remount,$opts "$ALPINE_MNT"
fi
fi
这边就是重头戏了,透过Alpine的套件管理系统来把rootfs要的东西,一个一个地装进 ALPINE_MNT中,如果使用者有下 rw
,会帮忙remount成可读可写。
# fix inittab if alternative console
setup_inittab_console
# copy alpine release info
#if ! [ -f "$sysroot"/etc/alpine-release ] && [ -f $ALPINE_MNT/.alpine-release ]; then
# cp $ALPINE_MNT/.alpine-release $sysroot/
# ln -sf /.alpine-release $sysroot/etc/alpine-release
#fi
! [ -f "$sysroot"/etc/resolv.conf ] && [ -f /etc/resolv.conf ] && \
cp /etc/resolv.conf "$sysroot"/etc
# setup bootchart for switch_root
chart_init=""
if [ "$KOPT_chart" = yes ]; then
/sbin/bootchartd stop-initfs "$sysroot"
chart_init="/sbin/bootchartd start-rootfs"
fi
if [ ! -x "${sysroot}${KOPT_init}" ]; then
[ "$KOPT_splash" != "no" ] && echo exit > $sysroot/$splashfile
echo "$KOPT_init not found in new root. Launching emergency recovery shell"
echo "Type exit to continue boot."
/bin/busybox sh
fi
# switch over to new root
cat /proc/mounts | while read DEV DIR TYPE OPTS ; do
if [ "$DIR" != "/" -a "$DIR" != "$sysroot" -a -d "$DIR" ]; then
mkdir -p $sysroot/$DIR
mount -o move $DIR $sysroot/$DIR
fi
done
sync
[ "$KOPT_splash" = "init" ] && echo exit > $sysroot/$splashfile
echo ""
exec /bin/busybox switch_root $sysroot $chart_init "$KOPT_init" $KOPT_init_args
[ "$KOPT_splash" != "no" ] && echo exit > $sysroot/$splashfile
echo "initramfs emergency recovery shell launched"
exec /bin/busybox sh
reboot
接下来就是最终的house-keeping了,inittab/rootfs有哪些东西要override掉这是最後一个可以干涉的环节,如果没有、那就会呼叫switch_root
,去执行rootfs里面的OpenRC起来作真正的系统设定与daemon启动。
<<: [Day 30] 模仿 Node 的非同步实验兼完赛心得
>>: Day15 Android - fragment介绍
上午: Python机器学习套件与资料分析 使用tensorflow.keras 测试不同optim...
这篇会写如何设计 DDE 语料库,还有 DDE 设计的逻辑。 终於来到第五篇,这次截图比较多,主要是...
最後,我们提一下,设计时可能面对的问题,首先,分类要分好,因为资源有优先顺序的问题,所以在设计的时候...
新的讲者在 Sky 工作,要来跟我们讲怎麽做有逻辑判断的互动设计。 这次会做三个范例: 判断两次密码...
上一篇所说到的textItem 仅能回答一行 若想要出问答题、申论题等 就要使用能回答多行的Para...