get back to initramfs on shutdown

I have got my own initramfs running its own init script. After doing some things, it finally calls switch_root and executes the init script of the system, which is mounted in /mnt.
Now I want to get back to the initramfs’ init script when Linux shuts down (so the init script from linux quits)

But because im calling exec switch_root /mnt /blah/init, the script terminates when Linux shuts down. But I want to do some things after that in my initramfs, which is not possible that way.

What I can do is chroot /mnt instead of switch_root ..., so when Linux shuts down, im back inside the init script. But this has the nasty side effect that some applications such as netctl will refuse to work, because they are called from inside a chrooted system.

So what I need is a way to switch_root into the system and finally get back to the initramfs.

Asked By: bricklore

||

You could pivot_root instead of switch_root (which deletes everything!).

If your init system won’t complain about not being pid 1, you might be done there.

The alternative solution is to make your init system be nice enough to pivot_root itself into a … what do you call it? shutdownramfs? That has nothing to do with initramfs but is the same principle that would let you perform a shutdown action or another.

I don’t think there is a standard solution since it should rarely be necessary to do anything on shutdown.

Answered By: frostschutz

This is possible using dracut.

  1. Have a backup in case anything going wrong such as an unbootable system.

  2. Switch to dracut (instead of initramfs-tools).

    sudo apt update
    sudo apt install –no-install-recommends dracut

  3. A custom written dracut module will be required.

  4. A dracut cleanup hooks needs to run dracut function need_shutdown.

This results in dracut creating file /run/initramfs/.need_shutdown.

At shutdown time /lib/systemd/system/dracut-shutdown.service to run /usr/lib/dracut/dracut-initramfs-restore, which will restore the initramfs and pivot into it.

  1. A dracut shutdown hooks will be required. If implemented, it will be executed very late at the shutdown process inside initramfs.

cold-boot-attack-defense is a dracut example module which does all of that.

References:

Full disclosure:

cold-boot-attack-defense has been developed by me.

How about doing this using initramfs-tools?

You’d have to implement a similar mechanism yourself for initramfs-tools. Tails did that.. Emulating that might be quite a bit harder than even doing what was described above for dracut. Or maybe the solution posted in initramfs-tools Debian feature request: Support restoring initrd on shutdown and pivoting into it
provides an easier path while using initramfs-tools. However, using dracut will be easier since this is a dracut default feature.

Answered By: adrelanos
Categories: Answers Tags: ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.