Henriks minimal Linux boot
Henrik Holst
Ethology researcher spending most of his time deep down in the comments section searching for intelligent life
I got tired of minimalistic boot systems trying to be minimal and of not knowing what is redundant boilerplate that can be removed and what is essential bits that needs to be running.
Let's go minimal and remove everything that is not a hard requirement to start a fully functional desktop environment.
First we need an init process. This should do. Compile and save as /init on the root partition.
#define _XOPEN_SOURCE 700
#include <signal.h>
#include <unistd.h>
#include <sys/wait.h>
int main()
{
sigset_t set;
int status;
if (getpid() != 1) return 1;
sigfillset(&set);
sigprocmask(SIG_BLOCK, &set, 0);
if (fork()) for (;;) wait(&status);
sigprocmask(SIG_UNBLOCK, &set, 0);
setsid();
setpgid(0, 0);
return execve("/etc/rc", (char *[]){ "rc", 0 }, (char *[]){ 0 });
}
Secondly we need to tell grub to boot it.
Open up /etc/default/grub and make sure that init=/init parameter is passed to the kernel.
# GRUB boot loader configuration
GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="Artix"
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet rd.udev.log_level=3 init=/init"
GRUB_CMDLINE_LINUX=""
# ... add more junk as needed.
Thirdly, we need some kind of setup script to initialize all the truly required boilerplate that programs in 2024 are dependent on. I want this to be as minimal as possible. I also want to inject here my own tuning like sysctl parameters and disk encryption.
The example script below is however not a generic best-possible but a template to build and optimize on. Especially the use of the TTY manager something that could be optimized. It is likely that it is not even needed, but I ran out of time.
#!/bin/sh
set -eu
# environment variables should be set in /etc/environment
hostname $(cat /etc/hostname)
modprobe iwlwifi
ip addr add 127.0.0.1/8 dev lo brd +
ip link set lo up
udevd -d
/usr/bin/dhcpcd -b 2>&1 > /dev/null
ntpd ntp.kth.se
cryptsetup luksOpen /dev/nvme0n1p3 data
lvm vgchange -ay
# sysctl
sysctl vm.overcommit_memory=1
# mounts
mkdir -p /dev/shm /dev/pts
mount /home
mount /var/lib/docker
mount -t cgroup2 none /sys/fs/cgroup/
mount -t tmpfs none /dev/shm -o noexec
mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts/
udevadm trigger --type=subsystems --action=add
udevadm trigger --type=devices --action=add
# auto-login on tty1
# experiment: run modern daemons on a tty as a process manager.
# otherwise, just run these from the river/init script together with all other session programs
agetty tty1 linux -a root &
agetty tty2 --skip-login --login-program /usr/bin/wpa_supplicant --login-options '-iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf' &
Finally, login to a Wayland session via a Fish login script
if test (tty) = "/dev/tty1" && test -z "$WAYLAND_DISPLAY"
export XDG_RUNTIME_DIR=/run
export MOZ_ENABLE_WAYLAND=1
# ...
exec ssh-agent seatd-launch river
end
Configure your Wayland session as usual.
Final note. I run my desktop as root. Multi-user and sudo is deprecated bloatware. Listen to the wise words of the late Terry Davis: "Linux wants to be a 1970s mainframe." My workstation must to be something a little more flexible than that.
After booting the kernel and running the initrd, the rc script boots up to desktop in less than a second.
Remote WAN Monitoring Technician for outage prevention
9 个月https://www.coreboot.org/
DevOps Jack of all trades
9 个月This is a good idea for some transactional (ostree/btrfs) system or even a minimal node/vm booted and configured via pxe ( for vm cloud-init)... for k3s nodes. Or docker workers for one.
Cofounder at SANN Stockholm AB
9 个月What exactly is the purpose of keeping grub around, and using initrd? They are clearly unnecessary in your configuration, as well as your own init process that can be replaced with very same boot script
Associate Professor at DSP group UNIUD
9 个月"I run my desktop as root. Multi-user and sudo is deprecated bloatware." I do not agree, sorry. I am a human being and I can make mistakes; I want my computer to protect itself from my silly mistakes, that's why I like to work with limited privileges and "upgrade" when it is needed. Maybe you could have just two users: one with privileges and another without, but if you have two users you can have many as well. Also, having many users allows you to give to different processes different privileges on the system. Maybe one could think about a solution with a single user, but with a plethora of privileges that you acquire when you need, but I am not sure what kind of advantage would give you.
Helping Embedded Engineers shoot data into the Cloud
9 个月Slightly opinionated but cool! You made it boot so fast in order to free up time for creating a bunch of users I guess :D