Comments (4)
I think I've found the root cause:
- On my system I've been running opendoas instead of good old sudo
- opendoas sets the
PATH
environment variable to a hardcode set of "safepath" instead of inheriting the value of$PATH
from current shell - and this "safepath" puts
/bin
at the top of the list booster build
picks up executables in/bin
because it's at the top of the list
sudo
has a simillar setting named secure_path
but somehow plays nice with booster. I just tried running sudo booster build ...
and images have /usr/bin/fido2-assert
which should work just fine.
But still, right now booster(1)
claims that a relative path is resolved from /usr/bin
without mentioning the PATH
environmental variable. Meanwhile in CHANGES.md
(which is not necessarily packaged by Linux distros) it claims that booster will actually lookup executables in PATH
.
Before I could come up with some constructive suggestions I could really use a break...
from booster.
Hello @5long thank you for this extensive analysis.
right now booster(1) claims that a relative path is resolved from /usr/bin without mentioning the PATH environmental variable. Meanwhile in CHANGES.md (which is not necessarily packaged by Linux distros) it claims that booster will actually lookup executables in PATH.
Until recently booster
was using golan's exec.LookPath
function that is relying on PATH envvar.
But recently (commit 7766b07) booster has switched to predefined list of directories to lookup. It was done for the security and reproducibility reasons. The list is here
booster/generator/generator.go
Lines 306 to 313 in 7766b07
The change is not part of a released version. It targets the upcoming 0.11
release.
from booster.
@5long By any chance, are you still experiencing this issue? On my host machine, booster's default minimal generated initramfs would not reliably unlock my encrypted device using a Yubikey unless it was configured to generate a universal image.
I was able to get around this by force loading my graphics module, usbhid
and hid_sensor_hub
.
booster.yaml:
modules_force_load: amdgpu,usbhid,hid_sensor_hub
extra_files: fido2-assert
from booster.
@c3Ls1US Upgrading to booster=v0.11-1 solved my issue. Can't be of help here, sorry.
from booster.
Related Issues (20)
- Update README.md
- Incorrect kernel HOT 4
- Unable to boot into OS HOT 1
- Handle compressed root filesystem in ISO mode HOT 9
- Unable to unlock root partition with tpm2 key HOT 17
- `vconsole: true` blocks booting w/ booster exit status 71 HOT 9
- Is it possible to boot without switching root? HOT 6
- cannot reliably unlock encrypted partition with fido2-assert
- LVM on LUKS no password asked HOT 10
- Missing Intel volume management device driver (NVMe)
- systemd-boot now can default to `/efi` as the folder for initramfs images. How does booster cope with that? HOT 5
- quiet option breaks loading
- Improve fsck handling
- Read-only flag for root fs should overwrite the read-write flag
- booster fails when loading microcode image first HOT 5
- Add support for bcachefs
- Boot isn't silent
- ```vconsole: true``` causes systems with encrypted root to freeze. HOT 1
- No keyboard input on Linux >=6.7.6 kernel HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from booster.