On Wed, Jul 18, 2012 at 3:40 PM, Michael Mol <mike...@gmail.com> wrote: > So your initramfs doesn't include network tools such as ping, > traceroute or wget. Fine. Fundamentally speaking, why shouldn't > someone else's?
So, an initramfs is just a piece of kernel functionality. You can do almost ANYTHING in an initramfs, subject to the limitation that it is stored in RAM without any backing store. There are lots of reasons to use an initramfs, and the biggest ones don't pertain much to Gentoo. Here are some of the big use cases: 1. One-size-fits-all kernel. You want to support root and /usr on any filesystem, on any kind of hard drive, or on a SAN, or who knows where. That either means saying Y to every driver in the kernel, or saying M and using an initramfs to load what is needed to get to root. 2. One-size-fits-all grub config. You put the smarts in the initramfs, and use filesystem labels and such to identify partitions. 3. Use of labels/UUIDs on partitions. When mdadm decides to renumber half your devices on a whim or you add a drive and everything bubbles down by one, your system still boots. 4. Cleaner mounting of root, ability to fsck on initial mount, etc. 5. When something goes wrong you can get a dash/bash shell instead of a grub shell. The former is clearly more useful even if you don't have firefox+X11 in your initramfs. 6. Support for booting off of stuff that the kernel can't find on its own, like SANs/etc. That might require network support in the initramfs, and that usually isn't a big deal. If somebody can spoof DNS on your fiber channel interface you've got bigger problems. Sure, the more you do with the initramfs the bigger the potential security risks. Most distros don't have users build either kernels or initramfs which means they can just push updates, but that requires #1 above, which I think most Gentoo users would not appreciate. However, the initramfs shouldn't leave much of anything running after it chroots, so the window should be fairly small. Rich
