I am trying to learn the boot process of linux. I assume that, as of 2014, I am now living in a EFI-GPT world. every x86 computer worth more than $100 should have this.
my goal is to remove the true physical boot medium asap before the network comes up. this way, a hacker cannot root-kit me. the memory cost is trivial. my linux system is only about 2GB, which should compress down to 1GB ($10). my plan: in the stage1 init (sda1 = /boot), unless I see a request for "notoram" on the linux boot prompt, I will copy my normal physical root partition (sda2) into a squashfs, and unmount sda2. instead of exec-ing for stage2 into /dev/sda2, I then simply exec into its ro ram copy. is this transition to stage 2 also where I can drop the physical medium? the relevant kernel and initrd have already been read from /boot, so presumably the sda1 /boot partition has been copied and can be unmounted the instant before stage2, too. I think I can figure this out, but if this already exists or if there are specific issues I should read up on, then pointers would be useful. docs are a little sparse... /iaw -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/capr7rtujmwu4plozhxb354dcdvngy3uupgfnbjbcxioq6nt...@mail.gmail.com
