On Sat, Sep 25, 2021 at 4:30 PM Canek Peláez Valdés <[email protected]> wrote: > > the simplest solution is to put your integrity logic in the initrd (with the > added benefit that you can mount it in emergencies if something goes wrong > with root). >
If you want to try this, consider this article I wrote ages ago. I no longer use this but it is a quick recipe for how to create your own dracut module: https://rich0gentoo.wordpress.com/2012/01/21/a-quick-dracut-module/ It is really easy to tweak dracut, and it has a lot of automagic functionality which means you mostly only need to worry about whatever is particular with your setup. You can also have your module grab any config files and binaries/libraries needed off of your filesystem so that they are available when it runs. -- Rich
