Mkinitrd-cd

Last updated on 2019-02-23

The mkinitrd-cd package is one of the major building blocks of the Gibraltar firewall. It enables the system to be booted from and run directly of CD-ROMs and other read-only media. In contrast to most other Linux live CDs, it does not use a RAM disk as its root file system and then mount parts the CD-ROM as subtrees and/or populate the RAM disk with symlink farms. From a security point of view, this has the major advantage that the actual root file system is read-only. By removing the capability to mount new file system, this effectively makes it impossible for a potential attacker to modify any files in the running system.

To allow a system to boot directly off a read-only medium, the mkinitrd-cd package consists of multiple parts:

  • The major part is the linuxrc shell script that is executed within an initrd system before the real root file system is mounted. Its purpose is exactly to mount the real root file system and pass control over to start the normal boot process.
  • For the linuxrc script to do its job, some support files are necessary, including device files and binaries to deal with hardware auto-detection and kernel module handling.
  • A complete, automated build environment for the initrd image is provided in terms of the mkinitrd-cd shell script. This script can construct a working initrd image for given kernel modules.

As of now, the package name is actually a bit misleading, because starting with version 0.29 (released December 2003), support for booting from USB storage media has been added. It is no longer specific to booting live Linux system from CD-ROMs, but can now also boot from USB storage, compact flash media, file system containers that are mounted loop-back (and can contain arbitrary file systems), UML rootfs file systems, and others. By default, it tries to locate any CD-ROMs or USB storage media that contain a matching live file system, but kernel command line parameters can be used to activate different root media.

Because the mkinitrd-cd package has been included in the main Debian distribution since April 2000, the versions posted here mostly serve a historical purpose. For the newest available version, please see the Debian unstable distribution’s version. All versions starting with 0.5 were uploaded to the Debian archives, the previous versions are available here for download:

  • Version 0.1: The first public version of mkinitrd-cd, released September 1999. It was the result of a few months effort trying certain approaches at initrd images for booting directly from a read-only CD-ROM. This version used a C implementation of linuxrc and came with the first working mkinitrd-cd shell script for automating the process of creating the whole initrd image.
  • Version 0.2: released October 1999, adding very basic documentation.
  • Version 0.3: released March 2000, switching from a C version of linuxrc to a shell script implementation for a better compromise between flexibility, rapid development, and execution speed.
  • Version 0.4: released March 2000, generally improving the initrd image and its creation process.

All versions until 0.19 (released March 2002) had to resort to a rather hackish method of changing the kernel’s root file system on-the-fly, namely writing to the /proc/sys/kernel/real-root-dev file. This needed careful preparation and had some nasty-to-debug side effects. Fortunately, current kernels (starting with 2.4) offer the pivot_root system call that implements a clean way of switching the root file system. Version 0.19 started using this system call, abandoning support for pre-2.4 kernels but making the process both more stable and cleaner.
For the changelog after these versions, please check the changelog of the Debian unstable distribution’s version.

Linux Live boot Open source
René Mayrhofer
René Mayrhofer
Professor of Networks and Security & Director of Engineering at Android Platform Security; pacifist, privacy fan, recovering hypocrite; generally here to question and learn