Booster consists of two major components:
- Initramfs generator
/usr/bin/boosteruser-space tool. It is responsible for initramfs image generation.
- Generated images that are usually located at
/boot/and used by the system boot loader to boot Linux OS.
Install . The package installation hook will generate initramfs images, one per installed kernel (e.g. for , ). The images are located under
$ ls -lh /boot/booster*
-rwxr-xr-x 1 root root 4.0M Dec 16 16:20 /boot/booster-linux.img
Or the image can be built manually:
$ booster build mybooster.img
Booster generator configuration is located at
/etc/booster.yaml. If there is no configuration file then the default configuration (host-specific images, no network) is used.
The configuration file helps to override the default behaviour. Seefor detailed information.
Regenerate booster images
Once you are done with booster configuration you need to update booster images at
/boot. An image can be generated manually with
booster build booster-foo.img or using a convenience script
/usr/lib/booster/regenerate_images that iterates over all installed kernels and generates booster image for each of them.
Boot loader configuration
Once the image is generated it is time to configure the boot loader.
To enable the new initramfs image with systemd-boot simply create a new boot loader entry like this one:
title Arch Linux with booster linux /vmlinuz-linux initrd /booster-linux.img options root=UUID=08f83949-bcbb-47bb-bc17-089aaa59e17e rw
Where the root filesystem is referenced by
UUID=08f83949-bcbb-47bb-bc17-089aaa59e17e. To find your root device UUID run
Booster supports LUKS based full disk encryption out of the box and Clevis too. Generator does not need any extra configuration. And for initramfs you need to append information about the LUKS partition where the root resides. This is done with either
rd.luks.name=LUKSUUID=LUKSNAME kernel parameter that you need to specify in your boot loader configuration file.
LUKSUUID specifies UUID of the encrypted LUKS partition that needs to be unlocked by booster. Pay attention that the UUID does not contain any quotes.
LUKSNAME specifies name of the unlocked partition (as in
No image rebuild is required. Once the boot loader configuration is done, reboot the computer. After that you will see a
Enter passphrase for YOURROOT: prompt at the boot time asking for a password for the encrypted root partition.
Systemd style binding
Booster also supports partitions bound with systemd such as
If you use `systemd-fido2` then please installpackage and add fido2-assert to the image using following configuration:
Regenerate the booster images. Booster will detect this configuration during boot and use the present YubiKey to unlock the drive.
If booster has issues and does not work as expected then please enable debug output that provides extra information about what is going on:
- for generator there is a
-debugcommand line flag:
- for init there is a
If you believe it is an issue with booster itself then please file a ticket here https://github.com/anatol/booster/issues
Early module loading
The are situations when some kernel modules need to be loaded early, at initramfs stage.
For example, if you need to load the
nvidia module, then use the following configuration setting:
And then regenerate booster images.
Booster generator fails with "too many open files" error
If you enabled
universal and see an error like
/usr/lib/modules/glue_helper.ko: pipe2: too many open files, then you need to increase per-process limit for open files. See Limits.conf#nofile.