Kernel modules on USB key
I don’t know if this can be considered a “bug” or a request of
improvement.
Anyway, that’s a real case usage:
I wanted to use zfs on Alpine, but starting from USB only.
It’s a standard alpine x86_64, v3.5.2.
What I’ve done is adding zfs-grsec, that of course cannot be installed directy on USB since /lib/modules is readonly.
So I used overlayfs in order to get /lib/modules in rw, following those steps:
~# echo overlay >> /etc/modules
Added to /media/usb/boot/syslinux/syslinux.cfg in the kernel opts:
unionfs_size=512M
After reboot, I had /lib/modules corrrectly mounted in overlayfs:
~# mount | grep overlay
overlay on /lib/modules type overlay (rw,relatime,lowerdir=/.modloop/modules,upperdir=/.modunisonfs/modules,workdir=/.modunisonfs/work)
I’m was able to write on /lib/modules without problem.
When I’ve added zfs-grsec I got this error:
...
(18/18) Installing zfs-grsec (4.4.59-r0)
Executing busybox-1.25.1-r0.trigger
depmod: can't open 'modules.builtin': No such file or directory
This is a trigger that comes from busybox, which runs:
case "$i" in
/lib/modules/*)
if [ -d "$i" ]; then
/bin/busybox depmod ${i#/lib/modules/}
fi
;;
*) do_bb_install=yes;;
esac
<pre>
I'm running on Alpine x86_64 v3.5.2 (standard):
<pre>
Linux zfshost 4.4.52-0-grsec #1-Alpine SMP Tue Feb 28 10:15:40 GMT 2017 x86_64 Linux
But The zfs-grsec package is build against the latest kernel version of v3.5, which is not the same as the ISO used to create the USB:
zfshost:~# apk version zfs-grsec
Installed: Available:
zfs-grsec-4.4.59-r0 = 4.4.59-r0
How can we avoid to have $package-grsec (or $package-hardened, now) that have mismatched kernel version, when it comes to have a usb-only boot?
Thanks.
.: Francesco Colista
(from redmine: issue id 7285, created on 2017-05-17)