use a workaround /etc/ssl1.1 for 3.15

Open sbrudenell requested to merge sbrudenell/mkinitfs:https-3.15 into master

Fixes #24.

We create /etc/ssl1.1 with symlinks to /etc/ssl, as would be found in a default installation of 3.15.

This is a different approach from my proposal of setting SSL_CERT_FILE/SSL_CERT_DIR. It's easier to convince myself that modifying the tmpfs will be appropriately scoped to the problem, and not pollute anything I didn't think about, rather than modifying environment variables.

I tested this by:

  • built mkinitfs-*.apk from a modified APKBUILD to point to my repo
  • installed the *.apk to an alpine:3.15 docker container
  • ran mkinitfs -s /path/to/ -k -F "base squashfs network usb virtio" -o "/tmp/initramfs-virt" "5.15.32-0-virt", which is as close as I could find to the command used to generate initramfs-virt for release
  • booted with the following ipxe config, booting from the test artifact hosted on backblaze b2:
kernel modules=loop,squashfs nomodeset apkovl= alpine_repo= modloop= console=tty0 console=ttyS0,115200n8 earlyprintk=serial,ttyS0,115200n8

It worked as expected. It loaded my apkovl from https, and installed packages from the https repo.

Merge request reports