MKINITRD(8)MKINITRD(8)NAME
mkinitrd - creates initial ramdisk images for preloading modules
SYNOPSIS
mkinitrd [--version] [-v] [-f]
[--preload=module] [--omit-scsi-modules]
[--omit-raid-modules] [--omit-lvm-modules]
[--with=module] [--image-version]
[--fstab=fstab] [--nocompress]
[--builtin=module] [--nopivot]
[--with-fips]
image kernel-version
DESCRIPTION
mkinitrd creates an initial image used by the kernel for preloading the
block device modules (such as IDE, SCSI or RAID) which are needed to
access the root filesystem. mkinitrd automatically loads filesystem
modules (such as ext3 and jbd), IDE modules, all scsi_hostadapter
entries in /etc/modprobe.conf, and raid modules if the system's root
partition is on raid, which makes it simple to build and use kernels
using modular device drivers.
Any module options specified in /etc/modprobe.conf are passed to the
modules as they are loaded by the initial ramdisk.
The root filesystem used by the kernel is specified in the boot config‐
uration file, as always. The traditional root=/dev/hda1 style device
specification is allowed. If a label is used, as in root=LABEL=rootPart
the initrd will search all available devices for an ext2 or ext3
filesystem with the appropriate label, and mount that device as the
root filesystem.
FIPS
mkinitrd will add a number of checks to the created initrd if the sys‐
tem is running in fips mode. First the kernel gets integrity checked by
running "sha512hmac -c /boot/.vmlinuz-kernel-version.hmac" from the
initrd. Then all the crypto algorithm modules get loaded using the
embedded signature to integrity check them, and last the tcrypt module
gets loaded which runs self tests on all approved crypto algorithms.
You can force mkinitrd to add these checks to a created initrd with the
--with-fips commandline option.
There are a number of limitations to mkinitrd's fips support:
/boot Must be on a separate partition
/boot Must not be on multipath, nfs, dmraid or mdraid
OPTIONS
--builtin=module
Act as if module is built into the kernel being used. mkinitrd
will not look for this module, and will not emit an error if it
does not exist. This option may be used multiple times.
-f Allows mkinitrd to overwrite an existing image file.
--fstab=fstab
Use fstab to automatically determine what type of filesystem the
root device is on. Normally, /etc/fstab is used.
--image-version
The kernel version number is appended to the initrd image path
before the image is created.
--nocompress
Normally the created initrd image is compressed with gzip. If
this option is specified, the compression is skipped.
--nopivot
Do not use the pivot_root system call as part of the initrd.
This lets mkinitrd build proper images for Linux 2.2 kernels at
the expense of some features. In particular, some filesystems
(such as ext3) will not work properly and filesystem options
will not be used to mount root. This option is not recommended,
and will be removed in future versions.
--omit-lvm-modules
Do not load any lvm modules, even if /etc/fstab expects them.
--omit-raid-modules
Do not load any raid modules, even if /etc/fstab and
/etc/raidtab expect them.
--omit-scsi-modules
Do not load any scsi modules, including 'scsi_mod' and 'sd_mod'
modules, even if they are present. If the root partition is on
a scsi device, mkinitrd will still include the necessary scsi
modules to support that device.
--preload=module
Load the module module in the initial ramdisk image. The module
gets loaded before any SCSI modules which are specified in
/etc/modprobe.conf. This option may be used as many times as
necessary.
-v Prints out verbose information while creating the image (nor‐
mally the mkinitrd runs silently).
--version
Prints the version of mkinitrd that's being used and then exits.
--with=module
Load the modules module in the initial ramdisk image. The module
gets loaded after any SCSI modules which are specified in
/etc/modprobe.conf. This option may be used as many times as
necessary.
---with-fips
Force adding kernel integrity checking to the created initrd.
FILES
/dev/loop* A block loopback device is used to create the
image, which makes this script useless on systems
without block loopback support available (only used
on kernels < 2.6)
/etc/modprobe.conf Specifies SCSI modules to be loaded and module
options to be used.
/etc/modules.conf Specifies SCSI modules to be loaded and module
options to be used. (only used on kernels < 2.6)
SEE ALSOfstab(5), insmod(1)
Tue Aug 10 2004 MKINITRD(8)