I’ve been playing around for a while trying to get multiboot working on one of my USB keys without much success. Sure, a simple multiboot would be easy, but who wants easy.
Originally I wanted to downloaded a group of ISO files and boot them directly from something like GRUB or syslinux. After a while I stopped toying with that idea as some systems seemed to work, and others didn’t. I turned to other options. Not wanting to go the route of multiple partitions on the USB device (one per boot option) I began toying with syslinux configuration to try and get the main systems bootable. Those being the FCCU Forensic boot CD and ophcrack. As an addition I wanted to get Clonezilla and NTpasswd running on the USB drive as well. FCCU booted fine from the USB, as long as the /LIVE directory was directly off the root. When I moved this to /fccu/live it failed as it couldn’t find the scripts to uncompress the squashfs files system. The boot process seemed happy with the changes to the syslinux.cfg though, so this was a step forward.
LABEL FCCU
MENU LABEL Start FCCU Forensic Live CD
KERNEL /fccu/live/vmlinuz1
APPEND initrd=/fccu/live/initrd1.img boot=live noswap union=aufs keyb=de
Originally to get this working I expanded the initrd.img file and editted the live configuration file. This was the long winded way of fixing the problem as I later found, but was an interesting experience to see what was inside the initrd file.
- Rename and uncompress the initrd file
mv initrd1.img initrd1.img.gz && gzip -d initrd1.img.gz
- Using CPIO, extract the contents of the image. Make sure to use the –no-absolute.filenames switch to avoid overwriting files on your system with the ones from the img file
cpio -i --no-absolute-filenames < initrd1.img
- Once this is done you can edit the contents of the initrd file. I chose to edit the ./scripts/live file and change the value assigned to LIVE_MEDIA_PATH from /live to /fccu/live.
- Now that you’ve made all the changes you want you need to recompress the initrd using CPIO. Make sure you’re in the root of the expanded initrd before doing this.
find . | cpio -o -H newc > initrd1.img
- Time to gzip the file and rename it
gzip -c initrd1.img > initrd.img.gz && mv initrd1.img.gz initrd1.img
As interesting and education as this process is, there is a much easier way to change this variable. After a bit of digging I discovered that adding the following to the append line would make the change without having to go through the extraction process.
LABEL FCCU
MENU LABEL Start FCCU Forensic Live CD
KERNEL /fccu/live/vmlinuz1
APPEND initrd=/fccu/live/initrd1.img boot=live noswap union=aufs keyb=de live_media_path=/fccu/live
This method was a lot less painful and allows you to change the path of the files whenever you want if required. Something to take into consideration is that not all Debian Live installs run perfectly with this option set. I attempted to do the same with the Clonezilla install and had all sorts of fun with the squashfs file. The system booted fine, but failed to complete some scripts that appeared to have hard-coded paths.
To get this working i had to mount the squashfs file and copy out the contents .:
sudo mkdir /mnt/squashfs
sudo mount -t squashfs -o loop mnt/sda4/czilla/live/filesystem.squashfs /mnt/squashfs
I could then make the changes to some scripts and recompact the squashfs .:
sudo rm /mnt/sda4/czilla/live/filesystem.squashfs /* Remove old squashfs */
sudo mksquashfs /mnt/squashfs /mnt/sda4/czilla/live/filesystem.squashfs -sort rootfs.sort
The sort command will help with quicker boot times but may increase the size and running time slightly.
If you manage to get this working on your USB stick, I’d be happy to hear…
Like this:
Like Loading...
Related
Cатсн²² (in)sесuяitу / ChrisJohnRiley 