Go to file
teldra f53f7263c5 make programmer for bios changeable 2019-03-26 10:09:17 +01:00
.gitignore Added manpage. 2019-02-24 15:29:11 +01:00
LICENSE addition 2019-02-24 15:30:04 +01:00
README.md Added manpage build instructions. 2019-02-24 15:34:16 +01:00
build_manpage.sh Added manpage. 2019-02-24 15:29:11 +01:00
emergency.service Revert "emergency.* deleted" 2015-09-25 23:50:22 +02:00
emergency.target Revert "emergency.* deleted" 2015-09-25 23:50:22 +02:00
hashboot make programmer for bios changeable 2019-03-26 10:09:17 +01:00
hashboot.1.adoc make programmer for bios changeable 2019-03-26 10:09:17 +01:00
initscript.openrc converted openrc script to use new shebang 2016-09-19 20:23:19 +02:00
initscript.runit Rename voidlinux-coreservice to initscript.runit 2018-08-27 13:07:24 +01:00
initscript.systemd added systemd initscript by oh <oh@rotce.de> 2015-06-05 21:32:25 +02:00
initscript.sysv hashboot.sh is now hashboot, cause it looks more professional and is nice and shiny and smells like strawberries! 2015-10-03 22:58:54 +02:00
kernel-hook hashboot.sh is now hashboot, cause it looks more professional and is nice and shiny and smells like strawberries! 2015-10-03 22:58:54 +02:00

README.md

hashboot hashes all files in /boot and the MBR to check them during early boot. It is intended for when you have encrypted the root partition but not the boot partition. The checksums and a backup of the contents of /boot are stored in /var/lib/hashboot by default. If a checksum doesn't match, you have the option to restore the file from backup.

If there is a core- or libreboot bios and flashrom installed, hashboot can check bios for modifications too.

Install

  • Make hashboot executable
  • Place hashboot anywhere in $PATH
  • Install the appropriate init script
  • If applicable, copy kernel-hook to /etc/kernel/post{inst,rm}.d/zzz-hashboot (make sure it is called after all other hooks)
  • To generate the manpage, install asciidoc and run build_manpage.sh.

Usage

  • First run creates a configuration file. Use bitmask to select desired checkroutines
  • Run "hashboot index" to generate checksums and a backup for /boot and MBR
  • Run "hashboot check" to check /boot and MBR
  • Run "hashboot recover" to replace corrupted files with the backup

Notes

  • You can't use the openrc/sysv init scripts with parallel boot.

License

"THE HUG-WARE LICENSE" (Revision 2):
teldra <teldra@rotce.de> and tastytea <tastytea@tastytea.de> wrote this.
As Long as you retain this notice you can do whatever you want with this.
If we meet some day, and you think this is nice, you can give us a hug.