Kexec: Difference between revisions
m (→Usage: Added note about kexec unable to deal with multiple initrd) |
(Explain the boot parameter kexec_load_disabled=0 which unlocks kexec in current (hardened) Alpine kernels.) |
||
| Line 16: | Line 16: | ||
# kexec -e}} | # kexec -e}} | ||
There are no Alpine-specific considerations for Kexec. Please review the man page and existing references below for more details. This page is deliberately kept short in order to avoid duplicating existing documentation. | Current Alpine kernels have been [https://gitlab.alpinelinux.org/alpine/aports/-/commit/909d020b81c09bf0df649f8aa6b7da10377a0667 hardened] and return | ||
<code>kexec_load failed: Operation not permitted</code> | |||
if kexec is called without unlocking it with the kernel boot parameter | |||
<code>kexec_load_disabled=0</code>. | |||
Without it the [https://linux.die.net/man/8/sysctl sysctl setting] <code>kernel.kexec_load_disabled</code> defaults to 1 and it can't be turned off in the running kernel, so you need to add the parameter to your [[#Bootloaders|bootloader]] configuration and reboot. | |||
There are no other Alpine-specific considerations for Kexec. Please review the man page and existing references below for more details. This page is deliberately kept short in order to avoid duplicating existing documentation. | |||
===Automatically on every reboot/shutdown=== | ===Automatically on every reboot/shutdown=== | ||
Revision as of 14:03, 2 January 2024
kexec is a system call that enables loading and booting into another kernel. This is useful for faster reboots that skip the firmware initialisation process and the bootloader.
Installing kexec-tools
The userspace tools required to use it can be installed via
apk add kexec-tools kexec-tools-doc
The tools are not available on all flavors of Alpine, additionally not all kernels are compiled with the kexec syscall enabled. You will most likely want to check your /boot/config-* file for CONFIG_KEXEC=y
Usage
Manually
On a typical Alpine setup, it can be used via:
# kexec -l /boot/vmlinuz-edge --initrd \ /boot/initramfs-edge --reuse-cmdline \ && openrc shutdown # kexec -e
Current Alpine kernels have been hardened and return
kexec_load failed: Operation not permitted
if kexec is called without unlocking it with the kernel boot parameter
kexec_load_disabled=0.
Without it the sysctl setting kernel.kexec_load_disabled defaults to 1 and it can't be turned off in the running kernel, so you need to add the parameter to your bootloader configuration and reboot.
There are no other Alpine-specific considerations for Kexec. Please review the man page and existing references below for more details. This page is deliberately kept short in order to avoid duplicating existing documentation.
Automatically on every reboot/shutdown
kexec can be set to run automatically for faster rebooting. This is very useful on servers.
First create two openrc services and edit the BOOTPART, KERNEL, and INITRD variables if not using the defaults:
Contents of /etc/init.d/kexec-load
Contents of /etc/init.d/kexec-exec
Now give these services execute permission and assign them to the appropriate runlevels:
chmod a+x /etc/init.d/kexec-load chmod a+x /etc/init.d/kexec-exec rc-update add kexec-load default rc-update add kexec-exec shutdown rc-service kexec-load start
kexec will run on your next reboot or poweroff enjoy!
poweroff. To temporarily restore default poweroff or reboot behavior, simply run rc-service kexec-load stop beforehand.