Man Linux: Main Page and Category List


       febootstrap-to-supermin - Convert febootstrap root to supermin


        febootstrap-to-supermin DIR supermin.img hostfiles.txt


       febootstrap-to-supermin converts the filesystem created by
       febootstrap(8) into a supermin appliance.  The term "supermin
       appliance" is described in the documentation below.  First you should
       be familiar with febootstrap(8) and febootstrap-to-initramfs(8).


       "DIR" is the directory created by febootstrap (ie. the output of
       febootstrap and the input to this program).

       "supermin.img" is the name of the supermin appliance that this program
       creates, and "hostfiles.txt" is the name of the list of hostfiles that
       this program creates.  (ie. the outputs of this program).


       A supermin appliance is a very specialized, highly minimized appliance
       which can be reconstructed on-the-fly at runtime into an ordinary
       (initramfs) appliance.

       The normal appliance is a self-contained Linux operating system, based
       on the Fedora/RHEL/CentOS Linux distro.  So it contains a complete copy
       of all the libraries and programs needed, like kernel, libc, bash,
       coreutils etc etc.

       The supermin appliance removes the kernel and all the executable
       libraries and programs from the appliance.  That just leaves a skeleton
       of directories, config files and some data files, which is obviously
       massively smaller than the normal appliance.  At runtime we rebuild the
       appliance on-the-fly from the libraries and programs on the host (eg.
       pulling in the real /lib/, the real /bin/bash etc.)

       Although this process of rebuilding the appliance each time sounds
       slow, it turns out to be faster than using a prebuilt appliance.  (Most
       of the saving comes from not compressing the appliance - it transpires
       that decompressing the appliance is the slowest part of the whole boot
       sequence).  On my machine, a new appliance can be built in under a
       fifth of a second, and the boot time is several seconds shorter.

       The big advantage of the supermin appliance for distributions like
       Fedora is that it gets security fixes automatically from the host, so
       there is no need to rebuild the whole appliance for a security update
       in some underlying library.

       There are several disadvantages:

       It won’t work at all except in very narrow, controlled cases like the
       Fedora packaging case.  We control the dependencies of the appliance
       RPM tightly to ensure that the required binaries are actually present
       on the host.

       Furthermore there are certain unlikely changes in the packages on the
       host which could break a supermin appliance, eg. an updated library
       which depends on an additional data file.

       Also supermin appliances are subjected to changes in the host kernel
       which might break compatibility with qemu -- these are, of course, real
       bugs in any case.

       Lastly, supermin appliances really can’t be moved between branches of
       distributions (eg. built on Fedora 12 and moved to Fedora 10) because
       they are not self-contained and they rely on certain libraries being
       around.  You shouldn’t do this anyway.

       Use supermin appliances with caution.

       A supermin appliance consists usually of just two files, but can
       contain several files and directories from the list below:

           The image file (conventionally called "supermin.img", but you can
           call it anything you want) is the skeleton initramfs.  This is like
           an initramfs built by febootstrap-to-initramfs(8), but all
           libraries and binaries are removed.

           Note that this file is a cpio file in cpio "newc" format, and is
           not compressed (unlike initramfs files which are compressed cpio

           This plain text file contains a list of files that we need to add
           back from the host at runtime.  ie. It’s the list of libraries and
           binaries that we removed when we constructed "supermin.img".

           This file usually contains wildcards.  This is because we don’t
           want the file to break on minor updates to libraries, so for
           example instead of listing


           the file contains


       any directory
           You can specify a directory which should contain image file(s) and

           Using a directory is useful either to keep the appliance-related
           files together, or to make more complex appliances containing
           optional bits.

       The program febootstrap-supermin-helper(8) can be used to reconstruct a
       full initramfs from "supermin.img" and "hostfiles.txt" (plus,
       naturally, the required programs and libraries in the host filesystem).

       See that man page for details.

       Some binaries on the host are not publically readable.  For example:

        $ ll /usr/libexec/pt_chown
        -rws--x--x 1 root root 28418 2009-09-28 13:42 /usr/libexec/pt_chown
        $ ll /usr/bin/chsh
        -rws--x--x 1 root root 18072 2009-10-05 16:28 /usr/bin/chsh

       These binaries cause a problem when reconstructing the supermin
       appliance, because we’d like to copy them into the final appliance, and
       usually that process is done as non-root.  Currently the only solution
       is that you should remove these problematic binaries from the


       Create a basic Fedora directory and turn it into a supermin image.

       NB You must only build "Rawhide on Rawhide".  If using another Fedora
       branch, you must change "rawhide" below as appropriate, eg to

        $ febootstrap rawhide /tmp/fedora
        $ febootstrap-to-supermin /tmp/fedora supermin.img hostfiles.txt

       Examine the resulting files:

        $ cpio -itv < supermin.img | less
        $ less hostfiles.txt

       Reconstruct the final kernel and initramfs.

       NB The first time you run this, it will be slow because the required
       host files are not in cache.  With a "hot cache" it should be lightning
       fast.  Run it several times to get representative timings.

        $ febootstrap-supermin-helper supermin.img hostfiles.txt \
            /tmp/kernel /tmp/initrd

       You would boot the final image like this, although in this example it
       probably won’t work unless you add a "/init" file to the appliance (see
       the discussion in febootstrap-to-initramfs(8)).

        $ qemu -m 1024 -kernel /tmp/kernel -initrd /tmp/initrd [etc...]


       febootstrap(8), febootstrap-to-initramfs(8),


       Richard W.M. Jones <rjones @ redhat . com>


       (C) Copyright 2009-2010 Red Hat Inc.,

       This program is free software; you can redistribute it and/or modify it
       under the terms of the GNU General Public License as published by the
       Free Software Foundation; either version 2 of the License, or (at your
       option) any later version.

       This program is distributed in the hope that it will be useful, but
       WITHOUT ANY WARRANTY; without even the implied warranty of
       General Public License for more details.

       You should have received a copy of the GNU General Public License along
       with this program; if not, write to the Free Software Foundation, Inc.,
       675 Mass Ave, Cambridge, MA 02139, USA.