Crinit is published to the open source community, strengthening the activities towards open and free software.
Crint is a resource efficient startup deamon that starts all processes, services and tools needed to configure and operate an embedded Linux system. It brings security features that allow secured boot designs without relaying on filesystem restrictions.
Start up daemons are a crucial part of each Linux system. They have a tremendous influence on the startup- or boot-time.
Crinit allows parallelizing of all the tasks needed to be done during the start-up, up to the limits given by dependencies, thus using all computation resources made available by modern processors. Other startup daemons also work like this, but Crinit has a far smaller code base and is reduced to the features relevant to an embedded system.
The startup daemon can be operated shell-free, so that no script interpreter needs to be integrated further reducing the attack surface, resulting in a more hardened system.
Possible attacks to the Linux system via manipulating the config files is countered by cryptographic signature checks. Crinit can be configured to always check the signature of config files before making use of them. Hence a modified config file will be detected and the attack thwarted. This is an effective aid in the design of secured systems without requiring dm-verity and a read-only filesystem.
Configuration of crinit is done in INI-style files using one file per task. With less than 10 available configuration parameters crinit proves that it was kept small and simple (KISS design principle).