FICHA · AUR

mkinitcpio-chkcryptoboot

This hook checks for a modified bootloader code, in an encrypted boot setup, and warns the user to not enter his root device password

  • initramfs-hook
  • System
  • SECURITY
official+codex · reviewed · Jun 2, 2026 description in en

Description

Encrypted-boot setups can receive an early warning if bootloader code appears modified. Administrators use this hook to reduce the chance of entering a root-device passphrase after suspected boot tampering.

It is a boot integrity warning hook, not complete secure boot. False positives or missed changes are possible, so pair it with a broader trusted-boot strategy.

Permissions

Permissions not analysed for this source yet.