Remove initramfs-tools support

README.md

@@ -412,12 +412,13 @@ Miscellaneous modules:
 
   `/usr/lib/systemd/pstore.conf.d/30_security-misc.conf`
 
-- An initramfs hook sets the sysctl values in `/etc/sysctl.conf` and
+- An initramfs hook used to set the sysctl values in `/etc/sysctl.conf` and
   `/etc/sysctl.d` before init is executed so sysctl hardening is enabled as
-  early as possible. This is implemented for `initramfs-tools` only because
+  early as possible. This was implemented for `initramfs-tools` only because
   this is not needed for `dracut` as `dracut` does that by default, at
   least on `systemd` enabled systems. Not researched for non-`systemd` systems
-  by the author of this part of the readme.
+  by the author of this part of the readme. This is no longer implemented for
+  `initramfs-tools` as `initramfs-tools` support has been deprecated.
 
 ## Network hardening
 

etc/initramfs-tools/hooks/sysctl-initramfs

@@ -1,21 +0,0 @@
-#!/bin/sh
-
-## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
-## See the file COPYING for copying conditions.
-
-set -e
-
-PREREQ=""
-prereqs()
-{
-        echo "$PREREQ"
-}
-case $1 in
-prereqs)
-       prereqs
-       exit 0
-       ;;
-esac
-
-. /usr/share/initramfs-tools/hook-functions
-copy_exec /usr/sbin/sysctl /usr/sbin

etc/initramfs-tools/scripts/init-bottom/sysctl-initramfs

@@ -1,26 +0,0 @@
-#!/bin/sh
-
-## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
-## See the file COPYING for copying conditions.
-
-PREREQ=""
-prereqs()
-{
-        echo "$PREREQ"
-}
-case $1 in
-prereqs)
-        prereqs
-        exit 0
-        ;;
-esac
-
-## Write to '/run/initramfs' folder.
-## https://forums.whonix.org/t/kernel-hardening/7296/435
-
-sysctl -p ${rootmnt}/etc/sysctl.conf >/dev/null 2> "/run/initramfs/sysctl-initramfs-error.log"
-sysctl -p ${rootmnt}/etc/sysctl.d/*.conf >/dev/null 2>> "/run/initramfs/sysctl-initramfs-error.log"
-
-grep -v "unprivileged_userfaultfd" "/run/initramfs/sysctl-initramfs-error.log"
-
-true