import dracut-049-27.git20190906.el8_1.1
This commit is contained in:
commit
518335eb9f
1
.dracut.metadata
Normal file
1
.dracut.metadata
Normal file
@ -0,0 +1 @@
|
||||
62ab5e53c734ad6ec77ebf0580383e8b6de96d16 SOURCES/dracut-049.tar.xz
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
SOURCES/dracut-049.tar.xz
|
53
SOURCES/0001.patch
Normal file
53
SOURCES/0001.patch
Normal file
@ -0,0 +1,53 @@
|
||||
From 3cb0f01a1e8a05dd4c6412907f5e9a398b2ace2c Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Fri, 31 Aug 2018 13:06:34 +0200
|
||||
Subject: [PATCH] Revert "use cp --reflink=auto"
|
||||
|
||||
This reverts commit 8cd8820547257299a33b2d1e3ecf7c6241a569b2.
|
||||
Resolves: #1623990
|
||||
---
|
||||
50-dracut.install | 2 +-
|
||||
51-dracut-rescue-postinst.sh | 2 +-
|
||||
51-dracut-rescue.install | 2 +-
|
||||
3 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/50-dracut.install b/50-dracut.install
|
||||
index 64e3549f..ec59dcb3 100755
|
||||
--- a/50-dracut.install
|
||||
+++ b/50-dracut.install
|
||||
@@ -25,7 +25,7 @@ case "$COMMAND" in
|
||||
if [[ -f ${INITRD_IMAGE_PREGENERATED} ]]; then
|
||||
# we found an initrd at the same place as the kernel
|
||||
# use this and don't generate a new one
|
||||
- cp --reflink=auto "$INITRD_IMAGE_PREGENERATED" "$BOOT_DIR_ABS/$INITRD" \
|
||||
+ cp "$INITRD_IMAGE_PREGENERATED" "$BOOT_DIR_ABS/$INITRD" \
|
||||
&& chown root:root "$BOOT_DIR_ABS/$INITRD" \
|
||||
&& chmod 0600 "$BOOT_DIR_ABS/$INITRD" \
|
||||
&& exit 0
|
||||
diff --git a/51-dracut-rescue-postinst.sh b/51-dracut-rescue-postinst.sh
|
||||
index 67f5b717..23158552 100755
|
||||
--- a/51-dracut-rescue-postinst.sh
|
||||
+++ b/51-dracut-rescue-postinst.sh
|
||||
@@ -57,7 +57,7 @@ if [[ ! -f $INITRDFILE ]]; then
|
||||
fi
|
||||
|
||||
if [[ ! -f $NEW_KERNEL_IMAGE ]]; then
|
||||
- cp --reflink=auto "$KERNEL_IMAGE" "$NEW_KERNEL_IMAGE"
|
||||
+ cp "$KERNEL_IMAGE" "$NEW_KERNEL_IMAGE"
|
||||
((ret+=$?))
|
||||
fi
|
||||
|
||||
diff --git a/51-dracut-rescue.install b/51-dracut-rescue.install
|
||||
index 6ddafdb6..426ddee5 100755
|
||||
--- a/51-dracut-rescue.install
|
||||
+++ b/51-dracut-rescue.install
|
||||
@@ -93,7 +93,7 @@ case "$COMMAND" in
|
||||
|
||||
[[ -d "$BOOT_DIR_ABS" ]] || mkdir -p "$BOOT_DIR_ABS"
|
||||
|
||||
- if ! cp --reflink=auto "$KERNEL_IMAGE" "$BOOT_DIR_ABS/$KERNEL"; then
|
||||
+ if ! cp "$KERNEL_IMAGE" "$BOOT_DIR_ABS/$KERNEL"; then
|
||||
echo "Can't copy '$KERNEL_IMAGE to '$BOOT_DIR_ABS/$KERNEL'!" >&2
|
||||
fi
|
||||
|
||||
|
28
SOURCES/0002.patch
Normal file
28
SOURCES/0002.patch
Normal file
@ -0,0 +1,28 @@
|
||||
From 2e5265c80e03112c75888a31c170963e913070ed Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Tue, 14 Aug 2018 14:04:02 +0200
|
||||
Subject: [PATCH] spec: return old provides
|
||||
|
||||
---
|
||||
dracut.spec | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/dracut.spec b/dracut.spec
|
||||
index 155868ce..553280c3 100644
|
||||
--- a/dracut.spec
|
||||
+++ b/dracut.spec
|
||||
@@ -65,6 +65,13 @@ Provides: dracut-fips = %{version}-%{release}
|
||||
Obsoletes: dracut-fips-aesni <= 047
|
||||
Provides: dracut-fips-aesni = %{version}-%{release}
|
||||
|
||||
+Obsoletes: dracut-kernel < 005
|
||||
+Provides: dracut-kernel = %{version}-%{release}
|
||||
+
|
||||
+Obsoletes: dracut < 030
|
||||
+Obsoletes: dracut-norescue < 030
|
||||
+Provides: dracut-norescue = %{version}-%{release}
|
||||
+
|
||||
Requires: bash >= 4
|
||||
Requires: coreutils
|
||||
Requires: cpio
|
||||
|
44
SOURCES/0003.patch
Normal file
44
SOURCES/0003.patch
Normal file
@ -0,0 +1,44 @@
|
||||
From 44c9d019d88df05f69f2112aeae34bdbff61cee6 Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Sat, 29 Sep 2018 17:14:31 +0800
|
||||
Subject: [PATCH] dracut.spec: Fix error introduced by 70291ed
|
||||
|
||||
70291e0 ('dracut.spec: Add dracut-squash package') introduced a new
|
||||
dracut-squash package, but by accident it overrided some other package
|
||||
spec and the dependency name is wrong. This patch will fix it.
|
||||
---
|
||||
dracut.spec | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/dracut.spec b/dracut.spec
|
||||
index 553280c3..de57703c 100644
|
||||
--- a/dracut.spec
|
||||
+++ b/dracut.spec
|
||||
@@ -188,7 +188,7 @@ This package contains tools to assemble the local initrd and host configuration.
|
||||
%package squash
|
||||
Summary: dracut module to build an initramfs with most files in a squashfs image
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
-Requires: squash-tools
|
||||
+Requires: squashfs-tools
|
||||
|
||||
%description squash
|
||||
This package provides a dracut module to build an initramfs, but store most files
|
||||
@@ -459,14 +459,14 @@ install -m 0755 51-dracut-rescue-postinst.sh $RPM_BUILD_ROOT%{_sysconfdir}/kerne
|
||||
%doc %{_mandir}/man8/dracut-catimages.8*
|
||||
%endif
|
||||
|
||||
-%files squash
|
||||
-%{dracutlibdir}/modules.d/99squash
|
||||
-
|
||||
%{_bindir}/dracut-catimages
|
||||
%dir /boot/dracut
|
||||
%dir /var/lib/dracut
|
||||
%dir /var/lib/dracut/overlay
|
||||
|
||||
+%files squash
|
||||
+%{dracutlibdir}/modules.d/99squash
|
||||
+
|
||||
%files config-generic
|
||||
%{dracutlibdir}/dracut.conf.d/02-generic-image.conf
|
||||
|
||||
|
34
SOURCES/0004.patch
Normal file
34
SOURCES/0004.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From 3b9b20d237b3ec939b1bf9dd065c875fee54fe63 Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Fri, 12 Oct 2018 13:07:13 +0800
|
||||
Subject: [PATCH] 40network: Don't include 40network by default
|
||||
|
||||
commit 7347391 ('network-legacy: split off from network module')
|
||||
splitted network function to network-legacy and removed check() function
|
||||
of 40network. This caused 40network to be included even if network is
|
||||
not needed.
|
||||
|
||||
Signed-off-by: Kairui Song <kasong@redhat.com>
|
||||
|
||||
Cherry-picked from: 83cbc06ab91288e2d931b4f36935bfdb79a99b0e
|
||||
Resolves: #1639088
|
||||
---
|
||||
modules.d/40network/module-setup.sh | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/modules.d/40network/module-setup.sh b/modules.d/40network/module-setup.sh
|
||||
index 57c0a45e..e8541636 100755
|
||||
--- a/modules.d/40network/module-setup.sh
|
||||
+++ b/modules.d/40network/module-setup.sh
|
||||
@@ -1,5 +1,10 @@
|
||||
#!/bin/bash
|
||||
|
||||
+# called by dracut
|
||||
+check() {
|
||||
+ return 255
|
||||
+}
|
||||
+
|
||||
# called by dracut
|
||||
depends() {
|
||||
echo -n "kernel-network-modules "
|
||||
|
34
SOURCES/0005.patch
Normal file
34
SOURCES/0005.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From b63e0c5040d9881f8c3c0bc09fc21c6588c8a26f Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Thu, 18 Oct 2018 17:05:22 +0800
|
||||
Subject: [PATCH] 99squash: Don't clean up squahfs on isolate
|
||||
|
||||
The only time we need to cleanup squahfs manually is on switch root, to
|
||||
release resource and memory. We've covered that by setting
|
||||
"Conflicts=initrd-switch-root.target" for squash cleanup service.
|
||||
On shutdown systemd will take care of squahfs mounts. But for other
|
||||
isolate, files in initramfs are most likely still required, so don't
|
||||
clean up squahfs. For example, kdump's emergency handler will isolate
|
||||
into its own target, if squahfs is cleaned up it will fail.
|
||||
|
||||
Signed-off-by: Kairui Song <kasong@redhat.com>
|
||||
|
||||
Cherry-picked from: b9af0fcd
|
||||
Resolves: #1641423
|
||||
---
|
||||
modules.d/99squash/squash-mnt-clear.service | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/modules.d/99squash/squash-mnt-clear.service b/modules.d/99squash/squash-mnt-clear.service
|
||||
index 8dd17812..f8d5db46 100644
|
||||
--- a/modules.d/99squash/squash-mnt-clear.service
|
||||
+++ b/modules.d/99squash/squash-mnt-clear.service
|
||||
@@ -9,6 +9,7 @@ After=dracut-initqueue.service dracut-pre-pivot.service
|
||||
Before=initrd-cleanup.service
|
||||
ConditionPathExists=/squash/root
|
||||
Conflicts=initrd-switch-root.target
|
||||
+IgnoreOnIsolate=true
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
|
46
SOURCES/0006.patch
Normal file
46
SOURCES/0006.patch
Normal file
@ -0,0 +1,46 @@
|
||||
From 5541b0c46f02f678c698aa523db7a86dde82a947 Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Thu, 25 Oct 2018 15:30:36 +0200
|
||||
Subject: [PATCH] dracut.install: call dracut with --force
|
||||
|
||||
The kernel-install is called even if you run make install.
|
||||
Since we don't call dracut with -f a second make install will fail
|
||||
because initrd with same version is already there.
|
||||
This makes kernel developers feel miserable.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1642402
|
||||
|
||||
Cherry-picked from: 48c283a2
|
||||
Resolves: #1642402
|
||||
---
|
||||
50-dracut.install | 2 +-
|
||||
51-dracut-rescue.install | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/50-dracut.install b/50-dracut.install
|
||||
index ec59dcb3..139ff82e 100755
|
||||
--- a/50-dracut.install
|
||||
+++ b/50-dracut.install
|
||||
@@ -49,7 +49,7 @@ case "$COMMAND" in
|
||||
break
|
||||
fi
|
||||
done
|
||||
- dracut ${noimageifnotneeded:+--noimageifnotneeded} "$BOOT_DIR_ABS/$INITRD" "$KERNEL_VERSION"
|
||||
+ dracut -f ${noimageifnotneeded:+--noimageifnotneeded} "$BOOT_DIR_ABS/$INITRD" "$KERNEL_VERSION"
|
||||
ret=$?
|
||||
;;
|
||||
remove)
|
||||
diff --git a/51-dracut-rescue.install b/51-dracut-rescue.install
|
||||
index 426ddee5..0580062f 100755
|
||||
--- a/51-dracut-rescue.install
|
||||
+++ b/51-dracut-rescue.install
|
||||
@@ -98,7 +98,7 @@ case "$COMMAND" in
|
||||
fi
|
||||
|
||||
if [[ ! -f "$BOOT_DIR_ABS/$INITRD" ]]; then
|
||||
- dracut --no-hostonly -a "rescue" "$BOOT_DIR_ABS/$INITRD" "$KERNEL_VERSION"
|
||||
+ dracut -f --no-hostonly -a "rescue" "$BOOT_DIR_ABS/$INITRD" "$KERNEL_VERSION"
|
||||
((ret+=$?))
|
||||
fi
|
||||
|
||||
|
41
SOURCES/0007.patch
Normal file
41
SOURCES/0007.patch
Normal file
@ -0,0 +1,41 @@
|
||||
From d8386b5d8fae2e45a27635c48ecab63abba10e39 Mon Sep 17 00:00:00 2001
|
||||
From: Harald Hoyer <harald@redhat.com>
|
||||
Date: Wed, 24 Oct 2018 15:14:03 +0200
|
||||
Subject: [PATCH] Makefile: add srpm target
|
||||
|
||||
---
|
||||
Makefile | 13 ++++++++++++-
|
||||
1 file changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index 80623437..503d069f 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -40,7 +40,7 @@ man8pages = dracut.8 \
|
||||
|
||||
manpages = $(man1pages) $(man5pages) $(man7pages) $(man8pages)
|
||||
|
||||
-.PHONY: install clean archive rpm testimage test all check AUTHORS doc dracut-version.sh
|
||||
+.PHONY: install clean archive rpm srpm testimage test all check AUTHORS doc dracut-version.sh
|
||||
|
||||
all: dracut-version.sh dracut.pc dracut-install skipcpio/skipcpio
|
||||
|
||||
@@ -216,6 +216,17 @@ rpm: dracut-$(VERSION).tar.xz syncheck
|
||||
--define "_rpmdir $$PWD" -ba dracut.spec; ) && \
|
||||
( mv "$$rpmbuild"/{,$$(arch)/}*.rpm $(DESTDIR).; rm -fr -- "$$rpmbuild"; ls $(DESTDIR)*.rpm )
|
||||
|
||||
+srpm: dracut-$(VERSION).tar.xz syncheck
|
||||
+ rpmbuild=$$(mktemp -d -t rpmbuild-dracut.XXXXXX); src=$$(pwd); \
|
||||
+ cp dracut-$(VERSION).tar.xz "$$rpmbuild"; \
|
||||
+ LC_MESSAGES=C $$src/git2spec.pl $(VERSION) "$$rpmbuild" < dracut.spec > $$rpmbuild/dracut.spec; \
|
||||
+ (cd "$$rpmbuild"; \
|
||||
+ [ -f $$src/lgpl-2.1.txt ] && cp $$src/lgpl-2.1.txt . || wget https://www.gnu.org/licenses/lgpl-2.1.txt; \
|
||||
+ rpmbuild --define "_topdir $$PWD" --define "_sourcedir $$PWD" \
|
||||
+ --define "_specdir $$PWD" --define "_srcrpmdir $$PWD" \
|
||||
+ --define "_rpmdir $$PWD" -bs dracut.spec; ) && \
|
||||
+ ( mv "$$rpmbuild"/*.src.rpm $(DESTDIR).; rm -fr -- "$$rpmbuild"; ls $(DESTDIR)*.rpm )
|
||||
+
|
||||
syncheck:
|
||||
@ret=0;for i in dracut-initramfs-restore.sh modules.d/*/*.sh; do \
|
||||
[ "$${i##*/}" = "module-setup.sh" ] && continue; \
|
||||
|
38
SOURCES/0008.patch
Normal file
38
SOURCES/0008.patch
Normal file
@ -0,0 +1,38 @@
|
||||
From 90054e4f1f2f64cb9a2b06b44b5a82b293c387dd Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Thu, 10 Jan 2019 18:08:32 +0100
|
||||
Subject: [PATCH] 95iscsi: decouple iscsi from sysinit.target
|
||||
|
||||
---
|
||||
modules.d/95iscsi/module-setup.sh | 17 +++++++++++++++++
|
||||
1 file changed, 17 insertions(+)
|
||||
|
||||
diff --git a/modules.d/95iscsi/module-setup.sh b/modules.d/95iscsi/module-setup.sh
|
||||
index 5c2073bb..ae1924cc 100755
|
||||
--- a/modules.d/95iscsi/module-setup.sh
|
||||
+++ b/modules.d/95iscsi/module-setup.sh
|
||||
@@ -265,6 +265,23 @@ install() {
|
||||
echo "After=dracut-cmdline.service"
|
||||
echo "Before=dracut-initqueue.service"
|
||||
) > "${initdir}/$systemdsystemunitdir/iscsid.service.d/dracut.conf"
|
||||
+
|
||||
+ # The iscsi deamon does not need to wait for any storage inside initrd
|
||||
+ mkdir -p "${initdir}/$systemdsystemunitdir/iscsid.socket.d"
|
||||
+ (
|
||||
+ echo "[Unit]"
|
||||
+ echo "DefaultDependencies=no"
|
||||
+ echo "Conflicts=shutdown.target"
|
||||
+ echo "Before=shutdown.target sockets.target"
|
||||
+ ) > "${initdir}/$systemdsystemunitdir/iscsid.socket.d/dracut.conf"
|
||||
+ mkdir -p "${initdir}/$systemdsystemunitdir/iscsuio.socket.d"
|
||||
+ (
|
||||
+ echo "[Unit]"
|
||||
+ echo "DefaultDependencies=no"
|
||||
+ echo "Conflicts=shutdown.target"
|
||||
+ echo "Before=shutdown.target sockets.target"
|
||||
+ ) > "${initdir}/$systemdsystemunitdir/iscsuio.socket.d/dracut.conf"
|
||||
+
|
||||
fi
|
||||
inst_dir /var/lib/iscsi
|
||||
dracut_need_initqueue
|
||||
|
30
SOURCES/0009.patch
Normal file
30
SOURCES/0009.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From e44c26f0fc6b29fb42cbc6d5ab57e34b07aa2ce1 Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Tue, 15 Jan 2019 16:42:38 +0100
|
||||
Subject: [PATCH] 95iscsi: fix a typo in a name of iscsiuio
|
||||
|
||||
---
|
||||
modules.d/95iscsi/module-setup.sh | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/modules.d/95iscsi/module-setup.sh b/modules.d/95iscsi/module-setup.sh
|
||||
index ae1924cc..79af4a47 100755
|
||||
--- a/modules.d/95iscsi/module-setup.sh
|
||||
+++ b/modules.d/95iscsi/module-setup.sh
|
||||
@@ -274,13 +274,13 @@ install() {
|
||||
echo "Conflicts=shutdown.target"
|
||||
echo "Before=shutdown.target sockets.target"
|
||||
) > "${initdir}/$systemdsystemunitdir/iscsid.socket.d/dracut.conf"
|
||||
- mkdir -p "${initdir}/$systemdsystemunitdir/iscsuio.socket.d"
|
||||
+ mkdir -p "${initdir}/$systemdsystemunitdir/iscsiuio.socket.d"
|
||||
(
|
||||
echo "[Unit]"
|
||||
echo "DefaultDependencies=no"
|
||||
echo "Conflicts=shutdown.target"
|
||||
echo "Before=shutdown.target sockets.target"
|
||||
- ) > "${initdir}/$systemdsystemunitdir/iscsuio.socket.d/dracut.conf"
|
||||
+ ) > "${initdir}/$systemdsystemunitdir/iscsiuio.socket.d/dracut.conf"
|
||||
|
||||
fi
|
||||
inst_dir /var/lib/iscsi
|
||||
|
26
SOURCES/0010.patch
Normal file
26
SOURCES/0010.patch
Normal file
@ -0,0 +1,26 @@
|
||||
From c787ad30ab5467c9f3c740a1cd7ed8b3198b9719 Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Tue, 21 May 2019 17:58:38 +0200
|
||||
Subject: [PATCH] net-lib: strstr is not for globs
|
||||
|
||||
(cherry picked from commit 1a3dcc8b46c967445794e679280a3fb3b8e77ae0)
|
||||
|
||||
Resolves: #1712469
|
||||
---
|
||||
modules.d/40network/net-lib.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
|
||||
index 1e7f1b33..7b93f25e 100755
|
||||
--- a/modules.d/40network/net-lib.sh
|
||||
+++ b/modules.d/40network/net-lib.sh
|
||||
@@ -463,7 +463,7 @@ ip_to_var() {
|
||||
# ip=<ipv4-address> means anaconda-style static config argument cluster
|
||||
autoconf="$1"
|
||||
|
||||
- if strstr "$autoconf" "*.*.*.*"; then
|
||||
+ if strglob "$autoconf" "*.*.*.*"; then
|
||||
# ip=<ipv4-address> means anaconda-style static config argument cluster:
|
||||
# ip=<ip> gateway=<gw> netmask=<nm> hostname=<host> mtu=<mtu>
|
||||
# ksdevice={link|bootif|ibft|<MAC>|<ifname>}
|
||||
|
40
SOURCES/0011.patch
Normal file
40
SOURCES/0011.patch
Normal file
@ -0,0 +1,40 @@
|
||||
From 81b59fbbd6ebeee05b5d6869ae4f36bb9e486f72 Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Tue, 8 Jan 2019 17:16:07 +0100
|
||||
Subject: [PATCH] 95iscsi: rd.iscsi.initiator should have priority over stored
|
||||
configuration
|
||||
|
||||
(cherry picked from commit 61afc704548cecc7f7d2fa3b5f1319e790cc5bee)
|
||||
|
||||
Resolves: #1664062
|
||||
---
|
||||
modules.d/95iscsi/parse-iscsiroot.sh | 15 +++++++--------
|
||||
1 file changed, 7 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/modules.d/95iscsi/parse-iscsiroot.sh b/modules.d/95iscsi/parse-iscsiroot.sh
|
||||
index 7a64d888..f00a83bb 100755
|
||||
--- a/modules.d/95iscsi/parse-iscsiroot.sh
|
||||
+++ b/modules.d/95iscsi/parse-iscsiroot.sh
|
||||
@@ -107,14 +107,13 @@ if arg=$(getarg rd.iscsi.initiator -d iscsi_initiator=) && [ -n "$arg" ] && ! [
|
||||
iscsi_initiator=$arg
|
||||
echo "InitiatorName=$iscsi_initiator" > /run/initiatorname.iscsi
|
||||
ln -fs /run/initiatorname.iscsi /dev/.initiatorname.iscsi
|
||||
- if ! [ -e /etc/iscsi/initiatorname.iscsi ]; then
|
||||
- mkdir -p /etc/iscsi
|
||||
- ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi
|
||||
- if [ -n "$DRACUT_SYSTEMD" ]; then
|
||||
- systemctl try-restart iscsid
|
||||
- # FIXME: iscsid is not yet ready, when the service is :-/
|
||||
- sleep 1
|
||||
- fi
|
||||
+ rm -f /etc/iscsi/initiatorname.iscsi
|
||||
+ mkdir -p /etc/iscsi
|
||||
+ ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi
|
||||
+ if [ -n "$DRACUT_SYSTEMD" ]; then
|
||||
+ systemctl try-restart iscsid
|
||||
+ # FIXME: iscsid is not yet ready, when the service is :-/
|
||||
+ sleep 1
|
||||
fi
|
||||
fi
|
||||
|
||||
|
86
SOURCES/0012.patch
Normal file
86
SOURCES/0012.patch
Normal file
@ -0,0 +1,86 @@
|
||||
From 9c54932f590fd7accadc780c6ee946a94286b7e6 Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Tue, 14 May 2019 09:23:55 +0200
|
||||
Subject: [PATCH] fips: split loading the crypto modules and checking the
|
||||
kernel
|
||||
|
||||
In e54ab383 we moved the fips script to a later pahse of boot, since
|
||||
the /boot might not be available early on.
|
||||
|
||||
The problem is that systemd-cryptsetup* services could be run now
|
||||
started before the do_fips is executed and need the crypto modules
|
||||
to decrypted the devices.
|
||||
|
||||
So let's split the do_fips and load the module before udev does the
|
||||
trigger.
|
||||
---
|
||||
modules.d/01fips/fips-load-crypto.sh | 8 ++++++++
|
||||
modules.d/01fips/fips.sh | 19 +++++++++++--------
|
||||
modules.d/01fips/module-setup.sh | 1 +
|
||||
3 files changed, 20 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/modules.d/01fips/fips-load-crypto.sh b/modules.d/01fips/fips-load-crypto.sh
|
||||
new file mode 100644
|
||||
index 00000000..82cbeee4
|
||||
--- /dev/null
|
||||
+++ b/modules.d/01fips/fips-load-crypto.sh
|
||||
@@ -0,0 +1,8 @@
|
||||
+#!/bin/sh
|
||||
+
|
||||
+if ! fipsmode=$(getarg fips) || [ $fipsmode = "0" ]; then
|
||||
+ rm -f -- /etc/modprobe.d/fips.conf >/dev/null 2>&1
|
||||
+else
|
||||
+ . /sbin/fips.sh
|
||||
+ fips_load_crypto || die "FIPS integrity test failed"
|
||||
+fi
|
||||
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
|
||||
index 9bc089f2..beaa692b 100755
|
||||
--- a/modules.d/01fips/fips.sh
|
||||
+++ b/modules.d/01fips/fips.sh
|
||||
@@ -69,15 +69,8 @@ do_rhevh_check()
|
||||
return 0
|
||||
}
|
||||
|
||||
-do_fips()
|
||||
+fips_load_crypto()
|
||||
{
|
||||
- local _v
|
||||
- local _s
|
||||
- local _v
|
||||
- local _module
|
||||
-
|
||||
- KERNEL=$(uname -r)
|
||||
-
|
||||
FIPSMODULES=$(cat /etc/fipsmodules)
|
||||
|
||||
info "Loading and integrity checking all crypto modules"
|
||||
@@ -102,6 +95,16 @@ do_fips()
|
||||
info "Self testing crypto algorithms"
|
||||
modprobe tcrypt || return 1
|
||||
rmmod tcrypt
|
||||
+}
|
||||
+
|
||||
+do_fips()
|
||||
+{
|
||||
+ local _v
|
||||
+ local _s
|
||||
+ local _v
|
||||
+ local _module
|
||||
+
|
||||
+ KERNEL=$(uname -r)
|
||||
|
||||
info "Checking integrity of kernel"
|
||||
if [ -e "/run/initramfs/live/vmlinuz0" ]; then
|
||||
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
|
||||
index f3af4d90..18186d62 100755
|
||||
--- a/modules.d/01fips/module-setup.sh
|
||||
+++ b/modules.d/01fips/module-setup.sh
|
||||
@@ -54,6 +54,7 @@ install() {
|
||||
local _dir
|
||||
inst_hook pre-trigger 01 "$moddir/fips-boot.sh"
|
||||
inst_hook pre-pivot 01 "$moddir/fips-noboot.sh"
|
||||
+ inst_hook pre-udev 01 "$moddir/fips-load-crypto.sh"
|
||||
inst_script "$moddir/fips.sh" /sbin/fips.sh
|
||||
|
||||
inst_multiple sha512hmac rmmod insmod mount uname umount
|
||||
|
51
SOURCES/0013.patch
Normal file
51
SOURCES/0013.patch
Normal file
@ -0,0 +1,51 @@
|
||||
From a1435c3d535707f1d21aaf85e62175ff2bb1ad2b Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Thu, 14 Mar 2019 18:54:10 +0800
|
||||
Subject: [PATCH] fips: ensure fs module for /boot is installed
|
||||
|
||||
When using dracut with --hostonly and --no-hostonly-default-device,
|
||||
/boot will be inaccessible as dracut will most fs modules unless
|
||||
specified. But FIPS require /boot to be accessible, and it will try
|
||||
to mount it on boot. It will fail if corresponding fs module is missing.
|
||||
|
||||
For most case /boot will be a simple partition, include the fs module
|
||||
will be enough for FIPS to mount it. For other cases users have to pass
|
||||
extra parameters by themselves.
|
||||
|
||||
Suggested-by: Kenneth Dsouza <kdsouza@redhat.com>
|
||||
Signed-off-by: Kairui Song <kasong@redhat.com>
|
||||
---
|
||||
modules.d/01fips/module-setup.sh | 12 +++++++++++-
|
||||
1 file changed, 11 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
|
||||
index 18186d62..89734a09 100755
|
||||
--- a/modules.d/01fips/module-setup.sh
|
||||
+++ b/modules.d/01fips/module-setup.sh
|
||||
@@ -12,7 +12,7 @@ depends() {
|
||||
|
||||
# called by dracut
|
||||
installkernel() {
|
||||
- local _fipsmodules _mod
|
||||
+ local _fipsmodules _mod _bootfstype
|
||||
if [[ -f "${srcmods}/modules.fips" ]]; then
|
||||
_fipsmodules="$(cat "${srcmods}/modules.fips")"
|
||||
else
|
||||
@@ -47,6 +47,16 @@ installkernel() {
|
||||
echo "blacklist $_mod" >> "${initdir}/etc/modprobe.d/fips.conf"
|
||||
fi
|
||||
done
|
||||
+
|
||||
+ # with hostonly_default_device fs module for /boot is not installed by default
|
||||
+ if [[ $hostonly ]] && [[ "$hostonly_default_device" == "no" ]]; then
|
||||
+ _bootfstype=$(find_mp_fstype /boot)
|
||||
+ if [[ -n "$_bootfstype" ]]; then
|
||||
+ hostonly='' instmods $_bootfstype
|
||||
+ else
|
||||
+ dwarning "Can't determine fs type for /boot, FIPS check may fail."
|
||||
+ fi
|
||||
+ fi
|
||||
}
|
||||
|
||||
# called by dracut
|
||||
|
49
SOURCES/0014.patch
Normal file
49
SOURCES/0014.patch
Normal file
@ -0,0 +1,49 @@
|
||||
From 7c35556da4c803bbb08c96e96262e598d5c42274 Mon Sep 17 00:00:00 2001
|
||||
From: Harald Hoyer <harald@redhat.com>
|
||||
Date: Tue, 21 Aug 2018 13:14:44 +0200
|
||||
Subject: [PATCH] network: skip already enslaved interfaces
|
||||
|
||||
(cherry picked from commit f6e3b59e5ea6f52a25631557badc7f4dfabbd7ee)
|
||||
|
||||
Resolves: #1625042
|
||||
---
|
||||
modules.d/35network-legacy/ifup.sh | 6 +++++-
|
||||
modules.d/40network/net-lib.sh | 7 +++++++
|
||||
2 files changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh
|
||||
index ea2a67ff..b4f5bf10 100755
|
||||
--- a/modules.d/35network-legacy/ifup.sh
|
||||
+++ b/modules.d/35network-legacy/ifup.sh
|
||||
@@ -408,7 +408,11 @@ for p in $(getargs ip=); do
|
||||
esac
|
||||
|
||||
# If this option isn't directed at our interface, skip it
|
||||
- [ -n "$dev" ] && [ "$dev" != "$netif" ] && continue
|
||||
+ if [ -n "$dev" ]; then
|
||||
+ [ "$dev" != "$netif" ] && continue
|
||||
+ else
|
||||
+ iface_is_enslaved "$netif" && continue
|
||||
+ fi
|
||||
|
||||
# Store config for later use
|
||||
for i in ip srv gw mask hostname macaddr mtu dns1 dns2; do
|
||||
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
|
||||
index 7b93f25e..f9569573 100755
|
||||
--- a/modules.d/40network/net-lib.sh
|
||||
+++ b/modules.d/40network/net-lib.sh
|
||||
@@ -745,6 +745,13 @@ iface_has_link() {
|
||||
iface_has_carrier "$@"
|
||||
}
|
||||
|
||||
+iface_is_enslaved() {
|
||||
+ local _li
|
||||
+ _li=$(ip -o link show dev $1)
|
||||
+ strstr "$li" " master " || return 1
|
||||
+ return 0
|
||||
+}
|
||||
+
|
||||
find_iface_with_link() {
|
||||
local iface_path="" iface=""
|
||||
for iface_path in /sys/class/net/*; do
|
||||
|
24
SOURCES/0015.patch
Normal file
24
SOURCES/0015.patch
Normal file
@ -0,0 +1,24 @@
|
||||
From 4971a2c4eb4526cb88a5c9aff30c57527a746036 Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Tue, 16 Jul 2019 08:27:01 +0100
|
||||
Subject: [PATCH] 01fips: add cfb cipher
|
||||
|
||||
Required by FIPS standard
|
||||
---
|
||||
modules.d/01fips/module-setup.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
|
||||
index 89734a09..f011f15d 100755
|
||||
--- a/modules.d/01fips/module-setup.sh
|
||||
+++ b/modules.d/01fips/module-setup.sh
|
||||
@@ -24,7 +24,7 @@ installkernel() {
|
||||
_fipsmodules+="crc32c crct10dif ghash "
|
||||
|
||||
# Ciphers:
|
||||
- _fipsmodules+="cipher_null des3_ede aes "
|
||||
+ _fipsmodules+="cipher_null des3_ede aes cfb "
|
||||
|
||||
# Modes/templates:
|
||||
_fipsmodules+="ecb cbc ctr xts gcm ccm authenc hmac cmac "
|
||||
|
86
SOURCES/0016.patch
Normal file
86
SOURCES/0016.patch
Normal file
@ -0,0 +1,86 @@
|
||||
From 31116110ff0090324a568ce2aba6519a860d66b3 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Renaud=20M=C3=A9trich?= <rmetrich@redhat.com>
|
||||
Date: Thu, 11 Jul 2019 10:50:40 +0200
|
||||
Subject: [PATCH] rngd: new module running early during boot to help generating
|
||||
entropy when system's default entropy sources are poor (e.g. use of SSD disks
|
||||
or UEFI RNG not available)
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
On systems with low entropy at boot, the boot can take up to several
|
||||
hours, specially when NBDE is used (e.g. clevis) which makes use of
|
||||
the random number generator.
|
||||
|
||||
Enabling rngd service at boot early, because dracut-initqueue runs,
|
||||
enables to initialize the random number generator in a couple of seconds
|
||||
instead of minutes or hours.
|
||||
|
||||
Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
|
||||
(cherry picked from commit adee5b97bc5418b6e357342bb3be20568668aa55)
|
||||
|
||||
Resolves: #1726617
|
||||
---
|
||||
modules.d/06rngd/module-setup.sh | 39 +++++++++++++++++++++++++++++++++++++++
|
||||
modules.d/06rngd/rngd.service | 7 +++++++
|
||||
2 files changed, 46 insertions(+)
|
||||
|
||||
diff --git a/modules.d/06rngd/module-setup.sh b/modules.d/06rngd/module-setup.sh
|
||||
new file mode 100644
|
||||
index 00000000..43d5c2d3
|
||||
--- /dev/null
|
||||
+++ b/modules.d/06rngd/module-setup.sh
|
||||
@@ -0,0 +1,39 @@
|
||||
+#!/bin/bash
|
||||
+# vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
|
||||
+#
|
||||
+# Copyright (c) 2019 Red Hat, Inc.
|
||||
+# Author: Renaud Métrich <rmetrich@redhat.com>
|
||||
+#
|
||||
+# This program is free software: you can redistribute it and/or modify
|
||||
+# it under the terms of the GNU General Public License as published by
|
||||
+# the Free Software Foundation, either version 3 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+#
|
||||
+# This program is distributed in the hope that it will be useful,
|
||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
+# GNU General Public License for more details.
|
||||
+#
|
||||
+# You should have received a copy of the GNU General Public License
|
||||
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
+#
|
||||
+
|
||||
+depends() {
|
||||
+ echo systemd
|
||||
+ return 0
|
||||
+}
|
||||
+
|
||||
+check() {
|
||||
+ # if there's no rngd binary, no go.
|
||||
+ require_binaries rngd || return 1
|
||||
+
|
||||
+ return 0
|
||||
+}
|
||||
+
|
||||
+install() {
|
||||
+ inst rngd
|
||||
+ inst_simple "${moddir}/rngd.service" "${systemdsystemunitdir}/rngd.service"
|
||||
+ mkdir -p "${initdir}${systemdsystemunitdir}/sysinit.target.wants"
|
||||
+ ln -rfs "${initdir}${systemdsystemunitdir}/rngd.service" \
|
||||
+ "${initdir}${systemdsystemunitdir}/sysinit.target.wants/rngd.service"
|
||||
+}
|
||||
diff --git a/modules.d/06rngd/rngd.service b/modules.d/06rngd/rngd.service
|
||||
new file mode 100644
|
||||
index 00000000..570fbedb
|
||||
--- /dev/null
|
||||
+++ b/modules.d/06rngd/rngd.service
|
||||
@@ -0,0 +1,7 @@
|
||||
+[Unit]
|
||||
+Description=Hardware RNG Entropy Gatherer Daemon
|
||||
+DefaultDependencies=no
|
||||
+Before=systemd-udevd.service
|
||||
+
|
||||
+[Service]
|
||||
+ExecStart=/usr/sbin/rngd -f
|
||||
|
22
SOURCES/0017.patch
Normal file
22
SOURCES/0017.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From d86dfcd148e5d726f00b8a83eeadb11aa0017fba Mon Sep 17 00:00:00 2001
|
||||
From: Harald Hoyer <harald@redhat.com>
|
||||
Date: Mon, 22 Jul 2019 14:07:26 +0200
|
||||
Subject: [PATCH] dracut.spec: add 06rngd
|
||||
|
||||
---
|
||||
dracut.spec | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/dracut.spec b/dracut.spec
|
||||
index de57703c..92c7f7bf 100644
|
||||
--- a/dracut.spec
|
||||
+++ b/dracut.spec
|
||||
@@ -346,6 +346,7 @@ install -m 0755 51-dracut-rescue-postinst.sh $RPM_BUILD_ROOT%{_sysconfdir}/kerne
|
||||
%{dracutlibdir}/modules.d/03rescue
|
||||
%{dracutlibdir}/modules.d/04watchdog
|
||||
%{dracutlibdir}/modules.d/05busybox
|
||||
+%{dracutlibdir}/modules.d/06rngd
|
||||
%{dracutlibdir}/modules.d/10i18n
|
||||
%{dracutlibdir}/modules.d/30convertfs
|
||||
%{dracutlibdir}/modules.d/45url-lib
|
||||
|
49
SOURCES/0018.patch
Normal file
49
SOURCES/0018.patch
Normal file
@ -0,0 +1,49 @@
|
||||
From 927428e6a5e90b2214ee9edf15d4eb6c0fc5c203 Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Mon, 11 Mar 2019 18:44:02 +0800
|
||||
Subject: [PATCH] squash: squash systemd binary and udevadm
|
||||
|
||||
systemd binary and udevadm are not needed to be outside the squash
|
||||
image. Some binaries are kept outside because they are required before
|
||||
mounting the image, or after umounting the image (when switching root),
|
||||
or they may block umounting the image. But we are using lazy umounting,
|
||||
so actually nothing will block the umount.
|
||||
|
||||
Keep more binaries outside the squash image won't hurt but cost extra
|
||||
memories, the idea of squash image is to save memory usage.
|
||||
|
||||
So, there is no reason to keep udevadm outside, that should be a debug
|
||||
left over. For systemd binary, it's running when switch root happens,
|
||||
But we have lazy umounted the image and overlay, once systemd process
|
||||
exec the new systemd in new root, everything will be cleared by kernel.
|
||||
|
||||
Also tidy up the comment make it less confussing.
|
||||
|
||||
Signed-off-by: Kairui Song <kasong@redhat.com>
|
||||
(cherry picked from commit e1e1f6e8e6747d8f32c065e267e0a57587818c9e)
|
||||
|
||||
Resolves: #1691705
|
||||
---
|
||||
dracut.sh | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/dracut.sh b/dracut.sh
|
||||
index e683a9bc..a0158f22 100755
|
||||
--- a/dracut.sh
|
||||
+++ b/dracut.sh
|
||||
@@ -1772,9 +1772,11 @@ if dracut_module_included "squash"; then
|
||||
mv $initdir/$folder $squash_dir/$folder
|
||||
done
|
||||
|
||||
- # Reinstall required files, because we have moved some important folders to $squash_dir
|
||||
- inst_multiple "echo" "sh" "mount" "modprobe" "mkdir" \
|
||||
- "systemctl" "udevadm" "$systemdutildir/systemd"
|
||||
+ # Reinstall required files for the squash image setup script.
|
||||
+ # We have moved them inside the squashed image, but they need to be
|
||||
+ # accessible before mounting the image. Also install systemctl,
|
||||
+ # it's requires for switch-root, but we will umount the image before switch-root
|
||||
+ inst_multiple "echo" "sh" "mount" "modprobe" "mkdir" "systemctl"
|
||||
hostonly="" instmods "loop" "squashfs" "overlay"
|
||||
|
||||
for folder in "${squash_candidate[@]}"; do
|
||||
|
71
SOURCES/0019.patch
Normal file
71
SOURCES/0019.patch
Normal file
@ -0,0 +1,71 @@
|
||||
From b6d52b504fc7eefc3f405f75463d9e818471ee99 Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Mon, 11 Mar 2019 19:46:19 +0800
|
||||
Subject: [PATCH] squash: fix and simplify required_in_root
|
||||
|
||||
If required target is a symbol link, create the link then following the
|
||||
link. If it's a directory, create new directory, else just move it.
|
||||
|
||||
Signed-off-by: Kairui Song <kasong@redhat.com>
|
||||
(cherry picked from commit 11ce69e4bd9172cf54251ea62bb4a5ead1700fd6)
|
||||
|
||||
Resolves: #1691705
|
||||
---
|
||||
dracut.sh | 42 +++++++++++++++++++-----------------------
|
||||
1 file changed, 19 insertions(+), 23 deletions(-)
|
||||
|
||||
diff --git a/dracut.sh b/dracut.sh
|
||||
index a0158f22..6de88b3e 100755
|
||||
--- a/dracut.sh
|
||||
+++ b/dracut.sh
|
||||
@@ -1811,30 +1811,26 @@ if dracut_module_included "squash"; then
|
||||
required_in_root $(dirname $file)
|
||||
fi
|
||||
|
||||
- if [[ -d $_sqsh_file ]]; then
|
||||
- if [[ -L $_sqsh_file ]]; then
|
||||
- cp --preserve=all -P $_sqsh_file $_init_file
|
||||
- else
|
||||
- mkdir $_init_file
|
||||
- fi
|
||||
+ if [[ -L $_sqsh_file ]]; then
|
||||
+ cp --preserve=all -P $_sqsh_file $_init_file
|
||||
+ _sqsh_file=$(realpath $_sqsh_file 2>/dev/null)
|
||||
+ if [[ -e $_sqsh_file ]] && [[ "$_sqsh_file" == "$squash_dir"* ]]; then
|
||||
+ # Relative symlink
|
||||
+ required_in_root ${_sqsh_file#$squash_dir/}
|
||||
+ return
|
||||
+ fi
|
||||
+ if [[ -e $squash_dir$_sqsh_file ]]; then
|
||||
+ # Absolute symlink
|
||||
+ required_in_root ${_sqsh_file#/}
|
||||
+ return
|
||||
+ fi
|
||||
+ required_in_root ${module_spec#$squash_dir/}
|
||||
else
|
||||
- if [[ -L $_sqsh_file ]]; then
|
||||
- cp --preserve=all -P $_sqsh_file $_init_file
|
||||
- _sqsh_file=$(realpath $_sqsh_file 2>/dev/null)
|
||||
- if [[ -e $_sqsh_file ]] && [[ "$_sqsh_file" == "$squash_dir"* ]]; then
|
||||
- # Relative symlink
|
||||
- required_in_root ${_sqsh_file#$squash_dir/}
|
||||
- return
|
||||
- fi
|
||||
- if [[ -e $squash_dir$_sqsh_file ]]; then
|
||||
- # Absolute symlink
|
||||
- required_in_root ${_sqsh_file#/}
|
||||
- return
|
||||
- fi
|
||||
- required_in_root ${module_spec#$squash_dir/}
|
||||
- else
|
||||
- mv $_sqsh_file $_init_file
|
||||
- fi
|
||||
+ if [[ -d $_sqsh_file ]]; then
|
||||
+ mkdir $_init_file
|
||||
+ else
|
||||
+ mv $_sqsh_file $_init_file
|
||||
+ fi
|
||||
fi
|
||||
}
|
||||
|
||||
|
94
SOURCES/0020.patch
Normal file
94
SOURCES/0020.patch
Normal file
@ -0,0 +1,94 @@
|
||||
From 829ed8ef5cca250fac475ad6b0265c792c3af015 Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Wed, 13 Mar 2019 17:36:53 +0800
|
||||
Subject: [PATCH] squash: also squash systemctl if switch-root is not needed
|
||||
|
||||
systemctl need to be accessible on switch-root, but we unmount the
|
||||
squash image on switch-root, so it will fail. systemctl depends on a lot
|
||||
of libraries, squash them can save more RAM. So allow modules
|
||||
(eg. kdump) to tell dracut that switch-root will be intercepted,
|
||||
then we don't need to take care of that.
|
||||
|
||||
Signed-off-by: Kairui Song <kasong@redhat.com>
|
||||
(cherry picked from commit 3ee0ca5eb74be5d1fbd0e6d643f6fff06234177f)
|
||||
|
||||
Resolves: #1691705
|
||||
---
|
||||
dracut-init.sh | 4 ++++
|
||||
dracut.sh | 40 ++++++++++++++++++++++------------------
|
||||
2 files changed, 26 insertions(+), 18 deletions(-)
|
||||
|
||||
diff --git a/dracut-init.sh b/dracut-init.sh
|
||||
index 50d23e2d..b1ac9966 100644
|
||||
--- a/dracut-init.sh
|
||||
+++ b/dracut-init.sh
|
||||
@@ -150,6 +150,10 @@ dracut_module_included() {
|
||||
[[ " $mods_to_load $modules_loaded " == *\ $*\ * ]]
|
||||
}
|
||||
|
||||
+dracut_no_switch_root() {
|
||||
+ >"$initdir/lib/dracut/no-switch-root"
|
||||
+}
|
||||
+
|
||||
if ! [[ $DRACUT_INSTALL ]]; then
|
||||
DRACUT_INSTALL=$(find_binary dracut-install)
|
||||
fi
|
||||
diff --git a/dracut.sh b/dracut.sh
|
||||
index 6de88b3e..8144a16e 100755
|
||||
--- a/dracut.sh
|
||||
+++ b/dracut.sh
|
||||
@@ -1772,24 +1772,6 @@ if dracut_module_included "squash"; then
|
||||
mv $initdir/$folder $squash_dir/$folder
|
||||
done
|
||||
|
||||
- # Reinstall required files for the squash image setup script.
|
||||
- # We have moved them inside the squashed image, but they need to be
|
||||
- # accessible before mounting the image. Also install systemctl,
|
||||
- # it's requires for switch-root, but we will umount the image before switch-root
|
||||
- inst_multiple "echo" "sh" "mount" "modprobe" "mkdir" "systemctl"
|
||||
- hostonly="" instmods "loop" "squashfs" "overlay"
|
||||
-
|
||||
- for folder in "${squash_candidate[@]}"; do
|
||||
- # Remove duplicated files in squashfs image, save some more space
|
||||
- [[ ! -d $initdir/$folder/ ]] && continue
|
||||
- for file in $(find $initdir/$folder/ -not -type d);
|
||||
- do
|
||||
- if [[ -e $squash_dir${file#$initdir} ]]; then
|
||||
- mv $squash_dir${file#$initdir} $file
|
||||
- fi
|
||||
- done
|
||||
- done
|
||||
-
|
||||
# Move some files out side of the squash image, including:
|
||||
# - Files required to boot and mount the squashfs image
|
||||
# - Files need to be accessable without mounting the squash image
|
||||
@@ -1851,6 +1833,28 @@ if dracut_module_included "squash"; then
|
||||
ln -s squash/init.sh $initdir/init
|
||||
ln -s squash/shutdown.sh $initdir/shutdown
|
||||
|
||||
+ # Reinstall required files for the squash image setup script.
|
||||
+ # We have moved them inside the squashed image, but they need to be
|
||||
+ # accessible before mounting the image.
|
||||
+ inst_multiple "echo" "sh" "mount" "modprobe" "mkdir"
|
||||
+ hostonly="" instmods "loop" "squashfs" "overlay"
|
||||
+
|
||||
+ # Only keep systemctl outsite if we need switch root
|
||||
+ if [[ ! -f "$initdir/lib/dracut/no-switch-root" ]]; then
|
||||
+ inst "systemctl"
|
||||
+ fi
|
||||
+
|
||||
+ for folder in "${squash_candidate[@]}"; do
|
||||
+ # Remove duplicated files in squashfs image, save some more space
|
||||
+ [[ ! -d $initdir/$folder/ ]] && continue
|
||||
+ for file in $(find $initdir/$folder/ -not -type d);
|
||||
+ do
|
||||
+ if [[ -e $squash_dir${file#$initdir} ]]; then
|
||||
+ mv $squash_dir${file#$initdir} $file
|
||||
+ fi
|
||||
+ done
|
||||
+ done
|
||||
+
|
||||
mksquashfs $squash_dir $squash_img -comp xz -b 64K -Xdict-size 100% &> /dev/null
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
94
SOURCES/0021.patch
Normal file
94
SOURCES/0021.patch
Normal file
@ -0,0 +1,94 @@
|
||||
From 7ee74e539dba61c3765afe34426b085eff0de027 Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Thu, 21 Feb 2019 13:18:37 +0800
|
||||
Subject: [PATCH] dracut: let module handling function accept optional path
|
||||
option
|
||||
|
||||
Let the caller pass in the module path instead of try to find the module
|
||||
path everytime. This helps optimize the overall runtime.
|
||||
|
||||
Test results (3 rounds) on Fedora 30 in KVM VM with 8 CPUs, 2G memory, HDD:
|
||||
|
||||
$ time ./dracut.sh --local --quiet --hostonly --hostonly-cmdline --hostonly-i18n --hostonly-mode 'strict' -o 'plymouth dash resume ifcfg' --mount '/dev/mapper/fedora-root /sysroot xfs defaults' --no-hostonly-default-device -f initramfs.img
|
||||
Before the commit:
|
||||
real 0m11.782s | real 0m11.505s | real 0m11.958s
|
||||
user 0m9.169s | user 0m9.218s | user 0m9.327s
|
||||
sys 0m10.839s | sys 0m10.829s | sys 0m10.925s
|
||||
|
||||
After this commit:
|
||||
real 0m9.866s | real 0m9.580s | real 0m9.638s
|
||||
user 0m9.048s | user 0m9.142s | user 0m9.120s
|
||||
sys 0m7.411s | sys 0m7.775s | sys 0m7.745s
|
||||
|
||||
Test result of building a ordinary image:
|
||||
|
||||
$ time ./dracut.sh --local --quiet -f initramfs.img
|
||||
Before the commit:
|
||||
real 0m34.697s | real 0m34.371s | real 0m35.122s
|
||||
user 0m27.608s | user 0m27.524s | user 0m27.705s
|
||||
sys 0m22.341s | sys 0m22.032s | sys 0m22.246s
|
||||
|
||||
After the commit:
|
||||
real 0m31.914s | real 0m31.006 | real 0m31.289ss
|
||||
user 0m27.315s | user 0m27.324 | user 0m27.290ss
|
||||
sys 0m19.051s | sys 0m18.916 | sys 0m19.022ss
|
||||
|
||||
This will have an ~2s speed up.
|
||||
|
||||
Signed-off-by: Kairui Song <kasong@redhat.com>
|
||||
(cherry picked from commit 5916d31b24ad9eb21fd376929a96c459813315a1)
|
||||
|
||||
Cherry-picked from: 5916d31b
|
||||
Resolves: #1734047
|
||||
---
|
||||
dracut-init.sh | 4 ++++
|
||||
dracut.sh | 8 ++++----
|
||||
2 files changed, 8 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/dracut-init.sh b/dracut-init.sh
|
||||
index b1ac9966..ab07cabf 100644
|
||||
--- a/dracut-init.sh
|
||||
+++ b/dracut-init.sh
|
||||
@@ -154,6 +154,10 @@ dracut_no_switch_root() {
|
||||
>"$initdir/lib/dracut/no-switch-root"
|
||||
}
|
||||
|
||||
+dracut_module_path() {
|
||||
+ echo ${dracutbasedir}/modules.d/??${1} | { read a b; echo "$a"; }
|
||||
+}
|
||||
+
|
||||
if ! [[ $DRACUT_INSTALL ]]; then
|
||||
DRACUT_INSTALL=$(find_binary dracut-install)
|
||||
fi
|
||||
diff --git a/dracut.sh b/dracut.sh
|
||||
index 8144a16e..f270af76 100755
|
||||
--- a/dracut.sh
|
||||
+++ b/dracut.sh
|
||||
@@ -1373,7 +1373,7 @@ do_print_cmdline()
|
||||
for moddir in "$dracutbasedir/modules.d"/[0-9][0-9]*; do
|
||||
_d_mod=${moddir##*/}; _d_mod=${_d_mod#[0-9][0-9]}
|
||||
[[ ${_mods_to_print[$_d_mod]} ]] || continue
|
||||
- module_cmdline "$_d_mod"
|
||||
+ module_cmdline "$_d_mod" "$moddir"
|
||||
done
|
||||
unset moddir
|
||||
}
|
||||
@@ -1454,14 +1454,14 @@ for moddir in "$dracutbasedir/modules.d"/[0-9][0-9]*; do
|
||||
dinfo "*** Including module: $_d_mod ***"
|
||||
fi
|
||||
if [[ $kernel_only == yes ]]; then
|
||||
- module_installkernel "$_d_mod" || {
|
||||
+ module_installkernel "$_d_mod" "$moddir" || {
|
||||
dfatal "installkernel failed in module $_d_mod"
|
||||
exit 1
|
||||
}
|
||||
else
|
||||
- module_install "$_d_mod"
|
||||
+ module_install "$_d_mod" "$moddir"
|
||||
if [[ $no_kernel != yes ]]; then
|
||||
- module_installkernel "$_d_mod" || {
|
||||
+ module_installkernel "$_d_mod" "$moddir" || {
|
||||
dfatal "installkernel failed in module $_d_mod"
|
||||
exit 1
|
||||
}
|
||||
|
36
SOURCES/0022.patch
Normal file
36
SOURCES/0022.patch
Normal file
@ -0,0 +1,36 @@
|
||||
From 17cd55169c3549d85ba3e4d7e0e81c496d1b2940 Mon Sep 17 00:00:00 2001
|
||||
From: Lianbo Jiang <lijiang@redhat.com>
|
||||
Date: Mon, 13 May 2019 16:09:25 +0800
|
||||
Subject: [PATCH] 99base: enable the initqueue in both 'dracut --add-device'
|
||||
and 'dracut --mount' cases.
|
||||
|
||||
The commit 9f3c31cd8d68 ("99base: enable initqueue if extra devices are added")
|
||||
only covers 'dracut --add-device' case, but it did not cover 'dracut --mount'
|
||||
case, which causes the kdump failure in the Amazon virtual machine.
|
||||
|
||||
Lets make sure that the initqueue is enabled in both cases in order to wake up
|
||||
the device in time.
|
||||
|
||||
Reported-by: Xiao Liang <xiliang@redhat.com>
|
||||
Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
|
||||
(cherry picked from commit e0fc62f619ba55a96179382e22f7665e969c3d42)
|
||||
|
||||
Resolves: #1678094
|
||||
---
|
||||
modules.d/99base/module-setup.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/99base/module-setup.sh b/modules.d/99base/module-setup.sh
|
||||
index 21523fc9..c9ead01d 100755
|
||||
--- a/modules.d/99base/module-setup.sh
|
||||
+++ b/modules.d/99base/module-setup.sh
|
||||
@@ -93,7 +93,7 @@ install() {
|
||||
|
||||
## save host_devs which we need bring up
|
||||
if [[ $hostonly_cmdline == "yes" ]]; then
|
||||
- if [[ -n $add_device ]]; then
|
||||
+ if [[ -n "${host_devs[@]}" ]]; then
|
||||
dracut_need_initqueue
|
||||
fi
|
||||
if [[ -f "$initdir/lib/dracut/need-initqueue" ]] || ! dracut_module_included "systemd"; then
|
||||
|
34
SOURCES/0023.patch
Normal file
34
SOURCES/0023.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From 1851348709df5413a767faecdee908534baf0da1 Mon Sep 17 00:00:00 2001
|
||||
From: Kairui Song <kasong@redhat.com>
|
||||
Date: Wed, 12 Jun 2019 14:27:44 +0800
|
||||
Subject: [PATCH] 95fcoe: load 'libfcoe' module as a fallback
|
||||
|
||||
The kernel may only enable 'libfcoe' module. Some modules like bnx2fc
|
||||
provides FCoE but only depend on 'libfcoe'. Loading 'fcoe' module may
|
||||
fail but the kernel do support FCoE.
|
||||
|
||||
'libfcoe' will be installed as a dependency when installing block device
|
||||
drivers if it's required. So no need to install it in installkernel.
|
||||
|
||||
Signed-off-by: Kairui Song <kasong@redhat.com>
|
||||
(cherry picked from commit 65fe1af2eca7d0ed340520577ab861fcd695b34a)
|
||||
|
||||
Resolves: #1719645
|
||||
---
|
||||
modules.d/95fcoe/parse-fcoe.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/95fcoe/parse-fcoe.sh b/modules.d/95fcoe/parse-fcoe.sh
|
||||
index 75cca9a5..12701cdb 100755
|
||||
--- a/modules.d/95fcoe/parse-fcoe.sh
|
||||
+++ b/modules.d/95fcoe/parse-fcoe.sh
|
||||
@@ -18,7 +18,7 @@
|
||||
# If it's not set we don't continue
|
||||
[ -z "$fcoe" ] && return
|
||||
|
||||
-[ -e /sys/bus/fcoe/ctlr_create ] || modprobe -b -a fcoe || die "FCoE requested but kernel/initrd does not support FCoE"
|
||||
+[ -e /sys/bus/fcoe/ctlr_create ] || modprobe -b -a fcoe || modprobe -b -a libfcoe || die "FCoE requested but kernel/initrd does not support FCoE"
|
||||
|
||||
initqueue --onetime modprobe -b -q bnx2fc
|
||||
|
||||
|
36
SOURCES/0024.patch
Normal file
36
SOURCES/0024.patch
Normal file
@ -0,0 +1,36 @@
|
||||
From 9b2497dffb8f699ce040cdbafa967f5fe02b57b6 Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Fri, 2 Aug 2019 14:26:23 +0200
|
||||
Subject: [PATCH] 90kernel-modules-extra: don't resolve symlinks before instmod
|
||||
|
||||
When you install a third-party driver, you will probably end in a
|
||||
situation, where the module will be in a different directory and
|
||||
in $depmod_module_dir you will only have symlink. If we resolve the
|
||||
symlink before we pass the module path to instmod, the dracut-install
|
||||
will only include the module with its original path, but not the
|
||||
symlink. Hence the module can't be automatically loaded.
|
||||
|
||||
Dracut-install is clever enough to handle symlinks and will include both
|
||||
the symlink and the module to the initrd.
|
||||
|
||||
(cherry picked from commit d1afff43aea01c8d43817adf3ac4041dd4b9f022)
|
||||
|
||||
Resolves: #1720275
|
||||
---
|
||||
modules.d/90kernel-modules-extra/module-setup.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/90kernel-modules-extra/module-setup.sh b/modules.d/90kernel-modules-extra/module-setup.sh
|
||||
index c0a2b7f9..1706c822 100755
|
||||
--- a/modules.d/90kernel-modules-extra/module-setup.sh
|
||||
+++ b/modules.d/90kernel-modules-extra/module-setup.sh
|
||||
@@ -187,7 +187,7 @@ installkernel()
|
||||
printf "^%s\.ko(\.gz|\.bz2|\.xz)?:\n" "${pathlist[@]}" \
|
||||
| (LANG=C grep -E -o -f - -- "$depmod_modules_dep" || exit 0) \
|
||||
| tr -d ':' \
|
||||
- | (cd "$depmod_module_dir" || exit; xargs -r realpath -e --) \
|
||||
+ | (cd "$depmod_module_dir" || exit; xargs -r realpath -se --) \
|
||||
| instmods || return 1
|
||||
|
||||
return 0
|
||||
|
26
SOURCES/0025.patch
Normal file
26
SOURCES/0025.patch
Normal file
@ -0,0 +1,26 @@
|
||||
From 3464297288b50a062e1094e57d46ad21e51b351b Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Tue, 6 Aug 2019 10:54:09 +0200
|
||||
Subject: [PATCH] net-lib: fix typo $li -> $_li
|
||||
|
||||
(cherry picked from commit cd97d8d2c0646b95aee47efd5eee39f29d617a67)
|
||||
|
||||
Resolves: #1625042
|
||||
---
|
||||
modules.d/40network/net-lib.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
|
||||
index f9569573..ad78d225 100755
|
||||
--- a/modules.d/40network/net-lib.sh
|
||||
+++ b/modules.d/40network/net-lib.sh
|
||||
@@ -748,7 +748,7 @@ iface_has_link() {
|
||||
iface_is_enslaved() {
|
||||
local _li
|
||||
_li=$(ip -o link show dev $1)
|
||||
- strstr "$li" " master " || return 1
|
||||
+ strstr "$_li" " master " || return 1
|
||||
return 0
|
||||
}
|
||||
|
||||
|
115
SOURCES/0026.patch
Normal file
115
SOURCES/0026.patch
Normal file
@ -0,0 +1,115 @@
|
||||
From f93681073cae4cfa118cfb3a2acb8cf78ce30646 Mon Sep 17 00:00:00 2001
|
||||
From: Benjamin Marzinski <bmarzins@redhat.com>
|
||||
Date: Tue, 3 Sep 2019 10:44:36 -0500
|
||||
Subject: [PATCH] modules.d: fix udev rules detection of multipath devices
|
||||
|
||||
Starting with the 0.7.7 release of the multipath tools, the multipath
|
||||
udev rules always set a value in ENV{DM_MULTIPATH_DEVICE_PATH} for any
|
||||
device that multipath scans. A value of 0 means that the device is not
|
||||
claimed by multipath, and a value of 1 means that it is. Because of
|
||||
this, udev rules that check ENV{DM_MULTIPATH_DEVICE_PATH}=="?*" will
|
||||
always return True, and act as if every scanned device is claimed by
|
||||
multipath. Checking ENV{DM_MULTIPATH_DEVICE_PATH}=="1" will work
|
||||
correctly for both the old and new versions of the multipath tools.
|
||||
---
|
||||
modules.d/90dm/59-persistent-storage-dm.rules | 2 +-
|
||||
modules.d/90dmraid/61-dmraid-imsm.rules | 2 +-
|
||||
modules.d/90lvm/64-lvm.rules | 2 +-
|
||||
modules.d/90mdraid/59-persistent-storage-md.rules | 2 +-
|
||||
modules.d/90mdraid/65-md-incremental-imsm.rules | 2 +-
|
||||
modules.d/95udev-rules/59-persistent-storage.rules | 2 +-
|
||||
modules.d/95udev-rules/61-persistent-storage.rules | 2 +-
|
||||
7 files changed, 7 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/modules.d/90dm/59-persistent-storage-dm.rules b/modules.d/90dm/59-persistent-storage-dm.rules
|
||||
index 73b09376..2be11227 100644
|
||||
--- a/modules.d/90dm/59-persistent-storage-dm.rules
|
||||
+++ b/modules.d/90dm/59-persistent-storage-dm.rules
|
||||
@@ -1,7 +1,7 @@
|
||||
SUBSYSTEM!="block", GOTO="dm_end"
|
||||
ACTION!="add|change", GOTO="dm_end"
|
||||
# Also don't process disks that are slated to be a multipath device
|
||||
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="dm_end"
|
||||
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="dm_end"
|
||||
|
||||
KERNEL!="dm-[0-9]*", GOTO="dm_end"
|
||||
ACTION=="add", GOTO="dm_end"
|
||||
diff --git a/modules.d/90dmraid/61-dmraid-imsm.rules b/modules.d/90dmraid/61-dmraid-imsm.rules
|
||||
index 72267d3c..8a6b215e 100644
|
||||
--- a/modules.d/90dmraid/61-dmraid-imsm.rules
|
||||
+++ b/modules.d/90dmraid/61-dmraid-imsm.rules
|
||||
@@ -5,7 +5,7 @@
|
||||
SUBSYSTEM!="block", GOTO="dm_end"
|
||||
ACTION!="add|change", GOTO="dm_end"
|
||||
# Also don't process disks that are slated to be a multipath device
|
||||
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="dm_end"
|
||||
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="dm_end"
|
||||
|
||||
ENV{ID_FS_TYPE}=="linux_raid_member", GOTO="dm_end"
|
||||
|
||||
diff --git a/modules.d/90lvm/64-lvm.rules b/modules.d/90lvm/64-lvm.rules
|
||||
index 3ce0c1f6..65f65249 100644
|
||||
--- a/modules.d/90lvm/64-lvm.rules
|
||||
+++ b/modules.d/90lvm/64-lvm.rules
|
||||
@@ -7,7 +7,7 @@
|
||||
SUBSYSTEM!="block", GOTO="lvm_end"
|
||||
ACTION!="add|change", GOTO="lvm_end"
|
||||
# Also don't process disks that are slated to be a multipath device
|
||||
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="lvm_end"
|
||||
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="lvm_end"
|
||||
KERNEL=="dm-[0-9]*", ACTION=="add", GOTO="lvm_end"
|
||||
ENV{ID_FS_TYPE}!="LVM?_member", GOTO="lvm_end"
|
||||
|
||||
diff --git a/modules.d/90mdraid/59-persistent-storage-md.rules b/modules.d/90mdraid/59-persistent-storage-md.rules
|
||||
index 6ef858aa..96b10108 100644
|
||||
--- a/modules.d/90mdraid/59-persistent-storage-md.rules
|
||||
+++ b/modules.d/90mdraid/59-persistent-storage-md.rules
|
||||
@@ -1,7 +1,7 @@
|
||||
SUBSYSTEM!="block", GOTO="md_end"
|
||||
ACTION!="add|change", GOTO="md_end"
|
||||
# Also don't process disks that are slated to be a multipath device
|
||||
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="md_end"
|
||||
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="md_end"
|
||||
|
||||
KERNEL!="md[0-9]*|md_d[0-9]*|md/*", KERNEL!="md*", GOTO="md_end"
|
||||
|
||||
diff --git a/modules.d/90mdraid/65-md-incremental-imsm.rules b/modules.d/90mdraid/65-md-incremental-imsm.rules
|
||||
index d66dd012..52f5b195 100644
|
||||
--- a/modules.d/90mdraid/65-md-incremental-imsm.rules
|
||||
+++ b/modules.d/90mdraid/65-md-incremental-imsm.rules
|
||||
@@ -9,7 +9,7 @@ KERNEL=="md*", ENV{ID_FS_TYPE}!="linux_raid_member", GOTO="md_end"
|
||||
KERNEL=="md*", ACTION!="change", GOTO="md_end"
|
||||
|
||||
# Also don't process disks that are slated to be a multipath device
|
||||
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="md_end"
|
||||
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="md_end"
|
||||
|
||||
ENV{ID_FS_TYPE}=="ddf_raid_member|isw_raid_member|linux_raid_member", GOTO="md_try"
|
||||
GOTO="md_end"
|
||||
diff --git a/modules.d/95udev-rules/59-persistent-storage.rules b/modules.d/95udev-rules/59-persistent-storage.rules
|
||||
index 47ff6edd..8d8650f7 100644
|
||||
--- a/modules.d/95udev-rules/59-persistent-storage.rules
|
||||
+++ b/modules.d/95udev-rules/59-persistent-storage.rules
|
||||
@@ -1,7 +1,7 @@
|
||||
SUBSYSTEM!="block", GOTO="ps_end"
|
||||
ACTION!="add|change", GOTO="ps_end"
|
||||
# Also don't process disks that are slated to be a multipath device
|
||||
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="ps_end"
|
||||
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="ps_end"
|
||||
|
||||
KERNEL=="cciss[0-9]*", IMPORT BLKID
|
||||
KERNEL=="nbd[0-9]*", IMPORT BLKID
|
||||
diff --git a/modules.d/95udev-rules/61-persistent-storage.rules b/modules.d/95udev-rules/61-persistent-storage.rules
|
||||
index 37148b07..895ecebd 100644
|
||||
--- a/modules.d/95udev-rules/61-persistent-storage.rules
|
||||
+++ b/modules.d/95udev-rules/61-persistent-storage.rules
|
||||
@@ -1,7 +1,7 @@
|
||||
SUBSYSTEM!="block", GOTO="pss_end"
|
||||
ACTION!="add|change", GOTO="pss_end"
|
||||
# Also don't process disks that are slated to be a multipath device
|
||||
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="pss_end"
|
||||
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="pss_end"
|
||||
|
||||
ACTION=="change", KERNEL=="dm-[0-9]*", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}!="1", GOTO="do_pss"
|
||||
KERNEL=="cciss[0-9]*", GOTO="do_pss"
|
||||
|
32
SOURCES/0027.patch
Normal file
32
SOURCES/0027.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From ce722c7307e48a991d8450360a1a0183dfdb4915 Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Lebon <jonathan@jlebon.com>
|
||||
Date: Tue, 29 Oct 2019 09:35:41 -0400
|
||||
Subject: [PATCH] 01fips: fix HMAC file path resolution
|
||||
|
||||
There is a small regression in #343: when handling the 'separate boot
|
||||
partition' case, we're checking for the kernel image in the wrong
|
||||
location: `BOOT_IMAGE` is the `/boot`-relative path to the kernel image,
|
||||
so `/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE}` expands to e.g.
|
||||
`/boot/mysubdir1/mysubdir2/mysubdir1/mysubdir2/vmlinuz...`.
|
||||
|
||||
We should be using `BOOT_IMAGE_NAME` here instead (and in fact, the next
|
||||
if-statement does this correctly, so it might've just been accidentally
|
||||
left out of #343).
|
||||
---
|
||||
modules.d/01fips/fips.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
|
||||
index beaa692b..c3dbcf74 100755
|
||||
--- a/modules.d/01fips/fips.sh
|
||||
+++ b/modules.d/01fips/fips.sh
|
||||
@@ -118,7 +118,7 @@ do_fips()
|
||||
|
||||
if [ -z "$BOOT_IMAGE_NAME" ]; then
|
||||
BOOT_IMAGE_NAME="vmlinuz-${KERNEL}"
|
||||
- elif ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE}" ]; then
|
||||
+ elif ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE_NAME}" ]; then
|
||||
#if /boot is not a separate partition BOOT_IMAGE might start with /boot
|
||||
BOOT_IMAGE_PATH=${BOOT_IMAGE_PATH#"/boot"}
|
||||
#on some achitectures BOOT_IMAGE does not contain path to kernel
|
||||
|
33
SOURCES/0028.patch
Normal file
33
SOURCES/0028.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From b4ef00aebea4e201be493b4a9520de71b188f42d Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Lebon <jonathan@jlebon.com>
|
||||
Date: Tue, 29 Oct 2019 16:47:34 -0400
|
||||
Subject: [PATCH] 01fips: run sha512hmac from directory HMAC file directory
|
||||
|
||||
That way, the HMAC file can contain a relative path instead of an
|
||||
absolute one. The issue is that right now the kernel RPM bakes the
|
||||
`/boot/vmlinuz-${kver}` path into the HMAC file which poses an issue for
|
||||
rpm-ostree systems (and any other system where the kernel isn't simply
|
||||
in the top-level `/boot`.
|
||||
|
||||
For now, we're hacking around this in rpm-ostree:
|
||||
https://github.com/coreos/rpm-ostree/pull/1934
|
||||
|
||||
Though I'd like to propose the same change in the kernel spec file.
|
||||
---
|
||||
modules.d/01fips/fips.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
|
||||
index c3dbcf74..893143d0 100755
|
||||
--- a/modules.d/01fips/fips.sh
|
||||
+++ b/modules.d/01fips/fips.sh
|
||||
@@ -135,7 +135,7 @@ do_fips()
|
||||
return 1
|
||||
fi
|
||||
|
||||
- sha512hmac -c "${BOOT_IMAGE_HMAC}" || return 1
|
||||
+ (cd "${BOOT_IMAGE_HMAC%/*}" && sha512hmac -c "${BOOT_IMAGE_HMAC}") || return 1
|
||||
fi
|
||||
|
||||
info "All initrd crypto checks done"
|
||||
|
26
SOURCES/0029.patch
Normal file
26
SOURCES/0029.patch
Normal file
@ -0,0 +1,26 @@
|
||||
From d07e4025e05de0461444c196102020919cdb5c2d Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Lebon <jonathan@jlebon.com>
|
||||
Date: Tue, 29 Oct 2019 16:53:00 -0400
|
||||
Subject: [PATCH] 01fips: add / in BOOT_IMAGE_HMAC filename for clarity
|
||||
|
||||
It's already the case the `BOOT_IMAGE_PATH` today, in the non-empty
|
||||
case, includes a trailing `/`, but let's add it to the path we build
|
||||
here too to make it more obvious.
|
||||
---
|
||||
modules.d/01fips/fips.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
|
||||
index 893143d0..de2755b0 100755
|
||||
--- a/modules.d/01fips/fips.sh
|
||||
+++ b/modules.d/01fips/fips.sh
|
||||
@@ -129,7 +129,7 @@ do_fips()
|
||||
fi
|
||||
fi
|
||||
|
||||
- BOOT_IMAGE_HMAC="/boot/${BOOT_IMAGE_PATH}.${BOOT_IMAGE_NAME}.hmac"
|
||||
+ BOOT_IMAGE_HMAC="/boot/${BOOT_IMAGE_PATH}/.${BOOT_IMAGE_NAME}.hmac"
|
||||
if ! [ -e "${BOOT_IMAGE_HMAC}" ]; then
|
||||
warn "${BOOT_IMAGE_HMAC} does not exist"
|
||||
return 1
|
||||
|
33
SOURCES/0030.patch
Normal file
33
SOURCES/0030.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From f3acdc517f1494301a9d8c4352a50a92bc3dbbf1 Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Lebon <jonathan@jlebon.com>
|
||||
Date: Tue, 29 Oct 2019 16:54:10 -0400
|
||||
Subject: [PATCH] 01fips: trim off GRUB boot device from BOOT_IMAGE
|
||||
|
||||
E.g. in RHCOS, the `BOOT_IMAGE` from the cmdline is:
|
||||
|
||||
(hd0,gpt1)/ostree/rhcos-e493371e5ee8407889029ec979955a2b86fd7e3cae5a0591b9db1cd248d966e8/vmlinuz-4.18.0-146.el8.x86_64
|
||||
|
||||
Which of course is a GRUB thing, not an actual pathname we'll be able to
|
||||
resolve. In fact, we can simply scrap it off from the variable. Our code
|
||||
is already able to handle both cases: whether the device refers to a
|
||||
separate boot partition, or just the root filesystem with a regular
|
||||
`/boot` directory.
|
||||
---
|
||||
modules.d/01fips/fips.sh | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
|
||||
index de2755b0..559952ca 100755
|
||||
--- a/modules.d/01fips/fips.sh
|
||||
+++ b/modules.d/01fips/fips.sh
|
||||
@@ -113,6 +113,10 @@ do_fips()
|
||||
do_rhevh_check /run/initramfs/live/isolinux/vmlinuz0 || return 1
|
||||
else
|
||||
BOOT_IMAGE="$(getarg BOOT_IMAGE)"
|
||||
+
|
||||
+ # Trim off any leading GRUB boot device (e.g. ($root) )
|
||||
+ BOOT_IMAGE="$(echo "${BOOT_IMAGE}" | sed 's/^(.*)//')"
|
||||
+
|
||||
BOOT_IMAGE_NAME="${BOOT_IMAGE##*/}"
|
||||
BOOT_IMAGE_PATH="${BOOT_IMAGE%${BOOT_IMAGE_NAME}}"
|
||||
|
502
SOURCES/lgpl-2.1.txt
Normal file
502
SOURCES/lgpl-2.1.txt
Normal file
@ -0,0 +1,502 @@
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
Version 2.1, February 1999
|
||||
|
||||
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
|
||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
[This is the first released version of the Lesser GPL. It also counts
|
||||
as the successor of the GNU Library Public License, version 2, hence
|
||||
the version number 2.1.]
|
||||
|
||||
Preamble
|
||||
|
||||
The licenses for most software are designed to take away your
|
||||
freedom to share and change it. By contrast, the GNU General Public
|
||||
Licenses are intended to guarantee your freedom to share and change
|
||||
free software--to make sure the software is free for all its users.
|
||||
|
||||
This license, the Lesser General Public License, applies to some
|
||||
specially designated software packages--typically libraries--of the
|
||||
Free Software Foundation and other authors who decide to use it. You
|
||||
can use it too, but we suggest you first think carefully about whether
|
||||
this license or the ordinary General Public License is the better
|
||||
strategy to use in any particular case, based on the explanations below.
|
||||
|
||||
When we speak of free software, we are referring to freedom of use,
|
||||
not price. Our General Public Licenses are designed to make sure that
|
||||
you have the freedom to distribute copies of free software (and charge
|
||||
for this service if you wish); that you receive source code or can get
|
||||
it if you want it; that you can change the software and use pieces of
|
||||
it in new free programs; and that you are informed that you can do
|
||||
these things.
|
||||
|
||||
To protect your rights, we need to make restrictions that forbid
|
||||
distributors to deny you these rights or to ask you to surrender these
|
||||
rights. These restrictions translate to certain responsibilities for
|
||||
you if you distribute copies of the library or if you modify it.
|
||||
|
||||
For example, if you distribute copies of the library, whether gratis
|
||||
or for a fee, you must give the recipients all the rights that we gave
|
||||
you. You must make sure that they, too, receive or can get the source
|
||||
code. If you link other code with the library, you must provide
|
||||
complete object files to the recipients, so that they can relink them
|
||||
with the library after making changes to the library and recompiling
|
||||
it. And you must show them these terms so they know their rights.
|
||||
|
||||
We protect your rights with a two-step method: (1) we copyright the
|
||||
library, and (2) we offer you this license, which gives you legal
|
||||
permission to copy, distribute and/or modify the library.
|
||||
|
||||
To protect each distributor, we want to make it very clear that
|
||||
there is no warranty for the free library. Also, if the library is
|
||||
modified by someone else and passed on, the recipients should know
|
||||
that what they have is not the original version, so that the original
|
||||
author's reputation will not be affected by problems that might be
|
||||
introduced by others.
|
||||
|
||||
Finally, software patents pose a constant threat to the existence of
|
||||
any free program. We wish to make sure that a company cannot
|
||||
effectively restrict the users of a free program by obtaining a
|
||||
restrictive license from a patent holder. Therefore, we insist that
|
||||
any patent license obtained for a version of the library must be
|
||||
consistent with the full freedom of use specified in this license.
|
||||
|
||||
Most GNU software, including some libraries, is covered by the
|
||||
ordinary GNU General Public License. This license, the GNU Lesser
|
||||
General Public License, applies to certain designated libraries, and
|
||||
is quite different from the ordinary General Public License. We use
|
||||
this license for certain libraries in order to permit linking those
|
||||
libraries into non-free programs.
|
||||
|
||||
When a program is linked with a library, whether statically or using
|
||||
a shared library, the combination of the two is legally speaking a
|
||||
combined work, a derivative of the original library. The ordinary
|
||||
General Public License therefore permits such linking only if the
|
||||
entire combination fits its criteria of freedom. The Lesser General
|
||||
Public License permits more lax criteria for linking other code with
|
||||
the library.
|
||||
|
||||
We call this license the "Lesser" General Public License because it
|
||||
does Less to protect the user's freedom than the ordinary General
|
||||
Public License. It also provides other free software developers Less
|
||||
of an advantage over competing non-free programs. These disadvantages
|
||||
are the reason we use the ordinary General Public License for many
|
||||
libraries. However, the Lesser license provides advantages in certain
|
||||
special circumstances.
|
||||
|
||||
For example, on rare occasions, there may be a special need to
|
||||
encourage the widest possible use of a certain library, so that it becomes
|
||||
a de-facto standard. To achieve this, non-free programs must be
|
||||
allowed to use the library. A more frequent case is that a free
|
||||
library does the same job as widely used non-free libraries. In this
|
||||
case, there is little to gain by limiting the free library to free
|
||||
software only, so we use the Lesser General Public License.
|
||||
|
||||
In other cases, permission to use a particular library in non-free
|
||||
programs enables a greater number of people to use a large body of
|
||||
free software. For example, permission to use the GNU C Library in
|
||||
non-free programs enables many more people to use the whole GNU
|
||||
operating system, as well as its variant, the GNU/Linux operating
|
||||
system.
|
||||
|
||||
Although the Lesser General Public License is Less protective of the
|
||||
users' freedom, it does ensure that the user of a program that is
|
||||
linked with the Library has the freedom and the wherewithal to run
|
||||
that program using a modified version of the Library.
|
||||
|
||||
The precise terms and conditions for copying, distribution and
|
||||
modification follow. Pay close attention to the difference between a
|
||||
"work based on the library" and a "work that uses the library". The
|
||||
former contains code derived from the library, whereas the latter must
|
||||
be combined with the library in order to run.
|
||||
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||
|
||||
0. This License Agreement applies to any software library or other
|
||||
program which contains a notice placed by the copyright holder or
|
||||
other authorized party saying it may be distributed under the terms of
|
||||
this Lesser General Public License (also called "this License").
|
||||
Each licensee is addressed as "you".
|
||||
|
||||
A "library" means a collection of software functions and/or data
|
||||
prepared so as to be conveniently linked with application programs
|
||||
(which use some of those functions and data) to form executables.
|
||||
|
||||
The "Library", below, refers to any such software library or work
|
||||
which has been distributed under these terms. A "work based on the
|
||||
Library" means either the Library or any derivative work under
|
||||
copyright law: that is to say, a work containing the Library or a
|
||||
portion of it, either verbatim or with modifications and/or translated
|
||||
straightforwardly into another language. (Hereinafter, translation is
|
||||
included without limitation in the term "modification".)
|
||||
|
||||
"Source code" for a work means the preferred form of the work for
|
||||
making modifications to it. For a library, complete source code means
|
||||
all the source code for all modules it contains, plus any associated
|
||||
interface definition files, plus the scripts used to control compilation
|
||||
and installation of the library.
|
||||
|
||||
Activities other than copying, distribution and modification are not
|
||||
covered by this License; they are outside its scope. The act of
|
||||
running a program using the Library is not restricted, and output from
|
||||
such a program is covered only if its contents constitute a work based
|
||||
on the Library (independent of the use of the Library in a tool for
|
||||
writing it). Whether that is true depends on what the Library does
|
||||
and what the program that uses the Library does.
|
||||
|
||||
1. You may copy and distribute verbatim copies of the Library's
|
||||
complete source code as you receive it, in any medium, provided that
|
||||
you conspicuously and appropriately publish on each copy an
|
||||
appropriate copyright notice and disclaimer of warranty; keep intact
|
||||
all the notices that refer to this License and to the absence of any
|
||||
warranty; and distribute a copy of this License along with the
|
||||
Library.
|
||||
|
||||
You may charge a fee for the physical act of transferring a copy,
|
||||
and you may at your option offer warranty protection in exchange for a
|
||||
fee.
|
||||
|
||||
2. You may modify your copy or copies of the Library or any portion
|
||||
of it, thus forming a work based on the Library, and copy and
|
||||
distribute such modifications or work under the terms of Section 1
|
||||
above, provided that you also meet all of these conditions:
|
||||
|
||||
a) The modified work must itself be a software library.
|
||||
|
||||
b) You must cause the files modified to carry prominent notices
|
||||
stating that you changed the files and the date of any change.
|
||||
|
||||
c) You must cause the whole of the work to be licensed at no
|
||||
charge to all third parties under the terms of this License.
|
||||
|
||||
d) If a facility in the modified Library refers to a function or a
|
||||
table of data to be supplied by an application program that uses
|
||||
the facility, other than as an argument passed when the facility
|
||||
is invoked, then you must make a good faith effort to ensure that,
|
||||
in the event an application does not supply such function or
|
||||
table, the facility still operates, and performs whatever part of
|
||||
its purpose remains meaningful.
|
||||
|
||||
(For example, a function in a library to compute square roots has
|
||||
a purpose that is entirely well-defined independent of the
|
||||
application. Therefore, Subsection 2d requires that any
|
||||
application-supplied function or table used by this function must
|
||||
be optional: if the application does not supply it, the square
|
||||
root function must still compute square roots.)
|
||||
|
||||
These requirements apply to the modified work as a whole. If
|
||||
identifiable sections of that work are not derived from the Library,
|
||||
and can be reasonably considered independent and separate works in
|
||||
themselves, then this License, and its terms, do not apply to those
|
||||
sections when you distribute them as separate works. But when you
|
||||
distribute the same sections as part of a whole which is a work based
|
||||
on the Library, the distribution of the whole must be on the terms of
|
||||
this License, whose permissions for other licensees extend to the
|
||||
entire whole, and thus to each and every part regardless of who wrote
|
||||
it.
|
||||
|
||||
Thus, it is not the intent of this section to claim rights or contest
|
||||
your rights to work written entirely by you; rather, the intent is to
|
||||
exercise the right to control the distribution of derivative or
|
||||
collective works based on the Library.
|
||||
|
||||
In addition, mere aggregation of another work not based on the Library
|
||||
with the Library (or with a work based on the Library) on a volume of
|
||||
a storage or distribution medium does not bring the other work under
|
||||
the scope of this License.
|
||||
|
||||
3. You may opt to apply the terms of the ordinary GNU General Public
|
||||
License instead of this License to a given copy of the Library. To do
|
||||
this, you must alter all the notices that refer to this License, so
|
||||
that they refer to the ordinary GNU General Public License, version 2,
|
||||
instead of to this License. (If a newer version than version 2 of the
|
||||
ordinary GNU General Public License has appeared, then you can specify
|
||||
that version instead if you wish.) Do not make any other change in
|
||||
these notices.
|
||||
|
||||
Once this change is made in a given copy, it is irreversible for
|
||||
that copy, so the ordinary GNU General Public License applies to all
|
||||
subsequent copies and derivative works made from that copy.
|
||||
|
||||
This option is useful when you wish to copy part of the code of
|
||||
the Library into a program that is not a library.
|
||||
|
||||
4. You may copy and distribute the Library (or a portion or
|
||||
derivative of it, under Section 2) in object code or executable form
|
||||
under the terms of Sections 1 and 2 above provided that you accompany
|
||||
it with the complete corresponding machine-readable source code, which
|
||||
must be distributed under the terms of Sections 1 and 2 above on a
|
||||
medium customarily used for software interchange.
|
||||
|
||||
If distribution of object code is made by offering access to copy
|
||||
from a designated place, then offering equivalent access to copy the
|
||||
source code from the same place satisfies the requirement to
|
||||
distribute the source code, even though third parties are not
|
||||
compelled to copy the source along with the object code.
|
||||
|
||||
5. A program that contains no derivative of any portion of the
|
||||
Library, but is designed to work with the Library by being compiled or
|
||||
linked with it, is called a "work that uses the Library". Such a
|
||||
work, in isolation, is not a derivative work of the Library, and
|
||||
therefore falls outside the scope of this License.
|
||||
|
||||
However, linking a "work that uses the Library" with the Library
|
||||
creates an executable that is a derivative of the Library (because it
|
||||
contains portions of the Library), rather than a "work that uses the
|
||||
library". The executable is therefore covered by this License.
|
||||
Section 6 states terms for distribution of such executables.
|
||||
|
||||
When a "work that uses the Library" uses material from a header file
|
||||
that is part of the Library, the object code for the work may be a
|
||||
derivative work of the Library even though the source code is not.
|
||||
Whether this is true is especially significant if the work can be
|
||||
linked without the Library, or if the work is itself a library. The
|
||||
threshold for this to be true is not precisely defined by law.
|
||||
|
||||
If such an object file uses only numerical parameters, data
|
||||
structure layouts and accessors, and small macros and small inline
|
||||
functions (ten lines or less in length), then the use of the object
|
||||
file is unrestricted, regardless of whether it is legally a derivative
|
||||
work. (Executables containing this object code plus portions of the
|
||||
Library will still fall under Section 6.)
|
||||
|
||||
Otherwise, if the work is a derivative of the Library, you may
|
||||
distribute the object code for the work under the terms of Section 6.
|
||||
Any executables containing that work also fall under Section 6,
|
||||
whether or not they are linked directly with the Library itself.
|
||||
|
||||
6. As an exception to the Sections above, you may also combine or
|
||||
link a "work that uses the Library" with the Library to produce a
|
||||
work containing portions of the Library, and distribute that work
|
||||
under terms of your choice, provided that the terms permit
|
||||
modification of the work for the customer's own use and reverse
|
||||
engineering for debugging such modifications.
|
||||
|
||||
You must give prominent notice with each copy of the work that the
|
||||
Library is used in it and that the Library and its use are covered by
|
||||
this License. You must supply a copy of this License. If the work
|
||||
during execution displays copyright notices, you must include the
|
||||
copyright notice for the Library among them, as well as a reference
|
||||
directing the user to the copy of this License. Also, you must do one
|
||||
of these things:
|
||||
|
||||
a) Accompany the work with the complete corresponding
|
||||
machine-readable source code for the Library including whatever
|
||||
changes were used in the work (which must be distributed under
|
||||
Sections 1 and 2 above); and, if the work is an executable linked
|
||||
with the Library, with the complete machine-readable "work that
|
||||
uses the Library", as object code and/or source code, so that the
|
||||
user can modify the Library and then relink to produce a modified
|
||||
executable containing the modified Library. (It is understood
|
||||
that the user who changes the contents of definitions files in the
|
||||
Library will not necessarily be able to recompile the application
|
||||
to use the modified definitions.)
|
||||
|
||||
b) Use a suitable shared library mechanism for linking with the
|
||||
Library. A suitable mechanism is one that (1) uses at run time a
|
||||
copy of the library already present on the user's computer system,
|
||||
rather than copying library functions into the executable, and (2)
|
||||
will operate properly with a modified version of the library, if
|
||||
the user installs one, as long as the modified version is
|
||||
interface-compatible with the version that the work was made with.
|
||||
|
||||
c) Accompany the work with a written offer, valid for at
|
||||
least three years, to give the same user the materials
|
||||
specified in Subsection 6a, above, for a charge no more
|
||||
than the cost of performing this distribution.
|
||||
|
||||
d) If distribution of the work is made by offering access to copy
|
||||
from a designated place, offer equivalent access to copy the above
|
||||
specified materials from the same place.
|
||||
|
||||
e) Verify that the user has already received a copy of these
|
||||
materials or that you have already sent this user a copy.
|
||||
|
||||
For an executable, the required form of the "work that uses the
|
||||
Library" must include any data and utility programs needed for
|
||||
reproducing the executable from it. However, as a special exception,
|
||||
the materials to be distributed need not include anything that is
|
||||
normally distributed (in either source or binary form) with the major
|
||||
components (compiler, kernel, and so on) of the operating system on
|
||||
which the executable runs, unless that component itself accompanies
|
||||
the executable.
|
||||
|
||||
It may happen that this requirement contradicts the license
|
||||
restrictions of other proprietary libraries that do not normally
|
||||
accompany the operating system. Such a contradiction means you cannot
|
||||
use both them and the Library together in an executable that you
|
||||
distribute.
|
||||
|
||||
7. You may place library facilities that are a work based on the
|
||||
Library side-by-side in a single library together with other library
|
||||
facilities not covered by this License, and distribute such a combined
|
||||
library, provided that the separate distribution of the work based on
|
||||
the Library and of the other library facilities is otherwise
|
||||
permitted, and provided that you do these two things:
|
||||
|
||||
a) Accompany the combined library with a copy of the same work
|
||||
based on the Library, uncombined with any other library
|
||||
facilities. This must be distributed under the terms of the
|
||||
Sections above.
|
||||
|
||||
b) Give prominent notice with the combined library of the fact
|
||||
that part of it is a work based on the Library, and explaining
|
||||
where to find the accompanying uncombined form of the same work.
|
||||
|
||||
8. You may not copy, modify, sublicense, link with, or distribute
|
||||
the Library except as expressly provided under this License. Any
|
||||
attempt otherwise to copy, modify, sublicense, link with, or
|
||||
distribute the Library is void, and will automatically terminate your
|
||||
rights under this License. However, parties who have received copies,
|
||||
or rights, from you under this License will not have their licenses
|
||||
terminated so long as such parties remain in full compliance.
|
||||
|
||||
9. You are not required to accept this License, since you have not
|
||||
signed it. However, nothing else grants you permission to modify or
|
||||
distribute the Library or its derivative works. These actions are
|
||||
prohibited by law if you do not accept this License. Therefore, by
|
||||
modifying or distributing the Library (or any work based on the
|
||||
Library), you indicate your acceptance of this License to do so, and
|
||||
all its terms and conditions for copying, distributing or modifying
|
||||
the Library or works based on it.
|
||||
|
||||
10. Each time you redistribute the Library (or any work based on the
|
||||
Library), the recipient automatically receives a license from the
|
||||
original licensor to copy, distribute, link with or modify the Library
|
||||
subject to these terms and conditions. You may not impose any further
|
||||
restrictions on the recipients' exercise of the rights granted herein.
|
||||
You are not responsible for enforcing compliance by third parties with
|
||||
this License.
|
||||
|
||||
11. If, as a consequence of a court judgment or allegation of patent
|
||||
infringement or for any other reason (not limited to patent issues),
|
||||
conditions are imposed on you (whether by court order, agreement or
|
||||
otherwise) that contradict the conditions of this License, they do not
|
||||
excuse you from the conditions of this License. If you cannot
|
||||
distribute so as to satisfy simultaneously your obligations under this
|
||||
License and any other pertinent obligations, then as a consequence you
|
||||
may not distribute the Library at all. For example, if a patent
|
||||
license would not permit royalty-free redistribution of the Library by
|
||||
all those who receive copies directly or indirectly through you, then
|
||||
the only way you could satisfy both it and this License would be to
|
||||
refrain entirely from distribution of the Library.
|
||||
|
||||
If any portion of this section is held invalid or unenforceable under any
|
||||
particular circumstance, the balance of the section is intended to apply,
|
||||
and the section as a whole is intended to apply in other circumstances.
|
||||
|
||||
It is not the purpose of this section to induce you to infringe any
|
||||
patents or other property right claims or to contest validity of any
|
||||
such claims; this section has the sole purpose of protecting the
|
||||
integrity of the free software distribution system which is
|
||||
implemented by public license practices. Many people have made
|
||||
generous contributions to the wide range of software distributed
|
||||
through that system in reliance on consistent application of that
|
||||
system; it is up to the author/donor to decide if he or she is willing
|
||||
to distribute software through any other system and a licensee cannot
|
||||
impose that choice.
|
||||
|
||||
This section is intended to make thoroughly clear what is believed to
|
||||
be a consequence of the rest of this License.
|
||||
|
||||
12. If the distribution and/or use of the Library is restricted in
|
||||
certain countries either by patents or by copyrighted interfaces, the
|
||||
original copyright holder who places the Library under this License may add
|
||||
an explicit geographical distribution limitation excluding those countries,
|
||||
so that distribution is permitted only in or among countries not thus
|
||||
excluded. In such case, this License incorporates the limitation as if
|
||||
written in the body of this License.
|
||||
|
||||
13. The Free Software Foundation may publish revised and/or new
|
||||
versions of the Lesser General Public License from time to time.
|
||||
Such new versions will be similar in spirit to the present version,
|
||||
but may differ in detail to address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the Library
|
||||
specifies a version number of this License which applies to it and
|
||||
"any later version", you have the option of following the terms and
|
||||
conditions either of that version or of any later version published by
|
||||
the Free Software Foundation. If the Library does not specify a
|
||||
license version number, you may choose any version ever published by
|
||||
the Free Software Foundation.
|
||||
|
||||
14. If you wish to incorporate parts of the Library into other free
|
||||
programs whose distribution conditions are incompatible with these,
|
||||
write to the author to ask for permission. For software which is
|
||||
copyrighted by the Free Software Foundation, write to the Free
|
||||
Software Foundation; we sometimes make exceptions for this. Our
|
||||
decision will be guided by the two goals of preserving the free status
|
||||
of all derivatives of our free software and of promoting the sharing
|
||||
and reuse of software generally.
|
||||
|
||||
NO WARRANTY
|
||||
|
||||
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
|
||||
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
|
||||
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
|
||||
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
|
||||
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
|
||||
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
|
||||
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
||||
|
||||
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
|
||||
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
|
||||
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
|
||||
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
|
||||
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
|
||||
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
|
||||
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
|
||||
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
|
||||
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
|
||||
DAMAGES.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
How to Apply These Terms to Your New Libraries
|
||||
|
||||
If you develop a new library, and you want it to be of the greatest
|
||||
possible use to the public, we recommend making it free software that
|
||||
everyone can redistribute and change. You can do so by permitting
|
||||
redistribution under these terms (or, alternatively, under the terms of the
|
||||
ordinary General Public License).
|
||||
|
||||
To apply these terms, attach the following notices to the library. It is
|
||||
safest to attach them to the start of each source file to most effectively
|
||||
convey the exclusion of warranty; and each file should have at least the
|
||||
"copyright" line and a pointer to where the full notice is found.
|
||||
|
||||
<one line to give the library's name and a brief idea of what it does.>
|
||||
Copyright (C) <year> <name of author>
|
||||
|
||||
This library is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU Lesser General Public
|
||||
License as published by the Free Software Foundation; either
|
||||
version 2.1 of the License, or (at your option) any later version.
|
||||
|
||||
This library is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public
|
||||
License along with this library; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
|
||||
Also add information on how to contact you by electronic and paper mail.
|
||||
|
||||
You should also get your employer (if you work as a programmer) or your
|
||||
school, if any, to sign a "copyright disclaimer" for the library, if
|
||||
necessary. Here is a sample; alter the names:
|
||||
|
||||
Yoyodyne, Inc., hereby disclaims all copyright interest in the
|
||||
library `Frob' (a library for tweaking knobs) written by James Random Hacker.
|
||||
|
||||
<signature of Ty Coon>, 1 April 1990
|
||||
Ty Coon, President of Vice
|
||||
|
||||
That's all there is to it!
|
1909
SPECS/dracut.spec
Normal file
1909
SPECS/dracut.spec
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user