import dracut-049-201.git20220131.el8
This commit is contained in:
parent
effa8aa0f4
commit
6e01645ab4
@ -56,3 +56,4 @@ index baf6dcff..4962316d 100644
|
||||
if (dracut_install(clib, clib, false, false, true) == 0)
|
||||
log_debug("Lib install: '%s'", clib);
|
||||
/* also install lib.so for lib.so.* files */
|
||||
|
||||
|
243
SOURCES/0191.patch
Normal file
243
SOURCES/0191.patch
Normal file
@ -0,0 +1,243 @@
|
||||
From e2c7b61f97465b26c598d655c8717403c0a73726 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Sat, 13 Nov 2021 16:35:23 +0100
|
||||
Subject: [PATCH] ci: introduce C8S based GHA CI
|
||||
|
||||
Loosely based on the upstream dracut CI to make things simpler.
|
||||
|
||||
rhel-only
|
||||
---
|
||||
.github/workflows/container.yml | 52 +++++++++++++++++++++++++++++
|
||||
.github/workflows/integration.yml | 48 +++++++++++++++++++++++++++
|
||||
test/container/Dockerfile-CentOS-8-Stream | 54 +++++++++++++++++++++++++++++++
|
||||
tools/test-github.sh | 49 ++++++++++++++++++++++++++++
|
||||
4 files changed, 203 insertions(+)
|
||||
|
||||
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
|
||||
new file mode 100644
|
||||
index 00000000..0a4c000f
|
||||
--- /dev/null
|
||||
+++ b/.github/workflows/container.yml
|
||||
@@ -0,0 +1,52 @@
|
||||
+name: Container
|
||||
+on:
|
||||
+ schedule:
|
||||
+ - cron: '30 11 * * *'
|
||||
+ push:
|
||||
+ branches: [ main ]
|
||||
+ paths:
|
||||
+ - 'test/container/**'
|
||||
+ - '.github/workflows/container.yml'
|
||||
+ pull_request:
|
||||
+ branches: [ main ]
|
||||
+ paths:
|
||||
+ - 'test/container/**'
|
||||
+ - '.github/workflows/container.yml'
|
||||
+
|
||||
+permissions:
|
||||
+ packages: write
|
||||
+ contents: read
|
||||
+
|
||||
+jobs:
|
||||
+ push_to_registry:
|
||||
+ name: Build and push containers image to GitHub Packages
|
||||
+ runs-on: ubuntu-latest
|
||||
+ concurrency:
|
||||
+ group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.config.dockerfile }}
|
||||
+ cancel-in-progress: true
|
||||
+ strategy:
|
||||
+ fail-fast: false
|
||||
+ matrix:
|
||||
+ config:
|
||||
+ # Use a prefixed image name to not conflict with the "centos"
|
||||
+ # image from redhat-plumbers/dracut-rhel9
|
||||
+ - { dockerfile: 'Dockerfile-CentOS-8-Stream', tag: 'rhel8_centos:stream8' }
|
||||
+ steps:
|
||||
+ - name: Check out the repo
|
||||
+ uses: actions/checkout@v2
|
||||
+ - name: Set up Docker Buildx
|
||||
+ uses: docker/setup-buildx-action@v1
|
||||
+# with:
|
||||
+# buildkitd-flags: --debug
|
||||
+ - name: Login to GitHub Container Registry
|
||||
+ uses: docker/login-action@v1
|
||||
+ with:
|
||||
+ registry: ghcr.io
|
||||
+ username: ${{ github.repository_owner }}
|
||||
+ password: ${{ secrets.GITHUB_TOKEN }}
|
||||
+ - name: Build and Push Container
|
||||
+ uses: docker/build-push-action@v2
|
||||
+ with:
|
||||
+ file: test/container/${{ matrix.config.dockerfile }}
|
||||
+ tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.config.tag }}
|
||||
+ push: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
|
||||
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
|
||||
new file mode 100644
|
||||
index 00000000..80a856a2
|
||||
--- /dev/null
|
||||
+++ b/.github/workflows/integration.yml
|
||||
@@ -0,0 +1,48 @@
|
||||
+name: Integration Test
|
||||
+
|
||||
+on:
|
||||
+ pull_request:
|
||||
+ branches: [ main ]
|
||||
+
|
||||
+jobs:
|
||||
+ centos-8-stream:
|
||||
+ runs-on: ubuntu-latest
|
||||
+ timeout-minutes: 45
|
||||
+ concurrency:
|
||||
+ group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }}
|
||||
+ cancel-in-progress: true
|
||||
+ strategy:
|
||||
+ matrix:
|
||||
+ container: [
|
||||
+ "rhel8_centos:stream8",
|
||||
+ ]
|
||||
+ # Disabled tests (due to dropped packages in RHEL/CentOS):
|
||||
+ # 03, 04, 15: requires btrfs
|
||||
+ # 14: requires dmraid
|
||||
+ # 30, 31, 35, 36: requires scsi-target-utils
|
||||
+ test: [
|
||||
+ "01",
|
||||
+ "02",
|
||||
+ "10",
|
||||
+ "11",
|
||||
+ "12",
|
||||
+ "13",
|
||||
+ "17",
|
||||
+ "20",
|
||||
+ #"21", needs backport (NFS + NM)
|
||||
+ "40",
|
||||
+ #"41", needws backport (NBD + NM)
|
||||
+ "98",
|
||||
+ ]
|
||||
+ fail-fast: false
|
||||
+ container:
|
||||
+ image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}
|
||||
+ options: "--privileged -v /dev:/dev"
|
||||
+ steps:
|
||||
+ - name: "Checkout Repository"
|
||||
+ uses: actions/checkout@v2
|
||||
+ with:
|
||||
+ fetch-depth: 0
|
||||
+
|
||||
+ - name: "${{ matrix.container }} TEST-${{ matrix.test }}"
|
||||
+ run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }}
|
||||
diff --git a/test/container/Dockerfile-CentOS-8-Stream b/test/container/Dockerfile-CentOS-8-Stream
|
||||
new file mode 100644
|
||||
index 00000000..0eda4a7e
|
||||
--- /dev/null
|
||||
+++ b/test/container/Dockerfile-CentOS-8-Stream
|
||||
@@ -0,0 +1,54 @@
|
||||
+FROM quay.io/centos/centos:stream8
|
||||
+
|
||||
+MAINTAINER https://github.com/dracutdevs/dracut
|
||||
+
|
||||
+ENV container docker
|
||||
+LABEL RUN="docker run -it --name NAME --privileged --ipc=host --net=host --pid=host -e NAME=NAME -e IMAGE=IMAGE IMAGE"
|
||||
+
|
||||
+RUN echo 'export DRACUT_NO_XATTR=1 KVERSION=$(cd /lib/modules; ls -1 | tail -1)' > /etc/profile.d/dracut-test.sh
|
||||
+
|
||||
+# Install needed packages for the dracut CI container
|
||||
+RUN dnf -y install epel-release && \
|
||||
+ dnf -y install --enablerepo powertools --enablerepo epel --setopt=install_weak_deps=False \
|
||||
+ qemu-kvm \
|
||||
+ NetworkManager \
|
||||
+ asciidoc \
|
||||
+ bash-completion \
|
||||
+ bzip2 \
|
||||
+ cryptsetup \
|
||||
+ dash \
|
||||
+ dbus-daemon \
|
||||
+ dhcp-client \
|
||||
+ dhcp-server \
|
||||
+ e2fsprogs \
|
||||
+ gcc \
|
||||
+ git \
|
||||
+ iproute \
|
||||
+ iputils \
|
||||
+ iscsi-initiator-utils \
|
||||
+ kbd \
|
||||
+ kernel \
|
||||
+ kmod-devel \
|
||||
+ lvm2 \
|
||||
+ make \
|
||||
+ mdadm \
|
||||
+ nfs-utils \
|
||||
+ pigz \
|
||||
+ python3-imgcreate \
|
||||
+ rpm-build \
|
||||
+ strace \
|
||||
+ sudo \
|
||||
+ tar \
|
||||
+ tcpdump \
|
||||
+ wget \
|
||||
+ which \
|
||||
+ xz \
|
||||
+ && dnf -y update && dnf clean all
|
||||
+
|
||||
+# CentOS 8 ships only qemu-kvm, but it disables the KVM accel when it's not
|
||||
+# available
|
||||
+RUN ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu-kvm && \
|
||||
+ ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu-system-$(uname -m)
|
||||
+
|
||||
+# Set default command
|
||||
+CMD ["/usr/bin/bash"]
|
||||
diff --git a/tools/test-github.sh b/tools/test-github.sh
|
||||
new file mode 100755
|
||||
index 00000000..eab59dcc
|
||||
--- /dev/null
|
||||
+++ b/tools/test-github.sh
|
||||
@@ -0,0 +1,49 @@
|
||||
+#!/bin/bash
|
||||
+
|
||||
+set -ex
|
||||
+
|
||||
+[[ -d ${0%/*} ]] && cd "${0%/*}"/../
|
||||
+
|
||||
+RUN_ID="$1"
|
||||
+TESTS=$2
|
||||
+
|
||||
+./configure
|
||||
+
|
||||
+NCPU=$(getconf _NPROCESSORS_ONLN)
|
||||
+
|
||||
+if ! [[ $TESTS ]]; then
|
||||
+ # GitHub workflows fetch a clone of the dracut repository which doesn't
|
||||
+ # contain git tags, thus "breaking" the RPM build in certain situations
|
||||
+ # i.e.:
|
||||
+ # DRACUT_MAIN_VERSION in Makefile is defined as an output of `git describe`,
|
||||
+ # which in full git clone returns a tag with a numeric version. However,
|
||||
+ # without tags it returns SHA of the last commit, which later propagates into
|
||||
+ # `Provides:` attribute of the built RPM and can break dependency tree when
|
||||
+ # installed
|
||||
+ [[ -d .git ]] && git fetch --tags && git describe --tags
|
||||
+ make -j "$NCPU" all syncheck rpm logtee
|
||||
+else
|
||||
+ if [[ $TESTS == "99" ]]; then
|
||||
+ [[ -d .git ]] && git fetch --tags && git describe --tags
|
||||
+ make_docs=yes
|
||||
+ else
|
||||
+ make_docs=no
|
||||
+ fi
|
||||
+
|
||||
+ make -j "$NCPU" enable_documentation=$make_docs all logtee
|
||||
+
|
||||
+ cd test
|
||||
+
|
||||
+ # shellcheck disable=SC2012
|
||||
+ time LOGTEE_TIMEOUT_MS=590000 make \
|
||||
+ enable_documentation=$make_docs \
|
||||
+ KVERSION="$(
|
||||
+ cd /lib/modules
|
||||
+ ls -1 | tail -1
|
||||
+ )" \
|
||||
+ DRACUT_NO_XATTR=1 \
|
||||
+ TEST_RUN_ID="$RUN_ID" \
|
||||
+ ${TESTS:+TESTS="$TESTS"} \
|
||||
+ -k V=1 \
|
||||
+ check
|
||||
+fi
|
||||
|
78
SOURCES/0192.patch
Normal file
78
SOURCES/0192.patch
Normal file
@ -0,0 +1,78 @@
|
||||
From 436135496469ec24be1fc6fbc03a39d2575c8686 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Sat, 13 Nov 2021 17:55:45 +0100
|
||||
Subject: [PATCH] ci: backport TEST-21-NFS-NM
|
||||
|
||||
Loosely cherry-picked from a3f73298f287e75810d6784efa52e80af15da2bd.
|
||||
|
||||
rhel-only
|
||||
---
|
||||
.github/workflows/integration.yml | 3 +--
|
||||
test/TEST-20-NFS/test.sh | 14 +++++++++++---
|
||||
test/TEST-21-NFS-NM/Makefile | 12 ++++++++++++
|
||||
3 files changed, 24 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
|
||||
index 80a856a2..9c7c8486 100644
|
||||
--- a/.github/workflows/integration.yml
|
||||
+++ b/.github/workflows/integration.yml
|
||||
@@ -29,9 +29,8 @@ jobs:
|
||||
"13",
|
||||
"17",
|
||||
"20",
|
||||
- #"21", needs backport (NFS + NM)
|
||||
+ "21",
|
||||
"40",
|
||||
- #"41", needws backport (NBD + NM)
|
||||
"98",
|
||||
]
|
||||
fail-fast: false
|
||||
diff --git a/test/TEST-20-NFS/test.sh b/test/TEST-20-NFS/test.sh
|
||||
index 4ad7fd77..320f9c3e 100755
|
||||
--- a/test/TEST-20-NFS/test.sh
|
||||
+++ b/test/TEST-20-NFS/test.sh
|
||||
@@ -1,5 +1,13 @@
|
||||
#!/bin/bash
|
||||
-TEST_DESCRIPTION="root filesystem on NFS"
|
||||
+if [[ $NM ]]; then
|
||||
+ USE_NETWORK="network-manager"
|
||||
+ OMIT_NETWORK="network-legacy"
|
||||
+else
|
||||
+ USE_NETWORK="network-legacy"
|
||||
+ OMIT_NETWORK="network-manager"
|
||||
+fi
|
||||
+
|
||||
+TEST_DESCRIPTION="root filesystem on NFS with $USE_NETWORK"
|
||||
|
||||
KVERSION=${KVERSION-$(uname -r)}
|
||||
|
||||
@@ -353,8 +361,8 @@ test_setup() {
|
||||
|
||||
# Make client's dracut image
|
||||
$basedir/dracut.sh -l -i $TESTDIR/overlay / \
|
||||
- -o "plymouth dash" \
|
||||
- -a "debug watchdog" \
|
||||
+ -o "plymouth dash ${OMIT_NETWORK}" \
|
||||
+ -a "debug watchdog ${USE_NETWORK}" \
|
||||
-d "af_packet piix ide-gd_mod ata_piix sd_mod e1000 nfs sunrpc i6300esb" \
|
||||
--no-hostonly-cmdline -N \
|
||||
-f $TESTDIR/initramfs.testing $KVERSION || return 1
|
||||
diff --git a/test/TEST-21-NFS-NM/Makefile b/test/TEST-21-NFS-NM/Makefile
|
||||
new file mode 100644
|
||||
index 00000000..b19122a1
|
||||
--- /dev/null
|
||||
+++ b/test/TEST-21-NFS-NM/Makefile
|
||||
@@ -0,0 +1,12 @@
|
||||
+.PHONY: all setup clean run
|
||||
+
|
||||
+BASETEST=../TEST-20-NFS
|
||||
+
|
||||
+all:
|
||||
+ @$(MAKE) NM=1 -s --no-print-directory -C $(BASETEST) all
|
||||
+setup:
|
||||
+ @$(MAKE) NM=1 -s --no-print-directory -C $(BASETEST) setup
|
||||
+clean:
|
||||
+ @$(MAKE) NM=1 -s --no-print-directory -C $(BASETEST) clean
|
||||
+run:
|
||||
+ @$(MAKE) NM=1 -s --no-print-directory -C $(BASETEST) run
|
||||
|
57
SOURCES/0193.patch
Normal file
57
SOURCES/0193.patch
Normal file
@ -0,0 +1,57 @@
|
||||
From fd907a1b2b1f087afa2eccfa1686043e4dbb5ff6 Mon Sep 17 00:00:00 2001
|
||||
From: q66 <daniel@octaforge.org>
|
||||
Date: Sat, 25 Jul 2020 17:28:16 +0200
|
||||
Subject: [PATCH] dracut.sh: fix early microcode detection logic
|
||||
|
||||
This fixes two issues:
|
||||
|
||||
1) on non-x86 systems in non-hostonly config this would cause
|
||||
an annoying warning on every initramfs generation
|
||||
2) on non-x86 systems in hostonly config this would result in
|
||||
early microcode not getting disabled
|
||||
|
||||
Resolves: rhbz#2022414
|
||||
---
|
||||
dracut.sh | 23 +++++++++++++++--------
|
||||
1 file changed, 15 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/dracut.sh b/dracut.sh
|
||||
index e559bb96..952c57c8 100755
|
||||
--- a/dracut.sh
|
||||
+++ b/dracut.sh
|
||||
@@ -1070,19 +1070,26 @@ fi
|
||||
|
||||
if [[ $early_microcode = yes ]]; then
|
||||
if [[ $hostonly ]]; then
|
||||
- [[ $(get_cpu_vendor) == "AMD" ]] \
|
||||
- && ! check_kernel_config CONFIG_MICROCODE_AMD \
|
||||
- && unset early_microcode
|
||||
- [[ $(get_cpu_vendor) == "Intel" ]] \
|
||||
- && ! check_kernel_config CONFIG_MICROCODE_INTEL \
|
||||
- && unset early_microcode
|
||||
+ if [[ $(get_cpu_vendor) == "AMD" ]]; then
|
||||
+ check_kernel_config CONFIG_MICROCODE_AMD || unset early_microcode
|
||||
+ elif [[ $(get_cpu_vendor) == "Intel" ]]; then
|
||||
+ check_kernel_config CONFIG_MICROCODE_INTEL || unset early_microcode
|
||||
+ else
|
||||
+ unset early_microcode
|
||||
+ fi
|
||||
else
|
||||
! check_kernel_config CONFIG_MICROCODE_AMD \
|
||||
&& ! check_kernel_config CONFIG_MICROCODE_INTEL \
|
||||
&& unset early_microcode
|
||||
fi
|
||||
- [[ $early_microcode != yes ]] \
|
||||
- && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y"
|
||||
+ # Do not complain on non-x86 architectures as it makes no sense
|
||||
+ case $(uname -m) in
|
||||
+ x86_64|i?86)
|
||||
+ [[ $early_microcode != yes ]] \
|
||||
+ && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y"
|
||||
+ ;;
|
||||
+ *) ;;
|
||||
+ esac
|
||||
fi
|
||||
|
||||
# Need to be able to have non-root users read stuff (rpcbind etc)
|
||||
|
24
SOURCES/0194.patch
Normal file
24
SOURCES/0194.patch
Normal file
@ -0,0 +1,24 @@
|
||||
From ccd2823f5b75273445c7de36ff306fd23163f955 Mon Sep 17 00:00:00 2001
|
||||
From: Masahiro Matsuya <mmatsuya@redhat.com>
|
||||
Date: Fri, 11 Jun 2021 10:40:04 +0900
|
||||
Subject: [PATCH] fix(url-lib): make pre-pivot hook separetely per nfs mount
|
||||
|
||||
Resolves: rhbz#1967802
|
||||
---
|
||||
modules.d/45url-lib/url-lib.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/45url-lib/url-lib.sh b/modules.d/45url-lib/url-lib.sh
|
||||
index 08c3ebb4..56d0d683 100755
|
||||
--- a/modules.d/45url-lib/url-lib.sh
|
||||
+++ b/modules.d/45url-lib/url-lib.sh
|
||||
@@ -143,7 +143,7 @@ nfs_fetch_url() {
|
||||
local mntdir="$(mkuniqdir /run nfs_mnt)"
|
||||
mount_nfs "$nfs:$server:$filepath${options:+:$options}" "$mntdir"
|
||||
# lazy unmount during pre-pivot hook
|
||||
- inst_hook --hook pre-pivot --name 99url-lib-umount-nfs umount -l -- "$mntdir"
|
||||
+ inst_hook --hook pre-pivot --name 99url-lib-umount-nfs-"$(basename "$mntdir")" umount -l -- "$mntdir"
|
||||
fi
|
||||
|
||||
if [ -z "$outloc" ]; then
|
||||
|
27
SOURCES/0195.patch
Normal file
27
SOURCES/0195.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From 8a4e5b5988d716259ad5b684dc2814d265007cb5 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Levine <plevine457@gmail.com>
|
||||
Date: Mon, 1 Feb 2021 22:17:06 -0500
|
||||
Subject: [PATCH] fix(watchdog): replace return with echo
|
||||
|
||||
(cherry picked from commit c35cbd2e561714207388af69820cee2743dbcbc3)
|
||||
|
||||
Resolves: #1890039
|
||||
---
|
||||
modules.d/04watchdog/module-setup.sh | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/04watchdog/module-setup.sh b/modules.d/04watchdog/module-setup.sh
|
||||
index 15bcd897..fdc62986 100755
|
||||
--- a/modules.d/04watchdog/module-setup.sh
|
||||
+++ b/modules.d/04watchdog/module-setup.sh
|
||||
@@ -7,7 +7,8 @@ check() {
|
||||
|
||||
# called by dracut
|
||||
depends() {
|
||||
- return "watchdog-modules"
|
||||
+ echo watchdog-modules
|
||||
+ return 0
|
||||
}
|
||||
|
||||
# called by dracut
|
||||
|
68
SOURCES/0196.patch
Normal file
68
SOURCES/0196.patch
Normal file
@ -0,0 +1,68 @@
|
||||
From c7b21c88d27aace097ce9bc1fc36f4b742858737 Mon Sep 17 00:00:00 2001
|
||||
From: Pavel Valena <pvalena@redhat.com>
|
||||
Date: Mon, 22 Nov 2021 16:40:39 +0100
|
||||
Subject: [PATCH] fix(network): add errors and warnings when network interface
|
||||
does not exist
|
||||
|
||||
End with error, or show a warning when nonexistent device is specified for network setup like
|
||||
`ip=10.12.8.12::10.12.255.254:255.255.0.0:xk12:eth0:off`.
|
||||
|
||||
I've added the error only for `write-ifcfg.sh`, as I think no such setup should be written.
|
||||
|
||||
Resolves: #1712424
|
||||
---
|
||||
modules.d/35network-legacy/ifup.sh | 6 +++++-
|
||||
modules.d/35network-legacy/parse-ip-opts.sh | 5 +++++
|
||||
modules.d/45ifcfg/write-ifcfg.sh | 5 +++++
|
||||
3 files changed, 15 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh
|
||||
index bd560379..0e9a6928 100755
|
||||
--- a/modules.d/35network-legacy/ifup.sh
|
||||
+++ b/modules.d/35network-legacy/ifup.sh
|
||||
@@ -413,7 +413,11 @@ for p in $(getargs ip=); do
|
||||
|
||||
# If this option isn't directed at our interface, skip it
|
||||
if [ -n "$dev" ]; then
|
||||
- [ "$dev" != "$netif" ] && continue
|
||||
+ if [ "$dev" != "$netif" ]; then
|
||||
+ [ ! -e "/sys/class/net/$dev" ] \
|
||||
+ && warn "Network interface '$dev' does not exist!"
|
||||
+ continue
|
||||
+ fi
|
||||
else
|
||||
iface_is_enslaved "$netif" && continue
|
||||
fi
|
||||
diff --git a/modules.d/35network-legacy/parse-ip-opts.sh b/modules.d/35network-legacy/parse-ip-opts.sh
|
||||
index 10a2d19b..eea0988c 100755
|
||||
--- a/modules.d/35network-legacy/parse-ip-opts.sh
|
||||
+++ b/modules.d/35network-legacy/parse-ip-opts.sh
|
||||
@@ -96,6 +96,11 @@ for p in $(getargs ip=); do
|
||||
fi
|
||||
# IFACES list for later use
|
||||
IFACES="$IFACES $dev"
|
||||
+
|
||||
+ # Interface should exist
|
||||
+ if [ ! -e "/sys/class/net/$dev" ]; then
|
||||
+ warn "Network interface '$dev' does not exist"
|
||||
+ fi
|
||||
fi
|
||||
|
||||
# Do we need to check for specific options?
|
||||
diff --git a/modules.d/45ifcfg/write-ifcfg.sh b/modules.d/45ifcfg/write-ifcfg.sh
|
||||
index abd111fc..7e767f15 100755
|
||||
--- a/modules.d/45ifcfg/write-ifcfg.sh
|
||||
+++ b/modules.d/45ifcfg/write-ifcfg.sh
|
||||
@@ -100,6 +100,11 @@ interface_bind() {
|
||||
local _netif="$1"
|
||||
local _macaddr="$2"
|
||||
|
||||
+ if [ ! -e "/sys/class/net/$_netif" ]; then
|
||||
+ derror "Cannot find network interface '$_netif'!"
|
||||
+ return 1
|
||||
+ fi
|
||||
+
|
||||
# see, if we can bind it to some hw parms
|
||||
if hw_bind "$_netif" "$_macaddr"; then
|
||||
# only print out DEVICE, if it's user assigned
|
||||
|
54
SOURCES/0197.patch
Normal file
54
SOURCES/0197.patch
Normal file
@ -0,0 +1,54 @@
|
||||
From 0a6125bf834c5a1808e4898f46093bc2ab2fed05 Mon Sep 17 00:00:00 2001
|
||||
From: Harald Hoyer <harald@redhat.com>
|
||||
Date: Wed, 23 Oct 2019 14:16:56 +0200
|
||||
Subject: [PATCH] dracut.sh: add check for invalid configuration files
|
||||
|
||||
Emit a warning about possible misconfigured configuration files, where
|
||||
the spaces around values are missing for +=""
|
||||
|
||||
Better report a possible source of problems. We can fix annoying false
|
||||
positives later.
|
||||
|
||||
(cherry picked from commit dfe2247a43d6a216d9af533825c9a103e3b056cd)
|
||||
|
||||
Resolves: #1946245
|
||||
---
|
||||
dracut.sh | 14 +++++++++++++-
|
||||
1 file changed, 13 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/dracut.sh b/dracut.sh
|
||||
index 952c57c8..702b2f78 100755
|
||||
--- a/dracut.sh
|
||||
+++ b/dracut.sh
|
||||
@@ -277,6 +277,14 @@ read_arg() {
|
||||
fi
|
||||
}
|
||||
|
||||
+check_conf_file()
|
||||
+{
|
||||
+ if grep -H -e '^[^#]*[+]=\("[^ ]\|.*[^ ]"\)' "$@"; then
|
||||
+ printf '\ndracut: WARNING: <key>+=" <values> ": <values> should have surrounding white spaces!\n' >&2
|
||||
+ printf 'dracut: WARNING: This will lead to unwanted side effects! Please fix the configuration file.\n\n' >&2
|
||||
+ fi
|
||||
+}
|
||||
+
|
||||
dropindirs_sort()
|
||||
{
|
||||
local suffix=$1; shift
|
||||
@@ -697,10 +705,14 @@ if [[ ! -d $confdir ]]; then
|
||||
fi
|
||||
|
||||
# source our config file
|
||||
-[[ -f $conffile ]] && . "$conffile"
|
||||
+if [[ -f $conffile ]]; then
|
||||
+ check_conf_file "$conffile"
|
||||
+ . "$conffile"
|
||||
+fi
|
||||
|
||||
# source our config dir
|
||||
for f in $(dropindirs_sort ".conf" "$confdir" "$dracutbasedir/dracut.conf.d"); do
|
||||
+ check_conf_file "$f"
|
||||
[[ -e $f ]] && . "$f"
|
||||
done
|
||||
|
||||
|
34
SOURCES/0198.patch
Normal file
34
SOURCES/0198.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From c99f396a5d456520b34c60f43c589ca39a301955 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Renaud=20M=C3=A9trich?= <rmetrich@redhat.com>
|
||||
Date: Wed, 14 Nov 2018 13:19:27 +0100
|
||||
Subject: [PATCH] fips: removed false-positive 'FATAL: Module xxx not found'
|
||||
error message when kernel provides a generic algo for module
|
||||
|
||||
Resolves: rhbz#1996019
|
||||
---
|
||||
modules.d/01fips/fips.sh | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
|
||||
index 03da6861..1d57a889 100755
|
||||
--- a/modules.d/01fips/fips.sh
|
||||
+++ b/modules.d/01fips/fips.sh
|
||||
@@ -77,7 +77,7 @@ fips_load_crypto()
|
||||
mv /etc/modprobe.d/fips.conf /etc/modprobe.d/fips.conf.bak
|
||||
for _module in $FIPSMODULES; do
|
||||
if [ "$_module" != "tcrypt" ]; then
|
||||
- if ! modprobe "${_module}"; then
|
||||
+ if ! modprobe "${_module}" 2>/tmp/fips.modprobe_err; then
|
||||
# check if kernel provides generic algo
|
||||
_found=0
|
||||
while read _k _s _v || [ -n "$_k" ]; do
|
||||
@@ -86,7 +86,7 @@ fips_load_crypto()
|
||||
_found=1
|
||||
break
|
||||
done </proc/crypto
|
||||
- [ "$_found" = "0" ] && return 1
|
||||
+ [ "$_found" = "0" ] && cat /tmp/fips.modprobe_err >&2 && return 1
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
37
SOURCES/0199.patch
Normal file
37
SOURCES/0199.patch
Normal file
@ -0,0 +1,37 @@
|
||||
From 876196e809f4ffac055737921cfe273d8399b6e4 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Renaud=20M=C3=A9trich?= <rmetrich@redhat.com>
|
||||
Date: Tue, 16 Nov 2021 11:15:52 +0100
|
||||
Subject: [PATCH] fix(shutdown): be robust against forced shutdown
|
||||
|
||||
When a forced shutdown is issued through sending a burst of Ctrl-Alt-Del
|
||||
keys, systemd sends SIGTERM to all processes. This ends up killing
|
||||
dracut-initramfs-restore as well, preventing the script from detecting
|
||||
that the unpack of the initramfs is incomplete, which later causes a
|
||||
crash to happen when "shutdown" tries to execute from the unpacked
|
||||
initramfs.
|
||||
|
||||
This fix makes sure dracut-initramfs-restore remains alive to detect
|
||||
the unpack failed (because cpio was killed by systemd too).
|
||||
|
||||
Resolves: rhbz#2023665
|
||||
---
|
||||
dracut-initramfs-restore.sh | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/dracut-initramfs-restore.sh b/dracut-initramfs-restore.sh
|
||||
index 74a952c4..708f98d7 100644
|
||||
--- a/dracut-initramfs-restore.sh
|
||||
+++ b/dracut-initramfs-restore.sh
|
||||
@@ -6,6 +6,11 @@ set -e
|
||||
[ -e /run/initramfs/bin/sh ] && exit 0
|
||||
[ -e /run/initramfs/.need_shutdown ] || exit 0
|
||||
|
||||
+# SIGTERM signal is received upon forced shutdown: ignore the signal
|
||||
+# We want to remain alive to be able to trap unpacking errors to avoid
|
||||
+# switching root to an incompletely unpacked initramfs
|
||||
+trap 'echo "Received SIGTERM signal, ignoring!" >&2' TERM
|
||||
+
|
||||
KERNEL_VERSION="$(uname -r)"
|
||||
|
||||
[[ $dracutbasedir ]] || dracutbasedir=/usr/lib/dracut
|
||||
|
84
SOURCES/0200.patch
Normal file
84
SOURCES/0200.patch
Normal file
@ -0,0 +1,84 @@
|
||||
From f5ffe8bc95ee989ef39b7c149d268b5988f952a0 Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Lebon <jonathan@jlebon.com>
|
||||
Date: Thu, 17 Jun 2021 10:47:33 -0400
|
||||
Subject: [PATCH] fix(fips): handle s390x OSTree systems
|
||||
|
||||
On s390x, the `BOOT_IMAGE` karg injected by the bootloader is not a path
|
||||
to the kernel image, but rather an integer describing the index of the
|
||||
menu entry selected. Because of the way the s390x bootloader works,
|
||||
there is no information retained about e.g. the path of the kernel that
|
||||
was loaded.
|
||||
|
||||
This causes issues for the FIPS code which assumes that `BOOT_IMAGE` is
|
||||
a path to the kernel image to derive the HMAC path. In non-OSTree
|
||||
systems, this ends up working anyway, because the kernel is located at
|
||||
the root of the boot partition. In OSTree systems, this is not the
|
||||
case. However, OSTree systems use BLS configs, and they are named in
|
||||
reverse order of precedence (i.e. menu ordering). So from the
|
||||
`BOOT_IMAGE` integer, we can figure out which BLS entry was selected.
|
||||
|
||||
Add some code to do just this on s390x. This isn't completely foolproof,
|
||||
because it presumes that (1) BLS configs were used to populate the
|
||||
bootloader (and that they were exactly in the same state they currently
|
||||
are when `zipl` was run), and (2) there are no other menu entries
|
||||
originating from outside the BLS configs. However, if these assumptions
|
||||
are wrong we would simply fail the boot, which is currently what is
|
||||
happening anyway.
|
||||
|
||||
See also:
|
||||
https://github.com/openshift/os/pull/546
|
||||
https://github.com/ibm-s390-linux/s390-tools/issues/78
|
||||
|
||||
Tested-by: Muhammad Adeel <muhammad.adeel@ibm.com>
|
||||
|
||||
Resolves: rhbz#2007586
|
||||
---
|
||||
modules.d/01fips/fips.sh | 21 +++++++++++++++++++++
|
||||
modules.d/01fips/module-setup.sh | 2 +-
|
||||
2 files changed, 22 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
|
||||
index 1d57a889..c57fd426 100755
|
||||
--- a/modules.d/01fips/fips.sh
|
||||
+++ b/modules.d/01fips/fips.sh
|
||||
@@ -114,6 +114,27 @@ do_fips()
|
||||
else
|
||||
BOOT_IMAGE="$(getarg BOOT_IMAGE)"
|
||||
|
||||
+ # On s390x, BOOT_IMAGE isn't a path but an integer representing the
|
||||
+ # entry number selected. Let's try the root of /boot first, and
|
||||
+ # otherwise fallback to trying to parse the BLS entries if it's a
|
||||
+ # BLS-based system.
|
||||
+ if [ "$(uname -m)" = s390x ]; then
|
||||
+ if [ -e "/boot/vmlinuz-${KERNEL}" ]; then
|
||||
+ BOOT_IMAGE="vmlinuz-${KERNEL}"
|
||||
+ elif [ -d /boot/loader/entries ]; then
|
||||
+ i=0
|
||||
+ for bls in $(ls -d /boot/loader/entries/*.conf | sort -rV); do
|
||||
+ ((i++))
|
||||
+
|
||||
+ if [ $i -eq ${BOOT_IMAGE:-0} ] && [ -r "$bls" ]; then
|
||||
+ BOOT_IMAGE="$(grep -e '^linux' "$bls" | grep -o ' .*$')"
|
||||
+ BOOT_IMAGE=${BOOT_IMAGE:1}
|
||||
+ break
|
||||
+ fi
|
||||
+ done
|
||||
+ fi
|
||||
+ fi
|
||||
+
|
||||
# Trim off any leading GRUB boot device (e.g. ($root) )
|
||||
BOOT_IMAGE="$(echo "${BOOT_IMAGE}" | sed 's/^(.*)//')"
|
||||
|
||||
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
|
||||
index 8800a49e..71bea53a 100755
|
||||
--- a/modules.d/01fips/module-setup.sh
|
||||
+++ b/modules.d/01fips/module-setup.sh
|
||||
@@ -67,7 +67,7 @@ install() {
|
||||
inst_hook pre-udev 01 "$moddir/fips-load-crypto.sh"
|
||||
inst_script "$moddir/fips.sh" /sbin/fips.sh
|
||||
|
||||
- inst_multiple sha512hmac rmmod insmod mount uname umount
|
||||
+ inst_multiple sha512hmac rmmod insmod mount uname umount grep sort
|
||||
|
||||
inst_simple /etc/system-fips
|
||||
[ -c ${initdir}/dev/random ] || mknod ${initdir}/dev/random c 1 8 \
|
@ -5,7 +5,7 @@
|
||||
# strip the automatically generated dep here and instead co-own the
|
||||
# directory.
|
||||
%global __requires_exclude pkg-config
|
||||
%define dist_free_release 191.git20210920
|
||||
%define dist_free_release 201.git20220131
|
||||
|
||||
Name: dracut
|
||||
Version: 049
|
||||
@ -218,6 +218,16 @@ Patch187: 0187.patch
|
||||
Patch188: 0188.patch
|
||||
Patch189: 0189.patch
|
||||
Patch190: 0190.patch
|
||||
Patch191: 0191.patch
|
||||
Patch192: 0192.patch
|
||||
Patch193: 0193.patch
|
||||
Patch194: 0194.patch
|
||||
Patch195: 0195.patch
|
||||
Patch196: 0196.patch
|
||||
Patch197: 0197.patch
|
||||
Patch198: 0198.patch
|
||||
Patch199: 0199.patch
|
||||
Patch200: 0200.patch
|
||||
|
||||
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
|
||||
|
||||
@ -670,6 +680,18 @@ echo '# Since rhel-8.3 dracut moved to use NetworkManager
|
||||
add_dracutmodules+=" network-legacy "' > /etc/dracut.conf.d/50-network-legacy.conf
|
||||
|
||||
%changelog
|
||||
* Mon Jan 31 2022 Pavel Valena <pvalena@redhat.com> - 049-201.git20220131
|
||||
- ci: introduce C8S based GHA CI
|
||||
- ci: backport TEST-21-NFS-NM
|
||||
- dracut.sh: fix early microcode detection logic
|
||||
- fix(url-lib): make pre-pivot hook separetely per nfs mount
|
||||
- fix(watchdog): replace return with echo
|
||||
- fix(network): add errors and warnings when network interface
|
||||
- dracut.sh: add check for invalid configuration files
|
||||
- fips: removed false-positive 'FATAL: Module xxx not found'
|
||||
- fix(shutdown): be robust against forced shutdown
|
||||
- fix(fips): handle s390x OSTree systems
|
||||
|
||||
* Mon Sep 20 2021 Lukas Nykryn <lnykryn@redhat.com> - 049-191.git20210920
|
||||
- fix(install): extend hwcaps library handling to libraries
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user