Compare commits

...

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

235 changed files with 5498 additions and 14260 deletions

View File

@ -1 +1 @@
62ab5e53c734ad6ec77ebf0580383e8b6de96d16 SOURCES/dracut-049.tar.xz
20a52ee200099c22550e344dc041590dd570c896 SOURCES/dracut-057.tar.xz

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/dracut-049.tar.xz
SOURCES/dracut-057.tar.xz

View File

@ -1,53 +1,270 @@
From 3cb0f01a1e8a05dd4c6412907f5e9a398b2ace2c Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Fri, 31 Aug 2018 13:06:34 +0200
Subject: [PATCH] Revert "use cp --reflink=auto"
From b13e8ee2caaa84046e25a73e52dedb9c0f5c57a3 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 12 Jul 2022 14:12:04 +0200
Subject: [PATCH] ci: all layered RHEL-9 changes
This reverts commit 8cd8820547257299a33b2d1e3ecf7c6241a569b2.
Resolves: #1623990
- previous downstream changes
- use dracut.spec as submitted in the PR
- sync selected changes from upstream
- add new-main for pull-requests temporarily
rhel-only
Related: #2066816
---
50-dracut.install | 2 +-
51-dracut-rescue-postinst.sh | 2 +-
51-dracut-rescue.install | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
.github/workflows/container.yml | 7 ++--
.github/workflows/differential-shellcheck.yml | 19 ++++++++++
.github/workflows/integration.yml | 47 ++++++++++++++++++++++--
.github/workflows/lint.yml | 4 +-
.packit.yml | 36 ++++++++++++++++++
test/container/Dockerfile-CentOS-9-Stream | 53 +++++++++++++++++++++++++++
6 files changed, 158 insertions(+), 8 deletions(-)
diff --git a/50-dracut.install b/50-dracut.install
index 64e3549f..ec59dcb3 100755
--- a/50-dracut.install
+++ b/50-dracut.install
@@ -25,7 +25,7 @@ case "$COMMAND" in
if [[ -f ${INITRD_IMAGE_PREGENERATED} ]]; then
# we found an initrd at the same place as the kernel
# use this and don't generate a new one
- cp --reflink=auto "$INITRD_IMAGE_PREGENERATED" "$BOOT_DIR_ABS/$INITRD" \
+ cp "$INITRD_IMAGE_PREGENERATED" "$BOOT_DIR_ABS/$INITRD" \
&& chown root:root "$BOOT_DIR_ABS/$INITRD" \
&& chmod 0600 "$BOOT_DIR_ABS/$INITRD" \
&& exit 0
diff --git a/51-dracut-rescue-postinst.sh b/51-dracut-rescue-postinst.sh
index 67f5b717..23158552 100755
--- a/51-dracut-rescue-postinst.sh
+++ b/51-dracut-rescue-postinst.sh
@@ -57,7 +57,7 @@ if [[ ! -f $INITRDFILE ]]; then
fi
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 03c9c5ec..99d57f5b 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -3,12 +3,12 @@ on:
schedule:
- cron: '30 11 * * *' # every day at 4:40
push:
- branches: [ master ]
+ branches: [ main ]
paths:
- 'test/container/**'
- '.github/workflows/container.yml'
pull_request:
- branches: [ master ]
+ branches: [ main new-main ]
paths:
- 'test/container/**'
- '.github/workflows/container.yml'
@@ -31,6 +31,7 @@ jobs:
- { dockerfile: 'Dockerfile-Fedora-latest', tag: 'fedora:latest' }
- { dockerfile: 'Dockerfile-OpenSuse-latest', tag: 'opensuse:latest' }
- { dockerfile: 'Dockerfile-Arch', tag: 'arch:latest' }
+ - { dockerfile: 'Dockerfile-CentOS-9-Stream', tag: 'centos:stream9' }
- { dockerfile: 'Dockerfile-Debian', tag: 'debian:latest' }
steps:
- name: Check out the repo
@@ -49,5 +50,5 @@ jobs:
uses: docker/build-push-action@v2
with:
file: test/container/${{ matrix.config.dockerfile }}
- tags: ghcr.io/dracutdevs/${{ matrix.config.tag }}
+ tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.config.tag }}
push: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
diff --git a/.github/workflows/differential-shellcheck.yml b/.github/workflows/differential-shellcheck.yml
new file mode 100644
index 00000000..c4b05fad
--- /dev/null
+++ b/.github/workflows/differential-shellcheck.yml
@@ -0,0 +1,19 @@
+name: Differential ShellCheck
+on:
+ pull_request:
+ branches: [ main new-main ]
+
+jobs:
+ test:
+ runs-on: ubuntu-20.04
+
+ steps:
+ - name: Repository checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ - name: Differential ShellCheck
+ uses: redhat-plumbers-in-action/differential-shellcheck@v2
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 3d78555f..aa354e3e 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -2,7 +2,7 @@ name: Integration Test
if [[ ! -f $NEW_KERNEL_IMAGE ]]; then
- cp --reflink=auto "$KERNEL_IMAGE" "$NEW_KERNEL_IMAGE"
+ cp "$KERNEL_IMAGE" "$NEW_KERNEL_IMAGE"
((ret+=$?))
fi
on:
pull_request:
- branches: [ master ]
+ branches: [ main new-main ]
diff --git a/51-dracut-rescue.install b/51-dracut-rescue.install
index 6ddafdb6..426ddee5 100755
--- a/51-dracut-rescue.install
+++ b/51-dracut-rescue.install
@@ -93,7 +93,7 @@ case "$COMMAND" in
jobs:
basic:
@@ -24,7 +24,7 @@ jobs:
]
fail-fast: false
container:
- image: ghcr.io/dracutdevs/${{ matrix.container }}
+ image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}
options: "--privileged -v /dev:/dev"
steps:
- name: "Checkout Repository"
@@ -69,7 +69,48 @@ jobs:
]
fail-fast: false
container:
- image: ghcr.io/dracutdevs/${{ matrix.container }}
+ image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}
+ options: "--privileged -v /dev:/dev"
+ steps:
+ - name: "Checkout Repository"
+ uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+
+ - name: "${{ matrix.container }} TEST-${{ matrix.test }}"
+ run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }}
+ centos-9-stream:
+ runs-on: ubuntu-latest
+ timeout-minutes: 45
+ concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }}
+ cancel-in-progress: true
+ strategy:
+ matrix:
+ container: [
+ "centos:stream9",
+ ]
+ # Disabled tests (due to dropped packages in RHEL/CentOS):
+ # 03, 04, 15: requires btrfs
+ # 14: requires dmraid
+ # 30, 31, 35, 36: requires scsi-target-utils
+ test: [
+ "01",
+ "02",
+ "10",
+ "11",
+ "12",
+ "13",
+ "17",
+ "20",
+ "21",
+ "40",
+ "41",
+ "98",
+ ]
+ fail-fast: false
+ container:
+ image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}
options: "--privileged -v /dev:/dev"
steps:
- name: "Checkout Repository"
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 7b1b8ee7..5e3a299f 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -2,9 +2,9 @@ name: Lint
[[ -d "$BOOT_DIR_ABS" ]] || mkdir -p "$BOOT_DIR_ABS"
- if ! cp --reflink=auto "$KERNEL_IMAGE" "$BOOT_DIR_ABS/$KERNEL"; then
+ if ! cp "$KERNEL_IMAGE" "$BOOT_DIR_ABS/$KERNEL"; then
echo "Can't copy '$KERNEL_IMAGE to '$BOOT_DIR_ABS/$KERNEL'!" >&2
fi
on:
push:
- branches: [ master ]
+ branches: [ main ]
pull_request:
- branches: [ master ]
+ branches: [ main new-main ]
jobs:
lint-c:
diff --git a/.packit.yml b/.packit.yml
new file mode 100644
index 00000000..86ba83d2
--- /dev/null
+++ b/.packit.yml
@@ -0,0 +1,36 @@
+---
+# This file is part of dracut.
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+# vi:ts=2 sw=2 et:
+#
+# Docs: https://packit.dev/docs/
+
+specfile_path: pkgbuild/dracut.spec
+synced_files:
+ - .packit.yaml
+upstream_package_name: dracut
+downstream_package_name: dracut
+upstream_tag_template: "{version}"
+
+actions:
+ post-upstream-clone:
+ # Use the current specfile
+ - "cp pkgbuild/dracut.spec ."
+
+# Available targets can be listed via `copr-cli list-chroots`
+jobs:
+# Build test
+- job: copr_build
+ trigger: pull_request
+ metadata:
+ targets:
+ - centos-stream-9-x86_64
+ - centos-stream-9-aarch64
+
+# Run tests (via testing farm)
+- job: tests
+ trigger: pull_request
+ metadata:
+ targets:
+ - centos-stream-9-x86_64
diff --git a/test/container/Dockerfile-CentOS-9-Stream b/test/container/Dockerfile-CentOS-9-Stream
new file mode 100644
index 00000000..c9a96020
--- /dev/null
+++ b/test/container/Dockerfile-CentOS-9-Stream
@@ -0,0 +1,53 @@
+FROM quay.io/centos/centos:stream9
+
+MAINTAINER https://github.com/dracutdevs/dracut
+
+ENV container docker
+LABEL RUN="docker run -it --name NAME --privileged --ipc=host --net=host --pid=host -e NAME=NAME -e IMAGE=IMAGE IMAGE"
+
+RUN echo 'export DRACUT_NO_XATTR=1 KVERSION=$(cd /lib/modules; ls -1 | tail -1)' > /etc/profile.d/dracut-test.sh
+
+# Install needed packages for the dracut CI container
+# FIXME: properly re-add dash once C9S EPEL is available
+RUN dnf -y install --enablerepo crb --setopt=install_weak_deps=False \
+ http://mirrors.kernel.org/fedora/releases/34/Everything/x86_64/os/Packages/d/dash-0.5.10.2-8.fc34.x86_64.rpm \
+ qemu-kvm \
+ NetworkManager \
+ asciidoc \
+ bash-completion \
+ bzip2 \
+ cryptsetup \
+ dbus-daemon \
+ dhcp-client \
+ dhcp-server \
+ e2fsprogs \
+ gcc \
+ git \
+ iproute \
+ iputils \
+ iscsi-initiator-utils \
+ kbd \
+ kernel \
+ kmod-devel \
+ lvm2 \
+ make \
+ mdadm \
+ nfs-utils \
+ pigz \
+ rpm-build \
+ strace \
+ sudo \
+ tar \
+ tcpdump \
+ wget \
+ which \
+ xz \
+ && dnf -y update && dnf clean all
+
+# C9S ships only qemu-kvm, but it disables the KVM accel when it's not
+# available
+RUN ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu-kvm && \
+ ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu-system-$(uname -m)
+
+# Set default command
+CMD ["/usr/bin/bash"]

View File

@ -1,28 +1,55 @@
From 2e5265c80e03112c75888a31c170963e913070ed Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 14 Aug 2018 14:04:02 +0200
Subject: [PATCH] spec: return old provides
From a6c4171117924cacaa727a9828e72f70e09b1fa9 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 12 Jul 2022 14:15:25 +0200
Subject: [PATCH] fix(fips): enhance commit 'handle s390x OSTree systems'
78557f05a69fe718a97df85d2ed741ce10d3f806
Refactored to enhance readability.
Related: rhbz#2050567
---
dracut.spec | 7 +++++++
1 file changed, 7 insertions(+)
modules.d/01fips/fips.sh | 15 +++++++++++----
modules.d/01fips/module-setup.sh | 2 +-
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/dracut.spec b/dracut.spec
index 155868ce..553280c3 100644
--- a/dracut.spec
+++ b/dracut.spec
@@ -65,6 +65,13 @@ Provides: dracut-fips = %{version}-%{release}
Obsoletes: dracut-fips-aesni <= 047
Provides: dracut-fips-aesni = %{version}-%{release}
+Obsoletes: dracut-kernel < 005
+Provides: dracut-kernel = %{version}-%{release}
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index 26f65414..6ad61df8 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -132,10 +132,17 @@ do_fips() {
if [ -e "/boot/vmlinuz-${KERNEL}" ]; then
BOOT_IMAGE="vmlinuz-${KERNEL}"
elif [ -d /boot/loader/entries ]; then
- bls=$(find /boot/loader/entries -name '*.conf' | sort -rV | sed -n "$((BOOT_IMAGE + 1))p")
- if [ -e "${bls}" ]; then
- BOOT_IMAGE=$(grep ^linux "${bls}" | cut -d' ' -f2)
- fi
+ i=0
+ # shellcheck disable=SC2012
+ for bls in $(ls -d /boot/loader/entries/*.conf | sort -rV); do
+ if [ "$i" -eq "${BOOT_IMAGE:-0}" ] && [ -r "$bls" ]; then
+ BOOT_IMAGE="$(grep -e '^linux' "$bls" | grep -o ' .*$')"
+ BOOT_IMAGE=${BOOT_IMAGE## }
+ break
+ fi
+
+Obsoletes: dracut < 030
+Obsoletes: dracut-norescue < 030
+Provides: dracut-norescue = %{version}-%{release}
+
Requires: bash >= 4
Requires: coreutils
Requires: cpio
+ i=$((i + 1))
+ done
fi
fi
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index 8860159d..cc9d15ce 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -67,7 +67,7 @@ install() {
inst_hook pre-udev 01 "$moddir/fips-load-crypto.sh"
inst_script "$moddir/fips.sh" /sbin/fips.sh
- inst_multiple sha512hmac rmmod insmod mount uname umount grep sed cut find sort
+ inst_multiple sha512hmac rmmod insmod mount uname umount grep sed sort
inst_simple /etc/system-fips
[ -c "${initdir}"/dev/random ] || mknod "${initdir}"/dev/random c 1 8 \

View File

@ -1,44 +1,41 @@
From 44c9d019d88df05f69f2112aeae34bdbff61cee6 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Sat, 29 Sep 2018 17:14:31 +0800
Subject: [PATCH] dracut.spec: Fix error introduced by 70291ed
From ec58df436c7ecaa04a9a4a8f72615c59739f890d Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Wed, 16 Feb 2022 02:42:11 +0100
Subject: [PATCH] build(spec): do not use recommends for base packages
70291e0 ('dracut.spec: Add dracut-squash package') introduced a new
dracut-squash package, but by accident it overrided some other package
spec and the dependency name is wrong. This patch will fix it.
rhel-only
Resolves: rhbz#1947892
---
dracut.spec | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
pkgbuild/dracut.spec | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/dracut.spec b/dracut.spec
index 553280c3..de57703c 100644
--- a/dracut.spec
+++ b/dracut.spec
@@ -188,7 +188,7 @@ This package contains tools to assemble the local initrd and host configuration.
%package squash
Summary: dracut module to build an initramfs with most files in a squashfs image
Requires: %{name} = %{version}-%{release}
-Requires: squash-tools
+Requires: squashfs-tools
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index 71b7421c..38de47b4 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -71,20 +71,17 @@ Requires: kmod
Requires: sed
Requires: xz
Requires: gzip
+Requires: hardlink
+Requires: pigz
+Requires: kpartx
%description squash
This package provides a dracut module to build an initramfs, but store most files
@@ -459,14 +459,14 @@ install -m 0755 51-dracut-rescue-postinst.sh $RPM_BUILD_ROOT%{_sysconfdir}/kerne
%doc %{_mandir}/man8/dracut-catimages.8*
%if 0%{?fedora} || 0%{?rhel}
-Recommends: memstrack
-Recommends: hardlink
-Recommends: pigz
-Recommends: kpartx
+Suggests: memstrack
Requires: util-linux >= 2.21
Requires: systemd >= 219
Requires: systemd-udev >= 219
Requires: procps-ng
%else
-Requires: hardlink
-Requires: gzip
-Requires: kpartx
Requires: udev > 166
Requires: util-linux-ng >= 2.21
%endif
-%files squash
-%{dracutlibdir}/modules.d/99squash
-
%{_bindir}/dracut-catimages
%dir /boot/dracut
%dir /var/lib/dracut
%dir /var/lib/dracut/overlay
+%files squash
+%{dracutlibdir}/modules.d/99squash
+
%files config-generic
%{dracutlibdir}/dracut.conf.d/02-generic-image.conf

View File

@ -1,34 +1,35 @@
From 3b9b20d237b3ec939b1bf9dd065c875fee54fe63 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Fri, 12 Oct 2018 13:07:13 +0800
Subject: [PATCH] 40network: Don't include 40network by default
From 3a0a1774798178f709fc4aa54b6fc3c78e30add7 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 19 Jul 2021 11:27:28 +0200
Subject: [PATCH] fix(95nfs): set correct ownership and permissions for statd
directory
commit 7347391 ('network-legacy: split off from network module')
splitted network function to network-legacy and removed check() function
of 40network. This caused 40network to be included even if network is
not needed.
The directory ownership for the statd directory should be
rpcuser:rpcuser.
Signed-off-by: Kairui Song <kasong@redhat.com>
Cherry-picked from: 83cbc06ab91288e2d931b4f36935bfdb79a99b0e
Resolves: #1639088
Resolves: #2017846
---
modules.d/40network/module-setup.sh | 5 +++++
1 file changed, 5 insertions(+)
modules.d/95nfs/module-setup.sh | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/modules.d/40network/module-setup.sh b/modules.d/40network/module-setup.sh
index 57c0a45e..e8541636 100755
--- a/modules.d/40network/module-setup.sh
+++ b/modules.d/40network/module-setup.sh
@@ -1,5 +1,10 @@
#!/bin/bash
diff --git a/modules.d/95nfs/module-setup.sh b/modules.d/95nfs/module-setup.sh
index 16bafe30..5351c2d5 100755
--- a/modules.d/95nfs/module-setup.sh
+++ b/modules.d/95nfs/module-setup.sh
@@ -120,8 +120,13 @@ install() {
mkdir -m 0755 -p "$initdir/var/lib/nfs"
mkdir -m 0755 -p "$initdir/var/lib/nfs/rpc_pipefs"
mkdir -m 0770 -p "$initdir/var/lib/rpcbind"
- [ -d "/var/lib/nfs/statd/sm" ] && mkdir -m 0755 -p "$initdir/var/lib/nfs/statd/sm"
- [ -d "/var/lib/nfs/sm" ] && mkdir -m 0755 -p "$initdir/var/lib/nfs/sm"
+ [ -d "$dracutsysrootdir/var/lib/nfs/statd/sm" ] \
+ && mkdir -m 0700 -p "$initdir/var/lib/nfs/statd" \
+ && mkdir -m 0755 -p "$initdir/var/lib/nfs/statd/sm" \
+ && chown -R rpcuser:rpcuser "$initdir/var/lib/nfs/statd"
+ [ -d "$dracutsysrootdir/var/lib/nfs/sm" ] \
+ && mkdir -m 0755 -p "$initdir/var/lib/nfs/sm" \
+ && chown -R rpcuser:rpcuser "$initdir/var/lib/nfs/sm"
+# called by dracut
+check() {
+ return 255
+}
+
# called by dracut
depends() {
echo -n "kernel-network-modules "
# Rather than copy the passwd file in, just set a user for rpcbind
# We'll save the state and restart the daemon from the root anyway

View File

@ -1,34 +1,27 @@
From b63e0c5040d9881f8c3c0bc09fc21c6588c8a26f Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Thu, 18 Oct 2018 17:05:22 +0800
Subject: [PATCH] 99squash: Don't clean up squahfs on isolate
From 21b7898d5c3a074203d6cb8a71962010874f87bb Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 15 Feb 2022 13:47:40 +0100
Subject: [PATCH] fix(95resume): only exclude this module, when swap is netdev
The only time we need to cleanup squahfs manually is on switch root, to
release resource and memory. We've covered that by setting
"Conflicts=initrd-switch-root.target" for squash cleanup service.
On shutdown systemd will take care of squahfs mounts. But for other
isolate, files in initramfs are most likely still required, so don't
clean up squahfs. For example, kdump's emergency handler will isolate
into its own target, if squahfs is cleaned up it will fail.
Signed-off-by: Kairui Song <kasong@redhat.com>
Cherry-picked from: b9af0fcd
Resolves: #1641423
Resolves: #2017787
---
modules.d/99squash/squash-mnt-clear.service | 1 +
1 file changed, 1 insertion(+)
modules.d/95resume/module-setup.sh | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/modules.d/99squash/squash-mnt-clear.service b/modules.d/99squash/squash-mnt-clear.service
index 8dd17812..f8d5db46 100644
--- a/modules.d/99squash/squash-mnt-clear.service
+++ b/modules.d/99squash/squash-mnt-clear.service
@@ -9,6 +9,7 @@ After=dracut-initqueue.service dracut-pre-pivot.service
Before=initrd-cleanup.service
ConditionPathExists=/squash/root
Conflicts=initrd-switch-root.target
+IgnoreOnIsolate=true
diff --git a/modules.d/95resume/module-setup.sh b/modules.d/95resume/module-setup.sh
index 5e891048..4b8d8422 100755
--- a/modules.d/95resume/module-setup.sh
+++ b/modules.d/95resume/module-setup.sh
@@ -10,10 +10,9 @@ check() {
return 1
}
[Service]
Type=oneshot
- # Only support resume if hibernation is currently on
- # and no swap is mounted on a net device
+ # Only support resume if no swap is mounted on a net device
[[ $hostonly ]] || [[ $mount_needs ]] && {
- swap_on_netdevice || [[ -f /sys/power/resume && "$(cat /sys/power/resume)" == "0:0" ]] && return 255
+ swap_on_netdevice && return 255
}
return 0

View File

@ -1,46 +1,65 @@
From 5541b0c46f02f678c698aa523db7a86dde82a947 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 25 Oct 2018 15:30:36 +0200
Subject: [PATCH] dracut.install: call dracut with --force
From c1dee82d80d1b4d76a476d822cdf817686da7ebb Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 19 Jul 2022 16:42:59 +0200
Subject: [PATCH] ci: fix branch to run integration tests in
The kernel-install is called even if you run make install.
Since we don't call dracut with -f a second make install will fail
because initrd with same version is already there.
This makes kernel developers feel miserable.
https://bugzilla.redhat.com/show_bug.cgi?id=1642402
Cherry-picked from: 48c283a2
Resolves: #1642402
---
50-dracut.install | 2 +-
51-dracut-rescue.install | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
.github/workflows/container.yml | 2 +-
.github/workflows/differential-shellcheck.yml | 2 +-
.github/workflows/integration.yml | 2 +-
.github/workflows/lint.yml | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/50-dracut.install b/50-dracut.install
index ec59dcb3..139ff82e 100755
--- a/50-dracut.install
+++ b/50-dracut.install
@@ -49,7 +49,7 @@ case "$COMMAND" in
break
fi
done
- dracut ${noimageifnotneeded:+--noimageifnotneeded} "$BOOT_DIR_ABS/$INITRD" "$KERNEL_VERSION"
+ dracut -f ${noimageifnotneeded:+--noimageifnotneeded} "$BOOT_DIR_ABS/$INITRD" "$KERNEL_VERSION"
ret=$?
;;
remove)
diff --git a/51-dracut-rescue.install b/51-dracut-rescue.install
index 426ddee5..0580062f 100755
--- a/51-dracut-rescue.install
+++ b/51-dracut-rescue.install
@@ -98,7 +98,7 @@ case "$COMMAND" in
fi
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 99d57f5b..82d7a097 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -8,7 +8,7 @@ on:
- 'test/container/**'
- '.github/workflows/container.yml'
pull_request:
- branches: [ main new-main ]
+ branches: [ main ]
paths:
- 'test/container/**'
- '.github/workflows/container.yml'
diff --git a/.github/workflows/differential-shellcheck.yml b/.github/workflows/differential-shellcheck.yml
index c4b05fad..63a022bf 100644
--- a/.github/workflows/differential-shellcheck.yml
+++ b/.github/workflows/differential-shellcheck.yml
@@ -1,7 +1,7 @@
name: Differential ShellCheck
on:
pull_request:
- branches: [ main new-main ]
+ branches: [ main ]
if [[ ! -f "$BOOT_DIR_ABS/$INITRD" ]]; then
- dracut --no-hostonly -a "rescue" "$BOOT_DIR_ABS/$INITRD" "$KERNEL_VERSION"
+ dracut -f --no-hostonly -a "rescue" "$BOOT_DIR_ABS/$INITRD" "$KERNEL_VERSION"
((ret+=$?))
fi
jobs:
test:
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index aa354e3e..82d01457 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -2,7 +2,7 @@ name: Integration Test
on:
pull_request:
- branches: [ main new-main ]
+ branches: [ main ]
jobs:
basic:
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 5e3a299f..f6778a65 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -4,7 +4,7 @@ on:
push:
branches: [ main ]
pull_request:
- branches: [ main new-main ]
+ branches: [ main ]
jobs:
lint-c:

View File

@ -1,41 +1,42 @@
From d8386b5d8fae2e45a27635c48ecab63abba10e39 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Wed, 24 Oct 2018 15:14:03 +0200
Subject: [PATCH] Makefile: add srpm target
From d754571fea528af061db46a0284e996d012f14c9 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 19 Jul 2022 17:06:25 +0200
Subject: [PATCH] ci: run integration tests only on C9s
---
Makefile | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
.github/workflows/container.yml | 4 ----
.github/workflows/integration.yml | 3 ---
2 files changed, 7 deletions(-)
diff --git a/Makefile b/Makefile
index 80623437..503d069f 100644
--- a/Makefile
+++ b/Makefile
@@ -40,7 +40,7 @@ man8pages = dracut.8 \
manpages = $(man1pages) $(man5pages) $(man7pages) $(man8pages)
-.PHONY: install clean archive rpm testimage test all check AUTHORS doc dracut-version.sh
+.PHONY: install clean archive rpm srpm testimage test all check AUTHORS doc dracut-version.sh
all: dracut-version.sh dracut.pc dracut-install skipcpio/skipcpio
@@ -216,6 +216,17 @@ rpm: dracut-$(VERSION).tar.xz syncheck
--define "_rpmdir $$PWD" -ba dracut.spec; ) && \
( mv "$$rpmbuild"/{,$$(arch)/}*.rpm $(DESTDIR).; rm -fr -- "$$rpmbuild"; ls $(DESTDIR)*.rpm )
+srpm: dracut-$(VERSION).tar.xz syncheck
+ rpmbuild=$$(mktemp -d -t rpmbuild-dracut.XXXXXX); src=$$(pwd); \
+ cp dracut-$(VERSION).tar.xz "$$rpmbuild"; \
+ LC_MESSAGES=C $$src/git2spec.pl $(VERSION) "$$rpmbuild" < dracut.spec > $$rpmbuild/dracut.spec; \
+ (cd "$$rpmbuild"; \
+ [ -f $$src/lgpl-2.1.txt ] && cp $$src/lgpl-2.1.txt . || wget https://www.gnu.org/licenses/lgpl-2.1.txt; \
+ rpmbuild --define "_topdir $$PWD" --define "_sourcedir $$PWD" \
+ --define "_specdir $$PWD" --define "_srcrpmdir $$PWD" \
+ --define "_rpmdir $$PWD" -bs dracut.spec; ) && \
+ ( mv "$$rpmbuild"/*.src.rpm $(DESTDIR).; rm -fr -- "$$rpmbuild"; ls $(DESTDIR)*.rpm )
+
syncheck:
@ret=0;for i in dracut-initramfs-restore.sh modules.d/*/*.sh; do \
[ "$${i##*/}" = "module-setup.sh" ] && continue; \
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 82d7a097..34038f57 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -28,11 +28,7 @@ jobs:
fail-fast: false
matrix:
config:
- - { dockerfile: 'Dockerfile-Fedora-latest', tag: 'fedora:latest' }
- - { dockerfile: 'Dockerfile-OpenSuse-latest', tag: 'opensuse:latest' }
- - { dockerfile: 'Dockerfile-Arch', tag: 'arch:latest' }
- { dockerfile: 'Dockerfile-CentOS-9-Stream', tag: 'centos:stream9' }
- - { dockerfile: 'Dockerfile-Debian', tag: 'debian:latest' }
steps:
- name: Check out the repo
uses: actions/checkout@v2
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 82d01457..40da300c 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -14,10 +14,7 @@ jobs:
strategy:
matrix:
container: [
- "arch:latest",
- "debian:latest",
"fedora:latest",
- "opensuse:latest",
]
test: [
"04",

View File

@ -1,38 +1,29 @@
From 90054e4f1f2f64cb9a2b06b44b5a82b293c387dd Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 10 Jan 2019 18:08:32 +0100
Subject: [PATCH] 95iscsi: decouple iscsi from sysinit.target
From 263b9095200cf277db3bff4753b06306175b1534 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Thu, 21 Jul 2022 17:40:20 +0200
Subject: [PATCH] fix(dracut.sh): do not fail on irregular files
If file is not a regular file (test -f), dracut.sh fails,
which is unexpected change of behaviour.
The workaround would be to create an empty file.
rhel-only
Fixes: #1835
---
modules.d/95iscsi/module-setup.sh | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
dracut.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/95iscsi/module-setup.sh b/modules.d/95iscsi/module-setup.sh
index 5c2073bb..ae1924cc 100755
--- a/modules.d/95iscsi/module-setup.sh
+++ b/modules.d/95iscsi/module-setup.sh
@@ -265,6 +265,23 @@ install() {
echo "After=dracut-cmdline.service"
echo "Before=dracut-initqueue.service"
) > "${initdir}/$systemdsystemunitdir/iscsid.service.d/dracut.conf"
+
+ # The iscsi deamon does not need to wait for any storage inside initrd
+ mkdir -p "${initdir}/$systemdsystemunitdir/iscsid.socket.d"
+ (
+ echo "[Unit]"
+ echo "DefaultDependencies=no"
+ echo "Conflicts=shutdown.target"
+ echo "Before=shutdown.target sockets.target"
+ ) > "${initdir}/$systemdsystemunitdir/iscsid.socket.d/dracut.conf"
+ mkdir -p "${initdir}/$systemdsystemunitdir/iscsuio.socket.d"
+ (
+ echo "[Unit]"
+ echo "DefaultDependencies=no"
+ echo "Conflicts=shutdown.target"
+ echo "Before=shutdown.target sockets.target"
+ ) > "${initdir}/$systemdsystemunitdir/iscsuio.socket.d/dracut.conf"
+
diff --git a/dracut.sh b/dracut.sh
index a1ea1bc3..210a8275 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -905,7 +905,7 @@ if [[ -z $conffile ]]; then
else
conffile="$dracutsysrootdir/etc/dracut.conf"
fi
-elif [[ ! -f $conffile ]]; then
+elif [[ ! -e $conffile ]]; then
printf "%s\n" "dracut: Configuration file '$conffile' not found." >&2
exit 1
fi
inst_dir /var/lib/iscsi
dracut_need_initqueue

View File

@ -1,30 +1,61 @@
From e44c26f0fc6b29fb42cbc6d5ab57e34b07aa2ce1 Mon Sep 17 00:00:00 2001
From 96116c784edda6675c80fdf95823188c72b28652 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 15 Jan 2019 16:42:38 +0100
Subject: [PATCH] 95iscsi: fix a typo in a name of iscsiuio
Date: Mon, 18 Jul 2022 16:29:27 +0200
Subject: [PATCH] fix(98dracut-systemd): partly revert "emergency mode: use
sulogin"
Partly reverts 32f68c1f9ac3720e8ce4b95a09c0ce680d5da786
In RHEL we don't want to have a password to log in into emergency mode.
RHEL-only
Resolves: #2057365
---
modules.d/95iscsi/module-setup.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
modules.d/98dracut-systemd/dracut-emergency.sh | 2 +-
modules.d/98dracut-systemd/module-setup.sh | 2 --
modules.d/99base/module-setup.sh | 8 ++------
3 files changed, 3 insertions(+), 9 deletions(-)
diff --git a/modules.d/95iscsi/module-setup.sh b/modules.d/95iscsi/module-setup.sh
index ae1924cc..79af4a47 100755
--- a/modules.d/95iscsi/module-setup.sh
+++ b/modules.d/95iscsi/module-setup.sh
@@ -274,13 +274,13 @@ install() {
echo "Conflicts=shutdown.target"
echo "Before=shutdown.target sockets.target"
) > "${initdir}/$systemdsystemunitdir/iscsid.socket.d/dracut.conf"
- mkdir -p "${initdir}/$systemdsystemunitdir/iscsuio.socket.d"
+ mkdir -p "${initdir}/$systemdsystemunitdir/iscsiuio.socket.d"
(
echo "[Unit]"
echo "DefaultDependencies=no"
echo "Conflicts=shutdown.target"
echo "Before=shutdown.target sockets.target"
- ) > "${initdir}/$systemdsystemunitdir/iscsuio.socket.d/dracut.conf"
+ ) > "${initdir}/$systemdsystemunitdir/iscsiuio.socket.d/dracut.conf"
diff --git a/modules.d/98dracut-systemd/dracut-emergency.sh b/modules.d/98dracut-systemd/dracut-emergency.sh
index c6637a5c..48062f49 100755
--- a/modules.d/98dracut-systemd/dracut-emergency.sh
+++ b/modules.d/98dracut-systemd/dracut-emergency.sh
@@ -34,7 +34,7 @@ if getargbool 1 rd.shell -d -y rdshell || getarg rd.break -d rdbreak; then
done < /proc/consoles
[ -f /etc/profile ] && . /etc/profile
[ -z "$PS1" ] && export PS1="$_name:\${PWD}# "
- exec sulogin -e
+ exec sh -i -l
else
export hook="shutdown-emergency"
warn "$action has failed. To debug this issue add \"rd.shell rd.debug\" to the kernel command line."
diff --git a/modules.d/98dracut-systemd/module-setup.sh b/modules.d/98dracut-systemd/module-setup.sh
index b7da86db..6fb26efa 100755
--- a/modules.d/98dracut-systemd/module-setup.sh
+++ b/modules.d/98dracut-systemd/module-setup.sh
@@ -51,6 +51,4 @@ install() {
done
inst_simple "$moddir/dracut-tmpfiles.conf" "$tmpfilesdir/dracut-tmpfiles.conf"
-
- inst_multiple sulogin
}
diff --git a/modules.d/99base/module-setup.sh b/modules.d/99base/module-setup.sh
index 10a44d91..3fa2659a 100755
--- a/modules.d/99base/module-setup.sh
+++ b/modules.d/99base/module-setup.sh
@@ -30,12 +30,8 @@ install() {
fi
inst_dir /var/lib/iscsi
# add common users in /etc/passwd, it will be used by nfs/ssh currently
- # use password for hostonly images to facilitate secure sulogin in emergency console
- [[ $hostonly ]] && pwshadow='x'
- grep '^root:' "$initdir/etc/passwd" 2> /dev/null || echo "root:$pwshadow:0:0::/root:/bin/sh" >> "$initdir/etc/passwd"
- grep '^nobody:' "$dracutsysrootdir"/etc/passwd >> "$initdir/etc/passwd"
-
- [[ $hostonly ]] && grep '^root:' "$dracutsysrootdir"/etc/shadow >> "$initdir/etc/shadow"
+ grep '^root:' "$initdir/etc/passwd" 2> /dev/null || echo 'root:x:0:0::/root:/bin/sh' >> "$initdir/etc/passwd"
+ grep '^nobody:' /etc/passwd >> "$initdir/etc/passwd"
# install our scripts and hooks
inst_script "$moddir/init.sh" "/init"

View File

@ -1,26 +1,29 @@
From c787ad30ab5467c9f3c740a1cd7ed8b3198b9719 Mon Sep 17 00:00:00 2001
From 733d47fb873c2b821a430a614d83b60475df2d13 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 21 May 2019 17:58:38 +0200
Subject: [PATCH] net-lib: strstr is not for globs
Date: Mon, 15 Aug 2022 16:25:53 +0200
Subject: [PATCH] fix(kernel-modules): always include nvmem driver on
nvmem_on_arm
(cherry picked from commit 1a3dcc8b46c967445794e679280a3fb3b8e77ae0)
These drivers are needed to boot on some SoCs like NXP i.MX
We should include them so installation images will work.
Resolves: #1712469
(cherry picked from commit bc965cd8890013a6362733d217c18756134bbcdf)
Resolves: #2109498
---
modules.d/40network/net-lib.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/90kernel-modules/module-setup.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
index 1e7f1b33..7b93f25e 100755
--- a/modules.d/40network/net-lib.sh
+++ b/modules.d/40network/net-lib.sh
@@ -463,7 +463,7 @@ ip_to_var() {
# ip=<ipv4-address> means anaconda-style static config argument cluster
autoconf="$1"
- if strstr "$autoconf" "*.*.*.*"; then
+ if strglob "$autoconf" "*.*.*.*"; then
# ip=<ipv4-address> means anaconda-style static config argument cluster:
# ip=<ip> gateway=<gw> netmask=<nm> hostname=<host> mtu=<mtu>
# ksdevice={link|bootif|ibft|<MAC>|<ifname>}
diff --git a/modules.d/90kernel-modules/module-setup.sh b/modules.d/90kernel-modules/module-setup.sh
index e2073a04..191af041 100755
--- a/modules.d/90kernel-modules/module-setup.sh
+++ b/modules.d/90kernel-modules/module-setup.sh
@@ -85,6 +85,7 @@ installkernel() {
"=drivers/mfd" \
"=drivers/mmc/core" \
"=drivers/mmc/host" \
+ "=drivers/nvmem" \
"=drivers/phy" \
"=drivers/power" \
"=drivers/regulator" \

View File

@ -1,40 +1,32 @@
From 81b59fbbd6ebeee05b5d6869ae4f36bb9e486f72 Mon Sep 17 00:00:00 2001
From 58a310fdbfc1a7e07703c6ab9b21c43a73330a92 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 8 Jan 2019 17:16:07 +0100
Subject: [PATCH] 95iscsi: rd.iscsi.initiator should have priority over stored
configuration
Date: Mon, 15 Aug 2022 16:32:51 +0200
Subject: [PATCH] fix(drm): add video drivers needed on hyper-v and similar
(cherry picked from commit 61afc704548cecc7f7d2fa3b5f1319e790cc5bee)
Due to non-availability of Hyper-V video driver hyperv_drm in kdump
initramfs, the console seems to be in hang state with no text over it.
Resolves: #1664062
We should also go through the /sys/bus/vmbus/devices and include drivers
referenced there.
(cherry picked from commit 85149b85961aa535a3c61d492cd3594794e5cc3f)
Resolves: #2099502
---
modules.d/95iscsi/parse-iscsiroot.sh | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
modules.d/50drm/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/95iscsi/parse-iscsiroot.sh b/modules.d/95iscsi/parse-iscsiroot.sh
index 7a64d888..f00a83bb 100755
--- a/modules.d/95iscsi/parse-iscsiroot.sh
+++ b/modules.d/95iscsi/parse-iscsiroot.sh
@@ -107,14 +107,13 @@ if arg=$(getarg rd.iscsi.initiator -d iscsi_initiator=) && [ -n "$arg" ] && ! [
iscsi_initiator=$arg
echo "InitiatorName=$iscsi_initiator" > /run/initiatorname.iscsi
ln -fs /run/initiatorname.iscsi /dev/.initiatorname.iscsi
- if ! [ -e /etc/iscsi/initiatorname.iscsi ]; then
- mkdir -p /etc/iscsi
- ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi
- if [ -n "$DRACUT_SYSTEMD" ]; then
- systemctl try-restart iscsid
- # FIXME: iscsid is not yet ready, when the service is :-/
- sleep 1
- fi
+ rm -f /etc/iscsi/initiatorname.iscsi
+ mkdir -p /etc/iscsi
+ ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi
+ if [ -n "$DRACUT_SYSTEMD" ]; then
+ systemctl try-restart iscsid
+ # FIXME: iscsid is not yet ready, when the service is :-/
+ sleep 1
fi
fi
diff --git a/modules.d/50drm/module-setup.sh b/modules.d/50drm/module-setup.sh
index cff0550c..1fb38677 100755
--- a/modules.d/50drm/module-setup.sh
+++ b/modules.d/50drm/module-setup.sh
@@ -31,7 +31,7 @@ installkernel() {
if [[ $hostonly ]]; then
local i modlink modname
- for i in /sys/bus/{pci/devices,platform/devices,virtio/devices,soc/devices/soc?}/*/modalias; do
+ for i in /sys/bus/{pci/devices,platform/devices,virtio/devices,soc/devices/soc?,vmbus/devices}/*/modalias; do
[[ -e $i ]] || continue
[[ -n $(< "$i") ]] || continue
# shellcheck disable=SC2046

View File

@ -1,86 +1,51 @@
From 9c54932f590fd7accadc780c6ee946a94286b7e6 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 14 May 2019 09:23:55 +0200
Subject: [PATCH] fips: split loading the crypto modules and checking the
kernel
From a84df47afae75a0b4068c78d8201a515a841f353 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Tue, 16 Aug 2022 13:30:16 +0200
Subject: [PATCH] fix(skipcpio): ignore broken pipe
In e54ab383 we moved the fips script to a later pahse of boot, since
the /boot might not be available early on.
If lsinitrd is called from a context in which SIGPIPE is ignored (e.g.,
from a systemd unit with default setting of IgnoreSIGPIPE=), the
following line will result in an error being issued:
The problem is that systemd-cryptsetup* services could be run now
started before the do_fips is executed and need the crypto modules
to decrypted the devices.
bin="$($SKIP "$image" | { read -r -N 6 bin && echo "$bin"; })"
So let's split the do_fips and load the module before udev does the
trigger.
An example error from `kdumpctl start` (which internally just calls
`systemctl start kdump.service`):
kdumpctl[1287]: ERROR: src/skipcpio/skipcpio.c:191:main(): fwrite
A minimal reproducer:
systemd-run -t sh -c '/path/to/skipcpio /path/to/any/file | false'
(cherry-picked from e9a4d73b73b716a9d2d5f01ceb7b427ef544ed9b)
Resolves: #2109803
---
modules.d/01fips/fips-load-crypto.sh | 8 ++++++++
modules.d/01fips/fips.sh | 19 +++++++++++--------
modules.d/01fips/module-setup.sh | 1 +
3 files changed, 20 insertions(+), 8 deletions(-)
src/skipcpio/skipcpio.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/modules.d/01fips/fips-load-crypto.sh b/modules.d/01fips/fips-load-crypto.sh
new file mode 100644
index 00000000..82cbeee4
--- /dev/null
+++ b/modules.d/01fips/fips-load-crypto.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+if ! fipsmode=$(getarg fips) || [ $fipsmode = "0" ]; then
+ rm -f -- /etc/modprobe.d/fips.conf >/dev/null 2>&1
+else
+ . /sbin/fips.sh
+ fips_load_crypto || die "FIPS integrity test failed"
+fi
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index 9bc089f2..beaa692b 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -69,15 +69,8 @@ do_rhevh_check()
return 0
diff --git a/src/skipcpio/skipcpio.c b/src/skipcpio/skipcpio.c
index 13bfaf53..f66c1869 100644
--- a/src/skipcpio/skipcpio.c
+++ b/src/skipcpio/skipcpio.c
@@ -23,6 +23,7 @@
#define _GNU_SOURCE
#endif
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -187,8 +188,10 @@ cat_rest:
goto end;
}
-do_fips()
+fips_load_crypto()
{
- local _v
- local _s
- local _v
- local _module
-
- KERNEL=$(uname -r)
-
FIPSMODULES=$(cat /etc/fipsmodules)
info "Loading and integrity checking all crypto modules"
@@ -102,6 +95,16 @@ do_fips()
info "Self testing crypto algorithms"
modprobe tcrypt || return 1
rmmod tcrypt
+}
+
+do_fips()
+{
+ local _v
+ local _s
+ local _v
+ local _module
+
+ KERNEL=$(uname -r)
info "Checking integrity of kernel"
if [ -e "/run/initramfs/live/vmlinuz0" ]; then
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index f3af4d90..18186d62 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -54,6 +54,7 @@ install() {
local _dir
inst_hook pre-trigger 01 "$moddir/fips-boot.sh"
inst_hook pre-pivot 01 "$moddir/fips-noboot.sh"
+ inst_hook pre-udev 01 "$moddir/fips-load-crypto.sh"
inst_script "$moddir/fips.sh" /sbin/fips.sh
inst_multiple sha512hmac rmmod insmod mount uname umount
+ errno = 0;
if (fwrite(buf.copy_buffer, 1, s, stdout) != s) {
- pr_err("fwrite\n");
+ if (errno != EPIPE)
+ pr_err("fwrite\n");
goto end;
}
}

View File

@ -1,51 +1,29 @@
From a1435c3d535707f1d21aaf85e62175ff2bb1ad2b Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Thu, 14 Mar 2019 18:54:10 +0800
Subject: [PATCH] fips: ensure fs module for /boot is installed
From bdd3fa585fcfa21f20d66f01568967c0d7a771d6 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 16 Aug 2022 15:21:05 +0200
Subject: [PATCH] ci: pull request template
When using dracut with --hostonly and --no-hostonly-default-device,
/boot will be inaccessible as dracut will most fs modules unless
specified. But FIPS require /boot to be accessible, and it will try
to mount it on boot. It will fail if corresponding fs module is missing.
For most case /boot will be a simple partition, include the fs module
will be enough for FIPS to mount it. For other cases users have to pass
extra parameters by themselves.
Suggested-by: Kenneth Dsouza <kdsouza@redhat.com>
Signed-off-by: Kairui Song <kasong@redhat.com>
rhel-only
---
modules.d/01fips/module-setup.sh | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
.github/pull_request_template.md | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index 18186d62..89734a09 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -12,7 +12,7 @@ depends() {
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
index ef281c3d..8fcf4d33 100644
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,10 +1,5 @@
-This pull request changes...
+<description/>
# called by dracut
installkernel() {
- local _fipsmodules _mod
+ local _fipsmodules _mod _bootfstype
if [[ -f "${srcmods}/modules.fips" ]]; then
_fipsmodules="$(cat "${srcmods}/modules.fips")"
else
@@ -47,6 +47,16 @@ installkernel() {
echo "blacklist $_mod" >> "${initdir}/etc/modprobe.d/fips.conf"
fi
done
+
+ # with hostonly_default_device fs module for /boot is not installed by default
+ if [[ $hostonly ]] && [[ "$hostonly_default_device" == "no" ]]; then
+ _bootfstype=$(find_mp_fstype /boot)
+ if [[ -n "$_bootfstype" ]]; then
+ hostonly='' instmods $_bootfstype
+ else
+ dwarning "Can't determine fs type for /boot, FIPS check may fail."
+ fi
+ fi
}
-## Changes
+(cherry picked from commit ... )
# called by dracut
-## Checklist
-- [ ] I have tested it locally
-- [ ] I have reviewed and updated any documentation if relevant
-- [ ] I am providing new code and test(s) for it
-
-Fixes #
+Resolves: #

View File

@ -1,49 +1,42 @@
From 7c35556da4c803bbb08c96e96262e598d5c42274 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Tue, 21 Aug 2018 13:14:44 +0200
Subject: [PATCH] network: skip already enslaved interfaces
From f93ac80a0b3e9017bf2c374b72126908a7f5cbde Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Mon, 8 Aug 2022 13:42:51 +0200
Subject: [PATCH] refactor(url-lib): write curl output directly to file
(cherry picked from commit f6e3b59e5ea6f52a25631557badc7f4dfabbd7ee)
The redirection to stdout was originally added to workaround
https://bugzilla.redhat.com/show_bug.cgi?id=989133 (curl would create no
file if the source was empty), but I don't see that problem with current
curl.
Resolves: #1625042
A nice side-effect of this change is that curl shows download progress.
(cherry picked from commit 1343d21d8c0d1f7239e27165e9c7633b504f777f)
Resolves: #2112475
---
modules.d/35network-legacy/ifup.sh | 6 +++++-
modules.d/40network/net-lib.sh | 7 +++++++
2 files changed, 12 insertions(+), 1 deletion(-)
modules.d/45url-lib/url-lib.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh
index ea2a67ff..b4f5bf10 100755
--- a/modules.d/35network-legacy/ifup.sh
+++ b/modules.d/35network-legacy/ifup.sh
@@ -408,7 +408,11 @@ for p in $(getargs ip=); do
esac
# If this option isn't directed at our interface, skip it
- [ -n "$dev" ] && [ "$dev" != "$netif" ] && continue
+ if [ -n "$dev" ]; then
+ [ "$dev" != "$netif" ] && continue
+ else
+ iface_is_enslaved "$netif" && continue
+ fi
# Store config for later use
for i in ip srv gw mask hostname macaddr mtu dns1 dns2; do
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
index 7b93f25e..f9569573 100755
--- a/modules.d/40network/net-lib.sh
+++ b/modules.d/40network/net-lib.sh
@@ -745,6 +745,13 @@ iface_has_link() {
iface_has_carrier "$@"
}
+iface_is_enslaved() {
+ local _li
+ _li=$(ip -o link show dev $1)
+ strstr "$li" " master " || return 1
+ return 0
+}
+
find_iface_with_link() {
local iface_path="" iface=""
for iface_path in /sys/class/net/*; do
diff --git a/modules.d/45url-lib/url-lib.sh b/modules.d/45url-lib/url-lib.sh
index e88fbc14..b009fd09 100755
--- a/modules.d/45url-lib/url-lib.sh
+++ b/modules.d/45url-lib/url-lib.sh
@@ -67,7 +67,7 @@ curl_fetch_url() {
echo "$url" > /proc/self/fd/0
if [ -n "$outloc" ]; then
# shellcheck disable=SC2086
- curl $curl_args --output - -- "$url" > "$outloc" || return $?
+ curl $curl_args --output "$outloc" -- "$url" || return $?
else
local outdir
outdir="$(mkuniqdir /tmp curl_fetch_url)"
@@ -101,7 +101,7 @@ ctorrent_fetch_url() {
echo "$url" > /proc/self/fd/0
if [ -n "$outloc" ]; then
# shellcheck disable=SC2086
- curl $curl_args --output - -- "$url" > "$torrent_outloc" || return $?
+ curl $curl_args --output "$torrent_outloc" -- "$url" || return $?
else
local outdir
outdir="$(mkuniqdir /tmp torrent_fetch_url)"

View File

@ -1,24 +1,45 @@
From 4971a2c4eb4526cb88a5c9aff30c57527a746036 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 16 Jul 2019 08:27:01 +0100
Subject: [PATCH] 01fips: add cfb cipher
From f5ef6694eae2696b10b4f6e5a0d72a29223651ce Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@tencent.com>
Date: Tue, 20 Sep 2022 02:13:01 +0800
Subject: [PATCH] fix(dracut-initramfs-restore.sh): initramfs detection not
working
Required by FIPS standard
The path detection is not working on latest Fedora and some other
distros, and it fails to extract the initramfs. It seems the if
statement is broken by a previous commit, so let's fix it.
Fixes: 3d8e1ad ('fix(dracut-initramfs-restore.sh): add missing default paths')
Signed-off-by: Kairui Song <kasong@tencent.com>
(cherry picked from commit 481b87fa7a82be54663071ad9ad76c34e378ddc7)
Resolves: #2149232
---
modules.d/01fips/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
dracut-initramfs-restore.sh | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index 89734a09..f011f15d 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -24,7 +24,7 @@ installkernel() {
_fipsmodules+="crc32c crct10dif ghash "
diff --git a/dracut-initramfs-restore.sh b/dracut-initramfs-restore.sh
index 68ea3873..df6cb9a8 100644
--- a/dracut-initramfs-restore.sh
+++ b/dracut-initramfs-restore.sh
@@ -27,14 +27,14 @@ fi
# Ciphers:
- _fipsmodules+="cipher_null des3_ede aes "
+ _fipsmodules+="cipher_null des3_ede aes cfb "
mount -o ro /boot &> /dev/null || true
# Modes/templates:
_fipsmodules+="ecb cbc ctr xts gcm ccm authenc hmac cmac "
-if [[ -d /efi/loader/entries ]] || [[ -L /efi/loader/entries ]] \
- || [[ -d /efi/$MACHINE_ID ]] || [[ -L /efi/$MACHINE_ID ]]; then
+if [[ -d /efi/loader/entries || -L /efi/loader/entries ]] \
+ && [[ -d /efi/$MACHINE_ID || -L /efi/$MACHINE_ID ]]; then
IMG="/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd"
-elif [[ -d /boot/loader/entries ]] || [[ -L /boot/loader/entries ]] \
- || [[ -d /boot/$MACHINE_ID ]] || [[ -L /boot/$MACHINE_ID ]]; then
+elif [[ -d /boot/loader/entries || -L /boot/loader/entries ]] \
+ && [[ -d /boot/$MACHINE_ID || -L /boot/$MACHINE_ID ]]; then
IMG="/boot/${MACHINE_ID}/${KERNEL_VERSION}/initrd"
-elif [[ -d /boot/efi/loader/entries ]] || [[ -L /boot/efi/loader/entries ]] \
- || [[ -d /boot/efi/$MACHINE_ID ]] || [[ -L /boot/efi/$MACHINE_ID ]]; then
+elif [[ -d /boot/efi/loader/entries || -L /boot/efi/loader/entries ]] \
+ && [[ -d /boot/efi/$MACHINE_ID || -L /boot/efi/$MACHINE_ID ]]; then
IMG="/boot/efi/$MACHINE_ID/$KERNEL_VERSION/initrd"
elif [[ -f /lib/modules/${KERNEL_VERSION}/initrd ]]; then
IMG="/lib/modules/${KERNEL_VERSION}/initrd"

View File

@ -1,86 +1,31 @@
From 31116110ff0090324a568ce2aba6519a860d66b3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Renaud=20M=C3=A9trich?= <rmetrich@redhat.com>
Date: Thu, 11 Jul 2019 10:50:40 +0200
Subject: [PATCH] rngd: new module running early during boot to help generating
entropy when system's default entropy sources are poor (e.g. use of SSD disks
or UEFI RNG not available)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From 6a1d39e50d9f8a7f3765fa6cb85b34e6597d864d Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 6 Dec 2022 21:46:01 +0100
Subject: [PATCH] fix(90kernel-modules): install blk modules using symbol
blk_alloc_disk
On systems with low entropy at boot, the boot can take up to several
hours, specially when NBDE is used (e.g. clevis) which makes use of
the random number generator.
Corresponding kernel symbol blk_cleanup_disk is no longer used in the nvdimm
driver and calls are made directly instead.
Enabling rngd service at boot early, because dracut-initqueue runs,
enables to initialize the random number generator in a couple of seconds
instead of minutes or hours.
blk_alloc_disk is used:
https://elixir.bootlin.com/linux/v6.1-rc8/source/drivers/nvdimm/pmem.c#L522
Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
(cherry picked from commit adee5b97bc5418b6e357342bb3be20568668aa55)
Resolves: #1726617
Resolves: #2149781
---
modules.d/06rngd/module-setup.sh | 39 +++++++++++++++++++++++++++++++++++++++
modules.d/06rngd/rngd.service | 7 +++++++
2 files changed, 46 insertions(+)
modules.d/90kernel-modules/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/06rngd/module-setup.sh b/modules.d/06rngd/module-setup.sh
new file mode 100644
index 00000000..43d5c2d3
--- /dev/null
+++ b/modules.d/06rngd/module-setup.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+# vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
+#
+# Copyright (c) 2019 Red Hat, Inc.
+# Author: Renaud Métrich <rmetrich@redhat.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+depends() {
+ echo systemd
+ return 0
+}
+
+check() {
+ # if there's no rngd binary, no go.
+ require_binaries rngd || return 1
+
+ return 0
+}
+
+install() {
+ inst rngd
+ inst_simple "${moddir}/rngd.service" "${systemdsystemunitdir}/rngd.service"
+ mkdir -p "${initdir}${systemdsystemunitdir}/sysinit.target.wants"
+ ln -rfs "${initdir}${systemdsystemunitdir}/rngd.service" \
+ "${initdir}${systemdsystemunitdir}/sysinit.target.wants/rngd.service"
+}
diff --git a/modules.d/06rngd/rngd.service b/modules.d/06rngd/rngd.service
new file mode 100644
index 00000000..570fbedb
--- /dev/null
+++ b/modules.d/06rngd/rngd.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Hardware RNG Entropy Gatherer Daemon
+DefaultDependencies=no
+Before=systemd-udevd.service
+
+[Service]
+ExecStart=/usr/sbin/rngd -f
diff --git a/modules.d/90kernel-modules/module-setup.sh b/modules.d/90kernel-modules/module-setup.sh
index 191af041..0b9488c3 100755
--- a/modules.d/90kernel-modules/module-setup.sh
+++ b/modules.d/90kernel-modules/module-setup.sh
@@ -2,7 +2,7 @@
# called by dracut
installkernel() {
- local _blockfuncs='ahci_platform_get_resources|ata_scsi_ioctl|scsi_add_host|blk_cleanup_queue|register_mtd_blktrans|scsi_esp_register|register_virtio_device|usb_stor_disconnect|mmc_add_host|sdhci_add_host|scsi_add_host_with_dma|blk_mq_alloc_disk|blk_cleanup_disk'
+ local _blockfuncs='ahci_platform_get_resources|ata_scsi_ioctl|scsi_add_host|blk_cleanup_queue|register_mtd_blktrans|scsi_esp_register|register_virtio_device|usb_stor_disconnect|mmc_add_host|sdhci_add_host|scsi_add_host_with_dma|blk_alloc_disk|blk_mq_alloc_disk|blk_cleanup_disk'
local -A _hostonly_drvs
find_kernel_modules_external() {

View File

@ -1,22 +1,99 @@
From d86dfcd148e5d726f00b8a83eeadb11aa0017fba Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Mon, 22 Jul 2019 14:07:26 +0200
Subject: [PATCH] dracut.spec: add 06rngd
From 8ab3020205ea92cbef3ca250c924d9b500c5d9aa Mon Sep 17 00:00:00 2001
From: Hari Bathini <hbathini@linux.ibm.com>
Date: Tue, 12 Jul 2022 13:55:47 +0530
Subject: [PATCH] fix(squash): build ld cache for squash loader
Commit dc21638c3f0a fixes kdump kernel crash, due to non-conventional
library path in powerpc, by copying /etc/ld.so.cache under initdir.
While that works in general, it is vulnerable to failure because of
missing links, when the CPU is reconfigured to run in compatibility
mode of older CPU version. Avoid this by running ldconfig for squash
loader to create the necessary links & ld cache for it. Doing this
also saves a few kilobyes of space as the copied ld cache is bigger
in size than the one needed for squash loader environment.
Fixes: dc21638c3f0a ("fix(squash): keep ld cache under initdir")
Cc: Pingfan Liu <piliu@redhat.com>
Signed-off-by: Hari Bathini <hbathini@linux.ibm.com>
Resolves: rhbz#2122274
---
dracut.spec | 1 +
1 file changed, 1 insertion(+)
dracut-init.sh | 14 ++++++++++++++
dracut.sh | 11 +----------
modules.d/99squash/module-setup.sh | 8 +++-----
3 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/dracut.spec b/dracut.spec
index de57703c..92c7f7bf 100644
--- a/dracut.spec
+++ b/dracut.spec
@@ -346,6 +346,7 @@ install -m 0755 51-dracut-rescue-postinst.sh $RPM_BUILD_ROOT%{_sysconfdir}/kerne
%{dracutlibdir}/modules.d/03rescue
%{dracutlibdir}/modules.d/04watchdog
%{dracutlibdir}/modules.d/05busybox
+%{dracutlibdir}/modules.d/06rngd
%{dracutlibdir}/modules.d/10i18n
%{dracutlibdir}/modules.d/30convertfs
%{dracutlibdir}/modules.d/45url-lib
diff --git a/dracut-init.sh b/dracut-init.sh
index 900e8b83..fe1b1426 100644
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -504,6 +504,20 @@ inst_rules_wildcard() {
[[ $_found ]] || dinfo "Skipping udev rule: $_rule"
}
+# make sure that library links are correct and up to date
+build_ld_cache() {
+ for f in "$dracutsysrootdir"/etc/ld.so.conf "$dracutsysrootdir"/etc/ld.so.conf.d/*; do
+ [[ -f $f ]] && inst_simple "${f#$dracutsysrootdir}"
+ done
+ if ! $DRACUT_LDCONFIG -r "$initdir" -f /etc/ld.so.conf; then
+ if [[ $EUID == 0 ]]; then
+ derror "ldconfig exited ungracefully"
+ else
+ derror "ldconfig might need uid=0 (root) for chroot()"
+ fi
+ fi
+}
+
prepare_udev_rules() {
if [ -z "$UDEVVERSION" ]; then
UDEVVERSION=$(udevadm --version)
diff --git a/dracut.sh b/dracut.sh
index 210a8275..d2f07ac6 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2360,16 +2360,7 @@ fi
if [[ $kernel_only != yes ]]; then
# make sure that library links are correct and up to date
- for f in "$dracutsysrootdir"/etc/ld.so.conf "$dracutsysrootdir"/etc/ld.so.conf.d/*; do
- [[ -f $f ]] && inst_simple "${f#$dracutsysrootdir}"
- done
- if ! $DRACUT_LDCONFIG -r "$initdir" -f /etc/ld.so.conf; then
- if [[ $EUID == 0 ]]; then
- derror "ldconfig exited ungracefully"
- else
- derror "ldconfig might need uid=0 (root) for chroot()"
- fi
- fi
+ build_ld_cache
fi
if dracut_module_included "squash"; then
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index c42eb679..f31ff556 100644
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -28,11 +28,6 @@ installpost() {
[[ $squash_dir == "$i"/* ]] || mv "$i" "$squash_dir"/
done
- # initdir also needs ld.so.* to make ld.so work
- inst /etc/ld.so.cache
- inst /etc/ld.so.conf
- inst_dir /etc/ld.so.conf.d
-
# Create mount points for squash loader
mkdir -p "$initdir"/squash/
mkdir -p "$squash_dir"/squash/
@@ -67,6 +62,9 @@ installpost() {
ln_r /usr/bin /bin
ln_r /usr/sbin /sbin
inst_simple "$moddir"/init-squash.sh /init
+
+ # make sure that library links are correct and up to date for squash loader
+ build_ld_cache
}
install() {

View File

@ -1,49 +1,59 @@
From 927428e6a5e90b2214ee9edf15d4eb6c0fc5c203 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Mon, 11 Mar 2019 18:44:02 +0800
Subject: [PATCH] squash: squash systemd binary and udevadm
From 37e73a30c5b75a57de9e2bb6843eb9a1dab12abf Mon Sep 17 00:00:00 2001
From: Laszlo Gombos <laszlo.gombos@gmail.com>
Date: Sun, 14 Aug 2022 22:46:10 +0000
Subject: [PATCH] test(16-DMSQUASH): make it pass on arch
systemd binary and udevadm are not needed to be outside the squash
image. Some binaries are kept outside because they are required before
mounting the image, or after umounting the image (when switching root),
or they may block umounting the image. But we are using lazy umounting,
so actually nothing will block the umount.
Include additional kernel drivers and install squashfs-tools
into the arch container.
Keep more binaries outside the squash image won't hurt but cost extra
memories, the idea of squash image is to save memory usage.
(cherry picked from commit b8ffc87d13989f95c8f48ec64613dd9138835618)
So, there is no reason to keep udevadm outside, that should be a debug
left over. For systemd binary, it's running when switch root happens,
But we have lazy umounted the image and overlay, once systemd process
exec the new systemd in new root, everything will be cleared by kernel.
Also tidy up the comment make it less confussing.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit e1e1f6e8e6747d8f32c065e267e0a57587818c9e)
Resolves: #1691705
Related: #2135060
---
dracut.sh | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
test/TEST-16-DMSQUASH/test.sh | 4 +++-
test/container/Dockerfile-Arch | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/dracut.sh b/dracut.sh
index e683a9bc..a0158f22 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1772,9 +1772,11 @@ if dracut_module_included "squash"; then
mv $initdir/$folder $squash_dir/$folder
done
diff --git a/test/TEST-16-DMSQUASH/test.sh b/test/TEST-16-DMSQUASH/test.sh
index cf433489..52029375 100755
--- a/test/TEST-16-DMSQUASH/test.sh
+++ b/test/TEST-16-DMSQUASH/test.sh
@@ -6,7 +6,7 @@ TEST_DESCRIPTION="live root on a squash filesystem"
KVERSION="${KVERSION-$(uname -r)}"
- # Reinstall required files, because we have moved some important folders to $squash_dir
- inst_multiple "echo" "sh" "mount" "modprobe" "mkdir" \
- "systemctl" "udevadm" "$systemdutildir/systemd"
+ # Reinstall required files for the squash image setup script.
+ # We have moved them inside the squashed image, but they need to be
+ # accessible before mounting the image. Also install systemctl,
+ # it's requires for switch-root, but we will umount the image before switch-root
+ inst_multiple "echo" "sh" "mount" "modprobe" "mkdir" "systemctl"
hostonly="" instmods "loop" "squashfs" "overlay"
# Uncomment this to debug failures
-# DEBUGFAIL="rd.shell rd.debug loglevel=7"
+#DEBUGFAIL="rd.shell rd.debug loglevel=7"
for folder in "${squash_candidate[@]}"; do
test_run() {
dd if=/dev/zero of="$TESTDIR"/marker.img bs=1MiB count=1
@@ -72,6 +72,7 @@ test_setup() {
# devices, volume groups, encrypted partitions, etc.
"$basedir"/dracut.sh -l -i "$TESTDIR"/overlay / \
--modules "rootfs-block qemu" \
+ --drivers "ext4 sd_mod" \
--no-hostonly --no-hostonly-cmdline --no-early-microcode --nofscks --nomdadmconf --nohardlink --nostrip \
--force "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1
rm -rf -- "$TESTDIR"/overlay
@@ -109,6 +110,7 @@ test_setup() {
"$basedir"/dracut.sh -l -i "$TESTDIR"/overlay / \
--modules "dmsquash-live qemu" \
--omit "rngd" \
+ --drivers "ext4 sd_mod" \
--no-hostonly --no-hostonly-cmdline \
--force "$TESTDIR"/initramfs.testing "$KVERSION" || return 1
diff --git a/test/container/Dockerfile-Arch b/test/container/Dockerfile-Arch
index 922b8ede..ac1513a1 100644
--- a/test/container/Dockerfile-Arch
+++ b/test/container/Dockerfile-Arch
@@ -9,7 +9,7 @@ RUN echo 'export DRACUT_NO_XATTR=1 KVERSION=$(cd /lib/modules; ls -1 | tail -1)'
# Install needed packages for the dracut CI container
RUN pacman --noconfirm -Sy \
- linux dash strace dhclient asciidoc cpio pigz \
+ linux dash strace dhclient asciidoc cpio pigz squashfs-tools \
qemu btrfs-progs mdadm dmraid nfs-utils nfsidmap lvm2 nbd \
dhcp networkmanager multipath-tools vi tcpdump open-iscsi \
git shfmt shellcheck astyle which base-devel && yes | pacman -Scc

View File

@ -1,71 +1,425 @@
From b6d52b504fc7eefc3f405f75463d9e818471ee99 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Mon, 11 Mar 2019 19:46:19 +0800
Subject: [PATCH] squash: fix and simplify required_in_root
From 8aa62b8cb28a41d4739633aee9b02e40dc4a75d0 Mon Sep 17 00:00:00 2001
From: Matt Coleman <matt@datto.com>
Date: Fri, 23 Sep 2022 19:28:25 -0400
Subject: [PATCH] feat(dmsquash-live): add new dmsquash-live-autooverlay module
If required target is a symbol link, create the link then following the
link. If it's a directory, create new directory, else just move it.
Adapt to test properly with the CentOS Stream 9 container too.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 11ce69e4bd9172cf54251ea62bb4a5ead1700fd6)
(cherry picked from commit a3c67d27e75223bb45df19f850d246ced9a09938)
Resolves: #1691705
Co-authored-by: Neal Gompa <ngompa@datto.com>
Resolves: #2135060
---
dracut.sh | 42 +++++++++++++++++++-----------------------
1 file changed, 19 insertions(+), 23 deletions(-)
.github/workflows/integration.yml | 1 +
man/dracut.cmdline.7.asc | 4 +
.../create-overlay-genrules.sh | 10 ++
.../90dmsquash-live-autooverlay/create-overlay.sh | 119 +++++++++++++++++++++
.../90dmsquash-live-autooverlay/module-setup.sh | 25 +++++
pkgbuild/dracut.spec | 3 +-
test/TEST-16-DMSQUASH/create-root.sh | 12 ++-
test/TEST-16-DMSQUASH/test-init.sh | 6 ++
test/TEST-16-DMSQUASH/test.sh | 38 ++++++-
test/container/Dockerfile-Arch | 2 +-
test/container/Dockerfile-CentOS-9-Stream | 2 +
test/container/Dockerfile-Debian | 1 +
test/container/Dockerfile-Fedora-latest | 1 +
test/container/Dockerfile-OpenSuse-latest | 2 +-
14 files changed, 218 insertions(+), 8 deletions(-)
diff --git a/dracut.sh b/dracut.sh
index a0158f22..6de88b3e 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1811,30 +1811,26 @@ if dracut_module_included "squash"; then
required_in_root $(dirname $file)
fi
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 40da300c..c22bf916 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -98,6 +98,7 @@ jobs:
"11",
"12",
"13",
+ "16",
"17",
"20",
"21",
diff --git a/man/dracut.cmdline.7.asc b/man/dracut.cmdline.7.asc
index fda62fd1..40d13d83 100644
--- a/man/dracut.cmdline.7.asc
+++ b/man/dracut.cmdline.7.asc
@@ -1161,6 +1161,10 @@ rd.live.overlay=/dev/sdb1:persistent-overlay.img
rd.live.overlay=UUID=99440c1f-8daa-41bf-b965-b7240a8996f4
--
- if [[ -d $_sqsh_file ]]; then
- if [[ -L $_sqsh_file ]]; then
- cp --preserve=all -P $_sqsh_file $_init_file
- else
- mkdir $_init_file
- fi
+ if [[ -L $_sqsh_file ]]; then
+ cp --preserve=all -P $_sqsh_file $_init_file
+ _sqsh_file=$(realpath $_sqsh_file 2>/dev/null)
+ if [[ -e $_sqsh_file ]] && [[ "$_sqsh_file" == "$squash_dir"* ]]; then
+ # Relative symlink
+ required_in_root ${_sqsh_file#$squash_dir/}
+ return
+**rd.live.overlay.cowfs=**__[btrfs|ext4|xfs]__::
+Specifies the filesystem to use when formatting the overlay partition.
+The default is ext4.
+
**rd.live.overlay.size=**__<size_MiB>__::
Specifies a non-persistent Device-mapper overlay size in MiB. The default is
_32768_.
diff --git a/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh b/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh
new file mode 100755
index 00000000..ed168d9f
--- /dev/null
+++ b/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# shellcheck disable=SC2154
+case "$root" in
+ live:/dev/*)
+ printf 'SYMLINK=="%s", RUN+="/sbin/initqueue --settled --onetime --unique /sbin/create-overlay %s"\n' \
+ "${root#live:/dev/}" "${root#live:}" >> /etc/udev/rules.d/95-create-overlay.rules
+ wait_for_dev -n "${root#live:}"
+ ;;
+esac
diff --git a/modules.d/90dmsquash-live-autooverlay/create-overlay.sh b/modules.d/90dmsquash-live-autooverlay/create-overlay.sh
new file mode 100755
index 00000000..c89bda2b
--- /dev/null
+++ b/modules.d/90dmsquash-live-autooverlay/create-overlay.sh
@@ -0,0 +1,119 @@
+#!/bin/sh
+
+type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh
+
+if getargbool 0 rd.live.debug -n -y rdlivedebug; then
+ exec > /tmp/create-overlay.$$.out
+ exec 2>> /tmp/create-overlay.$$.out
+ set -x
+fi
+
+gatherData() {
+ overlay=$(getarg rd.live.overlay)
+ if [ -z "$overlay" ]; then
+ info "Skipping overlay creation: kernel command line parameter 'rd.live.overlay' is not set"
+ exit 0
+ fi
+ if [[ -e $squash_dir$_sqsh_file ]]; then
+ # Absolute symlink
+ required_in_root ${_sqsh_file#/}
+ return
+ # shellcheck disable=SC2086
+ if ! str_starts ${overlay} LABEL=; then
+ die "Overlay creation failed: the partition must be set by LABEL in the 'rd.live.overlay' kernel parameter"
+ fi
+ required_in_root ${module_spec#$squash_dir/}
else
- if [[ -L $_sqsh_file ]]; then
- cp --preserve=all -P $_sqsh_file $_init_file
- _sqsh_file=$(realpath $_sqsh_file 2>/dev/null)
- if [[ -e $_sqsh_file ]] && [[ "$_sqsh_file" == "$squash_dir"* ]]; then
- # Relative symlink
- required_in_root ${_sqsh_file#$squash_dir/}
- return
- fi
- if [[ -e $squash_dir$_sqsh_file ]]; then
- # Absolute symlink
- required_in_root ${_sqsh_file#/}
- return
- fi
- required_in_root ${module_spec#$squash_dir/}
- else
- mv $_sqsh_file $_init_file
- fi
+ if [[ -d $_sqsh_file ]]; then
+ mkdir $_init_file
+
+ overlayLabel=${overlay#LABEL=}
+ # shellcheck disable=SC2086
+ if [ -b /dev/disk/by-label/${overlayLabel} ]; then
+ info "Skipping overlay creation: overlay already exists"
+ exit 0
+ fi
+
+ filesystem=$(getarg rd.live.overlay.cowfs)
+ [ -z "$filesystem" ] && filesystem="ext4"
+ if [ "$filesystem" != "ext4" ] && [ "$filesystem" != "xfs" ] && [ "$filesystem" != "btrfs" ]; then
+ die "Overlay creation failed: only ext4, xfs, and btrfs are supported in the 'rd.live.overlay.cowfs' kernel parameter"
+ fi
+
+ live_dir=$(getarg rd.live.dir)
+ [ -z "$live_dir" ] && live_dir="LiveOS"
+
+ [ -z "$1" ] && exit 1
+ rootDevice=$1
+
+ # The kernel command line's 'root=' parameter was parsed into the $root variable by the dmsquash-live module.
+ # $root contains the path to a symlink within /dev/disk/by-label, which points to a partition.
+ # This script needs that partition's parent block device.
+ # shellcheck disable=SC2046
+ # shellcheck disable=SC2086
+ rootDeviceAbsolutePath=$(readlink -f ${rootDevice})
+ rootDeviceSysfsPath=/sys/class/block/${rootDeviceAbsolutePath##*/}
+ if [ -f "${rootDeviceSysfsPath}/partition" ]; then
+ # shellcheck disable=SC2086
+ partition=$(cat ${rootDeviceSysfsPath}/partition)
+ else
+ mv $_sqsh_file $_init_file
+ partition=0
+ fi
fi
+ # shellcheck disable=SC2086
+ readonly=$(cat ${rootDeviceSysfsPath}/ro)
+ # shellcheck disable=SC2086
+ if [ "$partition" != "1" ] || [ "$readonly" != "0" ]; then
+ info "Skipping overlay creation: unpartitioned or read-only media detected"
+ exit 0
+ fi
+ # shellcheck disable=SC2046
+ # shellcheck disable=SC2086
+ fullDriveSysfsPath=$(readlink -f ${rootDeviceSysfsPath}/..)
+ blockDevice=/dev/${fullDriveSysfsPath##*/}
+ currentPartitionCount=$(grep --count -E "${blockDevice#/dev/}[0-9]+" /proc/partitions)
+
+ # shellcheck disable=SC2086
+ freeSpaceStart=$(parted --script ${blockDevice} unit % print free \
+ | awk -v x=${currentPartitionCount} '$1 == x {getline; print $1}')
+ if [ -z "$freeSpaceStart" ]; then
+ info "Skipping overlay creation: there is no free space after the last partition"
+ exit 0
+ fi
+ partitionStart=$((${freeSpaceStart%.*} + 1))
+ if [ $partitionStart -eq 100 ]; then
+ info "Skipping overlay creation: there is not enough free space after the last partition"
+ exit 0
+ fi
+
+ overlayPartition=${blockDevice}$((currentPartitionCount + 1))
+
+ label=$(blkid --match-tag LABEL --output value "$rootDevice")
+ uuid=$(blkid --match-tag UUID --output value "$rootDevice")
+ if [ -z "$label" ] || [ -z "$uuid" ]; then
+ die "Overlay creation failed: failed to look up root device label and UUID"
+ fi
+}
+
+createPartition() {
+ # shellcheck disable=SC2086
+ parted --script --align optimal ${blockDevice} mkpart primary ${partitionStart}% 100%
+}
+
+createFilesystem() {
+ # shellcheck disable=SC2086
+ mkfs.${filesystem} -L ${overlayLabel} ${overlayPartition}
+
+ baseDir=/run/initramfs/create-overlayfs
+ mkdir -p ${baseDir}
+ # shellcheck disable=SC2086
+ mount -t auto ${overlayPartition} ${baseDir}
+
+ mkdir -p ${baseDir}/${live_dir}/ovlwork
+ # shellcheck disable=SC2086
+ mkdir ${baseDir}/${live_dir}/overlay-${label}-${uuid}
+
+ umount ${baseDir}
+ rm -r ${baseDir}
+}
+
+main() {
+ gatherData "$1"
+ createPartition
+ udevsettle
+ createFilesystem
+ udevsettle
+}
+
+main "$1"
diff --git a/modules.d/90dmsquash-live-autooverlay/module-setup.sh b/modules.d/90dmsquash-live-autooverlay/module-setup.sh
new file mode 100755
index 00000000..c3712eba
--- /dev/null
+++ b/modules.d/90dmsquash-live-autooverlay/module-setup.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+check() {
+ # including a module dedicated to live environments in a host-only initrd doesn't make sense
+ [[ $hostonly ]] && return 1
+ return 255
+}
+
+depends() {
+ echo dmsquash-live
+ return 0
+}
+
+installkernel() {
+ instmods btrfs ext4 xfs
+}
+
+install() {
+ inst_multiple awk blkid cat grep mkdir mount parted readlink rmdir tr umount
+ inst_multiple -o mkfs.btrfs mkfs.ext4 mkfs.xfs
+ # shellcheck disable=SC2154
+ inst_hook pre-udev 25 "$moddir/create-overlay-genrules.sh"
+ inst_script "$moddir/create-overlay.sh" "/sbin/create-overlay"
+ dracut_need_initqueue
+}
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index 38de47b4..e148bbf7 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -138,7 +138,7 @@ Requires: %{name} >= %{version}-%{dist_free_release}
Requires: %{name} = %{version}-%{release}
%endif
Requires: %{name}-network = %{version}-%{release}
-Requires: tar gzip coreutils bash device-mapper curl
+Requires: tar gzip coreutils bash device-mapper curl parted
%if 0%{?fedora}
Requires: fuse ntfs-3g
%endif
@@ -461,6 +461,7 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%files live
%{dracutlibdir}/modules.d/99img-lib
%{dracutlibdir}/modules.d/90dmsquash-live
+%{dracutlibdir}/modules.d/90dmsquash-live-autooverlay
%{dracutlibdir}/modules.d/90dmsquash-live-ntfs
%{dracutlibdir}/modules.d/90livenet
diff --git a/test/TEST-16-DMSQUASH/create-root.sh b/test/TEST-16-DMSQUASH/create-root.sh
index 9bc1aa5d..c11e17e0 100755
--- a/test/TEST-16-DMSQUASH/create-root.sh
+++ b/test/TEST-16-DMSQUASH/create-root.sh
@@ -11,9 +11,17 @@ udevadm control --reload
set -e
udevadm settle
-mkfs.ext4 -q -L dracut /dev/disk/by-id/ata-disk_root
+
+# create a single partition using 50% of the capacity of the image file created by test_setup() in test.sh
+sfdisk /dev/disk/by-id/ata-disk_root << EOF
+2048,161792
+EOF
+
+udevadm settle
+
+mkfs.ext4 -q -L dracut /dev/disk/by-id/ata-disk_root-part1
mkdir -p /root
-mount /dev/disk/by-id/ata-disk_root /root
+mount /dev/disk/by-id/ata-disk_root-part1 /root
mkdir -p /root/run /root/testdir
echo "Creating squashfs"
mksquashfs /source /root/testdir/rootfs.img -quiet
diff --git a/test/TEST-16-DMSQUASH/test-init.sh b/test/TEST-16-DMSQUASH/test-init.sh
index 068e8f38..959fa25f 100755
--- a/test/TEST-16-DMSQUASH/test-init.sh
+++ b/test/TEST-16-DMSQUASH/test-init.sh
@@ -9,6 +9,12 @@ exec > /dev/console 2>&1
echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker
+if grep -qF ' rd.live.overlay=LABEL=persist ' /proc/cmdline; then
+ # Writing to a file in the root filesystem lets test_run() verify that the autooverlay module successfully created
+ # and formatted the overlay partition and that the dmsquash-live module used it when setting up the rootfs overlay.
+ echo "dracut-autooverlay-success" > /overlay-marker
+fi
+
export TERM=linux
export PS1='initramfs-test:\w\$ '
[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab
diff --git a/test/TEST-16-DMSQUASH/test.sh b/test/TEST-16-DMSQUASH/test.sh
index 52029375..58d73b0d 100755
--- a/test/TEST-16-DMSQUASH/test.sh
+++ b/test/TEST-16-DMSQUASH/test.sh
@@ -5,8 +5,9 @@ TEST_DESCRIPTION="live root on a squash filesystem"
KVERSION="${KVERSION-$(uname -r)}"
-# Uncomment this to debug failures
-#DEBUGFAIL="rd.shell rd.debug loglevel=7"
+# Uncomment these to debug failures
+#DEBUGFAIL="rd.shell rd.debug rd.live.debug loglevel=7"
+#DEBUGTOOLS="setsid ls cat sfdisk"
test_run() {
dd if=/dev/zero of="$TESTDIR"/marker.img bs=1MiB count=1
@@ -23,6 +24,27 @@ test_run() {
-initrd "$TESTDIR"/initramfs.testing
grep -U --binary-files=binary -F -m 1 -q dracut-root-block-success -- "$TESTDIR"/marker.img || return 1
+
+ rootPartitions=$(sfdisk -d "$TESTDIR"/root.img | grep -c 'root\.img[0-9]')
+ [ "$rootPartitions" -eq 1 ] || return 1
+
+ "$testdir"/run-qemu \
+ "${disk_args[@]}" \
+ -boot order=d \
+ -append "rd.live.image rd.live.overlay.overlayfs=1 rd.live.overlay=LABEL=persist rd.live.dir=testdir root=LABEL=dracut console=ttyS0,115200n81 quiet selinux=0 rd.info rd.shell=0 panic=1 oops=panic softlockup_panic=1 $DEBUGFAIL" \
+ -initrd "$TESTDIR"/initramfs.testing-autooverlay
+
+ rootPartitions=$(sfdisk -d "$TESTDIR"/root.img | grep -c 'root\.img[0-9]')
+ [ "$rootPartitions" -eq 2 ] || return 1
+
+ (
+ # Ensure that this test works when run with the `V=1` parameter, which runs the script with `set -o pipefail`.
+ set +o pipefail
+
+ # Verify that the string "dracut-autooverlay-success" occurs in the second partition in the image file.
+ dd if="$TESTDIR"/root.img bs=1MiB skip=80 status=none \
+ | grep -U --binary-files=binary -F -m 1 -q dracut-autooverlay-success
+ ) || return 1
}
test_setup() {
@@ -49,7 +71,7 @@ test_setup() {
ln -s dracut-util "${initdir}/usr/bin/dracut-getarg"
ln -s dracut-util "${initdir}/usr/bin/dracut-getargs"
- inst_multiple mkdir ln dd stty mount poweroff
+ inst_multiple mkdir ln dd stty mount poweroff grep "$DEBUGTOOLS"
cp -a -- /etc/ld.so.conf* "$initdir"/etc
ldconfig -r "$initdir"
@@ -115,6 +137,16 @@ test_setup() {
--force "$TESTDIR"/initramfs.testing "$KVERSION" || return 1
ls -sh "$TESTDIR"/initramfs.testing
+
+ "$basedir"/dracut.sh -l -i "$TESTDIR"/overlay / \
+ --modules "dmsquash-live-autooverlay qemu" \
+ --omit "rngd" \
+ --drivers "ext4 sd_mod" \
+ --no-hostonly --no-hostonly-cmdline \
+ --force "$TESTDIR"/initramfs.testing-autooverlay "$KVERSION" || return 1
+
+ ls -sh "$TESTDIR"/initramfs.testing-autooverlay
+
rm -rf -- "$TESTDIR"/overlay
}
diff --git a/test/container/Dockerfile-Arch b/test/container/Dockerfile-Arch
index ac1513a1..4112cc5b 100644
--- a/test/container/Dockerfile-Arch
+++ b/test/container/Dockerfile-Arch
@@ -12,7 +12,7 @@ RUN pacman --noconfirm -Sy \
linux dash strace dhclient asciidoc cpio pigz squashfs-tools \
qemu btrfs-progs mdadm dmraid nfs-utils nfsidmap lvm2 nbd \
dhcp networkmanager multipath-tools vi tcpdump open-iscsi \
- git shfmt shellcheck astyle which base-devel && yes | pacman -Scc
+ git shfmt shellcheck astyle which base-devel glibc parted && yes | pacman -Scc
RUN useradd -m build
RUN su build -c 'cd && git clone https://aur.archlinux.org/perl-config-general.git && cd perl-config-general && makepkg -s --noconfirm'
diff --git a/test/container/Dockerfile-CentOS-9-Stream b/test/container/Dockerfile-CentOS-9-Stream
index c9a96020..abcc067e 100644
--- a/test/container/Dockerfile-CentOS-9-Stream
+++ b/test/container/Dockerfile-CentOS-9-Stream
@@ -33,8 +33,10 @@ RUN dnf -y install --enablerepo crb --setopt=install_weak_deps=False \
make \
mdadm \
nfs-utils \
+ parted \
pigz \
rpm-build \
+ squashfs-tools \
strace \
sudo \
tar \
diff --git a/test/container/Dockerfile-Debian b/test/container/Dockerfile-Debian
index b4c1704e..15eb9958 100644
--- a/test/container/Dockerfile-Debian
+++ b/test/container/Dockerfile-Debian
@@ -42,6 +42,7 @@ RUN apt-get update -y -qq && apt-get upgrade -y -qq && DEBIAN_FRONTEND=nonintera
network-manager \
nfs-common \
open-iscsi \
+ parted \
pigz \
pkg-config \
procps \
diff --git a/test/container/Dockerfile-Fedora-latest b/test/container/Dockerfile-Fedora-latest
index 87c749f9..a38a72ef 100644
--- a/test/container/Dockerfile-Fedora-latest
+++ b/test/container/Dockerfile-Fedora-latest
@@ -49,6 +49,7 @@ RUN dnf -y install --setopt=install_weak_deps=False \
which \
ShellCheck \
shfmt \
+ parted \
&& dnf -y update && dnf clean all
# Set default command
diff --git a/test/container/Dockerfile-OpenSuse-latest b/test/container/Dockerfile-OpenSuse-latest
index 637d50c6..9aaf07b1 100644
--- a/test/container/Dockerfile-OpenSuse-latest
+++ b/test/container/Dockerfile-OpenSuse-latest
@@ -13,7 +13,7 @@ RUN dnf -y install --setopt=install_weak_deps=False \
strace libkmod-devel gcc bzip2 xz tar wget rpm-build make git bash-completion \
sudo kernel dhcp-client qemu-kvm /usr/bin/qemu-system-$(uname -m) e2fsprogs \
tcpdump iproute iputils kbd NetworkManager btrfsprogs tgt dbus-broker \
- iscsiuio open-iscsi which ShellCheck procps pigz \
+ iscsiuio open-iscsi which ShellCheck procps pigz parted squashfs \
&& dnf -y update && dnf clean all
RUN shfmt_version=3.2.4; wget "https://github.com/mvdan/sh/releases/download/v${shfmt_version}/shfmt_v${shfmt_version}_linux_amd64" -O /usr/local/bin/shfmt \

View File

@ -1,94 +1,39 @@
From 829ed8ef5cca250fac475ad6b0265c792c3af015 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 13 Mar 2019 17:36:53 +0800
Subject: [PATCH] squash: also squash systemctl if switch-root is not needed
From 3e912f878de8d310bd06199e03602c63d2b60dba Mon Sep 17 00:00:00 2001
From: Radek Vykydal <rvykydal@redhat.com>
Date: Tue, 20 Dec 2022 16:40:23 +0100
Subject: [PATCH] fix(network-manager): allow running nm-run.sh multiple times
systemctl need to be accessible on switch-root, but we unmount the
squash image on switch-root, so it will fail. systemctl depends on a lot
of libraries, squash them can save more RAM. So allow modules
(eg. kdump) to tell dracut that switch-root will be intercepted,
then we don't need to take care of that.
This partially reverts
https://github.com/redhat-plumbers/dracut-rhel9/commit/77630365aed201a729c73a9ffda0733a75f3fee4
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 3ee0ca5eb74be5d1fbd0e6d643f6fff06234177f)
Anaconda needs to be able to run nm-run.sh to trigger online hooks again
after kickstart is fetched from storage and network is configured
accordingly.
Resolves: #1691705
rhel-only
Resolves: rhbz#2157082
---
dracut-init.sh | 4 ++++
dracut.sh | 40 ++++++++++++++++++++++------------------
2 files changed, 26 insertions(+), 18 deletions(-)
modules.d/35network-manager/nm-run.sh | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/dracut-init.sh b/dracut-init.sh
index 50d23e2d..b1ac9966 100644
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -150,6 +150,10 @@ dracut_module_included() {
[[ " $mods_to_load $modules_loaded " == *\ $*\ * ]]
}
diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh
index 7d8d61fa..6110733d 100755
--- a/modules.d/35network-manager/nm-run.sh
+++ b/modules.d/35network-manager/nm-run.sh
@@ -2,11 +2,12 @@
+dracut_no_switch_root() {
+ >"$initdir/lib/dracut/no-switch-root"
+}
+
if ! [[ $DRACUT_INSTALL ]]; then
DRACUT_INSTALL=$(find_binary dracut-install)
fi
diff --git a/dracut.sh b/dracut.sh
index 6de88b3e..8144a16e 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1772,24 +1772,6 @@ if dracut_module_included "squash"; then
mv $initdir/$folder $squash_dir/$folder
done
type source_hook > /dev/null 2>&1 || . /lib/dracut-lib.sh
- # Reinstall required files for the squash image setup script.
- # We have moved them inside the squashed image, but they need to be
- # accessible before mounting the image. Also install systemctl,
- # it's requires for switch-root, but we will umount the image before switch-root
- inst_multiple "echo" "sh" "mount" "modprobe" "mkdir" "systemctl"
- hostonly="" instmods "loop" "squashfs" "overlay"
-if [ -e /tmp/nm.done ]; then
- return
-fi
-
- for folder in "${squash_candidate[@]}"; do
- # Remove duplicated files in squashfs image, save some more space
- [[ ! -d $initdir/$folder/ ]] && continue
- for file in $(find $initdir/$folder/ -not -type d);
- do
- if [[ -e $squash_dir${file#$initdir} ]]; then
- mv $squash_dir${file#$initdir} $file
- fi
- done
- done
-
# Move some files out side of the squash image, including:
# - Files required to boot and mount the squashfs image
# - Files need to be accessable without mounting the squash image
@@ -1851,6 +1833,28 @@ if dracut_module_included "squash"; then
ln -s squash/init.sh $initdir/init
ln -s squash/shutdown.sh $initdir/shutdown
+ # Reinstall required files for the squash image setup script.
+ # We have moved them inside the squashed image, but they need to be
+ # accessible before mounting the image.
+ inst_multiple "echo" "sh" "mount" "modprobe" "mkdir"
+ hostonly="" instmods "loop" "squashfs" "overlay"
if [ -z "$DRACUT_SYSTEMD" ]; then
+
+ # Only keep systemctl outsite if we need switch root
+ if [[ ! -f "$initdir/lib/dracut/no-switch-root" ]]; then
+ inst "systemctl"
+ if [ -e /tmp/nm.done ]; then
+ return
+ fi
+
+ for folder in "${squash_candidate[@]}"; do
+ # Remove duplicated files in squashfs image, save some more space
+ [[ ! -d $initdir/$folder/ ]] && continue
+ for file in $(find $initdir/$folder/ -not -type d);
+ do
+ if [[ -e $squash_dir${file#$initdir} ]]; then
+ mv $squash_dir${file#$initdir} $file
+ fi
+ done
+ done
+
mksquashfs $squash_dir $squash_img -comp xz -b 64K -Xdict-size 100% &> /dev/null
if [[ $? != 0 ]]; then
# Only start NM if networking is needed
if [ -e /run/NetworkManager/initrd/neednet ]; then
for i in /usr/lib/NetworkManager/system-connections/* \

View File

@ -1,94 +1,56 @@
From 7ee74e539dba61c3765afe34426b085eff0de027 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Thu, 21 Feb 2019 13:18:37 +0800
Subject: [PATCH] dracut: let module handling function accept optional path
option
From f814aed234f5bfb99029b9926a41727cbc68824c Mon Sep 17 00:00:00 2001
From: Tao Liu <ltao@redhat.com>
Date: Fri, 3 Mar 2023 18:27:25 +0800
Subject: [PATCH] fix(lvmthinpool-monitor): activate lvm thin pool before
extend its size
Let the caller pass in the module path instead of try to find the module
path everytime. This helps optimize the overall runtime.
The state of lvm thin pool may change into inactived state when kdump into
2nd kernel. As a result, lvextend will fail to extend its size. For example:
Test results (3 rounds) on Fedora 30 in KVM VM with 8 CPUs, 2G memory, HDD:
In 1st kernel:
$ time ./dracut.sh --local --quiet --hostonly --hostonly-cmdline --hostonly-i18n --hostonly-mode 'strict' -o 'plymouth dash resume ifcfg' --mount '/dev/mapper/fedora-root /sysroot xfs defaults' --no-hostonly-default-device -f initramfs.img
Before the commit:
real 0m11.782s | real 0m11.505s | real 0m11.958s
user 0m9.169s | user 0m9.218s | user 0m9.327s
sys 0m10.839s | sys 0m10.829s | sys 0m10.925s
$ lvs
LV VG Attr LSize Pool Origin Data% Meta%
vol vg00 Vwi-a-tz-- 300.00m thinpool 70.54
thinpool vg00 twi-aotz-- 236.00m 89.67 12.50
...
After this commit:
real 0m9.866s | real 0m9.580s | real 0m9.638s
user 0m9.048s | user 0m9.142s | user 0m9.120s
sys 0m7.411s | sys 0m7.775s | sys 0m7.745s
In 2nd kernel:
Test result of building a ordinary image:
LV VG Attr LSize Pool Origin Data% Meta%
vol vg00 Vwi-aotz-- 300.00m thinpool 70.54
thinpool vg00 twi---tz-- 236.00m 89.67 12.50
...
$ time ./dracut.sh --local --quiet -f initramfs.img
Before the commit:
real 0m34.697s | real 0m34.371s | real 0m35.122s
user 0m27.608s | user 0m27.524s | user 0m27.705s
sys 0m22.341s | sys 0m22.032s | sys 0m22.246s
And the lvextend failing log:
[ 8.483878] start-thinpool-monitor[590]: lvextend using policy requires the thin pool to be active.
After the commit:
real 0m31.914s | real 0m31.006 | real 0m31.289ss
user 0m27.315s | user 0m27.324 | user 0m27.290ss
sys 0m19.051s | sys 0m18.916 | sys 0m19.022ss
In this patch, we will first activate lvm thin pool before calling lvextend
during kdump.
This will have an ~2s speed up.
Signed-off-by: Tao Liu <ltao@redhat.com>
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 5916d31b24ad9eb21fd376929a96c459813315a1)
(Cherry-picked commit: 4a6b81378f5c542fa1a94386744b9f4a0cc3e33a)
Cherry-picked from: 5916d31b
Resolves: #1734047
Resolves: #2175096
---
dracut-init.sh | 4 ++++
dracut.sh | 8 ++++----
2 files changed, 8 insertions(+), 4 deletions(-)
modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/dracut-init.sh b/dracut-init.sh
index b1ac9966..ab07cabf 100644
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -154,6 +154,10 @@ dracut_no_switch_root() {
>"$initdir/lib/dracut/no-switch-root"
}
diff --git a/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh b/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh
index 75d8eada..10f4a4bb 100755
--- a/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh
+++ b/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh
@@ -31,6 +31,12 @@ if [ -n "$THIN_POOLS" ]; then
CONFIG="activation {monitoring=0 thin_pool_autoextend_threshold=70 thin_pool_autoextend_percent=20}"
fi
+dracut_module_path() {
+ echo ${dracutbasedir}/modules.d/??${1} | { read a b; echo "$a"; }
+}
+ # Activate the thinpool in case the thinpool is in inactive state.
+ # Otherwise lvextend will fail.
+ for THIN_POOL in $THIN_POOLS; do
+ lvm lvchange -ay "$THIN_POOL" --config "$CONFIG"
+ done
+
if ! [[ $DRACUT_INSTALL ]]; then
DRACUT_INSTALL=$(find_binary dracut-install)
fi
diff --git a/dracut.sh b/dracut.sh
index 8144a16e..f270af76 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1373,7 +1373,7 @@ do_print_cmdline()
for moddir in "$dracutbasedir/modules.d"/[0-9][0-9]*; do
_d_mod=${moddir##*/}; _d_mod=${_d_mod#[0-9][0-9]}
[[ ${_mods_to_print[$_d_mod]} ]] || continue
- module_cmdline "$_d_mod"
+ module_cmdline "$_d_mod" "$moddir"
done
unset moddir
}
@@ -1454,14 +1454,14 @@ for moddir in "$dracutbasedir/modules.d"/[0-9][0-9]*; do
dinfo "*** Including module: $_d_mod ***"
fi
if [[ $kernel_only == yes ]]; then
- module_installkernel "$_d_mod" || {
+ module_installkernel "$_d_mod" "$moddir" || {
dfatal "installkernel failed in module $_d_mod"
exit 1
}
else
- module_install "$_d_mod"
+ module_install "$_d_mod" "$moddir"
if [[ $no_kernel != yes ]]; then
- module_installkernel "$_d_mod" || {
+ module_installkernel "$_d_mod" "$moddir" || {
dfatal "installkernel failed in module $_d_mod"
exit 1
}
while true; do
for THIN_POOL in $THIN_POOLS; do
lvm lvextend --use-policies --config "$CONFIG" "$THIN_POOL"

View File

@ -1,36 +1,145 @@
From 17cd55169c3549d85ba3e4d7e0e81c496d1b2940 Mon Sep 17 00:00:00 2001
From: Lianbo Jiang <lijiang@redhat.com>
Date: Mon, 13 May 2019 16:09:25 +0800
Subject: [PATCH] 99base: enable the initqueue in both 'dracut --add-device'
and 'dracut --mount' cases.
From cd2bfd13e80d5a20ca27e3f7e9dd5f4d33c30a6d Mon Sep 17 00:00:00 2001
From: Valentin Lefebvre <valentin.lefebvre@suse.com>
Date: Mon, 13 Mar 2023 12:06:13 +0100
Subject: [PATCH] fix(dracut.sh): use dynamically uefi's sections offset
The commit 9f3c31cd8d68 ("99base: enable initqueue if extra devices are added")
only covers 'dracut --add-device' case, but it did not cover 'dracut --mount'
case, which causes the kdump failure in the Amazon virtual machine.
* Uefi section are creating by `objcopy` with hardcoded sections
offset. This commit allow to have the correct offset between
each part of the efi file, needed to create an UKI. Offsets
are simply calculated so no sections overlap, as recommended
in https://wiki.archlinux.org/title/Unified_kernel_image#Manually
Moreover, efi stub file's header is parsed to apply the correct
offsets according the section alignment factor.
* Remove EFI_SECTION_VMA_INITRD, no need anymore as initrd
section offset dynamically calculated
Lets make sure that the initqueue is enabled in both cases in order to wake up
the device in time.
Fixes dracutdevs#2275
Reported-by: Xiao Liang <xiliang@redhat.com>
Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
(cherry picked from commit e0fc62f619ba55a96179382e22f7665e969c3d42)
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
Resolves: #1678094
(Cherry-picked commit: f32e95bcadbc5158843530407adc1e7b700561b1)
Resolves: #2180787
---
modules.d/99base/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
dracut-functions.sh | 23 +++++++++++++++++++++++
dracut.sh | 45 +++++++++++++++++++++++++++++++++++----------
2 files changed, 58 insertions(+), 10 deletions(-)
diff --git a/modules.d/99base/module-setup.sh b/modules.d/99base/module-setup.sh
index 21523fc9..c9ead01d 100755
--- a/modules.d/99base/module-setup.sh
+++ b/modules.d/99base/module-setup.sh
@@ -93,7 +93,7 @@ install() {
## save host_devs which we need bring up
if [[ $hostonly_cmdline == "yes" ]]; then
- if [[ -n $add_device ]]; then
+ if [[ -n "${host_devs[@]}" ]]; then
dracut_need_initqueue
diff --git a/dracut-functions.sh b/dracut-functions.sh
index ff6749a1..a95755b2 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -995,3 +995,26 @@ get_dev_module() {
fi
echo "$dev_drivers"
}
+
+# Check if file is in PE format
+pe_file_format() {
+ if [[ $# -eq 1 ]]; then
+ local magic
+ magic=$(objdump -p "$1" \
+ | awk '{if ($1 == "Magic"){print strtonum("0x"$2)}}')
+ magic=$(printf "0x%x" "$magic")
+ # 0x10b (PE32), 0x20b (PE32+)
+ [[ $magic == 0x20b || $magic == 0x10b ]] && return 0
+ fi
+ return 1
+}
+
+# Get the sectionAlignment data from the PE header
+pe_get_section_align() {
+ local align_hex
+ [[ $# -ne "1" ]] && return 1
+ [[ $(pe_file_format "$1") -eq 1 ]] && return 1
+ align_hex=$(objdump -p "$1" \
+ | awk '{if ($1 == "SectionAlignment"){print $2}}')
+ echo "$((16#$align_hex))"
+}
diff --git a/dracut.sh b/dracut.sh
index d2f07ac6..0c963431 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1433,7 +1433,6 @@ if [[ ! $print_cmdline ]]; then
exit 1
fi
unset EFI_MACHINE_TYPE_NAME
- EFI_SECTION_VMA_INITRD=0x3000000
case $(uname -m) in
x86_64)
EFI_MACHINE_TYPE_NAME=x64
@@ -1443,8 +1442,6 @@ if [[ ! $print_cmdline ]]; then
;;
aarch64)
EFI_MACHINE_TYPE_NAME=aa64
- # aarch64 kernels are uncompressed and thus larger, so we need a bigger gap between vma sections
- EFI_SECTION_VMA_INITRD=0x4000000
;;
*)
dfatal "Architecture '$(uname -m)' not supported to create a UEFI executable"
@@ -2596,29 +2593,57 @@ if [[ $uefi == yes ]]; then
done
fi
if [[ -f "$initdir/lib/dracut/need-initqueue" ]] || ! dracut_module_included "systemd"; then
+ offs=$(objdump -h "$uefi_stub" 2> /dev/null | awk 'NF==7 {size=strtonum("0x"$3);\
+ offset=strtonum("0x"$4)} END {print size + offset}')
+ if [[ $offs -eq 0 ]]; then
+ dfatal "Failed to get the size of $uefi_stub to create UEFI image file"
+ exit 1
+ fi
+ align=$(pe_get_section_align "$uefi_stub")
+ if [[ $? -eq 1 ]]; then
+ dfatal "Failed to get the sectionAlignment of the stub PE header to create the UEFI image file"
+ exit 1
+ fi
+ offs=$((offs + "$align" - offs % "$align"))
+ [[ -s $dracutsysrootdir/usr/lib/os-release ]] && uefi_osrelease="$dracutsysrootdir/usr/lib/os-release"
+ [[ -s $dracutsysrootdir/etc/os-release ]] && uefi_osrelease="$dracutsysrootdir/etc/os-release"
+ [[ -s $uefi_osrelease ]] \
+ && uefi_osrelease_offs=${offs} \
+ && offs=$((offs + $(stat -Lc%s "$uefi_osrelease"))) \
+ && offs=$((offs + "$align" - offs % "$align"))
+
if [[ $kernel_cmdline ]] || [[ $hostonly_cmdline == yes && -d "$initdir/etc/cmdline.d" ]]; then
echo -ne "\x00" >> "$uefi_outdir/cmdline.txt"
dinfo "Using UEFI kernel cmdline:"
dinfo "$(tr -d '\000' < "$uefi_outdir/cmdline.txt")"
uefi_cmdline="${uefi_outdir}/cmdline.txt"
+ uefi_cmdline_offs=${offs}
+ offs=$((offs + $(stat -Lc%s "$uefi_cmdline")))
+ offs=$((offs + "$align" - offs % "$align"))
else
unset uefi_cmdline
fi
- [[ -s $dracutsysrootdir/usr/lib/os-release ]] && uefi_osrelease="$dracutsysrootdir/usr/lib/os-release"
- [[ -s $dracutsysrootdir/etc/os-release ]] && uefi_osrelease="$dracutsysrootdir/etc/os-release"
if [[ -s ${dracutsysrootdir}${uefi_splash_image} ]]; then
uefi_splash_image="${dracutsysrootdir}${uefi_splash_image}"
+ uefi_splash_offs=${offs}
+ offs=$((offs + $(stat -Lc%s "$uefi_splash_image")))
+ offs=$((offs + "$align" - offs % "$align"))
else
unset uefi_splash_image
fi
+ uefi_linux_offs="${offs}"
+ offs=$((offs + $(stat -Lc%s "$kernel_image")))
+ offs=$((offs + "$align" - offs % "$align"))
+ uefi_initrd_offs="${offs}"
+
if objcopy \
- ${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=0x20000} \
- ${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=0x30000} \
- ${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=0x40000} \
- --add-section .linux="$kernel_image" --change-section-vma .linux=0x2000000 \
- --add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="${EFI_SECTION_VMA_INITRD}" \
+ ${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=$(printf 0x%x "$uefi_osrelease_offs")} \
+ ${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=$(printf 0x%x "$uefi_cmdline_offs")} \
+ ${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=$(printf 0x%x "$uefi_splash_offs")} \
+ --add-section .linux="$kernel_image" --change-section-vma .linux="$(printf 0x%x "$uefi_linux_offs")" \
+ --add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="$(printf 0x%x "$uefi_initrd_offs")" \
"$uefi_stub" "${uefi_outdir}/linux.efi"; then
if [[ -n ${uefi_secureboot_key} && -n ${uefi_secureboot_cert} ]]; then
if sbsign \

View File

@ -1,34 +1,97 @@
From 1851348709df5413a767faecdee908534baf0da1 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 12 Jun 2019 14:27:44 +0800
Subject: [PATCH] 95fcoe: load 'libfcoe' module as a fallback
From 11e1ffb0cf614fb6ec9b740cb6eb8c07c2a081ac Mon Sep 17 00:00:00 2001
From: keentux <valentin.lefebvre@suse.com>
Date: Wed, 22 Mar 2023 10:40:39 +0000
Subject: [PATCH] fix(dracut.sh): handle imagebase for uefi
The kernel may only enable 'libfcoe' module. Some modules like bnx2fc
provides FCoE but only depend on 'libfcoe'. Loading 'fcoe' module may
fail but the kernel do support FCoE.
* UEFI creation didn't handle the ImageBase data for the PE file
generation. Create an UKI thanks a stub file with a non zero BaseImage
logs some warning ans generate a bad file offset management. The efi
becomes unloadable.
* This commit parse the PE file header, get the data and apply the
ImageBase on the objcopy command.
'libfcoe' will be installed as a dependency when installing block device
drivers if it's required. So no need to install it in installkernel.
Fixes dracutdevs#2284
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 65fe1af2eca7d0ed340520577ab861fcd695b34a)
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
Resolves: #1719645
(Cherry-picked commit: 6178a9d83ffad67fa371cef2ff3f5bbb337bc8b7)
Related: #2180787
---
modules.d/95fcoe/parse-fcoe.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
dracut-functions.sh | 26 ++++++++++++++++++++++----
dracut.sh | 9 ++++++++-
2 files changed, 30 insertions(+), 5 deletions(-)
diff --git a/modules.d/95fcoe/parse-fcoe.sh b/modules.d/95fcoe/parse-fcoe.sh
index 75cca9a5..12701cdb 100755
--- a/modules.d/95fcoe/parse-fcoe.sh
+++ b/modules.d/95fcoe/parse-fcoe.sh
@@ -18,7 +18,7 @@
# If it's not set we don't continue
[ -z "$fcoe" ] && return
diff --git a/dracut-functions.sh b/dracut-functions.sh
index a95755b2..7f05da6e 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -1009,12 +1009,30 @@ pe_file_format() {
return 1
}
-[ -e /sys/bus/fcoe/ctlr_create ] || modprobe -b -a fcoe || die "FCoE requested but kernel/initrd does not support FCoE"
+[ -e /sys/bus/fcoe/ctlr_create ] || modprobe -b -a fcoe || modprobe -b -a libfcoe || die "FCoE requested but kernel/initrd does not support FCoE"
initqueue --onetime modprobe -b -q bnx2fc
-# Get the sectionAlignment data from the PE header
+# Get specific data from the PE header
+pe_get_header_data() {
+ local data_header
+ [[ $# -ne "2" ]] && return 1
+ [[ $(pe_file_format "$1") -eq 1 ]] && return 1
+ data_header=$(objdump -p "$1" \
+ | awk -v data="$2" '{if ($1 == data){print $2}}')
+ echo "$data_header"
+}
+
+# Get the SectionAlignment data from the PE header
pe_get_section_align() {
local align_hex
[[ $# -ne "1" ]] && return 1
- [[ $(pe_file_format "$1") -eq 1 ]] && return 1
- align_hex=$(objdump -p "$1" \
- | awk '{if ($1 == "SectionAlignment"){print $2}}')
+ align_hex=$(pe_get_header_data "$1" "SectionAlignment")
+ [[ $? -eq 1 ]] && return 1
echo "$((16#$align_hex))"
}
+
+# Get the ImageBase data from the PE header
+pe_get_image_base() {
+ local base_image
+ [[ $# -ne "1" ]] && return 1
+ base_image=$(pe_get_header_data "$1" "ImageBase")
+ [[ $? -eq 1 ]] && return 1
+ echo "$((16#$base_image))"
+}
diff --git a/dracut.sh b/dracut.sh
index 0c963431..a6a27dcf 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2601,7 +2601,7 @@ if [[ $uefi == yes ]]; then
fi
align=$(pe_get_section_align "$uefi_stub")
if [[ $? -eq 1 ]]; then
- dfatal "Failed to get the sectionAlignment of the stub PE header to create the UEFI image file"
+ dfatal "Failed to get the SectionAlignment of the stub PE header to create the UEFI image file"
exit 1
fi
offs=$((offs + "$align" - offs % "$align"))
@@ -2638,12 +2638,19 @@ if [[ $uefi == yes ]]; then
offs=$((offs + "$align" - offs % "$align"))
uefi_initrd_offs="${offs}"
+ base_image=$(pe_get_image_base "$uefi_stub")
+ if [[ $? -eq 1 ]]; then
+ dfatal "Failed to get ImageBase data of $uefi_stub to create UEFI image file"
+ exit 1
+ fi
+
if objcopy \
${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=$(printf 0x%x "$uefi_osrelease_offs")} \
${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=$(printf 0x%x "$uefi_cmdline_offs")} \
${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=$(printf 0x%x "$uefi_splash_offs")} \
--add-section .linux="$kernel_image" --change-section-vma .linux="$(printf 0x%x "$uefi_linux_offs")" \
--add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="$(printf 0x%x "$uefi_initrd_offs")" \
+ --image-base="$(printf 0x%x "$base_image")" \
"$uefi_stub" "${uefi_outdir}/linux.efi"; then
if [[ -n ${uefi_secureboot_key} && -n ${uefi_secureboot_cert} ]]; then
if sbsign \

View File

@ -1,36 +1,46 @@
From 9b2497dffb8f699ce040cdbafa967f5fe02b57b6 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Fri, 2 Aug 2019 14:26:23 +0200
Subject: [PATCH] 90kernel-modules-extra: don't resolve symlinks before instmod
From 11cc7032853ea254a7d4cabed0b7bf3a605ccc6c Mon Sep 17 00:00:00 2001
From: Sam James <sam@gentoo.org>
Date: Thu, 20 Jul 2023 04:36:01 +0100
Subject: [PATCH] fix(dracut.sh): use gawk for strtonum
When you install a third-party driver, you will probably end in a
situation, where the module will be in a different directory and
in $depmod_module_dir you will only have symlink. If we resolve the
symlink before we pass the module path to instmod, the dracut-install
will only include the module with its original path, but not the
symlink. Hence the module can't be automatically loaded.
strtonum is a gawkism and is not available in all awks, e.g. mawk. Use gawk
to avoid failure.
Dracut-install is clever enough to handle symlinks and will include both
the symlink and the module to the initrd.
Fixes: f32e95bcadbc5158843530407adc1e7b700561b1
Signed-off-by: Sam James <sam@gentoo.org>
(cherry picked from commit d1afff43aea01c8d43817adf3ac4041dd4b9f022)
(Cherry-picked commit: 33a66ed04bdc30eccb172a0cd6dcc36d9d74f825)
Resolves: #1720275
Related: #2180787
---
modules.d/90kernel-modules-extra/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
dracut-functions.sh | 2 +-
dracut.sh | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/modules.d/90kernel-modules-extra/module-setup.sh b/modules.d/90kernel-modules-extra/module-setup.sh
index c0a2b7f9..1706c822 100755
--- a/modules.d/90kernel-modules-extra/module-setup.sh
+++ b/modules.d/90kernel-modules-extra/module-setup.sh
@@ -187,7 +187,7 @@ installkernel()
printf "^%s\.ko(\.gz|\.bz2|\.xz)?:\n" "${pathlist[@]}" \
| (LANG=C grep -E -o -f - -- "$depmod_modules_dep" || exit 0) \
| tr -d ':' \
- | (cd "$depmod_module_dir" || exit; xargs -r realpath -e --) \
+ | (cd "$depmod_module_dir" || exit; xargs -r realpath -se --) \
| instmods || return 1
diff --git a/dracut-functions.sh b/dracut-functions.sh
index 7f05da6e..3c475ca7 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -1001,7 +1001,7 @@ pe_file_format() {
if [[ $# -eq 1 ]]; then
local magic
magic=$(objdump -p "$1" \
- | awk '{if ($1 == "Magic"){print strtonum("0x"$2)}}')
+ | gawk '{if ($1 == "Magic"){print strtonum("0x"$2)}}')
magic=$(printf "0x%x" "$magic")
# 0x10b (PE32), 0x20b (PE32+)
[[ $magic == 0x20b || $magic == 0x10b ]] && return 0
diff --git a/dracut.sh b/dracut.sh
index a6a27dcf..1ff51bb1 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2593,7 +2593,7 @@ if [[ $uefi == yes ]]; then
done
fi
return 0
- offs=$(objdump -h "$uefi_stub" 2> /dev/null | awk 'NF==7 {size=strtonum("0x"$3);\
+ offs=$(objdump -h "$uefi_stub" 2> /dev/null | gawk 'NF==7 {size=strtonum("0x"$3);\
offset=strtonum("0x"$4)} END {print size + offset}')
if [[ $offs -eq 0 ]]; then
dfatal "Failed to get the size of $uefi_stub to create UEFI image file"

View File

@ -1,26 +1,59 @@
From 3464297288b50a062e1094e57d46ad21e51b351b Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 6 Aug 2019 10:54:09 +0200
Subject: [PATCH] net-lib: fix typo $li -> $_li
From 68814ff425e71c411ba5111c37774cbab429bf9e Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Sun, 23 Jul 2023 19:44:17 +0200
Subject: [PATCH] fix(rngd): install system service file
(cherry picked from commit cd97d8d2c0646b95aee47efd5eee39f29d617a67)
as there's no reason to keep a copy; there shouldn't be any modifications.
Resolves: #1625042
In case there are args stored in a separate file (Fedora and alike),
it needs to be supplied too, but without the option to change the user.
(Cherry-picked commit: c47a44cb25c0892d9af6e66ee9d7cd2c3beca31f)
Resolves: #2181541
---
modules.d/40network/net-lib.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/06rngd/module-setup.sh | 7 ++++++-
modules.d/06rngd/rngd.service | 8 --------
modules.d/06rngd/sysconfig | 1 +
3 files changed, 7 insertions(+), 9 deletions(-)
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
index f9569573..ad78d225 100755
--- a/modules.d/40network/net-lib.sh
+++ b/modules.d/40network/net-lib.sh
@@ -748,7 +748,7 @@ iface_has_link() {
iface_is_enslaved() {
local _li
_li=$(ip -o link show dev $1)
- strstr "$li" " master " || return 1
+ strstr "$_li" " master " || return 1
return 0
}
diff --git a/modules.d/06rngd/module-setup.sh b/modules.d/06rngd/module-setup.sh
index d94a47af..66923a38 100644
--- a/modules.d/06rngd/module-setup.sh
+++ b/modules.d/06rngd/module-setup.sh
@@ -32,7 +32,12 @@ depends() {
install() {
inst rngd
- inst_simple "${moddir}/rngd.service" "${systemdsystemunitdir}/rngd.service"
+ inst_simple "${systemdsystemunitdir}/rngd.service"
+
+ if [ -r /etc/sysconfig/rngd ]; then
+ inst_simple "${moddir}/sysconfig" "/etc/sysconfig/rngd"
+ fi
+
# make sure dependant libs are installed too
inst_libdir_file opensc-pkcs11.so
diff --git a/modules.d/06rngd/rngd.service b/modules.d/06rngd/rngd.service
deleted file mode 100644
index dd5374d7..00000000
--- a/modules.d/06rngd/rngd.service
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Hardware RNG Entropy Gatherer Daemon
-DefaultDependencies=no
-Before=systemd-udevd.service
-ConditionVirtualization=!container
-
-[Service]
-ExecStart=/usr/sbin/rngd -f
diff --git a/modules.d/06rngd/sysconfig b/modules.d/06rngd/sysconfig
new file mode 100644
index 00000000..100e8deb
--- /dev/null
+++ b/modules.d/06rngd/sysconfig
@@ -0,0 +1 @@
+RNGD_ARGS="--fill-watermark=0 -x pkcs11 -x nist -x qrypt"

View File

@ -1,38 +1,59 @@
From 95bbcaa8550534f03b332487ef3a2ed6650424fe Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 21 Aug 2019 11:16:07 +0200
Subject: [PATCH] git2spec: avoid malforming of SHA-1 hashes
From a63fbfe7eb109214fbcee726c9ba898ba3c954d3 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Wed, 14 Sep 2022 12:44:26 +0200
Subject: [PATCH] fix(nvmf): nvme list-subsys prints the address using commas
as separator
When a SHA-1 hash of a specific commit is used as a tag, the regex
shenanigans later in the script can (and will) corrupt it in certain
cases.
nvme-cli 1.x printed the address using spaces as separator, but nvme-cli 2.x
prints the address using commas as separator (exact output from sysfs). E.g.,
output from `cat /sys/class/nvme/nvme0/address`:
e.g.:
$ perl -e '
$tag="6e8cd92261577230daa1098f7e05ec198c3c4281";
$tag=~s/[^0-9]+?([0-9]+)/$1/;
print("$tag\n");
'
68cd92261577230daa1098f7e05ec198c3c4281
traddr=nn-0x201700a09890f5bf:pn-0x201900a09890f5bf,host_traddr=nn-0x200000109b579ef5:pn-0x100000109b579ef5
(Notice the missing 'e')
Also, I suppress rd.nvmf.discover= cmdline option if all fields are empty.
Let's fix this by limiting the regex's scope to a non-SHA-1 tags only.
Resolves: #1933787
---
git2spec.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/95nvmf/module-setup.sh | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/git2spec.pl b/git2spec.pl
index 7853791e..9ddc3805 100755
--- a/git2spec.pl
+++ b/git2spec.pl
@@ -37,7 +37,7 @@ $tag=`git describe --abbrev=0 --tags` if not defined $tag;
chomp($tag);
my @patches=&create_patches($tag, $pdir);
my $num=$#patches + 2;
-$tag=~s/[^0-9]+?([0-9]+)/$1/;
+$tag=~s/[^0-9]+?([0-9]+)/$1/ if $tag !~ /\b[0-9a-f]{5,40}\b/;
my $release="$num.git$datestr";
$release="1" if $num == 1;
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index be1c85f3..0825b51c 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -61,6 +61,11 @@ cmdline() {
gen_nvmf_cmdline() {
local _dev=$1
local trtype
+ local traddr
+ local host_traddr
+ local trsvcid
+ local _address
+ local -a _address_parts
[[ -L "/sys/dev/block/$_dev" ]] || return 0
cd -P "/sys/dev/block/$_dev" || return 0
@@ -76,9 +81,19 @@ cmdline() {
done
[ -z "$trtype" ] && return 0
- nvme list-subsys "${PWD##*/}" | while read -r _ _ trtype traddr host_traddr _; do
- [ "$trtype" != "${trtype#NQN}" ] && continue
- echo -n " rd.nvmf.discover=$trtype,${traddr#traddr=},${host_traddr#host_traddr=}"
+ nvme list-subsys "${PWD##*/}" | while read -r _ _ trtype _address _; do
+ [[ -z $trtype || $trtype != "${trtype#NQN}" ]] && continue
+ unset traddr
+ unset host_traddr
+ unset trsvcid
+ mapfile -t -d ',' _address_parts < <(printf "%s" "$_address")
+ for i in "${_address_parts[@]}"; do
+ [[ $i =~ ^traddr= ]] && traddr="${i#traddr=}"
+ [[ $i =~ ^host_traddr= ]] && host_traddr="${i#host_traddr=}"
+ [[ $i =~ ^trsvcid= ]] && trsvcid="${i#trsvcid=}"
+ done
+ [[ -z $traddr && -z $host_traddr && -z $trsvcid ]] && continue
+ echo -n " rd.nvmf.discover=$trtype,$traddr,$host_traddr,$trsvcid"
done
}

View File

@ -1,25 +1,65 @@
From d3f542cc9d0135a408be7ba995b8adad80bcd606 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 21 Aug 2019 14:06:29 +0200
Subject: [PATCH] travis: fetch only tags
From 0322e328d94f70693e1e33fb96bd5d9d771fea3a Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Fri, 16 Sep 2022 23:46:42 +0200
Subject: [PATCH] fix(nvmf): don't try to validate network connections in
cmdline hook
The original `git pull` would try to pull & merge changes from the
master branch, which breaks CI runs on PRs based on non-master branches
The cmdline hook runs before any network interfaces have been brought
up. There's no point in trying to validate the connections at this
stage.
Resolves: #1933787
---
.travis.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 31 -------------------------
1 file changed, 31 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index f913db57..efb0df1b 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -29,7 +29,7 @@ before_script:
sudo modprobe kvm-intel nested=1 || :
sudo modprobe kvm-amd nested=1 || :
dmesg | tail || :
- - git pull --depth=100
+ - git fetch --tags --unshallow
- |
git describe --abbrev=0 --tags || :
git describe --tags || :
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 46c00636..39923503 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -26,34 +26,6 @@ fi
initqueue --onetime modprobe --all -b -q nvme nvme_tcp nvme_core nvme_fabrics
-validate_ip_conn() {
- if ! getargbool 0 rd.neednet; then
- warn "$trtype transport requires rd.neednet=1"
- return 1
- fi
-
- local_address=$(ip -o route get to "$traddr" | sed -n 's/.*src \([0-9a-f.:]*\).*/\1/p')
-
- # confirm we got a local IP address
- if ! is_ip "$local_address"; then
- warn "$traddr is an invalid address"
- return 1
- fi
-
- ifname=$(ip -o route get from "$local_address" to "$traddr" | sed -n 's/.*dev \([^ ]*\).*/\1/p')
-
- if ! ip l show "$ifname" > /dev/null 2>&1; then
- warn "invalid network interface $ifname"
- return 1
- fi
-
- # confirm there's a route to destination
- if ! ip route get "$traddr" > /dev/null 2>&1; then
- warn "no route to $traddr"
- return 1
- fi
-}
-
parse_nvmf_discover() {
traddr="none"
trtype="none"
@@ -103,9 +75,6 @@ parse_nvmf_discover() {
warn "unsupported transport $trtype"
return 0
fi
- if [ "$trtype" = "tcp" ]; then
- validate_ip_conn
- fi
if [ "$trtype" = "fc" ]; then
echo "--transport=$trtype --traddr=$traddr --host-traddr=$hosttraddr" >> /etc/nvme/discovery.conf
else

View File

@ -1,98 +1,26 @@
From e3b2b02c7f5b4e9f1d2a3cfe8749534959e29e3e Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Fri, 21 Jun 2019 18:39:48 +0200
Subject: [PATCH] fs-lib: drop a bashism
From cd4d4282b5dd7d30af31c41faa807dcf8de01c29 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:01:07 +0200
Subject: [PATCH] fix(nvmf): no need to load the nvme module
Bash 5 apparently longer propagates variable assignments to local variables
in front of function calls when in POSIX mode:
The module "nvme" is not required for NVMeoF.
[lkundrak@demiurge ~]$ cat feh.sh
print_VAR () {
echo "$VAR";
}
testfunc () {
local VAR="OLD"
VAR=NEW print_VAR
}
testfunc
[lkundrak@demiurge ~]$ bash4 --posix feh.sh
NEW
[lkundrak@demiurge ~]$ bash5 --posix feh.sh
OLD
[lkundrak@demiurge ~]$ bash5 feh.sh
NEW
[lkundrak@demiurge ~]$
It works the way it did in Bash 4 in non-POSIX mode, for external programs,
or for non-local variables. Don't ask me why -- it's probably some
compatibility thing for some sad old people.
However, this precisely happens when fsck_single() is calling into the
fsck_drv_com(), assigned to _drv by fsck_able(). That ruins the
TEST-70-BONDBRIDGETEAMVLAN test's server and probably more.
Let's pass the fsck driver binary via the function argument instead. It's
less messy anyway.
(cherry picked from commit 43c8c4ce0471abbb8c0fc4b8be2515cebc636030)
Resolves: #1933787
---
modules.d/99fs-lib/fs-lib.sh | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/99fs-lib/fs-lib.sh b/modules.d/99fs-lib/fs-lib.sh
index d39ca1b7..11e795d9 100755
--- a/modules.d/99fs-lib/fs-lib.sh
+++ b/modules.d/99fs-lib/fs-lib.sh
@@ -44,22 +44,22 @@ fsck_able() {
;;
ext?)
type e2fsck >/dev/null 2>&1 &&
- _drv="_drv=e2fsck fsck_drv_com" &&
+ _drv="fsck_drv_com e2fsck" &&
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 39923503..cfed5ae5 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -24,7 +24,7 @@ if getargbool 0 rd.nonvmf; then
return 0
;;
f2fs)
type fsck.f2fs >/dev/null 2>&1 &&
- _drv="_drv=fsck.f2fs fsck_drv_com" &&
+ _drv="fsck_drv_com fsck.f2fs" &&
return 0
;;
jfs)
type jfs_fsck >/dev/null 2>&1 &&
- _drv="_drv=jfs_fsck fsck_drv_com" &&
+ _drv="fsck_drv_com jfs_fsck" &&
return 0
;;
reiserfs)
type reiserfsck >/dev/null 2>&1 &&
- _drv="_drv=reiserfsck fsck_drv_com" &&
+ _drv="fsck_drv_com reiserfsck" &&
return 0
;;
btrfs)
@@ -70,12 +70,12 @@ fsck_able() {
;;
nfs*)
# nfs can be a nop, returning success
- _drv="_drv=none :" &&
+ _drv=":" &&
return 0
;;
*)
type fsck >/dev/null 2>&1 &&
- _drv="_drv=fsck fsck_drv_std" &&
+ _drv="fsck_drv_std fsck" &&
return 0
;;
esac
@@ -97,6 +97,7 @@ fsck_drv_btrfs() {
fi
# common code for checkers that follow usual subset of options and return codes
fsck_drv_com() {
+ local _drv="$1"
local _ret
local _out
-initqueue --onetime modprobe --all -b -q nvme nvme_tcp nvme_core nvme_fabrics
+initqueue --onetime modprobe --all -b -q nvme_tcp nvme_core nvme_fabrics
parse_nvmf_discover() {
traddr="none"

View File

@ -1,79 +1,28 @@
From e671c3a06a7e58461d4e9c9f3546cf6eac809300 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Tue, 4 Dec 2018 10:27:17 +0100
Subject: [PATCH] 95iscsi/module-setup.sh: do not require 'hostname' anymore
From aef95e59e918ed9aaaf7e5c2daf32ff205ed314c Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:40:49 +0200
Subject: [PATCH] fix(nvmf): don't create did-setup file
(cherry picked from commit ebe1821635dd99f07c817179ee5358d27aab53c5)
did-setup files are meant to indicate that an interface setup
was successful. Don't do it here.
[lkundrak@v3.sk: fixes TEST-30 that fails with: dracut: dracut module
'iscsi' will not be installed, because command 'hostname' could not be
found!]
Resolves: #1933787
---
modules.d/40network/netroot.sh | 2 +-
modules.d/95iscsi/module-setup.sh | 4 ++--
modules.d/98dracut-systemd/dracut-cmdline.sh | 2 +-
modules.d/99base/init.sh | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 3 ---
1 file changed, 3 deletions(-)
diff --git a/modules.d/40network/netroot.sh b/modules.d/40network/netroot.sh
index 207364cd..654cfc72 100755
--- a/modules.d/40network/netroot.sh
+++ b/modules.d/40network/netroot.sh
@@ -66,7 +66,7 @@ if [ -z "$2" ]; then
# Check: do we really know how to handle (net)root?
[ -z "$root" ] && die "No or empty root= argument"
- [ -z "$rootok" ] && die "Don't know how to handle 'root=$root'"
+ [ -z "$rootok" ] && die "X2 Don't know how to handle 'root=$root'"
handler=${netroot%%:*}
handler=${handler%%4}
diff --git a/modules.d/95iscsi/module-setup.sh b/modules.d/95iscsi/module-setup.sh
index 79af4a47..f6f3520d 100755
--- a/modules.d/95iscsi/module-setup.sh
+++ b/modules.d/95iscsi/module-setup.sh
@@ -4,7 +4,7 @@
check() {
local _rootdev
# If our prerequisites are not met, fail anyways.
- require_binaries hostname iscsi-iname iscsiadm iscsid || return 1
+ require_binaries iscsi-iname iscsiadm iscsid || return 1
# If hostonly was requested, fail the check if we are not actually
# booting from root.
@@ -206,7 +206,7 @@ cmdline() {
install() {
inst_multiple -o iscsiuio
inst_libdir_file 'libgcc_s.so*'
- inst_multiple umount hostname iscsi-iname iscsiadm iscsid
+ inst_multiple umount iscsi-iname iscsiadm iscsid
inst_multiple -o \
$systemdsystemunitdir/iscsid.socket \
diff --git a/modules.d/98dracut-systemd/dracut-cmdline.sh b/modules.d/98dracut-systemd/dracut-cmdline.sh
index bff9435a..89c52d13 100755
--- a/modules.d/98dracut-systemd/dracut-cmdline.sh
+++ b/modules.d/98dracut-systemd/dracut-cmdline.sh
@@ -76,7 +76,7 @@ case "${root}${root_unset}" in
esac
[ -z "${root}${root_unset}" ] && die "Empty root= argument"
-[ -z "$rootok" ] && die "Don't know how to handle 'root=$root'"
+[ -z "$rootok" ] && die "X1 Don't know how to handle 'root=$root'"
export root rflags fstype netroot NEWROOT
diff --git a/modules.d/99base/init.sh b/modules.d/99base/init.sh
index e4f7cff1..3e20069f 100755
--- a/modules.d/99base/init.sh
+++ b/modules.d/99base/init.sh
@@ -136,7 +136,7 @@ getarg 'rd.break=cmdline' -d 'rdbreak=cmdline' && emergency_shell -n cmdline "Br
source_hook cmdline
[ -z "$root" ] && die "No or empty root= argument"
-[ -z "$rootok" ] && die "Don't know how to handle 'root=$root'"
+[ -z "$rootok" ] && die "X0 Don't know how to handle 'root=$root'"
export root rflags fstype netroot NEWROOT
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index cfed5ae5..1cdaba69 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -102,9 +102,6 @@ done
if [ -f "/etc/nvme/discovery.conf" ]; then
/sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
- if [ "$trtype" = "tcp" ]; then
- : > /tmp/net."$ifname".did-setup
- fi
else
# No nvme command line arguments present, try autodiscovery
if [ "$trtype" = "fc" ]; then

View File

@ -1,24 +1,26 @@
From 50192de38d756203a414405e2d7552e89b1c0423 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Tue, 4 Dec 2018 10:06:12 +0100
Subject: [PATCH] test/test-functions: correctly move server.log
From b4987c9544224e7b3dae7b4411a2c8437ec573ab Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:49:29 +0200
Subject: [PATCH] fix(nvmf): don't use "finished" queue for autoconnect
(cherry picked from commit 712f471ebfae70fd71c0c740e9a3e120464ca7e7)
The "finished" initqueue is for testing if everything is alright,
not for triggering any actions.
Resolves: #1933787
---
test/test-functions | 2 +-
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/test-functions b/test/test-functions
index a6254ec7..51b3df80 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -80,7 +80,7 @@ while (($# > 0)); do
ret=$?
test_cleanup
if ((ret!=0)) && [[ -f "$TESTDIR"/server.log ]]; then
- mv [[ -f "$TESTDIR"/server.log ]] ./server${TEST_RUN_ID:+-$TEST_RUN_ID}.log
+ mv "$TESTDIR"/server.log ./server${TEST_RUN_ID:+-$TEST_RUN_ID}.log
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 1cdaba69..df104606 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -105,6 +105,6 @@ if [ -f "/etc/nvme/discovery.conf" ]; then
else
# No nvme command line arguments present, try autodiscovery
if [ "$trtype" = "fc" ]; then
- /sbin/initqueue --finished --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
+ /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
fi
fi
rm -fr -- "$TESTDIR"
rm -f -- .testdir${TEST_RUN_ID:+-$TEST_RUN_ID}

View File

@ -1,43 +1,48 @@
From bf69beb6f3824b1ebed221c8255d1f5c9efd136a Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Wed, 26 Jun 2019 16:42:04 +0200
Subject: [PATCH] test/TEST-17-LVM-THIN: fail setup if we run out of space in
the thin pool
From 5f0e59418133379f50cc7af30674ce96569d9038 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:51:46 +0200
Subject: [PATCH] fix(nvmf): make sure "rd.nvmf.discover=fc,auto" takes
precedence
This condition is rather difficult to detect -- the writes will just remain
queued and get lost on shutdown, resulting in a corrupt filesystem.
The command line may contain several rd.nvmf.discover options.
The "fc,auto" option should take precedence.
(cherry picked from commit 91c15babdf0215df59325f3086acfdf0ba247bfa)
Resolves: #1933787
---
test/TEST-17-LVM-THIN/create-root.sh | 5 +++--
test/TEST-17-LVM-THIN/test.sh | 2 +-
2 files changed, 4 insertions(+), 3 deletions(-)
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/test/TEST-17-LVM-THIN/create-root.sh b/test/TEST-17-LVM-THIN/create-root.sh
index 117d1341..0e52f879 100755
--- a/test/TEST-17-LVM-THIN/create-root.sh
+++ b/test/TEST-17-LVM-THIN/create-root.sh
@@ -27,6 +27,7 @@ cp -a -t /sysroot /source/* && \
umount /sysroot && \
sleep 1 && \
lvm lvchange -a n /dev/dracut/root && \
-sleep 1 && \
-echo "dracut-root-block-created" >/dev/sda1
+sleep 1
+dmsetup status |grep out_of_data_space || \
+ echo "dracut-root-block-created" >/dev/sda1
poweroff -f
diff --git a/test/TEST-17-LVM-THIN/test.sh b/test/TEST-17-LVM-THIN/test.sh
index af349246..1b36a216 100755
--- a/test/TEST-17-LVM-THIN/test.sh
+++ b/test/TEST-17-LVM-THIN/test.sh
@@ -56,7 +56,7 @@ test_setup() {
(
export initdir=$TESTDIR/overlay
. $basedir/dracut-init.sh
- inst_multiple sfdisk mke2fs poweroff cp umount
+ inst_multiple sfdisk mke2fs poweroff cp umount grep dmsetup
inst_hook initqueue 01 ./create-root.sh
inst_hook initqueue/finished 01 ./finished-false.sh
inst_simple ./99-idesymlinks.rules /etc/udev/rules.d/99-idesymlinks.rules
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index df104606..c8078a76 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -92,19 +92,21 @@ if [ -n "$nvmf_hostid" ]; then
echo "$nvmf_hostid" > /etc/nvme/hostid
fi
+NVMF_FC_AUTO=
for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do
- parse_nvmf_discover "$d" || break
+ parse_nvmf_discover "$d" || {
+ NVMF_FC_AUTO=1
+ break
+ }
done
# Host NQN and host id are mandatory for NVMe-oF
[ -f "/etc/nvme/hostnqn" ] || exit 0
[ -f "/etc/nvme/hostid" ] || exit 0
-if [ -f "/etc/nvme/discovery.conf" ]; then
- /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
+# If no nvme command line arguments present, try autodiscovery
+if [ $NVMF_FC_AUTO ] || [ ! -f "/etc/nvme/discovery.conf" ]; then
+ /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
else
- # No nvme command line arguments present, try autodiscovery
- if [ "$trtype" = "fc" ]; then
- /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
- fi
+ /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
fi

View File

@ -1,66 +1,38 @@
From 0f0b8c8f90cbcd56140e85b9997deda906c71118 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Tue, 25 Jun 2019 17:39:57 +0200
Subject: [PATCH] test/TEST-14-IMSM: detect failure to compose the test setup
root
From 5b6ddf6e989f44211e799fec9aac6b7afb36e1ce Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:54:25 +0200
Subject: [PATCH] fix(nvmf): avoid calling "exit" in a cmdline hook
The dracut-root-block-created line should not be created if we fail to copy
in the required files to sysroot. Let's turn on -e to trap failures and
poweroff on them, like some other tests do.
"exit" should never be executed in dracut hooks, because the
hooks are sourced by the main script.
Also remove the &&. Not only it is unnecessary with -e, but defeats it.
From bash(1):
The shell does not exit if the command that fails is [...] part of any
command executed in a && or || list except the command following the
final && or || [...]
(cherry picked from commit c27ed38bb2986d31b08257782ce2b24a80415c6c)
Resolves: #1933787
---
test/TEST-14-IMSM/create-root.sh | 23 +++++++++++++----------
1 file changed, 13 insertions(+), 10 deletions(-)
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/test/TEST-14-IMSM/create-root.sh b/test/TEST-14-IMSM/create-root.sh
index f637ec88..a0324c6f 100755
--- a/test/TEST-14-IMSM/create-root.sh
+++ b/test/TEST-14-IMSM/create-root.sh
@@ -1,4 +1,7 @@
#!/bin/sh
+
+trap 'poweroff -f' EXIT
+
# don't let udev and this script step on eachother's toes
for x in 61-dmraid-imsm.rules 64-md-raid.rules 65-md-incremental-imsm.rules 65-md-incremental.rules 64-lvm.rules 70-mdadm.rules 99-mount-rules; do
rm -f -- "/etc/udev/rules.d/$x"
@@ -55,20 +58,20 @@ mdadm --create /dev/md0 --run --auto=yes --level=5 --raid-devices=3 \
# wait for the array to finish initailizing, otherwise this sometimes fails
# randomly.
mdadm -W /dev/md0
+set -e
lvm pvcreate -ff -y /dev/md0
-lvm vgcreate dracut /dev/md0 && \
-lvm lvcreate -l 100%FREE -n root dracut && \
-lvm vgchange -ay && \
-mke2fs -L root /dev/dracut/root && \
-mkdir -p /sysroot && \
-mount /dev/dracut/root /sysroot && \
-cp -a -t /sysroot /source/* && \
-umount /sysroot && \
-lvm lvchange -a n /dev/dracut/root && \
+lvm vgcreate dracut /dev/md0
+lvm lvcreate -l 100%FREE -n root dracut
+lvm vgchange -ay
+mke2fs -L root /dev/dracut/root
+mkdir -p /sysroot
+mount /dev/dracut/root /sysroot
+cp -a -t /sysroot /source/*
+umount /sysroot
+lvm lvchange -a n /dev/dracut/root
udevadm settle
mdadm --detail --export /dev/md0 |grep -F MD_UUID > /tmp/mduuid
. /tmp/mduuid
echo "MD_UUID=$MD_UUID"
{ echo "dracut-root-block-created"; echo MD_UUID=$MD_UUID;} > /dev/sda
mdadm --wait-clean /dev/md0
-poweroff -f
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index c8078a76..cc545ee0 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -101,12 +101,12 @@ for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do
done
# Host NQN and host id are mandatory for NVMe-oF
-[ -f "/etc/nvme/hostnqn" ] || exit 0
-[ -f "/etc/nvme/hostid" ] || exit 0
+if [ -f "/etc/nvme/hostnqn" ] && [ -f "/etc/nvme/hostid" ]; then
-# If no nvme command line arguments present, try autodiscovery
-if [ $NVMF_FC_AUTO ] || [ ! -f "/etc/nvme/discovery.conf" ]; then
- /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
-else
- /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
+ # If no nvme command line arguments present, try autodiscovery
+ if [ $NVMF_FC_AUTO ] || [ ! -f "/etc/nvme/discovery.conf" ]; then
+ /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
+ else
+ /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
+ fi
fi

View File

@ -1,346 +1,26 @@
From e35e43c1c28a8935660fe72650614e5dc1defb65 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Wed, 26 Jun 2019 11:47:21 +0200
Subject: [PATCH] test: tell systemd to reboot on fatal errors
From 0464b41d8dfc7676429fcee67357bf01e09eac7d Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:02:16 +0200
Subject: [PATCH] fix(nvmf): run cmdline hook before parse-ip-opts.sh
Otherwise systemd would freeze execution, causing the test to time out
instead of failing fast.
This way we can set "rd.neednet" and have it seen by parse-ip-options.sh
(cherry picked from commit 7934c6f918de2e82d0df5da557c5792c4fb7b798)
Resolves: #1933787
---
test/TEST-01-BASIC/test.sh | 2 +-
test/TEST-02-SYSTEMD/test.sh | 2 +-
test/TEST-03-USR-MOUNT/test.sh | 2 +-
test/TEST-04-FULL-SYSTEMD/test.sh | 2 +-
test/TEST-10-RAID/test.sh | 2 +-
test/TEST-11-LVM/test.sh | 2 +-
test/TEST-12-RAID-DEG/test.sh | 2 +-
test/TEST-13-ENC-RAID-LVM/test.sh | 6 +++---
test/TEST-14-IMSM/test.sh | 2 +-
test/TEST-15-BTRFSRAID/test.sh | 2 +-
test/TEST-16-DMSQUASH/test.sh | 2 +-
test/TEST-17-LVM-THIN/test.sh | 2 +-
test/TEST-20-NFS/test.sh | 4 ++--
test/TEST-30-ISCSI/test.sh | 4 ++--
test/TEST-31-ISCSI-MULTI/test.sh | 4 ++--
test/TEST-40-NBD/test.sh | 4 ++--
test/TEST-50-MULTINIC/test.sh | 4 ++--
test/TEST-70-BONDBRIDGETEAMVLAN/test.sh | 6 +++---
18 files changed, 27 insertions(+), 27 deletions(-)
modules.d/95nvmf/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/TEST-01-BASIC/test.sh b/test/TEST-01-BASIC/test.sh
index ed2ae5de..ca4a8288 100755
--- a/test/TEST-01-BASIC/test.sh
+++ b/test/TEST-01-BASIC/test.sh
@@ -15,7 +15,7 @@ test_run() {
-net none \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 root=LABEL=dracut rw systemd.log_level=debug systemd.log_target=console rd.retry=3 rd.debug console=ttyS0,115200n81 rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=LABEL=dracut rw systemd.log_level=debug systemd.log_target=console rd.retry=3 rd.debug console=ttyS0,115200n81 rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing || return 1
grep -F -m 1 -q dracut-root-block-success $TESTDIR/result || return 1
}
diff --git a/test/TEST-02-SYSTEMD/test.sh b/test/TEST-02-SYSTEMD/test.sh
index 8c5eb168..848021e5 100755
--- a/test/TEST-02-SYSTEMD/test.sh
+++ b/test/TEST-02-SYSTEMD/test.sh
@@ -11,7 +11,7 @@ test_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=LABEL=dracut rw loglevel=77 systemd.log_level=debug systemd.log_target=console rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 init=/sbin/init rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=LABEL=dracut rw loglevel=77 systemd.log_level=debug systemd.log_target=console rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 init=/sbin/init rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
grep -F -m 1 -q dracut-root-block-success $TESTDIR/root.ext3 || return 1
}
diff --git a/test/TEST-03-USR-MOUNT/test.sh b/test/TEST-03-USR-MOUNT/test.sh
index 42c0da65..5d5ec8f8 100755
--- a/test/TEST-03-USR-MOUNT/test.sh
+++ b/test/TEST-03-USR-MOUNT/test.sh
@@ -22,7 +22,7 @@ client_run() {
-net none \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 root=LABEL=dracut $client_opts quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=LABEL=dracut $client_opts quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
if (($? != 0)); then
diff --git a/test/TEST-04-FULL-SYSTEMD/test.sh b/test/TEST-04-FULL-SYSTEMD/test.sh
index 97528e4f..f65f30f2 100755
--- a/test/TEST-04-FULL-SYSTEMD/test.sh
+++ b/test/TEST-04-FULL-SYSTEMD/test.sh
@@ -23,7 +23,7 @@ client_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=LABEL=dracut $client_opts rd.retry=3 console=ttyS0,115200n81 selinux=0 $DEBUGOUT rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=LABEL=dracut $client_opts rd.retry=3 console=ttyS0,115200n81 selinux=0 $DEBUGOUT rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
if (($? != 0)); then
diff --git a/test/TEST-10-RAID/test.sh b/test/TEST-10-RAID/test.sh
index 444126b2..0beb26c3 100755
--- a/test/TEST-10-RAID/test.sh
+++ b/test/TEST-10-RAID/test.sh
@@ -13,7 +13,7 @@ test_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=/dev/dracut/root rd.auto rw rd.retry=10 console=ttyS0,115200n81 selinux=0 rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=/dev/dracut/root rd.auto rw rd.retry=10 console=ttyS0,115200n81 selinux=0 rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
grep -F -m 1 -q dracut-root-block-success $DISKIMAGE || return 1
}
diff --git a/test/TEST-11-LVM/test.sh b/test/TEST-11-LVM/test.sh
index 5c105e01..a907c4b1 100755
--- a/test/TEST-11-LVM/test.sh
+++ b/test/TEST-11-LVM/test.sh
@@ -12,7 +12,7 @@ test_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=/dev/dracut/root rw rd.auto=1 quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=/dev/dracut/root rw rd.auto=1 quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
grep -F -m 1 -q dracut-root-block-success $TESTDIR/root.ext2 || return 1
}
diff --git a/test/TEST-12-RAID-DEG/test.sh b/test/TEST-12-RAID-DEG/test.sh
index 4e381d84..c82cde1e 100755
--- a/test/TEST-12-RAID-DEG/test.sh
+++ b/test/TEST-12-RAID-DEG/test.sh
@@ -20,7 +20,7 @@ client_run() {
-drive format=raw,index=3,media=disk,file=$TESTDIR/disk3.img.new \
-net none \
-no-reboot \
- -append "panic=1 $* systemd.log_target=kmsg loglevel=7 root=LABEL=root rw rd.retry=20 rd.info console=ttyS0,115200n81 log_buf_len=2M selinux=0 rd.debug rd.shell=0 $DEBUGFAIL " \
+ -append "panic=1 systemd.crash_reboot $* systemd.log_target=kmsg loglevel=7 root=LABEL=root rw rd.retry=20 rd.info console=ttyS0,115200n81 log_buf_len=2M selinux=0 rd.debug rd.shell=0 $DEBUGFAIL " \
-initrd $TESTDIR/initramfs.testing
if ! grep -F -m 1 -q dracut-root-block-success $TESTDIR/root.ext2; then
echo "CLIENT TEST END: $@ [FAIL]"
diff --git a/test/TEST-13-ENC-RAID-LVM/test.sh b/test/TEST-13-ENC-RAID-LVM/test.sh
index 76ec36b3..99324ce9 100755
--- a/test/TEST-13-ENC-RAID-LVM/test.sh
+++ b/test/TEST-13-ENC-RAID-LVM/test.sh
@@ -20,7 +20,7 @@ test_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=/dev/dracut/root rw rd.auto rd.retry=20 console=ttyS0,115200n81 selinux=0 rd.debug rootwait $LUKSARGS rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=/dev/dracut/root rw rd.auto rd.retry=20 console=ttyS0,115200n81 selinux=0 rd.debug rootwait $LUKSARGS rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
grep -F -m 1 -q dracut-root-block-success $TESTDIR/check-success.img || return 1
echo "CLIENT TEST END: [OK]"
@@ -34,7 +34,7 @@ test_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=/dev/dracut/root rw quiet rd.auto rd.retry=20 rd.info console=ttyS0,115200n81 selinux=0 rd.debug $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=/dev/dracut/root rw quiet rd.auto rd.retry=20 rd.info console=ttyS0,115200n81 selinux=0 rd.debug $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
grep -F -m 1 -q dracut-root-block-success $TESTDIR/check-success.img || return 1
echo "CLIENT TEST END: [OK]"
@@ -48,7 +48,7 @@ test_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=/dev/dracut/root rw quiet rd.auto rd.retry=10 rd.info console=ttyS0,115200n81 selinux=0 rd.debug $DEBUGFAIL rd.luks.uuid=failme" \
+ -append "panic=1 systemd.crash_reboot root=/dev/dracut/root rw quiet rd.auto rd.retry=10 rd.info console=ttyS0,115200n81 selinux=0 rd.debug $DEBUGFAIL rd.luks.uuid=failme" \
-initrd $TESTDIR/initramfs.testing
grep -F -m 1 -q dracut-root-block-success $TESTDIR/check-success.img && return 1
echo "CLIENT TEST END: [OK]"
diff --git a/test/TEST-14-IMSM/test.sh b/test/TEST-14-IMSM/test.sh
index 8ebc285a..ed60f052 100755
--- a/test/TEST-14-IMSM/test.sh
+++ b/test/TEST-14-IMSM/test.sh
@@ -16,7 +16,7 @@ client_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 $* root=LABEL=root rw debug rd.retry=5 rd.debug console=ttyS0,115200n81 selinux=0 rd.info rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot $* root=LABEL=root rw debug rd.retry=5 rd.debug console=ttyS0,115200n81 selinux=0 rd.info rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
if ! grep -F -m 1 -q dracut-root-block-success $TESTDIR/root.ext2; then
echo "CLIENT TEST END: $@ [FAIL]"
diff --git a/test/TEST-15-BTRFSRAID/test.sh b/test/TEST-15-BTRFSRAID/test.sh
index 02cb4976..dda76672 100755
--- a/test/TEST-15-BTRFSRAID/test.sh
+++ b/test/TEST-15-BTRFSRAID/test.sh
@@ -15,7 +15,7 @@ test_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=LABEL=root rw rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=LABEL=root rw rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
grep -F -m 1 -q dracut-root-block-success $MARKER_DISKIMAGE || return 1
}
diff --git a/test/TEST-16-DMSQUASH/test.sh b/test/TEST-16-DMSQUASH/test.sh
index 45d8c4c0..65d5bdbb 100755
--- a/test/TEST-16-DMSQUASH/test.sh
+++ b/test/TEST-16-DMSQUASH/test.sh
@@ -23,7 +23,7 @@ test_run() {
-nographic \
-net none \
-no-reboot \
- -append "panic=1 root=live:CDLABEL=LiveCD live rw quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=live:CDLABEL=LiveCD live rw quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.shell=0 $DEBUGFAIL" \
-initrd "$TESTDIR"/initramfs.testing
# mediacheck test with qemu GUI
diff --git a/test/TEST-17-LVM-THIN/test.sh b/test/TEST-17-LVM-THIN/test.sh
index 1b36a216..c13e9063 100755
--- a/test/TEST-17-LVM-THIN/test.sh
+++ b/test/TEST-17-LVM-THIN/test.sh
@@ -12,7 +12,7 @@ test_run() {
-m 512M -smp 2 -nographic \
-net none \
-no-reboot \
- -append "panic=1 root=/dev/dracut/root rw rd.auto=1 quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \
+ -append "panic=1 systemd.crash_reboot root=/dev/dracut/root rw rd.auto=1 quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \
-initrd $TESTDIR/initramfs.testing
grep -F -m 1 -q dracut-root-block-success $TESTDIR/root.ext2 || return 1
}
diff --git a/test/TEST-20-NFS/test.sh b/test/TEST-20-NFS/test.sh
index e942745a..4ad7fd77 100755
--- a/test/TEST-20-NFS/test.sh
+++ b/test/TEST-20-NFS/test.sh
@@ -22,7 +22,7 @@ run_server() {
${SERIAL:--serial file:"$TESTDIR"/server.log} \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 rd.debug loglevel=77 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0" \
+ -append "panic=1 systemd.crash_reboot rd.debug loglevel=77 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0" \
-initrd $TESTDIR/initramfs.server \
-pidfile $TESTDIR/server.pid -daemonize || return 1
sudo chmod 644 $TESTDIR/server.pid || return 1
@@ -57,7 +57,7 @@ client_test() {
-net socket,connect=127.0.0.1:12320 \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 rd.shell=0 $cmdline $DEBUGFAIL rd.debug rd.retry=10 rd.info quiet ro console=ttyS0,115200n81 selinux=0" \
+ -append "panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.debug rd.retry=10 rd.info quiet ro console=ttyS0,115200n81 selinux=0" \
-initrd $TESTDIR/initramfs.testing
if [[ $? -ne 0 ]] || ! grep -F -m 1 -q nfs-OK $TESTDIR/client.img; then
diff --git a/test/TEST-30-ISCSI/test.sh b/test/TEST-30-ISCSI/test.sh
index f6cc56d5..d5a6ba58 100755
--- a/test/TEST-30-ISCSI/test.sh
+++ b/test/TEST-30-ISCSI/test.sh
@@ -26,7 +26,7 @@ run_server() {
-net nic,macaddr=52:54:00:12:34:57,model=e1000 \
-net socket,listen=127.0.0.1:12330 \
-no-reboot \
- -append "panic=1 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \
+ -append "panic=1 systemd.crash_reboot root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \
-initrd $TESTDIR/initramfs.server \
-pidfile $TESTDIR/server.pid -daemonize || return 1
sudo chmod 644 $TESTDIR/server.pid || return 1
@@ -51,7 +51,7 @@ run_client() {
-net nic,macaddr=52:54:00:12:34:01,model=e1000 \
-net socket,connect=127.0.0.1:12330 \
-no-reboot \
- -append "panic=1 rw rd.auto rd.retry=50 console=ttyS0,115200n81 selinux=0 rd.debug=0 rd.shell=0 $DEBUGFAIL $*" \
+ -append "panic=1 systemd.crash_reboot rw rd.auto rd.retry=50 console=ttyS0,115200n81 selinux=0 rd.debug=0 rd.shell=0 $DEBUGFAIL $*" \
-initrd $TESTDIR/initramfs.testing
if ! grep -F -m 1 -q iscsi-OK $TESTDIR/client.img; then
echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]"
diff --git a/test/TEST-31-ISCSI-MULTI/test.sh b/test/TEST-31-ISCSI-MULTI/test.sh
index 5c38249c..20db2451 100755
--- a/test/TEST-31-ISCSI-MULTI/test.sh
+++ b/test/TEST-31-ISCSI-MULTI/test.sh
@@ -26,7 +26,7 @@ run_server() {
-net nic,macaddr=52:54:00:12:34:57,model=e1000 \
-net socket,listen=127.0.0.1:12331 \
-no-reboot \
- -append "panic=1 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \
+ -append "panic=1 systemd.crash_reboot root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \
-initrd $TESTDIR/initramfs.server \
-pidfile $TESTDIR/server.pid -daemonize || return 1
sudo chmod 644 $TESTDIR/server.pid || return 1
@@ -51,7 +51,7 @@ run_client() {
-net nic,macaddr=52:54:00:12:34:01,model=e1000 \
-net socket,connect=127.0.0.1:12331 \
-no-reboot \
- -append "panic=1 rw rd.auto rd.retry=50 console=ttyS0,115200n81 selinux=0 rd.debug=0 rd.shell=0 $DEBUGFAIL $*" \
+ -append "panic=1 systemd.crash_reboot rw rd.auto rd.retry=50 console=ttyS0,115200n81 selinux=0 rd.debug=0 rd.shell=0 $DEBUGFAIL $*" \
-initrd $TESTDIR/initramfs.testing
if ! grep -F -m 1 -q iscsi-OK $TESTDIR/client.img; then
echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]"
diff --git a/test/TEST-40-NBD/test.sh b/test/TEST-40-NBD/test.sh
index 12736a15..19ec5b0e 100755
--- a/test/TEST-40-NBD/test.sh
+++ b/test/TEST-40-NBD/test.sh
@@ -28,7 +28,7 @@ run_server() {
${SERIAL:+-serial "$SERIAL"} \
${SERIAL:--serial file:"$TESTDIR"/server.log} \
-no-reboot \
- -append "panic=1 root=/dev/sda rootfstype=ext2 rw quiet console=ttyS0,115200n81 selinux=0" \
+ -append "panic=1 systemd.crash_reboot root=/dev/sda rootfstype=ext2 rw quiet console=ttyS0,115200n81 selinux=0" \
-initrd $TESTDIR/initramfs.server -pidfile $TESTDIR/server.pid -daemonize || return 1
sudo chmod 644 $TESTDIR/server.pid || return 1
@@ -65,7 +65,7 @@ client_test() {
-net nic,macaddr=$mac,model=e1000 \
-net socket,connect=127.0.0.1:12340 \
-no-reboot \
- -append "panic=1 rd.shell=0 $cmdline $DEBUGFAIL rd.auto rd.info rd.retry=10 ro console=ttyS0,115200n81 selinux=0 " \
+ -append "panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.auto rd.info rd.retry=10 ro console=ttyS0,115200n81 selinux=0 " \
-initrd $TESTDIR/initramfs.testing
if [[ $? -ne 0 ]] || ! grep -F -m 1 -q nbd-OK $TESTDIR/flag.img; then
diff --git a/test/TEST-50-MULTINIC/test.sh b/test/TEST-50-MULTINIC/test.sh
index 495a66f2..ff2961dc 100755
--- a/test/TEST-50-MULTINIC/test.sh
+++ b/test/TEST-50-MULTINIC/test.sh
@@ -23,7 +23,7 @@ run_server() {
${SERIAL:--serial file:"$TESTDIR"/server.log} \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 loglevel=7 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0" \
+ -append "panic=1 systemd.crash_reboot loglevel=7 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0" \
-initrd "$TESTDIR"/initramfs.server \
-pidfile "$TESTDIR"/server.pid -daemonize || return 1
@@ -63,7 +63,7 @@ client_test() {
-device e1000,netdev=n2,mac=52:54:00:12:34:99 \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 rd.shell=0 $cmdline $DEBUGFAIL rd.retry=5 ro console=ttyS0,115200n81 selinux=0 init=/sbin/init rd.debug systemd.log_target=console loglevel=7" \
+ -append "panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.retry=5 ro console=ttyS0,115200n81 selinux=0 init=/sbin/init rd.debug systemd.log_target=console loglevel=7" \
-initrd "$TESTDIR"/initramfs.testing
{ read OK; read IFACES; } < "$TESTDIR"/client.img
diff --git a/test/TEST-70-BONDBRIDGETEAMVLAN/test.sh b/test/TEST-70-BONDBRIDGETEAMVLAN/test.sh
index 8c11a7d3..5618baee 100755
--- a/test/TEST-70-BONDBRIDGETEAMVLAN/test.sh
+++ b/test/TEST-70-BONDBRIDGETEAMVLAN/test.sh
@@ -31,7 +31,7 @@ run_server() {
${SERIAL:--serial file:"$TESTDIR"/server.log} \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 loglevel=7 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 rd.debug" \
+ -append "panic=1 systemd.crash_reboot loglevel=7 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 rd.debug" \
-initrd "$TESTDIR"/initramfs.server \
-pidfile "$TESTDIR"/server.pid -daemonize || return 1
chmod 644 -- "$TESTDIR"/server.pid || return 1
@@ -79,7 +79,7 @@ client_test() {
$nic3 -device e1000,mac=52:54:00:12:34:05,netdev=n3 \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 $cmdline rd.debug $DEBUGFAIL rd.retry=5 rw console=ttyS0,115200n81 selinux=0 init=/sbin/init" \
+ -append "panic=1 systemd.crash_reboot $cmdline rd.debug $DEBUGFAIL rd.retry=5 rw console=ttyS0,115200n81 selinux=0 init=/sbin/init" \
-initrd "$TESTDIR"/initramfs.testing
else
$testdir/run-qemu \
@@ -95,7 +95,7 @@ client_test() {
-net nic,vlan=3,macaddr=52:54:00:12:34:05,model=e1000 \
-watchdog i6300esb -watchdog-action poweroff \
-no-reboot \
- -append "panic=1 $cmdline rd.debug $DEBUGFAIL rd.retry=5 rw console=ttyS0,115200n81 selinux=0 init=/sbin/init" \
+ -append "panic=1 systemd.crash_reboot $cmdline rd.debug $DEBUGFAIL rd.retry=5 rw console=ttyS0,115200n81 selinux=0 init=/sbin/init" \
-initrd "$TESTDIR"/initramfs.testing
fi
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index 0825b51c..ce5ccde2 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -128,7 +128,7 @@ install() {
inst_script "${moddir}/nvmf-autoconnect.sh" /sbin/nvmf-autoconnect.sh
inst_multiple nvme
- inst_hook cmdline 99 "$moddir/parse-nvmf-boot-connections.sh"
+ inst_hook cmdline 92 "$moddir/parse-nvmf-boot-connections.sh"
inst_simple "/etc/nvme/discovery.conf"
inst_rules /usr/lib/udev/rules.d/71-nvmf-iopolicy-netapp.rules
inst_rules "$moddir/95-nvmf-initqueue.rules"

View File

@ -1,229 +1,50 @@
From a34b1baa6ca45b420399ec4cefe3cfe225c14dcf Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Tue, 11 Jun 2019 09:56:13 +0200
Subject: [PATCH] test/{10,12,13,14,17,30,31}: increase the disk sizes
From 0a074c5d0813df405e7a5dd55493c78099094106 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:24:38 +0200
Subject: [PATCH] feat(nvmf): set rd.neednet=1 if tcp records encountered
On Fedora 30 the paritition sizes turn out to be too small again:
This is currently always the case for NBFT records.
We can do this now, as we run before parse-ip-options.sh
+ mkdir -p /sysroot
+ mount /dev/dracut/root /sysroot
+ cp -a -t /sysroot /source/bin /source/dev /source/etc /source/lib /source/lib64 /source/proc /source/root /source/sbin /source/sys /source/tmp /source/usr /source/var
cp: error writing '/sysroot/usr/lib64/libkrb5.so.3.3': No space left on device
cp: error writing '/sysroot/usr/lib64/libkrb5support.so.0.1': No space left on device
It turns out that there has been quite some size increase in some libraries,
notably glibc, though not all -- some even shrunk, ruling out a toolchain
problem. Here's are files over 1M we install on Fedora 30:
f29 f30
2.7M => 6.4M /usr/lib64/{libc-2.28.so => libc-2.29.so}
3.1M => 6.0M /usr/lib64/libcrypto.so.1.1.1c
2.0M => 3.5M /usr/lib64/{libm-2.28.so => libm-2.29.so}
2.9M => 2.8M /usr/lib/systemd/{libsystemd-shared-239.so => libsystemd-shared-241.so}
1.7M => 2.5M /usr/lib64/libunistring.so.2.1.0
2.3M => 2.4M /usr/lib64/bind9-export/libdns-export.so.1105.0.0
1.2M => 2.1M /usr/bin/bash
1.1M => 1.4M /usr/lib64/libkrb5.so.3.3
1.2M => 1.4M /usr/lib64/libgcrypt.so.20.2.4
612K => 1.1M /usr/lib64/libssl.so.1.1.1c
This increases the image sizes to accomodate for this. There's probably
little else we can do.
(cherry picked from commit e318ba30fbd84d510a5bbb071d868e523d965869)
Resolves: #1933787
---
test/TEST-10-RAID/create-root.sh | 6 +++---
test/TEST-10-RAID/test.sh | 2 +-
test/TEST-12-RAID-DEG/test.sh | 6 +++---
test/TEST-13-ENC-RAID-LVM/create-root.sh | 6 +++---
test/TEST-13-ENC-RAID-LVM/test.sh | 2 +-
test/TEST-14-IMSM/create-root.sh | 6 +++---
test/TEST-14-IMSM/test.sh | 4 ++--
test/TEST-17-LVM-THIN/create-root.sh | 8 ++++----
test/TEST-17-LVM-THIN/test.sh | 2 +-
test/TEST-30-ISCSI/test.sh | 6 +++---
test/TEST-31-ISCSI-MULTI/test.sh | 6 +++---
11 files changed, 27 insertions(+), 27 deletions(-)
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/test/TEST-10-RAID/create-root.sh b/test/TEST-10-RAID/create-root.sh
index 7b5f2a76..af4cac0d 100755
--- a/test/TEST-10-RAID/create-root.sh
+++ b/test/TEST-10-RAID/create-root.sh
@@ -8,9 +8,9 @@ udevadm control --reload
# save a partition at the beginning for future flagging purposes
sfdisk /dev/sda <<EOF
,4M
-,25M
-,25M
-,25M
+,41M
+,41M
+,41M
EOF
udevadm settle
mdadm --create /dev/md0 --run --auto=yes --level=5 --raid-devices=3 /dev/sda2 /dev/sda3 /dev/sda4
diff --git a/test/TEST-10-RAID/test.sh b/test/TEST-10-RAID/test.sh
index 0beb26c3..07179a29 100755
--- a/test/TEST-10-RAID/test.sh
+++ b/test/TEST-10-RAID/test.sh
@@ -22,7 +22,7 @@ test_setup() {
DISKIMAGE=$TESTDIR/TEST-10-RAID-root.img
# Create the blank file to use as a root filesystem
rm -f -- $DISKIMAGE
- dd if=/dev/null of=$DISKIMAGE bs=1M seek=80
+ dd if=/dev/null of=$DISKIMAGE bs=1M seek=128
kernel=$KVERSION
# Create what will eventually be our root filesystem onto an overlay
diff --git a/test/TEST-12-RAID-DEG/test.sh b/test/TEST-12-RAID-DEG/test.sh
index c82cde1e..920baafd 100755
--- a/test/TEST-12-RAID-DEG/test.sh
+++ b/test/TEST-12-RAID-DEG/test.sh
@@ -59,9 +59,9 @@ test_setup() {
# Create the blank file to use as a root filesystem
rm -f -- $TESTDIR/root.ext2
dd if=/dev/null of=$TESTDIR/root.ext2 bs=1M seek=40
- dd if=/dev/null of=$TESTDIR/disk1.img bs=1M seek=20
- dd if=/dev/null of=$TESTDIR/disk2.img bs=1M seek=20
- dd if=/dev/null of=$TESTDIR/disk3.img bs=1M seek=20
+ dd if=/dev/null of=$TESTDIR/disk1.img bs=1M seek=35
+ dd if=/dev/null of=$TESTDIR/disk2.img bs=1M seek=35
+ dd if=/dev/null of=$TESTDIR/disk3.img bs=1M seek=35
kernel=$KVERSION
# Create what will eventually be our root filesystem onto an overlay
diff --git a/test/TEST-13-ENC-RAID-LVM/create-root.sh b/test/TEST-13-ENC-RAID-LVM/create-root.sh
index 72bc765f..13e65838 100755
--- a/test/TEST-13-ENC-RAID-LVM/create-root.sh
+++ b/test/TEST-13-ENC-RAID-LVM/create-root.sh
@@ -9,9 +9,9 @@ udevadm control --reload
# save a partition at the beginning for future flagging purposes
sfdisk /dev/sda <<EOF
,4M
-,25M
-,25M
-,25M
+,43M
+,43M
+,43M
EOF
udevadm settle
printf test >keyfile
diff --git a/test/TEST-13-ENC-RAID-LVM/test.sh b/test/TEST-13-ENC-RAID-LVM/test.sh
index 99324ce9..9ffe24b1 100755
--- a/test/TEST-13-ENC-RAID-LVM/test.sh
+++ b/test/TEST-13-ENC-RAID-LVM/test.sh
@@ -59,7 +59,7 @@ test_run() {
test_setup() {
# Create the blank file to use as a root filesystem
rm -f -- $TESTDIR/root.ext2
- dd if=/dev/null of=$TESTDIR/root.ext2 bs=1M seek=80
+ dd if=/dev/null of=$TESTDIR/root.ext2 bs=1M seek=134
kernel=$KVERSION
# Create what will eventually be our root filesystem onto an overlay
diff --git a/test/TEST-14-IMSM/create-root.sh b/test/TEST-14-IMSM/create-root.sh
index a0324c6f..0d10945b 100755
--- a/test/TEST-14-IMSM/create-root.sh
+++ b/test/TEST-14-IMSM/create-root.sh
@@ -32,9 +32,9 @@ sfdisk -g /dev/mapper/isw*Test0
# save a partition at the beginning for future flagging purposes
sfdisk --no-reread /dev/mapper/isw*Test0 <<EOF
,4M
-,20M
-,20M
-,20M
+,28M
+,28M
+,28M
EOF
udevadm settle
diff --git a/test/TEST-14-IMSM/test.sh b/test/TEST-14-IMSM/test.sh
index ed60f052..a3e52b53 100755
--- a/test/TEST-14-IMSM/test.sh
+++ b/test/TEST-14-IMSM/test.sh
@@ -53,8 +53,8 @@ test_setup() {
rm -f -- $TESTDIR/disk1
rm -f -- $TESTDIR/disk2
dd if=/dev/null of=$TESTDIR/root.ext2 bs=1M seek=1
- dd if=/dev/null of=$TESTDIR/disk1 bs=1M seek=80
- dd if=/dev/null of=$TESTDIR/disk2 bs=1M seek=80
+ dd if=/dev/null of=$TESTDIR/disk1 bs=1M seek=104
+ dd if=/dev/null of=$TESTDIR/disk2 bs=1M seek=104
kernel=$KVERSION
# Create what will eventually be our root filesystem onto an overlay
diff --git a/test/TEST-17-LVM-THIN/create-root.sh b/test/TEST-17-LVM-THIN/create-root.sh
index 0e52f879..6e09012e 100755
--- a/test/TEST-17-LVM-THIN/create-root.sh
+++ b/test/TEST-17-LVM-THIN/create-root.sh
@@ -8,16 +8,16 @@ udevadm control --reload
# save a partition at the beginning for future flagging purposes
sfdisk /dev/sda <<EOF
,4M
-,25M
-,25M
-,25M
+,29M
+,29M
+,29M
EOF
udevadm settle
for i in sda2 sda3 sda4; do
lvm pvcreate -ff -y /dev/$i ;
done && \
lvm vgcreate dracut /dev/sda[234] && \
-lvm lvcreate -l 16 -T dracut/mythinpool && \
+lvm lvcreate -l 17 -T dracut/mythinpool && \
lvm lvcreate -V1G -T dracut/mythinpool -n root && \
lvm vgchange -ay && \
mke2fs /dev/dracut/root && \
diff --git a/test/TEST-17-LVM-THIN/test.sh b/test/TEST-17-LVM-THIN/test.sh
index c13e9063..c7247c91 100755
--- a/test/TEST-17-LVM-THIN/test.sh
+++ b/test/TEST-17-LVM-THIN/test.sh
@@ -19,7 +19,7 @@ test_run() {
test_setup() {
# Create the blank file to use as a root filesystem
- dd if=/dev/null of=$TESTDIR/root.ext2 bs=1M seek=80
+ dd if=/dev/null of=$TESTDIR/root.ext2 bs=1M seek=92
kernel=$KVERSION
# Create what will eventually be our root filesystem onto an overlay
diff --git a/test/TEST-30-ISCSI/test.sh b/test/TEST-30-ISCSI/test.sh
index d5a6ba58..c126e3dd 100755
--- a/test/TEST-30-ISCSI/test.sh
+++ b/test/TEST-30-ISCSI/test.sh
@@ -109,9 +109,9 @@ test_setup() {
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index cc545ee0..6b26f762 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -62,7 +62,9 @@ parse_nvmf_discover() {
warn "traddr is mandatory for $trtype"
return 0
fi
# Create the blank file to use as a root filesystem
- dd if=/dev/null of=$TESTDIR/root.ext3 bs=1M seek=40
- dd if=/dev/null of=$TESTDIR/iscsidisk2.img bs=1M seek=40
- dd if=/dev/null of=$TESTDIR/iscsidisk3.img bs=1M seek=40
+ dd if=/dev/null of=$TESTDIR/root.ext3 bs=1M seek=45
+ dd if=/dev/null of=$TESTDIR/iscsidisk2.img bs=1M seek=45
+ dd if=/dev/null of=$TESTDIR/iscsidisk3.img bs=1M seek=45
kernel=$KVERSION
# Create what will eventually be our root filesystem onto an overlay
diff --git a/test/TEST-31-ISCSI-MULTI/test.sh b/test/TEST-31-ISCSI-MULTI/test.sh
index 20db2451..122c69e3 100755
--- a/test/TEST-31-ISCSI-MULTI/test.sh
+++ b/test/TEST-31-ISCSI-MULTI/test.sh
@@ -131,9 +131,9 @@ test_setup() {
- if [ "$trtype" = "fc" ]; then
+ if [ "$trtype" = "tcp" ]; then
+ : > /tmp/nvmf_needs_network
+ elif [ "$trtype" = "fc" ]; then
if [ "$traddr" = "auto" ]; then
rm /etc/nvme/discovery.conf
return 1
@@ -71,7 +73,7 @@ parse_nvmf_discover() {
warn "host traddr is mandatory for fc"
return 0
fi
- elif [ "$trtype" != "rdma" ] && [ "$trtype" != "tcp" ]; then
+ elif [ "$trtype" != "rdma" ]; then
warn "unsupported transport $trtype"
return 0
fi
@@ -100,6 +102,11 @@ for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do
}
done
# Create the blank file to use as a root filesystem
- dd if=/dev/null of=$TESTDIR/root.ext3 bs=1M seek=40
- dd if=/dev/null of=$TESTDIR/iscsidisk2.img bs=1M seek=40
- dd if=/dev/null of=$TESTDIR/iscsidisk3.img bs=1M seek=40
+ dd if=/dev/null of=$TESTDIR/root.ext3 bs=1M seek=45
+ dd if=/dev/null of=$TESTDIR/iscsidisk2.img bs=1M seek=45
+ dd if=/dev/null of=$TESTDIR/iscsidisk3.img bs=1M seek=45
+if [ -e /tmp/nvmf_needs_network ]; then
+ echo "rd.neednet=1" > /etc/cmdline.d/nvmf-neednet.conf
+ rm -f /tmp/nvmf_needs_network
+fi
+
# Host NQN and host id are mandatory for NVMe-oF
if [ -f "/etc/nvme/hostnqn" ] && [ -f "/etc/nvme/hostid" ]; then
kernel=$KVERSION
# Create what will eventually be our root filesystem onto an overlay

View File

@ -1,27 +1,28 @@
From d9bf0c38be49199724abe1d18bc1c2686e6f0c88 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Thu, 27 Jun 2019 16:20:32 +0200
Subject: [PATCH] travis: run TEST-14-IMSM on Fedora 29
From 185e200e9969f717faa5014d87be579ce452d2fe Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Thu, 12 Jan 2023 11:06:35 +0100
Subject: [PATCH] fix(nvmf): install 8021q module unconditionally
Systemd in Fedora 30 is broken at the moment.
Fix: https://github.com/systemd/systemd/pull/12872/
In NBFT setups, VLAN can be configured in the firmware.
Add the 8021q module in hostonly mode even if VLAN is currently
not used to be prepared for such configuration change.
(cherry picked from commit 7a2503ab8cec9473ad6dacf4f48b17344219f3c0)
Resolves: #1933787
---
.travis.yml | 2 +-
modules.d/95nvmf/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.travis.yml b/.travis.yml
index efb0df1b..de0af438 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -19,7 +19,7 @@ env:
- IMAGE=latest TESTS=10
- IMAGE=latest TESTS=11
- IMAGE=latest TESTS=13
- - IMAGE=latest TESTS=14
+ - IMAGE=29 TESTS=14
- IMAGE=latest TESTS=15
- IMAGE=latest TESTS=17
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index ce5ccde2..f7fd62a0 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -50,7 +50,7 @@ depends() {
# called by dracut
installkernel() {
instmods nvme_fc lpfc qla2xxx
- hostonly="" instmods nvme_tcp nvme_fabrics
+ hostonly="" instmods nvme_tcp nvme_fabrics 8021q
}
# called by dracut

View File

@ -1,27 +1,45 @@
From c60f4fc027272c221a887128070ac89547b6ecc3 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Thu, 27 Jun 2019 16:22:04 +0200
Subject: [PATCH] travis: run TEST-13-ENC-RAID-LVM on Fedora 29
From 1a6c2fdade221e9d69e14e2b6f3386ca8fc4a8b6 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Thu, 9 Mar 2023 16:55:36 +0100
Subject: [PATCH] fix(nvmf): support /etc/nvme/config.json
Systemd in Fedora 30 is broken at the moment.
Fix: https://github.com/systemd/systemd/pull/12897
Since nvme-cli 2.0, configuration of subsystems to connect to is
stored under `/etc/nvme` in either `discovery.conf` or `config.json`.
Attempt discovery also if the latter exists, but not the former.
Also, install "config.json" if it's present on the root FS.
(cherry picked from commit 8238f41b34777c3c75b03a9b598d4b9e1c7bf911)
As before, "rd.nvmf.discover=fc,auto" will force either file to be ignored,
and NBFT-defined targets take precedence if found.
Resolves: #1933787
---
.travis.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/95nvmf/module-setup.sh | 1 +
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/.travis.yml b/.travis.yml
index de0af438..364078cf 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -18,7 +18,7 @@ env:
- IMAGE=latest TESTS=04
- IMAGE=latest TESTS=10
- IMAGE=latest TESTS=11
- - IMAGE=latest TESTS=13
+ - IMAGE=29 TESTS=13
- IMAGE=29 TESTS=14
- IMAGE=latest TESTS=15
- IMAGE=latest TESTS=17
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index f7fd62a0..46ecb38f 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -130,6 +130,7 @@ install() {
inst_multiple nvme
inst_hook cmdline 92 "$moddir/parse-nvmf-boot-connections.sh"
inst_simple "/etc/nvme/discovery.conf"
+ inst_simple "/etc/nvme/config.json"
inst_rules /usr/lib/udev/rules.d/71-nvmf-iopolicy-netapp.rules
inst_rules "$moddir/95-nvmf-initqueue.rules"
dracut_need_initqueue
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 6b26f762..6c5ef4bc 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -66,7 +66,7 @@ parse_nvmf_discover() {
: > /tmp/nvmf_needs_network
elif [ "$trtype" = "fc" ]; then
if [ "$traddr" = "auto" ]; then
- rm /etc/nvme/discovery.conf
+ rm -f /etc/nvme/discovery.conf /etc/nvme/config.json
return 1
fi
if [ "$hosttraddr" = "none" ]; then

View File

@ -1,53 +1,511 @@
From d8f0e52ac7d05c364ca24d2058c970e5e03f82ff Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Fri, 30 Aug 2019 16:16:51 +0200
Subject: [PATCH] all: remove debugging leftovers
From add394a3532b968e12bc7b9a8923cc4b85f5f724 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Fri, 16 Sep 2022 21:36:52 +0200
Subject: [PATCH] feat(nvmf): add code for parsing the NBFT
Accidentally folded into commit e671c3a06a7e5 ('95iscsi/module-setup.sh:
do not require 'hostname' anymore').
Add code to parse the Nvme-oF Boot Firmware Table (NBFT) according
to the NVM Express Boot Specification 1.0 [1]. The implementation in
dracut follows a similar general approach as iBFT support in the
iscsi module.
NBFT support requires two steps:
(1) Setting up the network and routing according to the
HFI ("Host Fabric Interface") records in the NBFT,
(2) Establishing the actual NVMe-oF connection.
(1) is accomplished by reading the NBFT using JSON output from
the "nvme nbft show" command, and transforming it into command
line options ("ip=", "rd.neednet", etc.) understood by dracut's
network module and its backends. The resulting network setup code
is backend-agnostic. It has been tested with the "network-legacy"
and "network-manager" network backend modules. The network setup
code supports IPv4 and IPv6 with static, RA, or DHCP configurations,
802.1q VLANs, and simple routing / gateway setup.
(2) is done using the "nvme connect-all" command [2] in the netroot handler,
which is invoked by networking backends when an interface gets fully
configured. This patch adds support for "netboot=nbft". The "nbftroot"
handler calls nvmf-autoconnect.sh, which contains the actual connect
logic. nvmf-autoconnect.sh itself is preserved, because there are
other NVMe-oF setups like NVMe over FC which don't depend on the
network.
The various ways to configure NVMe-oF are prioritized like this:
1 FC autoconnect from kernel commandline (rd.nvmf.discover=fc,auto)
2 NBFT, if present
3 discovery.conf or config.json, if present, and cmdline.d parameters,
if present (rd.nvmf.discovery=...)
4 FC autoconnect (without kernel command line)
The reason for this priorization is that in the initial RAM fs, we try
to activate only those connections that are necessary to mount the root
file system. This avoids confusion, possible contradicting or ambiguous
configuration, and timeouts from unavailable targets.
A retry logic is implemented for enabling the NVMe-oF connections,
using the "settled" initqueue, the netroot handler, and eventually, the
"timeout" initqueue. This is similar to the retry logic of the iscsi module.
In the "timeout" case, connection to all possible NVMe-oF subsystems
is attempted.
Two new command line parameters are introduced to make it possible to
change the priorities above:
- "rd.nvmf.nonbft" causes the NBFT to be ignored,
- "rd.nvmf.nostatic" causes any statically configured NVMe-oF targets
(config.json, discovery.conf, and cmdline.d) to be ignored.
These parameters may be helpful to skip attempts to set up broken
configurations.
At initramfs build time, the nvmf module is now enabled if an NBFT
table is detected in the system.
[1] https://nvmexpress.org/wp-content/uploads/NVM-Express-Boot-Specification-2022.11.15-Ratified.pdf
[2] NBFT support in nvme-cli requires the latest upstream code (> v2.4).
Signed-off-by: Martin Wilck <mwilck@suse.com>
Co-authored-by: John Meneghini <jmeneghi@redhat.com>
Co-authored-by: Charles Rose <charles.rose@dell.com>
(Cherry-picked commits:
9664e98b5db603567d42d4d0c6e6ea1bd3d5bf24
b3ff3f3fbce6878a754332cd4a05374e5e1156c8
a3cf4ec92202df43adf368c7fdd12e35d304a0e4
03921ec09e95ea49f89ae307dcca4e2e3d1bc6d6
e93e46520dd89a7357a15441ab6b141ff9ff9aeb
556ef46aa96650d72b2fd850a09fa04dff64bbb8
a93968b07567a654d18b8ef2144337d803186eca
a65fab69662d3adf52eb968411f59ebc5a173f7c
cf8986af7d9a3ce73f330de23d5312f924acea34
7c28e1148c086d8504caab6e70a1bcfda1bbf0b9
b03dc850e4630c3b727f71b853a1be588507a59e
0a4d7f9aece172f0f9a9286c94308b7e1ef8d500)
Resolves: #1933787
---
modules.d/40network/netroot.sh | 2 +-
modules.d/98dracut-systemd/dracut-cmdline.sh | 2 +-
modules.d/99base/init.sh | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
man/dracut.cmdline.7.asc | 9 +
modules.d/95nvmf/module-setup.sh | 25 ++-
modules.d/95nvmf/nbftroot.sh | 5 +
modules.d/95nvmf/nvmf-autoconnect.sh | 55 +++++-
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 235 ++++++++++++++++++++++--
5 files changed, 305 insertions(+), 24 deletions(-)
diff --git a/modules.d/40network/netroot.sh b/modules.d/40network/netroot.sh
index 654cfc72..207364cd 100755
--- a/modules.d/40network/netroot.sh
+++ b/modules.d/40network/netroot.sh
@@ -66,7 +66,7 @@ if [ -z "$2" ]; then
diff --git a/man/dracut.cmdline.7.asc b/man/dracut.cmdline.7.asc
index 40d13d83..abe1ec3f 100644
--- a/man/dracut.cmdline.7.asc
+++ b/man/dracut.cmdline.7.asc
@@ -898,6 +898,15 @@ NVMf
**rd.nonvmf=0**::
Disable NVMf
# Check: do we really know how to handle (net)root?
[ -z "$root" ] && die "No or empty root= argument"
- [ -z "$rootok" ] && die "X2 Don't know how to handle 'root=$root'"
+ [ -z "$rootok" ] && die "Don't know how to handle 'root=$root'"
+**rd.nvmf.nonbft**::
+ Disable connecting to targets from the NVMe Boot Firmware Table. Without
+ this parameter, NBFT connections will take precedence over _rd.nvmf.discover_.
+
+**rd.nvmf.nostatic**::
+ Disable connecting to targets that have been statically configured when
+ the initramfs was built. Targets specified with rd.nvmf.discover on the
+ kernel command line will still be tried.
+
**rd.nvmf.hostnqn=**__<hostNQN>__::
NVMe host NQN to use
handler=${netroot%%:*}
handler=${handler%%4}
diff --git a/modules.d/98dracut-systemd/dracut-cmdline.sh b/modules.d/98dracut-systemd/dracut-cmdline.sh
index 89c52d13..bff9435a 100755
--- a/modules.d/98dracut-systemd/dracut-cmdline.sh
+++ b/modules.d/98dracut-systemd/dracut-cmdline.sh
@@ -76,7 +76,7 @@ case "${root}${root_unset}" in
esac
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index 46ecb38f..1dd2ca53 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -2,7 +2,7 @@
[ -z "${root}${root_unset}" ] && die "Empty root= argument"
-[ -z "$rootok" ] && die "X1 Don't know how to handle 'root=$root'"
+[ -z "$rootok" ] && die "Don't know how to handle 'root=$root'"
# called by dracut
check() {
- require_binaries nvme || return 1
+ require_binaries nvme jq || return 1
[ -f /etc/nvme/hostnqn ] || return 255
[ -f /etc/nvme/hostid ] || return 255
export root rflags fstype netroot NEWROOT
@@ -25,17 +25,27 @@ check() {
[[ $trtype == "fc" ]] || [[ $trtype == "tcp" ]] || [[ $trtype == "rdma" ]]
}
diff --git a/modules.d/99base/init.sh b/modules.d/99base/init.sh
index 3e20069f..e4f7cff1 100755
--- a/modules.d/99base/init.sh
+++ b/modules.d/99base/init.sh
@@ -136,7 +136,7 @@ getarg 'rd.break=cmdline' -d 'rdbreak=cmdline' && emergency_shell -n cmdline "Br
source_hook cmdline
+ has_nbft() {
+ local f found=
+ for f in /sys/firmware/acpi/tables/NBFT*; do
+ [ -f "$f" ] || continue
+ found=1
+ break
+ done
+ [[ $found ]]
+ }
+
[[ $hostonly ]] || [[ $mount_needs ]] && {
pushd . > /dev/null
for_each_host_dev_and_slaves is_nvmf
local _is_nvmf=$?
popd > /dev/null || exit
[[ $_is_nvmf == 0 ]] || return 255
- if [ ! -f /sys/class/fc/fc_udev_device/nvme_discovery ]; then
- if [ ! -f /etc/nvme/discovery.conf ]; then
- echo "No discovery arguments present"
- return 255
- fi
+ if [ ! -f /sys/class/fc/fc_udev_device/nvme_discovery ] \
+ && [ ! -f /etc/nvme/discovery.conf ] \
+ && [ ! -f /etc/nvme/config.json ] && ! has_nbft; then
+ echo "No discovery arguments present"
+ return 255
fi
}
return 0
@@ -126,8 +136,9 @@ install() {
inst_multiple ip sed
[ -z "$root" ] && die "No or empty root= argument"
-[ -z "$rootok" ] && die "X0 Don't know how to handle 'root=$root'"
+[ -z "$rootok" ] && die "Don't know how to handle 'root=$root'"
inst_script "${moddir}/nvmf-autoconnect.sh" /sbin/nvmf-autoconnect.sh
+ inst_script "${moddir}/nbftroot.sh" /sbin/nbftroot
export root rflags fstype netroot NEWROOT
- inst_multiple nvme
+ inst_multiple nvme jq
inst_hook cmdline 92 "$moddir/parse-nvmf-boot-connections.sh"
inst_simple "/etc/nvme/discovery.conf"
inst_simple "/etc/nvme/config.json"
diff --git a/modules.d/95nvmf/nbftroot.sh b/modules.d/95nvmf/nbftroot.sh
new file mode 100755
index 00000000..0f334995
--- /dev/null
+++ b/modules.d/95nvmf/nbftroot.sh
@@ -0,0 +1,5 @@
+#! /bin/sh
+# This script is called from /sbin/netroot
+
+/sbin/nvmf-autoconnect.sh online
+exit 0
diff --git a/modules.d/95nvmf/nvmf-autoconnect.sh b/modules.d/95nvmf/nvmf-autoconnect.sh
index c8f676a7..35ee9487 100755
--- a/modules.d/95nvmf/nvmf-autoconnect.sh
+++ b/modules.d/95nvmf/nvmf-autoconnect.sh
@@ -1,5 +1,54 @@
-#!/bin/bash
+#!/bin/sh
+# Argument $1 is "settled", "online", or "timeout", indicating
+# the queue from which the script is called.
+# In the "timeout" case, try everything.
+# Otherwise, try options according to the priorities below.
-[ -f /sys/class/fc/fc_udev_device/nvme_discovery ] || exit 1
-echo add > /sys/class/fc/fc_udev_device/nvme_discovery
+[ "$RD_DEBUG" != yes ] || set -x
+
+if [ "$1" = timeout ]; then
+ [ ! -f /sys/class/fc/fc_udev_device/nvme_discovery ] \
+ || echo add > /sys/class/fc/fc_udev_device/nvme_discovery
+ /usr/sbin/nvme connect-all
+ exit 0
+fi
+
+NVMF_HOSTNQN_OK=
+[ ! -f "/etc/nvme/hostnqn" ] || [ ! -f "/etc/nvme/hostid" ] || NVMF_HOSTNQN_OK=1
+
+# Only nvme-cli 2.5 or newer supports the options --nbft and --no-nbft
+# for the connect-all command.
+# Make sure we don't use unsupported options with earlier versions.
+NBFT_SUPPORTED=
+# shellcheck disable=SC2016
+/usr/sbin/nvme connect-all --help 2>&1 | sed -n '/[[:space:]]--nbft[[:space:]]/q1;$q0' \
+ || NBFT_SUPPORTED=1
+
+if [ -e /tmp/nvmf-fc-auto ] && [ "$NVMF_HOSTNQN_OK" ] \
+ && [ -f /sys/class/fc/fc_udev_device/nvme_discovery ]; then
+ # prio 1: cmdline override "rd.nvmf.discovery=fc,auto"
+ echo add > /sys/class/fc/fc_udev_device/nvme_discovery
+ exit 0
+fi
+if [ "$NBFT_SUPPORTED" ] && [ -e /tmp/valid_nbft_entry_found ]; then
+ # prio 2: NBFT
+ /usr/sbin/nvme connect-all --nbft
+ exit 0
+fi
+if [ -f /etc/nvme/discovery.conf ] || [ -f /etc/nvme/config.json ] \
+ && [ "$NVMF_HOSTNQN_OK" ]; then
+ # prio 3: configuration from initrd and/or kernel command line
+ # We can get here even if "rd.nvmf.nonbft" was given, thus use --no-nbft
+ if [ "$NBFT_SUPPORTED" ]; then
+ /usr/sbin/nvme connect-all --no-nbft
+ else
+ /usr/sbin/nvme connect-all
+ fi
+ exit 0
+fi
+if [ "$NVMF_HOSTNQN_OK" ] \
+ && [ -f /sys/class/fc/fc_udev_device/nvme_discovery ]; then
+ # prio 4: no discovery entries, try NVMeoFC autoconnect
+ echo add > /sys/class/fc/fc_udev_device/nvme_discovery
+fi
exit 0
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 6c5ef4bc..66018371 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -17,13 +17,225 @@
# specify any discover parameters for FC.
#
-type is_ip > /dev/null 2>&1 || . /lib/net-lib.sh
+command -v getarg > /dev/null || . /lib/dracut-lib.sh
+command -v is_ip > /dev/null || . /lib/net-lib.sh
+
+## Sample NBFT output from nvme show-nbft -H -s -d -o json
+# [
+# {
+# "filename":"/sys/firmware/acpi/tables/NBFT",
+# "host":{
+# "nqn":"nqn.2014-08.org.nvmexpress:uuid:d6f07002-7eb5-4841-a185-400e296afae4",
+# "id":"111919da-21ea-cc4e-bafe-216d8372dd31",
+# "host_id_configured":0,
+# "host_nqn_configured":0,
+# "primary_admin_host_flag":"not indicated"
+# },
+# "subsystem":[
+# {
+# "index":1,
+# "num_hfis":1,
+# "hfis":[
+# 1
+# ],
+# "transport":"tcp",
+# "transport_address":"192.168.100.216",
+# "transport_svcid":"4420",
+# "subsys_port_id":0,
+# "nsid":1,
+# "nid_type":"uuid",
+# "nid":"424d1c8a-8ef9-4681-b2fc-8c343bd8fa69",
+# "subsys_nqn":"timberland-01",
+# "controller_id":0,
+# "asqsz":0,
+# "pdu_header_digest_required":0,
+# "data_digest_required":0
+# }
+# ],
+# "hfi":[
+# {
+# "index":1,
+# "transport":"tcp",
+# "pcidev":"0:0:2.0",
+# "mac_addr":"52:54:00:4f:97:e9",
+# "vlan":0,
+# "ip_origin":63,
+# "ipaddr":"192.168.100.217",
+# "subnet_mask_prefix":24,
+# "gateway_ipaddr":"0.0.0.0",
+# "route_metric":0,
+# "primary_dns_ipaddr":"0.0.0.0",
+# "secondary_dns_ipaddr":"0.0.0.0",
+# "dhcp_server_ipaddr":"",
+# "this_hfi_is_default_route":1
+# }
+# ],
+# "discovery":[
+# ]
+# }
+# ]
+#
+# If the IP address is derived from DHCP, it sets the field
+# "hfi.dhcp_server_ipaddr" to a non-emtpy value.
+#
+#
+
+nbft_run_jq() {
+ local st
+ local opts="-e"
+
+ while [ $# -gt 0 ]; do
+ case $1 in
+ -*)
+ opts="$opts $1"
+ ;;
+ *)
+ break
+ ;;
+ esac
+ shift
+ done
+ # Not quoting is intentional here. We won't get glob expressions passed.
+ # shellcheck disable=SC2086
+ jq $opts "$1" << EOF
+$2
+EOF
+ st=$?
+ if [ $st -ne 0 ]; then
+ warn "NBFT: jq error while processing \"$1\""
+ return $st
+ else
+ return 0
+ fi
+}
+
+nbft_check_empty_address() {
+ # suppress meaningless or empty IP addresses
+ # "null" is returned by jq if no match found for expression
+ case $1 in
+ null | "::" | "0.0.0.0") ;;
+ *)
+ echo "$1"
+ ;;
+ esac
+}
+
+nbft_parse_hfi() {
+ # false positive of shellcheck - no expansion in variable assignments
+ # shellcheck disable=2086
+ local hfi_json=$1
+ local mac iface ipaddr prefix vlan gateway dns1 dns2 hostname adrfam dhcp
+
+ mac=$(nbft_run_jq -r .mac_addr "$hfi_json") || return 1
+ iface=$(set_ifname nbft "$mac")
+
+ vlan=$(nbft_run_jq .vlan "$hfi_json") || vlan=0
+ # treat VLAN zero as "no vlan"
+ [ "$vlan" -ne 0 ] || vlan=
+
+ [ ! -e /tmp/net."${iface}${vlan:+.$vlan}".has_ibft_config ] || return 0
+
+ dhcp=$(nbft_run_jq -r .dhcp_server_ipaddr "$hfi_json")
+ # We need to check $? here as the above is an assignment
+ # shellcheck disable=2181
+ if [ $? -eq 0 ] && [ "$dhcp" ] && [ "$dhcp" != null ]; then
+ case $dhcp in
+ *:*)
+ echo ip="$iface${vlan:+.$vlan}:dhcp6"
+ ;;
+ *.*.*.*)
+ echo ip="$iface${vlan:+.$vlan}:dhcp"
+ ;;
+ *)
+ warn "Invalid value for dhcp_server_ipaddr: $dhcp"
+ return 1
+ ;;
+ esac
+ else
+ ipaddr=$(nbft_run_jq -r .ipaddr "$hfi_json") || return 1
+
+ case $ipaddr in
+ *.*.*.*)
+ adrfam=ipv4
+ ;;
+ *:*)
+ adrfam=ipv6
+ ;;
+ *)
+ warn "invalid address: $ipaddr"
+ return 1
+ ;;
+ esac
+ prefix=$(nbft_run_jq -r .subnet_mask_prefix "$hfi_json")
+ # Need to check $? here as he above is an assignment
+ # shellcheck disable=2181
+ if [ $? -ne 0 ] && [ "$adrfam" = ipv6 ]; then
+ prefix=128
+ fi
+ # Use brackets for IPv6
+ if [ "$adrfam" = ipv6 ]; then
+ ipaddr="[$ipaddr]"
+ fi
+
+ gateway=$(nbft_check_empty_address \
+ "$(nbft_run_jq -r .gateway_ipaddr "$hfi_json")")
+ dns1=$(nbft_check_empty_address \
+ "$(nbft_run_jq -r .primary_dns_ipaddr "$hfi_json")")
+ dns2=$(nbft_check_empty_address \
+ "$(nbft_run_jq -r .secondary_dns_ipaddr "$hfi_json")")
+ hostname=$(nbft_run_jq -r .host_name "$hfi_json" 2> /dev/null) || hostname=
+
+ echo "ip=$ipaddr::$gateway:$prefix:$hostname:$iface${vlan:+.$vlan}:none${dns1:+:$dns1}${dns2:+:$dns2}"
+ fi
+
+ if [ "$vlan" ]; then
+ echo "vlan=$iface.$vlan:$iface"
+ echo "$mac" > "/tmp/net.$iface.$vlan.has_ibft_config"
+ else
+ echo "$mac" > "/tmp/net.$iface.has_ibft_config"
+ fi
+ : > /tmp/valid_nbft_entry_found
+}
+
+nbft_parse() {
+ local nbft_json n_nbft all_hfi_json n_hfi
+ local j=0 i
+
+ nbft_json=$(nvme nbft show -H -o json) || return 0
+ n_nbft=$(nbft_run_jq ". | length" "$nbft_json") || return 0
+
+ while [ "$j" -lt "$n_nbft" ]; do
+ all_hfi_json=$(nbft_run_jq ".[$j].hfi" "$nbft_json") || continue
+ n_hfi=$(nbft_run_jq ". | length" "$all_hfi_json") || continue
+ i=0
+
+ while [ "$i" -lt "$n_hfi" ]; do
+ nbft_parse_hfi "$(nbft_run_jq ".[$i]" "$all_hfi_json")"
+ i=$((i + 1))
+ done
+ j=$((j + 1))
+ done >> /etc/cmdline.d/40-nbft.conf
+}
if getargbool 0 rd.nonvmf; then
warn "rd.nonvmf=0: skipping nvmf"
return 0
fi
+if getargbool 0 rd.nvmf.nostatic; then
+ rm -f /etc/cmdline.d/95nvmf-args.conf
+ rm -f /etc/nvme/discovery.conf /etc/nvme/config.json
+fi
+
+if ! getargbool 0 rd.nvmf.nonbft; then
+ for _x in /sys/firmware/acpi/tables/NBFT*; do
+ if [ -f "$_x" ]; then
+ nbft_parse
+ break
+ fi
+ done
+fi
+
initqueue --onetime modprobe --all -b -q nvme_tcp nvme_core nvme_fabrics
parse_nvmf_discover() {
@@ -94,26 +306,21 @@ if [ -n "$nvmf_hostid" ]; then
echo "$nvmf_hostid" > /etc/nvme/hostid
fi
-NVMF_FC_AUTO=
+rm -f /tmp/nvmf-fc-auto
for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do
parse_nvmf_discover "$d" || {
- NVMF_FC_AUTO=1
+ : > /tmp/nvmf-fc-auto
break
}
done
-if [ -e /tmp/nvmf_needs_network ]; then
+if [ -e /tmp/nvmf_needs_network ] || [ -e /tmp/valid_nbft_entry_found ]; then
echo "rd.neednet=1" > /etc/cmdline.d/nvmf-neednet.conf
+ # netroot is a global variable that is present in all "sourced" scripts
+ # shellcheck disable=SC2034
+ netroot=nbft
rm -f /tmp/nvmf_needs_network
fi
-# Host NQN and host id are mandatory for NVMe-oF
-if [ -f "/etc/nvme/hostnqn" ] && [ -f "/etc/nvme/hostid" ]; then
-
- # If no nvme command line arguments present, try autodiscovery
- if [ $NVMF_FC_AUTO ] || [ ! -f "/etc/nvme/discovery.conf" ]; then
- /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
- else
- /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
- fi
-fi
+/sbin/initqueue --settled --onetime --name nvmf-connect-settled /sbin/nvmf-autoconnect.sh settled
+/sbin/initqueue --timeout --onetime --name nvmf-connect-timeout /sbin/nvmf-autoconnect.sh timeout

View File

@ -1,31 +1,41 @@
From 8eb08e55286e77f005246d1db1bfd2adf4a0e40b Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Tue, 27 Nov 2018 15:30:48 +0100
Subject: [PATCH] network-manager: call the online hook for connected devices
From abc03e87ef3dff517c1da05643e8a5ec92b1bf14 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 14 Aug 2023 10:24:14 +0200
Subject: [PATCH] feat(spec): include modules for IMA
Look for "connection-uuid" instead of "managed" to determine the devices
that are actually activated with a connection and call the online hook.
This fixes the anaconda-net root mount, which utilizes the online hook.
(cherry picked from commit 79a17b0112995eb60c85c64d15070c52f213b28d)
Resolves: #2158155
---
modules.d/35network-manager/nm-run.sh | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
pkgbuild/dracut.spec | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh
index f6defa99..0f943631 100755
--- a/modules.d/35network-manager/nm-run.sh
+++ b/modules.d/35network-manager/nm-run.sh
@@ -9,8 +9,9 @@ fi
for _i in /sys/class/net/*/
do
state=/run/NetworkManager/devices/$(cat $_i/ifindex)
- grep -q managed=true $state 2>/dev/null || continue
+ grep -q connection-uuid= $state 2>/dev/null || continue
ifname=$(basename $_i)
sed -n 's/root-path/new_root_path/p' <$state >/tmp/dhclient.$ifname.dhcpopts
+ source_hook initqueue/online $ifname
/sbin/netroot $ifname
done
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index e148bbf7..b2d75951 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -214,13 +214,6 @@ rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/00dash
# we do not support mksh in the initramfs
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/00mksh
-%if %{defined _unitdir}
-# with systemd IMA and selinux modules do not make sense
-rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/96securityfs
-rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/97masterkey
-rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/98integrity
-%endif
-
%ifnarch s390 s390x
# remove architecture specific modules
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/80cms
@@ -394,11 +387,9 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/95zfcp
%{dracutlibdir}/modules.d/95zfcp_rules
%endif
-%if %{undefined _unitdir}
%{dracutlibdir}/modules.d/96securityfs
%{dracutlibdir}/modules.d/97masterkey
%{dracutlibdir}/modules.d/98integrity
-%endif
%{dracutlibdir}/modules.d/97biosdevname
%{dracutlibdir}/modules.d/98dracut-systemd
%{dracutlibdir}/modules.d/98ecryptfs

View File

@ -1,24 +1,24 @@
From 34011ee53e745f74d70bc5b52dade6d4ef349e90 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 17 Jun 2019 10:07:38 +0200
Subject: [PATCH] network-manager: remove useless use of basename
From aaffb39dc86b674501cb447c7fef5dd40aad85fb Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 14 Aug 2023 11:25:19 +0200
Subject: [PATCH] fix(dracut): there can be \ at the end on line in awk script
(cherry picked from commit 5e0f8c8a4ced36268d0077acafa1db2402776fa6)
Related: #2158155
---
modules.d/35network-manager/nm-run.sh | 2 +-
dracut.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh
index 0f943631..5f4b38ca 100755
--- a/modules.d/35network-manager/nm-run.sh
+++ b/modules.d/35network-manager/nm-run.sh
@@ -10,7 +10,7 @@ for _i in /sys/class/net/*/
do
state=/run/NetworkManager/devices/$(cat $_i/ifindex)
grep -q connection-uuid= $state 2>/dev/null || continue
- ifname=$(basename $_i)
+ ifname=${_i##*/}
sed -n 's/root-path/new_root_path/p' <$state >/tmp/dhclient.$ifname.dhcpopts
source_hook initqueue/online $ifname
/sbin/netroot $ifname
diff --git a/dracut.sh b/dracut.sh
index 1ff51bb1..30dfb229 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2592,7 +2592,7 @@ if [[ $uefi == yes ]]; then
printf "%s " "$(< "$conf")" >> "$uefi_outdir/cmdline.txt"
done
fi
-
+ # shellcheck disable=SC1004
offs=$(objdump -h "$uefi_stub" 2> /dev/null | gawk 'NF==7 {size=strtonum("0x"$3);\
offset=strtonum("0x"$4)} END {print size + offset}')
if [[ $offs -eq 0 ]]; then

View File

@ -1,24 +1,24 @@
From 94c75a2a827ff09ffac18454d5c4ba4756d721d6 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 27 May 2019 12:44:17 +0200
Subject: [PATCH] network-manager: also read out next-server from NM state
From 9c1c19de50de5dba6d0875425539cb9259dd7451 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 14 Aug 2023 12:37:33 +0200
Subject: [PATCH] fix(rngd): spacing
(cherry picked from commit 4be95b67a73e7434f92a7d7c40955eae0b59717e)
Related: #2158155
---
modules.d/35network-manager/nm-run.sh | 2 +-
modules.d/06rngd/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh
index 5f4b38ca..a539d5b2 100755
--- a/modules.d/35network-manager/nm-run.sh
+++ b/modules.d/35network-manager/nm-run.sh
@@ -11,7 +11,7 @@ do
state=/run/NetworkManager/devices/$(cat $_i/ifindex)
grep -q connection-uuid= $state 2>/dev/null || continue
ifname=${_i##*/}
- sed -n 's/root-path/new_root_path/p' <$state >/tmp/dhclient.$ifname.dhcpopts
+ sed -n 's/root-path/new_root_path/p;s/next-server/new_next_server/p' <$state >/tmp/dhclient.$ifname.dhcpopts
source_hook initqueue/online $ifname
/sbin/netroot $ifname
done
diff --git a/modules.d/06rngd/module-setup.sh b/modules.d/06rngd/module-setup.sh
index 66923a38..1e5f0eb9 100644
--- a/modules.d/06rngd/module-setup.sh
+++ b/modules.d/06rngd/module-setup.sh
@@ -35,7 +35,7 @@ install() {
inst_simple "${systemdsystemunitdir}/rngd.service"
if [ -r /etc/sysconfig/rngd ]; then
- inst_simple "${moddir}/sysconfig" "/etc/sysconfig/rngd"
+ inst_simple "${moddir}/sysconfig" "/etc/sysconfig/rngd"
fi
# make sure dependant libs are installed too

View File

@ -1,30 +1,49 @@
From 68fefe6f9424d3f29e6da9133579c385e7b470b2 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 27 May 2019 12:43:59 +0200
Subject: [PATCH] network-manager: generate configuration with netroot=
From 9d2a3df5453001612b225c7423451f6e02e06c19 Mon Sep 17 00:00:00 2001
From: Alberto Planas <aplanas@suse.com>
Date: Mon, 20 Jun 2022 17:13:19 +0200
Subject: [PATCH] fix(integrity): do not enable EVM if there is no key
If the root is on network, let nm-initrd-generator create configuration
even if none was explicitly specified on the command line.
Track when a key is successfully loaded, and return 1 if no key has been
loaded. This will not enable EVM if there are no keys available in the
system.
Also do the same if /tmp/net.ifaces exists, because the anaconda plugin
creates an empty file in that location in hopes that will make us
configure the network.
Fix #1847
(cherry picked from commit 381ab6b7cd2d35bf7f9da63b10c20f5ef6e61a8b)
Signed-off-by: Alberto Planas <aplanas@suse.com>
(Cherry-picked commit: 90585c624af15ba0abb7f32b0c2afc2b122dd019)
Related: #2158155
---
modules.d/35network-manager/nm-config.sh | 4 ++++
1 file changed, 4 insertions(+)
modules.d/98integrity/evm-enable.sh | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/modules.d/35network-manager/nm-config.sh b/modules.d/35network-manager/nm-config.sh
index 1339ebe7..1efa737c 100755
--- a/modules.d/35network-manager/nm-config.sh
+++ b/modules.d/35network-manager/nm-config.sh
@@ -1,3 +1,7 @@
#!/bin/sh
diff --git a/modules.d/98integrity/evm-enable.sh b/modules.d/98integrity/evm-enable.sh
index 0abdfb80..913b5f12 100755
--- a/modules.d/98integrity/evm-enable.sh
+++ b/modules.d/98integrity/evm-enable.sh
@@ -99,6 +99,7 @@ load_evm_x509() {
fi
# load the default EVM public key onto the EVM keyring along
# with all the other ones in $EVMKEYSDIR
+ local key_imported=1
for PUBKEY in ${EVMX509PATH} "${NEWROOT}${EVMKEYSDIR}"/*; do
if [ ! -f "${PUBKEY}" ]; then
if [ "${RD_DEBUG}" = "yes" ]; then
@@ -110,13 +111,14 @@ load_evm_x509() {
info "integrity: failed to load the EVM X509 cert ${PUBKEY}"
return 1
fi
+ key_imported=0
done
+if [ -n "$netroot" ] || [ -e /tmp/net.ifaces ]; then
+ echo rd.neednet >> /etc/cmdline.d/35-neednet.conf
+fi
+
/usr/libexec/nm-initrd-generator -- $(getcmdline)
if [ "${RD_DEBUG}" = "yes" ]; then
keyctl show @u
fi
- return 0
+ return ${key_imported}
}
unload_evm_key() {

View File

@ -1,43 +1,46 @@
From 53cece208a44c53ecc001cb8eb769f6fb9b3d1dc Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 27 May 2019 11:12:22 +0200
Subject: [PATCH] network: parse root=dhcp also with network-manager module
From ecc17a2cd574b31ce6f95f5a7d8ee6c62ecbb51b Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Wed, 16 Aug 2023 14:02:51 +0200
Subject: [PATCH] fix(fips): include openssl's fips.so and openssl.cnf
Move the logic from network-legacy to common network code.
(cherry picked from commit 35efada5ecffd139660b4a89f4cc3d627752c91e)
Resolves: #2176560
---
modules.d/35network-legacy/module-setup.sh | 1 -
modules.d/{35network-legacy => 40network}/dhcp-root.sh | 0
modules.d/40network/module-setup.sh | 1 +
3 files changed, 1 insertion(+), 1 deletion(-)
modules.d/01fips/module-setup.sh | 13 +++++++++++++
modules.d/01fips/openssl.cnf | 7 +++++++
2 files changed, 20 insertions(+)
diff --git a/modules.d/35network-legacy/module-setup.sh b/modules.d/35network-legacy/module-setup.sh
index 71abda36..5a82e998 100755
--- a/modules.d/35network-legacy/module-setup.sh
+++ b/modules.d/35network-legacy/module-setup.sh
@@ -36,7 +36,6 @@ install() {
inst_simple -H "/etc/dhclient.conf"
cat "$moddir/dhclient.conf" >> "${initdir}/etc/dhclient.conf"
inst_hook pre-udev 60 "$moddir/net-genrules.sh"
- inst_hook cmdline 91 "$moddir/dhcp-root.sh"
inst_hook cmdline 92 "$moddir/parse-ibft.sh"
inst_hook cmdline 95 "$moddir/parse-vlan.sh"
inst_hook cmdline 96 "$moddir/parse-bond.sh"
diff --git a/modules.d/35network-legacy/dhcp-root.sh b/modules.d/40network/dhcp-root.sh
similarity index 100%
rename from modules.d/35network-legacy/dhcp-root.sh
rename to modules.d/40network/dhcp-root.sh
diff --git a/modules.d/40network/module-setup.sh b/modules.d/40network/module-setup.sh
index e8541636..8e2a74a3 100755
--- a/modules.d/40network/module-setup.sh
+++ b/modules.d/40network/module-setup.sh
@@ -28,6 +28,7 @@ install() {
inst_script "$moddir/netroot.sh" "/sbin/netroot"
inst_simple "$moddir/net-lib.sh" "/lib/net-lib.sh"
inst_hook pre-udev 50 "$moddir/ifname-genrules.sh"
+ inst_hook cmdline 91 "$moddir/dhcp-root.sh"
dracut_need_initqueue
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index cc9d15ce..7ff5e640 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -82,4 +82,17 @@ install() {
dfatal "To create an initramfs with fips support, dracut has to run as root"
return 1
}
+
+ # if we have openssl we need to install their fips library and configuration
+ [ -x /usr/bin/openssl ] && {
+ read -r _ conf < <(openssl version -d)
+ conf=${conf#\"}
+ conf=${conf%\"}
+ inst_simple "${moddir}/openssl.cnf" "$conf/openssl.cnf"
+
+ read -r _ mod < <(openssl version -m)
+ mod=${mod#\"}
+ mod=${mod%\"}
+ inst_simple "$mod/fips.so"
+ }
}
diff --git a/modules.d/01fips/openssl.cnf b/modules.d/01fips/openssl.cnf
new file mode 100644
index 00000000..ee9adcf0
--- /dev/null
+++ b/modules.d/01fips/openssl.cnf
@@ -0,0 +1,7 @@
+openssl_conf = openssl_init
+[openssl_init]
+providers = provider_sect
+[provider_sect]
+default = default_sect
+[default_sect]
+activate = 1

View File

@ -1,620 +1,66 @@
From 4e10601254bb20891dc2919416d7151583678c3d Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 10 Jun 2019 16:04:18 +0200
Subject: [PATCH] test: copy BONDBRIDGETEAMVLAN to IFCFG
From bc525e2ef02bbcd09adfedb6c92213f1b84d4740 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 25 Apr 2023 14:56:59 +0200
Subject: [PATCH] feat(hwdb): install hwdb on demand when module is needed
The IFCFG test will make sure the network-legacy plugin keeps writing
out correct ifcfg files.
Adding a module to install hwdb. Further extensions might make only selected
part of hwdb installable, to save space. The module is not included by default.
This is a separate commit so that actual changes are visible in the
following one.
Including the module adds 2MB of compressed data (on Fedora, the file has 12MB).
(cherry picked from commit 70787ab61957741a05e4046bad49758c4e9bc1cc)
hwdb is needed in case of custom HW, like a keyboard/mouse or various interfaces.
Original PR: https://github.com/dracutdevs/dracut/pull/1681
(Cherry-picked commit: 062e739d89543a38d4b3e2cab155912bc4bf9e56)
Resolves: #2233597
---
test/TEST-60-IFCFG/99-idesymlinks.rules | 8 +
test/TEST-60-IFCFG/Makefile | 10 +
test/TEST-60-IFCFG/client-init.sh | 22 +++
test/TEST-60-IFCFG/dhcpd.conf | 27 +++
test/TEST-60-IFCFG/exports | 1 +
test/TEST-60-IFCFG/finished-false.sh | 2 +
test/TEST-60-IFCFG/hard-off.sh | 3 +
test/TEST-60-IFCFG/hosts | 5 +
test/TEST-60-IFCFG/server-init.sh | 120 ++++++++++++
test/TEST-60-IFCFG/test.sh | 336 ++++++++++++++++++++++++++++++++
10 files changed, 534 insertions(+)
modules.d/95hwdb/module-setup.sh | 26 ++++++++++++++++++++++++++
pkgbuild/dracut.spec | 1 +
2 files changed, 27 insertions(+)
diff --git a/test/TEST-60-IFCFG/99-idesymlinks.rules b/test/TEST-60-IFCFG/99-idesymlinks.rules
new file mode 100644
index 00000000..d557790a
--- /dev/null
+++ b/test/TEST-60-IFCFG/99-idesymlinks.rules
@@ -0,0 +1,8 @@
+ACTION=="add|change", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="hda", SYMLINK+="sda"
+ACTION=="add|change", SUBSYSTEM=="block", ENV{DEVTYPE}=="partition", KERNEL=="hda*", SYMLINK+="sda$env{MINOR}"
+ACTION=="add|change", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="hdb", SYMLINK+="sdb"
+ACTION=="add|change", SUBSYSTEM=="block", ENV{DEVTYPE}=="partition", KERNEL=="hdb*", SYMLINK+="sdb$env{MINOR}"
+ACTION=="add|change", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="hdc", SYMLINK+="sdc"
+ACTION=="add|change", SUBSYSTEM=="block", ENV{DEVTYPE}=="partition", KERNEL=="hdc*", SYMLINK+="sdc$env{MINOR}"
+ACTION=="add|change", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="hdd", SYMLINK+="sdd"
+ACTION=="add|change", SUBSYSTEM=="block", ENV{DEVTYPE}=="partition", KERNEL=="hdd*", SYMLINK+="sdd$env{MINOR}"
diff --git a/test/TEST-60-IFCFG/Makefile b/test/TEST-60-IFCFG/Makefile
new file mode 100644
index 00000000..aad27059
--- /dev/null
+++ b/test/TEST-60-IFCFG/Makefile
@@ -0,0 +1,10 @@
+all:
+ @$(MAKE) -s --no-print-directory -C ../.. all
+ @V=$(V) basedir=../.. testdir=../ ./test.sh --all
+setup:
+ @$(MAKE) --no-print-directory -C ../.. all
+ @basedir=../.. testdir=../ ./test.sh --setup
+clean:
+ @basedir=../.. testdir=../ ./test.sh --clean
+run:
+ @basedir=../.. testdir=../ ./test.sh --run
diff --git a/test/TEST-60-IFCFG/client-init.sh b/test/TEST-60-IFCFG/client-init.sh
diff --git a/modules.d/95hwdb/module-setup.sh b/modules.d/95hwdb/module-setup.sh
new file mode 100755
index 00000000..8c33ff0f
index 00000000..16365377
--- /dev/null
+++ b/test/TEST-60-IFCFG/client-init.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+exec >/dev/console 2>&1
+export PATH=/sbin:/bin:/usr/sbin:/usr/bin
+strstr() { [ "${1#*$2*}" != "$1" ]; }
+CMDLINE=$(while read line; do echo $line;done < /proc/cmdline)
+export TERM=linux
+export PS1='initramfs-test:\w\$ '
+stty sane
+echo "made it to the rootfs! Powering down."
+
+(
+ echo OK
+ ip -o -4 address show scope global | while read n if rest; do echo $if;done | sort
+ for i in /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-*; do
+ echo $i
+ grep -v 'UUID=' $i
+ done
+ echo EOF
+) > /dev/sda
+
+strstr "$CMDLINE" "rd.shell" && sh -i
+poweroff -f
diff --git a/test/TEST-60-IFCFG/dhcpd.conf b/test/TEST-60-IFCFG/dhcpd.conf
new file mode 100644
index 00000000..e26bd60b
--- /dev/null
+++ b/test/TEST-60-IFCFG/dhcpd.conf
@@ -0,0 +1,27 @@
+ddns-update-style none;
+
+use-host-decl-names true;
+
+subnet 192.168.50.0 netmask 255.255.255.0 {
+ option subnet-mask 255.255.255.0;
+ option routers 192.168.50.1;
+ next-server 192.168.50.1;
+ server-identifier 192.168.50.1;
+ option domain-name-servers 192.168.50.1;
+ option domain-search "example.com";
+ option domain-name "other.com";
+ option root-path "nfs:192.168.50.1:/nfs/client";
+ range 192.168.50.10 192.168.50.100;
+}
+
+subnet 192.168.51.0 netmask 255.255.255.0 {
+ option subnet-mask 255.255.255.0;
+ option routers 192.168.51.1;
+ next-server 192.168.51.1;
+ server-identifier 192.168.51.1;
+ option domain-name-servers 192.168.51.1;
+ option domain-search "example.com";
+ option domain-name "other.com";
+ option root-path "nfs:192.168.51.1:/nfs/client";
+ range 192.168.51.10 192.168.51.100;
+}
diff --git a/test/TEST-60-IFCFG/exports b/test/TEST-60-IFCFG/exports
new file mode 100644
index 00000000..ff5f29b1
--- /dev/null
+++ b/test/TEST-60-IFCFG/exports
@@ -0,0 +1 @@
+/nfs/client 192.168.50.0/24(rw,insecure,no_subtree_check,no_root_squash)
diff --git a/test/TEST-60-IFCFG/finished-false.sh b/test/TEST-60-IFCFG/finished-false.sh
new file mode 100755
index 00000000..ecdbef95
--- /dev/null
+++ b/test/TEST-60-IFCFG/finished-false.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+exit 1
diff --git a/test/TEST-60-IFCFG/hard-off.sh b/test/TEST-60-IFCFG/hard-off.sh
new file mode 100755
index 00000000..12c3d5ac
--- /dev/null
+++ b/test/TEST-60-IFCFG/hard-off.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+getarg rd.shell || poweroff -f
+getarg failme && poweroff -f
diff --git a/test/TEST-60-IFCFG/hosts b/test/TEST-60-IFCFG/hosts
new file mode 100644
index 00000000..d02a4e9b
--- /dev/null
+++ b/test/TEST-60-IFCFG/hosts
@@ -0,0 +1,5 @@
+127.0.0.1 localhost
+192.168.50.1 server
+192.168.50.100 client-if1
+192.168.50.101 client-if2
+192.168.50.102 client-if3
diff --git a/test/TEST-60-IFCFG/server-init.sh b/test/TEST-60-IFCFG/server-init.sh
new file mode 100755
index 00000000..b9f01c9b
--- /dev/null
+++ b/test/TEST-60-IFCFG/server-init.sh
@@ -0,0 +1,120 @@
+#!/bin/sh
+exec </dev/console >/dev/console 2>&1
+set -x
+export PATH=/sbin:/bin:/usr/sbin:/usr/bin
+export TERM=linux
+export PS1='nfstest-server:\w\$ '
+stty sane
+echo "made it to the rootfs!"
+echo server > /proc/sys/kernel/hostname
+
+wait_for_if_link() {
+ local cnt=0
+ local li
+ while [ $cnt -lt 600 ]; do
+ li=$(ip -o link show dev $1 2>/dev/null)
+ [ -n "$li" ] && return 0
+ sleep 0.1
+ cnt=$(($cnt+1))
+ done
+ return 1
+}
+
+wait_for_if_up() {
+ local cnt=0
+ local li
+ while [ $cnt -lt 200 ]; do
+ li=$(ip -o link show up dev $1)
+ [ -n "$li" ] && return 0
+ sleep 0.1
+ cnt=$(($cnt+1))
+ done
+ return 1
+}
+
+wait_for_route_ok() {
+ local cnt=0
+ while [ $cnt -lt 200 ]; do
+ li=$(ip route show)
+ [ -n "$li" ] && [ -z "${li##*$1*}" ] && return 0
+ sleep 0.1
+ cnt=$(($cnt+1))
+ done
+ return 1
+}
+
+linkup() {
+ wait_for_if_link $1 2>/dev/null\
+ && ip link set $1 up 2>/dev/null\
+ && wait_for_if_up $1 2>/dev/null
+}
+
+modprobe --all -b -q 8021q ipvlan macvlan
+>/dev/watchdog
+ip addr add 127.0.0.1/8 dev lo
+linkup lo
+ip link set dev eth0 name ens3
+ip addr add 192.168.50.1/24 dev ens3
+linkup ens3
+>/dev/watchdog
+ip link set dev eth1 name ens4
+ip link add dev ens4.1 link ens4 type vlan id 1
+ip link add dev ens4.2 link ens4 type vlan id 2
+ip link add dev ens4.3 link ens4 type vlan id 3
+ip link add dev ens4.4 link ens4 type vlan id 4
+ip addr add 192.168.54.1/24 dev ens4.1
+ip addr add 192.168.55.1/24 dev ens4.2
+ip addr add 192.168.56.1/24 dev ens4.3
+ip addr add 192.168.57.1/24 dev ens4.4
+linkup ens4
+ip link set dev ens4.1 up
+ip link set dev ens4.2 up
+ip link set dev ens4.3 up
+ip link set dev ens4.4 up
+ip link set dev eth2 name ens5
+ip addr add 192.168.51.1/24 dev ens5
+linkup ens5
+ip link set dev eth3 name ens6
+linkup ens6
+>/dev/watchdog
+modprobe af_packet
+> /dev/watchdog
+modprobe sunrpc
+>/dev/watchdog
+mount -t rpc_pipefs sunrpc /var/lib/nfs/rpc_pipefs
+>/dev/watchdog
+[ -x /sbin/portmap ] && portmap
+>/dev/watchdog
+mkdir -p /run/rpcbind
+[ -x /sbin/rpcbind ] && rpcbind
+>/dev/watchdog
+modprobe nfsd
+>/dev/watchdog
+mount -t nfsd nfsd /proc/fs/nfsd
+>/dev/watchdog
+exportfs -r
+>/dev/watchdog
+rpc.nfsd
+>/dev/watchdog
+rpc.mountd
+>/dev/watchdog
+rpc.idmapd
+>/dev/watchdog
+exportfs -r
+>/dev/watchdog
+>/var/lib/dhcpd/dhcpd.leases
+>/dev/watchdog
+chmod 777 /var/lib/dhcpd/dhcpd.leases
+>/dev/watchdog
+dhcpd -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases ens3 ens5
+#echo -n 'V' > /dev/watchdog
+#sh -i
+#tcpdump -i ens3
+# Wait forever for the VM to die
+echo "Serving NFS mounts"
+while :; do
+ sleep 10
+ >/dev/watchdog
+done
+mount -n -o remount,ro /
+poweroff -f
diff --git a/test/TEST-60-IFCFG/test.sh b/test/TEST-60-IFCFG/test.sh
new file mode 100755
index 00000000..8c11a7d3
--- /dev/null
+++ b/test/TEST-60-IFCFG/test.sh
@@ -0,0 +1,336 @@
+++ b/modules.d/95hwdb/module-setup.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+TEST_DESCRIPTION="root filesystem on NFS with bridging/bonding/vlan"
+KVERSION=${KVERSION-$(uname -r)}
+# This file is part of dracut.
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+# Uncomment this to debug failures
+#DEBUGFAIL="rd.shell rd.break"
+#DEBUGFAIL="rd.shell rd.break rd.debug"
+#SERIAL="tcp:127.0.0.1:9999"
+
+run_server() {
+ # Start server first
+ echo "MULTINIC TEST SETUP: Starting DHCP/NFS server"
+
+ fsck -a "$TESTDIR"/server.ext3 || return 1
+
+ $testdir/run-qemu \
+ -hda "$TESTDIR"/server.ext3 \
+ -m 512M -smp 2 \
+ -display none \
+ -netdev socket,id=n0,listen=127.0.0.1:12370 \
+ -netdev socket,id=n1,listen=127.0.0.1:12371 \
+ -netdev socket,id=n2,listen=127.0.0.1:12372 \
+ -netdev socket,id=n3,listen=127.0.0.1:12373 \
+ -device e1000,netdev=n0,mac=52:54:01:12:34:56 \
+ -device e1000,netdev=n1,mac=52:54:01:12:34:57 \
+ -device e1000,netdev=n2,mac=52:54:01:12:34:58 \
+ -device e1000,netdev=n3,mac=52:54:01:12:34:59 \
+ ${SERIAL:+-serial "$SERIAL"} \
+ ${SERIAL:--serial file:"$TESTDIR"/server.log} \
+ -watchdog i6300esb -watchdog-action poweroff \
+ -no-reboot \
+ -append "panic=1 loglevel=7 root=/dev/sda rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 rd.debug" \
+ -initrd "$TESTDIR"/initramfs.server \
+ -pidfile "$TESTDIR"/server.pid -daemonize || return 1
+ chmod 644 -- "$TESTDIR"/server.pid || return 1
+
+ # Cleanup the terminal if we have one
+ tty -s && stty sane
+
+ echo Sleeping 10 seconds to give the server a head start
+ sleep 10
+check() {
+ return 255
+}
+
+client_test() {
+ local test_name="$1"
+ local do_vlan13="$2"
+ local cmdline="$3"
+ local check="$4"
+ local CONF
+# called by dracut
+install() {
+ local hwdb_bin
+
+ echo "CLIENT TEST START: $test_name"
+ # systemd-hwdb ships the file in /etc, with /usr/lib as an alternative.
+ # Therefore consider this location as preferred for configuration.
+ hwdb_bin="${udevdir}"/hwdb.bin
+
+ [ "$do_vlan13" != "yes" ] && unset do_vlan13
+
+ # Need this so kvm-qemu will boot (needs non-/dev/zero local disk)
+ if ! dd if=/dev/zero of="$TESTDIR"/client.img bs=1M count=1; then
+ echo "Unable to make client sda image" 1>&2
+ return 1
+ if [[ ! -r "${hwdb_bin}" ]]; then
+ hwdb_bin="${udevconfdir}"/hwdb.bin
+ fi
+ if [[ $do_vlan13 ]]; then
+ nic1=" -netdev socket,connect=127.0.0.1:12371,id=n1"
+ nic3=" -netdev socket,connect=127.0.0.1:12373,id=n3"
+
+ if [[ $hostonly ]]; then
+ inst_multiple -H "${hwdb_bin}"
+ else
+ nic1=" -netdev hubport,id=n1,hubid=2"
+ nic3=" -netdev hubport,id=n3,hubid=3"
+ fi
+
+ if $testdir/run-qemu --help | grep -qF -m1 'netdev hubport,id=str,hubid=n[,netdev=nd]' && echo OK; then
+ $testdir/run-qemu \
+ -hda "$TESTDIR"/client.img -m 512M -smp 2 -nographic \
+ -netdev socket,connect=127.0.0.1:12370,id=s1 \
+ -netdev hubport,hubid=1,id=h1,netdev=s1 \
+ -netdev hubport,hubid=1,id=h2 -device e1000,mac=52:54:00:12:34:01,netdev=h2 \
+ -netdev hubport,hubid=1,id=h3 -device e1000,mac=52:54:00:12:34:02,netdev=h3 \
+ $nic1 -device e1000,mac=52:54:00:12:34:03,netdev=n1 \
+ -netdev socket,connect=127.0.0.1:12372,id=n2 -device e1000,mac=52:54:00:12:34:04,netdev=n2 \
+ $nic3 -device e1000,mac=52:54:00:12:34:05,netdev=n3 \
+ -watchdog i6300esb -watchdog-action poweroff \
+ -no-reboot \
+ -append "panic=1 $cmdline rd.debug $DEBUGFAIL rd.retry=5 rw console=ttyS0,115200n81 selinux=0 init=/sbin/init" \
+ -initrd "$TESTDIR"/initramfs.testing
+ else
+ $testdir/run-qemu \
+ -hda "$TESTDIR"/client.img -m 512M -smp 2 -nographic \
+ -net socket,vlan=0,connect=127.0.0.1:12370 \
+ ${do_vlan13:+-net socket,vlan=1,connect=127.0.0.1:12371} \
+ -net socket,vlan=2,connect=127.0.0.1:12372 \
+ ${do_vlan13:+-net socket,vlan=3,connect=127.0.0.1:12373} \
+ -net nic,vlan=0,macaddr=52:54:00:12:34:01,model=e1000 \
+ -net nic,vlan=0,macaddr=52:54:00:12:34:02,model=e1000 \
+ -net nic,vlan=1,macaddr=52:54:00:12:34:03,model=e1000 \
+ -net nic,vlan=2,macaddr=52:54:00:12:34:04,model=e1000 \
+ -net nic,vlan=3,macaddr=52:54:00:12:34:05,model=e1000 \
+ -watchdog i6300esb -watchdog-action poweroff \
+ -no-reboot \
+ -append "panic=1 $cmdline rd.debug $DEBUGFAIL rd.retry=5 rw console=ttyS0,115200n81 selinux=0 init=/sbin/init" \
+ -initrd "$TESTDIR"/initramfs.testing
+ fi
+
+ {
+ read OK
+ if [[ "$OK" != "OK" ]]; then
+ echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]"
+ return 1
+ fi
+
+ while read line; do
+ [[ $line == END ]] && break
+ CONF+="$line "
+ done
+ } < "$TESTDIR"/client.img || return 1
+
+ if [[ "$check" != "$CONF" ]]; then
+ echo "Expected: '$check'"
+ echo
+ echo
+ echo "Got: '$CONF'"
+ echo "CLIENT TEST END: $test_name [FAILED - BAD CONF]"
+ return 1
+ fi
+
+ echo "CLIENT TEST END: $test_name [OK]"
+ return 0
+}
+
+
+test_run() {
+ if ! run_server; then
+ echo "Failed to start server" 1>&2
+ return 1
+ fi
+ test_client || { kill_server; return 1; }
+}
+
+test_client() {
+ client_test "Multiple VLAN" \
+ "yes" \
+ "
+vlan=vlan0001:ens5
+vlan=vlan2:ens5
+vlan=ens5.3:ens5
+vlan=ens5.0004:ens5
+ip=ens3:dhcp
+ip=192.168.54.101::192.168.54.1:24:test:vlan0001:none
+ip=192.168.55.102::192.168.55.1:24:test:vlan2:none
+ip=192.168.56.103::192.168.56.1:24:test:ens5.3:none
+ip=192.168.57.104::192.168.57.1:24:test:ens5.0004:none
+rd.neednet=1
+root=nfs:192.168.50.1:/nfs/client bootdev=ens3
+" \
+ 'ens3 ens5.0004 ens5.3 vlan0001 vlan2 /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens3 # Generated by dracut initrd NAME="ens3" DEVICE="ens3" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp TYPE=Ethernet /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens5.0004 # Generated by dracut initrd NAME="ens5.0004" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.57.104" PREFIX="24" GATEWAY="192.168.57.1" TYPE=Vlan DEVICE="ens5.0004" VLAN=yes PHYSDEV="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens5.3 # Generated by dracut initrd NAME="ens5.3" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.56.103" PREFIX="24" GATEWAY="192.168.56.1" TYPE=Vlan DEVICE="ens5.3" VLAN=yes PHYSDEV="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-vlan0001 # Generated by dracut initrd NAME="vlan0001" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.54.101" PREFIX="24" GATEWAY="192.168.54.1" TYPE=Vlan DEVICE="vlan0001" VLAN=yes PHYSDEV="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-vlan2 # Generated by dracut initrd NAME="vlan2" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.55.102" PREFIX="24" GATEWAY="192.168.55.1" TYPE=Vlan DEVICE="vlan2" VLAN=yes PHYSDEV="ens5" EOF ' \
+ || return 1
+
+ client_test "Multiple Bonds" \
+ "yes" \
+ "
+bond=bond0:ens4,ens5
+bond=bond1:ens6,ens7
+ip=bond0:dhcp
+ip=bond1:dhcp
+rd.neednet=1
+root=nfs:192.168.50.1:/nfs/client bootdev=bond0
+" \
+ 'bond0 bond1 /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-bond0 # Generated by dracut initrd NAME="bond0" DEVICE="bond0" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp BONDING_OPTS="" NAME="bond0" TYPE=Bond /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-bond1 # Generated by dracut initrd NAME="bond1" DEVICE="bond1" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp BONDING_OPTS="" NAME="bond1" TYPE=Bond /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens4 # Generated by dracut initrd NAME="ens4" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond0" DEVICE="ens4" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens5 # Generated by dracut initrd NAME="ens5" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond0" DEVICE="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens6 # Generated by dracut initrd NAME="ens6" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond1" DEVICE="ens6" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens7 # Generated by dracut initrd NAME="ens7" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond1" DEVICE="ens7" EOF ' \
+ || return 1
+
+ client_test "Multiple Bridges" \
+ "no" \
+ "
+bridge=br0:ens4,ens5
+bridge=br1:ens6,ens7
+ip=br0:dhcp
+ip=br1:dhcp
+rd.neednet=1
+root=nfs:192.168.50.1:/nfs/client bootdev=br0
+" \
+ 'br0 br1 /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-br0 # Generated by dracut initrd NAME="br0" DEVICE="br0" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp TYPE=Bridge NAME="br0" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-br1 # Generated by dracut initrd NAME="br1" DEVICE="br1" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp TYPE=Bridge NAME="br1" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens4 # Generated by dracut initrd NAME="ens4" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br0" DEVICE="ens4" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens5 # Generated by dracut initrd NAME="ens5" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br0" DEVICE="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens6 # Generated by dracut initrd NAME="ens6" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br1" DEVICE="ens6" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens7 # Generated by dracut initrd NAME="ens7" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br1" DEVICE="ens7" EOF ' \
+ || return 1
+
+ kill_server
+ return 0
+}
+
+test_setup() {
+ # Make server root
+ dd if=/dev/null of="$TESTDIR"/server.ext3 bs=1M seek=120
+ mke2fs -j -F -- "$TESTDIR"/server.ext3
+ mkdir -- "$TESTDIR"/mnt
+ mount -o loop -- "$TESTDIR"/server.ext3 "$TESTDIR"/mnt
+ kernel=$KVERSION
+ (
+ export initdir="$TESTDIR"/mnt
+ . "$basedir"/dracut-init.sh
+
+ (
+ cd "$initdir";
+ mkdir -p -- dev sys proc run etc var/run tmp var/lib/{dhcpd,rpcbind}
+ mkdir -p -- var/lib/nfs/{v4recovery,rpc_pipefs}
+ chmod 777 -- var/lib/rpcbind var/lib/nfs
+ )
+
+ for _f in modules.builtin.bin modules.builtin; do
+ [[ $srcmods/$_f ]] && break
+ done || {
+ dfatal "No modules.builtin.bin and modules.builtin found!"
+ return 1
+ }
+
+ for _f in modules.builtin.bin modules.builtin modules.order; do
+ [[ $srcmods/$_f ]] && inst_simple "$srcmods/$_f" "/lib/modules/$kernel/$_f"
+ done
+
+ inst_multiple sh ls shutdown poweroff stty cat ps ln ip \
+ dmesg mkdir cp ping exportfs \
+ modprobe rpc.nfsd rpc.mountd showmount tcpdump \
+ /etc/services sleep mount chmod
+ for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do
+ [ -f "${_terminfodir}"/l/linux ] && break
+ done
+ inst_multiple -o "${_terminfodir}"/l/linux
+ type -P portmap >/dev/null && inst_multiple portmap
+ type -P rpcbind >/dev/null && inst_multiple rpcbind
+ [ -f /etc/netconfig ] && inst_multiple /etc/netconfig
+ type -P dhcpd >/dev/null && inst_multiple dhcpd
+ [ -x /usr/sbin/dhcpd3 ] && inst /usr/sbin/dhcpd3 /usr/sbin/dhcpd
+ instmods nfsd sunrpc ipv6 lockd af_packet 8021q ipvlan macvlan
+ inst_simple /etc/os-release
+ inst ./server-init.sh /sbin/init
+ inst ./hosts /etc/hosts
+ inst ./exports /etc/exports
+ inst ./dhcpd.conf /etc/dhcpd.conf
+ inst_multiple /etc/nsswitch.conf /etc/rpc /etc/protocols
+
+ inst_multiple rpc.idmapd /etc/idmapd.conf
+
+ inst_libdir_file 'libnfsidmap_nsswitch.so*'
+ inst_libdir_file 'libnfsidmap/*.so*'
+ inst_libdir_file 'libnfsidmap*.so*'
+
+ _nsslibs=$(sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' /etc/nsswitch.conf \
+ | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|')
+ _nsslibs=${_nsslibs#|}
+ _nsslibs=${_nsslibs%|}
+
+ inst_libdir_file -n "$_nsslibs" 'libnss_*.so*'
+
+ inst /etc/nsswitch.conf /etc/nsswitch.conf
+ inst /etc/passwd /etc/passwd
+ inst /etc/group /etc/group
+
+ cp -a -- /etc/ld.so.conf* "$initdir"/etc
+ ldconfig -r "$initdir"
+ dracut_kernel_post
+ )
+
+ # Make client root inside server root
+ (
+ export initdir="$TESTDIR"/mnt/nfs/client
+ . "$basedir"/dracut-init.sh
+ inst_multiple sh shutdown poweroff stty cat ps ln ip \
+ mount dmesg mkdir cp ping grep ls sort
+ for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do
+ [[ -f ${_terminfodir}/l/linux ]] && break
+ done
+ inst_multiple -o "${_terminfodir}"/l/linux
+ inst_simple /etc/os-release
+ inst ./client-init.sh /sbin/init
+ (
+ cd "$initdir"
+ mkdir -p -- dev sys proc etc run
+ mkdir -p -- var/lib/nfs/rpc_pipefs
+ )
+ inst /etc/nsswitch.conf /etc/nsswitch.conf
+ inst /etc/passwd /etc/passwd
+ inst /etc/group /etc/group
+
+ inst_multiple rpc.idmapd /etc/idmapd.conf
+ inst_libdir_file 'libnfsidmap_nsswitch.so*'
+ inst_libdir_file 'libnfsidmap/*.so*'
+ inst_libdir_file 'libnfsidmap*.so*'
+
+ _nsslibs=$(sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' -- /etc/nsswitch.conf \
+ | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|')
+ _nsslibs=${_nsslibs#|}
+ _nsslibs=${_nsslibs%|}
+
+ inst_libdir_file -n "$_nsslibs" 'libnss_*.so*'
+
+ cp -a -- /etc/ld.so.conf* "$initdir"/etc
+ ldconfig -r "$initdir"
+ )
+
+ umount "$TESTDIR"/mnt
+ rm -fr -- "$TESTDIR"/mnt
+
+ # Make an overlay with needed tools for the test harness
+ (
+ export initdir="$TESTDIR"/overlay
+ . "$basedir"/dracut-init.sh
+ inst_multiple poweroff shutdown
+ inst_hook emergency 000 ./hard-off.sh
+ inst_simple ./99-idesymlinks.rules /etc/udev/rules.d/99-idesymlinks.rules
+ )
+
+ # Make server's dracut image
+ $basedir/dracut.sh -l -i "$TESTDIR"/overlay / \
+ --no-early-microcode \
+ -m "udev-rules base rootfs-block fs-lib debug kernel-modules watchdog" \
+ -d "ipvlan macvlan af_packet piix ide-gd_mod ata_piix ext3 sd_mod nfsv2 nfsv3 nfsv4 nfs_acl nfs_layout_nfsv41_files nfsd e1000 i6300esb ib700wdt" \
+ --no-hostonly-cmdline -N \
+ -f "$TESTDIR"/initramfs.server "$KVERSION" || return 1
+
+ # Make client's dracut image
+ $basedir/dracut.sh -l -i "$TESTDIR"/overlay / \
+ --no-early-microcode \
+ -o "plymouth" \
+ -a "debug" \
+ -d "ipvlan macvlan af_packet piix sd_mod sr_mod ata_piix ide-gd_mod e1000 nfsv2 nfsv3 nfsv4 nfs_acl nfs_layout_nfsv41_files sunrpc i6300esb ib700wdt" \
+ --no-hostonly-cmdline -N \
+ -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1
+}
+
+kill_server() {
+ if [[ -s "$TESTDIR"/server.pid ]]; then
+ kill -TERM -- $(cat "$TESTDIR"/server.pid)
+ rm -f -- "$TESTDIR"/server.pid
+ inst_multiple "${hwdb_bin}"
+ fi
+}
+
+test_cleanup() {
+ kill_server
+}
+
+. "$testdir"/test-functions
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index b2d75951..1996f44d 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -367,6 +367,7 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/91tpm2-tss
%{dracutlibdir}/modules.d/95debug
%{dracutlibdir}/modules.d/95fstab-sys
+%{dracutlibdir}/modules.d/95hwdb
%{dracutlibdir}/modules.d/95lunmask
%{dracutlibdir}/modules.d/95nvmf
%{dracutlibdir}/modules.d/95resume

View File

@ -1,53 +1,180 @@
From 3b89c398895abe5fc62e3c9240718310222925ef Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 10 Jun 2019 16:04:33 +0200
Subject: [PATCH] test/IFCFG: make sure the network-legacy plugin is being used
From 410d8fc37f1ce5fc5a6f66eda3d3280a6fa0023c Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Mon, 11 Jul 2022 12:52:58 +0200
Subject: [PATCH] fix(dracut.sh): correct wrong systemd variable paths
If the network-manager plugin is used instead, it wouldn't write out
ifcfg files and we wouldn't have anything to check.
systemdsystemconfdir usually expands to /etc/systemd/system, but the local
configuration of systemd-networkd, systemd-timesyncd, portablectl and systemd
users is saved into directories whose parent is /etc/systemd
(systemdutilconfdir).
While at that, also enable the test.
Also add missing exports.
(cherry picked from commit 2b1b3bcdcb0ddaa18337f18da515adb6284df0ab)
fix(network-legacy): correct wrong local network configuration path
fix(network-manager): correct wrong local network configuration path
refactor(systemd-networkd): use more precise global variables
refactor(systemd-timesyncd): use more precise global variables
refactor(network-legacy): use more precise global variables
refactor(network-manager): use more precise global variables
(Cherry-picked commits:
ae4c8744dc3dbceb142c6eb88fd69bc6aaf29e20
a60543bf9746022e4430d310892ee03bb837b6a2
cb39aec479bdabfa7b1af5168c14ca5683905a7d
5781b6e7ab8c2f176331c960c677de1fe8a39592
3866ebc601bff71996c7e0892392332577e2a9c7
7fa66e106af021dd24fca8e76893c422775a6b61
c8adc9f72fef906b5706fa6d0e788564a508f4ee)
Resolves: RHEL-9479
---
.travis.yml | 1 +
README.md | 1 +
test/TEST-60-IFCFG/test.sh | 2 +-
3 files changed, 3 insertions(+), 1 deletion(-)
dracut.sh | 14 ++++++++------
modules.d/01systemd-networkd/module-setup.sh | 14 +++++++-------
modules.d/01systemd-timesyncd/module-setup.sh | 4 ++--
modules.d/35network-legacy/module-setup.sh | 4 ++--
modules.d/35network-manager/module-setup.sh | 4 ++--
5 files changed, 21 insertions(+), 19 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index 364078cf..37002e9a 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -11,6 +11,7 @@ env:
- IMAGE=latest TESTS=50
- IMAGE=latest TESTS=30
- IMAGE=latest TESTS=31
+ - IMAGE=latest TESTS=60
- IMAGE=latest TESTS=70
- IMAGE=latest TESTS=99
- IMAGE=latest TESTS=02
diff --git a/README.md b/README.md
index 36ae7e1b..530f1c1b 100644
--- a/README.md
+++ b/README.md
@@ -27,4 +27,5 @@ dracut is an initramfs infrastructure.
- Test 31: [![Test 31](https://ci.centos.org/job/dracut-matrix-master/TESTS=31,label=dracut-ci-slave01/badge/icon)](https://ci.centos.org/job/dracut-matrix-master/TESTS=31,label=dracut-ci-slave01/)
- Test 40: [![Test 40](https://ci.centos.org/job/dracut-matrix-master/TESTS=40,label=dracut-ci-slave01/badge/icon)](https://ci.centos.org/job/dracut-matrix-master/TESTS=40,label=dracut-ci-slave01/)
- Test 50: [![Test 50](https://ci.centos.org/job/dracut-matrix-master/TESTS=50,label=dracut-ci-slave01/badge/icon)](https://ci.centos.org/job/dracut-matrix-master/TESTS=50,label=dracut-ci-slave01/)
+- Test 60: [![Test 60](https://ci.centos.org/job/dracut-matrix-master/TESTS=60,label=dracut-ci-slave01/badge/icon)](https://ci.centos.org/job/dracut-matrix-master/TESTS=60,label=dracut-ci-slave01/)
- Test 70: [![Test 70](https://ci.centos.org/job/dracut-matrix-master/TESTS=70,label=dracut-ci-slave01/badge/icon)](https://ci.centos.org/job/dracut-matrix-master/TESTS=70,label=dracut-ci-slave01/)
diff --git a/test/TEST-60-IFCFG/test.sh b/test/TEST-60-IFCFG/test.sh
index 8c11a7d3..8e8bd982 100755
--- a/test/TEST-60-IFCFG/test.sh
+++ b/test/TEST-60-IFCFG/test.sh
@@ -316,7 +316,7 @@ test_setup() {
$basedir/dracut.sh -l -i "$TESTDIR"/overlay / \
--no-early-microcode \
-o "plymouth" \
- -a "debug" \
+ -a "debug network-legacy" \
-d "ipvlan macvlan af_packet piix sd_mod sr_mod ata_piix ide-gd_mod e1000 nfsv2 nfsv3 nfsv4 nfs_acl nfs_layout_nfsv41_files sunrpc i6300esb ib700wdt" \
--no-hostonly-cmdline -N \
-f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1
diff --git a/dracut.sh b/dracut.sh
index 30dfb229..8c757b14 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1830,7 +1830,7 @@ fi
[[ -d $dracutsysrootdir$systemdnetworkconfdir ]] \
|| systemdnetworkconfdir=$(pkg-config systemd --variable=systemdnetworkconfdir 2> /dev/null)
-[[ -d $dracutsysrootdir$systemdnetworkconfdir ]] || systemdnetworkconfdir=${systemdsystemconfdir}/network
+[[ -d $dracutsysrootdir$systemdnetworkconfdir ]] || systemdnetworkconfdir=${systemdutilconfdir}/network
[[ -d $dracutsysrootdir$systemdntpunits ]] \
|| systemdntpunits=$(pkg-config systemd --variable=systemdntpunits 2> /dev/null)
@@ -1840,7 +1840,7 @@ fi
[[ -d $dracutsysrootdir$systemdntpunitsconfdir ]] \
|| systemdntpunitsconfdir=$(pkg-config systemd --variable=systemdntpunitsconfdir 2> /dev/null)
-[[ -d $dracutsysrootdir$systemdntpunitsconfdir ]] || systemdntpunitsconfdir=${systemdsystemconfdir}/ntp-units.d
+[[ -d $dracutsysrootdir$systemdntpunitsconfdir ]] || systemdntpunitsconfdir=${systemdutilconfdir}/ntp-units.d
[[ -d $dracutsysrootdir$systemdportable ]] \
|| systemdportable=$(pkg-config systemd --variable=systemdportable 2> /dev/null)
@@ -1850,7 +1850,7 @@ fi
[[ -d $dracutsysrootdir$systemdportableconfdir ]] \
|| systemdportableconfdir=$(pkg-config systemd --variable=systemdportableconfdir 2> /dev/null)
-[[ -d "$dracutsysrootdir$systemdportableconfdir" ]] || systemdportableconfdir=${systemdsystemconfdir}/portable
+[[ -d "$dracutsysrootdir$systemdportableconfdir" ]] || systemdportableconfdir=${systemdutilconfdir}/portable
[[ -d $dracutsysrootdir$systemdsystemunitdir ]] \
|| systemdsystemunitdir=$(pkg-config systemd --variable=systemdsystemunitdir 2> /dev/null)
@@ -1865,7 +1865,7 @@ fi
[[ -d $dracutsysrootdir$systemduserconfdir ]] \
|| systemduserconfdir=$(pkg-config systemd --variable=systemduserconfdir 2> /dev/null)
-[[ -d $dracutsysrootdir$systemduserconfdir ]] || systemduserconfdir=${systemdsystemconfdir}/user
+[[ -d $dracutsysrootdir$systemduserconfdir ]] || systemduserconfdir=${systemdutilconfdir}/user
[[ -d $dracutsysrootdir$systemdsystemconfdir ]] \
|| systemdsystemconfdir=$(pkg-config systemd --variable=systemdsystemconfdir 2> /dev/null)
@@ -1919,8 +1919,10 @@ export initdir dracutbasedir \
dbussessionconfdir dbussystem dbussystemconfdir dbussystemservices \
dbussystemservicesconfdir environment environmentconfdir modulesload \
modulesloadconfdir sysctld sysctlconfdir sysusers sysusersconfdir \
- systemdutildir systemdutilconfdir systemdcatalog systemdntpunits \
- systemdntpunitsconfdir systemdsystemunitdir systemdsystemconfdir \
+ systemdutildir systemdutilconfdir systemdcatalog systemdnetwork \
+ systemdnetworkconfdir systemdntpunits systemdntpunitsconfdir \
+ systemdportable systemdportableconfdir systemdsystemunitdir \
+ systemdsystemconfdir systemduser systemduserconfdir \
hostonly_cmdline loginstall tmpfilesdir tmpfilesconfdir depmodd \
depmodconfdir
diff --git a/modules.d/01systemd-networkd/module-setup.sh b/modules.d/01systemd-networkd/module-setup.sh
index c3f3c051..e6d113d8 100755
--- a/modules.d/01systemd-networkd/module-setup.sh
+++ b/modules.d/01systemd-networkd/module-setup.sh
@@ -39,12 +39,12 @@ install() {
"$systemdutildir"/systemd-networkd \
"$systemdutildir"/systemd-network-generator \
"$systemdutildir"/systemd-networkd-wait-online \
- "$systemdutildir"/network/80-container-host0.network \
- "$systemdutildir"/network/80-container-ve.network \
- "$systemdutildir"/network/80-container-vz.network \
- "$systemdutildir"/network/80-vm-vt.network \
- "$systemdutildir"/network/80-wifi-adhoc.network \
- "$systemdutildir"/network/99-default.link \
+ "$systemdnetwork"/80-container-host0.network \
+ "$systemdnetwork"/80-container-ve.network \
+ "$systemdnetwork"/80-container-vz.network \
+ "$systemdnetwork"/80-vm-vt.network \
+ "$systemdnetwork"/80-wifi-adhoc.network \
+ "$systemdnetwork"/99-default.link \
"$systemdsystemunitdir"/systemd-networkd.service \
"$systemdsystemunitdir"/systemd-networkd.socket \
"$systemdsystemunitdir"/systemd-network-generator.service \
@@ -67,7 +67,7 @@ install() {
inst_multiple -H -o \
"$systemdutilconfdir"/networkd.conf \
"$systemdutilconfdir/networkd.conf.d/*.conf" \
- "$systemdutilconfdir/network/*" \
+ "$systemdnetworkconfdir/*" \
"$systemdsystemconfdir"/systemd-networkd.service \
"$systemdsystemconfdir/systemd-networkd.service/*.conf" \
"$systemdsystemunitdir"/systemd-networkd.socket \
diff --git a/modules.d/01systemd-timesyncd/module-setup.sh b/modules.d/01systemd-timesyncd/module-setup.sh
index 015caecf..f6f35fee 100755
--- a/modules.d/01systemd-timesyncd/module-setup.sh
+++ b/modules.d/01systemd-timesyncd/module-setup.sh
@@ -35,7 +35,7 @@ install() {
inst_multiple -o \
"$dbussystem"/org.freedesktop.timesync1.conf \
"$dbussystemservices"/org.freedesktop.timesync1.service \
- "$systemdutildir/ntp-units.d/*.list" \
+ "$systemdntpunits/*.list" \
"$systemdutildir"/systemd-timesyncd \
"$systemdutildir"/systemd-time-wait-sync \
"$systemdutildir/timesyncd.conf.d/*.conf" \
@@ -55,7 +55,7 @@ install() {
# Install the hosts local user configurations if enabled.
if [[ $hostonly ]]; then
inst_multiple -H -o \
- "$systemdutilconfdir/ntp-units.d/*.list" \
+ "$systemdntpunitsconfdir/*.list" \
"$systemdutilconfdir"/timesyncd.conf \
"$systemdutilconfdir/timesyncd.conf.d/*.conf" \
"$systemdsystemconfdir"/systemd-timesyncd.service \
diff --git a/modules.d/35network-legacy/module-setup.sh b/modules.d/35network-legacy/module-setup.sh
index 84dcf7f5..e57fc6fa 100755
--- a/modules.d/35network-legacy/module-setup.sh
+++ b/modules.d/35network-legacy/module-setup.sh
@@ -24,8 +24,8 @@ install() {
#Adding default link
if dracut_module_included "systemd"; then
- inst_multiple -o "${systemdutildir}/network/99-default.link"
- [[ $hostonly ]] && inst_multiple -H -o "${systemdsystemconfdir}/network/*.link"
+ inst_multiple -o "${systemdnetwork}/99-default.link"
+ [[ $hostonly ]] && inst_multiple -H -o "${systemdnetworkconfdir}/*.link"
fi
inst_multiple ip dhclient sed awk grep pgrep tr expr
diff --git a/modules.d/35network-manager/module-setup.sh b/modules.d/35network-manager/module-setup.sh
index 04898a39..c93c6a3c 100755
--- a/modules.d/35network-manager/module-setup.sh
+++ b/modules.d/35network-manager/module-setup.sh
@@ -52,8 +52,8 @@ install() {
inst_simple "$moddir"/nm-wait-online-initrd.service "$systemdsystemunitdir"/nm-wait-online-initrd.service
# Adding default link
- inst_multiple -o "${systemdutildir}/network/99-default.link"
- [[ $hostonly ]] && inst_multiple -H -o "${systemdsystemconfdir}/network/*.link"
+ inst_multiple -o "${systemdnetwork}/99-default.link"
+ [[ $hostonly ]] && inst_multiple -H -o "${systemdnetworkconfdir}/*.link"
$SYSTEMCTL -q --root "$initdir" enable nm-initrd.service
fi

View File

@ -1,83 +1,31 @@
From 15ff303dde65e97ba224a9f2cc6275cbaafee52c Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 10 Jun 2019 16:05:23 +0200
Subject: [PATCH] test/BONDBRIDGETEAMVLAN: don't assert against ifcfg files
From 7bdb3fbdce70bea19dca3fec792b5266d7b9e48b Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 14 Nov 2023 14:55:44 +0100
Subject: [PATCH] fix(hwdb): follow shfmt-recommended format
The network-manager module writes keyfiles instead of ifcfg files. Just
check whether the configuration got actually applied correctly.
(cherry picked from commit 9dfd73bcbd899d8da4bc680fa8b3326c47b939bd)
Related: RHEL-9479
---
test/TEST-70-BONDBRIDGETEAMVLAN/client-init.sh | 6 +-----
test/TEST-70-BONDBRIDGETEAMVLAN/test.sh | 12 ++++++------
2 files changed, 7 insertions(+), 11 deletions(-)
modules.d/95hwdb/module-setup.sh | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/test/TEST-70-BONDBRIDGETEAMVLAN/client-init.sh b/test/TEST-70-BONDBRIDGETEAMVLAN/client-init.sh
index 8c33ff0f..083e0f59 100755
--- a/test/TEST-70-BONDBRIDGETEAMVLAN/client-init.sh
+++ b/test/TEST-70-BONDBRIDGETEAMVLAN/client-init.sh
@@ -10,11 +10,7 @@ echo "made it to the rootfs! Powering down."
diff --git a/modules.d/95hwdb/module-setup.sh b/modules.d/95hwdb/module-setup.sh
index 16365377..7e4b1af6 100755
--- a/modules.d/95hwdb/module-setup.sh
+++ b/modules.d/95hwdb/module-setup.sh
@@ -11,11 +11,12 @@ install() {
local hwdb_bin
(
echo OK
- ip -o -4 address show scope global | while read n if rest; do echo $if;done | sort
- for i in /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-*; do
- echo $i
- grep -v 'UUID=' $i
- done
+ ip -o -4 address show scope global |sed -n 's/^[^:]*: \([^ ]*\) *\(.*\) scope.*/\1 \2/p' |sort
echo EOF
) > /dev/sda
# systemd-hwdb ships the file in /etc, with /usr/lib as an alternative.
- # Therefore consider this location as preferred for configuration.
+ # The alternative location is preferred, as we can consider it being user
+ # configuration.
hwdb_bin="${udevdir}"/hwdb.bin
diff --git a/test/TEST-70-BONDBRIDGETEAMVLAN/test.sh b/test/TEST-70-BONDBRIDGETEAMVLAN/test.sh
index 5618baee..b6dd080c 100755
--- a/test/TEST-70-BONDBRIDGETEAMVLAN/test.sh
+++ b/test/TEST-70-BONDBRIDGETEAMVLAN/test.sh
@@ -112,8 +112,8 @@ client_test() {
done
} < "$TESTDIR"/client.img || return 1
- if [[ ! -r "${hwdb_bin}" ]]; then
- hwdb_bin="${udevconfdir}"/hwdb.bin
+ if [[ ! -r ${hwdb_bin} ]]; then
+ hwdb_bin="${udevconfdir}"/hwdb.bin
fi
- if [[ "$check" != "$CONF" ]]; then
- echo "Expected: '$check'"
+ if [[ ! "$CONF" =~ ^$check$ ]]; then
+ echo "Expected: /^$check\$/"
echo
echo
echo "Got: '$CONF'"
@@ -150,7 +150,7 @@ ip=192.168.57.104::192.168.57.1:24:test:ens5.0004:none
rd.neednet=1
root=nfs:192.168.50.1:/nfs/client bootdev=ens3
" \
- 'ens3 ens5.0004 ens5.3 vlan0001 vlan2 /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens3 # Generated by dracut initrd NAME="ens3" DEVICE="ens3" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp TYPE=Ethernet /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens5.0004 # Generated by dracut initrd NAME="ens5.0004" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.57.104" PREFIX="24" GATEWAY="192.168.57.1" TYPE=Vlan DEVICE="ens5.0004" VLAN=yes PHYSDEV="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens5.3 # Generated by dracut initrd NAME="ens5.3" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.56.103" PREFIX="24" GATEWAY="192.168.56.1" TYPE=Vlan DEVICE="ens5.3" VLAN=yes PHYSDEV="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-vlan0001 # Generated by dracut initrd NAME="vlan0001" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.54.101" PREFIX="24" GATEWAY="192.168.54.1" TYPE=Vlan DEVICE="vlan0001" VLAN=yes PHYSDEV="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-vlan2 # Generated by dracut initrd NAME="vlan2" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.55.102" PREFIX="24" GATEWAY="192.168.55.1" TYPE=Vlan DEVICE="vlan2" VLAN=yes PHYSDEV="ens5" EOF ' \
+ 'ens3 inet 192\.168\.50\.[0-9]*/24 brd 192\.168\.50\.255 ens5\.0004 inet 192\.168\.57\.104/24 brd 192\.168\.57\.255 ens5\.3 inet 192\.168\.56\.103/24 brd 192\.168\.56\.255 vlan0001 inet 192\.168\.54\.101/24 brd 192\.168\.54\.255 vlan2 inet 192\.168\.55\.102/24 brd 192\.168\.55\.255 EOF ' \
|| return 1
client_test "Multiple Bonds" \
@@ -163,7 +163,7 @@ ip=bond1:dhcp
rd.neednet=1
root=nfs:192.168.50.1:/nfs/client bootdev=bond0
" \
- 'bond0 bond1 /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-bond0 # Generated by dracut initrd NAME="bond0" DEVICE="bond0" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp BONDING_OPTS="" NAME="bond0" TYPE=Bond /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-bond1 # Generated by dracut initrd NAME="bond1" DEVICE="bond1" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp BONDING_OPTS="" NAME="bond1" TYPE=Bond /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens4 # Generated by dracut initrd NAME="ens4" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond0" DEVICE="ens4" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens5 # Generated by dracut initrd NAME="ens5" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond0" DEVICE="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens6 # Generated by dracut initrd NAME="ens6" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond1" DEVICE="ens6" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens7 # Generated by dracut initrd NAME="ens7" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond1" DEVICE="ens7" EOF ' \
+ 'bond0 inet 192\.168\.50\.[0-9]*/24 brd 192\.168\.50\.255 bond1 inet 192\.168\.51\.[0-9]*/24 brd 192\.168\.51\.255 EOF ' \
|| return 1
client_test "Multiple Bridges" \
@@ -176,7 +176,7 @@ ip=br1:dhcp
rd.neednet=1
root=nfs:192.168.50.1:/nfs/client bootdev=br0
" \
- 'br0 br1 /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-br0 # Generated by dracut initrd NAME="br0" DEVICE="br0" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp TYPE=Bridge NAME="br0" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-br1 # Generated by dracut initrd NAME="br1" DEVICE="br1" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp TYPE=Bridge NAME="br1" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens4 # Generated by dracut initrd NAME="ens4" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br0" DEVICE="ens4" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens5 # Generated by dracut initrd NAME="ens5" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br0" DEVICE="ens5" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens6 # Generated by dracut initrd NAME="ens6" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br1" DEVICE="ens6" /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-ens7 # Generated by dracut initrd NAME="ens7" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br1" DEVICE="ens7" EOF ' \
+ 'br0 inet 192\.168\.50\.[0-9]*/24 brd 192\.168\.50\.255 br1 inet 192\.168\.51\.[0-9]*/24 brd 192\.168\.51\.255 EOF ' \
|| return 1
kill_server
@@ -260,7 +260,7 @@ test_setup() {
export initdir="$TESTDIR"/mnt/nfs/client
. "$basedir"/dracut-init.sh
inst_multiple sh shutdown poweroff stty cat ps ln ip \
- mount dmesg mkdir cp ping grep ls sort
+ mount dmesg mkdir cp ping grep ls sort sed
for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do
[[ -f ${_terminfodir}/l/linux ]] && break
done
if [[ $hostonly ]]; then

View File

@ -1,37 +1,55 @@
From 96976e84e2c8544ab32026f05da8a35b9c48b2e5 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 10 Jun 2019 16:05:49 +0200
Subject: [PATCH] test/MULTINIC: correctly note activated devices when using
network-manager
From edd1efe46a6c211034f06ad1e20c027a5e1102db Mon Sep 17 00:00:00 2001
From: Tomas Bzatek <tbzatek@redhat.com>
Date: Thu, 21 Sep 2023 14:31:07 +0200
Subject: [PATCH] fix(nvmf): move /etc/nvme/host{nqn,id} requirement to
hostonly
The .did-setup files are not there. What is there is the NetworkManager
connection files.
When creating initramfs for universal boot image such as an installer,
we can't include any machine-specific IDs. Let's move the check
for /etc/nvme/hostnqn and /etc/nvme/hostid files presence to
the hostonly section to avoid unsatisfied requirements.
(cherry picked from commit 393fb1ac05ec3386a07d885e99985a647634803e)
Signed-off-by: Tomas Bzatek <tbzatek@redhat.com>
(Cherry-picked commit: 1cf10397b5f002790a096e5bdce733436fffbd2d
PR: https://github.com/dracutdevs/dracut/pull/2523)
Resolves: RHEL-3630
---
test/TEST-50-MULTINIC/client-init.sh | 10 ++++++++++
1 file changed, 10 insertions(+)
modules.d/95nvmf/module-setup.sh | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index 1dd2ca53..0b90d8be 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -3,8 +3,6 @@
# called by dracut
check() {
require_binaries nvme jq || return 1
- [ -f /etc/nvme/hostnqn ] || return 255
- [ -f /etc/nvme/hostid ] || return 255
is_nvmf() {
local _dev=$1
@@ -36,6 +34,8 @@ check() {
}
[[ $hostonly ]] || [[ $mount_needs ]] && {
+ [ -f /etc/nvme/hostnqn ] || return 255
+ [ -f /etc/nvme/hostid ] || return 255
pushd . > /dev/null
for_each_host_dev_and_slaves is_nvmf
local _is_nvmf=$?
@@ -130,8 +130,8 @@ install() {
_nvmf_args=$(cmdline)
[[ "$_nvmf_args" ]] && printf "%s" "$_nvmf_args" >> "${initdir}/etc/cmdline.d/95nvmf-args.conf"
fi
- inst_simple "/etc/nvme/hostnqn"
- inst_simple "/etc/nvme/hostid"
+ inst_simple -H "/etc/nvme/hostnqn"
+ inst_simple -H "/etc/nvme/hostid"
inst_multiple ip sed
diff --git a/test/TEST-50-MULTINIC/client-init.sh b/test/TEST-50-MULTINIC/client-init.sh
index 529379f0..7099dcf3 100755
--- a/test/TEST-50-MULTINIC/client-init.sh
+++ b/test/TEST-50-MULTINIC/client-init.sh
@@ -105,7 +105,17 @@ export TERM=linux
export PS1='initramfs-test:\w\$ '
stty sane
echo "made it to the rootfs! Powering down."
+for i in /sys/class/net/*/
+do
+ # booting with network-manager module
+ state=/run/NetworkManager/devices/$(cat $i/ifindex)
+ grep -q connection-uuid= $state 2>/dev/null || continue
+ i=${i##*/}
+ ip link show $i |grep -q master && continue
+ IFACES+="$i "
+done
for i in /run/initramfs/net.*.did-setup; do
+ # booting with network-legacy module
[ -f "$i" ] || continue
strglobin "$i" ":*:*:*:*:" && continue
i=${i%.did-setup}

View File

@ -1,115 +1,177 @@
From 08961eef2ad09e4ce38ee034baf4e8c2b3934cd1 Mon Sep 17 00:00:00 2001
From: Benjamin Marzinski <bmarzins@redhat.com>
Date: Tue, 3 Sep 2019 10:44:36 -0500
Subject: [PATCH] modules.d: fix udev rules detection of multipath devices
From 28cadd4829118d2831908dd267766613fd74f0b1 Mon Sep 17 00:00:00 2001
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Date: Wed, 12 Jul 2023 03:50:47 -0400
Subject: [PATCH] feat(dracut): add --sbat option to add sbat policy to UKI
Starting with the 0.7.7 release of the multipath tools, the multipath
udev rules always set a value in ENV{DM_MULTIPATH_DEVICE_PATH} for any
device that multipath scans. A value of 0 means that the device is not
claimed by multipath, and a value of 1 means that it is. Because of
this, udev rules that check ENV{DM_MULTIPATH_DEVICE_PATH}=="?*" will
always return True, and act as if every scanned device is claimed by
multipath. Checking ENV{DM_MULTIPATH_DEVICE_PATH}=="1" will work
correctly for both the old and new versions of the multipath tools.
Take existing .sbat section from the uefi stub and merge it
with vmlinux .sbat (if it exists) and user-provided .sbat parameters
using the new --sbat option.
For some reasons, --update-section in objcopy does not resize the
.sbat section, so remove the section from the stub and add it
to the UKI as new one, to avoid having incomplete SBAT strings.
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
(Cherry-picked commit: 550a0084fd95870f35218dc2cf8ea91fde1c728a)
Resolves: RHEL-5732
---
modules.d/90dm/59-persistent-storage-dm.rules | 2 +-
modules.d/90dmraid/61-dmraid-imsm.rules | 2 +-
modules.d/90lvm/64-lvm.rules | 2 +-
modules.d/90mdraid/59-persistent-storage-md.rules | 2 +-
modules.d/90mdraid/65-md-incremental-imsm.rules | 2 +-
modules.d/95udev-rules/59-persistent-storage.rules | 2 +-
modules.d/95udev-rules/61-persistent-storage.rules | 2 +-
7 files changed, 7 insertions(+), 7 deletions(-)
dracut.sh | 46 +++++++++++++++++++++++++++++++++++++++++++-
man/dracut.8.asc | 5 +++++
man/dracut.conf.5.asc | 5 +++++
shell-completion/bash/dracut | 2 +-
4 files changed, 56 insertions(+), 2 deletions(-)
diff --git a/modules.d/90dm/59-persistent-storage-dm.rules b/modules.d/90dm/59-persistent-storage-dm.rules
index 73b09376..2be11227 100644
--- a/modules.d/90dm/59-persistent-storage-dm.rules
+++ b/modules.d/90dm/59-persistent-storage-dm.rules
@@ -1,7 +1,7 @@
SUBSYSTEM!="block", GOTO="dm_end"
ACTION!="add|change", GOTO="dm_end"
# Also don't process disks that are slated to be a multipath device
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="dm_end"
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="dm_end"
diff --git a/dracut.sh b/dracut.sh
index 8c757b14..0bac6a33 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -271,6 +271,10 @@ Creates initial ramdisk images for preloading modules
Use [FILE] as a splash image when creating an UEFI
executable. Requires bitmap (.bmp) image format.
--kernel-image [FILE] Location of the kernel image.
+ --sbat [PARAMETERS] The SBAT parameters to be added to .sbat.
+ The string "sbat,1,SBAT Version,sbat,1,
+ https://github.com/rhboot/shim/blob/main/SBAT.md" is
+ already added by default.
--regenerate-all Regenerate all initramfs images at the default location
for the kernel versions found on the system.
-p, --parallel Use parallel processing if possible (currently only
@@ -462,6 +466,7 @@ rearrange_params() {
--long uefi-stub: \
--long uefi-splash-image: \
--long kernel-image: \
+ --long sbat: \
--long no-hostonly-i18n \
--long hostonly-i18n \
--long hostonly-nics: \
@@ -839,6 +844,11 @@ while :; do
PARMS_TO_STORE+=" '$2'"
shift
;;
+ --sbat)
+ sbat_l="$2"
+ PARMS_TO_STORE+=" '$2'"
+ shift
+ ;;
--no-machineid)
machine_id_l="no"
;;
@@ -1076,6 +1086,7 @@ stdloglvl=$((stdloglvl + verbosity_mod_l))
[[ $uefi_stub_l ]] && uefi_stub="$uefi_stub_l"
[[ $uefi_splash_image_l ]] && uefi_splash_image="$uefi_splash_image_l"
[[ $kernel_image_l ]] && kernel_image="$kernel_image_l"
+[[ $sbat_l ]] && sbat="$sbat_l"
[[ $machine_id_l ]] && machine_id="$machine_id_l"
KERNEL!="dm-[0-9]*", GOTO="dm_end"
ACTION=="add", GOTO="dm_end"
diff --git a/modules.d/90dmraid/61-dmraid-imsm.rules b/modules.d/90dmraid/61-dmraid-imsm.rules
index 72267d3c..8a6b215e 100644
--- a/modules.d/90dmraid/61-dmraid-imsm.rules
+++ b/modules.d/90dmraid/61-dmraid-imsm.rules
@@ -5,7 +5,7 @@
SUBSYSTEM!="block", GOTO="dm_end"
ACTION!="add|change", GOTO="dm_end"
# Also don't process disks that are slated to be a multipath device
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="dm_end"
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="dm_end"
if ! [[ $outfile ]]; then
@@ -2585,6 +2596,24 @@ fi
ENV{ID_FS_TYPE}=="linux_raid_member", GOTO="dm_end"
umask 077
diff --git a/modules.d/90lvm/64-lvm.rules b/modules.d/90lvm/64-lvm.rules
index 3ce0c1f6..65f65249 100644
--- a/modules.d/90lvm/64-lvm.rules
+++ b/modules.d/90lvm/64-lvm.rules
@@ -7,7 +7,7 @@
SUBSYSTEM!="block", GOTO="lvm_end"
ACTION!="add|change", GOTO="lvm_end"
# Also don't process disks that are slated to be a multipath device
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="lvm_end"
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="lvm_end"
KERNEL=="dm-[0-9]*", ACTION=="add", GOTO="lvm_end"
ENV{ID_FS_TYPE}!="LVM?_member", GOTO="lvm_end"
+SBAT_DEFAULT="sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md"
+sbat_out=$uefi_outdir/uki.sbat
+
+clean_sbat_string() {
+ local inp=$1
+ local temp=$uefi_outdir/temp.sbat
+ sed "/${SBAT_DEFAULT//\//\\/}/d" "$inp" > "$temp"
+ [[ -s $temp ]] && cat "$temp" >> "$sbat_out"
+ rm "$temp"
+}
+
+get_sbat_string() {
+ local inp=$1
+ local out=$uefi_outdir/$2
+ objcopy -O binary --only-section=.sbat "$inp" "$out"
+ clean_sbat_string "$out"
+}
+
if [[ $uefi == yes ]]; then
if [[ $kernel_cmdline ]]; then
echo -n "$kernel_cmdline" > "$uefi_outdir/cmdline.txt"
@@ -2635,6 +2664,16 @@ if [[ $uefi == yes ]]; then
unset uefi_splash_image
fi
diff --git a/modules.d/90mdraid/59-persistent-storage-md.rules b/modules.d/90mdraid/59-persistent-storage-md.rules
index 6ef858aa..96b10108 100644
--- a/modules.d/90mdraid/59-persistent-storage-md.rules
+++ b/modules.d/90mdraid/59-persistent-storage-md.rules
@@ -1,7 +1,7 @@
SUBSYSTEM!="block", GOTO="md_end"
ACTION!="add|change", GOTO="md_end"
# Also don't process disks that are slated to be a multipath device
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="md_end"
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="md_end"
+ echo "$SBAT_DEFAULT" > "$sbat_out"
+ if [[ -n $sbat ]]; then
+ echo "$sbat" | sed "/${SBAT_DEFAULT//\//\\/}/d" >> "$sbat_out"
+ fi
+ get_sbat_string "$kernel_image" kernel.sbat
+ get_sbat_string "$uefi_stub" stub.sbat
+
+ uefi_sbat_offs="${offs}"
+ offs=$((offs + $(stat -Lc%s "$sbat_out")))
+ offs=$((offs + "$align" - offs % "$align"))
uefi_linux_offs="${offs}"
offs=$((offs + $(stat -Lc%s "$kernel_image")))
offs=$((offs + "$align" - offs % "$align"))
@@ -2646,14 +2685,19 @@ if [[ $uefi == yes ]]; then
exit 1
fi
KERNEL!="md[0-9]*|md_d[0-9]*|md/*", KERNEL!="md*", GOTO="md_end"
+ tmp_uefi_stub=$uefi_outdir/elf.stub
+ cp "$uefi_stub" "$tmp_uefi_stub"
+ objcopy --remove-section .sbat "$tmp_uefi_stub" &> /dev/null
+
if objcopy \
${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=$(printf 0x%x "$uefi_osrelease_offs")} \
${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=$(printf 0x%x "$uefi_cmdline_offs")} \
${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=$(printf 0x%x "$uefi_splash_offs")} \
+ --add-section .sbat="$sbat_out" --change-section-vma .sbat="$(printf 0x%x "$uefi_sbat_offs")" \
--add-section .linux="$kernel_image" --change-section-vma .linux="$(printf 0x%x "$uefi_linux_offs")" \
--add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="$(printf 0x%x "$uefi_initrd_offs")" \
--image-base="$(printf 0x%x "$base_image")" \
- "$uefi_stub" "${uefi_outdir}/linux.efi"; then
+ "$tmp_uefi_stub" "${uefi_outdir}/linux.efi"; then
if [[ -n ${uefi_secureboot_key} && -n ${uefi_secureboot_cert} ]]; then
if sbsign \
--key "${uefi_secureboot_key}" \
diff --git a/man/dracut.8.asc b/man/dracut.8.asc
index bfb86f5d..8339e8a9 100644
--- a/man/dracut.8.asc
+++ b/man/dracut.8.asc
@@ -600,6 +600,11 @@ and no /etc/cmdline/*.conf will be generated into the initramfs.
default is _/lib/modules/<KERNEL-VERSION>/vmlinuz_ or
_/boot/vmlinuz-<KERNEL-VERSION>_.
diff --git a/modules.d/90mdraid/65-md-incremental-imsm.rules b/modules.d/90mdraid/65-md-incremental-imsm.rules
index d66dd012..52f5b195 100644
--- a/modules.d/90mdraid/65-md-incremental-imsm.rules
+++ b/modules.d/90mdraid/65-md-incremental-imsm.rules
@@ -9,7 +9,7 @@ KERNEL=="md*", ENV{ID_FS_TYPE}!="linux_raid_member", GOTO="md_end"
KERNEL=="md*", ACTION!="change", GOTO="md_end"
+**--sbat <parameters>**::
+ Specifies the SBAT parameters, which to include in the UEFI executable. By default
+ the default SBAT string added is "sbat,1,SBAT Version,sbat,1,
+ https://github.com/rhboot/shim/blob/main/SBAT.md".
+
**--enhanced-cpio**::
Attempt to use the dracut-cpio binary, which optimizes archive creation for
copy-on-write filesystems by using the copy_file_range(2) syscall via Rust's
diff --git a/man/dracut.conf.5.asc b/man/dracut.conf.5.asc
index 96c80129..132ca8e3 100644
--- a/man/dracut.conf.5.asc
+++ b/man/dracut.conf.5.asc
@@ -299,6 +299,11 @@ Logging levels:
default is _/lib/modules/<KERNEL-VERSION>/vmlinuz_ or
_/boot/vmlinuz-<KERNEL-VERSION>_.
# Also don't process disks that are slated to be a multipath device
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="md_end"
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="md_end"
+*sbat=*"__parameters__"::
+ Specifies the SBAT parameters, which to include in the UEFI executable. By default
+ the default SBAT string added is "sbat,1,SBAT Version,sbat,1,
+ https://github.com/rhboot/shim/blob/main/SBAT.md".
+
*enhanced_cpio=*"__{yes|no}__"::
Attempt to use the dracut-cpio binary, which optimizes archive creation for
copy-on-write filesystems (default=no).
diff --git a/shell-completion/bash/dracut b/shell-completion/bash/dracut
index 86de2071..9b51db01 100644
--- a/shell-completion/bash/dracut
+++ b/shell-completion/bash/dracut
@@ -46,7 +46,7 @@ _dracut() {
--kernel-cmdline --sshkey --persistent-policy --install-optional
--loginstall --uefi-stub --kernel-image --squash-compressor
--sysroot --hostonly-mode --hostonly-nics --include --logfile
- --uefi-splash-image
+ --uefi-splash-image --sbat
'
)
ENV{ID_FS_TYPE}=="ddf_raid_member|isw_raid_member|linux_raid_member", GOTO="md_try"
GOTO="md_end"
diff --git a/modules.d/95udev-rules/59-persistent-storage.rules b/modules.d/95udev-rules/59-persistent-storage.rules
index 47ff6edd..8d8650f7 100644
--- a/modules.d/95udev-rules/59-persistent-storage.rules
+++ b/modules.d/95udev-rules/59-persistent-storage.rules
@@ -1,7 +1,7 @@
SUBSYSTEM!="block", GOTO="ps_end"
ACTION!="add|change", GOTO="ps_end"
# Also don't process disks that are slated to be a multipath device
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="ps_end"
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="ps_end"
KERNEL=="cciss[0-9]*", IMPORT BLKID
KERNEL=="nbd[0-9]*", IMPORT BLKID
diff --git a/modules.d/95udev-rules/61-persistent-storage.rules b/modules.d/95udev-rules/61-persistent-storage.rules
index 37148b07..895ecebd 100644
--- a/modules.d/95udev-rules/61-persistent-storage.rules
+++ b/modules.d/95udev-rules/61-persistent-storage.rules
@@ -1,7 +1,7 @@
SUBSYSTEM!="block", GOTO="pss_end"
ACTION!="add|change", GOTO="pss_end"
# Also don't process disks that are slated to be a multipath device
-ENV{DM_MULTIPATH_DEVICE_PATH}=="?*", GOTO="pss_end"
+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="pss_end"
ACTION=="change", KERNEL=="dm-[0-9]*", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}!="1", GOTO="do_pss"
KERNEL=="cciss[0-9]*", GOTO="do_pss"

View File

@ -1,43 +1,28 @@
From b59ae228851713f645751742136e34b854b0712a Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Thu, 10 Nov 2016 13:57:26 +0100
Subject: [PATCH] test/test-rpms.txt: add list of rpms to install
From 50df5d09d5f27889ebed61011b35ce3eef687288 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Thu, 1 Sep 2022 11:47:09 +0200
Subject: [PATCH] feat(systemd): install systemd-sysroot-fstab-check
(cherry picked from commit f432d367fc4fa7558761cb9bb4229e6c027bfa31)
systemd-sysroot-fstab-check is a symlink to systemd-fstab-generator added in
systemd commit https://github.com/systemd/systemd/commit/cd7ad0cb
(cherry picked from commit 23684e4a2bb024595ad63d9f49d83b4693537110)
Resolves: RHEL-12409
---
test/test-rpms.txt | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
modules.d/00systemd/module-setup.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/test/test-rpms.txt b/test/test-rpms.txt
new file mode 100644
index 00000000..1723d8e9
--- /dev/null
+++ b/test/test-rpms.txt
@@ -0,0 +1,26 @@
+dash
+bridge-utils
+asciidoc
+mdadm
+lvm2
+dmraid
+cryptsetup
+nfs-utils
+nbd
+dhcp-server
+scsi-target-utils
+iscsi-initiator-utils
+net-tools
+strace
+syslinux
+python-imgcreate
+genisoimage
+btrfs-progs
+bridge-utils
+kmod-devel
+gcc
+bzip2
+xz
+tar
+wget
+rpm-build
diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index 433e4758..2a4fe4ba 100755
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -43,6 +43,7 @@ install() {
"$systemdutildir"/systemd-modules-load \
"$systemdutildir"/systemd-vconsole-setup \
"$systemdutildir"/systemd-volatile-root \
+ "$systemdutildir"/systemd-sysroot-fstab-check \
"$systemdutildir"/system-generators/systemd-debug-generator \
"$systemdutildir"/system-generators/systemd-fstab-generator \
"$systemdutildir"/system-generators/systemd-gpt-auto-generator \

View File

@ -1,23 +1,41 @@
From 4ef5cdc120bdbb348345c964a19affbb3ca1fa32 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Fri, 11 Nov 2016 11:40:58 +0100
Subject: [PATCH] test/test-rpms.txt: add gzip
From 4c75e51c585eebd9bc175920aa8c8b4afe808144 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Wed, 20 Sep 2023 14:56:41 +0200
Subject: [PATCH] fix(dracut.spec): add jq dependency to network subpackage
(cherry picked from commit 7b4173d698be5163da1e5b5b52bafd2facba4db5)
and also move nvmf module to network subpackage.
Resolves: RHEL-15012
---
test/test-rpms.txt | 1 +
1 file changed, 1 insertion(+)
pkgbuild/dracut.spec | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/test/test-rpms.txt b/test/test-rpms.txt
index 1723d8e9..10596da7 100644
--- a/test/test-rpms.txt
+++ b/test/test-rpms.txt
@@ -19,6 +19,7 @@ btrfs-progs
bridge-utils
kmod-devel
gcc
+gzip
bzip2
xz
tar
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index 1996f44d..bd850986 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -111,6 +111,7 @@ Requires: %{name} = %{version}-%{release}
%endif
Requires: iputils
Requires: iproute
+Requires: jq
Requires: (NetworkManager >= 1.20 or dhclient)
Suggests: NetworkManager
Obsoletes: dracut-generic < 008
@@ -369,7 +370,6 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/95fstab-sys
%{dracutlibdir}/modules.d/95hwdb
%{dracutlibdir}/modules.d/95lunmask
-%{dracutlibdir}/modules.d/95nvmf
%{dracutlibdir}/modules.d/95resume
%{dracutlibdir}/modules.d/95rootfs-block
%{dracutlibdir}/modules.d/95terminfo
@@ -441,6 +441,7 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/95iscsi
%{dracutlibdir}/modules.d/95nbd
%{dracutlibdir}/modules.d/95nfs
+%{dracutlibdir}/modules.d/95nvmf
%{dracutlibdir}/modules.d/95ssh-client
%ifarch s390 s390x
%{dracutlibdir}/modules.d/95znet

View File

@ -1,23 +1,56 @@
From fe44aa1b14f427245bdfb2026f2211a19b52f5e3 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Fri, 11 Nov 2016 12:34:00 +0100
Subject: [PATCH] test-rpms.txt: add dhcp
From 8e933e8c8208ce16a79661379420e450b7f4a778 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Wed, 7 Jun 2023 22:12:45 +0200
Subject: [PATCH] fix(fcoe-uefi): exit early on empty vlan
(cherry picked from commit a081e072d894c91fcf037e267cb6793c4b0356c4)
Exit early in case get_fcoe_boot_vlan exits with error or just an empty string,
instead of producing invalid config entry.
(Cherry-picked commit: 45fc8df1cf3fdf9726efda4d26c7cccb9e6aedd2
PR: https://github.com/dracutdevs/dracut/pull/2379)
Resolves: RHEL-14251
---
test/test-rpms.txt | 1 +
1 file changed, 1 insertion(+)
diff --git a/test/test-rpms.txt b/test/test-rpms.txt
index 10596da7..95376bd2 100644
--- a/test/test-rpms.txt
+++ b/test/test-rpms.txt
@@ -8,6 +8,7 @@ cryptsetup
nfs-utils
nbd
dhcp-server
+dhcp
scsi-target-utils
iscsi-initiator-utils
net-tools
modules.d/95fcoe-uefi/parse-uefifcoe.sh | 29 ++++++++++++++++-------------
1 file changed, 16 insertions(+), 13 deletions(-)
diff --git a/modules.d/95fcoe-uefi/parse-uefifcoe.sh b/modules.d/95fcoe-uefi/parse-uefifcoe.sh
index e120dec3..b341c963 100755
--- a/modules.d/95fcoe-uefi/parse-uefifcoe.sh
+++ b/modules.d/95fcoe-uefi/parse-uefifcoe.sh
@@ -9,19 +9,22 @@ print_fcoe_uefi_conf() {
mac=$(get_fcoe_boot_mac "$1")
[ -z "$mac" ] && return 1
dev=$(set_ifname fcoe "$mac")
- vlan=$(get_fcoe_boot_vlan "$1")
- if [ "$vlan" -ne "0" ]; then
- case "$vlan" in
- [0-9]*)
- printf "%s\n" "vlan=$dev.$vlan:$dev"
- dev="$dev.$vlan"
- ;;
- *)
- printf "%s\n" "vlan=$vlan:$dev"
- dev="$vlan"
- ;;
- esac
- fi
+ vlan=$(get_fcoe_boot_vlan "$1") || return 1
+ case "$vlan" in
+ "0") ;;
+
+ '')
+ return 1
+ ;;
+ [0-9]*)
+ printf "%s\n" "vlan=$dev.$vlan:$dev"
+ dev="$dev.$vlan"
+ ;;
+ *)
+ printf "%s\n" "vlan=$vlan:$dev"
+ dev="$vlan"
+ ;;
+ esac
# fcoe=eth0:nodcb
printf "fcoe=%s\n" "$dev:nodcb"
return 0

View File

@ -1,19 +1,49 @@
From 81babdedec8c6f7b23bbf0e3418126c4f9e5e15f Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 10 Sep 2019 16:46:55 +0200
Subject: [PATCH] test-rpms.txt: add util-linux into the dependency list
From 4a93a6e1dab779b05f3f68c6d803a6f24dc44a02 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Mon, 14 Aug 2023 12:28:11 +0200
Subject: [PATCH] fix(dracut.sh): remove microcode check based on
CONFIG_MICROCODE_[AMD|INTEL]
`CONFIG_MICROCODE_AMD` and `CONFIG_MICROCODE_INTEL` are hidden since
https://lore.kernel.org/all/20230810160805.081212701@linutronix.de/, therefore
this check is wrong and early microcode is always disabled.
(Cherry-picked commit: 61b9cd16e049434597e398be61a47e0112382c5b)
Resolves: RHEL-17902
---
test/test-rpms.txt | 1 +
1 file changed, 1 insertion(+)
dracut.sh | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/test/test-rpms.txt b/test/test-rpms.txt
index 95376bd2..02577c8a 100644
--- a/test/test-rpms.txt
+++ b/test/test-rpms.txt
@@ -26,3 +26,4 @@ xz
tar
wget
rpm-build
+util-linux
diff --git a/dracut.sh b/dracut.sh
index 0bac6a33..778eefd7 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1489,23 +1489,20 @@ fi
if [[ $early_microcode == yes ]]; then
if [[ $hostonly ]]; then
- if [[ $(get_cpu_vendor) == "AMD" ]]; then
- check_kernel_config CONFIG_MICROCODE_AMD || unset early_microcode
- elif [[ $(get_cpu_vendor) == "Intel" ]]; then
- check_kernel_config CONFIG_MICROCODE_INTEL || unset early_microcode
+ if [[ $(get_cpu_vendor) == "AMD" || $(get_cpu_vendor) == "Intel" ]]; then
+ check_kernel_config CONFIG_MICROCODE || unset early_microcode
else
unset early_microcode
fi
else
- ! check_kernel_config CONFIG_MICROCODE_AMD \
- && ! check_kernel_config CONFIG_MICROCODE_INTEL \
+ ! check_kernel_config CONFIG_MICROCODE \
&& unset early_microcode
fi
# Do not complain on non-x86 architectures as it makes no sense
case $(uname -m) in
x86_64 | i?86)
[[ $early_microcode != yes ]] \
- && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y"
+ && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE!=y"
;;
*) ;;
esac

View File

@ -1,33 +1,77 @@
From 7843bc52777683f6a4ef953d8dde7171ff3b911c Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Wed, 24 Jul 2019 16:45:19 +0200
Subject: [PATCH] [RHEL] network: default to network-legacy even in presence of
nm-initrd-generator
From 4c46806a793d66a188c4e9b40e74f6c371ac5b8a Mon Sep 17 00:00:00 2001
From: runsisi <runsisi@hust.edu.cn>
Date: Sat, 6 Aug 2022 10:15:48 +0800
Subject: [PATCH] fix(dracut-install): use stripped kernel module path as hash
key
In RHEL 8.2, NetworkManager will ship with the nm-initrd-generator, but
before the install bits fall into place we want to default to network-legacy.
in install_dependent_modules we use &path[kerneldirlen] as the key for inserting,
let's do the same for checking.
This unblocks the enablement of the NetworkManager bits and is intended
to be reverted later on.
otherwise installing kernel module has circular dependency from a custom kernel
module directory will cause infinite recursion and segfault.
$ grep ipmi kbuilt/lib/modules/5.10.121/modules.dep
kernel/drivers/char/ipmi/ipmi_msghandler.ko:
kernel/drivers/char/ipmi/ipmi_devintf.ko: kernel/drivers/char/ipmi/ipmi_msghandler.ko
$ grep ipmi kbuilt/lib/modules/5.10.121/modules.softdep
softdep ipmi_msghandler post: ipmi_devintf
$ ./dracut-install -D /tmp --kerneldir ~/working/kernel/linux-5.10.121/kbuilt/lib/modules/5.10.121 -m ipmi-devintf
Segmentation fault (core dumped)
(gdb) b install_dependent_modules
Breakpoint 1 at 0x7db0: file src/install/dracut-install.c, line 1513.
(gdb) bt
#0 install_dependent_modules (modlist=0x0) at src/install/dracut-install.c:1513
#1 0x000055555555c027 in install_dependent_modules (modlist=modlist@entry=0x555555579e90) at src/install/dracut-install.c:1553
#2 0x000055555555bf1c in install_dependent_modules (modlist=0x5555555799d0) at src/install/dracut-install.c:1548
#3 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557a3f0) at src/install/dracut-install.c:1554
#4 0x000055555555bf1c in install_dependent_modules (modlist=0x555555579d60) at src/install/dracut-install.c:1548
#5 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557b170) at src/install/dracut-install.c:1554
#6 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557a0f0) at src/install/dracut-install.c:1548
#7 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x555555575320) at src/install/dracut-install.c:1554
#8 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557ab30) at src/install/dracut-install.c:1548
#9 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557dd60) at src/install/dracut-install.c:1554
#10 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557b640) at src/install/dracut-install.c:1548
#11 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557e0f0) at src/install/dracut-install.c:1554
#12 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557b9d0) at src/install/dracut-install.c:1548
#13 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x555555574340) at src/install/dracut-install.c:1554
#14 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557cf70) at src/install/dracut-install.c:1548
#15 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x5555555768d0) at src/install/dracut-install.c:1554
#16 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557d750) at src/install/dracut-install.c:1548
#17 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557e700) at src/install/dracut-install.c:1554
#18 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557de90) at src/install/dracut-install.c:1548
#19 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x555555581c90) at src/install/dracut-install.c:1554
#20 0x000055555555bf1c in install_dependent_modules (modlist=0x555555571e60) at src/install/dracut-install.c:1548
#21 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555556b620) at src/install/dracut-install.c:1554
#22 0x000055555555bf1c in install_dependent_modules (modlist=0x555555583000) at src/install/dracut-install.c:1548
#23 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555556b640) at src/install/dracut-install.c:1554
#24 0x000055555555bf1c in install_dependent_modules (modlist=0x555555571b40) at src/install/dracut-install.c:1548
#25 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x555555574100) at src/install/dracut-install.c:1554
#26 0x000055555555c4b0 in install_module (mod=mod@entry=0x555555573bc0) at src/install/dracut-install.c:1617
#27 0x000055555555c93d in install_modules (argc=argc@entry=1, argv=argv@entry=0x7fffffffd6e0) at src/install/dracut-install.c:1952
#28 0x000055555555862a in main (argc=<optimized out>, argv=0x7fffffffd6a8) at src/install/dracut-install.c:2090
Signed-off-by: runsisi <runsisi@hust.edu.cn>
(Cherry-picked commit: 7bb1f64b972586d86d82fcb23de4b979eab0ddfe)
Resolves: RHEL-15821
---
modules.d/40network/module-setup.sh | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
src/install/dracut-install.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/40network/module-setup.sh b/modules.d/40network/module-setup.sh
index 8e2a74a3..bf252eb7 100755
--- a/modules.d/40network/module-setup.sh
+++ b/modules.d/40network/module-setup.sh
@@ -8,9 +8,9 @@ check() {
# called by dracut
depends() {
echo -n "kernel-network-modules "
- if ! dracut_module_included "network-legacy" && [ -x "/usr/libexec/nm-initrd-generator" ] ; then
- echo "network-manager"
- else
+ # RHEL 8.1: Default to network-legacy unless the user chose
+ # network-manager manually
+ if ! dracut_module_included "network-manager" ; then
echo "network-legacy"
fi
return 0
diff --git a/src/install/dracut-install.c b/src/install/dracut-install.c
index 6025bd67..997d62d3 100644
--- a/src/install/dracut-install.c
+++ b/src/install/dracut-install.c
@@ -1522,7 +1522,7 @@ static int install_dependent_modules(struct kmod_list *modlist)
if (check_hashmap(items_failed, path))
return -1;
- if (check_hashmap(items, path)) {
+ if (check_hashmap(items, &path[kerneldirlen])) {
continue;
}

View File

@ -1,32 +1,31 @@
From dcbc74b01bfb360eecadb8e59480472b86fe63d0 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Tue, 29 Oct 2019 09:35:41 -0400
Subject: [PATCH] 01fips: fix HMAC file path resolution
From 2dcfc99c645aaeef3811e5278c399e4f78d9ce4c Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sat, 14 Oct 2023 23:45:57 +0200
Subject: [PATCH] feat(systemd): install systemd-executor
There is a small regression in #343: when handling the 'separate boot
partition' case, we're checking for the kernel image in the wrong
location: `BOOT_IMAGE` is the `/boot`-relative path to the kernel image,
so `/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE}` expands to e.g.
`/boot/mysubdir1/mysubdir2/mysubdir1/mysubdir2/vmlinuz...`.
In [0] systemd gained a new binary - systemd-executor - that's used to
spawn processes forked off systemd. Let's copy it into the initrd if
it's available.
We should be using `BOOT_IMAGE_NAME` here instead (and in fact, the next
if-statement does this correctly, so it might've just been accidentally
left out of #343).
[0] https://github.com/systemd/systemd/pull/27890
(cherry picked from commit bee1c4824a8cd47ce6c01892a548bdc07b1fa678)
Related: RHEL-30581
---
modules.d/01fips/fips.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/00systemd/module-setup.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index beaa692b..c3dbcf74 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -118,7 +118,7 @@ do_fips()
if [ -z "$BOOT_IMAGE_NAME" ]; then
BOOT_IMAGE_NAME="vmlinuz-${KERNEL}"
- elif ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE}" ]; then
+ elif ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE_NAME}" ]; then
#if /boot is not a separate partition BOOT_IMAGE might start with /boot
BOOT_IMAGE_PATH=${BOOT_IMAGE_PATH#"/boot"}
#on some achitectures BOOT_IMAGE does not contain path to kernel
diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index 2a4fe4ba..a4397249 100755
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -34,6 +34,7 @@ install() {
"$systemdutildir"/systemd \
"$systemdutildir"/systemd-coredump \
"$systemdutildir"/systemd-cgroups-agent \
+ "$systemdutildir"/systemd-executor \
"$systemdutildir"/systemd-shutdown \
"$systemdutildir"/systemd-reply-password \
"$systemdutildir"/systemd-fsck \

View File

@ -1,33 +1,124 @@
From 14310ca42f06c2156ab5cefd05dbaa47ae3b054d Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Tue, 29 Oct 2019 16:47:34 -0400
Subject: [PATCH] 01fips: run sha512hmac from directory HMAC file directory
From 92bda68884b321195436729b7fcf19ada342c0a9 Mon Sep 17 00:00:00 2001
From: Laszlo Gombos <laszlo.gombos@gmail.com>
Date: Thu, 10 Nov 2022 14:20:42 +0000
Subject: [PATCH] test: use -device instead of -watchdog to remove qemu
warnings
That way, the HMAC file can contain a relative path instead of an
absolute one. The issue is that right now the kernel RPM bakes the
`/boot/vmlinuz-${kver}` path into the HMAC file which poses an issue for
rpm-ostree systems (and any other system where the kernel isn't simply
in the top-level `/boot`.
(cherry picked from commit 9f6b4e53367be20b2295b77800c73b2614530559)
For now, we're hacking around this in rpm-ostree:
https://github.com/coreos/rpm-ostree/pull/1934
Though I'd like to propose the same change in the kernel spec file.
Related: RHEL-30581
---
modules.d/01fips/fips.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
test/TEST-01-BASIC/test.sh | 2 +-
test/TEST-03-USR-MOUNT/test.sh | 2 +-
test/TEST-20-NFS/test.sh | 4 ++--
test/TEST-50-MULTINIC/test.sh | 4 ++--
test/TEST-60-BONDBRIDGEVLANIFCFG/test.sh | 4 ++--
test/TEST-63-DRACUT-CPIO/test.sh | 2 +-
6 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index c3dbcf74..893143d0 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -135,7 +135,7 @@ do_fips()
return 1
fi
diff --git a/test/TEST-01-BASIC/test.sh b/test/TEST-01-BASIC/test.sh
index 390089b6..9f98af2c 100755
--- a/test/TEST-01-BASIC/test.sh
+++ b/test/TEST-01-BASIC/test.sh
@@ -17,7 +17,7 @@ test_run() {
- sha512hmac -c "${BOOT_IMAGE_HMAC}" || return 1
+ (cd "${BOOT_IMAGE_HMAC%/*}" && sha512hmac -c "${BOOT_IMAGE_HMAC}") || return 1
fi
"$testdir"/run-qemu \
"${disk_args[@]}" \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot \"root=LABEL= rdinit=/bin/sh\" rw systemd.log_level=debug systemd.log_target=console rd.retry=3 rd.debug console=ttyS0,115200n81 rd.shell=0 $DEBUGFAIL" \
-initrd "$TESTDIR"/initramfs.testing || return 1
info "All initrd crypto checks done"
diff --git a/test/TEST-03-USR-MOUNT/test.sh b/test/TEST-03-USR-MOUNT/test.sh
index 5cb61bce..57157bc0 100755
--- a/test/TEST-03-USR-MOUNT/test.sh
+++ b/test/TEST-03-USR-MOUNT/test.sh
@@ -25,7 +25,7 @@ client_run() {
"$testdir"/run-qemu \
"${disk_args[@]}" \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=LABEL=dracut $client_opts loglevel=7 rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \
-initrd "$TESTDIR"/initramfs.testing || return 1
diff --git a/test/TEST-20-NFS/test.sh b/test/TEST-20-NFS/test.sh
index 0be60a80..0821dc84 100755
--- a/test/TEST-20-NFS/test.sh
+++ b/test/TEST-20-NFS/test.sh
@@ -33,7 +33,7 @@ run_server() {
-net socket,listen=127.0.0.1:12320 \
-net nic,macaddr=52:54:00:12:34:56,model=e1000 \
-serial "${SERIAL:-"file:$TESTDIR/server.log"}" \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-append "panic=1 oops=panic softlockup_panic=1 root=LABEL=dracut rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \
-initrd "$TESTDIR"/initramfs.server \
-pidfile "$TESTDIR"/server.pid -daemonize || return 1
@@ -78,7 +78,7 @@ client_test() {
"${disk_args[@]}" \
-net nic,macaddr="$mac",model=e1000 \
-net socket,connect=127.0.0.1:12320 \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.retry=10 quiet ro console=ttyS0,115200n81 selinux=0" \
-initrd "$TESTDIR"/initramfs.testing
diff --git a/test/TEST-50-MULTINIC/test.sh b/test/TEST-50-MULTINIC/test.sh
index 81b1f685..47408983 100755
--- a/test/TEST-50-MULTINIC/test.sh
+++ b/test/TEST-50-MULTINIC/test.sh
@@ -31,7 +31,7 @@ run_server() {
-net socket,listen=127.0.0.1:12350 \
-net nic,macaddr=52:54:01:12:34:56,model=e1000 \
-serial "${SERIAL:-"file:$TESTDIR/server.log"}" \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=LABEL=dracut rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0" \
-initrd "$TESTDIR"/initramfs.server \
-pidfile "$TESTDIR"/server.pid -daemonize || return 1
@@ -85,7 +85,7 @@ client_test() {
-netdev hubport,id=n2,hubid=2 \
-device e1000,netdev=n1,mac=52:54:00:12:34:98 \
-device e1000,netdev=n2,mac=52:54:00:12:34:99 \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-append "quiet panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.retry=5 ro console=ttyS0,115200n81 selinux=0 init=/sbin/init rd.debug systemd.log_target=console" \
-initrd "$TESTDIR"/initramfs.testing || return 1
diff --git a/test/TEST-60-BONDBRIDGEVLANIFCFG/test.sh b/test/TEST-60-BONDBRIDGEVLANIFCFG/test.sh
index 309600d4..8f9f0cfd 100755
--- a/test/TEST-60-BONDBRIDGEVLANIFCFG/test.sh
+++ b/test/TEST-60-BONDBRIDGEVLANIFCFG/test.sh
@@ -35,7 +35,7 @@ run_server() {
-device virtio-net-pci,netdev=n3,mac=52:54:01:12:34:59 \
-hda "$TESTDIR"/server.ext3 \
-serial "${SERIAL:-"file:$TESTDIR/server.log"}" \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-append "panic=1 oops=panic softlockup_panic=1 loglevel=7 root=LABEL=dracut rootfstype=ext3 rw console=ttyS0,115200n81 selinux=0 rd.debug" \
-initrd "$TESTDIR"/initramfs.server \
-pidfile "$TESTDIR"/server.pid -daemonize || return 1
@@ -90,7 +90,7 @@ client_test() {
-netdev socket,connect=127.0.0.1:12372,id=n2 -device virtio-net-pci,mac=52:54:00:12:34:04,netdev=n2 \
"${nic3[@]}" -device virtio-net-pci,mac=52:54:00:12:34:05,netdev=n3 \
-hda "$TESTDIR"/client.img \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-append "
panic=1 oops=panic softlockup_panic=1
ifname=net1:52:54:00:12:34:01
diff --git a/test/TEST-63-DRACUT-CPIO/test.sh b/test/TEST-63-DRACUT-CPIO/test.sh
index 8e319bf2..be93cfb5 100755
--- a/test/TEST-63-DRACUT-CPIO/test.sh
+++ b/test/TEST-63-DRACUT-CPIO/test.sh
@@ -39,7 +39,7 @@ EOF
|| return 1
"$testdir"/run-qemu \
- -watchdog i6300esb -watchdog-action poweroff \
+ -device i6300esb -watchdog-action poweroff \
-daemonize -pidfile "$tdir/vm.pid" \
-serial "file:$tdir/console.out" \
-append "panic=1 oops=panic softlockup_panic=1 loglevel=7 console=ttyS0 rd.shell=1" \

View File

@ -1,26 +1,52 @@
From 89dcbbe92f008f6c4ebccfedf09d32bab4a575e5 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Tue, 29 Oct 2019 16:53:00 -0400
Subject: [PATCH] 01fips: add / in BOOT_IMAGE_HMAC filename for clarity
From 55108a3a24a1780f6d5273a3e97dbdeb7d2c75c0 Mon Sep 17 00:00:00 2001
From: Vitaly Kuznetsov <vkuznets@redhat.com>
Date: Thu, 23 May 2024 14:20:43 +0200
Subject: [PATCH] fix(fips): remove /dev/{random,urandom} pre-creation
It's already the case the `BOOT_IMAGE_PATH` today, in the non-empty
case, includes a trailing `/`, but let's add it to the path we build
here too to make it more obvious.
Random device nodes were required to workaround libgcrypt initialization
problem (see https://bugzilla.redhat.com/show_bug.cgi?id=1401444) which
is gone since libgcrypt-1.10 (2022): modern Linux kernels (3.17+) support
getrandom() syscall and libgcrypt has switch to using getentropy()
(glibc-2.25+).
The requirement to run dracut as root (which is needed to mknod
/dev/{random,urandom}) is a particular problem for building UKIs in distro
build systems where packages are not built by a privileged user.
Note, dracut itself always pre-creates /dev/{null,kmsg,console,random,urandom}
devices when running privileged so the patch has no effect on 'traditional'
setup.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
(Cherry-picked commit: 62f907e9eb3147ad8603953ec3cf29673d4fae79)
Resolves: RHEL-38830
---
modules.d/01fips/fips.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/01fips/module-setup.sh | 12 ------------
1 file changed, 12 deletions(-)
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index 893143d0..de2755b0 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -129,7 +129,7 @@ do_fips()
fi
fi
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index 7ff5e640..1dc7ea33 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -70,18 +70,6 @@ install() {
inst_multiple sha512hmac rmmod insmod mount uname umount grep sed sort
- BOOT_IMAGE_HMAC="/boot/${BOOT_IMAGE_PATH}.${BOOT_IMAGE_NAME}.hmac"
+ BOOT_IMAGE_HMAC="/boot/${BOOT_IMAGE_PATH}/.${BOOT_IMAGE_NAME}.hmac"
if ! [ -e "${BOOT_IMAGE_HMAC}" ]; then
warn "${BOOT_IMAGE_HMAC} does not exist"
return 1
inst_simple /etc/system-fips
- [ -c "${initdir}"/dev/random ] || mknod "${initdir}"/dev/random c 1 8 \
- || {
- dfatal "Cannot create /dev/random"
- dfatal "To create an initramfs with fips support, dracut has to run as root"
- return 1
- }
- [ -c "${initdir}"/dev/urandom ] || mknod "${initdir}"/dev/urandom c 1 9 \
- || {
- dfatal "Cannot create /dev/urandom"
- dfatal "To create an initramfs with fips support, dracut has to run as root"
- return 1
- }
# if we have openssl we need to install their fips library and configuration
[ -x /usr/bin/openssl ] && {

View File

@ -1,34 +1,25 @@
From 9e8f172dc01f7e013bb5d302ef6c90e2dc6b30c8 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Tue, 29 Oct 2019 16:54:10 -0400
Subject: [PATCH] 01fips: trim off GRUB boot device from BOOT_IMAGE
From 99c1c91a3b1f7c0ba417ecdea4cab8f1a424fabe Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Fri, 29 Nov 2019 13:29:23 +0100
Subject: [PATCH] fix(systemd): always include sg module
E.g. in RHCOS, the `BOOT_IMAGE` from the cmdline is:
(hd0,gpt1)/ostree/rhcos-e493371e5ee8407889029ec979955a2b86fd7e3cae5a0591b9db1cd248d966e8/vmlinuz-4.18.0-146.el8.x86_64
Which of course is a GRUB thing, not an actual pathname we'll be able to
resolve. In fact, we can simply scrap it off from the variable. Our code
is already able to handle both cases: whether the device refers to a
separate boot partition, or just the root filesystem with a regular
`/boot` directory.
RHEL-only
Resolves: RHEL-32853
---
modules.d/01fips/fips.sh | 4 ++++
1 file changed, 4 insertions(+)
modules.d/00systemd/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index de2755b0..559952ca 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -113,6 +113,10 @@ do_fips()
do_rhevh_check /run/initramfs/live/isolinux/vmlinuz0 || return 1
else
BOOT_IMAGE="$(getarg BOOT_IMAGE)"
+
+ # Trim off any leading GRUB boot device (e.g. ($root) )
+ BOOT_IMAGE="$(echo "${BOOT_IMAGE}" | sed 's/^(.*)//')"
+
BOOT_IMAGE_NAME="${BOOT_IMAGE##*/}"
BOOT_IMAGE_PATH="${BOOT_IMAGE%${BOOT_IMAGE_NAME}}"
diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index a4397249..27d2180d 100755
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -17,7 +17,7 @@ depends() {
}
installkernel() {
- hostonly='' instmods autofs4 ipv6 algif_hash hmac sha256
+ hostonly='' instmods autofs4 ipv6 algif_hash hmac sha256 sg
instmods -s efivarfs
}

View File

@ -1,25 +1,149 @@
From 346e57c1b6af4e2cfdbaae64941f2f3b8454a944 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Fri, 29 Nov 2019 13:29:23 +0100
Subject: [PATCH] always include sg module
From ab2711df3d85aee7fe5c9cbe018c1a08113e3481 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Wed, 23 Nov 2022 14:22:21 +0100
Subject: [PATCH] fix(fips): do not blindly remove /boot
RHEL-only
Resolves:#1579763
The `mount_boot` method called from fips-noboot.sh in the pre-pivot hook blindly
executes `rm -rf /boot` if there is no `boot=` command line parameter, without
first checking that /boot is not already mounted by other means.
feat(fips): add progress messages
This allows to better understand at what point a FIPS integrity test failed.
Signed-off-by: Raymund Will <rw@suse.com>
fix(fips): only unmount /boot if it was mounted by the fips module
The `do_fips` method should only unmount /boot if it was mounted in the
`mount_boot` method.
In addition, now the `mount_boot` method checks if /boot is already mounted.
Signed-off-by: Raymund Will <rw@suse.com>
fix(fips): move fips-boot script to pre-pivot
This is needed in s390x to be able to use the same `boot=` command line
parameter in grub and zipl. Otherwise, `boot=` would need to be added only to
`grub.cfg` (not `/etc/default/grub` and thereby not to `/boot/zipl/config`).
Signed-off-by: Raymund Will <rw@suse.com>
(Cherry-picked commits:
91974e8ff116c7fd9f99963780dba501535700f5
a71e518fa1f14a9b96ae62ce90714ccd7d307d97
1cdb4cb8b5fb7f74e5be6998f9b561fbf73909e0
cd2a1d4571b2f768f2b67d03fd77191795042402)
Resolves: RHEL-45913
---
modules.d/00systemd/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/01fips/fips-boot.sh | 2 ++
modules.d/01fips/fips-load-crypto.sh | 2 ++
modules.d/01fips/fips-noboot.sh | 2 ++
modules.d/01fips/fips.sh | 21 +++++++++++++++++++--
modules.d/01fips/module-setup.sh | 2 +-
5 files changed, 26 insertions(+), 3 deletions(-)
diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index 1ed4b34f..ed177826 100755
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -18,7 +18,7 @@ depends() {
diff --git a/modules.d/01fips/fips-boot.sh b/modules.d/01fips/fips-boot.sh
index 031d169a..34760e01 100755
--- a/modules.d/01fips/fips-boot.sh
+++ b/modules.d/01fips/fips-boot.sh
@@ -8,7 +8,9 @@ elif [ -z "$fipsmode" ]; then
die "FIPS mode have to be enabled by 'fips=1' not just 'fips'"
elif getarg boot= > /dev/null; then
. /sbin/fips.sh
+ fips_info "fips-boot: start"
if mount_boot; then
do_fips || die "FIPS integrity test failed"
fi
+ fips_info "fips-boot: done!"
fi
diff --git a/modules.d/01fips/fips-load-crypto.sh b/modules.d/01fips/fips-load-crypto.sh
index 21e99278..6ef42b95 100644
--- a/modules.d/01fips/fips-load-crypto.sh
+++ b/modules.d/01fips/fips-load-crypto.sh
@@ -8,5 +8,7 @@ elif [ -z "$fipsmode" ]; then
die "FIPS mode have to be enabled by 'fips=1' not just 'fips'"
else
. /sbin/fips.sh
+ fips_info "fips-load-crypto: start"
fips_load_crypto || die "FIPS integrity test failed"
+ fips_info "fips-load-crypto: done!"
fi
diff --git a/modules.d/01fips/fips-noboot.sh b/modules.d/01fips/fips-noboot.sh
index f00c2f32..963a034d 100755
--- a/modules.d/01fips/fips-noboot.sh
+++ b/modules.d/01fips/fips-noboot.sh
@@ -8,6 +8,8 @@ elif [ -z "$fipsmode" ]; then
die "FIPS mode have to be enabled by 'fips=1' not just 'fips'"
elif ! [ -f /tmp/fipsdone ]; then
. /sbin/fips.sh
+ fips_info "fips-noboot: start"
mount_boot
do_fips || die "FIPS integrity test failed"
+ fips_info "fips-noboot: done!"
fi
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index 6ad61df8..05631c8a 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -18,6 +18,15 @@ mount_boot() {
boot=$(getarg boot=)
if [ -n "$boot" ]; then
+ if [ -d /boot ] && ismounted /boot; then
+ boot_dev=
+ if command -v findmnt > /dev/null; then
+ boot_dev=$(findmnt -n -o SOURCE /boot)
+ fi
+ fips_info "Ignoring 'boot=$boot' as /boot is already mounted ${boot_dev:+"from '$boot_dev'"}"
+ return 0
+ fi
+
case "$boot" in
LABEL=* | UUID=* | PARTUUID=* | PARTLABEL=*)
boot="$(label_uuid_to_dev "$boot")"
@@ -47,10 +56,13 @@ mount_boot() {
mkdir -p /boot
fips_info "Mounting $boot as /boot"
mount -oro "$boot" /boot || return 1
- elif [ -d "$NEWROOT/boot" ]; then
+ FIPS_MOUNTED_BOOT=1
+ elif ! ismounted /boot && [ -d "$NEWROOT/boot" ]; then
# shellcheck disable=SC2114
rm -fr -- /boot
ln -sf "$NEWROOT/boot" /boot
+ else
+ die "You have to specify boot=<boot device> as a boot option for fips=1"
fi
}
installkernel() {
- hostonly='' instmods autofs4 ipv6 algif_hash hmac sha256
+ hostonly='' instmods autofs4 ipv6 algif_hash hmac sha256 sg
instmods -s efivarfs
@@ -179,7 +191,12 @@ do_fips() {
: > /tmp/fipsdone
- umount /boot > /dev/null 2>&1
+ if [ "$FIPS_MOUNTED_BOOT" = 1 ]; then
+ fips_info "Unmounting /boot"
+ umount /boot > /dev/null 2>&1
+ else
+ fips_info "Not unmounting /boot"
+ fi
return 0
}
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index 1dc7ea33..91612ff3 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -62,7 +62,7 @@ installkernel() {
# called by dracut
install() {
- inst_hook pre-mount 01 "$moddir/fips-boot.sh"
+ inst_hook pre-pivot 00 "$moddir/fips-boot.sh"
inst_hook pre-pivot 01 "$moddir/fips-noboot.sh"
inst_hook pre-udev 01 "$moddir/fips-load-crypto.sh"
inst_script "$moddir/fips.sh" /sbin/fips.sh

View File

@ -1,44 +1,263 @@
From 8061a432844d1f780d9b18144def0faef0145c0c Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 7 Oct 2019 16:48:09 +0200
Subject: [PATCH] net-lib: check if addr exists before checking for dad state
From c8bc80643d4a6c0ef27c48e680907d6fd3c888cc Mon Sep 17 00:00:00 2001
From: Jan Macku <jamacku@redhat.com>
Date: Mon, 12 Feb 2024 16:58:16 +0100
Subject: [PATCH] ci: enable source-git automation
Before we check if dad is done we should first make sure,
that there is a link local address where we do the check.
- commit validation
- pull request validation
- tracker validation
- automatic merging
Due to this issue, on ipv6 only setups sometimes dhclient started
asking for ip address, before the link local address was present
and failed immediately.
rhel-only
(cherry picked from commit daa49cc2216d6387541ef36e8427081f6b02f224)
Resolves: #1765014
Related: RHEL-30581
---
modules.d/40network/net-lib.sh | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
.github/advanced-commit-linter.yml | 17 ++++++
.github/auto-merge.yml | 4 ++
.github/pull-request-validator.yml | 4 ++
.github/tracker-validator.yml | 28 +++++++++
.github/workflows/gather-metadata.yml | 28 +++++++++
.../workflows/source-git-automation-on-demand.yml | 70 ++++++++++++++++++++++
.github/workflows/source-git-automation.yml | 46 ++++++++++++++
7 files changed, 197 insertions(+)
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
index ad78d225..dcb53804 100755
--- a/modules.d/40network/net-lib.sh
+++ b/modules.d/40network/net-lib.sh
@@ -653,7 +653,8 @@ wait_for_ipv6_dad_link() {
timeout=$(($timeout*10))
while [ $cnt -lt $timeout ]; do
- [ -z "$(ip -6 addr show dev "$1" scope link tentative)" ] \
+ [ -n "$(ip -6 addr show dev "$1" scope link)" ] \
+ && [ -z "$(ip -6 addr show dev "$1" scope link tentative)" ] \
&& [ -n "$(ip -6 route list proto ra dev "$1" | grep ^default)" ] \
&& return 0
[ -n "$(ip -6 addr show dev "$1" scope link dadfailed)" ] \
@@ -671,7 +672,8 @@ wait_for_ipv6_dad() {
timeout=$(($timeout*10))
while [ $cnt -lt $timeout ]; do
- [ -z "$(ip -6 addr show dev "$1" tentative)" ] \
+ [ -n "$(ip -6 addr show dev "$1")" ] \
+ && [ -z "$(ip -6 addr show dev "$1" tentative)" ] \
&& [ -n "$(ip -6 route list proto ra dev "$1" | grep ^default)" ] \
&& return 0
[ -n "$(ip -6 addr show dev "$1" dadfailed)" ] \
diff --git a/.github/advanced-commit-linter.yml b/.github/advanced-commit-linter.yml
new file mode 100644
index 00000000..0180ef07
--- /dev/null
+++ b/.github/advanced-commit-linter.yml
@@ -0,0 +1,17 @@
+policy:
+ cherry-pick:
+ upstream:
+ - github: dracutdevs/dracut
+ exception:
+ note:
+ - rhel-only
+ - RHEL-only
+ tracker:
+ - keyword:
+ - 'Resolves: '
+ - 'Related: '
+ - 'Reverts: '
+ type: jira
+ issue-format:
+ - 'RHEL-\d+$'
+ url: 'https://issues.redhat.com/browse/'
diff --git a/.github/auto-merge.yml b/.github/auto-merge.yml
new file mode 100644
index 00000000..35c25392
--- /dev/null
+++ b/.github/auto-merge.yml
@@ -0,0 +1,4 @@
+labels:
+ dont-merge: dont-merge
+ manual-merge: pr/needs-manual-merge
+target-branch': ['main']
diff --git a/.github/pull-request-validator.yml b/.github/pull-request-validator.yml
new file mode 100644
index 00000000..4bb5bbec
--- /dev/null
+++ b/.github/pull-request-validator.yml
@@ -0,0 +1,4 @@
+labels:
+ missing-review: pr/needs-review
+ changes-requested: pr/changes-requested
+ missing-failing-ci: pr/needs-ci
diff --git a/.github/tracker-validator.yml b/.github/tracker-validator.yml
new file mode 100644
index 00000000..f88cc0a5
--- /dev/null
+++ b/.github/tracker-validator.yml
@@ -0,0 +1,28 @@
+labels:
+ missing-tracker: tracker/missing
+ invalid-product: tracker/invalid-product
+ invalid-component: tracker/invalid-component
+ unapproved: tracker/unapproved
+products:
+ - Red Hat Enterprise Linux 9
+ - CentOS Stream 9
+ - rhel-9.0.0
+ - rhel-9.0.0.z
+ - rhel-9.2.0
+ - rhel-9.2.0.z
+ - rhel-9.3.0
+ - rhel-9.3.0.z
+ - rhel-9.4.0
+ - rhel-9.4.0.z
+ - rhel-9.5.0
+ - rhel-9.5.0.z
+ - rhel-9.6.0
+ - rhel-9.6.0.z
+ - rhel-9.7.0
+ - rhel-9.7.0.z
+ - rhel-9.8.0
+ - rhel-9.8.0.z
+ - rhel-9.9.0
+ - rhel-9.9.0.z
+ - rhel-9.10.0
+ - rhel-9.10.0.z
diff --git a/.github/workflows/gather-metadata.yml b/.github/workflows/gather-metadata.yml
new file mode 100644
index 00000000..e4cbc486
--- /dev/null
+++ b/.github/workflows/gather-metadata.yml
@@ -0,0 +1,28 @@
+name: Gather Pull Request Metadata
+on:
+ pull_request:
+ types: [ opened, reopened, synchronize ]
+ branches:
+ - main
+ - rhel-9.*
+
+permissions:
+ contents: read
+
+jobs:
+ gather-metadata:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Repository checkout
+ uses: actions/checkout@v4
+
+ - id: Metadata
+ name: Gather Pull Request Metadata
+ uses: redhat-plumbers-in-action/gather-pull-request-metadata@v1
+
+ - name: Upload artifact with gathered metadata
+ uses: actions/upload-artifact@v3
+ with:
+ name: pr-metadata
+ path: ${{ steps.Metadata.outputs.metadata-file }}
diff --git a/.github/workflows/source-git-automation-on-demand.yml b/.github/workflows/source-git-automation-on-demand.yml
new file mode 100644
index 00000000..8a3a366e
--- /dev/null
+++ b/.github/workflows/source-git-automation-on-demand.yml
@@ -0,0 +1,70 @@
+name: Source git Automation Scheduled/On Demand
+on:
+ schedule:
+ # Workflow runs every 45 minutes
+ - cron: '*/45 * * * *'
+ workflow_dispatch:
+ inputs:
+ pr-number:
+ description: 'Pull Request number/s ; when not provided, the workflow will run for all open PRs'
+ required: true
+ default: '0'
+
+permissions:
+ contents: read
+
+jobs:
+ # Get all open PRs
+ gather-pull-requests:
+ if: github.repository == 'redhat-plumbers/dracut-rhel9'
+ runs-on: ubuntu-latest
+
+ outputs:
+ pr-numbers: ${{ steps.get-pr-numbers.outputs.result }}
+ pr-numbers-manual: ${{ steps.parse-manual-input.outputs.result }}
+
+ steps:
+ - id: get-pr-numbers
+ if: inputs.pr-number == '0'
+ name: Get all open PRs
+ uses: actions/github-script@v6
+ with:
+ # !FIXME: this is not working if there is more than 100 PRs opened
+ script: |
+ const { data: pullRequests } = await github.rest.pulls.list({
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ state: 'open',
+ per_page: 100
+ });
+ return pullRequests.map(pr => pr.number);
+ - id: parse-manual-input
+ if: inputs.pr-number != '0'
+ name: Parse manual input
+ run: |
+ echo "result="[ ${{ inputs.pr-number }} ]"" >> $GITHUB_OUTPUT
+ shell: bash
+
+ validate-pr:
+ name: 'Validation of Pull Request #${{ matrix.pr-number }}'
+ needs: [ gather-pull-requests ]
+ runs-on: ubuntu-latest
+
+ strategy:
+ fail-fast: false
+ matrix:
+ pr-number: ${{ inputs.pr-number == 0 && fromJSON(needs.gather-pull-requests.outputs.pr-numbers) || fromJSON(needs.gather-pull-requests.outputs.pr-numbers-manual) }}
+
+ permissions:
+ # required for merging PRs
+ contents: write
+ # required for PR comments and setting labels
+ pull-requests: write
+
+ steps:
+ - name: Source-git Automation
+ uses: redhat-plumbers-in-action/source-git-automation@v1
+ with:
+ pr-number: ${{ matrix.pr-number }}
+ jira-api-token: ${{ secrets.JIRA_API_TOKEN }}
+ token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/source-git-automation.yml b/.github/workflows/source-git-automation.yml
new file mode 100644
index 00000000..025ee84d
--- /dev/null
+++ b/.github/workflows/source-git-automation.yml
@@ -0,0 +1,46 @@
+name: Source git Automation
+on:
+ workflow_run:
+ workflows: [ Gather Pull Request Metadata ]
+ types:
+ - completed
+
+permissions:
+ contents: read
+
+jobs:
+ download-metadata:
+ if: >
+ github.event.workflow_run.event == 'pull_request' &&
+ github.event.workflow_run.conclusion == 'success' &&
+ github.repository == 'redhat-plumbers/dracut-rhel9'
+ runs-on: ubuntu-latest
+
+ outputs:
+ pr-metadata: ${{ steps.Artifact.outputs.pr-metadata-json }}
+
+ steps:
+ - id: Artifact
+ name: Download Artifact
+ uses: redhat-plumbers-in-action/download-artifact@v1
+ with:
+ name: pr-metadata
+
+ source-git-automation:
+ needs: [ download-metadata ]
+ runs-on: ubuntu-latest
+
+ permissions:
+ # required for merging PRs
+ contents: write
+ # required for PR comments and setting labels
+ pull-requests: write
+
+
+ steps:
+ - name: Source-git Automation
+ uses: redhat-plumbers-in-action/source-git-automation@v1
+ with:
+ pr-metadata: ${{ needs.download-metadata.outputs.pr-metadata }}
+ jira-api-token: ${{ secrets.JIRA_API_TOKEN }}
+ token: ${{ secrets.GITHUB_TOKEN }}

View File

@ -1,58 +1,679 @@
From 2caaf8b9ba5b95983154bd641f0f493ff1562cc0 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Tue, 6 Aug 2019 15:39:31 +0800
Subject: [PATCH] 99squash: Only start the cleaner on switch-root
From 30e7e5091666e10cce70b90057ccd85289609bd7 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Tue, 2 Jan 2024 17:10:11 +0100
Subject: [PATCH] fix(github): update format of labeler
Currently it starts the cleaner early and do the clean up job if switch
root is called. It's better to just start the service only on switch
root to avoid any risk of service dependency failure and make is
simpler.
Since we are using `actions/labeler@main`, its format changed, displaying the
following error with every new PR:
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 5d88809319049eb06e3472dcd11cca9c4557d8c2)
```
Run actions/labeler@main
The configuration file (path: .github/labeler.yml) was not found locally, fetching via the api
Error: Error: found unexpected type for label 'repository' (should be array of config options)
Error: found unexpected type for label 'repository' (should be array of config options)
```
Resolves: #1678248
(cherry picked from commit de8ac6300d115a05d467dbb6b9a7c2599a2d306f)
Related: RHEL-30581
---
modules.d/99squash/module-setup.sh | 3 ++-
modules.d/99squash/squash-mnt-clear.service | 11 ++++-------
2 files changed, 6 insertions(+), 8 deletions(-)
.github/labeler.yml | 460 ++++++++++++++++++++++++++++++++++++++++------------
1 file changed, 358 insertions(+), 102 deletions(-)
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index 935fd721..e7e9ed8e 100644
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -25,5 +25,6 @@ install() {
inst $moddir/init.sh /squash/init.sh
diff --git a/.github/labeler.yml b/.github/labeler.yml
index 1c787a58..0dcc06d4 100644
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -1,293 +1,549 @@
repository:
- - ./*
+ - changed-files:
+ - any-glob-to-any-file: './*'
inst "$moddir/squash-mnt-clear.service" "$systemdsystemunitdir/squash-mnt-clear.service"
- ln_r "$systemdsystemunitdir/squash-mnt-clear.service" "$systemdsystemunitdir/initrd.target.wants/squash-mnt-clear.service"
+ mkdir -p "$initdir$systemdsystemunitdir/initrd-switch-root.target.wants"
+ ln_r "$systemdsystemunitdir/squash-mnt-clear.service" "$systemdsystemunitdir/initrd-switch-root.target.wants/squash-mnt-clear.service"
}
diff --git a/modules.d/99squash/squash-mnt-clear.service b/modules.d/99squash/squash-mnt-clear.service
index f8d5db46..84441f60 100644
--- a/modules.d/99squash/squash-mnt-clear.service
+++ b/modules.d/99squash/squash-mnt-clear.service
@@ -4,17 +4,14 @@
[Unit]
Description=Cleanup squashfs mounts when switch root
DefaultDependencies=no
-After=initrd.target
-After=dracut-initqueue.service dracut-pre-pivot.service
-Before=initrd-cleanup.service
+Before=initrd-switch-root.service
+After=initrd-switch-root.target
ConditionPathExists=/squash/root
-Conflicts=initrd-switch-root.target
-IgnoreOnIsolate=true
github:
- - .github/*
- - .github/**/*
+ - changed-files:
+ - any-glob-to-any-file: ['.github/*', '.github/**/*']
+
+docs:
+ - changed-files:
+ - any-glob-to-any-file: 'docs/*'
+
+man:
+ - changed-files:
+ - any-glob-to-any-file: 'man/*'
+
+kernel-install:
+ - changed-files:
+ - any-glob-to-any-file: 'install.d/*'
+
+shell-completion:
+ - changed-files:
+ - any-glob-to-any-file: ['shell-completion/*', 'shell-completion/**/*']
+
+dracut-cpio:
+ - changed-files:
+ - any-glob-to-any-file: ['src/dracut-cpio/*', 'src/dracut-cpio/**/*']
[Service]
Type=oneshot
-RemainAfterExit=yes
+RemainAfterExit=no
StandardInput=null
StandardOutput=syslog+console
StandardError=syslog+console
-ExecStop=/squash/clear-squash.sh
+ExecStart=/squash/clear-squash.sh
dracut-install:
- - install/*
- - install/**/*
+ - changed-files:
+ - any-glob-to-any-file: 'src/install/*'
+
+dracut-util:
+ - changed-files:
+ - any-glob-to-any-file: 'src/util/*'
-example:
- - examples/*
- - examples/**/*
- - examples/**/**/*
+logtee:
+ - changed-files:
+ - any-glob-to-any-file: 'src/logtee/*'
+
+skipcpio:
+ - changed-files:
+ - any-glob-to-any-file: 'src/skipcpio/*'
modules:
- - modules.d/*
- - modules.d/**/*
+ - changed-files:
+ - any-glob-to-any-file: ['modules.d/*', 'modules.d/**/*']
bash:
- - modules.d/00bash/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/00bash/*'
bootchart:
- modules.d/00bootchart/*
dash:
- - modules.d/00dash/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/00dash/*'
mksh:
- - modules.d/00mksh/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/00mksh/*'
systemd:
- - modules.d/00systemd/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/00systemd/*'
warpclock:
- - modules.d/00warpclock/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/00warpclock/*'
fips:
- - modules.d/01fips/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01fips/*'
+
+systemd-ac-power:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-ac-power/*'
+
+systemd-ask-password:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-ask-password/*'
+
+systemd-coredump:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-coredump/*'
+
+systemd-creds:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-creds/*'
+
+systemd-hostnamed:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-hostnamed/*'
systemd-initrd:
- - modules.d/01systemd-initrd/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-initrd/*'
-caps:
- - modules.d/02caps/*
+systemd-integritysetup:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-integritysetup/*'
+
+systemd-journald:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-journald/*'
+
+systemd-ldconfig:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-ldconfig/*'
+
+systemd-modules-load:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-modules-load/*'
systemd-networkd:
- - modules.d/02systemd-networkd/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-networkd/*'
+
+systemd-pcrphase:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-pcrphase/*'
+
+systemd-portabled:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-portabled/*'
+
+systemd-pstore:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-pstore/*'
+
+systemd-repart:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-repart/*'
+
+systemd-resolved:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-resolved/*'
+
+systemd-sysctl:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-sysctl/*'
+
+systemd-sysext:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-sysext/*'
+
+systemd-sysusers:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-sysusers/*'
+
+systemd-timedated:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-timedated/*'
+
+systemd-timesyncd:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-timesyncd/*'
+
+systemd-tmpfiles:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-tmpfiles/*'
+
+systemd-udevd:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-udevd/*'
+
+systemd-veritysetup:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/01systemd-veritysetup/*'
+
+caps:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/02caps/*'
modsign:
- - modules.d/03modsign/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/03modsign/*'
rescue:
- - modules.d/03rescue/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/03rescue/*'
watchdog:
- - modules.d/04watchdog/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/04watchdog/*'
+
+watchdog-modules:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/04watchdog-modules/*'
busybox:
- - modules.d/05busybox/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/05busybox/*'
+
+dbus-broker:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/06dbus-broker/*'
+
+dbus-daemon:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/06dbus-daemon/*'
rngd:
- - modules.d/06rngd/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/06rngd/*'
+
+dbus:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/09dbus/*'
i18n:
- - modules.d/10i18n/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/10i18n/*'
convertfs:
- - modules.d/30convertfs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/30convertfs/*'
+
+connman:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/35connman/*'
network-legacy:
- - modules.d/35network-legacy/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/35network-legacy/*'
network-manager:
- - modules.d/35network-manager/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/35network-manager/*'
network:
- - modules.d/40network/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/40network/*'
ifcfg:
- - modules.d/45ifcfg/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/45ifcfg/*'
url-lib:
- - modules.d/45url-lib/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/45url-lib/*'
drm:
- - modules.d/50drm/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/50drm/*'
plymouth:
- - modules.d/50plymouth/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/50plymouth/*'
+
+bluetooth:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/62bluetooth/*'
cms:
- - modules.d/80cms/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/80cms/*'
lvmmerge:
- - modules.d/80lvmmerge/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/80lvmmerge/*'
+
+lvmthinpool-monitor:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/80lvmthinpool-monitor/*'
cio_ignore:
- - modules.d/81cio_ignore/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/81cio_ignore/*'
btrfs:
- - modules.d/90btrfs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90btrfs/*'
crypt:
- - modules.d/90crypt/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90crypt/*'
dm:
- - modules.d/90dm/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90dm/*'
dmraid:
- - modules.d/90dmraid/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90dmraid/*'
dmsquash-live:
- - modules.d/90dmsquash-live/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90dmsquash-live/*'
+
+dmsquash-live-autooverlay:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90dmsquash-live-autooverlay/*'
dmsquash-live-ntfs:
- - modules.d/90dmsquash-live-ntfs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90dmsquash-live-ntfs/*'
kernel-modules:
- - modules.d/90kernel-modules/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90kernel-modules/*'
kernel-modules-extra:
- - modules.d/90kernel-modules-extra/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90kernel-modules-extra/*'
kernel-network-modules:
- - modules.d/90kernel-network-modules/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90kernel-network-modules/*'
livenet:
- - modules.d/90livenet/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90livenet/*'
lvm:
- - modules.d/90lvm/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90lvm/*'
mdraid:
- - modules.d/90mdraid/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90mdraid/*'
multipath:
- - modules.d/90multipath/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90multipath/*'
nvdimm:
- - modules.d/90nvdimm/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90nvdimm/*'
+
+overlayfs:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90overlayfs/*'
ppcmac:
- - modules.d/90ppcmac/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90ppcmac/*'
qemu:
- - modules.d/90qemu/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90qemu/*'
qemu-net:
- - modules.d/90qemu-net/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/90qemu-net/*'
stratis:
- modules.d/90stratis/*
crypt-gpg:
- - modules.d/91crypt-gpg/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/91crypt-gpg/*'
crypt-loop:
- - modules.d/91crypt-loop/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/91crypt-loop/*'
+
+fido2:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/91fido2/*'
+
+pcsc:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/91pcsc/*'
+
+pkcs11:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/91pkcs11/*'
+
+tpm2-tss:
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/91tpm2-tss/*'
zipl:
- - modules.d/91zipl/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/91zipl/*'
cifs:
- - modules.d/95cifs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95cifs/*'
dasd:
- - modules.d/95dasd/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95dasd/*'
dasd_mod:
- - modules.d/95dasd_mod/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95dasd_mod/*'
dasd_rules:
- - modules.d/95dasd_rules/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95dasd_rules/*'
dcssblk:
- - modules.d/95dcssblk/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95dcssblk/*'
debug:
- - modules.d/95debug/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95debug/*'
fcoe:
- - modules.d/95fcoe/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95fcoe/*'
fcoe-uefi:
- - modules.d/95fcoe-uefi/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95fcoe-uefi/*'
fstab-sys:
- - modules.d/95fstab-sys/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95fstab-sys/*'
iscsi:
- - modules.d/95iscsi/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95iscsi/*'
lunmask:
- - modules.d/95lunmask/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95lunmask/*'
nbd:
- - modules.d/95nbd/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95nbd/*'
nfs:
- - modules.d/95nfs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95nfs/*'
nvmf:
- - modules.d/95nvmf/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95nvmf/*'
qeth_rules:
- - modules.d/95qeth_rules/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95qeth_rules/*'
resume:
- - modules.d/95resume/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95resume/*'
rootfs-block:
- - modules.d/95rootfs-block/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95rootfs-block/*'
ssh-client:
- - modules.d/95ssh-client/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95ssh-client/*'
terminfo:
- - modules.d/95terminfo/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95terminfo/*'
udev-rules:
- - modules.d/95udev-rules/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95udev-rules/*'
virtfs:
- - modules.d/95virtfs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95virtfs/*'
virtiofs:
- - modules.d/95virtiofs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95virtiofs/*'
zfcp:
- - modules.d/95zfcp/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95zfcp/*'
zfcp_rules:
- - modules.d/95zfcp_rules/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95zfcp_rules/*'
znet:
- - modules.d/95znet/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/95znet/*'
securityfs:
- - modules.d/96securityfs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/96securityfs/*'
biosdevname:
- - modules.d/97biosdevname/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/97biosdevname/*'
masterkey:
-- modules.d/97masterkey/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/97masterkey/*'
dracut-systemd:
- - modules.d/98dracut-systemd/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/98dracut-systemd/*'
ecryptfs:
- - modules.d/98ecryptfs/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/98ecryptfs/*'
integrity:
- - modules.d/98integrity/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/98integrity/*'
pollcdrom:
- - modules.d/98pollcdrom/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/98pollcdrom/*'
selinux:
- - modules.d/98selinux/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/98selinux/*'
syslog:
- - modules.d/98syslog/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/98syslog/*'
usrmount:
- - modules.d/98usrmount/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/98usrmount/*'
base:
- - modules.d/99base/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/99base/*'
fs-lib:
- - modules.d/99fs-lib/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/99fs-lib/*'
img-lib:
- - modules.d/99img-lib/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/99img-lib/*'
memstrack:
- - modules.d/99memstrack/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/99memstrack/*'
shutdown:
- - modules.d/99shutdown/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/99shutdown/*'
squash:
- - modules.d/99squash/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/99squash/*'
uefi-lib:
- - modules.d/99uefi-lib/*
+ - changed-files:
+ - any-glob-to-any-file: 'modules.d/99uefi-lib/*'
test:
- - test/*
- - test/**/*
+ - changed-files:
+ - any-glob-to-any-file: ['test/*', 'test/**/*', 'modules.d/80test*', 'modules.d/80test*/*']

View File

@ -1,31 +1,73 @@
From ab679e91396a21489999c0acc9243415cb3235db Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Tue, 7 Jan 2020 20:53:53 +0000
Subject: [PATCH] modules/network-manager: Install `ip`
From 53ee0740d5913d20bf35f7613a12072fd2ebe0d0 Mon Sep 17 00:00:00 2001
From: Jan Macku <jamacku@redhat.com>
Date: Wed, 17 Jul 2024 15:45:31 +0200
Subject: [PATCH] ci: fix source-git automation
We don't need `ip` but having it is *really* useful for people debugging
in an emergency shell.
rhel-only
(cherry picked from commit 7fea85ce5f313445a260b5eb7bd7466217479d99)
Resolves: #1784358
Related: RHEL-30581
---
modules.d/35network-manager/module-setup.sh | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
.github/tracker-validator.yml | 28 +++++++++++-----------
.../workflows/source-git-automation-on-demand.yml | 1 +
.github/workflows/source-git-automation.yml | 1 +
3 files changed, 16 insertions(+), 14 deletions(-)
diff --git a/modules.d/35network-manager/module-setup.sh b/modules.d/35network-manager/module-setup.sh
index 62aba3c6..d6d0f9ce 100755
--- a/modules.d/35network-manager/module-setup.sh
+++ b/modules.d/35network-manager/module-setup.sh
@@ -26,7 +26,9 @@ install() {
_nm_version=$(NetworkManager --version)
- inst_multiple sed grep
+ # We don't need `ip` but having it is *really* useful for people debugging
+ # in an emergency shell.
+ inst_multiple ip sed grep
inst NetworkManager
inst /usr/libexec/nm-initrd-generator
diff --git a/.github/tracker-validator.yml b/.github/tracker-validator.yml
index f88cc0a5..31ef28f6 100644
--- a/.github/tracker-validator.yml
+++ b/.github/tracker-validator.yml
@@ -12,17 +12,17 @@ products:
- rhel-9.2.0.z
- rhel-9.3.0
- rhel-9.3.0.z
- - rhel-9.4.0
- - rhel-9.4.0.z
- - rhel-9.5.0
- - rhel-9.5.0.z
- - rhel-9.6.0
- - rhel-9.6.0.z
- - rhel-9.7.0
- - rhel-9.7.0.z
- - rhel-9.8.0
- - rhel-9.8.0.z
- - rhel-9.9.0
- - rhel-9.9.0.z
- - rhel-9.10.0
- - rhel-9.10.0.z
+ - rhel-9.4
+ - rhel-9.4.z
+ - rhel-9.5
+ - rhel-9.5.z
+ - rhel-9.6
+ - rhel-9.6.z
+ - rhel-9.7
+ - rhel-9.7.z
+ - rhel-9.8
+ - rhel-9.8.z
+ - rhel-9.9
+ - rhel-9.9.z
+ - rhel-9.10
+ - rhel-9.10.z
diff --git a/.github/workflows/source-git-automation-on-demand.yml b/.github/workflows/source-git-automation-on-demand.yml
index 8a3a366e..afd2333e 100644
--- a/.github/workflows/source-git-automation-on-demand.yml
+++ b/.github/workflows/source-git-automation-on-demand.yml
@@ -66,5 +66,6 @@ jobs:
uses: redhat-plumbers-in-action/source-git-automation@v1
with:
pr-number: ${{ matrix.pr-number }}
+ component: dracut
jira-api-token: ${{ secrets.JIRA_API_TOKEN }}
token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/source-git-automation.yml b/.github/workflows/source-git-automation.yml
index 025ee84d..bdec3856 100644
--- a/.github/workflows/source-git-automation.yml
+++ b/.github/workflows/source-git-automation.yml
@@ -42,5 +42,6 @@ jobs:
uses: redhat-plumbers-in-action/source-git-automation@v1
with:
pr-metadata: ${{ needs.download-metadata.outputs.pr-metadata }}
+ component: dracut
jira-api-token: ${{ secrets.JIRA_API_TOKEN }}
token: ${{ secrets.GITHUB_TOKEN }}

View File

@ -1,31 +1,37 @@
From 7164155795f3f257cd119846de0b2a802a6a52c5 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 9 Jan 2020 10:49:52 +0100
Subject: [PATCH] network-legacy/ifup: dhclient should be started in oneshot
mode
From f8cb5753f14c65d1371b623f5f0d8e3cb0aa7107 Mon Sep 17 00:00:00 2001
From: Laszlo Gombos <laszlo.gombos@gmail.com>
Date: Wed, 19 Oct 2022 12:32:28 +0000
Subject: [PATCH] ci: remove non-existing modules from labeler
since we handle the retries explicitly via rd.net.dhcp.retry
(cherry picked from commit 1d60dd74ee721f17cdaadd56b874b564b89c0145)
Without -1 if user sets ip=dhcp6 and there is no dhcp on the network,
dhclient seems to wait indefinitely, ignoring rd.net.timeout.dhcp
(cherry picked from commit 2181c80c91f05bfae5e50de2f502e363b0219bae)
Resolves: #1787620
Related: RHEL-30581
---
modules.d/35network-legacy/ifup.sh | 1 +
1 file changed, 1 insertion(+)
.github/labeler.yml | 6 ------
1 file changed, 6 deletions(-)
diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh
index b4f5bf10..bfb57ad5 100755
--- a/modules.d/35network-legacy/ifup.sh
+++ b/modules.d/35network-legacy/ifup.sh
@@ -52,6 +52,7 @@ do_dhcp() {
dhclient "$@" \
${_timeout:+-timeout $_timeout} \
-q \
+ -1 \
-cf /etc/dhclient.conf \
-pf /tmp/dhclient.$netif.pid \
-lf /tmp/dhclient.$netif.lease \
diff --git a/.github/labeler.yml b/.github/labeler.yml
index 0dcc06d4..5667c635 100644
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -50,9 +50,6 @@ bash:
- changed-files:
- any-glob-to-any-file: 'modules.d/00bash/*'
-bootchart:
- - modules.d/00bootchart/*
-
dash:
- changed-files:
- any-glob-to-any-file: 'modules.d/00dash/*'
@@ -345,9 +342,6 @@ qemu-net:
- changed-files:
- any-glob-to-any-file: 'modules.d/90qemu-net/*'
-stratis:
- - modules.d/90stratis/*
-
crypt-gpg:
- changed-files:
- any-glob-to-any-file: 'modules.d/91crypt-gpg/*'

View File

@ -1,26 +1,34 @@
From d20eb7b7b2a50f29ac02bd6b6d80113d495849ed Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Wed, 8 Jan 2020 16:20:29 +0100
Subject: [PATCH] network-legacy/ifup: fix typo when calling dhclient --timeout
From 79fbe4171a7e42abe40d138a24add2895f7cddcd Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 31 Jan 2023 16:32:19 +0100
Subject: [PATCH] fix(network-manager): add "After" dependency on dbus.service
(cherry picked from commit 212043f94dde1693d777e933945138747537f12f)
During shutdown, there is no ordering dependency between the nm-initrd service
and the D-Bus daemon, and so the latter can be stopped before. This causes
issues to NetworkManager, especially when team interfaces are present because
NM will see teamd dropping from the bus and will try to reactivate the
connection.
Resolves: #1787620
Add a "After" dependency to make sure the D-Bus daemon is stopped after NM on
shutdown.
(Cherry-picked commit: 1b7d83110741560f26027fbd9435763eef56935a)
Resolves: RHEL-13192
---
modules.d/35network-legacy/ifup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
modules.d/35network-manager/nm-initrd.service | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh
index bfb57ad5..16b950be 100755
--- a/modules.d/35network-legacy/ifup.sh
+++ b/modules.d/35network-legacy/ifup.sh
@@ -50,7 +50,7 @@ do_dhcp() {
while [ $_COUNT -lt $_DHCPRETRY ]; do
info "Starting dhcp for interface $netif"
dhclient "$@" \
- ${_timeout:+-timeout $_timeout} \
+ ${_timeout:+--timeout $_timeout} \
-q \
-1 \
-cf /etc/dhclient.conf \
diff --git a/modules.d/35network-manager/nm-initrd.service b/modules.d/35network-manager/nm-initrd.service
index 3e24f52a..dbd8caa7 100644
--- a/modules.d/35network-manager/nm-initrd.service
+++ b/modules.d/35network-manager/nm-initrd.service
@@ -3,6 +3,7 @@ DefaultDependencies=no
Wants=systemd-udev-trigger.service
After=systemd-udev-trigger.service
After=dracut-cmdline.service
+After=dbus.service
Wants=network.target
Before=network.target
ConditionPathExists=/run/NetworkManager/initrd/neednet

View File

@ -1,31 +1,174 @@
From 46a8b8e9e7f150c2a17d4adeacb25ccf003ec425 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Tue, 21 Jan 2020 17:57:31 -0500
Subject: [PATCH] network-legacy/ifup: nuke pid and lease files if dhclient
failed
From 75691dfaa822a7ce32e4f97141975d9b10f3101e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9CMasahiro?= <mmatsuya@redhat.com>
Date: Fri, 3 Feb 2023 12:08:26 +0900
Subject: [PATCH] fix(url-lib.sh): nfs_already_mounted() with trailing slash in
nfs path
Otherwise we won't retry dhclient again on that interface. In
FCOS/RHCOS, we want to bake in `ip=dhcp,dhcp6` so we automatically try
getting a DHCPv6 lease if DHCPv4 failed.
nfs_already_mounted() doesn't work when the installation ISO and kickstart file on a same NFS share are specified with inst.repo and inst.ks boot parameter as below.
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1793591
(cherry picked from commit d0de58f23252a9da4a8badd71777e7c8418fa4b7)
inst.repo=nfs:192.168.1.1:/home/data/rhel9.iso inst.ks=nfs:192.168.1.1:/home/data/ks.cfg
NOTE: /home/data is configured for nfs share on 192.168.1.1
One problem is a file (not a directory) was passed into nfs_already_mounted().
nfs_already_mounted() is the function to judge if the given directory is already mounted.
So, filepath should be passed in nfs_fetch_url().
The other problem is about the trailing slash in the nfs path in /proc/mounts.
The /proc/mounts has an entry after nfs mount of inst.repo.
192.168.1.1:/data/ /run/install/isodir nfs ro,relatime,<snip>
In this case, nfs_already_mounted() returns "/run/install/isodir//home/data/ks.cfg" wrongly. The following is from the log.
[ 14.556279] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@156(nfs_fetch_url): nfs_already_mounted 192.168.122.1 /home/data/ks.cfg
[ 14.556279] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@137(nfs_already_mounted): local server=192.168.122.1 path=/home/data/ks.cfg s= p=
...
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@140(nfs_already_mounted): '[' 192.168.122.1 = 192.168.122.1 ']'
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@141(nfs_already_mounted): '[' /home/data/ks.cfg = /home/data/ ']'
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@143(nfs_already_mounted): str_starts /home/data/ks.cfg /home/data/
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/dracut-lib.sh@51(str_starts): '[' ks.cfg '!=' /home/data/ks.cfg ']'
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@144(nfs_already_mounted): echo /run/install/isodir//home/data/ks.cfg
...
[ 14.658069] localhost.localdomain dracut-initqueue[934]: //lib/url-lib.sh@156(nfs_fetch_url): mntdir=/run/install/isodir//home/data/ks.cfg
This function doesn't expect the trailiing slash of the nfs path in /proc/mounts, so it should be removed before processing it.
feat(test): nfs_fetch_url test into nfs test
This is to check the behavior of nfs_fetch_url() in nfs-lib.sh.
nfs_fetch_url() calls nfs_already_mounted() internally.
A file /nfs/client/root/fetchfile is on NFS server, which is fetched
from clients for testing with nfs_fetch_url().
(Cherry-picked commits:
b731369c5fe7f9247337fe08017638a38f36cfca
3cf092dbd8754a31595b0d8447827c6358fc3a88)
Resolves: RHEL-13193
---
modules.d/35network-legacy/ifup.sh | 3 +++
1 file changed, 3 insertions(+)
modules.d/45url-lib/url-lib.sh | 3 ++-
test/TEST-20-NFS/client-init.sh | 20 ++++++++++++++++++++
test/TEST-20-NFS/test.sh | 14 +++++++++++++-
3 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh
index 16b950be..dd18d70b 100755
--- a/modules.d/35network-legacy/ifup.sh
+++ b/modules.d/35network-legacy/ifup.sh
@@ -62,6 +62,9 @@ do_dhcp() {
[ $_COUNT -lt $_DHCPRETRY ] && sleep 1
done
warn "dhcp for interface $netif failed"
+ # nuke those files since we failed; we might retry dhcp again if it's e.g.
+ # `ip=dhcp,dhcp6` and we check for the PID file at the top
+ rm -f /tmp/dhclient.$netif.{pid,lease}
diff --git a/modules.d/45url-lib/url-lib.sh b/modules.d/45url-lib/url-lib.sh
index b009fd09..c62b35db 100755
--- a/modules.d/45url-lib/url-lib.sh
+++ b/modules.d/45url-lib/url-lib.sh
@@ -137,6 +137,7 @@ nfs_already_mounted() {
local server="$1" path="$2" s="" p=""
while read -r src mnt rest || [ -n "$src" ]; do
splitsep ":" "$src" s p
+ p=${p%/}
if [ "$server" = "$s" ]; then
if [ "$path" = "$p" ]; then
echo "$mnt"
@@ -153,7 +154,7 @@ nfs_fetch_url() {
local filepath="${path%/*}" filename="${path##*/}" mntdir=""
# skip mount if server:/filepath is already mounted
- mntdir=$(nfs_already_mounted "$server" "$path")
+ mntdir=$(nfs_already_mounted "$server" "$filepath")
if [ -z "$mntdir" ]; then
local mntdir
mntdir="$(mkuniqdir /run nfs_mnt)"
diff --git a/test/TEST-20-NFS/client-init.sh b/test/TEST-20-NFS/client-init.sh
index c7e88314..061a2b15 100755
--- a/test/TEST-20-NFS/client-init.sh
+++ b/test/TEST-20-NFS/client-init.sh
@@ -1,6 +1,7 @@
#!/bin/sh
: > /dev/watchdog
. /lib/dracut-lib.sh
+. /lib/url-lib.sh
export PATH=/usr/sbin:/usr/bin:/sbin:/bin
command -v plymouth > /dev/null 2>&1 && plymouth --quit
@@ -23,6 +24,25 @@ while read -r dev _ fstype opts rest || [ -n "$dev" ]; do
break
done < /proc/mounts
+if [ "$fstype" = "nfs" -o "$fstype" = "nfs4" ]; then
+
+ serverip=${dev%:*}
+ path=${dev#*:}
+ echo serverip="${serverip}"
+ echo path="${path}"
+ echo /proc/mounts status
+ cat /proc/mounts
+
+ echo test:nfs_fetch_url nfs::"${serverip}":"${path}"/root/fetchfile
+ if nfs_fetch_url nfs::"${serverip}":"${path}"/root/fetchfile /run/nfsfetch.out; then
+ echo nfsfetch-OK
+ echo "nfsfetch-OK" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker2
+ fi
+else
+ echo nfsfetch-BYPASS fstype="${fstype}"
+ echo "nfsfetch-OK" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker2
+fi
+
: > /dev/watchdog
sync
diff --git a/test/TEST-20-NFS/test.sh b/test/TEST-20-NFS/test.sh
index 0821dc84..870eeba0 100755
--- a/test/TEST-20-NFS/test.sh
+++ b/test/TEST-20-NFS/test.sh
@@ -65,13 +65,15 @@ client_test() {
# Need this so kvm-qemu will boot (needs non-/dev/zero local disk)
dd if=/dev/zero of="$TESTDIR"/marker.img bs=1MiB count=1
+ dd if=/dev/zero of="$TESTDIR"/marker2.img bs=1MiB count=1
declare -a disk_args=()
# shellcheck disable=SC2034
declare -i disk_index=0
qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker
+ qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker2.img marker2
if dhclient --help 2>&1 | grep -q -F -- '--timeout' 2> /dev/null; then
- cmdline="$cmdline rd.net.timeout.dhcp=3"
+ cmdline="$cmdline rd.net.timeout.dhcp=30"
fi
"$testdir"/run-qemu \
@@ -126,6 +128,11 @@ client_test() {
return 1
fi
+ if ! grep -U --binary-files=binary -F -m 1 -q nfsfetch-OK "$TESTDIR"/marker2.img; then
+ echo "CLIENT TEST END: $test_name [FAILED - NFS FETCH FAILED]"
+ return 1
+ fi
+
echo "CLIENT TEST END: $test_name [OK]"
return 0
}
@@ -263,6 +270,7 @@ test_setup() {
done
type -P portmap > /dev/null && inst_multiple portmap
type -P rpcbind > /dev/null && inst_multiple rpcbind
+
[ -f /etc/netconfig ] && inst_multiple /etc/netconfig
type -P dhcpd > /dev/null && inst_multiple dhcpd
[ -x /usr/sbin/dhcpd3 ] && inst /usr/sbin/dhcpd3 /usr/sbin/dhcpd
@@ -308,6 +316,7 @@ test_setup() {
(
cd "$initdir" || exit
mkdir -p dev sys proc etc run root usr var/lib/nfs/rpc_pipefs
+ echo "TEST FETCH FILE" > root/fetchfile
)
inst_multiple sh shutdown poweroff stty cat ps ln ip dd \
@@ -321,6 +330,9 @@ test_setup() {
inst_simple "${basedir}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh"
inst_simple "${basedir}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh"
+ inst_simple "${basedir}/modules.d/45url-lib/url-lib.sh" "/lib/url-lib.sh"
+ inst_simple "${basedir}/modules.d/40network/net-lib.sh" "/lib/net-lib.sh"
+ inst_simple "${basedir}/modules.d/95nfs/nfs-lib.sh" "/lib/nfs-lib.sh"
inst_binary "${basedir}/dracut-util" "/usr/bin/dracut-util"
ln -s dracut-util "${initdir}/usr/bin/dracut-getarg"
ln -s dracut-util "${initdir}/usr/bin/dracut-getargs"

View File

@ -1,39 +1,86 @@
From 86d48f5c45d2d2c19cb575fa377763c069e57b8a Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Thu, 29 Aug 2019 14:31:06 +0200
Subject: [PATCH] added debug-shell to initrd in systemd version >= 240
From 813a79d80b272d30ea949b070b436d2bb487df24 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B3hann=20B=2E=20Gu=C3=B0mundsson?= <johannbg@gmail.com>
Date: Sun, 23 Oct 2022 10:54:48 +0000
Subject: [PATCH] feat(systemd-pcrphase): introducing the systemd-pcrphase
module
Introducing the systemd-pcrphase module
(Cherry-picked commit: c4c595ceeab79fefde74750ec6b0d15d7d16ede6)
Resolves: RHEL-27944
---
dracut.spec | 2 +-
modules.d/00systemd/module-setup.sh | 4 ++++
2 files changed, 5 insertions(+), 1 deletion(-)
modules.d/01systemd-pcrphase/module-setup.sh | 51 ++++++++++++++++++++++++++++
pkgbuild/dracut.spec | 1 +
2 files changed, 52 insertions(+)
diff --git a/dracut.spec b/dracut.spec
index 92c7f7bf..0f7eb4bf 100644
--- a/dracut.spec
+++ b/dracut.spec
@@ -88,7 +88,7 @@ Recommends: hardlink
Recommends: pigz
Recommends: kpartx
Requires: util-linux >= 2.21
-Requires: systemd >= 219
+Requires: systemd >= 239-23
Requires: systemd-udev >= 219
Requires: procps-ng
%else
diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index ed177826..e4a3f323 100755
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -31,6 +31,10 @@ install() {
exit 1
fi
+ inst_multiple -o \
+ $systemdutildir/system-generators/systemd-debug-generator \
+ $systemdsystemunitdir/debug-shell.service
diff --git a/modules.d/01systemd-pcrphase/module-setup.sh b/modules.d/01systemd-pcrphase/module-setup.sh
new file mode 100755
index 00000000..3dbb4974
--- /dev/null
+++ b/modules.d/01systemd-pcrphase/module-setup.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+# This file is part of dracut.
+# SPDX-License-Identifier: GPL-2.0-or-later
+
inst_multiple -o \
$systemdutildir/systemd \
$systemdutildir/systemd-coredump \
+# Prerequisite check(s) for module.
+check() {
+
+ # If the binary(s) requirements are not fulfilled the module can't be installed.
+ require_binaries "$systemdutildir"/systemd-pcrphase || return 1
+
+ # Return 255 to only include the module, if another module requires it.
+ return 255
+
+}
+
+# Module dependency requirements.
+depends() {
+
+ # This module has external dependency on other module(s).
+ echo systemd tpm2-tss
+ # Return 0 to include the dependent module(s) in the initramfs.
+ return 0
+
+}
+
+# Install the required file(s) and directories for the module in the initramfs.
+install() {
+
+ inst_multiple -o \
+ "$systemdutildir"/systemd-pcrphase \
+ "$systemdsystemunitdir"/systemd-pcrphase.service \
+ "$systemdsystemunitdir/systemd-pcrphase.service.d/*.conf" \
+ "$systemdsystemunitdir"/systemd-pcrphase-sysinit.service \
+ "$systemdsystemunitdir/systemd-pcrphase-sysinit.service/*.conf" \
+ "$systemdsystemunitdir"/systemd-pcrphase-initrd.service \
+ "$systemdsystemunitdir/systemd-pcrphase-initrd.service.d/*.conf" \
+ "$systemdsystemunitdir"/initrd.target.wants/systemd-pcrphase-initrd.service
+
+ # Install the hosts local user configurations if enabled.
+ if [[ $hostonly ]]; then
+ inst_multiple -H -o \
+ "$systemdsystemconfdir"/systemd-pcrphase.service \
+ "$systemdsystemconfdir/systemd-pcrphase.service.d/*.conf" \
+ "$systemdsystemconfdir"/systemd-pcrphase-sysinit.service \
+ "$systemdsystemconfdir/systemd-pcrphase-sysinit.service.d/*.conf" \
+ "$systemdsystemconfdir"/systemd-pcrphase-initrd.service \
+ "$systemdsystemconfdir/systemd-pcrphase-initrd.service.d/*.conf" \
+ "$systemdsystemconfdir"/initrd.target.wants/systemd-pcrphase-initrd.service
+ fi
+
+}
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index bd850986..0fa46d86 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -320,6 +320,7 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/01systemd-journald
%{dracutlibdir}/modules.d/01systemd-ldconfig
%{dracutlibdir}/modules.d/01systemd-modules-load
+%{dracutlibdir}/modules.d/01systemd-pcrphase
%{dracutlibdir}/modules.d/01systemd-repart
%{dracutlibdir}/modules.d/01systemd-resolved
%{dracutlibdir}/modules.d/01systemd-rfkill

View File

@ -1,32 +1,45 @@
From 543b1cff3c84af062da4d27ba81a9d394f44e4b6 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 11 Feb 2020 14:14:20 +0100
Subject: [PATCH] dhclient-script: ipv6 uses different variables for
nameservers
From 86ce7047b2ade1f18ed50a736f10c343483f1f6c Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Thu, 9 Feb 2023 13:55:47 +0100
Subject: [PATCH] fix(systemd-pcrphase): only include
systemd-pcrphase-initrd.service
new_domain_name_servers and new_domain_search is only provided vit IPv4
The only systemd-pcrphase related unit configured to run in the initrd is
systemd-pcrphase-initrd.service.
Both systemd-pcrphase.service and systemd-pcrphase-sysinit.service contain
`ConditionPathExists=!/etc/initrd-release`.
see: https://src.fedoraproject.org/rpms/dhcp/blob/HEAD/f/dhclient-script#_148
(cherry picked from commit 962310483f473dbc8d71d70ba464d273b9808d31)
(Cherry-picked commit: cd6f683d634970112a29867137431d0d57f8c957)
Resolves: #1795276
Related: RHEL-27944
---
modules.d/35network-legacy/dhclient-script.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
modules.d/01systemd-pcrphase/module-setup.sh | 8 --------
1 file changed, 8 deletions(-)
diff --git a/modules.d/35network-legacy/dhclient-script.sh b/modules.d/35network-legacy/dhclient-script.sh
index fc6ed0a3..f1a60005 100755
--- a/modules.d/35network-legacy/dhclient-script.sh
+++ b/modules.d/35network-legacy/dhclient-script.sh
@@ -75,8 +75,8 @@ setup_interface() {
diff --git a/modules.d/01systemd-pcrphase/module-setup.sh b/modules.d/01systemd-pcrphase/module-setup.sh
index 3dbb4974..fa960a42 100755
--- a/modules.d/01systemd-pcrphase/module-setup.sh
+++ b/modules.d/01systemd-pcrphase/module-setup.sh
@@ -28,10 +28,6 @@ install() {
setup_interface6() {
domain=$new_domain_name
- search=$(printf -- "$new_domain_search")
- namesrv=$new_domain_name_servers
+ search=$(printf -- "$new_dhcp6_domain_search")
+ namesrv=$new_dhcp6_name_servers
hostname=$new_host_name
[ -n "$new_dhcp_lease_time" ] && lease_time=$new_dhcp_lease_time
[ -n "$new_max_life" ] && lease_time=$new_max_life
inst_multiple -o \
"$systemdutildir"/systemd-pcrphase \
- "$systemdsystemunitdir"/systemd-pcrphase.service \
- "$systemdsystemunitdir/systemd-pcrphase.service.d/*.conf" \
- "$systemdsystemunitdir"/systemd-pcrphase-sysinit.service \
- "$systemdsystemunitdir/systemd-pcrphase-sysinit.service/*.conf" \
"$systemdsystemunitdir"/systemd-pcrphase-initrd.service \
"$systemdsystemunitdir/systemd-pcrphase-initrd.service.d/*.conf" \
"$systemdsystemunitdir"/initrd.target.wants/systemd-pcrphase-initrd.service
@@ -39,10 +35,6 @@ install() {
# Install the hosts local user configurations if enabled.
if [[ $hostonly ]]; then
inst_multiple -H -o \
- "$systemdsystemconfdir"/systemd-pcrphase.service \
- "$systemdsystemconfdir/systemd-pcrphase.service.d/*.conf" \
- "$systemdsystemconfdir"/systemd-pcrphase-sysinit.service \
- "$systemdsystemconfdir/systemd-pcrphase-sysinit.service.d/*.conf" \
"$systemdsystemconfdir"/systemd-pcrphase-initrd.service \
"$systemdsystemconfdir/systemd-pcrphase-initrd.service.d/*.conf" \
"$systemdsystemconfdir"/initrd.target.wants/systemd-pcrphase-initrd.service

View File

@ -1,36 +1,37 @@
From 3468310486d0da8d2a6c6bdcddc598b7b8ce5587 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 4 Feb 2020 14:18:01 +0100
Subject: [PATCH] Revert "wait for IPv6 RA if using none/static IPv6
assignment"
From 1a57cf705444d3b6800051eee911d26a5c32d49a Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Thu, 8 Aug 2024 00:55:03 +0200
Subject: [PATCH] fix(nfs): include also entries from /usr/lib/{passwd,group}
This reverts commit c603419030136570b5944dc4620f62d07b9e82bb.
as those paths are used by bootc instead of the /etc ones.
wait_for_ipv6_dad_link is only called from dhclient script,
so the original intent "wait for IPv6 RA if using none/static IPv6 assignment"
does not seem to be correct.
(cherry picked from commit 45cdf3c4f24f77f04b264a7747f115d1031b2e67 from PR#573)
Anyway, this brings an issue on isolated networks, where you don't
have any routes outside. dhclient-script hangs on this check
and after it times out, dhclient is able to set the address normally.
(cherry picked from commit 76f6566fd777e0ee20416061ecb795e8daef33e1)
Resolves: #1795276
Resolves: RHEL-52326
---
modules.d/40network/net-lib.sh | 1 -
1 file changed, 1 deletion(-)
modules.d/95nfs/module-setup.sh | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
index dcb53804..0f3ca6a8 100755
--- a/modules.d/40network/net-lib.sh
+++ b/modules.d/40network/net-lib.sh
@@ -655,7 +655,6 @@ wait_for_ipv6_dad_link() {
while [ $cnt -lt $timeout ]; do
[ -n "$(ip -6 addr show dev "$1" scope link)" ] \
&& [ -z "$(ip -6 addr show dev "$1" scope link tentative)" ] \
- && [ -n "$(ip -6 route list proto ra dev "$1" | grep ^default)" ] \
&& return 0
[ -n "$(ip -6 addr show dev "$1" scope link dadfailed)" ] \
&& return 1
diff --git a/modules.d/95nfs/module-setup.sh b/modules.d/95nfs/module-setup.sh
index 5351c2d5..1d961171 100755
--- a/modules.d/95nfs/module-setup.sh
+++ b/modules.d/95nfs/module-setup.sh
@@ -130,8 +130,16 @@ install() {
# Rather than copy the passwd file in, just set a user for rpcbind
# We'll save the state and restart the daemon from the root anyway
- grep -E '^nfsnobody:|^rpc:|^rpcuser:' "$dracutsysrootdir"/etc/passwd >> "$initdir/etc/passwd"
- grep -E '^nogroup:|^rpc:|^nobody:' "$dracutsysrootdir"/etc/group >> "$initdir/etc/group"
+
+ local _confdir
+ for _confdir in etc usr/lib; do
+
+ grep -sE '^(nfsnobody|_rpc|rpc|rpcuser):' "${dracutsysrootdir}/${_confdir}/passwd" \
+ >> "$initdir/${_confdir}/passwd"
+
+ grep -sE '^(nogroup|rpc|nobody):' "${dracutsysrootdir}/${_confdir}/group" \
+ >> "$initdir/${_confdir}/group"
+ done
# rpc user needs to be able to write to this directory to save the warmstart
# file

View File

@ -1,45 +1,25 @@
From 7b14ab060e50d0035e4c0b1979d49234aa8896b0 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 10 Feb 2020 14:03:30 +0100
Subject: [PATCH] 40network: bump rd.net.timeout.carrier to 10 seconds
From f194130f4f15d2c8159fb8adee76bb53ee5b82f5 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Mon, 18 Jul 2022 11:03:32 +0200
Subject: [PATCH] fix(systemd): set right permissions for the machine-id file
On some devices kernel currently takes 5.2 seconds to detect carrier,
so let's make the default in dracut bit more sensible.
(cherry picked from commit 455dbb585583bd2e1d40ebb61c335a2ad6dff053)
See also https://bugzilla.redhat.com/show_bug.cgi?id=1772010
(cherry picked from commit 579fbb9fc4205dc216b9642238739d898d2ed02d)
Resolves: #1798761
Resolves: RHEL-53114
---
dracut.cmdline.7.asc | 2 +-
modules.d/40network/net-lib.sh | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
modules.d/00systemd/module-setup.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/dracut.cmdline.7.asc b/dracut.cmdline.7.asc
index 3cee5a00..ab9a24ad 100644
--- a/dracut.cmdline.7.asc
+++ b/dracut.cmdline.7.asc
@@ -645,7 +645,7 @@ NFS
Wait <seconds> until IPv6 automatic addresses are assigned. Default is 40 seconds.
diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index 27d2180d..38393855 100755
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -194,6 +194,7 @@ install() {
**rd.net.timeout.carrier=**__<seconds>__::
- Wait <seconds> until carrier is recognized. Default is 5 seconds.
+ Wait <seconds> until carrier is recognized. Default is 10 seconds.
if ! [[ -e "$initdir/etc/machine-id" ]]; then
: > "$initdir/etc/machine-id"
+ chmod 444 "$initdir/etc/machine-id"
fi
CIFS
~~~
diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
index 0f3ca6a8..6babcccf 100755
--- a/modules.d/40network/net-lib.sh
+++ b/modules.d/40network/net-lib.sh
@@ -717,7 +717,7 @@ iface_has_carrier() {
interface="/sys/class/net/$interface"
[ -d "$interface" ] || return 2
local timeout="$(getargs rd.net.timeout.carrier=)"
- timeout=${timeout:-5}
+ timeout=${timeout:-10}
timeout=$(($timeout*10))
linkup "$1"
# install adm user/group for journald

View File

@ -1,37 +1,35 @@
From fa15223b70c04de0fdbd209a4bb1cb74876f7cfb Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Wed, 19 Feb 2020 11:11:32 -0500
Subject: [PATCH] network-legacy/ifup: drop redundant if-statement
From b925190ab3b040c67fb217e0f135c0b92f056402 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Fri, 16 Aug 2024 20:40:15 +0200
Subject: [PATCH] feat(lsinitrd.sh): look for initrd in /usr/lib/modules/
No need to check that `$ret` is 0, we're already running inside an
if-statement block which checks this.
Introduce new path for lsinitrd.sh to look into:
(cherry picked from commit 7795fde44c54bfe753cc07999a4c2f9dd7e2820d)
/usr/lib/modules/$kver/initramfs.img
Resolves: #1807395
Which is valid on all ostree-based systems, and also other image based
systems with pre-generated initramfs.
Ref: https://issues.redhat.com/browse/RHEL-35890
(cherry picked from commit 7c7cdd9317c21b19a0393f5d28d1acb7ee3ff027 from PR#582)
Resolves: RHEL-35890
---
modules.d/35network-legacy/ifup.sh | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
lsinitrd.sh | 2 ++
1 file changed, 2 insertions(+)
diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh
index dd18d70b..eb7d2eb4 100755
--- a/modules.d/35network-legacy/ifup.sh
+++ b/modules.d/35network-legacy/ifup.sh
@@ -457,12 +457,10 @@ for p in $(getargs ip=); do
dhcp|on|any|dhcp6)
;;
*)
- if [ $ret -eq 0 ]; then
- setup_net $netif
- source_hook initqueue/online $netif
- if [ -z "$manualup" ]; then
- /sbin/netroot $netif
- fi
+ setup_net $netif
+ source_hook initqueue/online $netif
+ if [ -z "$manualup" ]; then
+ /sbin/netroot $netif
fi
;;
esac
diff --git a/lsinitrd.sh b/lsinitrd.sh
index 39be169d..d05453ce 100755
--- a/lsinitrd.sh
+++ b/lsinitrd.sh
@@ -133,6 +133,8 @@ else
image="/lib/modules/${KERNEL_VERSION}/initrd"
elif [[ -f /boot/initramfs-${KERNEL_VERSION}.img ]]; then
image="/boot/initramfs-${KERNEL_VERSION}.img"
+ elif [[ -f /usr/lib/modules/${KERNEL_VERSION}/initramfs.img ]]; then
+ image="/usr/lib/modules/${KERNEL_VERSION}/initramfs.img"
elif [[ $MACHINE_ID ]] \
&& mountpoint -q /efi; then
image="/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd"

View File

@ -1,59 +1,42 @@
From d6d50a239eebf9da13a0d7892df00a0e725ef9d6 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Wed, 19 Feb 2020 10:44:24 -0500
Subject: [PATCH] network-legacy/ifup: fix ip=dhcp,dhcp6 setup_net logic
From 097d4bdb20443c1c5a86cc617ac2ab0c24193d75 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Sat, 17 Aug 2024 01:43:50 +0200
Subject: [PATCH] feat(dracut-init.sh): give --force-add precedence over --omit
Previously, we were doing `setup_net` from `ifup` for any setup that
wasn't DHCP, since those are already taken care of by `dhclient-script`.
This gives precedence of force_add_dracutmodules to omit_dracutmodules,
as there is not other way to override omit_dracutmodules list, and users
would expect it to be overriden from command line.
The issue is that the case-statement we use to detect this doesn't catch
options like `ip=dhcp,dhcp6`.
Ref: https://github.com/dracut-ng/dracut-ng/pull/569
Fix this by reworking the logic here to just check if a
`setup_net_$netif.sh` hook exists. If so, then we know that `setup_net`
will be called for this interface later.
This way, `--add` retains it behaviour, and `--force-add` gains additional
functionality in non-hostonly mode. The module may still be skipped
if the module check returns 1, but it should throw error (as I'd expect
for `--force-add`).
This was causing issues in RHCOS which now ships with `ip=dhcp,dhcp6` to
support IPv6 environments[1]. The code here would make us do `setup_net`
pre-emptively which IIUC would then cause the initqueue to finish
earlier even if we had more udev netif events to process.
Ref: https://issues.redhat.com/browse/RHEL-26114
[1] https://github.com/coreos/coreos-assembler/pull/1067
(cherry picked from commit a669346f48cbb3278c51ba5e95b1b91f9bfdee0a)
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1803926
(cherry picked from commit 4985aa8c6e89451996e659a39fec7646e9e25f76)
Cherry-picked from: 4985aa8c6e89451996e659a39fec7646e9e25f76
Resolves: #1807395
Resolves: RHEL-26114
---
modules.d/35network-legacy/ifup.sh | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
dracut-init.sh | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh
index eb7d2eb4..61838741 100755
--- a/modules.d/35network-legacy/ifup.sh
+++ b/modules.d/35network-legacy/ifup.sh
@@ -453,17 +453,16 @@ for p in $(getargs ip=); do
> /tmp/net.$(cat /sys/class/net/${netif}/address).up
fi
diff --git a/dracut-init.sh b/dracut-init.sh
index fe1b1426..27abb07b 100644
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -921,8 +921,10 @@ check_module() {
[[ $2 ]] || mods_checked_as_dep+=" $_mod "
- case $autoconf in
- dhcp|on|any|dhcp6)
- ;;
- *)
+ # and finally, finish interface set up if there isn't already a script
+ # to do so (which is the case in the dhcp path)
+ if [ ! -e $hookdir/initqueue/setup_net_$netif.sh ]; then
setup_net $netif
source_hook initqueue/online $netif
if [ -z "$manualup" ]; then
/sbin/netroot $netif
fi
- ;;
- esac
if [[ " $omit_dracutmodules " == *\ $_mod\ * ]]; then
- ddebug "dracut module '$_mod' will not be installed, because it's in the list to be omitted!"
- return 1
+ if [[ " $force_add_dracutmodules " != *\ $_mod\ * ]]; then
+ ddebug "Module '$_mod' will not be installed, because it's in the list to be omitted!"
+ return 1
+ fi
+
exit $ret
fi
done
if [[ " $dracutmodules $add_dracutmodules $force_add_dracutmodules" == *\ $_mod\ * ]]; then

View File

@ -1,38 +0,0 @@
From 07e7e84ebea1d76aeaa77d097b34503ec3c8f2e1 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Wed, 30 Oct 2019 19:25:51 +0100
Subject: [PATCH] network-manager: fix getting of ifname from the sysfs path
commit 5e0f8c8a4ced ('network-manager: remove useless use of basename')
somewhat carelessly didn't take into account that $_i has a slash at
the end which made the result of the ## substitution be just an empty
string.
The slash was put to the end of /sys/class/net/*/ to make sure we're only
iterating directories, but it's not strictly necessary. In an unlikely case
something else than a directory appears in /sys/class/net/, we'll already deal
with it gracefully. Remove it.
This fixes the TEST-30-ISCSI test.
(cherry picked from commit 687e17aa7f2f40d21717be9a04302c749e139d4a)
Resolves: #1826061
---
modules.d/35network-manager/nm-run.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh
index a539d5b2..b33e0992 100755
--- a/modules.d/35network-manager/nm-run.sh
+++ b/modules.d/35network-manager/nm-run.sh
@@ -6,7 +6,7 @@ else
/usr/sbin/NetworkManager --configure-and-quit=initrd --no-daemon
fi
-for _i in /sys/class/net/*/
+for _i in /sys/class/net/*
do
state=/run/NetworkManager/devices/$(cat $_i/ifindex)
grep -q connection-uuid= $state 2>/dev/null || continue

View File

@ -1,47 +0,0 @@
From 02c096d138cc8c788daf5fae75408059cbc7e283 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 2 Dec 2019 02:19:51 +0100
Subject: [PATCH] network-manager: don't run NetworkManager when there are no
connections
NetworkManager would unnecessarily bring up the devices, colliding with
further attempts to rename the devices.
This is arguably a NetworkManager bug and should eventually be fixed there.
Running NetworkManager without the connection is unnecessary regardless.
(cherry picked from commit 5965710e018989b02a56e8d190b71740ca3b5463)
Resolves: #1826061
---
modules.d/35network-manager/nm-run.sh | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh
index b33e0992..4079b735 100755
--- a/modules.d/35network-manager/nm-run.sh
+++ b/modules.d/35network-manager/nm-run.sh
@@ -1,10 +1,17 @@
#!/bin/sh
-if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then
- /usr/sbin/NetworkManager --configure-and-quit=initrd --debug --log-level=trace
-else
- /usr/sbin/NetworkManager --configure-and-quit=initrd --no-daemon
-fi
+for i in /usr/lib/NetworkManager/system-connections/* \
+ /run/NetworkManager/system-connections/* \
+ /etc/NetworkManager/system-connections/* \
+ /etc/sysconfig/network-scripts/ifcfg-*; do
+ [ -f "$i" ] || continue
+ if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then
+ /usr/sbin/NetworkManager --configure-and-quit=initrd --debug --log-level=trace
+ else
+ /usr/sbin/NetworkManager --configure-and-quit=initrd --no-daemon
+ fi
+ break
+done
for _i in /sys/class/net/*
do

View File

@ -1,49 +0,0 @@
From b692dbc7f2c6a3fb4fa587d9d63b80e4626dafae Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 11 Mar 2020 09:40:50 +0100
Subject: [PATCH] network-manager: ensure that nm-run.sh is executed when
needed
The network-manager command line hook must install a
initqueue/finished hook to ensure that nm-run.sh is executed when
there are network connections to activate.
Fixes: #694
(cherry picked from commit 3dcaa97ca4dcfa8092252a22df62c60941e59ce3)
Resolves: #1826061
---
modules.d/35network-manager/nm-config.sh | 11 +++++++++++
modules.d/35network-manager/nm-run.sh | 2 ++
2 files changed, 13 insertions(+)
diff --git a/modules.d/35network-manager/nm-config.sh b/modules.d/35network-manager/nm-config.sh
index 1efa737c..39a1c8bd 100755
--- a/modules.d/35network-manager/nm-config.sh
+++ b/modules.d/35network-manager/nm-config.sh
@@ -5,3 +5,14 @@ if [ -n "$netroot" ] || [ -e /tmp/net.ifaces ]; then
fi
/usr/libexec/nm-initrd-generator -- $(getcmdline)
+
+if getargbool 0 rd.neednet; then
+ for i in /usr/lib/NetworkManager/system-connections/* \
+ /run/NetworkManager/system-connections/* \
+ /etc/NetworkManager/system-connections/* \
+ /etc/sysconfig/network-scripts/ifcfg-*; do
+ [ -f "$i" ] || continue
+ echo '[ -f /tmp/nm.done ]' >$hookdir/initqueue/finished/nm.sh
+ break
+ done
+fi
diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh
index 4079b735..fc5280a1 100755
--- a/modules.d/35network-manager/nm-run.sh
+++ b/modules.d/35network-manager/nm-run.sh
@@ -22,3 +22,5 @@ do
source_hook initqueue/online $ifname
/sbin/netroot $ifname
done
+
+> /tmp/nm.done

View File

@ -1,32 +0,0 @@
From 1ade0d247fda747ed33632a7746f9278b74feaa8 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 23 Mar 2020 22:57:35 +0100
Subject: [PATCH] network-manager: install libnss DNS and mDNS plugins
Install libnss_dns.so and libnss_mdns4_minimal.so plugins for the Name
Service Switch (NSS) functionality of glibc so that name resolution
through /etc/resolv.conf and mDNS works in the initrd.
Fixes: #772
Cherry-picked from: 87bffc36e72c121024df033e1a78799456c73523
Resolves: #1826061
---
modules.d/35network-manager/module-setup.sh | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/modules.d/35network-manager/module-setup.sh b/modules.d/35network-manager/module-setup.sh
index d6d0f9ce..8fc3114d 100755
--- a/modules.d/35network-manager/module-setup.sh
+++ b/modules.d/35network-manager/module-setup.sh
@@ -51,4 +51,9 @@ install() {
if ! [[ -d "$initdir/etc/sysconfig/network-scripts" ]]; then
inst_libdir_file "NetworkManager/$_nm_version/libnm-settings-plugin-ifcfg-rh.so"
fi
+
+ _arch=${DRACUT_ARCH:-$(uname -m)}
+
+ inst_libdir_file {"tls/$_arch/",tls/,"$_arch/",}"libnss_dns.so.*" \
+ {"tls/$_arch/",tls/,"$_arch/",}"libnss_mdns4_minimal.so.*"
}

View File

@ -1,33 +0,0 @@
From 0945c8070e436eef908a1f88c946df6c27d3bc41 Mon Sep 17 00:00:00 2001
From: Peter Georg <peter.georg@physik.uni-regensburg.de>
Date: Tue, 21 Apr 2020 21:34:38 +0200
Subject: [PATCH] Always pull in machinery to read ifcfg files
So far machinery is only pulled in if the user has not yet included any
ifcfg files.
(cherry picked from commit faea4e4ddb10f697590b80f8f17181341c537262)
Resolves: #1826061
---
modules.d/35network-manager/module-setup.sh | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/modules.d/35network-manager/module-setup.sh b/modules.d/35network-manager/module-setup.sh
index 8fc3114d..ad2a1534 100755
--- a/modules.d/35network-manager/module-setup.sh
+++ b/modules.d/35network-manager/module-setup.sh
@@ -47,10 +47,8 @@ install() {
fi
# We don't install the ifcfg files from the host automatically.
- # But if the user chooses to include them, we pull in the machinery to read them.
- if ! [[ -d "$initdir/etc/sysconfig/network-scripts" ]]; then
- inst_libdir_file "NetworkManager/$_nm_version/libnm-settings-plugin-ifcfg-rh.so"
- fi
+ # But the user might choose to include them, so we pull in the machinery to read them.
+ inst_libdir_file "NetworkManager/$_nm_version/libnm-settings-plugin-ifcfg-rh.so"
_arch=${DRACUT_ARCH:-$(uname -m)}

View File

@ -1,426 +0,0 @@
From cf74193cc37f2ace1197b1e6ebacc6fe542767c8 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 8 Apr 2020 16:39:52 +0800
Subject: [PATCH] Remove memtrace-ko and rd.memdebug=4 support in dracut
This feature could be off loaded to memstrack, which have better
accurecy, better performance, and have more detailed tracing features.
Also simplify make_trace_mem a bit.
And currently rd.memdebug=4 is unstable, fails from time to time.
(cherry picked from commit 49c4172f4eef6e2015615e132b199a7ec0699ffc)
Resolves: #1829528
---
dracut.cmdline.7.asc | 4 +-
modules.d/98dracut-systemd/dracut-cmdline.sh | 2 +-
modules.d/98dracut-systemd/dracut-pre-mount.sh | 2 +-
modules.d/98dracut-systemd/dracut-pre-pivot.sh | 2 +-
modules.d/98dracut-systemd/dracut-pre-trigger.sh | 2 +-
modules.d/99base/dracut-lib.sh | 44 +-----
modules.d/99base/init.sh | 8 +-
modules.d/99base/memtrace-ko.sh | 191 -----------------------
modules.d/99base/module-setup.sh | 1 -
9 files changed, 18 insertions(+), 238 deletions(-)
diff --git a/dracut.cmdline.7.asc b/dracut.cmdline.7.asc
index ab9a24ad..0dc58d1a 100644
--- a/dracut.cmdline.7.asc
+++ b/dracut.cmdline.7.asc
@@ -187,9 +187,9 @@ It should be attached to any report about dracut problems.
_/run/initramfs/init.log_.
If "quiet" is set, it also logs to the console.
-**rd.memdebug=[0-4]**::
+**rd.memdebug=[0-3]**::
Print memory usage info at various points, set the verbose level from 0 to 4.
-+
++
Higher level means more debugging output:
+
----
diff --git a/modules.d/98dracut-systemd/dracut-cmdline.sh b/modules.d/98dracut-systemd/dracut-cmdline.sh
index bff9435a..6c6ee026 100755
--- a/modules.d/98dracut-systemd/dracut-cmdline.sh
+++ b/modules.d/98dracut-systemd/dracut-cmdline.sh
@@ -42,7 +42,7 @@ export root
export rflags
export fstype
-make_trace_mem "hook cmdline" '1+:mem' '1+:iomem' '3+:slab' '4+:komem'
+make_trace_mem "hook cmdline" '1+:mem' '1+:iomem' '3+:slab'
# run scriptlets to parse the command line
getarg 'rd.break=cmdline' -d 'rdbreak=cmdline' && emergency_shell -n cmdline "Break before cmdline"
source_hook cmdline
diff --git a/modules.d/98dracut-systemd/dracut-pre-mount.sh b/modules.d/98dracut-systemd/dracut-pre-mount.sh
index a3b9d291..ae511286 100755
--- a/modules.d/98dracut-systemd/dracut-pre-mount.sh
+++ b/modules.d/98dracut-systemd/dracut-pre-mount.sh
@@ -8,7 +8,7 @@ type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh
source_conf /etc/conf.d
-make_trace_mem "hook pre-mount" '1:shortmem' '2+:mem' '3+:slab' '4+:komem'
+make_trace_mem "hook pre-mount" '1:shortmem' '2+:mem' '3+:slab'
# pre pivot scripts are sourced just before we doing cleanup and switch over
# to the new root.
getarg 'rd.break=pre-mount' 'rdbreak=pre-mount' && emergency_shell -n pre-mount "Break pre-mount"
diff --git a/modules.d/98dracut-systemd/dracut-pre-pivot.sh b/modules.d/98dracut-systemd/dracut-pre-pivot.sh
index dc9a2504..96e6f8ca 100755
--- a/modules.d/98dracut-systemd/dracut-pre-pivot.sh
+++ b/modules.d/98dracut-systemd/dracut-pre-pivot.sh
@@ -8,7 +8,7 @@ type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh
source_conf /etc/conf.d
-make_trace_mem "hook pre-pivot" '1:shortmem' '2+:mem' '3+:slab' '4+:komem'
+make_trace_mem "hook pre-pivot" '1:shortmem' '2+:mem' '3+:slab'
# pre pivot scripts are sourced just before we doing cleanup and switch over
# to the new root.
getarg 'rd.break=pre-pivot' 'rdbreak=pre-pivot' && emergency_shell -n pre-pivot "Break pre-pivot"
diff --git a/modules.d/98dracut-systemd/dracut-pre-trigger.sh b/modules.d/98dracut-systemd/dracut-pre-trigger.sh
index 7cd821ed..a1a33960 100755
--- a/modules.d/98dracut-systemd/dracut-pre-trigger.sh
+++ b/modules.d/98dracut-systemd/dracut-pre-trigger.sh
@@ -8,7 +8,7 @@ type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh
source_conf /etc/conf.d
-make_trace_mem "hook pre-trigger" '1:shortmem' '2+:mem' '3+:slab' '4+:komem'
+make_trace_mem "hook pre-trigger" '1:shortmem' '2+:mem' '3+:slab'
source_hook pre-trigger
diff --git a/modules.d/99base/dracut-lib.sh b/modules.d/99base/dracut-lib.sh
index f71e757c..502c7568 100755
--- a/modules.d/99base/dracut-lib.sh
+++ b/modules.d/99base/dracut-lib.sh
@@ -1220,50 +1220,25 @@ are_lists_eq() {
setmemdebug() {
if [ -z "$DEBUG_MEM_LEVEL" ]; then
- export DEBUG_MEM_LEVEL=$(getargnum 0 0 4 rd.memdebug)
+ export DEBUG_MEM_LEVEL=$(getargnum 0 0 3 rd.memdebug)
fi
}
setmemdebug
-cleanup_trace_mem()
-{
- # tracekomem based on kernel trace needs cleanup after use.
- if [ "$DEBUG_MEM_LEVEL" -eq 4 ]; then
- tracekomem --cleanup
- fi
-}
-
-# parameters: msg [trace_level:trace]...
-make_trace_mem()
-{
- local msg
- msg="$1"
- shift
- if [ -n "$DEBUG_MEM_LEVEL" ] && [ "$DEBUG_MEM_LEVEL" -gt 0 ]; then
- make_trace show_memstats $DEBUG_MEM_LEVEL "[debug_mem]" "$msg" "$@" >&2
- fi
-}
-
# parameters: func log_level prefix msg [trace_level:trace]...
-make_trace()
+make_trace_mem()
{
- local func log_level prefix msg msg_printed
+ local log_level prefix msg msg_printed
local trace trace_level trace_in_higher_levels insert_trace
- func=$1
- shift
-
- log_level=$1
- shift
-
- prefix=$1
- shift
-
msg=$1
shift
- if [ -z "$log_level" ]; then
+ prefix='[debug_mem]'
+ log_level=$DEBUG_MEM_LEVEL
+
+ if [ -z "$log_level" ] || [ "$log_level" -le 0 ]; then
return
fi
@@ -1296,7 +1271,7 @@ make_trace()
echo "$prefix $msg"
msg_printed=1
fi
- $func $trace
+ show_memstats $trace
fi
shift
done
@@ -1318,9 +1293,6 @@ show_memstats()
iomem)
cat /proc/iomem
;;
- komem)
- tracekomem
- ;;
esac
}
diff --git a/modules.d/99base/init.sh b/modules.d/99base/init.sh
index e4f7cff1..2c0ccd66 100755
--- a/modules.d/99base/init.sh
+++ b/modules.d/99base/init.sh
@@ -131,7 +131,7 @@ if ! getargbool 1 'rd.hostonly'; then
fi
# run scriptlets to parse the command line
-make_trace_mem "hook cmdline" '1+:mem' '1+:iomem' '3+:slab' '4+:komem'
+make_trace_mem "hook cmdline" '1+:mem' '1+:iomem' '3+:slab'
getarg 'rd.break=cmdline' -d 'rdbreak=cmdline' && emergency_shell -n cmdline "Break before cmdline"
source_hook cmdline
@@ -160,7 +160,7 @@ fi
udevproperty "hookdir=$hookdir"
-make_trace_mem "hook pre-trigger" '1:shortmem' '2+:mem' '3+:slab' '4+:komem'
+make_trace_mem "hook pre-trigger" '1:shortmem' '2+:mem' '3+:slab'
getarg 'rd.break=pre-trigger' -d 'rdbreak=pre-trigger' && emergency_shell -n pre-trigger "Break before pre-trigger"
source_hook pre-trigger
@@ -230,7 +230,7 @@ unset RDRETRY
# pre-mount happens before we try to mount the root filesystem,
# and happens once.
-make_trace_mem "hook pre-mount" '1:shortmem' '2+:mem' '3+:slab' '4+:komem'
+make_trace_mem "hook pre-mount" '1:shortmem' '2+:mem' '3+:slab'
getarg 'rd.break=pre-mount' -d 'rdbreak=pre-mount' && emergency_shell -n pre-mount "Break pre-mount"
source_hook pre-mount
@@ -266,7 +266,7 @@ done
# pre pivot scripts are sourced just before we doing cleanup and switch over
# to the new root.
-make_trace_mem "hook pre-pivot" '1:shortmem' '2+:mem' '3+:slab' '4+:komem'
+make_trace_mem "hook pre-pivot" '1:shortmem' '2+:mem' '3+:slab'
getarg 'rd.break=pre-pivot' -d 'rdbreak=pre-pivot' && emergency_shell -n pre-pivot "Break pre-pivot"
source_hook pre-pivot
diff --git a/modules.d/99base/memtrace-ko.sh b/modules.d/99base/memtrace-ko.sh
deleted file mode 100755
index ee035e15..00000000
--- a/modules.d/99base/memtrace-ko.sh
+++ /dev/null
@@ -1,191 +0,0 @@
-#!/bin/sh
-
-# Try to find out kernel modules with large total memory allocation during loading.
-# For large slab allocation, it will fall into buddy, also not trace "mm_page_free"
-# considering large free is quite rare for module_init, thus saving tons of events
-# to avoid trace data overwritten.
-#
-# Therefore, tracing "mm_page_alloc"alone should be enough for the purpose.
-
-# "sys/kernel/tracing" has the priority if exists.
-get_trace_base() {
- # trace access through debugfs would be obsolete if "/sys/kernel/tracing" is available.
- if [ -d "/sys/kernel/tracing" ]; then
- echo "/sys/kernel"
- else
- echo "/sys/kernel/debug"
- fi
-}
-
-# We want to enable these trace events.
-get_want_events() {
- echo "module:module_put module:module_load kmem:mm_page_alloc"
-}
-
-get_event_filter() {
- echo "comm == systemd-udevd || comm == modprobe || comm == insmod"
-}
-
-is_trace_ready() {
- local trace_base want_events current_events
-
- trace_base=$(get_trace_base)
- ! [ -f "$trace_base/tracing/trace" ] && return 1
-
- [ "$(cat $trace_base/tracing/tracing_on)" -eq 0 ] && return 1
-
- # Also check if trace events were properly setup.
- want_events=$(get_want_events)
- current_events=$(echo $(cat $trace_base/tracing/set_event))
- [ "$current_events" != "$want_events" ] && return 1
-
- return 0
-}
-
-prepare_trace() {
- local trace_base
-
- trace_base=$(get_trace_base)
- # old debugfs interface case.
- if ! [ -d "$trace_base/tracing" ]; then
- mount none -t debugfs $trace_base
- # new tracefs interface case.
- elif ! [ -f "$trace_base/tracing/trace" ]; then
- mount none -t tracefs "$trace_base/tracing"
- fi
-
- if ! [ -f "$trace_base/tracing/trace" ]; then
- echo "WARN: Mount trace failed for kernel module memory analyzing."
- return 1
- fi
-
- # Active all the wanted trace events.
- echo "$(get_want_events)" > $trace_base/tracing/set_event
-
- # There are three kinds of known applications for module loading:
- # "systemd-udevd", "modprobe" and "insmod".
- # Set them as the global events filter.
- # NOTE: Some kernel may not support this format of filter, anyway
- # the operation will fail and it doesn't matter.
- echo "$(get_event_filter)" > $trace_base/tracing/events/kmem/filter 2>&1
- echo "$(get_event_filter)" > $trace_base/tracing/events/module/filter 2>&1
-
- # Set the number of comm-pid if supported.
- if [ -f "$trace_base/tracing/saved_cmdlines_size" ]; then
- # Thanks to filters, 4096 is big enough(also well supported).
- echo 4096 > $trace_base/tracing/saved_cmdlines_size
- fi
-
- # Enable and clear trace data for the first time.
- echo 1 > $trace_base/tracing/tracing_on
- echo > $trace_base/tracing/trace
- echo "Prepare trace success."
- return 0
-}
-
-order_to_pages()
-{
- local pages=1
- local order=$1
-
- while [ "$order" != 0 ]; do
- order=$((order-1))
- pages=$(($pages*2))
- done
-
- echo $pages
-}
-
-parse_trace_data() {
- local module_name tmp_eval pages
-
- cat "$(get_trace_base)/tracing/trace" | while read pid cpu flags ts function args
- do
- # Skip comment lines
- if [ "$pid" = "#" ]; then
- continue
- fi
-
- pid=${pid##*-}
- function=${function%:}
- if [ "$function" = "module_load" ]; then
- # One module is being loaded, save the task pid for tracking.
- # Remove the trailing after whitespace, there may be the module flags.
- module_name=${args%% *}
- # Mark current_module to track the task.
- eval current_module_$pid="$module_name"
- tmp_eval=$(eval echo '${module_loaded_'${module_name}'}')
- if [ -n "$tmp_eval" ]; then
- echo "WARN: \"$module_name\" was loaded multiple times!"
- fi
- eval unset module_loaded_$module_name
- eval nr_alloc_pages_$module_name=0
- continue
- fi
-
- module_name=$(eval echo '${current_module_'${pid}'}')
- if [ -z "$module_name" ]; then
- continue
- fi
-
- # Once we get here, the task is being tracked(is loading a module).
- if [ "$function" = "module_put" ]; then
- # Mark the module as loaded when the first module_put event happens after module_load.
- tmp_eval=$(eval echo '${nr_alloc_pages_'${module_name}'}')
- echo "$tmp_eval pages consumed by \"$module_name\""
- eval module_loaded_$module_name=1
- # Module loading finished, so untrack the task.
- eval unset current_module_$pid
- eval unset nr_alloc_pages_$module_name
- continue
- fi
-
- if [ "$function" = "mm_page_alloc" ]; then
- # Get order first, then convert to actual pages.
- pages=$(echo $args | sed -e 's/.*order=\([0-9]*\) .*/\1/')
- pages=$(order_to_pages "$pages")
- tmp_eval=$(eval echo '${nr_alloc_pages_'${module_name}'}')
- eval nr_alloc_pages_$module_name="$(($tmp_eval+$pages))"
- fi
- done
-}
-
-cleanup_trace() {
- local trace_base
-
- if is_trace_ready; then
- trace_base=$(get_trace_base)
- echo 0 > $trace_base/tracing/tracing_on
- echo > $trace_base/tracing/trace
- echo > $trace_base/tracing/set_event
- echo 0 > $trace_base/tracing/events/kmem/filter
- echo 0 > $trace_base/tracing/events/module/filter
- fi
-}
-
-show_usage() {
- echo "Find out kernel modules with large memory consumption during loading based on trace."
- echo "Usage:"
- echo "1) run it first to setup trace."
- echo "2) run again to parse the trace data if any."
- echo "3) run with \"--cleanup\" option to cleanup trace after use."
-}
-
-if [ "$1" = "--help" ]; then
- show_usage
- exit 0
-fi
-
-if [ "$1" = "--cleanup" ]; then
- cleanup_trace
- exit 0
-fi
-
-if is_trace_ready ; then
- echo "tracekomem - Rough memory consumption by loading kernel modules (larger value with better accuracy)"
- parse_trace_data
-else
- prepare_trace
-fi
-
-exit $?
diff --git a/modules.d/99base/module-setup.sh b/modules.d/99base/module-setup.sh
index c9ead01d..3578643c 100755
--- a/modules.d/99base/module-setup.sh
+++ b/modules.d/99base/module-setup.sh
@@ -35,7 +35,6 @@ install() {
inst_script "$moddir/initqueue.sh" "/sbin/initqueue"
inst_script "$moddir/loginit.sh" "/sbin/loginit"
inst_script "$moddir/rdsosreport.sh" "/sbin/rdsosreport"
- inst_script "$moddir/memtrace-ko.sh" "/sbin/tracekomem"
[ -e "${initdir}/lib" ] || mkdir -m 0755 -p ${initdir}/lib
mkdir -m 0755 -p ${initdir}/lib/dracut

View File

@ -1,320 +0,0 @@
From adacd8101e7558930e4499c21006eaa14629c234 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 8 Apr 2020 20:09:38 +0800
Subject: [PATCH] Add 99memstrack module
memstrack is a new tool to track the overall memory usage and
allocation, which can help off load the improve the builtin module
memory tracing function in dracut.
With this change, the rd.memdebug=4 behavior is similiar with before,
but the report is defered to pre-pivot, so the memory usage info
during the whole initramfs run is traced. And the ourput format is
changed a bit:
dracut-pre-pivot[519]: ======== Report format module_summary: ========
dracut-pre-pivot[519]: Module squashfs using 10.4MB (2658 pages), peak allocation 10.4MB (2671 pages)
dracut-pre-pivot[519]: Module qxl using 3.4MB (865 pages), peak allocation 3.4MB (880 pages)
dracut-pre-pivot[519]: Module crc32c_intel using 2.0MB (519 pages), peak allocation 3.0MB (769 pages)
dracut-pre-pivot[519]: Module serio_raw using 2.0MB (505 pages), peak allocation 3.6MB (918 pages)
dracut-pre-pivot[519]: Module virtio_console using 1.6MB (416 pages), peak allocation 1.6MB (419 pages)
... snip ...
dracut-pre-pivot[519]: ======== Report format module_summary END ========
It now contains more detail and also includes the peak usage which could
be more helpful.
And now it have a rd.memdebug=5, which will print more detail about
the stack trace of the top memory user, also printed on pri-pivot:
dracut-pre-pivot[519]: ======== Report format module_top: ========
dracut-pre-pivot[519]: Top stack usage of module squashfs:
dracut-pre-pivot[519]: (null) Pages: 2658 (peak: 2671)
dracut-pre-pivot[519]: (null) Pages: 2658 (peak: 2671)
dracut-pre-pivot[519]: async_page_fault (0xffffffff81a01149) Pages: 1448 (peak: 1461)
dracut-pre-pivot[519]: do_async_page_fault (0xffffffff8105c509) Pages: 1448 (peak: 1461)
dracut-pre-pivot[519]: do_page_fault (0xffffffff8106296a) Pages: 1448 (peak: 1461)
dracut-pre-pivot[519]: do_user_addr_fault (0xffffffff810626bd) Pages: 1448 (peak: 1461)
dracut-pre-pivot[519]: handle_mm_fault (0xffffffff812940c4) Pages: 1448 (peak: 1461)
dracut-pre-pivot[519]: __handle_mm_fault (0xffffffff81293627) Pages: 1195 (peak: 1208)
dracut-pre-pivot[519]: __do_fault (0xffffffff8128b07e) Pages: 1195 (peak: 1208)
dracut-pre-pivot[519]: filemap_fault (0xffffffff8124c0b9) Pages: 1195 (peak: 1208)
dracut-pre-pivot[519]: __do_page_cache_readahead (0xffffffff812585da) Pages: 1063 (peak: 1076)
dracut-pre-pivot[519]: read_pages (0xffffffff812583c2) Pages: 1063 (peak: 1076)
dracut-pre-pivot[519]: squashfs_readpage squashfs (0xffffffffc0022073) Pages: 1039 (peak: 1052)
dracut-pre-pivot[519]: squashfs_readpage_block squashfs (0xffffffffc0024334) Pages: 744 (peak: 744)
dracut-pre-pivot[519]: squashfs_copy_cache squashfs (0xffffffffc0021a3f) Pages: 744 (peak: 744)
dracut-pre-pivot[519]: pagecache_get_page (0xffffffff8124abf7) Pages: 744 (peak: 744)
dracut-pre-pivot[519]: __page_cache_alloc (0xffffffff81247df6) Pages: 744 (peak: 744)
dracut-pre-pivot[519]: alloc_pages_current (0xffffffff812cdca7) Pages: 744 (peak: 744)
dracut-pre-pivot[519]: __alloc_pages_nodemask (0xffffffff812b3107) Pages: 744 (peak: 744)
dracut-pre-pivot[519]: __alloc_pages_nodemask (0xffffffff812b3107) Pages: 1488 (peak: 1488)
dracut-pre-pivot[519]: Top stack usage of module qxl:
dracut-pre-pivot[519]: (null) Pages: 865 (peak: 880)
dracut-pre-pivot[519]: entry_SYSCALL_64_after_hwframe (0xffffffff81a0008c) Pages: 855 (peak: 858)
dracut-pre-pivot[519]: do_syscall_64 (0xffffffff81002a5a) Pages: 855 (peak: 858)
dracut-pre-pivot[519]: __x64_sys_finit_module (0xffffffff8117ccea) Pages: 811 (peak: 811)
dracut-pre-pivot[519]: __do_sys_finit_module (0xffffffff8117cc6e) Pages: 811 (peak: 811)
dracut-pre-pivot[519]: load_module (0xffffffff8117c6be) Pages: 802 (peak: 802)
dracut-pre-pivot[519]: do_init_module (0xffffffff81179e72) Pages: 802 (peak: 802)
dracut-pre-pivot[519]: do_one_initcall (0xffffffff81000d5a) Pages: 802 (peak: 802)
dracut-pre-pivot[519]: serio_raw_poll serio_raw (0xffffffffc0200054) Pages: 802 (peak: 802)
dracut-pre-pivot[519]: __pci_register_driver (0xffffffff81557804) Pages: 802 (peak: 802)
dracut-pre-pivot[519]: driver_register (0xffffffff8167ed24) Pages: 802 (peak: 802)
dracut-pre-pivot[519]: bus_add_driver (0xffffffff8167cbb2) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: driver_attach (0xffffffff8167d28e) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: bus_for_each_dev (0xffffffff8167b62c) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: __driver_attach (0xffffffff8167e18f) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: device_driver_attach (0xffffffff8167e0ed) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: driver_probe_device (0xffffffff8167de6c) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: really_probe (0xffffffff8167d9c9) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: pci_device_probe (0xffffffff81559627) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: local_pci_probe (0xffffffff81557f98) Pages: 801 (peak: 801)
dracut-pre-pivot[519]: qxl_pci_probe qxl (0xffffffffc01f0387) Pages: 773 (peak: 773)
dracut-pre-pivot[519]: drm_fbdev_generic_setup drm_kms_helper (0xffffffffc01b30c5) Pages: 773 (peak: 773)
dracut-pre-pivot[519]: drm_fbdev_client_hotplug drm_kms_helper (0xffffffffc01b2656) Pages: 773 (peak: 773)
dracut-pre-pivot[519]: __drm_fb_helper_initial_config_and_unlock drm_kms_helper (0xffffffffc01b1a28) Pages: 770 (peak: 770)
dracut-pre-pivot[519]: drm_fb_helper_generic_probe drm_kms_helper (0xffffffffc01b2fa5) Pages: 770 (peak: 770)
dracut-pre-pivot[519]: vzalloc (0xffffffff812aa39c) Pages: 770 (peak: 770)
dracut-pre-pivot[519]: __vmalloc_node_range (0xffffffff812aa200) Pages: 768 (peak: 768)
... snip ...
======== Report format module_top END ========
This could be very helpful for debuging memory usage issues.
(cherry picked from commit 7dd8a2f4d351ce8975c0af122732a2a12697c8cc)
Resolves: #1829528
---
dracut.cmdline.7.asc | 16 +++++---
dracut.spec | 2 +
modules.d/99base/dracut-lib.sh | 2 +-
modules.d/99memstrack/memstrack-report.sh | 23 +++++++++++
modules.d/99memstrack/memstrack-start.sh | 68 +++++++++++++++++++++++++++++++
modules.d/99memstrack/memstrack.service | 13 ++++++
modules.d/99memstrack/module-setup.sh | 27 ++++++++++++
7 files changed, 144 insertions(+), 7 deletions(-)
diff --git a/dracut.cmdline.7.asc b/dracut.cmdline.7.asc
index 0dc58d1a..7f31fbae 100644
--- a/dracut.cmdline.7.asc
+++ b/dracut.cmdline.7.asc
@@ -187,8 +187,8 @@ It should be attached to any report about dracut problems.
_/run/initramfs/init.log_.
If "quiet" is set, it also logs to the console.
-**rd.memdebug=[0-3]**::
- Print memory usage info at various points, set the verbose level from 0 to 4.
+**rd.memdebug=[0-5]**::
+ Print memory usage info at various points, set the verbose level from 0 to 5.
+
Higher level means more debugging output:
+
@@ -197,10 +197,14 @@ It should be attached to any report about dracut problems.
1 - partial /proc/meminfo
2 - /proc/meminfo
3 - /proc/meminfo + /proc/slabinfo
- 4 - /proc/meminfo + /proc/slabinfo + tracekomem
- NOTE: tracekomem is a shell script utilizing kernel trace to track
- the rough total memory consumption of kernel modules during
- loading. It may override other trace configurations.
+ 4 - /proc/meminfo + /proc/slabinfo + memstrack summary
+ NOTE: memstrack is a memory tracing tool that tracks the total memory
+ consumption, and peak memory consumption of each kernel modules
+ and userspace progress during the whole initramfs runtime, report
+ is genereted and the end of initramsfs run.
+ 5 - /proc/meminfo + /proc/slabinfo + memstrack (with top memory stacktrace)
+ NOTE: memstrack (with top memory stacktrace) will print top memory
+ allocation stack traces during the whole initramfs runtime.
----
**rd.break**::
diff --git a/dracut.spec b/dracut.spec
index 0f7eb4bf..c82c24f6 100644
--- a/dracut.spec
+++ b/dracut.spec
@@ -84,6 +84,7 @@ Requires: xz
Requires: gzip
%if 0%{?fedora} || 0%{?rhel}
+Recommends: memstrack
Recommends: hardlink
Recommends: pigz
Recommends: kpartx
@@ -399,6 +400,7 @@ install -m 0755 51-dracut-rescue-postinst.sh $RPM_BUILD_ROOT%{_sysconfdir}/kerne
%{dracutlibdir}/modules.d/98syslog
%{dracutlibdir}/modules.d/98usrmount
%{dracutlibdir}/modules.d/99base
+%{dracutlibdir}/modules.d/99memstrack
%{dracutlibdir}/modules.d/99fs-lib
%{dracutlibdir}/modules.d/99shutdown
%attr(0644,root,root) %ghost %config(missingok,noreplace) %{_localstatedir}/log/dracut.log
diff --git a/modules.d/99base/dracut-lib.sh b/modules.d/99base/dracut-lib.sh
index 502c7568..56dd63ef 100755
--- a/modules.d/99base/dracut-lib.sh
+++ b/modules.d/99base/dracut-lib.sh
@@ -1220,7 +1220,7 @@ are_lists_eq() {
setmemdebug() {
if [ -z "$DEBUG_MEM_LEVEL" ]; then
- export DEBUG_MEM_LEVEL=$(getargnum 0 0 3 rd.memdebug)
+ export DEBUG_MEM_LEVEL=$(getargnum 0 0 5 rd.memdebug)
fi
}
diff --git a/modules.d/99memstrack/memstrack-report.sh b/modules.d/99memstrack/memstrack-report.sh
new file mode 100755
index 00000000..241e8621
--- /dev/null
+++ b/modules.d/99memstrack/memstrack-report.sh
@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+. /lib/dracut-lib.sh
+
+if ! [ "$DEBUG_MEM_LEVEL" -ge 4 ]; then
+ exit 0
+fi
+
+if type -P systemctl >/dev/null; then
+ systemctl stop memstrack.service
+else
+ get_pid_of_tracer () {
+ local _user _pid _rest
+ read _user _pid _rest <<< $(ps aux | grep [m]emstrack | head -1)
+ echo $_pid
+ }
+
+ kill -s INT $(get_pid_of_tracer)
+ while [[ -n $(get_pid_of_tracer) ]]; do
+ sleep 1
+ done
+fi
+
+cat /.memstrack
diff --git a/modules.d/99memstrack/memstrack-start.sh b/modules.d/99memstrack/memstrack-start.sh
new file mode 100755
index 00000000..5aa73efe
--- /dev/null
+++ b/modules.d/99memstrack/memstrack-start.sh
@@ -0,0 +1,68 @@
+#!/bin/sh
+# Mount kernel debug fs so debug tools can work.
+# memdebug=4 and memdebug=5 requires debug fs to be mounted.
+# And there is no need to umount it.
+
+type getargnum >/dev/null 2>&1 || . /lib/dracut-lib.sh
+
+# "sys/kernel/tracing" has the priority if exists.
+get_trace_base() {
+ # trace access through debugfs would be obsolete if "/sys/kernel/tracing" is available.
+ if [ -d "/sys/kernel/tracing" ]; then
+ echo "/sys/kernel"
+ else
+ echo "/sys/kernel/debug"
+ fi
+}
+
+is_debugfs_ready() {
+ [ -f "$(get_trace_base)/tracing/trace" ]
+}
+
+prepare_debugfs() {
+ local trace_base
+
+ trace_base=$(get_trace_base)
+ # old debugfs interface case.
+ if ! [ -d "$trace_base/tracing" ]; then
+ mount none -t debugfs $trace_base
+ # new tracefs interface case.
+ elif ! [ -f "$trace_base/tracing/trace" ]; then
+ mount none -t tracefs "$trace_base/tracing"
+ fi
+
+ if ! [ -f "$trace_base/tracing/trace" ]; then
+ echo "WARN: failed to mount debugfs"
+ return 1
+ fi
+}
+
+if ! is_debugfs_ready ; then
+ prepare_debugfs
+fi
+
+if [ -n "$DEBUG_MEM_LEVEL" ]; then
+ if [ "$DEBUG_MEM_LEVEL" -ge 5 ]; then
+ echo "memstrack - will report kernel module memory usage summary and top allocation stack"
+ memstrack --report module_summary,module_top --notui --throttle 80 -o /.memstrack &
+ elif [ "$DEBUG_MEM_LEVEL" -ge 4 ]; then
+ echo "memstrack - will report memory usage summary"
+ memstrack --report module_summary --notui --throttle 80 -o /.memstrack &
+ else
+ exit 0;
+ fi
+fi
+
+PID=$!
+RET=$?
+
+if [ $RET -ne 0 ]; then
+ echo "Failed to start memstrack, exit status: $RET"
+ exit $RET
+fi
+
+# Wait a second for memstrack to setup everything, avoid missing any event
+sleep 1
+
+echo $PID > /run/memstrack.pid
+disown
diff --git a/modules.d/99memstrack/memstrack.service b/modules.d/99memstrack/memstrack.service
new file mode 100644
index 00000000..6b47adef
--- /dev/null
+++ b/modules.d/99memstrack/memstrack.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Memstrack Anylazing Service
+DefaultDependencies=no
+Before=dracut-cmdline.service systemd-udevd.service local-fs-pre.target
+IgnoreOnIsolate=true
+
+[Service]
+Type=simple
+ExecStart=/bin/memstrack-start
+PIDFile=/run/memstrack.pid
+StandardInput=null
+StandardOutput=syslog+console
+StandardError=syslog+console
diff --git a/modules.d/99memstrack/module-setup.sh b/modules.d/99memstrack/module-setup.sh
new file mode 100755
index 00000000..d5bacb4d
--- /dev/null
+++ b/modules.d/99memstrack/module-setup.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/bash
+
+check() {
+ if type -P memstrack >/dev/null; then
+ dinfo "memstrack is available"
+ return 0
+ fi
+
+ dinfo "memstrack is not available"
+ dinfo "If you need to use rd.memdebug>=4, please install memstrack"
+
+ return 1
+}
+
+depends() {
+ return 0
+}
+
+install() {
+ inst "/bin/memstrack" "/bin/memstrack"
+
+ inst "$moddir/memstrack-start.sh" "/bin/memstrack-start"
+ inst_hook cleanup 99 "$moddir/memstrack-report.sh"
+
+ inst "$moddir/memstrack.service" "$systemdsystemunitdir/memstrack.service"
+ systemctl -q --root "$initdir" add-wants initrd.target memstrack.service
+}

View File

@ -1,35 +0,0 @@
From 8b3033c92a073f9e63074ffcdb1af6e69d99105c Mon Sep 17 00:00:00 2001
From: Attila Bruncsak <bruncsak@users.noreply.github.com>
Date: Fri, 14 Dec 2018 15:57:33 +0100
Subject: [PATCH] the strip command should avoid changing the file modification
time
(cherry picked from commit 7e944c77c0e05f2cc28e11227b465525c5131772)
Resolves: #1776659
---
dracut.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/dracut.sh b/dracut.sh
index f270af76..223261d6 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1663,14 +1663,14 @@ if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
dinfo "*** Stripping files ***"
find "$initdir" -type f \
-executable -not -path '*/lib/modules/*.ko' -print0 \
- | xargs -r -0 $strip_cmd -g 2>/dev/null
+ | xargs -r -0 $strip_cmd -g -p 2>/dev/null
# strip kernel modules, but do not touch signed modules
find "$initdir" -type f -path '*/lib/modules/*.ko' -print0 \
| while read -r -d $'\0' f || [ -n "$f" ]; do
SIG=$(tail -c 28 "$f" | tr -d '\000')
[[ $SIG == '~Module signature appended~' ]] || { printf "%s\000" "$f"; }
- done | xargs -r -0 $strip_cmd -g
+ done | xargs -r -0 $strip_cmd -g -p
dinfo "*** Stripping files done ***"
fi

View File

@ -1,108 +0,0 @@
From cbebaacfd05c55fddd11b3090983a2be1d2b48d3 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 17 Jul 2019 17:10:36 +0800
Subject: [PATCH] dracut.sh: Adjust squash and strip order
Previously with squash module, some binaries will be reinstalled, but
stripping happens before that so new installed binaries is not stripped.
So adjust the squash and strip order, ensure new installed binaries are
stripped just the same way with the old binaries.
Also split squash into two stage to make the split easier, move the
squash temp dir into initdir so stripping will cover that too,
and print more usefule message.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 6a74c03b4a8472fb090015b32e652edfeadb5a10)
Resolves: #1776659
---
dracut.sh | 43 +++++++++++++++++++++++++------------------
1 file changed, 25 insertions(+), 18 deletions(-)
diff --git a/dracut.sh b/dracut.sh
index 223261d6..310646e3 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1659,21 +1659,6 @@ for d in $(ldconfig_paths); do
rmdir -p --ignore-fail-on-non-empty "$initdir/$d" >/dev/null 2>&1
done
-if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
- dinfo "*** Stripping files ***"
- find "$initdir" -type f \
- -executable -not -path '*/lib/modules/*.ko' -print0 \
- | xargs -r -0 $strip_cmd -g -p 2>/dev/null
-
- # strip kernel modules, but do not touch signed modules
- find "$initdir" -type f -path '*/lib/modules/*.ko' -print0 \
- | while read -r -d $'\0' f || [ -n "$f" ]; do
- SIG=$(tail -c 28 "$f" | tr -d '\000')
- [[ $SIG == '~Module signature appended~' ]] || { printf "%s\000" "$f"; }
- done | xargs -r -0 $strip_cmd -g -p
-
- dinfo "*** Stripping files done ***"
-fi
if [[ $early_microcode = yes ]]; then
dinfo "*** Generating early-microcode cpio image ***"
ucode_dir=(amd-ucode intel-ucode)
@@ -1745,9 +1730,8 @@ if [[ $hostonly_cmdline == "yes" ]] ; then
fi
fi
-dinfo "*** Creating image file '$outfile' ***"
-
if dracut_module_included "squash"; then
+ dinfo "*** Install squash loader ***"
if ! check_kernel_config CONFIG_SQUASHFS; then
dfatal "CONFIG_SQUASHFS have to be enabled for dracut squash module to work"
exit 1
@@ -1761,7 +1745,7 @@ if dracut_module_included "squash"; then
exit 1
fi
- readonly squash_dir="${DRACUT_TMPDIR}/squashfs"
+ readonly squash_dir="$initdir/squash/root"
readonly squash_img=$initdir/squash/root.img
# Currently only move "usr" "etc" to squashdir
@@ -1854,15 +1838,38 @@ if dracut_module_included "squash"; then
fi
done
done
+fi
+if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
+ dinfo "*** Stripping files ***"
+ find "$initdir" -type f \
+ -executable -not -path '*/lib/modules/*.ko' -print0 \
+ | xargs -r -0 $strip_cmd -g -p 2>/dev/null
+
+ # strip kernel modules, but do not touch signed modules
+ find "$initdir" -type f -path '*/lib/modules/*.ko' -print0 \
+ | while read -r -d $'\0' f || [ -n "$f" ]; do
+ SIG=$(tail -c 28 "$f" | tr -d '\000')
+ [[ $SIG == '~Module signature appended~' ]] || { printf "%s\000" "$f"; }
+ done | xargs -r -0 $strip_cmd -g -p
+ dinfo "*** Stripping files done ***"
+fi
+
+if dracut_module_included "squash"; then
+ dinfo "*** Squashing the files inside the initramfs ***"
mksquashfs $squash_dir $squash_img -comp xz -b 64K -Xdict-size 100% &> /dev/null
if [[ $? != 0 ]]; then
dfatal "dracut: Failed making squash image"
exit 1
fi
+
+ rm -rf $squash_dir
+ dinfo "*** Squashing the files inside the initramfs done ***"
fi
+dinfo "*** Creating image file '$outfile' ***"
+
if [[ $uefi = yes ]]; then
readonly uefi_outdir="$DRACUT_TMPDIR/uefi"
mkdir "$uefi_outdir"

View File

@ -1,30 +0,0 @@
From b36c1ff083499c2cf1d1dbb7fe1663a2dd0683cc Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 25 Sep 2019 13:47:40 +0800
Subject: [PATCH] Fine tune mksquashfs options for squash module
Drop some unneeded metadata in the squash image, and print the error
message if something went wrong.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 89bc1aa324bcdda3723247218a697171c5a3de6f)
Resolves: #1776659
---
dracut.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dracut.sh b/dracut.sh
index 310646e3..487add57 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1857,7 +1857,7 @@ fi
if dracut_module_included "squash"; then
dinfo "*** Squashing the files inside the initramfs ***"
- mksquashfs $squash_dir $squash_img -comp xz -b 64K -Xdict-size 100% &> /dev/null
+ mksquashfs $squash_dir $squash_img -no-xattrs -no-exports -noappend -always-use-fragments -comp xz -Xdict-size 100% -no-progress 1> /dev/null
if [[ $? != 0 ]]; then
dfatal "dracut: Failed making squash image"

View File

@ -1,93 +0,0 @@
From 90d96c4f6a44d895f8999da8c4721a04612e6379 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Tue, 29 Oct 2019 16:29:14 +0800
Subject: [PATCH] 90kernel-modules: don't install any block driver if not
needed
If hostonly mode is in use, and there isn't any block device included
as hostonly device, then the initramfs won't need any block driver.
Eg. for kdump built image, there could be only one nfs mount point,
or the initramfs may only execute some network operation then reboot.
In such case, skip block driver installation to save space and time.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit f4ad2e5c8964b6c7b50420299a0096bade6a40bd)
Resolves: #1776659
---
modules.d/90kernel-modules/module-setup.sh | 32 +++++++++++++++++++++++-------
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/modules.d/90kernel-modules/module-setup.sh b/modules.d/90kernel-modules/module-setup.sh
index 3dfceff0..c91ba10c 100755
--- a/modules.d/90kernel-modules/module-setup.sh
+++ b/modules.d/90kernel-modules/module-setup.sh
@@ -2,6 +2,8 @@
# called by dracut
installkernel() {
+ local _blockfuncs='ahci_platform_get_resources|ata_scsi_ioctl|scsi_add_host|blk_cleanup_queue|register_mtd_blktrans|scsi_esp_register|register_virtio_device|usb_stor_disconnect|mmc_add_host|sdhci_add_host|scsi_add_host_with_dma'
+
find_kernel_modules_external () {
local _OLDIFS
local external_pattern="^/"
@@ -16,11 +18,25 @@ installkernel() {
done < "$srcmods/modules.dep"
IFS=$_OLDIFS
}
- local _blockfuncs='ahci_platform_get_resources|ata_scsi_ioctl|scsi_add_host|blk_cleanup_queue|register_mtd_blktrans|scsi_esp_register|register_virtio_device|usb_stor_disconnect|mmc_add_host|sdhci_add_host|scsi_add_host_with_dma'
+
+ is_block_dev() {
+ [ -e /sys/dev/block/$1 ] && return 0
+ return 1
+ }
+
+ install_block_modules () {
+ hostonly='' instmods sr_mod sd_mod scsi_dh ata_piix
+ instmods \
+ scsi_dh_rdac scsi_dh_emc scsi_dh_alua \
+ =ide nvme vmd nfit \
+ virtio_blk
+
+ dracut_instmods -o -s "${_blockfuncs}" "=drivers"
+ }
if [[ -z $drivers ]]; then
hostonly='' instmods \
- sr_mod sd_mod scsi_dh ata_piix hid_generic unix \
+ hid_generic unix \
ehci-hcd ehci-pci ehci-platform \
ohci-hcd ohci-pci \
uhci-hcd \
@@ -38,10 +54,10 @@ installkernel() {
${NULL}
instmods \
- yenta_socket scsi_dh_rdac scsi_dh_emc scsi_dh_alua \
+ yenta_socket \
atkbd i8042 usbhid firewire-ohci pcmcia hv-vmbus \
- virtio virtio_blk virtio_ring virtio_pci virtio_scsi \
- "=drivers/pcmcia" =ide nvme vmd nfit
+ virtio virtio_ring virtio_pci virtio_scsi \
+ "=drivers/pcmcia"
if [[ "$(uname -m)" == arm* || "$(uname -m)" == aarch64 ]]; then
# arm/aarch64 specific modules
@@ -72,10 +88,12 @@ installkernel() {
${NULL}
fi
- dracut_instmods -o -s "${_blockfuncs}" "=drivers"
-
find_kernel_modules_external | instmods
+ if ! [[ $hostonly ]] || for_each_host_dev_and_slaves is_block_dev; then
+ install_block_modules
+ fi
+
# if not on hostonly mode, install all known filesystems,
# if the required list is not set via the filesystems variable
if ! [[ $hostonly ]]; then

View File

@ -1,63 +0,0 @@
From 9eb855e073c077966a011146484b9b9596857361 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Thu, 5 Mar 2020 18:44:45 +0800
Subject: [PATCH] 95znet: Add a rd.znet_ifname= option
qeth device may have a different IP for each boot, so the rd.ifname=
option will no longer work. So for znet device, introduce a
rd.znet_ifname= options, to subchannel id instead of MAC address as the
identifier and rename the interface.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 872eb69936bd849eec6d1974dd6569f23a7ad3db)
Resolves: #1811977
---
dracut.cmdline.7.asc | 5 +++++
modules.d/95znet/parse-ccw.sh | 18 ++++++++++++++++++
2 files changed, 23 insertions(+)
diff --git a/dracut.cmdline.7.asc b/dracut.cmdline.7.asc
index 7f31fbae..4a7c2517 100644
--- a/dracut.cmdline.7.asc
+++ b/dracut.cmdline.7.asc
@@ -829,6 +829,11 @@ ZNET
RHEL/Fedora with ccw_init, which is called from udev for certain
devices on z-series.
rd.znet can be specified multiple times on the kernel command line.
+
+**rd.znet_ifname=**__<ifname>__:__<subchannels>__::
+ Assign network device name <interface> (i.e. "bootnet") to the NIC
+ corresponds to the subchannels. This is useful when dracut's default
+ "ifname=" doesn't work due to device having a changing MAC address.
+
[listing]
.Example
diff --git a/modules.d/95znet/parse-ccw.sh b/modules.d/95znet/parse-ccw.sh
index 7d40a1aa..59b588f3 100755
--- a/modules.d/95znet/parse-ccw.sh
+++ b/modules.d/95znet/parse-ccw.sh
@@ -4,4 +4,22 @@ for ccw_arg in $(getargs rd.ccw -d 'rd_CCW=') $(getargs rd.znet -d 'rd_ZNET=');
echo $ccw_arg >> /etc/ccw.conf
done
+for ifname in $(getargs rd.znet_ifname); do
+ IFS=: read ifname_if ifname_subchannels _rest <<< "$ifname"
+ if [ -z "$ifname_if" ] || [ -z "$ifname_subchannels" ] || [ -n "$_rest" ]; then
+ warn "Invalid arguments for rd.znet_ifname="
+ else
+ {
+ ifname_subchannels=${ifname_subchannels//,/|}
+
+ echo 'ACTION!="add|change", GOTO="ccw_ifname_end"'
+ echo 'ATTR{type}!="1", GOTO="ccw_ifname_end"'
+ echo 'SUBSYSTEM!="net", GOTO="ccw_ifname_end"'
+ echo "SUBSYSTEMS==\"ccwgroup\", KERNELS==\"$ifname_subchannels\", DRIVERS==\"?*\" NAME=\"$ifname_if\""
+ echo 'LABEL="ccw_ifname_end"'
+
+ } > /etc/udev/rules.d/81-ccw-ifname.rules
+ fi
+done
+
znet_cio_free

View File

@ -1,33 +0,0 @@
From 4f43dd89a1f9c21f66d6b460c0ad1b271ee40492 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 25 May 2020 11:59:31 +0200
Subject: [PATCH] Revert "[RHEL] network: default to network-legacy even in
presence of nm-initrd-generator"
This reverts commit 7843bc52777683f6a4ef953d8dde7171ff3b911c.
This will cause that NM will be used in initrd on systems where it is installed.
Resolves: #1839706
---
modules.d/40network/module-setup.sh | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/modules.d/40network/module-setup.sh b/modules.d/40network/module-setup.sh
index bf252eb7..8e2a74a3 100755
--- a/modules.d/40network/module-setup.sh
+++ b/modules.d/40network/module-setup.sh
@@ -8,9 +8,9 @@ check() {
# called by dracut
depends() {
echo -n "kernel-network-modules "
- # RHEL 8.1: Default to network-legacy unless the user chose
- # network-manager manually
- if ! dracut_module_included "network-manager" ; then
+ if ! dracut_module_included "network-legacy" && [ -x "/usr/libexec/nm-initrd-generator" ] ; then
+ echo "network-manager"
+ else
echo "network-legacy"
fi
return 0

View File

@ -1,37 +0,0 @@
From 34ef33adfbb0b44ba6143f4ced206f948d814f86 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 27 May 2020 22:07:37 +0800
Subject: [PATCH] 99memstrack: hook script should not call exit
With memstrack module, rd.break may not work because the hook scripts
are sourced, not executed, so the exit call will make pre-pivot queue
exit early. See 98dracut-systemd/dracut-pre-pivot.sh, everything after
"source_hook cleanup" will be ignored.
Replace with return instead.
Credits go to Lukas Nykryn <lnykryn@redhat.com> who helped discover and
debug this issue.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 424f01e2a0ac0b329e68eb63048cf0d6d9c74d37)
Resolves: #1829528
---
modules.d/99memstrack/memstrack-report.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/99memstrack/memstrack-report.sh b/modules.d/99memstrack/memstrack-report.sh
index 241e8621..3de55bd1 100755
--- a/modules.d/99memstrack/memstrack-report.sh
+++ b/modules.d/99memstrack/memstrack-report.sh
@@ -2,7 +2,7 @@
. /lib/dracut-lib.sh
if ! [ "$DEBUG_MEM_LEVEL" -ge 4 ]; then
- exit 0
+ return 0
fi
if type -P systemctl >/dev/null; then

View File

@ -1,42 +0,0 @@
From f47136bada397328d0a6f36a81138699c793fe92 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 27 May 2020 21:59:55 +0800
Subject: [PATCH] Remove cleanup_trace_mem calls
In commit 49c4172 all shell based memory tracing functions are removed,
there are some left over. Remove them as well.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 2a611328652388b809a379403ceec126cb55819f)
Resolves: #1829528
---
modules.d/98dracut-systemd/dracut-pre-pivot.sh | 1 -
modules.d/99base/init.sh | 1 -
2 files changed, 2 deletions(-)
diff --git a/modules.d/98dracut-systemd/dracut-pre-pivot.sh b/modules.d/98dracut-systemd/dracut-pre-pivot.sh
index 96e6f8ca..cc70e3c3 100755
--- a/modules.d/98dracut-systemd/dracut-pre-pivot.sh
+++ b/modules.d/98dracut-systemd/dracut-pre-pivot.sh
@@ -14,7 +14,6 @@ make_trace_mem "hook pre-pivot" '1:shortmem' '2+:mem' '3+:slab'
getarg 'rd.break=pre-pivot' 'rdbreak=pre-pivot' && emergency_shell -n pre-pivot "Break pre-pivot"
source_hook pre-pivot
-cleanup_trace_mem
# pre pivot cleanup scripts are sourced just before we switch over to the new root.
getarg 'rd.break=cleanup' 'rdbreak=cleanup' && emergency_shell -n cleanup "Break cleanup"
source_hook cleanup
diff --git a/modules.d/99base/init.sh b/modules.d/99base/init.sh
index 2c0ccd66..a5633936 100755
--- a/modules.d/99base/init.sh
+++ b/modules.d/99base/init.sh
@@ -271,7 +271,6 @@ getarg 'rd.break=pre-pivot' -d 'rdbreak=pre-pivot' && emergency_shell -n pre-piv
source_hook pre-pivot
make_trace_mem "hook cleanup" '1:shortmem' '2+:mem' '3+:slab'
-cleanup_trace_mem
# pre pivot cleanup scripts are sourced just before we switch over to the new root.
getarg 'rd.break=cleanup' -d 'rdbreak=cleanup' && emergency_shell -n cleanup "Break cleanup"
source_hook cleanup

View File

@ -1,72 +0,0 @@
From 689454c727c2730b6aa89ee4c4b7676900e07f78 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Fri, 12 Apr 2019 16:26:59 +0200
Subject: [PATCH] Do not require non-empty kernel cmdline
When booting with Fedora-Server-dvd-x86_64-30-20190411.n.0.iso,
/proc/cmdline is empty (libvirt, qemu host with bios, not sure if that
matters), after installation to disk, anaconda would "crash" in kernel-core
%posttrans, after calling kernel-install, because dracut would fail
with
> Could not determine the kernel command line parameters.
> Please specify the kernel command line in /etc/kernel/cmdline!
I guess it's legitimate, even if unusual, to have no cmdline parameters.
Two changes are done in this patch:
1. do not fail if the cmdline is empty.
2. if /usr/lib/kernel/cmdline or /etc/kernel/cmdline are present, but
empty, ignore /proc/cmdline. If there's explicit configuration to
have empty cmdline, don't ignore it.
(cherry picked from commit 38b4f4b21c3c6107d7a562fcb432237464440b91)
Resolves: #1746069
---
50-dracut.install | 4 +---
51-dracut-rescue.install | 10 +---------
2 files changed, 2 insertions(+), 12 deletions(-)
diff --git a/50-dracut.install b/50-dracut.install
index 139ff82e..b897db84 100755
--- a/50-dracut.install
+++ b/50-dracut.install
@@ -35,9 +35,7 @@ case "$COMMAND" in
read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline
elif [[ -f /usr/lib/kernel/cmdline ]]; then
read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline
- fi
-
- if ! [[ ${BOOT_OPTIONS[*]} ]]; then
+ else
read -r -d '' -a BOOT_OPTIONS < /proc/cmdline
fi
diff --git a/51-dracut-rescue.install b/51-dracut-rescue.install
index 0580062f..5ac34ef3 100755
--- a/51-dracut-rescue.install
+++ b/51-dracut-rescue.install
@@ -47,9 +47,7 @@ if [[ -f /etc/kernel/cmdline ]]; then
read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline
elif [[ -f /usr/lib/kernel/cmdline ]]; then
read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline
-fi
-
-if ! [[ "${BOOT_OPTIONS[@]}" ]]; then
+else
read -r -d '' -a line < /proc/cmdline
for i in "${line[@]}"; do
[[ "${i#initrd=*}" != "$i" ]] && continue
@@ -57,12 +55,6 @@ if ! [[ "${BOOT_OPTIONS[@]}" ]]; then
done
fi
-if ! [[ ${BOOT_OPTIONS[*]} ]]; then
- echo "Could not determine the kernel command line parameters." >&2
- echo "Please specify the kernel command line in /etc/kernel/cmdline!" >&2
- exit 1
-fi
-
if [[ -d "${BOOT_DIR_ABS%/*}" ]]; then
BOOT_DIR="/${MACHINE_ID}/0-rescue"
BOOT_ROOT=${BOOT_DIR_ABS%$BOOT_DIR}

View File

@ -1,79 +0,0 @@
From fc05c818dd862de2b6771dabe242bc9d26aa2160 Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Thu, 11 Jun 2020 11:29:41 +0200
Subject: [PATCH] Adapt to the new udevadm version output
See https://bugzilla.redhat.com/show_bug.cgi?id=1804252.
RHEL-only
Resolves: #1846034
---
dracut-init.sh | 2 +-
modules.d/01fips/fips.sh | 2 +-
modules.d/99base/dracut-lib.sh | 4 ++--
modules.d/99base/init.sh | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/dracut-init.sh b/dracut-init.sh
index ab07cabf..032c38c2 100644
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -444,7 +444,7 @@ inst_rules_wildcard() {
}
prepare_udev_rules() {
- [ -z "$UDEVVERSION" ] && export UDEVVERSION=$(udevadm --version)
+ [ -z "$UDEVVERSION" ] && export UDEVVERSION=$(udevadm --version | { read v _ ; echo $v ; })
for f in "$@"; do
f="${initdir}/etc/udev/rules.d/$f"
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index 559952ca..03da6861 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -27,7 +27,7 @@ mount_boot()
if ! [ -e "$boot" ]; then
udevadm trigger --action=add >/dev/null 2>&1
- [ -z "$UDEVVERSION" ] && UDEVVERSION=$(udevadm --version)
+ [ -z "$UDEVVERSION" ] && UDEVVERSION=$(udevadm --version | { read v _ ; echo $v ; })
i=0
while ! [ -e $boot ]; do
if [ $UDEVVERSION -ge 143 ]; then
diff --git a/modules.d/99base/dracut-lib.sh b/modules.d/99base/dracut-lib.sh
index 56dd63ef..96dd55ad 100755
--- a/modules.d/99base/dracut-lib.sh
+++ b/modules.d/99base/dracut-lib.sh
@@ -531,7 +531,7 @@ incol2() {
}
udevsettle() {
- [ -z "$UDEVVERSION" ] && export UDEVVERSION=$(udevadm --version)
+ [ -z "$UDEVVERSION" ] && export UDEVVERSION=$(udevadm --version | { read v _ ; echo $v ; })
if [ $UDEVVERSION -ge 143 ]; then
udevadm settle --exit-if-exists=$hookdir/initqueue/work $settle_exit_if_exists
@@ -541,7 +541,7 @@ udevsettle() {
}
udevproperty() {
- [ -z "$UDEVVERSION" ] && export UDEVVERSION=$(udevadm --version)
+ [ -z "$UDEVVERSION" ] && export UDEVVERSION=$(udevadm --version | { read v _ ; echo $v ; })
if [ $UDEVVERSION -ge 143 ]; then
for i in "$@"; do udevadm control --property=$i; done
diff --git a/modules.d/99base/init.sh b/modules.d/99base/init.sh
index a5633936..732a7f46 100755
--- a/modules.d/99base/init.sh
+++ b/modules.d/99base/init.sh
@@ -92,7 +92,7 @@ fi
trap "emergency_shell Signal caught!" 0
-export UDEVVERSION=$(udevadm --version)
+export UDEVVERSION=$(udevadm --version | { read v _ ; echo $v ; })
if [ $UDEVVERSION -gt 166 ]; then
# newer versions of udev use /run/udev/rules.d
export UDEVRULESD=/run/udev/rules.d

View File

@ -1,82 +0,0 @@
From 3067edf07449e1dbc2dae0776da9426274b34cba Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 24 Jun 2020 13:06:05 +0200
Subject: [PATCH] network-manager: move connection generation to a lib file
Move the connection generation code to a library file so that it can
be reused from other places.
(cherry picked from commit 6e1e87cd2567801b10b2b4f716436c48688408bf)
Resolves: #1847518
---
modules.d/35network-manager/module-setup.sh | 1 +
modules.d/35network-manager/nm-config.sh | 15 +++------------
modules.d/35network-manager/nm-lib.sh | 20 ++++++++++++++++++++
3 files changed, 24 insertions(+), 12 deletions(-)
diff --git a/modules.d/35network-manager/module-setup.sh b/modules.d/35network-manager/module-setup.sh
index ad2a1534..ed2f399e 100755
--- a/modules.d/35network-manager/module-setup.sh
+++ b/modules.d/35network-manager/module-setup.sh
@@ -37,6 +37,7 @@ install() {
inst_hook initqueue/settled 99 "$moddir/nm-run.sh"
inst_rules 85-nm-unmanaged.rules
inst_libdir_file "NetworkManager/$_nm_version/libnm-device-plugin-team.so"
+ inst_simple "$moddir/nm-lib.sh" "/lib/nm-lib.sh"
if [[ -x "$initdir/usr/sbin/dhclient" ]]; then
inst /usr/libexec/nm-dhcp-helper
diff --git a/modules.d/35network-manager/nm-config.sh b/modules.d/35network-manager/nm-config.sh
index 39a1c8bd..2b9df020 100755
--- a/modules.d/35network-manager/nm-config.sh
+++ b/modules.d/35network-manager/nm-config.sh
@@ -1,18 +1,9 @@
#!/bin/sh
+type nm_generate_connections >/dev/null 2>&1 || . /lib/nm-lib.sh
+
if [ -n "$netroot" ] || [ -e /tmp/net.ifaces ]; then
echo rd.neednet >> /etc/cmdline.d/35-neednet.conf
fi
-/usr/libexec/nm-initrd-generator -- $(getcmdline)
-
-if getargbool 0 rd.neednet; then
- for i in /usr/lib/NetworkManager/system-connections/* \
- /run/NetworkManager/system-connections/* \
- /etc/NetworkManager/system-connections/* \
- /etc/sysconfig/network-scripts/ifcfg-*; do
- [ -f "$i" ] || continue
- echo '[ -f /tmp/nm.done ]' >$hookdir/initqueue/finished/nm.sh
- break
- done
-fi
+nm_generate_connections
diff --git a/modules.d/35network-manager/nm-lib.sh b/modules.d/35network-manager/nm-lib.sh
new file mode 100644
index 00000000..fe053cfa
--- /dev/null
+++ b/modules.d/35network-manager/nm-lib.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+type getcmdline >/dev/null 2>&1 || . /lib/dracut-lib.sh
+
+nm_generate_connections()
+{
+ rm -f /run/NetworkManager/system-connections/*
+ /usr/libexec/nm-initrd-generator -- $(getcmdline)
+
+ if getargbool 0 rd.neednet; then
+ for i in /usr/lib/NetworkManager/system-connections/* \
+ /run/NetworkManager/system-connections/* \
+ /etc/NetworkManager/system-connections/* \
+ /etc/sysconfig/network-scripts/ifcfg-*; do
+ [ -f "$i" ] || continue
+ echo '[ -f /tmp/nm.done ]' >$hookdir/initqueue/finished/nm.sh
+ break
+ done
+ fi
+}

View File

@ -1,34 +0,0 @@
From 7143750cf2e37f9c14ec47a8170b9186136874d7 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 24 Jun 2020 13:09:04 +0200
Subject: [PATCH] cms: regenerate NetworkManager connections
After changing the kernel command line, the cmsifup script calls ifup
to activate the interface. However, ifup is only available in the
network-legacy module; when using the network-manager module, we
should regenerate connections according to the command line; then
later NM will be run and will activate the device.
(cherry picked from commit 5c3d0a96473ac339fa2d1b25213b8f301c1cfd0d)
Resolves: #1847518
---
modules.d/80cms/cmsifup.sh | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/modules.d/80cms/cmsifup.sh b/modules.d/80cms/cmsifup.sh
index 902df8d8..77c18452 100755
--- a/modules.d/80cms/cmsifup.sh
+++ b/modules.d/80cms/cmsifup.sh
@@ -35,4 +35,9 @@ fi
IFACES="$IFACES $DEVICE"
echo "$IFACES" >> /tmp/net.ifaces
-exec ifup "$DEVICE"
+if [ -x /usr/libexec/nm-initrd-generator ]; then
+ type nm_generate_connections >/dev/null 2>&1 || . /lib/nm-lib.sh
+ nm_generate_connections
+else
+ exec ifup "$DEVICE"
+fi

View File

@ -1,25 +0,0 @@
From 6c0071bc72dbbdd2a958277618a9b2c64c6ee460 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 2 Jul 2020 14:33:20 +0200
Subject: [PATCH] spec: don't use NM on existing installations
Resolves: #1839706
---
dracut.spec | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/dracut.spec b/dracut.spec
index c82c24f6..a8076c18 100644
--- a/dracut.spec
+++ b/dracut.spec
@@ -481,4 +481,9 @@ install -m 0755 51-dracut-rescue-postinst.sh $RPM_BUILD_ROOT%{_sysconfdir}/kerne
%{_sysconfdir}/kernel/postinst.d/51-dracut-rescue-postinst.sh
%endif
+%triggerin network -- dracut-network < 049-83.git20200525
+echo '# Since rhel-8.3 dracut moved to use NetworkManager
+# On existing installations we want to preserve the old scripts
+add_dracutmodules+=" network-legacy "' > /etc/dracut.conf.d/50-network-legacy.conf
+
%changelog

View File

@ -1,79 +0,0 @@
From 73242b75af92bc86c26cfbe2954b7ecb9aaaf765 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Tue, 4 Dec 2018 10:02:45 +0100
Subject: [PATCH] install/dracut-install.c: install module dependencies of
dependencies
(cherry picked from commit c38f9e980c1ee03151dd1c6602907c6228b78d30)
Resolves: #1846343
---
install/dracut-install.c | 28 +++++++++++++++++++++++++---
1 file changed, 25 insertions(+), 3 deletions(-)
diff --git a/install/dracut-install.c b/install/dracut-install.c
index 88bca1d4..253ae194 100644
--- a/install/dracut-install.c
+++ b/install/dracut-install.c
@@ -84,6 +84,11 @@ static bool arg_mod_filter_noname = false;
static int dracut_install(const char *src, const char *dst, bool isdir, bool resolvedeps, bool hashdst);
+static inline void kmod_module_unrefp(struct kmod_module **p) {
+ if (*p)
+ kmod_module_unref(*p);
+}
+#define _cleanup_kmod_module_unref_ _cleanup_(kmod_module_unrefp)
static inline void kmod_module_unref_listp(struct kmod_list **p) {
if (*p)
@@ -1234,28 +1239,45 @@ static bool check_module_path(const char *path)
static int install_dependent_modules(struct kmod_list *modlist)
{
struct kmod_list *itr;
- struct kmod_module *mod;
const char *path = NULL;
const char *name = NULL;
int ret = 0;
kmod_list_foreach(itr, modlist) {
+ _cleanup_kmod_module_unref_ struct kmod_module *mod = NULL;
mod = kmod_module_get_module(itr);
path = kmod_module_get_path(mod);
+ if (check_hashmap(items_failed, path))
+ return -1;
+
+ if (check_hashmap(items, path)) {
+ continue;
+ }
+
name = kmod_module_get_name(mod);
+
if ((path == NULL) || (arg_mod_filter_noname && (regexec(&mod_filter_noname, name, 0, NULL, 0) == 0))) {
- kmod_module_unref(mod);
continue;
}
+
ret = dracut_install(path, &path[kerneldirlen], false, false, true);
if (ret == 0) {
+ _cleanup_kmod_module_unref_list_ struct kmod_list *modlist = NULL;
+ _cleanup_kmod_module_unref_list_ struct kmod_list *modpre = NULL;
+ _cleanup_kmod_module_unref_list_ struct kmod_list *modpost = NULL;
log_debug("dracut_install '%s' '%s' OK", path, &path[kerneldirlen]);
install_firmware(mod);
+ modlist = kmod_module_get_dependencies(mod);
+ ret = install_dependent_modules(modlist);
+ if (ret == 0) {
+ ret = kmod_module_get_softdeps(mod, &modpre, &modpost);
+ if (ret == 0)
+ ret = install_dependent_modules(modpre);
+ }
} else {
log_error("dracut_install '%s' '%s' ERROR", path, &path[kerneldirlen]);
}
- kmod_module_unref(mod);
}
return ret;

View File

@ -1,50 +0,0 @@
From e4e1ab4e129fa17c5e90a2144e15096b0267c22a Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 2 Jul 2020 09:08:03 +0200
Subject: [PATCH] install: also install post weak dependencies of kernel
modules
(cherry picked from commit 6dafdda4a6bdb8721133e4267553c5d86564f9e8)
Resolves: #1846343
---
install/dracut-install.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/install/dracut-install.c b/install/dracut-install.c
index 253ae194..51f79422 100644
--- a/install/dracut-install.c
+++ b/install/dracut-install.c
@@ -1272,9 +1272,13 @@ static int install_dependent_modules(struct kmod_list *modlist)
ret = install_dependent_modules(modlist);
if (ret == 0) {
ret = kmod_module_get_softdeps(mod, &modpre, &modpost);
- if (ret == 0)
- ret = install_dependent_modules(modpre);
- }
+ if (ret == 0) {
+ int r;
+ ret = install_dependent_modules(modpre);
+ r = install_dependent_modules(modpost);
+ ret = ret ? : r;
+ }
+ }
} else {
log_error("dracut_install '%s' '%s' ERROR", path, &path[kerneldirlen]);
}
@@ -1335,8 +1339,12 @@ static int install_module(struct kmod_module *mod)
if (ret == 0) {
ret = kmod_module_get_softdeps(mod, &modpre, &modpost);
- if (ret == 0)
- ret = install_dependent_modules(modpre);
+ if (ret == 0) {
+ int r;
+ ret = install_dependent_modules(modpre);
+ r = install_dependent_modules(modpost);
+ ret = ret ? : r;
+ }
}
return ret;

View File

@ -1,55 +0,0 @@
From 818746166fec7c1e572ef12618edadc0535d4663 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Tue, 9 Jun 2020 03:03:18 +0800
Subject: [PATCH] dracut.sh: Move the library workaround after squash
Ensure the workaround is also valid when dracut-squash module is used
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit de3cb0e3214c3fbab3a94e705445b4d1c2bf0dff)
Cherry-picked from: de3cb0e3214c3fbab3a94e705445b4d1c2bf0dff
Resolves: #1841077
---
dracut.sh | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/dracut.sh b/dracut.sh
index 487add57..4c5176a1 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1578,15 +1578,6 @@ if [[ $kernel_only != yes ]]; then
# Now we are done with lazy resolving, always install dependencies
unset DRACUT_RESOLVE_LAZY
export DRACUT_RESOLVE_DEPS=1
-
- # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so
- for _dir in $libdirs; do
- for _f in "$_dir/libpthread.so"*; do
- [[ -e "$_f" ]] || continue
- inst_libdir_file "libgcc_s.so*"
- break 2
- done
- done
fi
for ((i=0; i < ${#include_src[@]}; i++)); do
@@ -1840,6 +1831,17 @@ if dracut_module_included "squash"; then
done
fi
+if [[ $kernel_only != yes ]]; then
+ # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so
+ for _dir in $libdirs; do
+ for _f in "$dracutsysrootdir$_dir/libpthread.so"*; do
+ [[ -e "$_f" ]] || continue
+ inst_libdir_file "libgcc_s.so*"
+ break 2
+ done
+ done
+fi
+
if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
dinfo "*** Stripping files ***"
find "$initdir" -type f \

View File

@ -1,43 +0,0 @@
From d8c0b10b15940d88a28acbcf93354e4da0babb8d Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Wed, 10 Jun 2020 15:57:20 +0800
Subject: [PATCH] dracut.sh: FIPS workaround for openssl-libs on Fedora/RHEL
On Fedora/RHEL, libcryto will verify both itself and libssl on start, if
libssl is missing, FIPS self test will fail. However libssl is not a
dependency of libcryto so dracut will not install it, unless some other
binary or library pulls it in. Systemd requires libssl, so in most cases
it just worked, but could fail in some corner cases where systemd is not
used.
Signed-off-by: Kairui Song <kasong@redhat.com>
(cherry picked from commit 5a4c3469338410b6aea9452994b4b0af1ba59be7)
Resolves: #1841077
---
dracut.sh | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/dracut.sh b/dracut.sh
index 4c5176a1..86e95449 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1840,6 +1840,17 @@ if [[ $kernel_only != yes ]]; then
break 2
done
done
+
+ # FIPS workaround for Fedora/RHEL: libcrypto needs libssl when FIPS is enabled
+ if [[ $DRACUT_FIPS_MODE ]]; then
+ for _dir in $libdirs; do
+ for _f in "$dracutsysrootdir$_dir/libcrypto.so"*; do
+ [[ -e "$_f" ]] || continue
+ inst_libdir_file -o "libssl.so*"
+ break 2
+ done
+ done
+ fi
fi
if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then

View File

@ -1,28 +0,0 @@
From 41739f232f3f353d45206ceee89ef0bc1c544f31 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Mon, 3 Aug 2020 16:51:54 +0800
Subject: [PATCH] 90kernel-modules: add pci_hyperv
Install pci_hyperv for SR-IOV devices on hyperv machines.
(cherry picked from commit f7ad1479f277ddffcc501bd08919a4a4a6facc26)
Resolves: #1854001
---
modules.d/90kernel-modules/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/90kernel-modules/module-setup.sh b/modules.d/90kernel-modules/module-setup.sh
index c91ba10c..86852038 100755
--- a/modules.d/90kernel-modules/module-setup.sh
+++ b/modules.d/90kernel-modules/module-setup.sh
@@ -56,7 +56,7 @@ installkernel() {
instmods \
yenta_socket \
atkbd i8042 usbhid firewire-ohci pcmcia hv-vmbus \
- virtio virtio_ring virtio_pci virtio_scsi \
+ virtio virtio_ring virtio_pci virtio_scsi pci_hyperv \
"=drivers/pcmcia"
if [[ "$(uname -m)" == arm* || "$(uname -m)" == aarch64 ]]; then

View File

@ -1,31 +0,0 @@
From 6616132de5ec2991e0b55eca6e9d12e50f7be293 Mon Sep 17 00:00:00 2001
From: Doan Tran Cong Danh <congdanhqx@gmail.com>
Date: Fri, 8 Nov 2019 10:53:41 +0700
Subject: [PATCH] multipath: require kpartx binary
multipath requires kpartx to activate device mapper.
But kpartx is only a recommend dependency.
Check for kpartx's existent first.
Signed-off-by: Doan Tran Cong Danh <congdanhqx@gmail.com>
(cherry picked from commit cf31ed2ae687d9898cafc11ec6e4f478e806ad38)
Resolves: #1888779
---
modules.d/90multipath/module-setup.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules.d/90multipath/module-setup.sh b/modules.d/90multipath/module-setup.sh
index f825c00c..2b9a3166 100755
--- a/modules.d/90multipath/module-setup.sh
+++ b/modules.d/90multipath/module-setup.sh
@@ -29,6 +29,7 @@ check() {
# if there's no multipath binary, no go.
require_binaries multipath || return 1
+ require_binaries kpartx || return 1
return 0
}

View File

@ -1,167 +0,0 @@
From 59d51f92475f1b4dc81b1e6f5537f63876952c39 Mon Sep 17 00:00:00 2001
From: Jan Macku <jamacku@redhat.com>
Date: Fri, 8 Nov 2019 16:24:13 +0100
Subject: [PATCH] Replace ln with systemctl
(cherry picked from commit 70b19acf941c0bf41b2c69c761124425910c0653)
Cherry-picked from: 70b19acf941c0bf41b2c69c761124425910c0653
Resolves: #1888779
---
modules.d/00systemd/module-setup.sh | 6 ++----
modules.d/02systemd-networkd/module-setup.sh | 8 ++++----
modules.d/06rngd/module-setup.sh | 5 ++---
modules.d/90multipath/module-setup.sh | 3 +--
modules.d/90stratis/module-setup.sh | 3 +--
modules.d/95iscsi/module-setup.sh | 8 +++-----
modules.d/98dracut-systemd/module-setup.sh | 3 +--
modules.d/99squash/module-setup.sh | 3 +--
8 files changed, 15 insertions(+), 24 deletions(-)
diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index e4a3f323..4ab2a896 100755
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -225,9 +225,7 @@ install() {
systemd-ask-password-console.service \
systemd-ask-password-plymouth.service \
; do
- mkdir -p "${initdir}${systemdsystemunitdir}/${i}.wants"
- ln_r "${systemdsystemunitdir}/systemd-vconsole-setup.service" \
- "${systemdsystemunitdir}/${i}.wants/systemd-vconsole-setup.service"
+ systemctl -q --root "$initdir" add-wants "$i" systemd-vconsole-setup.service
done
mkdir -p "$initdir/etc/systemd"
@@ -239,6 +237,6 @@ install() {
echo "RateLimitBurst=0"
} >> "$initdir/etc/systemd/journald.conf"
- ln_r "${systemdsystemunitdir}/multi-user.target" "${systemdsystemunitdir}/default.target"
+ systemctl -q --root "$initdir" set-default multi-user.target
}
diff --git a/modules.d/02systemd-networkd/module-setup.sh b/modules.d/02systemd-networkd/module-setup.sh
index b86751ea..8b87923f 100755
--- a/modules.d/02systemd-networkd/module-setup.sh
+++ b/modules.d/02systemd-networkd/module-setup.sh
@@ -61,11 +61,11 @@ install() {
for i in \
systemd-networkd-wait-online.service \
- systemd-networkd.service \
- systemd-networkd.socket
-# systemd-timesyncd.service
+ systemd-networkd.service \
+ systemd-networkd.socket
+# systemd-timesyncd.service
do
- systemctl --root "$initdir" enable "$i"
+ systemctl -q --root "$initdir" enable "$i"
done
}
diff --git a/modules.d/06rngd/module-setup.sh b/modules.d/06rngd/module-setup.sh
index 43d5c2d3..354bd0bb 100644
--- a/modules.d/06rngd/module-setup.sh
+++ b/modules.d/06rngd/module-setup.sh
@@ -33,7 +33,6 @@ check() {
install() {
inst rngd
inst_simple "${moddir}/rngd.service" "${systemdsystemunitdir}/rngd.service"
- mkdir -p "${initdir}${systemdsystemunitdir}/sysinit.target.wants"
- ln -rfs "${initdir}${systemdsystemunitdir}/rngd.service" \
- "${initdir}${systemdsystemunitdir}/sysinit.target.wants/rngd.service"
+
+ systemctl -q --root "$initdir" add-wants sysinit.target rngd.service
}
diff --git a/modules.d/90multipath/module-setup.sh b/modules.d/90multipath/module-setup.sh
index 2b9a3166..8a032c86 100755
--- a/modules.d/90multipath/module-setup.sh
+++ b/modules.d/90multipath/module-setup.sh
@@ -110,8 +110,7 @@ install() {
if dracut_module_included "systemd"; then
inst_simple "${moddir}/multipathd.service" "${systemdsystemunitdir}/multipathd.service"
- mkdir -p "${initdir}${systemdsystemunitdir}/sysinit.target.wants"
- ln -rfs "${initdir}${systemdsystemunitdir}/multipathd.service" "${initdir}${systemdsystemunitdir}/sysinit.target.wants/multipathd.service"
+ systemctl -q --root "$initdir" enable multipathd.service
else
inst_hook pre-trigger 02 "$moddir/multipathd.sh"
inst_hook cleanup 02 "$moddir/multipathd-stop.sh"
diff --git a/modules.d/90stratis/module-setup.sh b/modules.d/90stratis/module-setup.sh
index 29f0765b..943f572e 100755
--- a/modules.d/90stratis/module-setup.sh
+++ b/modules.d/90stratis/module-setup.sh
@@ -24,8 +24,7 @@ install() {
if dracut_module_included "systemd"; then
inst_simple "${moddir}/stratisd-init.service" "${systemdsystemunitdir}/stratisd-init.service"
- mkdir -p "${initdir}${systemdsystemunitdir}/sysinit.target.wants"
- ln -rfs "${initdir}${systemdsystemunitdir}/stratisd-init.service" "${initdir}${systemdsystemunitdir}/sysinit.target.wants/stratisd-init.service"
+ systemctl -q --root "$initdir" enable stratisd-init.service
else
inst_hook cmdline 25 "$moddir/stratisd-start.sh"
inst_hook cleanup 25 "$moddir/stratisd-stop.sh"
diff --git a/modules.d/95iscsi/module-setup.sh b/modules.d/95iscsi/module-setup.sh
index f6f3520d..47a92e94 100755
--- a/modules.d/95iscsi/module-setup.sh
+++ b/modules.d/95iscsi/module-setup.sh
@@ -242,20 +242,18 @@ install() {
$systemdsystemunitdir/iscsiuio.socket \
iscsiadm iscsid
- mkdir -p "${initdir}/$systemdsystemunitdir/sockets.target.wants"
for i in \
iscsid.socket \
iscsiuio.socket \
; do
- ln_r "$systemdsystemunitdir/${i}" "$systemdsystemunitdir/sockets.target.wants/${i}"
+ systemctl -q --root "$initdir" enable "$i"
done
-
- mkdir -p "${initdir}/$systemdsystemunitdir/basic.target.wants"
+
for i in \
iscsid.service \
iscsiuio.service \
; do
- ln_r "$systemdsystemunitdir/${i}" "$systemdsystemunitdir/basic.target.wants/${i}"
+ systemctl -q --root "$initdir" add-wants basic.target "$i"
done
# Make sure iscsid is started after dracut-cmdline and ready for the initqueue
diff --git a/modules.d/98dracut-systemd/module-setup.sh b/modules.d/98dracut-systemd/module-setup.sh
index 900162c3..1387433a 100755
--- a/modules.d/98dracut-systemd/module-setup.sh
+++ b/modules.d/98dracut-systemd/module-setup.sh
@@ -43,7 +43,6 @@ install() {
inst_script "$moddir/rootfs-generator.sh" $systemdutildir/system-generators/dracut-rootfs-generator
- mkdir -p "${initdir}/$systemdsystemunitdir/initrd.target.wants"
for i in \
dracut-cmdline.service \
dracut-cmdline-ask.service \
@@ -55,7 +54,7 @@ install() {
dracut-pre-udev.service \
; do
inst_simple "$moddir/${i}" "$systemdsystemunitdir/${i}"
- ln_r "$systemdsystemunitdir/${i}" "$systemdsystemunitdir/initrd.target.wants/${i}"
+ systemctl -q --root "$initdir" add-wants initrd.target "$i"
done
inst_simple "$moddir/dracut-tmpfiles.conf" "$tmpfilesdir/dracut-tmpfiles.conf"
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index e7e9ed8e..7aa0b447 100644
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -25,6 +25,5 @@ install() {
inst $moddir/init.sh /squash/init.sh
inst "$moddir/squash-mnt-clear.service" "$systemdsystemunitdir/squash-mnt-clear.service"
- mkdir -p "$initdir$systemdsystemunitdir/initrd-switch-root.target.wants"
- ln_r "$systemdsystemunitdir/squash-mnt-clear.service" "$systemdsystemunitdir/initrd-switch-root.target.wants/squash-mnt-clear.service"
+ systemctl -q --root "$initdir" add-wants initrd-switch-root.target squash-mnt-clear.service
}

View File

@ -1,104 +0,0 @@
From 603f33e28cfad45c4bf9ade8e3ff3b9014b5bd4d Mon Sep 17 00:00:00 2001
From: Ben Howard <ben.howard@redhat.com>
Date: Fri, 3 Apr 2020 13:32:44 -0600
Subject: [PATCH] multipath: add automatic configuration for multipath
Add support for 'rd.multipath=default' for using the default
configuration on boot. The intended purpose for this is to help support
ostree-based image boots from multipathed devices (such as Fedora and
Red Hat CoreOS).
(cherry picked from commit b8a92b715677d52dbc2b27a710b9816fd8b9a63b)
Resolves: #1888779
---
dracut.cmdline.7.asc | 3 +++
modules.d/90multipath/module-setup.sh | 7 +++++--
modules.d/90multipath/multipathd-configure.service | 19 +++++++++++++++++++
modules.d/90multipath/multipathd.sh | 5 +++++
4 files changed, 32 insertions(+), 2 deletions(-)
diff --git a/dracut.cmdline.7.asc b/dracut.cmdline.7.asc
index 4a7c2517..19b5cc87 100644
--- a/dracut.cmdline.7.asc
+++ b/dracut.cmdline.7.asc
@@ -406,6 +406,9 @@ MULTIPATH
**rd.multipath=0**::
disable multipath detection
+**rd.multipath=default**::
+ use default multipath settings
+
FIPS
~~~~
**rd.fips**::
diff --git a/modules.d/90multipath/module-setup.sh b/modules.d/90multipath/module-setup.sh
index 8a032c86..a7f250f3 100755
--- a/modules.d/90multipath/module-setup.sh
+++ b/modules.d/90multipath/module-setup.sh
@@ -83,11 +83,12 @@ install() {
dmsetup \
kpartx \
mpath_wait \
+ mpathconf \
+ mpathpersist \
multipath \
multipathd \
- mpathpersist \
- xdrgetuid \
xdrgetprio \
+ xdrgetuid \
/etc/xdrdevices.conf \
/etc/multipath.conf \
/etc/multipath/* \
@@ -109,7 +110,9 @@ install() {
fi
if dracut_module_included "systemd"; then
+ inst_simple "${moddir}/multipathd-configure.service" "${systemdsystemunitdir}/multipathd-configure.service"
inst_simple "${moddir}/multipathd.service" "${systemdsystemunitdir}/multipathd.service"
+ systemctl -q --root "$initdir" enable multipathd-configure.service
systemctl -q --root "$initdir" enable multipathd.service
else
inst_hook pre-trigger 02 "$moddir/multipathd.sh"
diff --git a/modules.d/90multipath/multipathd-configure.service b/modules.d/90multipath/multipathd-configure.service
new file mode 100644
index 00000000..de690615
--- /dev/null
+++ b/modules.d/90multipath/multipathd-configure.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Device-Mapper Multipath Default Configuration
+Before=iscsi.service iscsid.service lvm2-activation-early.service
+Wants=systemd-udev-trigger.service systemd-udev-settle.service local-fs-pre.target
+After=systemd-udev-trigger.service systemd-udev-settle.service
+Before=local-fs-pre.target multipathd.service
+DefaultDependencies=no
+Conflicts=shutdown.target
+
+ConditionKernelCommandLine=rd.multipath=default
+ConditionPathExists=!/etc/multipath.conf
+
+[Service]
+Type=oneshot
+ExecStartPre=-/usr/bin/mkdir -p /etc/multipath/multipath.conf.d
+ExecStart=/usr/sbin/mpathconf --enable
+
+[Install]
+WantedBy=sysinit.target
diff --git a/modules.d/90multipath/multipathd.sh b/modules.d/90multipath/multipathd.sh
index 2c2dcc85..936c5dc7 100755
--- a/modules.d/90multipath/multipathd.sh
+++ b/modules.d/90multipath/multipathd.sh
@@ -1,5 +1,10 @@
#!/bin/sh
+if [ "$(getarg rd.multipath)x" == "default" ] && [ ! -e /etc/multipath.conf ]; then
+ mkdir -p /etc/multipath/multipath.conf.d
+ mpathconf --enable
+fi
+
if getargbool 1 rd.multipath -d -n rd_NO_MULTIPATH && [ -e /etc/multipath.conf ]; then
modprobe dm-multipath
multipathd -B || multipathd

View File

@ -1,66 +0,0 @@
From 1e7a27bd5f463409392d34816a10bf108ee896c6 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Fri, 9 Oct 2020 19:44:35 -0400
Subject: [PATCH] 98dracut-systemd: don't wait for root device if remote
cryptsetup active
This is a plain and simple hack around dependency issues between dracut
and systemd.
When using Tang-pinned LUKS root devices, we want to rely on
`systemd-cryptsetup@.service` to unlock it. However, that service only
runs `After=remote-fs-pre.target`, while `dracut-initqueue.service` has
`Before=remote-fs-pre.target` (which makes sense because we don't want
to attempt networked root devices before networking is up).
However, the rootfs-generator here wants to make sure that the root
device exists *before* exiting the initqueue via an initqueue/finished
"devexists" hook. This will never work though because by design
`systemd-cryptsetup@.service`, which unlocks the root device, won't run
until after we exit.
So we have a dependency cycle:
initqueue -> devexists hook -> root device ->
systemd-cryptsetup@.service -> remote-fs-pre.target -> initqueue
There's no clean way to break this. The root issue is that there's no
way right now to split sequencing of systemd services across the
initqueue/online and initqueue/finished events because it's all bundled
in a single service. (The deeper root issue of course is that we have
two init systems. :) ).
Here we do a tactical fix: if there's a `systemd-cryptsetup@.service`
instance, let's assume it's for the root device and skip waiting for it
to show up if it depends on `remote-fs-pre.target`.
(cherry picked from commit 512c51d2677dd1637cc203e3676fefb50a3d73d0)
Resolves: #1897384
---
modules.d/98dracut-systemd/rootfs-generator.sh | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/modules.d/98dracut-systemd/rootfs-generator.sh b/modules.d/98dracut-systemd/rootfs-generator.sh
index 4ae693bb..bb376c0f 100755
--- a/modules.d/98dracut-systemd/rootfs-generator.sh
+++ b/modules.d/98dracut-systemd/rootfs-generator.sh
@@ -13,8 +13,15 @@ generator_wait_for_dev()
if ! [ -e "$hookdir/initqueue/finished/devexists-${_name}.sh" ]; then
- printf '[ -e "%s" ]\n' $1 \
- >> "$hookdir/initqueue/finished/devexists-${_name}.sh"
+ # If a LUKS device needs unlocking via systemd in the initrd, assume
+ # it's for the root device. In that case, don't block on it if it's
+ # after remote-fs-pre.target since the initqueue is ordered before it so
+ # it will never actually show up (think Tang-pinned rootfs).
+ cat > "$hookdir/initqueue/finished/devexists-${_name}.sh" << EOF
+if ! grep -q After=remote-fs-pre.target /run/systemd/generator/systemd-cryptsetup@*.service 2>/dev/null; then
+ [ -e "$1" ]
+fi
+EOF
{
printf '[ -e "%s" ] || ' $1
printf 'warn "\"%s\" does not exist"\n' $1

Some files were not shown because too many files have changed in this diff Show More