a3b408b277
- enable dracut-cpio binary - feat(fips-crypto-policies): make c-p follow FIPS mode automatically - fix(fips-crypto-policies): make it depend on fips dracut module Resolves: RHEL-59678,RHEL-65204 From-source-git-commit: ff3186be9d5871c6ec216019463199bb78cc1b32
314 lines
9.3 KiB
Diff
314 lines
9.3 KiB
Diff
From 043aef3a9dee83818d67697fb6ad203dc3e87c39 Mon Sep 17 00:00:00 2001
|
|
From: Philipp Rudo <prudo@redhat.com>
|
|
Date: Mon, 26 Aug 2024 15:23:41 +0200
|
|
Subject: [PATCH 28/32] fix(squash): remove cyclic dependency
|
|
|
|
With commit d0f8fde5 ("fix(dracut-init.sh): add module to mods_to_load
|
|
before checking dependencies") reverted 99squash can no longer rely on
|
|
dracut_module_included working as expected in its check() and depends()
|
|
function. Solve this problem by breaking up the cyclic dependency
|
|
between 99squash and 95squash-{squashfs,erofs} as the commit was
|
|
originally introduced to allow this cyclic dependency.
|
|
|
|
This requires to move all code shared by 95squash-{squashfs,erofs} from
|
|
99squash to a new 99squash-lib module and update the dependencies
|
|
accordingly. In addition update the checks in dracut.sh to check for
|
|
99squash-lib as 99squash is no longer guaranteed to be included.
|
|
Finally make sure that 99squash-lib isn't included without a back
|
|
end.
|
|
|
|
While at it improve and align the error messages in 99squash and
|
|
99squash-lib.
|
|
|
|
Signed-off-by: Philipp Rudo <prudo@redhat.com>
|
|
(cherry picked from commit d5783635950e38cccf334e7163db79f280650fa2)
|
|
|
|
Resolves: RHEL-43460
|
|
---
|
|
dracut.sh | 6 +-
|
|
modules.d/95squash-erofs/module-setup.sh | 2 +-
|
|
modules.d/95squash-squashfs/module-setup.sh | 2 +-
|
|
.../{99squash => 99squash-lib}/init-squash.sh | 0
|
|
modules.d/99squash-lib/module-setup.sh | 101 ++++++++++++++++++
|
|
modules.d/99squash/module-setup.sh | 80 +-------------
|
|
6 files changed, 110 insertions(+), 81 deletions(-)
|
|
rename modules.d/{99squash => 99squash-lib}/init-squash.sh (100%)
|
|
create mode 100755 modules.d/99squash-lib/module-setup.sh
|
|
|
|
diff --git a/dracut.sh b/dracut.sh
|
|
index 4d2e3df2..db6713a9 100755
|
|
--- a/dracut.sh
|
|
+++ b/dracut.sh
|
|
@@ -1894,7 +1894,7 @@ if [[ $kernel_only != yes ]]; then
|
|
fi
|
|
fi
|
|
|
|
-dracut_module_included "squash" && mkdir -p "$squashdir"
|
|
+dracut_module_included "squash-lib" && mkdir -p "$squashdir"
|
|
|
|
_isize=0 #initramfs size
|
|
modules_loaded=" "
|
|
@@ -2264,9 +2264,9 @@ if [[ $do_strip == yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
|
|
dinfo "*** Stripping files done ***"
|
|
fi
|
|
|
|
-if dracut_module_included "squash"; then
|
|
+if dracut_module_included "squash-lib"; then
|
|
dinfo "*** Squashing the files inside the initramfs ***"
|
|
- DRACUT_SQUASH_POST_INST=1 module_install "squash"
|
|
+ DRACUT_SQUASH_POST_INST=1 module_install "squash-lib"
|
|
rm -rf "$squashdir"
|
|
dinfo "*** Squashing the files inside the initramfs done ***"
|
|
|
|
diff --git a/modules.d/95squash-erofs/module-setup.sh b/modules.d/95squash-erofs/module-setup.sh
|
|
index d763a902..a6e7ad0b 100755
|
|
--- a/modules.d/95squash-erofs/module-setup.sh
|
|
+++ b/modules.d/95squash-erofs/module-setup.sh
|
|
@@ -8,7 +8,7 @@ check() {
|
|
}
|
|
|
|
depends() {
|
|
- echo "squash"
|
|
+ echo "squash-lib"
|
|
return 0
|
|
}
|
|
|
|
diff --git a/modules.d/95squash-squashfs/module-setup.sh b/modules.d/95squash-squashfs/module-setup.sh
|
|
index 83973700..d15586da 100755
|
|
--- a/modules.d/95squash-squashfs/module-setup.sh
|
|
+++ b/modules.d/95squash-squashfs/module-setup.sh
|
|
@@ -8,7 +8,7 @@ check() {
|
|
}
|
|
|
|
depends() {
|
|
- echo "squash"
|
|
+ echo "squash-lib"
|
|
return 0
|
|
}
|
|
|
|
diff --git a/modules.d/99squash/init-squash.sh b/modules.d/99squash-lib/init-squash.sh
|
|
similarity index 100%
|
|
rename from modules.d/99squash/init-squash.sh
|
|
rename to modules.d/99squash-lib/init-squash.sh
|
|
diff --git a/modules.d/99squash-lib/module-setup.sh b/modules.d/99squash-lib/module-setup.sh
|
|
new file mode 100755
|
|
index 00000000..6a0b6f85
|
|
--- /dev/null
|
|
+++ b/modules.d/99squash-lib/module-setup.sh
|
|
@@ -0,0 +1,101 @@
|
|
+#!/bin/bash
|
|
+
|
|
+check() {
|
|
+ require_kernel_modules loop overlay || return 1
|
|
+
|
|
+ return 255
|
|
+}
|
|
+
|
|
+depends() {
|
|
+ echo "systemd-initrd"
|
|
+
|
|
+ return 0
|
|
+}
|
|
+
|
|
+squash_get_handler() {
|
|
+ local _module _handler
|
|
+ local -a _modules=(squash-squashfs squash-erofs)
|
|
+
|
|
+ for _module in "${_modules[@]}"; do
|
|
+ if dracut_module_included "$_module"; then
|
|
+ _handler="$_module"
|
|
+ break
|
|
+ fi
|
|
+ done
|
|
+
|
|
+ if [[ -z $_handler ]]; then
|
|
+ dfatal "Cannot include squash-lib directly. It requires one of: ${_modules[*]}"
|
|
+ return 1
|
|
+ fi
|
|
+
|
|
+ echo "$_handler"
|
|
+}
|
|
+
|
|
+squash_install() {
|
|
+ local _busybox _dir
|
|
+
|
|
+ # verify that there is a valid handler before doing anything
|
|
+ squash_get_handler > /dev/null || return 1
|
|
+
|
|
+ _busybox=$(find_binary busybox)
|
|
+
|
|
+ # Create mount points for squash loader and basic directories
|
|
+ mkdir -p "$initdir"/squash
|
|
+ for _dir in squash usr/bin usr/sbin usr/lib; do
|
|
+ mkdir -p "$squashdir/$_dir"
|
|
+ [[ $_dir == usr/* ]] && ln_r "/$_dir" "${_dir#usr}"
|
|
+ done
|
|
+
|
|
+ # Install required modules and binaries for the squash image init script.
|
|
+ if [[ $_busybox ]]; then
|
|
+ module_install "busybox"
|
|
+ else
|
|
+ DRACUT_RESOLVE_DEPS=1 inst_multiple sh mount modprobe mkdir switch_root grep umount
|
|
+
|
|
+ # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so
|
|
+ inst_libdir_file -o "libgcc_s.so*"
|
|
+
|
|
+ # FIPS workaround for Fedora/RHEL: libcrypto needs libssl when FIPS is enabled
|
|
+ [[ $DRACUT_FIPS_MODE ]] && inst_libdir_file -o "libssl.so*"
|
|
+ fi
|
|
+
|
|
+ hostonly="" instmods "loop" "overlay"
|
|
+ dracut_kernel_post
|
|
+
|
|
+ # Install squash image init script.
|
|
+ inst_simple "$moddir"/init-squash.sh /init
|
|
+
|
|
+ # make sure that library links are correct and up to date for squash loader
|
|
+ build_ld_cache
|
|
+}
|
|
+
|
|
+squash_installpost() {
|
|
+ local _file _handler
|
|
+
|
|
+ _handler=$(squash_get_handler)
|
|
+ [[ -n $_handler ]] || return 1
|
|
+
|
|
+ DRACUT_SQUASH_POST_INST=1 module_install "$_handler"
|
|
+
|
|
+ # Rescue the dracut spec files so dracut rebuild and lsinitrd can work
|
|
+ for _file in "$initdir"/usr/lib/dracut/*; do
|
|
+ [[ -f $_file ]] || continue
|
|
+ DRACUT_RESOLVE_DEPS=1 dstdir=$squashdir inst "$_file" "${_file#"$initdir"}"
|
|
+ done
|
|
+
|
|
+ # Remove everything that got squashed into the image
|
|
+ for _file in "$initdir"/*; do
|
|
+ [[ $_file == "$squashdir" ]] && continue
|
|
+ rm -rf "$_file"
|
|
+ done
|
|
+ mv "$squashdir"/* "$initdir"
|
|
+}
|
|
+
|
|
+install() {
|
|
+
|
|
+ if [[ $DRACUT_SQUASH_POST_INST ]]; then
|
|
+ squash_installpost
|
|
+ else
|
|
+ dstdir="$squashdir" squash_install
|
|
+ fi
|
|
+}
|
|
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
|
|
index 56f70774..c48ba2c5 100755
|
|
--- a/modules.d/99squash/module-setup.sh
|
|
+++ b/modules.d/99squash/module-setup.sh
|
|
@@ -1,102 +1,30 @@
|
|
#!/bin/bash
|
|
|
|
check() {
|
|
- require_kernel_modules loop overlay || return 1
|
|
-
|
|
return 255
|
|
}
|
|
|
|
depends() {
|
|
- local _handler
|
|
-
|
|
- _handler=$(squash_get_handler) || return 1
|
|
-
|
|
- echo "systemd-initrd $_handler"
|
|
- return 0
|
|
-}
|
|
-
|
|
-squash_get_handler() {
|
|
local _module _handler
|
|
+ local -a _modules=(squash-squashfs squash-erofs)
|
|
|
|
- for _module in squash-squashfs squash-erofs; do
|
|
+ for _module in "${_modules[@]}"; do
|
|
if dracut_module_included "$_module"; then
|
|
_handler="$_module"
|
|
break
|
|
fi
|
|
done
|
|
|
|
- if [ -z "$_handler" ]; then
|
|
+ if [[ -z $_handler ]]; then
|
|
if check_module "squash-squashfs"; then
|
|
_handler="squash-squashfs"
|
|
elif check_module "squash-erofs"; then
|
|
_handler="squash-erofs"
|
|
else
|
|
- dfatal "No valid handler for found"
|
|
+ dfatal "Cannot find valid handler for squash. It requires one of: ${_modules[*]}"
|
|
return 1
|
|
fi
|
|
fi
|
|
|
|
echo "$_handler"
|
|
}
|
|
-
|
|
-squash_install() {
|
|
- local _busybox _dir
|
|
- _busybox=$(find_binary busybox)
|
|
-
|
|
- # Create mount points for squash loader and basic directories
|
|
- mkdir -p "$initdir"/squash
|
|
- for _dir in squash usr/bin usr/sbin usr/lib; do
|
|
- mkdir -p "$squashdir/$_dir"
|
|
- [[ $_dir == usr/* ]] && ln_r "/$_dir" "${_dir#usr}"
|
|
- done
|
|
-
|
|
- # Install required modules and binaries for the squash image init script.
|
|
- if [[ $_busybox ]]; then
|
|
- module_install "busybox"
|
|
- else
|
|
- DRACUT_RESOLVE_DEPS=1 inst_multiple sh mount modprobe mkdir switch_root grep umount
|
|
-
|
|
- # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so
|
|
- inst_libdir_file -o "libgcc_s.so*"
|
|
-
|
|
- # FIPS workaround for Fedora/RHEL: libcrypto needs libssl when FIPS is enabled
|
|
- [[ $DRACUT_FIPS_MODE ]] && inst_libdir_file -o "libssl.so*"
|
|
- fi
|
|
-
|
|
- hostonly="" instmods "loop" "overlay"
|
|
- dracut_kernel_post
|
|
-
|
|
- # Install squash image init script.
|
|
- inst_simple "$moddir"/init-squash.sh /init
|
|
-
|
|
- # make sure that library links are correct and up to date for squash loader
|
|
- build_ld_cache
|
|
-}
|
|
-
|
|
-squash_installpost() {
|
|
- local _file
|
|
-
|
|
- DRACUT_SQUASH_POST_INST=1 module_install "$(squash_get_handler)"
|
|
-
|
|
- # Rescue the dracut spec files so dracut rebuild and lsinitrd can work
|
|
- for _file in "$initdir"/usr/lib/dracut/*; do
|
|
- [[ -f $_file ]] || continue
|
|
- DRACUT_RESOLVE_DEPS=1 dstdir=$squashdir inst "$_file" "${_file#"$initdir"}"
|
|
- done
|
|
-
|
|
- # Remove everything that got squashed into the image
|
|
- for _file in "$initdir"/*; do
|
|
- [[ $_file == "$squashdir" ]] && continue
|
|
- rm -rf "$_file"
|
|
- done
|
|
- mv "$squashdir"/* "$initdir"
|
|
-}
|
|
-
|
|
-install() {
|
|
-
|
|
- if [[ $DRACUT_SQUASH_POST_INST ]]; then
|
|
- squash_installpost
|
|
- else
|
|
- dstdir="$squashdir" squash_install
|
|
- fi
|
|
-}
|
|
--
|
|
2.42.0
|
|
|