From 549f7befa441cd94177dbeaf9f4ba9b53ed39993 Mon Sep 17 00:00:00 2001 From: Coiby Xu Date: Thu, 9 Oct 2025 16:51:36 +0800 Subject: [PATCH] LUKS: make /usr writable Resolves: https://issues.redhat.com/browse/RHEL-104940 Conflict: None commit dd8d34c4baf9878fa7ff2e5f6807cfc93ae40e0b Author: Coiby Xu Date: Tue Jun 4 15:51:47 2024 +0800 LUKS: make /usr writable Since systemd commit ffc1ec73b3 ("pid1: add ProtectSystem= as system-wide configuration, and default it to true in the initrd"), systemd makes /usr read-only by default and it will cause dracut to not wait for the LUKS-encrypted devices to be unlocked, dracut-cmdline[296]: mv: inter-device move failed: '/tmp/294-daemon-reload.sh' to '/lib/dracut/hooks/initqueue/daemon-reload.sh'; unable to remove target: Read-only file syste dracut-cmdline[294]: /sbin/initqueue: line 71: /lib/dracut/hooks/initqueue/work: Read-only file system dracut-cmdline[221]: /lib/dracut-dev-lib.sh: line 118: /lib/dracut/hooks/initqueue/finished/devexists-\x2fdev\x2fmyvg\x2fluks_lv.sh: Read-only file system dracut-cmdline[221]: /lib/dracut-dev-lib.sh: line 103: /lib/dracut/hooks/emergency/80-\x2fdev\x2fmyvg\x2fluks_lv.sh: Read-only file system Fix the above issue by making /usr writable. Signed-off-by: Coiby Xu Signed-off-by: Coiby Xu --- dracut-module-setup.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/dracut-module-setup.sh b/dracut-module-setup.sh index 2673a87..cb3d8d4 100755 --- a/dracut-module-setup.sh +++ b/dracut-module-setup.sh @@ -1186,6 +1186,13 @@ $CRYPTSETUP_PATH luksOpen --volume-key-keyring \ EOF done + # latest systemd makes /usr read-only by default + mkdir -p "${initdir}/etc/systemd/system.conf.d" + cat << EOF > "${initdir}/etc/systemd/system.conf.d/kdump_luks.conf" +[Manager] +ProtectSystem=false +EOF + dracut_need_initqueue }