Unnamed repository
228cf59003
Resolves: https://issues.redhat.com/browse/RHEL-124989 Conflict: Upstream has slightly different format commit c08d151016ab4d62addc2ec8089a756c0d89d583 Author: Coiby Xu <coxu@redhat.com> Date: Wed Nov 5 10:14:28 2025 +0800 Allow "sudo kdumpctl" for LUKS dump target Some users may run kdumcptl after "sudo su" or use "sudo kdumpctl". And kdump will fail, # sudo kdumcptl restart request_key: Required key not available keyctl_set_timeout: Invalid argument kexec_file_load failed: Required key not available kdump: kexec: failed to load kdump kernel This happens because the LUKS keys is can only be searched (keyctl request) by the process but not by the user and sudo process inherits the session keyring (@s) of the original user (test in the following example), [test@localhost ~]$ sudo keyctl add user testkey testdata @u 711801750 [test@localhost ~]$ sudo grep testkey /proc/keys 2a6d3b96 I--Q--- 1 perm 3f010000 0 0 user testkey: 8 [test@localhost ~]$ sudo keyctl show 711801750 Keyring Unable to dump key: Permission denied The permission "3f010000" means the process has all the permissions but user only has the view permission i.e. "sudo keyctl show/list @u" will list all the keys but "sudo keyctl show KEY_ID" won't work. Automatically use "sudo -i" which will use the session keyring (@s) of the root to support "sudo kdumpctl". Note "sudo -i kexec" is also needed in order for the process to read the keys in the kernel space. Reported-by: Li Tian <litian@redhat.com> Signed-off-by: Coiby Xu <coxu@redhat.com> |
||
|---|---|---|
| spec | ||
| tests | ||
| .editorconfig | ||
| .gitignore | ||
| 60-fadump.install | ||
| 60-kdump.install | ||
| 92-crashkernel.install | ||
| 98-kexec.rules | ||
| 98-kexec.rules.ppc64 | ||
| 99-kdump.conf | ||
| crashkernel-howto.txt | ||
| dracut-early-kdump-module-setup.sh | ||
| dracut-early-kdump.sh | ||
| dracut-fadump-init-fadump.sh | ||
| dracut-fadump-module-setup.sh | ||
| dracut-kdump-capture.service | ||
| dracut-kdump-emergency.service | ||
| dracut-kdump-emergency.target | ||
| dracut-kdump.sh | ||
| dracut-kexec-crypt-setup.sh | ||
| dracut-module-setup.sh | ||
| dracut-monitor_dd_progress | ||
| early-kdump-howto.txt | ||
| fadump-howto.txt | ||
| gating.yaml | ||
| gen-kdump-conf.sh | ||
| kdump-dep-generator.sh | ||
| kdump-in-cluster-environment.txt | ||
| kdump-lib-initramfs.sh | ||
| kdump-lib.sh | ||
| kdump-logger.sh | ||
| kdump-migrate-action.sh | ||
| kdump-restart.sh | ||
| kdump-udev-throttler | ||
| kdump.conf.5 | ||
| kdump.service | ||
| kdump.sysconfig | ||
| kdump.sysconfig.aarch64 | ||
| kdump.sysconfig.i386 | ||
| kdump.sysconfig.ppc64 | ||
| kdump.sysconfig.ppc64le | ||
| kdump.sysconfig.s390x | ||
| kdump.sysconfig.x86_64 | ||
| kdumpctl | ||
| kdumpctl.8 | ||
| kexec_file-add-kexec_file-flag-to-support-debug-prin.patch | ||
| kexec-kdump-howto.txt | ||
| kexec-tools.spec | ||
| kexec-update-manpage-with-explicit-mention-of-clean-.patch | ||
| live-image-kdump-howto.txt | ||
| mkdumprd | ||
| mkdumprd.8 | ||
| mkfadumprd | ||
| README | ||
| sources | ||
| supported-kdump-targets.txt | ||
| zanata-notes.txt | ||
Adding a patch to kexec-tools ============================= There is a mailing list kexec@lists.fedoraproject.org where all the dicussion related to fedora kexec-tools happen. All the patches are posted there for inclusion and committed to kexec-tools after review. So if you want your patches to be included in fedora kexec-tools package, post these to kexec@lists.fedoraproject.org. One can subscribe to list and browse through archives here. https://admin.fedoraproject.org/mailman/listinfo/kexec