rpms
/
dracut
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: rpms:i10cs
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i9c-beta
rpms:c9-beta
rpms:i8c-beta
rpms:c8-beta
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
..
compare: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i9c-beta
rpms:c9-beta
rpms:i8c-beta
rpms:c8-beta
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9

No commits in common. 'i10cs' and 'c9' have entirely different histories.
i10cs ... c9

76 changed files with 3253 additions and 3128 deletions
Show Stats

2
.dracut.metadata
Unescape View File

@ -1 +1 @@
6da4d27d768f049332b3b4f9ff36a4a494eda4fc SOURCES/103.tar.gz
20a52ee200099c22550e344dc041590dd570c896 SOURCES/dracut-057.tar.xz

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/103.tar.gz
SOURCES/dracut-057.tar.xz

270
SOURCES/0001.patch
Unescape View File

@ -0,0 +1,270 @@
From b13e8ee2caaa84046e25a73e52dedb9c0f5c57a3 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 12 Jul 2022 14:12:04 +0200
Subject: [PATCH] ci: all layered RHEL-9 changes
- previous downstream changes
- use dracut.spec as submitted in the PR
- sync selected changes from upstream
- add new-main for pull-requests temporarily
rhel-only
Related: #2066816
---
.github/workflows/container.yml | 7 ++--
.github/workflows/differential-shellcheck.yml | 19 ++++++++++
.github/workflows/integration.yml | 47 ++++++++++++++++++++++--
.github/workflows/lint.yml | 4 +-
.packit.yml | 36 ++++++++++++++++++
test/container/Dockerfile-CentOS-9-Stream | 53 +++++++++++++++++++++++++++
6 files changed, 158 insertions(+), 8 deletions(-)
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 03c9c5ec..99d57f5b 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -3,12 +3,12 @@ on:
schedule:
- cron: '30 11 * * *' # every day at 4:40
push:
- branches: [ master ]
+ branches: [ main ]
paths:
- 'test/container/**'
- '.github/workflows/container.yml'
pull_request:
- branches: [ master ]
+ branches: [ main new-main ]
paths:
- 'test/container/**'
- '.github/workflows/container.yml'
@@ -31,6 +31,7 @@ jobs:
- { dockerfile: 'Dockerfile-Fedora-latest', tag: 'fedora:latest' }
- { dockerfile: 'Dockerfile-OpenSuse-latest', tag: 'opensuse:latest' }
- { dockerfile: 'Dockerfile-Arch', tag: 'arch:latest' }
+ - { dockerfile: 'Dockerfile-CentOS-9-Stream', tag: 'centos:stream9' }
- { dockerfile: 'Dockerfile-Debian', tag: 'debian:latest' }
steps:
- name: Check out the repo
@@ -49,5 +50,5 @@ jobs:
uses: docker/build-push-action@v2
with:
file: test/container/${{ matrix.config.dockerfile }}
- tags: ghcr.io/dracutdevs/${{ matrix.config.tag }}
+ tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.config.tag }}
push: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
diff --git a/.github/workflows/differential-shellcheck.yml b/.github/workflows/differential-shellcheck.yml
new file mode 100644
index 00000000..c4b05fad
--- /dev/null
+++ b/.github/workflows/differential-shellcheck.yml
@@ -0,0 +1,19 @@
+name: Differential ShellCheck
+on:
+ pull_request:
+ branches: [ main new-main ]
+
+jobs:
+ test:
+ runs-on: ubuntu-20.04
+
+ steps:
+ - name: Repository checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ - name: Differential ShellCheck
+ uses: redhat-plumbers-in-action/differential-shellcheck@v2
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 3d78555f..aa354e3e 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -2,7 +2,7 @@ name: Integration Test
on:
pull_request:
- branches: [ master ]
+ branches: [ main new-main ]
jobs:
basic:
@@ -24,7 +24,7 @@ jobs:
]
fail-fast: false
container:
- image: ghcr.io/dracutdevs/${{ matrix.container }}
+ image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}
options: "--privileged -v /dev:/dev"
steps:
- name: "Checkout Repository"
@@ -69,7 +69,48 @@ jobs:
]
fail-fast: false
container:
- image: ghcr.io/dracutdevs/${{ matrix.container }}
+ image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}
+ options: "--privileged -v /dev:/dev"
+ steps:
+ - name: "Checkout Repository"
+ uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+
+ - name: "${{ matrix.container }} TEST-${{ matrix.test }}"
+ run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }}
+ centos-9-stream:
+ runs-on: ubuntu-latest
+ timeout-minutes: 45
+ concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }}
+ cancel-in-progress: true
+ strategy:
+ matrix:
+ container: [
+ "centos:stream9",
+ ]
+ # Disabled tests (due to dropped packages in RHEL/CentOS):
+ # 03, 04, 15: requires btrfs
+ # 14: requires dmraid
+ # 30, 31, 35, 36: requires scsi-target-utils
+ test: [
+ "01",
+ "02",
+ "10",
+ "11",
+ "12",
+ "13",
+ "17",
+ "20",
+ "21",
+ "40",
+ "41",
+ "98",
+ ]
+ fail-fast: false
+ container:
+ image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}
options: "--privileged -v /dev:/dev"
steps:
- name: "Checkout Repository"
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 7b1b8ee7..5e3a299f 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -2,9 +2,9 @@ name: Lint
on:
push:
- branches: [ master ]
+ branches: [ main ]
pull_request:
- branches: [ master ]
+ branches: [ main new-main ]
jobs:
lint-c:
diff --git a/.packit.yml b/.packit.yml
new file mode 100644
index 00000000..86ba83d2
--- /dev/null
+++ b/.packit.yml
@@ -0,0 +1,36 @@
+---
+# This file is part of dracut.
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+# vi:ts=2 sw=2 et:
+#
+# Docs: https://packit.dev/docs/
+
+specfile_path: pkgbuild/dracut.spec
+synced_files:
+ - .packit.yaml
+upstream_package_name: dracut
+downstream_package_name: dracut
+upstream_tag_template: "{version}"
+
+actions:
+ post-upstream-clone:
+ # Use the current specfile
+ - "cp pkgbuild/dracut.spec ."
+
+# Available targets can be listed via `copr-cli list-chroots`
+jobs:
+# Build test
+- job: copr_build
+ trigger: pull_request
+ metadata:
+ targets:
+ - centos-stream-9-x86_64
+ - centos-stream-9-aarch64
+
+# Run tests (via testing farm)
+- job: tests
+ trigger: pull_request
+ metadata:
+ targets:
+ - centos-stream-9-x86_64
diff --git a/test/container/Dockerfile-CentOS-9-Stream b/test/container/Dockerfile-CentOS-9-Stream
new file mode 100644
index 00000000..c9a96020
--- /dev/null
+++ b/test/container/Dockerfile-CentOS-9-Stream
@@ -0,0 +1,53 @@
+FROM quay.io/centos/centos:stream9
+
+MAINTAINER https://github.com/dracutdevs/dracut
+
+ENV container docker
+LABEL RUN="docker run -it --name NAME --privileged --ipc=host --net=host --pid=host -e NAME=NAME -e IMAGE=IMAGE IMAGE"
+
+RUN echo 'export DRACUT_NO_XATTR=1 KVERSION=$(cd /lib/modules; ls -1 | tail -1)' > /etc/profile.d/dracut-test.sh
+
+# Install needed packages for the dracut CI container
+# FIXME: properly re-add dash once C9S EPEL is available
+RUN dnf -y install --enablerepo crb --setopt=install_weak_deps=False \
+ http://mirrors.kernel.org/fedora/releases/34/Everything/x86_64/os/Packages/d/dash-0.5.10.2-8.fc34.x86_64.rpm \
+ qemu-kvm \
+ NetworkManager \
+ asciidoc \
+ bash-completion \
+ bzip2 \
+ cryptsetup \
+ dbus-daemon \
+ dhcp-client \
+ dhcp-server \
+ e2fsprogs \
+ gcc \
+ git \
+ iproute \
+ iputils \
+ iscsi-initiator-utils \
+ kbd \
+ kernel \
+ kmod-devel \
+ lvm2 \
+ make \
+ mdadm \
+ nfs-utils \
+ pigz \
+ rpm-build \
+ strace \
+ sudo \
+ tar \
+ tcpdump \
+ wget \
+ which \
+ xz \
+ && dnf -y update && dnf clean all
+
+# C9S ships only qemu-kvm, but it disables the KVM accel when it's not
+# available
+RUN ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu-kvm && \
+ ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu-system-$(uname -m)
+
+# Set default command
+CMD ["/usr/bin/bash"]

238
SOURCES/0002-revert-fix-install.d-correctly-install-pre-genned-im.patch
Unescape View File

@ -1,238 +0,0 @@
From 9b7740eaf33357cc087c83d95d089bdf8ead07dd Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Wed, 12 Jun 2024 06:30:42 +0200
Subject: [PATCH 02/32] revert: "fix(install.d): correctly install pre-genned
image and die if no args"
revert: "fix(install.d): simplify and use what kernel-install gives us"
This reverts commits:
d40155385d060f8d8608fa8a4931e2e42ddc3a8f
8388ad149c698c951089606352fdb0cdcaaf40c9
https://github.com/dracut-ng/dracut-ng/issues/334
This is temporary, until the `20-grub.install` will be able to handle initrd
from kernel staging area.
---
install.d/50-dracut.install | 152 ++++++++++++++++++-----------
install.d/51-dracut-rescue.install | 22 +----
2 files changed, 97 insertions(+), 77 deletions(-)
diff --git a/install.d/50-dracut.install b/install.d/50-dracut.install
index 14f87721..441414ac 100755
--- a/install.d/50-dracut.install
+++ b/install.d/50-dracut.install
@@ -1,13 +1,13 @@
#!/bin/bash
-COMMAND="${1:?}"
-KERNEL_VERSION="${2:?}"
-#shellcheck disable=SC2034
+COMMAND="$1"
+KERNEL_VERSION="$2"
BOOT_DIR_ABS="$3"
KERNEL_IMAGE="$4"
-# If the initrd was provided on the kernel command line, we shouldn't generate our own.
-if [[ "$COMMAND" != "add" || "$#" -gt 4 ]]; then
+# If KERNEL_INSTALL_MACHINE_ID is defined but empty, BOOT_DIR_ABS is a fake directory.
+# So, let's skip to create initrd.
+if ! [[ ${KERNEL_INSTALL_MACHINE_ID-x} ]]; then
exit 0
fi
@@ -16,64 +16,102 @@ if [[ "$KERNEL_INSTALL_IMAGE_TYPE" = "uki" ]]; then
exit 0
fi
-if [[ "${KERNEL_INSTALL_INITRD_GENERATOR:-dracut}" = "dracut" ]]; then
- # We are the initrd generator
- IMAGE="initrd"
- UEFI_OPTS="--no-uefi"
+# Mismatching the install layout and the --uefi/--no-uefi opts just creates a mess.
+if [[ $KERNEL_INSTALL_LAYOUT == "uki" && -n $KERNEL_INSTALL_STAGING_AREA ]]; then
+ BOOT_DIR_ABS="$KERNEL_INSTALL_STAGING_AREA"
+ if [[ -z $KERNEL_INSTALL_UKI_GENERATOR || $KERNEL_INSTALL_UKI_GENERATOR == "dracut" ]]; then
+ # No uki generator preference set or we have been chosen
+ IMAGE="uki.efi"
+ UEFI_OPTS="--uefi"
+ elif [[ -z $KERNEL_INSTALL_INITRD_GENERATOR || $KERNEL_INSTALL_INITRD_GENERATOR == "dracut" ]]; then
+ # We aren't the uki generator, but we have been requested to make the initrd
+ IMAGE="initrd"
+ UEFI_OPTS="--no-uefi"
+ else
+ exit 0
+ fi
+elif [[ $KERNEL_INSTALL_LAYOUT == "bls" && -n $KERNEL_INSTALL_STAGING_AREA ]]; then
+ BOOT_DIR_ABS="$KERNEL_INSTALL_STAGING_AREA"
+ if [[ -z $KERNEL_INSTALL_INITRD_GENERATOR || $KERNEL_INSTALL_INITRD_GENERATOR == "dracut" ]]; then
+ IMAGE="initrd"
+ UEFI_OPTS="--no-uefi"
+ else
+ exit 0
+ fi
else
- exit 0
+ # No layout information, use users --uefi/--no-uefi preference
+ UEFI_OPTS=""
+ if [[ -d $BOOT_DIR_ABS ]]; then
+ IMAGE="initrd"
+ else
+ BOOT_DIR_ABS="/boot"
+ IMAGE="initramfs-${KERNEL_VERSION}.img"
+ fi
fi
-if [[ "$KERNEL_INSTALL_UKI_GENERATOR" = "dracut" ]]; then
- # We are chosen to generate the UKI as well as initrd
- IMAGE="uki.efi"
- UEFI_OPTS="--uefi"
-fi
+ret=0
-if [[ -f ${KERNEL_IMAGE%/*}/$IMAGE ]]; then
- # we found an initrd or uki.efi at the same place as the kernel
- # use this and don't generate a new one
- [[ $KERNEL_INSTALL_VERBOSE == 1 ]] && echo \
- "There is an $IMAGE image at the same place as the kernel, skipping generating a new one"
- cp --reflink=auto "${KERNEL_IMAGE%/*}/$IMAGE" "$KERNEL_INSTALL_STAGING_AREA/$IMAGE" \
- && chown root:root "$KERNEL_INSTALL_STAGING_AREA/$IMAGE" \
- && chmod 0600 "$KERNEL_INSTALL_STAGING_AREA/$IMAGE" \
- && exit 0
-fi
+case "$COMMAND" in
+ add)
+ if [[ $IMAGE == "uki.efi" ]]; then
+ IMAGE_PREGENERATED=${KERNEL_IMAGE%/*}/uki.efi
+ else
+ IMAGE_PREGENERATED=${KERNEL_IMAGE%/*}/initrd
+ fi
+ if [[ -f ${IMAGE_PREGENERATED} ]]; then
+ # we found an initrd or uki.efi at the same place as the kernel
+ # use this and don't generate a new one
+ [[ $KERNEL_INSTALL_VERBOSE == 1 ]] && echo \
+ "There is an ${IMAGE} image at the same place as the kernel, skipping generating a new one"
+ cp --reflink=auto "$IMAGE_PREGENERATED" "$BOOT_DIR_ABS/$IMAGE" \
+ && chown root:root "$BOOT_DIR_ABS/$IMAGE" \
+ && chmod 0600 "$BOOT_DIR_ABS/$IMAGE" \
+ && exit 0
+ fi
-if [ -n "$KERNEL_INSTALL_CONF_ROOT" ]; then
- if [ -f "$KERNEL_INSTALL_CONF_ROOT/cmdline" ]; then
- read -r -d '' -a BOOT_OPTIONS < "$KERNEL_INSTALL_CONF_ROOT/cmdline"
- fi
-elif [[ -f /etc/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline
-elif [[ -f /usr/lib/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline
-else
- declare -a BOOT_OPTIONS
+ if [ -n "$KERNEL_INSTALL_CONF_ROOT" ]; then
+ if [ -f "$KERNEL_INSTALL_CONF_ROOT/cmdline" ]; then
+ read -r -d '' -a BOOT_OPTIONS < "$KERNEL_INSTALL_CONF_ROOT/cmdline"
+ fi
+ elif [[ -f /etc/kernel/cmdline ]]; then
+ read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline
+ elif [[ -f /usr/lib/kernel/cmdline ]]; then
+ read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline
+ else
+ declare -a BOOT_OPTIONS
- read -r -d '' -a line < /proc/cmdline
- for i in "${line[@]}"; do
- [[ ${i#initrd=*} != "$i" ]] && continue
- BOOT_OPTIONS+=("$i")
- done
-fi
+ read -r -d '' -a line < /proc/cmdline
+ for i in "${line[@]}"; do
+ [[ ${i#initrd=*} != "$i" ]] && continue
+ BOOT_OPTIONS+=("$i")
+ done
+ fi
-unset noimageifnotneeded
+ unset noimageifnotneeded
-for ((i = 0; i < "${#BOOT_OPTIONS[@]}"; i++)); do
- # shellcheck disable=SC1001
- if [[ ${BOOT_OPTIONS[$i]} == root\=PARTUUID\=* ]]; then
- noimageifnotneeded="yes"
- break
- fi
-done
+ for ((i = 0; i < "${#BOOT_OPTIONS[@]}"; i++)); do
+ # shellcheck disable=SC1001
+ if [[ ${BOOT_OPTIONS[$i]} == root\=PARTUUID\=* ]]; then
+ noimageifnotneeded="yes"
+ break
+ fi
+ done
+
+ # shellcheck disable=SC2046
+ dracut -f \
+ ${noimageifnotneeded:+--noimageifnotneeded} \
+ $([[ $KERNEL_INSTALL_VERBOSE == 1 ]] && echo --verbose) \
+ $([[ -n $KERNEL_IMAGE ]] && echo --kernel-image "$KERNEL_IMAGE") \
+ "$UEFI_OPTS" \
+ --kver "$KERNEL_VERSION" \
+ "$BOOT_DIR_ABS/$IMAGE"
+ ret=$?
+ ;;
+
+ remove)
+ rm -f -- "$BOOT_DIR_ABS/$IMAGE"
+ ret=$?
+ ;;
+esac
-# shellcheck disable=SC2046
-dracut -f \
- ${noimageifnotneeded:+--noimageifnotneeded} \
- $([[ $KERNEL_INSTALL_VERBOSE == 1 ]] && echo --verbose) \
- $([[ -n $KERNEL_IMAGE ]] && echo --kernel-image "$KERNEL_IMAGE") \
- "$UEFI_OPTS" \
- --kver "$KERNEL_VERSION" \
- "$KERNEL_INSTALL_STAGING_AREA/$IMAGE" || exit 1
+exit $ret
diff --git a/install.d/51-dracut-rescue.install b/install.d/51-dracut-rescue.install
index 25f75557..aa0ccdc5 100755
--- a/install.d/51-dracut-rescue.install
+++ b/install.d/51-dracut-rescue.install
@@ -2,29 +2,11 @@
export LANG=C
-COMMAND="${1:?}"
-KERNEL_VERSION="${2:?}"
+COMMAND="$1"
+KERNEL_VERSION="$2"
BOOT_DIR_ABS="${3%/*}/0-rescue"
KERNEL_IMAGE="$4"
-# If the initrd was provided on the kernel command line, we shouldn't generate our own.
-if [[ "$COMMAND" = "add" && "$#" -gt 4 ]]; then
- exit 0
-fi
-
-# Do not attempt to create initramfs if the supplied image is already a UKI
-if [[ "$KERNEL_INSTALL_IMAGE_TYPE" = "uki" ]]; then
- exit 0
-fi
-
-if [[ "$KERNEL_INSTALL_UKI_GENERATOR" = "dracut" ]]; then
- # Rescue images currently not compatible with UKIs
- exit 0
-elif [[ "${KERNEL_INSTALL_INITRD_GENERATOR:-dracut}" != "dracut" ]]; then
- # We are not the initrd generator
- exit 0
-fi
-
dropindirs_sort() {
suffix=$1
shift
--
2.42.0

55
SOURCES/0002.patch
Unescape View File

@ -0,0 +1,55 @@
From a6c4171117924cacaa727a9828e72f70e09b1fa9 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 12 Jul 2022 14:15:25 +0200
Subject: [PATCH] fix(fips): enhance commit 'handle s390x OSTree systems'
78557f05a69fe718a97df85d2ed741ce10d3f806
Refactored to enhance readability.
Related: rhbz#2050567
---
modules.d/01fips/fips.sh | 15 +++++++++++----
modules.d/01fips/module-setup.sh | 2 +-
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
index 26f65414..6ad61df8 100755
--- a/modules.d/01fips/fips.sh
+++ b/modules.d/01fips/fips.sh
@@ -132,10 +132,17 @@ do_fips() {
if [ -e "/boot/vmlinuz-${KERNEL}" ]; then
BOOT_IMAGE="vmlinuz-${KERNEL}"
elif [ -d /boot/loader/entries ]; then
- bls=$(find /boot/loader/entries -name '*.conf' | sort -rV | sed -n "$((BOOT_IMAGE + 1))p")
- if [ -e "${bls}" ]; then
- BOOT_IMAGE=$(grep ^linux "${bls}" | cut -d' ' -f2)
- fi
+ i=0
+ # shellcheck disable=SC2012
+ for bls in $(ls -d /boot/loader/entries/*.conf | sort -rV); do
+ if [ "$i" -eq "${BOOT_IMAGE:-0}" ] && [ -r "$bls" ]; then
+ BOOT_IMAGE="$(grep -e '^linux' "$bls" | grep -o ' .*$')"
+ BOOT_IMAGE=${BOOT_IMAGE## }
+ break
+ fi
+
+ i=$((i + 1))
+ done
fi
fi
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index 8860159d..cc9d15ce 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -67,7 +67,7 @@ install() {
inst_hook pre-udev 01 "$moddir/fips-load-crypto.sh"
inst_script "$moddir/fips.sh" /sbin/fips.sh
- inst_multiple sha512hmac rmmod insmod mount uname umount grep sed cut find sort
+ inst_multiple sha512hmac rmmod insmod mount uname umount grep sed sort
inst_simple /etc/system-fips
[ -c "${initdir}"/dev/random ] || mknod "${initdir}"/dev/random c 1 8 \

96
SOURCES/0003-feat-kernel-install-do-nothing-when-KERNEL_INSTALL_I.patch
Unescape View File

@ -1,96 +0,0 @@
From 0d2983f7dbc1f5fbaa60735c839ea111d3f5d4e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 18 Jan 2022 18:08:42 +0100
Subject: [PATCH 03/32] feat(kernel-install): do nothing when
$KERNEL_INSTALL_INITRD_GENERATOR says so
dracut may be installed without being actually used. This is very common in
binary distros where a package may be pulled in through dependencies, even
though the user does not need it in a particular setup. KERNEL_INSTALL_INITRD_GENERATOR
is being added in systemd's kernel-install to select which of the possibly many
initrd generation mechanisms will be used.
For backwards compat, if it not set, continue as before. But if set to
something else, skip our kernel-install plugins.
(Cherry-picked commit f47bcdd7342ca0d46b889e712a1c7446e18434bc from PR#1825)
---
install.d/50-dracut.install | 31 ++++++------------------------
install.d/51-dracut-rescue.install | 12 +++++++++---
2 files changed, 15 insertions(+), 28 deletions(-)
diff --git a/install.d/50-dracut.install b/install.d/50-dracut.install
index 441414ac..efb184cd 100755
--- a/install.d/50-dracut.install
+++ b/install.d/50-dracut.install
@@ -6,38 +6,19 @@ BOOT_DIR_ABS="$3"
KERNEL_IMAGE="$4"
# If KERNEL_INSTALL_MACHINE_ID is defined but empty, BOOT_DIR_ABS is a fake directory.
-# So, let's skip to create initrd.
+# In this case, do not create the initrd.
if ! [[ ${KERNEL_INSTALL_MACHINE_ID-x} ]]; then
exit 0
fi
-# Do not attempt to create initramfs if the supplied image is already a UKI
-if [[ "$KERNEL_INSTALL_IMAGE_TYPE" = "uki" ]]; then
+# Skip this plugin if we're using a different generator. If nothing is specified,
+# assume we're wanted since we're installed.
+if [ "${KERNEL_INSTALL_INITRD_GENERATOR:-dracut}" != "dracut" ]; then
exit 0
fi
-# Mismatching the install layout and the --uefi/--no-uefi opts just creates a mess.
-if [[ $KERNEL_INSTALL_LAYOUT == "uki" && -n $KERNEL_INSTALL_STAGING_AREA ]]; then
- BOOT_DIR_ABS="$KERNEL_INSTALL_STAGING_AREA"
- if [[ -z $KERNEL_INSTALL_UKI_GENERATOR || $KERNEL_INSTALL_UKI_GENERATOR == "dracut" ]]; then
- # No uki generator preference set or we have been chosen
- IMAGE="uki.efi"
- UEFI_OPTS="--uefi"
- elif [[ -z $KERNEL_INSTALL_INITRD_GENERATOR || $KERNEL_INSTALL_INITRD_GENERATOR == "dracut" ]]; then
- # We aren't the uki generator, but we have been requested to make the initrd
- IMAGE="initrd"
- UEFI_OPTS="--no-uefi"
- else
- exit 0
- fi
-elif [[ $KERNEL_INSTALL_LAYOUT == "bls" && -n $KERNEL_INSTALL_STAGING_AREA ]]; then
- BOOT_DIR_ABS="$KERNEL_INSTALL_STAGING_AREA"
- if [[ -z $KERNEL_INSTALL_INITRD_GENERATOR || $KERNEL_INSTALL_INITRD_GENERATOR == "dracut" ]]; then
- IMAGE="initrd"
- UEFI_OPTS="--no-uefi"
- else
- exit 0
- fi
+if [[ -d "$BOOT_DIR_ABS" ]]; then
+ INITRD="initrd"
else
# No layout information, use users --uefi/--no-uefi preference
UEFI_OPTS=""
diff --git a/install.d/51-dracut-rescue.install b/install.d/51-dracut-rescue.install
index aa0ccdc5..be4172b5 100755
--- a/install.d/51-dracut-rescue.install
+++ b/install.d/51-dracut-rescue.install
@@ -7,9 +7,15 @@ KERNEL_VERSION="$2"
BOOT_DIR_ABS="${3%/*}/0-rescue"
KERNEL_IMAGE="$4"
-dropindirs_sort() {
- suffix=$1
- shift
+# Skip this plugin if we're using a different generator. If nothing is specified,
+# assume we're wanted since we're installed.
+if [ "${KERNEL_INSTALL_INITRD_GENERATOR:-dracut}" != "dracut" ]; then
+ exit 0
+fi
+
+dropindirs_sort()
+{
+ suffix=$1; shift
args=("$@")
files=$(
while (($# > 0)); do
--
2.42.0

41
SOURCES/0003.patch
Unescape View File

@ -0,0 +1,41 @@
From ec58df436c7ecaa04a9a4a8f72615c59739f890d Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Wed, 16 Feb 2022 02:42:11 +0100
Subject: [PATCH] build(spec): do not use recommends for base packages
rhel-only
Resolves: rhbz#1947892
---
pkgbuild/dracut.spec | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index 71b7421c..38de47b4 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -71,20 +71,17 @@ Requires: kmod
Requires: sed
Requires: xz
Requires: gzip
+Requires: hardlink
+Requires: pigz
+Requires: kpartx
%if 0%{?fedora} || 0%{?rhel}
-Recommends: memstrack
-Recommends: hardlink
-Recommends: pigz
-Recommends: kpartx
+Suggests: memstrack
Requires: util-linux >= 2.21
Requires: systemd >= 219
Requires: systemd-udev >= 219
Requires: procps-ng
%else
-Requires: hardlink
-Requires: gzip
-Requires: kpartx
Requires: udev > 166
Requires: util-linux-ng >= 2.21
%endif

39
SOURCES/0004-fix-kernel-install-do-not-generate-an-initrd-when-on.patch
Unescape View File

@ -1,39 +0,0 @@
From 65d5bd785458da98b0388ddf3f8e67e569af67c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 18 Jan 2022 18:58:58 +0100
Subject: [PATCH 04/32] fix(kernel-install): do not generate an initrd when one
was specified
According to the synopsis, kernel-install can be called with an
already-prepared initrd. In that case, no initrd should be generated by dracut.
(Cherry-picked commit 0b72cf5c4eca0e0db76e3e210cfdc48e6b49bb74 from PR#1825)
---
install.d/50-dracut.install | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/install.d/50-dracut.install b/install.d/50-dracut.install
index efb184cd..3907e303 100755
--- a/install.d/50-dracut.install
+++ b/install.d/50-dracut.install
@@ -4,6 +4,7 @@ COMMAND="$1"
KERNEL_VERSION="$2"
BOOT_DIR_ABS="$3"
KERNEL_IMAGE="$4"
+INITRD_OPTIONS_SHIFT=4
# If KERNEL_INSTALL_MACHINE_ID is defined but empty, BOOT_DIR_ABS is a fake directory.
# In this case, do not create the initrd.
@@ -34,6 +35,9 @@ ret=0
case "$COMMAND" in
add)
+ # If the initrd was provided on the kernel command line, we shouldn't generate our own.
+ [ "$#" -gt "$INITRD_OPTIONS_SHIFT" ] && exit 0
+
if [[ $IMAGE == "uki.efi" ]]; then
IMAGE_PREGENERATED=${KERNEL_IMAGE%/*}/uki.efi
else
--
2.42.0

14
SOURCES/0021-fix-nfs-set-correct-ownership-and-permissions-for-st.patch → SOURCES/0004.patch
Unescape View File

@ -1,21 +1,19 @@
From c6c9f871b87cdc334be989b42e9a5d2070ae17c5 Mon Sep 17 00:00:00 2001
From 3a0a1774798178f709fc4aa54b6fc3c78e30add7 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 19 Jul 2021 11:27:28 +0200
Subject: [PATCH 21/32] fix(nfs): set correct ownership and permissions for
statd directory
Subject: [PATCH] fix(95nfs): set correct ownership and permissions for statd
directory
The directory ownership for the statd directory should be
rpcuser:rpcuser.
(cherry picked from commit ed5ab5787177f2be8a620a8d2d63a9ad26fbf149 from PR#583)
Resolves: RHEL-53361
Resolves: #2017846
---
modules.d/95nfs/module-setup.sh | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/modules.d/95nfs/module-setup.sh b/modules.d/95nfs/module-setup.sh
index 5cc42892..fbaeeb00 100755
index 16bafe30..5351c2d5 100755
--- a/modules.d/95nfs/module-setup.sh
+++ b/modules.d/95nfs/module-setup.sh
@@ -120,8 +120,13 @@ install() {
@ -34,6 +32,4 @@ index 5cc42892..fbaeeb00 100755
# Rather than copy the passwd file in, just set a user for rpcbind
# We'll save the state and restart the daemon from the root anyway
--
2.42.0

75
SOURCES/0005-fix-incorrectly-applied-patch-in-commit-c6d18c3c7159.patch
Unescape View File

@ -1,75 +0,0 @@
From 35326479721f8b439f291bf8ff35354107144012 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Thu, 11 Jul 2024 07:33:05 +0200
Subject: [PATCH 05/32] fix: incorrectly applied patch in commit
c6d18c3c71597e78572378fc4dde391f1845b8
named: "feat(kernel-install): do nothing when $KERNEL_INSTALL_INITRD_GENERATOR says so"
Resolves: rhbz#2276271
---
install.d/50-dracut.install | 30 ++++++++++++++++++++++++++++--
install.d/51-dracut-rescue.install | 6 +++---
2 files changed, 31 insertions(+), 5 deletions(-)
diff --git a/install.d/50-dracut.install b/install.d/50-dracut.install
index 3907e303..076b4f5e 100755
--- a/install.d/50-dracut.install
+++ b/install.d/50-dracut.install
@@ -18,8 +18,34 @@ if [ "${KERNEL_INSTALL_INITRD_GENERATOR:-dracut}" != "dracut" ]; then
exit 0
fi
-if [[ -d "$BOOT_DIR_ABS" ]]; then
- INITRD="initrd"
+# Do not attempt to create initramfs if the supplied image is already a UKI
+if [[ "$KERNEL_INSTALL_IMAGE_TYPE" = "uki" ]]; then
+ exit 0
+fi
+
+# Mismatching the install layout and the --uefi/--no-uefi opts just creates a mess.
+if [[ $KERNEL_INSTALL_LAYOUT == "uki" && -n $KERNEL_INSTALL_STAGING_AREA ]]; then
+ BOOT_DIR_ABS="$KERNEL_INSTALL_STAGING_AREA"
+ if [[ -z $KERNEL_INSTALL_UKI_GENERATOR || $KERNEL_INSTALL_UKI_GENERATOR == "dracut" ]]; then
+ # No uki generator preference set or we have been chosen
+ IMAGE="uki.efi"
+ UEFI_OPTS="--uefi"
+ elif [[ -z $KERNEL_INSTALL_INITRD_GENERATOR || $KERNEL_INSTALL_INITRD_GENERATOR == "dracut" ]]; then
+ # We aren't the uki generator, but we have been requested to make the initrd
+ IMAGE="initrd"
+ UEFI_OPTS="--no-uefi"
+ else
+ exit 0
+ fi
+elif [[ $KERNEL_INSTALL_LAYOUT == "bls" && -n $KERNEL_INSTALL_STAGING_AREA ]]; then
+ BOOT_DIR_ABS="$KERNEL_INSTALL_STAGING_AREA"
+ if [[ -z $KERNEL_INSTALL_INITRD_GENERATOR || $KERNEL_INSTALL_INITRD_GENERATOR == "dracut" ]]; then
+ IMAGE="initrd"
+ UEFI_OPTS="--no-uefi"
+ else
+ exit 0
+ fi
+
else
# No layout information, use users --uefi/--no-uefi preference
UEFI_OPTS=""
diff --git a/install.d/51-dracut-rescue.install b/install.d/51-dracut-rescue.install
index be4172b5..5310229e 100755
--- a/install.d/51-dracut-rescue.install
+++ b/install.d/51-dracut-rescue.install
@@ -13,9 +13,9 @@ if [ "${KERNEL_INSTALL_INITRD_GENERATOR:-dracut}" != "dracut" ]; then
exit 0
fi
-dropindirs_sort()
-{
- suffix=$1; shift
+dropindirs_sort() {
+ suffix=$1
+ shift
args=("$@")
files=$(
while (($# > 0)); do
--
2.42.0

27
SOURCES/0005.patch
Unescape View File

@ -0,0 +1,27 @@
From 21b7898d5c3a074203d6cb8a71962010874f87bb Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 15 Feb 2022 13:47:40 +0100
Subject: [PATCH] fix(95resume): only exclude this module, when swap is netdev
Resolves: #2017787
---
modules.d/95resume/module-setup.sh | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/modules.d/95resume/module-setup.sh b/modules.d/95resume/module-setup.sh
index 5e891048..4b8d8422 100755
--- a/modules.d/95resume/module-setup.sh
+++ b/modules.d/95resume/module-setup.sh
@@ -10,10 +10,9 @@ check() {
return 1
}
- # Only support resume if hibernation is currently on
- # and no swap is mounted on a net device
+ # Only support resume if no swap is mounted on a net device
[[ $hostonly ]] || [[ $mount_needs ]] && {
- swap_on_netdevice || [[ -f /sys/power/resume && "$(cat /sys/power/resume)" == "0:0" ]] && return 255
+ swap_on_netdevice && return 255
}
return 0

29
SOURCES/0006-revert-fix-crypt-unlock-encrypted-devices-by-default.patch
Unescape View File

@ -1,29 +0,0 @@
From afcfd7378110969cce445d7613d9e81c9d85cac0 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Thu, 11 Jul 2024 16:24:14 +0200
Subject: [PATCH 06/32] revert: "fix(crypt): unlock encrypted devices by
default during boot"
This reverts commit 2339acfaeee60d6bb26a1103db2e53bc8f9cb2d1.
Resolves: rhbz#2295215
---
modules.d/90crypt/parse-crypt.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/90crypt/parse-crypt.sh b/modules.d/90crypt/parse-crypt.sh
index 9567a4a9..e46e347a 100755
--- a/modules.d/90crypt/parse-crypt.sh
+++ b/modules.d/90crypt/parse-crypt.sh
@@ -174,7 +174,7 @@ else
} >> "$hookdir/emergency/90-crypt.sh"
fi
done
- elif getargbool 1 rd.auto && [ -z "$(getargs rd.luks.name)" ]; then
+ elif getargbool 0 rd.auto; then
if [ -z "$DRACUT_SYSTEMD" ]; then
{
printf -- 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="%s ' "$(command -v initqueue)"
--
2.42.0

65
SOURCES/0006.patch
Unescape View File

@ -0,0 +1,65 @@
From c1dee82d80d1b4d76a476d822cdf817686da7ebb Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 19 Jul 2022 16:42:59 +0200
Subject: [PATCH] ci: fix branch to run integration tests in
---
.github/workflows/container.yml | 2 +-
.github/workflows/differential-shellcheck.yml | 2 +-
.github/workflows/integration.yml | 2 +-
.github/workflows/lint.yml | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 99d57f5b..82d7a097 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -8,7 +8,7 @@ on:
- 'test/container/**'
- '.github/workflows/container.yml'
pull_request:
- branches: [ main new-main ]
+ branches: [ main ]
paths:
- 'test/container/**'
- '.github/workflows/container.yml'
diff --git a/.github/workflows/differential-shellcheck.yml b/.github/workflows/differential-shellcheck.yml
index c4b05fad..63a022bf 100644
--- a/.github/workflows/differential-shellcheck.yml
+++ b/.github/workflows/differential-shellcheck.yml
@@ -1,7 +1,7 @@
name: Differential ShellCheck
on:
pull_request:
- branches: [ main new-main ]
+ branches: [ main ]
jobs:
test:
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index aa354e3e..82d01457 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -2,7 +2,7 @@ name: Integration Test
on:
pull_request:
- branches: [ main new-main ]
+ branches: [ main ]
jobs:
basic:
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 5e3a299f..f6778a65 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -4,7 +4,7 @@ on:
push:
branches: [ main ]
pull_request:
- branches: [ main new-main ]
+ branches: [ main ]
jobs:
lint-c:

30
SOURCES/0007-test-do-not-force-include-dash-let-sh-module-make-a-.patch
Unescape View File

@ -1,30 +0,0 @@
From 02bc9391cfdf7f3b16c49cde9d881642c13fc8c0 Mon Sep 17 00:00:00 2001
From: Laszlo Gombos <laszlo.gombos@gmail.com>
Date: Sat, 20 Jul 2024 18:49:38 -0400
Subject: [PATCH 07/32] test: do not force include dash, let sh module make a
selection
This is important for alpine, so that it does not install both
dash and busybox dracut modules that are potentially conflicting.
(cherry picked from commit 6e3c2bf9d01ad0f93176ee121bb70404f24de4e7)
---
modules.d/80test-makeroot/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/80test-makeroot/module-setup.sh b/modules.d/80test-makeroot/module-setup.sh
index f311e4a0..fc105d7e 100755
--- a/modules.d/80test-makeroot/module-setup.sh
+++ b/modules.d/80test-makeroot/module-setup.sh
@@ -6,7 +6,7 @@ check() {
}
depends() {
- echo "dash rootfs-block kernel-modules qemu"
+ echo "rootfs-block kernel-modules qemu"
}
installkernel() {
--
2.42.0

42
SOURCES/0007.patch
Unescape View File

@ -0,0 +1,42 @@
From d754571fea528af061db46a0284e996d012f14c9 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 19 Jul 2022 17:06:25 +0200
Subject: [PATCH] ci: run integration tests only on C9s
---
.github/workflows/container.yml | 4 ----
.github/workflows/integration.yml | 3 ---
2 files changed, 7 deletions(-)
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 82d7a097..34038f57 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -28,11 +28,7 @@ jobs:
fail-fast: false
matrix:
config:
- - { dockerfile: 'Dockerfile-Fedora-latest', tag: 'fedora:latest' }
- - { dockerfile: 'Dockerfile-OpenSuse-latest', tag: 'opensuse:latest' }
- - { dockerfile: 'Dockerfile-Arch', tag: 'arch:latest' }
- { dockerfile: 'Dockerfile-CentOS-9-Stream', tag: 'centos:stream9' }
- - { dockerfile: 'Dockerfile-Debian', tag: 'debian:latest' }
steps:
- name: Check out the repo
uses: actions/checkout@v2
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 82d01457..40da300c 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -14,10 +14,7 @@ jobs:
strategy:
matrix:
container: [
- "arch:latest",
- "debian:latest",
"fedora:latest",
- "opensuse:latest",
]
test: [
"04",

31
SOURCES/0008-fix-dracut-functions-allow-for-in-get_maj_min-file-p.patch
Unescape View File

@ -1,31 +0,0 @@
From bdfdbdee356cb83dad86f1d49fc21df9117ba8eb Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Thu, 8 Aug 2024 01:30:50 +0200
Subject: [PATCH 08/32] fix(dracut-functions): allow for \ in get_maj_min file
path
as the path might be f.e. /dev/disk/by-partlabel/EFI\x20System\x20Partition
which would produce Warning 'grep: warning: stray \ before x' in get_maj_min
Resolves: RHEL-47145
---
dracut-functions.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dracut-functions.sh b/dracut-functions.sh
index 1f7a9052..d436a357 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -243,7 +243,7 @@ get_maj_min() {
local _out
if [[ $get_maj_min_cache_file ]]; then
- _out="$(grep -m1 -oE "^$1 \S+$" "$get_maj_min_cache_file" | grep -oE "\S+$")"
+ _out="$(grep -m1 -oE "^${1//\\/\\\\} \S+$" "$get_maj_min_cache_file" | grep -oE "\S+$")"
fi
if ! [[ "$_out" ]]; then
--
2.42.0

29
SOURCES/0008.patch
Unescape View File

@ -0,0 +1,29 @@
From 263b9095200cf277db3bff4753b06306175b1534 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Thu, 21 Jul 2022 17:40:20 +0200
Subject: [PATCH] fix(dracut.sh): do not fail on irregular files
If file is not a regular file (test -f), dracut.sh fails,
which is unexpected change of behaviour.
The workaround would be to create an empty file.
rhel-only
Fixes: #1835
---
dracut.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dracut.sh b/dracut.sh
index a1ea1bc3..210a8275 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -905,7 +905,7 @@ if [[ -z $conffile ]]; then
else
conffile="$dracutsysrootdir/etc/dracut.conf"
fi
-elif [[ ! -f $conffile ]]; then
+elif [[ ! -e $conffile ]]; then
printf "%s\n" "dracut: Configuration file '$conffile' not found." >&2
exit 1
fi

42
SOURCES/0009-fix-dracut-functions.sh-only-return-block-devices-fr.patch
Unescape View File

@ -1,42 +0,0 @@
From 31fe330589cfd564790c4255c951567a3479df94 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fvogt@suse.de>
Date: Mon, 5 Aug 2024 11:28:32 +0200
Subject: [PATCH 09/32] fix(dracut-functions.sh): only return block devices
from get_persistent_dev
With udev 256, there are now directories such as
/dev/disk/by-path/pci-0000:02:00.0-nvme-1-part/ which match here.
In case a nonexisting file/device was passed to get_persistent_dev, it
returned the first directory it looked at because both have maj:min 0:0.
This accidental conversion from garbage to a sensible looking path leads
to weird behaviour later.
Instead of filtering out directories explicitly switch the check to only
return block devices, which also takes care of the character special
/dev/mapper/control.
(cherry picked from commit 55d2fb5b459f356fdbde60ddefb97be942a0c141)
Resolves: RHEL-49744
---
dracut-functions.sh | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/dracut-functions.sh b/dracut-functions.sh
index d436a357..b4d57454 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -294,8 +294,7 @@ get_persistent_dev() {
/dev/disk/by-partlabel/* \
/dev/disk/by-id/* \
/dev/disk/by-path/*; do
- [[ -e $i ]] || continue
- [[ $i == /dev/mapper/control ]] && continue
+ [[ -b $i ]] || continue
[[ $i == /dev/mapper/mpath* ]] && continue
_tmp=$(get_maj_min "$i")
if [ "$_tmp" = "$_dev" ]; then
--
2.42.0

61
SOURCES/0009.patch
Unescape View File

@ -0,0 +1,61 @@
From 96116c784edda6675c80fdf95823188c72b28652 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 18 Jul 2022 16:29:27 +0200
Subject: [PATCH] fix(98dracut-systemd): partly revert "emergency mode: use
sulogin"
Partly reverts 32f68c1f9ac3720e8ce4b95a09c0ce680d5da786
In RHEL we don't want to have a password to log in into emergency mode.
RHEL-only
Resolves: #2057365
---
modules.d/98dracut-systemd/dracut-emergency.sh | 2 +-
modules.d/98dracut-systemd/module-setup.sh | 2 --
modules.d/99base/module-setup.sh | 8 ++------
3 files changed, 3 insertions(+), 9 deletions(-)
diff --git a/modules.d/98dracut-systemd/dracut-emergency.sh b/modules.d/98dracut-systemd/dracut-emergency.sh
index c6637a5c..48062f49 100755
--- a/modules.d/98dracut-systemd/dracut-emergency.sh
+++ b/modules.d/98dracut-systemd/dracut-emergency.sh
@@ -34,7 +34,7 @@ if getargbool 1 rd.shell -d -y rdshell || getarg rd.break -d rdbreak; then
done < /proc/consoles
[ -f /etc/profile ] && . /etc/profile
[ -z "$PS1" ] && export PS1="$_name:\${PWD}# "
- exec sulogin -e
+ exec sh -i -l
else
export hook="shutdown-emergency"
warn "$action has failed. To debug this issue add \"rd.shell rd.debug\" to the kernel command line."
diff --git a/modules.d/98dracut-systemd/module-setup.sh b/modules.d/98dracut-systemd/module-setup.sh
index b7da86db..6fb26efa 100755
--- a/modules.d/98dracut-systemd/module-setup.sh
+++ b/modules.d/98dracut-systemd/module-setup.sh
@@ -51,6 +51,4 @@ install() {
done
inst_simple "$moddir/dracut-tmpfiles.conf" "$tmpfilesdir/dracut-tmpfiles.conf"
-
- inst_multiple sulogin
}
diff --git a/modules.d/99base/module-setup.sh b/modules.d/99base/module-setup.sh
index 10a44d91..3fa2659a 100755
--- a/modules.d/99base/module-setup.sh
+++ b/modules.d/99base/module-setup.sh
@@ -30,12 +30,8 @@ install() {
fi
# add common users in /etc/passwd, it will be used by nfs/ssh currently
- # use password for hostonly images to facilitate secure sulogin in emergency console
- [[ $hostonly ]] && pwshadow='x'
- grep '^root:' "$initdir/etc/passwd" 2> /dev/null || echo "root:$pwshadow:0:0::/root:/bin/sh" >> "$initdir/etc/passwd"
- grep '^nobody:' "$dracutsysrootdir"/etc/passwd >> "$initdir/etc/passwd"
-
- [[ $hostonly ]] && grep '^root:' "$dracutsysrootdir"/etc/shadow >> "$initdir/etc/shadow"
+ grep '^root:' "$initdir/etc/passwd" 2> /dev/null || echo 'root:x:0:0::/root:/bin/sh' >> "$initdir/etc/passwd"
+ grep '^nobody:' /etc/passwd >> "$initdir/etc/passwd"
# install our scripts and hooks
inst_script "$moddir/init.sh" "/init"

112
SOURCES/0010-feat-systemd-include-systemd-config-files-from-usr-l.patch
Unescape View File

@ -1,112 +0,0 @@
From e90249443fe2285f221849359e9066aefff29eff Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Wed, 12 Jun 2024 06:06:32 +0200
Subject: [PATCH 10/32] feat(systemd*): include systemd config files from
/usr/lib/systemd
and also use proper variables for the paths, and fixup invalid paths.
--
The new systemd reads from both /etc and /usr/, so to accomodate this,
I've added new paths to install configs from (I probably haven't covered
all). This changes only hostonly behaviour; uses global variables:
systemdutilconfdir: "/etc/systemd"
systemdutildir: "/lib/systemd:/lib/systemd/systemd-udevd" "/usr/lib/systemd:/usr/lib/systemd/systemd-udevd"
(cherry picked from commit ea4905e944a2acd75ba3a48a5dfeaba417f724e8)
Resolves: RHEL-32506
---
modules.d/00systemd/module-setup.sh | 6 ++++--
modules.d/01systemd-coredump/module-setup.sh | 3 ++-
modules.d/01systemd-pstore/module-setup.sh | 2 ++
modules.d/01systemd-resolved/module-setup.sh | 1 +
modules.d/01systemd-timesyncd/module-setup.sh | 1 +
5 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh
index ce7bb520..70a2a78f 100755
--- a/modules.d/00systemd/module-setup.sh
+++ b/modules.d/00systemd/module-setup.sh
@@ -42,6 +42,8 @@ install() {
"$systemdutildir"/system-generators/systemd-debug-generator \
"$systemdutildir"/system-generators/systemd-fstab-generator \
"$systemdutildir"/system-generators/systemd-gpt-auto-generator \
+ "$systemdutildir"/system.conf \
+ "$systemdutildir"/system.conf.d/*.conf \
"$systemdsystemunitdir"/debug-shell.service \
"$systemdsystemunitdir"/cryptsetup.target \
"$systemdsystemunitdir"/cryptsetup-pre.target \
@@ -94,8 +96,8 @@ install() {
if [[ $hostonly ]]; then
inst_multiple -H -o \
- /etc/systemd/system.conf \
- /etc/systemd/system.conf.d/*.conf \
+ "$systemdutilconfdir"/system.conf \
+ "$systemdutilconfdir"/system.conf.d/*.conf \
/etc/hosts \
/etc/hostname \
/etc/nsswitch.conf \
diff --git a/modules.d/01systemd-coredump/module-setup.sh b/modules.d/01systemd-coredump/module-setup.sh
index 0c5cbcfb..6acbe75f 100755
--- a/modules.d/01systemd-coredump/module-setup.sh
+++ b/modules.d/01systemd-coredump/module-setup.sh
@@ -35,6 +35,7 @@ install() {
inst_multiple -o \
"$sysctld"/50-coredump.conf \
"$systemdutildir"/coredump.conf \
+ "$systemdutildir/coredump.conf.d/*.conf" \
"$systemdutildir"/systemd-coredump \
"$systemdsystemunitdir"/systemd-coredump.socket \
"$systemdsystemunitdir"/systemd-coredump@.service \
@@ -52,7 +53,7 @@ install() {
if [[ $hostonly ]]; then
inst_multiple -H -o \
"$systemdutilconfdir"/coredump.conf \
- "$systemdsystemconfdir/coredump.conf.d/*.conf" \
+ "$systemdutilconfdir/coredump.conf.d/*.conf" \
"$systemdsystemconfdir"/systemd-coredump.socket \
"$systemdsystemconfdir/systemd-coredump.socket.d/*.conf" \
"$systemdsystemconfdir"/systemd-coredump@.service \
diff --git a/modules.d/01systemd-pstore/module-setup.sh b/modules.d/01systemd-pstore/module-setup.sh
index 67034bbf..5de5db4b 100755
--- a/modules.d/01systemd-pstore/module-setup.sh
+++ b/modules.d/01systemd-pstore/module-setup.sh
@@ -34,6 +34,8 @@ install() {
inst_dir /var/lib/systemd/pstore
inst_multiple -o \
"$tmpfilesdir/systemd-pstore.conf" \
+ "$systemdutildir"/pstore.conf \
+ "$systemdutildir/pstore.conf.d/*.conf" \
"$systemdutildir"/systemd-pstore \
"$systemdsystemunitdir"/systemd-pstore.service \
"$systemdsystemunitdir/systemd-pstore.service.d/*.conf"
diff --git a/modules.d/01systemd-resolved/module-setup.sh b/modules.d/01systemd-resolved/module-setup.sh
index b354bc6c..d20f211c 100755
--- a/modules.d/01systemd-resolved/module-setup.sh
+++ b/modules.d/01systemd-resolved/module-setup.sh
@@ -50,6 +50,7 @@ install() {
# Install the hosts local user configurations if enabled.
if [[ $hostonly ]]; then
inst_multiple -H -o \
+ "$systemdutilconfdir"/resolv.conf \
"$systemdutilconfdir"/resolved.conf \
"$systemdutilconfdir/resolved.conf.d/*.conf" \
"$systemdsystemconfdir"/systemd-resolved.service \
diff --git a/modules.d/01systemd-timesyncd/module-setup.sh b/modules.d/01systemd-timesyncd/module-setup.sh
index 0c065af6..82902b3b 100755
--- a/modules.d/01systemd-timesyncd/module-setup.sh
+++ b/modules.d/01systemd-timesyncd/module-setup.sh
@@ -40,6 +40,7 @@ install() {
"$systemdntpunits/*.list" \
"$systemdutildir"/systemd-timesyncd \
"$systemdutildir"/systemd-time-wait-sync \
+ "$systemdutildir"/timesyncd.conf \
"$systemdutildir/timesyncd.conf.d/*.conf" \
"$systemdsystemunitdir"/systemd-timesyncd.service \
"$systemdsystemunitdir/systemd-timesyncd.service.d/*.conf" \
--
2.42.0

29
SOURCES/0010.patch
Unescape View File

@ -0,0 +1,29 @@
From 733d47fb873c2b821a430a614d83b60475df2d13 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 15 Aug 2022 16:25:53 +0200
Subject: [PATCH] fix(kernel-modules): always include nvmem driver on
nvmem_on_arm
These drivers are needed to boot on some SoCs like NXP i.MX
We should include them so installation images will work.
(cherry picked from commit bc965cd8890013a6362733d217c18756134bbcdf)
Resolves: #2109498
---
modules.d/90kernel-modules/module-setup.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules.d/90kernel-modules/module-setup.sh b/modules.d/90kernel-modules/module-setup.sh
index e2073a04..191af041 100755
--- a/modules.d/90kernel-modules/module-setup.sh
+++ b/modules.d/90kernel-modules/module-setup.sh
@@ -85,6 +85,7 @@ installkernel() {
"=drivers/mfd" \
"=drivers/mmc/core" \
"=drivers/mmc/host" \
+ "=drivers/nvmem" \
"=drivers/phy" \
"=drivers/power" \
"=drivers/regulator" \

34
SOURCES/0011-fix-resume-always-include-the-resume-module.patch
Unescape View File

@ -1,34 +0,0 @@
From 91f878a4fe4ed694baad59cdb1c7366b002cf1da Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Thu, 8 Aug 2024 00:21:12 +0200
Subject: [PATCH 11/32] fix(resume): always include the resume module
as we can't determine with certainity that it won't be needed.
rhel-only
Resolves: RHEL-53350
---
modules.d/95resume/module-setup.sh | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/modules.d/95resume/module-setup.sh b/modules.d/95resume/module-setup.sh
index d419566e..c0f04a6c 100755
--- a/modules.d/95resume/module-setup.sh
+++ b/modules.d/95resume/module-setup.sh
@@ -1,7 +1,12 @@
#!/bin/bash
# called by dracut
+# shellcheck disable=SC2317
check() {
+
+ # Always include resume module
+ return 0
+
swap_on_netdevice() {
local _dev
for _dev in "${swap_devs[@]}"; do
--
2.42.0

32
SOURCES/0011.patch
Unescape View File

@ -0,0 +1,32 @@
From 58a310fdbfc1a7e07703c6ab9b21c43a73330a92 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 15 Aug 2022 16:32:51 +0200
Subject: [PATCH] fix(drm): add video drivers needed on hyper-v and similar
Due to non-availability of Hyper-V video driver hyperv_drm in kdump
initramfs, the console seems to be in hang state with no text over it.
We should also go through the /sys/bus/vmbus/devices and include drivers
referenced there.
(cherry picked from commit 85149b85961aa535a3c61d492cd3594794e5cc3f)
Resolves: #2099502
---
modules.d/50drm/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/50drm/module-setup.sh b/modules.d/50drm/module-setup.sh
index cff0550c..1fb38677 100755
--- a/modules.d/50drm/module-setup.sh
+++ b/modules.d/50drm/module-setup.sh
@@ -31,7 +31,7 @@ installkernel() {
if [[ $hostonly ]]; then
local i modlink modname
- for i in /sys/bus/{pci/devices,platform/devices,virtio/devices,soc/devices/soc?}/*/modalias; do
+ for i in /sys/bus/{pci/devices,platform/devices,virtio/devices,soc/devices/soc?,vmbus/devices}/*/modalias; do
[[ -e $i ]] || continue
[[ -n $(< "$i") ]] || continue
# shellcheck disable=SC2046

197
SOURCES/0012-feat-dracut-init.sh-allow-changing-the-destination-d.patch
Unescape View File

@ -1,197 +0,0 @@
From 5ed57d866f2be5dc73c7c70a70f51ccae9bdd47d Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Mon, 22 Jul 2024 16:46:47 +0200
Subject: [PATCH 12/32] feat(dracut-init.sh): allow changing the destination
directory for inst et al
When using 99squash dracut actually builds two separate initrds. The
"normal" one, that gets squashed into a squashfs image, and a
"minimalistic" one, whose only task is to mount and switch_root to the
squashfs image.
This is currently done the following way:
1. Skipp install() for 99squash during the "normal" installation phase.
2. Trigger a special postinstall hook in 99squash that moves the content
of $initdir to $squashdir and installs the "minimalistic" initrd to
$initdir.
3. Strip the binaries in $initdir (of which $squashdir is a sub
directory of).
4. Squash the content of $squashdir into the squashfs image and remove
$squashdir.
The problem with this approach is that the steps 2 and 4 specific to
99squash but need to be done in dracut.sh. Thus a lot of special
handling for 99squash is needed in dracut.sh. This will get even more
complex once support for different filesystem images, e.g. erofs, are
implemented.
In order to be able to move most of the functionality into 99squash
itself a new approach will be chosen, i.e.
1. During the installation phase install the "normal" initrd into
$initdir and the "minimalistic" initrd into $squashdir.
2. Strip the binaries in $initdir.
3. Trigger a special postinstall hook in 99squash that squashes the
content of $initdir (excluding $squashdir) into the squashfs image,
removes the content of $intidir (excluding $suqashdir) and, moves the
content of $squashdir into $initdir.
With that the only special handling remaining in dracut.sh is triggering
the postinstall hook.
However, in inst et al. the destination directory is hard coded to
$initdir. Thus allow setting a different destination directory in inst
et al. to get the new approach to work. For the time being only do that
for the functions required by 99squash.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit 5ab4470cf136c2d9983564b84b49fd700d4b8514)
Related: RHEL-43460
---
dracut-init.sh | 40 +++++++++++++++++++++++++---------------
1 file changed, 25 insertions(+), 15 deletions(-)
diff --git a/dracut-init.sh b/dracut-init.sh
index 986da96b..8e943493 100755
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -240,34 +240,36 @@ inst_dir() {
}
inst() {
+ local dstdir="${dstdir:-"$initdir"}"
local _ret _hostonly_install
if [[ $1 == "-H" ]]; then
_hostonly_install="-H"
shift
fi
- [[ -e ${initdir}/"${2:-$1}" ]] && return 0 # already there
- if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"; then
+ [[ -e ${dstdir}/"${2:-$1}" ]] && return 0 # already there
+ if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${dstdir:+-D "$dstdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"; then
return 0
else
_ret=$?
- derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"
+ derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${dstdir:+-D "$dstdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"
return $_ret
fi
}
inst_simple() {
+ local dstdir="${dstdir:-"$initdir"}"
local _ret _hostonly_install
if [[ $1 == "-H" ]]; then
_hostonly_install="-H"
shift
fi
- [[ -e ${initdir}/"${2:-$1}" ]] && return 0 # already there
- [[ -e $1 ]] || return 1 # no source
- if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${_hostonly_install:+-H} "$@"; then
+ [[ -e ${dstdir}/"${2:-$1}" ]] && return 0 # already there
+ [[ -e $1 ]] || return 1 # no source
+ if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${dstdir:+-D "$dstdir"} ${loginstall:+-L "$loginstall"} ${_hostonly_install:+-H} "$@"; then
return 0
else
_ret=$?
- derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${_hostonly_install:+-H} "$@"
+ derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${dstdir:+-D "$dstdir"} ${loginstall:+-L "$loginstall"} ${_hostonly_install:+-H} "$@"
return $_ret
fi
}
@@ -290,16 +292,17 @@ inst_symlink() {
}
inst_multiple() {
+ local dstdir="${dstdir:-"$initdir"}"
local _ret _hostonly_install
if [[ $1 == "-H" ]]; then
_hostonly_install="-H"
shift
fi
- if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} -a ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"; then
+ if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${dstdir:+-D "$dstdir"} -a ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"; then
return 0
else
_ret=$?
- derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} -a ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"
+ derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${dstdir:+-D "$dstdir"} -a ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"
return $_ret
fi
}
@@ -566,6 +569,8 @@ inst_rules_wildcard() {
# make sure that library links are correct and up to date
build_ld_cache() {
+ local dstdir="${dstdir:-"$initdir"}"
+
for f in "$dracutsysrootdir"/etc/ld.so.conf "$dracutsysrootdir"/etc/ld.so.conf.d/*; do
[[ -f $f ]] && inst_simple "${f#"$dracutsysrootdir"}"
done
@@ -1056,13 +1061,15 @@ for_each_module_dir() {
}
dracut_kernel_post() {
+ local dstdir="${dstdir:-"$initdir"}"
+
for _f in modules.builtin modules.builtin.alias modules.builtin.modinfo modules.order; do
[[ -e $srcmods/$_f ]] && inst_simple "$srcmods/$_f" "/lib/modules/$kernel/$_f"
done
# generate module dependencies for the initrd
- if [[ -d $initdir/lib/modules/$kernel ]] \
- && ! depmod -a -b "$initdir" "$kernel"; then
+ if [[ -d $dstdir/lib/modules/$kernel ]] \
+ && ! depmod -a -b "$dstdir" "$kernel"; then
dfatal "\"depmod -a $kernel\" failed."
exit 1
fi
@@ -1076,6 +1083,7 @@ instmods() {
# <kernel subsystem> can be e.g. "=block" or "=drivers/usb/storage"
# -c check
# -s silent
+ local dstdir="${dstdir:-"$initdir"}"
local _optional="-o"
local _silent
local _ret
@@ -1101,7 +1109,7 @@ instmods() {
fi
$DRACUT_INSTALL \
- ${initdir:+-D "$initdir"} \
+ ${dstdir:+-D "$dstdir"} \
${dracutsysrootdir:+-r "$dracutsysrootdir"} \
${loginstall:+-L "$loginstall"} \
${hostonly:+-H} \
@@ -1115,7 +1123,7 @@ instmods() {
if ((_ret != 0)) && [[ -z $_silent ]]; then
derror "FAILED: " \
"$DRACUT_INSTALL" \
- ${initdir:+-D "$initdir"} \
+ ${dstdir:+-D "$dstdir"} \
${dracutsysrootdir:+-r "$dracutsysrootdir"} \
${loginstall:+-L "$loginstall"} \
${hostonly:+-H} \
@@ -1132,14 +1140,16 @@ instmods() {
if [[ "$(ln --help)" == *--relative* ]]; then
ln_r() {
- ln -sfnr "${initdir}/$1" "${initdir}/$2"
+ local dstdir="${dstdir:-"$initdir"}"
+ ln -sfnr "${dstdir}/$1" "${dstdir}/$2"
}
else
ln_r() {
+ local dstdir="${dstdir:-"$initdir"}"
local _source=$1
local _dest=$2
[[ -d ${_dest%/*} ]] && _dest=$(readlink -f "${_dest%/*}")/${_dest##*/}
- ln -sfn -- "$(convert_abs_rel "${_dest}" "${_source}")" "${initdir}/${_dest}"
+ ln -sfn -- "$(convert_abs_rel "${_dest}" "${_source}")" "${dstdir}/${_dest}"
}
fi
--
2.42.0

51
SOURCES/0012.patch
Unescape View File

@ -0,0 +1,51 @@
From a84df47afae75a0b4068c78d8201a515a841f353 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Tue, 16 Aug 2022 13:30:16 +0200
Subject: [PATCH] fix(skipcpio): ignore broken pipe
If lsinitrd is called from a context in which SIGPIPE is ignored (e.g.,
from a systemd unit with default setting of IgnoreSIGPIPE=), the
following line will result in an error being issued:
bin="$($SKIP "$image" | { read -r -N 6 bin && echo "$bin"; })"
An example error from `kdumpctl start` (which internally just calls
`systemctl start kdump.service`):
kdumpctl[1287]: ERROR: src/skipcpio/skipcpio.c:191:main(): fwrite
A minimal reproducer:
systemd-run -t sh -c '/path/to/skipcpio /path/to/any/file | false'
(cherry-picked from e9a4d73b73b716a9d2d5f01ceb7b427ef544ed9b)
Resolves: #2109803
---
src/skipcpio/skipcpio.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/skipcpio/skipcpio.c b/src/skipcpio/skipcpio.c
index 13bfaf53..f66c1869 100644
--- a/src/skipcpio/skipcpio.c
+++ b/src/skipcpio/skipcpio.c
@@ -23,6 +23,7 @@
#define _GNU_SOURCE
#endif
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -187,8 +188,10 @@ cat_rest:
goto end;
}
+ errno = 0;
if (fwrite(buf.copy_buffer, 1, s, stdout) != s) {
- pr_err("fwrite\n");
+ if (errno != EPIPE)
+ pr_err("fwrite\n");
goto end;
}
}

82
SOURCES/0013-fix-dracut-init.sh-add-module-to-mods_to_load-before.patch
Unescape View File

@ -1,82 +0,0 @@
From 150e428c0e8d40257a983c2f82be5e8e0f30920f Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Thu, 25 Jul 2024 12:47:00 +0200
Subject: [PATCH 13/32] fix(dracut-init.sh): add module to mods_to_load before
checking dependencies
When implementing erofs support for 99squash we end up with three
modules 99squash, 95squash-squashfs and 95squash-erofs. Where 99squash
contains the common code for filesystem images and
95squash-{squashfs,erofs} the special handing depending on the
filesystem used. This leads to a dependency cycle as we want to allow
users both to choose 99squash, when the exact filesystem doesn't matter,
as well as 95squash-{squashfs,erofs} when a specific filesystem is
required.
But when 99squash is added as a dependency calling
dracut_module_included fails in its depends() function. This lead to
cases where both handlers, 95squash-squashfs and 95squash-erofs, were
added to the initrd.
Reason for the failure is that a module only is marked to be loaded
after all it's dependencies have been checked as well. Thus a child
module cannot detect which parent module wants it to be included. Fix
this by marking modules to be loaded before checking its dependencies in
check_module. Do the same change in check_mount for consistency.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit 634b4a5c6fbe595eb240cd529d669d21eadd510c)
Related: RHEL-43460
---
dracut-init.sh | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/dracut-init.sh b/dracut-init.sh
index 8e943493..746362d1 100755
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -924,6 +924,9 @@ check_mount() {
fi
fi
+ [[ " $mods_to_load " == *\ $_mod\ * ]] \
+ || mods_to_load+=" $_mod "
+
for _moddep in $(module_depends "$_mod" "$_moddir"); do
# handle deps as if they were manually added
[[ " $dracutmodules " == *\ $_mod\ * ]] \
@@ -942,9 +945,6 @@ check_mount() {
fi
done
- [[ " $mods_to_load " == *\ $_mod\ * ]] \
- || mods_to_load+=" $_mod "
-
return 0
}
@@ -999,6 +999,9 @@ check_module() {
fi
fi
+ [[ " $mods_to_load " == *\ $_mod\ * ]] \
+ || mods_to_load+=" $_mod "
+
for _moddep in $(module_depends "$_mod" "$_moddir"); do
# handle deps as if they were manually added
[[ " $dracutmodules " == *\ $_mod\ * ]] \
@@ -1017,9 +1020,6 @@ check_module() {
fi
done
- [[ " $mods_to_load " == *\ $_mod\ * ]] \
- || mods_to_load+=" $_mod "
-
return 0
}
--
2.42.0

29
SOURCES/0013.patch
Unescape View File

@ -0,0 +1,29 @@
From bdd3fa585fcfa21f20d66f01568967c0d7a771d6 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 16 Aug 2022 15:21:05 +0200
Subject: [PATCH] ci: pull request template
rhel-only
---
.github/pull_request_template.md | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
index ef281c3d..8fcf4d33 100644
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,10 +1,5 @@
-This pull request changes...
+<description/>
-## Changes
+(cherry picked from commit ... )
-## Checklist
-- [ ] I have tested it locally
-- [ ] I have reviewed and updated any documentation if relevant
-- [ ] I am providing new code and test(s) for it
-
-Fixes #
+Resolves: #

192
SOURCES/0014-feat-squash-move-mksquashfs-to-99squash-modules-setu.patch
Unescape View File

@ -1,192 +0,0 @@
From 2d851d7d1709f5a03d8dab847aa42770bff2644b Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Mon, 22 Jul 2024 16:30:50 +0200
Subject: [PATCH 14/32] feat(squash): move mksquashfs to 99squash/modules-setup
When using 99squash dracut actually builds two separat initrds. The
"normal" one, that gets squashed into a squashfs image, and a
"minimalistic" one, whose only task is to mount and switch_root to the
squashfs image.
For that 99squash currently requires a lot of special handling in
dracut.sh. Move most of this special handling into 99squash itself. This
requires a new approach when building the "minimalistic" initrd. The new
approach works the following way
1. During the installation phase install the "normal" initrd into
$initdir and the "minimalistic" initrd into $squashdir.
2. Strip the binaries in $initdir.
3. Trigger a special postinstall hook in 99squash that squashes the
content of $initdir (excluding $squashdir) into the squashfs image,
removes the content of $intidir (excluding $suqashdir) and, moves the
content of $squashdir into $initdir.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit 7a4dd89ca732329893628b886fe8e78337d896e8)
Related: RHEL-43460
---
dracut.sh | 35 ++++--------------
modules.d/99squash/module-setup.sh | 58 +++++++++++++++++++++---------
2 files changed, 49 insertions(+), 44 deletions(-)
diff --git a/dracut.sh b/dracut.sh
index 856b884e..4d2e3df2 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1260,6 +1260,7 @@ trap '
trap 'exit 1;' SIGINT
readonly initdir="${DRACUT_TMPDIR}/initramfs"
+readonly squashdir="$initdir/squash_root"
mkdir -p "$initdir"
if [[ $early_microcode == yes ]] || { [[ $acpi_override == yes ]] && [[ -d $acpi_table_dir ]]; }; then
@@ -1787,7 +1788,8 @@ export initdir dracutbasedir \
host_fs_types host_devs swap_devs sshkey add_fstab \
DRACUT_VERSION \
prefix filesystems drivers \
- hostonly_cmdline loginstall
+ hostonly_cmdline loginstall \
+ squashdir squash_compress
mods_to_load=""
# check all our modules to see if they should be sourced.
@@ -1892,6 +1894,8 @@ if [[ $kernel_only != yes ]]; then
fi
fi
+dracut_module_included "squash" && mkdir -p "$squashdir"
+
_isize=0 #initramfs size
modules_loaded=" "
# source our modules.
@@ -2243,14 +2247,6 @@ if [[ $kernel_only != yes ]]; then
build_ld_cache
fi
-if dracut_module_included "squash"; then
- readonly squash_dir="$initdir/squash/root"
- readonly squash_img="$initdir/squash-root.img"
- mkdir -p "$squash_dir"
- dinfo "*** Install squash loader ***"
- DRACUT_SQUASH_POST_INST=1 module_install "squash"
-fi
-
if [[ $do_strip == yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
# stripping files negates (dedup) benefits of using reflink
[[ -n $enhanced_cpio ]] && ddebug "strip is enabled alongside cpio reflink"
@@ -2270,25 +2266,8 @@ fi
if dracut_module_included "squash"; then
dinfo "*** Squashing the files inside the initramfs ***"
- declare squash_compress_arg
- # shellcheck disable=SC2086
- if [[ $squash_compress ]]; then
- if ! mksquashfs /dev/null "$DRACUT_TMPDIR"/.squash-test.img -no-progress -comp $squash_compress &> /dev/null; then
- dwarn "mksquashfs doesn't support compressor '$squash_compress', failing back to default compressor."
- else
- squash_compress_arg="$squash_compress"
- fi
- fi
-
- # shellcheck disable=SC2086
- if ! mksquashfs "$squash_dir" "$squash_img" \
- -no-xattrs -no-exports -noappend -no-recovery -always-use-fragments \
- -no-progress ${squash_compress_arg:+-comp $squash_compress_arg} 1> /dev/null; then
- dfatal "Failed making squash image"
- exit 1
- fi
-
- rm -rf "$squash_dir"
+ DRACUT_SQUASH_POST_INST=1 module_install "squash"
+ rm -rf "$squashdir"
dinfo "*** Squashing the files inside the initramfs done ***"
# Skip initramfs compress
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index dc2e0a20..96d097af 100755
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -12,26 +12,13 @@ depends() {
return 0
}
-installpost() {
+squash_install() {
local _busybox
_busybox=$(find_binary busybox)
- # Move everything under $initdir except $squash_dir
- # itself into squash image
- for i in "$initdir"/*; do
- [[ $squash_dir == "$i"/* ]] || mv "$i" "$squash_dir"/
- done
-
# Create mount points for squash loader
mkdir -p "$initdir"/squash/
- mkdir -p "$squash_dir"/squash/
-
- # Copy dracut spec files out side of the squash image
- # so dracut rebuild and lsinitrd can work
- for file in "$squash_dir"/usr/lib/dracut/*; do
- [[ -f $file ]] || continue
- DRACUT_RESOLVE_DEPS=1 dracutsysrootdir="$squash_dir" inst "${file#"$squash_dir"}"
- done
+ mkdir -p "$squashdir"/squash/
# Install required modules and binaries for the squash image init script.
if [[ $_busybox ]]; then
@@ -61,8 +48,47 @@ installpost() {
build_ld_cache
}
+squash_installpost() {
+ local _img="$squashdir"/squash-root.img
+ local _comp _file
+
+ # shellcheck disable=SC2086
+ if [[ $squash_compress ]]; then
+ if ! mksquashfs /dev/null "$DRACUT_TMPDIR"/.squash-test.img -no-progress -comp $squash_compress &> /dev/null; then
+ dwarn "mksquashfs doesn't support compressor '$squash_compress', failing back to default compressor."
+ else
+ _comp="$squash_compress"
+ fi
+ fi
+
+ # shellcheck disable=SC2086
+ if ! mksquashfs "$initdir" "$_img" \
+ -no-xattrs -no-exports -noappend -no-recovery -always-use-fragments \
+ -no-progress ${_comp:+-comp $_comp} \
+ -e "$squashdir" 1> /dev/null; then
+ dfatal "Failed making squash image"
+ exit 1
+ fi
+
+ # Rescue the dracut spec files so dracut rebuild and lsinitrd can work
+ for _file in "$initdir"/usr/lib/dracut/*; do
+ [[ -f $_file ]] || continue
+ DRACUT_RESOLVE_DEPS=1 dstdir=$squashdir inst "$_file" "${_file#"$initdir"}"
+ done
+
+ # Remove everything that got squashed into the image
+ for _file in "$initdir"/*; do
+ [[ $_file == "$squashdir" ]] && continue
+ rm -rf "$_file"
+ done
+ mv "$squashdir"/* "$initdir"
+}
+
install() {
+
if [[ $DRACUT_SQUASH_POST_INST ]]; then
- installpost
+ squash_installpost
+ else
+ dstdir="$squashdir" squash_install
fi
}
--
2.42.0

42
SOURCES/0014.patch
Unescape View File

@ -0,0 +1,42 @@
From f93ac80a0b3e9017bf2c374b72126908a7f5cbde Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Mon, 8 Aug 2022 13:42:51 +0200
Subject: [PATCH] refactor(url-lib): write curl output directly to file
The redirection to stdout was originally added to workaround
https://bugzilla.redhat.com/show_bug.cgi?id=989133 (curl would create no
file if the source was empty), but I don't see that problem with current
curl.
A nice side-effect of this change is that curl shows download progress.
(cherry picked from commit 1343d21d8c0d1f7239e27165e9c7633b504f777f)
Resolves: #2112475
---
modules.d/45url-lib/url-lib.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/modules.d/45url-lib/url-lib.sh b/modules.d/45url-lib/url-lib.sh
index e88fbc14..b009fd09 100755
--- a/modules.d/45url-lib/url-lib.sh
+++ b/modules.d/45url-lib/url-lib.sh
@@ -67,7 +67,7 @@ curl_fetch_url() {
echo "$url" > /proc/self/fd/0
if [ -n "$outloc" ]; then
# shellcheck disable=SC2086
- curl $curl_args --output - -- "$url" > "$outloc" || return $?
+ curl $curl_args --output "$outloc" -- "$url" || return $?
else
local outdir
outdir="$(mkuniqdir /tmp curl_fetch_url)"
@@ -101,7 +101,7 @@ ctorrent_fetch_url() {
echo "$url" > /proc/self/fd/0
if [ -n "$outloc" ]; then
# shellcheck disable=SC2086
- curl $curl_args --output - -- "$url" > "$torrent_outloc" || return $?
+ curl $curl_args --output "$torrent_outloc" -- "$url" || return $?
else
local outdir
outdir="$(mkuniqdir /tmp torrent_fetch_url)"

183
SOURCES/0015-feat-squash-split-95squash-squashfs-from-99squash.patch
Unescape View File

@ -1,183 +0,0 @@
From dd3daa0560e4e4f809b42a901cd79076d3577f96 Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Tue, 23 Jul 2024 16:39:13 +0200
Subject: [PATCH 15/32] feat(squash): split 95squash-squashfs from 99squash
99squash only allows squashing the files using squashfs. In order to
make the implementation for different filesystems easier split out the
squashfs specific parts into 95squash-squashfs.
While at it rename the root image contained in the initrd to
squashfs-root.img. This allows tools like lsinitrd to detect the
filesystem used later on.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit f281606f110be1549cd6b1cd34828653879a5f50)
Related: RHEL-43460
---
modules.d/95squash-squashfs/module-setup.sh | 48 ++++++++++++++++++
modules.d/99squash/init-squash.sh | 2 +-
modules.d/99squash/module-setup.sh | 54 ++++++++++++---------
3 files changed, 80 insertions(+), 24 deletions(-)
create mode 100755 modules.d/95squash-squashfs/module-setup.sh
diff --git a/modules.d/95squash-squashfs/module-setup.sh b/modules.d/95squash-squashfs/module-setup.sh
new file mode 100755
index 00000000..83973700
--- /dev/null
+++ b/modules.d/95squash-squashfs/module-setup.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+check() {
+ require_binaries mksquashfs unsquashfs || return 1
+ require_kernel_modules squashfs || return 1
+
+ return 255
+}
+
+depends() {
+ echo "squash"
+ return 0
+}
+
+squashfs_install() {
+ hostonly="" instmods "squashfs"
+}
+
+squashfs_installpost() {
+ local _img="$squashdir/squashfs-root.img"
+ local _comp
+
+ # shellcheck disable=SC2086
+ if [[ $squash_compress ]]; then
+ if ! mksquashfs /dev/null "$DRACUT_TMPDIR"/.squash-test.img -no-progress -comp $squash_compress &> /dev/null; then
+ dwarn "mksquashfs doesn't support compressor '$squash_compress', failing back to default compressor."
+ else
+ _comp="$squash_compress"
+ fi
+ fi
+
+ # shellcheck disable=SC2086
+ if ! mksquashfs "$initdir" "$_img" \
+ -no-xattrs -no-exports -noappend -no-recovery -always-use-fragments \
+ -no-progress ${_comp:+-comp $_comp} \
+ -e "$squashdir" 1> /dev/null; then
+ dfatal "Failed making squash image"
+ exit 1
+ fi
+}
+
+install() {
+ if [[ $DRACUT_SQUASH_POST_INST ]]; then
+ squashfs_installpost
+ else
+ dstdir="$squashdir" squashfs_install
+ fi
+}
diff --git a/modules.d/99squash/init-squash.sh b/modules.d/99squash/init-squash.sh
index 59769f62..42a9a86f 100755
--- a/modules.d/99squash/init-squash.sh
+++ b/modules.d/99squash/init-squash.sh
@@ -21,7 +21,7 @@ modprobe overlay
# Mount the squash image
mount -t ramfs ramfs /squash
mkdir -p /squash/root /squash/overlay/upper /squash/overlay/work
-mount -t squashfs -o ro,loop /squash-root.img /squash/root
+mount -t squashfs -o ro,loop /squashfs-root.img /squash/root
# Setup new root overlay
mkdir /newroot
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index 96d097af..015944c2 100755
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -1,17 +1,42 @@
#!/bin/bash
check() {
- require_binaries mksquashfs unsquashfs || return 1
- require_kernel_modules squashfs loop overlay || return 1
+ require_kernel_modules loop overlay || return 1
return 255
}
depends() {
- echo "systemd-initrd"
+ local _handler
+
+ _handler=$(squash_get_handler) || return 1
+
+ echo "systemd-initrd $_handler"
return 0
}
+squash_get_handler() {
+ local _module _handler
+
+ for _module in squash-squashfs; do
+ if dracut_module_included "$_module"; then
+ _handler="$_module"
+ break
+ fi
+ done
+
+ if [ -z "$_handler" ]; then
+ if check_module "squash-squashfs"; then
+ _handler="squash-squashfs"
+ else
+ dfatal "No valid handler for found"
+ return 1
+ fi
+ fi
+
+ echo "$_handler"
+}
+
squash_install() {
local _busybox
_busybox=$(find_binary busybox)
@@ -36,7 +61,7 @@ squash_install() {
[[ $DRACUT_FIPS_MODE ]] && inst_libdir_file -o "libssl.so*"
fi
- hostonly="" instmods "loop" "squashfs" "overlay"
+ hostonly="" instmods "loop" "overlay"
dracut_kernel_post
# Install squash image init script.
@@ -49,26 +74,9 @@ squash_install() {
}
squash_installpost() {
- local _img="$squashdir"/squash-root.img
- local _comp _file
-
- # shellcheck disable=SC2086
- if [[ $squash_compress ]]; then
- if ! mksquashfs /dev/null "$DRACUT_TMPDIR"/.squash-test.img -no-progress -comp $squash_compress &> /dev/null; then
- dwarn "mksquashfs doesn't support compressor '$squash_compress', failing back to default compressor."
- else
- _comp="$squash_compress"
- fi
- fi
+ local _file
- # shellcheck disable=SC2086
- if ! mksquashfs "$initdir" "$_img" \
- -no-xattrs -no-exports -noappend -no-recovery -always-use-fragments \
- -no-progress ${_comp:+-comp $_comp} \
- -e "$squashdir" 1> /dev/null; then
- dfatal "Failed making squash image"
- exit 1
- fi
+ DRACUT_SQUASH_POST_INST=1 module_install "$(squash_get_handler)"
# Rescue the dracut spec files so dracut rebuild and lsinitrd can work
for _file in "$initdir"/usr/lib/dracut/*; do
--
2.42.0

45
SOURCES/0015.patch
Unescape View File

@ -0,0 +1,45 @@
From f5ef6694eae2696b10b4f6e5a0d72a29223651ce Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@tencent.com>
Date: Tue, 20 Sep 2022 02:13:01 +0800
Subject: [PATCH] fix(dracut-initramfs-restore.sh): initramfs detection not
working
The path detection is not working on latest Fedora and some other
distros, and it fails to extract the initramfs. It seems the if
statement is broken by a previous commit, so let's fix it.
Fixes: 3d8e1ad ('fix(dracut-initramfs-restore.sh): add missing default paths')
Signed-off-by: Kairui Song <kasong@tencent.com>
(cherry picked from commit 481b87fa7a82be54663071ad9ad76c34e378ddc7)
Resolves: #2149232
---
dracut-initramfs-restore.sh | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/dracut-initramfs-restore.sh b/dracut-initramfs-restore.sh
index 68ea3873..df6cb9a8 100644
--- a/dracut-initramfs-restore.sh
+++ b/dracut-initramfs-restore.sh
@@ -27,14 +27,14 @@ fi
mount -o ro /boot &> /dev/null || true
-if [[ -d /efi/loader/entries ]] || [[ -L /efi/loader/entries ]] \
- || [[ -d /efi/$MACHINE_ID ]] || [[ -L /efi/$MACHINE_ID ]]; then
+if [[ -d /efi/loader/entries || -L /efi/loader/entries ]] \
+ && [[ -d /efi/$MACHINE_ID || -L /efi/$MACHINE_ID ]]; then
IMG="/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd"
-elif [[ -d /boot/loader/entries ]] || [[ -L /boot/loader/entries ]] \
- || [[ -d /boot/$MACHINE_ID ]] || [[ -L /boot/$MACHINE_ID ]]; then
+elif [[ -d /boot/loader/entries || -L /boot/loader/entries ]] \
+ && [[ -d /boot/$MACHINE_ID || -L /boot/$MACHINE_ID ]]; then
IMG="/boot/${MACHINE_ID}/${KERNEL_VERSION}/initrd"
-elif [[ -d /boot/efi/loader/entries ]] || [[ -L /boot/efi/loader/entries ]] \
- || [[ -d /boot/efi/$MACHINE_ID ]] || [[ -L /boot/efi/$MACHINE_ID ]]; then
+elif [[ -d /boot/efi/loader/entries || -L /boot/efi/loader/entries ]] \
+ && [[ -d /boot/efi/$MACHINE_ID || -L /boot/efi/$MACHINE_ID ]]; then
IMG="/boot/efi/$MACHINE_ID/$KERNEL_VERSION/initrd"
elif [[ -f /lib/modules/${KERNEL_VERSION}/initrd ]]; then
IMG="/lib/modules/${KERNEL_VERSION}/initrd"

128
SOURCES/0016-feat-squash-add-module-95squash-erofs.patch
Unescape View File

@ -1,128 +0,0 @@
From fcc73940a1e21fa79b7133e12ed0f8ed13645a54 Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Tue, 23 Jul 2024 17:42:33 +0200
Subject: [PATCH 16/32] feat(squash): add module 95squash-erofs
Allow squashing the image in 99squash using erofs. Keep squashfs as
default to not change existing systems. I.e. only use erofs if the user
explicitly include 95squash-erofs or when the prereqs for squashfs are
missing.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit e185d6ae1cc38af90f741d3d6c677458d69a345f)
Resolves: RHEL-43460
---
modules.d/95squash-erofs/module-setup.sh | 45 ++++++++++++++++++++++++
modules.d/99squash/init-squash.sh | 12 +++++--
modules.d/99squash/module-setup.sh | 4 ++-
3 files changed, 58 insertions(+), 3 deletions(-)
create mode 100755 modules.d/95squash-erofs/module-setup.sh
diff --git a/modules.d/95squash-erofs/module-setup.sh b/modules.d/95squash-erofs/module-setup.sh
new file mode 100755
index 00000000..71c2b672
--- /dev/null
+++ b/modules.d/95squash-erofs/module-setup.sh
@@ -0,0 +1,45 @@
+#!/bin/bash
+
+check() {
+ require_binaries mkfs.erofs || return 1
+ require_kernel_modules erofs || return 1
+
+ return 255
+}
+
+depends() {
+ echo "squash"
+ return 0
+}
+
+erofs_install() {
+ hostonly="" instmods "erofs"
+}
+
+erofs_installpost() {
+ local _img="$squashdir/erofs-root.img"
+ local -a _erofs_args
+
+ _erofs_args+=("--exclude-path=$squashdir")
+ _erofs_args+=("-E" "fragments")
+
+ if [[ -n $squash_compress ]]; then
+ if mkfs.erofs "${_erofs_args[@]}" -z "$squash_compress" "$_img" "$initdir" &> /dev/null; then
+ return
+ fi
+ dwarn "mkfs.erofs doesn't support compressor '$squash_compress', failing back to default compressor."
+ fi
+
+ if ! mkfs.erofs "${_erofs_args[@]}" "$_img" "$initdir" &> /dev/null; then
+ dfatal "Failed making squash image"
+ exit 1
+ fi
+}
+
+install() {
+ if [[ $DRACUT_SQUASH_POST_INST ]]; then
+ erofs_installpost
+ else
+ dstdir="$squashdir" erofs_install
+ fi
+}
diff --git a/modules.d/99squash/init-squash.sh b/modules.d/99squash/init-squash.sh
index 42a9a86f..31a39cfd 100755
--- a/modules.d/99squash/init-squash.sh
+++ b/modules.d/99squash/init-squash.sh
@@ -13,15 +13,23 @@ grep -q '^devtmpfs /dev devtmpfs' /proc/self/mounts \
grep -q '^tmpfs /run tmpfs' /proc/self/mounts \
|| (mkdir -p /run && mount -t tmpfs -o mode=755,noexec,nosuid,strictatime tmpfs /run)
+if [ -e /erofs-root.img ]; then
+ _fs=erofs
+ _img=erofs-root.img
+else
+ _fs=squashfs
+ _img=squashfs-root.img
+fi
+
# Load required modules
modprobe loop
-modprobe squashfs
+modprobe "$_fs"
modprobe overlay
# Mount the squash image
mount -t ramfs ramfs /squash
mkdir -p /squash/root /squash/overlay/upper /squash/overlay/work
-mount -t squashfs -o ro,loop /squashfs-root.img /squash/root
+mount -t "$_fs" -o ro,loop /"$_img" /squash/root
# Setup new root overlay
mkdir /newroot
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index 015944c2..5cbbec63 100755
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -18,7 +18,7 @@ depends() {
squash_get_handler() {
local _module _handler
- for _module in squash-squashfs; do
+ for _module in squash-squashfs squash-erofs; do
if dracut_module_included "$_module"; then
_handler="$_module"
break
@@ -28,6 +28,8 @@ squash_get_handler() {
if [ -z "$_handler" ]; then
if check_module "squash-squashfs"; then
_handler="squash-squashfs"
+ elif check_module "squash-erofs"; then
+ _handler="squash-erofs"
else
dfatal "No valid handler for found"
return 1
--
2.42.0

31
SOURCES/0016.patch
Unescape View File

@ -0,0 +1,31 @@
From 6a1d39e50d9f8a7f3765fa6cb85b34e6597d864d Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 6 Dec 2022 21:46:01 +0100
Subject: [PATCH] fix(90kernel-modules): install blk modules using symbol
blk_alloc_disk
Corresponding kernel symbol blk_cleanup_disk is no longer used in the nvdimm
driver and calls are made directly instead.
blk_alloc_disk is used:
https://elixir.bootlin.com/linux/v6.1-rc8/source/drivers/nvdimm/pmem.c#L522
Resolves: #2149781
---
modules.d/90kernel-modules/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/90kernel-modules/module-setup.sh b/modules.d/90kernel-modules/module-setup.sh
index 191af041..0b9488c3 100755
--- a/modules.d/90kernel-modules/module-setup.sh
+++ b/modules.d/90kernel-modules/module-setup.sh
@@ -2,7 +2,7 @@
# called by dracut
installkernel() {
- local _blockfuncs='ahci_platform_get_resources|ata_scsi_ioctl|scsi_add_host|blk_cleanup_queue|register_mtd_blktrans|scsi_esp_register|register_virtio_device|usb_stor_disconnect|mmc_add_host|sdhci_add_host|scsi_add_host_with_dma|blk_mq_alloc_disk|blk_cleanup_disk'
+ local _blockfuncs='ahci_platform_get_resources|ata_scsi_ioctl|scsi_add_host|blk_cleanup_queue|register_mtd_blktrans|scsi_esp_register|register_virtio_device|usb_stor_disconnect|mmc_add_host|sdhci_add_host|scsi_add_host_with_dma|blk_alloc_disk|blk_mq_alloc_disk|blk_cleanup_disk'
local -A _hostonly_drvs
find_kernel_modules_external() {

240
SOURCES/0017-feat-lsinitrd-add-support-for-erofs-images.patch
Unescape View File

@ -1,240 +0,0 @@
From fc5efe96e0ffbfa447d27ba28245420f91b638dc Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Tue, 23 Jul 2024 18:33:37 +0200
Subject: [PATCH 17/32] feat(lsinitrd): add support for erofs images
Add support to handle erofs images in lsinitrd. Unfortunately the erofs
tooling is missing some functionality of unsquashfs, esp. the ability to
extract single files and list the content of the image. Work around this
deficiency by always extracting the full image and emulate the missing
functionality as close as possible.
While at it also handle the rename of the squashfs image to
squashfs-root.img.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit 009b4ccc94fe3fcf129dddc5aca4f25b1e1b1862)
Resolves: RHEL-43460
---
lsinitrd.sh | 167 +++++++++++++++++++++++++++++++++++-----------------
1 file changed, 113 insertions(+), 54 deletions(-)
diff --git a/lsinitrd.sh b/lsinitrd.sh
index b36d0e12..6799f938 100755
--- a/lsinitrd.sh
+++ b/lsinitrd.sh
@@ -174,10 +174,47 @@ dracutlibdirs() {
done
}
+SQUASH_TMPFILE=""
+SQUASH_EXTRACT="$TMPDIR/squash-extract"
+
+extract_squash_img() {
+ local _img _tmp
+
+ [[ $SQUASH_TMPDIR == none ]] && return 1
+ [[ -s $SQUASH_TMPFILE ]] && return 0
+
+ # Before dracut 104 the image was named squash-root.img. Keep the old name
+ # so newer versions of lsinitrd can inspect initrds build with older dracut
+ # versions.
+ for _img in squash-root.img squashfs-root.img erofs-root.img; do
+ _tmp="$TMPDIR/$_img"
+ $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout -- \
+ $_img > "$_tmp" 2> /dev/null
+ [[ -s $_tmp ]] || continue
+
+ SQUASH_TMPFILE="$_tmp"
+
+ # fsck.erofs doesn't allow extracting single files or listing the
+ # content of the image. So always extract the full image.
+ if [[ $_img == erofs-root.img ]]; then
+ mkdir -p "$SQUASH_EXTRACT"
+ fsck.erofs --extract="$SQUASH_EXTRACT/erofs-root" --overwrite "$SQUASH_TMPFILE" 2> /dev/null
+ ((ret += $?))
+ fi
+
+ break
+ done
+
+ if [[ -z $SQUASH_TMPFILE ]]; then
+ SQUASH_TMPFILE=none
+ return 1
+ fi
+
+ return 0
+}
+
extract_files() {
- SQUASH_IMG="squash-root.img"
- SQUASH_TMPFILE="$TMPDIR/initrd.root.sqsh"
- SQUASH_EXTRACT="$TMPDIR/squash-extract"
+ local nofileinfo
((${#filenames[@]} == 1)) && nofileinfo=1
for f in "${!filenames[@]}"; do
@@ -185,18 +222,24 @@ extract_files() {
[[ $nofileinfo ]] || echo "========================================================================"
# shellcheck disable=SC2001
[[ $f == *"\\x"* ]] && f=$(echo "$f" | sed 's/\\x.\{2\}/????/g')
- $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout "$f" 2> /dev/null
- ((ret += $?))
- if [[ -z ${f/#squashfs-root*/} ]]; then
- if [[ ! -s $SQUASH_TMPFILE ]]; then
- $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout -- \
- $SQUASH_IMG > "$SQUASH_TMPFILE" 2> /dev/null
- fi
- unsquashfs -force -d "$SQUASH_EXTRACT" -no-progress "$SQUASH_TMPFILE" "${f#squashfs-root/}" > /dev/null 2>&1
- ((ret += $?))
- cat "$SQUASH_EXTRACT/${f#squashfs-root/}" 2> /dev/null
- rm "$SQUASH_EXTRACT/${f#squashfs-root/}" 2> /dev/null
- fi
+
+ case $f in
+ squashfs-root/*)
+ extract_squash_img
+ unsquashfs -force -d "$SQUASH_EXTRACT" -no-progress "$SQUASH_TMPFILE" "${f#squashfs-root/}" &> /dev/null
+ ((ret += $?))
+ cat "$SQUASH_EXTRACT/${f#squashfs-root/}" 2> /dev/null
+ ;;
+ erofs-root/*)
+ extract_squash_img
+ cat "$SQUASH_EXTRACT/$f" 2> /dev/null
+ ;;
+ *)
+ $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout "$f" 2> /dev/null
+ ((ret += $?))
+ ;;
+ esac
+
[[ $nofileinfo ]] || echo "========================================================================"
[[ $nofileinfo ]] || echo
done
@@ -222,66 +265,82 @@ list_files() {
}
list_squash_content() {
- SQUASH_IMG="squash-root.img"
- SQUASH_TMPFILE="$TMPDIR/initrd.root.sqsh"
+ extract_squash_img || return 0
- $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout -- \
- $SQUASH_IMG > "$SQUASH_TMPFILE" 2> /dev/null
- if [[ -s $SQUASH_TMPFILE ]]; then
- echo "Squashed content ($SQUASH_IMG):"
- echo "========================================================================"
- unsquashfs -d "squashfs-root" -ll "$SQUASH_TMPFILE" | tail -n +4
- echo "========================================================================"
- fi
+ echo "Squashed content (${SQUASH_TMPFILE##*/}):"
+ echo "========================================================================"
+ case $SQUASH_TMPFILE in
+ */squash-root.img | */squashfs-root.img)
+ unsquashfs -ll "$SQUASH_TMPFILE" | tail -n +4
+ ;;
+ */erofs-root.img)
+ (
+ cd "$SQUASH_EXTRACT" || return 1
+ find erofs-root/ -ls
+ )
+ ;;
+ esac
+ echo "========================================================================"
}
list_cmdline() {
- # depends on list_squash_content() having run before
- SQUASH_IMG="squash-root.img"
- SQUASH_TMPFILE="$TMPDIR/initrd.root.sqsh"
- SQUASH_EXTRACT="$TMPDIR/squash-extract"
echo "dracut cmdline:"
# shellcheck disable=SC2046
$CAT "$image" | cpio --extract --verbose --quiet --to-stdout -- \
etc/cmdline.d/\*.conf 2> /dev/null
((ret += $?))
- if [[ -s $SQUASH_TMPFILE ]]; then
- unsquashfs -force -d "$SQUASH_EXTRACT" -no-progress "$SQUASH_TMPFILE" etc/cmdline.d/\*.conf > /dev/null 2>&1
- ((ret += $?))
- cat "$SQUASH_EXTRACT"/etc/cmdline.d/*.conf 2> /dev/null
- rm "$SQUASH_EXTRACT"/etc/cmdline.d/*.conf 2> /dev/null
- fi
+
+ extract_squash_img || return 0
+ case $SQUASH_TMPFILE in
+ */squash-root.img | */squashfs-root.img)
+ unsquashfs -force -d "$SQUASH_EXTRACT" -no-progress "$SQUASH_TMPFILE" etc/cmdline.d/\*.conf &> /dev/null
+ ((ret += $?))
+ cat "$SQUASH_EXTRACT"/etc/cmdline.d/*.conf 2> /dev/null
+ ;;
+ */erofs-root.img)
+ cat "$SQUASH_EXTRACT"/erofs-root/etc/cmdline.d/*.conf 2> /dev/null
+ ;;
+ esac
+
}
unpack_files() {
- SQUASH_IMG="squash-root.img"
- SQUASH_TMPFILE="$TMPDIR/initrd.root.sqsh"
-
if ((${#filenames[@]} > 0)); then
for f in "${!filenames[@]}"; do
# shellcheck disable=SC2001
[[ $f == *"\\x"* ]] && f=$(echo "$f" | sed 's/\\x.\{2\}/????/g')
- $CAT "$image" 2> /dev/null | cpio -id --quiet $verbose "$f"
- ((ret += $?))
- if [[ -z ${f/#squashfs-root*/} ]]; then
- if [[ ! -s $SQUASH_TMPFILE ]]; then
- $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout -- \
- $SQUASH_IMG > "$SQUASH_TMPFILE" 2> /dev/null
- fi
- unsquashfs -force -d "squashfs-root" -no-progress "$SQUASH_TMPFILE" "${f#squashfs-root/}" > /dev/null
- ((ret += $?))
- fi
+ case $f in
+ squashfs-root/*)
+ extract_squash_img || continue
+ unsquashfs -force -d "squashfs-root" -no-progress "$SQUASH_TMPFILE" "${f#squashfs-root/}" > /dev/null
+ ((ret += $?))
+ ;;
+ erofs-root/*)
+ extract_squash_img || continue
+ mkdir -p "${f%/*}"
+ cp -rf "$SQUASH_EXTRACT/$f" "$f"
+ ;;
+ *)
+ $CAT "$image" 2> /dev/null | cpio -id --quiet $verbose "$f"
+ ((ret += $?))
+ ;;
+ esac
done
else
$CAT "$image" 2> /dev/null | cpio -id --quiet $verbose
((ret += $?))
- $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout -- \
- $SQUASH_IMG > "$SQUASH_TMPFILE" 2> /dev/null
- if [[ -s $SQUASH_TMPFILE ]]; then
- unsquashfs -d "squashfs-root" -no-progress "$SQUASH_TMPFILE" > /dev/null
- ((ret += $?))
- fi
+
+ extract_squash_img || return 0
+ case $SQUASH_TMPFILE in
+ */squash-root.img | */squashfs-root.img)
+ unsquashfs -d "squashfs-root" -no-progress "$SQUASH_TMPFILE" > /dev/null
+ ((ret += $?))
+ ;;
+ */erofs-root.img)
+ cp -rf "$SQUASH_EXTRACT/erofs-root" .
+ ;;
+ esac
fi
}
--
2.42.0

99
SOURCES/0017.patch
Unescape View File

@ -0,0 +1,99 @@
From 8ab3020205ea92cbef3ca250c924d9b500c5d9aa Mon Sep 17 00:00:00 2001
From: Hari Bathini <hbathini@linux.ibm.com>
Date: Tue, 12 Jul 2022 13:55:47 +0530
Subject: [PATCH] fix(squash): build ld cache for squash loader
Commit dc21638c3f0a fixes kdump kernel crash, due to non-conventional
library path in powerpc, by copying /etc/ld.so.cache under initdir.
While that works in general, it is vulnerable to failure because of
missing links, when the CPU is reconfigured to run in compatibility
mode of older CPU version. Avoid this by running ldconfig for squash
loader to create the necessary links & ld cache for it. Doing this
also saves a few kilobyes of space as the copied ld cache is bigger
in size than the one needed for squash loader environment.
Fixes: dc21638c3f0a ("fix(squash): keep ld cache under initdir")
Cc: Pingfan Liu <piliu@redhat.com>
Signed-off-by: Hari Bathini <hbathini@linux.ibm.com>
Resolves: rhbz#2122274
---
dracut-init.sh | 14 ++++++++++++++
dracut.sh | 11 +----------
modules.d/99squash/module-setup.sh | 8 +++-----
3 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/dracut-init.sh b/dracut-init.sh
index 900e8b83..fe1b1426 100644
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -504,6 +504,20 @@ inst_rules_wildcard() {
[[ $_found ]] || dinfo "Skipping udev rule: $_rule"
}
+# make sure that library links are correct and up to date
+build_ld_cache() {
+ for f in "$dracutsysrootdir"/etc/ld.so.conf "$dracutsysrootdir"/etc/ld.so.conf.d/*; do
+ [[ -f $f ]] && inst_simple "${f#$dracutsysrootdir}"
+ done
+ if ! $DRACUT_LDCONFIG -r "$initdir" -f /etc/ld.so.conf; then
+ if [[ $EUID == 0 ]]; then
+ derror "ldconfig exited ungracefully"
+ else
+ derror "ldconfig might need uid=0 (root) for chroot()"
+ fi
+ fi
+}
+
prepare_udev_rules() {
if [ -z "$UDEVVERSION" ]; then
UDEVVERSION=$(udevadm --version)
diff --git a/dracut.sh b/dracut.sh
index 210a8275..d2f07ac6 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2360,16 +2360,7 @@ fi
if [[ $kernel_only != yes ]]; then
# make sure that library links are correct and up to date
- for f in "$dracutsysrootdir"/etc/ld.so.conf "$dracutsysrootdir"/etc/ld.so.conf.d/*; do
- [[ -f $f ]] && inst_simple "${f#$dracutsysrootdir}"
- done
- if ! $DRACUT_LDCONFIG -r "$initdir" -f /etc/ld.so.conf; then
- if [[ $EUID == 0 ]]; then
- derror "ldconfig exited ungracefully"
- else
- derror "ldconfig might need uid=0 (root) for chroot()"
- fi
- fi
+ build_ld_cache
fi
if dracut_module_included "squash"; then
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index c42eb679..f31ff556 100644
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -28,11 +28,6 @@ installpost() {
[[ $squash_dir == "$i"/* ]] || mv "$i" "$squash_dir"/
done
- # initdir also needs ld.so.* to make ld.so work
- inst /etc/ld.so.cache
- inst /etc/ld.so.conf
- inst_dir /etc/ld.so.conf.d
-
# Create mount points for squash loader
mkdir -p "$initdir"/squash/
mkdir -p "$squash_dir"/squash/
@@ -67,6 +62,9 @@ installpost() {
ln_r /usr/bin /bin
ln_r /usr/sbin /sbin
inst_simple "$moddir"/init-squash.sh /init
+
+ # make sure that library links are correct and up to date for squash loader
+ build_ld_cache
}
install() {

59
SOURCES/0018-feat-dracut-initramfs-restore-unpack-erofs-images.patch
Unescape View File

@ -1,59 +0,0 @@
From ac4b18bf89bfa440ff741557fe9928cd2b19b66e Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Tue, 30 Jul 2024 17:24:28 +0200
Subject: [PATCH 18/32] feat(dracut-initramfs-restore): unpack erofs images
Follow the example for squashfs images and also unpack erofs images in
dracut-initramfs-restore.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit b390e194911835e6bd24eeeb0946e374852b8ddc)
Resolves: RHEL-43460
---
dracut-initramfs-restore.sh | 10 ++++++++--
modules.d/95squash-erofs/module-setup.sh | 2 +-
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/dracut-initramfs-restore.sh b/dracut-initramfs-restore.sh
index 74725308..98cfaed7 100755
--- a/dracut-initramfs-restore.sh
+++ b/dracut-initramfs-restore.sh
@@ -81,12 +81,18 @@ else
exit 1
fi
-if [[ -d squash ]]; then
- if ! unsquashfs -no-xattrs -f -d . squash-root.img > /dev/null; then
+if [[ -f squashfs-root.img ]]; then
+ if ! unsquashfs -no-xattrs -f -d . squashfs-root.img > /dev/null; then
echo "Squash module is enabled for this initramfs but failed to unpack squash-root.img" >&2
rm -f -- /run/initramfs/shutdown
exit 1
fi
+elif [[ -f erofs-root.img ]]; then
+ if ! fsck.erofs --extract=. --overwrite erofs-root.img > /dev/null; then
+ echo "Squash module is enabled for this initramfs but failed to unpack erofs-root.img" >&2
+ rm -f -- /run/initramfs/shutdown
+ exit 1
+ fi
fi
if grep -q -w selinux /sys/kernel/security/lsm 2> /dev/null \
diff --git a/modules.d/95squash-erofs/module-setup.sh b/modules.d/95squash-erofs/module-setup.sh
index 71c2b672..d763a902 100755
--- a/modules.d/95squash-erofs/module-setup.sh
+++ b/modules.d/95squash-erofs/module-setup.sh
@@ -1,7 +1,7 @@
#!/bin/bash
check() {
- require_binaries mkfs.erofs || return 1
+ require_binaries mkfs.erofs fsck.erofs || return 1
require_kernel_modules erofs || return 1
return 255
--
2.42.0

59
SOURCES/0018.patch
Unescape View File

@ -0,0 +1,59 @@
From 37e73a30c5b75a57de9e2bb6843eb9a1dab12abf Mon Sep 17 00:00:00 2001
From: Laszlo Gombos <laszlo.gombos@gmail.com>
Date: Sun, 14 Aug 2022 22:46:10 +0000
Subject: [PATCH] test(16-DMSQUASH): make it pass on arch
Include additional kernel drivers and install squashfs-tools
into the arch container.
(cherry picked from commit b8ffc87d13989f95c8f48ec64613dd9138835618)
Related: #2135060
---
test/TEST-16-DMSQUASH/test.sh | 4 +++-
test/container/Dockerfile-Arch | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/test/TEST-16-DMSQUASH/test.sh b/test/TEST-16-DMSQUASH/test.sh
index cf433489..52029375 100755
--- a/test/TEST-16-DMSQUASH/test.sh
+++ b/test/TEST-16-DMSQUASH/test.sh
@@ -6,7 +6,7 @@ TEST_DESCRIPTION="live root on a squash filesystem"
KVERSION="${KVERSION-$(uname -r)}"
# Uncomment this to debug failures
-# DEBUGFAIL="rd.shell rd.debug loglevel=7"
+#DEBUGFAIL="rd.shell rd.debug loglevel=7"
test_run() {
dd if=/dev/zero of="$TESTDIR"/marker.img bs=1MiB count=1
@@ -72,6 +72,7 @@ test_setup() {
# devices, volume groups, encrypted partitions, etc.
"$basedir"/dracut.sh -l -i "$TESTDIR"/overlay / \
--modules "rootfs-block qemu" \
+ --drivers "ext4 sd_mod" \
--no-hostonly --no-hostonly-cmdline --no-early-microcode --nofscks --nomdadmconf --nohardlink --nostrip \
--force "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1
rm -rf -- "$TESTDIR"/overlay
@@ -109,6 +110,7 @@ test_setup() {
"$basedir"/dracut.sh -l -i "$TESTDIR"/overlay / \
--modules "dmsquash-live qemu" \
--omit "rngd" \
+ --drivers "ext4 sd_mod" \
--no-hostonly --no-hostonly-cmdline \
--force "$TESTDIR"/initramfs.testing "$KVERSION" || return 1
diff --git a/test/container/Dockerfile-Arch b/test/container/Dockerfile-Arch
index 922b8ede..ac1513a1 100644
--- a/test/container/Dockerfile-Arch
+++ b/test/container/Dockerfile-Arch
@@ -9,7 +9,7 @@ RUN echo 'export DRACUT_NO_XATTR=1 KVERSION=$(cd /lib/modules; ls -1 | tail -1)'
# Install needed packages for the dracut CI container
RUN pacman --noconfirm -Sy \
- linux dash strace dhclient asciidoc cpio pigz \
+ linux dash strace dhclient asciidoc cpio pigz squashfs-tools \
qemu btrfs-progs mdadm dmraid nfs-utils nfsidmap lvm2 nbd \
dhcp networkmanager multipath-tools vi tcpdump open-iscsi \
git shfmt shellcheck astyle which base-devel && yes | pacman -Scc

55
SOURCES/0019-fix-squash-explicitly-create-required-directories.patch
Unescape View File

@ -1,55 +0,0 @@
From c0bd2334708d9bfc6fbeb1c63eae0037eb4157b6 Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Tue, 30 Jul 2024 13:35:17 +0200
Subject: [PATCH 19/32] fix(squash): explicitly create required directories
At the moment 99squash relies on dracut-install to create the required
directories it later links to. This approach is error prone and will
cause problems when switching to use 99busybox later on, which tries to
add a link to /usr/sbin that hasn't been created. Thus explicitly
create the expected directories before installing the minimal initrd.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit dde95b10ff6b28330370fd697350f8bc5da422da)
Related: RHEL-43460
---
modules.d/99squash/module-setup.sh | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index 5cbbec63..6aa649b7 100755
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -40,12 +40,15 @@ squash_get_handler() {
}
squash_install() {
- local _busybox
+ local _busybox _dir
_busybox=$(find_binary busybox)
- # Create mount points for squash loader
- mkdir -p "$initdir"/squash/
- mkdir -p "$squashdir"/squash/
+ # Create mount points for squash loader and basic directories
+ mkdir -p "$initdir"/squash
+ for _dir in squash usr/bin usr/sbin usr/lib; do
+ mkdir -p "$squashdir/$_dir"
+ [[ $_dir == usr/* ]] && ln_r "/$_dir" "${_dir#usr}"
+ done
# Install required modules and binaries for the squash image init script.
if [[ $_busybox ]]; then
@@ -67,8 +70,6 @@ squash_install() {
dracut_kernel_post
# Install squash image init script.
- ln_r /usr/bin /bin
- ln_r /usr/sbin /sbin
inst_simple "$moddir"/init-squash.sh /init
# make sure that library links are correct and up to date for squash loader
--
2.42.0

425
SOURCES/0019.patch
Unescape View File

@ -0,0 +1,425 @@
From 8aa62b8cb28a41d4739633aee9b02e40dc4a75d0 Mon Sep 17 00:00:00 2001
From: Matt Coleman <matt@datto.com>
Date: Fri, 23 Sep 2022 19:28:25 -0400
Subject: [PATCH] feat(dmsquash-live): add new dmsquash-live-autooverlay module
Adapt to test properly with the CentOS Stream 9 container too.
(cherry picked from commit a3c67d27e75223bb45df19f850d246ced9a09938)
Co-authored-by: Neal Gompa <ngompa@datto.com>
Resolves: #2135060
---
.github/workflows/integration.yml | 1 +
man/dracut.cmdline.7.asc | 4 +
.../create-overlay-genrules.sh | 10 ++
.../90dmsquash-live-autooverlay/create-overlay.sh | 119 +++++++++++++++++++++
.../90dmsquash-live-autooverlay/module-setup.sh | 25 +++++
pkgbuild/dracut.spec | 3 +-
test/TEST-16-DMSQUASH/create-root.sh | 12 ++-
test/TEST-16-DMSQUASH/test-init.sh | 6 ++
test/TEST-16-DMSQUASH/test.sh | 38 ++++++-
test/container/Dockerfile-Arch | 2 +-
test/container/Dockerfile-CentOS-9-Stream | 2 +
test/container/Dockerfile-Debian | 1 +
test/container/Dockerfile-Fedora-latest | 1 +
test/container/Dockerfile-OpenSuse-latest | 2 +-
14 files changed, 218 insertions(+), 8 deletions(-)
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 40da300c..c22bf916 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -98,6 +98,7 @@ jobs:
"11",
"12",
"13",
+ "16",
"17",
"20",
"21",
diff --git a/man/dracut.cmdline.7.asc b/man/dracut.cmdline.7.asc
index fda62fd1..40d13d83 100644
--- a/man/dracut.cmdline.7.asc
+++ b/man/dracut.cmdline.7.asc
@@ -1161,6 +1161,10 @@ rd.live.overlay=/dev/sdb1:persistent-overlay.img
rd.live.overlay=UUID=99440c1f-8daa-41bf-b965-b7240a8996f4
--
+**rd.live.overlay.cowfs=**__[btrfs|ext4|xfs]__::
+Specifies the filesystem to use when formatting the overlay partition.
+The default is ext4.
+
**rd.live.overlay.size=**__<size_MiB>__::
Specifies a non-persistent Device-mapper overlay size in MiB. The default is
_32768_.
diff --git a/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh b/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh
new file mode 100755
index 00000000..ed168d9f
--- /dev/null
+++ b/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# shellcheck disable=SC2154
+case "$root" in
+ live:/dev/*)
+ printf 'SYMLINK=="%s", RUN+="/sbin/initqueue --settled --onetime --unique /sbin/create-overlay %s"\n' \
+ "${root#live:/dev/}" "${root#live:}" >> /etc/udev/rules.d/95-create-overlay.rules
+ wait_for_dev -n "${root#live:}"
+ ;;
+esac
diff --git a/modules.d/90dmsquash-live-autooverlay/create-overlay.sh b/modules.d/90dmsquash-live-autooverlay/create-overlay.sh
new file mode 100755
index 00000000..c89bda2b
--- /dev/null
+++ b/modules.d/90dmsquash-live-autooverlay/create-overlay.sh
@@ -0,0 +1,119 @@
+#!/bin/sh
+
+type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh
+
+if getargbool 0 rd.live.debug -n -y rdlivedebug; then
+ exec > /tmp/create-overlay.$$.out
+ exec 2>> /tmp/create-overlay.$$.out
+ set -x
+fi
+
+gatherData() {
+ overlay=$(getarg rd.live.overlay)
+ if [ -z "$overlay" ]; then
+ info "Skipping overlay creation: kernel command line parameter 'rd.live.overlay' is not set"
+ exit 0
+ fi
+ # shellcheck disable=SC2086
+ if ! str_starts ${overlay} LABEL=; then
+ die "Overlay creation failed: the partition must be set by LABEL in the 'rd.live.overlay' kernel parameter"
+ fi
+
+ overlayLabel=${overlay#LABEL=}
+ # shellcheck disable=SC2086
+ if [ -b /dev/disk/by-label/${overlayLabel} ]; then
+ info "Skipping overlay creation: overlay already exists"
+ exit 0
+ fi
+
+ filesystem=$(getarg rd.live.overlay.cowfs)
+ [ -z "$filesystem" ] && filesystem="ext4"
+ if [ "$filesystem" != "ext4" ] && [ "$filesystem" != "xfs" ] && [ "$filesystem" != "btrfs" ]; then
+ die "Overlay creation failed: only ext4, xfs, and btrfs are supported in the 'rd.live.overlay.cowfs' kernel parameter"
+ fi
+
+ live_dir=$(getarg rd.live.dir)
+ [ -z "$live_dir" ] && live_dir="LiveOS"
+
+ [ -z "$1" ] && exit 1
+ rootDevice=$1
+
+ # The kernel command line's 'root=' parameter was parsed into the $root variable by the dmsquash-live module.
+ # $root contains the path to a symlink within /dev/disk/by-label, which points to a partition.
+ # This script needs that partition's parent block device.
+ # shellcheck disable=SC2046
+ # shellcheck disable=SC2086
+ rootDeviceAbsolutePath=$(readlink -f ${rootDevice})
+ rootDeviceSysfsPath=/sys/class/block/${rootDeviceAbsolutePath##*/}
+ if [ -f "${rootDeviceSysfsPath}/partition" ]; then
+ # shellcheck disable=SC2086
+ partition=$(cat ${rootDeviceSysfsPath}/partition)
+ else
+ partition=0
+ fi
+ # shellcheck disable=SC2086
+ readonly=$(cat ${rootDeviceSysfsPath}/ro)
+ # shellcheck disable=SC2086
+ if [ "$partition" != "1" ] || [ "$readonly" != "0" ]; then
+ info "Skipping overlay creation: unpartitioned or read-only media detected"
+ exit 0
+ fi
+ # shellcheck disable=SC2046
+ # shellcheck disable=SC2086
+ fullDriveSysfsPath=$(readlink -f ${rootDeviceSysfsPath}/..)
+ blockDevice=/dev/${fullDriveSysfsPath##*/}
+ currentPartitionCount=$(grep --count -E "${blockDevice#/dev/}[0-9]+" /proc/partitions)
+
+ # shellcheck disable=SC2086
+ freeSpaceStart=$(parted --script ${blockDevice} unit % print free \
+ | awk -v x=${currentPartitionCount} '$1 == x {getline; print $1}')
+ if [ -z "$freeSpaceStart" ]; then
+ info "Skipping overlay creation: there is no free space after the last partition"
+ exit 0
+ fi
+ partitionStart=$((${freeSpaceStart%.*} + 1))
+ if [ $partitionStart -eq 100 ]; then
+ info "Skipping overlay creation: there is not enough free space after the last partition"
+ exit 0
+ fi
+
+ overlayPartition=${blockDevice}$((currentPartitionCount + 1))
+
+ label=$(blkid --match-tag LABEL --output value "$rootDevice")
+ uuid=$(blkid --match-tag UUID --output value "$rootDevice")
+ if [ -z "$label" ] || [ -z "$uuid" ]; then
+ die "Overlay creation failed: failed to look up root device label and UUID"
+ fi
+}
+
+createPartition() {
+ # shellcheck disable=SC2086
+ parted --script --align optimal ${blockDevice} mkpart primary ${partitionStart}% 100%
+}
+
+createFilesystem() {
+ # shellcheck disable=SC2086
+ mkfs.${filesystem} -L ${overlayLabel} ${overlayPartition}
+
+ baseDir=/run/initramfs/create-overlayfs
+ mkdir -p ${baseDir}
+ # shellcheck disable=SC2086
+ mount -t auto ${overlayPartition} ${baseDir}
+
+ mkdir -p ${baseDir}/${live_dir}/ovlwork
+ # shellcheck disable=SC2086
+ mkdir ${baseDir}/${live_dir}/overlay-${label}-${uuid}
+
+ umount ${baseDir}
+ rm -r ${baseDir}
+}
+
+main() {
+ gatherData "$1"
+ createPartition
+ udevsettle
+ createFilesystem
+ udevsettle
+}
+
+main "$1"
diff --git a/modules.d/90dmsquash-live-autooverlay/module-setup.sh b/modules.d/90dmsquash-live-autooverlay/module-setup.sh
new file mode 100755
index 00000000..c3712eba
--- /dev/null
+++ b/modules.d/90dmsquash-live-autooverlay/module-setup.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+check() {
+ # including a module dedicated to live environments in a host-only initrd doesn't make sense
+ [[ $hostonly ]] && return 1
+ return 255
+}
+
+depends() {
+ echo dmsquash-live
+ return 0
+}
+
+installkernel() {
+ instmods btrfs ext4 xfs
+}
+
+install() {
+ inst_multiple awk blkid cat grep mkdir mount parted readlink rmdir tr umount
+ inst_multiple -o mkfs.btrfs mkfs.ext4 mkfs.xfs
+ # shellcheck disable=SC2154
+ inst_hook pre-udev 25 "$moddir/create-overlay-genrules.sh"
+ inst_script "$moddir/create-overlay.sh" "/sbin/create-overlay"
+ dracut_need_initqueue
+}
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index 38de47b4..e148bbf7 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -138,7 +138,7 @@ Requires: %{name} >= %{version}-%{dist_free_release}
Requires: %{name} = %{version}-%{release}
%endif
Requires: %{name}-network = %{version}-%{release}
-Requires: tar gzip coreutils bash device-mapper curl
+Requires: tar gzip coreutils bash device-mapper curl parted
%if 0%{?fedora}
Requires: fuse ntfs-3g
%endif
@@ -461,6 +461,7 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%files live
%{dracutlibdir}/modules.d/99img-lib
%{dracutlibdir}/modules.d/90dmsquash-live
+%{dracutlibdir}/modules.d/90dmsquash-live-autooverlay
%{dracutlibdir}/modules.d/90dmsquash-live-ntfs
%{dracutlibdir}/modules.d/90livenet
diff --git a/test/TEST-16-DMSQUASH/create-root.sh b/test/TEST-16-DMSQUASH/create-root.sh
index 9bc1aa5d..c11e17e0 100755
--- a/test/TEST-16-DMSQUASH/create-root.sh
+++ b/test/TEST-16-DMSQUASH/create-root.sh
@@ -11,9 +11,17 @@ udevadm control --reload
set -e
udevadm settle
-mkfs.ext4 -q -L dracut /dev/disk/by-id/ata-disk_root
+
+# create a single partition using 50% of the capacity of the image file created by test_setup() in test.sh
+sfdisk /dev/disk/by-id/ata-disk_root << EOF
+2048,161792
+EOF
+
+udevadm settle
+
+mkfs.ext4 -q -L dracut /dev/disk/by-id/ata-disk_root-part1
mkdir -p /root
-mount /dev/disk/by-id/ata-disk_root /root
+mount /dev/disk/by-id/ata-disk_root-part1 /root
mkdir -p /root/run /root/testdir
echo "Creating squashfs"
mksquashfs /source /root/testdir/rootfs.img -quiet
diff --git a/test/TEST-16-DMSQUASH/test-init.sh b/test/TEST-16-DMSQUASH/test-init.sh
index 068e8f38..959fa25f 100755
--- a/test/TEST-16-DMSQUASH/test-init.sh
+++ b/test/TEST-16-DMSQUASH/test-init.sh
@@ -9,6 +9,12 @@ exec > /dev/console 2>&1
echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker
+if grep -qF ' rd.live.overlay=LABEL=persist ' /proc/cmdline; then
+ # Writing to a file in the root filesystem lets test_run() verify that the autooverlay module successfully created
+ # and formatted the overlay partition and that the dmsquash-live module used it when setting up the rootfs overlay.
+ echo "dracut-autooverlay-success" > /overlay-marker
+fi
+
export TERM=linux
export PS1='initramfs-test:\w\$ '
[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab
diff --git a/test/TEST-16-DMSQUASH/test.sh b/test/TEST-16-DMSQUASH/test.sh
index 52029375..58d73b0d 100755
--- a/test/TEST-16-DMSQUASH/test.sh
+++ b/test/TEST-16-DMSQUASH/test.sh
@@ -5,8 +5,9 @@ TEST_DESCRIPTION="live root on a squash filesystem"
KVERSION="${KVERSION-$(uname -r)}"
-# Uncomment this to debug failures
-#DEBUGFAIL="rd.shell rd.debug loglevel=7"
+# Uncomment these to debug failures
+#DEBUGFAIL="rd.shell rd.debug rd.live.debug loglevel=7"
+#DEBUGTOOLS="setsid ls cat sfdisk"
test_run() {
dd if=/dev/zero of="$TESTDIR"/marker.img bs=1MiB count=1
@@ -23,6 +24,27 @@ test_run() {
-initrd "$TESTDIR"/initramfs.testing
grep -U --binary-files=binary -F -m 1 -q dracut-root-block-success -- "$TESTDIR"/marker.img || return 1
+
+ rootPartitions=$(sfdisk -d "$TESTDIR"/root.img | grep -c 'root\.img[0-9]')
+ [ "$rootPartitions" -eq 1 ] || return 1
+
+ "$testdir"/run-qemu \
+ "${disk_args[@]}" \
+ -boot order=d \
+ -append "rd.live.image rd.live.overlay.overlayfs=1 rd.live.overlay=LABEL=persist rd.live.dir=testdir root=LABEL=dracut console=ttyS0,115200n81 quiet selinux=0 rd.info rd.shell=0 panic=1 oops=panic softlockup_panic=1 $DEBUGFAIL" \
+ -initrd "$TESTDIR"/initramfs.testing-autooverlay
+
+ rootPartitions=$(sfdisk -d "$TESTDIR"/root.img | grep -c 'root\.img[0-9]')
+ [ "$rootPartitions" -eq 2 ] || return 1
+
+ (
+ # Ensure that this test works when run with the `V=1` parameter, which runs the script with `set -o pipefail`.
+ set +o pipefail
+
+ # Verify that the string "dracut-autooverlay-success" occurs in the second partition in the image file.
+ dd if="$TESTDIR"/root.img bs=1MiB skip=80 status=none \
+ | grep -U --binary-files=binary -F -m 1 -q dracut-autooverlay-success
+ ) || return 1
}
test_setup() {
@@ -49,7 +71,7 @@ test_setup() {
ln -s dracut-util "${initdir}/usr/bin/dracut-getarg"
ln -s dracut-util "${initdir}/usr/bin/dracut-getargs"
- inst_multiple mkdir ln dd stty mount poweroff
+ inst_multiple mkdir ln dd stty mount poweroff grep "$DEBUGTOOLS"
cp -a -- /etc/ld.so.conf* "$initdir"/etc
ldconfig -r "$initdir"
@@ -115,6 +137,16 @@ test_setup() {
--force "$TESTDIR"/initramfs.testing "$KVERSION" || return 1
ls -sh "$TESTDIR"/initramfs.testing
+
+ "$basedir"/dracut.sh -l -i "$TESTDIR"/overlay / \
+ --modules "dmsquash-live-autooverlay qemu" \
+ --omit "rngd" \
+ --drivers "ext4 sd_mod" \
+ --no-hostonly --no-hostonly-cmdline \
+ --force "$TESTDIR"/initramfs.testing-autooverlay "$KVERSION" || return 1
+
+ ls -sh "$TESTDIR"/initramfs.testing-autooverlay
+
rm -rf -- "$TESTDIR"/overlay
}
diff --git a/test/container/Dockerfile-Arch b/test/container/Dockerfile-Arch
index ac1513a1..4112cc5b 100644
--- a/test/container/Dockerfile-Arch
+++ b/test/container/Dockerfile-Arch
@@ -12,7 +12,7 @@ RUN pacman --noconfirm -Sy \
linux dash strace dhclient asciidoc cpio pigz squashfs-tools \
qemu btrfs-progs mdadm dmraid nfs-utils nfsidmap lvm2 nbd \
dhcp networkmanager multipath-tools vi tcpdump open-iscsi \
- git shfmt shellcheck astyle which base-devel && yes | pacman -Scc
+ git shfmt shellcheck astyle which base-devel glibc parted && yes | pacman -Scc
RUN useradd -m build
RUN su build -c 'cd && git clone https://aur.archlinux.org/perl-config-general.git && cd perl-config-general && makepkg -s --noconfirm'
diff --git a/test/container/Dockerfile-CentOS-9-Stream b/test/container/Dockerfile-CentOS-9-Stream
index c9a96020..abcc067e 100644
--- a/test/container/Dockerfile-CentOS-9-Stream
+++ b/test/container/Dockerfile-CentOS-9-Stream
@@ -33,8 +33,10 @@ RUN dnf -y install --enablerepo crb --setopt=install_weak_deps=False \
make \
mdadm \
nfs-utils \
+ parted \
pigz \
rpm-build \
+ squashfs-tools \
strace \
sudo \
tar \
diff --git a/test/container/Dockerfile-Debian b/test/container/Dockerfile-Debian
index b4c1704e..15eb9958 100644
--- a/test/container/Dockerfile-Debian
+++ b/test/container/Dockerfile-Debian
@@ -42,6 +42,7 @@ RUN apt-get update -y -qq && apt-get upgrade -y -qq && DEBIAN_FRONTEND=nonintera
network-manager \
nfs-common \
open-iscsi \
+ parted \
pigz \
pkg-config \
procps \
diff --git a/test/container/Dockerfile-Fedora-latest b/test/container/Dockerfile-Fedora-latest
index 87c749f9..a38a72ef 100644
--- a/test/container/Dockerfile-Fedora-latest
+++ b/test/container/Dockerfile-Fedora-latest
@@ -49,6 +49,7 @@ RUN dnf -y install --setopt=install_weak_deps=False \
which \
ShellCheck \
shfmt \
+ parted \
&& dnf -y update && dnf clean all
# Set default command
diff --git a/test/container/Dockerfile-OpenSuse-latest b/test/container/Dockerfile-OpenSuse-latest
index 637d50c6..9aaf07b1 100644
--- a/test/container/Dockerfile-OpenSuse-latest
+++ b/test/container/Dockerfile-OpenSuse-latest
@@ -13,7 +13,7 @@ RUN dnf -y install --setopt=install_weak_deps=False \
strace libkmod-devel gcc bzip2 xz tar wget rpm-build make git bash-completion \
sudo kernel dhcp-client qemu-kvm /usr/bin/qemu-system-$(uname -m) e2fsprogs \
tcpdump iproute iputils kbd NetworkManager btrfsprogs tgt dbus-broker \
- iscsiuio open-iscsi which ShellCheck procps pigz \
+ iscsiuio open-iscsi which ShellCheck procps pigz parted squashfs \
&& dnf -y update && dnf clean all
RUN shfmt_version=3.2.4; wget "https://github.com/mvdan/sh/releases/download/v${shfmt_version}/shfmt_v${shfmt_version}_linux_amd64" -O /usr/local/bin/shfmt \

64
SOURCES/0020-fix-squash-use-99busybox-instead-of-installing-it-ma.patch
Unescape View File

@ -1,64 +0,0 @@
From eef65961330c8fb68493d9a3eab55171482984c1 Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Tue, 30 Jul 2024 13:44:32 +0200
Subject: [PATCH 20/32] fix(squash): use 99busybox instead of installing it
manually
Make use of 99busybox in 99squash rather than installing it manually.
This not only removes duplicate code but allows mixing of busybox with
tools from coreutils. This requires a small change in 99busybox to
remove the hard coded use of $initdir.
Suggested-by: Laszlo Gombos <laszlo.gombos@gmail.com>
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit 395366278f473038badba239f76cac391428b149)
Related: RHEL-43460
---
modules.d/05busybox/module-setup.sh | 5 +++++
modules.d/99squash/module-setup.sh | 5 +----
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/modules.d/05busybox/module-setup.sh b/modules.d/05busybox/module-setup.sh
index 86b3761a..857145c9 100755
--- a/modules.d/05busybox/module-setup.sh
+++ b/modules.d/05busybox/module-setup.sh
@@ -15,6 +15,7 @@ depends() {
# called by dracut
install() {
local _i _path _busybox
+ local _dstdir="${dstdir:-"$initdir"}"
local _progs=()
_busybox=$(find_binary busybox)
inst "$_busybox" /usr/bin/busybox
@@ -26,6 +27,10 @@ install() {
for _i in "${_progs[@]}"; do
_path=$(find_binary "$_i")
[ -z "$_path" ] && continue
+
+ # do not remove existing destination files
+ [ -e "${_dstdir}/$_path" ] && continue
+
ln_r /usr/bin/busybox "$_path"
done
}
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index 6aa649b7..56f70774 100755
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -52,10 +52,7 @@ squash_install() {
# Install required modules and binaries for the squash image init script.
if [[ $_busybox ]]; then
- inst "$_busybox" /usr/bin/busybox
- for _i in sh echo mount modprobe mkdir switch_root grep umount; do
- ln_r /usr/bin/busybox /usr/bin/$_i
- done
+ module_install "busybox"
else
DRACUT_RESOLVE_DEPS=1 inst_multiple sh mount modprobe mkdir switch_root grep umount
--
2.42.0

39
SOURCES/0020.patch
Unescape View File

@ -0,0 +1,39 @@
From 3e912f878de8d310bd06199e03602c63d2b60dba Mon Sep 17 00:00:00 2001
From: Radek Vykydal <rvykydal@redhat.com>
Date: Tue, 20 Dec 2022 16:40:23 +0100
Subject: [PATCH] fix(network-manager): allow running nm-run.sh multiple times
This partially reverts
https://github.com/redhat-plumbers/dracut-rhel9/commit/77630365aed201a729c73a9ffda0733a75f3fee4
Anaconda needs to be able to run nm-run.sh to trigger online hooks again
after kickstart is fetched from storage and network is configured
accordingly.
rhel-only
Resolves: rhbz#2157082
---
modules.d/35network-manager/nm-run.sh | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh
index 7d8d61fa..6110733d 100755
--- a/modules.d/35network-manager/nm-run.sh
+++ b/modules.d/35network-manager/nm-run.sh
@@ -2,11 +2,12 @@
type source_hook > /dev/null 2>&1 || . /lib/dracut-lib.sh
-if [ -e /tmp/nm.done ]; then
- return
-fi
-
if [ -z "$DRACUT_SYSTEMD" ]; then
+
+ if [ -e /tmp/nm.done ]; then
+ return
+ fi
+
# Only start NM if networking is needed
if [ -e /run/NetworkManager/initrd/neednet ]; then
for i in /usr/lib/NetworkManager/system-connections/* \

56
SOURCES/0021.patch
Unescape View File

@ -0,0 +1,56 @@
From f814aed234f5bfb99029b9926a41727cbc68824c Mon Sep 17 00:00:00 2001
From: Tao Liu <ltao@redhat.com>
Date: Fri, 3 Mar 2023 18:27:25 +0800
Subject: [PATCH] fix(lvmthinpool-monitor): activate lvm thin pool before
extend its size
The state of lvm thin pool may change into inactived state when kdump into
2nd kernel. As a result, lvextend will fail to extend its size. For example:
In 1st kernel:
$ lvs
LV VG Attr LSize Pool Origin Data% Meta%
vol vg00 Vwi-a-tz-- 300.00m thinpool 70.54
thinpool vg00 twi-aotz-- 236.00m 89.67 12.50
...
In 2nd kernel:
LV VG Attr LSize Pool Origin Data% Meta%
vol vg00 Vwi-aotz-- 300.00m thinpool 70.54
thinpool vg00 twi---tz-- 236.00m 89.67 12.50
...
And the lvextend failing log:
[ 8.483878] start-thinpool-monitor[590]: lvextend using policy requires the thin pool to be active.
In this patch, we will first activate lvm thin pool before calling lvextend
during kdump.
Signed-off-by: Tao Liu <ltao@redhat.com>
(Cherry-picked commit: 4a6b81378f5c542fa1a94386744b9f4a0cc3e33a)
Resolves: #2175096
---
modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh b/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh
index 75d8eada..10f4a4bb 100755
--- a/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh
+++ b/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh
@@ -31,6 +31,12 @@ if [ -n "$THIN_POOLS" ]; then
CONFIG="activation {monitoring=0 thin_pool_autoextend_threshold=70 thin_pool_autoextend_percent=20}"
fi
+ # Activate the thinpool in case the thinpool is in inactive state.
+ # Otherwise lvextend will fail.
+ for THIN_POOL in $THIN_POOLS; do
+ lvm lvchange -ay "$THIN_POOL" --config "$CONFIG"
+ done
+
while true; do
for THIN_POOL in $THIN_POOLS; do
lvm lvextend --use-policies --config "$CONFIG" "$THIN_POOL"

42
SOURCES/0022-fix-resume-do-not-include-resume-if-swap-is-on-netde.patch
Unescape View File

@ -1,42 +0,0 @@
From 4a6806efae05b453bb9b93efe961fb1033bb562b Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Sat, 17 Aug 2024 00:39:17 +0200
Subject: [PATCH 22/32] fix(resume): do not include resume if swap is on
netdevice
Additional fix, restoring previous behavior identical to RHEL-9.
rhel-only
Resolves: RHEL-53350
---
modules.d/95resume/module-setup.sh | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/modules.d/95resume/module-setup.sh b/modules.d/95resume/module-setup.sh
index c0f04a6c..785f681a 100755
--- a/modules.d/95resume/module-setup.sh
+++ b/modules.d/95resume/module-setup.sh
@@ -4,9 +4,6 @@
# shellcheck disable=SC2317
check() {
- # Always include resume module
- return 0
-
swap_on_netdevice() {
local _dev
for _dev in "${swap_devs[@]}"; do
@@ -23,6 +20,9 @@ check() {
# hibernation support requested on kernel command line
return 0
else
+ # always include resume module when not on netdevice
+ return 0
+
# resume= not set on kernel command line
if [[ -f /sys/power/resume ]]; then
if [[ "$(< /sys/power/resume)" == "0:0" ]]; then
--
2.42.0

145
SOURCES/0022.patch
Unescape View File

@ -0,0 +1,145 @@
From cd2bfd13e80d5a20ca27e3f7e9dd5f4d33c30a6d Mon Sep 17 00:00:00 2001
From: Valentin Lefebvre <valentin.lefebvre@suse.com>
Date: Mon, 13 Mar 2023 12:06:13 +0100
Subject: [PATCH] fix(dracut.sh): use dynamically uefi's sections offset
* Uefi section are creating by `objcopy` with hardcoded sections
offset. This commit allow to have the correct offset between
each part of the efi file, needed to create an UKI. Offsets
are simply calculated so no sections overlap, as recommended
in https://wiki.archlinux.org/title/Unified_kernel_image#Manually
Moreover, efi stub file's header is parsed to apply the correct
offsets according the section alignment factor.
* Remove EFI_SECTION_VMA_INITRD, no need anymore as initrd
section offset dynamically calculated
Fixes dracutdevs#2275
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
(Cherry-picked commit: f32e95bcadbc5158843530407adc1e7b700561b1)
Resolves: #2180787
---
dracut-functions.sh | 23 +++++++++++++++++++++++
dracut.sh | 45 +++++++++++++++++++++++++++++++++++----------
2 files changed, 58 insertions(+), 10 deletions(-)
diff --git a/dracut-functions.sh b/dracut-functions.sh
index ff6749a1..a95755b2 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -995,3 +995,26 @@ get_dev_module() {
fi
echo "$dev_drivers"
}
+
+# Check if file is in PE format
+pe_file_format() {
+ if [[ $# -eq 1 ]]; then
+ local magic
+ magic=$(objdump -p "$1" \
+ | awk '{if ($1 == "Magic"){print strtonum("0x"$2)}}')
+ magic=$(printf "0x%x" "$magic")
+ # 0x10b (PE32), 0x20b (PE32+)
+ [[ $magic == 0x20b || $magic == 0x10b ]] && return 0
+ fi
+ return 1
+}
+
+# Get the sectionAlignment data from the PE header
+pe_get_section_align() {
+ local align_hex
+ [[ $# -ne "1" ]] && return 1
+ [[ $(pe_file_format "$1") -eq 1 ]] && return 1
+ align_hex=$(objdump -p "$1" \
+ | awk '{if ($1 == "SectionAlignment"){print $2}}')
+ echo "$((16#$align_hex))"
+}
diff --git a/dracut.sh b/dracut.sh
index d2f07ac6..0c963431 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1433,7 +1433,6 @@ if [[ ! $print_cmdline ]]; then
exit 1
fi
unset EFI_MACHINE_TYPE_NAME
- EFI_SECTION_VMA_INITRD=0x3000000
case $(uname -m) in
x86_64)
EFI_MACHINE_TYPE_NAME=x64
@@ -1443,8 +1442,6 @@ if [[ ! $print_cmdline ]]; then
;;
aarch64)
EFI_MACHINE_TYPE_NAME=aa64
- # aarch64 kernels are uncompressed and thus larger, so we need a bigger gap between vma sections
- EFI_SECTION_VMA_INITRD=0x4000000
;;
*)
dfatal "Architecture '$(uname -m)' not supported to create a UEFI executable"
@@ -2596,29 +2593,57 @@ if [[ $uefi == yes ]]; then
done
fi
+ offs=$(objdump -h "$uefi_stub" 2> /dev/null | awk 'NF==7 {size=strtonum("0x"$3);\
+ offset=strtonum("0x"$4)} END {print size + offset}')
+ if [[ $offs -eq 0 ]]; then
+ dfatal "Failed to get the size of $uefi_stub to create UEFI image file"
+ exit 1
+ fi
+ align=$(pe_get_section_align "$uefi_stub")
+ if [[ $? -eq 1 ]]; then
+ dfatal "Failed to get the sectionAlignment of the stub PE header to create the UEFI image file"
+ exit 1
+ fi
+ offs=$((offs + "$align" - offs % "$align"))
+ [[ -s $dracutsysrootdir/usr/lib/os-release ]] && uefi_osrelease="$dracutsysrootdir/usr/lib/os-release"
+ [[ -s $dracutsysrootdir/etc/os-release ]] && uefi_osrelease="$dracutsysrootdir/etc/os-release"
+ [[ -s $uefi_osrelease ]] \
+ && uefi_osrelease_offs=${offs} \
+ && offs=$((offs + $(stat -Lc%s "$uefi_osrelease"))) \
+ && offs=$((offs + "$align" - offs % "$align"))
+
if [[ $kernel_cmdline ]] || [[ $hostonly_cmdline == yes && -d "$initdir/etc/cmdline.d" ]]; then
echo -ne "\x00" >> "$uefi_outdir/cmdline.txt"
dinfo "Using UEFI kernel cmdline:"
dinfo "$(tr -d '\000' < "$uefi_outdir/cmdline.txt")"
uefi_cmdline="${uefi_outdir}/cmdline.txt"
+ uefi_cmdline_offs=${offs}
+ offs=$((offs + $(stat -Lc%s "$uefi_cmdline")))
+ offs=$((offs + "$align" - offs % "$align"))
else
unset uefi_cmdline
fi
- [[ -s $dracutsysrootdir/usr/lib/os-release ]] && uefi_osrelease="$dracutsysrootdir/usr/lib/os-release"
- [[ -s $dracutsysrootdir/etc/os-release ]] && uefi_osrelease="$dracutsysrootdir/etc/os-release"
if [[ -s ${dracutsysrootdir}${uefi_splash_image} ]]; then
uefi_splash_image="${dracutsysrootdir}${uefi_splash_image}"
+ uefi_splash_offs=${offs}
+ offs=$((offs + $(stat -Lc%s "$uefi_splash_image")))
+ offs=$((offs + "$align" - offs % "$align"))
else
unset uefi_splash_image
fi
+ uefi_linux_offs="${offs}"
+ offs=$((offs + $(stat -Lc%s "$kernel_image")))
+ offs=$((offs + "$align" - offs % "$align"))
+ uefi_initrd_offs="${offs}"
+
if objcopy \
- ${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=0x20000} \
- ${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=0x30000} \
- ${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=0x40000} \
- --add-section .linux="$kernel_image" --change-section-vma .linux=0x2000000 \
- --add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="${EFI_SECTION_VMA_INITRD}" \
+ ${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=$(printf 0x%x "$uefi_osrelease_offs")} \
+ ${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=$(printf 0x%x "$uefi_cmdline_offs")} \
+ ${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=$(printf 0x%x "$uefi_splash_offs")} \
+ --add-section .linux="$kernel_image" --change-section-vma .linux="$(printf 0x%x "$uefi_linux_offs")" \
+ --add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="$(printf 0x%x "$uefi_initrd_offs")" \
"$uefi_stub" "${uefi_outdir}/linux.efi"; then
if [[ -n ${uefi_secureboot_key} && -n ${uefi_secureboot_cert} ]]; then
if sbsign \

44
SOURCES/0023-feat-dracut-init.sh-give-force-add-precedence-over-o.patch
Unescape View File

@ -1,44 +0,0 @@
From 2f3c9cb56cc7ccdccbd8f8056b21d39fa736da1e Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Sat, 17 Aug 2024 01:43:50 +0200
Subject: [PATCH 23/32] feat(dracut-init.sh): give --force-add precedence over
--omit
This gives precedence of force_add_dracutmodules to omit_dracutmodules,
as there is not other way to override omit_dracutmodules list, and users
would expect it to be overriden from command line.
Ref: https://github.com/dracut-ng/dracut-ng/pull/569
This way, `--add` retains it behaviour, and `--force-add` gains additional
functionality in non-hostonly mode. The module may still be skipped
if the module check returns 1, but it should throw error (as I'd expect
for `--force-add`).
(cherry picked commit a669346f48cbb3278c51ba5e95b1b91f9bfdee0a from PR#584)
Resolves: RHEL-53791
---
dracut-init.sh | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/dracut-init.sh b/dracut-init.sh
index 746362d1..3917bb0d 100755
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -969,8 +969,10 @@ check_module() {
[[ $2 ]] || mods_checked_as_dep+=" $_mod "
if [[ " $omit_dracutmodules " == *\ $_mod\ * ]]; then
- ddebug "Module '$_mod' will not be installed, because it's in the list to be omitted!"
- return 1
+ if [[ " $force_add_dracutmodules " != *\ $_mod\ * ]]; then
+ ddebug "Module '$_mod' will not be installed, because it's in the list to be omitted!"
+ return 1
+ fi
fi
if [[ " $dracutmodules $add_dracutmodules $force_add_dracutmodules" == *\ $_mod\ * ]]; then
--
2.42.0

97
SOURCES/0023.patch
Unescape View File

@ -0,0 +1,97 @@
From 11e1ffb0cf614fb6ec9b740cb6eb8c07c2a081ac Mon Sep 17 00:00:00 2001
From: keentux <valentin.lefebvre@suse.com>
Date: Wed, 22 Mar 2023 10:40:39 +0000
Subject: [PATCH] fix(dracut.sh): handle imagebase for uefi
* UEFI creation didn't handle the ImageBase data for the PE file
generation. Create an UKI thanks a stub file with a non zero BaseImage
logs some warning ans generate a bad file offset management. The efi
becomes unloadable.
* This commit parse the PE file header, get the data and apply the
ImageBase on the objcopy command.
Fixes dracutdevs#2284
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
(Cherry-picked commit: 6178a9d83ffad67fa371cef2ff3f5bbb337bc8b7)
Related: #2180787
---
dracut-functions.sh | 26 ++++++++++++++++++++++----
dracut.sh | 9 ++++++++-
2 files changed, 30 insertions(+), 5 deletions(-)
diff --git a/dracut-functions.sh b/dracut-functions.sh
index a95755b2..7f05da6e 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -1009,12 +1009,30 @@ pe_file_format() {
return 1
}
-# Get the sectionAlignment data from the PE header
+# Get specific data from the PE header
+pe_get_header_data() {
+ local data_header
+ [[ $# -ne "2" ]] && return 1
+ [[ $(pe_file_format "$1") -eq 1 ]] && return 1
+ data_header=$(objdump -p "$1" \
+ | awk -v data="$2" '{if ($1 == data){print $2}}')
+ echo "$data_header"
+}
+
+# Get the SectionAlignment data from the PE header
pe_get_section_align() {
local align_hex
[[ $# -ne "1" ]] && return 1
- [[ $(pe_file_format "$1") -eq 1 ]] && return 1
- align_hex=$(objdump -p "$1" \
- | awk '{if ($1 == "SectionAlignment"){print $2}}')
+ align_hex=$(pe_get_header_data "$1" "SectionAlignment")
+ [[ $? -eq 1 ]] && return 1
echo "$((16#$align_hex))"
}
+
+# Get the ImageBase data from the PE header
+pe_get_image_base() {
+ local base_image
+ [[ $# -ne "1" ]] && return 1
+ base_image=$(pe_get_header_data "$1" "ImageBase")
+ [[ $? -eq 1 ]] && return 1
+ echo "$((16#$base_image))"
+}
diff --git a/dracut.sh b/dracut.sh
index 0c963431..a6a27dcf 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2601,7 +2601,7 @@ if [[ $uefi == yes ]]; then
fi
align=$(pe_get_section_align "$uefi_stub")
if [[ $? -eq 1 ]]; then
- dfatal "Failed to get the sectionAlignment of the stub PE header to create the UEFI image file"
+ dfatal "Failed to get the SectionAlignment of the stub PE header to create the UEFI image file"
exit 1
fi
offs=$((offs + "$align" - offs % "$align"))
@@ -2638,12 +2638,19 @@ if [[ $uefi == yes ]]; then
offs=$((offs + "$align" - offs % "$align"))
uefi_initrd_offs="${offs}"
+ base_image=$(pe_get_image_base "$uefi_stub")
+ if [[ $? -eq 1 ]]; then
+ dfatal "Failed to get ImageBase data of $uefi_stub to create UEFI image file"
+ exit 1
+ fi
+
if objcopy \
${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=$(printf 0x%x "$uefi_osrelease_offs")} \
${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=$(printf 0x%x "$uefi_cmdline_offs")} \
${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=$(printf 0x%x "$uefi_splash_offs")} \
--add-section .linux="$kernel_image" --change-section-vma .linux="$(printf 0x%x "$uefi_linux_offs")" \
--add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="$(printf 0x%x "$uefi_initrd_offs")" \
+ --image-base="$(printf 0x%x "$base_image")" \
"$uefi_stub" "${uefi_outdir}/linux.efi"; then
if [[ -n ${uefi_secureboot_key} && -n ${uefi_secureboot_cert} ]]; then
if sbsign \

38
SOURCES/0024-feat-lsinitrd.sh-look-for-initrd-in-usr-lib-modules.patch
Unescape View File

@ -1,38 +0,0 @@
From 226de396c97d483380bd0604bfe2ff7f6a2ef48c Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Fri, 16 Aug 2024 20:40:15 +0200
Subject: [PATCH 24/32] feat(lsinitrd.sh): look for initrd in /usr/lib/modules/
Introduce new path for lsinitrd.sh to look into:
/usr/lib/modules/$kver/initramfs.img
Which is valid on all ostree-based systems, and also other image based
systems with pre-generated initramfs.
Ref: https://issues.redhat.com/browse/RHEL-35890
(cherry picked from commit 22ae6ecaf9ecdb9db3e79aa9a72d527e7436c282)
Resolves: RHEL-54650
---
lsinitrd.sh | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lsinitrd.sh b/lsinitrd.sh
index 6799f938..35314b78 100755
--- a/lsinitrd.sh
+++ b/lsinitrd.sh
@@ -125,6 +125,10 @@ find_initrd_for_kernel_version() {
echo "/lib/modules/${kernel_version}/initrd"
elif [[ -f /lib/modules/${kernel_version}/initramfs.img ]]; then
echo "/lib/modules/${kernel_version}/initramfs.img"
+ elif [[ -f /usr/lib/modules/${kernel_version}/initrd ]]; then
+ echo "/usr/lib/modules/${kernel_version}/initrd"
+ elif [[ -f /usr/lib/modules/${kernel_version}/initramfs.img ]]; then
+ echo "/usr/lib/modules/${kernel_version}/initramfs.img"
elif [[ -f /boot/initramfs-${kernel_version}.img ]]; then
echo "/boot/initramfs-${kernel_version}.img"
else
--
2.42.0

46
SOURCES/0024.patch
Unescape View File

@ -0,0 +1,46 @@
From 11cc7032853ea254a7d4cabed0b7bf3a605ccc6c Mon Sep 17 00:00:00 2001
From: Sam James <sam@gentoo.org>
Date: Thu, 20 Jul 2023 04:36:01 +0100
Subject: [PATCH] fix(dracut.sh): use gawk for strtonum
strtonum is a gawkism and is not available in all awks, e.g. mawk. Use gawk
to avoid failure.
Fixes: f32e95bcadbc5158843530407adc1e7b700561b1
Signed-off-by: Sam James <sam@gentoo.org>
(Cherry-picked commit: 33a66ed04bdc30eccb172a0cd6dcc36d9d74f825)
Related: #2180787
---
dracut-functions.sh | 2 +-
dracut.sh | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/dracut-functions.sh b/dracut-functions.sh
index 7f05da6e..3c475ca7 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -1001,7 +1001,7 @@ pe_file_format() {
if [[ $# -eq 1 ]]; then
local magic
magic=$(objdump -p "$1" \
- | awk '{if ($1 == "Magic"){print strtonum("0x"$2)}}')
+ | gawk '{if ($1 == "Magic"){print strtonum("0x"$2)}}')
magic=$(printf "0x%x" "$magic")
# 0x10b (PE32), 0x20b (PE32+)
[[ $magic == 0x20b || $magic == 0x10b ]] && return 0
diff --git a/dracut.sh b/dracut.sh
index a6a27dcf..1ff51bb1 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2593,7 +2593,7 @@ if [[ $uefi == yes ]]; then
done
fi
- offs=$(objdump -h "$uefi_stub" 2> /dev/null | awk 'NF==7 {size=strtonum("0x"$3);\
+ offs=$(objdump -h "$uefi_stub" 2> /dev/null | gawk 'NF==7 {size=strtonum("0x"$3);\
offset=strtonum("0x"$4)} END {print size + offset}')
if [[ $offs -eq 0 ]]; then
dfatal "Failed to get the size of $uefi_stub to create UEFI image file"

28
SOURCES/0025-feat-fips-include-fips-module-unconditionally.patch
Unescape View File

@ -1,28 +0,0 @@
From 3e25517a0d1f0054e69409eb89484879251f47a3 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Mon, 19 Aug 2024 09:41:27 +0200
Subject: [PATCH 25/32] feat(fips): include fips module unconditionally
rhel-only
Resolves: RHEL-39404
---
modules.d/01fips/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index 1e0c9d09..005f0b6d 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -2,7 +2,7 @@
# called by dracut
check() {
- return 255
+ return 0
}
# called by dracut
--
2.42.0

22
SOURCES/0001-fix-rngd-install-system-service-file.patch → SOURCES/0025.patch
Unescape View File

@ -1,22 +1,24 @@
From f75ae29afc829e19834c4cb99ca51b8ebe8481bf Mon Sep 17 00:00:00 2001
From 68814ff425e71c411ba5111c37774cbab429bf9e Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Sun, 23 Jul 2023 19:44:17 +0200
Subject: [PATCH 01/32] fix(rngd): install system service file
Subject: [PATCH] fix(rngd): install system service file
as there's no reason to keep a copy; there shouldn't be any modifications.
In case there are args stored in a separate file (Fedora and alike),
it needs to be supplied too, but without the option to change the user.
(Cherry-picked commit: c47a44cb25c0892d9af6e66ee9d7cd2c3beca31f)
Resolves: #2181541
---
modules.d/06rngd/module-setup.sh | 7 ++++++-
modules.d/06rngd/rngd.service | 8 --------
modules.d/06rngd/sysconfig | 1 +
3 files changed, 7 insertions(+), 9 deletions(-)
delete mode 100644 modules.d/06rngd/rngd.service
create mode 100644 modules.d/06rngd/sysconfig
diff --git a/modules.d/06rngd/module-setup.sh b/modules.d/06rngd/module-setup.sh
index aec8d576..e8bdf7f5 100755
index d94a47af..66923a38 100644
--- a/modules.d/06rngd/module-setup.sh
+++ b/modules.d/06rngd/module-setup.sh
@@ -32,7 +32,12 @@ depends() {
@ -27,10 +29,10 @@ index aec8d576..e8bdf7f5 100755
+ inst_simple "${systemdsystemunitdir}/rngd.service"
+
+ if [ -r /etc/sysconfig/rngd ]; then
+ inst_simple "${moddir}/sysconfig" "/etc/sysconfig/rngd"
+ inst_simple "${moddir}/sysconfig" "/etc/sysconfig/rngd"
+ fi
+
# make sure dependent libs are installed too
# make sure dependant libs are installed too
inst_libdir_file opensc-pkcs11.so
diff --git a/modules.d/06rngd/rngd.service b/modules.d/06rngd/rngd.service
@ -49,11 +51,9 @@ index dd5374d7..00000000
-ExecStart=/usr/sbin/rngd -f
diff --git a/modules.d/06rngd/sysconfig b/modules.d/06rngd/sysconfig
new file mode 100644
index 00000000..68047ec1
index 00000000..100e8deb
--- /dev/null
+++ b/modules.d/06rngd/sysconfig
@@ -0,0 +1 @@
+RNGD_ARGS="-x pkcs11 -x nist"
--
2.42.0
+RNGD_ARGS="--fill-watermark=0 -x pkcs11 -x nist -x qrypt"

40
SOURCES/0026-fix-nfs-include-also-entries-from-usr-lib-passwd-gro.patch
Unescape View File

@ -1,40 +0,0 @@
From 4dfd0c8de071f074c813a87cc06335fa43e93a9d Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Thu, 8 Aug 2024 00:55:03 +0200
Subject: [PATCH 26/32] fix(nfs): include also entries from
/usr/lib/{passwd,group}
as those paths are used by bootc instead of the /etc ones.
(cherry picked from commit 45cdf3c4f24f77f04b264a7747f115d1031b2e67)
Resolves: RHEL-53431
---
modules.d/95nfs/module-setup.sh | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/modules.d/95nfs/module-setup.sh b/modules.d/95nfs/module-setup.sh
index fbaeeb00..df2d0e05 100755
--- a/modules.d/95nfs/module-setup.sh
+++ b/modules.d/95nfs/module-setup.sh
@@ -130,8 +130,15 @@ install() {
# Rather than copy the passwd file in, just set a user for rpcbind
# We'll save the state and restart the daemon from the root anyway
- grep -E '^(nfsnobody|_rpc|rpc|rpcuser):' "$dracutsysrootdir"/etc/passwd >> "$initdir/etc/passwd"
- grep -E '^nogroup:|^rpc:|^nobody:' "$dracutsysrootdir"/etc/group >> "$initdir/etc/group"
+ local _confdir
+ for _confdir in etc usr/lib; do
+
+ grep -sE '^(nfsnobody|_rpc|rpc|rpcuser):' "${dracutsysrootdir}/${_confdir}/passwd" \
+ >> "$initdir/${_confdir}/passwd"
+
+ grep -sE '^(nogroup|rpc|nobody):' "${dracutsysrootdir}/${_confdir}/group" \
+ >> "$initdir/${_confdir}/group"
+ done
dracut_need_initqueue
}
--
2.42.0

59
SOURCES/0026.patch
Unescape View File

@ -0,0 +1,59 @@
From a63fbfe7eb109214fbcee726c9ba898ba3c954d3 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Wed, 14 Sep 2022 12:44:26 +0200
Subject: [PATCH] fix(nvmf): nvme list-subsys prints the address using commas
as separator
nvme-cli 1.x printed the address using spaces as separator, but nvme-cli 2.x
prints the address using commas as separator (exact output from sysfs). E.g.,
output from `cat /sys/class/nvme/nvme0/address`:
traddr=nn-0x201700a09890f5bf:pn-0x201900a09890f5bf,host_traddr=nn-0x200000109b579ef5:pn-0x100000109b579ef5
Also, I suppress rd.nvmf.discover= cmdline option if all fields are empty.
Resolves: #1933787
---
modules.d/95nvmf/module-setup.sh | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index be1c85f3..0825b51c 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -61,6 +61,11 @@ cmdline() {
gen_nvmf_cmdline() {
local _dev=$1
local trtype
+ local traddr
+ local host_traddr
+ local trsvcid
+ local _address
+ local -a _address_parts
[[ -L "/sys/dev/block/$_dev" ]] || return 0
cd -P "/sys/dev/block/$_dev" || return 0
@@ -76,9 +81,19 @@ cmdline() {
done
[ -z "$trtype" ] && return 0
- nvme list-subsys "${PWD##*/}" | while read -r _ _ trtype traddr host_traddr _; do
- [ "$trtype" != "${trtype#NQN}" ] && continue
- echo -n " rd.nvmf.discover=$trtype,${traddr#traddr=},${host_traddr#host_traddr=}"
+ nvme list-subsys "${PWD##*/}" | while read -r _ _ trtype _address _; do
+ [[ -z $trtype || $trtype != "${trtype#NQN}" ]] && continue
+ unset traddr
+ unset host_traddr
+ unset trsvcid
+ mapfile -t -d ',' _address_parts < <(printf "%s" "$_address")
+ for i in "${_address_parts[@]}"; do
+ [[ $i =~ ^traddr= ]] && traddr="${i#traddr=}"
+ [[ $i =~ ^host_traddr= ]] && host_traddr="${i#host_traddr=}"
+ [[ $i =~ ^trsvcid= ]] && trsvcid="${i#trsvcid=}"
+ done
+ [[ -z $traddr && -z $host_traddr && -z $trsvcid ]] && continue
+ echo -n " rd.nvmf.discover=$trtype,$traddr,$host_traddr,$trsvcid"
done
}

73
SOURCES/0027-revert-dracut-init.sh-add-module-to-mods_to_load-bef.patch
Unescape View File

@ -1,73 +0,0 @@
From f26573ec709c7703863e8affdec990b100c25598 Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Mon, 26 Aug 2024 15:58:54 +0200
Subject: [PATCH 27/32] revert(dracut-init.sh): add module to mods_to_load
before checking dependencies
Commit d0f8fde5 ("fix(dracut-init.sh): add module to mods_to_load before
checking dependencies") introduced a regression. When dracut is in
"auto" mode, i.e. '--modules auto' or no --modules is provided, the
expected behavior is that all modules that return 0 in their check()
function are included. Except for the ones where the dependencies cannot
be installed. The commit however, caused those modules to be included
without their dependencies. Thus revert the commit.
This reverts commit d0f8fde5668cfd7fda1d15824e268b4949b4fd04.
Reported-by: Jo Zzsi <jozzsicsataban@gmail.com>
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit bddbb11bbbfc405317a6fbd53bb189b575d46da2)
Resolves: RHEL-43460
---
dracut-init.sh | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/dracut-init.sh b/dracut-init.sh
index 3917bb0d..644825c9 100755
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -924,9 +924,6 @@ check_mount() {
fi
fi
- [[ " $mods_to_load " == *\ $_mod\ * ]] \
- || mods_to_load+=" $_mod "
-
for _moddep in $(module_depends "$_mod" "$_moddir"); do
# handle deps as if they were manually added
[[ " $dracutmodules " == *\ $_mod\ * ]] \
@@ -945,6 +942,9 @@ check_mount() {
fi
done
+ [[ " $mods_to_load " == *\ $_mod\ * ]] \
+ || mods_to_load+=" $_mod "
+
return 0
}
@@ -1001,9 +1001,6 @@ check_module() {
fi
fi
- [[ " $mods_to_load " == *\ $_mod\ * ]] \
- || mods_to_load+=" $_mod "
-
for _moddep in $(module_depends "$_mod" "$_moddir"); do
# handle deps as if they were manually added
[[ " $dracutmodules " == *\ $_mod\ * ]] \
@@ -1022,6 +1019,9 @@ check_module() {
fi
done
+ [[ " $mods_to_load " == *\ $_mod\ * ]] \
+ || mods_to_load+=" $_mod "
+
return 0
}
--
2.42.0

65
SOURCES/0027.patch
Unescape View File

@ -0,0 +1,65 @@
From 0322e328d94f70693e1e33fb96bd5d9d771fea3a Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Fri, 16 Sep 2022 23:46:42 +0200
Subject: [PATCH] fix(nvmf): don't try to validate network connections in
cmdline hook
The cmdline hook runs before any network interfaces have been brought
up. There's no point in trying to validate the connections at this
stage.
Resolves: #1933787
---
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 31 -------------------------
1 file changed, 31 deletions(-)
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 46c00636..39923503 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -26,34 +26,6 @@ fi
initqueue --onetime modprobe --all -b -q nvme nvme_tcp nvme_core nvme_fabrics
-validate_ip_conn() {
- if ! getargbool 0 rd.neednet; then
- warn "$trtype transport requires rd.neednet=1"
- return 1
- fi
-
- local_address=$(ip -o route get to "$traddr" | sed -n 's/.*src \([0-9a-f.:]*\).*/\1/p')
-
- # confirm we got a local IP address
- if ! is_ip "$local_address"; then
- warn "$traddr is an invalid address"
- return 1
- fi
-
- ifname=$(ip -o route get from "$local_address" to "$traddr" | sed -n 's/.*dev \([^ ]*\).*/\1/p')
-
- if ! ip l show "$ifname" > /dev/null 2>&1; then
- warn "invalid network interface $ifname"
- return 1
- fi
-
- # confirm there's a route to destination
- if ! ip route get "$traddr" > /dev/null 2>&1; then
- warn "no route to $traddr"
- return 1
- fi
-}
-
parse_nvmf_discover() {
traddr="none"
trtype="none"
@@ -103,9 +75,6 @@ parse_nvmf_discover() {
warn "unsupported transport $trtype"
return 0
fi
- if [ "$trtype" = "tcp" ]; then
- validate_ip_conn
- fi
if [ "$trtype" = "fc" ]; then
echo "--transport=$trtype --traddr=$traddr --host-traddr=$hosttraddr" >> /etc/nvme/discovery.conf
else

313
SOURCES/0028-fix-squash-remove-cyclic-dependency.patch
Unescape View File

@ -1,313 +0,0 @@
From 043aef3a9dee83818d67697fb6ad203dc3e87c39 Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Mon, 26 Aug 2024 15:23:41 +0200
Subject: [PATCH 28/32] fix(squash): remove cyclic dependency
With commit d0f8fde5 ("fix(dracut-init.sh): add module to mods_to_load
before checking dependencies") reverted 99squash can no longer rely on
dracut_module_included working as expected in its check() and depends()
function. Solve this problem by breaking up the cyclic dependency
between 99squash and 95squash-{squashfs,erofs} as the commit was
originally introduced to allow this cyclic dependency.
This requires to move all code shared by 95squash-{squashfs,erofs} from
99squash to a new 99squash-lib module and update the dependencies
accordingly. In addition update the checks in dracut.sh to check for
99squash-lib as 99squash is no longer guaranteed to be included.
Finally make sure that 99squash-lib isn't included without a back
end.
While at it improve and align the error messages in 99squash and
99squash-lib.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit d5783635950e38cccf334e7163db79f280650fa2)
Resolves: RHEL-43460
---
dracut.sh | 6 +-
modules.d/95squash-erofs/module-setup.sh | 2 +-
modules.d/95squash-squashfs/module-setup.sh | 2 +-
.../{99squash => 99squash-lib}/init-squash.sh | 0
modules.d/99squash-lib/module-setup.sh | 101 ++++++++++++++++++
modules.d/99squash/module-setup.sh | 80 +-------------
6 files changed, 110 insertions(+), 81 deletions(-)
rename modules.d/{99squash => 99squash-lib}/init-squash.sh (100%)
create mode 100755 modules.d/99squash-lib/module-setup.sh
diff --git a/dracut.sh b/dracut.sh
index 4d2e3df2..db6713a9 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1894,7 +1894,7 @@ if [[ $kernel_only != yes ]]; then
fi
fi
-dracut_module_included "squash" && mkdir -p "$squashdir"
+dracut_module_included "squash-lib" && mkdir -p "$squashdir"
_isize=0 #initramfs size
modules_loaded=" "
@@ -2264,9 +2264,9 @@ if [[ $do_strip == yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
dinfo "*** Stripping files done ***"
fi
-if dracut_module_included "squash"; then
+if dracut_module_included "squash-lib"; then
dinfo "*** Squashing the files inside the initramfs ***"
- DRACUT_SQUASH_POST_INST=1 module_install "squash"
+ DRACUT_SQUASH_POST_INST=1 module_install "squash-lib"
rm -rf "$squashdir"
dinfo "*** Squashing the files inside the initramfs done ***"
diff --git a/modules.d/95squash-erofs/module-setup.sh b/modules.d/95squash-erofs/module-setup.sh
index d763a902..a6e7ad0b 100755
--- a/modules.d/95squash-erofs/module-setup.sh
+++ b/modules.d/95squash-erofs/module-setup.sh
@@ -8,7 +8,7 @@ check() {
}
depends() {
- echo "squash"
+ echo "squash-lib"
return 0
}
diff --git a/modules.d/95squash-squashfs/module-setup.sh b/modules.d/95squash-squashfs/module-setup.sh
index 83973700..d15586da 100755
--- a/modules.d/95squash-squashfs/module-setup.sh
+++ b/modules.d/95squash-squashfs/module-setup.sh
@@ -8,7 +8,7 @@ check() {
}
depends() {
- echo "squash"
+ echo "squash-lib"
return 0
}
diff --git a/modules.d/99squash/init-squash.sh b/modules.d/99squash-lib/init-squash.sh
similarity index 100%
rename from modules.d/99squash/init-squash.sh
rename to modules.d/99squash-lib/init-squash.sh
diff --git a/modules.d/99squash-lib/module-setup.sh b/modules.d/99squash-lib/module-setup.sh
new file mode 100755
index 00000000..6a0b6f85
--- /dev/null
+++ b/modules.d/99squash-lib/module-setup.sh
@@ -0,0 +1,101 @@
+#!/bin/bash
+
+check() {
+ require_kernel_modules loop overlay || return 1
+
+ return 255
+}
+
+depends() {
+ echo "systemd-initrd"
+
+ return 0
+}
+
+squash_get_handler() {
+ local _module _handler
+ local -a _modules=(squash-squashfs squash-erofs)
+
+ for _module in "${_modules[@]}"; do
+ if dracut_module_included "$_module"; then
+ _handler="$_module"
+ break
+ fi
+ done
+
+ if [[ -z $_handler ]]; then
+ dfatal "Cannot include squash-lib directly. It requires one of: ${_modules[*]}"
+ return 1
+ fi
+
+ echo "$_handler"
+}
+
+squash_install() {
+ local _busybox _dir
+
+ # verify that there is a valid handler before doing anything
+ squash_get_handler > /dev/null || return 1
+
+ _busybox=$(find_binary busybox)
+
+ # Create mount points for squash loader and basic directories
+ mkdir -p "$initdir"/squash
+ for _dir in squash usr/bin usr/sbin usr/lib; do
+ mkdir -p "$squashdir/$_dir"
+ [[ $_dir == usr/* ]] && ln_r "/$_dir" "${_dir#usr}"
+ done
+
+ # Install required modules and binaries for the squash image init script.
+ if [[ $_busybox ]]; then
+ module_install "busybox"
+ else
+ DRACUT_RESOLVE_DEPS=1 inst_multiple sh mount modprobe mkdir switch_root grep umount
+
+ # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so
+ inst_libdir_file -o "libgcc_s.so*"
+
+ # FIPS workaround for Fedora/RHEL: libcrypto needs libssl when FIPS is enabled
+ [[ $DRACUT_FIPS_MODE ]] && inst_libdir_file -o "libssl.so*"
+ fi
+
+ hostonly="" instmods "loop" "overlay"
+ dracut_kernel_post
+
+ # Install squash image init script.
+ inst_simple "$moddir"/init-squash.sh /init
+
+ # make sure that library links are correct and up to date for squash loader
+ build_ld_cache
+}
+
+squash_installpost() {
+ local _file _handler
+
+ _handler=$(squash_get_handler)
+ [[ -n $_handler ]] || return 1
+
+ DRACUT_SQUASH_POST_INST=1 module_install "$_handler"
+
+ # Rescue the dracut spec files so dracut rebuild and lsinitrd can work
+ for _file in "$initdir"/usr/lib/dracut/*; do
+ [[ -f $_file ]] || continue
+ DRACUT_RESOLVE_DEPS=1 dstdir=$squashdir inst "$_file" "${_file#"$initdir"}"
+ done
+
+ # Remove everything that got squashed into the image
+ for _file in "$initdir"/*; do
+ [[ $_file == "$squashdir" ]] && continue
+ rm -rf "$_file"
+ done
+ mv "$squashdir"/* "$initdir"
+}
+
+install() {
+
+ if [[ $DRACUT_SQUASH_POST_INST ]]; then
+ squash_installpost
+ else
+ dstdir="$squashdir" squash_install
+ fi
+}
diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh
index 56f70774..c48ba2c5 100755
--- a/modules.d/99squash/module-setup.sh
+++ b/modules.d/99squash/module-setup.sh
@@ -1,102 +1,30 @@
#!/bin/bash
check() {
- require_kernel_modules loop overlay || return 1
-
return 255
}
depends() {
- local _handler
-
- _handler=$(squash_get_handler) || return 1
-
- echo "systemd-initrd $_handler"
- return 0
-}
-
-squash_get_handler() {
local _module _handler
+ local -a _modules=(squash-squashfs squash-erofs)
- for _module in squash-squashfs squash-erofs; do
+ for _module in "${_modules[@]}"; do
if dracut_module_included "$_module"; then
_handler="$_module"
break
fi
done
- if [ -z "$_handler" ]; then
+ if [[ -z $_handler ]]; then
if check_module "squash-squashfs"; then
_handler="squash-squashfs"
elif check_module "squash-erofs"; then
_handler="squash-erofs"
else
- dfatal "No valid handler for found"
+ dfatal "Cannot find valid handler for squash. It requires one of: ${_modules[*]}"
return 1
fi
fi
echo "$_handler"
}
-
-squash_install() {
- local _busybox _dir
- _busybox=$(find_binary busybox)
-
- # Create mount points for squash loader and basic directories
- mkdir -p "$initdir"/squash
- for _dir in squash usr/bin usr/sbin usr/lib; do
- mkdir -p "$squashdir/$_dir"
- [[ $_dir == usr/* ]] && ln_r "/$_dir" "${_dir#usr}"
- done
-
- # Install required modules and binaries for the squash image init script.
- if [[ $_busybox ]]; then
- module_install "busybox"
- else
- DRACUT_RESOLVE_DEPS=1 inst_multiple sh mount modprobe mkdir switch_root grep umount
-
- # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so
- inst_libdir_file -o "libgcc_s.so*"
-
- # FIPS workaround for Fedora/RHEL: libcrypto needs libssl when FIPS is enabled
- [[ $DRACUT_FIPS_MODE ]] && inst_libdir_file -o "libssl.so*"
- fi
-
- hostonly="" instmods "loop" "overlay"
- dracut_kernel_post
-
- # Install squash image init script.
- inst_simple "$moddir"/init-squash.sh /init
-
- # make sure that library links are correct and up to date for squash loader
- build_ld_cache
-}
-
-squash_installpost() {
- local _file
-
- DRACUT_SQUASH_POST_INST=1 module_install "$(squash_get_handler)"
-
- # Rescue the dracut spec files so dracut rebuild and lsinitrd can work
- for _file in "$initdir"/usr/lib/dracut/*; do
- [[ -f $_file ]] || continue
- DRACUT_RESOLVE_DEPS=1 dstdir=$squashdir inst "$_file" "${_file#"$initdir"}"
- done
-
- # Remove everything that got squashed into the image
- for _file in "$initdir"/*; do
- [[ $_file == "$squashdir" ]] && continue
- rm -rf "$_file"
- done
- mv "$squashdir"/* "$initdir"
-}
-
-install() {
-
- if [[ $DRACUT_SQUASH_POST_INST ]]; then
- squash_installpost
- else
- dstdir="$squashdir" squash_install
- fi
-}
--
2.42.0

26
SOURCES/0028.patch
Unescape View File

@ -0,0 +1,26 @@
From cd4d4282b5dd7d30af31c41faa807dcf8de01c29 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:01:07 +0200
Subject: [PATCH] fix(nvmf): no need to load the nvme module
The module "nvme" is not required for NVMeoF.
Resolves: #1933787
---
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 39923503..cfed5ae5 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -24,7 +24,7 @@ if getargbool 0 rd.nonvmf; then
return 0
fi
-initqueue --onetime modprobe --all -b -q nvme nvme_tcp nvme_core nvme_fabrics
+initqueue --onetime modprobe --all -b -q nvme_tcp nvme_core nvme_fabrics
parse_nvmf_discover() {
traddr="none"

38
SOURCES/0029-fix-dracut.sh-exit-when-installing-the-squash-loader.patch
Unescape View File

@ -1,38 +0,0 @@
From 2ce3f3ff72e608d7a3d42b566f9772393e313df4 Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Tue, 27 Aug 2024 12:14:40 +0200
Subject: [PATCH 29/32] fix(dracut.sh): exit when installing the squash loader
fails
The postinstall phase in 99squash-lib can fail, e.g. when 99squash-lib
is added without one of the required back ends. Usually this isn't fatal
and simply results in a "normal" initrd, i.e. one without squashed
image, being created. Nevertheless, a user needs to explicitly add one
of the required modules for the code to be triggered. So it is better
to fail with an error rather than giving the user something he didn't
ask for.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit 8909d892a7a055ae95be45416e6fbf1b833ff426)
Resolves: RHEL-43460
---
dracut.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dracut.sh b/dracut.sh
index db6713a9..c5ef61ad 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2266,7 +2266,7 @@ fi
if dracut_module_included "squash-lib"; then
dinfo "*** Squashing the files inside the initramfs ***"
- DRACUT_SQUASH_POST_INST=1 module_install "squash-lib"
+ DRACUT_SQUASH_POST_INST=1 module_install "squash-lib" || exit 1
rm -rf "$squashdir"
dinfo "*** Squashing the files inside the initramfs done ***"
--
2.42.0

28
SOURCES/0029.patch
Unescape View File

@ -0,0 +1,28 @@
From aef95e59e918ed9aaaf7e5c2daf32ff205ed314c Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:40:49 +0200
Subject: [PATCH] fix(nvmf): don't create did-setup file
did-setup files are meant to indicate that an interface setup
was successful. Don't do it here.
Resolves: #1933787
---
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 3 ---
1 file changed, 3 deletions(-)
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index cfed5ae5..1cdaba69 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -102,9 +102,6 @@ done
if [ -f "/etc/nvme/discovery.conf" ]; then
/sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
- if [ "$trtype" = "tcp" ]; then
- : > /tmp/net."$ifname".did-setup
- fi
else
# No nvme command line arguments present, try autodiscovery
if [ "$trtype" = "fc" ]; then

40
SOURCES/0030-fix-squash-lib-harden-against-empty-initdir.patch
Unescape View File

@ -1,40 +0,0 @@
From e391c64afd187a81861301c949db5ffd1f9a3e5d Mon Sep 17 00:00:00 2001
From: Philipp Rudo <prudo@redhat.com>
Date: Mon, 26 Aug 2024 15:29:01 +0200
Subject: [PATCH 30/32] fix(squash-lib): harden against empty $initdir
The postinstall phase of 99squash-lib has the potential to delete the
whole rootfs if $initdir is empty. This should(tm) never happen.
Nevertheless as the consequences are so devastating it is better to
double check.
Signed-off-by: Philipp Rudo <prudo@redhat.com>
(cherry picked from commit 6b089c70761c81a7b82a1bfba5f2c1faef7e972f)
Resolves: RHEL-43460
---
modules.d/99squash-lib/module-setup.sh | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/modules.d/99squash-lib/module-setup.sh b/modules.d/99squash-lib/module-setup.sh
index 6a0b6f85..be3d3dc0 100755
--- a/modules.d/99squash-lib/module-setup.sh
+++ b/modules.d/99squash-lib/module-setup.sh
@@ -72,6 +72,14 @@ squash_install() {
squash_installpost() {
local _file _handler
+ # this shouldn't happen but...
+ # ...better safe than deleting your rootfs
+ if [[ -z $initdir ]]; then
+ #shellcheck disable=SC2016
+ dfatal '$initdir not set. Something went terribly wrong.'
+ exit 1
+ fi
+
_handler=$(squash_get_handler)
[[ -n $_handler ]] || return 1
--
2.42.0

26
SOURCES/0030.patch
Unescape View File

@ -0,0 +1,26 @@
From b4987c9544224e7b3dae7b4411a2c8437ec573ab Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:49:29 +0200
Subject: [PATCH] fix(nvmf): don't use "finished" queue for autoconnect
The "finished" initqueue is for testing if everything is alright,
not for triggering any actions.
Resolves: #1933787
---
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 1cdaba69..df104606 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -105,6 +105,6 @@ if [ -f "/etc/nvme/discovery.conf" ]; then
else
# No nvme command line arguments present, try autodiscovery
if [ "$trtype" = "fc" ]; then
- /sbin/initqueue --finished --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
+ /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
fi
fi

158
SOURCES/0031-feat-fips-crypto-policies-make-c-p-follow-FIPS-mode-.patch
Unescape View File

@ -1,158 +0,0 @@
From 626280f62a8f05e68e70b8db81eeffe196642bf3 Mon Sep 17 00:00:00 2001
From: Clemens Lang <cllang@redhat.com>
Date: Thu, 8 Aug 2024 16:43:31 +0200
Subject: [PATCH 31/32] feat(fips-crypto-policies): make c-p follow FIPS mode
automatically
For a system that uses crypto-policies to be switched to FIPS mode
correctly, it needs to be
- booted with `fips=1` on the kernel command line
- switched to the FIPS crypto-policy (or a policy derived from it)
- have the fips dracut module enabled
On older systems, there were additional steps, for example, creating
`/etc/system-fips`.
We have repeatedly seen inconsistencies between those different toggles,
either because the user space tooling to switch between those does not
(for reliability, maintainability, and compliance reasons) undo some of
the steps it does when disabling FIPS mode, or because other
installation methods (bootc, containers, image builder) independently do
some of those steps. Eventually, all of these ended with user confusion.
We can avoid this situation by eliminating the difference by treating
the `fips=1` kernel command line switch as a single source of truth, and
making all others follow automatically. This module provides this for
crypto-policies, by adding bind-mounts before pivot if the system has
not already been switched to a FIPS-based crypto-policy.
This requires some support from the crypto-policies package (because it
needs to deal with the bind mounts when a user calls
`update-crypto-policies --set`), so make it a no-op unless
- `fips=1` is on the kernel command line
- crypto-policies is installed
- crypto-policies supports the bind-mounts (indicated by the presence
of the `default-fips-config` file)
- the policy isn't already FIPS
These checks should make this safe to add to the initramfs on all
current systems.
The bind-mounts also need to happen in the initramfs already, because
systemd links against OpenSSL, and doing them later means that systemd
will start with an OpenSSL configuration that isn't tailored for FIPS.
See also [1], which adds the user space support to crypto-policies,
along with a systemd service that does the same steps in case dracut
hasn't already done them (which is useful for environments that don't
use an initramfs like containers).
[1]: https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/merge_requests/191
Signed-off-by: Clemens Lang <cllang@redhat.com>
(cherry picked from commit bd3c1e1cc2f656f7ee4ff47e00ca716d52a86a3d)
Resolves: RHEL-59678
---
.../fips-crypto-policies.sh | 52 +++++++++++++++++++
.../01fips-crypto-policies/module-setup.sh | 27 ++++++++++
2 files changed, 79 insertions(+)
create mode 100755 modules.d/01fips-crypto-policies/fips-crypto-policies.sh
create mode 100755 modules.d/01fips-crypto-policies/module-setup.sh
diff --git a/modules.d/01fips-crypto-policies/fips-crypto-policies.sh b/modules.d/01fips-crypto-policies/fips-crypto-policies.sh
new file mode 100755
index 00000000..ff298298
--- /dev/null
+++ b/modules.d/01fips-crypto-policies/fips-crypto-policies.sh
@@ -0,0 +1,52 @@
+#!/usr/bin/sh
+
+type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh
+
+if ! fipsmode=$(getarg fips) || [ "$fipsmode" = "0" ] || [ -z "$fipsmode" ]; then
+ # Do nothing if not in FIPS mode
+ return 0
+fi
+
+policyfile=/etc/crypto-policies/config
+fipspolicyfile=/usr/share/crypto-policies/default-fips-config
+backends=/etc/crypto-policies/back-ends
+fipsbackends=/usr/share/crypto-policies/back-ends/FIPS
+
+# When in FIPS mode, check the active crypto policy by reading the
+# $root/etc/crypto-policies/config file. If it is not "FIPS", or does not start
+# with "FIPS:", automatically switch to the FIPS policy by creating
+# bind-mounts.
+
+if ! [ -r "${NEWROOT}${policyfile}" ]; then
+ # No crypto-policies configured, possibly not a system that uses
+ # crypto-policies?
+ return 0
+fi
+
+if ! [ -f "${NEWROOT}${fipspolicyfile}" ]; then
+ # crypto-policies is too old to deal with automatic bind-mounting of the
+ # FIPS policy over the normal policy, do not attempt to do the bind-mount.
+ return 0
+fi
+
+policy=$(cat "${NEWROOT}${policyfile}")
+
+# Remove the largest suffix pattern matching ":*" from the string (i.e., the
+# complete list of active policy modules), then check for FIPS. This is part of
+# POSIX sh (https://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_06_02).
+if [ "${policy%%:*}" = "FIPS" ]; then
+ return 0
+fi
+
+# Current crypto policy is not FIPS or FIPS-based, but the system is in FIPS
+# mode; this is an inconsistent configuration. Automatically bind-mount a FIPS
+# configuration over this.
+if ! mount -o bind,ro "${NEWROOT}${fipsbackends}" "${NEWROOT}${backends}"; then
+ warn "Failed to bind-mount FIPS policy over ${backends} (the system is in FIPS mode, but the crypto-policy is not)."
+ # If this bind-mount failed, don't attempt to do the other one to avoid
+ # a system that seems to be in FIPS crypto-policy but actually is not.
+ return 0
+fi
+
+mount -o bind,ro "${NEWROOT}${fipspolicyfile}" "${NEWROOT}${policyfile}" \
+ || warn "Failed to bind-mount FIPS crypto-policy state file over ${policyfile} (the system is in FIPS mode, but the crypto-policy is not)."
diff --git a/modules.d/01fips-crypto-policies/module-setup.sh b/modules.d/01fips-crypto-policies/module-setup.sh
new file mode 100755
index 00000000..ee00452e
--- /dev/null
+++ b/modules.d/01fips-crypto-policies/module-setup.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/bash
+
+# called by dracut
+check() {
+ # only enable on systems that use crypto-policies
+ [ -d "$dracutsysrootdir/etc/crypto-policies" ] && return 0
+
+ # include when something else depends on it or it is explicitly requested
+ return 255
+}
+
+# called by dracut
+depends() {
+ return 0
+}
+
+# called by dracut
+installkernel() {
+ return 0
+}
+
+# called by dracut
+install() {
+ inst_hook pre-pivot 01 "$moddir/fips-crypto-policies.sh"
+
+ inst_multiple mount
+}
--
2.42.0

48
SOURCES/0031.patch
Unescape View File

@ -0,0 +1,48 @@
From 5f0e59418133379f50cc7af30674ce96569d9038 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:51:46 +0200
Subject: [PATCH] fix(nvmf): make sure "rd.nvmf.discover=fc,auto" takes
precedence
The command line may contain several rd.nvmf.discover options.
The "fc,auto" option should take precedence.
Resolves: #1933787
---
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index df104606..c8078a76 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -92,19 +92,21 @@ if [ -n "$nvmf_hostid" ]; then
echo "$nvmf_hostid" > /etc/nvme/hostid
fi
+NVMF_FC_AUTO=
for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do
- parse_nvmf_discover "$d" || break
+ parse_nvmf_discover "$d" || {
+ NVMF_FC_AUTO=1
+ break
+ }
done
# Host NQN and host id are mandatory for NVMe-oF
[ -f "/etc/nvme/hostnqn" ] || exit 0
[ -f "/etc/nvme/hostid" ] || exit 0
-if [ -f "/etc/nvme/discovery.conf" ]; then
- /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
+# If no nvme command line arguments present, try autodiscovery
+if [ $NVMF_FC_AUTO ] || [ ! -f "/etc/nvme/discovery.conf" ]; then
+ /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
else
- # No nvme command line arguments present, try autodiscovery
- if [ "$trtype" = "fc" ]; then
- /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
- fi
+ /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
fi

34
SOURCES/0032-fix-fips-crypto-policies-make-it-depend-on-fips-drac.patch
Unescape View File

@ -1,34 +0,0 @@
From cd5dbe004652d88b5d73418cba1e45c54ff9fd12 Mon Sep 17 00:00:00 2001
From: Jo Zzsi <jozzsicsataban@gmail.com>
Date: Thu, 5 Sep 2024 09:09:36 -0400
Subject: [PATCH 32/32] fix(fips-crypto-policies): make it depend on fips
dracut module
(cherry picked from commit a2096dafdbfc88eed91ce34b1f4d27e7eb7ca839)
Conflicts:
modules.d/01fips-crypto-policies/module-setup.sh
Due to upstream e6117b92fa0108dbaf9ea3ac0ec8f5a02487c812, which
was not cherry-picked. Resolved the conflict by keeping the
functions (i.e., undoing the cleanup of the upstream commit).
Resolves: RHEL-59678
---
modules.d/01fips-crypto-policies/module-setup.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules.d/01fips-crypto-policies/module-setup.sh b/modules.d/01fips-crypto-policies/module-setup.sh
index ee00452e..140eae00 100755
--- a/modules.d/01fips-crypto-policies/module-setup.sh
+++ b/modules.d/01fips-crypto-policies/module-setup.sh
@@ -11,6 +11,7 @@ check() {
# called by dracut
depends() {
+ echo fips
return 0
}
--
2.42.0

38
SOURCES/0032.patch
Unescape View File

@ -0,0 +1,38 @@
From 5b6ddf6e989f44211e799fec9aac6b7afb36e1ce Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:54:25 +0200
Subject: [PATCH] fix(nvmf): avoid calling "exit" in a cmdline hook
"exit" should never be executed in dracut hooks, because the
hooks are sourced by the main script.
Resolves: #1933787
---
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index c8078a76..cc545ee0 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -101,12 +101,12 @@ for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do
done
# Host NQN and host id are mandatory for NVMe-oF
-[ -f "/etc/nvme/hostnqn" ] || exit 0
-[ -f "/etc/nvme/hostid" ] || exit 0
+if [ -f "/etc/nvme/hostnqn" ] && [ -f "/etc/nvme/hostid" ]; then
-# If no nvme command line arguments present, try autodiscovery
-if [ $NVMF_FC_AUTO ] || [ ! -f "/etc/nvme/discovery.conf" ]; then
- /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
-else
- /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
+ # If no nvme command line arguments present, try autodiscovery
+ if [ $NVMF_FC_AUTO ] || [ ! -f "/etc/nvme/discovery.conf" ]; then
+ /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
+ else
+ /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
+ fi
fi

26
SOURCES/0033.patch
Unescape View File

@ -0,0 +1,26 @@
From 0464b41d8dfc7676429fcee67357bf01e09eac7d Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:02:16 +0200
Subject: [PATCH] fix(nvmf): run cmdline hook before parse-ip-opts.sh
This way we can set "rd.neednet" and have it seen by parse-ip-options.sh
Resolves: #1933787
---
modules.d/95nvmf/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index 0825b51c..ce5ccde2 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -128,7 +128,7 @@ install() {
inst_script "${moddir}/nvmf-autoconnect.sh" /sbin/nvmf-autoconnect.sh
inst_multiple nvme
- inst_hook cmdline 99 "$moddir/parse-nvmf-boot-connections.sh"
+ inst_hook cmdline 92 "$moddir/parse-nvmf-boot-connections.sh"
inst_simple "/etc/nvme/discovery.conf"
inst_rules /usr/lib/udev/rules.d/71-nvmf-iopolicy-netapp.rules
inst_rules "$moddir/95-nvmf-initqueue.rules"

50
SOURCES/0034.patch
Unescape View File

@ -0,0 +1,50 @@
From 0a074c5d0813df405e7a5dd55493c78099094106 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Sat, 17 Sep 2022 00:24:38 +0200
Subject: [PATCH] feat(nvmf): set rd.neednet=1 if tcp records encountered
This is currently always the case for NBFT records.
We can do this now, as we run before parse-ip-options.sh
Resolves: #1933787
---
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index cc545ee0..6b26f762 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -62,7 +62,9 @@ parse_nvmf_discover() {
warn "traddr is mandatory for $trtype"
return 0
fi
- if [ "$trtype" = "fc" ]; then
+ if [ "$trtype" = "tcp" ]; then
+ : > /tmp/nvmf_needs_network
+ elif [ "$trtype" = "fc" ]; then
if [ "$traddr" = "auto" ]; then
rm /etc/nvme/discovery.conf
return 1
@@ -71,7 +73,7 @@ parse_nvmf_discover() {
warn "host traddr is mandatory for fc"
return 0
fi
- elif [ "$trtype" != "rdma" ] && [ "$trtype" != "tcp" ]; then
+ elif [ "$trtype" != "rdma" ]; then
warn "unsupported transport $trtype"
return 0
fi
@@ -100,6 +102,11 @@ for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do
}
done
+if [ -e /tmp/nvmf_needs_network ]; then
+ echo "rd.neednet=1" > /etc/cmdline.d/nvmf-neednet.conf
+ rm -f /tmp/nvmf_needs_network
+fi
+
# Host NQN and host id are mandatory for NVMe-oF
if [ -f "/etc/nvme/hostnqn" ] && [ -f "/etc/nvme/hostid" ]; then

28
SOURCES/0035.patch
Unescape View File

@ -0,0 +1,28 @@
From 185e200e9969f717faa5014d87be579ce452d2fe Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Thu, 12 Jan 2023 11:06:35 +0100
Subject: [PATCH] fix(nvmf): install 8021q module unconditionally
In NBFT setups, VLAN can be configured in the firmware.
Add the 8021q module in hostonly mode even if VLAN is currently
not used to be prepared for such configuration change.
Resolves: #1933787
---
modules.d/95nvmf/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index ce5ccde2..f7fd62a0 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -50,7 +50,7 @@ depends() {
# called by dracut
installkernel() {
instmods nvme_fc lpfc qla2xxx
- hostonly="" instmods nvme_tcp nvme_fabrics
+ hostonly="" instmods nvme_tcp nvme_fabrics 8021q
}
# called by dracut

45
SOURCES/0036.patch
Unescape View File

@ -0,0 +1,45 @@
From 1a6c2fdade221e9d69e14e2b6f3386ca8fc4a8b6 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Thu, 9 Mar 2023 16:55:36 +0100
Subject: [PATCH] fix(nvmf): support /etc/nvme/config.json
Since nvme-cli 2.0, configuration of subsystems to connect to is
stored under `/etc/nvme` in either `discovery.conf` or `config.json`.
Attempt discovery also if the latter exists, but not the former.
Also, install "config.json" if it's present on the root FS.
As before, "rd.nvmf.discover=fc,auto" will force either file to be ignored,
and NBFT-defined targets take precedence if found.
Resolves: #1933787
---
modules.d/95nvmf/module-setup.sh | 1 +
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index f7fd62a0..46ecb38f 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -130,6 +130,7 @@ install() {
inst_multiple nvme
inst_hook cmdline 92 "$moddir/parse-nvmf-boot-connections.sh"
inst_simple "/etc/nvme/discovery.conf"
+ inst_simple "/etc/nvme/config.json"
inst_rules /usr/lib/udev/rules.d/71-nvmf-iopolicy-netapp.rules
inst_rules "$moddir/95-nvmf-initqueue.rules"
dracut_need_initqueue
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 6b26f762..6c5ef4bc 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -66,7 +66,7 @@ parse_nvmf_discover() {
: > /tmp/nvmf_needs_network
elif [ "$trtype" = "fc" ]; then
if [ "$traddr" = "auto" ]; then
- rm /etc/nvme/discovery.conf
+ rm -f /etc/nvme/discovery.conf /etc/nvme/config.json
return 1
fi
if [ "$hosttraddr" = "none" ]; then

511
SOURCES/0037.patch
Unescape View File

@ -0,0 +1,511 @@
From add394a3532b968e12bc7b9a8923cc4b85f5f724 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.de>
Date: Fri, 16 Sep 2022 21:36:52 +0200
Subject: [PATCH] feat(nvmf): add code for parsing the NBFT
Add code to parse the Nvme-oF Boot Firmware Table (NBFT) according
to the NVM Express Boot Specification 1.0 [1]. The implementation in
dracut follows a similar general approach as iBFT support in the
iscsi module.
NBFT support requires two steps:
(1) Setting up the network and routing according to the
HFI ("Host Fabric Interface") records in the NBFT,
(2) Establishing the actual NVMe-oF connection.
(1) is accomplished by reading the NBFT using JSON output from
the "nvme nbft show" command, and transforming it into command
line options ("ip=", "rd.neednet", etc.) understood by dracut's
network module and its backends. The resulting network setup code
is backend-agnostic. It has been tested with the "network-legacy"
and "network-manager" network backend modules. The network setup
code supports IPv4 and IPv6 with static, RA, or DHCP configurations,
802.1q VLANs, and simple routing / gateway setup.
(2) is done using the "nvme connect-all" command [2] in the netroot handler,
which is invoked by networking backends when an interface gets fully
configured. This patch adds support for "netboot=nbft". The "nbftroot"
handler calls nvmf-autoconnect.sh, which contains the actual connect
logic. nvmf-autoconnect.sh itself is preserved, because there are
other NVMe-oF setups like NVMe over FC which don't depend on the
network.
The various ways to configure NVMe-oF are prioritized like this:
1 FC autoconnect from kernel commandline (rd.nvmf.discover=fc,auto)
2 NBFT, if present
3 discovery.conf or config.json, if present, and cmdline.d parameters,
if present (rd.nvmf.discovery=...)
4 FC autoconnect (without kernel command line)
The reason for this priorization is that in the initial RAM fs, we try
to activate only those connections that are necessary to mount the root
file system. This avoids confusion, possible contradicting or ambiguous
configuration, and timeouts from unavailable targets.
A retry logic is implemented for enabling the NVMe-oF connections,
using the "settled" initqueue, the netroot handler, and eventually, the
"timeout" initqueue. This is similar to the retry logic of the iscsi module.
In the "timeout" case, connection to all possible NVMe-oF subsystems
is attempted.
Two new command line parameters are introduced to make it possible to
change the priorities above:
- "rd.nvmf.nonbft" causes the NBFT to be ignored,
- "rd.nvmf.nostatic" causes any statically configured NVMe-oF targets
(config.json, discovery.conf, and cmdline.d) to be ignored.
These parameters may be helpful to skip attempts to set up broken
configurations.
At initramfs build time, the nvmf module is now enabled if an NBFT
table is detected in the system.
[1] https://nvmexpress.org/wp-content/uploads/NVM-Express-Boot-Specification-2022.11.15-Ratified.pdf
[2] NBFT support in nvme-cli requires the latest upstream code (> v2.4).
Signed-off-by: Martin Wilck <mwilck@suse.com>
Co-authored-by: John Meneghini <jmeneghi@redhat.com>
Co-authored-by: Charles Rose <charles.rose@dell.com>
(Cherry-picked commits:
9664e98b5db603567d42d4d0c6e6ea1bd3d5bf24
b3ff3f3fbce6878a754332cd4a05374e5e1156c8
a3cf4ec92202df43adf368c7fdd12e35d304a0e4
03921ec09e95ea49f89ae307dcca4e2e3d1bc6d6
e93e46520dd89a7357a15441ab6b141ff9ff9aeb
556ef46aa96650d72b2fd850a09fa04dff64bbb8
a93968b07567a654d18b8ef2144337d803186eca
a65fab69662d3adf52eb968411f59ebc5a173f7c
cf8986af7d9a3ce73f330de23d5312f924acea34
7c28e1148c086d8504caab6e70a1bcfda1bbf0b9
b03dc850e4630c3b727f71b853a1be588507a59e
0a4d7f9aece172f0f9a9286c94308b7e1ef8d500)
Resolves: #1933787
---
man/dracut.cmdline.7.asc | 9 +
modules.d/95nvmf/module-setup.sh | 25 ++-
modules.d/95nvmf/nbftroot.sh | 5 +
modules.d/95nvmf/nvmf-autoconnect.sh | 55 +++++-
modules.d/95nvmf/parse-nvmf-boot-connections.sh | 235 ++++++++++++++++++++++--
5 files changed, 305 insertions(+), 24 deletions(-)
diff --git a/man/dracut.cmdline.7.asc b/man/dracut.cmdline.7.asc
index 40d13d83..abe1ec3f 100644
--- a/man/dracut.cmdline.7.asc
+++ b/man/dracut.cmdline.7.asc
@@ -898,6 +898,15 @@ NVMf
**rd.nonvmf=0**::
Disable NVMf
+**rd.nvmf.nonbft**::
+ Disable connecting to targets from the NVMe Boot Firmware Table. Without
+ this parameter, NBFT connections will take precedence over _rd.nvmf.discover_.
+
+**rd.nvmf.nostatic**::
+ Disable connecting to targets that have been statically configured when
+ the initramfs was built. Targets specified with rd.nvmf.discover on the
+ kernel command line will still be tried.
+
**rd.nvmf.hostnqn=**__<hostNQN>__::
NVMe host NQN to use
diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh
index 46ecb38f..1dd2ca53 100755
--- a/modules.d/95nvmf/module-setup.sh
+++ b/modules.d/95nvmf/module-setup.sh
@@ -2,7 +2,7 @@
# called by dracut
check() {
- require_binaries nvme || return 1
+ require_binaries nvme jq || return 1
[ -f /etc/nvme/hostnqn ] || return 255
[ -f /etc/nvme/hostid ] || return 255
@@ -25,17 +25,27 @@ check() {
[[ $trtype == "fc" ]] || [[ $trtype == "tcp" ]] || [[ $trtype == "rdma" ]]
}
+ has_nbft() {
+ local f found=
+ for f in /sys/firmware/acpi/tables/NBFT*; do
+ [ -f "$f" ] || continue
+ found=1
+ break
+ done
+ [[ $found ]]
+ }
+
[[ $hostonly ]] || [[ $mount_needs ]] && {
pushd . > /dev/null
for_each_host_dev_and_slaves is_nvmf
local _is_nvmf=$?
popd > /dev/null || exit
[[ $_is_nvmf == 0 ]] || return 255
- if [ ! -f /sys/class/fc/fc_udev_device/nvme_discovery ]; then
- if [ ! -f /etc/nvme/discovery.conf ]; then
- echo "No discovery arguments present"
- return 255
- fi
+ if [ ! -f /sys/class/fc/fc_udev_device/nvme_discovery ] \
+ && [ ! -f /etc/nvme/discovery.conf ] \
+ && [ ! -f /etc/nvme/config.json ] && ! has_nbft; then
+ echo "No discovery arguments present"
+ return 255
fi
}
return 0
@@ -126,8 +136,9 @@ install() {
inst_multiple ip sed
inst_script "${moddir}/nvmf-autoconnect.sh" /sbin/nvmf-autoconnect.sh
+ inst_script "${moddir}/nbftroot.sh" /sbin/nbftroot
- inst_multiple nvme
+ inst_multiple nvme jq
inst_hook cmdline 92 "$moddir/parse-nvmf-boot-connections.sh"
inst_simple "/etc/nvme/discovery.conf"
inst_simple "/etc/nvme/config.json"
diff --git a/modules.d/95nvmf/nbftroot.sh b/modules.d/95nvmf/nbftroot.sh
new file mode 100755
index 00000000..0f334995
--- /dev/null
+++ b/modules.d/95nvmf/nbftroot.sh
@@ -0,0 +1,5 @@
+#! /bin/sh
+# This script is called from /sbin/netroot
+
+/sbin/nvmf-autoconnect.sh online
+exit 0
diff --git a/modules.d/95nvmf/nvmf-autoconnect.sh b/modules.d/95nvmf/nvmf-autoconnect.sh
index c8f676a7..35ee9487 100755
--- a/modules.d/95nvmf/nvmf-autoconnect.sh
+++ b/modules.d/95nvmf/nvmf-autoconnect.sh
@@ -1,5 +1,54 @@
-#!/bin/bash
+#!/bin/sh
+# Argument $1 is "settled", "online", or "timeout", indicating
+# the queue from which the script is called.
+# In the "timeout" case, try everything.
+# Otherwise, try options according to the priorities below.
-[ -f /sys/class/fc/fc_udev_device/nvme_discovery ] || exit 1
-echo add > /sys/class/fc/fc_udev_device/nvme_discovery
+[ "$RD_DEBUG" != yes ] || set -x
+
+if [ "$1" = timeout ]; then
+ [ ! -f /sys/class/fc/fc_udev_device/nvme_discovery ] \
+ || echo add > /sys/class/fc/fc_udev_device/nvme_discovery
+ /usr/sbin/nvme connect-all
+ exit 0
+fi
+
+NVMF_HOSTNQN_OK=
+[ ! -f "/etc/nvme/hostnqn" ] || [ ! -f "/etc/nvme/hostid" ] || NVMF_HOSTNQN_OK=1
+
+# Only nvme-cli 2.5 or newer supports the options --nbft and --no-nbft
+# for the connect-all command.
+# Make sure we don't use unsupported options with earlier versions.
+NBFT_SUPPORTED=
+# shellcheck disable=SC2016
+/usr/sbin/nvme connect-all --help 2>&1 | sed -n '/[[:space:]]--nbft[[:space:]]/q1;$q0' \
+ || NBFT_SUPPORTED=1
+
+if [ -e /tmp/nvmf-fc-auto ] && [ "$NVMF_HOSTNQN_OK" ] \
+ && [ -f /sys/class/fc/fc_udev_device/nvme_discovery ]; then
+ # prio 1: cmdline override "rd.nvmf.discovery=fc,auto"
+ echo add > /sys/class/fc/fc_udev_device/nvme_discovery
+ exit 0
+fi
+if [ "$NBFT_SUPPORTED" ] && [ -e /tmp/valid_nbft_entry_found ]; then
+ # prio 2: NBFT
+ /usr/sbin/nvme connect-all --nbft
+ exit 0
+fi
+if [ -f /etc/nvme/discovery.conf ] || [ -f /etc/nvme/config.json ] \
+ && [ "$NVMF_HOSTNQN_OK" ]; then
+ # prio 3: configuration from initrd and/or kernel command line
+ # We can get here even if "rd.nvmf.nonbft" was given, thus use --no-nbft
+ if [ "$NBFT_SUPPORTED" ]; then
+ /usr/sbin/nvme connect-all --no-nbft
+ else
+ /usr/sbin/nvme connect-all
+ fi
+ exit 0
+fi
+if [ "$NVMF_HOSTNQN_OK" ] \
+ && [ -f /sys/class/fc/fc_udev_device/nvme_discovery ]; then
+ # prio 4: no discovery entries, try NVMeoFC autoconnect
+ echo add > /sys/class/fc/fc_udev_device/nvme_discovery
+fi
exit 0
diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
index 6c5ef4bc..66018371 100755
--- a/modules.d/95nvmf/parse-nvmf-boot-connections.sh
+++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh
@@ -17,13 +17,225 @@
# specify any discover parameters for FC.
#
-type is_ip > /dev/null 2>&1 || . /lib/net-lib.sh
+command -v getarg > /dev/null || . /lib/dracut-lib.sh
+command -v is_ip > /dev/null || . /lib/net-lib.sh
+
+## Sample NBFT output from nvme show-nbft -H -s -d -o json
+# [
+# {
+# "filename":"/sys/firmware/acpi/tables/NBFT",
+# "host":{
+# "nqn":"nqn.2014-08.org.nvmexpress:uuid:d6f07002-7eb5-4841-a185-400e296afae4",
+# "id":"111919da-21ea-cc4e-bafe-216d8372dd31",
+# "host_id_configured":0,
+# "host_nqn_configured":0,
+# "primary_admin_host_flag":"not indicated"
+# },
+# "subsystem":[
+# {
+# "index":1,
+# "num_hfis":1,
+# "hfis":[
+# 1
+# ],
+# "transport":"tcp",
+# "transport_address":"192.168.100.216",
+# "transport_svcid":"4420",
+# "subsys_port_id":0,
+# "nsid":1,
+# "nid_type":"uuid",
+# "nid":"424d1c8a-8ef9-4681-b2fc-8c343bd8fa69",
+# "subsys_nqn":"timberland-01",
+# "controller_id":0,
+# "asqsz":0,
+# "pdu_header_digest_required":0,
+# "data_digest_required":0
+# }
+# ],
+# "hfi":[
+# {
+# "index":1,
+# "transport":"tcp",
+# "pcidev":"0:0:2.0",
+# "mac_addr":"52:54:00:4f:97:e9",
+# "vlan":0,
+# "ip_origin":63,
+# "ipaddr":"192.168.100.217",
+# "subnet_mask_prefix":24,
+# "gateway_ipaddr":"0.0.0.0",
+# "route_metric":0,
+# "primary_dns_ipaddr":"0.0.0.0",
+# "secondary_dns_ipaddr":"0.0.0.0",
+# "dhcp_server_ipaddr":"",
+# "this_hfi_is_default_route":1
+# }
+# ],
+# "discovery":[
+# ]
+# }
+# ]
+#
+# If the IP address is derived from DHCP, it sets the field
+# "hfi.dhcp_server_ipaddr" to a non-emtpy value.
+#
+#
+
+nbft_run_jq() {
+ local st
+ local opts="-e"
+
+ while [ $# -gt 0 ]; do
+ case $1 in
+ -*)
+ opts="$opts $1"
+ ;;
+ *)
+ break
+ ;;
+ esac
+ shift
+ done
+ # Not quoting is intentional here. We won't get glob expressions passed.
+ # shellcheck disable=SC2086
+ jq $opts "$1" << EOF
+$2
+EOF
+ st=$?
+ if [ $st -ne 0 ]; then
+ warn "NBFT: jq error while processing \"$1\""
+ return $st
+ else
+ return 0
+ fi
+}
+
+nbft_check_empty_address() {
+ # suppress meaningless or empty IP addresses
+ # "null" is returned by jq if no match found for expression
+ case $1 in
+ null | "::" | "0.0.0.0") ;;
+ *)
+ echo "$1"
+ ;;
+ esac
+}
+
+nbft_parse_hfi() {
+ # false positive of shellcheck - no expansion in variable assignments
+ # shellcheck disable=2086
+ local hfi_json=$1
+ local mac iface ipaddr prefix vlan gateway dns1 dns2 hostname adrfam dhcp
+
+ mac=$(nbft_run_jq -r .mac_addr "$hfi_json") || return 1
+ iface=$(set_ifname nbft "$mac")
+
+ vlan=$(nbft_run_jq .vlan "$hfi_json") || vlan=0
+ # treat VLAN zero as "no vlan"
+ [ "$vlan" -ne 0 ] || vlan=
+
+ [ ! -e /tmp/net."${iface}${vlan:+.$vlan}".has_ibft_config ] || return 0
+
+ dhcp=$(nbft_run_jq -r .dhcp_server_ipaddr "$hfi_json")
+ # We need to check $? here as the above is an assignment
+ # shellcheck disable=2181
+ if [ $? -eq 0 ] && [ "$dhcp" ] && [ "$dhcp" != null ]; then
+ case $dhcp in
+ *:*)
+ echo ip="$iface${vlan:+.$vlan}:dhcp6"
+ ;;
+ *.*.*.*)
+ echo ip="$iface${vlan:+.$vlan}:dhcp"
+ ;;
+ *)
+ warn "Invalid value for dhcp_server_ipaddr: $dhcp"
+ return 1
+ ;;
+ esac
+ else
+ ipaddr=$(nbft_run_jq -r .ipaddr "$hfi_json") || return 1
+
+ case $ipaddr in
+ *.*.*.*)
+ adrfam=ipv4
+ ;;
+ *:*)
+ adrfam=ipv6
+ ;;
+ *)
+ warn "invalid address: $ipaddr"
+ return 1
+ ;;
+ esac
+ prefix=$(nbft_run_jq -r .subnet_mask_prefix "$hfi_json")
+ # Need to check $? here as he above is an assignment
+ # shellcheck disable=2181
+ if [ $? -ne 0 ] && [ "$adrfam" = ipv6 ]; then
+ prefix=128
+ fi
+ # Use brackets for IPv6
+ if [ "$adrfam" = ipv6 ]; then
+ ipaddr="[$ipaddr]"
+ fi
+
+ gateway=$(nbft_check_empty_address \
+ "$(nbft_run_jq -r .gateway_ipaddr "$hfi_json")")
+ dns1=$(nbft_check_empty_address \
+ "$(nbft_run_jq -r .primary_dns_ipaddr "$hfi_json")")
+ dns2=$(nbft_check_empty_address \
+ "$(nbft_run_jq -r .secondary_dns_ipaddr "$hfi_json")")
+ hostname=$(nbft_run_jq -r .host_name "$hfi_json" 2> /dev/null) || hostname=
+
+ echo "ip=$ipaddr::$gateway:$prefix:$hostname:$iface${vlan:+.$vlan}:none${dns1:+:$dns1}${dns2:+:$dns2}"
+ fi
+
+ if [ "$vlan" ]; then
+ echo "vlan=$iface.$vlan:$iface"
+ echo "$mac" > "/tmp/net.$iface.$vlan.has_ibft_config"
+ else
+ echo "$mac" > "/tmp/net.$iface.has_ibft_config"
+ fi
+ : > /tmp/valid_nbft_entry_found
+}
+
+nbft_parse() {
+ local nbft_json n_nbft all_hfi_json n_hfi
+ local j=0 i
+
+ nbft_json=$(nvme nbft show -H -o json) || return 0
+ n_nbft=$(nbft_run_jq ". | length" "$nbft_json") || return 0
+
+ while [ "$j" -lt "$n_nbft" ]; do
+ all_hfi_json=$(nbft_run_jq ".[$j].hfi" "$nbft_json") || continue
+ n_hfi=$(nbft_run_jq ". | length" "$all_hfi_json") || continue
+ i=0
+
+ while [ "$i" -lt "$n_hfi" ]; do
+ nbft_parse_hfi "$(nbft_run_jq ".[$i]" "$all_hfi_json")"
+ i=$((i + 1))
+ done
+ j=$((j + 1))
+ done >> /etc/cmdline.d/40-nbft.conf
+}
if getargbool 0 rd.nonvmf; then
warn "rd.nonvmf=0: skipping nvmf"
return 0
fi
+if getargbool 0 rd.nvmf.nostatic; then
+ rm -f /etc/cmdline.d/95nvmf-args.conf
+ rm -f /etc/nvme/discovery.conf /etc/nvme/config.json
+fi
+
+if ! getargbool 0 rd.nvmf.nonbft; then
+ for _x in /sys/firmware/acpi/tables/NBFT*; do
+ if [ -f "$_x" ]; then
+ nbft_parse
+ break
+ fi
+ done
+fi
+
initqueue --onetime modprobe --all -b -q nvme_tcp nvme_core nvme_fabrics
parse_nvmf_discover() {
@@ -94,26 +306,21 @@ if [ -n "$nvmf_hostid" ]; then
echo "$nvmf_hostid" > /etc/nvme/hostid
fi
-NVMF_FC_AUTO=
+rm -f /tmp/nvmf-fc-auto
for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do
parse_nvmf_discover "$d" || {
- NVMF_FC_AUTO=1
+ : > /tmp/nvmf-fc-auto
break
}
done
-if [ -e /tmp/nvmf_needs_network ]; then
+if [ -e /tmp/nvmf_needs_network ] || [ -e /tmp/valid_nbft_entry_found ]; then
echo "rd.neednet=1" > /etc/cmdline.d/nvmf-neednet.conf
+ # netroot is a global variable that is present in all "sourced" scripts
+ # shellcheck disable=SC2034
+ netroot=nbft
rm -f /tmp/nvmf_needs_network
fi
-# Host NQN and host id are mandatory for NVMe-oF
-if [ -f "/etc/nvme/hostnqn" ] && [ -f "/etc/nvme/hostid" ]; then
-
- # If no nvme command line arguments present, try autodiscovery
- if [ $NVMF_FC_AUTO ] || [ ! -f "/etc/nvme/discovery.conf" ]; then
- /sbin/initqueue --settled --onetime --unique --name nvme-fc-autoconnect /sbin/nvmf-autoconnect.sh
- else
- /sbin/initqueue --settled --onetime --unique --name nvme-discover /usr/sbin/nvme connect-all
- fi
-fi
+/sbin/initqueue --settled --onetime --name nvmf-connect-settled /sbin/nvmf-autoconnect.sh settled
+/sbin/initqueue --timeout --onetime --name nvmf-connect-timeout /sbin/nvmf-autoconnect.sh timeout

41
SOURCES/0038.patch
Unescape View File

@ -0,0 +1,41 @@
From abc03e87ef3dff517c1da05643e8a5ec92b1bf14 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 14 Aug 2023 10:24:14 +0200
Subject: [PATCH] feat(spec): include modules for IMA
Resolves: #2158155
---
pkgbuild/dracut.spec | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index e148bbf7..b2d75951 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -214,13 +214,6 @@ rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/00dash
# we do not support mksh in the initramfs
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/00mksh
-%if %{defined _unitdir}
-# with systemd IMA and selinux modules do not make sense
-rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/96securityfs
-rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/97masterkey
-rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/98integrity
-%endif
-
%ifnarch s390 s390x
# remove architecture specific modules
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/80cms
@@ -394,11 +387,9 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/95zfcp
%{dracutlibdir}/modules.d/95zfcp_rules
%endif
-%if %{undefined _unitdir}
%{dracutlibdir}/modules.d/96securityfs
%{dracutlibdir}/modules.d/97masterkey
%{dracutlibdir}/modules.d/98integrity
-%endif
%{dracutlibdir}/modules.d/97biosdevname
%{dracutlibdir}/modules.d/98dracut-systemd
%{dracutlibdir}/modules.d/98ecryptfs

24
SOURCES/0039.patch
Unescape View File

@ -0,0 +1,24 @@
From aaffb39dc86b674501cb447c7fef5dd40aad85fb Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 14 Aug 2023 11:25:19 +0200
Subject: [PATCH] fix(dracut): there can be \ at the end on line in awk script
Related: #2158155
---
dracut.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dracut.sh b/dracut.sh
index 1ff51bb1..30dfb229 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -2592,7 +2592,7 @@ if [[ $uefi == yes ]]; then
printf "%s " "$(< "$conf")" >> "$uefi_outdir/cmdline.txt"
done
fi
-
+ # shellcheck disable=SC1004
offs=$(objdump -h "$uefi_stub" 2> /dev/null | gawk 'NF==7 {size=strtonum("0x"$3);\
offset=strtonum("0x"$4)} END {print size + offset}')
if [[ $offs -eq 0 ]]; then

24
SOURCES/0040.patch
Unescape View File

@ -0,0 +1,24 @@
From 9c1c19de50de5dba6d0875425539cb9259dd7451 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 14 Aug 2023 12:37:33 +0200
Subject: [PATCH] fix(rngd): spacing
Related: #2158155
---
modules.d/06rngd/module-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules.d/06rngd/module-setup.sh b/modules.d/06rngd/module-setup.sh
index 66923a38..1e5f0eb9 100644
--- a/modules.d/06rngd/module-setup.sh
+++ b/modules.d/06rngd/module-setup.sh
@@ -35,7 +35,7 @@ install() {
inst_simple "${systemdsystemunitdir}/rngd.service"
if [ -r /etc/sysconfig/rngd ]; then
- inst_simple "${moddir}/sysconfig" "/etc/sysconfig/rngd"
+ inst_simple "${moddir}/sysconfig" "/etc/sysconfig/rngd"
fi
# make sure dependant libs are installed too

49
SOURCES/0041.patch
Unescape View File

@ -0,0 +1,49 @@
From 9d2a3df5453001612b225c7423451f6e02e06c19 Mon Sep 17 00:00:00 2001
From: Alberto Planas <aplanas@suse.com>
Date: Mon, 20 Jun 2022 17:13:19 +0200
Subject: [PATCH] fix(integrity): do not enable EVM if there is no key
Track when a key is successfully loaded, and return 1 if no key has been
loaded. This will not enable EVM if there are no keys available in the
system.
Fix #1847
Signed-off-by: Alberto Planas <aplanas@suse.com>
(Cherry-picked commit: 90585c624af15ba0abb7f32b0c2afc2b122dd019)
Related: #2158155
---
modules.d/98integrity/evm-enable.sh | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/modules.d/98integrity/evm-enable.sh b/modules.d/98integrity/evm-enable.sh
index 0abdfb80..913b5f12 100755
--- a/modules.d/98integrity/evm-enable.sh
+++ b/modules.d/98integrity/evm-enable.sh
@@ -99,6 +99,7 @@ load_evm_x509() {
fi
# load the default EVM public key onto the EVM keyring along
# with all the other ones in $EVMKEYSDIR
+ local key_imported=1
for PUBKEY in ${EVMX509PATH} "${NEWROOT}${EVMKEYSDIR}"/*; do
if [ ! -f "${PUBKEY}" ]; then
if [ "${RD_DEBUG}" = "yes" ]; then
@@ -110,13 +111,14 @@ load_evm_x509() {
info "integrity: failed to load the EVM X509 cert ${PUBKEY}"
return 1
fi
+ key_imported=0
done
if [ "${RD_DEBUG}" = "yes" ]; then
keyctl show @u
fi
- return 0
+ return ${key_imported}
}
unload_evm_key() {

46
SOURCES/0042.patch
Unescape View File

@ -0,0 +1,46 @@
From ecc17a2cd574b31ce6f95f5a7d8ee6c62ecbb51b Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Wed, 16 Aug 2023 14:02:51 +0200
Subject: [PATCH] fix(fips): include openssl's fips.so and openssl.cnf
Resolves: #2176560
---
modules.d/01fips/module-setup.sh | 13 +++++++++++++
modules.d/01fips/openssl.cnf | 7 +++++++
2 files changed, 20 insertions(+)
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index cc9d15ce..7ff5e640 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -82,4 +82,17 @@ install() {
dfatal "To create an initramfs with fips support, dracut has to run as root"
return 1
}
+
+ # if we have openssl we need to install their fips library and configuration
+ [ -x /usr/bin/openssl ] && {
+ read -r _ conf < <(openssl version -d)
+ conf=${conf#\"}
+ conf=${conf%\"}
+ inst_simple "${moddir}/openssl.cnf" "$conf/openssl.cnf"
+
+ read -r _ mod < <(openssl version -m)
+ mod=${mod#\"}
+ mod=${mod%\"}
+ inst_simple "$mod/fips.so"
+ }
}
diff --git a/modules.d/01fips/openssl.cnf b/modules.d/01fips/openssl.cnf
new file mode 100644
index 00000000..ee9adcf0
--- /dev/null
+++ b/modules.d/01fips/openssl.cnf
@@ -0,0 +1,7 @@
+openssl_conf = openssl_init
+[openssl_init]
+providers = provider_sect
+[provider_sect]
+default = default_sect
+[default_sect]
+activate = 1

66
SOURCES/0043.patch
Unescape View File

@ -0,0 +1,66 @@
From bc525e2ef02bbcd09adfedb6c92213f1b84d4740 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 25 Apr 2023 14:56:59 +0200
Subject: [PATCH] feat(hwdb): install hwdb on demand when module is needed
Adding a module to install hwdb. Further extensions might make only selected
part of hwdb installable, to save space. The module is not included by default.
Including the module adds 2MB of compressed data (on Fedora, the file has 12MB).
hwdb is needed in case of custom HW, like a keyboard/mouse or various interfaces.
Original PR: https://github.com/dracutdevs/dracut/pull/1681
(Cherry-picked commit: 062e739d89543a38d4b3e2cab155912bc4bf9e56)
Resolves: #2233597
---
modules.d/95hwdb/module-setup.sh | 26 ++++++++++++++++++++++++++
pkgbuild/dracut.spec | 1 +
2 files changed, 27 insertions(+)
diff --git a/modules.d/95hwdb/module-setup.sh b/modules.d/95hwdb/module-setup.sh
new file mode 100755
index 00000000..16365377
--- /dev/null
+++ b/modules.d/95hwdb/module-setup.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+# This file is part of dracut.
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+check() {
+ return 255
+}
+
+# called by dracut
+install() {
+ local hwdb_bin
+
+ # systemd-hwdb ships the file in /etc, with /usr/lib as an alternative.
+ # Therefore consider this location as preferred for configuration.
+ hwdb_bin="${udevdir}"/hwdb.bin
+
+ if [[ ! -r "${hwdb_bin}" ]]; then
+ hwdb_bin="${udevconfdir}"/hwdb.bin
+ fi
+
+ if [[ $hostonly ]]; then
+ inst_multiple -H "${hwdb_bin}"
+ else
+ inst_multiple "${hwdb_bin}"
+ fi
+}
diff --git a/pkgbuild/dracut.spec b/pkgbuild/dracut.spec
index b2d75951..1996f44d 100644
--- a/pkgbuild/dracut.spec
+++ b/pkgbuild/dracut.spec
@@ -367,6 +367,7 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/91tpm2-tss
%{dracutlibdir}/modules.d/95debug
%{dracutlibdir}/modules.d/95fstab-sys
+%{dracutlibdir}/modules.d/95hwdb
%{dracutlibdir}/modules.d/95lunmask
%{dracutlibdir}/modules.d/95nvmf
%{dracutlibdir}/modules.d/95resume

552
SPECS/dracut.spec
Unescape View File

@ -5,135 +5,98 @@
# strip the automatically generated dep here and instead co-own the
# directory.
%global __requires_exclude pkg-config
%define dist_free_release 44.git20230822
Name: dracut
Version: 103
Release: 1%{?dist}
Version: 057
Release: %{dist_free_release}%{?dist}
Summary: Initramfs generator using udev
%if 0%{?fedora} || 0%{?rhel}
Group: System Environment/Base
%endif
%if 0%{?suse_version}
Group: System/Base
%endif
# The entire source code is GPLv2+
# except install/* which is LGPLv2+
# except util/* which is GPLv2
License: GPL-2.0-or-later AND LGPL-2.1-or-later AND GPL-2.0-only
URL: https://github.com/dracut-ng/dracut-ng/wiki/
Source0: https://github.com/dracut-ng/dracut-ng/archive/refs/tags/%{version}.tar.gz
License: GPLv2+ and LGPLv2+ and GPLv2
URL: https://dracut.wiki.kernel.org/
# Source can be generated by
# http://git.kernel.org/?p=boot/dracut/dracut.git;a=snapshot;h=%%{version};sf=tgz
Source0: http://www.kernel.org/pub/linux/utils/boot/dracut/dracut-%{version}.tar.xz
Patch1: 0001.patch
Patch2: 0002.patch
Patch3: 0003.patch
Patch4: 0004.patch
Patch5: 0005.patch
Patch6: 0006.patch
Patch7: 0007.patch
Patch8: 0008.patch
Patch9: 0009.patch
Patch10: 0010.patch
Patch11: 0011.patch
Patch12: 0012.patch
Patch13: 0013.patch
Patch14: 0014.patch
Patch15: 0015.patch
Patch16: 0016.patch
Patch17: 0017.patch
Patch18: 0018.patch
Patch19: 0019.patch
Patch20: 0020.patch
Patch21: 0021.patch
Patch22: 0022.patch
Patch23: 0023.patch
Patch24: 0024.patch
Patch25: 0025.patch
Patch26: 0026.patch
Patch27: 0027.patch
Patch28: 0028.patch
Patch29: 0029.patch
Patch30: 0030.patch
Patch31: 0031.patch
Patch32: 0032.patch
Patch33: 0033.patch
Patch34: 0034.patch
Patch35: 0035.patch
Patch36: 0036.patch
Patch37: 0037.patch
Patch38: 0038.patch
Patch39: 0039.patch
Patch40: 0040.patch
Patch41: 0041.patch
Patch42: 0042.patch
Patch43: 0043.patch
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
# fix(rngd): install system service file
# Author: Pavel Valena <pvalena@redhat.com>
Patch1: 0001-fix-rngd-install-system-service-file.patch
# revert: "fix(install.d): correctly install pre-genned image and die if no args"
# Author: Pavel Valena <pvalena@redhat.com>
Patch2: 0002-revert-fix-install.d-correctly-install-pre-genned-im.patch
# feat(kernel-install): do nothing when $KERNEL_INSTALL_INITRD_GENERATOR says so
# Author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Patch3: 0003-feat-kernel-install-do-nothing-when-KERNEL_INSTALL_I.patch
# fix(kernel-install): do not generate an initrd when one was specified
# Author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Patch4: 0004-fix-kernel-install-do-not-generate-an-initrd-when-on.patch
# fix: incorrectly applied patch in commit c6d18c3c71597e78572378fc4dde391f1845b8
# Author: Pavel Valena <pvalena@redhat.com>
Patch5: 0005-fix-incorrectly-applied-patch-in-commit-c6d18c3c7159.patch
# revert: "fix(crypt): unlock encrypted devices by default during boot"
# Author: Pavel Valena <pvalena@redhat.com>
Patch6: 0006-revert-fix-crypt-unlock-encrypted-devices-by-default.patch
# test: do not force include dash, let sh module make a selection
# Author: Laszlo Gombos <laszlo.gombos@gmail.com>
Patch7: 0007-test-do-not-force-include-dash-let-sh-module-make-a-.patch
# fix(dracut-functions): allow for \ in get_maj_min file path
# Author: Pavel Valena <pvalena@redhat.com>
Patch8: 0008-fix-dracut-functions-allow-for-in-get_maj_min-file-p.patch
# fix(dracut-functions.sh): only return block devices from get_persistent_dev
# Author: Fabian Vogt <fvogt@suse.de>
Patch9: 0009-fix-dracut-functions.sh-only-return-block-devices-fr.patch
# feat(systemd*): include systemd config files from /usr/lib/systemd
# Author: Pavel Valena <pvalena@redhat.com>
Patch10: 0010-feat-systemd-include-systemd-config-files-from-usr-l.patch
# fix(resume): always include the resume module
# Author: Pavel Valena <pvalena@redhat.com>
Patch11: 0011-fix-resume-always-include-the-resume-module.patch
# feat(dracut-init.sh): allow changing the destination directory for inst et al
# Author: Philipp Rudo <prudo@redhat.com>
Patch12: 0012-feat-dracut-init.sh-allow-changing-the-destination-d.patch
# fix(dracut-init.sh): add module to mods_to_load before checking dependencies
# Author: Philipp Rudo <prudo@redhat.com>
Patch13: 0013-fix-dracut-init.sh-add-module-to-mods_to_load-before.patch
# feat(squash): move mksquashfs to 99squash/modules-setup
# Author: Philipp Rudo <prudo@redhat.com>
Patch14: 0014-feat-squash-move-mksquashfs-to-99squash-modules-setu.patch
# feat(squash): split 95squash-squashfs from 99squash
# Author: Philipp Rudo <prudo@redhat.com>
Patch15: 0015-feat-squash-split-95squash-squashfs-from-99squash.patch
# feat(squash): add module 95squash-erofs
# Author: Philipp Rudo <prudo@redhat.com>
Patch16: 0016-feat-squash-add-module-95squash-erofs.patch
# feat(lsinitrd): add support for erofs images
# Author: Philipp Rudo <prudo@redhat.com>
Patch17: 0017-feat-lsinitrd-add-support-for-erofs-images.patch
# feat(dracut-initramfs-restore): unpack erofs images
# Author: Philipp Rudo <prudo@redhat.com>
Patch18: 0018-feat-dracut-initramfs-restore-unpack-erofs-images.patch
# fix(squash): explicitly create required directories
# Author: Philipp Rudo <prudo@redhat.com>
Patch19: 0019-fix-squash-explicitly-create-required-directories.patch
# fix(squash): use 99busybox instead of installing it manually
# Author: Philipp Rudo <prudo@redhat.com>
Patch20: 0020-fix-squash-use-99busybox-instead-of-installing-it-ma.patch
# fix(nfs): set correct ownership and permissions for statd directory
# Author: Lukas Nykryn <lnykryn@redhat.com>
Patch21: 0021-fix-nfs-set-correct-ownership-and-permissions-for-st.patch
# fix(resume): do not include resume if swap is on netdevice
# Author: Pavel Valena <pvalena@redhat.com>
Patch22: 0022-fix-resume-do-not-include-resume-if-swap-is-on-netde.patch
# feat(dracut-init.sh): give --force-add precedence over --omit
# Author: Pavel Valena <pvalena@redhat.com>
Patch23: 0023-feat-dracut-init.sh-give-force-add-precedence-over-o.patch
# feat(lsinitrd.sh): look for initrd in /usr/lib/modules/
# Author: Pavel Valena <pvalena@redhat.com>
Patch24: 0024-feat-lsinitrd.sh-look-for-initrd-in-usr-lib-modules.patch
# feat(fips): include fips module unconditionally
# Author: Pavel Valena <pvalena@redhat.com>
Patch25: 0025-feat-fips-include-fips-module-unconditionally.patch
# fix(nfs): include also entries from /usr/lib/{passwd,group}
# Author: Pavel Valena <pvalena@redhat.com>
Patch26: 0026-fix-nfs-include-also-entries-from-usr-lib-passwd-gro.patch
# revert(dracut-init.sh): add module to mods_to_load before checking dependencies
# Author: Philipp Rudo <prudo@redhat.com>
Patch27: 0027-revert-dracut-init.sh-add-module-to-mods_to_load-bef.patch
# fix(squash): remove cyclic dependency
# Author: Philipp Rudo <prudo@redhat.com>
Patch28: 0028-fix-squash-remove-cyclic-dependency.patch
# fix(dracut.sh): exit when installing the squash loader fails
# Author: Philipp Rudo <prudo@redhat.com>
Patch29: 0029-fix-dracut.sh-exit-when-installing-the-squash-loader.patch
# fix(squash-lib): harden against empty $initdir
# Author: Philipp Rudo <prudo@redhat.com>
Patch30: 0030-fix-squash-lib-harden-against-empty-initdir.patch
# feat(fips-crypto-policies): make c-p follow FIPS mode automatically
# Author: Clemens Lang <cllang@redhat.com>
Patch31: 0031-feat-fips-crypto-policies-make-c-p-follow-FIPS-mode-.patch
# fix(fips-crypto-policies): make it depend on fips dracut module
# Author: Jo Zzsi <jozzsicsataban@gmail.com>
Patch32: 0032-fix-fips-crypto-policies-make-it-depend-on-fips-drac.patch
# Please use source-git to work with this spec file:
# HowTo: https://packit.dev/source-git/work-with-source-git
# Source-git repository: https://github.com/redhat-plumbers/dracut-rhel10/
BuildRequires: bash
BuildRequires: git-core
BuildRequires: pkgconfig(libkmod) >= 23
BuildRequires: gcc
%if 0%{?fedora} || 0%{?rhel}
BuildRequires: pkgconfig
BuildRequires: systemd
%endif
%if 0%{?fedora}
BuildRequires: bash-completion
%endif
%if %{with doc}
%if 0%{?fedora} || 0%{?rhel}
BuildRequires: docbook-style-xsl docbook-dtds libxslt
%endif
%if 0%{?suse_version}
BuildRequires: docbook-xsl-stylesheets libxslt
%endif
BuildRequires: asciidoc
%endif
@ -152,18 +115,24 @@ Requires: kmod
Requires: sed
Requires: xz
Requires: gzip
Requires: hardlink
Requires: pigz
Requires: kpartx
Recommends: memstrack
Recommends: hardlink
Recommends: pigz
Recommends: kpartx
Recommends: (tpm2-tools if tpm2-tss)
%if 0%{?fedora} || 0%{?rhel}
Suggests: memstrack
Requires: util-linux >= 2.21
Requires: systemd >= 219
Requires: systemd-udev >= 219
Requires: procps-ng
%else
Requires: udev > 166
Requires: util-linux-ng >= 2.21
%endif
%if 0%{?fedora} || 0%{?rhel} || 0%{?suse_version}
Requires: libkcapi-hmaccalc
%endif
%description
dracut contains tools to create bootable initramfses for the Linux
@ -175,11 +144,18 @@ package.
%package network
Summary: dracut modules to build a dracut initramfs with network support
%if 0%{?_module_build}
# In the module-build-service, we have pieces of dracut provided by different
# modules ("base-runtime" provides most functionality, but we need
# dracut-network in "installer". Since these two modules build with separate
# dist-tags, we need to reduce this strict requirement to ignore the dist-tag.
Requires: %{name} >= %{version}-%{dist_free_release}
%else
Requires: %{name} = %{version}-%{release}
%endif
Requires: iputils
Requires: iproute
Requires: jq
Requires: NetworkManager >= 1.20
Requires: (NetworkManager >= 1.20 or dhclient)
Suggests: NetworkManager
Obsoletes: dracut-generic < 008
Provides: dracut-generic = %{version}-%{release}
@ -199,10 +175,15 @@ initramfs with dracut, which drops capabilities.
%package live
Summary: dracut modules to build a dracut initramfs with live image capabilities
%if 0%{?_module_build}
# See the network subpackage comment.
Requires: %{name} >= %{version}-%{dist_free_release}
%else
Requires: %{name} = %{version}-%{release}
%endif
Requires: %{name}-network = %{version}-%{release}
Requires: tar gzip coreutils bash device-mapper curl parted
%if ! 0%{?rhel}
%if 0%{?fedora}
Requires: fuse ntfs-3g
%endif
@ -240,7 +221,6 @@ This package contains tools to assemble the local initrd and host configuration.
Summary: dracut module to build an initramfs with most files in a squashfs image
Requires: %{name} = %{version}-%{release}
Requires: squashfs-tools
Suggests: erofs-utils
%description squash
This package provides a dracut module to build an initramfs, but store most files
@ -248,7 +228,7 @@ in a squashfs image, result in a smaller initramfs size and reduce runtime memor
usage.
%prep
%autosetup -n %{name}-ng-%{version} -S git_am
%autosetup -n %{name}-%{version} -S git_am
cp %{SOURCE1} .
%build
@ -268,15 +248,16 @@ cp %{SOURCE1} .
echo "DRACUT_VERSION=%{version}-%{release}" > $RPM_BUILD_ROOT/%{dracutlibdir}/dracut-version.sh
%if 0%{?fedora} == 0 && 0%{?rhel} == 0 && 0%{?suse_version} == 0
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/01fips
%endif
# we do not support dash in the initramfs
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/00dash
# we do not support mksh in the initramfs
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/00mksh
# Remove obsolete module
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/35network-legacy
%ifnarch s390 s390x
# remove architecture specific modules
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/80cms
@ -284,8 +265,11 @@ rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/81cio_ignore
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/91zipl
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/95dasd
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/95dasd_mod
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/95dasd_rules
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/95dcssblk
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/95qeth_rules
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/95zfcp
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/95zfcp_rules
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/95znet
%else
rm -fr -- $RPM_BUILD_ROOT/%{dracutlibdir}/modules.d/00warpclock
@ -297,8 +281,19 @@ mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log
touch $RPM_BUILD_ROOT%{_localstatedir}/log/dracut.log
mkdir -p $RPM_BUILD_ROOT%{_sharedstatedir}/initramfs
%if 0%{?fedora} || 0%{?rhel}
install -m 0644 dracut.conf.d/fedora.conf.example $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/01-dist.conf
%endif
%if 0%{?suse_version}
install -m 0644 dracut.conf.d/suse.conf.example $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/01-dist.conf
%else
rm -f $RPM_BUILD_ROOT%{_mandir}/man?/*suse*
%endif
%if 0%{?fedora} == 0 && 0%{?rhel} == 0 && 0%{?suse_version} <= 9999
rm -f -- $RPM_BUILD_ROOT%{_bindir}/lsinitrd
rm -f -- $RPM_BUILD_ROOT%{_mandir}/man1/lsinitrd.1*
%endif
echo 'hostonly="no"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/02-generic-image.conf
echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/02-rescue.conf
@ -307,11 +302,14 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%if %{with doc}
%doc README.md docs/HACKING.md AUTHORS NEWS.md dracut.html docs/dracut.png docs/dracut.svg
%endif
%{!?_licensedir:%global license %%doc}
%license COPYING lgpl-2.1.txt
%{_bindir}/dracut
%{_datadir}/bash-completion/completions/dracut
%{_datadir}/bash-completion/completions/lsinitrd
%if 0%{?fedora} || 0%{?rhel} || 0%{?suse_version} > 9999
%{_bindir}/lsinitrd
%endif
%dir %{dracutlibdir}
%dir %{dracutlibdir}/modules.d
%{dracutlibdir}/dracut-functions.sh
@ -324,7 +322,9 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/dracut-util
%{dracutlibdir}/skipcpio
%config(noreplace) %{_sysconfdir}/dracut.conf
%if 0%{?fedora} || 0%{?suse_version} || 0%{?rhel}
%{dracutlibdir}/dracut.conf.d/01-dist.conf
%endif
%dir %{_sysconfdir}/dracut.conf.d
%dir %{dracutlibdir}/dracut.conf.d
%dir %{_datadir}/pkgconfig
@ -333,7 +333,9 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%if %{with doc}
%{_mandir}/man8/dracut.8*
%{_mandir}/man8/*service.8*
%if 0%{?fedora} || 0%{?rhel} || 0%{?suse_version} > 9999
%{_mandir}/man1/lsinitrd.1*
%endif
%{_mandir}/man7/dracut.kernel.7*
%{_mandir}/man7/dracut.cmdline.7*
%{_mandir}/man7/dracut.modules.7*
@ -341,30 +343,29 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{_mandir}/man5/dracut.conf.5*
%endif
%if %{undefined _unitdir}
%endif
%{dracutlibdir}/modules.d/00bash
%{dracutlibdir}/modules.d/00systemd
%{dracutlibdir}/modules.d/00systemd-network-management
%ifnarch s390 s390x
%{dracutlibdir}/modules.d/00warpclock
%endif
%if 0%{?fedora} || 0%{?rhel} || 0%{?suse_version}
%{dracutlibdir}/modules.d/01fips
%{dracutlibdir}/modules.d/01fips-crypto-policies
%endif
%{dracutlibdir}/modules.d/01systemd-ac-power
%{dracutlibdir}/modules.d/01systemd-ask-password
%{dracutlibdir}/modules.d/01systemd-bsod
%{dracutlibdir}/modules.d/01systemd-coredump
%{dracutlibdir}/modules.d/01systemd-creds
%{dracutlibdir}/modules.d/01systemd-hostnamed
%{dracutlibdir}/modules.d/01systemd-initrd
%{dracutlibdir}/modules.d/01systemd-integritysetup
%{dracutlibdir}/modules.d/01systemd-journald
%{dracutlibdir}/modules.d/01systemd-ldconfig
%{dracutlibdir}/modules.d/01systemd-modules-load
%{dracutlibdir}/modules.d/01systemd-pcrphase
%{dracutlibdir}/modules.d/01systemd-portabled
%{dracutlibdir}/modules.d/01systemd-pstore
%{dracutlibdir}/modules.d/01systemd-repart
%{dracutlibdir}/modules.d/01systemd-resolved
%{dracutlibdir}/modules.d/01systemd-rfkill
%{dracutlibdir}/modules.d/01systemd-sysext
%{dracutlibdir}/modules.d/01systemd-sysctl
%{dracutlibdir}/modules.d/01systemd-sysusers
@ -384,16 +385,12 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/09dbus
%{dracutlibdir}/modules.d/10i18n
%{dracutlibdir}/modules.d/30convertfs
%{dracutlibdir}/modules.d/45net-lib
%{dracutlibdir}/modules.d/45url-lib
%{dracutlibdir}/modules.d/50drm
%{dracutlibdir}/modules.d/50plymouth
%{dracutlibdir}/modules.d/62bluetooth
%{dracutlibdir}/modules.d/80lvmmerge
%{dracutlibdir}/modules.d/80lvmthinpool-monitor
%{dracutlibdir}/modules.d/80test
%{dracutlibdir}/modules.d/80test-makeroot
%{dracutlibdir}/modules.d/80test-root
%{dracutlibdir}/modules.d/90btrfs
%{dracutlibdir}/modules.d/90crypt
%{dracutlibdir}/modules.d/90dm
@ -404,12 +401,8 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/90mdraid
%{dracutlibdir}/modules.d/90multipath
%{dracutlibdir}/modules.d/90nvdimm
%{dracutlibdir}/modules.d/90numlock
%{dracutlibdir}/modules.d/90overlayfs
%{dracutlibdir}/modules.d/90ppcmac
%{dracutlibdir}/modules.d/90pcmcia
%{dracutlibdir}/modules.d/90qemu
%{dracutlibdir}/modules.d/90systemd-cryptsetup
%{dracutlibdir}/modules.d/91crypt-gpg
%{dracutlibdir}/modules.d/91crypt-loop
%{dracutlibdir}/modules.d/91fido2
@ -420,6 +413,7 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/95fstab-sys
%{dracutlibdir}/modules.d/95hwdb
%{dracutlibdir}/modules.d/95lunmask
%{dracutlibdir}/modules.d/95nvmf
%{dracutlibdir}/modules.d/95resume
%{dracutlibdir}/modules.d/95rootfs-block
%{dracutlibdir}/modules.d/95terminfo
@ -432,8 +426,11 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/91zipl
%{dracutlibdir}/modules.d/95dasd
%{dracutlibdir}/modules.d/95dasd_mod
%{dracutlibdir}/modules.d/95dasd_rules
%{dracutlibdir}/modules.d/95dcssblk
%{dracutlibdir}/modules.d/95qeth_rules
%{dracutlibdir}/modules.d/95zfcp
%{dracutlibdir}/modules.d/95zfcp_rules
%endif
%{dracutlibdir}/modules.d/96securityfs
%{dracutlibdir}/modules.d/97masterkey
@ -476,6 +473,8 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/01systemd-networkd
%{dracutlibdir}/modules.d/35connman
%{dracutlibdir}/modules.d/35network-manager
%{dracutlibdir}/modules.d/35network-legacy
%{dracutlibdir}/modules.d/35network-wicked
%{dracutlibdir}/modules.d/40network
%{dracutlibdir}/modules.d/45ifcfg
%{dracutlibdir}/modules.d/90kernel-network-modules
@ -486,7 +485,6 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{dracutlibdir}/modules.d/95iscsi
%{dracutlibdir}/modules.d/95nbd
%{dracutlibdir}/modules.d/95nfs
%{dracutlibdir}/modules.d/95nvmf
%{dracutlibdir}/modules.d/95ssh-client
%ifarch s390 s390x
%{dracutlibdir}/modules.d/95znet
@ -515,9 +513,6 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%files squash
%{dracutlibdir}/modules.d/99squash
%{dracutlibdir}/modules.d/99squash-lib
%{dracutlibdir}/modules.d/95squash-erofs
%{dracutlibdir}/modules.d/95squash-squashfs
%files config-generic
%{dracutlibdir}/dracut.conf.d/02-generic-image.conf
@ -527,203 +522,96 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
%{_prefix}/lib/kernel/install.d/51-dracut-rescue.install
%changelog
* Fri Nov 01 2024 Pavel Valena <pvalena@redhat.com> - 103-1
- Update to dracut 103.
- feat(fips-crypto-policies): make c-p follow FIPS mode automatically
- fix(fips-crypto-policies): make it depend on fips dracut module
Resolves: RHEL-59678,RHEL-65204
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 102-4
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 102-3
- Rebuilt for MSVSphere 10
* Wed Aug 28 2024 Pavel Valena <pvalena@redhat.com> - 102-3
- revert(dracut-init.sh): add module to mods_to_load before checking dependencies
- fix(squash): remove cyclic dependency
- fix(dracut.sh): exit when installing the squash loader fails
- fix(squash-lib): harden against empty $initdir
Resolves: RHEL-43460
* Mon Aug 19 2024 Pavel Valena <pvalena@redhat.com> - 102-2
- fix(nfs): set correct ownership and permissions for statd directory
- fix(resume): do not include resume if swap is on netdevice
- feat(dracut-init.sh): give --force-add precedence over --omit
- feat(lsinitrd.sh): look for initrd in /usr/lib/modules/
- feat(fips): include fips module unconditionally
- fix(nfs): include also entries from /usr/lib/{passwd,group}
- fix(dracut-functions): avoid awk in get_maj_min()
Resolves: RHEL-39404,RHEL-47145,RHEL-53350,RHEL-53361,RHEL-53431,RHEL-53791,RHEL-54650
* Mon Jun 24 2024 Pavel Valena <pvalena@redhat.com> - 102-1
- Update to dracut 102.
Resolves: RHEL-43460,RHEL-32237,RHEL-32506,RHEL-43460,RHEL-47145,RHEL-49744,RHEL-53350
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 101-2
- Bump release for June 2024 mass rebuild
* Thu May 16 2024 Pavel Valena <pvalena@redhat.com> - 101-1
- Update to dracut 101.
- Remove network-legacy module.
- Additional fixes on top of rebase (see patches).
* Sat Jan 27 2024 Manuel Fombuena <fombuena@outlook.com> - 059-21
- fix(pkcs11): delete trailing dot on libcryptsetup-token-systemd-pkcs11.so
- fix(pcsc): add opensc load module file
- fix(pcsc): add --disable-polkit to pcscd.service
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 059-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 059-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Aug 22 2023 Pavel Valena <pvalena@redhat.com> - 057-44.git20230822
- feat(hwdb): install hwdb on demand when module is needed
* Fri Dec 08 2023 Dennis Gilmore <dennis@ausil.us> - 059-18
- Add Qualcomm IPC router to enable USB(Lenovo x13s)
* Wed Aug 16 2023 Pavel Valena <pvalena@redhat.com> - 057-43.git20230816
- feat(spec): include modules for IMA
- fix(dracut): there can be \ at the end on line in awk script
- fix(rngd): spacing
- fix(integrity): do not enable EVM if there is no key
- fix(fips): include openssl's fips.so and openssl.cnf
* Thu Nov 16 2023 Pavel Valena <pvalena@redhat.com> - 059-17
- fix(dracut.sh): remove microcode check based on
* Wed Nov 8 2023 Zbigniew Jedrzejewski-Szmek <zbyszek@in.waw.pl> - 059-16
- Backport patches to fix compatibility with systemd 255
* Sat Oct 28 2023 Adam Williamson <awilliam@redhat.com> - 059-15
- Backport PR #2545 to fix media check failure visibility
* Thu Oct 05 2023 Adam Williamson <awilliam@redhat.com> - 059-14
- Backport PR #2196 to fix boot with iso-scan feature
* Wed Sep 20 2023 Pavel Valena <pvalena@redhat.com> - 059-13
- fix(dracut.spec): add jq dependency to network subpackage
* Wed Aug 02 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 059-12
- Include modules for IMA
* Mon Jul 24 2023 Lukáš Nykrýn <lnykryn@redhat.com> - 059-11
* Tue Jul 25 2023 Pavel Valena <pvalena@redhat.com> - 057-38.git20230725
- fix(dracut.sh): use dynamically uefi's sections offset
* Mon Jul 24 2023 Pavel Valena <pvalena@redhat.com> - 059-10
- feat(nvmf): support for NVMeoF
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 059-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jun 08 2023 Brian Masney <bmasney@redhat.com> - 059-8
- Backport fix to add the interconnect drivers
* Thu Apr 27 2023 Lukáš Zaoral <lzaoral@redhat.com> - 059-7
- migrate to SPDX license format
* Thu Apr 27 2023 Michael Hofmann <mhofmann@redhat.com> - 059-6
- Backport fix to remove dependency on multipathd.socket
* Tue Mar 14 2023 Dusty Mabe <dusty@dustymabe.com> - 059-5
- feat(network): include 98-default-mac-none.link if it exists
* Thu Mar 09 2023 Pavel Valena <pvalena@redhat.com> - 059-4
- fix(dmsquash-live): restore compatibility with earlier releases
- Re-add overlayfs module (drop patch 1934)
- revert(network-manager): avoid restarting NetworkManager
* Fri Feb 24 2023 Pavel Valena <pvalena@redhat.com> - 059-3
- fix(dracut.sh): handle --kmoddir with trailing /
* Tue Feb 21 2023 Pavel Valena <pvalena@redhat.com> - 059-2
- Revert: PR#1934 add overlayfs module
* Mon Feb 13 2023 Pavel Valena <pvalena@redhat.com> - 059-1
- Update to 059
- feat(dracut.sh): option to skip creating initrd
- feat(kernel-modules): driver support for macbook keyboards
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 057-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sun Nov 13 2022 Davide Cavalca <dcavalca@fedoraproject.org> - 057-5
- Backport fix to add sysctl to initramfs to handle modprobe files
* Sat Oct 15 2022 Neal Gompa <ngompa@datto.com> - 057-4
- Backport dmsquash-live-autooverlay module
* Thu Aug 25 2022 Pavel Valena <pvalena@redhat.com> - 057-3
- Re-add patch Never-enable-the-bluetooth-module-by-default-1521
- Recommend tpm2-tools package, as it's required by crypt module
* Tue Aug 16 2022 Pavel Valena <pvalena@redhat.com> - 057-2
- dmsquash-live-root: Run checkisomd5 on correct device
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 057-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jul 18 2022 Pavel Valena <pvalena@redhat.com> - 057-1
- Update to 057
* Tue Apr 19 2022 Kevin Fenzi <kevin@scrye.com> - 056-2
- Add already upstream patch to change dracut-initramfs-restore to hopefully not break oz/composes
* Thu Mar 03 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 056-1
- Update to 056
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 055-8.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Mon Dec 20 2021 Hans de Goede <hdegoede@redhat.com> - 055-8
- Backport upstream changes for drm-privacy screen support in kernel >= 5.17
* Thu Nov 4 2021 Jeremy Linton <jeremy.linton@arm.com> - 055-7
- Backport Upstream: 15398458 fix(90kernel-modules): add isp1760 USB controller
* Tue Oct 26 2021 Olivier Lemasle <o.lemasle@gmail.com> - 055-6
- Backport PR #1611 to fix network manager when console is not usable
* Mon Oct 18 2021 Adam Williamson <awilliam@redhat.com> - 055-5
- Backport PR #1584 to fix missing block drivers, boot in EC2 (#2010058)
* Wed Oct 06 2021 Peter Robinson <pbrobinson@fedoraproject.org> - 055-4
- Add USB Type-C to fix display/input/storage attached via it (rhbz #1964218)
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 055-3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jul 09 2021 Dusty Mabe <dusty@dustymabe.com> - 055-3
- Fixes for NM running via systemd+dbus in the initramfs
- Drop requirement on deprecated systemd-udev-settle
* Thu Jun 10 2021 Adam Williamson <awilliam@redhat.com> - 055-2
- Never include bluetooth module by default (rhbz 1964879) (workaround)
* Thu May 27 2021 Harald Hoyer <harald@redhat.com> - 055-1
- version 055
- install the missing fsck utils
* Fri May 21 2021 Harald Hoyer <harald@redhat.com> - 054-12.git20210521
- fix `get_maj_min` for kdump
- suppress hardlink output
- sane default --kerneldir for dracut-install
- squash: don't mount the mount points if already mounted
* Tue May 18 2021 Harald Hoyer <harald@redhat.com> - 054-6.git20210518
- fix for `str_replace: command not found`
* Mon May 17 2021 Harald Hoyer <harald@redhat.com> - 054-4.git20210517
- version 054
* Thu Apr 22 2021 Peter Robinson <pbrobinson@fedoraproject.org> - 053-5
- Backport: fix(90kernel-modules): add watchdog drivers for generic initrd (rhbz 1592148)
* Mon Apr 19 2021 Dusty Mabe <dusty@dustymabe.com> - 053-4
- Backport: fix(dracut-logger.sh): double dash trigger unknown logger warnings during run
- Backport: fix(network-manager): nm-run.service: don't kill forked processes
- Backport: fix(network-manager): only run NetworkManager if rd.neednet=1
- Backport: fix(network-manager): use /run/NetworkManager/initrd/neednet in initqueue
* Mon Apr 19 2021 Adam Williamson <awilliam@redhat.com> - 053-3
- Fix removal of key system files when kdump enabled (thanks kasong) (#1936781)
* Thu Apr 08 2021 Adam Williamson <awilliam@redhat.com> - 053-2
- Backport upstream change reported to fix boot on some encrypted LVM setups (#1946074)
- fix(dracut.sh): handle imagebase for uefi
- fix(dracut.sh): use gawk for strtonum
- fix(rngd): install system service file
- fix(nvmf): nvme list-subsys prints the address using commas
- fix(nvmf): don't try to validate network connections in
- fix(nvmf): no need to load the nvme module
- fix(nvmf): don't create did-setup file
- fix(nvmf): don't use "finished" queue for autoconnect
- fix(nvmf): make sure "rd.nvmf.discover=fc,auto" takes
- fix(nvmf): avoid calling "exit" in a cmdline hook
- fix(nvmf): run cmdline hook before parse-ip-opts.sh
- feat(nvmf): set rd.neednet=1 if tcp records encountered
- fix(nvmf): install 8021q module unconditionally
- fix(nvmf): support /etc/nvme/config.json
- feat(nvmf): add code for parsing the NBFT
* Tue May 30 2023 Pavel Valena <pvalena@redhat.com> - 057-22.git20230530
- fix(lvmthinpool-monitor): activate lvm thin pool before
* Tue Feb 14 2023 Pavel Valena <pvalena@redhat.com> - 057-21.git20230214
- fix(network-manager): allow running nm-run.sh multiple times
* Tue Dec 13 2022 Pavel Valena <pvalena@redhat.com> - 057-20.git20221213
- refactor(url-lib): write curl output directly to file
- fix(dracut-initramfs-restore.sh): initramfs detection not
- fix(90kernel-modules): install blk modules using symbol
- fix(squash): build ld cache for squash loader
- test(16-DMSQUASH): make it pass on arch
- feat(dmsquash-live): add new dmsquash-live-autooverlay module
* Tue Aug 16 2022 Pavel Valena <pvalena@redhat.com> - 057-13.git20220816
- fix(kernel-modules): always include nvmem driver on
- fix(drm): add video drivers needed on hyper-v and similar
- fix(skipcpio): ignore broken pipe
* Thu Jul 21 2022 Pavel Valena <pvalena@redhat.com> - 057-10.git20220721
- fix(dracut.sh): do not fail on irregular files
- fix(98dracut-systemd): partly revert "emergency mode: use
* Mon Jul 18 2022 Pavel Valena <pvalena@redhat.com> - 057-6.git20220718
- Upgrade to Dracut version 057
* Wed Feb 16 2022 Pavel Valena <pvalena@redhat.com> - 055-30.git20220216
- fix(shutdown): be robust against forced shutdown
- 95resume: only exclude this module, when swap is netdev
- fix(qeth_rules): check the existence of
- fix(fips): handle s390x OSTree systems
- fix(network): add errors and warnings when network interface
- fix(url-lib): make pre-pivot hook separetely per
- fix(dracut-shutdown): add cleanup handler on failure
- fix(multipath): get config. dir from configuration
- Do not use recommends for base packages
- 95nfs: set correct ownership and permissions for statd
* Tue Aug 24 2021 Lukas Nykryn <lnykryn@redhat.com> - 055-10.git20210824
- 95resume: always install this module
* Thu Aug 12 2021 Lukas Nykryn <lnykryn@redhat.com> - 055-9.git20210812
- fix(kernel-modules): add blk_mq_alloc_disk and
- fix(network-manager): check for nm-initrd-generator in both
- fix(cms): reload NetworkManager connections
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 055-6.git20210709.1
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Jul 09 2021 Lukas Nykryn <lnykryn@redhat.com> - 055-6.git20210709
- fix(network-manager): don't pull in systemd-udev-settle
- fix(dracut.sh): handle '-i' option to include files beginning with '.'
- fix(dracut.sh): handle symlinks appropriately while using '-i' option
- fix(squash): create relative symlinks
- feat(squash): install umount util
* Tue Jun 01 2021 Lukas Nykryn <lnykryn@redhat.com> - 055-1.1
- rebase
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 053-1.1
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Feb 23 2021 Harald Hoyer <harald@redhat.com> - 053-1
- version 053

Write Preview
Loading…
Cancel
Save