also fixup the logic what and when to mount.
first initramfs/etc/fstab is mounted
$NEWROOT/etc/fstab.sys takes precendence over initramfs/etc/fstab.sys
If symlink is yet alone in target directory, inst_symlink will fail to
create it. This is how to reproduce the bug:
# mkdir /tmp/test
# ln -s /bin/cp /tmp/test/cp
# ./dracut -l -f -H /tmp/test.img -I /tmp/test/cp
Result:
[...]
I: *** Including modules done ***
ln: failed to create symbolic link
`/var/tmp/initramfs.Z5isVu//tmp/test/cp': No such file or directory
ln: failed to create symbolic link
`/var/tmp/initramfs.Z5isVu//tmp/test/cp': No such file or directory
I: Wrote /tmp/test.img:
[...]
Following patch creates directory for the symlink if it doesn't exist.
"export -n" is a bash extension, not part of POSIX, and is hence
incompatible with the busybox shell.
This was breaking boot when the busybox module was used.
Reimplement the scope change in a few lines of standard shell code.
wait_for_loginit does set +x (to turn off debugging temporarily), but
sometimes it would return before turning it back on. Move the set +x
line to fix that, then use 'setdebug' to make sure we don't turn it back
on unless it was needed.
live.updates allows you to specify the URL for an "updates image" that
should be applied to the live runtime before switch_root.
The URL can be anything supported by url-lib (http, https, ftp, possibly
nfs) and the image can be anything supported by img-lib (xz/gzip
compressed cpio/tar, uncompressed cpio/tar, filesystem image, etc.)
For curl_fetch_url (http/https/ftp):
- use --progress-bar (the output is less messy)
- print the URL we're fetching so the user know's what's happening
For curl and nfs:
- don't echo the filename if it was provided by the user
The "online" hook runs whenever a network interface comes online (that
is, once it's actually up and configured).
The initqueue --env argument is used to set "$netif" to the name of the
newly-online network interface.
Add new functions: all_ifaces_up, get_netroot_ip, ip_is_local, ifdown,
setup_net, set_ifname, ibft_to_cmdline
Use them in netroot.sh and parse-ip-opts.sh.
There's also a couple little unrelated cleanups.
Since cp won't copy a directory over a symlink, any updates that were
supposed to go into e.g. /lib would get dropped if you had /updates/lib
as an actual directory, but the target system had /lib->/usr/lib.
As described in https://bugzilla.redhat.com/show_bug.cgi?id=541410#c2,
if you want NetworkManager to take over an interface that you're using
for NFS root (or other network root device), you need to:
a) set UUID=<uuid> in ifcfg-<iface>, and
b) save the lease file as /var/lib/dhclient-<uuid>-<iface>.lease
This patch should make write-ifcfg handle both these things.
first check for omit, then mark the kernel module as seen
when we temporarily omit_drivers, we don't want to mark them as seen.
example: nfs.ko module in kernel-modules, but the nfs module
should be able to load it later on.
In kernel_only mode, we don't want to write /etc/cmdline.d
Correctly return the check functions, so we have a valid return of
for_each_host_dev_fs().
mdraid and dmraid functions had wrong checkings for the filesystem
type.
Due to the way the main loop runs to detect partions, the same one
might be included twice (albeit via different symlinks.
This code simply prevents the same combo being activated twice.
A better fix might simply be to not include duplicate (after
resolving symlinks) entries in the host_fs_types variable.
If you do "fetch_url $url/.somefile", fetch_url would return failure,
because "$outdir/*" wouldn't match the file.
Use ls -A (which busybox ls supports) to actually find possible dotfiles
in the created output dir.
Signed-off-by: Will Woods <wwoods@redhat.com>
commit 38164332e1 try to
disallow ssh-client install for without proper options.
But ssh-client will fail installation with --sshkey for
publickey mode
Fix it by refusing to install only when both --ctty and --sshkey
are not added in options.
Signed-off-by: Dave Young <dyoung@redhat.com>
Manually setuping nic through udev is not always done when
we want network access. Here add a function wait_for_route_ok to
wait and make sure the network is accesible
[v1 -> v2]:
Harald: don't use bash syntax
Add check for [ -n "$li" ] because `ip route show` will show nothing probably
Signed-off-by: Dave Young <dyoung@redhat.com>
img-lib handles identifying and unpacking archives (uncompressed or
compressed) and filesystem images.
Currently tar and gzip are required; cpio and xz are optional, and bzip2
is supported but unused.
Signed-off-by: Will Woods <wwoods@redhat.com>
This adds nfs_fetch_url to allow fetching arbitrary files from NFS.
This means that livenet can now run using an NFS-mounted live image,
which reduces memory usage by a lot.
Signed-off-by: Will Woods <wwoods@redhat.com>
This makes the livenetroot module use url-lib for fetching its root
image/filesystem. There's also some minor tweaks for POSIX compliance.
Signed-off-by: Will Woods <wwoods@redhat.com>
url-lib adds some functions for dealing with URLs (mostly for fetching
files, for the moment).
It uses curl to handle http/https/ftp URLs, but it can be extended by other
modules at runtime by using the "add_url_handler" function.
Signed-off-by: Will Woods <wwoods@redhat.com>
nfs-lib.sh contains a bunch of functions used to parse NFS "url"s of
various types, pull nfs information out of dhcp info, and actually
perform nfs mounts sanely.
Signed-off-by: Will Woods <wwoods@redhat.com>
net-lib.sh is a library of useful functions for network stuff.
More things may get added/moved here in the future.
Signed-off-by: Will Woods <wwoods@redhat.com>
if you add realinitpath="<path1> <path2>" to dracut.conf, then it will
be written to $initdir/etc/cmdline.d/distroinit.conf with
"rd.distroinit=<path1> rd.distroinit=<path2>" and evaluated by
99base/init, when it searches for init.
Current dracut network only will be setup when netroot is used. But there are
some cases we need network even without netroot. For example kdump will need
copy vmcore to remote machine via scp or nfs mount. OTOH, if we use dracut as
a recovery system the network is helpful even root is not a network device.
This implementation is based on the manually bring up method. Here add a kernel
cmdline argument rd.neednet. If rd.neednet is set dracut will bring up network
with ifup $INTERFACE -m. If netroot is used we still keep original behavior.
Signed-off-by: Dave Young <dyoung@redhat.com>
fstab-sys will mount nonroot nfs as well, so we need to split the necessary
code from nfsroot to start rpc daemon as hook script.
Signed-off-by: Dave Young <dyoung@redhat.com>
If /etc/fstab.sys does not exist installing fstab-sys module will fail.
Fix this by checking use_fstab and fstab_lines as well
Signed-off-by: Dave Young <dyoung@redhat.com>
For kdump we need scp vmcore to remote machine, the nic to be used is
not limited to netroot one. we need a feature for manually bringing up
network interface. Also it is useful for emergency shell with
ssh-client for recovery or test purpose
I implement this by adding one argument to ifup script, user can use
`/sbin/ifup eth0 -m` to bring up eth0, note ifup will regard it a
manual operation for the nic specified in 1st argument if there's
the 2nd argument.
If same nic is used for netroot the 2nd argument will be ignored,
in this case we will leave netroot bring up it automatically to
avoid side effect. And in this case hooks such as kdump will need to
execute after netroot mounted.
`ifup eth0 -m` will create /tmp/net.eth0.manualup stamp file,
later dhclient-script can check this and pass $2 to netroot,
then netroot script will bring eth0 up
Thanks for comments and suggestions from David Dillow.
Signed-off-by: Dave Young <dyoung@redhat.com>
The line "source_all netroot" was trying to source netroot hooks from
/netroot, which doesn't exist, so netroot hooks were never executed.
Signed-off-by: Will Woods <wwoods@redhat.com>
This patch fixes the following error when building rpm,
error: Installed (but unpackaged) file(s) found:
/usr/lib/dracut/modules.d/95ssh-client/module-setup.sh
Based on my kdump tree.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
When booting with nfsroot, dracut doesn't necessarily set the initial
hostname correctly.
According to dhcp-options(5), the name may or may not be qualified with
the local domain. It goes on to say "it is preferable to use the
domain-name option to specify the domain name".
So dhclient-script needs to be able to handle the cases: a) where
host-name is fully qualified and domain name is also specified; b)
where hostname is fully qualified and the domain is not separately
specified; c) where host-name is "short" and domain-name is also
specified; and d) do its best where host-name is short but domain-name
is not specified.
The dhclient-script in initramfs does not handle case "c", apparently
the preferred situation properly, setting hostname to "short".
https://bugzilla.redhat.com/show_bug.cgi?id=756347
The F16 installation image is two concatenated cpio images:
[xz-compressed dracut initramfs][uncompressed cpio with /squashfs.img]
So to show the contents, use xz with the "--single-stream" option.
https://bugzilla.redhat.com/show_bug.cgi?id=742299
This rewrites a portion of the module to support xz, as well as allow
an easier expansion should future compression methods for kernel
modules ever materialize.
Add ssh client module which support ssh key mode and interactive mode.
with --sshkey option you can provide the ssh key to be installed
>why not call it "ssh" module?
ssh-client is better, maybe future there will be ssh-server come in.
In debian these are also two different packages.
Usage:
1. sshkey mode:
transfer your public key to remote machine with ssh-copy-id or do it mannaully
example of options:
./dracut -l -H -a ssh-client --sshkey /root/.ssh/id_rsa i.img
2. interactive mode:
need use --ctty option, ie.:
./dracut -l -H -a ssh-client --ctty i.img
[v2 changes]:
per wangcong: add patch description about module name
add help line in usage()
remove useless comment
Signed-off-by: Dave Young <dyoung@redhat.com>
Option --ctty will optionally add setsid binary to dracut's image.
During runtime, if rd.ctty is set and is a character device,
emergency shells will be spawned with job control.
in case no ctty was provided, shell was spawned without caring about
/dev/console. Also, the ctty is more opportunistic. If the image was
generated with --ctty, we will fallback to /dev/tty1 if rc.ctty is
invalid or missing. Otherwise we spawn standard shell on /dev/console
[dyoung@redhat.com: Rebased to usrmove branch]
Signed-off-by: Michal Soltys <soltys@ziu.info>
Signed-off-by: Dave Young <dyoung@redhat.com>
ssh module will need root user in /etc/passwd, so add root and nobody
to /etc/passwd in 99base instead of nfs module
Signed-off-by: Dave Young <dyoung@redhat.com>
While the documentation states that ifname MAC addresses must be
lower case, we silently accept upper case ones and fail later on
when udev doesn't rename the device.
Instead of adding sanity checking on the MAC address just convert
it to lower case and remove the requirement completely.
fstab-sys now also handles device passed by dracut argument "--mount"
The "--mount" mount point is possible not exist in $NEWROOT. Thus mount it
in initramfs if mount point is not exist in real rootfs
It is useful to know that loop device that the live image's / is mounted
from. Make a /run/initramfs/live-baseloop symlink that points to it.
Edited-By: harald@redhat.com: changed /dev/live-baseloop
to /run/initramfs/live-baseloop
Like -H, we need to poll every module to check if it is needed
to mount a specific device in '--mount'.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Don't force --mount only working in hostonly mode, let users decide.
With this patch, people can still combine -H --mount '...' if they
want to use it in hostonly mode.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
When the initqueue cannot be processed, it might be about an invalid
root device (in which case a separate message produced via
wait_for_dev() should be displayed anyway), but it could also
be for any other reason (e.g. /dev/resume not existing).
Therefore, it is best to use a more generic error message.
Also a minor tab->space conversion in the near vacinity of
the real change.
This commit allows the waiting for a device to be cancelled.
When the resume partition does not exist, it becomes quite hard
to work out what to do (you have to either create the
/dev/resume symlink manually, or remove the 'finished' job
that is waiting for it). Additionally dracut incorrectly
displays a message about not being able to find the root
device, which is bogus and misleading.
This commit should just bail on the whole resume thing
if the device cannot be found and proceed with a normal boot.
This should fix initial initrd generation during install.
If the modules are not desired to be used, the nokmsboot kernel
command line should disable them.
--add-fstab [FILE] Add file to the initramfs fstab
--mount "[DEV] [MP] [FSTYPE] [FSOPTS]"
Mount device [DEV] on mountpoint [MP] with filesystem
[FSTYPE] and options [FSOPTS] in the initramfs
inst_mount_hook <mountpoint> <prio> <name> <script>
Install a mount hook with priority <prio>,
which executes <script> as soon as <mountpoint> is mounted.
add_mount_point <dev> <mountpoint> <filesystem> <fsopts>
Mount <dev> on <mountpoint> with <filesystem> and <fsopts>
and call any mount hooks, as soon, as it is mounted
Since the initramfs generation is done in %postrans of the kernel rpm,
we can drop all hard requirements.
Also make some requirements a conflict to express the version
dependency.
Determine devices and filesystems to be included in the host-only
initramfs image.
To get a minimal initramfs, which can mount
/
/etc
/usr
/usr/bin
/usr/sbin
/usr/lib
/usr/lib64
/boot
we look in fstab for the corresponding devices and determine their and
their slaves' filesystem type and put all that in $host_fs_types
and $host_devs.
Unlike "ifconfig", the "ip" command does not set a broadcast address
unless explicitly requested.
add "brd +" to make "ip" calculate the broadcast address on the fly
To start bnx2fc, we need to run fipvlan only and not dcbtool. DCBX is run
automatically in the hardware, but VLAN discovery needs to be started by
fipvlan.
https://bugzilla.redhat.com/show_bug.cgi?id=736094
The dm module, which lvm and dmraid depend on, installed dmraid
shared libs. The lvm module installed udev rules, which were
already installed by the dm module.
Cleaned up those issues.
The kernel's primary console device is determined by the last "console="
argument on the kernel command line. This setting should be respected by
dracut-generated initial RAM disks.
Steps to Reproduce:
(Easiest using a KVM VM, virt-manager and "virsh console")
1. Boot with a kernel command line ending in
console=tty0 console=ttyS0,115200
2. Observe both tty0 and ttyS0.
The output of init scripts is sent to ttyS0, as the final "console="
argument determines the primary console device as per
Documentation/serial-console.txt in the kernel sources.
https://bugzilla.redhat.com/show_bug.cgi?id=752073
inst_script checks for a shebang, if it doesn't exist it exits.
If it does it should not be calling inst_binary, it should call
inst_simple like it used to.
The Xen module is unnecessary and it has been for a while.
Most Xen systems will not be using the module, even now, because
xen-detect is not installed by default on most Xen systems, and
dracut uses xen-detect to decide whether to include the module.
It also has some problems:
1) it does not try loading xen_platform_pci;
2) it loads modules unnecessarily; modules.alias is where all Xen support
should reside. Assuming xenbus_probe_frontend and xen_platform_pci
are loaded so that Xen devices are probed, other modules are picked up
automatically thanks to aliases such as
alias xen:vbd xen_blkfront
3) Even not-so-recent kernels (say 2.6.32) require the xen_platform_pci
and xenbus_probe_frontend modules even for non-paravirtualized guests.
60xen/module-setup.sh picks the module only for PV guests.
So, just require xenbus_probe_frontend to be builtin, and also
xen_platform_pci for fully-virtualized guests, and remove the module.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
- in 10i18n - do stty -iutf8 on non-utf8 consoles, for consistency with
iutf8 on utf8 ones
- vim modeline in xml file
Signed-off-by: Michal Soltys <soltys@ziu.info>
The "read" shell builtin consumes backslashes, which is a problem if
your root device is something like "LABEL=Fedora\x2016".
Using "read -r" tells the shell to leave backslashes alone.
This patch replaces:
- {var}>... redirections with functionally identical eval construct +
explicit FDs
- ^^ and ,, case modifiers with temporary shopt
This allows us to lower minimum required bash version
to at least 3.1 (with current code).
Signed-off-by: Michal Soltys <soltys@ziu.info>
mostly with reference to earlier commit:
- bash doesn't need unsetting locals
- make normalize_path() a bit faster, also make sure we remove all
trailing slashes
- normalize paths before tests
Signed-off-by: Michal Soltys <soltys@ziu.info>
in dracut.conf:
fscks="<tools>"
nofscks="yes"
and similary on command line:
--fscks [LIST] (in addition to conf's, if defined there)
--nofscks
Signed-off-by: Michal Soltys <soltys@ziu.info>
- IFS was not preserved, and modified value could leak to outside functions
- the '.' relative path should be returned for arguments such as /x/y/z
/x/y - but not for $1 == $2 ones
- $1 == $2 is self-looping link, so it returns final component of its
name
Signed-off-by: Michal Soltys <soltys@ziu.info>
in slackware the default mktemp is not from coreutils.
A simply make in test directory mangled my rootfs due
to initdir is blank
Also mktemp could failed with other reason like ENOSPC or EPERM
In
commit fd786adcf5
Author: Harald Hoyer <harald@redhat.com>
Date: Wed Apr 20 16:47:40 2011 +0200
dracut: make prefix configurable
Harald changed the meaning of --prefix/--noprefix, but
forgot to update their documentation. This patch
fixes that.
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
Filtering modules requires enough work that instmods() in the
next pipeline stage was rarely busy. Parallelize the two
filters which do the most work. Also fix a filename-vs-contents
mistake in net_module_filter.
--
John Reiser, jreiser@BitWagon.com
>From f4533a2ceca52c443ddebec01eeaa35d51c39c1b Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Tue, 13 Sep 2011 17:41:43 -0700
Subject: [PATCH 1/3] Parallelize block_module_filter
Bash shell expands all ${parameter} before evaluating a command.
For multiple declarations and assignments within the same 'local' command,
then new variables or new values that appear towards the left
do not affect parameter expansion towards the right.
--
John Reiser, jreiser@BitWagon.com
>From 507ad6f66fc66f868a9e5fdd3806e012c4022baa Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Fri, 23 Sep 2011 07:37:43 -0700
Subject: [PATCH] Parameter expansion occurs before command evaluation.
${parameter} on the right is expanded before evaluating "local var=value"
on the left.
ID_FS_TYPE can be much more than just ddf/imsm/linux raid member, so
do the proper checks.
This reverts certain changes from:
cf5891424e
Signed-off-by: Michal Soltys <soltys@ziu.info>
Whitespace removal in:
out="${out}${chop# }$r"
will damage certain strings, for example the following call:
str_replace ' aax aaxaa' x y
would return 'aayaayaa' instead of ' aay aayaa'.
Signed-off-by: Michal Soltys <soltys@ziu.info>
Reworked the flow of the rules file a bit, removed redundant tests, also
should be easier to follow. It's much shorter now as well, a bit more
similar to 90lvm script - both revolve around same concepts after all.
There's no reason to treat conf-assembled arrays differently from
incremental ones. Once we hit timeout in init's udev loop, we can use
common script (mdraid_start.sh) to try force inactive arrays
into degraded mode.
md-finished.sh was kind-of out of place - it didn't really wait for any
particular device(s) to show up, just watched if onetime mdadm scripts
are still in place. Furthermore, after moving mdraid_start to --timeout
initqueue, it didn't really have too much to watch at all, besides
mdadm_auto (and that served no purpose, as we do wait for concrete
devices).
Either way, with stock 64-md fixes, current version of 65-md*.rules does
the following:
- limits assembly to certain uuids, if specified
- watch for no ddf/imsm
- if mdadm.conf => setup onetime -As script, without forced --run option
- if !mdadm.conf => incrementally assemble
- for both cases, setup timeout script, run-forcing arrays as a last resort
Signed-off-by: Michal Soltys <soltys@ziu.info>
1) mdadm -As --auto=yes --run 2>&1 | vinfo (removed)
Currently such auto assembly will not complete or force-run partially
assembled arrays. It might assemble "concurrent" separate array and
force-run it, if possible (though the chances of suddenly showing
missing components in this scenario - a script run after udev timeout -
are pretty thin). See [1] for details. Also see #3 below.
2) mdadm -Is --run 2>&1 (removed)
This will only force-run native arrays - arrays in containers will not
be affected. See [1] for details. Also see #3 below.
3) mdadm -R run loop (implicitly handles #1 & #2)
This loop does everywthing that #1 & #2 are expected to do. Thus, the
above invocations are simply redundant and this is the most safe and
flexible option.
Also, it shouldn't be necessary to go under md/ directory, as those are
just symlinks to /dev/md[0-9]*.
Certain checks were changed to strict ones (array state, degraded state)
instead of relying on env tricks.
'cat' was added explicitly to installed programs (it has been used
implicitly in shutdown script either way)
4) mdmon bug
See [1] for details as well. In short - force-run arrays in containers
will not have mdmon started, so we do that manually.
5) stop/run queue magic
Also removed. mdadm -R will only cause change events to the array
itself, and they should not be an issue.
[1] http://article.gmane.org/gmane.linux.raid/35133
Signed-off-by: Michal Soltys <soltys@ziu.info>
Stop both arrays (first pass) and containers (second pass).
Loop only over /dev/md[0-9]*
Call cleanup script only once, make sure it's after crypt cleanup.
Signed-off-by: Michal Soltys <soltys@ziu.info>
Remove whole "start a container logic".
Containers once assembled, always remain in 'inactive' state.
Any attempt to run a container with mdadm -IR is a no-op, and any
attempt with just mdadm -R ends with an error.
Signed-off-by: Michal Soltys <soltys@ziu.info>
Currently shipped mdadm rules incrementally assemble all imsm and native
raids, and do so unconditionally. This causes few issues:
- fine-grained controls in 65-md* are shadowed - for example,
mdadm.conf's presence tests or uuid checks
- 90dmraid might also conflict with 90mdraid, if user prefers the former
to handle containers
- possibly other subtle issues
This patch adjusts the behaviour.
Signed-off-by: Michal Soltys <soltys@ziu.info>
Use bash "[[ string =~ pattern ]]" instead of "egrep -q".
Replace control-dominated serial fondling
for var in $(proc1); do proc2 var; done
with data-dominated parallel pipeline
proc1 | while read var; do proc2 var; done
Together this is a large savings.
[harald@redhat.com: fixed network kernel module filter]
The local variable _mpargs in function instmods() in file dracut-functions
looks peculiar. The documentation is non-existent, but still ...
First, $_mpargs is not passed to modprobe via for_each_kmod_dep.
This is strange because my guess is that "_mpargs" means
"extra arguments for modprobe".
Second, the leading "--" will be lopped when a leading pathname
is stripped via
_mod=${_mod##*/}
It seems to me that a leading "--" should inhibit modification.
Here's the corresponding patch to current HEAD (from dracut-013.)
This asks for the luks passphrase if key is not found for defined time (if defined with rd.luks.tout cmd line):
modules.d/90crypt/cryptroot-ask.sh | 21 ++++++++++++++++++---
modules.d/90crypt/parse-crypt.sh | 5 +++--
2 files changed, 21 insertions(+), 5 deletions(-)
If we're about to start a Live image (i.e. if /dev/mapper/live-rw
exists) this script will take any files found in /updates (inside the
initramfs!) and and copy them into $NEWROOT.
This allows for hotfixes to be applied to existing Live images without
rebuilding the entire image.
Signed-off-by: Will Woods <wwoods@redhat.com>
Currently dmsquash-live-root requires that squashfs images be named
"squashfs.img" and all others be "ext3fs.img" or "rootfs.img".
If we've got a live image in initramfs, this patch will make dracut use
losetup and det_fs to determine the actual filesystem type of the image.
Signed-off-by: Will Woods <wwoods@redhat.com>
- use last ro/rw cmdline arg rather than favoring 'rw' over 'ro'
- don't bother with useless RES variable for holding $?
- only do fs check when $livedev is a block device
Signed-off-by: Will Woods <wwoods@redhat.com>
This patch adds a new option --force-add, which
can force dracut to load some module when -H
is specified.
Signed-off-by: Amerigo Wang <amwang@redhat.com>
fsck_single() operates directly on the device, so fstab is not
necessary. fs-lib functions make sure fscks don't complain.
Code is only commented out just in case I missed something.
To not pollute dracut-lib.sh, all the fsck related functions were moved
to fs-lib.sh. The functions available are as follows:
- fsck_single
this will detect/verify filesystem, check if it has necessary tools and
check the filesystem respecting additional flags (if any), using
specific "driver" (or falling back to generic one). Currently
available: fsck_drv_{com,xfs,std}. 'com' is used for tools following
typical subset of options/return codes (e.g. ext, jfs), 'std' is used
for "unknown" fs and doesn't assume it can be run non-interactively.
Please see comments around the code for more info.
- fsck_batch
this will check provided list of the devices;
Both of the above functions will fake empty fstab, to make generic fsck
not complain too much (excact devices are always provided on the command
line).
"Known" filesystems currently: ext234, reiser, jfs, xfs
- det_fs
Small bug fixed - as this function is meant to be called in $(), it may
not be verbose.
Current behaviour is:
- if detection is successful, use its result
- if detection is not successful, and filesystem is provided, return
the provided one; otherwise use auto
Previously, '-a' was added for ext[234] filesystems if other
conflicting flag were not present. It's being done automatically
in fsck_drv_com() now (also for jfs and reiser).
The livenet module allows you to use a root arg like:
root=live:http://server.name/path/to/live.img ip=dhcp
The named live image will be downloaded with wget and then set up as the
root device.
It currently supports FTP, HTTP, and HTTPS. dracut will try to install
the CA bundle (/etc/ssl/certs/ca-bundle.crt) into the initramfs so that
SSL certificate checking will work properly.
If an HTTPS URL is given and the site fails the certificate check, the
file will be rejected and the system will not boot into it.
Signed-off-by: Will Woods <wwoods@redhat.com>
if a value of a key on the kernel command line includes wildcards, these
would be expanded.
E.g., if you have "key=/dev/sd*" the value would be substituted with
"/dev/sda /dev/sda1 /dev/sda2" instead of returning "/dev/sd*"
The script that was generated always returned the status of the last test
condition, potentially missing any earlier non-existing devices.
The change assures, that the script returns 0 only if all expected
devices are found.
Signed-off-by: Michal Soltys <soltys@ziu.info>
This module mounts an eCryptfs filesystem from the initial ramdisk using an
encrypted key.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
This module initializes the EVM software and permits to load a custom IMA
policy.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
This module initializes a trusted/user kernel master key that will be used
to decrypt other encrypted keys.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
Mount the securityfs filesystem and make available its location through the
exported variable SECURITYFSDIR.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
Currently in dracut busybox module, we hard-code the list of binaries
available in busybox. Actually we can get this list by running busybox
without any arguments.
Also, if find_binary() finds nothing, we would symlink $initdir/
which is not we expect.
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
As Ray Strode explains, plymouth --has-active-vt may fail if the user
passes console=ttyS0 or something other not corresponding to
console=tty0, because plymouth is outputing to the serial console and
not a VT in this case.
In the initrd, the init script and the sbin/cryptroot-ask script use
flock with different lock files for the console: /.console_lock and
/.console.lock respectively
Use common fsck and det_fs code. Verify filesystem type more
aggressively, which has a chance to be more resistant to
accidental mistakes.
Also, there's no need to generate custom fstab for the sake of fsck
anymore.
Signed-off-by: Michal Soltys <soltys@ziu.info>
This patch mainly adds fsck functionality to fstab-sys, with additional
sanity checks (checking for device existence, verifying fstype via
det_fs).
Signed-off-by: Michal Soltys <soltys@ziu.info>
Both functions will be used by rootfs-block and fstab-sys modules.
Both are based on code present in mount-root.sh, though few changes are
present.
det_fs:
will try to determine filesystem type for supplied device, even if it's
not auto. If fs cannot be detected, or if the detected one differs from
the supplied one - a warning is issued (so user can fix its stuff later)
wrap_fsck:
will call fsck for specific device with optionally additional
fsckoptions. The function returns fsck return value.
Signed-off-by: Michal Soltys <soltys@ziu.info>
If /proc/cmdline is empty (like if root=... is set in /etc/cmdline),
modules.d/99base/init will crash with a message saying "can't shift that
many" right before switch_root. The problem is in the block of code that
tries to look for init args. It does something like:
read CMDLINE </proc/cmdline
[...]
set $CMDLINE
shift
If CMDLINE="" then "set $CMDLINE" will dump all the variables to stdout.
(That should be "set -- $CMDLINE" instead.) Since there's no $1, the
"shift" causes an error, and dracut crashes.
The 'shift' was copy-and-pasted from the previous block. It doesn't
belong here; remove it.
[Harald Hoyer <harald@redhat.com>: corrected commit message]
[Harald Hoyer <harald@redhat.com>: fixed indention]
Signed-off-by: Will Woods <wwoods@redhat.com>
This update adds support for sort-of corner case - when explicitly
specified binary (e.g. through dracut_install or inst) is a library
itself.
In such case, we would expect the binary to undergo typical
library-related handling (symlinks and such).
Apart from that, the patch cleans indenting and a few unused variables
in inst_binary() (probably leftovers from the past ?)
Signed-off-by: Michal Soltys <soltys@ziu.info>
- also support FIPS on separate LVM partition
- use small settle loop to get /boot
- "set -e" has no effect, if we use "||"
- make fips work with encrypted root and seperate boot
- moved to pre-pivot to support /boot in /
Given that we boot into a modern Linux distribution with the "/run" toplevel
directory, we can easily mount move the whole /run directory to the real
root in the end and have the complete initramfs later on in
/run/initramfs. All log files and /run states are still accessible and
to save space /run/initramfs can be removed later on.
Because the kernel does not mount a tmpfs on /run prior to unpacking the
initramfs cpio image, we have to copy ourselves very early to a tmpfs
and mount it on /run.
Due to lazy umount the old initramfs binaries should
be removed in the end by switch_root.
This feature can be turned on with "--prefix".
Fixes long-standing FIXME
Latest isomd5sum added an option to abort media check with ESC key,
but that key is taken by plymouth for switching to the detailed log
messages, making it impossible to abort checkisomd5.
Tested in text mode.
While on some systems (like Fedora) rpc_pipefs is mounted
automatically when sunrpc module is loaded, on Debian based systems it
needs to be mounted manually.
When '' was passed as outfile, dracut generated name with following
pattern:
/boot/initramfs-${kernel}.img
With commit 486a1b9324 dracut skips ''
argument.
This patch fixes a handful of ${#VAR[@]} tests, which can't be evaluated
as text expressions - the results is always true in such case, because
"0" is non-empty string.
Signed-off-by: Michal Soltys <soltys@ziu.info>
-v meaning has changed. Now it increases verbosity level. -q option has
been added, which decreases verbosity level. Both options might be
specified multiple times.
As mentioned in kernel/Documentation/xz.txt:
...
Notes on compression options
Since the XZ Embedded supports only streams with no integrity check
or CRC32, make sure that you don't use some other integrity check
type when encoding files that are supposed to be decoded by the
kernel. With liblzma, you need to use either LZMA_CHECK_NONE or
LZMA_CHECK_CRC32 when encoding. With the xz command line tool, use
--check=none or --check=crc32.
Using CRC32 is strongly recommended unless there is some other layer
which will verify the integrity of the uncompressed data anyway.
...
Moved dlog() to _do_dlog() and created dlog() which reads from stdin if
no arguments (except the loglevel) are given.
This enables e.g.:
dwarn "This is a warning!"
echo "This is a warning!" | dwarn
It's dash compatible to be used also at boot-time. For now it's included
by dracut-functions and replaces functions: dinfo(), dwarning() and
derror(). New options are introduced: -L|--stdlog, and -q|--quiet to
control stderr verbosity. Logging to file or syslog may be controlled by
options set in config file.
Note that code is not adjusted to the meaning of the new logging
functions, yet.
Doxygen formatted documentation (as a proposal, by the way) is included
in dracut-logger.
Every image gets handled the same way regardless of filesystem, so
let's use a filesystem-neutral name (rather than adding new
lines for every fstype anyone might want to use).
Otherwise there is no way to skip pasword prompt. --has-active-vt
seems to correctly catch also the case when plymouthd is started
but splash is disabled.
Signed-off-by: Andrey Borzenkov <arvidjaar@gmail.com>
These parameters can now be specified multiple times:
-a|--add
--add-drivers
-m|--modules
-o|--omit
-d|--drivers
--filesystems
-I|--install
--fwdir
-i|--include
This adds the following parameters:
rd.caps=1
turn the caps module on/off
rd.caps.initdrop=cap_sys_module,cap_sys_rawio
drop the specified comma seperated capabilities
rd.caps.disablemodules=1
turn off module loading
rd.caps.disablekexec=1
turn off the kexec functionality
If module loading is turned off, all modules have to be loaded in the
initramfs, which are used later on. This can be done with
"rd.driver.pre="
rd.driver.pre=autofs4,sunrpc,ipt_REJECT,nf_conntrack_ipv4,....
Because the kernel command line would get huge with all those drivers, I
recommend to make use of $initramfs/etc/cmdline.
So, all rd.caps.* and rd.driver.pre arguments are in caps.conf can be
copied to $initramfs/etc/cmdline with "-i caps.conf /etc/cmdline".
Also all modules have to be loaded in the initramfs via "--add-drivers".
The resulting initramfs creation would look like this:
--add-drivers "autofs4 sunrpc ipt_REJECT nf_conntrack_ipv4 \
nf_defrag_ipv4 iptable_filter ip_tables
ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack
ip6table_filter ip6_tables dm_mirror dm_region_hash dm_log uinput ppdev
parport_pc parport ipv6 sg 8139too 8139cp mii i2c_piix4 i2c_core ext3
jbd mbcache sd_mod crc_t10dif sr_mod cdrom ata_generic pata_acpi ata_piix
dm_mod" \
/boot/initramfs-caps.img
We want all "/var/run" information to live in /dev/.run, until the real
root is mounted.
Therefore we mount a tmpfs on /dev/.run, which can/will be bind/move mounted
on /var/run later on.
This allows creation of initramfs images which contain a Live system.
The primary use for this is keeping very large initramfs-based systems
(e.g. anaconda, the Fedora installer) compressed in-memory, by using a
compressed filesystem image like squashfs or btrfs.
dmsquash-live-genrules.sh will initqueue dmsquash-live-root itself
(rather than making udev rules) if the given live "device" is actually
an existing, plain file.
parse-dmsquash-live.sh will only accept paths that end in ".img".
dmsquash-live-root will only handle images named "*squashfs.img",
"*ext3fs.img", or "*btrfs.img".
btrfsctl is being replaced by the btrfs command in the upstream
tools, so change accordingly. Also, if we're using the btrfs module
we should probably make sure the btrfs driver gets installed.
inst_dir used the following to try to resolve a relative path:
[[ $target = ${target##*/} ]] && target="${file%/*}/$target"
inst_dir $target
This will only match if $target has no slashes, so something like
/usr/bin -> ../sbin would result in: inst_dir ../sbin, or
/usr/share -> local/share would result in: inst_dir local/share
which is not going to do the right thing.
Instead, we resolve any non-absolute link, like so:
[[ $target == ${target#/} ]] && target=$(dirname "$file")/$target
Thus /usr/bin -> ../sbin results in: inst_dir /usr/../sbin, and
/usr/share -> local/share results in: inst_dir /usr/local/share
which is what you would expect.
Some versions of dash don't behave as expected with code like this:
while IFS=: read a b c; do
blah
done
Thanks to Eric Mertens who identified the issue.
The FIPS installkernel() relies on the instmods() return value. So only
return 0, if the module and its dependencies were actually installed
correctly.
Commit 172d85b9c9 caused following error:
./dracut-functions: line 307: cd: /tmp/initramfs.mP7cPY/tmp/initramfs.mP7cPY/lib64: No such file or directory
Patch removes beginning $initdir for symlink case.
Let inst_key_val usage agree with above patch :)
Also UNICODE is rather global console property, not font specific
(and if anything, is rather keyboard specific). Let it be just
vconsole.unicode
Signed-off-by: Andrey Borzenkov <arvidjaar@gmail.com>
Cc: initramfs@vger.kernel.org
In Fedora selinux is now handled by systemd. If you want to enable
selinux by default, just add it to your /etc/dracut.conf.d/01-dist.conf
with:
add_dracutmodules+=" selinux "
It happens that either due to newer modprobe or missing depmod
module-init-tools cries.
Suppressing the error ensures for a funny debug search for the user.
Resulting initramfs is generally unbootable due to missing module deps.
Better use the quiet option of modprobe itself.
It makes it less chatty, but doesn't suppress "fatal" errors.
Signed-off-by: maximilian attems <max@stro.at>
`modules.builtin.bin' is installed like a regular file, thereby ending
up in the wrong place when `--kmoddir' is in effect. Fix this by
specifying the installation destination.
New kernel argument syntax for LUKS-keydev is introduced:
rd.luks.key=<key_path>[:<key_dev>[:<luks_dev>]]
Unfolding <key_dev> in BNF:
<key_dev> ::= "UUID=" <uuid> | "LABEL=" <label> | <kname>
Where <kname> matches following regular expression:
^/dev/.*
<kname> need to be a character device and not a symlink for now.
For every rd.luks.key argument udev rule is created. That rule runs
test to check whether matching device contains <key_path>. If it does
it's applied to matching <luks_dev>.
New:
str_starts, str_replace
funiq - print new unique file name
mkuniqdir - create and print new unique dir
splitsep - splits given string 'str' with separator 'sep' into vars
udevmatch - create udev rule match for a device
Modified:
foreach_uuid_until - use $___ as a place holder
It is not clearly documented, but apparently fsck
(or, probably, getmntent) is using backslash as
escape character.
Label containing slash is converted to \x2f but '\'
is eaten by fsck later. Escape '\' before writing
into fstab.
v2:
- fix sed expression
- use printf instead of echo because echo eats '\' as well
Signed-off-by: Andrey Borzenkov <arvidjaar@gmail.com>
systemd-vconsole-setup was not designed to be run from udevd.
It checks locale environment to decide, whether UNICODE should
be enabled or disabled. Normally environment is setup by
systemd; but the only environment available in udev rules is
those from device properties. It means systemd-vconsole-setup
always assumes default C locale and disables UNICODE.
Revert to using built-in console_init which explicitly
imports locale settings from /etc/vconsole.conf. Alternative
is to revert 6545b9d7 and call console_init directly :)
Additionally patch fixes console_init to use new namespace as
well as ensures that default font is always installed.
Signed-off-by: Andrey Borzenkov <arvidjaar@gmail.com>
On the OLPC XO-1, there is a noticable delay during boot while the
initramfs is loaded from disk and uncompressed, so we have an interest
in making it small. We are also pushed for disk space.
Using busybox instead of all the regular tools saves a lot of space.
I have not tried every module but the basics are working with busybox's
replacements. Our initramfs is now down to 1.9mb.
Format:
bond=<bondname>[:<bondslaves>:[:<options>]]
bondslaves is a comma-separated list of physical (ethernet) interfaces.
options is a comma-separated list on bonding options (modinfo bonding for
details) in format compatible with initscripts.
If options include multi-valued arp_ip_target option, then its values
should be separated by semicolon.
bond without parameters assumes bond=bond0:eth0,eth1:balance-rr
Install /lib/modules/$kv/modules.builtin.bin to suppress modprobe error
messages saying module was not found, while it's built-in.
Credits go to Kay Sievers who enlighten us about meaning of this cool
file.
Let take a look at Linux sources, /usr/src/linux-2.6.35/init/main.c:
204: char * envp_init[MAX_INIT_ENVS+2] = { "HOME=/", "TERM=linux", NULL, };
857: run_init_process("/sbin/init");
817: static void run_init_process(char *init_filename)
818: {
819: argv_init[0] = init_filename;
820: kernel_execve(init_filename, argv_init, envp_init);
821: }
As we can see HOME=/ and TERM=linux are provided for init and this might be
expected on some systems (Gentoo comes to my mind, here ;-)). That's why we
should give to init the same set of env. vars as Linux kernel does.
A new dracut module to implement fstab.sys handling
This module implements fstab.sys handling. This has to happen after the root
mount and before the nfsroot-cleanup pre-pivot at least. I've made to happen at
the beginning of the pre-pivot scripts, although it should maybe be at the end
of the mount scripts. This latter would be harder to do because the actual
mount is currently done by 99mount-root.sh and there is no 2 digit integer
higher than 99 :-(
There are perhaps other ways of achieving this end, such as having the
nfsroot-cleanup trawl through the newroot's /etc/fstab and auto-magically
figure out if there are any mounts which are pre-requisites for the
/var/lib/nfs/rpc_pipefs mount and do them first. Likewise post pivot,
/etc/rc.sysinit could figure out of there are any pre-requisite mounts for
/var/lib/stateless/{writeable,state} before doing those mounts. In short, make
it the responsibility of anything doing a mount to check if there are any
pre-requisites in /etc/fstab and mount them first. However, this spreads the
changes needed over more places, so I favour the fstab.sys approach. Also, who
knows what other uses administartors may have put fstab.sys to? and this undoes
a regression caused by the move from mkinitrd to dracut.
I'm looking for a way to have a system with disposable storage that can be
rebooted and all filesystem changes are thrown away. After reboot, the system
starts with a fresh root volume again. The use case is for automated testing.
We run test scripts that could potentially not clean up after themselves.
This is almost like stateless, but the storage is local to the system (not
iSCSI, NFS or NBB).
1. Install Fedora 13 using default partition layout
NOTE: modify the layout to leave extra room in the LVM volume group
2. Apply attached patch
3. Update grub.conf to enable dracut LVM snapshot support. Add the following
boot arguments
rd_LVM_SNAPSHOT=vg_test1055/lv_snap (note the VG name will depend on your
system).
rd_LVM_SNAPSIZE= (optional, defaults to size of volume specified with by
rd_LVM_SNAPSHOT)
4. Adjust grub.conf and fstab to use LVM snapshot
$ sed -i -e 's|lv_root|lv_snap|' /boot/grub/grub.conf
$ sed -i -e 's|lv_root|lv_snap|' /etc/fstab
5. Reboot system
Expected results (no value provided for rd_LVM_SNAPSIZE):
dracut: Starting plymouth daemon
dracut: rd_NO_DM: removing DM RAID activation
dracut: rd_NO_MD: removing MD RAID activation
dracut: Removing existing LVM snapshot vg_test1055/lv_snap
dracut: Logical volume "lv_snap" successfully removed
dracut: No LVM snapshot size provided, using size of vg_test1055/lv_root (
9024.00m)
dracut: Creating LVM snapshot vg_test1055/lv_snap ( 9024.00m)
dracut: Logical volume "lv_snap" created
dracut: Scanning devices sda2 for LVM logical volumes vg_test1055/lv_root
vg_test1055/lv_swap
dracut: inactive Original '/dev/vg_test1055/lv_root' [8.81 GiB] inherit
dracut: inactive '/dev/vg_test1055/lv_swap' [1.00 GiB] inherit
dracut: inactive Snapshot '/dev/vg_test1055/lv_snap' [8.81 GiB] inherit
dracut: Mounted root filesystem /dev/mapper/vg_test1055-lv_snap
dracut: Loading SELinux policy
dracut: Switching root
Expected results (rd_LVM_SNAPSIZE=100m):
dracut: Starting plymouth daemon
dracut: rd_NO_DM: removing DM RAID activation
dracut: rd_NO_MD: removing MD RAID activation
dracut: Removing existing LVM snapshot vg_test1055/lv_snap
dracut: Logical volume "lv_snap" successfully removed
dracut: Creating LVM snapshot vg_test1055/lv_snap (100m )
dracut: Rounding up size to full physical extent 128.00 MiB
dracut: Logical volume "lv_snap" created
dracut: Scanning devices sda2 for LVM logical volumes vg_test1055/lv_root
vg_test1055/lv_swap
dracut: inactive Original '/dev/vg_test1055/lv_root' [8.81 GiB] inherit
dracut: inactive '/dev/vg_test1055/lv_swap' [1.00 GiB] inherit
dracut: inactive Snapshot '/dev/vg_test1055/lv_snap' [128.00 MiB] inherit
dracut: Mounted root filesystem /dev/mapper/vg_test1055-lv_snap
dracut: Loading SELinux policy
dracut: Switching root
set $RDTIMESTAMP for init, if rd.timestamp is specified on the
kernel command line, so that systemd can print out:
"systemd: Boot finished after 15s = 3s (kernel) + 2s (initrd) + 10s
(userspace)"
- create /lib/bootchart in initramfs, not in live filesystem
- use proper dracut API to install files
Signed-off-by: Andrey Borzenkov <arvidjaar@mail.ru>
First, it's duplicate code.
Second, it did not allow those who had plymouth installed to use other
methods, like the new usb key file. When building the initram,
it would install the plymouth cryptroot-ask script, and not
the crypt module one.
Added these new items to crypt module's cryptroot-ask.sh:
- 'unset' for used variables
- udevsettle
The non-plymouth cryptsetup prompt was using $1 instead of $device.
Changed prompt number from 1 to 5, as this is much nicer.
I believe plymouth already does infinite prompts.
Also added unset for usb key. Just saw it didn't unset its vars.
First we check if $libdir and $usrlibdir vars are already set in config
file. If not we perform simple detect. Vars are exported - to be useful
in module/check scripts.
Current kernels know how to uncompress bzip2 and xz, so use them for compressing
the initramfs if asked. The more compression the merrier.
Also add support for generating uncompressed images, although they
are usually not what you want.
This is a patch series I have been playing with for awhile.
It cleans up some of the dracut code and adds a PKGBUILD file to make
it easier to use in Arch Linux.
Kernel 2.6.35 (may be, earlier) split ahci into libahci.ko and ahci.ko
and added ahci_platform.ko. As a result, drivers ahci and ahci_platform
do not contain any symbol that are checked for storage modules (it is
libahci.ko that references ata_scsi_ioctl now). So add additional
symbol ahci_init_controller; it seems this is expected to be called by
every driver based on libahci.ko.
Signed-off-by: Andrey Borzenkov <arvidjaar@mail.ru>
Instead of adding modprobe and rmmod, create symlinks to /bin/true to
don't produce unnecessary errors. Anyway it's a workaround for
following desired behaviour: modprobe tries to insert module only if
it's not built into kernel
Make sure that we do not accept module name which is substring of
some other module name. This resulted in piix being mistakenly loaded
together with ata_piix. It completely broke DVD access here.
Signed-off-by: Andrey Borzenkov <arvidjaar@mail.ru>
modprobe included in version prior to 3.7 of module-init-tools doesn't
have -d | --dirname option which allows to give a prefix other than
'/' for kernel modules path. Dracut assumes existence of that
option and uses it even with default '/'. The patch passes -d option
only if it's different from default and also checks module-init-tools
version if user changes the prefix by --kmoddir Dracut option.
install /etc/multipath/wwids
With the proper 40-multipath.rules and new udev device-mapper mechanism,
we don't need the multipath scan anymore.
rhbz#595719
Note that there are still some patches queued upstream for fcoe-utils to
enable it to work with the new lldpad and to add support to fipvlan to
bring up FCoE connections without requiring fcoemon to run.
The invocations of the various tools as in this patch should be final though,
see the discussion in:
http://bugzilla.redhat.com/show_bug.cgi?id=563794
This is the second revision of this patch, which no longer adds /etc/fcoe
to the initrd as that is not needed.
lvchange and vgchange '--monitor n' will not prevent lvm from
attempting to dlopen the libdevmapper-event library.
dracut git commit 47ab3b6c5e introduced the use of '--monitor n' but
'--ignoremonitoring' is needed now that the libdevmapper-event library
isn't copied into the initramfs (ever since 0fae59d6eb)
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
On debian systems xen-detect does not resite somewhere in $PATH,
but under /usr/lib/xen-default/bin. This patch ensures that this
is searched as well when locating and installing xen-detect.
Common wisdom to enter single user on Linux is to edit command
line and add "single". This was not possible because switch_root
was always called with empty init arguments. Collect them from
command line and pass to real init when switching root.
Signed-off-by: Andrey Borzenkov <arvidjaar@mail.ru>
Adds the readonly_overlay karg for cases where the dm snapshot should be set to readonly. Use case would be a livecd that is configured to have a readonly root where filling up the dm snapshot would cause a problem.
If multipath isn't installed, don't use it. If we're in hostonly mode,
only install the multipath module if it's used for / . Otherwise, if
the user was dumb enough to install it, they get it during bootup.
- the use of sed is placeholder "hack" until lvm2 provides a proper
tool for changing lvm.conf
- lvm_scan.sh should run lvm commands with --ignorelockingfailure to
re-use lvm's existing initrd-specific logic; future lvm2 changes
will split this flag out into various new command-line switches
- no monitoring should be started from within initramfs
- NOTE: the same should apply to 90dmraid/install
- the correct types would be: '[ "blkext", 1 , "cciss0", 16 ]'
but lvm2 (>= 2.02.52) already properly supports both 'blkext' and
'cciss' (including cciss0 -> cciss7)
This patch adds support for user mode suspend to disk. It is installed
in parallel to kernel mode suspend module; either will fail if
system was not suspended using correct tool so next one can be tried.
Signed-off-by: Andrey Borzenkov <arvidjaar@mail.ru>
/lib/udev/cosole_init will load either non-unicode or unicode versions
of keyboard layout for the same value of KEYMAP depending on language
setting. The simplest solution is to install both versions in initrd;
it does not take much space.
While on it, copy some additional maps to ensure emergency shell
has the same keyboard layout as full system.
Signed-off-by: Andrey Borzenkov <arvidjaar@mail.ru>
Signed-off-by: Luca Berra <bluca@vodka.it>
this makes dracut load kernel module specified in add-drivers even
if building an host-only mkinitrd, it is useful in cases where we
might change some storage drivers and still don't want to build
an enormous initrd (e.g. ahci/ata_piix)
for some unknown reason the emergency shell
starts with stderr closed, at first I even tought it was not working at
all, then I came up with this hack, which seems to work properly. I also
change the prompt to remind which step are we breaking to.
This patch adds all necessary files to build dracut debian packages.
- I've split dracut into two parts: The dracut package for booting from block
devices and dracut-net for netroot.
- I've deliberately left out all redhat specific modules, they do not make any
sense on debian at all
This script is necessary to integrate dracut into the initramfs-
infrastructure of debian.
The file itself is just a copy from initramfs-tools' update-initramfs,
with a few lines modified to run dracut instead of mkinitramfs.
Some lines in dracut's manpage are just too long for justified
display on 80c terminals. These small corrections fix this. In addition
man --warnings does not complain anymore about anything at all.
If a module has a hyphen in its name, it will show up as an underscore
in /proc/modules. Because of this, when we're testing /proc/modules,
we have to munge our module filename expression to match.
Install all modules that are any of:
- scsi device handler
- dm log handler
- dm path selector
- dm target
It would be nice if we could tell which log handlers and targets are
multipath related, but we really can't.
The primary source for dasd initialization script and udev rules is
now in s390utils package. The s390utils-base subpackage, that carries
the required files, is always installed on s390/s390x, because it's
part of the Core group in comps.
Signed-off-by: Dan Horák <dan@danny.cz>
New "filesystems" command line/config file option is added with the ability to
control the list of kernel filesystem modules that are included in the generic
initramfs.
Signed-off-by: Dan Horák <dan@danny.cz>
On my LVM system this changes the relevant output from "rd_NO_LVM" to
"rd_LVM_VG=alan-desktop.Linux"
Note that on my newer system, it now reaches moduledep() and complains.
I don't know enough awk to tell whose fault it is :).
awk: line 2: function gensub never defined
awk: line 2: function gensub never defined
rd_NO_MD rd_NO_LVM rd_NO_LUKS LANG=en_GB.UTF-8 root=/dev/sda2
Both my systems (old ubuntu and debian unstable) agree that bash
regexes should not be quoted:
$ [[ 'a' =~ a ]] && echo match
match
$ [[ 'a' =~ ^a$ ]] && echo match
match
$ [[ 'a' =~ '^a$' ]] && echo match
$
(and yes, it is safe against globbing)
$ touch 9
$ echo [0-9]
9
$ [[ 1 =~ [0-9] ]] && echo match
match
The new rd_DASD parameter allows dracut to handle multiple rd_DASD
options. One parameter per DASD. The syntax is:
rd_DASD=<device path>[,readonly=X][,erplog=X][,use_diag=X][,failfast=X]
The device path is a CCW device path, such as 0.0.0200. The optional
parameters are sysfs attributes for the DASD. The X value can be 0 or
1. Dracut will write out each of the rd_DASD settings to
/etc/dasd.conf and on bootup, the dasdconf.sh script will parse this
file and bring each DASD online with the specified attribute settings.
Some distros, including debian unstable with 2.6.30, still shop
style ide drivers and/or have important filesystems like ext3 as
modules.
This patch ensures that all test cases work on these configurations
by including the necessary modules and adding a simple udev rule
file that provides /dev/sd* symlinks for the case where old style
ide drivers are still in use.
Some distros, including debian unstable with 2.6.30, still ship
old style ide drivers. These should be installed as well.
Sadly there are no symbols to use for nm, so a simple =ide needs
to suffice.
The manpage for dhclient-script says:
Before actually configuring the address, dhclient-script should
somehow ARP for it and exit with a nonzero status if it receives a
reply.
By using arping in dracut this is very easy, since arping has a
specific option to do just that.
This patch adds STP timeout error handling with arping. It's rather
simple since it only cares about the primary interface and blindly
assumes that if no gateway is available the root server is on the
same subnet.
The usual approach to setting mtus is to set the interface down,
set the mtu then set the interface back up again. Modern hardware
and/or drivers may support setting this on the fly, so we try
this and fall back to the old behaviour it it doesn't work.
In addition this patch only allows mtus greater than 576, this is
taken from debian/ubuntu dhclient-script.
On amd64 multilib Gentoo, /lib is a symlink to /lib64, and dracut creates
duplicate files in /lib and /lib64 in a resulting cpio image. Other files are
missing in /lib64 but exists in /lib in that image. So /usr/sbin/lvm fails to
run from initrd due to missing libraries. A possible solution is to create in
the initrd the same /lib symlink as in host system, if /lib is a symlink.
http://bugs.gentoo.org/show_bug.cgi?id=278442#c10
When assembling containers + embedded arrays from mdadm.conf,
mdadm needs the /dev/md# node for the container to assemble the
arrays within the container. Stopping the udev exec queue, results in
this node not getting created and mdadm failing to online the
arrays within the container.
Not having stop / start udev exec-queue around "mdadm -As --run" should
be safe as the exact same command is run from rc.sysinit without
any queue locking.
There's no need for /usr/local to be in our paths at all, nor to
include a :$PATH at the end. The path should be exported though,
so modules don't have to worry about finding things.
This is a more sane solution, than ignoring subsequent "change" events.
The only danger is that we could loop, if a lvm scan triggers a broken
md partition, which triggers a broken PV and so on.
Better fix the scanning tools, not to emit change events for devices,
if no action was taken.
This test succeeds, because the mirror parts are found without
assembling the mirror itsself, which is what we want
client_run rd_NO_DM rd_NO_MDIMSM rd_NO_MDADMCONF || return 1
ifname=<interface>:<MAC>
Assign network device name <interface> (ie eth0) to the NIC
with MAC <MAC>.
Note that if you use this option you *must* specify an ifname=
argument for all interfaces used in ip= or fcoe= arguments
ifname=<interface>:<MAC>
Assign network device name <interface> (ie eth0) to the NIC with MAC <MAC>.
Note that if you use this option you *must* specify an ifname= argument
for all interfaces used in ip= or fcoe= arguments
Copy /etc/mdadm.conf to initramfs (even for non-hostonly) if
mdadmconf="yes" is set in dracut.conf or --mdadmconf is specified on the
dracut command line.
This was done, because there seems _no_ sane way to autoassemble md raid
arrays.
also moved rd_NO_MD to an udev ENV
I've looked at the LVM rules used in dracut just recently
and it needs fixing - we should react to change events only
for DM devices, so we have to skip vol_id/blkid call on ADD:
KERNEL=="dm-[0-9]*", ACTION=="add", GOTO="lvm_end"
Also, MD devices have their own rules, where vol_id/blkid
is called and where the symlinks are created (when looking
into raw initrd, this is in 64-md-raid.rules).
Also, if those rules are meant to be for DM devices only,
maybe we should skip symlink creation for the other devices
there, to keep the rules clean and straightforward. I think
we shouldn't create/recreate symlinks for non-dm devices in
LVM/DM rules (..should be in appropriate rules for that type
of device):
KERNEL!="dm-[0-9]*", GOTO="lvm_end"
Having it unconditionally pass pulls in all the networking cruft even
for systems that do not need it, and that sorta defeats the purpose of
hostonly mode.
Supported cmdline formats:
fcoe=<networkdevice>:<dcb|nodcb>
fcoe=<macaddress>:<dcb|nodcb>
Note currently only nodcb is supported, the dcb option is reserved for
future use.
Note letters in the macaddress must be lowercase!
Examples:
fcoe=eth0:nodcb
fcoe=4A:3F:4C:04:F8:D7:nodcb
This introduces filter_kernel_modules, which should be used to install
all kernel modules that match whatever criteria you want.
If running in --hostonly, filter_kernel_modules will only consider
modules that are loaded in the kernel, otherwise it will consider
all the modules installed on the system for the appropriate kernel.
This drastically reduces initramfs generation time when using --hostonly
by eliminating lots of unneeded filesystem activity.
Instead of grovelling through all the modules available for the
kernel looking for block devices, only look at the modules that are
actually loaded. This speeds things up by a rather large amount
when generating the initramfs with --hostonly.
While we are at it, only load the filesystem module that will actually
be used for the root filesystem when running in --hostonly instead
of all the filesystem modules that happen to be loaded at the time.
Since different distros may or may not use vol_id in udev, and blkid
is generally replacing vol_id, abstract them out into a function which
tries to use vol_id first and blkid second, on the assumption that
blkid can take over for vol_id if vol_id is no longer there.
This module provides syslog functionality in the initrd.
This is especially interesting when complex configuration being
used to provide access to the device the rootfs resides on.
When this module is installed into the ramfs it is triggered by
the udev event from the nic being setup (online).
Then if syslog is configured it is started and will forward all
kernel messages to the given syslog server.
The syslog implementation is detected automatically by finding the
apropriate binary with the following order:
rsyslogd
syslogd
syslog-ng
Then if detected the syslog.conf is generated and syslog is started.
Bootparameters:
syslogserver=ip Where to syslog to
sysloglevel=level What level has to be logged
syslogtype=rsyslog|syslog|syslogng
Don't auto detect syslog but set it
Quotes are generally not needed in when assigning one variable to another,
and are also not needed inside [[ ]] comaprisons, as word splitting and
pathname expansion are not performed in these cases.
root=dhcp alone directs initrd to look at the DHCP root-path where NBD options can be specified.
This syntax is only usable in cases where you are directly mounting the volume as the rootfs.
.SHNetwork
.TPbootdev=<interface>
.Bspecifythenetworkinterfacetobootfrom
.TP
.Bip={dhcp|on|any}
get ip from dhcp server from all interfaces. If root=dhcp, loop sequentially through all interfaces (eth0, eth1, ...) and use the first with a valid DHCP root-path.
keyboard translation table loaded by loadkeys; taken from keymaps directory;
will be written as KEYMAP to _/etc/vconsole.conf_ in the initramfs, e.g.:
+
----
vconsole.keymap=de-latin1-nodeadkeys
----
**vconsole.keymap.ext=**_<list of keymap base file names>_::
list of extra keymaps to bo loaded (sep. by space); will be written as
EXT_KEYMAP to _/etc/vconsole.conf_ in the initramfs
**vconsole.unicode**[=_{0|1}_]::
boolean, indicating UTF-8 mode; will be written as UNICODE to
_/etc/vconsole.conf_ in the initramfs
**vconsole.font=**_<font base file name>_::
console font; taken from consolefonts directory; will be written as FONT to
_/etc/vconsole.conf_ in the initramfs; e.g.:
+
----
vconsole.font=LatArCyrHeb-16
----
**vconsole.font.map=**_<console map base file name>_::
see description of '-m' parameter in setfont manual; taken from consoletrans
directory; will be written as FONT_MAP to _/etc/vconsole.conf_ in the
initramfs
**vconsole.font.unimap=**_<unicode table base file name>_::
see description of '-u' parameter in setfont manual; taken from unimaps
directory; will be written as FONT_UNIMAP to _/etc/vconsole.conf_ in the
initramfs
**locale.LANG=**_<locale>_::
taken from the environment; if no UNICODE is defined we set its value in
basis of LANG value (whether it ends with ".utf8" (or similar) or not); will
be written as LANG to _/etc/locale.conf_ in the initramfs; e.g.:
+
----
locale.LANG=pl_PL.utf8
----
**locale.LC_ALL=**_<locale>_::
taken from the environment; will be written as LC_ALL to _/etc/locale.conf_
in the initramfs
LVM
~~~
**rd.lvm=0**::
disable LVM detection
**rd.lvm.vg=**_<volume group name>_::
only activate the volume groups with the given name. rd.lvm.vg can be
specified multiple times on the kernel command line.
**rd.lvm.lv=**_<logical volume name>_::
only activate the logical volumes with the given name. rd.lvm.lv can be
specified multiple times on the kernel command line.
**rd.lvm.conf=0**::
remove any _/etc/lvm/lvm.conf_, which may exist in the initramfs
crypto LUKS
~~~~~~~~~~~
**rd.luks=0**::
disable crypto LUKS detection
**rd.luks.uuid=**_<luks uuid>_::
only activate the LUKS partitions with the given UUID. Any "luks-" of the
LUKS UUID is removed before comparing to _<luks uuid>_.
The comparisons also matches, if _<luks uuid>_ is only the beginning of the
LUKS UUID, so you don't have to specify the full UUID.
This parameter can be specified multiple times.
**rd.luks.crypttab=0**::
do not check, if LUKS partition is in _/etc/crypttab_
crypto LUKS - key on removable device support
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**rd.luks.key=**_<keypath>:<keydev>:<luksdev>_::
_keypath_ is a path to key file to look for. It's REQUIRED. When _keypath_ ends with '.gpg' it's considered to be key encrypted symmetrically with GPG. You will be prompted for password on boot. GPG support comes with 'crypt-gpg' module which needs to be added explicitly.
+
_keydev_ is a device on which key file resides. It might be kernel name of devices (should start with "/dev/"), UUID (prefixed with "UUID=") or label (prefix with "LABEL="). You don't have to specify full UUID. Just its beginning will suffice, even if its ambiguous. All matching devices will be probed. This parameter is recommended, but not required. If not present, all block devices will be probed, which may significantly increase boot time.
+
If _luksdev_ is given, the specified key will only be applied for that LUKS device. Possible values are the same as for _keydev_. Unless you have several LUKS devices, you don't have to specify this parameter. The simplest usage is:
+
----
rd.luks.key=/foo/bar.key
----
+
As you see, you can skip colons in such a case.
MD RAID
~~~~~~~
**rd.md=0**::
disable MD RAID detection
**rd.md.imsm=0**::
disable MD RAID for imsm/isw raids, use DM RAID instead
**rd.md.ddf=0**::
disable MD RAID for SNIA ddf raids, use DM RAID instead
**rd.md.conf=0**::
ignore mdadm.conf included in initramfs
**rd.md.waitclean=1**::
wait for any resync, recovery, or reshape activity to finish before continuing
**rd.md.uuid=**_<md raid uuid>_::
only activate the raid sets with the given UUID. This parameter can be
specified multiple times.
DM RAID
~~~~~~~
**rd.dm=0**::
disable DM RAID detection
**rd.dm.uuid=**_<dm raid uuid>_::
only activate the raid sets with the given UUID. This parameter can be
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
