For writeable live images, the memory must hold the complete image.
That means it must be at least the size of the image plus some RAM
necessary to run processes.
With too small RAM, the OOM Killer steps in and makes the boot hang.
This patch lets the system go into the emergency shell instead.
The default minimum RAM after subtracting the live image size is set to 1G.
The parameter rd.minmem is added to modify this.
Until now, 03modsign module was loading keys from /lib/modules/keys/* into the
current session keyring.
This change makes it add keys to the secondary trusted keyring. This works
only as long as added certificate is signed by key from the same keyring.
Add code to parse the Nvme-oF Boot Firmware Table (NBFT) according
to the NVM Express Boot Specification 1.0 [1]. The implementation in
dracut follows a similar general approach as iBFT support in the
iscsi module.
NBFT support requires two steps:
(1) Setting up the network and routing according to the
HFI ("Host Fabric Interface") records in the NBFT,
(2) Establishing the actual NVMe-oF connection.
(1) is accomplished by reading the NBFT using JSON output from
the "nvme nbft show" command, and transforming it into command
line options ("ip=", "rd.neednet", etc.) understood by dracut's
network module and its backends. The resulting network setup code
is backend-agnostic. It has been tested with the "network-legacy"
and "network-manager" network backend modules. The network setup
code supports IPv4 and IPv6 with static, RA, or DHCP configurations,
802.1q VLANs, and simple routing / gateway setup.
(2) is done using the "nvme connect-all" command [2] in the netroot handler,
which is invoked by networking backends when an interface gets fully
configured. This patch adds support for "netboot=nbft". The "nbftroot"
handler calls nvmf-autoconnect.sh, which contains the actual connect
logic. nvmf-autoconnect.sh itself is preserved, because there are
other NVMe-oF setups like NVMe over FC which don't depend on the
network.
The various ways to configure NVMe-oF are prioritized like this:
1 FC autoconnect from kernel commandline (rd.nvmf.discover=fc,auto)
2 NBFT, if present
3 discovery.conf or config.json, if present, and cmdline.d parameters,
if present (rd.nvmf.discovery=...)
4 FC autoconnect (without kernel command line)
The reason for this priorization is that in the initial RAM fs, we try
to activate only those connections that are necessary to mount the root
file system. This avoids confusion, possible contradicting or ambiguous
configuration, and timeouts from unavailable targets.
A retry logic is implemented for enabling the NVMe-oF connections,
using the "settled" initqueue, the netroot handler, and eventually, the
"timeout" initqueue. This is similar to the retry logic of the iscsi module.
In the "timeout" case, connection to all possible NVMe-oF subsystems
is attempted.
Two new command line parameters are introduced to make it possible to
change the priorities above:
- "rd.nvmf.nonbft" causes the NBFT to be ignored,
- "rd.nvmf.nostatic" causes any statically configured NVMe-oF targets
(config.json, discovery.conf, and cmdline.d) to be ignored.
These parameters may be helpful to skip attempts to set up broken
configurations.
At initramfs build time, the nvmf module is now enabled if an NBFT
table is detected in the system.
[1] https://nvmexpress.org/wp-content/uploads/NVM-Express-Boot-Specification-2022.11.15-Ratified.pdf
[2] NBFT support in nvme-cli requires the latest upstream code (> v2.4).
Signed-off-by: Martin Wilck <mwilck@suse.com>
Co-authored-by: John Meneghini <jmeneghi@redhat.com>
Co-authored-by: Charles Rose <charles.rose@dell.com>
Since nvme-cli 2.0, configuration of subsystems to connect to is
stored under `/etc/nvme` in either `discovery.conf` or `config.json`.
Attempt discovery also if the latter exists, but not the former.
Also, install "config.json" if it's present on the root FS.
As before, "rd.nvmf.discover=fc,auto" will force either file to be ignored,
and NBFT-defined targets take precedence if found.
In NBFT setups, VLAN can be configured in the firmware.
Add the 8021q module in hostonly mode even if VLAN is currently
not used to be prepared for such configuration change.
- More verbose with KERNEL_INSTALL_VERBOSE=1
- Use KERNEL_INSTALL_CONF_ROOT if defined
- Fallback to /usr/lib/os-release if /etc/os-release does not exist
- Fallback to "Linux $KERNEL_VERSION" if no PRETTY_NAME found
- Styling fixes
Co-authored-by: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>
- If kernel-install has defined a staging area for us
(KERNEL_INSTALL_STAGING_AREA) install generated initrd/uki.efi there.
The actual install is then handled by 90-loaderentry.install or
90-uki-copy-install.
- Also skip regeneration if an uki.efi already exists.
- Pass --kernel-image to dracut, this is required to generate an uki (uefi=yes)
- Add --no-uefi argument to dracut rescue image generation, this ensures that
it at least installs correctly. TODO: Rework 51-dracut-rescue.install to also
work with uki's.
This fixes installing a kernel with uefi=yes in dracut config and layout=uki
in kernel/install.conf.
Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>
Use det_fs to determine fstype and provide fallback instead of
just calling blkid.
Many other dracut modules (e.g. fs-lib, btrfs, mdraid) are already
using det_fs to determine fstype.
Add a test case for mounting the root filesystem from
a squashfs image file that is store on an NTFS drive.
The test case is using ntfs3 module to mount the NTFS drive.
Following the Bluetooth spec [1], Assigned Numbers Document, Rev. 2023-05-04,
Section 2.6.3, Appearance Sub-category, the Appearance value defined for
keyboards is 0x03C1.
This value must be checked to include the bluetooth module in hostonly mode,
because some Bluetooth keyboards do not set the Class attribute.
[1] https://www.bluetooth.com/specifications/assigned-numbers/
Do not redirect `systemd-detect-virt` to /dev/null, otherwise, the `vm` variable
is always empty. This function was working only thanks to the following /sys
check.
Reported-by: Raymund Will <rw@suse.com>
initrd built without modules would fail when it attempts to load a
kernel module. (Use case scenario: kernel with built-in module.)
synthesize an the cmdline only when modules are truly installed.
- add systemd-boot-efi for test 18
- tgt is needed for test 30 and 35
- nbd-server is needed for test 40
- gawk dependency has been introduced by f32e95bcad
- install dracut instead of initramfs-tools to match actual usage
- remove workaround for https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962300
as it is now fixed on Debian 12.
Decouple implementation details of the backend
dependencies from the meta module.
Call check_module for each submodule instead
of reimplementing sub-package dependencies
inside the meta module itself.
Add missing NetworkManager binary to the
network-manager dracut module check.
The only systemd-pcrphase related unit configured to run in the initrd is
systemd-pcrphase-initrd.service.
Both systemd-pcrphase.service and systemd-pcrphase-sysinit.service contain
`ConditionPathExists=!/etc/initrd-release`.
systemd always installs the UEFI stub in ${prefix}/lib/systemd/boot/efi.
On split-usr systems, systemdutildir is ${rootprefix}/lib/systemd, which
makes dracut look in the wrong place.
Instead, grab 'prefix' from systemd.pc and store it in 'systemd_prefix'.
Bug: https://bugs.gentoo.org/765208
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
Many devicetree based systems require interconnect drivers to function
properly. Include those in the initramfs.
Signed-off-by: Andrew Halaney <ahalaney@redhat.com>
Avoid the following warning by reducing thin pool size
> "Sum of all thin volume sizes exceeds the size of thin pool
> and the size of whole volume group.
Remove /etc/profile.d/dracut-test.sh from test containers
No use to override default command
Remove references to docker. These files work just fine
with podman as well.
Check for dependencies on the file actually installed, otherwise,
such as when the shebang is a link not equal to the initramfs link,
the wrong file may be tested.
If some "finished" initscripts keep failing, dracut will start
printing warnings after a while. But it will warn about all scripts
in the finished initqueue, not only those that have failed. That
makes it difficult to identify the script that has actually
caused the failure.
To avoid this, delete finished initqueue scripts when they succeed.
Also, instead of returning as soon as one of the scripts fails, try
all scripts, deleting those that succeed, and return failure if at
least one script failed.
If a previously deleted script is recreated by some other part of
the code, it will be re-run the next time the check_finished() function
is called, and will be re-deleted if it still succeeds.
The only case where I see that this might cause issues is if some
condition needs to be tested over and over again, because it succeeds
and then fails later (for example, a device showing up and then being
removed again). But I think that this is not the intended logic.
In general, when a device shows up or another "finished" condition
is met, we assume that this condition will hold at least until the
initramfs switches root and exits. If all conditions are met, the
current code will also exit the initqueue without retrying any of
the conditions again.
Although it was already documented in systemd.generator(7) that generators must
not write to locations other than those passed as arguments, since
https://github.com/systemd/systemd/commit/ca6ce62d systemd executes generators
in a mount namespace "sandbox", so now the hooks created by the rootfs-generator
are lost.
These hooks are created using the root= cmdline argument, so this patch moves
the creation of these hooks to a cmdline hook.
Fixes issue #2211
Fixes issue #2225
* UEFI creation didn't handle the ImageBase data for the PE file
generation. Create an UKI thanks a stub file with a non zero BaseImage
logs some warning ans generate a bad file offset management. The efi
becomes unloadable.
* This commit parse the PE file header, get the data and apply the
ImageBase on the objcopy command.
Fixes dracutdevs#2284
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
Invoking grep in Perl mode requires JIT'ing the Perl regex.
This can run into issues with SELinix policy which will generally try to
limit use of execmem in general purpose scripts. This occurs since the
JIT'd code will live in executable memory.
The PCRE only '\K' command in the Perl REGEX can be replaced by a call
to awk instead.
In some x86_64 platforms such as Intel Elkhartlake, an issue of missing
necessary modules due to udevadm drivers field unmatch the real kernel module
name is found:
$ udevadm info -a /dev/block/179:1
looking at parent device '/devices/pci0000:00/0000:00:1a.0/mmc_host/mmc0/mmc0:0001':
KERNELS=="mmc0:0001"
SUBSYSTEMS=="mmc"
DRIVERS=="mmcblk"
....
The DRIVERS field, aka mmcblk will be given to instmods to install the
corresponding mmc_block.ko kernel module. However mmc_block.ko cannot be
selected by string mmcblk, as a result, mmc_block.ko cannot be installed
in hostonly-mode strict, which will fail to bootup the machine such as in
kdump cases:
$ /usr/lib/dracut/dracut-install -D /var/tmp --kerneldir /lib/modules/$(uname -r)/ -m mmcblk
dracut-install: Failed to find module 'mmcblk'
In this patch, we will convert the string mmcblk to mmc_block, so the
kernel module can be successfully loaded.
Signed-off-by: Tao Liu <ltao@redhat.com>
This reverts commit e39ff407eca1d783ab44093c44db5ee401ff5b1d, removes
an incorrect `Also=` directive from multipathd.service.
`Also=multipathd.socket` is not the correct behavior for a
socket-activated service. This directive has been removed upstream
and dracut should do the same.
This fixes#2289, #2175 where in the cleanup hook running multipath
binary triggers activation of multipathd.service after it is stopped
as dracut prepares to switch root in initrd-cleanup.service.
Use printf instead of echo in str_replace() to preserve escapes.
Find command paths while PATH includes /usr/sbin. (switch_root was
not found after the original environment is restored on Fedora.)
* Uefi section are creating by `objcopy` with hardcoded sections
offset. This commit allow to have the correct offset between
each part of the efi file, needed to create an UKI. Offsets
are simply calculated so no sections overlap, as recommended
in https://wiki.archlinux.org/title/Unified_kernel_image#Manually
Moreover, efi stub file's header is parsed to apply the correct
offsets according the section alignment factor.
* Remove EFI_SECTION_VMA_INITRD, no need anymore as initrd
section offset dynamically calculated
Fixes dracutdevs#2275
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
The state of lvm thin pool may change into inactived state when kdump into
2nd kernel. As a result, lvextend will fail to extend its size. For example:
In 1st kernel:
$ lvs
LV VG Attr LSize Pool Origin Data% Meta%
vol vg00 Vwi-a-tz-- 300.00m thinpool 70.54
thinpool vg00 twi-aotz-- 236.00m 89.67 12.50
...
In 2nd kernel:
LV VG Attr LSize Pool Origin Data% Meta%
vol vg00 Vwi-aotz-- 300.00m thinpool 70.54
thinpool vg00 twi---tz-- 236.00m 89.67 12.50
...
And the lvextend failing log:
[ 8.483878] start-thinpool-monitor[590]: lvextend using policy requires the thin pool to be active.
In this patch, we will first activate lvm thin pool before calling lvextend
during kdump.
Signed-off-by: Tao Liu <ltao@redhat.com>
Fixes https://github.com/dracutdevs/dracut/issues/2236
+(/) only works in bash interactive mode. Using any non-interactive
bash run simply doesn't remove anything.
The solution is copied from dracut-lib.sh, trim().
This is to check the behavior of nfs_fetch_url() in nfs-lib.sh.
nfs_fetch_url() calls nfs_already_mounted() internally.
A file /nfs/client/root/fetchfile is on NFS server, which is fetched
from clients for testing with nfs_fetch_url().
nfs_already_mounted() doesn't work when the installation ISO and kickstart file on a same NFS share are specified with inst.repo and inst.ks boot parameter as below.
inst.repo=nfs:192.168.1.1:/home/data/rhel9.iso inst.ks=nfs:192.168.1.1:/home/data/ks.cfg
NOTE: /home/data is configured for nfs share on 192.168.1.1
One problem is a file (not a directory) was passed into nfs_already_mounted().
nfs_already_mounted() is the function to judge if the given directory is already mounted.
So, filepath should be passed in nfs_fetch_url().
The other problem is about the trailing slash in the nfs path in /proc/mounts.
The /proc/mounts has an entry after nfs mount of inst.repo.
192.168.1.1:/data/ /run/install/isodir nfs ro,relatime,<snip>
In this case, nfs_already_mounted() returns "/run/install/isodir//home/data/ks.cfg" wrongly. The following is from the log.
[ 14.556279] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@156(nfs_fetch_url): nfs_already_mounted 192.168.122.1 /home/data/ks.cfg
[ 14.556279] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@137(nfs_already_mounted): local server=192.168.122.1 path=/home/data/ks.cfg s= p=
...
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@140(nfs_already_mounted): '[' 192.168.122.1 = 192.168.122.1 ']'
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@141(nfs_already_mounted): '[' /home/data/ks.cfg = /home/data/ ']'
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@143(nfs_already_mounted): str_starts /home/data/ks.cfg /home/data/
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/dracut-lib.sh@51(str_starts): '[' ks.cfg '!=' /home/data/ks.cfg ']'
[ 14.654966] localhost.localdomain dracut-initqueue[1282]: ///lib/url-lib.sh@144(nfs_already_mounted): echo /run/install/isodir//home/data/ks.cfg
...
[ 14.658069] localhost.localdomain dracut-initqueue[934]: //lib/url-lib.sh@156(nfs_fetch_url): mntdir=/run/install/isodir//home/data/ks.cfg
This function doesn't expect the trailiing slash of the nfs path in /proc/mounts, so it should be removed before processing it.
During search for fw_devlink suppliers, it's possible to encounter a
situation where supplier A depends on supplier B, and supplier B has a
parent node that depends on supplier A. This leads to an infinite
recursion.
To fix this, make sure suppliers are only processed once.
Signed-off-by: Adrien Thierry <athierry@redhat.com>
As discussed in issue #2204 this patch removes the dracut.spec file from
the repository. The advantage of this patch is that it creates a
dracut-version.tar.xv file that can be more easily consumed by the
downstream distributions because there's no rpm spec file included in
the distribution.
Tested with a downstream rpm spec fiie:
```
cd dracut
VERSION=`git describe --abbrev=0 --tags --always`
make clean
make dist
cp dracut-${VERSION}.tar.xz ../
cd ..
xz -d -v dracut-${VERSION}.tar.xz
tar rf dracut-${VERSION}.tar dracut.spec
xz -9 dracut-${VERSION}.tar
rm -rf rmpbuild
mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}
rpmbuild -ta --define "_topdir `pwd`/rpmbuild" -v dracut-${VERSION}.tar.xz
```
Fixes issue #2204
When calling dracut with '--hostonly-mode=strict', get_dev_module() gets
called on the system's block devices to find the required drivers. The
driver name is retrieved using udevadm. However, the driver name
returned by udevadm is not necessarily the same as the module name.
This is the case for the Qualcomm UFS driver: udevadm returns
'ufshcd-qcom' while the module name is 'ufs-qcom', so dracut-install is
not able to find the module afterwards.
To solve this, make get_dev_module() also return the module alias info
from the modalias files contained in the sysfs directories parsed by
udevadm.
Signed-off-by: Adrien Thierry <athierry@redhat.com>
This reverts commit 77630365ae.
Its commit message states:
On EL8.3 the NetworkManager keep restarting even if it exits successfully
while waiting for Clevis to unlock. This patch ensures NetworkManager runs
only once in initrd.
Yes; NetworkManager is run multiple times, so that it's able to
configure interfaces that haven't been seen previously (because bus was
slow to scan or device took time to initialize).
It's not clear what problem was the original commit trying to fix.
I suspect there was no problem, just a misunderstanding.
`sbsign` does not issue any error if there is not enough disk space to create
the signed file using its `--output` option. So, verify the signed image after
its creation using `sbverify`.
Fixes issue #2197
This patch reverts commit
c603419 ("wait for IPv6 RA if using none/static IPv6 assignment").
It's not generally correct wait for a default route to be established
for an interface, or to wait for "proto ra" routes in general.
For example, if the system is a router itself, it will receive no
RAs. In isolated networks, no gateway may be advertized, either.
This is similar in spirit to 76f6566 ("Revert "wait for IPv6 RA
if using none/static IPv6 assignment"")
Whatever c603419 ("wait for IPv6 RA if using none/static IPv6 assignment")
was supposed to achieve, it should be done differently.
For static IPv4 configurations, we use arping to check for duplicate
IP addresses. arping requires the af_packet module to work, and if arping
fails, the IP address will not be set and booting will fail.
af_packet may not be loaded / required in the running system, for example if
the system had been booted in an IPv6 configuration, or if it had been
manually unloaded. Make sure it's included in initramfs in hostonly mode, too.
ibft_to_cmdline() formats a static IPv6 address like this
(without peer, gateway, hostname):
ip="[fd09:9a46:b5c1:1fe:1::10/64]:::::ibft0:none"
This means that the "mask" field (4th) is left blank. When this is
parsed later by parse-ip-opts.sh, it bails out with the error
message "Sorry, automatic calculation of netmask is not yet supported".
parse-ip-opts.sh rather expects the prefix in the 4th field:
ip="[fd09:9a46:b5c1:1fe:1::10]:::64::ibft0:none"
This syntax will be correctly transformed to the command
ip addr add fd09:9a46:b5c1:1fe::10/64 dev ibft0
This patch fixes the formatting of the "ip=" line in ibft_to_cmdline().
In iBFT setups, VLAN can be configured in the firmware.
Add the 8021q module in hostonly mode even if VLAN is currently
not used to be prepared for such configuration change.
Dracut currently finds kernel module dependencies using two methods:
depmod and softdeps. However, these are often insufficient on embedded
systems where a lot of driver dependencies are only described in the
device tree. This is often the case for low-level devices such as
clocks, regulators, pinctrls, etc.
This patch allows dracut to find those device tree dependencies, by
parsing the sysfs supplier nodes populated by fw_devlink.
Signed-off-by: Adrien Thierry <athierry@redhat.com>
This is needed in s390x to be able to use the same `boot=` command line
parameter in grub and zipl. Otherwise, `boot=` would need to be added only to
`grub.cfg` (not `/etc/default/grub` and thereby not to `/boot/zipl/config`).
Signed-off-by: Raymund Will <rw@suse.com>
The `do_fips` method should only unmount /boot if it was mounted in the
`mount_boot` method.
In addition, now the `mount_boot` method checks if /boot is already mounted.
Signed-off-by: Raymund Will <rw@suse.com>
The `mount_boot` method called from fips-noboot.sh in the pre-pivot hook blindly
executes `rm -rf /boot` if there is no `boot=` command line parameter, without
first checking that /boot is not already mounted by other means.
During shutdown, there is no ordering dependency between the nm-initrd service
and the D-Bus daemon, and so the latter can be stopped before. This causes
issues to NetworkManager, especially when team interfaces are present because
NM will see teamd dropping from the bus and will try to reactivate the
connection.
Add a "After" dependency to make sure the D-Bus daemon is stopped after NM on
shutdown.
When the kernel is compiled without IA32_EMULATION and the glibc 32-bit library
is installed on the system, `ldd` prints the following output:
```
> ldd /usr/lib64/libfido2.so.1.12.0
/bin/ldd: line 162: /lib/ld-linux.so.2: cannot execute binary file: Exec format error
linux-vdso.so.1 (0x00007ffd627fa000)
libcbor.so.0.9 => /lib64/libcbor.so.0.9 (0x00007f18d799f000)
libcrypto.so.3 => /lib64/libcrypto.so.3 (0x00007f18d7400000)
libudev.so.1 => /lib64/libudev.so.1 (0x00007f18d7971000)
libhidapi-hidraw.so.0 => /lib64/libhidapi-hidraw.so.0 (0x00007f18d7968000)
libz.so.1 => /lib64/libz.so.1 (0x00007f18d794e000)
libc.so.6 => /lib64/libc.so.6 (0x00007f18d7205000)
/lib64/ld-linux-x86-64.so.2 (0x00007f18d79f9000)
> echo $?
0
```
The `ldd` script uses the following code to resolve dependencies:
```
RTLDLIST="/lib/ld-linux.so.2 /lib64/ld-linux-x86-64.so.2 /libx32/ld-linux-x32.so.2"
...
RTLD=
ret=1
for rtld in ${RTLDLIST}; do
if test -x $rtld; then
verify_out=`${rtld} --verify "$file"`
ret=$?
case $ret in
[02]) RTLD=${rtld}; break;;
esac
fi
done
```
So, if the 32-bit library fails, the 64-bit library may work, so don't stop
parsing the `ldd` output unconditionally when the message "cannot execute binary
file" is printed.
Fixes issue #2190
The test has the following issues:
- it sets up a bridge on net1 and net2, however those interfaces
are part of the same qemu hub and this causes switching loops;
- the bonds are created on two interfaces but only one has a DHCP server, and
this causes random failures;
- the checks performed on the client are pretty limited.
Rework the test:
- avoid the bridging loop;
- update the topology to use a bond interface on the server side;
- introduce additional checks on the client: start a ping and check that ports
are properly attached to bonds and bridge;
- make it possible to return module-specific information from the client; in
the future this can be added for example to check that the NetworkManager or
systemd-networkd configuration is correct.
Kernel uses the lowest MAC of all attached ports as MAC address of the
bridge. However, after the first port gets attached, DHCP can be started on the
bridge and it will use the MAC (and client-id) of the first port; so, the MAC
used for DHCP depends on the order of attachment of ports, which is not
guaranteed to be stable in general.
To make sure that the DHCP server always sees the request from the MAC of
enp0s1, assign that MAC to the bridge from the kernel command line.
The current interval (3 seconds) is very low and causes sporadic failures
especially when DHCP is run on a bridge (TEST-50-MULTINIC); in that specific
case, interfaces take time to be attached to the bridge and before enp0s1 is
attached all DISCOVER packets are lost.
Bump the timeout to a more robust value of 30 seconds.
The network-legacy dracut module already ignores the DHCP timeout option when
it's not supported by dhclient. Other network modules don't use dhclient for
DHCP.
_FILE_OFFSET_BITS is a feature test macro to determine largefile
support. Usually its set to 64 on systems supporting LFS. Its also
needed to be set to 64 for supporting 64bit time_t on glibc on 32bit
systems. If its undefined explicitly, then 64bit time_t can not be
enabled.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When `$dracutsysrootdir` is set and references an existing directory, the
internal global variables are never set, unless their value is assigned via
configuration file.
The simple fix would be turn all:
```
[[ -d $dracutsysrootdir$var ]] || var=value
```
into:
```
[[ -z $var || ! -d $dracutsysrootdir$var ]] && var=value
```
But this patch also includes a refactoring, removing duplicate code using the
same `set_global_var` function to set and export global variables, and improving
readability.
Printing and unpacking of specific files passed as arguments does not work if
their filenames contain special characters with a hexadecimal character escape
(\x), which is often the case for systemd device units.
This patch adds all the kernel modules that might be needed by LVM, to avoid
having to rebuild the initrd in hostonly mode after a dynamic change that
requires new drivers to boot.
For example, LVM allows to dynamically convert a linear logical volume to a
RAID-1 type (`lvconvert --type raid1 vg/lv`), which, in hostonly mode, will
require the user to manually rebuild the initrd again to include the new RAID
drivers in use, otherwise the system will fail to boot.
If no GPG smart card is used then the card-status breaks the decryption
of the keyfile. Therefore, use the card-status only if a smart card is
used to decrypt the keyfie.
Fixes issue #2004
- Remove the reference to Harald's git ci alias
- Added a missing push to master
- Added a warning not to add the Rendered View entry from the NEWS.md to
the tags. ( Github adds that to the release with no way of removing it, see 058 )
- Added validation of the new tag ( Good practice )
- Clarify milestone handover.
Without this service, timedatectl fails to run in the initrd.
```
sh-5.2# timedatectl
Failed to query server: Could not activate remote peer: activation request failed: unknown unit.
sh-5.2# systemctl status dbus | grep timedate
Dec 22 13:57:03 sd-net-test dbus-broker-launch[219]: Activation request for 'org.freedesktop.timedate1' failed: The systemd unit 'dbus-org.freedesktop.timedate1.service' could not be found.
```
Without this service, hostnamectl fails to run in the initrd.
```
sh-5.2# hostnamectl
Failed to query system properties: Could not activate remote peer: activation request failed: unknown unit.
sh-5.2# systemctl status dbus | grep hostname
Dec 22 11:07:56 sd-net-test dbus-broker-launch[216]: Activation request for 'org.freedesktop.hostname1' failed: The systemd unit 'dbus-org.freedesktop.hostname1.service' could not be found.
```
Trailing spaces are misleading blkid input after fixes for shellcheck were
introduced in https://github.com/dracutdevs/dracut/commit/d75b029a
Test showing the wrong output:
```
localhost:~ # _boot_zipl=$(sed -n -e '/^[[:space:]]*#/d' -e 's/\(.*\)\w*\/boot\/zipl.*/\1/p' /etc/fstab)
localhost:~ # echo "[${_boot_zipl}]"
[/dev/disk/by-path/ccw-0.0.0000-part1 ]
localhost:~ # blkid -s TYPE -o udev "${_boot_zipl}"
localhost:~ # blkid -s TYPE -o udev ${_boot_zipl}
ID_FS_TYPE=ext2
```
Also, remove duplicate code by creating a function to get the zipl boot device,
prepend $dracutsysrootdir to /etc/fstab and print cmdline properly: start
with a space and do not print a newline.
The initramfs file for Fedora/RedHat CoreOS can be found under
`/lib/modules/${KERNEL_VERSION}/initramfs.img', add this path
to image search logic.
Signed-off-by: Kenneth D'souza <kennethdsouza94@gmail.com>
Currently, dracut only allows to configure the persistent policy to address
disks and partitions using any directory name found in /dev/disk, but there is
no defined way to set the default policy based on /dev/mapper device names. So,
for example, if the persistent policy is set by the distribution in any
configuration file, the user cannot set the default if he wants to.
The current workaround is to set persistent_policy="" in a conf file or pass
--persistent-policy " " (white space) as an argument. This patch aims to
establish a specific value for this case.
The cmdline hook of iscsi module will force check if iscsi_tcp module
is available, and abort the boot progress is not. But actually iscsi
module shouldn't be allowed to be installed in the first place if the
corresponding kernel doesn't support it.
So print an warning and refuse to install the iscsi dracut module
in such case, instead of dying on reboot.
Signed-off-by: Kairui Song <kasong@tencent.com>
Some dracut modules won't work without certain kernel modules,
this helper will be helpful for checking such kernel configs in
check() and error out early.
Signed-off-by: Kairui Song <kasong@tencent.com>
check_kernel_module calls modprobe and tries to dry-run a module load to
check if a module is available. modprobe supports `-d` to specify a
rootdir, so just pass dracutsysrootdir to it to make it work as expected
when building initramfs for another rootfs.
Signed-off-by: Kairui Song <kasong@tencent.com>
The main motivation here is to do not allow each test to grow beyond
30 min. If a longer test is needed for some reason, it should be
split into two tests.
Currently each local test is passing at 20 min.
The longest running local test is test 12: encrypted LVM PV
on a degraded RAID-5.
Since the installation of ntfs-3g binary is in the
dmsquash-live-ntfs module, calling ntfs-3g from dmsquash-live fails
when dmsquash-live-ntfs module is not installed anyways.
The directory where to look for kernel modules can be set via the -k/--kmoddir
command line option or the drivers_dir configuration option. Its current check
should be split into two different ones to avoid misleading error messages (see
referenced issue):
- First check that its basename matches the kernel version set for the initramfs
(via --kver or automatically set by "uname -r").
- Second check that the parent directory of the last provided directory contains
"/lib/modules/". This check was also fixed to avoid accepting other directories
like "xxxlib/modules".
Fixes issue #1608
Per David Teigland:
> dmeventd is not meant to be run in the initrd. When it's started
> later, it will monitor LVs activated by the initrd if needed.
So, lets git rid of the dmeventd binary and the libraries that were
being added for it.
It should not be necessary to explicitly omit dash module.
If this is needed, that would mean that bash is not marked
as an explicit dependency for some modules.
If the DRACUT_INSTALL environment variable contains arguments (e.g.:
DRACUT_INSTALL="/usr/lib/dracut/dracut-install --debug"), its call cannot
be enclosed in double quotes. E.g.:
```
> export DRACUT_INSTALL="/usr/lib/dracut/dracut-install"
> "$DRACUT_INSTALL" > /dev/null
dracut-install: No SOURCE argument given
> export DRACUT_INSTALL="/usr/lib/dracut/dracut-install --debug"
> "$DRACUT_INSTALL" > /dev/null
-bash: /usr/lib/dracut/dracut-install --debug: No such file or directory
> $DRACUT_INSTALL > /dev/null
dracut-install: No SOURCE argument given
```
Add systemd-networked to Fedora container.
Add connman to Arch container.
This change enables manual testing of various network configurations
and also allows the ci to ensure that having additional networking
packages installed does not break the network meta module.
Commit 6f8191fdf41 ("block: simplify disk shutdown") in Linux kernels 6.0 and above
renamed blk_cleanup_disk to blk_mq_destroy_queue. Adapt code to handle both cases.
Because of this the kernel module mmc_block.ko was not included into initrd on kernel 6.1:
dracut-install: No symbol or path match for '/lib/modules/6.1.0-generic-0.rc7.1rosa2021.1-x86_64//kernel/drivers/mmc/core/mmc_block.ko.zst
while on kernel 5.15 it was included:
dracut-install: Handling /lib/modules/5.15.79-generic-1rosa2021.1-x86_64//kernel/drivers/mmc/core/mmc_block.ko.zst
dracut-install: Module mmc_block: symbol blk_cleanup_queue matched inclusion filter
It made booting OS from root on /dev/mmcblk* impossible.
Just adding blk_mq_destroy_queue was not enough to make mmc_block.ko be included into initrd
(maybe because call of blk_cleanup_disk() was removed and call of blk_mq_destroy_queue() was not added).
So also adding blk_mq_alloc_request which is used from mmc_block.
Fixes: https://github.com/dracutdevs/dracut/issues/2102
Configure network module outside of test.sh scripts
to allow for parallelizm and flexibility.
Remove NM test directory wrappers and set network
in Github action instead.
This is in preparation to test other dracut network modules
such as systemd-networkd dracut module.
The main motivation of this change is to prepare to enable
testing all four networking dracut modules not just two.
There are four networking modules supported currently.
Omitting one networking module not only is not necessary but
confusing as if the test really wants to omit networking modules,
it should omit all three non-used dracut networking modules.
GitHub Actions allow to opt-in to more debug logging both on
web UI and on the command line.
When GitHub Action debug logging is enabled also enable
additional dracut test debugging by setting DEBUGFAIL to rd.debug.
This is particularly useful when re-run failed jobs with
debug logging enabled.
The installed packaged dracut version from a distributions can
interfere with testing latest dracut from source, which is the
primary goal of these containers.
dracut can be invoked inside a chroot, but inside
the generated initramfs the chroot binary is not required.
add chroot to the generated initramfs if debug or selinux
dracut modules are enabled.
The base module requires grep with the `rd.memdebug=1` command line parameter.
As this code is broken if grep is not added by other means and grep is only
required for this, rewriting this code to avoid the dependency.
Dependencies to systemd .device unit files are marked as "hostonly" in the
special file hostonly-files. These .device unit files can be removed using the
`rd.hostonly=0` command line parameter. But, since systemd v252
(https://github.com/systemd/systemd/pull/24054), the initrd-parse-etc.service
service does not run `systemctl daemon-reload`, so systemd keeps waiting
for these .device units to show up.
This means that if a hostonly device is not available for any reason at boot
time, using `rd.hostonly=0` has no effect and the system will not boot.
Users were seeing errors like this:
[ 2.917246] dracut-pre-udev[717]: sh: line 1: /sbin/sysctl: No such file or directory
This was the result of modprobe.d files that needed to call sysctl
and failing because sysctl wasn't included in the initramfs.
This change makes it so that we have the binary included so those
modprobe configuration files work properly.
use the -I argument to install dd and mkfs.btrfs
use the -i argument to install the hook
btrfs is already installed by the btrfs dracut module
sfdisk is not used
Move overlayfs mount out into its own dedicated file
so that we can call into it directly for NFS support.
Add a new test case for overlayfs on top of NFS.
Despite the generic name, the only current use of the `efi_secret`
is exposing data in /sys that's been injected into a SEV/SEV-ES
virtual machine. More info:
https://docs.kernel.org/security/secrets/coco.html
This secret is probably a luks password, so we need this driver at
boot time.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
The M1/etc hardware has an quirky NVMe disk controller that needs
a dedicated NVMe driver. Rather than picking up just that
bit of hardware pick up drivers that register NVMe controllers.
This also picks up NVMe-OF style drivers, but seems like a better
long term solution on Arm platforms which tend to have a lot
of odd hardware.
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
dracut-lib.sh provides a custom version of pidof, so there is no need to install
the pidof binary. Also, source dracut-lib.sh in hook scripts when needed.
Fixes issue #2027
When the rootfs of a virtual machine is virtiofs shared folder,
the /etc/fstab file may not exist. As a result, the "findmnt --fstab"
will complain "findmnt: can't read (null): No such file or directory"
when trying to rebuild kdump initramfs within the vm.
This patch checks if /etc/fstab exist before calling "findmnt --fstab"
to suppress the error message.
Before:
$ kdumpctl rebuild
kdump: Rebuilding /boot/initramfs-5.14.0-182.el9.x86_64kdump.img
findmnt: can't read (null): No such file or directory
findmnt: can't read (null): No such file or directory
findmnt: can't read (null): No such file or directory
After:
$ kdumpctl rebuild
kdump: Rebuilding /boot/initramfs-5.14.0-182.el9.x86_64kdump.img
Signed-off-by: Tao Liu <ltao@redhat.com>
The /dev/log check was not correct, it would continue working if
/dev/log was a broken symlink. This changes the logic to be more clear
-- /dev/log needs to be a socket, and writable, and logger needs to be
available. If any of those conditions fail, turn off syslog and only use
console logging.
Modify the basic test case to use --omit-drivers and make it fail
without the PR and make it pass with the PR.
The test would fail with the following error without the PR:
FATAL: iscsiroot requested but kernel/initrd does not support iscsi
Introducing the systemd-portabled module.
It's intended to work only with raw binary disk images contained in regular
files, but not with directory trees.
The library plugins directory is automatically added to the initrd if either
libnm-device-plugin-team.so or libnm-settings-plugin-ifcfg-rh.so are present on
the system, but both are optional libraries, and if it does not exist, the
NetworkManager issues a warning.
dracut-lib.sh and the base module now does not have a knowledge
of oldroot and plymouth.
It improves the separation of concerns between the base module
and the shutdown module.
If multiple ibft interfaces exist, set_ifname() may reuse the same
name (usually "ibft0"), because it's usually called cmdline time,
when no interfaces exist in sysfs yet. Remember the number used
set and don't use it again.
nvme-cli 1.x printed the address using spaces as separator, but nvme-cli 2.x
prints the address using commas as separator (exact output from sysfs). E.g.,
output from `cat /sys/class/nvme/nvme0/address`:
traddr=nn-0x201700a09890f5bf:pn-0x201900a09890f5bf,host_traddr=nn-0x200000109b579ef5:pn-0x100000109b579ef5
Also, I suppress rd.nvmf.discover= cmdline option if all fields are empty.
Document the reason of the existing workaround.
Move the existing logic to the initramfs.testing generation phase
and make the steps more generic.
This change makes the test pass on debian.
Notice that TEST-04 does not explicitelly includes dhclient
and dhclient-script for the rootfs.
Apply the same principle for all local tests that do not
need networking.
This should make the tests run faster and slightly more reliable.
This change also brings us to a better place where network-legacy
files are only gets included via proper dracut module inclusion.
systemdsystemconfdir usually expands to /etc/systemd/system, but the local
configuration of systemd-networkd, systemd-timesyncd, portablectl and systemd
users is saved into directories whose parent is /etc/systemd
(systemdutilconfdir).
Also add missing exports.
Add a test for mounting root filesystem with overlay for /dev/sdb.
The existing test was testing mounting root filesystem with overlay
from a squashfs image file.
Silence the printing out root entry of passwd file
while including base module.
dracut: *** Including module: base ***
root❌0:0:root:/root:/bin/bash
dracut: *** Including module: fs-lib ***
Commit dc21638c3f fixes kdump kernel crash, due to non-conventional
library path in powerpc, by copying /etc/ld.so.cache under initdir.
While that works in general, it is vulnerable to failure because of
missing links, when the CPU is reconfigured to run in compatibility
mode of older CPU version. Avoid this by running ldconfig for squash
loader to create the necessary links & ld cache for it. Doing this
also saves a few kilobyes of space as the copied ld cache is bigger
in size than the one needed for squash loader environment.
Fixes: dc21638c3f ("fix(squash): keep ld cache under initdir")
Cc: Pingfan Liu <piliu@redhat.com>
Signed-off-by: Hari Bathini <hbathini@linux.ibm.com>
When creating uefi image in hostonly mode (with using --hostonly-cmdline),
it makes sense to copy current kernel commandline from /proc/cmdline,
in case there are no other options specified.
Usually, the cmdline.d/*.conf file is generated by module rootfs-block
(or other modules), but it might, not handle all cases correctly,
and specifying --kernel-cmdline every time is not much user-friendly.
If the FONT option defined in /etc/vconsole.conf refers to a file with its
extension, not just the file name, dracut should not fail and install it. The
systemd-vconsole-setup service ends up calling setfont, which supports both file
names and files with extensions.
The path detection is not working on latest Fedora and some other
distros, and it fails to extract the initramfs. It seems the if
statement is broken by a previous commit, so let's fix it.
Fixes: 3d8e1ad ('fix(dracut-initramfs-restore.sh): add missing default paths')
Signed-off-by: Kairui Song <kasong@tencent.com>
This workflow allows it to run any of the 29 tests
on any of the 4 containers.
On commit, currently the CI only runs 24 tests out of the 116
possible combinations of test runs.
As the project grows, the usefulness of this tool will also grow.
rootfs-block module would always include the following
modules: udev-rules base fs-lib
lvm module always includes rootfs-block
This is a follow-up to a1d4041cee
Check first for fs support in `/proc/filesystems` before attempting
to load the kernel module.
This is needed in the --no-kernel use case to avoid the error:
modprobe: FATAL: Module overlay not found in directory /lib/modules/<kver>
If lsinitrd is called from a context in which SIGPIPE is ignored (e.g.,
from a systemd unit with default setting of IgnoreSIGPIPE=), the
following line will result in an error being issued:
bin="$($SKIP "$image" | { read -r -N 6 bin && echo "$bin"; })"
An example error from `kdumpctl start` (which internally just calls
`systemctl start kdump.service`):
kdumpctl[1287]: ERROR: src/skipcpio/skipcpio.c:191:main(): fwrite
A minimal reproducer:
systemd-run -t sh -c '/path/to/skipcpio /path/to/any/file | false'
in install_dependent_modules we use &path[kerneldirlen] as the key for inserting,
let's do the same for checking.
otherwise installing kernel module has circular dependency from a custom kernel
module directory will cause infinite recursion and segfault.
$ grep ipmi kbuilt/lib/modules/5.10.121/modules.dep
kernel/drivers/char/ipmi/ipmi_msghandler.ko:
kernel/drivers/char/ipmi/ipmi_devintf.ko: kernel/drivers/char/ipmi/ipmi_msghandler.ko
$ grep ipmi kbuilt/lib/modules/5.10.121/modules.softdep
softdep ipmi_msghandler post: ipmi_devintf
$ ./dracut-install -D /tmp --kerneldir ~/working/kernel/linux-5.10.121/kbuilt/lib/modules/5.10.121 -m ipmi-devintf
Segmentation fault (core dumped)
(gdb) b install_dependent_modules
Breakpoint 1 at 0x7db0: file src/install/dracut-install.c, line 1513.
(gdb) bt
#0 install_dependent_modules (modlist=0x0) at src/install/dracut-install.c:1513
#1 0x000055555555c027 in install_dependent_modules (modlist=modlist@entry=0x555555579e90) at src/install/dracut-install.c:1553
#2 0x000055555555bf1c in install_dependent_modules (modlist=0x5555555799d0) at src/install/dracut-install.c:1548
#3 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557a3f0) at src/install/dracut-install.c:1554
#4 0x000055555555bf1c in install_dependent_modules (modlist=0x555555579d60) at src/install/dracut-install.c:1548
#5 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557b170) at src/install/dracut-install.c:1554
#6 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557a0f0) at src/install/dracut-install.c:1548
#7 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x555555575320) at src/install/dracut-install.c:1554
#8 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557ab30) at src/install/dracut-install.c:1548
#9 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557dd60) at src/install/dracut-install.c:1554
#10 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557b640) at src/install/dracut-install.c:1548
#11 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557e0f0) at src/install/dracut-install.c:1554
#12 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557b9d0) at src/install/dracut-install.c:1548
#13 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x555555574340) at src/install/dracut-install.c:1554
#14 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557cf70) at src/install/dracut-install.c:1548
#15 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x5555555768d0) at src/install/dracut-install.c:1554
#16 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557d750) at src/install/dracut-install.c:1548
#17 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555557e700) at src/install/dracut-install.c:1554
#18 0x000055555555bf1c in install_dependent_modules (modlist=0x55555557de90) at src/install/dracut-install.c:1548
#19 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x555555581c90) at src/install/dracut-install.c:1554
#20 0x000055555555bf1c in install_dependent_modules (modlist=0x555555571e60) at src/install/dracut-install.c:1548
#21 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555556b620) at src/install/dracut-install.c:1554
#22 0x000055555555bf1c in install_dependent_modules (modlist=0x555555583000) at src/install/dracut-install.c:1548
#23 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x55555556b640) at src/install/dracut-install.c:1554
#24 0x000055555555bf1c in install_dependent_modules (modlist=0x555555571b40) at src/install/dracut-install.c:1548
#25 0x000055555555c034 in install_dependent_modules (modlist=modlist@entry=0x555555574100) at src/install/dracut-install.c:1554
#26 0x000055555555c4b0 in install_module (mod=mod@entry=0x555555573bc0) at src/install/dracut-install.c:1617
#27 0x000055555555c93d in install_modules (argc=argc@entry=1, argv=argv@entry=0x7fffffffd6e0) at src/install/dracut-install.c:1952
#28 0x000055555555862a in main (argc=<optimized out>, argv=0x7fffffffd6a8) at src/install/dracut-install.c:2090
Signed-off-by: runsisi <runsisi@hust.edu.cn>
Due to non-availability of Hyper-V video driver hyperv_drm in kdump
initramfs, the console seems to be in hang state with no text over it.
We should also go through the /sys/bus/vmbus/devices and include drivers
referenced there.
Check first for squashfs in `/proc/filesystems`.
This is needed in the --no-kernel use case to avoid the error:
modprobe: FATAL: Module overlay not found in directory /lib/modules/<kver>
Introduce load_fstype function to make it easier to check `/proc/filesystems`
before calling modprobe.
Services of type `oneshot` should almost always use
`RemainAfterExit=yes`. This is a one-time action that we don't want to
rerun if the unit gets pulled in multiple times in the systemd
transaction.
The dropins path is `/etc/multipath/conf.d`, not
`/etc/multipath/multipath.conf.d`:
686797b7d0/Makefile.inc (L100)
But anyway, we don't need to create that directory. We only need to
create `/etc/multipath`.
While we're here, add a comment to explain this.
If file is not a regular file (test -f), dracut.sh fails,
which is unexpected change of behaviour.
The workaround would be to create an empty file.
Fixes: #1835
When the new grub2 iso is written to a usb drive the disk label points
to a partition that does not include the full iso image. This causes
checkisomd5 to run with the wrong data and it fails.
This patch adds a check that will test to see if there is a parent
device that is a disk, and to run checkisomd5 on it instead of on the
partition pointed to by the label.
When running from an iso this will return the original
/dev/disk/by-label/ path, and when running from a usb drive it will
return the parent device (eg. /dev/sda).
Resolves: rhbz#2107858
Do not assume that `overlay` is always a module. Check first for
`overlay` in `/proc/filesystems`. This is needed in the --no-kernel
use case to avoid the error: modprobe:
FATAL: Module overlay not found in directory /lib/modules/<kver>
Signed-off-by: Federico Vaga <federico.vaga@cern.ch>
The redirection to stdout was originally added to workaround
https://bugzilla.redhat.com/show_bug.cgi?id=989133 (curl would create no
file if the source was empty), but I don't see that problem with current
curl.
A nice side-effect of this change is that curl shows download progress.
Commit https://github.com/dracutdevs/dracut/commit/f3441cc7 removed shell
options but didn't adapt all the code that requires nullglob and globstar.
This caused the initrd to be generated without the required includes for
keymaps.
convert_abs_rel() gets
from =/var/tmp/dracut.8dxnpY/initramfs/lib/x86_64-linux-gnu/libuuid.so.1.3.0
target=/var/tmp/dracut.8dxnpY/initramfs/lib/x86_64-linux-gnu/libuuid.so
returning from is invalid; skip over the destdir:
/lib/x86_64-linux-gnu/libuuid.so.1.3.0
This option was introduced not long ago, but unfortunately it was
misspelled and have affected following up commits. It's not a commonly
used option, at least not yet, so just rename and fix it.
Signed-off-by: Kairui Song <kasong@tencent.com>
Track when a key is successfully loaded, and return 1 if no key has been
loaded. This will not enable EVM if there are no keys available in the
system.
Fix#1847
Signed-off-by: Alberto Planas <aplanas@suse.com>
Makefile uses recursively expanded macros and as can be seen by simply
adding $(warning Call to shell) in front of $(shell ...) Foo's in the
Makefile, we are calling out to shell 9 times just to get the working
directory, a working directory which doesn't change during Make!
Let's save few pony's and reduce it to 2...
Add an option --parallel which can currently be used with
--regenerate-all. With --regenerate-all --parallel, dracut will be
run in parallel for all kernels found.
Also introduce a config file equivalent setting: parallel="yes".
Making this work requires moving the code block that handles --regenerate-all
behind the code block for reading the config files.
Signed-off-by: Martin Wilck <mwilck@suse.com>
Previously dracut didn't support the feature of lvm thinpool autoextend.
The feature is useful to cases such as kdump, when vmcore to be saved to a
lvm thin volume. The thinpool should be able to autoextend, otherwise an
IO error will be caused and leaves an incomplete vmcore.
There is lvm2-monitor.service and dmeventd avaliable, however
considering [1], it is not suitable for kdump and memory limited cases.
This patch achieves the same by parallel looping a shell function in the
background, which calls lvextend periodically. If thredshold reaches,
autoextend it, if not then nothing happens.
[1]: https://lists.fedoraproject.org/archives/list/kexec@lists.fedoraproject.org/message/YF254ZO3PJ3U56P4OKHV3JNYP2PJUMYX/
Signed-off-by: Tao Liu <ltao@redhat.com>
`CWD` is not a Make variable. This may have worked accidentally for some
people if their shell happend to provide `CWD` and Make picked it up.
As is, this tends to pick up git versions of unrelated parent
directories, e.g. when packaging for distributions.
Set common format to each option, correct default compression options and add
missing options:
--rebuild
--aggresive-strip
--hostonly-mode
--hostonly-nics
--noimageifnotneeded
Set common format to each option, add/correct default values and add missing
options:
force_add_dracutmodules
libdirs
squash_compress
aggresive_strip
do_hardlink
prefix
hostonly_mode
hostonly_nics
sshkey
regenerate_all
noimageifnotneeded
uefi
machine_id
enhanced_cpio
Currently dracut can't mount virtiofs as root filesystem.
Make possible to boot virtual machines off virtiofs,
passing "root=virtiofs:<mtag>", using the mount tag <mtag>
as root filesystem. Alternatively this module also supports
"rootfstype=virtiofs root=<mtag>"
Signed-off-by: German Maglione <gmaglione@redhat.com>
User may specify multiple netroot in cmdline, failed to connect one netroot
do not mean all netroot are not accessible. So if one netroot failed, do
not exit the discovery and login flow.
Signed-off-by: Wenchao Hao <haowenchao@huawei.com>
On new installations, /etc/machine-id may exist and be empty, and
also /efi or /boot/efi may be a mount point, leading to an invalid
initramfs output file.
/usr/bin/vi is just a wrapper shell script to run /usr/libexec/vi which is the vi binary.
/usr/bin/vi is available in initrd.img, but /usr/libexec/vi is missing.
As as result, vi command never works.
This PR is to add /usr/libexec/vi.
Commit 1e92f728 ("Add a --hostonly-nics option") allows only installing
the network drivers for specified NICs. But it doesn't allow an emtpy
--hostonly-nics. Specifying empty hostonly-nics is needed to address the
following use cases,
- drivers/s390/net is installed regardless of --hostonly-nics. There is
no need to repeat it.
- get_dev_module couldn't find the driver for a bond or a bridge
network interface so it's better for a module to install a bond
or bridge driver itself
- dracut kdump module wants to install the needed network drivers by
itself because it can't add the --hostonly-nics option to dracut when
itself is a dracut module
This patch distinguishes between an empty --hostonly-nics and --hostonly-nics
not added so a user can pass an empty --hostonly-nics option.
The block_is_netdevice function requires the device in <maj:min>
format, but the swap_devs array is populated with the content of
/proc/swaps, which prints the devices using their paths from /dev.
This causes the check method to never detect if swap is mounted on a
network device.
The dracut-logger functions are only available during the initrd
generation. For internal initrd scripts that run at boot,
dracut-lib provides warn() and info().
The dracut-logger functions are only available during the initrd
generation. For internal initrd scripts that run at boot,
dracut-lib provides warn() and info().
It's installed in /sbin, and run via initqueue in the special case of FC
transport without a discovery.conf and without kernel arguments. If the
executable bit is not set, initqueue fails with "Invalid command".
Caught by CI checking for non-executable files in binary directories.
Avoid using shell options in findkeymap, instead of using a wrapper[*]
to restore the previous options. Using mapfile and find to generate the list
of files also has the benefit of being more readable in this case.
[*] Reverted commit 35064768eb
Original issue description from Michal Hecko <mhecko@redhat.com>:
The findkeymap function manipulates the shell options and relies on
restoring them using the trap. However, as the function might be called
recursively, each recursive invocation changes the signal handler to its
own. As the recursion is entered with shell options already modified,
the changed trap handler is replaced with restoration to the modified
shell options, not the original ones.
When running dracut-install with '-o' (optional source), and nullglob
at the same time, when all of the arguments evaluate <null>, dracut-install
should not fail even when the source is not specified.
The "lvm config" commands that check the filter settings will
often find nothing set and report an error message:
"Configuration node devices/filter not found"
Direct these messages to /dev/null so they do not appear as
noise in system logs.
dpkg-architecture prints warnings and errors to stderr. If the system does
not have gcc installed, it issues a warning:
dpkg-architecture: warning: cannot determine CC system type, falling back to default (native compilation)
This fix checks only the value of the queried variable.
It can happen that SELINUXTYPE is not set, e.g., in Fedora/RHEL
installation images /etc/selinux/config is an empty file. That means
that setfiles fails, which makes dracut-initramfs-restore fail too
because it uses "set -x", which means that dracut-shutdown.service
fails. But, after commit 7ab1d00227, a
failure of dracut-shutdown.service means that the final switch back into
initrd is skipped. Let's just add an additional sanity check to
workaround that.
dracut-systemd.service is not an early boot service, therefore it should
not use DefaultDependencies=no. This also fixes the service's ordering
dependencies, as in its current state it is missing
Before=shutdown.target umount.target
The findkeymap function manipulates the shell options and relies on
restoring them using the trap. However, as the function might be called
recursively, each recursive invocation changes the signal handler to its
own. As the recursion is entered with shell options already modified,
the changed trap handler is replaced with restoration to the modified
shell options, not the original ones. This patch wraps the findkeymap
function so that the shellopts are manipulated and restored outside the
recursion.
An example kernel command line arguments for this configuration
iso-scan/filename=distro.iso root=live:CDLABEL=ISO
rd.live.image rd.live.overlay=/dev/sda:/overlay.img
iso-scan would mount /dev/sda first and keep it mounted. The change
allows detecting if the permanent overlay drive is already mounted.
It also ensures that the mount is writable, as permanent overlay
requires writable storage.
It's been a year since I initially made the PR to include packit.
Having it has resulted in increasing the project's cost of development
( CoD ) thus defeating the initial purpose of including it, which was an attempt
to do the opposite as in to reduce it, thus removing it.
My take on this after a year in use is that the concept is flawed,
limited to a single distribution and cannot work in practice without
adding to upstreams and it's contributors CoD but other projects milage
may vary.
zfs detection is currently done by the zfs dracut module installed by
downstream, resulting in a lot of duplicated code. This commit puts zfs
detection into the core dracut logic, allowing for detection of zfs
partitions to be done at the same time as all others. It also allows for
dracut to correctly create a `root=` cmdline parameter for zfs.
Signed-off-by: Savyasachee Jha <hi@savyasacheejha.com>
Commit 7374943ae3 ("fix(iscsi): add support for the new iscsiadm
"no-wait" (-W) command") added some code to try to disable iscsi's
NOPs, since they are considered "bad" for an iscsi root disc,
but that code doesn't work because the session is already established
at this point. Open-iscsi will change so that it automatically
disables NOPs for the root disc, so this code can just go away.
Previously dracut-squash module inherits the compressor
name from dracut, but actually the compressors are totally
different. For dracut, the compressor is zstd/gzip/lzop
cmdline tools, for dracut-squash, the compressor is the
libzstd/libz/liblzo libraries integrated by mksquashfs.
However mksquashfs support less compressors than dracut,
such as bzip2, which is not supported by mksquashfs, so
compressor decoupling seems to be a good idea to handle this.
This patch introduces a new dracut cmdline argument
--squash-compressor, by which the compressor and compressor
specific options can be passed to mksquashfs as
--squash-compressor "lzo -Xalgorithm lzo1x_1_15".
Signed-off-by: Tao Liu <ltao@redhat.com>
dev_t -> major/minor number mapping is more complicated than the
incorrect major=(dev_t >> 8) minor=(dev_t & 0xff) mapping that we
currently perform. Fix mapping to match Linux / glibc behaviour.
Fixes: https://github.com/dracutdevs/dracut/issues/1695
Reported-by: Ethan Wu <ethanwu10@gmail.com>
Signed-off-by: David Disseldorp <ddiss@suse.de>
This tests dracut-cpio's handling of rmajor / rminor values compared to
GNU cpio. The test requires root, due to mknod invocation for block
device node creation.
Signed-off-by: David Disseldorp <ddiss@suse.de>
The code for determining local interface and address works
only for peers that are reachable in a single hop.
This is parsed correctly:
192.168.110.1 dev br0 src 192.168.110.160 uid 0 \ cache
But this isn't:
192.168.1.4 via 192.168.110.1 dev br0 src 192.168.110.160 uid 0 \ cache
Fix it.
Fixes: ceca74cc ("dracut-functions: add ip_params_for_remote_addr() helper")
From bash manpage, FUNCNAME exists only inside functions. When in debug
mode, make sure to use an empty default value as FUNCNAME[0] when
outside of functions.
With bash4 this wasn't an issue, but is with bash5 with hardening option
'set -u' used, as shown in the example below:
Incorrect:
$ bash -u -c 'echo -n ${FUNCNAME[0]}'
bash: line 1: FUNCNAME[0]: unbound variable
$
Correct:
$ bash -u -c 'echo -n ${FUNCNAME[0]-}'
$
This hardening enables sourcing dracut-lib.sh from external utilities
executing in the initramfs such as clevis-luks-askpass, which uses
hardening option 'set -u' internally.
(see Clevis PR https://github.com/latchset/clevis/pull/340)
Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
Dracut currently calls `eu-strip` or `strip` with -g, which only strips
out .debug_* sections. symtab and strtab are kept, but are not required
for runtime, and people will rarely need to do binary level debugging
work in initramfs.
So introduce a --aggresive-strip options, try strip out all sections
that are not required for runtime. This can help reduce the binary size
by a lot.
For example, the size of libc.so is reduced by a lot when stripped
with no option than with -g.
3014184 libc-2.28.orig.so
2970920 libc-2.28.strip-g.so
1460904 libc-2.28.strip.so
Signed-off-by: Kairui Song <kasong@tencent.com>
It may happen that dracut-shutdown.service fails, for example on timeout
due to very low bandwidth.
In such case, for hardening purposes, a new dracut-shutdown-onfailure.service
unit doing dracut-shutdown.service cleanup needs to execute to make sure
switching root to an incomplete initramfs won't occur later.
See also RHBZ #1924587 (https://bugzilla.redhat.com/show_bug.cgi?id=1924587).
Use nohup instead of disown, and let systemd track the service properly.
This makes the scripts POSIX compatible and bash is no longer needed.
Signed-off-by: Kairui Song <kasong@tencent.com>
The regular expression here is trying to handle various kernel
module compression schemas and was missing the zst extension
which indicates use of zstd.
Mailbox drivers might be needed by some of the devices used in the
initrd. For example, on the Raspberry Pi 4, the MMC 'sdhci-iproc' driver
depends on 'bcm2835-mailbox'.
Signed-off-by: Adrien Thierry <athierry@redhat.com>
The 69-dm-lvm-metad.rules udev rule has been removed from
the initrd, because it's been dropped by recent upstream
lvm versions, and it never performed any primary function
within the initrd. But, it did have the job of setting
LVM_MD_PV_ACTIVATED=1 for active md devices used by PVs.
That step needs to be restored, and is now included in
64-lvm.rules.
Change the command listing LVs from lvscan to lvs, and list
only the LV names that are being activated. Before attempting
to activate an LV, check that that LV name appears in the
lvs command output. This avoids wasting time running an
lvchange command that we know will fail.
Previously, the lvm device filter generated by dracut
would not be used if any lvm.conf file existed in the
initrd. Change this so that the generated filter will
be used when the included lvm.conf has no filter set.
Drop checking for options that have been available for
at least ten years. This simplifies code maintenance.
Add the new --nohints option (when available) to disable
the use of hints which is not useful during startup.
The --partial option will activate a linear (or other) LV
without segments for missing devices, which is unlikely to
be useful. The intention was to activate raid LVs in a useful
form while missing devices, which is specified with the option
--activationmode degraded.
This udev rule runs pvscan to autoactivate VGs, which dracut
does not want to do, and previously disabled by editing the
rule file and commenting out lines.
This also stops /dev/disk/by-id/lvm-pv-uuid-* symlinks from
being created in the initrd.
Remove support for modifying use_lvmetad and locking_type
settings in lvm.conf for lvm versions 2.2.*. Recent lvm
versions (2.3.*) do not include lvmetad or locking_type.
This cleanup simplifies code maintenance.
To use the lvm module with older versions (2.2), a user
would need to ensure that lvmetad settings are disabled
in the initrd's lvm.conf rather than relying on the lvm
dracut mode to modify their lvm.conf.
Not all distributions utilize and ship the mpathconf utilitiy.
Avoid error messages and systemd complaints about
multipathd-configure.service in this case.
In the long run, it's desirable to be able to drop dracut's copy of
multipathd.service and use the upstream one from multipath-tools instead.
This patch makes a step in that direction.
With these changes, the only remaining difference is the support for
rd.multipath=0 and rd_NO_MULTIPATH, which must obviously be ignored in the
upstream unit.
The modifications in this patch are minor and will have no effect in the
initramfs.
The dependency of multipathd on "udev settle" has recently been removed in
c9689b6 ("multipathd: Remove dependency on systemd-udev-settle.service").
But this dependency has never been necessary in the initramfs environment. It
was only required after switching root, because multipathd would potentially
tear down valid multipath maps after switching from initrd to root FS. This can
happen because dm devices "survive" the root FS switch in the udev data
base (they have the "db_persist" flag set), whereas their component devices
(SCSI etc) do not. But this can only happen after initrd-udevadm-cleanup-db.service
has been run, which happens after initrd processing.
The only dependency that's really needed is that on
systemd-udevd-kernel.socket, because multipathd depends on uevents for
devices being delivered via systemd-udevd.
During boot dracut parses the provided UUID to lower case and thus starts an
endless loop wating for the devise to appear. The device is actually mapped
correctly by the kernel (which doesn't tweak the UUID) but because we are
waiting for a name with lower charachters the expeted device never appers which
drops us at the emergency shell leaving the system unbootable.
This happens especially on nfts/fat filesystems because technically those don't
have a UUID but searial numbers which are used by the linux tools as UUID.
An example kernel command line option for this configuration
root=/dev/sda1 ro rd.live.image rd.live.overlay.overlayfs=1
The change checks if $FSIMG is empty and adds a symlink from
/run/rootfsbase to /run/initramfs/live and changes the place
of the creation of the required mount point directories.
Since wicked-0.6.67, its dbus configuration files can be installed in /etc or /usr/share.
Also, check if it's using libexec or lib instead of displaying always an error.
This is a workaround for GRUB2's Btrfs implementation, which doesn't
correctly handle gaps between extents.
A fix has already been proposed upstream via
https://lists.gnu.org/archive/html/grub-devel/2021-10/msg00206.html
Given that this bug is severe, it makes sense to include this minimal
workaround.
Signed-off-by: David Disseldorp <ddiss@suse.de>
The current detection routine for openssl-based libcurl assumes that
libcurl has its own hardcoded path to the ca-bundle. Fix the
cases where curl is compiled with:
--with-ca-fallback --without-ca-path --without-ca-bundle
In this case, we must also grep in OpenSSLs libcrypto.
Other changes:
- Filter reported but non-existant paths.
- Strip nul bytes returned by grep.
- Consider that ca-bundles might use '.pem' instead of '.crt'.
Original-patch-by: Daniel Molkentin <daniel.molkentin@suse.com>
Starting with kernel 5.17 the kernel supports the builtin privacy screens
built into the LCD panel of some new laptop models.
This means that the drm drivers will now return -EPROBE_DEFER from their
probe() method on models with a builtin privacy screen when the privacy
screen provider driver has not been loaded yet.
Make dracut add the privacy screen providing drivers to the initrd
(when necessary for hostmode=yes), so that drm drivers on affected
drivers can probe() successfully.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
If the configured compression command is unavailable, reset $compress,
and fall back to auto-detection. This allows building an initramfs
even if the configured compression command is not installed. This can
happen e.g. if the distribution uses a preconfigured default, but the
user deinstalled the respective tool.
If the compression method is unset, or had to be reset because of
missing dependencies, inform the user what's being used. Also,
replace the printf in the "cat" case with a dwarn.
There's no need to decompress the kernel modules in dracut, and
"$kcompress" is never referenced. dracut can build the initramfs
just fine if there's no tool for decompressing modules.
End with error, or show a warning when nonexistent device is specified for network setup like
`ip=10.12.8.12::10.12.255.254:255.255.0.0:xk12:eth0:off`.
I've added the error only for `write-ifcfg.sh`, as I think no such setup should be written.
Resolves: #1712424
dracut does not install the kernel module of the block device that contains
the root filesystem if the following preconditions are met:
- Running in host-only mode.
- Symlinks of all block devices needed to boot the system pointing to virtual
subsystems.
The get_dev_module function uses "udevadm info -a" to get the corresponding
kernel modules of a /sys/class/*/* or /dev/* device. This function is called
in modules.d/90kernel-modules/module-setup.sh to detect if dracut must install
block device drivers in host-only mode. The symlinks in /sys/dev/block/
usually point to "real" devices in /sys/devices/pci*. But, we have come across
some NVMe systems where the kernel creates the symlinks in /sys/dev/block/
pointing to "virtual" devices instead. In this case, udevadm never finds any
"driver" attributes following up the chain of parent devices.
If the system provides more than one UUID, the _MD_UUID var
contains a line break after each UUID. Therefore the strstr
function could not find any UUID, caused by the additional
spaces provided to the function.
Furthermore this could lead to a boot interruption, because
the start of a degraded raid1 won't be executed. So, manual
interaction is necessary.
dracut-cpio already carries a bunch of unit tests covering compression
and GNU cpio extraction. The purpose of these tests is to exercise the
dracut.sh --enhanced-cpio code-paths as well as kernel cpio archive
extraction.
Signed-off-by: David Disseldorp <ddiss@suse.de>
The new dracut-cpio binary is capable of performing copy-on-write
optimized initramfs archive creation, but due to the rust dependency
isn't built / installed by default.
This change adds a new "--enhanced-cpio" parameter for dracut which
sees dracut-cpio called for archive creation instead of GNU cpio.
Signed-off-by: David Disseldorp <ddiss@suse.de>
dracut-cpio is a minimal cpio archive creation utility written in Rust.
It provides support for a minimal set of features needed to create
performant and space-efficient initramfs archives:
- "newc" archive format only
- reproducible; inode numbers, uid/gid and mtime can be explicitly set
- data segment copy-on-write reflinks
+ using Rust io::copy()'s native copy_file_range() support[1]
+ optional archive data segment alignment for optimal reflink use[2]
- hardlink support
- comprehensive tests asserting GNU cpio binary output compatibility
1. Rust io::copy() copy_file_range()
https://github.com/rust-lang/rust/pull/75272
2. Data segment alignment
We're bending the newc spec a bit to inject zeros after the file path
to provide data segment alignment. These zeros are accounted for in
the namesize, but some applications may only expect a single
zero-terminator (and 4 byte alignment). GNU cpio and Linux initramfs
handle this fine as long as PATH_MAX isn't exceeded.
Signed-off-by: David Disseldorp <ddiss@suse.de>
Crosvm's rust argument library is very small and simple, while still
providing helpful functionality. It will be consumed by dracut-cpio in a
subsequent commit.
The unmodified, BSD licensed argument.rs source is lifted as-is from
https://chromium.googlesource.com/chromiumos/platform/crosvm
(release-R92-13982.B b6ae6517aeef9ae1e3a39c55b52f9ac6de8edb31).
The one-line crosvm.rs wrapper is needed to ensure that crosvm::argument
imports continue to work.
Signed-off-by: David Disseldorp <ddiss@suse.de>
On platforms where the kernel is built without suspend/resume support we
see "cat: /sys/power/resume: No such file or directory" message when
creating an initrd image. Check for the presence of /sys/power/resume
first before reading it.
Signed-off-by: Dan Horák <dan@danny.cz>
Systemd is an optional module for the dmsquash-live module. This scenario
is properly handled for other modules (for example livenet module) but not
for dmsquash-live module.
When a forced shutdown is issued through sending a burst of Ctrl-Alt-Del
keys, systemd sends SIGTERM to all processes. This ends up killing
dracut-initramfs-restore as well, preventing the script from detecting
that the unpack of the initramfs is incomplete, which later causes a
crash to happen when "shutdown" tries to execute from the unpacked
initramfs.
This fix makes sure dracut-initramfs-restore remains alive to detect
the unpack failed (because cpio was killed by systemd too).
Refs:
* https://bugzilla.redhat.com/show_bug.cgi?id=2023665
There appears to be an issue with newer QEMU versions (spotted with Arch
Linux and C9S containers) which causes the respective GH Action to hang
when booting a QEMU VM in combination with the `-cpu max` parameter.
During (a particularly painful) debugging session I once managed to get
some output from such "frozen" machine (using `earlycon` and
`earlyprintk` kernel cmdline options), and in that particular case the
VM died with a trap caused by an invalid opcode.
I couldn't reproduce this locally, only in GH Actions environment with
Arch Linux and C9S containers. Also, so far I haven't found out which
specific CPUID flag causes this, but using the `IvyBridge-v2` feature
set seems to mitigate the issue.
Like the dwc/chipidea controllers the isp1760 can act in either
host or gadget mode so it ends up in it's own directory. Add this
driver into the initrd as it's part of some arm platforms and
is needed to be able to boot off USB storage.
Fixes issue #1619
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
The network-manager module also writes logs to the console, so that it's easier
to debug network-related boot issues. If systemd can't open the console, the
service fails and network doesn't get configured.
Add a check to disable tty output when the console is not present or not
usable.
https://github.com/coreos/fedora-coreos-tracker/issues/943
When systemd is compiled with ASAN library to troubleshoot memory issues
within systemd code, the libasan library expects to have /proc be
available as soon as systemd starts, which isn't the case currently,
causing an assertion to fail, systemd to crash and kernel to panic:
==1==AddressSanitizer CHECK failed: ../../../../libsanitizer/sanitizer_common/sanitizer_procmaps_common.cc:75 "((data_.proc_self_maps.len)) > ((0))" (0x0, 0x0)
<empty stack>
X.XXXXXXX Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100
[...]
We need to pull in Type-C USB drivers as they can provide a number of
differnet bits of functionality in early boot including input, display
(altmode DP) and storage so we need to have them available to ensure
functionality attached to those buses/interfaces are available in early
boot.
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
This removes the 'ExecStop=' field from `multipathd.service`.
Sometimes CI runs do encounter a failure related to this
service in initrd, which seems to be stemming from a socket
I/O race between the client and the server on shutdown.
It looks like the client (`multipathd shutdown`) can lose the race,
hit an I/O error, and cause the whole unit to fail (even if the server
managed to shutdown properly already).
Notably, the upstream unit does not have such stop command
as the daemon can already perform a graceful exit through
its signal handler.
As such, this commit partially re-aligns the two units,
trying to sidestep any of the existing races.
Refs:
* https://github.com/coreos/fedora-coreos-tracker/issues/803
* https://github.com/opensvc/multipath-tools/blob/0.8.7/multipathd/multipathd.service
Fix how ifname for a given local_address is found.
Fix logic to detect presence of ifname and route.
Signed-off-by: Charles Rose <charles.rose@dell.com>
Currently $_dev is always overridden with the value returned by
label_uuid_to_dev(). This results in an empty value if $_dev is a
device path. Fix this by calling label_uuid_to_dev() conditionally.
Bug: https://bugs.gentoo.org/807971
Fixes: d3532978de
On hostonly mode, the platform driver is not copied blindless. There
should be a way to detect the real hardware driver, which probes a block
device.
/sys/dev/block/major:minor is a symbol link, which points to the real
device, recording the hardware stack. And those info can help to
identify the associated drivers for the hardware stack.
Signed-off-by: Pingfan Liu <piliu@redhat.com>
---
v2 -> v3:
address shellcheck in dracut-functions.sh
v1 -> v2:
remove local variable _extra_mod
shorten subject
There are some workarounds in dracut.sh for FIPS/libpthread covering
some hidden lib dependency issues. These workarounds didn't take effect
for the squash loader since the squash loader is installed
independently. So apply these workarounds again.
Also skip the lib detection code, since these extra installed libs
are small, and squash loader contents are dropped after switch root,
won't be an issue to be always installed. And this makes the code
cleaner.
Signed-off-by: Kairui Song <kasong@redhat.com>
When NetworkManager is running as systemd service, it's not enough to write
connection files; the module should also tell NetworkManager to reload the
connections from disk so that any new connection can be auto-activated.
https://bugzilla.redhat.com/show_bug.cgi?id=1975929
Sice commit 22d6863ef1 ("fix(network-manager): cope with distributions not
using `libexec`") nm-initrd-generator can be installed in either /usr/libexec
or /usr/lib. Change other modules to check for the binary in both locations.
NetworkManager leaves state files behind in "/run/NetworkManager/devices".
These files are in keyfile format (glib's GKeyFile API [1]).
From the statefile, the dracut module writes a .dhcpopts file. And other users
want to parse that file, for example anaconda ([2]). To be fair,
anaconda seems to parse a different file, so I am a bit confused who
uses this file how. In any case, it seems somebody might be tempted to
execute this as a script.
We need to write the .dhcpopts file in a format that is defined and easy
to handle from a shell script. As already previously, this format is
a bash script that sets certain variables. That means, to load the file,
the user could execute it as bash script. But this is dangerous, as the
file contains potentially untrusted data from the network.
Optimally, users still don't trust the .dhcpopts file to be safe for
executing! It would be better if users too try to parse the file
instead of executing it. That is not trivial however because in face
of special characters, as we use bash's `printf '%q'` to escape the values
and parsing bash escaping is not trivial.
Anyway, make sure we properly quote and handle the content so that also
executing is safe. In the best case, there are no special characters
that require escaping, and naive parsing can be done with `sed`.
Otherwise, executing is now also supposed to be safe.
In this case we parse DHCP options from the state file. They are themselves
backslash escaped UTF-8 strings (C escape sequences), which then are stored
via keyfile API. The properly parse them, we would first need to load the file
with GKeyFile (which undoes one level of backslash escaping) and then
use g_str_compress() (to undo the second level). We mimic that with
shell.
[1] b3411d6780/dracut/fetch-kickstart-net.sh (L30)
[2] https://developer.gnome.org/glib/stable/glib-Key-value-file-parser.html
Signed-off-by: Thomas Haller <thaller@redhat.com>
Add support for loading EVM x509 certs from a directory that the user can
specify with the EVMKEYSDIR variable in the evm config file. By default
the additional certs are loaded from /etc/keys/evm.
Support for multiple EVM keys allows the usage in a system of files with
signed metadata from multiple parties.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com>
We want word splitting to occur so that the arguments are passed
separately, and we don't end up passing an empty string if no arguments
are specified.
Bug: https://bugs.gentoo.org/803548
Fixes: 2fabaaa62d
This tailing '/' will result in following error:
dracut-install: ERROR: installing '/etc/ld.so.conf.d/'
dracut: FAILED: /usr/lib/dracut/dracut-install -D /var/tmp/dracut.kEFQLs/initramfs -d /etc/ld.so.conf.d/
Signed-off-by: Kairui Song <kasong@redhat.com>
Since version 1.32, NetworkManager launches a tiny external helper to determine
the hostname via reverse DNS resolution through glibc's nss-dns. Include the
binary.
systemd-vconsole-setup.service may fail if the user specifies a missing keymap,
see [1,2,3], or font. This is unfortunate, but the system should not refuse
boot. It is better to continue, possible without the desired font or keymap.
All other systemd services that depend on systemd-vconsole-setup.service do so
without a hard Requires=.
(In particular, systemd-vconsole-setup internally will try to do as much setup
as possible, and will load the font even if it cannot load the keymap and vice
versa.)
[1] https://fedoraproject.org/wiki/Common_F34_bugs#kbd-legacy-media
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1955162
[3] https://bugzilla.redhat.com/show_bug.cgi?id=1955793
When running kdump on PowerPC, the following bug is hit:
[ 0.391629] Freeing unused kernel memory: 5568K
[ 0.391634] This architecture does not have kernel memory protection.
/bin/sh: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
[ 0.392214] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00007f00
[ 0.392214]
[ 0.392223] CPU: 6 PID: 1 Comm: init Not tainted 4.18.0-319.el8.ppc64le #1
[ 0.392228] Call Trace:
[ 0.392234] [c00000000c703c10] [c000000008ecb94c] dump_stack+0xb0/0xf4 (unreliable)
[ 0.392243] [c00000000c703c50] [c000000008167324] panic+0x148/0x3c4
[ 0.392249] [c00000000c703cf0] [c000000008170474] do_exit+0xcd4/0xd40
[ 0.392255] [c00000000c703dc0] [c0000000081705b0] do_group_exit+0x60/0x110
[ 0.392261] [c00000000c703e00] [c000000008170684] sys_exit_group+0x24/0x30
[ 0.392268] [c00000000c703e20] [c00000000800b408] system_call+0x5c/0x70
This is due to the non-conventional library path:
ldd /bin/bash
linux-vdso64.so.1 (0x00007fffbdc90000)
libtinfo.so.6 => /lib64/libtinfo.so.6 (0x00007fffbda80000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007fffbda50000)
libc.so.6 => /lib64/glibc-hwcaps/power9/libc-2.28.so (0x00007fffbd830000)
^^^
/lib64/ld64.so.2 (0x00007fffbdcb0000)
ldd finds the path by libc.so.6 -> /usr/lib64/libc.so.6 ->
/usr/lib64/glibc-hwcaps/power9/libc-2.28.so and cache the result. So
when dracut_install, it only saw
'/usr/lib64/glibc-hwcaps/power9/libc-2.28.so' and blind to
'/usr/lib64/libc.so.6'
In the final kdumpimg, the symlink /usr/lib64/libc.so.6 is not created,
hence ld.so can not find the /usr/lib64/glibc-hwcaps/power9/libc-2.28.so
On the other hand, during the process of building kdumpimg, all of dynamic library info
have been cached in ld.so.cache. Hence this bug can be simplely resolved
by keeping ld cache under $initdir/etc.
Signed-off-by: Pingfan Liu <piliu@redhat.com>
---
v3 -> v4:
use inst() instead of copy
v2 -> v3:
fix format by shfmt -s -w modules.d/99squash/module-setup.sh
v1 -> v2:
cp -r /etc/ld.so* instead of move, since after switch-root, initdir
can not be seen any longer
Fix potential memory leaks in two locations and use
_exit(EXIT_FAILURE) if asprintf(&abspath, ...) fails.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
On s390x KVM machines, the follow errors occurred,
$ kdumpctl rebuild
kdump: Rebuilding /boot/initramfs-4.18.0-321.el8.s390xkdump.img
/usr/lib/dracut/modules.d/95qeth_rules/module-setup.sh: line 13: /sys/devices/qeth/*/online: No such file or directory
/usr/lib/dracut/modules.d/95qeth_rules/module-setup.sh: line 13: /sys/devices/qeth/*/online: No such file or directory
because s390x KVM uses virtual devices and /sys/devices/qeth/*/online
doesn't exist. Eliminate this error by checking the existence
beforehand.
We get a nice warning about it being deprecated:
```
systemd-udev-settle.service is deprecated. Please fix nm-initrd.service not to pull it in.
```
The service is deprecated because its purpose was to wait for the
discovery of all hardware, but it didn't guarantee that (see the
systemd-udev-settle man page).
NM now runs as an independent service and can deal with devices showing
up at any point, but it does need udev to be started. For now just
Want/After systemd-udev-trigger.
If the gpg card is not inserted before the --card-status command is
executed then the public key is not linked with the card. Therefore,
the LUKS partition cannot be decrypted. To solve this, the
--card--status command is executed on each try.
[[ -d $symlink ]] will return true if the symlink points to a directory.
So the symlink will not be copied, instead a directory is created with
the symlink name and the content is copied.
Signed-off-by: Kairui Song <kasong@redhat.com>
While including a directory using '--include' option, the file and
subdirectory names that begin with '.' are not included. Also, dracut
throws a warning message when a subdirectory is empty or only has
files or subdirectories that begin with '.'.
For example, while trying to include /tmpdata directory with the
below tree:
# tree -a /tmpdata
/tmpdata
├── .anothertestdir
├── testdir
│ └── .testsubdir
└── .testfile
dracut throws the below warning message:
# dracut --include /tmpdata /root
cp: cannot stat '/tmpdata/testdir/*': No such file or directory
#
and this is how the included /tmpdata directory tree looks:
# tree -a root
root
└── testdir
No file or directory beginning with '.' is included & also, copying
/tmpdata/testdir reported "No such file or directory" warning. Using
'.' instead of '*' in the below command will fix the warning whether
the directory being copied is empty or only has files or directories
that begin with dot:
$DRACUT_CP -t "$object_destdir" "$dracutsysrootdir$objectname"/*
Also, enable 'dotglob' temporarily to include files and directories
beginning with a `.' in the results of pathname expansion of source
directory being included.
Signed-off-by: Hari Bathini <hbathini@linux.ibm.com>
Previously when NM was run without dbus then teaming would come
up appropriately [1], but now that dbus exists we also need to
include some supporting infrastructure to allow for it to work
again.
[1] d689380cfc
Don't use absolute path, or it may resolve to wrong files after unpack
the initramfs to a sub path on a running system.
Signed-off-by: Kairui Song <kasong@redhat.com>
On s390x, the `BOOT_IMAGE` karg injected by the bootloader is not a path
to the kernel image, but rather an integer describing the index of the
menu entry selected. Because of the way the s390x bootloader works,
there is no information retained about e.g. the path of the kernel that
was loaded.
This causes issues for the FIPS code which assumes that `BOOT_IMAGE` is
a path to the kernel image to derive the HMAC path. In non-OSTree
systems, this ends up working anyway, because the kernel is located at
the root of the boot partition. In OSTree systems, this is not the
case. However, OSTree systems use BLS configs, and they are named in
reverse order of precedence (i.e. menu ordering). So from the
`BOOT_IMAGE` integer, we can figure out which BLS entry was selected.
Add some code to do just this on s390x. This isn't completely foolproof,
because it presumes that (1) BLS configs were used to populate the
bootloader (and that they were exactly in the same state they currently
are when `zipl` was run), and (2) there are no other menu entries
originating from outside the BLS configs. However, if these assumptions
are wrong we would simply fail the boot, which is currently what is
happening anyway.
See also:
https://github.com/openshift/os/pull/546https://github.com/ibm-s390-linux/s390-tools/issues/78
Tested-by: Muhammad Adeel <muhammad.adeel@ibm.com>
Also install umount binary, make it possible to cleanup squash overlay
mounts. This is useful for other tools reusing the dracut initramfs built
with squash module enabled.
Signed-off-by: Kairui Song <kasong@redhat.com>
It is possible that user setup some early mount in the rootfs even
earlier, so just be more robust and cover that case too.
Signed-off-by: Kairui Song <kasong@redhat.com>
```
dracut-dev-lib.sh: line 92: str_replace: command not found
dracut-dev-lib.sh: line 98: /var/tmp/dracut.sabKZg/initramfs/initqueue/finished/devexists-.sh: No such file or directory
dracut-dev-lib.sh: line 83: /var/tmp/dracut.sabKZg/initramfs/emergency/80-.sh: No such file or directory
```
We welcome contributions from everyone. However, please follow the following guidelines when posting a GitHub Pull Request or filing a GitHub Issue on the dracut project:
By participating in this project, you agree to abide by the [code of conduct](docs/CODE_OF_CONDUCT.md).
# Filing Issues
We use GitHub Issues exclusively for tracking bugs and feature requests of dracut.
We only track bugs in the two most recently released versions of dracut in the GitHub Issue tracker.
If you are using an older version of dracut, please contact your distribution's bug tracker instead (see below). See GitHub Release Page for the list of most recent releases.
When filing an issue, specify the dracut version you are experiencing the issue with. Also, indicate which distribution you are using.
Please include an explanation how to reproduce the issue you are pointing out.
For more information on Coding Style and Commit messages see [Dracut Developer Guidelines](docs/HACKING.md).
# Older or downstream versions
For older or downstream versions that are still supported by your distribution please use respective downstream tracker:
* use RemainAfterExit=yes for multipathd-configure.service ([2334031a](https://github.com/dracutdevs/dracut/commit/2334031a890a1101c78f986681236c76ba806d91))
* create `/etc/multipath` only ([0940be90](https://github.com/dracutdevs/dracut/commit/0940be905843e93111e96c0d70c56389240fbc04))
* **Makefile:** reduce the number of shell invocations ([ad7d5bc8](https://github.com/dracutdevs/dracut/commit/ad7d5bc8ea181ef805f65ae690681ebe5ba29bbe))
* **base:**
* do not require chroot inside initramfs ([51813371](https://github.com/dracutdevs/dracut/commit/518133714b769160448a51c512d5e152ea6332da))
* **dmsquash-live-root:** check kernel for built-in `overlay` drivers ([d0cd7cd3](https://github.com/dracutdevs/dracut/commit/d0cd7cd38711b5425777c3b1595dbf4288beaa23))
* **dracut:**
* allow to set persistent policy based on /dev/mapper device names ([9cc7ceec](https://github.com/dracutdevs/dracut/commit/9cc7ceec1e9b4028d1a72bf51f9ea488d7ca11ac))
* shellcheck regression in DRACUT_INSTALL calls ([097dd367](https://github.com/dracutdevs/dracut/commit/097dd367bbd61da1577a182c535c5aacdfd07031))
* replace invalid lzo command with lzop for LZO compression ([b2d7561b](https://github.com/dracutdevs/dracut/commit/b2d7561b98d08c7e4018aa22dc36dc1242e50f09))
* check_kernel_module should follow dracutsysrootdir ([6c42d378](https://github.com/dracutdevs/dracut/commit/6c42d378abe528ee6f10c8272080eec5f3f44acb))
* suppress findmnt error msg if /etc/fstab not exist ([e9ed44c8](https://github.com/dracutdevs/dracut/commit/e9ed44c8864445d85018e31064cd888c358f1daf))
* **dracut-init:** make require_kernel_modules ignore no kernel build ([d460941b](https://github.com/dracutdevs/dracut/commit/d460941b51d0178683b9098e62ad57e43fb71011))
* **dracut-init.sh:**
* instmods: wrong variable name ([b12ee558](https://github.com/dracutdevs/dracut/commit/b12ee558f5660073ad26415794570188e8a427b0))
* add missing hostonly code in the inst_multiple function ([e2fdb30b](https://github.com/dracutdevs/dracut/commit/e2fdb30b56305aed9d3be32f394352c7c3fdbcef))
* propagate the result code returned by dracut-install ([d2f6f445](https://github.com/dracutdevs/dracut/commit/d2f6f445edb5de033d52ece0e982db38ac2614e2))
* **dracut-initramfs-restore.sh:**
* initramfs detection not working ([481b87fa](https://github.com/dracutdevs/dracut/commit/481b87fa7a82be54663071ad9ad76c34e378ddc7))
* use stripped kernel module path as hash key ([2f791b40](https://github.com/dracutdevs/dracut/commit/2f791b401b287f67f2421452b5f82cdb5285a637))
* do not try to copy files from the root directory ([ebbcf97d](https://github.com/dracutdevs/dracut/commit/ebbcf97dc7267f47ae568909305bcb05de2876b4))
* correctly waitpid() for cp ([13736c50](https://github.com/dracutdevs/dracut/commit/13736c50c797d63ab75468ded17bc7935d7f1f94))
* convert_abs_rel: return valid path on error ([06d31617](https://github.com/dracutdevs/dracut/commit/06d316171cd5e0e86c21006f93776ba9f49087cc))
* **dracut-logger.sh:** this fixes the dlog_init check for /dev/log ([6b592f58](https://github.com/dracutdevs/dracut/commit/6b592f581c1a5ec489acee95779867e0485770fd))
* **dracut-systemd:** run systemctl daemon-reload after remove_hostonly_files ([e1058b07](https://github.com/dracutdevs/dracut/commit/e1058b07ea2acb1bdb2d52f778639e093b1ed8a6))
* remove duplicate "dracut:" string in logger functions ([8410ee22](https://github.com/dracutdevs/dracut/commit/8410ee22903403cd673a22692a084125c835cbe9))
* do not fail on irregular files ([b72d0d7f](https://github.com/dracutdevs/dracut/commit/b72d0d7f9be53c1ad04f132daf0297aff7581e9c))
* **dracut.spec:** tpm2-tools is required for crypt module to work ([8abffe7c](https://github.com/dracutdevs/dracut/commit/8abffe7cca2e210e15c618beeffe7450be357f73))
* **drm:** add video drivers needed on hyper-v and similar ([85149b85](https://github.com/dracutdevs/dracut/commit/85149b85961aa535a3c61d492cd3594794e5cc3f))
* **github:** yml syntax and commit message for dependabot ([32f6dd1d](https://github.com/dracutdevs/dracut/commit/32f6dd1d5f0b7c24bda8bf950df176a0791045cb))
* **i18n:**
* do not fail if FONT in /etc/vconsole.conf has the file extension ([e1de5bd2](https://github.com/dracutdevs/dracut/commit/e1de5bd2d711df2c6814a3c3ab8472cdb4de9101))
* add required includes for keymaps ([fe8fa2b0](https://github.com/dracutdevs/dracut/commit/fe8fa2b0cadbb33e27c8dd8b5851548dcd65835c))
* **install.d:** add --verbose if KERNEL_INSTALL_VERBOSE=1 ([846a8453](https://github.com/dracutdevs/dracut/commit/846a845375b8a9ea48741079d523e6b464950ea7))
* **integrity:**
* do not enable EVM if there is no key ([90585c62](https://github.com/dracutdevs/dracut/commit/90585c624af15ba0abb7f32b0c2afc2b122dd019))
* **iscsi:** don't install the module if kernel doesn't support iscsi ([7917d797](https://github.com/dracutdevs/dracut/commit/7917d7976ded6384433ef8fb2ce1905f0a76358e))
* **kernel-modules:**
* add sysctl to initramfs to handle modprobe files ([33679fff](https://github.com/dracutdevs/dracut/commit/33679fff5deb733f9dfe8d005066ac98e107c083))
* always include nvmem driver on nvmem_on_arm ([bc965cd8](https://github.com/dracutdevs/dracut/commit/bc965cd8890013a6362733d217c18756134bbcdf))
* **load_fstype:** use $1 if $2 is missing ([401158e5](https://github.com/dracutdevs/dracut/commit/401158e58c47b2e1278a47b9cd236f501cfe2732))
* **lsinitrd.sh:**
* add a missing path to image ([e877be69](https://github.com/dracutdevs/dracut/commit/e877be69b41199ee4384ccb6352754bb9edfbba4))
* **lvm:** drop dm-eventd binary and libs from initramfs ([7d3184e4](https://github.com/dracutdevs/dracut/commit/7d3184e430823f7eee4acee87576acdcf02746c2))
* dracut.cmdline(7): correct syntax for rd.nonvmf ([4b69e63b](https://github.com/dracutdevs/dracut/commit/4b69e63b7414567a03e8da79acc2efe32e0a6a94))
* point man pages to github.com instead of kernel.org ([d6d55584](https://github.com/dracutdevs/dracut/commit/d6d555845e53dca0b083d59c8cedf465e6b70b71))
* no need to load the nvme module ([a3cf4ec9](https://github.com/dracutdevs/dracut/commit/a3cf4ec92202df43adf368c7fdd12e35d304a0e4))
* don't try to validate network connections in cmdline hook ([b3ff3f3f](https://github.com/dracutdevs/dracut/commit/b3ff3f3fbce6878a754332cd4a05374e5e1156c8))
* nvme list-subsys prints the address using commas as separator ([9664e98b](https://github.com/dracutdevs/dracut/commit/9664e98b5db603567d42d4d0c6e6ea1bd3d5bf24))
* **shell-completion:** add missing -p and --parallel options ([b30a00c2](https://github.com/dracutdevs/dracut/commit/b30a00c2a2815517e79eeaeef5f76fd6f923e61f))
* **systemd-networkd:** typo in systemd-networkd.socket local conf path ([d4732be8](https://github.com/dracutdevs/dracut/commit/d4732be87782016c2699fbf980d63ac366819942))
* **systemd-timesyncd:** typo in systemd-time-wait-sync.service local conf path ([e3ec51e1](https://github.com/dracutdevs/dracut/commit/e3ec51e128135d56c3995d87ca2a4ff65b253391))
* **dracut-install:** convert_abs_rel: canonicalise parent of from, too ([53dd6a9b](https://github.com/dracutdevs/dracut/commit/53dd6a9bbb0eb91dea0e56bec556bf865a920b2e), closes [#1781](https://github.com/dracutdevs/dracut/issues/1781))
* **dracut.sh:**
* populate uefi_cmdline if no other cmdline is given ([1157143d](https://github.com/dracutdevs/dracut/commit/1157143d67b02ccf95602ae082f6fbfd1a20f342))
* pass engine flag to sbsign allowing use with hardware devices ([897e5eff](https://github.com/dracutdevs/dracut/commit/897e5effe08f15de6b20099caeda7bc1167b7026))
* **fs-lib:** fsck_single can now handle PARTLABEL and PARTUUID ([d40617f7](https://github.com/dracutdevs/dracut/commit/d40617f720ce7d895be4f6297ac4342d4492c39a))
* **kernel-modules:** exclude USB drivers in strict hostonly mode ([7debf540](https://github.com/dracutdevs/dracut/commit/7debf540ca69d9171cb86b4752c882bac997c26e))
* **nvmf:** set rd.neednet=1 if tcp records encountered ([cf8986af](https://github.com/dracutdevs/dracut/commit/cf8986af7d9a3ce73f330de23d5312f924acea34))
* **overlayfs:**
* add new overlayfs module to dracut.spec ([b55563f6](https://github.com/dracutdevs/dracut/commit/b55563f635fb8aad5e141c4fa5d3e486dc2b0b60))
* add a new module called overlayfs ([40dd5c90](https://github.com/dracutdevs/dracut/commit/40dd5c90e0efcb9ebaa9abb42a38c7316e9706bd))
* **squash:** use require_kernel_modules for better module checking ([d4a9d6b4](https://github.com/dracutdevs/dracut/commit/d4a9d6b4c006a375e0b89396251e8ad1aecc0b16))
* **systemd-pcrphase:** introducing the systemd-pcrphase module ([d345ca2e](https://github.com/dracutdevs/dracut/commit/d345ca2efd5e017be5cc80cfc96137a7f0bee425))
* **systemd-portabled:** introducing the systemd-portabled module ([03babd95](https://github.com/dracutdevs/dracut/commit/03babd95e28bc884e87fd0885edafb2ee91f8935))
* **systemd-pstore:** introducing the systemd-pstore module ([758f2e69](https://github.com/dracutdevs/dracut/commit/758f2e69374d7865bf55a74ee218a1d52df20123))
* **test:** add new module to share code between tests ([f5689b42](https://github.com/dracutdevs/dracut/commit/f5689b42bdb9dfcb0f1b610d7db845ceac985061))
* **test-makeroot:** add new module to share code between tests ([54b963ca](https://github.com/dracutdevs/dracut/commit/54b963ca35a3a4cc8bcdb35e5e9ebb74af09191e))
* **test-root:** add new module to share code between tests ([b17a3103](https://github.com/dracutdevs/dracut/commit/b17a3103a516b5a45af954b1e2969a5256fffebc))
#### Performance
* **90kernel-modules:** use awk instead of shell monster ([77ac95d9](https://github.com/dracutdevs/dracut/commit/77ac95d9091afcfdbd1fe0372389613914dd1bc6))
* **dracut.sh:** do not mkdir $initdir/lib/dracut within a loop ([8d46cc01](https://github.com/dracutdevs/dracut/commit/8d46cc01a95afc6902e8c86a795db082622a3c74))
#### Contributors
- Laszlo Gombos <laszlo.gombos@gmail.com>
- Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
- Martin Wilck <mwilck@suse.de>
- Kairui Song <kasong@tencent.com>
- Marcos Mello <marcosfrm@gmail.com>
- наб <nabijaczleweli@nabijaczleweli.xyz>
- David Tardon <dtardon@redhat.com>
- Jóhann B. Guðmundsson <johannbg@gmail.com>
- Matt Coleman <matt@datto.com>
- Pavel Valena <pvalena@redhat.com>
- Alberto Planas <aplanas@suse.com>
- Brian C. Lane <bcl@redhat.com>
- Jonathan Lebon <jonathan@jlebon.com>
- Lukas Nykryn <lnykryn@redhat.com>
- keentux <valentin.lefebvre@suse.com>
- Cole Robinson <crobinso@redhat.com>
- Daan De Meyer <daan.j.demeyer@gmail.com>
- Frederick Grose <4335897+FGrose@users.noreply.github.com>
* **Makefile:** use of potentially unset variable ([1354d633](https://github.com/dracutdevs/dracut/commit/1354d6339a2e603fe0787bc028f9e7e1d49cbf82))
* **bluetooth:**
* accept compressed firmwares in inst_multiple ([09a1e5af](https://github.com/dracutdevs/dracut/commit/09a1e5afd2eaa7f8e9f3beaf8a48283357e7fea0))
* nullglob should not be needed ([36aaa74f](https://github.com/dracutdevs/dracut/commit/36aaa74f3641d375cb435298864fad1945444893))
* make $dbussystem/bluetooth.conf optional ([a38d9ec0](https://github.com/dracutdevs/dracut/commit/a38d9ec0320f3819a3b70dc5bb59f6d2fc570149))
* **configure:** check for SYS-gettid during configure ([0ef40d88](https://github.com/dracutdevs/dracut/commit/0ef40d88124fe67726b8b5d8321dce064c727447))
* **connman:** copy netroot.sh from the network module and install it ([f6d83f9f](https://github.com/dracutdevs/dracut/commit/f6d83f9f5cd4850468f26048f8eed015dc2bd0e0))
* **crypt:** add missing is_keysource parameter to cryptroot-ask ([6c11a8fc](https://github.com/dracutdevs/dracut/commit/6c11a8fcee08c297a34bd5c5215a7a29d3529b85))
* **dmsquash-live:**
* mount live device with the correct type ([08ed7b2d](https://github.com/dracutdevs/dracut/commit/08ed7b2d0035eaa699c139bc9719f90190f6ffc1))
* permanent overlay on the same drive as LiveCD .iso ([9a884b3a](https://github.com/dracutdevs/dracut/commit/9a884b3afce1ebc8c6a6e5f62594ce708486a826))
* **dracut:** default to correct firmware search paths ([95aeed89](https://github.com/dracutdevs/dracut/commit/95aeed8975dd5a2af782ec986f2af6176b585c59))
* do not fail when SOURCE is optional and missing ([bd1a5ca9](https://github.com/dracutdevs/dracut/commit/bd1a5ca9ae9e347061e67e51be29335ab074ad95))
* **dracut-systemd:**
* drop misleading man page reference ([77c28b30](https://github.com/dracutdevs/dracut/commit/77c28b3020b7dede848d8282151f609d80905b05))
* correct service dependencies ([85fdff12](https://github.com/dracutdevs/dracut/commit/85fdff1212e708d335f035926f3c2a6b87bb1c3c))
* **dracut.cmdline.7:** {=> must} also be specified ([27071e9a](https://github.com/dracutdevs/dracut/commit/27071e9a0e7928bccc45469eb659cdafb20f134b))
* **dracut.sh:**
* format usage and add missing options ([9bef7109](https://github.com/dracutdevs/dracut/commit/9bef71094eba84a9eac161fc45386ccd73bd2b34))
* always check that MACHINE_ID is not empty ([527fdfa1](https://github.com/dracutdevs/dracut/commit/527fdfa1517b7f010afa049fe6add71e4c916cdd))
* avoid calling dfatal before dracut-logger is sourced ([012d7db2](https://github.com/dracutdevs/dracut/commit/012d7db27da7416471ed49ee2ca666ab95837f47))
* **install:** restore musl support ([ce55a85e](https://github.com/dracutdevs/dracut/commit/ce55a85ed5d902c19d75895508856f96ec2ceb1a))
* **integrity:** do not display any error if there is no IMA certificate ([f63f411d](https://github.com/dracutdevs/dracut/commit/f63f411d52df613936082d646ab072447b8b9d7f))
* **iscsi:**
* do not exit in handle_netroot() if discovery failed ([319dc7fe](https://github.com/dracutdevs/dracut/commit/319dc7fe10585a19d1a051f8ad1ba0190f86ff1f))
* **resume:** correct call to block_is_netdevice function ([a7a4b76c](https://github.com/dracutdevs/dracut/commit/a7a4b76c4ad5794f5f8a24ecd5b495f1512d05f7))
* **dracut-install:** support ZSTD-compressed firmware with .zst suffix ([9d8387ed](https://github.com/dracutdevs/dracut/commit/ 9d8387ed803dfc3e8b97d2e415a15083774d7ac6))
* **dracut-systemd:** use Documentation= to point to man page ([42e8f17c](https://github.com/dracutdevs/dracut/commit/ 42e8f17c2481d33a3d6ba23f653c835e0cda6994))
* **lvm:** add new module lvmthinpool-monitor ([d9812fc4](https://github.com/dracutdevs/dracut/commit/d9812fc4ae18a39c144140dd60cb03e16e0d2e06))
* **man:** add documentation for rd.luks.key.tout ([65e41b54](https://github.com/dracutdevs/dracut/commit/65e41b54600878e3e08bbe3b60f66524e1d166a8))
* **squash:**
* add shell completion for --squash-compressor option ([e2aee2d4](https://github.com/dracutdevs/dracut/commit/e2aee2d436cf68c4515a381d620a963ff18dcf05))
* update the manual page for --squash-compressor ([3693bfef](https://github.com/dracutdevs/dracut/commit/3693bfef2fc252f5a4b18278c87a1076896b7fb5))
* decouple the compressor for dracut and dracut-squash ([90d9ae8c](https://github.com/dracutdevs/dracut/commit/90d9ae8ca814c26045ecea63fa15bd8959076d0d))
* **url-lib.sh:** add --retry-connrefused to default curl arguments ([90032a46](https://github.com/dracutdevs/dracut/commit/ 90032a463190ab68f20f493894f667320466082d))
* **virtiofs:** virtiofs root filesystem support ([4632f799](https://github.com/dracutdevs/dracut/commit/4632f799954c18eb8f655efe05b1e6ce30246828))
#### Contributors
- Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
* write zeros instead of seek for padding and alignment ([0af11c5e](https://github.com/dracutdevs/dracut/commit/0af11c5ea5018a3e1049a2207a9a671049651876))
* **crypt:** remove quotes from cryptsetupopts ([e0abf88a](https://github.com/dracutdevs/dracut/commit/e0abf88a15d23fbf793cf872397016ad86aeaaa8), closes [#1528](https://github.com/dracutdevs/dracut/issues/1528))
* **crypt-gpg:**
* tr needs to be installed ([a93fbc4a](https://github.com/dracutdevs/dracut/commit/a93fbc4ae00d8c6ecda67319a6425f7966609bbe))
* execute --card-status on each try ([66100936](https://github.com/dracutdevs/dracut/commit/6610093698db25fda1d584b9771da1e2c2330095))
* remove collect based udev rule creators ([ebafbd82](https://github.com/dracutdevs/dracut/commit/ebafbd824175e201ae9476576588a896c6b7d7eb))
* **dmsquash-live:**
* option to use overlayfs on a block device root ([813577e2](https://github.com/dracutdevs/dracut/commit/813577e2ba034b448d2cf2d2857b2d20d56c0259))
* do not install systemd files when systemd is not enabled ([bf8738d3](https://github.com/dracutdevs/dracut/commit/bf8738d31ca53ad6410c46c1f9b2a4a12273b9a3))
* **dracut-install:** tweaks to get_real_file() ([1beeaf3b](https://github.com/dracutdevs/dracut/commit/1beeaf3b71aed763d5fc7a9ee044d675f8906e8c))
* **dracut-shutdown:** add cleanup handler on failure ([7ab1d002](https://github.com/dracutdevs/dracut/commit/7ab1d00227cad6f1b86ba01fdc766769faebb031))
* **dracut-systemd:** do not use Requires for vconsole-setup.service ([a7f5429c](https://github.com/dracutdevs/dracut/commit/a7f5429cb81f7ffdf9bd5684af8d36725170b756))
* **dracut.sh:**
* do not ignore invalid config file or dir path ([7de9ffc0](https://github.com/dracutdevs/dracut/commit/7de9ffc0574790ecbad74b5a000ecd022d7736d4))
* check kernel zstd support early ([475497b1](https://github.com/dracutdevs/dracut/commit/475497b1bd12c006c782541124b6427cb7ef4cb7))
* check availability of configured compression ([bdac657b](https://github.com/dracutdevs/dracut/commit/bdac657bf65615438942a872491a818750735014))
* inform user about auto-selected compression method ([06d47ded](https://github.com/dracutdevs/dracut/commit/06d47ded679231e1370cc655c1df408fc865baac))
* drop pointless check for module compression method ([586d3e76](https://github.com/dracutdevs/dracut/commit/586d3e7664c00bf144becfa69dde2dbab8711d51))
* change misspelled variable name ([acfd97a9](https://github.com/dracutdevs/dracut/commit/acfd97a94385c33cd6cef4e5a37f233ea4081288))
* remove wrong $ in loop sequence ([f1245b5b](https://github.com/dracutdevs/dracut/commit/f1245b5bc13a98ef0dcc679dcef6148214e09503))
* handle symlinks appropriately while using '-i' option ([c7fbc0c8](https://github.com/dracutdevs/dracut/commit/c7fbc0c8901917baf0d1f0822568e65c6ec00d18))
* handle '-i' option to include files beginning with '.' ([f1138012](https://github.com/dracutdevs/dracut/commit/f1138012c9dc44e6614466c0a8e929fc55e4a5dd))
* **drm:** add privacy screen modules to the initrd ([14d97a6a](https://github.com/dracutdevs/dracut/commit/14d97a6a28c6172340c47c89374358aaf4e2629d))
* segfault on popen error ([5c2f72f1](https://github.com/dracutdevs/dracut/commit/5c2f72f152ec319a8001d1ff0bfd1f81a9130b04))
* extend hwcaps library handling to libraries under glibc-hwcaps/ ([10ed204f](https://github.com/dracutdevs/dracut/commit/10ed204f873f454dcd15ffcc82dc3a1c781c1514))
* use size_t to avoid -Wsign-compare warning ([55468a2d](https://github.com/dracutdevs/dracut/commit/55468a2d40182de4cce5ba4ecd5dcd96be03bd4d))
* add a missing ret value assignment ([6a444261](https://github.com/dracutdevs/dracut/commit/6a44426162d5b1b7084b17f921799863d353f847))
* **integrity:** add support for loading multiple EVM x509 certs ([9da76af8](https://github.com/dracutdevs/dracut/commit/9da76af8e7f0f7a939b2ee44f0b4a5ce0bdd3b0b))
* **iscsi:** add support for the new iscsiadm "no-wait" (-W) command ([7374943a](https://github.com/dracutdevs/dracut/commit/7374943ae3d063f0142c969b132c4156030fda8b))
* **kernel-modules:**
* add mailbox drivers for arm ([0e80ff72](https://github.com/dracutdevs/dracut/commit/0e80ff72e01d28e7e92d3adbf98ec40bdbdc37fe))
* add blk_mq_alloc_disk and blk_cleanup_disk to blockfuncs ([b292ce72](https://github.com/dracutdevs/dracut/commit/b292ce7295f18192124e64e5ec31161d09492160))
* add more modules on RISC-V ([3cc9f1c1](https://github.com/dracutdevs/dracut/commit/3cc9f1c10c67dcdb5254e0eb69f19e9ab22abf20))
* add isp1760 USB controller ([15398458](https://github.com/dracutdevs/dracut/commit/15398458685d376fef56b1bf6fe09ae7c68324c1))
* add Type-C USB drivers for generic initrd ([a1287c62](https://github.com/dracutdevs/dracut/commit/a1287c627f28b16b1b066b7c256549b832bd98de))
* **man:** default value of rd.retry was increased to 180 seconds ([4855242c](https://github.com/dracutdevs/dracut/commit/4855242ce5cb586afd2eebd91df57ce1d28ae6b5))
* **mdraid:** allow UUID comparison for more than one UUID ([d364ce83](https://github.com/dracutdevs/dracut/commit/d364ce8334fef96f48492bd0fb3b7deac37bbb66))
* **memstrack:** drop bash runtime requirement ([35822f39](https://github.com/dracutdevs/dracut/commit/35822f39970b369301e0ff54436d5714dd996896))
* check if mpathconf is available ([4318533e](https://github.com/dracutdevs/dracut/commit/4318533e1493bfab622b64efc1b799426c812c26))
* drop ExecStop= setting from service unit ([9491e599](https://github.com/dracutdevs/dracut/commit/9491e599282d0d6bb12063eddbd192c0d2ce8acf))
* get config. dir from configuration ([2e3c5444](https://github.com/dracutdevs/dracut/commit/2e3c5444d271cb8f05955858b8fdc367c4ea5c48))
* **multipathd.service:**
* drop dependencies on iscsi and iscsid ([6246da40](https://github.com/dracutdevs/dracut/commit/6246da400fa7f527a1ff1c620bf85ac9f6644508))
* adapt to upstream multipath-tools unit file ([a247d2bc](https://github.com/dracutdevs/dracut/commit/a247d2bc0d4c6d37a2ea4f3da98dd7902bb37385))
* remove dependency on systemd-udev-settle ([371b338a](https://github.com/dracutdevs/dracut/commit/371b338a5f19d40ff4c3216dc0f27f9a00cf4e22))
* **network:**
* consistent use of "$gw" for gateway ([3f2c76bb](https://github.com/dracutdevs/dracut/commit/3f2c76bb1456941a28d3333569d2bf18f8624617))
* wrong test of wicked unit ([22e68307](https://github.com/dracutdevs/dracut/commit/22e683077a686b592da55e1d247b31f65c95d481))
* add errors and warnings when network interface does not exist ([79389352](https://github.com/dracutdevs/dracut/commit/7938935267dd8824f074adf84c219340ad4c8db6))
* **network-manager:**
* skip non-directories in /sys/class/net ([d9c3c774](https://github.com/dracutdevs/dracut/commit/d9c3c77437d91d7d66369a3ef701ffc5e501346d))
* disable tty output if the console is not usable ([f6e6be24](https://github.com/dracutdevs/dracut/commit/f6e6be245d0cda14d90a0442b688c8dca1410a2e))
* show output on console only with rd.debug enabled ([e07b7ad0](https://github.com/dracutdevs/dracut/commit/e07b7ad0e7f5dbb8024336f3075610b3b74ffb2e))
* write DHCP filename option to dhcpopts file ([38320fce](https://github.com/dracutdevs/dracut/commit/38320fce56a8d83b79d6c970c491a454ba9de213))
* check for nm-initrd-generator in both /usr/{libexec,lib} ([5ee7e249](https://github.com/dracutdevs/dracut/commit/5ee7e249b8cc74461122ccd7efe954b3402c23da))
* ensure safe content of /tmp/dhclient."$ifname".dhcpopts ([e509c638](https://github.com/dracutdevs/dracut/commit/e509c638e68a8e3cae446d1a4f9f86e3aa6e7a99))
* include nm-daemon-helper binary ([0e590531](https://github.com/dracutdevs/dracut/commit/0e5905315e92dfc095f543fd73db6190db533217))
* don't pull in systemd-udev-settle ([a0f12fb6](https://github.com/dracutdevs/dracut/commit/a0f12fb6a09b09f35ab28753d7c4461c10a8b562))
* support teaming under NM+systemd ([a97d2ced](https://github.com/dracutdevs/dracut/commit/a97d2cedcf65a9a2fbff2591171f0163c7d3cb46))
* pull in network.target in nm-initrd.service ([a97d6e2b](https://github.com/dracutdevs/dracut/commit/a97d6e2b13146783831b166ec5e8b33b29c514b0))
* **qeth_rules:** check the existence of /sys/devices/qeth/*/online beforehand ([6c71ba41](https://github.com/dracutdevs/dracut/commit/6c71ba4121ae64ccd13fefba68ca327ac623810f))
* **resume:**
* resume using /usr/lib64/suspend ([c4593734](https://github.com/dracutdevs/dracut/commit/c459373448d24760d15e22fde7c6f811c7891376))
* check for presence of /sys/power/resume ([0b977906](https://github.com/dracutdevs/dracut/commit/0b97790626bff3579755b38f78a9c524a075cfcc))
* **rootfs-block:** make the base module dependency explicit ([3326e4c9](https://github.com/dracutdevs/dracut/commit/3326e4c957d0499495d9e91182fc574b960ace86))
* **s390_rules:** drop collect installation ([f905c3a7](https://github.com/dracutdevs/dracut/commit/f905c3a72c975cf6006f266755cc91229132c739))
* **shutdown:** be robust against forced shutdown ([b9ba3c8b](https://github.com/dracutdevs/dracut/commit/b9ba3c8bb8f0f1328cd1ffaa8dbf64585b28c474))
* **skipcpio:**
* calculate and use CPIO_MAGIC_LEN ([3fb8723c](https://github.com/dracutdevs/dracut/commit/3fb8723ce0066b4ba92f6dbfc4373a66d1f551c4))
* add a missing library ([c656b612](https://github.com/dracutdevs/dracut/commit/c656b612b101e4834e01f9841162e2629a7272f7))
* typo in depends() ([8b17105b](https://github.com/dracutdevs/dracut/commit/8b17105bed69ed90582a13d97d95ee19e6581365))
* **url-lib:**
* SC2086: Double quote to prevent globbing and word splitting ([acb18869](https://github.com/dracutdevs/dracut/commit/acb18869e98687a3f8c172d7e7befaa5326cf67a))
* SC2046: Quote this to prevent word splitting ([ec50cec3](https://github.com/dracutdevs/dracut/commit/ec50cec3bd9169410df409e077d0487c63c2a627))
* add rust argument parsing library from crosvm ([94fc5026](https://github.com/dracutdevs/dracut/commit/94fc50262f5e6c28d92782dc231fbb6c61855954))
* **crypt:**
* check if pkcs11 module is needed in hostonly mode ([56f4fb6c](https://github.com/dracutdevs/dracut/commit/56f4fb6cb755327c77c32f8c414a4a0e64fc933c))
* check if fido2 module is needed in hostonly mode ([d5fd030c](https://github.com/dracutdevs/dracut/commit/d5fd030cc285730e1a1b9e0e78a1e1dc4daabfe0))
* check if tpm2-tss module is needed in hostonly mode ([5d990a00](https://github.com/dracutdevs/dracut/commit/5d990a004b5ae6863f2c9a633b184c07dd73563d))
* add "--enhanced-cpio" option for calling dracut-cpio ([afe4a6db](https://github.com/dracutdevs/dracut/commit/afe4a6dbb7df62982baab8212bba5d90010dfbac))
* check if target kernel has zstd support compiled in ([591118c5](https://github.com/dracutdevs/dracut/commit/591118c56da2bfcea060e3b7671bc87b23c0e44a))
* **fido2:** introducing the fido2 module ([049973b7](https://github.com/dracutdevs/dracut/commit/049973b708298ea0ce1ac9c869b404f4c718eff3))
* **lvm:**
* only run lvchange for LV that is seen on devices ([1af46743](https://github.com/dracutdevs/dracut/commit/1af46743195422aaebcde5c508a5dd479eff51ea))
* use generated filter when none is set ([7ffc5e38](https://github.com/dracutdevs/dracut/commit/7ffc5e388bcce20785803825bdd260c3c854b34f))
* **systemd:** enable support for systemd compiled with ASAN ([d502d2a8](https://github.com/dracutdevs/dracut/commit/d502d2a816ba8f8329b3d8616bd2a7e82a0ad21f))
* **systemd-integritysetup:** introducing the systemd-integritysetup module ([33cf47a6](https://github.com/dracutdevs/dracut/commit/33cf47a60870cc290bd5b59c9cf87c54ad37051f))
#### Contributors
- Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
- David Disseldorp <ddiss@suse.de>
- Martin Wilck <mwilck@suse.de>
- Jóhann B. Guðmundsson <johannbg@gmail.com>
- Shreenidhi Shedi <sshedi@vmware.com>
- David Teigland <teigland@redhat.com>
- Beniamino Galvani <bgalvani@redhat.com>
- Thomas Blume <thomas.blume@suse.com>
- Kairui Song <kasong@redhat.com>
- Laszlo Gombos <laszlo.gombos@gmail.com>
- Renaud Métrich <rmetrich@redhat.com>
- Dusty Mabe <dusty@dustymabe.com>
- Masahiro Matsuya <mmatsuya@redhat.com>
- Alexander Wenzel <alexander.wenzel@qbeyond.de>
- Andre Russ <andre.russ@sap.com>
- Cornelius Hoffmann <coding@hoffmn.de>
- David Tardon <dtardon@redhat.com>
- Frantisek Sumsal <frantisek@sumsal.cz>
- Harald Hoyer <harald@profian.com>
- José María Fernández <josemariafg@gmail.com>
- Kairui Song <kasong@tencent.com>
- Peter Robinson <pbrobinson@fedoraproject.org>
- Pingfan Liu <piliu@redhat.com>
- Tony Asleson <tasleson@redhat.com>
- Zoltán Böszörményi <zboszor@gmail.com>
- Adrien Thierry <athierry@redhat.com>
- Alexander Tsoy <alexander@tsoy.me>
- Andreas Schwab <schwab@suse.de>
- Andrey Sokolov <keremet@altlinux.org>
- Brandon Sloane <btsloane@verizon.net>
- Charles Rose <charles.rose@dell.com>
- Coiby Xu <coxu@redhat.com>
- Dan Horák <dhorak@redhat.com>
- Dirk Müller <dirk@dmllr.de>
- Glenn Morris <rgm@stanford.edu>
- Hans de Goede <hdegoede@redhat.com>
- Hari Bathini <hbathini@linux.ibm.com>
- Henrik Gombos <henrik99999@gmail.com>
- Jonathan Lebon <jonathan@jlebon.com>
- LinkTed <link.ted@mailbox.org>
- Lubomir Rintel <lkundrak@v3.sk>
- Luca BRUNO <luca.bruno@coreos.com>
- Lukas Nykryn <lnykryn@redhat.com>
- Matthias Berndt <matthias_berndt@gmx.de>
- Mike Gilbert <floppym@gentoo.org>
- Pavel Valena <pvalena@redhat.com>
- Stefan Berger <stefanb@linux.ibm.com>
- Thomas Haller <thaller@redhat.com>
- Tomasz Paweł Gajc <tpgxyz@gmail.com>
- Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
- joshuacov1 <joshuacov@gmail.com>
- lapseofreason <lapseofreason0@gmail.com>
dracut-055
==========
#### Bug Fixes
* **base:**
* add missing `str_replace` to `dracut-dev-lib.sh` ([148e420b](https://github.com/dracutdevs/dracut/commit/148e420be5b5809aa8d5033f47477573bbbf3e60))
* split out `dracut-dev-lib.sh` ([c08bc810](https://github.com/dracutdevs/dracut/commit/c08bc8109d4c43beacfa4bcdc20a356102da6d02))
* **bash:** minor cleanups ([9355cb8e](https://github.com/dracutdevs/dracut/commit/9355cb8ea5024533210067373657dc337d63ecb9))
* **dash:** minor cleanups ([f4ea5f87](https://github.com/dracutdevs/dracut/commit/f4ea5f8734c4636f7d6db78da76e9525beb9a0ac))
* **dracut:** pipe hardlink output to `dinfo` ([0a6007bf](https://github.com/dracutdevs/dracut/commit/0a6007bf4f472565d2c0c205a56edea7ba3e3bc3))
* **dracut-functions:** get_maj_min without get_maj_min_cache_file set ([a277a5fc](https://github.com/dracutdevs/dracut/commit/a277a5fc7acc0a9e8d853f09671495f9d27645c1))
* **dracut-util:** print error message with trailing newline ([b9b6f0ee](https://github.com/dracutdevs/dracut/commit/b9b6f0ee5b859a562e46a8c4e0dee0261fabf74d))
* **integrity:** require ALLOW_METADATA_WRITES to come from EVM config file ([b12d91c4](https://github.com/dracutdevs/dracut/commit/b12d91c431220488fecf7b4be82427e3560560cb))
* **mksh:** minor cleanups ([6c673298](https://github.com/dracutdevs/dracut/commit/6c673298f36990665467564e6114c9ca2530f584))
* **squash:** don't mount the mount points if already mounted ([636d6df3](https://github.com/dracutdevs/dracut/commit/636d6df3134dde1dac72241937724bc59deb9303))
* **warpclock:** minor cleanups ([7d205598](https://github.com/dracutdevs/dracut/commit/7d205598c6a500b58b4d328e824d0446276f7ced))
#### Features
* **dracut.sh:** detect running in a container ([7275c6f6](https://github.com/dracutdevs/dracut/commit/7275c6f6a0f6808cd939ea5bdf1244c7bd13ba44))
* **install:** add default value for --firmwaredirs ([4cb086fa](https://github.com/dracutdevs/dracut/commit/4cb086fa2995799b95c0b25bc9a0cf72ba3868ea))
@@ -40,7 +40,7 @@ This Code of Conduct applies within all community spaces, and also applies when
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the project maintainer responsible for enforcement Harald Hoyer <harald@redhat.com>.
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the project maintainer responsible for enforcement Harald Hoyer <harald@profian.com>.
All complaints will be reviewed and investigated promptly and fairly and will result in a response that is deemed necessary and appropriate to the circumstances.
Project maintainers are obligated to respect the privacy and security of the reporter of any incident.
Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
Wait until the tarballs are synced to http://www.kernel.org/pub/linux/utils/boot/dracut/ .
8. Create a new release on github (https://github.com/dracutdevs/dracut/releases/new)
6. Create a new release on github (https://github.com/dracutdevs/dracut/releases/new)
- Add the section from `NEWS.md` to the release.
- Attach the tarballs and signature file from http://www.kernel.org/pub/linux/utils/boot/dracut/ to the github release.
9.Close the github milestone and open a new one (https://github.com/dracutdevs/dracut/milestones)
10. Ensure that announcement was sent and reached the linux-initramfs mailinglist (https://www.spinics.net/lists/linux-initramfs/)
7.Open a new milestone, move all unfinished issue from the previous milestone to the new one and close the released milestone (https://github.com/dracutdevs/dracut/milestones)
Security is very important to us. If you discover any issue regarding security, we'd appreciate a non-public disclosure of
the information, so please disclose the information responsibly by sending an email to Harald Hoyer harald@redhat.com and not by creating a GitHub issue.
the information, so please disclose the information responsibly by sending an email to Harald Hoyer <harald@profian.com> and not by creating a GitHub issue.
We will respond swiftly to fix verifiable security issues with the disclosure being coordinated with distributions and relevant security teams.
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
