Currently there is no usb support on RPi4 in the
initrd phase as the pcie-brcmstb module is missing.
If part of the boot is handled from a USB stick
(e.g. with Ignition), the stick cannot be accessed.
Topi Miettinen [Wed, 26 Feb 2020 12:48:18 +0000 (14:48 +0200)]
Don't resolve libraries lazily if tmpdir is mounted with 'noexec'
If the temporary directory for images is mounted with 'noexec', dracut
would construct unbootable images because most dynamic libraries
aren't installed. Avoid this by not resolving library dependencies
lazily if the temporary directory is mounted with 'noexec'.
Frantisek Sumsal [Fri, 28 Feb 2020 17:07:12 +0000 (18:07 +0100)]
github: fetch git tags before testing
GitHub workflows fetch a clone of the dracut repository which doesn't
contain git tags, thus "breaking" the RPM build in certain situations
i.e.:
DRACUT_MAIN_VERSION in Makefile is defined as an output of `git describe`,
which in full git clone returns a tag with a numeric version. However,
without tags it returns SHA of the last commit, which later propagates into
`Provides:` attribute of the built RPM and can break dependency tree when
installed
Frantisek Sumsal [Mon, 24 Feb 2020 20:56:37 +0000 (21:56 +0100)]
Makefile: fix RPM build
`make rpm` usually chose `/tmp` as the `$rpmbuild` dir, which breaks the
dracut build, since it needs to execute `./configure`, but `/tmp` is
mounted with `-o noexec`, leading to:
```
/var/tmp/rpm-tmp.SwEhJO: line 46: ./configure: Permission denied
error: Bad exit status from /var/tmp/rpm-tmp.SwEhJO (%build)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.SwEhJO (%build)
```
Harald Hoyer [Wed, 26 Feb 2020 15:53:47 +0000 (16:53 +0100)]
network-legacy/net-genrules.sh: use $name instead of $env{INTERFACE}
The original behavior of $env{INTERFACE} was undocumented and changed in
the recent udev versions, breaking the ability to bring up networking
reliably. Switching to $name directive should fix this issue.
Previously, we were doing `setup_net` from `ifup` for any setup that
wasn't DHCP, since those are already taken care of by `dhclient-script`.
The issue is that the case-statement we use to detect this doesn't catch
options like `ip=dhcp,dhcp6`.
Fix this by reworking the logic here to just check if a
`setup_net_$netif.sh` hook exists. If so, then we know that `setup_net`
will be called for this interface later.
This was causing issues in RHCOS which now ships with `ip=dhcp,dhcp6` to
support IPv6 environments[1]. The code here would make us do `setup_net`
pre-emptively which IIUC would then cause the initqueue to finish
earlier even if we had more udev netif events to process.
Donovan Tremura [Sat, 15 Feb 2020 05:18:19 +0000 (05:18 +0000)]
Support the EFI Stub loader's splash image feature.
Checks if `uefi_splash_image` exists in `dracutsysroot` if not unset
`uefi_splash_image`. Alternate Value parameter expansion adds section-vma
for splash image to EFI stub loader when the path to image is valid and
not an empty file.
I did not test on other distributions, but on Arch Linux the `systemd`
package includes a splash image at the path
`/usr/share/systemd/bootctl/splash-arch.bmp`. Perhaps, if this is a
common practice, a default image could be gathered from that directory.
It is required that the image be in bitmap (`.bmp`) format according to
`splash.c`.
The code for `stub.c` and `splash.c` can be found at:
https://github.com/systemd/systemd/blob/master/src/boot/efi/stub.c
https://github.com/systemd/systemd/blob/master/src/boot/efi/splash.c
wait_for_ipv6_dad_link is only called from dhclient script,
so the original intent "wait for IPv6 RA if using none/static IPv6 assignment"
does not seem to be correct.
Anyway, this brings an issue on isolated networks, where you don't
have any routes outside. dhclient-script hangs on this check
and after it times out, dhclient is able to set the address normally.
Daniel Cordero [Tue, 21 Jan 2020 18:43:59 +0000 (18:43 +0000)]
dracut-install: fetch kernel modules from kmoddir
dracut, when passing --kmoddir, would only install modules that exist at
the same location as it will appear in the initramfs.
For most (possibly all) outputs, the output path would be /lib/modules,
so previously all kernel modules must be copied there or the module
installation silently fails.
Now use the original path variable, and install to the shortened path
variable (as calculated by kerneldirlen).
Note: This means that the argument to --kmoddir (and the modules filetree)
should be a directory that ends in 'lib/modules/$kernelversion'.
Jonas Witschel [Tue, 24 Dec 2019 14:48:19 +0000 (15:48 +0100)]
ucode: use microcode found in packed cpio images
Some distributions (Arch, Gentoo) ship prepacked microcode images. These
are cpio images that follow the structure specified in the Linux kernel
documentation (x86/microcode.rst, "Early load microcode"), the same
structure dracut uses for its early microcode images.
In case of Arch Linux, the microcode for Intel CPUs is currently only
available in this packed form, /usr/lib/firmware/intel-ucode does not
exist. This commit adds a way to make use of these images on such
systems by unpacking them to the early cpio directory. (Note that the
packed image cannot be used directly since dracut might need to add ACPI
tables to the early initramfs.)
This approach has the drawback that it is not possible to control the
selection of CPUs to be included in the microcode file in host-only
mode, so we only try it as a last ressort if no unpacked microcode could
be found in fw_dir.
The list of possible file names for the packed microcode image is taken
from GRUB (cf. GRUB_EARLY_INITRD_LINUX_STOCK), but can be adapted by
setting "early_microcode_image_name" (and "early_microcode_image_dir")
in a dracut configuration file.
Jonathan Lebon [Tue, 21 Jan 2020 22:57:31 +0000 (17:57 -0500)]
network-legacy/ifup: nuke pid and lease files if dhclient failed
Otherwise we won't retry dhclient again on that interface. In
FCOS/RHCOS, we want to bake in `ip=dhcp,dhcp6` so we automatically try
getting a DHCPv6 lease if DHCPv4 failed.
Jacob Wen [Tue, 26 Nov 2019 07:50:36 +0000 (15:50 +0800)]
35network-legacy: using 'replace' instead of 'add' to add route
This is a simple trick to honor RFC 3442:
If the DHCP server returns both a Classless Static Routes option and
a Router option, the DHCP client MUST ignore the Router option.
Kairui Song [Fri, 29 Nov 2019 13:29:58 +0000 (21:29 +0800)]
95iscsi: Fix /etc/iscsi installation
Previous all files are installed with inst_dir, which will not install
the files under /etc/iscsi/, and it create folders with the same of the
files which is wrong.
Now only use inst_dir to install the config dir and ensure it
exists, and use inst_multiple to install the config files.
Brian C. Lane [Fri, 13 Dec 2019 17:47:43 +0000 (09:47 -0800)]
Check .hmac of boot.iso in fips mode
Instead of carrying the kernel and hmac in the install.img (which takes
up more space) use the vmlinuz installed under /images/pxeboot/ and the
.hmac in the install.img /boot.
This check is triggered by the presence of /run/install/repo/images/pxeboot/vmlinuz
Petr Tesarik [Thu, 14 Nov 2019 18:06:08 +0000 (19:06 +0100)]
95ssh-client: improve nsswitch.conf parser
The actual syntax of nsswitch.conf is slightly different from the
current regular expression:
- A comment can appear anywhere, not just at the beginning of a
line.
- Action items take the general form [STATUS=ACTION] or
[!STATUS=ACTION] (with some optional whitespace).
- A service name cannot include a colon. This is a nitpick,
because there should never be more than a single colon per
line.
Lubomir Rintel [Thu, 24 Oct 2019 15:46:17 +0000 (17:46 +0200)]
TEST-30-ISCSI: test iBFT boot as well
Setting up the machinery to boot with the aid of real networked boot loader
(such as iPXE) would involve much hassle, including possibly serving the kernel
and initrd via TFTP, etc.
Let us generate the iBFT table ourselves, with a Perl script. Include the
pregenerated table as well so that the test run won't depend on Perl. In the
end it's just reproducibly built static data, totally independent of the host
system.
Lubomir Rintel [Thu, 7 Nov 2019 14:15:21 +0000 (15:15 +0100)]
TEST-{20,50,60,70): set MACAddressPolicy=keep
New systemd defaults to generating MAC addresses for software devices (whereas
previously they would inherit them from the first enslaved slave).
Sadly, among the things this breaks is our test fixture, where the dhcp servers
are configured to expect a particular MAC address. Disable this for the
affected tests, which are essentially the ones that use bridges and bonds.
Lubomir Rintel [Mon, 11 Nov 2019 17:12:58 +0000 (18:12 +0100)]
TEST-{20,30,31,40,50,60,70): wait for server interfaces to come up
The network interfaces appear asynchronously and sometimes just too late,
after we're already halfway throught server-init.sh:
+ ip link set dev eth0 name ens3
Cannot find device "eth0"
+ ip addr add 192.168.50.1/24 dev ens3
Cannot find device "ens3"
+ dhcpd -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases ens3 ens5
...
[ 8.040825] e1000 0000:00:03.0 eth0: (PCI:33MHz:32-bit) 52:54:01:12:34:56
[ 8.047105] e1000 0000:00:03.0 eth0: Intel(R) PRO/1000 Network Connection
...
No subnet declaration for ens3 (no IPv4 addresses).
** Ignoring requests on ens3. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface ens3 is attached. **
Whoopsie. Let's ensure all the interfaces are there before we proceed
fiddling around with them.
Lubomir Rintel [Wed, 30 Oct 2019 18:25:51 +0000 (19:25 +0100)]
network-manager: fix getting of ifname from the sysfs path
commit 5e0f8c8a4ced ('network-manager: remove useless use of basename')
somewhat carelessly didn't take into account that $_i has a slash at
the end which made the result of the ## substitution be just an empty
string.
The slash was put to the end of /sys/class/net/*/ to make sure we're only
iterating directories, but it's not strictly necessary. In an unlikely case
something else than a directory appears in /sys/class/net/, we'll already deal
with it gracefully. Remove it.
projects / thirdparty / dracut.git / log
