1) on non-x86 systems in non-hostonly config this would cause
an annoying warning on every initramfs generation
2) on non-x86 systems in hostonly config this would result in
early microcode not getting disabled
Thomas Blume [Mon, 6 Jul 2020 13:16:35 +0000 (15:16 +0200)]
95iscsi: fix ipv6 target discovery
ipv6 addresses need square brackets, otherwise the iscsi discovery and log-in,
which adds the iscsi port after another colon will get confused and fail.
Kairui Song [Wed, 10 Jun 2020 07:57:20 +0000 (15:57 +0800)]
dracut.sh: FIPS workaround for openssl-libs on Fedora/RHEL
On Fedora/RHEL, libcryto will verify both itself and libssl on start, if
libssl is missing, FIPS self test will fail. However libssl is not a
dependency of libcryto so dracut will not install it, unless some other
binary or library pulls it in. Systemd requires libssl, so in most cases
it just worked, but could fail in some corner cases where systemd is not
used.
After changing the kernel command line, the cmsifup script calls ifup
to activate the interface. However, ifup is only available in the
network-legacy module; when using the network-manager module, we
should regenerate connections according to the command line; then
later NM will be run and will activate the device.
Kairui Song [Fri, 10 Apr 2020 12:50:49 +0000 (20:50 +0800)]
95nfs: only install rpc services for NFS < 4 when hostonly is strict
Most rpc services are not needed for NFSv4, so skip these components
to save space. rpc.idmapd is still needed in case of
nfs4_disable_idmapping is set to 0.
network-manager: set kernel hostname from the command line
Since commit ff70adf873ef ("initrd: save hostname to a file in /run"),
the initrd generator of NetworkManager parses the hostname from 'ip='
options of the kernel command line and writes it to
/run/NetworkManager/initrd/hostname.
When that file exists, set the kernel hostname.
In presence of multiple hostnames in the command line, the last one
wins. Hostnames from command line always have precedence over ones
received through DHCP. This is a bit different from the legacy network
module that gives higher precedence to the hostname (from DHCP or
command line) of the last interface that is brought up, which depends
on the udev order.
Kairui Song [Wed, 27 May 2020 14:07:37 +0000 (22:07 +0800)]
99memstrack: hook script should not call exit
With memstrack module, rd.break may not work because the hook scripts
are sourced, not executed, so the exit call will make pre-pivot queue
exit early. See 98dracut-systemd/dracut-pre-pivot.sh, everything after
"source_hook cleanup" will be ignored.
Replace with return instead.
Credits go to Lukas Nykryn <lnykryn@redhat.com> who helped discover and
debug this issue.
51-dracut-rescue.install: Don't use BLS fragment shipped by kernel package
For the GRUB and zipl bootloaders the BLS fragment that is shipped by the
kernel package is used, so the same fragment is used for the rescue entry.
But there are cases where this BLS fragment is not suitable. For example,
if the boot directory is on a btrfs subvolume the path in the linux and
initrd fiels need to be adjusted with the real path. Otherwise GRUB won't
be able to read them.
The GRUB and zipl kernel-install plugins already take care of this before
installing the BLS fragments, so just copy the installed fragment that has
the updated paths instead of using the BLS shipped by the kernel package.
Derek Hageman [Fri, 1 May 2020 00:40:13 +0000 (18:40 -0600)]
90crypt/module-setup.sh: fix force on multiple lines
The first line in crypttab with a "force" option causes all subsequent
lines to be included as if they also had it set because the variable
used to track it is not reset between loop iterations. So fix that by
just setting it to empty before the check for the force option.
Harald Hoyer [Tue, 7 Apr 2020 20:26:25 +0000 (22:26 +0200)]
90crypt/module-setup.sh: try to catch kernel config changes
If a crypto kernel module changes from compiled in to module, the
encrypted disk might fail to open, because the kernel module was
not included in the initramfs.
This patch tries heuristically to catch such modules.
Kairui Song [Wed, 8 Apr 2020 12:09:38 +0000 (20:09 +0800)]
Add 99memstrack module
memstrack is a new tool to track the overall memory usage and
allocation, which can help off load the improve the builtin module
memory tracing function in dracut.
With this change, the rd.memdebug=4 behavior is similiar with before,
but the report is defered to pre-pivot, so the memory usage info
during the whole initramfs run is traced. And the ourput format is
changed a bit:
dracut-pre-pivot[519]: ======== Report format module_summary: ========
dracut-pre-pivot[519]: Module squashfs using 10.4MB (2658 pages), peak allocation 10.4MB (2671 pages)
dracut-pre-pivot[519]: Module qxl using 3.4MB (865 pages), peak allocation 3.4MB (880 pages)
dracut-pre-pivot[519]: Module crc32c_intel using 2.0MB (519 pages), peak allocation 3.0MB (769 pages)
dracut-pre-pivot[519]: Module serio_raw using 2.0MB (505 pages), peak allocation 3.6MB (918 pages)
dracut-pre-pivot[519]: Module virtio_console using 1.6MB (416 pages), peak allocation 1.6MB (419 pages)
... snip ...
dracut-pre-pivot[519]: ======== Report format module_summary END ========
It now contains more detail and also includes the peak usage which could
be more helpful.
And now it have a rd.memdebug=5, which will print more detail about
the stack trace of the top memory user, also printed on pri-pivot:
network-manager: install libnss DNS and mDNS plugins
Install libnss_dns.so and libnss_mdns4_minimal.so plugins for the Name
Service Switch (NSS) functionality of glibc so that name resolution
through /etc/resolv.conf and mDNS works in the initrd.
/etc/vconsole.conf must be installed always, even in generic initrds, not only host-only ones.
systemd-vconsole-setup is run at initrd stage and expects either /etc/vconsole.conf or kernel cmdline options to exist.
I have also proposed a change in systemd-vconsole-setup that makes it behave better if /etc/vconsole.conf does not exist:
https://github.com/systemd/systemd/pull/15479
But it is just a fallback. If /etc/vconsole.conf does not exist in initrd and if that patch is applied on systemd,
then the default consoel font is set despite the one being set in /etc/vconsole.conf and this setting is inherited
when new TTYs are opened. This leads to full ignorance of settings in /etc/vconsole.conf.
It is incorrect, and that is why this file must be copied to initrds always, but not only on host-only initrds.
Jonas Witschel [Sat, 18 Apr 2020 12:55:41 +0000 (14:55 +0200)]
dracut-lib.sh: quote variables in parameter expansion patterns
According to POSIX.1-2017, 2.6.2 Parameter Expansion:
${parameter%[word]} [...] The word shall be expanded to produce a
pattern.
This means if word contains variables that itself contain special
characters like asterisks or backslashes, these are treated as pattern
characters unless the variable is quoted. Try e.g. the following example
in bash, dash or (busybox) ash:
i='a\c'; j='\'; echo "${i%$j*}"
This prints "a\c" because "$j*" is expanded to "\*", escaping the
asterisk. In contrast,
i='a\c'; j='\'; echo "${i%"$j"*}"
produces the expected result "a" because the backslash is not specially
treated any more after quoting.
The quotes that this commit adds have been previously removed in commit f9c96cf56fed390841eac05c43826e62014c9188, citing issues with busybox
hush without further specifying the actual error. I tested a recent
busybox build (upstream commit 9aa751b08ab03d6396f86c3df77937a19687981b)
and couldn't find any problems. Note that the above example always
produces "a\c" in hush regardless of quoting $j, making hush unsuitable
for use with dracut, but using quotes in parameter expansions generally
works.
The unquoted variables break the "rd.luks.uuid/name" kernel command line
options in dracut 050 because
str_replace "$luksname" '\' '\\'
in modules.d/90crypt/parse-crypt.sh is not able to escape the
backslashes any more, see GH-723, GH-727: backslashes in the
systemd-cryptsetup@.service unit name stay unescaped for use in udev
(cf. commit 0f6d93eb9d63695a64002ec8b0421fbc9fc8a7a3), leading to
failures in starting the unit.
Kairui Song [Thu, 5 Mar 2020 10:44:45 +0000 (18:44 +0800)]
95znet: Add a rd.znet_ifname= option
qeth device may have a different IP for each boot, so the rd.ifname=
option will no longer work. So for znet device, introduce a
rd.znet_ifname= options, to subchannel id instead of MAC address as the
identifier and rename the interface.
Ben Howard [Fri, 3 Apr 2020 19:32:44 +0000 (13:32 -0600)]
multipath: add automatic configuration for multipath
Add support for 'rd.multipath=default' for using the default
configuration on boot. The intended purpose for this is to help support
ostree-based image boots from multipathed devices (such as Fedora and
Red Hat CoreOS).
Daniel Molkentin [Fri, 13 Mar 2020 10:39:46 +0000 (11:39 +0100)]
Makefile: really make externally defined CFLAGS work
The fix in aed52a6cfb43ebea372328fd5837c1f341c3f0df does not
work (second line will be ignored on override), so expand the implicitly
defined rule and add them there.
Dusty Mabe [Fri, 13 Mar 2020 19:40:11 +0000 (15:40 -0400)]
don't prefer $TMPDIR over --tmpdir
Ability to use `$TMPDIR` was introduced in bc1e69b but
causes the `--tmpdir` option on the command line to be
ignored. Switch to only using `$TMPDIR` if `--tmpdir`
wasn't specified.
network-manager: ensure that nm-run.sh is executed when needed
The network-manager command line hook must install a
initqueue/finished hook to ensure that nm-run.sh is executed when
there are network connections to activate.
Topi Miettinen [Sun, 1 Mar 2020 08:45:16 +0000 (10:45 +0200)]
Use TMPDIR if available
Use environment variable TMPDIR (typically /run/user/$UID) as default
temporary directory, if available. This should be more private
location than /var/tmp. Path specified with --tmpdir is takes
precedence over TMPDIR and /var/tmp is still used as last resort if
neither TMPDIR is set nor --tmpdir is used.
Martin Wilck [Wed, 29 Jan 2020 22:53:29 +0000 (23:53 +0100)]
dracut.sh: don't call fsfreeze on subvol of root file system
dracut.sh already doesn't call fsfreeze if the output file is on
the root file system. For btrfs, however, this is not sufficient.
Because fsfreeze is a superblock operation, and all btrfs subvolumes
share the same superblock, fsfreeze may freeze the entire system
if the subvolume on which the output file is written and / are
subvolumes of the same file system. Avoid this by comparing file
system UUIDs for btrfs.
Fixes: de576db3c225 ("call fsfreeze(8) on /boot to flush initramfs data & metadata to media")
Martin Wilck [Thu, 30 Jan 2020 12:48:11 +0000 (13:48 +0100)]
Add module "90nvdimm" for NVDIMM support
Detection of persistent memory devices works mostly out of the box
already. Only the "provider" modules for ndbus devices, which are responsible
to extract information of available NVDIMM devices and their configuration
from system firmware, are only indirectly linked into the module stack.
Examples for such modules are nfit.ko, nd_e820.ko, and virtio-pmem.ko.
Makefile: merge main-version and git-version earlier
With GNU Make 4.3 on both ArchLinux, and VoidLinux,
GITVERION is always empty because of bad substitution.
Change '\#' to simply '#' can fix it,
but we don't need that complation.
We can merge DRACUT_MAIN_VERSION and GITVERSION into DRACUT_FULL_VERSION.
Because, GITVERSION will be attached back to DRACUT_MAIN_VERSION in all
situation.
While we're at it, detect if we're in git worktree by:
limiting GIT_CEILING_DIRECTORIES to parent directory of
dracut's top level directory; instead of checking for .git directory,
in order to support git-worktree, in such case, .git will be a file, see
gitrepository-layout(5)
Currently there is no usb support on RPi4 in the
initrd phase as the pcie-brcmstb module is missing.
If part of the boot is handled from a USB stick
(e.g. with Ignition), the stick cannot be accessed.
projects / thirdparty / dracut.git / log
