Kamil Szczęk [Sun, 19 May 2024 16:12:52 +0000 (18:12 +0200)]
feat(90dm): close crypt devices using cryptsetup
This commit changes the behavior of the shutdown script in the 90dm
module to use more specialized tools for removing dm-crypt mappers.
When dealing with a dm-crypt mapper, the shutdown script will try to use
systemd-cryptsetup, cryptsetup or dmsetup, whichever is available in the
specified order. This lets systemd-cryptsetup or cryptsetup perform any
necessary cleanup steps when detaching volumes activated by those tools.
Random device nodes were required to workaround libgcrypt initialization
problem (see https://bugzilla.redhat.com/show_bug.cgi?id=1401444) which
is gone since libgcrypt-1.10 (2022): modern Linux kernels (3.17+) support
getrandom() syscall and libgcrypt has switch to using getentropy()
(glibc-2.25+).
The requirement to run dracut as root (which is needed to mknod
/dev/{random,urandom}) is a particular problem for building UKIs in distro
build systems where packages are not built by a privileged user.
Note, dracut itself always pre-creates /dev/{null,kmsg,console,random,urandom}
devices when running privileged so the patch has no effect on 'traditional'
setup.
fix(systemd-ask-password): no graphical output in aarch64
A password cannot be entered if there is no graphical output during boot, as is
the case in aarch64, where efifb does not work with qemu-system-aarch64:
- virtio-gpu-pci does not expose a linear framebuffer
- virtio-vga is not supported
- ramfb is not enough
Therefore, depend on the drm module if virtio_gpu is loaded on the system.
Reilly Brogan [Sun, 18 Feb 2024 02:21:09 +0000 (20:21 -0600)]
fix(90kernel-modules): add psmouse for some Fujitsu laptops
As reported on the Solus issue tracker and on the Arch forum some Fujitsu laptops apparently require the psmouse module to be loaded in order for the keyboard to be functional. At least the Fujitsu Lifebook T938 model laptop is known to require this.
Kamil Szczęk [Sat, 4 May 2024 17:58:03 +0000 (19:58 +0200)]
feat(90systemd-cryptsetup): socket key files
systemd v248 introduced support for using AF_UNIX stream sockets as key
files in /etc/crypttab. This commit enhances the 90systemd-cryptsetup
module to identify socket units with matching socket file paths.
It then includes the first matching socket unit along with its
corresponding service unit. This correspondence is determined by
checking the Service= option in the socket unit or, if that's not
available, by replacing the .socket suffix with either @.service or
.service, depending on the Accept= option (see systemd.socket(5)).
Futhermore, this functionality handles sockets located under
/run/cryptsetup-keys.d/, which are automatically discoverable by
the systemd-cryptsetup utility when the key file field in /etc/crypttab
is empty.
Since consolidated s390 network device configuration with zdev is used,
it takes care of all s390-specific settings.
None of the s390-specific ifcfg variables should be used anymore.
NETTYPE and OPTIONS can be removed entirely.
SUBCHANNELS is kept because there are some dependency chains
(probably around the interface identifiying key, which is not HWADDR):
modules.d/35network-legacy/module-setup.sh
parses (sources) each of /etc/sysconfig/network-scripts/ifcfg-*
and if that contains SUBCHANNELS, creates a symlink from the ifcfg file to
/etc/sysconfig/network-scripts/ccw-${SUBCHANNELS}.conf
modules.d/35network-legacy/ifup.sh installed as /sbin/ifup
checks during team setup if a slave interface is an s390 channel-attached
network interface and then parses (sources)
/etc/sysconfig/network-scripts/ccw-${SUBCHANNELS}.conf
from above, if that file exists
Steffen Maier [Fri, 26 May 2023 17:51:09 +0000 (19:51 +0200)]
feat(qeth_rules): remove qeth handling consolidated in 95znet
Dracut module 95znet handles a superset of qeth_rules as of the preceding
commit ("feat(znet): use zdev for consolidated device configuration").
The instmods list in installkernel() seemed to have been incomplete because
qeth needs one or both of qeth_l2 and qeth_l3 but qeth intentionally does
not depend on them so depmod cannot resolve that.
In contrast to the old dracut module 95znet, 95qeth_rules also did not seem
to have parsing for the upstream dracut cmdline options "rd.znet=" and
"rd.znet_ifname=".
feat(znet): use zdev for consolidated device configuration
Remove any distribution-specifics from s390 channel-attached network device
configuration.
Similar to 95qeth_rules, copy the existing persistent network configuration
into the initrd. This needs to go via chzdev import so chzdev updates (adds
to) the cio_ignore persistent config inside the initrd, because other
dracut modules such as zdev from s390-tools also import
persistent (non-network) config into initrd and the set union of devices
needs to end up in the cio_ignore persistent config inside the initrd.
Additional debugging output can be generated with e.g. dracut option
"--stdlog 5" (or short -L5). It shows the chzdev export result, the output
of chzdev imports, and an overview of the resulting persistent config
within the initrd. Typically combined with "--debug" to get a shell trace
from building an initrd (Note: --debug does not increase the log levels).
Note that nm-initrd-generator also parses rd.znet and rd.znet_ifname
to fill in s390 options of a NetworkManager connection definition.
Steffen Maier [Thu, 23 Mar 2023 18:33:52 +0000 (19:33 +0100)]
feat(dasd): minimize dasd handling consolidated in s390-tools
Parsing of rd.dasd is handled by s390-tools zdev dracut module 95zdev as of
https://github.com/ibm-s390-linux/s390-tools/commit/99270236805972544932feab9692ee7122a343b8
("zdev/dracut: add rd.dasd cmdline option handling").
Even though this removes the last implementation of parsing rd.dasd in
dracut, above s390-tools change introduces another implementation of
parsing the exact same rd.dasd syntax. Therefore, it would be good to keep
the documentation in man/dracut.cmdline.7 of dracut as one central place
describing all s390 device types that dracut handles.
For the time being, keep copying /etc/dasd.conf.
The corresponding call to dasd_cio_free is in 95dasd_mod/parse-dasd-mod.sh
and indirectly triggers processing of /etc/dasd.conf even with the typical
cio_ignore kernel boot parameter ignoring most devices.
Preparation for consolidating persistent configuration with zdev.
Steffen Maier [Thu, 23 Mar 2023 17:22:56 +0000 (18:22 +0100)]
feat(dasd_mod): minimize dasd handling consolidated in s390-tools
Parsing of rd.dasd is handled by s390-tools zdev dracut module 95zdev as of
https://github.com/ibm-s390-linux/s390-tools/commit/99270236805972544932feab9692ee7122a343b8
("zdev/dracut: add rd.dasd cmdline option handling").
Even though this removes one implementation of parsing rd.dasd in dracut,
above s390-tools change introduces another implementation of parsing the
exact same rd.dasd syntax. Therefore, it would be good to keep the
documentation in man/dracut.cmdline.7 of dracut as one central place
describing all s390 device types that dracut handles.
95dasd/modules-setup.sh copies /etc/dasd.conf from root-fs into initrd.
Retain the call of dasd_cio_free here so /etc/dasd.conf gets processed even
with the typical cio_ignore kernel boot parameter ignoring most devices.
Preparation for consolidating persistent configuration with zdev.
Steffen Maier [Thu, 23 Mar 2023 17:06:23 +0000 (18:06 +0100)]
feat(dasd_rules): remove dasd handling consolidated in s390-tools
These are handled by s390-tools zdev dracut module 95zdev as of
https://github.com/ibm-s390-linux/s390-tools/commit/99270236805972544932feab9692ee7122a343b8
("zdev/dracut: add rd.dasd cmdline option handling").
Even though this removes one implementation of parsing rd.dasd in dracut,
above s390-tools change introduces another implementation of parsing the
exact same rd.dasd syntax. Therefore, it would be good to keep the
documentation in man/dracut.cmdline.7 of dracut as one central place
describing all s390 device types that dracut handles.
module-setup.sh having copied all udev rules from the root-fs into the
initrd conflicted with s390-tools dracut module zdev-kdump, which
intentionally only activates the dependencies of the kdump target.
Steffen Maier [Tue, 31 Jan 2023 08:14:40 +0000 (09:14 +0100)]
feat(zfcp): minimize zfcp handling consolidated in s390-tools
Parsing of rd.zfcp is handled by s390-tools zdev dracut module 95zdev as of
https://github.com/ibm-s390-linux/s390-tools/commit/06a30ae529a5d6ad2369ed81da056bf3a6147bb6
("zdev/dracut: add rd.zfcp cmdline option handling").
Even though this removes the last implementation of parsing rd.zfcp in
dracut, above s390-tools change introduces another implementation of
parsing the exact same rd.zfcp syntax. Therefore, it would be good to keep
the documentation in man/dracut.cmdline.7 of dracut as one central place
describing all s390 device types that dracut handles.
For the time being, keep copying /etc/zfcp.conf.
Retain the call of zfcp_cio_free so /etc/zfcp.conf gets processed even
with the typical cio_ignore kernel boot parameter ignoring most devices.
Also keep handling rd.zfcp.conf=0 so users can, at boot time, ignore
/etc/zfcp.conf already copied into initrd.
Preparation for consolidating persistent configuration with zdev.
Steffen Maier [Fri, 20 Jan 2023 17:22:19 +0000 (18:22 +0100)]
feat(zfcp_rules): remove zfcp handling consolidated in s390-tools
These are handled by s390-tools zdev dracut module 95zdev as of
https://github.com/ibm-s390-linux/s390-tools/commit/06a30ae529a5d6ad2369ed81da056bf3a6147bb6
("zdev/dracut: add rd.zfcp cmdline option handling").
Even though this removes one implementation of parsing rd.zfcp in dracut,
above s390-tools change introduces another implementation of parsing the
exact same rd.zfcp syntax. Therefore, it would be good to keep the
documentation in man/dracut.cmdline.7 of dracut as one central place
describing all s390 device types that dracut handles.
This also fixes problems such as RHBZ 1552619/1745470. It was due to a
duplicate configuration because the SUSE-specific module 95zfcp_rules does
not have any distro-specific dependency and thus also ran in Red Hat
distros.
That also caused a kind of competition with 95zfcp regarding the same hook
registration:
inst_hook cmdline 30 "$moddir/parse-zfcp.sh"
"luckily" 95zfcp wins since it runs lexicographically first
and the first one registering the hook via inst_simple wins.
Because commit c8aa1d949aec ("95zfcp_rules: simplified rd.zfcp commandline
for NPIV") extended the emitted rd.zfcp syntax for hostonly-cmdline in
95zfcp_rules, kdump initrds built with hostonly-cmdline parsed such rd.zfcp
with 95zfcp, which did not understand the extended syntax yet and aborted
early boot with a syntax error.
It also seems that parse-zfcp.sh on its own is without effect because
create_udev_rule() [similar to what zfcp_disk_configure had generated] does
not handle the pre-requisite of setting an FCP device (vHBA) online first.
So the rport match does not trigger unless something else happens to set an
FCP device online [such as rules generated by zfcp_host_configure]. Related
to commit d40c49a8dfe2 ("fix(zfcp_rules): remove collect based udev rule
creators").
module-setup.sh having copied all udev rules from the root-fs into the
initrd conflicted with s390-tools dracut module zdev-kdump, which
intentionally only activates the dependencies of the kdump target.
refactor(cms): use consolidated network config with zdev from s390-tools
This is just internal to initrd, so we can already migrate the code to
consolidated network device configuration with zdev
https://github.com/ibm-s390-linux/s390-tools/tree/master/zdev/.
The code change is transparent to users after dracut switch root.
The generated persistent config of chzdev are pure udev rules so it has no
dependency on the zdev dracut module.
Keep the dependency on dracut module znet to at least pull in the required
kernel device drivers.
Since consolidated s390 network device configuration with zdev is used,
it takes care of all s390-specific settings.
None of the s390-specific ifcfg variables should be used anymore.
NETTYPE, OPTIONS, PORTNAME, and CTCPROT can be removed entirely.
SUBCHANNELS is kept because there are some dependency chains
(probably around the key identifiying an interface which is not HWADDR):
modules.d/35network-legacy/module-setup.sh
parses (sources) each of /etc/sysconfig/network-scripts/ifcfg-*
and if that contains SUBCHANNELS, create a symlink from the ifcfg file to
/etc/sysconfig/network-scripts/ccw-${SUBCHANNELS}.conf
modules.d/35network-legacy/ifup.sh installed as /sbin/ifup
checks during team setup if a slave interface is an s390 channel-attached
network interface and then parses (sources)
/etc/sysconfig/network-scripts/ccw-${SUBCHANNELS}.conf
from above, if that file exists
Steffen Maier [Wed, 24 May 2023 17:04:48 +0000 (19:04 +0200)]
refactor(cms): use consolidated dasd config with zdev from s390-tools
Depends on https://github.com/ibm-s390-linux/s390-tools commit 9b2fb1d4d2e2 ("zdev: add helper to convert from dasd_mod.dasd to zdev
config").
This is just internal to initrd, so it's possible to migrate the code to
consolidated dasd device configuration with zdev
https://github.com/ibm-s390-linux/s390-tools/tree/master/zdev/.
The code change is transparent to users after dracut switch root.
The generated persistent config of chzdev are pure udev rules so it has no
dependency on other dracut modules such as zdev, dasd, or dasd_mod.
Instead now install the corresponding kernel device drivers here directly.
Steffen Maier [Sat, 28 Jan 2023 00:58:29 +0000 (01:58 +0100)]
refactor(cms): use consolidated zfcp config with zdev from s390-tools
This is just internal to initrd, so we can already migrate the code to
consolidated zfcp device configuration with zdev
https://github.com/ibm-s390-linux/s390-tools/tree/master/zdev/.
The code change is transparent to users after dracut switch root.
The generated persistent config of chzdev are pure udev rules so it has no
dependency on other dracut modules such as zdev, or zfcp.
Steffen Maier [Wed, 24 May 2023 17:02:09 +0000 (19:02 +0200)]
refactor(cms): use zdev to simplify handling CMSDASD=... boot option
This is just internal to initrd, so we can already migrate the code to
consolidated dasd device configuration with zdev
https://github.com/ibm-s390-linux/s390-tools/tree/master/zdev/.
The code change is transparent to users after dracut switch root.
fix(install.d): prevent failure when kernel-install command is not `add`
PR #195 added `:?` checks to ensure that required variables are set, but
the checks also apply to KERNEL_IMAGE, which isn't present when running
`kernel-install remove <version>`. This commit removes the check from
that variable, similar to what systemd's `90-loadentry.install` does.
Signed-off-by: Andrew Gunnerson <accounts+github@chiller3.com>
Laszlo Gombos [Fri, 3 May 2024 03:04:11 +0000 (23:04 -0400)]
fix(memstrack): move the console warning to be a comment
memstrack is debugging tool and it is typically not installed.
the package name procps-ng is distribution specific and confusing
to print out in the console in a non-verbose mode.
Laszlo Gombos [Fri, 3 May 2024 02:42:13 +0000 (22:42 -0400)]
perf(dracut-systemd): check for systemd binary
dracut-systemd is the "top" level dracut module that pulls in
all the systemd dependent modules.
For non-systemd based distributions this check makes the initrd
generation faster as it skip the processing of systemd-initrd
and systemd-udevd dracut modules.
Laszlo Gombos [Thu, 2 May 2024 01:09:16 +0000 (21:09 -0400)]
perf(systemd): remove duplicate rules
Since systemd-initrd module depends on
systemd-journald and systemd-tmpfiles directly, they will be
always pulled in by systemd-initrd module, so it should not be repeated
by the systemd module.
These files should not be added in initrd. For eaxmple:
iscsiadm thought userdefined ifaces's priority is higher than
default, so it would use these userdefined ifaces to perform discovery
and login. While these ifaces configure might bound to specific network
interface, if the bound interface is not inited durning boot in initrd,
the discovery would failed.
What's more, the send_targets db contains configure of AUTH like
authmethod and passwd, these configures should be configured by user's
cmdline.
So here we do not added these files in initrd any more to address this
issue.
Remove duplicated systemd-ask-password rules from the systemd dracut
module. systemd-ask-password gets already pulled in by dracut-systemd
as a dependency.
Federico Vaga [Wed, 20 Dec 2023 11:02:15 +0000 (12:02 +0100)]
fix(dmsquash-live): do not check ISO md5 if image filesystem
The ISO checksum code was executed independently of the provided
`$livedev`. Often, this is a loop device pointing to an ISO image, but
in other cases `dmsquash-live-root` receives the path to a filesystem
image. In this case, we can't use `udevadm` to extract information
because it is not a device, and trying to do that leads to `udevadm`
error messages (but not blocking).
Therefore, the ISO checksum check must be performed only if the provided
`$livedev` is **not** a regular file.
Signed-off-by: Federico Vaga <federico.vaga@cern.ch>
projects / thirdparty / dracut-ng.git / log
