# Verify bash version, current minimum is 4
if ((BASH_VERSINFO[0] < 4)); then
- printf -- 'You need at least Bash 4 to use dracut, sorry.' >&2
+ printf "%s\n" "dracut[F]: dracut requires at least Bash 4." >&2
exit 1
fi
Use [FILE] as a splash image when creating an UEFI
executable. Requires bitmap (.bmp) image format.
--kernel-image [FILE] Location of the kernel image.
+ --sbat [PARAMETERS] The SBAT parameters to be added to .sbat.
+ The string "sbat,1,SBAT Version,sbat,1,
+ https://github.com/rhboot/shim/blob/main/SBAT.md" is
+ already added by default.
--regenerate-all Regenerate all initramfs images at the default location
for the kernel versions found on the system.
-p, --parallel Use parallel processing if possible (currently only
check_conf_file() {
if grep -H -e '^[^#]*[+]=\("[^ ]\|.*[^ ]"\)' "$@"; then
- printf '\ndracut: WARNING: <key>+=" <values> ": <values> should have surrounding white spaces!\n' >&2
- printf 'dracut: WARNING: This will lead to unwanted side effects! Please fix the configuration file.\n\n' >&2
+ printf '\ndracut[W]: <key>+=" <values> ": <values> should have surrounding white spaces!\n' >&2
+ printf 'dracut[W]: This will lead to unwanted side effects! Please fix the configuration file.\n\n' >&2
fi
}
--long uefi-stub: \
--long uefi-splash-image: \
--long kernel-image: \
+ --long sbat: \
--long no-hostonly-i18n \
--long hostonly-i18n \
--long hostonly-nics: \
--fstab) use_fstab_l="yes" ;;
-h | --help)
long_usage
- exit 1
+ exit 0
;;
--bzip2) compress_l="bzip2" ;;
--lzma) compress_l="lzma" ;;
PARMS_TO_STORE+=" '$2'"
shift
;;
+ --sbat)
+ sbat_l="$2"
+ PARMS_TO_STORE+=" '$2'"
+ shift
+ ;;
--no-machineid)
machine_id_l="no"
;;
--version)
long_version
- exit 1
+ exit 0
;;
--)
shift
conffile="$dracutsysrootdir/etc/dracut.conf"
fi
elif [[ ! -e $conffile ]]; then
- printf "%s\n" "dracut: Configuration file '$conffile' not found." >&2
+ printf "%s\n" "dracut[F]: Configuration file '$conffile' not found." >&2
exit 1
fi
confdir="$dracutsysrootdir/etc/dracut.conf.d"
fi
elif [[ ! -d $confdir ]]; then
- printf "%s\n" "dracut: Configuration directory '$confdir' not found." >&2
+ printf "%s\n" "dracut[F]: Configuration directory '$confdir' not found." >&2
exit 1
fi
if [[ $regenerate_all == "yes" ]]; then
ret=0
if [[ $kernel ]]; then
- printf -- "--regenerate-all cannot be called with a kernel version\n" >&2
+ printf "%s\n" "dracut[F]: --regenerate-all cannot be called with a kernel version." >&2
exit 1
fi
if [[ $outfile ]]; then
- printf -- "--regenerate-all cannot be called with a image file\n" >&2
+ printf "%s\n" "dracut[F]: --regenerate-all cannot be called with an image file." >&2
exit 1
fi
((stdloglvl < 0)) && stdloglvl=0
[[ $drivers_dir_l ]] && drivers_dir=$drivers_dir_l
-drivers_dir="${drivers_dir%%+(/)}"
+drivers_dir="${drivers_dir%"${drivers_dir##*[!/]}"}"
[[ $do_strip_l ]] && do_strip=$do_strip_l
[[ $do_strip ]] || do_strip=yes
[[ $aggressive_strip_l ]] && aggressive_strip=$aggressive_strip_l
[[ $uefi_stub_l ]] && uefi_stub="$uefi_stub_l"
[[ $uefi_splash_image_l ]] && uefi_splash_image="$uefi_splash_image_l"
[[ $kernel_image_l ]] && kernel_image="$kernel_image_l"
+[[ $sbat_l ]] && sbat="$sbat_l"
[[ $machine_id_l ]] && machine_id="$machine_id_l"
if ! [[ $outfile ]]; then
|| [[ -d "$dracutsysrootdir"/boot/Default ]] \
|| [[ -d "$dracutsysrootdir"/boot/efi/Default ]]; then
MACHINE_ID="Default"
- elif [[ -f "$dracutsysrootdir"/etc/machine-id ]]; then
+ elif [[ -s "$dracutsysrootdir"/etc/machine-id ]]; then
read -r MACHINE_ID < "$dracutsysrootdir"/etc/machine-id
+ [[ $MACHINE_ID == "uninitialized" ]] && MACHINE_ID="Default"
else
MACHINE_ID="Default"
fi
fi
if [[ $uefi == "yes" ]]; then
- # shellcheck disable=SC2154
if [[ -n $uefi_secureboot_key && -z $uefi_secureboot_cert ]] || [[ -z $uefi_secureboot_key && -n $uefi_secureboot_cert ]]; then
- printf "%s\n" "dracut: Need 'uefi_secureboot_key' and 'uefi_secureboot_cert' both to be set." >&2
+ printf "%s\n" "dracut[F]: Need 'uefi_secureboot_key' and 'uefi_secureboot_cert' both to be set." >&2
exit 1
fi
if [[ -n $uefi_secureboot_key && -n $uefi_secureboot_cert ]] && ! command -v sbsign &> /dev/null; then
- printf "%s\n" "dracut: Need 'sbsign' to create a signed UEFI executable." >&2
+ printf "%s\n" "dracut[F]: Need 'sbsign' to create a signed UEFI executable." >&2
exit 1
fi
if [[ -n $logfile ]]; then
if [[ ! -f $logfile ]]; then
if touch "$logfile"; then
- printf "%s\n" "dracut: touch $logfile failed." >&2
+ printf "%s\n" "dracut[W]: touch $logfile failed." >&2
fi
fi
fi
fi
;;
*)
- printf "%s\n" "dracut: Invalid hostonly mode '$hostonly_mode'." >&2
+ printf "%s\n" "dracut[F]: Invalid hostonly mode '$hostonly_mode'." >&2
exit 1
;;
esac
if [[ -z $DRACUT_KMODDIR_OVERRIDE && -n $drivers_dir ]]; then
drivers_basename="${drivers_dir##*/}"
if [[ -n $drivers_basename && $drivers_basename != "$kernel" ]]; then
- printf "%s\n" "dracut: The provided directory where to look for kernel modules ($drivers_basename)" >&2
- printf "%s\n" "dracut: does not match the kernel version set for the initramfs ($kernel)." >&2
- printf "%s\n" "dracut: Set DRACUT_KMODDIR_OVERRIDE=1 to ignore this check." >&2
+ printf "%s\n" "dracut[F]: The provided directory where to look for kernel modules ($drivers_basename)" >&2
+ printf "%s\n" "dracut[F]: does not match the kernel version set for the initramfs ($kernel)." >&2
+ printf "%s\n" "dracut[F]: Set DRACUT_KMODDIR_OVERRIDE=1 to ignore this check." >&2
exit 1
fi
drivers_dirname="${drivers_dir%/*}/"
if [[ ! $drivers_dirname =~ .*/lib/modules/$ ]]; then
- printf "%s\n" "dracut: drivers_dir path ${drivers_dir_l:+"set via -k/--kmoddir "}must contain \"/lib/modules/\" as a parent of your kernel module directory," >&2
- printf "%s\n" "dracut: or modules may not be placed in the correct location inside the initramfs." >&2
- printf "%s\n" "dracut: was given: ${drivers_dir}" >&2
- printf "%s\n" "dracut: expected: ${drivers_dirname}lib/modules/${kernel}" >&2
- printf "%s\n" "dracut: Please move your modules into the correct directory structure and pass the new location," >&2
- printf "%s\n" "dracut: or set DRACUT_KMODDIR_OVERRIDE=1 to ignore this check." >&2
+ printf "%s\n" "dracut[F]: drivers_dir path ${drivers_dir_l:+"set via -k/--kmoddir "}must contain \"/lib/modules/\" as a parent of your kernel module directory," >&2
+ printf "%s\n" "dracut[F]: or modules may not be placed in the correct location inside the initramfs." >&2
+ printf "%s\n" "dracut[F]: was given: ${drivers_dir}" >&2
+ printf "%s\n" "dracut[F]: expected: ${drivers_dirname}lib/modules/${kernel}" >&2
+ printf "%s\n" "dracut[F]: Please move your modules into the correct directory structure and pass the new location," >&2
+ printf "%s\n" "dracut[F]: or set DRACUT_KMODDIR_OVERRIDE=1 to ignore this check." >&2
exit 1
fi
fi
# shellcheck disable=SC2155
readonly TMPDIR="$(realpath -e "$tmpdir")"
[ -d "$TMPDIR" ] || {
- printf "%s\n" "dracut: Invalid tmpdir '$tmpdir'." >&2
+ printf "%s\n" "dracut[F]: Invalid tmpdir '$tmpdir'." >&2
exit 1
}
if findmnt --raw -n --target "$tmpdir" --output=options | grep -q noexec; then
- [[ $debug == yes ]] && printf "%s\n" "dracut: Tmpdir '$tmpdir' is mounted with 'noexec'."
+ [[ $debug == yes ]] && printf "%s\n" "dracut[D]: Tmpdir '$tmpdir' is mounted with 'noexec'." >&2
noexec=1
fi
# shellcheck disable=SC2155
readonly DRACUT_TMPDIR="$(mktemp -p "$TMPDIR/" -d -t dracut.XXXXXX)"
[ -d "$DRACUT_TMPDIR" ] || {
- printf "%s\n" "dracut: mktemp -p '$TMPDIR/' -d -t dracut.XXXXXX failed." >&2
+ printf "%s\n" "dracut[F]: mktemp -p '$TMPDIR/' -d -t dracut.XXXXXX failed." >&2
exit 1
}
readonly initdir="${DRACUT_TMPDIR}/initramfs"
mkdir -p "$initdir"
-# shellcheck disable=SC2154
if [[ $early_microcode == yes ]] || { [[ $acpi_override == yes ]] && [[ -d $acpi_table_dir ]]; }; then
readonly early_cpio_dir="${DRACUT_TMPDIR}/earlycpio"
mkdir "$early_cpio_dir"
if systemd-detect-virt -c &> /dev/null; then
export DRACUT_NO_MKNOD=1 DRACUT_NO_XATTR=1
if [[ $hostonly ]]; then
- printf "%s\n" "dracut: WARNING: running in hostonly mode in a container!!"
+ printf "%s\n" "dracut[W]: Running in hostonly mode in a container!" >&2
fi
fi
# shellcheck source=./dracut-init.sh
. "$dracutbasedir"/dracut-init.sh
else
- printf "%s\n" "dracut: Cannot find $dracutbasedir/dracut-init.sh." >&2
- printf "%s\n" "dracut: Are you running from a git checkout?" >&2
- printf "%s\n" "dracut: Try passing -l as an argument to $dracut_cmd" >&2
+ printf "%s\n" "dracut[F]: Cannot find $dracutbasedir/dracut-init.sh." >&2
+ printf "%s\n" "dracut[F]: Are you running from a git checkout?" >&2
+ printf "%s\n" "dracut[F]: Try passing -l as an argument to $dracut_cmd" >&2
exit 1
fi
unset enhanced_cpio
fi
-# shellcheck disable=SC2154
if [[ $no_kernel != yes ]] && ! [[ -d $srcmods ]]; then
dfatal "Cannot find module directory $srcmods"
dfatal "and --no-kernel was not specified"
[[ $do_list == yes ]] && {
for mod in "$dracutbasedir"/modules.d/*; do
- [[ -d $mod ]] || continue
- [[ -e $mod/install || -e $mod/installkernel || -e $mod/module-setup.sh ]] || continue
+ [[ -e $mod/module-setup.sh ]] || continue
printf "%s\n" "${mod##*/??}"
done
exit 0
abs_outfile=$(readlink -f "$outfile") && outfile="$abs_outfile"
-[[ -d $dracutsysrootdir$systemdutildir ]] \
- || systemdutildir=$(pkg-config systemd --variable=systemdutildir 2> /dev/null)
-
-if ! [[ -d $dracutsysrootdir$systemdutildir ]]; then
- [[ -e $dracutsysrootdir/lib/systemd/systemd-udevd ]] && systemdutildir=/lib/systemd
- [[ -e $dracutsysrootdir/usr/lib/systemd/systemd-udevd ]] && systemdutildir=/usr/lib/systemd
-fi
-
-[[ -d $dracutsysrootdir$systemdutilconfdir ]] \
- || systemdutilconfdir=$(pkg-config systemd --variable=systemdutilconfdir 2> /dev/null)
+# Helper function to set global variables
+# set_global_var <pkg_config> <pkg_var[:exported_var]> <value[:check_file]> [<value[:check_file]>] ...
+set_global_var() {
+ local _pkgconfig="$1"
+ local _pkgvar="${2%:*}"
+ local _var="${2#*:}"
+ [[ -z ${!_var} || ! -d ${dracutsysrootdir}${!_var} ]] \
+ && export "$_var"="$(pkg-config "$_pkgconfig" --variable="$_pkgvar" 2> /dev/null)"
+ if [[ -z ${!_var} || ! -d ${dracutsysrootdir}${!_var} ]]; then
+ shift 2
+ if (($# == 1)); then
+ export "$_var"="$1"
+ else
+ local _val
+ for _val in "$@"; do
+ _check=${_val##*:}
+ _val=${_val%:*}
+ [[ -e ${dracutsysrootdir}${_check} ]] && export "$_var"="$_val"
+ done
+ fi
+ fi
+}
-[[ -d $dracutsysrootdir$systemdutilconfdir ]] || systemdutilconfdir=/etc/systemd
+# dbus global variables
+set_global_var "dbus" "dbus" "/usr/share/dbus-1"
+set_global_var "dbus" "dbusconfdir" "/etc/dbus-1"
+set_global_var "dbus" "dbusinterfaces" "${dbus}/interfaces"
+set_global_var "dbus" "dbusinterfacesconfdir" "${dbusconfdir}/interfaces"
+set_global_var "dbus" "dbusservices" "${dbus}/services"
+set_global_var "dbus" "dbusservicesconfdir" "${dbusconfdir}/services"
+set_global_var "dbus" "dbussession" "${dbus}/session.d"
+set_global_var "dbus" "dbussessionconfdir" "${dbusconfdir}/session.d"
+set_global_var "dbus" "dbussystem" "${dbus}/system.d"
+set_global_var "dbus" "dbussystemconfdir" "${dbusconfdir}/system.d"
+set_global_var "dbus" "dbussystemservices" "${dbus}/system-services"
+set_global_var "dbus" "dbussystemservicesconfdir" "${dbusconfdir}/system-services"
+
+# udev global variables
+set_global_var "udev" "udevdir" "/lib/udev:/lib/udev/ata_id" "/usr/lib/udev:/usr/lib/udev/ata_id"
+set_global_var "udev" "udevconfdir" "/etc/udev"
+set_global_var "udev" "udevrulesdir" "${udevdir}/rules.d"
+set_global_var "udev" "udevrulesconfdir" "${udevconfdir}/rules.d"
+
+# systemd global variables
+set_global_var "systemd" "prefix:systemdprefix" "/usr"
+set_global_var "systemd" "systemdutildir" "/lib/systemd:/lib/systemd/systemd-udevd" "/usr/lib/systemd:/usr/lib/systemd/systemd-udevd"
+set_global_var "systemd" "systemdutilconfdir" "/etc/systemd"
+set_global_var "systemd" "environment" "/usr/lib/environment.d"
+set_global_var "systemd" "environmentconfdir" "/etc/environment.d"
+set_global_var "systemd" "modulesload" "/usr/lib/modules-load.d"
+set_global_var "systemd" "modulesloadconfdir" "/etc/modules-load.d"
+set_global_var "systemd" "sysctld" "/usr/lib/sysctl.d"
+set_global_var "systemd" "sysctlconfdir" "/etc/sysctl.d"
+set_global_var "systemd" "systemdcatalog" "${systemdutildir}/catalog"
+set_global_var "systemd" "systemdnetwork" "${systemdutildir}/network"
+set_global_var "systemd" "systemdnetworkconfdir" "${systemdutilconfdir}/network"
+set_global_var "systemd" "systemdntpunits" "${systemdutildir}/ntp-units.d"
+set_global_var "systemd" "systemdntpunitsconfdir" "${systemdutilconfdir}/ntp-units.d"
+set_global_var "systemd" "systemdportable" "${systemdutildir}/portable"
+set_global_var "systemd" "systemdportableconfdir" "${systemdutilconfdir}/portable"
+set_global_var "systemd" "systemdsystemunitdir" "${systemdutildir}/system"
+set_global_var "systemd" "systemdsystemconfdir" "${systemdutilconfdir}/system"
+set_global_var "systemd" "systemduser" "${systemdutildir}/user"
+set_global_var "systemd" "systemduserconfdir" "${systemdutilconfdir}/user"
+set_global_var "systemd" "sysusers" "/usr/lib/sysusers.d"
+set_global_var "systemd" "sysusersconfdir" "/etc/sysusers.d"
+set_global_var "systemd" "tmpfilesdir" "/lib/tmpfiles.d" "/usr/lib/tmpfiles.d"
+set_global_var "systemd" "tmpfilesconfdir" "/etc/tmpfiles.d"
+
+# libkmod global variables
+set_global_var "libkmod" "depmodd" "/usr/lib/depmod.d"
+set_global_var "libkmod" "depmodconfdir" "/etc/depmod.d"
if [[ $no_kernel != yes ]] && [[ -d $srcmods ]]; then
if ! [[ -f $srcmods/modules.dep ]]; then
exit 1
fi
unset EFI_MACHINE_TYPE_NAME
- EFI_SECTION_VMA_INITRD=0x3000000
case "${DRACUT_ARCH:-$(uname -m)}" in
x86_64)
EFI_MACHINE_TYPE_NAME=x64
;;
aarch64)
EFI_MACHINE_TYPE_NAME=aa64
- # aarch64 kernels are uncompressed and thus larger, so we need a bigger gap between vma sections
- EFI_SECTION_VMA_INITRD=0x4000000
;;
*)
dfatal "Architecture '${DRACUT_ARCH:-$(uname -m)}' not supported to create a UEFI executable"
esac
if ! [[ -s $uefi_stub ]]; then
- uefi_stub="$dracutsysrootdir${systemdutildir}/boot/efi/linux${EFI_MACHINE_TYPE_NAME}.efi.stub"
+ uefi_stub="$dracutsysrootdir${systemdprefix}/lib/systemd/boot/efi/linux${EFI_MACHINE_TYPE_NAME}.efi.stub"
fi
if ! [[ -s $uefi_stub ]]; then
if [[ $early_microcode == yes ]]; then
if [[ $hostonly ]]; then
- if [[ $(get_cpu_vendor) == "AMD" ]]; then
- check_kernel_config CONFIG_MICROCODE_AMD || unset early_microcode
- elif [[ $(get_cpu_vendor) == "Intel" ]]; then
- check_kernel_config CONFIG_MICROCODE_INTEL || unset early_microcode
+ if [[ $(get_cpu_vendor) == "AMD" || $(get_cpu_vendor) == "Intel" ]]; then
+ check_kernel_config CONFIG_MICROCODE || unset early_microcode
else
unset early_microcode
fi
else
- ! check_kernel_config CONFIG_MICROCODE_AMD \
- && ! check_kernel_config CONFIG_MICROCODE_INTEL \
+ ! check_kernel_config CONFIG_MICROCODE \
&& unset early_microcode
fi
# Do not complain on non-x86 architectures as it makes no sense
case "${DRACUT_ARCH:-$(uname -m)}" in
x86_64 | i?86)
[[ $early_microcode != yes ]] \
- && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y"
+ && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE!=y"
;;
*) ;;
esac
fi
done
-[[ -d $dracutsysrootdir$dbus ]] \
- || dbus=$(pkg-config dbus --variable=dbus 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbus ]] || dbus=/usr/share/dbus-1
-
-[[ -d $dracutsysrootdir$dbusconfdir ]] \
- || dbusconfdir=$(pkg-config dbus --variable=dbusconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbusconfdir ]] || dbusconfdir=/etc/dbus-1
-
-[[ -d $dracutsysrootdir$dbusinterfaces ]] \
- || dbusinterfaces=$(pkg-config dbus --variable=dbusinterfaces 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbusinterfaces ]] || dbusinterfaces=${dbus}/interfaces
-
-[[ -d $dracutsysrootdir$dbusinterfacesconfdir ]] \
- || dbusinterfacesconfdir=$(pkg-config dbus --variable=dbusinterfacesconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbusinterfacesconfdir ]] || dbusinterfacesconfdir=${dbusconfdir}/interfaces
-
-[[ -d $dracutsysrootdir$dbusservices ]] \
- || dbusservices=$(pkg-config dbus --variable=dbusservices 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbusservices ]] || dbusservices=${dbus}/services
-
-[[ -d $dracutsysrootdir$dbusservicesconfdir ]] \
- || dbusservicesconfdir=$(pkg-config dbus --variable=dbusservicesconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbusservicesconfdir ]] || dbusservicesconfdir=${dbusconfdir}/services
-
-[[ -d $dracutsysrootdir$dbussession ]] \
- || dbussession=$(pkg-config dbus --variable=dbussession 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbussession ]] || dbussession=${dbus}/session.d
-
-[[ -d $dracutsysrootdir$dbussessionconfdir ]] \
- || dbussessionconfdir=$(pkg-config dbus --variable=dbussessionconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbussessionconfdir ]] || dbussessionconfdir=${dbusconfdir}/session.d
-
-[[ -d $dracutsysrootdir$dbussystem ]] \
- || dbussystem=$(pkg-config dbus --variable=dbussystem 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbussystem ]] || dbussystem=${dbus}/system.d
-
-[[ -d $dracutsysrootdir$dbussystemconfdir ]] \
- || dbussystemconfdir=$(pkg-config dbus --variable=dbussystemconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbussystemconfdir ]] || dbussystemconfdir=${dbusconfdir}/system.d
-
-[[ -d $dracutsysrootdir$dbussystemservices ]] \
- || dbussystemservices=$(pkg-config dbus --variable=dbussystemservices 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbussystemservices ]] || dbussystemservices=${dbus}/system-services
-
-[[ -d $dracutsysrootdir$dbussystemservicesconfdir ]] \
- || dbussystemservicesconfdir=$(pkg-config dbus --variable=dbussystemservicesconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$dbussystemservicesconfdir ]] || dbussystemservicesconfdir=${dbusconfdir}/system-services
-
-[[ -d $dracutsysrootdir$udevdir ]] \
- || udevdir="$(pkg-config udev --variable=udevdir 2> /dev/null)"
-if ! [[ -d $dracutsysrootdir$udevdir ]]; then
- [[ -e $dracutsysrootdir/lib/udev/ata_id ]] && udevdir=/lib/udev
- [[ -e $dracutsysrootdir/usr/lib/udev/ata_id ]] && udevdir=/usr/lib/udev
-fi
-
-[[ -d $dracutsysrootdir$udevconfdir ]] \
- || udevconfdir=$(pkg-config udev --variable=udevconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$udevconfdir ]] || udevconfdir=/etc/udev
-
-[[ -d $dracutsysrootdir$udevrulesdir ]] \
- || udevrulesdir=$(pkg-config udev --variable=udevrulesdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$udevrulesdir ]] || udevrulesdir=${udevdir}/rules.d
-
-[[ -d $dracutsysrootdir$udevrulesconfdir ]] \
- || udevrulesconfdir=$(pkg-config udev --variable=udevrulesconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$udevrulesconfdir ]] || udevrulesconfdir=${udevconfdir}/rules.d
-
-[[ -d $dracutsysrootdir$sysctld ]] \
- || sysctld=$(pkg-config systemd --variable=sysctld 2> /dev/null)
-
-[[ -d $dracutsysrootdir$sysctld ]] || sysctld=/usr/lib/sysctl.d
-
-[[ -d $dracutsysrootdir$sysctlconfdir ]] \
- || sysctlconfdir=$(pkg-config systemd --variable=sysctlconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$sysctlconfdir ]] || sysctlconfdir=/etc/sysctl.d
-
-[[ -d $dracutsysrootdir$environment ]] \
- || environment=$(pkg-config systemd --variable=environment 2> /dev/null)
-
-[[ -d $dracutsysrootdir$environment ]] || environment=/usr/lib/environment.d
-
-[[ -d $dracutsysrootdir$environmentconfdir ]] \
- || environmentconfdir=$(pkg-config systemd --variable=environmentconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$environmentconfdir ]] || environmentconfdir=/etc/environment.d
-
-[[ -d $dracutsysrootdir$systemdcatalog ]] \
- || systemdcatalog=$(pkg-config systemd --variable=systemdcatalog 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemdcatalog ]] || systemdcatalog=${systemdutildir}/catalog
-
-[[ -d $dracutsysrootdir$modulesload ]] \
- || modulesload=$(pkg-config systemd --variable=modulesload 2> /dev/null)
-
-[[ -d $dracutsysrootdir$modulesload ]] || modulesload=/usr/lib/modules-load.d
-
-[[ -d $dracutsysrootdir$modulesloadconfdir ]] \
- || modulesloadconfdir=$(pkg-config systemd --variable=modulesloadconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$modulesloadconfdir ]] || modulesloadconfdir=/etc/modules-load.d
-
-[[ -d $dracutsysrootdir$systemdnetwork ]] \
- || systemdnetwork=$(pkg-config systemd --variable=systemdnetwork 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemdnetwork ]] || systemdnetwork=${systemdutildir}/network
-
-[[ -d $dracutsysrootdir$systemdnetworkconfdir ]] \
- || systemdnetworkconfdir=$(pkg-config systemd --variable=systemdnetworkconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemdnetworkconfdir ]] || systemdnetworkconfdir=${systemdutilconfdir}/network
-
-[[ -d $dracutsysrootdir$systemdntpunits ]] \
- || systemdntpunits=$(pkg-config systemd --variable=systemdntpunits 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemdntpunits ]] || systemdntpunits=${systemdutildir}/ntp-units.d
-
-[[ -d $dracutsysrootdir$systemdntpunitsconfdir ]] \
- || systemdntpunitsconfdir=$(pkg-config systemd --variable=systemdntpunitsconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemdntpunitsconfdir ]] || systemdntpunitsconfdir=${systemdutilconfdir}/ntp-units.d
-
-[[ -d $dracutsysrootdir$systemdportable ]] \
- || systemdportable=$(pkg-config systemd --variable=systemdportable 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemdportable ]] || systemdportable=${systemdutildir}/portable
-
-[[ -d $dracutsysrootdir$systemdportableconfdir ]] \
- || systemdportableconfdir=$(pkg-config systemd --variable=systemdportableconfdir 2> /dev/null)
-
-[[ -d "$dracutsysrootdir$systemdportableconfdir" ]] || systemdportableconfdir=${systemdutilconfdir}/portable
-
-[[ -d $dracutsysrootdir$systemdsystemunitdir ]] \
- || systemdsystemunitdir=$(pkg-config systemd --variable=systemdsystemunitdir 2> /dev/null)
-
-[[ -d "$dracutsysrootdir$systemdsystemunitdir" ]] || systemdsystemunitdir=${systemdutildir}/system
-
-[[ -d $dracutsysrootdir$systemduser ]] \
- || systemduser=$(pkg-config systemd --variable=systemduser 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemduser ]] || systemduser=${systemdutildir}/user
-
-[[ -d $dracutsysrootdir$systemduserconfdir ]] \
- || systemduserconfdir=$(pkg-config systemd --variable=systemduserconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemduserconfdir ]] || systemduserconfdir=${systemdutilconfdir}/user
-
-[[ -d $dracutsysrootdir$systemdsystemconfdir ]] \
- || systemdsystemconfdir=$(pkg-config systemd --variable=systemdsystemconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$systemdsystemconfdir ]] || systemdsystemconfdir=/etc/systemd/system
-
-[[ -d $dracutsysrootdir$sysusers ]] \
- || sysusers=$(pkg-config systemd --variable=sysusers 2> /dev/null)
-
-[[ -d $dracutsysrootdir$sysusers ]] || sysusers=/usr/lib/sysusers.d
-
-[[ -d $dracutsysrootdir$sysusersconfdir ]] \
- || sysusersconfdir=$(pkg-config systemd --variable=sysusersconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$sysusersconfdir ]] || sysusersconfdir=/etc/sysusers.d
-
-[[ -d $dracutsysrootdir$tmpfilesdir ]] \
- || tmpfilesdir=$(pkg-config systemd --variable=tmpfilesdir 2> /dev/null)
-
-if ! [[ -d $dracutsysrootdir$tmpfilesdir ]]; then
- [[ -d $dracutsysrootdir/lib/tmpfiles.d ]] && tmpfilesdir=/lib/tmpfiles.d
- [[ -d $dracutsysrootdir/usr/lib/tmpfiles.d ]] && tmpfilesdir=/usr/lib/tmpfiles.d
-fi
-
-[[ -d $dracutsysrootdir$tmpfilesconfdir ]] \
- || tmpfilesconfdir=$(pkg-config systemd --variable=tmpfilesconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$tmpfilesconfdir ]] || tmpfilesconfdir=/etc/tmpfiles.d
-
-[[ -d $dracutsysrootdir$depmodd ]] \
- || depmodd=$(pkg-config libkmod --variable=depmodd 2> /dev/null)
-
-[[ -d $dracutsysrootdir$depmodd ]] || depmodd=/usr/lib/depmod.d
-
-[[ -d $dracutsysrootdir$depmodconfdir ]] \
- || depmodconfdir=$(pkg-config libkmod --variable=depmodconfdir 2> /dev/null)
-
-[[ -d $dracutsysrootdir$depmodconfdir ]] || depmodconfdir=/etc/depmod.d
-
export initdir dracutbasedir \
dracutmodules force_add_dracutmodules add_dracutmodules omit_dracutmodules \
mods_to_load \
omit_drivers mdadmconf lvmconf root_devs \
use_fstab fstab_lines libdirs fscks nofscks ro_mnt \
stdloglvl sysloglvl fileloglvl kmsgloglvl logfile \
- debug host_fs_types host_devs swap_devs sshkey add_fstab \
- DRACUT_VERSION udevdir udevconfdir udevrulesdir udevrulesconfdir \
- prefix filesystems drivers dbus dbusconfdir dbusinterfaces \
- dbusinterfacesconfdir dbusservices dbusservicesconfdir dbussession \
- dbussessionconfdir dbussystem dbussystemconfdir dbussystemservices \
- dbussystemservicesconfdir environment environmentconfdir modulesload \
- modulesloadconfdir sysctld sysctlconfdir sysusers sysusersconfdir \
- systemdutildir systemdutilconfdir systemdcatalog systemdnetwork \
- systemdnetworkconfdir systemdntpunits systemdntpunitsconfdir \
- systemdportable systemdportableconfdir systemdsystemunitdir \
- systemdsystemconfdir systemduser systemduserconfdir \
- hostonly_cmdline loginstall tmpfilesdir tmpfilesconfdir depmodd \
- depmodconfdir
+ host_fs_types host_devs swap_devs sshkey add_fstab \
+ DRACUT_VERSION \
+ prefix filesystems drivers \
+ hostonly_cmdline loginstall
mods_to_load=""
# check all our modules to see if they should be sourced.
if [[ $kernel_only != yes ]]; then
mkdir -p "${initdir}/etc/cmdline.d"
mkdir -m 0755 "${initdir}"/lib/dracut/hooks
- # shellcheck disable=SC2154
for _d in $hookdirs; do
# shellcheck disable=SC2174
mkdir -m 0755 -p "${initdir}/lib/dracut/hooks/$_d"
# shellcheck disable=SC2086
find "$initdir" -type f -perm /0111 -not -path '*.ko' -print0 \
| xargs -r -0 $DRACUT_INSTALL ${initdir:+-D "$initdir"} ${dracutsysrootdir:+-r "$dracutsysrootdir"} -R ${DRACUT_FIPS_MODE:+-f} --
- dinfo "*** Resolving executable dependencies done ***"
+ # shellcheck disable=SC2181
+ if (($? == 0)); then
+ dinfo "*** Resolving executable dependencies done ***"
+ else
+ dfatal "Resolving executable dependencies failed"
+ exit 1
+ fi
fi
# Now we are done with lazy resolving, always install dependencies
if [[ $do_hardlink == yes ]] && command -v hardlink > /dev/null; then
dinfo "*** Hardlinking files ***"
- hardlink "$initdir" 2>&1 | dinfo
+ hardlink "$initdir" 2>&1 | ddebug
dinfo "*** Hardlinking files done ***"
fi
fi
fi
-# shellcheck disable=SC2154
if ((maxloglvl >= 5)) && ((verbosity_mod_l >= 0)); then
if [[ $allowlocal ]]; then
"$dracutbasedir/lsinitrd.sh" "${DRACUT_TMPDIR}/initramfs.img" | ddebug
umask 077
+SBAT_DEFAULT="sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md"
+sbat_out=$uefi_outdir/uki.sbat
+
+clean_sbat_string() {
+ local inp=$1
+ local temp=$uefi_outdir/temp.sbat
+ sed "/${SBAT_DEFAULT//\//\\/}/d" "$inp" > "$temp"
+ [[ -s $temp ]] && cat "$temp" >> "$sbat_out"
+ rm "$temp"
+}
+
+get_sbat_string() {
+ local inp=$1
+ local out=$uefi_outdir/$2
+ objcopy -O binary --only-section=.sbat "$inp" "$out"
+ clean_sbat_string "$out"
+}
+
if [[ $uefi == yes ]]; then
if [[ $kernel_cmdline ]]; then
echo -n "$kernel_cmdline" > "$uefi_outdir/cmdline.txt"
fi
fi
+ offs=$(objdump -h "$uefi_stub" 2> /dev/null | gawk 'NF==7 {size=strtonum("0x"$3);
+ offset=strtonum("0x"$4)} END {print size + offset}')
+ if [[ $offs -eq 0 ]]; then
+ dfatal "Failed to get the size of $uefi_stub to create UEFI image file"
+ exit 1
+ fi
+ align=$(pe_get_section_align "$uefi_stub")
+ if [[ $? -eq 1 ]]; then
+ dfatal "Failed to get the SectionAlignment of the stub PE header to create the UEFI image file"
+ exit 1
+ fi
+ offs=$((offs + "$align" - offs % "$align"))
+ [[ -s $dracutsysrootdir/usr/lib/os-release ]] && uefi_osrelease="$dracutsysrootdir/usr/lib/os-release"
+ [[ -s $dracutsysrootdir/etc/os-release ]] && uefi_osrelease="$dracutsysrootdir/etc/os-release"
+ [[ -s $uefi_osrelease ]] \
+ && uefi_osrelease_offs=${offs} \
+ && offs=$((offs + $(stat -Lc%s "$uefi_osrelease"))) \
+ && offs=$((offs + "$align" - offs % "$align"))
+
if [[ $kernel_cmdline ]] || [[ $hostonly_cmdline == yes && -e "${uefi_outdir}/cmdline.txt" ]]; then
echo -ne "\x00" >> "$uefi_outdir/cmdline.txt"
dinfo "Using UEFI kernel cmdline:"
dinfo "$(tr -d '\000' < "$uefi_outdir/cmdline.txt")"
uefi_cmdline="${uefi_outdir}/cmdline.txt"
+ uefi_cmdline_offs=${offs}
+ offs=$((offs + $(stat -Lc%s "$uefi_cmdline")))
+ offs=$((offs + "$align" - offs % "$align"))
else
unset uefi_cmdline
fi
- [[ -s $dracutsysrootdir/usr/lib/os-release ]] && uefi_osrelease="$dracutsysrootdir/usr/lib/os-release"
- [[ -s $dracutsysrootdir/etc/os-release ]] && uefi_osrelease="$dracutsysrootdir/etc/os-release"
if [[ -s ${dracutsysrootdir}${uefi_splash_image} ]]; then
uefi_splash_image="${dracutsysrootdir}${uefi_splash_image}"
+ uefi_splash_offs=${offs}
+ offs=$((offs + $(stat -Lc%s "$uefi_splash_image")))
+ offs=$((offs + "$align" - offs % "$align"))
else
unset uefi_splash_image
fi
+ echo "$SBAT_DEFAULT" > "$sbat_out"
+ if [[ -n $sbat ]]; then
+ echo "$sbat" | sed "/${SBAT_DEFAULT//\//\\/}/d" >> "$sbat_out"
+ fi
+ get_sbat_string "$kernel_image" kernel.sbat
+ get_sbat_string "$uefi_stub" stub.sbat
+
+ uefi_sbat_offs="${offs}"
+ offs=$((offs + $(stat -Lc%s "$sbat_out")))
+ offs=$((offs + "$align" - offs % "$align"))
+ uefi_linux_offs="${offs}"
+ offs=$((offs + $(stat -Lc%s "$kernel_image")))
+ offs=$((offs + "$align" - offs % "$align"))
+ uefi_initrd_offs="${offs}"
+
+ base_image=$(pe_get_image_base "$uefi_stub")
+ if [[ $? -eq 1 ]]; then
+ dfatal "Failed to get ImageBase data of $uefi_stub to create UEFI image file"
+ exit 1
+ fi
+
+ tmp_uefi_stub=$uefi_outdir/elf.stub
+ cp "$uefi_stub" "$tmp_uefi_stub"
+ objcopy --remove-section .sbat "$tmp_uefi_stub" &> /dev/null
+
if objcopy \
- ${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=0x20000} \
- ${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=0x30000} \
- ${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=0x40000} \
- --add-section .linux="$kernel_image" --change-section-vma .linux=0x2000000 \
- --add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="${EFI_SECTION_VMA_INITRD}" \
- "$uefi_stub" "${uefi_outdir}/linux.efi"; then
+ ${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=$(printf 0x%x "$uefi_osrelease_offs")} \
+ ${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=$(printf 0x%x "$uefi_cmdline_offs")} \
+ ${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=$(printf 0x%x "$uefi_splash_offs")} \
+ --add-section .sbat="$sbat_out" --change-section-vma .sbat="$(printf 0x%x "$uefi_sbat_offs")" \
+ --add-section .linux="$kernel_image" --change-section-vma .linux="$(printf 0x%x "$uefi_linux_offs")" \
+ --add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="$(printf 0x%x "$uefi_initrd_offs")" \
+ --image-base="$(printf 0x%x "$base_image")" \
+ "$tmp_uefi_stub" "${uefi_outdir}/linux.efi"; then
if [[ -n ${uefi_secureboot_key} && -n ${uefi_secureboot_cert} ]]; then
if sbsign \
${uefi_secureboot_engine:+--engine "$uefi_secureboot_engine"} \
--key "${uefi_secureboot_key}" \
--cert "${uefi_secureboot_cert}" \
- --output "$outfile" "${uefi_outdir}/linux.efi"; then
+ --output "$outfile" "${uefi_outdir}/linux.efi" \
+ && sbverify --cert "${uefi_secureboot_cert}" "$outfile" > /dev/null 2>&1; then
dinfo "*** Creating signed UEFI image file '$outfile' done ***"
else
+ rm -f -- "$outfile"
dfatal "*** Creating signed UEFI image file '$outfile' failed ***"
exit 1
fi
else
if cp --reflink=auto "${uefi_outdir}/linux.efi" "$outfile"; then
dinfo "*** Creating UEFI image file '$outfile' done ***"
+ else
+ rm -f -- "$outfile"
+ dfatal "Creation of $outfile failed"
+ exit 1
fi
fi
else
zfs)
return 1
;;
+ tmpfs)
+ return 1
+ ;;
btrfs)
freeze_ok_for_btrfs "$outfile"
;;