Lubomir Rintel [Mon, 27 May 2019 10:43:59 +0000 (12:43 +0200)]
network-manager: generate configuration with netroot=
If the root is on network, let nm-initrd-generator create configuration
even if none was explicitly specified on the command line.
Also do the same if /tmp/net.ifaces exists, because the anaconda plugin
creates an empty file in that location in hopes that will make us
configure the network.
Lubomir Rintel [Tue, 11 Jun 2019 07:56:13 +0000 (09:56 +0200)]
test/{10,12,13,14,17,30,31}: increase the disk sizes
On Fedora 30 the paritition sizes turn out to be too small again:
+ mkdir -p /sysroot
+ mount /dev/dracut/root /sysroot
+ cp -a -t /sysroot /source/bin /source/dev /source/etc /source/lib /source/lib64 /source/proc /source/root /source/sbin /source/sys /source/tmp /source/usr /source/var
cp: error writing '/sysroot/usr/lib64/libkrb5.so.3.3': No space left on device
cp: error writing '/sysroot/usr/lib64/libkrb5support.so.0.1': No space left on device
It turns out that there has been quite some size increase in some libraries,
notably glibc, though not all -- some even shrunk, ruling out a toolchain
problem. Here's are files over 1M we install on Fedora 30:
Kairui Song [Wed, 12 Jun 2019 06:27:44 +0000 (14:27 +0800)]
95fcoe: load 'libfcoe' module as a fallback
The kernel may only enable 'libfcoe' module. Some modules like bnx2fc
provides FCoE but only depend on 'libfcoe'. Loading 'fcoe' module may
fail but the kernel do support FCoE.
'libfcoe' will be installed as a dependency when installing block device
drivers if it's required. So no need to install it in installkernel.
Takashi Iwai [Wed, 22 May 2019 12:47:14 +0000 (14:47 +0200)]
dracut-install: Add support for compressed kernel modules
When a module is compressed, uncompress it before packing into initrd.
Since initrd is already compressed, it makes no sense to put the
compressed module files.
The patch contains a slight refactoring and adds a helper function to
get the command for uncompressing a file per extension.
testfunc
[lkundrak@demiurge ~]$ bash4 --posix feh.sh
NEW
[lkundrak@demiurge ~]$ bash5 --posix feh.sh
OLD
[lkundrak@demiurge ~]$ bash5 feh.sh
NEW
[lkundrak@demiurge ~]$
It works the way it did in Bash 4 in non-POSIX mode, for external programs,
or for non-local variables. Don't ask me why -- it's probably some
compatibility thing for some sad old people.
However, this precisely happens when fsck_single() is calling into the
fsck_drv_com(), assigned to _drv by fsck_able(). That ruins the
TEST-70-BONDBRIDGETEAMVLAN test's server and probably more.
Let's pass the fsck driver binary via the function argument instead. It's
less messy anyway.
Lubomir Rintel [Tue, 25 Jun 2019 15:39:57 +0000 (17:39 +0200)]
test/TEST-14-IMSM: detect failure to compose the test setup root
The dracut-root-block-created line should not be created if we fail to copy
in the required files to sysroot. Let's turn on -e to trap failures and
poweroff on them, like some other tests do.
Also remove the &&. Not only it is unnecessary with -e, but defeats it.
From bash(1):
The shell does not exit if the command that fails is [...] part of any
command executed in a && or || list except the command following the
final && or || [...]
rngd: new module running early during boot to help generating entropy
when system's default entropy sources are poor (e.g. use of SSD disks or
UEFI RNG not available)
On systems with low entropy at boot, the boot can take up to several
hours, specially when NBDE is used (e.g. clevis) which makes use of
the random number generator.
Enabling rngd service at boot early, because dracut-initqueue runs,
enables to initialize the random number generator in a couple of seconds
instead of minutes or hours.
Lianbo Jiang [Mon, 13 May 2019 08:09:25 +0000 (16:09 +0800)]
99base: enable the initqueue in both 'dracut --add-device' and 'dracut --mount' cases.
The commit 9f3c31cd8d68 ("99base: enable initqueue if extra devices are added")
only covers 'dracut --add-device' case, but it did not cover 'dracut --mount'
case, which causes the kdump failure in the Amazon virtual machine.
Lets make sure that the initqueue is enabled in both cases in order to wake up
the device in time.
Kairui Song [Wed, 13 Mar 2019 09:36:53 +0000 (17:36 +0800)]
squash: also squash systemctl if switch-root is not needed
systemctl need to be accessible on switch-root, but we unmount the
squash image on switch-root, so it will fail. systemctl depends on a lot
of libraries, squash them can save more RAM. So allow modules
(eg. kdump) to tell dracut that switch-root will be intercepted,
then we don't need to take care of that.
Kairui Song [Mon, 11 Mar 2019 10:44:02 +0000 (18:44 +0800)]
squash: squash systemd binary and udevadm
systemd binary and udevadm are not needed to be outside the squash
image. Some binaries are kept outside because they are required before
mounting the image, or after umounting the image (when switching root),
or they may block umounting the image. But we are using lazy umounting,
so actually nothing will block the umount.
Keep more binaries outside the squash image won't hurt but cost extra
memories, the idea of squash image is to save memory usage.
So, there is no reason to keep udevadm outside, that should be a debug
left over. For systemd binary, it's running when switch root happens,
But we have lazy umounted the image and overlay, once systemd process
exec the new systemd in new root, everything will be cleared by kernel.
Kairui Song [Tue, 7 May 2019 11:15:42 +0000 (19:15 +0800)]
dracut.sh: record the actual hostonly modules for hostonly mode
Previous in commit 7047294, dracut will include the loaded kernel module
list in initramfs, so other tools could check if the loaded kernel
module is changed and rebuild the host only initramfs in case some
module required to boot the machine is missing due to host only install.
It's better to use modalias list generated by dracut-install, that
list includes the device modalias list combined with current loaded
kernel module list. In this way, if any kernel module is yet to be
loaded when the initramfs is built, or got unloaded by accident the
module list will not change. This make the list more stable over
initramfs builds.
Kairui Song [Tue, 25 Dec 2018 09:53:24 +0000 (17:53 +0800)]
99squash: fail early if can't install require modules in initramfs
insmods will consider all arguments as optional modules by default, but
for squash module, all listed modules are required, if any of them is
missing the initramfs won't boot. So pass the '-c' argument to let instmos
know all those modules are mandatory, it will fail and give an error if
it failed to install any of those modules.
Daniel Molkentin [Thu, 18 Jul 2019 09:29:29 +0000 (11:29 +0200)]
95fcoe: Fix startup when fcoe module is included
The parse-fcoe.sh hook is sourced, and hence must not contain
exit 0 calls. Otherwise, the cmdline sequence will be interupted,
and no error will be reported to systemd. Use return instead.
Takashi Iwai [Wed, 8 May 2019 05:12:06 +0000 (07:12 +0200)]
dracut-install: Add support for compressed firmware files
The upcoming kernel will have a support for loading compressed
firmware files, and this patch corresponds to that kernel change.
When a firmware file with the extra .xz extension is found, dracut
copies to initrd as fallback. Since initrd itself is compressed, the
file is uncompressed in initrd beforehand.
Kairui Song [Thu, 14 Mar 2019 10:54:10 +0000 (18:54 +0800)]
fips: ensure fs module for /boot is installed
When using dracut with --hostonly and --no-hostonly-default-device,
/boot will be inaccessible as dracut will most fs modules unless
specified. But FIPS require /boot to be accessible, and it will try
to mount it on boot. It will fail if corresponding fs module is missing.
For most case /boot will be a simple partition, include the fs module
will be enough for FIPS to mount it. For other cases users have to pass
extra parameters by themselves.
Suggested-by: Kenneth Dsouza <kdsouza@redhat.com> Signed-off-by: Kairui Song <kasong@redhat.com>
Kairui Song [Thu, 21 Feb 2019 05:18:37 +0000 (13:18 +0800)]
dracut: let module handling function accept optional path option
Let the caller pass in the module path instead of try to find the module
path everytime. This helps optimize the overall runtime.
Test results (3 rounds) on Fedora 30 in KVM VM with 8 CPUs, 2G memory, HDD:
$ time ./dracut.sh --local --quiet --hostonly --hostonly-cmdline --hostonly-i18n --hostonly-mode 'strict' -o 'plymouth dash resume ifcfg' --mount '/dev/mapper/fedora-root /sysroot xfs defaults' --no-hostonly-default-device -f initramfs.img
Before the commit:
real 0m11.782s | real 0m11.505s | real 0m11.958s
user 0m9.169s | user 0m9.218s | user 0m9.327s
sys 0m10.839s | sys 0m10.829s | sys 0m10.925s
After this commit:
real 0m9.866s | real 0m9.580s | real 0m9.638s
user 0m9.048s | user 0m9.142s | user 0m9.120s
sys 0m7.411s | sys 0m7.775s | sys 0m7.745s
Test result of building a ordinary image:
$ time ./dracut.sh --local --quiet -f initramfs.img
Before the commit:
real 0m34.697s | real 0m34.371s | real 0m35.122s
user 0m27.608s | user 0m27.524s | user 0m27.705s
sys 0m22.341s | sys 0m22.032s | sys 0m22.246s
After the commit:
real 0m31.914s | real 0m31.006 | real 0m31.289ss
user 0m27.315s | user 0m27.324 | user 0m27.290ss
sys 0m19.051s | sys 0m18.916 | sys 0m19.022ss
Lukas Nykryn [Thu, 7 Feb 2019 15:09:43 +0000 (16:09 +0100)]
95iscsi: /sys/devices/platform/*/flashnode_sess-*/is_boot_target sometimes does not exist
cat: '/sys/devices/platform/host2/flashnode_sess-*/is_boot_target': No such file or directory
/usr/lib/dracut/modules.d/95iscsi/module-setup.sh: line 90: [: -eq: unary operator expected
The recent systemd upstream introduced a slightly modified version
string which included information about a git commit, which however
broke the version check in dracut. Unfortunately, the (( )) bash syntax
went along with it in certain cases and introduced a pretty nasty issue,
when the systemd would boot up but with slightly changed environment.
To prevent this from happening in the future, let's at least check if
the version parsed from the `systemd --version` output is a comparable
number.
Jens Heise [Mon, 7 Jan 2019 15:47:23 +0000 (16:47 +0100)]
10i18n: Fix keymaps not getting included sometimes
Eliminate erroneous substring matches when looking up already processed keymaps to prevent necessary keymaps not getting added to the initramfs sometimes e.g. if there are the files 'compose.latin1' and 'compose.latin1.add' the unfixed version would skip processing 'compose.latin1' if find returned 'compose.latin1.add' first due to the directory listing not being in sorted order.
Patrick Talbert [Fri, 30 Nov 2018 08:28:09 +0000 (09:28 +0100)]
95fcoe: Add the rd.nofcoe option to disable the FCoE module from the command line
Images built with the fcoe module will always run the lldpad
service as part of their pre-trigger scripts if the network
is active. This prevents network installations in
environments where, for security reasons, LLDPDU frames
cause a switchport shutdown.
Add a new rd.nofcoe option to cause dracut to skip the
lldpad.sh script and the entire 95-fcoe module.
Signed-off-by: Patrick Talbert <ptalbert@redhat.com>
Kairui Song [Wed, 26 Dec 2018 09:38:02 +0000 (17:38 +0800)]
lsinitrd: list squash content as well
When the initramfs is built with squash module enabled, the content
inside squash image will be invisible from the lsinitrd tool. This
commit make lsinitrd detect and list the content of the squash image as
well to avoid possible confusion.
- allow emergency login on every console
specified in the kernel cmdline
- require password for hostonly images
- emergency mode: Manually multiplex emergency infos
This will bring all vital information to all ttys specified
as console devices, regardless of wether they hold the C flag.
Kairui Song [Fri, 9 Nov 2018 02:48:28 +0000 (10:48 +0800)]
squash: unsquash the root image instead of mounting it on shutdown
When building squash image, squash module forgot to install the new
shutdown.sh, and the shutdown hooks are always skipped on ordinary
shutdown if squash module is enabled.
The new shutdown.sh will remount the squash image and then everything
will just work, but currently re-mounting the squash image on shutdown
may have selinux problem and make the system hang, and there is no
easy way to fix it.
So skip fixing the shutdown.sh not being install problem, instead
just drop the new shutdown.sh, and unsquash the image on ordinary
shutdown, which is safer and should always work.
Lukas Nykryn [Thu, 25 Oct 2018 13:30:36 +0000 (15:30 +0200)]
dracut.install: call dracut with --force
The kernel-install is called even if you run make install.
Since we don't call dracut with -f a second make install will fail
because initrd with same version is already there.
This makes kernel developers feel miserable.
Dusty Mabe [Mon, 22 Oct 2018 17:25:29 +0000 (13:25 -0400)]
95iscsi: drop systemd dracut service dependencies for iscsid
These dependencies cause an odd issue where swap devices specified
by resume= on the kernel command line will cause systemd device
timeouts to occur on boot. According to @haraldh these lines aren't
needed because the socket activiation will take care of it for us.
Removing these lines now as it fixes the resume= device timeout issue.
Kairui Song [Thu, 18 Oct 2018 09:05:22 +0000 (17:05 +0800)]
99squash: Don't clean up squahfs on isolate
The only time we need to cleanup squahfs manually is on switch root, to
release resource and memory. We've covered that by setting
"Conflicts=initrd-switch-root.target" for squash cleanup service.
On shutdown systemd will take care of squahfs mounts. But for other
isolate, files in initramfs are most likely still required, so don't
clean up squahfs. For example, kdump's emergency handler will isolate
into its own target, if squahfs is cleaned up it will fail.
Kairui Song [Fri, 12 Oct 2018 05:07:13 +0000 (13:07 +0800)]
40network: Don't include 40network by default
commit 7347391 ('network-legacy: split off from network module')
splitted network function to network-legacy and removed check() function
of 40network. This caused 40network to be included even if network is
not needed.
70291e0 ('dracut.spec: Add dracut-squash package') introduced a new
dracut-squash package, but by accident it overrided some other package
spec and the dependency name is wrong. This patch will fix it.
At runtime, the kernel tries to load the file from /lib, and fails if we
only provide it in /lib64.
Instead of looking for the first slash after the "=>", just look for the
first slash, period. This would fail if we somehow had a relative path
on the left side (foo/libbar.so), but I'm not aware of any binaries that
would contain such an entry in DT_NEEDED.
Bug: https://bugs.gentoo.org/667752 Signed-off-by: Mike Gilbert <floppym@gentoo.org>
modules.d: Add a module for handling additional depmod kernel module directories
It parses depmod configuration and scans modules.dep for kernel modules
present in directories supplied in "overrides", "external", and "search"
depmod configuration options. The resulting list of (absolute) kernel
module paths is then supplied to instmods.
* modules.d/90kernel-modules-extra/module-setup.sh: New file.
* dracut.spec (%files): Add
%{dracutlibdir}/modules.d/90kernel-modules-extra.
Lubomir Rintel [Thu, 30 Aug 2018 14:21:17 +0000 (16:21 +0200)]
iscsi: do not replace the configuration in the host system
ln: failed to create symbolic link '/usr/lib/systemd/system/sockets.target.wants/iscsid.socket': Permission denied
ln: failed to create symbolic link '/usr/lib/systemd/system/sockets.target.wants/iscsiuio.socket': Permission denied
No way. Just ensure the links are there in the initramfs image. In fact,
that is already the case for iscsiuio.socket. Add iscsid.socket too.
If the network module obtained a lease using dhclient, NetworkManager
must be configured to use it too, otherwise it would obtain a different
lease (and could potentially break a connection to the network volume).
Kairui Song [Tue, 11 Sep 2018 11:32:24 +0000 (19:32 +0800)]
Add support for building a squashed initramfs
With all files stored in ramfs, and most of them are not compressed,
the initramfs will take up a lot of memory. Besides, if the file number
is large, each file will waste some memory due to page fragmetation.
This is due to ramfs' design, at least one page will be allocated for
one file however small the file is. On machine with large page size,
this will become worse and waste too many memory.
One approach to reducing the memory usage is to reduce the number of
files that got directly loaded into the root ramfs, and compress files
by put most files will into a read-only squash image and keep a minimum
set of executable and libraries outside as the loader for the squash
image. After the squash image is mounted, the real 'init' will be
executed and then everything behaves as usual.
This patch will introduce a '99squash' module which will never be
included by default. User can force add it, and if it is included,
dracut will perform some extra steps before creating the final image:
For now, "/etc" and "/usr" will be moved into the squashfs image.
"/init" will be renamed to "/init.stock" and replaced by "/init.squash".
Files and folders need to be accessible before mounting the image will
be still avaliable at their original place. And due to squashfs is
readonly, an overlayfs layer will be created on top of squashfs mount
point, as many dracut module require readwrite access to "/etc" and
"/usr", "init.squash" will ultimately call "/init.stock".
An extra systemd service will be installed. This service will umount all
squashfs related mount points right before switch-root to release
resources properly. This service will not actually do anything if
switch-root is not used.
This is very helpful when mem resource is very limited, like Kdump.
According to my tests, this squash module can help save about 35MB of
memory with 64K page size, or about 15MB with 4K page size on an
ordinary kdump capture routine. This module could also help reduce
memory usage for normal boot up process.
Won't change any behavior if squash module is not enabled.
Alexander Tsoy [Sat, 8 Sep 2018 23:47:09 +0000 (02:47 +0300)]
install: avoid non-portable __WORDSIZE
Lets not unnecessarily rely on __WORDSIZE, which is not clearly specified
by any spec. Use explicit size comparisons if we're not interested in the
WORDSIZE, anyway.
Alexander Tsoy [Sat, 8 Sep 2018 14:02:03 +0000 (17:02 +0300)]
Prevent environment leaking into initrd-release
On my system the following initrd-release is generated:
...
VERSION="4 dracut-048 dracut-048"
...
VERSION is not defined in /etc/os-release, so the variable is
concatenated with its previous value:
* "4" comes from the kernel build system since dracut is called from the
kernel install hook ("4" is a major kernel version);
* first "dracut-048" comes from the "systemd-initrd" module;
* second "dracut-048" comes from the "base" module.