dracut 060

This section is a modified version of +http://en.wikipedia.org/wiki/Initrd which is licensed under the +Creative Commons Attribution/Share-Alike License.

ChapterÂ 1.Â Definition

An initial ramdisk is a temporary file system used in the boot process of the +Linux kernel. initrd and initramfs refer to slightly different schemes for +loading this file system into memory. Both are commonly used to make +preparations before the real root file system can be mounted.

ChapterÂ 2.Â Rationale

Many Linux distributions ship a single, generic kernel image that is intended to +boot as wide a variety of hardware as possible. The device drivers for this +generic kernel image are included as loadable modules, as it is not possible to +statically compile them all into the one kernel without making it too large to +boot from computers with limited memory or from lower-capacity media like floppy +disks.

This then raises the problem of detecting and loading the modules necessary to +mount the root file system at boot time (or, for that matter, deducing where or +what the root file system is).

To further complicate matters, the root file system may be on a software RAID +volume, LVM, NFS (on diskless workstations), or on an encrypted partition. All +of these require special preparations to mount.

Another complication is kernel support for hibernation, which suspends the +computer to disk by dumping an image of the entire system to a swap partition or +a regular file, then powering off. On next boot, this image has to be made +accessible before it can be loaded back into memory.

To avoid having to hardcode handling for so many special cases into the kernel, +an initial boot stage with a temporary root file system +ânow dubbed early user spaceâ is used. This root file system would contain +user-space helpers that would do the hardware detection, module loading and +device discovery necessary to get the real root file system mounted.

ChapterÂ 3.Â Implementation

An image of this initial root file system (along with the kernel image) must be +stored somewhere accessible by the Linux bootloader or the boot firmware of the +computer. This can be:

+The root file system itself +
+A boot image on an optical disc +
+A small ext2/ext3/ext4 or FAT-formatted partition on a local disk + (a boot partition) +
+A TFTP server (on systems that can boot from Ethernet) +

The bootloader will load the kernel and initial root file system image into +memory and then start the kernel, passing in the memory address of the image.

Depending on which algorithms were compiled statically into it, the kernel can +currently unpack initrd/initramfs images compressed with gzip, bzip2 and LZMA.

ChapterÂ 4.Â Mount preparations

dracut can generate a customized initramfs image which contains only whatever is +necessary to boot some particular computer, such as ATA, SCSI and filesystem +kernel modules (host-only mode).

dracut can also generate a more generic initramfs image (default mode).

dracutâs initramfs starts only with the device name of the root file system (or +its UUID) and must discover everything else at boot time. A complex cascade of +tasks must be performed to get the root file system mounted:

+Any hardware drivers that the boot process depends on must be loaded. All +kernel modules for common storage devices are packed onto the initramfs and then +udev pulls in modules matching the computerâs detected hardware. +
+On systems which display a boot rd.splash screen, the video hardware must be +initialized and a user-space helper started to paint animations onto the display +in lockstep with the boot process. +
+If the root file system is on NFS, dracut does then: +
- +Bring up the primary network interface. +
- +Invoke a DHCP client, with which it can obtain a DHCP lease. +
- +Extract the name of the NFS share and the address of the NFS server from the +lease. +
- +Mount the NFS share. +
+If the root file system appears to be on a software RAID device, there is no +way of knowing which devices the RAID volume spans; the standard MD utilities +must be invoked to scan all available block devices with a raid signature and +bring the required ones online. +
+If the root file system appears to be on a logical volume, the LVM utilities +must be invoked to scan for and activate the volume group containing it. +
+If the root file system is on an encrypted block device: +
- +Invoke a helper script to prompt the user to type in a passphrase and/or +insert a hardware token (such as a smart card or a USB security dongle). +
+Create a decryption target with the device mapper. +

dracut uses udev, an event-driven hotplug agent, which invokes helper programs +as hardware devices, disk partitions and storage volumes matching certain rules +come online. This allows discovery to run in parallel, and to progressively +cascade into arbitrary nestings of LVM, RAID or encryption to get at the root +file system.

When the root file system finally becomes visible:

+Any maintenance tasks which cannot run on a mounted root file system +are done. +
+The root file system is mounted read-only. +
+Any processes which must continue running (such as the rd.splash screen helper +and its command FIFO) are hoisted into the newly-mounted root file system. +

The final root file system cannot simply be mounted over /, since that would +make the scripts and tools on the initial root file system inaccessible for any +final cleanup tasks. On an initramfs, the initial root file system cannot be +rotated away. Instead, it is simply emptied and the final root file system +mounted over the top.

If the systemd module is used in the initramfs, the ordering of the services +started looks like ChapterÂ 12, DRACUT.BOOTUP(7).

ChapterÂ 5.Â Dracut on shutdown

On a systemd driven system, the dracut initramfs is also used for the shutdown +procedure.

The following steps are executed during a shutdown:

+systemd switches to the shutdown.target +
+systemd starts + $prefix/lib/systemd/system/shutdown.target.wants/dracut-shutdown.service +
+dracut-shutdown.service executes /usr/lib/dracut/dracut-initramfs-restore + which unpacks the initramfs to /run/initramfs +
+systemd finishes shutdown.target +
+systemd kills all processes +
+systemd tries to unmount everything and mounts the remaining read-only +
+systemd checks, if there is a /run/initramfs/shutdown executable +
+if yes, it does a pivot_root to /run/initramfs and executes ./shutdown. + The old root is then mounted on /oldroot. + /usr/lib/dracut/modules.d/99shutdown/shutdown.sh is the shutdown executable. +
+shutdown will try to unmount every /oldroot mount and calls the various + shutdown hooks from the dracut modules +

This ensures, that all devices are disassembled and unmounted cleanly.

PartÂ II.Â User Manual

Table of Contents

Inspecting the Contents
Adding dracut Modules
Omitting dracut Modules
Adding Kernel Modules
Boot parameters
Injecting custom Files
Network Boot

Troubleshooting

Identifying your problem area
Information to include in your report
Debugging dracut

OPTIONS

ENVIRONMENT

FILES

Configuration in the initramfs

AVAILABILITY

AUTHORS

SEE ALSO

7. DRACUT.CONF(5)

NAME
SYNOPSIS
Description
Files
AUTHOR
See Also

8. DRACUT.CMDLINE(7)

NAME

DESCRIPTION

Standard
iso-scan/filename
Misc
Debug
I18N
LVM
crypto LUKS
crypto LUKS - key on removable device support
MD RAID
DM RAID
MULTIPATH
FIPS
Network
NFS
CIFS
iSCSI
FCoE
NVMf
NBD
VIRTIOFS
DASD
ZFCP
ZNET
Booting live images
ZIPL
CIO_IGNORE
Plymouth Boot Splash
Kernel keys
Deprecated, renamed Options
Configuration in the Initramfs

AUTHOR

SEE ALSO

9. LSINITRD(1)

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
AVAILABILITY
AUTHORS
SEE ALSO

10. Developer Manual

11. DRACUT.MODULES(7)

NAME

DESCRIPTION

Boot Process Stages

Hook: cmdline
Hook: pre-udev
Start Udev
Hook: pre-trigger
Trigger Udev
Main Loop
Hook: pre-mount
Hook: mount
Hook: pre-pivot
Hook: cleanup
Cleanup and switch_root

Network Infrastructure

Writing a Module

module-setup.sh: check()
module-setup.sh: depends()
module-setup.sh: cmdline()
module-setup.sh: install()
module-setup.sh: installkernel()
Creation Functions
Initramfs Functions
Network Modules

AUTHOR

SEE ALSO

12. DRACUT.BOOTUP(7)

NAME
DESCRIPTION
AUTHOR
SEE ALSO

A. License

ChapterÂ 6.Â DRACUT(8)

NAME

dracut - low-level tool for generating an initramfs/initrd image

SYNOPSIS

dracut [OPTIONâ¦] [<image> [<kernel version>]]

DESCRIPTION

Create an initramfs <image> for the kernel with the version <kernel version>. +If <kernel version> is omitted, then the version of the actual running +kernel is used. If <image> is omitted or empty, depending on bootloader +specification, the default location can be +/efi/<machine-id>/<kernel-version>/initrd, +/boot/<machine-id>/<kernel-version>/initrd, +/boot/efi/<machine-id>/<kernel-version>/initrd, +/lib/modules/<kernel-version>/initrd or +/boot/initramfs-<kernel-version>.img.

dracut creates an initial image used by the kernel for preloading the block +device modules (such as IDE, SCSI or RAID) which are needed to access the root +filesystem, mounting the root filesystem and booting into the real system.

At boot time, the kernel unpacks that archive into RAM disk, mounts and uses it +as initial root file system. All finding of the root device happens in this +early userspace.

Initramfs images are also called "initrd".

For a complete list of kernel command line options see dracut.cmdline(7).

If you are dropped to an emergency shell, while booting your initramfs, +the file /run/initramfs/rdsosreport.txt is created, which can be saved to a +(to be mounted by hand) partition (usually /boot) or a USB stick. +Additional debugging info can be produced by adding rd.debug to the kernel +command line. /run/initramfs/rdsosreport.txt contains all logs and the output +of some tools. It should be attached to any report about dracut problems.

USAGE

To create a initramfs image, the most simple command is:

# dracut

This will generate a general purpose initramfs image, with all possible +functionality resulting of the combination of the installed dracut modules and +system tools. The image, depending on bootloader specification, can be +/efi/<machine-id>/<kernel-version>/initrd, +/boot/<machine-id>/<kernel-version>/initrd, +/boot/efi/<machine-id>/<kernel-version>/initrd, +/lib/modules/<kernel-version>/initrd or +/boot/initramfs-<kernel-version>.img and contains the kernel modules of +the currently active kernel with version <kernel-version>.

If the initramfs image already exists, dracut will display an error message, and +to overwrite the existing image, you have to use the --force option.

# dracut --force

If you want to specify another filename for the resulting image you would issue +a command like:

# dracut foobar.img

To generate an image for a specific kernel version, the command would be:

# dracut foobar.img 2.6.40-1.rc5.f20

A shortcut to generate the image at the default location for a specific kernel +version is:

# dracut --kver 2.6.40-1.rc5.f20

If you want to create lighter, smaller initramfs images, you may want to specify +the --hostonly or -H option. Using this option, the resulting image will +contain only those dracut modules, kernel modules and filesystems, which are +needed to boot this specific machine. This has the drawback, that you canât put +the disk on another controller or machine, and that you canât switch to another +root filesystem, without recreating the initramfs image. The usage of the +--hostonly option is only for experts and you will have to keep the broken +pieces. At least keep a copy of a general purpose image (and corresponding +kernel) as a fallback to rescue your system.

Inspecting the Contents

To see the contents of the image created by dracut, you can use the lsinitrd +tool.

# lsinitrd | less

To display the contents of a file in the initramfs also use the lsinitrd tool:

# lsinitrd -f /etc/ld.so.conf
+include ld.so.conf.d/*.conf

Adding dracut Modules

Some dracut modules are turned off by default and have to be activated manually. +You can do this by adding the dracut modules to the configuration file +/etc/dracut.conf or /etc/dracut.conf.d/myconf.conf. See dracut.conf(5). +You can also add dracut modules on the command line +by using the -a or --add option:

# dracut --add module initramfs-module.img

To see a list of available dracut modules, use the --list-modules option:

# dracut --list-modules

Omitting dracut Modules

Sometimes you donât want a dracut module to be included for reasons of speed, +size or functionality. To do this, either specify the omit_dracutmodules +variable in the dracut.conf or /etc/dracut.conf.d/myconf.conf configuration +file (see dracut.conf(5)), or use the -o or --omit option +on the command line:

# dracut -o "multipath lvm" no-multipath-lvm.img

Adding Kernel Modules

If you need a special kernel module in the initramfs, which is not +automatically picked up by dracut, you have the use the --add-drivers option +on the command line or the drivers variable in the /etc/dracut.conf +or /etc/dracut.conf.d/myconf.conf configuration file (see dracut.conf(5)):

# dracut --add-drivers mymod initramfs-with-mymod.img

Boot parameters

An initramfs generated without the "hostonly" mode, does not contain any system +configuration files (except for some special exceptions), so the configuration +has to be done on the kernel command line. With this flexibility, you can easily +boot from a changed root partition, without the need to recompile the initramfs +image. So, you could completely change your root partition (move it inside a md +raid with encryption and LVM on top), as long as you specify the correct +filesystem LABEL or UUID on the kernel command line for your root device, dracut +will find it and boot from it.

The kernel command line can also be provided by the dhcp server with the +root-path option. See the section called âNetwork Bootâ.

For a full reference of all kernel command line parameters, +see dracut.cmdline(7).

To get a quick start for the suitable kernel command line on your system, +use the --print-cmdline option:

# dracut --print-cmdline
+ root=UUID=8b8b6f91-95c7-4da2-831b-171e12179081 rootflags=rw,relatime,discard,data=ordered rootfstype=ext4

Specifying the root Device

This is the only option dracut really needs to boot from your root partition. +Because your root partition can live in various environments, there are a lot of +formats for the root= option. The most basic one is root=<path to device +node>:

root=/dev/sda2

Because device node names can change, dependent on the drive ordering, you are +encouraged to use the filesystem identifier (UUID) or filesystem label (LABEL) +to specify your root partition:

root=UUID=19e9dda3-5a38-484d-a9b0-fa6b067d0331

root=LABEL=myrootpartitionlabel

To see all UUIDs or LABELs on your system, do:

# ls -l /dev/disk/by-uuid

# ls -l /dev/disk/by-label

If your root partition is on the network see the section called âNetwork Bootâ.

Keyboard Settings

If you have to input passwords for encrypted disk volumes, you might want to set +the keyboard layout and specify a display font.

A typical german kernel command line would contain:

rd.vconsole.font=eurlatgr rd.vconsole.keymap=de-latin1-nodeadkeys rd.locale.LANG=de_DE.UTF-8

Setting these options can override the setting stored on your system, if you use +a modern init system, like systemd.

Blacklisting Kernel Modules

Sometimes it is required to prevent the automatic kernel module loading of a +specific kernel module. To do this, just add rd.driver.blacklist=<kernel +module name>, with <kernel module name> not containing the .ko +suffix, to the kernel command line. For example:

rd.driver.blacklist=mptsas rd.driver.blacklist=nouveau

The option can be specified multiple times on the kernel command line.

Speeding up the Boot Process

If you want to speed up the boot process, you can specify as much information +for dracut on the kernel command as possible. For example, you can tell dracut, +that you root partition is not on a LVM volume or not on a raid partition, or +that it lives inside a specific crypto LUKS encrypted volume. By default, dracut +searches everywhere. A typical dracut kernel command line for a plain primary or +logical partition would contain:

rd.luks=0 rd.lvm=0 rd.md=0 rd.dm=0

This turns off every automatic assembly of LVM, MD raids, DM raids and +crypto LUKS.

Of course, you could also omit the dracut modules in the initramfs creation +process, but then you would lose the possibility to turn it on on demand.

Injecting custom Files

To add your own files to the initramfs image, you have several possibilities.

The --include option let you specify a source path and a target path. +For example

# dracut --include cmdline-preset /etc/cmdline.d/mycmdline.conf initramfs-cmdline-pre.img

will create an initramfs image, where the file cmdline-preset will be copied +inside the initramfs to /etc/cmdline.d/mycmdline.conf. --include can only +be specified once.

# mkdir -p rd.live.overlay/etc/cmdline.d
+# mkdir -p rd.live.overlay/etc/conf.d
+# echo "ip=dhcp" >> rd.live.overlay/etc/cmdline.d/mycmdline.conf
+# echo export FOO=testtest >> rd.live.overlay/etc/conf.d/testvar.conf
+# echo export BAR=testtest >> rd.live.overlay/etc/conf.d/testvar.conf
+# tree rd.live.overlay/
+rd.live.overlay/
+`-- etc
+    |-- cmdline.d
+    |   `-- mycmdline.conf
+    `-- conf.d
+        `-- testvar.conf
+
+# dracut --include rd.live.overlay / initramfs-rd.live.overlay.img

This will put the contents of the rd.live.overlay directory into the root of the +initramfs image.

The --install option let you specify several files, which will get installed in +the initramfs image at the same location, as they are present on initramfs +creation time.

# dracut --install 'strace fsck.ext4 ssh' initramfs-dbg.img

This will create an initramfs with the strace, fsck.ext4 and ssh executables, +together with the libraries needed to start those. The --install option can be +specified multiple times.

Network Boot

If your root partition is on a network drive, you have to have the network +dracut modules installed to create a network aware initramfs image.

If you specify ip=dhcp on the kernel command line, then dracut asks a dhcp +server about the ip address for the machine. The dhcp server can also serve an +additional root-path, which will set the root device for dracut. With this +mechanism, you have static configuration on your client machine and a +centralized boot configuration on your TFTP/DHCP server. If you canât pass a +kernel command line, then you can inject /etc/cmdline.d/mycmdline.conf, with a +method described in the section called âInjecting custom Filesâ.

Reducing the Image Size

To reduce the size of the initramfs, you should create it with by omitting all +dracut modules, which you know, you donât need to boot the machine.

You can also specify the exact dracut and kernel modules to produce a very tiny +initramfs image.

For example for a NFS image, you would do:

# dracut -m "nfs network base" initramfs-nfs-only.img

Then you would boot from this image with your target machine and reduce the size +once more by creating it on the target machine with the --host-only option:

# dracut -m "nfs network base" --host-only initramfs-nfs-host-only.img

This will reduce the size of the initramfs image significantly.

Troubleshooting

If the boot process does not succeed, you have several options to debug the +situation.

Identifying your problem area

+Remove 'rhgb' and 'quiet' from the kernel command line +
+Add 'rd.shell' to the kernel command line. This will present a shell should +dracut be unable to locate your root device +
+Add 'rd.shell rd.debug log_buf_len=1M' to the kernel command line so that +dracut shell commands are printed as they are executed +
+The file /run/initramfs/rdsosreport.txt is generated, +which contains all the logs and the output of all significant tools, which are +mentioned later. +

If you want to save that output, simply mount /boot by hand or insert an USB +stick and mount that. Then you can store the output for later inspection.

Information to include in your report

All bug reports

In all cases, the following should be mentioned and attached to your bug report:

+The exact kernel command-line used. Typically from the bootloader +configuration file (e.g. /boot/grub2/grub.cfg) or from /proc/cmdline. +
+A copy of your disk partition information from /etc/fstab, which might be +obtained booting an old working initramfs or a rescue medium. +
+Turn on dracut debugging (see the debugging dracut section), and attach +the file /run/initramfs/rdsosreport.txt. +
+If you use a dracut configuration file, please include /etc/dracut.conf and +all files in /etc/dracut.conf.d/*.conf +

Network root device related problems

This section details information to include when experiencing problems on a +system whose root device is located on a network attached volume (e.g. iSCSI, +NFS or NBD). As well as the information from the section called âAll bug reportsâ, include the +following information:

+Please include the output of +

# /sbin/ifup <interfacename>
+# ip addr show

Debugging dracut

Configure a serial console

Successfully debugging dracut will require some form of console +logging during the system boot. This section documents configuring a +serial console connection to record boot messages.

+First, enable serial console output for both the kernel and the bootloader. +
+Open the file /boot/grub2/grub.cfg for editing. Below the line 'timeout=5', add +the following: +
```
serial --unit=0 --speed=9600
+terminal --timeout=5 serial console
```
+Also in /boot/grub2/grub.cfg, add the following boot arguments to the 'kernel' +line: +
```
console=tty0 console=ttyS0,9600
```

+When finished, the /boot/grub2/grub.cfg file should look similar to the example +below. +

default=0
+timeout=5
+serial --unit=0 --speed=9600
+terminal --timeout=5 serial console
+title Fedora (2.6.29.5-191.fc11.x86_64)
+  root (hd0,0)
+  kernel /vmlinuz-2.6.29.5-191.fc11.x86_64 ro root=/dev/mapper/vg_uc1-lv_root console=tty0 console=ttyS0,9600
+  initrd /dracut-2.6.29.5-191.fc11.x86_64.img

+More detailed information on how to configure the kernel for console output +can be found at +http://www.faqs.org/docs/Linux-HOWTO/Remote-Serial-Console-HOWTO.html#CONFIGURE-KERNEL. +
+Redirecting non-interactive output +
Note
You can redirect all non-interactive output to /dev/kmsg and the kernel +will put it out on the console when it reaches the kernel buffer by doing
```
# exec >/dev/kmsg 2>&1 </dev/console
```

Using the dracut shell

dracut offers a shell for interactive debugging in the event dracut fails to +locate your root filesystem. To enable the shell:

+Add the boot parameter 'rd.shell' to your bootloader configuration file +(e.g. /boot/grub2/grub.cfg) +

+Remove the boot arguments 'rhgb' and 'quiet' +

A sample /boot/grub2/grub.cfg bootloader configuration file is listed below.

default=0
+timeout=5
+serial --unit=0 --speed=9600
+terminal --timeout=5 serial console
+title Fedora (2.6.29.5-191.fc11.x86_64)
+  root (hd0,0)
+  kernel /vmlinuz-2.6.29.5-191.fc11.x86_64 ro root=/dev/mapper/vg_uc1-lv_root console=tty0 rd.shell
+  initrd /dracut-2.6.29.5-191.fc11.x86_64.img

+If system boot fails, you will be dropped into a shell as seen in the example +below. +
```
No root device found
+Dropping to debug shell.
+
+#
```
+Use this shell prompt to gather the information requested above +(see the section called âAll bug reportsâ). +

Accessing the root volume from the dracut shell

From the dracut debug shell, you can manually perform the task of locating and +preparing your root volume for boot. The required steps will depend on how your +root volume is configured. Common scenarios include:

+A block device (e.g. /dev/sda7) +
+A LVM logical volume (e.g. /dev/VolGroup00/LogVol00) +
+An encrypted device + (e.g. /dev/mapper/luks-4d5972ea-901c-4584-bd75-1da802417d83) +
+A network attached device + (e.g. netroot=iscsi:@192.168.0.4::3260::iqn.2009-02.org.example:for.all) +

The exact method for locating and preparing will vary. However, to continue with +a successful boot, the objective is to locate your root volume and create a +symlink /dev/root which points to the file system. For example, the following +example demonstrates accessing and booting a root volume that is an encrypted +LVM Logical volume.

+Inspect your partitions using parted +

# parted /dev/sda -s p
+Model: ATA HTS541060G9AT00 (scsi)
+Disk /dev/sda: 60.0GB
+Sector size (logical/physical): 512B/512B
+Partition Table: msdos
+Number  Start   End     Size    Type      File system  Flags
+1      32.3kB  10.8GB  107MB   primary   ext4         boot
+2      10.8GB  55.6GB  44.7GB  logical                lvm

+You recall that your root volume was a LVM logical volume. Scan and activate +any logical volumes. +
```
# lvm vgscan
+# lvm vgchange -ay
```

+You should see any logical volumes now using the command blkid: +

# blkid
+/dev/sda1: UUID="3de247f3-5de4-4a44-afc5-1fe179750cf7" TYPE="ext4"
+/dev/sda2: UUID="Ek4dQw-cOtq-5MJu-OGRF-xz5k-O2l8-wdDj0I" TYPE="LVM2_member"
+/dev/mapper/linux-root: UUID="def0269e-424b-4752-acf3-1077bf96ad2c" TYPE="crypto_LUKS"
+/dev/mapper/linux-home: UUID="c69127c1-f153-4ea2-b58e-4cbfa9257c5e" TYPE="ext4"
+/dev/mapper/linux-swap: UUID="47b4d329-975c-4c08-b218-f9c9bf3635f1" TYPE="swap"

+From the output above, you recall that your root volume exists on an encrypted +block device. Following the guidance disk encryption guidance from the +Installation Guide, you unlock your encrypted root volume. +
```
# UUID=$(cryptsetup luksUUID /dev/mapper/linux-root)
+# cryptsetup luksOpen /dev/mapper/linux-root luks-$UUID
+Enter passphrase for /dev/mapper/linux-root:
+Key slot 0 unlocked.
```
+Next, make a symbolic link to the unlocked root volume +
```
# ln -s /dev/mapper/luks-$UUID /dev/root
```
+With the root volume available, you may continue booting the system by exiting +the dracut shell +
```
# exit
```

Additional dracut boot parameters

For more debugging options, see dracut.cmdline(7).

Debugging dracut on shutdown

To debug the shutdown sequence on systemd systems, you can rd.break +on pre-shutdown or shutdown.

To do this from an already booted system:

# mkdir -p /run/initramfs/etc/cmdline.d
+# echo "rd.debug rd.break=pre-shutdown rd.break=shutdown" > /run/initramfs/etc/cmdline.d/debug.conf
+# touch /run/initramfs/.need_shutdown

This will give you a dracut shell after the system pivotâed back in the +initramfs.

OPTIONS

+--kver <kernel version> +: + Set the kernel version. This enables to specify the kernel version, without + specifying the location of the initramfs image. For example: +

# dracut --kver 3.5.0-0.rc7.git1.2.fc18.x86_64

+-f, --force +

+ Overwrite existing initramfs file. +

+<output file> --rebuild +

+ Append the current arguments to those with which the input initramfs image + was built. This option helps in incrementally building the initramfs for + testing. If optional <output file> is not provided, the input initramfs + provided to rebuild will be used as output file. +

+-a, --addÂ <list of dracut modules> +

+ Add a space-separated list of dracut modules to the default set of modules. + This parameter can be specified multiple times. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --add "module1 module2"  ...

+--force-addÂ <list of dracut modules> +

+ Force to add a space-separated list of dracut modules to the default set of + modules, when -H is specified. This parameter can be specified multiple + times. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --force-add "module1 module2"  ...

+-o, --omitÂ <list of dracut modules> +

+ Omit a space-separated list of dracut modules. This parameter can be + specified multiple times. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --omit "module1 module2"  ...

+-m, --modules <list of dracut modules> +

+ Specify a space-separated list of dracut modules to call when building the + initramfs. Modules are located in /usr/lib/dracut/modules.d. This + parameter can be specified multiple times. + This option forces dracut to only include the specified dracut modules. + In most cases the "--add" option is what you want to use. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --modules "module1 module2"  ...

+-d, --driversÂ <list of kernel modules> +

+ Specify a space-separated list of kernel modules to exclusively include + in the initramfs. The kernel modules have to be specified without the ".ko" + suffix. This parameter can be specified multiple times. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --drivers "kmodule1 kmodule2"  ...

+--add-driversÂ <list of kernel modules> +

+ Specify a space-separated list of kernel modules to add to the initramfs. + The kernel modules have to be specified without the ".ko" suffix. This + parameter can be specified multiple times. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --add-drivers "kmodule1 kmodule2"  ...

+--force-drivers <list of kernel modules> +

+ See add-drivers above. But in this case it is ensured that the drivers + are tried to be loaded early via modprobe. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --force-drivers "kmodule1 kmodule2"  ...

+--omit-driversÂ <list of kernel modules> +

+ Specify a space-separated list of kernel modules not to add to the + initramfs. + The kernel modules have to be specified without the ".ko" suffix. This + parameter can be specified multiple times. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --omit-drivers "kmodule1 kmodule2"  ...

+--filesystemsÂ <list of filesystems> +

+ Specify a space-separated list of kernel filesystem modules to exclusively + include in the generic initramfs. This parameter can be specified multiple + times. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --filesystems "filesystem1 filesystem2"  ...

+-k, --kmoddirÂ <kernel directory> +

+ Specify the directory, where to look for kernel modules. +

+--fwdirÂ <dir>[:<dir>â¦]++ +

+ Specify additional directories, where to look for firmwares. This parameter + can be specified multiple times. +

+--libdirsÂ <list of directories> +

+ Specify a space-separated list of directories to look for libraries to + include in the generic initramfs. This parameter can be specified multiple + times. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --libdirs "dir1 dir2"  ...

+--kernel-cmdline <parameters> +

+ Specify default kernel command line parameters. +

+--kernel-only +

+ Only install kernel drivers and firmware files. +

+--no-kernel +

+ Do not install kernel drivers and firmware files. +

+--early-microcode +

+ Combine early microcode with ramdisk. +

+--no-early-microcode +

+ Do not combine early microcode with ramdisk. +

+--print-cmdline +

+ Print the kernel command line for the current disk layout. +

+--mdadmconf +

+ Include local /etc/mdadm.conf file. +

+--nomdadmconf +

+ Do not include local /etc/mdadm.conf file. +

+--lvmconf +

+ Include local /etc/lvm/lvm.conf file. +

+--nolvmconf +

+ Do not include local /etc/lvm/lvm.conf file. +

+--fscks <list of fsck tools> +

+ Add a space-separated list of fsck tools, in addition to dracut.conf's + specification; the installation is opportunistic (non-existing tools are + ignored). +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --fscks "fsck.foo barfsck"  ...

+--nofscks +

+ Inhibit installation of any fsck tools. +

+--strip +

+ Strip binaries in the initramfs (default). +

+--aggressive-strip +

+ Strip more than just debug symbol and sections, for a smaller initramfs + build. The --strip option must also be specified. +

+--nostrip +

+ Do not strip binaries in the initramfs. +

+--hardlink +

+ Hardlink files in the initramfs (default). +

+--nohardlink +

+ Do not hardlink files in the initramfs. +

+--prefixÂ <dir> +

+ Prefix initramfs files with the specified directory. +

+--noprefix +

+ Do not prefix initramfs files (default). +

+-h, --help +

+ Display help text and exit. +

+--debug +

+ Output debug information of the build process. +

+-v, --verbose +

+ Increase verbosity level (default is info(4)). +

+--version +

+ Display version and exit. +

+-q, --quiet +

+ Decrease verbosity level (default is info(4)). +

+-c, --confÂ <dracut configuration file> +

+ Specify configuration file to use. +

Default: + /etc/dracut.conf

+--confdirÂ <configuration directory> +

+ Specify configuration directory to use. +

Default: + /etc/dracut.conf.d

+--tmpdirÂ <temporary directory> +

+ Specify temporary directory to use. +

Default: + /var/tmp

+-r, --sysroot <sysroot directory> +

+ Specify the sysroot directory to collect files from. + This is useful to create the initramfs image from + a cross-compiled sysroot directory. For the extra helper + variables, see ENVIRONMENT below. +

Default: + empty

+--sshkeyÂ <sshkey file> +

+ SSH key file used with ssh-client module. +

+--logfileÂ <logfile> +

+ Logfile to use; overrides any setting from the configuration files. +

Default: + /var/log/dracut.log

+-l, --local +

+ Activates the local mode. dracut will use modules from the current working + directory instead of the system-wide installed modules in + /usr/lib/dracut/modules.d. + This is useful when running dracut from a git checkout. +

+-H, --hostonly +

+ Host-only mode: Install only what is needed for booting the local host + instead of a generic host and generate host-specific configuration. +

Warning

If chrooted to another root other than the real root device, use "--fstab" and +provide a valid /etc/fstab.

+-N, --no-hostonly +

+ Disable host-only mode. +

+--hostonly-mode <mode> +

+ Specify the host-only mode to use. <mode> could be one of "sloppy" or + "strict". + In "sloppy" host-only mode, extra drivers and modules will be installed, so + minor hardware change wonât make the image unbootable (e.g. changed + keyboard), and the image is still portable among similar hosts. + With "strict" mode enabled, anything not necessary for booting the local + host in its current state will not be included, and modules may do some + extra job to save more space. Minor change of hardware or environment could + make the image unbootable. +

Default: + sloppy

+--hostonly-cmdline +

+ Store kernel command line arguments needed in the initramfs. +

+--no-hostonly-cmdline +

+ Do not store kernel command line arguments needed in the initramfs. +

+--no-hostonly-default-device +

+ Do not generate implicit host devices like root, swap, fstab, etc. + Use "--mount" or "--add-device" to explicitly add devices as needed. +

+--hostonly-i18n +

+ Install only needed keyboard and font files according to the host + configuration (default). +

+--no-hostonly-i18n +

+ Install all keyboard and font files available. +

+--hostonly-nics <list of nics> +

+ Only enable listed NICs in the initramfs. The list can be empty, so other + modules can install only the necessary network drivers. +

+--persistent-policy <policy> +

+ Use <policy> to address disks and partitions. + <policy> can be any directory name found in /dev/disk (e.g. "by-uuid", + "by-label"), or "mapper" to use /dev/mapper device names (default). +

+--fstab +

+ Use /etc/fstab instead of /proc/self/mountinfo. +

+--add-fstab <filename> +

+ Add entries of <filename> to the initramfs /etc/fstab. +

+--mountÂ "<device> <mountpoint> <filesystem type> [<filesystem options> [<dump frequency> [<fsck order>]]]" +

+ Mount <device> on <mountpoint> with <filesystem type> in the + initramfs. <filesystem options>, <dump options> and <fsck order> can + be specified, see fstab manpage for the details. + The default <filesystem options> is "defaults". + The default <dump frequency> is "0". + The default <fsck order> is "2". +

+--mount "<mountpoint>" +

+ Like above, but <device>, <filesystem type> and <filesystem options> + are determined by looking at the current mounts. +

+--add-device <device> +

+ Bring up <device> in initramfs, <device> should be the device name. + This can be useful in host-only mode for resume support when your swap is on + LVM or an encrypted partition. + [NB --device can be used for compatibility with earlier releases] +

+-i, --include <SOURCE> <TARGET> +

+ Include the files in the SOURCE directory into the + TARGET directory in the final initramfs. If SOURCE is a file, it will be + installed to TARGET in the final initramfs. This parameter can be specified + multiple times. +

+-I, --install <file list> +

+ Install the space separated list of files into the initramfs. +

Note

If the list has multiple arguments, then you have to put these in quotes. For +example:

# dracut --install "/bin/foo /sbin/bar"  ...

+--install-optional <file list> +

+ Install the space separated list of files into the initramfs, if they exist. +

+--gzip +

+ Compress the generated initramfs using gzip. This will be done by default, + unless another compression option or --no-compress is passed. Equivalent to + "--compress=gzip -9". +

+--bzip2 +

+ Compress the generated initramfs using bzip2. +

Warning

Make sure your kernel has bzip2 decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=bzip2 -9".

+--lzma +

+ Compress the generated initramfs using lzma. +

Warning

Make sure your kernel has lzma decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=lzma -9 -T0".

+--xz +

+ Compress the generated initramfs using xz. +

Warning

Make sure your kernel has xz decompression support compiled in, otherwise you +will not be able to boot. Equivalent to +"--compress=xz --check=crc32 --lzma2=dict=1MiB -T0".

+--lzo +

+ Compress the generated initramfs using lzop. +

Warning

Make sure your kernel has lzo decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=lzop -9".

+--lz4 +

+ Compress the generated initramfs using lz4. +

Warning

Make sure your kernel has lz4 decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=lz4 -l -9".

+--zstd +

+ Compress the generated initramfs using Zstandard. +

Warning

Make sure your kernel has zstd decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=zstd -15 -q -T0".

+--compressÂ <compressor> +

+ Compress the generated initramfs using the passed compression program. If + you pass it just the name of a compression program, it will call that + program with known-working arguments. If you pass a quoted string with + arguments, it will be called with exactly those arguments. Depending on what + you pass, this may result in an initramfs that the kernel cannot decompress. + The default value can also be set via the INITRD_COMPRESS environment + variable. +

+--squash-compressorÂ <compressor> +

+ Compress the squashfs image using the passed compressor and compressor + specific options for mksquashfs. You can refer to mksquashfs manual for + supported compressors and compressor specific options. If squash module is + not called when building the initramfs, this option will not take effect. +

+--no-compress +

+ Do not compress the generated initramfs. This will override any other + compression options. +

+--reproducible +

+ Create reproducible images. +

+--no-reproducible +

+ Do not create reproducible images. +

+--list-modules +

+ List all available dracut modules. +

+-M, --show-modules +

+ Print included moduleâs name to standard output during build. +

+--keep +

+ Keep the initramfs temporary directory for debugging purposes. +

+--printsize +

+ Print out the module install size. +

+--profile +

+ Output profile information of the build process. +

+--ro-mnt +

+ Mount / and /usr read-only by default. +

+-L, --stdlogÂ <level> +

+ [0-6] Specify logging level (to standard error). +

          0 - suppress any messages
+          1 - only fatal errors
+          2 - all errors
+          3 - warnings
+          4 - info
+          5 - debug info (here starts lots of output)
+          6 - trace info (and even more)

+--regenerate-all +: + Regenerate all initramfs images at the default location with the kernel + versions found on the system. Additional parameters are passed through. +
+-p, --parallel +: + Try to execute tasks in parallel. Currently only supported with + --regenerate-all (build initramfs images for all kernel + versions simultaneously). +
+--noimageifnotneeded +: + Do not create an image in host-only mode, if no kernel driver is needed +and no /etc/cmdline/*.conf will be generated into the initramfs. +
+--loginstall <directory> +: + Log all files installed from the host to <directory>. +
+--uefi +: + Instead of creating an initramfs image, dracut will create an UEFI + executable, which can be executed by an UEFI BIOS. The default output + filename is <EFI>/EFI/Linux/linux-$kernel$-<MACHINE_ID>-<BUILD_ID>.efi. + <EFI> might be /efi, /boot or /boot/efi depending on where the ESP + partition is mounted. The <BUILD_ID> is taken from BUILD_ID in + /usr/lib/os-release or if it exists /etc/os-release and is left out, + if BUILD_ID is non-existent or empty. +
+--no-uefi +: + Disables UEFI mode. +
+--no-machineid +: + Affects the default output filename of --uefi and will discard the + <MACHINE_ID> part. +
+--uefi-stub <file> +: + Specifies the UEFI stub loader, which will load the attached kernel, + initramfs and kernel command line and boots the kernel. The default is + $prefix/lib/systemd/boot/efi/linux<EFI-MACHINE-TYPE-NAME>.efi.stub. +
+--uefi-splash-image <file> +: + Specifies the UEFI stub loaderâs splash image. Requires bitmap (.bmp) + image format. +
+--kernel-image <file> +: + Specifies the kernel image, which to include in the UEFI executable. The + default is /lib/modules/<KERNEL-VERSION>/vmlinuz or + /boot/vmlinuz-<KERNEL-VERSION>. +
+--sbat <parameters> +: + Specifies the SBAT parameters, which to include in the UEFI executable. By default + the default SBAT string added is "sbat,1,SBAT Version,sbat,1, + https://github.com/rhboot/shim/blob/main/SBAT.md". +
+--enhanced-cpio +: + Attempt to use the dracut-cpio binary, which optimizes archive creation for + copy-on-write filesystems by using the copy_file_range(2) syscall via Rustâs + io::copy(). When specified, initramfs archives are also padded to ensure + optimal data alignment for extent sharing. To retain reflink data + deduplication benefits, this should be used alongside the --no-compress + and --nostrip parameters, with initramfs source files, --tmpdir + staging area and destination all on the same copy-on-write capable + filesystem. +

ENVIRONMENT

+INITRD_COMPRESS +

+ sets the default compression program. See --compress. +

+DRACUT_LDCONFIG +

+ sets the ldconfig program path and options. Optional. + Used for --sysroot. +

Default: + ldconfig

+DRACUT_LDD +

+ sets the ldd program path and options. Optional. + Used for --sysroot. +

Default: + ldd

+DRACUT_TESTBIN +

+ sets the initially tested binary for detecting library paths. + Optional. Used for --sysroot. In the cross-compiled sysroot, + the default value (/bin/sh) is unusable, as it is an absolute + symlink and points outside the sysroot directory. +

Default: + /bin/sh

+DRACUT_INSTALL +

+ overrides path and options for executing dracut-install internally. + Optional. Can be used to debug dracut-install while running the + main dracut script. +

Default: + dracut-install

Example: + DRACUT_INSTALL="valgrind dracut-install"

+DRACUT_COMPRESS_BZIP2 +, +DRACUT_COMPRESS_LBZIP2 +, +DRACUT_COMPRESS_LZMA +, +DRACUT_COMPRESS_XZ +, +DRACUT_COMPRESS_GZIP +, +DRACUT_COMPRESS_PIGZ +, +DRACUT_COMPRESS_LZOP +, +DRACUT_COMPRESS_ZSTD +, +DRACUT_COMPRESS_LZ4 +, +DRACUT_COMPRESS_CAT +

+ overrides for compression utilities to support using them from + non-standard paths. +

Default values are the default compression utility names to be found in PATH.

+DRACUT_ARCH +

+ overrides the value of uname -m. Used for --sysroot. +

Default: + empty (the value of uname -m on the host system)

+SYSTEMD_VERSION +

+ overrides systemd version. Used for --sysroot. +

+SYSTEMCTL +

+ overrides the systemctl binary. Used for --sysroot. +

+NM_VERSION +

+ overrides the NetworkManager version. Used for --sysroot. +

+DRACUT_INSTALL_PATH +

+ overrides PATH environment for dracut-install to look for + binaries relative to --sysroot. In a cross-compiled environment + (e.g. Yocto), PATH points to natively built binaries that are not + in the hostâs /bin, /usr/bin, etc. dracut-install still needs plain + /bin and /usr/bin that are relative to the cross-compiled sysroot. +

Default: + PATH

+DRACUT_INSTALL_LOG_TARGET +

+ overrides DRACUT_LOG_TARGET for dracut-install. It allows + running dracut-install* to run with different log target that + dracut** runs with. +

Default: + DRACUT_LOG_TARGET

+DRACUT_INSTALL_LOG_LEVEL +

+ overrides DRACUT_LOG_LEVEL for dracut-install. It allows + running dracut-install* to run with different log level that + dracut** runs with. +

Default: + DRACUT_LOG_LEVEL

FILES

+/var/log/dracut.log +: + logfile of initramfs image creation +
+/tmp/dracut.log +: + logfile of initramfs image creation, if /var/log/dracut.log is not + writable +
+/etc/dracut.conf +: + see dracut.conf5 +
+/etc/dracut.conf.d/*.conf +: + see dracut.conf5 +
+/usr/lib/dracut/dracut.conf.d/*.conf +: + see dracut.conf5 +

Configuration in the initramfs

+/etc/conf.d/ +: + Any files found in /etc/conf.d/ will be sourced in the initramfs to + set initial values. Command line options will override these values + set in the configuration files. +
+/etc/cmdline +: + Can contain additional command line options. Deprecated, better use + /etc/cmdline.d/*.conf. +
+/etc/cmdline.d/*.conf +: + Can contain additional command line options. +

AVAILABILITY

The dracut command is part of the dracut package and is available from +https://github.com/dracut-ng/dracut-ng

AUTHORS

Harald Hoyer

Victor Lowther

Amadeusz Å»oÅnowski

Hannes Reinecke

Daniel Molkentin

Will Woods

Philippe Seewer

Warren Togami

ChapterÂ 7.Â DRACUT.CONF(5)

Table of Contents

NAME
SYNOPSIS
Description
Files
AUTHOR
See Also

NAME

dracut.conf - configuration file(s) for dracut

SYNOPSIS

/etc/dracut.conf +/etc/dracut.conf.d/*.conf +/usr/lib/dracut/dracut.conf.d/*.conf

Description

dracut.conf is loaded during the initialisation phase of dracut. Command line +parameter will override any values set here.

*.conf files are read from /usr/lib/dracut/dracut.conf.d and +/etc/dracut.conf.d. Files with the same name in /etc/dracut.conf.d will replace +files in /usr/lib/dracut/dracut.conf.d. +The files are then read in alphanumerical order and will override parameters +set in /etc/dracut.conf. Each line specifies an attribute and a value. A # +indicates the beginning of a comment; following characters, up to the end of the +line are not interpreted.

dracut command line options will override any values set here.

Configuration files must have the extension .conf; other extensions are ignored.

+add_dracutmodules+="Â <dracut modules>Â " +: + Add a space-separated list of dracut modules to call when building the + initramfs. Modules are located in /usr/lib/dracut/modules.d. +
+force_add_dracutmodules+="Â <dracut modules>Â " +: + Force to add a space-separated list of dracut modules to the default set of + modules, when host-only mode is specified. This parameter can be specified + multiple times. +
+omit_dracutmodules+="Â <dracut modules>Â " +: + Omit a space-separated list of dracut modules to call when building the + initramfs. Modules are located in /usr/lib/dracut/modules.d. +
+dracutmodules+="Â <dracut modules>Â " +: + Specify a space-separated list of dracut modules to call when building the + initramfs. Modules are located in /usr/lib/dracut/modules.d. + This option forces dracut to only include the specified dracut modules. + In most cases the "add_dracutmodules" option is what you want to use. +
+add_drivers+="Â <kernel modules>Â " +: + Specify a space-separated list of kernel modules to add to the initramfs. + The kernel modules have to be specified without the ".ko" suffix. +
+force_drivers+="Â <list of kernel modules>Â " +: + See add_drivers above. But in this case it is ensured that the drivers + are tried to be loaded early via modprobe. +
+omit_drivers+="Â <kernel modules>Â " +: + Specify a space-separated list of kernel modules not to add to the + initramfs. The kernel modules have to be specified without the ".ko" suffix. +
+drivers+="Â <kernel modules>Â " +: + Specify a space-separated list of kernel modules to exclusively include in + the initramfs. The kernel modules have to be specified without the ".ko" + suffix. +
+filesystems+="Â <filesystem names>Â " +: + Specify a space-separated list of kernel filesystem modules to exclusively + include in the generic initramfs. +
+drivers_dir="<kernel modules directory>" +: + Specify the directory where to look for kernel modules. +
+fw_dir+="Â :<dir>[:<dir>Â â¦]Â " +: + Specify additional colon-separated list of directories where to look for + firmware files. +
+libdirs+=" <dir>[ <dir>Â â¦] " +: + Specify a space-separated list of directories where to look for libraries. +
+install_items+="Â <file>[ <file>Â â¦]Â " +: + Specify additional files to include in the initramfs, separated by spaces. +
+install_optional_items+="Â <file>[ <file>Â â¦]Â " +: + Specify additional files to include in the initramfs, separated by spaces, + if they exist. +
+compress="{cat|bzip2|lzma|xz|gzip|lzop|lz4|zstd|<compressor [args â¦]>}" +: + Compress the generated initramfs using the passed compression program. If + you pass it just the name of a compression program, it will call that + program with known-working arguments. If you pass arguments, it will be + called with exactly those arguments. Depending on what you pass, this may + result in an initramfs that the kernel cannot decompress. + To disable compression, use "cat". +
+squash_compress="{<compressor [args â¦]>}" +: + Compress the squashfs image using the passed compressor and compressor + specific options for mksquashfs. You can refer to mksquashfs manual for + supported compressors and compressor specific options. If squash module is + not called when building the initramfs, this option will not take effect. +
+do_strip="{yes|no}" +: + Strip binaries in the initramfs (default=yes). +
+aggressive_strip="{yes|no}" +: + Strip more than just debug symbol and sections, for a smaller initramfs + build. The "do_strip=yes" option must also be specified (default=no). +
+do_hardlink="{yes|no}" +: + Hardlink files in the initramfs (default=yes). +
+prefix="Â <directory>Â " +: + Prefix initramfs files with <directory>. +
+hostonly="{yes|no}" +: + Host-only mode: Install only what is needed for booting the local host + instead of a generic host and generate host-specific configuration + (default=no). +
+hostonly_mode="{sloppy|strict}" +: + Specify the host-only mode to use (default=sloppy). + In "sloppy" host-only mode, extra drivers and modules will be installed, so + minor hardware change wonât make the image unbootable (e.g. changed + keyboard), and the image is still portable among similar hosts. + With "strict" mode enabled, anything not necessary for booting the local + host in its current state will not be included, and modules may do some + extra job to save more space. Minor change of hardware or environment could + make the image unbootable. +
+hostonly_cmdline="{yes|no}" +: + If set to "yes", store the kernel command line arguments needed in the + initramfs. If hostonly="yes" and this option is not configured, itâs + automatically set to "yes". +
+hostonly_nics+=" [<nic>[ <nic>Â â¦]] " +: + Only enable listed NICs in the initramfs. The list can be empty, so other + modules can install only the necessary network drivers. +
+persistent_policy="<policy>" +: + Use <policy> to address disks and partitions. + <policy> can be any directory name found in /dev/disk (e.g. "by-uuid", + "by-label"), or "mapper" to use /dev/mapper device names (default=mapper). +
+tmpdir="<temporary directory>" +: + Specify temporary directory to use. +

Warning

If chrooted to another root other than the real root device, use --fstab and +provide a valid /etc/fstab.

+use_fstab="{yes|no}" +: + Use /etc/fstab instead of /proc/self/mountinfo (default=no). +
+add_fstab+="Â <filename>Â " +: + Add entries of <filename> to the initramfs /etc/fstab. +
+add_device+="Â <device>Â " +: + Bring up <device> in initramfs, <device> should be the device name. + This can be useful in host-only mode for resume support when your swap is on + LVM an encrypted partition. +
+mdadmconf="{yes|no}" +: + Include local /etc/mdadm.conf (default=no). +
+lvmconf="{yes|no}" +: + Include local /etc/lvm/lvm.conf (default=no). +
+fscks="Â <fsck tools>Â " +: + Add a space-separated list of fsck tools. If nothing is specified, the + default is: "umount mount /sbin/fsck* xfs_db xfs_check xfs_repair e2fsck + jfs_fsck reiserfsck btrfsck". The installation is opportunistic + (non-existing tools are ignored). +
+nofscks="{yes|no}" +: + If specified, inhibit installation of any fsck tools (default=no). +
+ro_mnt="{yes|no}" +: + Mount / and /usr read-only by default (default=no). +
+kernel_cmdline="parameters" +: + Specify default kernel command line parameters. +
+kernel_only="{yes|no}" +: + Only install kernel drivers and firmware files (default=no). +
+no_kernel="{yes|no}" +: + Do not install kernel drivers and firmware files (default=no). +
+acpi_override="{yes|no}" +: + [WARNING] ONLY USE THIS IF YOU KNOW WHAT YOU ARE DOING! + Override BIOS provided ACPI tables. For further documentation read + Documentation/acpi/initrd_table_override.txt in the kernel sources. + Search for ACPI table files (must have .aml suffix) in acpi_table_dir= + directory (see below) and add them to a separate uncompressed cpio + archive. This cpio archive gets glued (concatenated, uncompressed one + must be the first one) to the compressed cpio archive. The first, + uncompressed cpio archive is for data which the kernel must be able + to access very early (and cannot make use of uncompress algorithms yet) + like microcode or ACPI tables (default=no). +
+acpi_table_dir="<dir>" +: + Directory to search for ACPI tables if acpi_override= is set to yes. +
+early_microcode="{yes|no}" +: + Combine early microcode with ramdisk (default=yes). +
+stdloglvl="{0-6}" +: + Specify logging level for standard error (default=4). +

Note

Logging levels:

    0 - suppress any messages
+    1 - only fatal errors
+    2 - all errors
+    3 - warnings
+    4 - info
+    5 - debug info (here starts lots of output)
+    6 - trace info (and even more)

+sysloglvl="{0-6}" +: + Specify logging level for syslog (default=0). +
+fileloglvl="{0-6}" +: + Specify logging level for logfile (default=4). +
+logfile="<file>" +: + Path to logfile. +
+sshkey="<file>" +: + SSH key file used with ssh-client module. +
+show_modules="{yes|no}" +: + Print the name of the included modules to standard output during build + (default=no). +
+i18n_vars="<variable mapping>" +: + Distribution specific variable mapping. + See dracut/modules.d/10i18n/README for a detailed description. +
+i18n_default_font="<fontname>" +: + The font <fontname> to install, if not specified otherwise. + Default is "eurlatgr". +
+i18n_install_all="{yes|no}" +: + Install everything regardless of generic or host-only mode (default=no). +
+reproducible="{yes|no}" +: + Create reproducible images (default=no). +
+noimageifnotneeded="{yes|no}" +: + Do not create an image in host-only mode, if no kernel driver is needed + and no /etc/cmdline/*.conf will be generated into the initramfs + (default=no). +
+loginstall="<directory>" +: + Log all files installed from the host to <directory>. +
+uefi="{yes|no}" +: + Instead of creating an initramfs image, dracut will create an UEFI + executable, which can be executed by an UEFI BIOS (default=no). + The default output filename is + <EFI>/EFI/Linux/linux-$kernel$-<MACHINE_ID>-<BUILD_ID>.efi. + <EFI> might be /efi, /boot or /boot/efi depending on where the ESP + partition is mounted. The <BUILD_ID> is taken from BUILD_ID in + /usr/lib/os-release or if it exists /etc/os-release and is left out, + if BUILD_ID is non-existent or empty. +
+machine_id="{yes|no}" +: + Affects the default output filename of the UEFI executable, including the + <MACHINE_ID> part (default=yes). +
+uefi_stub="<file>" +: + Specifies the UEFI stub loader, which will load the attached kernel, + initramfs and kernel command line and boots the kernel. The default is + /lib/systemd/boot/efi/linux<EFI-MACHINE-TYPE-NAME>.efi.stub. +
+uefi_splash_image="<file>" +: + Specifies the UEFI stub loaderâs splash image. Requires bitmap (.bmp) + image format. +
+uefi_secureboot_cert="<file>", uefi_secureboot_key="<file>" +: + Specifies a certificate and corresponding key, which are used to sign the + created UEFI executable. + Requires both certificate and key need to be specified and sbsign to be + installed. +
+uefi_secureboot_engine="parameter" +: + Specifies an engine to use when signing the created UEFI executable. E.g. "pkcs11" +
+kernel_image="<file>" +: + Specifies the kernel image, which to include in the UEFI executable. The + default is /lib/modules/<KERNEL-VERSION>/vmlinuz or + /boot/vmlinuz-<KERNEL-VERSION>. +
+sbat="parameters" +: + Specifies the SBAT parameters, which to include in the UEFI executable. By default + the default SBAT string added is "sbat,1,SBAT Version,sbat,1, + https://github.com/rhboot/shim/blob/main/SBAT.md". +
+enhanced_cpio="{yes|no}" +: + Attempt to use the dracut-cpio binary, which optimizes archive creation for + copy-on-write filesystems (default=no). + When specified, initramfs archives are also padded to ensure optimal data + alignment for extent sharing. To retain reflink data deduplication benefits, + this should be used alongside the compress="cat" and do_strip="no" + parameters, with initramfs source files, tmpdir staging area and + destination all on the same copy-on-write capable filesystem. +
+parallel="{yes|no}" +: + If set to yes, try to execute tasks in parallel (currently only supported + for --regenerate-all). +

Files

+/etc/dracut.conf +: + Old configuration file. You better use your own file in + /etc/dracut.conf.d/. +
+/etc/dracut.conf.d/ +: + Any /etc/dracut.conf.d/*.conf file can override the values in + /etc/dracut.conf. The configuration files are read in alphanumerical + order. +

AUTHOR

Harald Hoyer

ChapterÂ 8.Â DRACUT.CMDLINE(7)

NAME

dracut.cmdline - dracut kernel command line options

DESCRIPTION

The root device used by the kernel is specified in the boot configuration +file on the kernel command line, as always.

The traditional root=/dev/sda1 style device specification is allowed, but not +encouraged. The root device should better be identified by LABEL or UUID. If a +label is used, as in root=LABEL=<label_of_root> the initramfs will search all +available devices for a filesystem with the appropriate label, and mount that +device as the root filesystem. root=UUID=<uuidnumber> will mount the partition +with that UUID as the root filesystem.

In the following all kernel command line parameters, which are processed by +dracut, are described.

"rd.*" parameters mentioned without "=" are boolean parameters. They can be +turned on/off by setting them to {0|1}. If the assignment with "=" is missing +"=1" is implied. For example rd.info can be turned off with rd.info=0 or +turned on with rd.info=1 or rd.info. The last value in the kernel command +line is the value, which is honored.

Standard

+init=<path to real init> +

+ specify the path to the init program to be started after the initramfs has + finished +

+root=<path to blockdevice> +

+ specify the block device to use as the root filesystem. +

Example.Â +

root=/dev/sda1
+root=/dev/disk/by-path/pci-0000:00:1f.1-scsi-0:0:1:0-part1
+root=/dev/disk/by-label/Root
+root=LABEL=Root
+root=/dev/disk/by-uuid/3f5ad593-4546-4a94-a374-bcfb68aa11f7
+root=UUID=3f5ad593-4546-4a94-a374-bcfb68aa11f7
+root=PARTUUID=3f5ad593-4546-4a94-a374-bcfb68aa11f7

+rootfstype=<filesystem type> +

+"auto" if not specified. +

Example.Â +

rootfstype=ext4

+rootflags=<mount options> +

+ specify additional mount options for the root filesystem. If not set, + /etc/fstab of the real root will be parsed for special mount options and + mounted accordingly. +

+ro +

+ force mounting / and /usr (if it is a separate device) read-only. If + none of ro and rw is present, both are mounted according to /etc/fstab. +

+rw +

+ force mounting / and /usr (if it is a separate device) read-write. + See also ro option. +

+rootfallback=<path to blockdevice> +

+ specify the block device to use as the root filesystem, if the normal root + cannot be found. This can only be a simple block device with a simple file + system, for which the filesystem driver is either compiled in, or added + manually to the initramfs. This parameter can be specified multiple times. +

+rd.auto rd.auto=1 +

+ enable autoassembly of special devices like cryptoLUKS, dmraid, mdraid or + lvm. Default is off as of dracut version >= 024. +

+rd.hostonly=0 +

+ removes all compiled in configuration of the host system the initramfs image + was built on. This helps booting, if any disk layout changed, especially in + combination with rd.auto or other parameters specifying the layout. +

+rd.cmdline=ask +

+ prompts the user for additional kernel command line parameters +

+rd.fstab=0 +

+ do not honor special mount options for the root filesystem found in + /etc/fstab of the real root. +

+resume=<path to resume partition> +

+ resume from a swap partition +

Example.Â +

resume=/dev/disk/by-path/pci-0000:00:1f.1-scsi-0:0:1:0-part1
+resume=/dev/disk/by-uuid/3f5ad593-4546-4a94-a374-bcfb68aa11f7
+resume=UUID=3f5ad593-4546-4a94-a374-bcfb68aa11f7

+rd.skipfsck +

+ skip fsck for rootfs and /usr. If youâre mounting /usr read-only and + the init system performs fsck before remount, you might want to use this + option to avoid duplication. +

iso-scan/filename

Mount all mountable devices and search for ISO pointed by the argument. When +the ISO is found set it up as a loop device. Device containing this ISO +image will stay mounted at /run/initramfs/isoscandev. +Using iso-scan/filename with a Fedora/Red Hat/CentOS Live iso should just work +by copying the original kernel cmdline parameters.

Example.Â +

menuentry 'Live Fedora 20' --class fedora --class gnu-linux --class gnu --class os {
+    set isolabel=Fedora-Live-LXDE-x86_64-20-1
+    set isofile="/boot/iso/Fedora-Live-LXDE-x86_64-20-1.iso"
+    loopback loop $isofile
+    linux (loop)/isolinux/vmlinuz0 boot=isolinux iso-scan/filename=$isofile root=live:LABEL=$isolabel ro rd.live.image quiet rhgb
+    initrd (loop)/isolinux/initrd0.img
+}

Misc

+rd.emergency=[reboot|poweroff|halt] +: + specify, what action to execute in case of a critical failure. rd.shell=0 must also + be specified. +
+rd.driver.blacklist=<drivername>[,<drivername>,â¦] +: + do not load kernel module <drivername>. This parameter can be specified + multiple times. +
+rd.driver.pre=<drivername>[,<drivername>,â¦] +: + force loading kernel module <drivername>. This parameter can be specified + multiple times. +
+rd.driver.post=<drivername>[,<drivername>,â¦] +: + force loading kernel module <drivername> after all automatic loading modules + have been loaded. This parameter can be specified multiple times. +
+rd.retry=<seconds> +: + specify how long dracut should retry the initqueue to configure devices. + The default is 180 seconds. After 2/3 of the time, degraded raids are force + started. If you have hardware, which takes a very long time to announce its + drives, you might want to extend this value. +
+rd.timeout=<seconds> +: + specify how long dracut should wait for devices to appear. The + default is 0, which means forever. Note that this timeout + should be longer than rd.retry to allow for proper configuration. +
+rd.noverifyssl +: + accept self-signed certificates for ssl downloads. +
+rd.ctty=<terminal device> +: + specify the controlling terminal for the console. + This is useful, if you have multiple "console=" arguments. +
+rd.shutdown.timeout.umount=<seconds> +: + specify how long dracut should wait for an individual umount to finish + during shutdown. This avoids the system from blocking when unmounting a file + system cannot complete and waits indefinitely. Value 0 means to wait + forever. The default is 90 seconds. +

Debug

If you are dropped to an emergency shell, the file +/run/initramfs/rdsosreport.txt is created, which can be saved to a (to be +mounted by hand) partition (usually /boot) or a USB stick. Additional debugging +info can be produced by adding rd.debug to the kernel command line. +/run/initramfs/rdsosreport.txt contains all logs and the output of some tools. +It should be attached to any report about dracut problems.

+rd.info +

+ print informational output though "quiet" is set +

+rd.shell +

+ allow dropping to a shell, if root mounting fails +

+rd.debug +

+ set -x for the dracut shell. + If systemd is active in the initramfs, all output is logged to the systemd + journal, which you can inspect with "journalctl -ab". + If systemd is not active, the logs are written to dmesg and + /run/initramfs/init.log. + If "quiet" is set, it also logs to the console. +

+rd.memdebug=[0-5] +

+ Print memory usage info at various points, set the verbose level from 0 to 5. +

Higher level means more debugging output:

    0 - no output
+    1 - partial /proc/meminfo
+    2 - /proc/meminfo
+    3 - /proc/meminfo + /proc/slabinfo
+    4 - /proc/meminfo + /proc/slabinfo + memstrack summary
+        NOTE: memstrack is a memory tracing tool that tracks the total memory
+              consumption, and peak memory consumption of each kernel modules
+              and userspace progress during the whole initramfs runtime, report
+              is generated and the end of initramsfs run.
+    5 - /proc/meminfo + /proc/slabinfo + memstrack (with top memory stacktrace)
+        NOTE: memstrack (with top memory stacktrace) will print top memory
+              allocation stack traces during the whole initramfs runtime.

+rd.break +

+ drop to a shell at the end +

+rd.break={cmdline|pre-udev|pre-trigger|initqueue|pre-mount|mount|pre-pivot|cleanup} +

+ drop to a shell before the defined breakpoint starts. + This parameter can be specified multiple times. +

+rd.udev.info +

+ set udev to loglevel info +

+rd.udev.debug +

+ set udev to loglevel debug +

I18N

+rd.vconsole.keymap=<keymap base file name> +

+ keyboard translation table loaded by loadkeys; taken from keymaps directory; + will be written as KEYMAP to /etc/vconsole.conf in the initramfs. +

Example.Â +

rd.vconsole.keymap=de-latin1-nodeadkeys

+rd.vconsole.keymap.ext=<list of keymap base file names> +

+ list of extra keymaps to bo loaded (sep. by space); will be written as + EXT_KEYMAP to /etc/vconsole.conf in the initramfs +

+rd.vconsole.unicode +

+ boolean, indicating UTF-8 mode; will be written as UNICODE to + /etc/vconsole.conf in the initramfs +

+rd.vconsole.font=<font base file name> +

+ console font; taken from consolefonts directory; will be written as FONT to + /etc/vconsole.conf in the initramfs. +

Example.Â +

rd.vconsole.font=eurlatgr

+rd.vconsole.font.map=<console map base file name> +

+ see description of -m parameter in setfont manual; taken from consoletrans + directory; will be written as FONT_MAP to /etc/vconsole.conf in the + initramfs +

+rd.vconsole.font.unimap=<unicode table base file name> +

+ see description of -u parameter in setfont manual; taken from unimaps + directory; will be written as FONT_UNIMAP to /etc/vconsole.conf in the + initramfs +

+rd.locale.LANG=<locale> +

+ taken from the environment; if no UNICODE is defined we set its value in + basis of LANG value (whether it ends with ".utf8" (or similar) or not); will + be written as LANG to /etc/locale.conf in the initramfs. +

Example.Â +

rd.locale.LANG=pl_PL.utf8

+rd.locale.LC_ALL=<locale> +

+ taken from the environment; will be written as LC_ALL to /etc/locale.conf + in the initramfs +

LVM

+rd.lvm=0 +: + disable LVM detection +
+rd.lvm.vg=<volume group name> +: + only activate all logical volumes in the the volume groups with the given name. + rd.lvm.vg can be specified multiple times on the kernel command line. +
+rd.lvm.lv=<volume group name>/<logical volume name> +: + only activate the logical volumes with the given name. + rd.lvm.lv can be specified multiple times on the kernel command line. +
+rd.lvm.conf=0 +: + remove any /etc/lvm/lvm.conf, which may exist in the initramfs +

crypto LUKS

+rd.luks=0 +: + disable crypto LUKS detection +
+rd.luks.uuid=<luks uuid> +: + only activate the LUKS partitions with the given UUID. Any "luks-" of the + LUKS UUID is removed before comparing to <luks uuid>. + The comparisons also matches, if <luks uuid> is only the beginning of the + LUKS UUID, so you donât have to specify the full UUID. + This parameter can be specified multiple times. + <luks uuid> may be prefixed by the keyword keysource:, see + rd.luks.key below. +
+rd.luks.allow-discards=<luks uuid> +: + Allow using of discards (TRIM) requests for LUKS partitions with the given + UUID. Any "luks-" of the LUKS UUID is removed before comparing to + <luks uuid>. The comparisons also matches, if <luks uuid> is only the + beginning of the LUKS UUID, so you donât have to specify the full UUID. + This parameter can be specified multiple times. +
+rd.luks.allow-discards +: + Allow using of discards (TRIM) requests on all LUKS partitions. +
+rd.luks.crypttab=0 +: + do not check, if LUKS partition is in /etc/crypttab +
+rd.luks.timeout=<seconds> +: + specify how long dracut should wait when waiting for the user to enter the + password. This avoid blocking the boot if no password is entered. It does + not apply to luks key. The default is 0, which means forever. +

crypto LUKS - key on removable device support

NB: If systemd is included in the dracut initrd, dracutâs built in +removable device keying support wonât work. systemd will prompt for +a password from the console even if youâve supplied rd.luks.key. +You may be able to use standard systemd fstab(5) syntax to +get the same effect. If you do need rd.luks.key to work, +you will have to exclude the "systemd" dracut module and any modules +that depend on it. See dracut.conf(5) and +https://bugzilla.redhat.com/show_bug.cgi?id=905683 for more +information.

+rd.luks.key=<keypath>[:<keydev>[:<luksdev>]] +

+ <keypath> is the pathname of a key file, relative to the root + of the filesystem on some device. Itâs REQUIRED. When + <keypath> ends with .gpg itâs considered to be key encrypted + symmetrically with GPG. You will be prompted for the GPG password on + boot. GPG support comes with the crypt-gpg module, which needs to be + added explicitly. +

<keydev> identifies the device on which the key file resides. It may +be the kernel name of the device (should start with "/dev/"), a UUID +(prefixed with "UUID=") or a label (prefix with "LABEL="). You donât +have to specify a full UUID. Just its beginning will suffice, even if +its ambiguous. All matching devices will be probed. This parameter is +recommended, but not required. If itâs not present, all block devices will +be probed, which may significantly increase boot time.

If <luksdev> is given, the specified key will only be used for +the specified LUKS device. Possible values are the same as for +<keydev>. Unless you have several LUKS devices, you donât have to +specify this parameter. The simplest usage is:

Example.Â +

rd.luks.key=/foo/bar.key

As you see, you can skip colons in such a case.

Note

Your LUKS partition must match your key file.

dracut provides keys to cryptsetup with -d (an older alias for +--key-file). This uses the entire binary +content of the key file as part of the secret. If +you pipe a password into cryptsetup without -d or --key-file, +it will be treated as text user input, and only characters before +the first newline will be used. Therefore, when youâre creating +an encrypted partition for dracut to mount, and you pipe a key into +cryptsetup luksFormat,you must use -d -.

Here is an example for a key encrypted with GPG (warning: +--batch-mode will overwrite the device without asking for +confirmation):

gpg --quiet --decrypt rootkey.gpg | \
+cryptsetup --batch-mode --key-file - \
+           luksFormat /dev/sda47

If you use unencrypted key files, just use the key file pathname +instead of the standard input. For a random key with 256 bits of +entropy, you might use:

head -32c /dev/urandom > rootkey.key
+cryptsetup --batch-mode --key-file rootkey.key \
+           luksFormat /dev/sda47

You can also use regular key files on an encrypted keydev.

Compared to using GPG encrypted keyfiles on an unencrypted +device this provides the following advantages:

+you can unlock your disk(s) using multiple passphrases +
+better security by not losing the key stretching mechanism +

To use an encrypted keydev you must ensure that it becomes +available by using the keyword keysource, e.g. +rd.luks.uuid=keysource:aaaa +aaaa being the uuid of the encrypted keydev.

Example:

Lets assume you have three disks A, B and C with the uuids +aaaa, bbbb and cccc. +You want to unlock A and B using keyfile keyfile. +The unlocked volumes be A', B' and C' with the uuids +AAAA, BBBB and CCCC. +keyfile is saved on C' as /keyfile.

One luks keyslot of each A, B and C is setup with a +passphrase. +Another luks keyslot of each A and B is setup with keyfile.

To boot this configuration you could use:

rd.luks.uuid=aaaa
+rd.luks.uuid=bbbb
+rd.luks.uuid=keysource:cccc
+rd.luks.key=/keyfile:UUID=CCCC

Dracut asks for the passphrase for C and uses the +keyfile to unlock A and B. +If getting the passphrase for C fails it falls back to +asking for the passphrases for A and B.

If you want C' to stay unlocked, specify a luks name for +it, e.g. rd.luks.name=cccc=mykeys, otherwise it gets closed +when not needed anymore.

+rd.luks.key.tout=0 +: + specify how many times dracut will try to read the keys specified in in + rd.luk.key. This gives a chance to the removable device containing the key + to initialise. +

MD RAID

+rd.md=0 +: + disable MD RAID detection +
+rd.md.imsm=0 +: + disable MD RAID for imsm/isw raids, use DM RAID instead +
+rd.md.ddf=0 +: + disable MD RAID for SNIA ddf raids, use DM RAID instead +
+rd.md.conf=0 +: + ignore mdadm.conf included in initramfs +
+rd.md.waitclean=1 +: + wait for any resync, recovery, or reshape activity to finish before + continuing +
+rd.md.uuid=<md raid uuid> +: + only activate the raid sets with the given UUID. This parameter can be + specified multiple times. +

DM RAID

+rd.dm=0 +: + disable DM RAID detection +
+rd.dm.uuid=<dm raid uuid> +: + only activate the raid sets with the given UUID. This parameter can be + specified multiple times. +

MULTIPATH

+rd.multipath=0 +: + disable multipath detection +
+rd.multipath=default +: + use default multipath settings +

FIPS

+rd.fips +

+ enable FIPS +

+boot=<boot device> +

+ specify the device, where /boot is located. +

Example.Â +

boot=/dev/sda1
+boot=/dev/disk/by-path/pci-0000:00:1f.1-scsi-0:0:1:0-part1
+boot=UUID=<uuid>
+boot=LABEL=<label>

+rd.fips.skipkernel +

+ skip checksum check of the kernel image. Useful, if the kernel image is not + in a separate boot partition. +

Network

Important

It is recommended to either bind an interface to a MAC with the ifname +argument, or to use the systemd-udevd predictable network interface names.

Predictable network interface device names based on:

+firmware/bios-provided index numbers for on-board devices +
+firmware-provided pci-express hotplug slot index number +
+physical/geographical location of the hardware +
+the interfaceâs MAC address +

See: +http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames

Two character prefixes based on the type of interface:

+en +: +ethernet +
+wl +: +wlan +
+ww +: +wwan +

Type of names:

+o<index> +: +on-board device index number +
+s<slot>[f<function>][d<dev_id>] +: +hotplug slot index number +
+x<MAC> +: +MAC address +
+[P<domain>]p<bus>s<slot>[f<function>][d<dev_id>] +: +PCI geographical location +
+[P<domain>]p<bus>s<slot>[f<function>][u<port>][..][c<config>][i<interface>] +: +USB port number chain +

All multi-function PCI devices will carry the [f<function>] number in the +device name, including the function 0 device.

When using PCI geography, The PCI domain is only prepended when it is not 0.

For USB devices the full chain of port numbers of hubs is composed. If the +name gets longer than the maximum number of 15 characters, the name is not +exported. +The usual USB configuration == 1 and interface == 0 values are suppressed.

+PCI ethernet card with firmware index "1" +

+eno1 +

+PCI ethernet card in hotplug slot with firmware index number +

+ens1 +

+PCI ethernet multi-function card with 2 ports +

+enp2s0f0 +
+enp2s0f1 +

+PCI wlan card +

+wlp3s0 +

+USB built-in 3G modem +

+wwp0s29u1u4i6 +

+USB Android phone +

+enp0s29u1u2 +

The following options are supported by the network-legacy dracut +module. Other network modules might support a slightly different set of +options; refer to the documentation of the specific network module in use. For +NetworkManager, see nm-initrd-generator(8).

+ip={dhcp|on|any|dhcp6|auto6|either6|link6|single-dhcp} +

+dhcp|on|any +: +get ip from dhcp server from all interfaces. If netroot=dhcp, + loop sequentially through all interfaces (eth0, eth1, â¦) and use the first + with a valid DHCP root-path. +
+single-dhcp +: +Send DHCP on all available interfaces in parallel, as + opposed to one after another. After the first DHCP response is received, + stop DHCP on all other interfaces. This gives the fastest boot time by + using the IP on interface for which DHCP succeeded first during early boot. + Caveat: Does not apply to Network Manager. +
+auto6 +: +IPv6 autoconfiguration +
+dhcp6 +: +IPv6 DHCP +
+either6 +: +if auto6 fails, then dhcp6 +
+link6 +: +bring up interface for IPv6 link-local addressing +

+ip=<interface>:{dhcp|on|any|dhcp6|auto6|link6}[:[<mtu>][:<macaddr>]] +

+ This parameter can be specified multiple times. +

+dhcp|on|any|dhcp6 +: +get ip from dhcp server on a specific interface +
+auto6 +: +do IPv6 autoconfiguration +
+link6 +: +bring up interface for IPv6 link local address +
+<macaddr> +: +optionally set <macaddr> on the <interface>. This +cannot be used in conjunction with the ifname argument for the +same <interface>. +

+ip=<client-IP>:[<peer>]:<gateway-IP>:<netmask>:<client_hostname>:<interface>:{none|off|dhcp|on|any|dhcp6|auto6|ibft}[:[<mtu>][:<macaddr>]] +

+ explicit network configuration. If you want do define a IPv6 address, put it + in brackets (e.g. [2001:DB8::1]). This parameter can be specified multiple + times. <peer> is optional and is the address of the remote endpoint + for pointopoint interfaces and it may be followed by a slash and a decimal + number, encoding the network prefix length. +

+<macaddr> +: +optionally set <macaddr> on the <interface>. This +cannot be used in conjunction with the ifname argument for the +same <interface>. +

+ip=<client-IP>:[<peer>]:<gateway-IP>:<netmask>:<client_hostname>:<interface>:{none|off|dhcp|on|any|dhcp6|auto6|ibft}[:[<dns1>][:<dns2>]] +

+ifname=<interface>:<MAC> +

+ Assign network device name <interface> (i.e. "bootnet") to the NIC with + MAC <MAC>. +

Warning

Do not use the default kernel naming scheme for the interface name, +as it can conflict with the kernel names. So, donât use "eth[0-9]+" for the +interface name. Better name it "bootnet" or "bluesocket".

+rd.route=<net>/<netmask>:<gateway>[:<interface>] +

+ Add a static route with route options, which are separated by a colon. + IPv6 addresses have to be put in brackets. +

Example.Â +

    rd.route=192.168.200.0/24:192.168.100.222:ens10
+    rd.route=192.168.200.0/24:192.168.100.222
+    rd.route=192.168.200.0/24::ens10
+    rd.route=[2001:DB8:3::/8]:[2001:DB8:2::1]:ens10

+bootdev=<interface> +

+ specify network interface to use routing and netroot information from. + Required if multiple ip= lines are used. +

+BOOTIF=<MAC> +

+ specify network interface to use routing and netroot information from. +

+rd.bootif=0 +

+ Disable BOOTIF parsing, which is provided by PXE +

+nameserver=<IP> [nameserver=<IP> â¦] +

+ specify nameserver(s) to use +

+rd.peerdns=0 +

+ Disable DNS setting of DHCP parameters. +

+biosdevname=0 +

+ boolean, turn off biosdevname network interface renaming +

+rd.neednet=1 +

+ boolean, bring up network even without netroot set +

+vlan=<vlanname>:<phydevice> +

+ Setup vlan device named <vlanname> on <phydevice>. + We support the four styles of vlan names: VLAN_PLUS_VID (vlan0005), + VLAN_PLUS_VID_NO_PAD (vlan5), DEV_PLUS_VID (eth0.0005), + DEV_PLUS_VID_NO_PAD (eth0.5) +

+bond=<bondname>[:<bondslaves>:[:<options>[:<mtu>]]] +

+ Setup bonding device <bondname> on top of <bondslaves>. + <bondslaves> is a comma-separated list of physical (ethernet) interfaces. + <options> is a comma-separated list on bonding options (modinfo bonding for + details) in format compatible with initscripts. If <options> includes + multi-valued arp_ip_target option, then its values should be separated by + semicolon. if the mtu is specified, it will be set on the bond master. + Bond without parameters assumes + bond=bond0:eth0,eth1:mode=balance-rr +

+team=<teammaster>:<teamslaves>[:<teamrunner>] +

+ Setup team device <teammaster> on top of <teamslaves>. + <teamslaves> is a comma-separated list of physical (ethernet) interfaces. + <teamrunner> is the runner type to be used (see teamd.conf(5)); defaults to + activebackup. + Team without parameters assumes + team=team0:eth0,eth1:activebackup +

+bridge=<bridgename>:<ethnames> +

+ Setup bridge <bridgename> with <ethnames>. <ethnames> is a comma-separated + list of physical (ethernet) interfaces. Bridge without parameters assumes + bridge=br0:eth0 +

NFS

+root=[<server-ip>:]<root-dir>[:<nfs-options>] +

+ mount nfs share from <server-ip>:/<root-dir>, if no server-ip is given, use + dhcp next_server. If server-ip is an IPv6 address it has to be put in + brackets, e.g. [2001:DB8::1]. NFS options can be appended with the prefix + ":" or "," and are separated by ",". +

+root=nfs:[<server-ip>:]<root-dir>[:<nfs-options>], root=nfs4:[<server-ip>:]<root-dir>[:<nfs-options>], root={dhcp|dhcp6} +

+ netroot=dhcp alone directs initrd to look at the DHCP root-path where NFS + options can be specified. +

Example.Â +

    root-path=<server-ip>:<root-dir>[,<nfs-options>]
+    root-path=nfs:<server-ip>:<root-dir>[,<nfs-options>]
+    root-path=nfs4:<server-ip>:<root-dir>[,<nfs-options>]

+root=/dev/nfs nfsroot=[<server-ip>:]<root-dir>[:<nfs-options>] +

+ Deprecated! kernel Documentation_/filesystems/nfsroot.txt_ defines this + method. This is supported by dracut, but not recommended. +

+rd.nfs.domain=<NFSv4 domain name> +

+ Set the NFSv4 domain name. Will override the settings in /etc/idmap.conf. +

+rd.net.dhcp.retry=<cnt> +

+ If this option is set, dracut will try to connect via dhcp <cnt> times before failing. + Default is 1. +

+rd.net.timeout.dhcp=<arg> +

+ If this option is set, dhclient is called with "--timeout <arg>". +

+rd.net.timeout.iflink=<seconds> +

+ Wait <seconds> until link shows up. Default is 60 seconds. +

+rd.net.timeout.ifup=<seconds> +

+ Wait <seconds> until link has state "UP". Default is 20 seconds. +

+rd.net.timeout.route=<seconds> +

+ Wait <seconds> until route shows up. Default is 20 seconds. +

+rd.net.timeout.ipv6dad=<seconds> +

+ Wait <seconds> until IPv6 DAD is finished. Default is 50 seconds. +

+rd.net.timeout.ipv6auto=<seconds> +

+ Wait <seconds> until IPv6 automatic addresses are assigned. Default is 40 seconds. +

+rd.net.timeout.carrier=<seconds> +

+ Wait <seconds> until carrier is recognized. Default is 10 seconds. +

CIFS

+root=cifs://[<username>[:<password>]@]<server-ip>:<root-dir> +: + mount cifs share from <server-ip>:/<root-dir>, if no server-ip is given, use + dhcp next_server. if server-ip is an IPv6 address it has to be put in + brackets, e.g. [2001:DB8::1]. If a username or password are not specified +as part of the root, then they must be passed on the command line through +cifsuser/cifspass. +
Warning
Passwords specified on the kernel command line are visible for all +users via the file /proc/cmdline and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path.
+cifsuser=<username> +: + Set the cifs username, if not specified as part of the root. +
+cifspass=<password> +: + Set the cifs password, if not specified as part of the root. +
Warning
Passwords specified on the kernel command line are visible for all +users via the file /proc/cmdline and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path.

iSCSI

+root=iscsi:[<username>:<password>[:<reverse>:<password>]@][<servername>]:[<protocol>]:[<port>][:[<iscsi_iface_name>]:[<netdev_name>]]:[<LUN>]:<targetname> +

+ protocol defaults to "6", LUN defaults to "0". If the "servername" field is + provided by BOOTP or DHCP, then that field is used in conjunction with other + associated fields to contact the boot server in the Boot stage. However, if + the "servername" field is not provided, then the "targetname" field is then + used in the Discovery Service stage in conjunction with other associated + fields. See + rfc4173. +

Warning

Passwords specified on the kernel command line are visible for all +users via the file /proc/cmdline and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path.

Example.Â +

root=iscsi:192.168.50.1::::iqn.2009-06.dracut:target0

If servername is an IPv6 address, it has to be put in brackets:

Example.Â +

root=iscsi:[2001:DB8::1]::::iqn.2009-06.dracut:target0

+root=??? netroot=iscsi:[<username>:<password>[:<reverse>:<password>]@][<servername>]:[<protocol>]:[<port>][:[<iscsi_iface_name>]:[<netdev_name>]]:[<LUN>]:<targetname> â¦ +

+ multiple netroot options allow setting up multiple iscsi disks: +

Example.Â +

root=UUID=12424547
+netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target0
+netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target1

If servername is an IPv6 address, it has to be put in brackets:

Example.Â +

netroot=iscsi:[2001:DB8::1]::::iqn.2009-06.dracut:target0

Warning

Passwords specified on the kernel command line are visible for all +users via the file /proc/cmdline and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path. +You may want to use rd.iscsi.firmware.

+root=??? rd.iscsi.initiator=<initiator> rd.iscsi.target.name=<target name> rd.iscsi.target.ip=<target ip> rd.iscsi.target.port=<target port> rd.iscsi.target.group=<target group> rd.iscsi.username=<username> rd.iscsi.password=<password> rd.iscsi.in.username=<in username> rd.iscsi.in.password=<in password> +

+ manually specify all iscsistart parameter (see iscsistartÂ --help) +

Warning

+root=??? netroot=iscsi rd.iscsi.firmware=1 +

+ will read the iscsi parameter from the BIOS firmware +

+rd.iscsi.login_retry_max=<num> +

+ maximum number of login retries +

+rd.iscsi.param=<param> +

+ <param> will be passed as "--param <param>" to iscsistart. + This parameter can be specified multiple times. +

Example.Â +

"netroot=iscsi rd.iscsi.firmware=1 rd.iscsi.param=node.session.timeo.replacement_timeout=30"

will result in

iscsistart -b --param node.session.timeo.replacement_timeout=30

rd.iscsi.ibft rd.iscsi.ibft=1: + Turn on iBFT autoconfiguration for the interfaces

rd.iscsi.mp rd.iscsi.mp=1: + Configure all iBFT interfaces, not only used for booting (multipath)

rd.iscsi.waitnet=0: + Turn off waiting for all interfaces to be up before trying to login to the iSCSI targets.

rd.iscsi.testroute=0: + Turn off checking, if the route to the iSCSI target IP is possible before trying to login.

FCoE

+rd.fcoe=0 +: + disable FCoE and lldpad +
+fcoe=<edd|interface|MAC>:{dcb|nodcb}:{fabric|vn2vn} +: + Try to connect to a FCoE SAN through the NIC specified by <interface> or + <MAC> or EDD settings. The second argument specifies if DCB + should be used. The optional third argument specifies whether + fabric or VN2VN mode should be used. + This parameter can be specified multiple times. +
Note
letters in the MAC-address must be lowercase!

NVMf

+rd.nonvmf +

+ Disable NVMf +

+rd.nvmf.nonbft +

+ Disable connecting to targets from the NVMe Boot Firmware Table. Without + this parameter, NBFT connections will take precedence over rd.nvmf.discover. +

+rd.nvmf.nostatic +

+ Disable connecting to targets that have been statically configured when + the initramfs was built. Targets specified with rd.nvmf.discover on the + kernel command line will still be tried. +

+rd.nvmf.hostnqn=<hostNQN> +

+ NVMe host NQN to use +

+rd.nvmf.hostid=<hostID> +

+ NVMe host id to use +

+rd.nvmf.discover={rdma|fc|tcp},<traddr>,[<host_traddr>],[<trsvcid>] +

+ Discover and connect to a NVMe-over-Fabric controller specified by + <traddr> and the optionally <host_traddr> or <trsvcid>. + The first argument specifies the transport to use; currently only + rdma, fc, or tcp are supported. + This parameter can be specified multiple times. +

Examples.Â +

rd.nvmf.discover=tcp,192.168.10.10,,4420
+rd.nvmf.discover=fc,nn-0x201700a05634f5bf:pn-0x201900a05634f5bf,nn-0x200000109b579ef3:pn-0x100000109b579ef3

+rd.nvmf.discover=fc,auto +

+ This special syntax determines that Fibre Channel autodiscovery + is to be used rather than regular NVMe discovery. It takes precedence + over all other rd.nvmf.discover= arguments. +

NBD

+root=??? netroot=nbd:<server>:<port/exportname>[:<fstype>[:<mountopts>[:<nbdopts>]]] +

+ mount nbd share from <server>. +

NOTE: + If "exportname" instead of "port" is given the standard port is used. + Newer versions of nbd are only supported with "exportname".

+root=/dev/root netroot=dhcp with dhcp root-path=nbd:<server>:<port/exportname>[:<fstype>[:<mountopts>[:<nbdopts>]]] +

+ netroot=dhcp alone directs initrd to look at the DHCP root-path where NBD + options can be specified. This syntax is only usable in cases where you are + directly mounting the volume as the rootfs. +

NOTE: + If "exportname" instead of "port" is given the standard port is used. + Newer versions of nbd are only supported with "exportname".

VIRTIOFS

+root=virtiofs:<mount-tag> +: + mount virtiofs share using the tag <mount-tag>. + The tag name is arbitrary and must match the tag given in the qemu -device command. +
+rootfstype=virtiofs root=<mount-tag> +: + mount virtiofs share using the tag <mount-tag>. + The tag name is arbitrary and must match the tag given in the qemu -device command. +

Both formats are supported by the virtiofs dracut module. +See https://gitlab.com/virtio-fs/virtiofsd for more information.

Example.Â +

root=virtiofs:host rw

DASD

+rd.dasd=â¦. +: + same syntax as the kernel module parameter (s390 only) +

ZFCP

+rd.zfcp=<zfcp adaptor device bus ID>,<WWPN>,<FCPLUN> +

+ rd.zfcp can be specified multiple times on the kernel command + line. +

+rd.zfcp=<zfcp adaptor device bus ID> +

+ If NPIV is enabled and the allow_lun_scan parameter to the zfcp + module is set to Y then the zfcp adaptor will be initiating a + scan internally and the <WWPN> and <FCPLUN> parameters can be omitted. +

Example.Â +

rd.zfcp=0.0.4000,0x5005076300C213e9,0x5022000000000000
+rd.zfcp=0.0.4000

+rd.zfcp.conf=0 +

+ ignore zfcp.conf included in the initramfs +

ZNET

+rd.znet=<nettype>,<subchannels>,<options> +

+ The whole parameter is appended to /etc/ccw.conf, which is used on + RHEL/Fedora with ccw_init, which is called from udev for certain + devices on z-series. + rd.znet can be specified multiple times on the kernel command line. +

+rd.znet_ifname=<ifname>:<subchannels> +

+ Assign network device name <interface> (i.e. "bootnet") to the NIC + corresponds to the subchannels. This is useful when dracutâs default + "ifname=" doesnât work due to device having a changing MAC address. +

Example.Â +

rd.znet=qeth,0.0.0600,0.0.0601,0.0.0602,layer2=1,portname=foo
+rd.znet=ctc,0.0.0600,0.0.0601,protocol=bar

Booting live images

Dracut offers multiple options for live booted images:

+SquashFS with read-only filesystem image +

+The system will boot with a +read-only filesystem from the SquashFS and apply a writable Device-mapper +snapshot or an OverlayFS overlay mount for the read-only base filesystem. This +method ensures a relatively fast boot and lower RAM usage. Users must be +careful to avoid writing too many blocks to a snapshot volume. Once the +blocks of the snapshot overlay are exhausted, the root filesystem becomes +read-only and may cause application failures. The snapshot overlay file is +marked Overflow, and a difficult recovery is required to repair and enlarge +the overlay offline. Non-persistent overlays are sparse files in RAM that only +consume content space as required blocks are allocated. They default to an +apparent size of 32 GiB in RAM. The size can be adjusted with the +rd.live.overlay.size= kernel command line option. +

The filesystem structure is traditionally expected to be:

squashfs.img          |  SquashFS from LiveCD .iso
+   !(mount)
+   /LiveOS
+       |- rootfs.img  |  Filesystem image to mount read-only
+            !(mount)
+            /bin      |  Live filesystem
+            /boot     |
+            /dev      |
+            ...       |

For OverlayFS mount overlays, the filesystem structure may also be a direct +compression of the root filesystem:

squashfs.img          |  SquashFS from LiveCD .iso
+   !(mount)
+   /bin               |  Live filesystem
+   /boot              |
+   /dev               |
+   ...                |

Dracut uses one of the overlay methods of live booting by default. No +additional command line options are required other than root=live:<URL> to +specify the location of your squashed filesystem.

+The compressed SquashFS image can be copied during boot to RAM at +/run/initramfs/squashed.img by using the rd.live.ram=1 option. +
+A device with a persistent overlay can be booted read-only by using the +rd.live.overlay.readonly option on the kernel command line. This will +either cause a temporary, writable overlay to be stacked over a read-only +snapshot of the root filesystem or the OverlayFS mount will use an additional +lower layer with the root filesystem. +

+Uncompressed live filesystem image +

+When the live system was installed with the --skipcompress option of the +livecd-iso-to-disk installation script for Live USB devices, the root +filesystem image, rootfs.img, is expanded on installation and no SquashFS +is involved during boot. +

+If rd.live.ram=1 is used in this situation, the full, uncompressed +root filesystem is copied during boot to /run/initramfs/rootfs.img in the +/run tmpfs. +
+If rd.live.overlay=none is provided as a kernel command line option, +a writable, linear Device-mapper target is created on boot with no overlay. +

+Writable filesystem image +

+The system will retrieve a compressed filesystem image, extract it to +/run/initramfs/fsimg/rootfs.img, connect it to a loop device, create a +writable, linear Device-mapper target at /dev/mapper/live-rw, and mount that +as a writable volume at /. More RAM is required during boot but the live +filesystem is easier to manage if it becomes full. Users can make a filesystem +image of any size and that size will be maintained when the system boots. There +is no persistence of root filesystem changes between boots with this option. +

The filesystem structure is expected to be:

rootfs.tgz            |  Compressed tarball containing filesystem image
+   !(unpack)
+   /rootfs.img        |  Filesystem image at /run/initramfs/fsimg/
+      !(mount)
+      /bin            |  Live filesystem
+      /boot           |
+      /dev            |
+      ...             |

To use this boot option, ensure that rd.writable.fsimg=1 is in your kernel +command line and add the root=live:<URL> to specify the location +of your compressed filesystem image tarball or SquashFS image.

+rd.writable.fsimg=1 +

+Enables writable filesystem support. The system will boot with a fully +writable (but non-persistent) filesystem without snapshots (see notes above +about available live boot options). You can use the rootflags option to +set mount options for the live filesystem as well (see documentation about +rootflags in the Standard section above). +This implies that the whole image is copied to RAM before the boot continues. +

Note

There must be enough free RAM available to hold the complete image.

This method is very suitable for diskless boots.

+rd.minmem=<megabyte> +

+Specify minimum free RAM in MB after copying a live disk image into memory. +The default is 1024. +

This parameter only applies together with the parameters rd.writable.fsimg +or rd.live.ram.

+root=live:<url> +

+Boots a live image retrieved from <url>. Requires the dracut livenet +module. Valid handlers: http, https, ftp, torrent, tftp. +

Examples.Â +

root=live:http://example.com/liveboot.img
+root=live:ftp://ftp.example.com/liveboot.img
+root=live:torrent://example.com/liveboot.img.torrent

+rd.live.debug=1 +

+Enables debug output from the live boot process. +

+rd.live.dir=<path> +

+Specifies the directory within the boot device where the squashfs.img or +rootfs.img can be found. By default, this is /LiveOS. +

+rd.live.squashimg=<filename of SquashFS image> +

+Specifies the filename for a SquashFS image of the root filesystem. +By default, this is squashfs.img. +

+rd.live.ram=1 +

+Copy the complete image to RAM and use this for booting. This is useful +when the image resides on, e.g., a DVD which needs to be ejected later on. +

+rd.live.overlay={<devspec>[:{<pathspec>|auto}]|none} +

+Manage the usage of a permanent overlay. +

+<devspec> specifies the path to a device with a mountable filesystem. +
+<pathspec> is the path to a file within that filesystem, which shall be +used to persist the changes made to the device specified by the +root=live:<url> option. +
The default pathspec, when auto or no :<pathspec> is given, is +/<rd.live.dir>/overlay-<label>-<uuid>, where <label> is the +device LABEL, and <uuid> is the device UUID. +* none (the word itself) specifies that no overlay will be used, such as when +an uncompressed, writable live root filesystem is available.
If a persistent overlay is detected at the standard LiveOS path, the +overlay & overlay type detected, whether Device-mapper or OverlayFS, will be +used.

Examples.Â +

rd.live.overlay=/dev/sdb1:/persistent-overlay.img
+rd.live.overlay=UUID=99440c1f-8daa-41bf-b965-b7240a8996f4

+rd.live.overlay.cowfs=[btrfs|ext4|xfs] +

+Specifies the filesystem to use when formatting the overlay partition. +The default is ext4. +

+rd.live.overlay.size=<size_MiB> +

+Specifies a non-persistent Device-mapper overlay size in MiB. The default is +32768. +

+rd.live.overlay.readonly=1 +

+This is used to boot with a normally read-write persistent overlay in a +read-only mode. With this option, either an additional, non-persistent, +writable snapshot overlay will be stacked over a read-only snapshot, +/dev/mapper/liveâro, of the base filesystem with the persistent overlay, or a +read-only loop device, in the case of a writable rootfs.img, or an OverlayFS +mount will use the persistent overlay directory linked at /run/overlayfsâr as +an additional lower layer along with the base root filesystem and apply a +transient, writable upper directory overlay, in order to complete the booted +root filesystem. +

+rd.live.overlay.reset=1 +

+Specifies that a persistent overlay should be reset on boot. All previous root +filesystem changes are vacated by this action. +

+rd.live.overlay.thin=1 +

+Enables the usage of thin snapshots instead of classic dm snapshots. +The advantage of thin snapshots is that they support discards, and will free +blocks that are not claimed by the filesystem. In this use case, this means +that memory is given back to the kernel when the filesystem does not claim it +anymore. +

+rd.live.overlay.overlayfs=1 +

+Enables the use of the OverlayFS kernel module, if available, to provide a +copy-on-write union directory for the root filesystem. OverlayFS overlays are +directories of the files that have changed on the read-only base (lower) +filesystem. The root filesystem is provided through a special overlay type +mount that merges the lower and upper directories. If an OverlayFS upper +directory is not present on the boot device, a tmpfs directory will be created +at /run/overlayfs to provide temporary storage. Persistent storage can be +provided on vfat or msdos formatted devices by supplying the OverlayFS upper +directory within an embedded filesystem that supports the creation of trusted.* +extended attributes and provides a valid d_type in readdir responses, such as +with ext4 and xfs. On non-vfat-formatted devices, a persistent OverlayFS +overlay can extend the available root filesystem storage up to the capacity of +the LiveOS disk device. +

If a persistent overlay is detected at the standard LiveOS path, the overlay & +overlay type detected, whether OverlayFS or Device-mapper, will be used.

The rd.live.overlay.readonly option, which allows a persistent overlayfs to +be mounted read-only through a higher level transient overlay directory, has +been implemented through the multiple lower layers feature of OverlayFS.

ZIPL

+rd.zipl=<path to blockdevice> +

+ Update the dracut commandline with the values found in the + dracut-cmdline.conf file on the given device. + The values are merged into the existing commandline values + and the udev events are regenerated. +

Example.Â +

rd.zipl=UUID=0fb28157-99e3-4395-adef-da3f7d44835a

CIO_IGNORE

+rd.cio_accept=<device-ids> +

+ Remove the devices listed in <device-ids> from the default + cio_ignore kernel command-line settings. + <device-ids> is a list of comma-separated CCW device ids. + The default for this value is taken from the + /boot/zipl/active_devices.txt file. +

Example.Â +

rd.cio_accept=0.0.0180,0.0.0800,0.0.0801,0.0.0802

Plymouth Boot Splash

+plymouth.enable=0 +: + disable the plymouth bootsplash completely. +
+rd.plymouth=0 +: + disable the plymouth bootsplash only for the initramfs. +

Kernel keys

+masterkey=<kernel master key path name> +

+ Set the path name of the kernel master key. +

Example.Â +

masterkey=/etc/keys/kmk-trusted.blob

+masterkeytype=<kernel master key type> +

+ Set the type of the kernel master key. +

Example.Â +

masterkeytype=trusted

+evmkey=<EVM HMAC key path name> +

+ Set the path name of the EVM HMAC key. +

Example.Â +

evmkey=/etc/keys/evm-trusted.blob

+evmx509=<EVM X.509 cert path name> +

+ Set the path name of the EVM X.509 certificate. +

Example.Â +

evmx509=/etc/keys/x509_evm.der

+ecryptfskey=<eCryptfs key path name> +

+ Set the path name of the eCryptfs key. +

Example.Â +

ecryptfskey=/etc/keys/ecryptfs-trusted.blob

Deprecated, renamed Options

Here is a list of options, which were used in dracut prior to version 008, and +their new replacement.

+rdbreak +: +rd.break +
+rd.ccw +: +rd.znet +
+rd_CCW +: +rd.znet +
+rd_DASD_MOD +: +rd.dasd +
+rd_DASD +: +rd.dasd +
+rdinitdebug rdnetdebug +: +rd.debug +
+rd_NO_DM +: +rd.dm=0 +
+rd_DM_UUID +: +rd.dm.uuid +
+rdblacklist +: +rd.driver.blacklist +
+rdinsmodpost +: +rd.driver.post +
+rdloaddriver +: +rd.driver.pre +
+rd_NO_FSTAB +: +rd.fstab=0 +
+rdinfo +: +rd.info +
+check +: +rd.live.check +
+rdlivedebug +: +rd.live.debug +
+live_dir +: +rd.live.dir +
+liveimg +: +rd.live.image +
+overlay +: +rd.live.overlay +
+readonly_overlay +: +rd.live.overlay.readonly +
+reset_overlay +: +rd.live.overlay.reset +
+live_ram +: +rd.live.ram +
+rd_NO_CRYPTTAB +: +rd.luks.crypttab=0 +
+rd_LUKS_KEYDEV_UUID +: +rd.luks.keydev.uuid +
+rd_LUKS_KEYPATH +: +rd.luks.keypath +
+rd_NO_LUKS +: +rd.luks=0 +
+rd_LUKS_UUID +: +rd.luks.uuid +
+rd_NO_LVMCONF +: +rd.lvm.conf +
+rd_LVM_LV +: +rd.lvm.lv +
+rd_NO_LVM +: +rd.lvm=0 +
+rd_LVM_VG +: +rd.lvm.vg +
+rd_NO_MDADMCONF +: +rd.md.conf=0 +
+rd_NO_MDIMSM +: +rd.md.imsm=0 +
+rd_NO_MD +: +rd.md=0 +
+rd_MD_UUID +: +rd.md.uuid +

rd_NO_MULTIPATH: rd.multipath=0

+rd_NFS_DOMAIN +: +rd.nfs.domain +
+iscsi_initiator +: +rd.iscsi.initiator +
+iscsi_target_name +: +rd.iscsi.target.name +
+iscsi_target_ip +: +rd.iscsi.target.ip +
+iscsi_target_port +: +rd.iscsi.target.port +
+iscsi_target_group +: +rd.iscsi.target.group +
+iscsi_username +: +rd.iscsi.username +
+iscsi_password +: +rd.iscsi.password +
+iscsi_in_username +: +rd.iscsi.in.username +
+iscsi_in_password +: +rd.iscsi.in.password +
+iscsi_firmware +: +rd.iscsi.firmware=0 +
+rd_NO_PLYMOUTH +: +rd.plymouth=0 +
+rd_retry +: +rd.retry +
+rdshell +: +rd.shell +
+rd_NO_SPLASH +: +rd.splash +
+rdudevdebug +: +rd.udev.debug +
+rdudevinfo +: +rd.udev.info +
+rd_NO_ZFCPCONF +: +rd.zfcp.conf=0 +
+rd_ZFCP +: +rd.zfcp +
+rd_ZNET +: +rd.znet +
+KEYMAP +: +vconsole.keymap +
+KEYTABLE +: +vconsole.keymap +
+SYSFONT +: +vconsole.font +
+CONTRANS +: +vconsole.font.map +
+UNIMAP +: +vconsole.font.unimap +
+UNICODE +: +vconsole.unicode +
+EXT_KEYMAP +: +vconsole.keymap.ext +

Configuration in the Initramfs

+/etc/conf.d/ +: + Any files found in /etc/conf.d/ will be sourced in the initramfs to + set initial values. Command line options will override these values + set in the configuration files. +
+/etc/cmdline +: + Can contain additional command line options. Deprecated, better use + /etc/cmdline.d/*.conf. +
+/etc/cmdline.d/*.conf +: + Can contain additional command line options. +

AUTHOR

Harald Hoyer

ChapterÂ 9.Â LSINITRD(1)

Table of Contents

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
AVAILABILITY
AUTHORS
SEE ALSO

NAME

lsinitrd - tool to show the contents of an initramfs image

SYNOPSIS

lsinitrd [OPTIONâ¦] [<image> [<filename> [<filename> [â¦] ]]]

lsinitrd [OPTIONâ¦] -k <kernel version>

DESCRIPTION

lsinitrd shows the contents of an initramfs image. if <image> is omitted, then +lsinitrd uses the default image /efi/<machine-id>/<kernel-version>/initrd, +/boot/<machine-id>/<kernel-version>/initrd, +/boot/efi/<machine-id>/<kernel-version>/initrd, +/lib/modules/<kernel-version>/initrd or +/boot/initramfs-<kernel-version>.img.

OPTIONS

+-h, --help +: + print a help message and exit. +
+-s, --size +: + sort the contents of the initramfs by size. +
+-f, --fileÂ <filename> +: + print the contents of <filename>. +
+-k, --kverÂ <kernel version> +: + inspect the initramfs of <kernel version>. +
+-m, --mod +: + list dracut modules included of the initramfs image. +
+--unpack +: + unpack the initramfs to the current directory, instead of displaying the contents. + If optional filenames are given, will only unpack specified files, else the whole image will be unpacked. + Wonât unpack anything from early cpio part. +
+--unpackearly +: + unpack the early microcode initramfs to the current directory, instead of displaying the contents. + Same as --unpack, but only unpack files from early cpio part. +
+-v, --verbose +: + unpack verbosely +

AVAILABILITY

The lsinitrd command is part of the dracut package and is available from +https://github.com/dracut-ng/dracut-ng

AUTHORS

Harald Hoyer

Amerigo Wang

Nikoli

ChapterÂ 10.Â Developer Manual

ChapterÂ 11.Â DRACUT.MODULES(7)

NAME

dracut.modules - dracut modules

DESCRIPTION

dracut uses a modular system to build and extend the initramfs image. All +modules are located in /usr/lib/dracut/modules.d or in <git-src>/modules.d. +The most basic dracut module is 99base. In 99base the initial shell script +init is defined, which gets run by the kernel after initramfs loading. Although +you can replace init with your own version of 99base, this is not encouraged. +Instead you should use, if possible, the hooks of dracut. All hooks, and the +point of time in which they are executed, are described in the section called âBoot Process Stagesâ.

The main script, which creates the initramfs is dracut itself. It parses all +arguments and sets up the directory, in which everything is installed. It then +executes all check, install, installkernel scripts found in the modules, which +are to be processed. After everything is installed, the install directory is +archived and compressed to the final initramfs image. All helper functions used +by check, install and installkernel are found in in the file dracut-functions. +These shell functions are available to all module installer (install, +installkernel) scripts, without the need to source dracut-functions.

A module can check the preconditions for install and installkernel with the +check script. Also dependencies can be expressed with check. If a module passed +check, install and installkernel will be called to install all of the necessary +files for the module. To split between kernel and non-kernel parts of the +installation, all kernel module related parts have to be in installkernel. All +other files found in a module directory are module specific and mostly are hook +scripts and udev rules.

Boot Process Stages

dracut modules can insert custom script at various points, to control the boot +process. +These hooks are plain directories containing shell scripts ending with ".sh", +which are sourced by init. +Common used functions are in dracut-lib.sh, which can be sourced by any script.

Hook: cmdline

The cmdline hook is a place to insert scripts to parse the kernel command line +and prepare the later actions, like setting up udev rules and configuration +files.

In this hook the most important environment variable is defined: root. The +second one is rootok, which indicates, that a module claimed to be able to parse +the root defined. So for example, root=iscsi:â¦. will be claimed by the +iscsi dracut module, which then sets rootok.

Hook: pre-udev

This hook is executed right after the cmdline hook and a check if root and +rootok were set. Here modules can take action with the final root, and before +udev has been run.

Start Udev

Now udev is started and the logging for udev is setup.

Hook: pre-trigger

In this hook, you can set udev environment variables with udevadm control +--property=KEY=value or control the further execution of udev with +udevadm.

Trigger Udev

udev is triggered by calling udevadm trigger, which sends add events for all +devices and subsystems.

Main Loop

In the main loop of dracut loops until udev has settled and +all scripts in initqueue/finished returned true. +In this loop there are three hooks, where scripts can be inserted +by calling /sbin/initqueue.

Initqueue

This hook gets executed every time a script is inserted here, regardless of the +udev state.

Initqueue settled

This hook (initqueue/settled) gets executed every time udev has settled.

Initqueue timeout

This hook (initqueue/timeout) gets executed, when the main loop counter becomes +half of the rd.retry counter.

Initqueue online

This hook (initqueue/online) gets executed whenever a network interface comes online +(that is, once it is up and configured by the configured network module).

Initqueue finished

This hook (initqueue/finished) is called after udev has settled and +if all scripts herein return 0 the main loop will be ended. +Arbitrary scripts can be added here, to loop in the +initqueue until something happens, which a dracut module wants to wait for.

Hook: pre-mount

Before the root device is mounted all scripts in the hook pre-mount are +executed. In some cases (e.g. NFS) the real root device is already mounted, +though.

Hook: mount

This hook is mainly to mount the real root device.

Hook: pre-pivot

This hook is called before cleanup hook, This is a good place for +actions other than cleanups which need to be called before pivot.

Hook: cleanup

This hook is the last hook and is called before init finally switches root to +the real root device. This is a good place to clean up and kill processes not +needed anymore.

Cleanup and switch_root

Init (or systemd) kills all udev processes, cleans up the environment, +sets up the arguments for the real init process and finally calls switch_root. +switch_root removes the whole filesystem hierarchy of the initramfs, +chroot()s to the real root device and calls /sbin/init with the specified +arguments.

To ensure all files in the initramfs hierarchy can be removed, all processes +still running from the initramfs should not have any open file descriptors left.

Network Infrastructure

FIXME

Writing a Module

A simple example module is 90kernel-modules, which modprobes a kernel module +after udev has settled and the basic device drivers have been loaded.

All module installation information is in the file module-setup.sh.

First we create a check() function, which just exits with 0 indicating that this +module should be included by default.

check():

return 0

Then we create the install() function, which installs a cmdline hook with +priority number 20 called parse-insmodpost.sh. It also installs the +insmodpost.sh script in /sbin.

install():

inst_hook cmdline 20 "$moddir/parse-insmodpost.sh"
+inst_simple "$moddir/insmodpost.sh" /sbin/insmodpost.sh

The parse-instmodpost.sh parses the kernel command line for a argument +rd.driver.post, blacklists the module from being autoloaded and installs the +hook insmodpost.sh in the initqueue/settled.

parse-insmodpost.sh:

for p in $(getargs rd.driver.post=); do
+    echo "blacklist $p" >> /etc/modprobe.d/initramfsblacklist.conf
+    _do_insmodpost=1
+done
+
+[ -n "$_do_insmodpost" ] && /sbin/initqueue --settled --unique --onetime /sbin/insmodpost.sh
+unset _do_insmodpost

insmodpost.sh, which is called in the initqueue/settled hook will just +modprobe the kernel modules specified in all rd.driver.post kernel command line +parameters. It runs after udev has settled and is only called once (--onetime).

insmodpost.sh:

. /lib/dracut-lib.sh
+
+for p in $(getargs rd.driver.post=); do
+    modprobe $p
+done

module-setup.sh: check()

check() is called by dracut to evaluate the inclusion of a dracut module in +the initramfs.

+$hostonly +: +If the $hostonly variable is set, then the module check() function +should be in "hostonly" mode, which means, that the check() should only return +0, if the module is really needed to boot this specific host. +

check() should return with:

+0 +: +Include the dracut module in the initramfs. +
+1 +: +Do not include the dracut module. The requirements are not fulfilled +(missing tools, etc.) +
+255 +: +Only include the dracut module, if another module requires it or if +explicitly specified in the config file or on the argument list. +

module-setup.sh: depends()

The function depends() should echo all other dracut module names the module +depends on.

module-setup.sh: cmdline()

This function should print the kernel command line options needed to boot the +current machine setup. It should start with a space and should not print a +newline.

module-setup.sh: install()

The install() function is called to install everything non-kernel related. +To install binaries, scripts, and other files, you can use the functions +mentioned in [creation].

To address a file in the current module directory, use the variable "$moddir".

module-setup.sh: installkernel()

In installkernel() all kernel related files should be installed. You can use all +of the functions mentioned in [creation] to install files.

Creation Functions

inst_multiple [-o] <file> [ <file> â¦]

installs multiple binaries and files. If executables are specified without a +path, dracut will search the path PATH=/usr/sbin:/sbin:/usr/bin:/bin for the +binary. If the option "-o" is given as the first parameter, a missing file does +not lead to an error.

inst <src> [<dst>]

installs one file <src> either to the same place in the initramfs or to an +optional <dst>. inst with more than two arguments is treated the same as +inst_multiple, all arguments are treated as files to install and none as +install destinations.

inst_hook <hookdir> <prio> <src>

installs an executable/script <src> in the dracut hook <hookdir> with priority +<prio>.

inst_rules <udevrule> [ <udevrule> â¦]

installs one or more udev rules. Non-existent udev rules are reported, but do +not let dracut fail.

instmods <kernelmodule> [ <kernelmodule> â¦ ]

instmods should be used only in the installkernel() function.

instmods installs one or more kernel modules in the initramfs. <kernelmodule> +can also be a whole subsystem, if prefixed with a "=", like "=drivers/net/team".

instmods will not install the kernel module, if $hostonly is set and the kernel +module is not currently needed by any /sys/â¦/uevent MODALIAS. +To install a kernel module regardless of the hostonly mode use the form:

hostonly='' instmods <kernelmodule>

Initramfs Functions

FIXME

Network Modules

FIXME

AUTHOR

Harald Hoyer

ChapterÂ 12.Â DRACUT.BOOTUP(7)

Table of Contents

NAME
DESCRIPTION
AUTHOR
SEE ALSO

NAME

dracut.bootup - boot ordering in the initramfs

DESCRIPTION

This flow chart illustrates the ordering of the services, if systemd is used in +the dracut initramfs.

                                    systemd-journal.socket
+                                               |
+                                               v
+                                    dracut-cmdline.service
+                                               |
+                                               v
+                                    dracut-pre-udev.service
+                                               |
+                                               v
+                                     systemd-udevd.service
+                                               |
+                                               v
+local-fs-pre.target                dracut-pre-trigger.service
+         |                                     |
+         v                                     v
+ (various mounts)  (various swap  systemd-udev-trigger.service
+         |           devices...)               |             (various low-level   (various low-level
+         |               |                     |             services: seed,       API VFS mounts:
+         v               v                     v             tmpfiles, random     mqueue, configfs,
+  local-fs.target   swap.target     dracut-initqueue.service    sysctl, ...)        debugfs, ...)
+         |               |                     |                    |                    |
+         \_______________|____________________ | ___________________|____________________/
+                                              \|/
+                                               v
+                                        sysinit.target
+                                               |
+                             _________________/|\___________________
+                            /                  |                    \
+                            |                  |                    |
+                            v                  |                    v
+                        (various               |              rescue.service
+                       sockets...)             |                    |
+                            |                  |                    v
+                            v                  |              rescue.target
+                     sockets.target            |
+                            |                  |
+                            \_________________ |                                 emergency.service
+                                              \|                                         |
+                                               v                                         v
+                                         basic.target                             emergency.target
+                                               |
+                        ______________________/|
+                       /                       |
+                       |                       v
+                       |            initrd-root-device.target
+                       |                       |
+                       |                       v
+                       |            dracut-pre-mount.service
+                       |                       |
+                       |                       v
+                       |                  sysroot.mount
+                       |                       |
+                       |                       v
+                       |             initrd-root-fs.target
+           (custom initrd services)            |
+                       |                       v
+                       |             dracut-mount.service
+                       |                       |
+                       |                       v
+                       |            initrd-parse-etc.service
+                       |                       |
+                       |                       v
+                       |            (sysroot-usr.mount and
+                       |             various mounts marked
+                       |               with fstab option
+                       |                x-initrd.mount)
+                       |                       |
+                       |                       v
+                       |                initrd-fs.target
+                       \______________________ |
+                                              \|
+                                               v
+                                          initrd.target
+                                               |
+                                               v
+                                    dracut-pre-pivot.service
+                                               |
+                                               v
+                                     initrd-cleanup.service
+                                          isolates to
+                                    initrd-switch-root.target
+                                               |
+                                               v
+                        ______________________/|
+                       /                       |
+                       |        initrd-udevadm-cleanup-db.service
+                       |                       |
+           (custom initrd services)            |
+                       |                       |
+                       \______________________ |
+                                              \|
+                                               v
+                                   initrd-switch-root.target
+                                               |
+                                               v
+                                   initrd-switch-root.service
+                                               |
+                                               v
+                                          switch-root

AUTHOR

Harald Hoyer

AppendixÂ A.Â License

This work is licensed under the Creative Commons Attribution/Share-Alike +License. To view a copy of this license, visit +http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative +Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.

dracut 060

Harald Hoyer

PartÂ I.Â Introduction

ChapterÂ 1.Â Definition

ChapterÂ 2.Â Rationale

ChapterÂ 3.Â Implementation

ChapterÂ 4.Â Mount preparations

ChapterÂ 5.Â Dracut on shutdown

PartÂ II.Â User Manual

ChapterÂ 6.Â DRACUT(8)

NAME

SYNOPSIS

DESCRIPTION

USAGE

Inspecting the Contents

Adding dracut Modules

Omitting dracut Modules

Adding Kernel Modules

Boot parameters

Specifying the root Device

Keyboard Settings

Blacklisting Kernel Modules

Speeding up the Boot Process

Injecting custom Files

Network Boot

Reducing the Image Size

Troubleshooting

Identifying your problem area

Information to include in your report

All bug reports

Network root device related problems

Debugging dracut

Configure a serial console

Note

Using the dracut shell

Accessing the root volume from the dracut shell

Additional dracut boot parameters

Debugging dracut on shutdown

OPTIONS

Note

Note

Note

Note

Note

Note

Note

Note

Note

Note

Note

Warning

Note

Warning

Warning

Warning

Warning

Warning

Warning

ENVIRONMENT

FILES

Configuration in the initramfs

AVAILABILITY

AUTHORS

SEE ALSO

ChapterÂ 7.Â DRACUT.CONF(5)

NAME

SYNOPSIS

Description

Warning

Note

Files

AUTHOR

See Also

ChapterÂ 8.Â DRACUT.CMDLINE(7)

NAME

DESCRIPTION

Standard

iso-scan/filename

Misc

Debug