diff options
639 files changed, 59001 insertions, 0 deletions
diff --git a/.astylerc b/.astylerc new file mode 100644 index 0000000..69115f0 --- /dev/null +++ b/.astylerc @@ -0,0 +1,9 @@ +lineend=linux +style=linux +indent=spaces=8 +convert-tabs +min-conditional-indent=0 +max-instatement-indent=120 +align-pointer=name +max-code-length=120 + diff --git a/.dir-locals.el b/.dir-locals.el new file mode 100644 index 0000000..58a06c1 --- /dev/null +++ b/.dir-locals.el @@ -0,0 +1,25 @@ +; Directory Local Variables +; For more information see (info "(emacs) Directory Variables") +; Sets emacs variables based on mode. +; A list of (major-mode . ((var1 . value1) (var2 . value2))) +; Mode can be nil, which gives default values. +; Characters width is set to 109 for .c and XML but for everything else 79. +; If you update this file make sure to update .vimrc and .editorconfig too. + +((c-mode . ((fill-column . 109) + (c-basic-offset . 8) + (eval . (c-set-offset 'substatement-open 0)) + (eval . (c-set-offset 'statement-case-open 0)) + (eval . (c-set-offset 'case-label 0)) + (eval . (c-set-offset 'arglist-intro '++)) + (eval . (c-set-offset 'arglist-close 0)) + (eval . (c-set-offset 'arglist-cont-nonempty '(c-lineup-gcc-asm-reg c-lineup-arglist))))) + (nxml-mode . ((nxml-child-indent . 2) + (fill-column . 109))) + (meson-mode . ((meson-indent-basic . 8))) + (sh-mode . ((sh-basic-offset . 4) + (sh-indentation . 4))) + (awk-mode . ((c-basic-offset . 8))) + (nil . ((indent-tabs-mode . nil) + (tab-width . 4) + (fill-column . 79))) ) diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..1bcff39 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,39 @@ +# EditorConfig configuration for dracut +# http://EditorConfig.org + +# If you update this file make sure to update .dir-locals.el and .vimrc too. + +# Top-most EditorConfig file +root = true + +# Unix-style newlines with a newline ending every file, utf-8 charset +[*] +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespace = true +charset = utf-8 +indent_style = space +indent_size = 4 +switch_case_indent = true +function_next_line = false +binary_next_line = true +space_redirects = true + +# Match config files, set indent to spaces with width of eight. +[*.{c,h}] +indent_style = space +indent_size = 8 + +# Match config files, set indent to spaces with width of four. +[*.sh] +indent_style = space +indent_size = 4 +switch_case_indent = true +function_next_line = false +binary_next_line = true +space_redirects = true + +# Match xml man pages, set indent to spaces with width of two. +[man/*.xml] +indent_style = space +indent_size = 2 diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..e4362b2 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,9 @@ +# This is a comment. +# Each line is a file pattern followed by one or more owners. + +# These owners will be the default owners for everything in +# the repo. Unless a later match takes precedence, +# @global-owner1 and @global-owner2 will be requested for +# review when someone opens a pull request. +* @haraldh @danimo @johannbg + diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..d57b92a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,26 @@ +--- +name: "\U0001F41B Bug report" +about: A report of an error in a recent Dracut version +labels: 'bug' +--- + +**Describe the bug** +A clear and concise description of what the error is. + +**Distribution used** +Which distribution was this behaviour seen in? + +**Dracut version** +Which dracut version was this behaviour seen in? + +**Init system** +Which init system is being used? + +**To Reproduce** +Steps or code to reproduce the behavior. + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Additional context** +Add any other context you like about the problem here. diff --git a/.github/ISSUE_TEMPLATE/documentation.md b/.github/ISSUE_TEMPLATE/documentation.md new file mode 100644 index 0000000..e3501cc --- /dev/null +++ b/.github/ISSUE_TEMPLATE/documentation.md @@ -0,0 +1,8 @@ +--- +name: "\U0001F4D6 Documentation" +about: Suggest an improvement for documentation in Dracut +labels: 'documents' +--- + +**Describe the documentation** +A clear and concise description of what should be better documented. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..1772c23 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,8 @@ +--- +name: "\U00002728 Feature Request" +about: A request for enhancement in Dracut +labels: 'enhancement' +--- + +**Describe the enhancement** +A clear and concise description of what the enhancement is that you would like to see. diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..3bdd491 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,14 @@ +version: 2 + +# Maintain dependencies for GitHub Actions +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "tuesday" + commit-message: + prefix: "chore" + include: "scope" + ignore: + - dependency-name: "Manual test" diff --git a/.github/labeler.yml b/.github/labeler.yml new file mode 100644 index 0000000..ba47d04 --- /dev/null +++ b/.github/labeler.yml @@ -0,0 +1,292 @@ +repository: + - ./* + +github: + - .github/* + - .github/**/* + +dracut-install: + - install/* + - install/**/* + +example: + - examples/* + - examples/**/* + - examples/**/**/* + +modules: + - modules.d/* + - modules.d/**/* + +bash: + - modules.d/00bash/* + +dash: + - modules.d/00dash/* + +mksh: + - modules.d/00mksh/* + +systemd: + - modules.d/00systemd/* + +warpclock: + - modules.d/00warpclock/* + +fips: + - modules.d/01fips/* + +systemd-initrd: + - modules.d/01systemd-initrd/* + +caps: + - modules.d/02caps/* + +systemd-networkd: + - modules.d/02systemd-networkd/* + +modsign: + - modules.d/03modsign/* + +rescue: + - modules.d/03rescue/* + +watchdog: + - modules.d/04watchdog/* + +busybox: + - modules.d/05busybox/* + +rngd: + - modules.d/06rngd/* + +i18n: + - modules.d/10i18n/* + +convertfs: + - modules.d/30convertfs/* + +network-legacy: + - modules.d/35network-legacy/* + +network-manager: + - modules.d/35network-manager/* + +network: + - modules.d/40network/* + +ifcfg: + - modules.d/45ifcfg/* + +url-lib: + - modules.d/45url-lib/* + +drm: + - modules.d/50drm/* + +plymouth: + - modules.d/50plymouth/* + +cms: + - modules.d/80cms/* + +lvmmerge: + - modules.d/80lvmmerge/* + +cio_ignore: + - modules.d/81cio_ignore/* + +btrfs: + - modules.d/90btrfs/* + +crypt: + - modules.d/90crypt/* + +dm: + - modules.d/90dm/* + +dmraid: + - modules.d/90dmraid/* + +dmsquash-live: + - modules.d/90dmsquash-live/* + +dmsquash-live-ntfs: + - modules.d/90dmsquash-live-ntfs/* + +kernel-modules: + - modules.d/90kernel-modules/* + +kernel-modules-extra: + - modules.d/90kernel-modules-extra/* + +kernel-network-modules: + - modules.d/90kernel-network-modules/* + +livenet: + - modules.d/90livenet/* + +lvm: + - modules.d/90lvm/* + +mdraid: + - modules.d/90mdraid/* + +multipath: + - modules.d/90multipath/* + +nvdimm: + - modules.d/90nvdimm/* + +overlayfs: + - modules.d/90overlayfs/* + +ppcmac: + - modules.d/90ppcmac/* + +qemu: + - modules.d/90qemu/* + +qemu-net: + - modules.d/90qemu-net/* + +crypt-gpg: + - modules.d/91crypt-gpg/* + +crypt-loop: + - modules.d/91crypt-loop/* + +zipl: + - modules.d/91zipl/* + +cifs: + - modules.d/95cifs/* + +dasd: + - modules.d/95dasd/* + +dasd_mod: + - modules.d/95dasd_mod/* + +dasd_rules: + - modules.d/95dasd_rules/* + +dcssblk: + - modules.d/95dcssblk/* + +debug: + - modules.d/95debug/* + +fcoe: + - modules.d/95fcoe/* + +fcoe-uefi: + - modules.d/95fcoe-uefi/* + +fstab-sys: + - modules.d/95fstab-sys/* + +iscsi: + - modules.d/95iscsi/* + +lunmask: + - modules.d/95lunmask/* + +nbd: + - modules.d/95nbd/* + +nfs: + - modules.d/95nfs/* + +nvmf: + - modules.d/95nvmf/* + +qeth_rules: + - modules.d/95qeth_rules/* + +resume: + - modules.d/95resume/* + +rootfs-block: + - modules.d/95rootfs-block/* + +ssh-client: + - modules.d/95ssh-client/* + +terminfo: + - modules.d/95terminfo/* + +udev-rules: + - modules.d/95udev-rules/* + +virtfs: + - modules.d/95virtfs/* + +virtiofs: + - modules.d/95virtiofs/* + +zfcp: + - modules.d/95zfcp/* + +zfcp_rules: + - modules.d/95zfcp_rules/* + +znet: + - modules.d/95znet/* + +securityfs: + - modules.d/96securityfs/* + +biosdevname: + - modules.d/97biosdevname/* + +masterkey: +- modules.d/97masterkey/* + +dracut-systemd: + - modules.d/98dracut-systemd/* + +ecryptfs: + - modules.d/98ecryptfs/* + +integrity: + - modules.d/98integrity/* + +pollcdrom: + - modules.d/98pollcdrom/* + +selinux: + - modules.d/98selinux/* + +syslog: + - modules.d/98syslog/* + +usrmount: + - modules.d/98usrmount/* + +base: + - modules.d/99base/* + +fs-lib: + - modules.d/99fs-lib/* + +img-lib: + - modules.d/99img-lib/* + +memstrack: + - modules.d/99memstrack/* + +shutdown: + - modules.d/99shutdown/* + +squash: + - modules.d/99squash/* + +uefi-lib: + - modules.d/99uefi-lib/* + +test: + - test/* + - test/**/* + - modules.d/80test* + - modules.d/80test*/* diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..ef281c3 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,10 @@ +This pull request changes... + +## Changes + +## Checklist +- [ ] I have tested it locally +- [ ] I have reviewed and updated any documentation if relevant +- [ ] I am providing new code and test(s) for it + +Fixes # diff --git a/.github/stale.yml b/.github/stale.yml new file mode 100644 index 0000000..83343ab --- /dev/null +++ b/.github/stale.yml @@ -0,0 +1,23 @@ +# Number of days of inactivity before an issue becomes stale +daysUntilStale: 30 +# Number of days of inactivity before a stale issue is closed +daysUntilClose: 7 +# Ignore if in a milestone +exemptMilestones: true +# Issues with these labels will never be considered stale +exemptLabels: + - documents + - enhancement + - regression + - wiki + - bug +# Label to use when marking an issue as stale +staleLabel: stale +# Comment to post when marking an issue as stale. Set to `false` to disable +markComment: > + This issue is being marked as stale because it has not had any recent activity. + It will be closed if no further activity occurs. + If this is still an issue in the latest release of Dracut and you would like to keep it open please comment on this issue within the next 7 days. + Thank you for your contributions. +# Comment to post when closing a stale issue. Set to `false` to disable +closeComment: false diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..e6f8e42 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,53 @@ +--- +# vi: ts=2 sw=2 et: +# SPDX-License-Identifier: LGPL-2.1-or-later +# +name: "CodeQL" + +on: + push: + branches: + - master + pull_request: + branches: + - master + +permissions: + contents: read + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-22.04 + concurrency: + group: ${{ github.workflow }}-${{ matrix.language }}-${{ github.ref }} + cancel-in-progress: true + permissions: + actions: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ['cpp', 'python'] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + queries: +security-extended,security-and-quality + + - name: Install dependencies + run: | + sudo apt -y update + sudo apt -y install asciidoc gcc libkmod-dev libsystemd-dev pkg-config + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml new file mode 100644 index 0000000..d8c8808 --- /dev/null +++ b/.github/workflows/container.yml @@ -0,0 +1,56 @@ +name: Container +on: + schedule: + - cron: '30 11 * * *' # every day at 11:30 UTC + push: + branches: [ master ] + paths: + - 'test/container/**' + - '.github/workflows/container.yml' + pull_request: + branches: [ master ] + paths: + - 'test/container/**' + - '.github/workflows/container.yml' + +permissions: + packages: write + contents: read + +jobs: + push_to_registry: + if: github.repository == 'dracutdevs/dracut' || vars.CONTAINER == 'enabled' + name: Build and push containers image to GitHub Packages + runs-on: ubuntu-latest + concurrency: + group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.config.dockerfile }} + cancel-in-progress: true + strategy: + fail-fast: false + matrix: + config: + - { dockerfile: 'Dockerfile-Fedora-latest', tag: 'fedora:latest' } + - { dockerfile: 'Dockerfile-OpenSuse-latest', tag: 'opensuse:latest' } + - { dockerfile: 'Dockerfile-Arch', tag: 'arch:latest' } + - { dockerfile: 'Dockerfile-Debian', tag: 'debian:latest' } + - { dockerfile: 'Dockerfile-Gentoo', tag: 'gentoo:latest' } + - { dockerfile: 'Dockerfile-Ubuntu', tag: 'ubuntu:latest' } + steps: + - name: Check out the repo + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up env + run: echo "repository_owner=${GITHUB_REPOSITORY_OWNER,,}" >>${GITHUB_ENV} + - name: Build and Push Container + uses: docker/build-push-action@v4 + with: + file: test/container/${{ matrix.config.dockerfile }} + tags: ghcr.io/${{env.repository_owner}}/${{ matrix.config.tag }} + push: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml new file mode 100644 index 0000000..ab075b0 --- /dev/null +++ b/.github/workflows/integration.yml @@ -0,0 +1,92 @@ +name: Integration Test + +on: + pull_request: + branches: [ master ] + +env: + DEBUGFAIL: "${{ secrets.ACTIONS_STEP_DEBUG && 'rd.debug' }}" + +jobs: + test: + runs-on: ubuntu-latest + timeout-minutes: 30 + concurrency: + group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }} + cancel-in-progress: true + strategy: + matrix: + container: [ + "arch:latest", + "debian:latest", + "fedora:latest", + "gentoo:latest", + "opensuse:latest", + "ubuntu:latest", + ] + test: [ + "01", + "02", + "03", + "04", + "10", + "11", + "12", + "13", + "14", + "15", + "16", + "17", + "18", + "62", + "98", + ] + fail-fast: false + container: + image: ghcr.io/dracutdevs/${{ matrix.container }} + options: "--privileged -v /dev:/dev" + steps: + - name: "Checkout Repository" + uses: actions/checkout@v1 + with: + fetch-depth: 0 + + - name: "${{ matrix.container }} TEST-${{ matrix.test }}" + run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }} + network: + runs-on: ubuntu-latest + timeout-minutes: 45 + concurrency: + group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }}-${{ matrix.network }} + cancel-in-progress: true + strategy: + matrix: + container: [ + "fedora:latest", + ] + network: [ + "network-manager", + "network-legacy", + #"systemd-networkd", + #"connman", + ] + test: [ + "20", + "30", + "35", + "40", + "60", + # "50", # times out + ] + fail-fast: false + container: + image: ghcr.io/dracutdevs/${{ matrix.container }} + options: "--privileged -v /dev:/dev" + steps: + - name: "Checkout Repository" + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: "${{ matrix.container }} TEST-${{ matrix.test }}" + run: USE_NETWORK=${{ matrix.network }} ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }} diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml new file mode 100644 index 0000000..9fa7a92 --- /dev/null +++ b/.github/workflows/labels.yml @@ -0,0 +1,11 @@ +name: "Pull Request Labeler" + +on: pull_request_target + +jobs: + triage: + runs-on: ubuntu-latest + steps: + - uses: actions/labeler@main + with: + repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..d02b332 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,38 @@ +name: Lint + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + lint-shell: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: shfmt + uses: luizm/action-sh-checker@v0.6.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SHFMT_OPTS: -s # arguments to shfmt. + with: + sh_checker_shellcheck_disable: false + sh_checker_comment: true + + lint-c: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: install tools + run: sudo apt-get install astyle + + - name: indent + run: make indent-c + + - name: check formatting + run: git diff --exit-code diff --git a/.github/workflows/manualtest.yml b/.github/workflows/manualtest.yml new file mode 100644 index 0000000..b790dcf --- /dev/null +++ b/.github/workflows/manualtest.yml @@ -0,0 +1,38 @@ +name: Manual test + +on: + workflow_dispatch: + inputs: + test: + description: "Array of tests to run, such as [11,12]" + default: "['04']" + required: true + container: + type: choice + description: 'distro' + default: 'fedora' + options: + - "fedora" + - "arch" + - "debian" + - "ubuntu" + - "opensuse" + - "gentoo" + +jobs: + test: + runs-on: ubuntu-latest + timeout-minutes: 45 + strategy: + matrix: + test: ${{ fromJSON(inputs.test) }} + container: + image: ghcr.io/dracutdevs/${{ inputs.container }} + options: "--privileged -v /dev:/dev" + steps: + - name: "Checkout Repository" + uses: actions/checkout@v1 + with: + fetch-depth: 0 + - name: "${{ inputs.container }} ${{ matrix.test }}" + run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml new file mode 100644 index 0000000..60ca1db --- /dev/null +++ b/.github/workflows/pr.yml @@ -0,0 +1,19 @@ +name: Commisery +on: + pull_request: + types: [edited, opened, synchronize, reopened] + +jobs: + commit-message: + name: Conventional Commit Message Checker (Commisery) + runs-on: ubuntu-latest + steps: + - name: Check-out the repo under $GITHUB_WORKSPACE + uses: actions/checkout@v3 + + - name: Run Commisery + uses: dracutdevs/commisery-action@master + with: + token: ${{ secrets.GITHUB_TOKEN }} + pull_request: ${{ github.event.number }} + diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..7497d6e --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,34 @@ +name: Release + +on: + schedule: + ## Schedule the job to run on Apr-1, Aug-1, Dec-1 + - cron: '0 0 1 APR,AUG,DEC *' + workflow_dispatch: + inputs: + tag: + description: "release version number (3 digits)" + required: true + +permissions: + contents: write + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Build + run: bash ${GITHUB_WORKSPACE}/tools/release.sh ${{ inputs.tag }} + + - name: Release + if: ${{ env.new_version }} + uses: softprops/action-gh-release@v0.1.15 + with: + tag_name: ${{ env.new_version }} + name: dracut-${{ env.new_version }} + body_path: ${{ github.workspace }}/release.md diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8404b7a --- /dev/null +++ b/.gitignore @@ -0,0 +1,29 @@ +/Makefile.inc +/man/dracut.8 +/man/dracut-catimages.8 +/man/dracut.conf.5 +/dracut.conf.d/*.conf +/man/dracut.cmdline.7 +/dracut.html +/man/dracut.kernel.7 +/man/dracut.bootup.7 +/man/dracut.modules.7 +/man/lsinitrd.1 +/dracut.pc +/dracut-install +/modules.d/99base/switch_root +/test/*/test.log +/test/*/.testdir +test*.img +/.buildpath +/.project +/src/install/dracut-install +/*.rpm +/*.[0-9] +/modules.d/98dracut-systemd/*.service.8 +/*.sign +*.o +/src/skipcpio/skipcpio +/src/util/util +/dracut-util +.idea/ diff --git a/.kateconfig b/.kateconfig new file mode 100644 index 0000000..42c7096 --- /dev/null +++ b/.kateconfig @@ -0,0 +1,2 @@ +kate: space-indent on; tab-width 4; indent-width 4; replace-tabs on; eol unix; +kate-mimetype(text/x-c): tab-width 8; indent-width 8; diff --git a/.kateproject b/.kateproject new file mode 100644 index 0000000..0a0d5da --- /dev/null +++ b/.kateproject @@ -0,0 +1,9 @@ +{ + "name": "Dracut" + , "files": [ { "git": 1 } ] + , "build": { + "directory": "./" + , "build": "make -j $(getconf _NPROCESSORS_ONLN) all" + , "clean": "make clean" + } +} diff --git a/.mailmap b/.mailmap new file mode 100644 index 0000000..2ca3f74 --- /dev/null +++ b/.mailmap @@ -0,0 +1,38 @@ +Philippe Seewer <philippe.seewer@bfh.ch> <philippe.seewer-omB+W0Dpw2o@public.gmane.org> +Seewer Philippe <philippe.seewer@bfh.ch> <philippe.seewer@bfh.ch> +Philippe Seewer <philippe.seewer@bfh.ch> <philippe.seewer@bfh.ch> +Victor Lowther <victor.lowther@gmail.com> <victor.lowther-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> +Harald Hoyer <harald@profian.com> <harald-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> +Harald Hoyer <harald@profian.com> <harald@eeepc.(none)> +Harald Hoyer <harald@profian.com> <harald@hoyer.xyz> +Harald Hoyer <harald@profian.com> <harald@redhat.com> +Mike Snitzer <snitzer@redhat.com> <msnitzer@redhat.com> +Amerigo Wang <amwang@redhat.com> <xiyou.wangcong@gmail.com> +Andrey Borzenkov <arvidjaar@gmail.com> <arvidjaar@mail.ru> +Dan Horák <dhorak@redhat.com> <dan@danny.cz> +John Reiser <jreiser@bitwagon.com> <jreiser@BitWagon.com> +Luca Berra <bluca@vodka.it> <bluca@comedia.it> +Dave Young <dyoung@redhat.com> <dyoung@redhat.com> +Dave Young <dyoung@redhat.com> <dave@redhat.com> +Frederick Grose <fgrose@sugarlabs.org> <fgrose@gmail.com> +Frederic Crozat <fcrozat@suse.com> <fcrozat@mandriva.com> +Shawn W Dunn <sfalken@opensuse.org> <sfalken@opensuse.org> +Kyle McMartin <kmcmarti@redhat.com> <kyle@redhat.com> +Angelo "pallotron" Failla <pallotron@fb.com> <pallotron@fb.com> +Yu Watanabe <watanabe.yu+github@gmail.com> +Martin Wilck <mwilck@suse.de> <mwilck@suse.com> +Thomas Renninger <trenn@suse.com> <trenn@suse.de> +Andrey Borzenkov <arvidjaar@gmail.com> +Cristian Rodríguez <crrodriguez@opensuse.org> +Daniel Drake <drake@endlessm.com> <dsd@laptop.org> +Fabian Vogt <fvogt@suse.com> +Hannes Reinecke <hare@suse.com> <hare@suse.de> +Julian Wolf <juwolf@suse.com> <juwolf@suse.de> +Lidong Zhong <lidong.zhong@suse.com> <lzhong@suse.com> +Nikoli <nikoli@gmx.us> <nikoli@lavabit.com> +Peter Robinson <pbrobinson@fedoraproject.org> <pbrobinson@gmail.com> +Xunlei Pang <xlpang@redhat.com> <xpang@redhat.com> +Daniel Molkentin <daniel.molkentin@suse.com> <dmolkentin@suse.com> +Thomas Blume <thomas.blume@suse.com> <Thomas.Blume@suse.com> +Brian C. Lane <bcl@redhat.com> <bcl@brianlane.com> +Tomasz Paweł Gajc <tpgxyz@gmail.com> <tpgxyz@gmail.com> diff --git a/.shellcheckrc b/.shellcheckrc new file mode 100644 index 0000000..ce5c883 --- /dev/null +++ b/.shellcheckrc @@ -0,0 +1,34 @@ +# SC2039: In POSIX sh, 'local' is undefined. +# https://github.com/koalaman/shellcheck/wiki/SC2039 +disable=SC2039 + +# SC2166: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined. +# https://github.com/koalaman/shellcheck/wiki/SC2166 +disable=SC2166 + +# SC2154: Variable is referenced but not assigned +# https://github.com/koalaman/shellcheck/wiki/SC2154 +disable=SC2154 + +# SC1091: Not following <file> +# https://github.com/koalaman/shellcheck/wiki/SC1091 +disable=SC1091 + +# SC2174: When used with -p, -m only applies to the deepest directory. +# https://github.com/koalaman/shellcheck/wiki/SC2174 +disable=SC2174 + +# SC3043: In POSIX sh, 'local' is undefined. +# https://github.com/koalaman/shellcheck/wiki/SC3043 +# ... but dash supports it +disable=SC3043 + +# SC3013: In POSIX sh, -ef is undefined. +# https://github.com/koalaman/shellcheck/wiki/SC3013 +# ... but dash supports it +disable=SC3013 + +# SC3045: In POSIX sh, read -p is undefined. +# https://github.com/koalaman/shellcheck/wiki/SC3045 +# ... but dash supports it +disable=SC3045 @@ -0,0 +1,15 @@ +" Vim can use per directory configuration files like this. +" To enable that feature two lines are needed in your ~/.vimrc +" set exrc " enables per-directory .vimrc files +" set secure " disable unsafe commands in local .vimrc files +" Characters width is set to 109 for .c and XML but for everything else 79. +" If you update this file make sure to update .dir-locals.el & .editorconfig + +set tabstop=4 +set shiftwidth=4 +set expandtab +set makeprg=GCC_COLORS=\ make +set tw=79 +au BufRead,BufNewFile *.xml set tw=109 shiftwidth=2 smarttab +au FileType sh set tw=80 shiftwidth=4 smarttab +au FileType c set tw=109 shiftwidth=8 tabstop=8 smarttab expandtab @@ -0,0 +1,388 @@ +Harald Hoyer <harald@profian.com> +Victor Lowther <victor.lowther@gmail.com> +Jóhann B. Guðmundsson <johannbg@gmail.com> +Antonio Alvarez Feijoo <antonio.feijoo@suse.com> +Laszlo Gombos <laszlo.gombos@gmail.com> +Amadeusz Żołnowski <aidecoe@aidecoe.name> +Daniel Molkentin <daniel.molkentin@suse.com> +Hannes Reinecke <hare@suse.com> +Kairui Song <kasong@redhat.com> +Will Woods <wwoods@redhat.com> +Philippe Seewer <philippe.seewer@bfh.ch> +Warren Togami <wtogami@redhat.com> +Dave Young <dyoung@redhat.com> +Martin Wilck <mwilck@suse.de> +Jeremy Katz <katzj@redhat.com> +Lukas Nykryn <lnykryn@redhat.com> +David Dillow <dave@thedillows.org> +Lubomir Rintel <lkundrak@v3.sk> +Henrik Gombos <henrik99999@gmail.com> +Michal Soltys <soltys@ziu.info> +Colin Guthrie <colin@mageia.org> +Amerigo Wang <amwang@redhat.com> +Thomas Renninger <trenn@suse.com> +Frederick Grose <fgrose@sugarlabs.org> +Alexander Tsoy <alexander@tsoy.me> +Beniamino Galvani <bgalvani@redhat.com> +наб <nabijaczleweli@nabijaczleweli.xyz> +WANG Chao <chaowang@redhat.com> +Jonathan Lebon <jonathan@jlebon.com> +Yu Watanabe <watanabe.yu+github@gmail.com> +Andrey Borzenkov <arvidjaar@gmail.com> +David Disseldorp <ddiss@suse.de> +David Tardon <dtardon@redhat.com> +Frantisek Sumsal <frantisek@sumsal.cz> +Peter Robinson <pbrobinson@fedoraproject.org> +Hans de Goede <hdegoede@redhat.com> +Pavel Valena <pvalena@redhat.com> +Thomas Blume <thomas.blume@suse.com> +Benjamin Drung <benjamin.drung@canonical.com> +Peter Jones <pjones@redhat.com> +Andreas Thienemann <andreas@bawue.net> +Marcos Mello <marcosfrm@gmail.com> +Renaud Métrich <rmetrich@redhat.com> +Tomasz Paweł Gajc <tpgxyz@gmail.com> +Brian C. Lane <bcl@redhat.com> +Fabian Vogt <fvogt@suse.com> +Nicolas Chauvet <kwizart@gmail.com> +Zoltán Böszörményi <zboszor@pr.hu> +Colin Walters <walters@verbum.org> +John Reiser <jreiser@bitwagon.com> +Luca Berra <bluca@vodka.it> +Shreenidhi Shedi <sshedi@vmware.com> +Xunlei Pang <xlpang@redhat.com> +Daniel Drake <drake@endlessm.com> +David Teigland <teigland@redhat.com> +Dusty Mabe <dusty@dustymabe.com> +Kairui Song <kasong@tencent.com> +Angelo "pallotron" Failla <pallotron@fb.com> +Dan Horák <dhorak@redhat.com> +Mike Gilbert <floppym@gentoo.org> +Ville Skyttä <ville.skytta@iki.fi> +Adrien Thierry <athierry@redhat.com> +Böszörményi Zoltán <zboszor@pr.hu> +Cristian Rodríguez <crrodriguez@opensuse.org> +Javier Martinez Canillas <javierm@redhat.com> +Mikhail Novosyolov <m.novosyolov@rosalinux.ru> +Ondrej Mosnacek <omosnace@redhat.com> +Tao Liu <ltao@redhat.com> +Baoquan He <bhe@redhat.com> +Brendan Germain <brendan.germain@nasdaqomx.com> +Jonas Witschel <diabonas@gmx.de> +Leho Kraav <leho@kraav.com> +Moritz Maxeiner <moritz@ucworks.org> +Nathan Rini <nate@ucar.edu> +Radek Vykydal <rvykydal@redhat.com> +Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> +Đoàn Trần Công Danh <congdanhqx@gmail.com> +Fabian Deutsch <fabiand@fedoraproject.org> +Kamil Rytarowski <n54@gmx.com> +Lidong Zhong <lidong.zhong@suse.com> +Marc Grimme <grimme@atix.de> +NeilBrown <neilb@suse.de> +Peter Rajnoha <prajnoha@redhat.com> +Thorsten Behrens <tbehrens@suse.com> +q66 <daniel@octaforge.org> +Adam Williamson <awilliam@redhat.com> +Andrew Ammerlaan <andrewammerlaan@gentoo.org> +Chao Wang <chaowang@redhat.com> +Frederic Crozat <fcrozat@suse.com> +James Lee <jlee@thestaticvoid.com> +Jesse Keating <jkeating@redhat.com> +Masahiro Matsuya <mmatsuya@redhat.com> +Milan Broz <mbroz@redhat.com> +Mimi Zohar <zohar@linux.vnet.ibm.com> +Norbert Lange <norbert.lange@andritz.com> +Pingfan Liu <piliu@redhat.com> +Roberto Sassu <roberto.sassu@polito.it> +Stefan Reimer <it@startux.de> +Takashi Iwai <tiwai@suse.de> +Tony Asleson <tasleson@redhat.com> +Zoltán Böszörményi <zboszor@gmail.com> +Anton Blanchard <anton@samba.org> +Bill Nottingham <notting@redhat.com> +Chapman Flack <g2@anastigmatix.net> +Chris Leech <cleech@redhat.com> +David Cantrell <dcantrell@redhat.com> +Dennis Gilmore <dennis@ausil.us> +Doan Tran Cong Danh <congdanhqx@gmail.com> +Gaël PORTAY <gael.portay@collabora.com> +Jan Synacek <jsynacek@redhat.com> +Jiri Konecny <jkonecny@redhat.com> +Jon Ander Hernandez <jonan.h@gmail.com> +Juan RP <xtraeme@gmail.com> +Lance Albertson <lance@osuosl.org> +Marian Ganisin <mganisin@redhat.com> +Matt Coleman <matt@datto.com> +Matthias Gerstner <matthias.gerstner@suse.de> +Max Resch <resch.max@gmail.com> +Michael Ploujnikov <plouj@somanetworks.com> +Michal Koutný <mkoutny@suse.com> +Nicolas Porcel <nicolasporcel06@gmail.com> +Pratyush Anand <panand@redhat.com> +Silvio Fricke <silvio.fricke@gmail.com> +Stefan Berger <stefanb@linux.ibm.com> +Steven Brudenell <steven.brudenell@gmail.com> +Stig Telfer <stelfer@cray.com> +Thomas Backlund <tmb@mageia.org> +Topi Miettinen <toiwoton@gmail.com> +Vasiliy Tolstov <v.tolstov@selfip.ru> +Wim Muskee <wimmuskee@gmail.com> +keentux <valentin.lefebvre@suse.com> +Alan Jenkins <alan-jenkins@tuffmail.co.uk> +Alan Pevec <apevec@redhat.com> +Alberto Planas <aplanas@suse.com> +Alex Harpin <development@landsofshadow.co.uk> +Alexander Wenzel <alexander.wenzel@qbeyond.de> +Alexey Shabalin <shaba@altlinux.org> +Andre Russ <andre.russ@sap.com> +Andreas Schwab <schwab@suse.de> +Ankit Kumar <ankit@linux.vnet.ibm.com> +Antony Messerli <amesserl@rackspace.com> +Chao Fan <cfan@redhat.com> +Coiby Xu <coxu@redhat.com> +Cornelius Hoffmann <coding@hoffmn.de> +Daniel Cordero <dracut@0xdc.io> +Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Daniel Schaal <farbing@web.de> +Denis Silakov <dsilakov@virtuozzo.com> +Dimitri John Ledkov <dimitri.j.ledkov@intel.com> +Erwan Velu <erwan.velu@enovance.com> +Evgeny Vereshchagin <evvers@ya.ru> +German Maglione <gmaglione@redhat.com> +Guido Trentalancia <guido@trentalancia.net> +Hari Bathini <hbathini@linux.ibm.com> +Hari Bathini <hbathini@linux.vnet.ibm.com> +Ian Dall <ian@beware.dropbear.id.au> +Imran Haider <imran1008@gmail.com> +James Buren <ryuo@frugalware.org> +Jan Macku <jamacku@redhat.com> +Joey Boggs <jboggs@redhat.com> +José María Fernández <josemariafg@gmail.com> +Julian Wolf <juwolf@suse.com> +Koen Kooi <koen@dominion.thruhere.net> +Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> +Kyle McMartin <kmcmarti@redhat.com> +Lee Duncan <lduncan@suse.com> +LinkTed <link.ted@mailbox.org> +Luiz Angelo Daros de Luca <luizluca@gmail.com> +Lukas Wunner <lukas@wunner.de> +Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Marko Myllynen <myllynen@redhat.com> +Matthew Thode <mthode@mthode.org> +Mike Snitzer <snitzer@redhat.com> +Minfei Huang <mhuang@redhat.com> +Nikoli <nikoli@gmx.us> +Patrick Talbert <ptalbert@redhat.com> +Pedro Monreal <pmgdeb@gmail.com> +Petr Pavlu <petr.pavlu@suse.com> +Przemysław Rudy <prudy1@o2.pl> +Robert LeBlanc <robert@leblancnet.us> +Robert Scheck <robert@fedoraproject.org> +Stefan Berger <stefanb@us.ibm.com> +Thomas Lange <lange@informatik.uni-koeln.de> +Tianhao Chai <cth451@gmail.com> +Till Maas <opensource@till.name> +Vivek Goyal <vgoyal@redhat.com> +Vladislav Bogdanov <bubble@hoster-ok.com> +nkraetzschmar <nkraetzschmar@users.noreply.github.com> +Érico Rolim <erico.erc@gmail.com> +“Masahiro <mmatsuya@redhat.com> +0x5c <dev@0x5c.io> +A. Wilcox <AWilcox@Wilcox-Tech.com> +Adam Alves <adamoa@gmail.com> +Alexander Kurtz <alexander@kurtz.be> +Alexander Miroshnichenko <alex@millerson.name> +Alexander Sosedkin <asosedkin@redhat.com> +Alexander Todorov <atodorov@redhat.com> +Alexey Kodanev <alexey.kodanev@oracle.com> +Andreas Stieger <astieger@suse.com> +Andrew Halaney <ahalaney@redhat.com> +Andrew J. Hesford <ajh@sideband.org> +Andrey Sokolov <keremet@altlinux.org> +Andy Lutomirski <luto@mit.edu> +Anjali Kulkarni <anjali.k.kulkarni@oracle.com> +Anssi Hannula <anssi@mageia.org> +Antz <antzz@protonmail.ch> +Arnaud Rebillout <arnaud.rebillout@collabora.com> +Artem Savkov <asavkov@redhat.com> +Attila Bruncsak <bruncsak@users.noreply.github.com> +B. Wilson <x@wilsonb.com> +Ben Howard <ben.howard@redhat.com> +Benjamin Gilbert <bgilbert@redhat.com> +Benjamin Marzinski <bmarzins@redhat.com> +Brandon Philips <brandon@ifup.co> +Brandon Sloane <btsloane@verizon.net> +Bruno E. O. Meneguele <bmeneg@redhat.com> +Bryn M. Reeves <bmr@redhat.com> +Canek Peláez Valdés <caneko@gmail.com> +Carlo Caione <carlo@endlessm.com> +Chad Dupuis <chad.dupuis@cavium.com> +Charles Rose <charles.rose@dell.com> +Christian Heinz <christian.ch.heinz@gmail.com> +Cole Robinson <crobinso@redhat.com> +Cong Wang <amwang@redhat.com> +Conrad Hoffmann <ch@bitfehler.net> +Daan De Meyer <daan.j.demeyer@gmail.com> +Dan Fuhry <dfuhry@datto.com> +Daniel McIlvaney <damcilva@microsoft.com> +Dave Jones <davej@redhat.com> +David Hildenbrand <david@redhat.com> +David Michael <david.michael@coreos.com> +Denis Volkov <denis@simpletexting.net> +Dennis Schridde <devurandom@gmx.net> +Derek Hageman <hageman@inthat.cloud> +Derek Higgins <derekh@redhat.com> +Dirk Müller <dirk@dmllr.de> +Dmitry Klochkov <dmitry.klochkov@bell-sw.com> +Donovan Tremura <neurognostic@protonmail.ch> +Duane Griffin <duaneg@dghda.com> +Elan Ruusamäe <glen@delfi.ee> +Emanuele Giuseppe Esposito <eesposit@redhat.com> +Enno Boland <g@s01.de> +Enzo Matsumiya <ematsumiya@suse.de> +Eugene S. Sobolev <sobolev@protei.ru> +Eugene Syromiatnikov <esyr@redhat.com> +Evgeni Golov <evgeni@golov.de> +Fabian Vogt <fvogt@suse.de> +Florian Albrechtskirchinger <falbrechtskirchinger@gmail.com> +Florian Gamböck <mail@floga.de> +Frank Deng <frank.deng@oracle.com> +François Cami <fcami@fedoraproject.org> +Frederick Grose <4335897+FGrose@users.noreply.github.com> +Gerd von Egidy <gerd.von.egidy@intra2net.com> +Glen Gray <slaine@slaine.org> +Glenn Morris <rgm@stanford.edu> +GuoChuang <guo.chuang@zte.com.cn> +HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com> +Hendrik Brueckner <brueckner@linux.ibm.com> +Hermann Gausterer <git-dracut-2012@mrq1.org> +Hiroaki Mizuguchi <hiroaki-m@iij.ad.jp> +Hongxu Jia <hongxu.jia@windriver.com> +Hui Wang <john.wanghui@huawei.com> +Ignaz Forster <iforster@suse.com> +Jacob Wen <jian.w.wen@oracle.com> +James Laska <jlaska@redhat.com> +James Morris <morisja@gmail.com> +Jan Stodola <jstodola@redhat.com> +Jaroslav Jindrak <dzejrou@gmail.com> +Jason Dana <jasondana@quarksecurity.com> +Jens Heise <46450477+heisej@users.noreply.github.com> +Jeremy Linton <jlinton@redhat.com> +Jeremy Linton <lintonrjeremy@gmail.com> +Jiri Pirko <jiri@resnulli.us> +Joe Lawrence <Joe.Lawrence@stratus.com> +Johannes Thumshirn <jthumshirn@suse.com> +John Meneghini <jmeneghi@redhat.com> +Jonas Jelten <jj@sft.lol> +Jonas Jonsson <jonas@websystem.se> +Jonas Witschel <diabonas@archlinux.org> +Kenneth D'souza <kennethdsouza94@gmail.com> +Kevin Yung <Kevin.Yung@myob.com> +Khem Raj <raj.khem@gmail.com> +Lars R. Damerow <lars@pixar.com> +Lars Wendler <polynomial-c@gentoo.org> +Laura Hild <lsh@jlab.org> +Lennart Poettering <lennart@poettering.net> +Lennert Buytenhek <buytenh@wantstofly.org> +Lev Veyde <lveyde@redhat.com> +Lianbo Jiang <lijiang@redhat.com> +Luca BRUNO <luca.bruno@coreos.com> +Lucas C. Villa Real <lucasvr@gmail.com> +Major Hayden <major@mhtx.net> +Marc-Antoine Perennou <Marc-Antoine@Perennou.com> +Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> +Marian Csontos <mcsontos@redhat.com> +Mark Fasheh <mfasheh@suse.de> +Matt <smoothsailing72@hotmail.com> +Matt Smith <shadowfax@gmx.com> +Matthias Berndt <matthias_berndt@gmx.de> +Mei Liu <liumbj@linux.vnet.ibm.com> +Michael Chapman <mike@very.puzzling.org> +Michael McCracken <michael.mccracken@gmail.com> +Michal Hecko <mhecko@redhat.com> +Michal Schmidt <mschmidt@redhat.com> +Michal Sekletar <msekleta@redhat.com> +Michał Zegan <webczat@outlook.com> +Mike Gorse <mgorse@suse.com> +Moritz 'Morty' Strübe <morty@gmx.net> +Morten Linderud <morten@linderud.pw> +Munehiro Matsuda <haro@kgt.co.jp> +Neal Gompa <neal@gompa.dev> +Nicolas Saenz Julienne <nsaenzjulienne@suse.de> +Olivier Blin <dev@blino.org> +Ondrej Dubaj <odubaj@redhat.com> +P J P <ppandit@redhat.com> +Paolo Bonzini <pbonzini@redhat.com> +Paul Robins <exp@users.noreply.github.com> +Pavel Zhukov <pzhukov@redhat.com> +Pawel Wieczorkiewicz <pwieczorkiewicz@suse.de> +Pekka Wallendahl <wyrmiyu@gmail.com> +Peter Georg <peter.georg@physik.uni-regensburg.de> +Peter Levine <plevine457@gmail.com> +Petr Tesarik <ptesarik@suse.com> +Petr Vorel <pvorel@suse.cz> +Prarit Bhargava <prarit@redhat.com> +Praveen_Paladugu@Dell.com <Praveen_Paladugu@Dell.com> +Pádraig Brady <P@draigBrady.com> +Quentin Armitage <quentin@armitage.org.uk> +Robert Buchholz <rbu@goodpoint.de> +Ruben Kerkhof <ruben@rubenkerkhof.com> +Rumbaut Thomas <Thomas.Rumbaut@digipolis.gent> +Rusty Bird <rustybird@openmailbox.org> +Sam James <sam@gentoo.org> +Savyasachee Jha <genghizkhan91@hawkradius.com> +Scott Moser <smoser@brickies.net> +Sebastian Mitterle <smitterl@redhat.com> +Sergei Iudin <tsipa740@gmail.com> +Sergey Fionov <fionov@gmail.com> +Sergio E. Nemirowski <sergio@outerface.net> +Shawn W Dunn <sfalken@opensuse.org> +Srinivasa T N <seenutn@linux.vnet.ibm.com> +Stijn Hoop <stijn@sandcat.nl> +Sullivan (CTR), Austin <austin.sullivan.ctr@progeny.net> +Thierry Vignaud <thierry.vignaud@gmail.com> +Thilo Bangert <thilo.bangert@gmx.net> +Thomas Abraham <tabraham@suse.com> +Thomas Haller <thaller@redhat.com> +Tobias Geerinckx <tobias.geerinckx@gmail.com> +Tobias Klauser <tklauser@distanz.ch> +Tom Gundersen <teg@jklm.no> +Tomasz Torcz <tomek@pipebreaker.pl> +Tong Li <tonli@redhat.com> +Vadim Kuznetsov <vadimk@gentoo.org> +Valentin Lefebvre <valentin.lefebvre@suse.com> +Vaughan Cao <vaughan.cao@oracle.com> +Vitaly Kuznetsov <vkuznets@redhat.com> +Vladius25 <vkorol2509@icloud.com> +Vratislav Podzimek <vpodzime@redhat.com> +Wenchao Hao <haowenchao@huawei.com> +Yang Liu <50459973+ly4096x@users.noreply.github.com> +Yanko Kaneti <yaneti@declera.com> +Zhiguo Deng <bjzgdeng@linux.vnet.ibm.com> +Ziyue Yang <ziyang@redhat.com> +foopub <45460217+foopub@users.noreply.github.com> +gaoyi <ymuemc@163.com> +gombi <gombi@> +honza801 <honza801@gmail.com> +jbash aka John Bashinski <jbash@velvet.com> +jloeser <jloeser@suse.de> +joamonwx <unknown> +johannes <johannes.brechtmann@gmail.com> +jonathan-teh <30538043+jonathan-teh@users.noreply.github.com> +joshuacov1 <joshuacov@gmail.com> +lapseofreason <lapseofreason0@gmail.com> +leo-lb <lle-bout@zaclys.net> +lilinjie <lilinjie@uniontech.com> +logan <logancaldwell23@gmail.com> +masem <matej.semian@gmail.com> +maximilian attems <max@stro.at> +mulhern <amulhern@redhat.com> +mwberry <mwberry@users.noreply.github.com> +nabijaczleweli <nabijaczleweli@gmail.com> +privb0x23 <privb0x23@users.noreply.github.com> +realtime-neil <neil@rtr.ai> +runsisi <runsisi@hust.edu.cn> +tupper <tupper.bob@gmail.com> +xtraeme <xtraeme@voidlinux.eu> +Дамјан Георгиевски <gdamjan@gmail.com> diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..d8605d7 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,22 @@ +We welcome contributions from everyone. However, please follow the following guidelines when posting a GitHub Pull Request or filing a GitHub Issue on the dracut project: + +By participating in this project, you agree to abide by the [code of conduct](docs/CODE_OF_CONDUCT.md). + +# Filing Issues +We use GitHub Issues exclusively for tracking bugs and feature requests of dracut. + +We only track bugs in the two most recently released versions of dracut in the GitHub Issue tracker. +If you are using an older version of dracut, please contact your distribution's bug tracker instead (see below). See GitHub Release Page for the list of most recent releases. + +When filing an issue, specify the dracut version you are experiencing the issue with. Also, indicate which distribution you are using. +Please include an explanation how to reproduce the issue you are pointing out. + +For more information on Coding Style and Commit messages see [Dracut Developer Guidelines](docs/HACKING.md). + +# Older or downstream versions +For older or downstream versions that are still supported by your distribution please use respective downstream tracker: + +[Debian](https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=dracut) +[Fedora](https://bugzilla.redhat.com/buglist.cgi?quicksearch=dracut) +[Gentoo](https://bugs.gentoo.org/buglist.cgi?quicksearch=dracut) +[openSUSE](https://bugzilla.opensuse.org/buglist.cgi?quicksearch=dracut) @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..333cd68 --- /dev/null +++ b/Makefile @@ -0,0 +1,300 @@ +-include dracut-version.sh + +DRACUT_MAIN_VERSION ?= $(shell env GIT_CEILING_DIRECTORIES=$(CURDIR)/.. git describe --abbrev=0 --tags --always 2>/dev/null || :) +ifeq ($(DRACUT_MAIN_VERSION),) +DRACUT_MAIN_VERSION = $(DRACUT_VERSION) +endif +DRACUT_FULL_VERSION ?= $(shell env GIT_CEILING_DIRECTORIES=$(CURDIR)/.. git describe --tags --always 2>/dev/null || :) +ifeq ($(DRACUT_FULL_VERSION),) +DRACUT_FULL_VERSION = $(DRACUT_VERSION) +endif + +HAVE_SHELLCHECK ?= $(shell command -v shellcheck >/dev/null 2>&1 && echo yes) +HAVE_SHFMT ?= $(shell command -v shfmt >/dev/null 2>&1 && echo yes) + +-include Makefile.inc + +KVERSION ?= $(shell uname -r) + +prefix ?= /usr +libdir ?= ${prefix}/lib +datadir ?= ${prefix}/share +pkglibdir ?= ${libdir}/dracut +sysconfdir ?= ${prefix}/etc +bindir ?= ${prefix}/bin +mandir ?= ${prefix}/share/man +CFLAGS ?= -O2 -g -Wall -std=gnu99 -D_FILE_OFFSET_BITS=64 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 +bashcompletiondir ?= ${datadir}/bash-completion/completions +pkgconfigdatadir ?= $(datadir)/pkgconfig + +man1pages = man/lsinitrd.1 + +man5pages = man/dracut.conf.5 + +man7pages = man/dracut.cmdline.7 \ + man/dracut.bootup.7 \ + man/dracut.modules.7 + +man8pages = man/dracut.8 \ + man/dracut-catimages.8 \ + modules.d/98dracut-systemd/dracut-cmdline.service.8 \ + modules.d/98dracut-systemd/dracut-initqueue.service.8 \ + modules.d/98dracut-systemd/dracut-mount.service.8 \ + modules.d/98dracut-systemd/dracut-shutdown.service.8 \ + modules.d/98dracut-systemd/dracut-pre-mount.service.8 \ + modules.d/98dracut-systemd/dracut-pre-pivot.service.8 \ + modules.d/98dracut-systemd/dracut-pre-trigger.service.8 \ + modules.d/98dracut-systemd/dracut-pre-udev.service.8 + +manpages = $(man1pages) $(man5pages) $(man7pages) $(man8pages) + +.PHONY: install clean archive testimage test all check AUTHORS CONTRIBUTORS doc + +all: dracut.pc dracut-install src/skipcpio/skipcpio dracut-util + +%.o : %.c + $(CC) -c $(CFLAGS) $(CPPFLAGS) $(KMOD_CFLAGS) $< -o $@ + +DRACUT_INSTALL_OBJECTS = \ + src/install/dracut-install.o \ + src/install/hashmap.o\ + src/install/log.o \ + src/install/strv.o \ + src/install/util.o + +# deps generated with gcc -MM +src/install/dracut-install.o: src/install/dracut-install.c src/install/log.h src/install/macro.h \ + src/install/hashmap.h src/install/util.h +src/install/hashmap.o: src/install/hashmap.c src/install/util.h src/install/macro.h src/install/log.h \ + src/install/hashmap.h +src/install/log.o: src/install/log.c src/install/log.h src/install/macro.h src/install/util.h +src/install/util.o: src/install/util.c src/install/util.h src/install/macro.h src/install/log.h +src/install/strv.o: src/install/strv.c src/install/strv.h src/install/util.h src/install/macro.h src/install/log.h + +src/install/dracut-install: $(DRACUT_INSTALL_OBJECTS) + $(CC) $(LDFLAGS) -o $@ $(DRACUT_INSTALL_OBJECTS) $(LDLIBS) $(FTS_LIBS) $(KMOD_LIBS) + +logtee: src/logtee/logtee.c + $(CC) $(LDFLAGS) -o $@ $< + +dracut-install: src/install/dracut-install + ln -fs $< $@ + +SKIPCPIO_OBJECTS = src/skipcpio/skipcpio.o +skipcpio/skipcpio.o: src/skipcpio/skipcpio.c +skipcpio/skipcpio: $(SKIPCPIO_OBJECTS) + +UTIL_OBJECTS = src/util/util.o +util/util.o: src/util/util.c +util/util: $(UTIL_OBJECTS) + +dracut-util: src/util/util + cp -a $< $@ + +.PHONY: indent-c +indent-c: + astyle -n --quiet --options=.astylerc $(wildcard *.[ch] */*.[ch] src/*/*.[ch]) + +.PHONY: indent +indent: indent-c +ifeq ($(HAVE_SHFMT),yes) + shfmt -w -s . +endif + +src/dracut-cpio/target/release/dracut-cpio: src/dracut-cpio/src/main.rs + cargo --offline build --release --manifest-path src/dracut-cpio/Cargo.toml + +dracut-cpio: src/dracut-cpio/target/release/dracut-cpio + ln -fs $< $@ + +ifeq ($(enable_dracut_cpio),yes) +all: dracut-cpio +endif + +doc: $(manpages) dracut.html + +ifneq ($(enable_documentation),no) +all: doc +endif + +%: %.xml + @rm -f -- "$@" + xsltproc -o "$@" -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $< + +%.xml: %.asc + @rm -f -- "$@" + asciidoc -a "version=$(DRACUT_FULL_VERSION)" -d manpage -b docbook -o "$@" $< + +dracut.8: man/dracut.8.asc \ + man/dracut.usage.asc + +dracut.html: man/dracut.asc $(manpages) docs/dracut.css man/dracut.usage.asc + @rm -f -- dracut.xml + asciidoc -a "mainversion=$(DRACUT_MAIN_VERSION)" \ + -a "version=$(DRACUT_FULL_VERSION)" \ + -a numbered \ + -d book -b docbook -o dracut.xml man/dracut.asc + @rm -f -- dracut.html + xsltproc -o dracut.html --xinclude -nonet \ + --stringparam custom.css.source docs/dracut.css \ + --stringparam generate.css.header 1 \ + http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl dracut.xml + @rm -f -- dracut.xml + +dracut.pc: Makefile.inc Makefile + @echo "Name: dracut" > dracut.pc + @echo "Description: dracut" >> dracut.pc + @echo "Version: $(DRACUT_FULL_VERSION)" >> dracut.pc + @echo "dracutdir=$(pkglibdir)" >> dracut.pc + @echo "dracutmodulesdir=$(pkglibdir)/modules.d" >> dracut.pc + @echo "dracutconfdir=$(pkglibdir)/dracut.conf.d" >> dracut.pc + +install: all + mkdir -p $(DESTDIR)$(pkglibdir) + mkdir -p $(DESTDIR)$(bindir) + mkdir -p $(DESTDIR)$(sysconfdir) + mkdir -p $(DESTDIR)$(pkglibdir)/modules.d + mkdir -p $(DESTDIR)$(mandir)/man1 $(DESTDIR)$(mandir)/man5 $(DESTDIR)$(mandir)/man7 $(DESTDIR)$(mandir)/man8 + install -m 0755 dracut.sh $(DESTDIR)$(bindir)/dracut + install -m 0755 dracut-catimages.sh $(DESTDIR)$(bindir)/dracut-catimages + install -m 0755 lsinitrd.sh $(DESTDIR)$(bindir)/lsinitrd + install -m 0644 dracut.conf $(DESTDIR)$(sysconfdir)/dracut.conf + mkdir -p $(DESTDIR)$(sysconfdir)/dracut.conf.d + mkdir -p $(DESTDIR)$(pkglibdir)/dracut.conf.d + install -m 0755 dracut-init.sh $(DESTDIR)$(pkglibdir)/dracut-init.sh + install -m 0755 dracut-functions.sh $(DESTDIR)$(pkglibdir)/dracut-functions.sh + install -m 0755 dracut-version.sh $(DESTDIR)$(pkglibdir)/dracut-version.sh + ln -fs dracut-functions.sh $(DESTDIR)$(pkglibdir)/dracut-functions + install -m 0755 dracut-logger.sh $(DESTDIR)$(pkglibdir)/dracut-logger.sh + install -m 0755 dracut-initramfs-restore.sh $(DESTDIR)$(pkglibdir)/dracut-initramfs-restore + cp -arx modules.d $(DESTDIR)$(pkglibdir) +ifneq ($(enable_documentation),no) + for i in $(man1pages); do install -m 0644 $$i $(DESTDIR)$(mandir)/man1/$${i##*/}; done + for i in $(man5pages); do install -m 0644 $$i $(DESTDIR)$(mandir)/man5/$${i##*/}; done + for i in $(man7pages); do install -m 0644 $$i $(DESTDIR)$(mandir)/man7/$${i##*/}; done + for i in $(man8pages); do install -m 0644 $$i $(DESTDIR)$(mandir)/man8/$${i##*/}; done + ln -fs dracut.cmdline.7 $(DESTDIR)$(mandir)/man7/dracut.kernel.7 +endif + if [ -n "$(systemdsystemunitdir)" ]; then \ + mkdir -p $(DESTDIR)$(systemdsystemunitdir); \ + ln -srf $(DESTDIR)$(pkglibdir)/modules.d/98dracut-systemd/dracut-shutdown-onfailure.service $(DESTDIR)$(systemdsystemunitdir)/dracut-shutdown-onfailure.service; \ + ln -srf $(DESTDIR)$(pkglibdir)/modules.d/98dracut-systemd/dracut-shutdown.service $(DESTDIR)$(systemdsystemunitdir)/dracut-shutdown.service; \ + mkdir -p $(DESTDIR)$(systemdsystemunitdir)/sysinit.target.wants; \ + ln -s ../dracut-shutdown.service \ + $(DESTDIR)$(systemdsystemunitdir)/sysinit.target.wants/dracut-shutdown.service; \ + mkdir -p $(DESTDIR)$(systemdsystemunitdir)/initrd.target.wants; \ + for i in \ + dracut-cmdline.service \ + dracut-initqueue.service \ + dracut-mount.service \ + dracut-pre-mount.service \ + dracut-pre-pivot.service \ + dracut-pre-trigger.service \ + dracut-pre-udev.service \ + ; do \ + ln -srf $(DESTDIR)$(pkglibdir)/modules.d/98dracut-systemd/$$i $(DESTDIR)$(systemdsystemunitdir); \ + ln -s ../$$i \ + $(DESTDIR)$(systemdsystemunitdir)/initrd.target.wants/$$i; \ + done \ + fi + if [ -f src/install/dracut-install ]; then \ + install -m 0755 src/install/dracut-install $(DESTDIR)$(pkglibdir)/dracut-install; \ + fi + if [ -f src/skipcpio/skipcpio ]; then \ + install -m 0755 src/skipcpio/skipcpio $(DESTDIR)$(pkglibdir)/skipcpio; \ + fi + if [ -f dracut-util ]; then \ + install -m 0755 dracut-util $(DESTDIR)$(pkglibdir)/dracut-util; \ + fi +ifeq ($(enable_dracut_cpio),yes) + install -m 0755 dracut-cpio $(DESTDIR)$(pkglibdir)/dracut-cpio +endif + mkdir -p $(DESTDIR)${prefix}/lib/kernel/install.d + install -m 0755 install.d/50-dracut.install $(DESTDIR)${prefix}/lib/kernel/install.d/50-dracut.install + install -m 0755 install.d/51-dracut-rescue.install $(DESTDIR)${prefix}/lib/kernel/install.d/51-dracut-rescue.install + mkdir -p $(DESTDIR)${bashcompletiondir} + install -m 0644 shell-completion/bash/dracut $(DESTDIR)${bashcompletiondir}/dracut + install -m 0644 shell-completion/bash/lsinitrd $(DESTDIR)${bashcompletiondir}/lsinitrd + mkdir -p $(DESTDIR)${pkgconfigdatadir} + install -m 0644 dracut.pc $(DESTDIR)${pkgconfigdatadir}/dracut.pc + +clean: + $(RM) *~ + $(RM) */*~ + $(RM) */*/*~ + $(RM) $(manpages:%=%.xml) dracut.xml + $(RM) test-*.img + $(RM) dracut-*.tar.bz2 dracut-*.tar.xz + $(RM) dracut-install src/install/dracut-install $(DRACUT_INSTALL_OBJECTS) + $(RM) skipcpio/skipcpio $(SKIPCPIO_OBJECTS) + $(RM) dracut-util util/util $(UTIL_OBJECTS) + $(RM) $(manpages) dracut.html + $(RM) dracut.pc + $(RM) dracut-cpio src/dracut-cpio/target/release/dracut-cpio* + $(MAKE) -C test clean + +dist: dracut-$(DRACUT_MAIN_VERSION).tar.xz + +dracut-$(DRACUT_MAIN_VERSION).tar.xz: doc syncheck + git archive --format=tar $(DRACUT_MAIN_VERSION) --prefix=dracut-$(DRACUT_MAIN_VERSION)/ > dracut-$(DRACUT_MAIN_VERSION).tar + mkdir -p dracut-$(DRACUT_MAIN_VERSION) + for i in $(manpages) dracut.html; do [ "$${i%/*}" != "$$i" ] && mkdir -p "dracut-$(DRACUT_MAIN_VERSION)/$${i%/*}"; cp "$$i" "dracut-$(DRACUT_MAIN_VERSION)/$$i"; done + tar --owner=root --group=root -rf dracut-$(DRACUT_MAIN_VERSION).tar $$(find dracut-$(DRACUT_MAIN_VERSION) -type f) + rm -fr -- dracut-$(DRACUT_MAIN_VERSION).tar.xz dracut-$(DRACUT_MAIN_VERSION) + xz -9 dracut-$(DRACUT_MAIN_VERSION).tar + rm -f -- dracut-$(DRACUT_MAIN_VERSION).tar + +syncheck: + @ret=0;for i in dracut-initramfs-restore.sh modules.d/*/*.sh; do \ + [ "$${i##*/}" = "module-setup.sh" ] && continue; \ + read line < "$$i"; [ "$${line#*bash*}" != "$$line" ] && continue; \ + [ $$V ] && echo "posix syntax check: $$i"; bash --posix -n "$$i" ; ret=$$(($$ret+$$?)); \ + [ $$V ] && echo "checking for [[: $$i"; if grep -Fq '[[ ' "$$i" ; then ret=$$(($$ret+1)); echo "$$i contains [["; fi; \ + [ $$V ] && echo "checking for echo -n: $$i"; if grep -Fq 'echo -n ' "$$i" ; then ret=$$(($$ret+1)); echo "$$i contains echo -n"; fi \ + done;exit $$ret + @ret=0;for i in *.sh modules.d/*/*.sh modules.d/*/module-setup.sh; do \ + [ $$V ] && echo "bash syntax check: $$i"; bash -n "$$i" ; ret=$$(($$ret+$$?)); \ + done;exit $$ret +ifeq ($(HAVE_SHELLCHECK),yes) +ifeq ($(HAVE_SHFMT),yes) + shellcheck $$(shfmt -f .) +else + find . -name '*.sh' -print0 | xargs -0 shellcheck +endif +endif + +check: all syncheck + @[ "$$EUID" == "0" ] || { echo "'check' must be run as root! Please use 'sudo'."; exit 1; } + @$(MAKE) -C test check + +testimage: all + ./dracut.sh -N -l -a debug -f test-$(KVERSION).img $(KVERSION) + @echo wrote test-$(KVERSION).img + +debugtestimage: all + ./dracut.sh --debug -l -a debug -f test-$(KVERSION).img $(KVERSION) + @echo wrote test-$(KVERSION).img + +testimages: all + ./dracut.sh -l -a debug --kernel-only -f test-kernel-$(KVERSION).img $(KVERSION) + @echo wrote test-$(KVERSION).img + ./dracut.sh -l -a debug --no-kernel -f test-dracut.img $(KVERSION) + @echo wrote test-dracut.img + +debughostimage: all + ./dracut.sh --debug -H -l -f test-$(KVERSION).img $(KVERSION) + @echo wrote test-$(KVERSION).img + +hostimage: all + ./dracut.sh -H -l -f test-$(KVERSION).img $(KVERSION) + @echo wrote test-$(KVERSION).img + +efi: all + ./dracut.sh --uefi -H -l -f linux-$(KVERSION).efi $(KVERSION) + @echo wrote linux-$(KVERSION).efi + +AUTHORS: + @git log | git shortlog --numbered --summary -e | while read -r a rest || [ -n "$$rest" ]; do echo "$$rest"; done > AUTHORS + +CONTRIBUTORS: + @git log | git shortlog $(DRACUT_MAIN_VERSION).. --numbered --summary -e | while read -r a rest || [ -n "$$rest" ]; do echo "- $$rest"; done @@ -0,0 +1,3074 @@ +[Rendered view](https://github.com/dracutdevs/dracut/blob/master/NEWS.md) + +dracut-060 +========== + +#### Performance + +* **dracut-install:** + * don't strdup() environment block ([efd4ca27](https://github.com/dracutdevs/dracut/commit/efd4ca271f15530d7264d2c87a104284e20b28aa)) + * don't reallocate {src,dst}path in hmac_install() ([77226cb4](https://github.com/dracutdevs/dracut/commit/77226cb412822dc7614037c6d9225d98e64d4a55)) + * don't strdup() excessively for dracut_install() ([a20556f0](https://github.com/dracutdevs/dracut/commit/a20556f0e51249e501aeb87eb5a337a15db52253)) + * stat() w/unused buf -> access(F_OK) in dracut-install ([e7ed8337](https://github.com/dracutdevs/dracut/commit/e7ed8337bb9fec0283af5dc745450394ba649a03)) + * multiple single-character strstr()s -> strpbrk() ([751a110f](https://github.com/dracutdevs/dracut/commit/751a110f29f07cb41246c09784c63bb26bb708c6)) + +#### Bug Fixes + +* codespell ([ddf63231](https://github.com/dracutdevs/dracut/commit/ddf6323145d50d33a897687474c73770328bf757)) +* make iso-scan trigger udev events ([7b530f26](https://github.com/dracutdevs/dracut/commit/7b530f26368d723dcc34fb67d687c60009b06412), closes [#2183](https://github.com/dracutdevs/dracut/issues/2183)) +* shellcheck 0.8.0 ([88fe9205](https://github.com/dracutdevs/dracut/commit/88fe9205de49c12ed8eaac2ca227a72830750955)) +* shellcheck 0.8.0 ([08b63a25](https://github.com/dracutdevs/dracut/commit/08b63a25296d689186c6343f96e764bf893367cb)) +* **99base:** adjust to allow mksh as initrd shell ([a0d14d3b](https://github.com/dracutdevs/dracut/commit/a0d14d3bc691b318507c01708bc67d9e3b9d5109)) +* **Makefile:** + * remove leftover rpm build rules ([f5cc202e](https://github.com/dracutdevs/dracut/commit/f5cc202e998eb22bda98920b8eeeb0f027ca0b6e)) + * no longer upload to kernel.org ([ffc766d2](https://github.com/dracutdevs/dracut/commit/ffc766d23d9175673f722a3c81e7609496167845)) + * execute command -v instead of which ([4235c035](https://github.com/dracutdevs/dracut/commit/4235c035ff1abad0c22125c26cab813c42b29da0)) +* **base:** do not quote $CLINE in the `set` command ([8b951d20](https://github.com/dracutdevs/dracut/commit/8b951d20d409b3647c85a9c6d064ccb15cdb5fe7)) +* **bluetooth:** + * make bluetooth rules more strict ([dfa408c9](https://github.com/dracutdevs/dracut/commit/dfa408c9de7cd0b0af6099b6f1e0cce2e70ec467)) + * add missing files ([e84d65c5](https://github.com/dracutdevs/dracut/commit/e84d65c5b0191582e26fe9cc150d460652b34b33)) + * include it if Appearance matches the value assigned for keyboard ([8079ceaf](https://github.com/dracutdevs/dracut/commit/8079ceafcac910d0c061830769866710c3e889a8)) + * warn user instead of including it by default ([0ecb0388](https://github.com/dracutdevs/dracut/commit/0ecb038832038523a27f989d0eb82b45fb67861c)) +* **btrfs:** + * do not require module via cmdline when --no-kernel ([7ed765dd](https://github.com/dracutdevs/dracut/commit/7ed765dd23e4c5616c82d1cbf8b4dbceaafc7647)) + * add missing cmdline function ([2b47a2ef](https://github.com/dracutdevs/dracut/commit/2b47a2efe91ab8be480925c04388200a3666812c)) +* **crypt:** add missing libraries ([c5dca3d6](https://github.com/dracutdevs/dracut/commit/c5dca3d68915cef077fda2bc5292e12f82cf6dd6)) +* **crypt-gpg:** do not use always --card-status ([e3e8108e](https://github.com/dracutdevs/dracut/commit/e3e8108eb75247249ec05eaba943c3f48637c04b)) +* **dmsquash-live:** + * allow other fstypes ([4000a1ec](https://github.com/dracutdevs/dracut/commit/4000a1ecff208479254be8ce88de826099e2b685)) + * restore compatibility with earlier releases ([0e780720](https://github.com/dracutdevs/dracut/commit/0e780720efe6488c4e07af39926575ee12f40339)) + * live:/dev/* ([93339444](https://github.com/dracutdevs/dracut/commit/93339444361303c15e26b6ff5cea6ef99ad0b3e0)) +* **dmsquash-live-autooverlay:** specify filesystemtype when it is already known ([179e1a99](https://github.com/dracutdevs/dracut/commit/179e1a992fc2b74d55a600bef152d5df43802104)) +* **dracut-functions:** avoid calling grep with PCRE (-P) ([67591e88](https://github.com/dracutdevs/dracut/commit/67591e8855006eb02aa0ffab7349ab770e471473)) +* **dracut-functions.sh:** convert mmcblk to the real kernel module name ([a62e895d](https://github.com/dracutdevs/dracut/commit/a62e895db9510f0fc4c47ee81b1436096eca4d64)) +* **dracut-init.sh:** + * `module_check` method ignores `forced` option ([6c9f403f](https://github.com/dracutdevs/dracut/commit/6c9f403f1c219b8e2ff62011bfcc1b5e254b411a)) + * use the local _ret variable ([1b53bb62](https://github.com/dracutdevs/dracut/commit/1b53bb6297d83940b52e806c01030e8f5035d9f2)) + * correct check in `is_qemu_virtualized` function ([3e2f685e](https://github.com/dracutdevs/dracut/commit/3e2f685ecb4a968d5cd889803d5a248dab89473a)) + * correct typo in comment ([1aafcab9](https://github.com/dracutdevs/dracut/commit/1aafcab935b7e84cea8fc3f084b6935f87b2b8a5)) +* **dracut-initramfs-restore.sh:** handle /etc/machine-id empty or uninitialized ([260883d9](https://github.com/dracutdevs/dracut/commit/260883d96f33e7aced3d00c85d0ebffcec1385a1)) +* **dracut-install:** + * protect against broken links pointing to themselves ([32f6f364](https://github.com/dracutdevs/dracut/commit/32f6f364ddeb706bf8741f2895d60022aee264e7)) + * prevent possible infinite recursion with suppliers ([131822e2](https://github.com/dracutdevs/dracut/commit/131822e26d76a3ce2028e9a545be2af066805629)) + * continue parsing if ldd prints "cannot execute binary file" ([9a531ca0](https://github.com/dracutdevs/dracut/commit/9a531ca044e3cfe9b670e7e4d59a7bae5bafec1e)) +* **dracut-lib.sh:** remove successful finished initqueue scripts ([07af8d58](https://github.com/dracutdevs/dracut/commit/07af8d58745a121052cab49c70a476f02996da1e)) +* **dracut-systemd:** + * rootfs-generator cannot write outside of generator dir ([86c8a5a7](https://github.com/dracutdevs/dracut/commit/86c8a5a7c2573645e67537fb9975efab808d42c9)) + * check and create generator dir outside of inner function ([acfa793b](https://github.com/dracutdevs/dracut/commit/acfa793b5cc035ebd36b0c5ce97ba2fd89e5745c)) + * do not hardcode the systemd generator directory ([a7c04716](https://github.com/dracutdevs/dracut/commit/a7c04716a5e528d86135bf87745054f7cbd54469)) + * remove unused argument ([eb75861c](https://github.com/dracutdevs/dracut/commit/eb75861c2a1c05eb142616da1891a7fa5a2a34e1)) +* **dracut.sh:** + * remove microcode check based on CONFIG_MICROCODE_[AMD|INTEL] ([6c80408c](https://github.com/dracutdevs/dracut/commit/6c80408c8644a0add1907b0593eb83f90d6247b1)) + * exit if resolving executable dependencies fails ([b2c6b584](https://github.com/dracutdevs/dracut/commit/b2c6b584e2227e68f54c8843925dcb73aefe87ac)) + * shellcheck warning SC1004 ([dbdab2d8](https://github.com/dracutdevs/dracut/commit/dbdab2d87fa49c7fdd08b274d8a21e6046360cad)) + * use gawk for strtonum ([33a66ed0](https://github.com/dracutdevs/dracut/commit/33a66ed04bdc30eccb172a0cd6dcc36d9d74f825)) + * also prevent fsfreeze for tmpfs ([09d3ec16](https://github.com/dracutdevs/dracut/commit/09d3ec1648822d84e95b274b60cb51b80e8f49f9)) + * correct path for UEFI stub on split-usr systems ([c1588995](https://github.com/dracutdevs/dracut/commit/c1588995ae0d9f984ad08f2d466f7a09646c6517)) + * silence the output of hardlinking files by default ([2a26eec5](https://github.com/dracutdevs/dracut/commit/2a26eec5cc1f384f71226066f13db89f92913f28)) + * handle imagebase for uefi ([6178a9d8](https://github.com/dracutdevs/dracut/commit/6178a9d83ffad67fa371cef2ff3f5bbb337bc8b7)) + * handle /etc/machine-id empty or uninitialized ([97fe0976](https://github.com/dracutdevs/dracut/commit/97fe09769d6a86492c39e0368f088f54f7c0fa6e)) + * use dynamically uefi's sections offset ([f32e95bc](https://github.com/dracutdevs/dracut/commit/f32e95bcadbc5158843530407adc1e7b700561b1)) + * kmoddir does not handle trailing / ([1ddcb137](https://github.com/dracutdevs/dracut/commit/1ddcb137ea2a4d79491ff94f1f7802dcaa7ac381)) + * handle sbsign errors for UEFI builds ([a6dd5bfb](https://github.com/dracutdevs/dracut/commit/a6dd5bfb9a514a3bf650cc1e8d4311c05e9b968c)) + * handle out of space error for UEFI builds ([8602df70](https://github.com/dracutdevs/dracut/commit/8602df705879100be17e93fe56f5cbeb6216248f)) + * --sysroot option broken if global variables not set in conf ([6f4a5c90](https://github.com/dracutdevs/dracut/commit/6f4a5c90ab993d2559720c2d4023d99ad43df00a)) + * correct --help and --version exit codes ([cda6b00a](https://github.com/dracutdevs/dracut/commit/cda6b00abce0e68e353ab929b86cfaf45c3dc1c8)) +* **fido2:** libfido2.so depends on libz.so ([15970768](https://github.com/dracutdevs/dracut/commit/1597076887c6744b9ec69c0ac44a1134fd700700)) +* **fips:** + * move fips-boot script to pre-pivot ([d777dd3d](https://github.com/dracutdevs/dracut/commit/d777dd3dab50c2e383c00751fae5d9593339315f)) + * only unmount /boot if it was mounted by the fips module ([ab26ad2c](https://github.com/dracutdevs/dracut/commit/ab26ad2c2ab4a5884e392951998d40829f130387)) + * do not blindly remove /boot ([1fabbb64](https://github.com/dracutdevs/dracut/commit/1fabbb6412b70bdd1aac5279b90b9a23a267ffc5)) +* **fs-lib:** remove quoting form the first argument of the e2fsck call ([9aa332ca](https://github.com/dracutdevs/dracut/commit/9aa332cad7196b6e05b9e2f1810dc54bb38ed2ac)) +* **github:** exempt issues in a milestone ([c8a703aa](https://github.com/dracutdevs/dracut/commit/c8a703aaa7bbfe4f078fef5a4318243db059b87b)) +* **install:** do not undef _FILE_OFFSET_BITS ([70aeb4c1](https://github.com/dracutdevs/dracut/commit/70aeb4c1a56027bc2fe5570c080d96625b377c94)) +* **install.d:** + * do not create initramfs if the supplied image is UKI ([b2af8c8b](https://github.com/dracutdevs/dracut/commit/b2af8c8bcfc72802e02e2c0adc2eed9279101624)) + * respect even more kernel-install vars, plus style fixes ([17b8649e](https://github.com/dracutdevs/dracut/commit/17b8649eb931f3f4990ac8184fe23fc257df6fa5)) + * respect more kernel-install env variables ([a037634a](https://github.com/dracutdevs/dracut/commit/a037634ad71711d29828214830ebdade0c449dbc)) +* **integrity:** do not require ls ([a804945f](https://github.com/dracutdevs/dracut/commit/a804945f27a0ccc2f69ae694599b1afec2afe8b1)) +* **iscsi:** + * prefix syntax for static iBFT IPv6 addresses ([c3b65a49](https://github.com/dracutdevs/dracut/commit/c3b65a493a635a3f85f9e65c4337cd4c144ff8fc)) + * install 8021q module unconditionally ([aa5d9526](https://github.com/dracutdevs/dracut/commit/aa5d9526eca23f642fd623d2c857fd8f9930b83d)) +* **kernel-modules:** + * add interconnect drivers ([afb5717e](https://github.com/dracutdevs/dracut/commit/afb5717e67727d49fae0d2a1a4169e5b247387f4)) + * add UFS drivers ([89269d23](https://github.com/dracutdevs/dracut/commit/89269d239f0539b7bd4339ba98a0d1b188b59962)) + * use modalias info in get_dev_module() ([87a76dbb](https://github.com/dracutdevs/dracut/commit/87a76dbb578aff473e690857d1b714eacd92b9ec)) +* **load_fstype:** avoid false positive searchs ([10cf8e46](https://github.com/dracutdevs/dracut/commit/10cf8e46f43a7a2094e4d861c1296db6af0e0fa1)) +* **lsinitrd.sh:** + * handle /etc/machine-id empty or uninitialized ([971b302d](https://github.com/dracutdevs/dracut/commit/971b302d70fbbfac3b6047654b7dc7ceeb1c17e7)) + * handle filenames with special characters ([1f84ff88](https://github.com/dracutdevs/dracut/commit/1f84ff882fe272ef0185a284eee82e89735c833d)) +* **lvmthinpool-monitor:** activate lvm thin pool before extend its size ([e9b47742](https://github.com/dracutdevs/dracut/commit/e9b4774239989257999053033fc92cded7803896)) +* **man:** + * add missing initrd-root-device.target to flow chart ([f11e8fff](https://github.com/dracutdevs/dracut/commit/f11e8fffc2db1f6f02d09207a1edbf1d898249d7)) + * remove duplicate entry ([6af3fcfd](https://github.com/dracutdevs/dracut/commit/6af3fcfd7f699ec4bb3f1e9ac71b7a9ebb9804b3)) +* **modsign:** load keys to correct keyring ([b7ef1302](https://github.com/dracutdevs/dracut/commit/b7ef1302715bead649625666f92eff434082de1f)) +* **multipath:** remove dependency on multipathd.socket ([297525c5](https://github.com/dracutdevs/dracut/commit/297525c5c0781e13c4bf86aa42e81b9f166802ad)) +* **network:** + * IPv6: don't wait for RA for static IPv6 assignments ([726d56ca](https://github.com/dracutdevs/dracut/commit/726d56ca0a23e5a39de5f809da2d20ce7985d437)) + * don't assume prefix length 64 by default ([7ff255a4](https://github.com/dracutdevs/dracut/commit/7ff255a4488f63cf84179d4572f44fe3a1bd29ec)) +* **network,dbus:** improve dependency checking ([3f8f115a](https://github.com/dracutdevs/dracut/commit/3f8f115a27b2bb63f0893262b6c951a187bac8ef)) +* **network-legacy:** + * typo ([e2f961a2](https://github.com/dracutdevs/dracut/commit/e2f961a2bd7b5f5cbff6394d6be6eace15e236b7)) + * always include af_packet ([b074216b](https://github.com/dracutdevs/dracut/commit/b074216be93dc4512b76fcd6b77a727aef11b22b)) +* **network-manager:** add "After" dependency on dbus.service ([d8a9a73d](https://github.com/dracutdevs/dracut/commit/d8a9a73df9688989b5e47469e74ad5aa666a5bfb)) +* **nvmf:** + * support /etc/nvme/config.json ([f07117d6](https://github.com/dracutdevs/dracut/commit/f07117d68d07d52aa4ce8b4b2549a0cb716b7f4b)) + * install 8021q module unconditionally ([902f3a8f](https://github.com/dracutdevs/dracut/commit/902f3a8f84643e4249b9bbb2e81d1b13eaf35364)) +* **plymouth:** remove /etc/system-release dependency ([d6cef3f2](https://github.com/dracutdevs/dracut/commit/d6cef3f28e15a834284786c79f108b7c42481f96)) +* **release:** maintain dracut-version.sh in the source tree ([b4e23ce4](https://github.com/dracutdevs/dracut/commit/b4e23ce4238821b0c2dd3c846da45f9cfeb57954)) +* **resolve-deps:** check the existing file—not the source ([5ac581ef](https://github.com/dracutdevs/dracut/commit/5ac581ef66dd8f1939e771419824137aebbc8f66)) +* **systemd:** + * add new systemd-tmpfiles-setup-dev-early.service ([7528d84d](https://github.com/dracutdevs/dracut/commit/7528d84de84d9c1fb7d5f54712c692600e21b044)) + * do not include systemd-random-seed.service ([925febf8](https://github.com/dracutdevs/dracut/commit/925febf89d54c0bef9e3c8fda3b8e5b1f8ba30cd)) +* **systemd-ac-power:** correct systemd-ac-power binary path ([df2458a6](https://github.com/dracutdevs/dracut/commit/df2458a6b8aec70e74757ea7ae35f672a99ddc17)) +* **systemd-journald:** do not include systemd-journal-flush.service ([eff2a939](https://github.com/dracutdevs/dracut/commit/eff2a9398120b29fd869eec991410e254d0dcbb8)) +* **systemd-networkd:** + * correct typos in override paths ([f0dc7ec9](https://github.com/dracutdevs/dracut/commit/f0dc7ec96b81fec100a5ab948c12846b2b9910e6)) + * add missing conf files and services ([71e391eb](https://github.com/dracutdevs/dracut/commit/71e391ebdc8f5d88447db1b6d475c813d82d5ffb)) +* **systemd-pcrphase:** only include systemd-pcrphase-initrd.service ([cd6f683d](https://github.com/dracutdevs/dracut/commit/cd6f683d634970112a29867137431d0d57f8c957)) +* **systemd-resolved:** correct typo in override path ([2d083021](https://github.com/dracutdevs/dracut/commit/2d083021910f0633035a056e0541549efffec896)) +* **systemd-timedated:** correct typo in override path ([765e69ce](https://github.com/dracutdevs/dracut/commit/765e69ce4d88a4ef6c1028cc117b3f233a285f0e)) +* **systemd-tmpfiles:** do not include systemd-tmpfiles-clean.timer ([1ef00735](https://github.com/dracutdevs/dracut/commit/1ef00735ae4fa19684598a8f7868e8b36b6bf5fe)) +* **systemd-udevd:** add missing override paths ([570b9d40](https://github.com/dracutdevs/dracut/commit/570b9d405116c9763266aa2e88ea0a2460c734ba)) +* **test:** + * only use QEMU machine q35 on x86 ([f29e428b](https://github.com/dracutdevs/dracut/commit/f29e428bdb3068e25150bc9591a961bd2df66442)) + * use bash for jobs -r parameter ([9a18f133](https://github.com/dracutdevs/dracut/commit/9a18f1335fcab1eb84fedc45e450851d093335aa)) + * rename test 60 ([3d7c0ffb](https://github.com/dracutdevs/dracut/commit/3d7c0ffbd65c8d5c9fef559a51a2405a28c6f6a0)) + * improve test 60 ([5e846cb1](https://github.com/dracutdevs/dracut/commit/5e846cb1320e32db1e3d200743f8fc08732d4c9e)) + * remove leftover link file from server rootfs ([8f44740f](https://github.com/dracutdevs/dracut/commit/8f44740f2c234ddb275e0a11e23d45e3678eb4a0)) + * assign fixed address to bridge ([9fb64d96](https://github.com/dracutdevs/dracut/commit/9fb64d96ab7a7e19a7940e56e9bc0da863b46386)) + * bump DHCP timeout to 30 seconds ([462d9b92](https://github.com/dracutdevs/dracut/commit/462d9b9254d4386e9eac267547ee4e8cd2487c3d)) + * remove check on dhclient support for --timeout ([da959483](https://github.com/dracutdevs/dracut/commit/da959483333c6ab83e4cdef837130eacec6b35d7)) + * adapt multinic test for new NetworkManager versions ([d3993c7d](https://github.com/dracutdevs/dracut/commit/d3993c7dabdd37c54a991c6ad9ea38365598d16a)) +* **udev-rules:** + * remove firmware.rules ([7310a641](https://github.com/dracutdevs/dracut/commit/7310a641e227aae446684baeb48f878c3299ff9f)) + * remove old eudev specific rule ([6d554d9b](https://github.com/dracutdevs/dracut/commit/6d554d9b98333372aeb20fd153a42c8171979825)) + * remove old redhat specific rule ([d648bf80](https://github.com/dracutdevs/dracut/commit/d648bf805a27cbf1920f0437606c9ffb2684ec18)) + * remove old edd_id extra rules ([6a33e677](https://github.com/dracutdevs/dracut/commit/6a33e677aca49dd81826949b61acb945d672ba84)) + * remove old debian specific rules ([1edc41af](https://github.com/dracutdevs/dracut/commit/1edc41af979e1c1097be082c357f7a4895fbbad2)) +* **url-lib.sh:** nfs_already_mounted() with trailing slash in nfs path ([966b6cec](https://github.com/dracutdevs/dracut/commit/966b6cec1bebd91ddd0f85c357f7ab57d3213f51)) +* **virtiofs:** add virtio_pci kernel module to virtiofs ([07b49a3e](https://github.com/dracutdevs/dracut/commit/07b49a3ed79a792cede7e6ee21be29aba07168bc)) + +#### Features + +* **Makefile:** allow setting dracut version via environment variables ([31c4d284](https://github.com/dracutdevs/dracut/commit/31c4d284017044b72ddea767c4d35d6d70473984)) +* **dracut:** + * add --sbat option to add sbat policy to UKI ([fffeaded](https://github.com/dracutdevs/dracut/commit/fffeadedf2170563cb7c0e0cb06994b0878ed455)) + * use log level indicator in console output ([ae88e029](https://github.com/dracutdevs/dracut/commit/ae88e029c6ad20248d229bebd7e8f10d3d094988)) +* **dracut-init.sh:** + * do not print by default if an udev rule is skipped ([aa20bbb5](https://github.com/dracutdevs/dracut/commit/aa20bbb5b1c78963331fb6261763ea4c51ebc04f)) + * specify if a module cannot be found or cannot be installed ([a10078a5](https://github.com/dracutdevs/dracut/commit/a10078a5c3ce9adf309962634e71ae6e186f2621)) +* **dracut-install:** add fw_devlink suppliers as module dependencies ([3de4c731](https://github.com/dracutdevs/dracut/commit/3de4c7313260fb600507c9b87f780390b874c870)) +* **fips:** add progress messages ([68d0653e](https://github.com/dracutdevs/dracut/commit/68d0653e35f79e78b75a71c122c091ba4f4d5759)) +* **install.d:** allow using dracut in combination with ukify ([16645633](https://github.com/dracutdevs/dracut/commit/166456331d55cdc23946c11315dc2c88aab15911)) +* **kernel-modules:** driver support for macbook keyboards ([df381b7e](https://github.com/dracutdevs/dracut/commit/df381b7e0cd95f78e40ac70f0f3c96a2fa8dd189)) +* **livenet:** add memory size check depending on live image size ([52351cfa](https://github.com/dracutdevs/dracut/commit/52351cfa049a9594d539e6a5337d591e8039ab80)) +* **lsinitrd:** notify user on missing compressor ([1300a930](https://github.com/dracutdevs/dracut/commit/1300a930e76dbb380c7840760207296a1e58364c)) +* **lvm:** always include all drivers that LVM can use ([a109c612](https://github.com/dracutdevs/dracut/commit/a109c6123ffa8506379b73a4b1aeee4d0b67866d)) +* **network-wicked:** remove module ([9dbbebb1](https://github.com/dracutdevs/dracut/commit/9dbbebb1339d1c3dc8e6b8835a6edbc95c66e2fe)) +* **nvmf:** add code for parsing the NBFT ([b490f6f7](https://github.com/dracutdevs/dracut/commit/b490f6f7d7cf1c322b47af4e44d7f238612fb260)) +* **resume:** also consider resume= in the cmdline as enabling hibernation ([e3a7112b](https://github.com/dracutdevs/dracut/commit/e3a7112bef794e2f2dd741ec2c74fa9cb9117651), closes [#924](https://github.com/dracutdevs/dracut/issues/924)) +* **systemd:** install systemd-executor ([bee1c482](https://github.com/dracutdevs/dracut/commit/bee1c4824a8cd47ce6c01892a548bdc07b1fa678)) +* **systemd-creds:** introducing the systemd-creds module ([48c2cb45](https://github.com/dracutdevs/dracut/commit/48c2cb457b1472d09453be130797bc6e0e194f7c)) +* **systemd-rfkill:** remove module ([c4e6eaf9](https://github.com/dracutdevs/dracut/commit/c4e6eaf9c61616a2f27ef6e91cc787888afecde4)) +* **test:** nfs_fetch_url test into nfs test ([8f9ad068](https://github.com/dracutdevs/dracut/commit/8f9ad06873eb50754611ece2c18a0cd0b22336c0)) + +#### Contributors + +- Antonio Alvarez Feijoo <antonio.feijoo@suse.com> +- Henrik Gombos <henrik99999@gmail.com> +- Laszlo Gombos <laszlo.gombos@gmail.com> +- Benjamin Drung <benjamin.drung@canonical.com> +- Beniamino Galvani <bgalvani@redhat.com> +- Martin Wilck <mwilck@suse.de> +- наб <nabijaczleweli@nabijaczleweli.xyz> +- Adrien Thierry <athierry@redhat.com> +- Frederick Grose <fgrose@sugarlabs.org> +- Andrew Ammerlaan <andrewammerlaan@gentoo.org> +- Pavel Valena <pvalena@redhat.com> +- Frantisek Sumsal <frantisek@sumsal.cz> +- Jóhann B. Guðmundsson <johannbg@gmail.com> +- Tao Liu <ltao@redhat.com> +- “Masahiro <mmatsuya@redhat.com> +- 0x5c <dev@0x5c.io> +- Andrew Halaney <ahalaney@redhat.com> +- Daniel McIlvaney <damcilva@microsoft.com> +- David Disseldorp <ddiss@suse.de> +- Dmitry Klochkov <dmitry.klochkov@bell-sw.com> +- Emanuele Giuseppe Esposito <eesposit@redhat.com> +- John Meneghini <jmeneghi@redhat.com> +- Khem Raj <raj.khem@gmail.com> +- LinkTed <link.ted@mailbox.org> +- Lubomir Rintel <lkundrak@v3.sk> +- Michal Koutný <mkoutny@suse.com> +- Michał Zegan <webczat@outlook.com> +- Mike Gilbert <floppym@gentoo.org> +- Sam James <sam@gentoo.org> +- Sergio E. Nemirowski <sergio@outerface.net> +- Thomas Blume <thomas.blume@suse.com> +- Tianhao Chai <cth451@gmail.com> +- Valentin Lefebvre <valentin.lefebvre@suse.com> +- Vitaly Kuznetsov <vkuznets@redhat.com> +- keentux <valentin.lefebvre@suse.com> +- lilinjie <lilinjie@uniontech.com> + +dracut-059 +========== + +#### Bug Fixes + +* **NEWS.md:** add missing entries ([794ce5e3](https://github.com/dracutdevs/dracut/commit/794ce5e3ee55f1b78be32873a054aed422346f4c)) + +#### Contributors + +- Jóhann B. Guðmundsson <johannbg@gmail.com> + +dracut-058 +========== + +#### Bug Fixes + +* **90kernel-modules:** + * MMC and NVMe on kernels 6.0+ ([e0d57a8f](https://github.com/dracutdevs/dracut/commit/e0d57a8f5b15847a7fbae2ed3df29ec2c5d25ec7)) + * add (nonstandard) NVMe drivers ([415e5519](https://github.com/dracutdevs/dracut/commit/415e5519d19e24d123378710abe47a2df2b22e7b)) +* **90multipath:** + * use RemainAfterExit=yes for multipathd-configure.service ([2334031a](https://github.com/dracutdevs/dracut/commit/2334031a890a1101c78f986681236c76ba806d91)) + * create `/etc/multipath` only ([0940be90](https://github.com/dracutdevs/dracut/commit/0940be905843e93111e96c0d70c56389240fbc04)) +* **Makefile:** reduce the number of shell invocations ([ad7d5bc8](https://github.com/dracutdevs/dracut/commit/ad7d5bc8ea181ef805f65ae690681ebe5ba29bbe)) +* **base:** + * do not require chroot inside initramfs ([51813371](https://github.com/dracutdevs/dracut/commit/518133714b769160448a51c512d5e152ea6332da)) + * remove grep dependency ([240a1d34](https://github.com/dracutdevs/dracut/commit/240a1d34bd5d98fb8a7d75cd1053d8abf1c73f64)) +* **dbus-broker:** add missing sockets.target.wants/dbus.socket ([7ed04618](https://github.com/dracutdevs/dracut/commit/7ed0461810602bfbd4d5492fc9ed82f15e57fa9f)) +* **dmsquash-live:** + * add support for NFS ([8caaad4f](https://github.com/dracutdevs/dracut/commit/8caaad4fc2d75982eb87f5ebc72a4c276986f756)) + * check kernel for built-in squashfs drivers ([922c9e28](https://github.com/dracutdevs/dracut/commit/922c9e28ed87815cf6ae0b5ee911ff0ef616d1b0)) + * run checkisomd5 on correct device ([c8f819e6](https://github.com/dracutdevs/dracut/commit/c8f819e6c1c38e525e4b491b4215a939ee6e00df)) +* **dmsquash-live-ntfs:** remove unnecessary command ([e78f71b9](https://github.com/dracutdevs/dracut/commit/e78f71b9da29828ee4cd8444d4841ee127ef8614)) +* **dmsquash-live-root:** check kernel for built-in `overlay` drivers ([d0cd7cd3](https://github.com/dracutdevs/dracut/commit/d0cd7cd38711b5425777c3b1595dbf4288beaa23)) +* **dracut:** + * allow to set persistent policy based on /dev/mapper device names ([9cc7ceec](https://github.com/dracutdevs/dracut/commit/9cc7ceec1e9b4028d1a72bf51f9ea488d7ca11ac)) + * shellcheck regression in DRACUT_INSTALL calls ([097dd367](https://github.com/dracutdevs/dracut/commit/097dd367bbd61da1577a182c535c5aacdfd07031)) + * replace invalid lzo command with lzop for LZO compression ([b2d7561b](https://github.com/dracutdevs/dracut/commit/b2d7561b98d08c7e4018aa22dc36dc1242e50f09)) + * typo error 'aggresive' -> 'aggressive' ([e4f1dbcc](https://github.com/dracutdevs/dracut/commit/e4f1dbcc0061113cb58e555724f76a7243788236)) +* **dracut-functions.sh:** + * check_kernel_module should follow dracutsysrootdir ([6c42d378](https://github.com/dracutdevs/dracut/commit/6c42d378abe528ee6f10c8272080eec5f3f44acb)) + * suppress findmnt error msg if /etc/fstab not exist ([e9ed44c8](https://github.com/dracutdevs/dracut/commit/e9ed44c8864445d85018e31064cd888c358f1daf)) +* **dracut-init:** make require_kernel_modules ignore no kernel build ([d460941b](https://github.com/dracutdevs/dracut/commit/d460941b51d0178683b9098e62ad57e43fb71011)) +* **dracut-init.sh:** + * instmods: wrong variable name ([b12ee558](https://github.com/dracutdevs/dracut/commit/b12ee558f5660073ad26415794570188e8a427b0)) + * add missing hostonly code in the inst_multiple function ([e2fdb30b](https://github.com/dracutdevs/dracut/commit/e2fdb30b56305aed9d3be32f394352c7c3fdbcef)) + * correct dracut-install source path ([72b700e3](https://github.com/dracutdevs/dracut/commit/72b700e3cb8a0d74033e6e20b2435d9254b36efe)) + * propagate the result code returned by dracut-install ([d2f6f445](https://github.com/dracutdevs/dracut/commit/d2f6f445edb5de033d52ece0e982db38ac2614e2)) +* **dracut-initramfs-restore.sh:** + * initramfs detection not working ([481b87fa](https://github.com/dracutdevs/dracut/commit/481b87fa7a82be54663071ad9ad76c34e378ddc7)) + * hide unpack errors ([4f20ae26](https://github.com/dracutdevs/dracut/commit/4f20ae2620a9067270fe3e5f191ada6bff7b0ec1)) +* **dracut-install:** + * use stripped kernel module path as hash key ([2f791b40](https://github.com/dracutdevs/dracut/commit/2f791b401b287f67f2421452b5f82cdb5285a637)) + * do not try to copy files from the root directory ([ebbcf97d](https://github.com/dracutdevs/dracut/commit/ebbcf97dc7267f47ae568909305bcb05de2876b4)) + * correctly waitpid() for cp ([13736c50](https://github.com/dracutdevs/dracut/commit/13736c50c797d63ab75468ded17bc7935d7f1f94)) + * convert_abs_rel: return valid path on error ([06d31617](https://github.com/dracutdevs/dracut/commit/06d316171cd5e0e86c21006f93776ba9f49087cc)) +* **dracut-logger.sh:** this fixes the dlog_init check for /dev/log ([6b592f58](https://github.com/dracutdevs/dracut/commit/6b592f581c1a5ec489acee95779867e0485770fd)) +* **dracut-systemd:** run systemctl daemon-reload after remove_hostonly_files ([e1058b07](https://github.com/dracutdevs/dracut/commit/e1058b07ea2acb1bdb2d52f778639e093b1ed8a6)) +* **dracut.sh:** + * split drivers_dir check ([d32d221e](https://github.com/dracutdevs/dracut/commit/d32d221efd77dcc0afa1d39230f7bdc2958ffca5)) + * use DRACUT_ARCH instead of `uname -m` ([a86aea65](https://github.com/dracutdevs/dracut/commit/a86aea65186b47ac210a3947c966311bb5371aeb)) + * make omit-drivers option do exact match for names ([444944ab](https://github.com/dracutdevs/dracut/commit/444944ab37c2446adf07dd163225707e90aabef3)) + * correct wrong systemd variable paths ([b9dc999f](https://github.com/dracutdevs/dracut/commit/b9dc999f87a477af53e379d7fb1053d13d6dbe88)) + * remove duplicate "dracut:" string in logger functions ([8410ee22](https://github.com/dracutdevs/dracut/commit/8410ee22903403cd673a22692a084125c835cbe9)) + * do not fail on irregular files ([b72d0d7f](https://github.com/dracutdevs/dracut/commit/b72d0d7f9be53c1ad04f132daf0297aff7581e9c)) +* **dracut.spec:** tpm2-tools is required for crypt module to work ([8abffe7c](https://github.com/dracutdevs/dracut/commit/8abffe7cca2e210e15c618beeffe7450be357f73)) +* **drm:** add video drivers needed on hyper-v and similar ([85149b85](https://github.com/dracutdevs/dracut/commit/85149b85961aa535a3c61d492cd3594794e5cc3f)) +* **github:** yml syntax and commit message for dependabot ([32f6dd1d](https://github.com/dracutdevs/dracut/commit/32f6dd1d5f0b7c24bda8bf950df176a0791045cb)) +* **i18n:** + * do not fail if FONT in /etc/vconsole.conf has the file extension ([e1de5bd2](https://github.com/dracutdevs/dracut/commit/e1de5bd2d711df2c6814a3c3ab8472cdb4de9101)) + * add required includes for keymaps ([fe8fa2b0](https://github.com/dracutdevs/dracut/commit/fe8fa2b0cadbb33e27c8dd8b5851548dcd65835c)) +* **install.d:** add --verbose if KERNEL_INSTALL_VERBOSE=1 ([846a8453](https://github.com/dracutdevs/dracut/commit/846a845375b8a9ea48741079d523e6b464950ea7)) +* **integrity:** + * do not enable EVM if there is no key ([90585c62](https://github.com/dracutdevs/dracut/commit/90585c624af15ba0abb7f32b0c2afc2b122dd019)) + * remove unused variable ([9d1004a4](https://github.com/dracutdevs/dracut/commit/9d1004a4e9883ecabdca478a809efb5501a1e47a)) +* **iscsi:** don't install the module if kernel doesn't support iscsi ([7917d797](https://github.com/dracutdevs/dracut/commit/7917d7976ded6384433ef8fb2ce1905f0a76358e)) +* **kernel-modules:** + * add sysctl to initramfs to handle modprobe files ([33679fff](https://github.com/dracutdevs/dracut/commit/33679fff5deb733f9dfe8d005066ac98e107c083)) + * always include nvmem driver on nvmem_on_arm ([bc965cd8](https://github.com/dracutdevs/dracut/commit/bc965cd8890013a6362733d217c18756134bbcdf)) +* **load_fstype:** use $1 if $2 is missing ([401158e5](https://github.com/dracutdevs/dracut/commit/401158e58c47b2e1278a47b9cd236f501cfe2732)) +* **lsinitrd.sh:** + * add a missing path to image ([e877be69](https://github.com/dracutdevs/dracut/commit/e877be69b41199ee4384ccb6352754bb9edfbba4)) + * correct skipcpio source path ([5eb996a9](https://github.com/dracutdevs/dracut/commit/5eb996a9936a87918a4320963a8681975ed86be4)) +* **lvm:** drop dm-eventd binary and libs from initramfs ([7d3184e4](https://github.com/dracutdevs/dracut/commit/7d3184e430823f7eee4acee87576acdcf02746c2)) +* **man:** + * correct typo ([699e3945](https://github.com/dracutdevs/dracut/commit/699e39458962bc1a06a096f24ad86ffb87e8779e)) + * dracut.cmdline.7: clarify "rd.nvmf.discover=fc,auto" ([a90efdd7](https://github.com/dracutdevs/dracut/commit/a90efdd704271dab6717329e88b3a1c9e850d23b)) + * dracut.cmdline(7): correct syntax for rd.nonvmf ([4b69e63b](https://github.com/dracutdevs/dracut/commit/4b69e63b7414567a03e8da79acc2efe32e0a6a94)) + * point man pages to github.com instead of kernel.org ([d6d55584](https://github.com/dracutdevs/dracut/commit/d6d555845e53dca0b083d59c8cedf465e6b70b71)) + * correct typo ([7fa0094c](https://github.com/dracutdevs/dracut/commit/7fa0094c0087a827a22f30ec62f03f243b000bf3)) +* **multipath:** install multipathd.socket ([02e646fc](https://github.com/dracutdevs/dracut/commit/02e646fc7ec91e1fbaa0f2097f35781ae41da937)) +* **network:** + * check if ip command fails ([52d14607](https://github.com/dracutdevs/dracut/commit/52d14607d18d99c0c2c3242a64561b1af6a332d1)) + * two bugs which cause minutes long boot times ([1d6f42c8](https://github.com/dracutdevs/dracut/commit/1d6f42c8a4029380c2147018e64fb7ebc9e175e7)) + * avoid double brackets around IPv6 address ([2c26b703](https://github.com/dracutdevs/dracut/commit/2c26b703223bb65822954264bcd6ca7934c98b4a)) + * don't use same ifname multiple times ([f4e9ea87](https://github.com/dracutdevs/dracut/commit/f4e9ea879f38bea92069e9397028caa5d81e5aee)) +* **network-legacy:** + * check if dhclient has --timeout option ([23654c50](https://github.com/dracutdevs/dracut/commit/23654c50b003612d1b6e4b09c0bde7dd88239fd8)) + * correct wrong local network configuration path ([2eb733cc](https://github.com/dracutdevs/dracut/commit/2eb733cc11c09358b79e2c73218953f5bb64da93)) +* **network-manager:** + * always install the library plugins directory ([429f9de1](https://github.com/dracutdevs/dracut/commit/429f9de1c767c816301097a42cec762dc82d67da)) + * correct wrong local network configuration path ([744c6de5](https://github.com/dracutdevs/dracut/commit/744c6de5cde38d012f93bc53f9076bf9c37b8b72)) +* **nfs,virtiofs:** check kernel for builtin fs drivers ([78cafe46](https://github.com/dracutdevs/dracut/commit/78cafe465d972ed52cc9d847c9895716a5f44e7e)) +* **nvmf:** + * run cmdline hook before parse-ip-opts.sh ([a65fab69](https://github.com/dracutdevs/dracut/commit/a65fab69662d3adf52eb968411f59ebc5a173f7c)) + * avoid calling "exit" in a cmdline hook ([a93968b0](https://github.com/dracutdevs/dracut/commit/a93968b07567a654d18b8ef2144337d803186eca)) + * make sure "rd.nvmf.discover=fc,auto" takes precedence ([556ef46a](https://github.com/dracutdevs/dracut/commit/556ef46aa96650d72b2fd850a09fa04dff64bbb8)) + * don't use "finished" queue for autoconnect ([e93e4652](https://github.com/dracutdevs/dracut/commit/e93e46520dd89a7357a15441ab6b141ff9ff9aeb)) + * don't create did-setup file ([03921ec0](https://github.com/dracutdevs/dracut/commit/03921ec09e95ea49f89ae307dcca4e2e3d1bc6d6)) + * no need to load the nvme module ([a3cf4ec9](https://github.com/dracutdevs/dracut/commit/a3cf4ec92202df43adf368c7fdd12e35d304a0e4)) + * don't try to validate network connections in cmdline hook ([b3ff3f3f](https://github.com/dracutdevs/dracut/commit/b3ff3f3fbce6878a754332cd4a05374e5e1156c8)) + * nvme list-subsys prints the address using commas as separator ([9664e98b](https://github.com/dracutdevs/dracut/commit/9664e98b5db603567d42d4d0c6e6ea1bd3d5bf24)) +* **shell-completion:** add missing -p and --parallel options ([b30a00c2](https://github.com/dracutdevs/dracut/commit/b30a00c2a2815517e79eeaeef5f76fd6f923e61f)) +* **skipcpio:** ignore broken pipe ([aa0369a4](https://github.com/dracutdevs/dracut/commit/aa0369a4a31764fde06214358b0774fb1095af01)) +* **squash:** build ld cache for squash loader ([bc1b23c2](https://github.com/dracutdevs/dracut/commit/bc1b23c29202023dd7852f4c3e3e97aaaf94da92)) +* **systemd:** + * add missing modprobe@.service ([928252a1](https://github.com/dracutdevs/dracut/commit/928252a145ca44627ba5873e01245eabe246992f)) + * set right permissions for the machine-id file ([da55e266](https://github.com/dracutdevs/dracut/commit/da55e2663499f6218d28783076c5449a9a6b8ec9)) +* **systemd-coredump:** correct systemd-coredump binary path ([4b931bfb](https://github.com/dracutdevs/dracut/commit/4b931bfb4f594834d06787b3506c4a0ddbbe48ac)) +* **systemd-hostnamed:** + * add missing dbus-org.freedesktop.hostname1.service ([4fca292b](https://github.com/dracutdevs/dracut/commit/4fca292b957c8ec256111442ba0db4e539442ac8)) + * correct sysusers configuration ([a540c95b](https://github.com/dracutdevs/dracut/commit/a540c95bbf9496f7b9d6e86aa5080173d73dff78)) +* **systemd-networkd:** typo in systemd-networkd.socket local conf path ([d4732be8](https://github.com/dracutdevs/dracut/commit/d4732be87782016c2699fbf980d63ac366819942)) +* **systemd-timedated:** add missing dbus-org.freedesktop.timedate1.service ([b3d219b4](https://github.com/dracutdevs/dracut/commit/b3d219b475c8f695ccfb8b741282583da710befa)) +* **systemd-timesyncd:** typo in systemd-time-wait-sync.service local conf path ([e3ec51e1](https://github.com/dracutdevs/dracut/commit/e3ec51e128135d56c3995d87ca2a4ff65b253391)) +* **test:** remove unnecessary setup steps ([22ab7979](https://github.com/dracutdevs/dracut/commit/22ab79794852eced9caaccd8763332b870e97032)) +* **virtiofs:** + * make shebangs work on split-usr systems ([27b316df](https://github.com/dracutdevs/dracut/commit/27b316df1f001949675fbeddaeab6ff56bc449d2)) + * ismounted has a dependency on the base module ([c73e7b99](https://github.com/dracutdevs/dracut/commit/c73e7b99db8c759d89236d0791145d6919abd2bc)) +* **zipl:** remove trailing spaces from zipl boot device name ([b4de9ee1](https://github.com/dracutdevs/dracut/commit/b4de9ee107742c8b0b8a86dcc22aa4fd366b068e)) + +#### Features + +* **dmsquash-live:** + * add support for dash ([862ba526](https://github.com/dracutdevs/dracut/commit/862ba52683834f87722cae7a6692a59d09271ec3)) + * add new dmsquash-live-autooverlay module ([a3c67d27](https://github.com/dracutdevs/dracut/commit/a3c67d27e75223bb45df19f850d246ced9a09938)) +* **dracut-init.sh:** + * introduce a new helper require_kernel_modules ([d3a5e631](https://github.com/dracutdevs/dracut/commit/d3a5e6312a84b29bcb10fd5d28e1314f1acbc78f)) + * add inst_libdir_dir() helper ([cc669250](https://github.com/dracutdevs/dracut/commit/cc669250affa0176ed2bba866d8e933fb0668f4c)) +* **dracut-install:** convert_abs_rel: canonicalise parent of from, too ([53dd6a9b](https://github.com/dracutdevs/dracut/commit/53dd6a9bbb0eb91dea0e56bec556bf865a920b2e), closes [#1781](https://github.com/dracutdevs/dracut/issues/1781)) +* **dracut.sh:** + * populate uefi_cmdline if no other cmdline is given ([1157143d](https://github.com/dracutdevs/dracut/commit/1157143d67b02ccf95602ae082f6fbfd1a20f342)) + * pass engine flag to sbsign allowing use with hardware devices ([897e5eff](https://github.com/dracutdevs/dracut/commit/897e5effe08f15de6b20099caeda7bc1167b7026)) +* **fs-lib:** fsck_single can now handle PARTLABEL and PARTUUID ([d40617f7](https://github.com/dracutdevs/dracut/commit/d40617f720ce7d895be4f6297ac4342d4492c39a)) +* **github:** automating dependency updates ([bdddfd56](https://github.com/dracutdevs/dracut/commit/bdddfd561f38469b3f51d7e6af196ff1f190e2a2)) +* **kernel-modules:** exclude USB drivers in strict hostonly mode ([7debf540](https://github.com/dracutdevs/dracut/commit/7debf540ca69d9171cb86b4752c882bac997c26e)) +* **multipath:** install tmpfiles.d config file ([cf31fcf8](https://github.com/dracutdevs/dracut/commit/cf31fcf804be4dc0fa31885f5185a59b6012cdf4)) +* **nvmf:** set rd.neednet=1 if tcp records encountered ([cf8986af](https://github.com/dracutdevs/dracut/commit/cf8986af7d9a3ce73f330de23d5312f924acea34)) +* **overlayfs:** + * add new overlayfs module to dracut.spec ([b55563f6](https://github.com/dracutdevs/dracut/commit/b55563f635fb8aad5e141c4fa5d3e486dc2b0b60)) + * add a new module called overlayfs ([40dd5c90](https://github.com/dracutdevs/dracut/commit/40dd5c90e0efcb9ebaa9abb42a38c7316e9706bd)) +* **qemu:** add efi_secret driver ([8194f72a](https://github.com/dracutdevs/dracut/commit/8194f72af2e9b6ab3cdb01412381023b0a58c852)) +* **squash:** use require_kernel_modules for better module checking ([d4a9d6b4](https://github.com/dracutdevs/dracut/commit/d4a9d6b4c006a375e0b89396251e8ad1aecc0b16)) +* **systemd:** install systemd-sysroot-fstab-check ([23684e4a](https://github.com/dracutdevs/dracut/commit/23684e4a2bb024595ad63d9f49d83b4693537110)) +* **systemd-pcrphase:** introducing the systemd-pcrphase module ([d345ca2e](https://github.com/dracutdevs/dracut/commit/d345ca2efd5e017be5cc80cfc96137a7f0bee425)) +* **systemd-portabled:** introducing the systemd-portabled module ([03babd95](https://github.com/dracutdevs/dracut/commit/03babd95e28bc884e87fd0885edafb2ee91f8935)) +* **systemd-pstore:** introducing the systemd-pstore module ([758f2e69](https://github.com/dracutdevs/dracut/commit/758f2e69374d7865bf55a74ee218a1d52df20123)) +* **test:** add new module to share code between tests ([f5689b42](https://github.com/dracutdevs/dracut/commit/f5689b42bdb9dfcb0f1b610d7db845ceac985061)) +* **test-makeroot:** add new module to share code between tests ([54b963ca](https://github.com/dracutdevs/dracut/commit/54b963ca35a3a4cc8bcdb35e5e9ebb74af09191e)) +* **test-root:** add new module to share code between tests ([b17a3103](https://github.com/dracutdevs/dracut/commit/b17a3103a516b5a45af954b1e2969a5256fffebc)) + +#### Performance + +* **90kernel-modules:** use awk instead of shell monster ([77ac95d9](https://github.com/dracutdevs/dracut/commit/77ac95d9091afcfdbd1fe0372389613914dd1bc6)) +* **dracut-install:** + * convert_abs_rel: don't allocate target parent realpath ([d2648f6d](https://github.com/dracutdevs/dracut/commit/d2648f6dd8277c3d9a0b8d05ca66a212da47070e)) + * strdup()+[dirlen]=0 => strndup ([e7d6a1e3](https://github.com/dracutdevs/dracut/commit/e7d6a1e30c34134d27c0ae921b7d18525ddf3dea)) +* **dracut.sh:** do not mkdir $initdir/lib/dracut within a loop ([8d46cc01](https://github.com/dracutdevs/dracut/commit/8d46cc01a95afc6902e8c86a795db082622a3c74)) + +#### Contributors + +- Laszlo Gombos <laszlo.gombos@gmail.com> +- Antonio Alvarez Feijoo <antonio.feijoo@suse.com> +- Martin Wilck <mwilck@suse.de> +- Kairui Song <kasong@tencent.com> +- Marcos Mello <marcosfrm@gmail.com> +- наб <nabijaczleweli@nabijaczleweli.xyz> +- David Tardon <dtardon@redhat.com> +- Jóhann B. Guðmundsson <johannbg@gmail.com> +- Matt Coleman <matt@datto.com> +- Pavel Valena <pvalena@redhat.com> +- Alberto Planas <aplanas@suse.com> +- Brian C. Lane <bcl@redhat.com> +- Jonathan Lebon <jonathan@jlebon.com> +- Lukas Nykryn <lnykryn@redhat.com> +- keentux <valentin.lefebvre@suse.com> +- Cole Robinson <crobinso@redhat.com> +- Daan De Meyer <daan.j.demeyer@gmail.com> +- Frederick Grose <4335897+FGrose@users.noreply.github.com> +- Frederick Grose <fgrose@sugarlabs.org> +- Hari Bathini <hbathini@linux.ibm.com> +- Henrik Gombos <henrik99999@gmail.com> +- Jeremy Linton <jlinton@redhat.com> +- Kenneth D'souza <kennethdsouza94@gmail.com> +- Laura Hild <lsh@jlab.org> +- Mike Gilbert <floppym@gentoo.org> +- Mikhail Novosyolov <m.novosyolov@rosalinux.ru> +- Neal Gompa <neal@gompa.dev> +- Scott Moser <smoser@brickies.net> +- Tao Liu <ltao@redhat.com> +- Tianhao Chai <cth451@gmail.com> +- gombi <gombi@> +- joamonwx <unknown> +- runsisi <runsisi@hust.edu.cn> +- tupper <tupper.bob@gmail.com> + +dracut-057 +========== + +#### Bug Fixes + +* **10i18n:** + * stop leaking shell options ([f3441cc7](https://github.com/dracutdevs/dracut/commit/f3441cc7c577554dde04a9fe90638f779bb0a411)) + * stop leaking shell options ([35064768](https://github.com/dracutdevs/dracut/commit/35064768ebf14d3ec6bf3f7df52580fb4920ea3d)) +* **Makefile:** use of potentially unset variable ([1354d633](https://github.com/dracutdevs/dracut/commit/1354d6339a2e603fe0787bc028f9e7e1d49cbf82)) +* **bluetooth:** + * accept compressed firmwares in inst_multiple ([09a1e5af](https://github.com/dracutdevs/dracut/commit/09a1e5afd2eaa7f8e9f3beaf8a48283357e7fea0)) + * nullglob should not be needed ([36aaa74f](https://github.com/dracutdevs/dracut/commit/36aaa74f3641d375cb435298864fad1945444893)) + * make $dbussystem/bluetooth.conf optional ([a38d9ec0](https://github.com/dracutdevs/dracut/commit/a38d9ec0320f3819a3b70dc5bb59f6d2fc570149)) +* **configure:** check for SYS-gettid during configure ([0ef40d88](https://github.com/dracutdevs/dracut/commit/0ef40d88124fe67726b8b5d8321dce064c727447)) +* **connman:** copy netroot.sh from the network module and install it ([f6d83f9f](https://github.com/dracutdevs/dracut/commit/f6d83f9f5cd4850468f26048f8eed015dc2bd0e0)) +* **crypt:** add missing is_keysource parameter to cryptroot-ask ([6c11a8fc](https://github.com/dracutdevs/dracut/commit/6c11a8fcee08c297a34bd5c5215a7a29d3529b85)) +* **dmsquash-live:** + * mount live device with the correct type ([08ed7b2d](https://github.com/dracutdevs/dracut/commit/08ed7b2d0035eaa699c139bc9719f90190f6ffc1)) + * permanent overlay on the same drive as LiveCD .iso ([9a884b3a](https://github.com/dracutdevs/dracut/commit/9a884b3afce1ebc8c6a6e5f62594ce708486a826)) +* **dracut:** default to correct firmware search paths ([95aeed89](https://github.com/dracutdevs/dracut/commit/95aeed8975dd5a2af782ec986f2af6176b585c59)) +* **dracut-functions.sh:** correct wrong comment ([0afa840e](https://github.com/dracutdevs/dracut/commit/0afa840e111e63da14edcb655886734b45d61c4b)) +* **dracut-initramfs-restore.sh:** + * unpack uncompressed initrd as last option ([46886956](https://github.com/dracutdevs/dracut/commit/46886956211f8a436e2e9f81fc4972d2a297c3a3)) + * check if SELINUXTYPE is set ([24d8f35b](https://github.com/dracutdevs/dracut/commit/24d8f35b9c162f42c58abd27fe9c75bbf76cbfe7)) +* **dracut-install:** + * copy files preserving ownership attributes ([9ef73b6a](https://github.com/dracutdevs/dracut/commit/9ef73b6ad08c19c3906564e5a15c7908ed9a81c8)) + * do not fail when SOURCE is optional and missing ([bd1a5ca9](https://github.com/dracutdevs/dracut/commit/bd1a5ca9ae9e347061e67e51be29335ab074ad95)) +* **dracut-systemd:** + * drop misleading man page reference ([77c28b30](https://github.com/dracutdevs/dracut/commit/77c28b3020b7dede848d8282151f609d80905b05)) + * correct service dependencies ([85fdff12](https://github.com/dracutdevs/dracut/commit/85fdff1212e708d335f035926f3c2a6b87bb1c3c)) +* **dracut.cmdline.7:** {=> must} also be specified ([27071e9a](https://github.com/dracutdevs/dracut/commit/27071e9a0e7928bccc45469eb659cdafb20f134b)) +* **dracut.sh:** + * format usage and add missing options ([9bef7109](https://github.com/dracutdevs/dracut/commit/9bef71094eba84a9eac161fc45386ccd73bd2b34)) + * always check that MACHINE_ID is not empty ([527fdfa1](https://github.com/dracutdevs/dracut/commit/527fdfa1517b7f010afa049fe6add71e4c916cdd)) + * avoid calling dfatal before dracut-logger is sourced ([012d7db2](https://github.com/dracutdevs/dracut/commit/012d7db27da7416471ed49ee2ca666ab95837f47)) + * add missing default output file paths ([28ef3bc6](https://github.com/dracutdevs/dracut/commit/28ef3bc6a6f1efcd8d8c16228a6dee9d563342e7)) + * add missing --libdirs usage ([352e5917](https://github.com/dracutdevs/dracut/commit/352e59173152f13b242c598a735243f0f2850ff1)) + * drop restorecon call ([33859892](https://github.com/dracutdevs/dracut/commit/3385989266ddb1c0685f9f7501f1835e9ce49730)) + * error exporting sysctl variables ([4c355d05](https://github.com/dracutdevs/dracut/commit/4c355d05587b0432a6dc551b8693dbdc51a07962)) +* **dracut.spec:** add connman module ([d0c6ab21](https://github.com/dracutdevs/dracut/commit/d0c6ab21d906cc5b0e05e1107c48baffcbedb02c)) +* **fedora.conf:** vi binary is missing ([48541362](https://github.com/dracutdevs/dracut/commit/485413627f04fdc0c5c29958ce437718b262a99c)) +* **github:** remove packit ([8fd37d20](https://github.com/dracutdevs/dracut/commit/8fd37d20f4b7cc08ee0970e0249aac4cd5b47a4e)) +* **ifcfg:** avoid calling unavailable dracut-logger functions ([7103c4bc](https://github.com/dracutdevs/dracut/commit/7103c4bce9240d5896a0d207c216e0f6270ad2e8)) +* **install:** restore musl support ([ce55a85e](https://github.com/dracutdevs/dracut/commit/ce55a85ed5d902c19d75895508856f96ec2ceb1a)) +* **integrity:** do not display any error if there is no IMA certificate ([f63f411d](https://github.com/dracutdevs/dracut/commit/f63f411d52df613936082d646ab072447b8b9d7f)) +* **iscsi:** + * do not exit in handle_netroot() if discovery failed ([319dc7fe](https://github.com/dracutdevs/dracut/commit/319dc7fe10585a19d1a051f8ad1ba0190f86ff1f)) + * remove unneeded iscsi NOP-disable code ([a33a8df4](https://github.com/dracutdevs/dracut/commit/a33a8df43d33c9bdf85d7a5b7392585129a690f5)) +* **kernel-network-modules:** allow specifying empty --hostonly-nics ([ab6f5733](https://github.com/dracutdevs/dracut/commit/ab6f57339ad77b5bc116400f7b66580745bfc563)) +* **lsinitrd.sh:** + * always check that MACHINE_ID is not empty ([d6343146](https://github.com/dracutdevs/dracut/commit/d6343146c1db69fc724ca666a5d9321af7fd0d46)) + * add missing default paths ([49ea6c42](https://github.com/dracutdevs/dracut/commit/49ea6c42db7180eec5ba57e082a38d116f2d17a5)) +* **lvm:** + * add missing grep requirement ([79f9d9e1](https://github.com/dracutdevs/dracut/commit/79f9d9e1c29a9c8fc046ab20765e5bde2aaa3428)) + * ignore expected error message from lvm config ([7e03d81f](https://github.com/dracutdevs/dracut/commit/7e03d81fe3df932558d2b7280fa57da24ba955c0)) +* **man:** + * add missing default paths ([ffc1985c](https://github.com/dracutdevs/dracut/commit/ffc1985cb26894c50487b7db2703e8715a4a7537)) + * add missing --libdirs section ([a90dbd95](https://github.com/dracutdevs/dracut/commit/a90dbd958b19778044047f17559449fffdb94cc2)) +* **network-manager:** avoid calling unavailable dracut-logger functions ([b7059aef](https://github.com/dracutdevs/dracut/commit/b7059aef5962aad1dc8d96a0f600105a40867380)) +* **nfs:** + * give /run/rpcbind ownership to rpc user ([d6159343](https://github.com/dracutdevs/dracut/commit/d615934311e25146bb37943bf1385a19dfdbd9e8)) + * require and install needed binaries ([0e4df7a3](https://github.com/dracutdevs/dracut/commit/0e4df7a39dda388dc71ff6f749c8197cba4442b9)) +* **nvmf:** + * deprecate old nvmf cmdline options ([e405501e](https://github.com/dracutdevs/dracut/commit/e405501e23462d151bba252133f4a6179bf79cf0)) + * set executable bit on nvmf-autoconnect.sh ([25a92885](https://github.com/dracutdevs/dracut/commit/25a92885a9519701cc480298c2b082e2e2bf5ebe)) +* **plymouth:** hide dpkg-architecture stderr messages ([42e9d188](https://github.com/dracutdevs/dracut/commit/42e9d1889298c3d8badfb6f95e16e048ad83a1f6)) +* **resume:** correct call to block_is_netdevice function ([a7a4b76c](https://github.com/dracutdevs/dracut/commit/a7a4b76c4ad5794f5f8a24ecd5b495f1512d05f7)) +* **shell-completion:** add missing options ([1199f990](https://github.com/dracutdevs/dracut/commit/1199f990bb93b4e6bd56fa3df050b17fc7e6c378)) +* **systemd-coredump:** add systemd-sysusers dependency ([ce82e969](https://github.com/dracutdevs/dracut/commit/ce82e969f8faaccbb57be178833ef4e39f01cdf9)) +* **systemd-journald:** remove duplicate entry in inst_multiple ([d3ab2061](https://github.com/dracutdevs/dracut/commit/d3ab20615ef94370e43b042d913d5f787dd52430)) +* **systemd-timesyncd:** add systemd-sysusers dependency ([28b6adcb](https://github.com/dracutdevs/dracut/commit/28b6adcb27fb5240c01f7d41511ce02597aa27bd)) +* **test:** + * dmsquash-live test without an iso ([6ee2baf3](https://github.com/dracutdevs/dracut/commit/6ee2baf314fc6aa3bb88ca52d11c9f599223eb77)) + * remove stale comments ([b3ab3037](https://github.com/dracutdevs/dracut/commit/b3ab3037e8b9272498ed40131f30bf1831acab73)) + * add support for dpkg to pass the test on debian ([a7dfdf6a](https://github.com/dracutdevs/dracut/commit/a7dfdf6acbf7a87fd2735541f06a062126966f69)) + * nullglob should not be needed ([c7b3ac2b](https://github.com/dracutdevs/dracut/commit/c7b3ac2bd115521855b3ad8ce287cb1a9afca128)) +* **udev-rules:** add cdrom udev rules by default ([aebeb2ec](https://github.com/dracutdevs/dracut/commit/aebeb2ecdf76b7716fadbab8b216b8805d36a461)) + +#### Features + + * add aarch64 uefi support ([8391a993](https://github.com/dracutdevs/dracut/commit/8391a993033e212a24635dd629c167354f0834f8)) + * **connman:** introduce connman support module ([f30d0351](https://github.com/dracutdevs/dracut/commit/f30d03513f357a36d2ed48a522c7ef2a46bb0c5c)) + * **dracut:** + * support parallel execution with --parallel ([6d923262](https://github.com/dracutdevs/dracut/commit/6d92326201014cde9ab04b90367017f875d3b991)) + * add zfs detection ([9582f027](https://github.com/dracutdevs/dracut/commit/9582f02773c5115e14fe0992ec2db3935cb0e6eb)) + * **dracut-install:** support ZSTD-compressed firmware with .zst suffix ([9d8387ed](https://github.com/dracutdevs/dracut/commit/ 9d8387ed803dfc3e8b97d2e415a15083774d7ac6)) + * **dracut-systemd:** use Documentation= to point to man page ([42e8f17c](https://github.com/dracutdevs/dracut/commit/ 42e8f17c2481d33a3d6ba23f653c835e0cda6994)) + * **gensplash:** remove module ([1befc641](https://github.com/dracutdevs/dracut/commit/1befc6416743a527824f0f2cc25471e86a6f8a79)) + * **lvm:** add new module lvmthinpool-monitor ([d9812fc4](https://github.com/dracutdevs/dracut/commit/d9812fc4ae18a39c144140dd60cb03e16e0d2e06)) + * **man:** add documentation for rd.luks.key.tout ([65e41b54](https://github.com/dracutdevs/dracut/commit/65e41b54600878e3e08bbe3b60f66524e1d166a8)) + * **squash:** + * add shell completion for --squash-compressor option ([e2aee2d4](https://github.com/dracutdevs/dracut/commit/e2aee2d436cf68c4515a381d620a963ff18dcf05)) + * update the manual page for --squash-compressor ([3693bfef](https://github.com/dracutdevs/dracut/commit/3693bfef2fc252f5a4b18278c87a1076896b7fb5)) + * decouple the compressor for dracut and dracut-squash ([90d9ae8c](https://github.com/dracutdevs/dracut/commit/90d9ae8ca814c26045ecea63fa15bd8959076d0d)) + * **url-lib.sh:** add --retry-connrefused to default curl arguments ([90032a46](https://github.com/dracutdevs/dracut/commit/ 90032a463190ab68f20f493894f667320466082d)) + * **virtiofs:** virtiofs root filesystem support ([4632f799](https://github.com/dracutdevs/dracut/commit/4632f799954c18eb8f655efe05b1e6ce30246828)) + +#### Contributors + +- Antonio Alvarez Feijoo <antonio.feijoo@suse.com> +- Laszlo Gombos <laszlo.gombos@gmail.com> +- Pavel Valena <pvalena@redhat.com> +- David Tardon <dtardon@redhat.com> +- Tao Liu <ltao@redhat.com> +- наб <nabijaczleweli@nabijaczleweli.xyz> +- German Maglione <gmaglione@redhat.com> +- Jóhann B. Guðmundsson <johannbg@gmail.com> +- Nicolas Porcel <nicolasporcel06@gmail.com> +- Zoltán Böszörményi <zboszor@gmail.com> +- nkraetzschmar <nkraetzschmar@users.noreply.github.com> +- Benjamin Gilbert <bgilbert@redhat.com> +- Coiby Xu <coxu@redhat.com> +- Conrad Hoffmann <ch@bitfehler.net> +- David Teigland <teigland@redhat.com> +- James Morris <morisja@gmail.com> +- Lee Duncan <lduncan@suse.com> +- Martin Wilck <mwilck@suse.de> +- Masahiro Matsuya <mmatsuya@redhat.com> +- Michal Hecko <mhecko@redhat.com> +- Morten Linderud <morten@linderud.pw> +- Savyasachee Jha <genghizkhan91@hawkradius.com> +- Shreenidhi Shedi <sshedi@vmware.com> +- Wenchao Hao <haowenchao@huawei.com> + +dracut-056 +========== + +#### Bug Fixes + +* **base:** + * do not change the provided UUID ([4e858741](https://github.com/dracutdevs/dracut/commit/4e858741087a5cfea891bd2c1fd51ea9b830aeaf)) + * add default device choice ([e8c18c9f](https://github.com/dracutdevs/dracut/commit/e8c18c9f7f5ed94898f70e9ff5a5f94a815a2b49)) + * tr needs to be installed ([dfbfd33b](https://github.com/dracutdevs/dracut/commit/dfbfd33b24524c0c10ad3594be143192f5b7da84)) + * do not quote $initargs for switch_root ([f649cd10](https://github.com/dracutdevs/dracut/commit/f649cd10b2e920e9d65c532db9b9f89a7370ad99)) + * repair installing dracut-util ([d7acf107](https://github.com/dracutdevs/dracut/commit/d7acf107f2ac619f73dfa29588ea9adfaf79e296)) +* **bluetooth:** + * make hostonly configuration files optional ([d03fb675](https://github.com/dracutdevs/dracut/commit/d03fb675d8e904c6c44de9b91814b33c45043f4f)) + * dbus configuration path fixes ([34b1dd2e](https://github.com/dracutdevs/dracut/commit/34b1dd2e26c343e9000094db01a7985b6851adf1)) +* **cms:** reload NetworkManager connections ([07977ee5](https://github.com/dracutdevs/dracut/commit/07977ee5c5294a5d30c1f33f292a0b31303750fb)) +* **cpio:** + * correct dev_t -> rmajor/rminor mapping ([acc629ab](https://github.com/dracutdevs/dracut/commit/acc629abb0d7a26f692f99e5a9cf8c8401bc6a86)) + * write zeros instead of seek for padding and alignment ([0af11c5e](https://github.com/dracutdevs/dracut/commit/0af11c5ea5018a3e1049a2207a9a671049651876)) +* **crypt:** remove quotes from cryptsetupopts ([e0abf88a](https://github.com/dracutdevs/dracut/commit/e0abf88a15d23fbf793cf872397016ad86aeaaa8), closes [#1528](https://github.com/dracutdevs/dracut/issues/1528)) +* **crypt-gpg:** + * tr needs to be installed ([a93fbc4a](https://github.com/dracutdevs/dracut/commit/a93fbc4ae00d8c6ecda67319a6425f7966609bbe)) + * execute --card-status on each try ([66100936](https://github.com/dracutdevs/dracut/commit/6610093698db25fda1d584b9771da1e2c2330095)) +* **dasd_rules:** + * correct udev dasd rules parsing ([5de6e4d5](https://github.com/dracutdevs/dracut/commit/5de6e4d56e5206cb47f645ad1cb6d39794048c68)) + * remove collect based udev rule creators ([ebafbd82](https://github.com/dracutdevs/dracut/commit/ebafbd824175e201ae9476576588a896c6b7d7eb)) +* **dmsquash-live:** + * option to use overlayfs on a block device root ([813577e2](https://github.com/dracutdevs/dracut/commit/813577e2ba034b448d2cf2d2857b2d20d56c0259)) + * do not install systemd files when systemd is not enabled ([bf8738d3](https://github.com/dracutdevs/dracut/commit/bf8738d31ca53ad6410c46c1f9b2a4a12273b9a3)) + * iso-scan requires rmdir ([e19e3890](https://github.com/dracutdevs/dracut/commit/e19e38904c054664473207d2d6ef3c53bd938867)) + * correct regression introduced with shellcheck changes ([0c631efb](https://github.com/dracutdevs/dracut/commit/0c631efb10bf4ce18ec8640277bd94712950298a)) +* **dmsquash-live-ntfs:** fuse3 no longer requires ulockmgr_server ([75ad2699](https://github.com/dracutdevs/dracut/commit/75ad269931eccd266a5d60ba4000d93655143e00)) +* **dracut:** be more robust when using 'set -u' ([22a80629](https://github.com/dracutdevs/dracut/commit/22a80629b4bbcef02eb8fe3611ea44e253ef4c61)) +* **dracut-functions.sh:** + * ip route parsing ([d754e1c6](https://github.com/dracutdevs/dracut/commit/d754e1c6f081a6501cb7fdcb5caaa6c4977235af)) + * get block device driver if in a virtual subsystem ([dc3b976f](https://github.com/dracutdevs/dracut/commit/dc3b976f3393d7a3fb75b349418fc8ee2c9142bd)) +* **dracut-init:** unbreak a comment ([bc4f196f](https://github.com/dracutdevs/dracut/commit/bc4f196f9825029eaef7ccf525ec57f5229b2793)) +* **dracut-initramfs-restore.sh:** + * add missing compression options ([e86397de](https://github.com/dracutdevs/dracut/commit/e86397de24f4efa6d36e2bb5ae84b7d9ec69b72d)) + * add missing default paths ([3d8e1ad2](https://github.com/dracutdevs/dracut/commit/3d8e1ad2ae1e34244ddf700beea6358c1452e05c), closes [#1628](https://github.com/dracutdevs/dracut/issues/1628)) +* **dracut-install:** tweaks to get_real_file() ([1beeaf3b](https://github.com/dracutdevs/dracut/commit/1beeaf3b71aed763d5fc7a9ee044d675f8906e8c)) +* **dracut-shutdown:** add cleanup handler on failure ([7ab1d002](https://github.com/dracutdevs/dracut/commit/7ab1d00227cad6f1b86ba01fdc766769faebb031)) +* **dracut-systemd:** do not use Requires for vconsole-setup.service ([a7f5429c](https://github.com/dracutdevs/dracut/commit/a7f5429cb81f7ffdf9bd5684af8d36725170b756)) +* **dracut.sh:** + * do not ignore invalid config file or dir path ([7de9ffc0](https://github.com/dracutdevs/dracut/commit/7de9ffc0574790ecbad74b5a000ecd022d7736d4)) + * check kernel zstd support early ([475497b1](https://github.com/dracutdevs/dracut/commit/475497b1bd12c006c782541124b6427cb7ef4cb7)) + * check availability of configured compression ([bdac657b](https://github.com/dracutdevs/dracut/commit/bdac657bf65615438942a872491a818750735014)) + * inform user about auto-selected compression method ([06d47ded](https://github.com/dracutdevs/dracut/commit/06d47ded679231e1370cc655c1df408fc865baac)) + * drop pointless check for module compression method ([586d3e76](https://github.com/dracutdevs/dracut/commit/586d3e7664c00bf144becfa69dde2dbab8711d51)) + * change misspelled variable name ([acfd97a9](https://github.com/dracutdevs/dracut/commit/acfd97a94385c33cd6cef4e5a37f233ea4081288)) + * remove wrong $ in loop sequence ([f1245b5b](https://github.com/dracutdevs/dracut/commit/f1245b5bc13a98ef0dcc679dcef6148214e09503)) + * handle symlinks appropriately while using '-i' option ([c7fbc0c8](https://github.com/dracutdevs/dracut/commit/c7fbc0c8901917baf0d1f0822568e65c6ec00d18)) + * handle '-i' option to include files beginning with '.' ([f1138012](https://github.com/dracutdevs/dracut/commit/f1138012c9dc44e6614466c0a8e929fc55e4a5dd)) +* **drm:** add privacy screen modules to the initrd ([14d97a6a](https://github.com/dracutdevs/dracut/commit/14d97a6a28c6172340c47c89374358aaf4e2629d)) +* **fedora.conf.example:** rename misspelled variable ([9371dcab](https://github.com/dracutdevs/dracut/commit/9371dcaba3c58377428eee44bd702fae7b2ab20e)) +* **fido2:** add a missing library ([4753738b](https://github.com/dracutdevs/dracut/commit/4753738b62d958955f50fb077ea21c56a8d23dc3)) +* **fips:** + * missing sourcing of dracut-lib ([857b17f0](https://github.com/dracutdevs/dracut/commit/857b17f090bdf575292f0bd6f5e8e3d753f6b426)) + * add and remove local variables ([e8121bfd](https://github.com/dracutdevs/dracut/commit/e8121bfddda34e20db889a74d4ac6259ed182aea)) + * wrong error message ([7f10c483](https://github.com/dracutdevs/dracut/commit/7f10c483b6abcc8be42cf246bbdade264be68228)) + * handle s390x OSTree systems ([78557f05](https://github.com/dracutdevs/dracut/commit/78557f05a69fe718a97df85d2ed741ce10d3f806)) +* **fips.sh:** repsect rd.fips.skipkernel ([5789abcb](https://github.com/dracutdevs/dracut/commit/5789abcbe05f30d556086590b786c4857d025d9d)) +* **img-lib:** install rmdir ([51ce8893](https://github.com/dracutdevs/dracut/commit/51ce8893d981e90640123a7dcc3e4f3621e7d819)) +* **install:** + * segfault on popen error ([5c2f72f1](https://github.com/dracutdevs/dracut/commit/5c2f72f152ec319a8001d1ff0bfd1f81a9130b04)) + * extend hwcaps library handling to libraries under glibc-hwcaps/ ([10ed204f](https://github.com/dracutdevs/dracut/commit/10ed204f873f454dcd15ffcc82dc3a1c781c1514)) + * use size_t to avoid -Wsign-compare warning ([55468a2d](https://github.com/dracutdevs/dracut/commit/55468a2d40182de4cce5ba4ecd5dcd96be03bd4d)) + * improve gettid definition ([ef0f848a](https://github.com/dracutdevs/dracut/commit/ef0f848a67fdd0a0dab135acbd1cd7fa0179a95c)) + * validate return values log.c ([19537f89](https://github.com/dracutdevs/dracut/commit/19537f8943ac4106c6d4ab0e00a48a8c0a9a0519)) + * rectify unused function args in log.c ([b5cf7ec7](https://github.com/dracutdevs/dracut/commit/b5cf7ec784335ec561e379f8e78f48019a344ac0)) + * use wrapper for asprintf ([e2a61595](https://github.com/dracutdevs/dracut/commit/e2a61595d2c91202ff4ea69937064cd2c0d1f336)) + * use unsigned int instead of unsigned ([74a41799](https://github.com/dracutdevs/dracut/commit/74a417994840f7a6119e2dee57f9a3bb4d84998b)) + * reduce cppcheck warnings ([b0bf8187](https://github.com/dracutdevs/dracut/commit/b0bf8187d5cc51d5576d8d70a81677d7c9741b37)) + * add a missing ret value assignment ([6a444261](https://github.com/dracutdevs/dracut/commit/6a44426162d5b1b7084b17f921799863d353f847)) +* **integrity:** add support for loading multiple EVM x509 certs ([9da76af8](https://github.com/dracutdevs/dracut/commit/9da76af8e7f0f7a939b2ee44f0b4a5ce0bdd3b0b)) +* **iscsi:** add support for the new iscsiadm "no-wait" (-W) command ([7374943a](https://github.com/dracutdevs/dracut/commit/7374943ae3d063f0142c969b132c4156030fda8b)) +* **kernel-modules:** + * add mailbox drivers for arm ([0e80ff72](https://github.com/dracutdevs/dracut/commit/0e80ff72e01d28e7e92d3adbf98ec40bdbdc37fe)) + * detect block device's hardware driver ([c86f4d28](https://github.com/dracutdevs/dracut/commit/c86f4d286000d1e76fd405560b4114537e2cbbff)) + * add blk_mq_alloc_disk and blk_cleanup_disk to blockfuncs ([b292ce72](https://github.com/dracutdevs/dracut/commit/b292ce7295f18192124e64e5ec31161d09492160)) + * add more modules on RISC-V ([3cc9f1c1](https://github.com/dracutdevs/dracut/commit/3cc9f1c10c67dcdb5254e0eb69f19e9ab22abf20)) + * add isp1760 USB controller ([15398458](https://github.com/dracutdevs/dracut/commit/15398458685d376fef56b1bf6fe09ae7c68324c1)) + * add Type-C USB drivers for generic initrd ([a1287c62](https://github.com/dracutdevs/dracut/commit/a1287c627f28b16b1b066b7c256549b832bd98de)) +* **kernel-modules-extra:** handle zstd module extension ([b3d2dcb7](https://github.com/dracutdevs/dracut/commit/b3d2dcb71e7af8f605f5f66041ed3c801333e5f1)) +* **lvm:** + * restore setting LVM_MD_PV_ACTIVATED ([164e5ebb](https://github.com/dracutdevs/dracut/commit/164e5ebb1199ea3e3d641ce402d8257f0055a529)) + * replace --partial option ([97543cca](https://github.com/dracutdevs/dracut/commit/97543cca48dfde849396f11c83f9c320e1b91c46)) +* **man:** default value of rd.retry was increased to 180 seconds ([4855242c](https://github.com/dracutdevs/dracut/commit/4855242ce5cb586afd2eebd91df57ce1d28ae6b5)) +* **mdraid:** allow UUID comparison for more than one UUID ([d364ce83](https://github.com/dracutdevs/dracut/commit/d364ce8334fef96f48492bd0fb3b7deac37bbb66)) +* **memstrack:** drop bash runtime requirement ([35822f39](https://github.com/dracutdevs/dracut/commit/35822f39970b369301e0ff54436d5714dd996896)) +* **mksh:** requires printf ([f806a628](https://github.com/dracutdevs/dracut/commit/f806a628aa9aec548e425e81b6ea4ab6f5db26f6)) +* **multipath:** + * check if mpathconf is available ([4318533e](https://github.com/dracutdevs/dracut/commit/4318533e1493bfab622b64efc1b799426c812c26)) + * drop ExecStop= setting from service unit ([9491e599](https://github.com/dracutdevs/dracut/commit/9491e599282d0d6bb12063eddbd192c0d2ce8acf)) + * get config. dir from configuration ([2e3c5444](https://github.com/dracutdevs/dracut/commit/2e3c5444d271cb8f05955858b8fdc367c4ea5c48)) +* **multipathd.service:** + * drop dependencies on iscsi and iscsid ([6246da40](https://github.com/dracutdevs/dracut/commit/6246da400fa7f527a1ff1c620bf85ac9f6644508)) + * adapt to upstream multipath-tools unit file ([a247d2bc](https://github.com/dracutdevs/dracut/commit/a247d2bc0d4c6d37a2ea4f3da98dd7902bb37385)) + * remove dependency on systemd-udev-settle ([371b338a](https://github.com/dracutdevs/dracut/commit/371b338a5f19d40ff4c3216dc0f27f9a00cf4e22)) +* **network:** + * consistent use of "$gw" for gateway ([3f2c76bb](https://github.com/dracutdevs/dracut/commit/3f2c76bb1456941a28d3333569d2bf18f8624617)) + * wrong test of wicked unit ([22e68307](https://github.com/dracutdevs/dracut/commit/22e683077a686b592da55e1d247b31f65c95d481)) + * add errors and warnings when network interface does not exist ([79389352](https://github.com/dracutdevs/dracut/commit/7938935267dd8824f074adf84c219340ad4c8db6)) +* **network-manager:** + * skip non-directories in /sys/class/net ([d9c3c774](https://github.com/dracutdevs/dracut/commit/d9c3c77437d91d7d66369a3ef701ffc5e501346d)) + * disable tty output if the console is not usable ([f6e6be24](https://github.com/dracutdevs/dracut/commit/f6e6be245d0cda14d90a0442b688c8dca1410a2e)) + * show output on console only with rd.debug enabled ([e07b7ad0](https://github.com/dracutdevs/dracut/commit/e07b7ad0e7f5dbb8024336f3075610b3b74ffb2e)) + * write DHCP filename option to dhcpopts file ([38320fce](https://github.com/dracutdevs/dracut/commit/38320fce56a8d83b79d6c970c491a454ba9de213)) + * check for nm-initrd-generator in both /usr/{libexec,lib} ([5ee7e249](https://github.com/dracutdevs/dracut/commit/5ee7e249b8cc74461122ccd7efe954b3402c23da)) + * ensure safe content of /tmp/dhclient."$ifname".dhcpopts ([e509c638](https://github.com/dracutdevs/dracut/commit/e509c638e68a8e3cae446d1a4f9f86e3aa6e7a99)) + * include nm-daemon-helper binary ([0e590531](https://github.com/dracutdevs/dracut/commit/0e5905315e92dfc095f543fd73db6190db533217)) + * don't pull in systemd-udev-settle ([a0f12fb6](https://github.com/dracutdevs/dracut/commit/a0f12fb6a09b09f35ab28753d7c4461c10a8b562)) + * support teaming under NM+systemd ([a97d2ced](https://github.com/dracutdevs/dracut/commit/a97d2cedcf65a9a2fbff2591171f0163c7d3cb46)) + * pull in network.target in nm-initrd.service ([a97d6e2b](https://github.com/dracutdevs/dracut/commit/a97d6e2b13146783831b166ec5e8b33b29c514b0)) +* **network-wicked:** multiple path corrections ([d3b5bc17](https://github.com/dracutdevs/dracut/commit/d3b5bc17ebadfe8922d1144b3dfd5435d0ecc71a)) +* **nvmf:** validate_ip_conn ([655c65e6](https://github.com/dracutdevs/dracut/commit/655c65e6ced00e7a80c41e96c5f6fe108da07839)) +* **qeth_rules:** check the existence of /sys/devices/qeth/*/online beforehand ([6c71ba41](https://github.com/dracutdevs/dracut/commit/6c71ba4121ae64ccd13fefba68ca327ac623810f)) +* **resume:** + * resume using /usr/lib64/suspend ([c4593734](https://github.com/dracutdevs/dracut/commit/c459373448d24760d15e22fde7c6f811c7891376)) + * check for presence of /sys/power/resume ([0b977906](https://github.com/dracutdevs/dracut/commit/0b97790626bff3579755b38f78a9c524a075cfcc)) +* **rootfs-block:** make the base module dependency explicit ([3326e4c9](https://github.com/dracutdevs/dracut/commit/3326e4c957d0499495d9e91182fc574b960ace86)) +* **s390_rules:** drop collect installation ([f905c3a7](https://github.com/dracutdevs/dracut/commit/f905c3a72c975cf6006f266755cc91229132c739)) +* **shutdown:** be robust against forced shutdown ([b9ba3c8b](https://github.com/dracutdevs/dracut/commit/b9ba3c8bb8f0f1328cd1ffaa8dbf64585b28c474)) +* **skipcpio:** + * calculate and use CPIO_MAGIC_LEN ([3fb8723c](https://github.com/dracutdevs/dracut/commit/3fb8723ce0066b4ba92f6dbfc4373a66d1f551c4)) + * improve error checking ([f6d16b6b](https://github.com/dracutdevs/dracut/commit/f6d16b6bbd5b8b7ac238c3d2148bebf4e91140a2)) +* **squash:** + * apply FIPS and libpthread workaround ([5ab18dee](https://github.com/dracutdevs/dracut/commit/5ab18dee996f0eeb2b0bfe354570e1b1af46d025)) + * remove tailing '/' when installing ld.so.conf.d ([cbd85597](https://github.com/dracutdevs/dracut/commit/cbd85597e3ed6abf64ac17f431da5477eb5aefa0)) + * keep ld cache under initdir ([dc21638c](https://github.com/dracutdevs/dracut/commit/dc21638c3f0acbb54417f3bfb6294ad5514bf2db)) + * create relative symlinks ([a2b6be44](https://github.com/dracutdevs/dracut/commit/a2b6be44792b68218e3378a7d844b0f8527a4805)) +* **systemd-sysusers:** + * use split systemd sysuser configs ([fec93bb2](https://github.com/dracutdevs/dracut/commit/fec93bb22181f80056b40231fca36c422248ade0)) + * override systemd-sysusers.service ([dcbe23c1](https://github.com/dracutdevs/dracut/commit/dcbe23c14d13ca335ad327b7bb985071ca442f12)) +* **tpm2-tss:** + * add a missing library ([c656b612](https://github.com/dracutdevs/dracut/commit/c656b612b101e4834e01f9841162e2629a7272f7)) + * typo in depends() ([8b17105b](https://github.com/dracutdevs/dracut/commit/8b17105bed69ed90582a13d97d95ee19e6581365)) +* **url-lib:** + * SC2086: Double quote to prevent globbing and word splitting ([acb18869](https://github.com/dracutdevs/dracut/commit/acb18869e98687a3f8c172d7e7befaa5326cf67a)) + * SC2046: Quote this to prevent word splitting ([ec50cec3](https://github.com/dracutdevs/dracut/commit/ec50cec3bd9169410df409e077d0487c63c2a627)) + * improve ca-bundle detection ([e3bb1815](https://github.com/dracutdevs/dracut/commit/e3bb1815bbbff1a7e21b857d2ae32bc0410754d5)) + * make pre-pivot hook separetely per nfs mount ([2f091b17](https://github.com/dracutdevs/dracut/commit/2f091b17075f81ff490b05d3d566d736fc32f0be)) +* **usrmount:** do not empty _dev variable ([4afdcba2](https://github.com/dracutdevs/dracut/commit/4afdcba212793f136aea012b30dd7bdb5b641a5a)) +* **zfcp_rules:** + * correct udev zfcp rules parsing ([59252668](https://github.com/dracutdevs/dracut/commit/5925266832042f9d17a3fb7a219b83118c5b16d6)) + * remove collect based udev rule creators ([d40c49a8](https://github.com/dracutdevs/dracut/commit/d40c49a8dfe203be33af8ace5f0efd07a88856f4)) + +#### Features + +* **Makefile:** cargo wrapper for dracut-cpio build ([51d21c6b](https://github.com/dracutdevs/dracut/commit/51d21c6b37b0eb8566d18d665d0197ca4d68101c)) +* **cpio:** + * add newc archive creation utility ([a9c67046](https://github.com/dracutdevs/dracut/commit/a9c67046431ccf5fd4f4c16c890695df388f0d38)) + * add rust argument parsing library from crosvm ([94fc5026](https://github.com/dracutdevs/dracut/commit/94fc50262f5e6c28d92782dc231fbb6c61855954)) +* **crypt:** + * check if pkcs11 module is needed in hostonly mode ([56f4fb6c](https://github.com/dracutdevs/dracut/commit/56f4fb6cb755327c77c32f8c414a4a0e64fc933c)) + * check if fido2 module is needed in hostonly mode ([d5fd030c](https://github.com/dracutdevs/dracut/commit/d5fd030cc285730e1a1b9e0e78a1e1dc4daabfe0)) + * check if tpm2-tss module is needed in hostonly mode ([5d990a00](https://github.com/dracutdevs/dracut/commit/5d990a004b5ae6863f2c9a633b184c07dd73563d)) +* **dracut.sh:** + * add --aggresive-strip option ([67fc670a](https://github.com/dracutdevs/dracut/commit/67fc670a88ab6c97d22c6718082619c0cf850fc3)) + * add "--enhanced-cpio" option for calling dracut-cpio ([afe4a6db](https://github.com/dracutdevs/dracut/commit/afe4a6dbb7df62982baab8212bba5d90010dfbac)) + * check if target kernel has zstd support compiled in ([591118c5](https://github.com/dracutdevs/dracut/commit/591118c56da2bfcea060e3b7671bc87b23c0e44a)) +* **fido2:** introducing the fido2 module ([049973b7](https://github.com/dracutdevs/dracut/commit/049973b708298ea0ce1ac9c869b404f4c718eff3)) +* **lvm:** + * only run lvchange for LV that is seen on devices ([1af46743](https://github.com/dracutdevs/dracut/commit/1af46743195422aaebcde5c508a5dd479eff51ea)) + * use generated filter when none is set ([7ffc5e38](https://github.com/dracutdevs/dracut/commit/7ffc5e388bcce20785803825bdd260c3c854b34f)) + * update lvm command options ([c0a54f29](https://github.com/dracutdevs/dracut/commit/c0a54f2993b1d3c2101202c274a41f925445d54b)) +* **pcsc:** introducing the pcsc module ([dcaff88a](https://github.com/dracutdevs/dracut/commit/dcaff88ac942042e3db0a2bbfc1c995ec0735f38)) +* **pkcs11:** + * include the module in the spec file ([c5907f82](https://github.com/dracutdevs/dracut/commit/c5907f82d835d72e4dd7c473a86e872fce37d61e)) + * introducing the pkcs11 module ([83ea8cf0](https://github.com/dracutdevs/dracut/commit/83ea8cf001a49356cf7814b3c08bdd1c4b4f2763)) +* **spec:** add systemd-integritysetup module ([fe8df024](https://github.com/dracutdevs/dracut/commit/fe8df0240a24b9d2d60a5b0b998f82b251ede849)) +* **squash:** install umount util ([563f5434](https://github.com/dracutdevs/dracut/commit/563f543424c66bf38e6cbd3f489655d45ad9b5c5)) +* **systemd:** enable support for systemd compiled with ASAN ([d502d2a8](https://github.com/dracutdevs/dracut/commit/d502d2a816ba8f8329b3d8616bd2a7e82a0ad21f)) +* **systemd-integritysetup:** introducing the systemd-integritysetup module ([33cf47a6](https://github.com/dracutdevs/dracut/commit/33cf47a60870cc290bd5b59c9cf87c54ad37051f)) + +#### Contributors + +- Antonio Alvarez Feijoo <antonio.feijoo@suse.com> +- David Disseldorp <ddiss@suse.de> +- Martin Wilck <mwilck@suse.de> +- Jóhann B. Guðmundsson <johannbg@gmail.com> +- Shreenidhi Shedi <sshedi@vmware.com> +- David Teigland <teigland@redhat.com> +- Beniamino Galvani <bgalvani@redhat.com> +- Thomas Blume <thomas.blume@suse.com> +- Kairui Song <kasong@redhat.com> +- Laszlo Gombos <laszlo.gombos@gmail.com> +- Renaud Métrich <rmetrich@redhat.com> +- Dusty Mabe <dusty@dustymabe.com> +- Masahiro Matsuya <mmatsuya@redhat.com> +- Alexander Wenzel <alexander.wenzel@qbeyond.de> +- Andre Russ <andre.russ@sap.com> +- Cornelius Hoffmann <coding@hoffmn.de> +- David Tardon <dtardon@redhat.com> +- Frantisek Sumsal <frantisek@sumsal.cz> +- Harald Hoyer <harald@profian.com> +- José María Fernández <josemariafg@gmail.com> +- Kairui Song <kasong@tencent.com> +- Peter Robinson <pbrobinson@fedoraproject.org> +- Pingfan Liu <piliu@redhat.com> +- Tony Asleson <tasleson@redhat.com> +- Zoltán Böszörményi <zboszor@gmail.com> +- Adrien Thierry <athierry@redhat.com> +- Alexander Tsoy <alexander@tsoy.me> +- Andreas Schwab <schwab@suse.de> +- Andrey Sokolov <keremet@altlinux.org> +- Brandon Sloane <btsloane@verizon.net> +- Charles Rose <charles.rose@dell.com> +- Coiby Xu <coxu@redhat.com> +- Dan Horák <dhorak@redhat.com> +- Dirk Müller <dirk@dmllr.de> +- Glenn Morris <rgm@stanford.edu> +- Hans de Goede <hdegoede@redhat.com> +- Hari Bathini <hbathini@linux.ibm.com> +- Henrik Gombos <henrik99999@gmail.com> +- Jonathan Lebon <jonathan@jlebon.com> +- LinkTed <link.ted@mailbox.org> +- Lubomir Rintel <lkundrak@v3.sk> +- Luca BRUNO <luca.bruno@coreos.com> +- Lukas Nykryn <lnykryn@redhat.com> +- Matthias Berndt <matthias_berndt@gmx.de> +- Mike Gilbert <floppym@gentoo.org> +- Pavel Valena <pvalena@redhat.com> +- Stefan Berger <stefanb@linux.ibm.com> +- Thomas Haller <thaller@redhat.com> +- Tomasz Paweł Gajc <tpgxyz@gmail.com> +- Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> +- joshuacov1 <joshuacov@gmail.com> +- lapseofreason <lapseofreason0@gmail.com> + +dracut-055 +========== + +#### Bug Fixes + +* **base:** + * add missing `str_replace` to `dracut-dev-lib.sh` ([148e420b](https://github.com/dracutdevs/dracut/commit/148e420be5b5809aa8d5033f47477573bbbf3e60)) + * split out `dracut-dev-lib.sh` ([c08bc810](https://github.com/dracutdevs/dracut/commit/c08bc8109d4c43beacfa4bcdc20a356102da6d02)) +* **bash:** minor cleanups ([9355cb8e](https://github.com/dracutdevs/dracut/commit/9355cb8ea5024533210067373657dc337d63ecb9)) +* **dash:** minor cleanups ([f4ea5f87](https://github.com/dracutdevs/dracut/commit/f4ea5f8734c4636f7d6db78da76e9525beb9a0ac)) +* **dracut:** pipe hardlink output to `dinfo` ([0a6007bf](https://github.com/dracutdevs/dracut/commit/0a6007bf4f472565d2c0c205a56edea7ba3e3bc3)) +* **dracut-functions:** get_maj_min without get_maj_min_cache_file set ([a277a5fc](https://github.com/dracutdevs/dracut/commit/a277a5fc7acc0a9e8d853f09671495f9d27645c1)) +* **dracut-util:** print error message with trailing newline ([b9b6f0ee](https://github.com/dracutdevs/dracut/commit/b9b6f0ee5b859a562e46a8c4e0dee0261fabf74d)) +* **fs-lib:** install fsck utilities ([12beeac7](https://github.com/dracutdevs/dracut/commit/12beeac741e4429146a674ef4ea9aa0bac10364b)) +* **install:** + * configure logging earlier ([5eb24aa2](https://github.com/dracutdevs/dracut/commit/5eb24aa21d3ee639f869c2e363b3fb0b98be552b)) + * sane default --kerneldir ([c1ab3613](https://github.com/dracutdevs/dracut/commit/c1ab36139d416e580e768c29f2addf7ccbc2c612), closes [#1505](https://github.com/dracutdevs/dracut/issues/1505)) +* **integrity:** require ALLOW_METADATA_WRITES to come from EVM config file ([b12d91c4](https://github.com/dracutdevs/dracut/commit/b12d91c431220488fecf7b4be82427e3560560cb)) +* **mksh:** minor cleanups ([6c673298](https://github.com/dracutdevs/dracut/commit/6c673298f36990665467564e6114c9ca2530f584)) +* **squash:** don't mount the mount points if already mounted ([636d6df3](https://github.com/dracutdevs/dracut/commit/636d6df3134dde1dac72241937724bc59deb9303)) +* **warpclock:** minor cleanups ([7d205598](https://github.com/dracutdevs/dracut/commit/7d205598c6a500b58b4d328e824d0446276f7ced)) + +#### Features + +* **dracut.sh:** detect running in a container ([7275c6f6](https://github.com/dracutdevs/dracut/commit/7275c6f6a0f6808cd939ea5bdf1244c7bd13ba44)) +* **install:** add default value for --firmwaredirs ([4cb086fa](https://github.com/dracutdevs/dracut/commit/4cb086fa2995799b95c0b25bc9a0cf72ba3868ea)) + +#### Contributors + +- Harald Hoyer <harald@redhat.com> +- Jóhann B. Guðmundsson <johannbg@gmail.com> +- Marcos Mello <marcosfrm@gmail.com> +- Kairui Song <kasong@redhat.com> +- Lars Wendler <polynomial-c@gentoo.org> +- Stefan Berger <stefanb@linux.ibm.com> +- Tomasz Paweł Gajc <tpgxyz@gmail.com> + +dracut-054 +========== + +With this release dracut has undergone a major overhaul. + +A lot of systemd related modules have been added. + +The integration test suite has finally ironed out the flaky behaviour due to the parallel device probing of the kernel, +which bit sometimes in the non-kvm github CI. So, if you see any `/dev/sda` in a setup script with more than two hard drives, +chances are, that the script works on the wrong disk. Same goes for network interfaces. + +This release is also fully `shellcheck`'ed with `ShellCheck-0.7.2` and indented with `shfmt` and `astyle`. + +The dracut project builds test containers every day for: +* `opensuse/tumbleweed-dnf:latest` +* `archlinux:latest` +* `fedora:rawhide` +* `fedora:latest` +* `fedora:33` + +These containers can easily be used to run the integration tests locally without root permissions via `podman`. +We hope this serves as a blueprint for your distribution's CI process. + +More information can be found in [docs/HACKING.md](https://github.com/dracutdevs/dracut/blob/master/HACKING.md). + +#### Bug Fixes + +* make testsuite pass on OpenSuse and Arch ([8b2afb08](https://github.com/dracutdevs/dracut/commit/8b2afb08baea7fc6e15ece94e287dcc4a008bcc4)) +* cope with distributions with `/usr/etc` files ([3ad3b3a4](https://github.com/dracutdevs/dracut/commit/3ad3b3a40d419c4386b2924f6ac25ab0c355d131)) +* deprecate gummiboot ([5c94cf41](https://github.com/dracutdevs/dracut/commit/5c94cf41e8937b6fbb72c96bc54c84fdf224c711)) +* set vimrc and emacs indention according to .editorconfig ([9012f399](https://github.com/dracutdevs/dracut/commit/9012f3996b1e5f0788f8e80dfdd5c9ab0636c355)) +* correctly handle kernel parameters ([501d82f7](https://github.com/dracutdevs/dracut/commit/501d82f79675a6bf9b37e8250152515863a80236)) +* remove dracut.pc on `make clean` ([d643156d](https://github.com/dracutdevs/dracut/commit/d643156d561d3aca816d75e403149db073617292)) +* honor KVERSION environment in the Makefile ([d8a454a5](https://github.com/dracutdevs/dracut/commit/d8a454a537c6de95033dec7d83c622fdc46c2a4f)) +* always use mkdir -p ([9cf7b1c5](https://github.com/dracutdevs/dracut/commit/9cf7b1c529442d5abd6eaec4399d4ee77b95145e)) +* **dracut.sh:** + * prevent symbolic links containing `//` ([de0c0872](https://github.com/dracutdevs/dracut/commit/de0c0872fc858fa9ca952f79ea9f00be17c37a4c)) + * adding missing globalvars for udev ([f35d479d](https://github.com/dracutdevs/dracut/commit/f35d479d2b718da54886a66d3b7af2132215f80a)) + * sysctl global variables ([3ca9aa1d](https://github.com/dracutdevs/dracut/commit/3ca9aa1d7b24b82e01d16613b86ec3be97c8a1bb)) + * add global vars for modules-load ([ec4539c6](https://github.com/dracutdevs/dracut/commit/ec4539c6066edf25e52ed8e2d35c4be7ef39f729)) + * omission is an addition to other omissions in conf files ([96c31333](https://github.com/dracutdevs/dracut/commit/96c313333d1a4f5e2c524a3a11c5b3aab24afc20)) + * harden dracut against GZIP environment variable ([d8e47e20](https://github.com/dracutdevs/dracut/commit/d8e47e201af4646e2a82e11220ea9c993bd2ed48)) + * add a missing tmpfilesconfdir global variable ([8849dd8d](https://github.com/dracutdevs/dracut/commit/8849dd8d1a74a46cb761c4d8041e4582d4686724)) + * include `modules.builtin.alias` in the initramfs ([7f633747](https://github.com/dracutdevs/dracut/commit/7f6337471312486934f9592c1c7c05ed68694454)) + * install all depmod relevant configuration files ([50a01dd4](https://github.com/dracutdevs/dracut/commit/50a01dd4b28471c0dfa810a705e219963bd5ec3c)) + * add `modules.builtin.modinfo` to the initramfs ([87c4c178](https://github.com/dracutdevs/dracut/commit/87c4c17850e8bb982f6c07a6d3f58124bb2875de)) + * search for btrfs devices from actual mount poiont ([3fdc734a](https://github.com/dracutdevs/dracut/commit/3fdc734a5cc8c0b94c1da49439181d540c8a5c43)) +* **dracut-functions.sh:** + * implement a cache for get_maj_min ([c3bb9d18](https://github.com/dracutdevs/dracut/commit/c3bb9d18dceed7db6d16f9c2a7f682c5934099d7)) + * word splitting issue for sed in get_ucode_file ([122657b2](https://github.com/dracutdevs/dracut/commit/122657b2fedf13991597830cca4d4ddbc8038233)) +* **dracut-logger.sh:** double dash trigger unknown logger warnings during run ([4fbccde5](https://github.com/dracutdevs/dracut/commit/4fbccde50456f513d388cdfd858018cd889890dc)) +* **dracut-install:** + * handle $LIB in ldd output parsing ([d1a36d3d](https://github.com/dracutdevs/dracut/commit/d1a36d3d80b0ed71ee814659e18a020c53cee05e)) + * handle builtin modules ([2536a9ea](https://github.com/dracutdevs/dracut/commit/2536a9eaffbc9cc14c85579a2f537d3f3a1d5659)) +* **base:** + * suppress calls to getarg in build phase ([6feaaabc](https://github.com/dracutdevs/dracut/commit/6feaaabc221ffbf79f652cbee3eea58f02449c50)) + * source hooks without exec ([8059bcb2](https://github.com/dracutdevs/dracut/commit/8059bcb2c8df4d60cc2f548d3c53db25d815a7be)) + * wait_for_dev quote shell variables ([b800edd6](https://github.com/dracutdevs/dracut/commit/b800edd69817b5e46d5f240b96d3b3648267ea21)) + * adding crc32c for ext3 ([61f45643](https://github.com/dracutdevs/dracut/commit/61f456435879f084a1bf2c8885eaf37070035abf)) +* **crypt:** + * install all crypto modules in the generic initrd ([10f9e569](https://github.com/dracutdevs/dracut/commit/10f9e569c52654ff54678a626a0f5dd14233716d)) + * include cryptsetups tmpfile ([a4cc1964](https://github.com/dracutdevs/dracut/commit/a4cc196467e45f093fab7876c1c6b40798058920)) +* **crypt-gpg:** + * cope with different scdaemon location ([44fd1c13](https://github.com/dracutdevs/dracut/commit/44fd1c13555f2e12bb566c246948629ada27d14d)) +* **dbus-broker:** + * enable the service ([df1e5f06](https://github.com/dracutdevs/dracut/commit/df1e5f06a5449dcec6749baf742eac6eb1f0aa53)) +* **dbus-daemon:** + * only error out in install() ([ae4fbb3d](https://github.com/dracutdevs/dracut/commit/ae4fbb3db4136e6e03a1c74d05ecc2a73b916401)) +* **dracut-systemd:** + * don't refuse root=tmpfs when systemd is used ([a96900a8](https://github.com/dracutdevs/dracut/commit/a96900a82c3a8ec1ed2c6b2cc8862f912093fa0c)) +* **examples:** remove the examples directory and reference to it ([b37c90c8](https://github.com/dracutdevs/dracut/commit/b37c90c8e00155a1f31237ae6cf91a81677c4df5)) +* **fips:** + * add dh and ecdh ciphers ([543b8014](https://github.com/dracutdevs/dracut/commit/543b8014fc10fc6a92ba83db0dfc994fc1d2129b)) + * remove old udev version requirements ([be30d987](https://github.com/dracutdevs/dracut/commit/be30d98751cff4ace660215305e2468943a45754)) +* **i18n:** + * skip if data is missing ([651fe01e](https://github.com/dracutdevs/dracut/commit/651fe01e7937d86bbd471d9621581bed44f23dfa)) +* **img-lib:** + * ignored null byte in input ([85eb9680](https://github.com/dracutdevs/dracut/commit/85eb96802cb82ec179bd3bc429b0dad2518946c5)) +* **integrity:** + * properly set up EVM when using an x509 cert ([4bdd7eb2](https://github.com/dracutdevs/dracut/commit/4bdd7eb23a8187c3f19797e47eee8c672cea33ae)) +* **iscsi:** + * replace sed call with bash internals ([66b920c6](https://github.com/dracutdevs/dracut/commit/66b920c65143f4cac80385a51704ae9483305569)) + * add iscsid.service requirements ([bb6770f1](https://github.com/dracutdevs/dracut/commit/bb6770f1a413bdc7fd570b260ee28ace1255a195)) + * only rely on socket activiation ([0eb87d78](https://github.com/dracutdevs/dracut/commit/0eb87d78108aae9aa4692f1edfb33ded50e26409)) +* **kernel-modules:** + * optionally add /usr/lib/modules.d to initramfs ([92e6a8f8](https://github.com/dracutdevs/dracut/commit/92e6a8f87914322994387e559cf2a00b1760b301)) + * add watchdog drivers for generic initrd ([3a60c036](https://github.com/dracutdevs/dracut/commit/3a60c036db7caccda95475d33c8d4ce1f615d2c8)) +* **mdraid:** + * remove dependency statements ([86b75634](https://github.com/dracutdevs/dracut/commit/86b756346a6b7c5cb5f6fda4d12e2a58b6144e40)) +* **memstrack:** + * correct dependencies ([c2ecc4d1](https://github.com/dracutdevs/dracut/commit/c2ecc4d131876383b47820a2e8d1a6f8a11716d9)) +* **multipath:** + * stop multipath before udev db cleanup ([3c244c7c](https://github.com/dracutdevs/dracut/commit/3c244c7ca3555b526883dc20104c469b39085cbe)) + * revise multipathd-stop ([7b8c78ff](https://github.com/dracutdevs/dracut/commit/7b8c78ff43a1f8e3690969e980d3d9d1dcb00c87)) +* **nbd:** + * assume nbd version >= 3.8 ([6209edeb](https://github.com/dracutdevs/dracut/commit/6209edeb5c7783d94867829bf052aa53c78a1efe)) + * remove old udev version requirements ([fd15dbad](https://github.com/dracutdevs/dracut/commit/fd15dbad6ebad86a3753a03f98706010f3e36cf7)) + * make nbd work again with systemd ([77906443](https://github.com/dracutdevs/dracut/commit/7790644362622097aa69107920fd26b688c855d3)) +* **network:** + * use wicked unit instead of find_binary ([57eefcf7](https://github.com/dracutdevs/dracut/commit/57eefcf70587f06b8874a3b3cf31e9ab70c03227)) + * user variable for sdnetworkd instead of path ([4982e16d](https://github.com/dracutdevs/dracut/commit/4982e16dd53dcbbcfbd3a6b59013a0d6f893f840)) + * correct regression in iface_has_carrier ([36af0518](https://github.com/dracutdevs/dracut/commit/36af0518b3fe59442de206c24bbe03be6fc17095)) +* **network-legacy:** + * add missing options to dhclient.conf ([abfd547a](https://github.com/dracutdevs/dracut/commit/abfd547a85230a4520df65280aaf195f319df464)) + * silence getargs ([60a34d8b](https://github.com/dracutdevs/dracut/commit/60a34d8b11dd50b2cd4e0e2208bd7c5e0fc48b71)) +* **network-manager:** + * cope with distributions not using `libexec` ([22d6863e](https://github.com/dracutdevs/dracut/commit/22d6863ef1b2eb2a22264f2bfdb2b9329ab5dfdb)) + * set timeout via command line option ([8a51ee1f](https://github.com/dracutdevs/dracut/commit/8a51ee1fa61bd3da342be53e35730837afd2caad)) + * run after dracut-cmdline ([4d03404f](https://github.com/dracutdevs/dracut/commit/4d03404f499064b354a58223895cc47dbb461da5)) + * create /run directories ([49b61496](https://github.com/dracutdevs/dracut/commit/49b614961dc8684f8512febbf80da489909e4b7f)) + * use /run/NetworkManager/initrd/neednet in initqueue ([6a37c6f6](https://github.com/dracutdevs/dracut/commit/6a37c6f6302f950df608db3fd45acf9342ee3de2)) + * only run NetworkManager if rd.neednet=1 ([ac0e8f7d](https://github.com/dracutdevs/dracut/commit/ac0e8f7dcc81432311906c3fca0d4211f6a2f68c)) + * nm-run.service: don't kill forked processes ([1f21fac6](https://github.com/dracutdevs/dracut/commit/1f21fac646daa46cbe184ef8ff7705842f06ba15)) + * no default deps for nm-run.service ([ba4bcf5f](https://github.com/dracutdevs/dracut/commit/ba4bcf5f4f11ad624c647ddf4f566997186135e7)) + * nm-lib.sh does not require bash ([3402142e](https://github.com/dracutdevs/dracut/commit/3402142e344298c8f20fc52a2b064344788f1668)) +* **squash:** + * post install should be the last step before stripping ([8c8aecdc](https://github.com/dracutdevs/dracut/commit/8c8aecdc63c9389038e78ee712d4809e49add5e1)) +* **systemd:** + * include all nss libraries ([b3bbf5fb](https://github.com/dracutdevs/dracut/commit/b3bbf5fb6a95cfb69272da0711b5c5e0c6621de9)) + * include hosts and nsswitch.conf in hostonly mode ([5912f4fb](https://github.com/dracutdevs/dracut/commit/5912f4fbc036cc36b9507c16dddef1ded1556572)) + * remove old systemd version requirements ([fc53987b](https://github.com/dracutdevs/dracut/commit/fc53987bec1bc71b054d99072f62c1770a44bcca)) +* **systemd-hostnamed:** extra quote ([2aa65234](https://github.com/dracutdevs/dracut/commit/2aa652349ca83198581cccb516a241a8d0e1b4d9)) +* **systemd-modules:** remove dependency on systemd meta module ([afef4557](https://github.com/dracutdevs/dracut/commit/afef455718db69cff3797ca1a6d8bfebd2e86ab3)) +* **systemd-modules-load:** + * misc repairs ([782ac8f1](https://github.com/dracutdevs/dracut/commit/782ac8f1f6b68edfe59630e9e4ac1673636f3a5e)) +* **systemd-networkd:** + * make systemd-networkd a proper network provider ([ea779750](https://github.com/dracutdevs/dracut/commit/ea779750c371102c04252b48f1b7d9c7ece7cf93), closes [#737](https://github.com/dracutdevs/dracut/issues/737)) +* **systemd-resolved:** remove nss libraries ([12bef83c](https://github.com/dracutdevs/dracut/commit/12bef83cdaf329e3ee2cc1f282bd9c128ec0fc56)) +* **systemd-sysctl:** + * sysctl global variables ([02acedd0](https://github.com/dracutdevs/dracut/commit/02acedd09eb7222eaaf0f5256f3ddec26d658360)) +* **systemd-sysusers:** + * misc fixes and cleanup ([7359ba8a](https://github.com/dracutdevs/dracut/commit/7359ba8acab2652cfff6b845f84a936cdec30f9d)) +* **systemd-udev:** use global vars instead of fixed path ([fd883a58](https://github.com/dracutdevs/dracut/commit/fd883a58d1360f0c6c32f64462fafdd7a54af1ee)) +* **systemd-udevd:** add udev id program files ([562cb77b](https://github.com/dracutdevs/dracut/commit/562cb77b5a28e3f31bc6d327c7712fba661e9a27)) +* **systemd-verity:** + * incorrect reference to cryptsetup target ([ba92d1fc](https://github.com/dracutdevs/dracut/commit/ba92d1fcad68758004d7b1102fe1905c0f25e63e)) + * re-naming module to veritysetup ([0267f3c3](https://github.com/dracutdevs/dracut/commit/0267f3c3554efd8f027afaf462347167402f5d6c)) +* **tpm2-tss:** add tpm2 requirement ([8f99fada](https://github.com/dracutdevs/dracut/commit/8f99fadabea8f279a9fe28473dba424eb38f8d60)) +* **udev-rules:** + * remove sourcing of network link files ([69f4e7cd](https://github.com/dracutdevs/dracut/commit/69f4e7cdc3f7da24e40496b0b2f0f5022cc3376d)) + * add btrfs udev rules by default ([567c4557](https://github.com/dracutdevs/dracut/commit/567c4557537fe7f477f0f54237df00ebc79e56be)) +* **url-lib:** + * fix passing args ([5f6be515](https://github.com/dracutdevs/dracut/commit/5f6be51595eab878314d031d9bfebe844b639302)) +* **zipl:** + * don't depend on grub2 ([6b499ec1](https://github.com/dracutdevs/dracut/commit/6b499ec14b3ff35d5298617b436b64563a2d8c2f)) + +#### Performance + +* disable initrd compression when squash module is enabled ([7c0bc0b2](https://github.com/dracutdevs/dracut/commit/7c0bc0b2fd167da42035020dae49af94844f053c)) + +#### Features + +* support ZSTD-compressed kernel modules ([ce9af251](https://github.com/dracutdevs/dracut/commit/ce9af251af5fca08ea206ef980005853a4dac36e)) +* also restore the initramfs from /lib/modules ([33e27fab](https://github.com/dracutdevs/dracut/commit/33e27fab59db60b1ca05a0c5b8a51fccb98578e5)) +* extend Makefile indent target ([e0a0fa61](https://github.com/dracutdevs/dracut/commit/e0a0fa61749152fd5bc837770a02cf22d7e02d40)) +* customize .editorconfig according to shfmt ([1f621aba](https://github.com/dracutdevs/dracut/commit/1f621aba3728a621b83b3b697eae6caadae9d287)) +* squash module follow --compress option ([5d05ffbd](https://github.com/dracutdevs/dracut/commit/5d05ffbd87bc27e27f517ebc3454d50729c687e6)) +* **bluetooth:** implement bluetooth support in initrd ([64ee2a53](https://github.com/dracutdevs/dracut/commit/64ee2a53864576fbedabe6b18fb9aae01b999199)) +* **btrfs:** add 64-btrfs-dm.rules rules ([d4caa86a](https://github.com/dracutdevs/dracut/commit/d4caa86aba35b51dc1adda3ee3a5bae677420082)) +* **mkinitrd:** remove mkinitrd ([43df4ee2](https://github.com/dracutdevs/dracut/commit/43df4ee274e7135aff87868bf3bf2fbab47aa8b4)) +* **nbd:** support ipv6 link local nbds ([b12f8188](https://github.com/dracutdevs/dracut/commit/b12f8188a4ffac312694ebd48a5c99ba885e6467)) +* **network-manager:** run as daemon with D-Bus ([112f03f9](https://github.com/dracutdevs/dracut/commit/112f03f9e225a790cbc6378c70773c6af5e7ee34)) +* **qemu:** include the virtio_mem kernel module ([f3dcb606](https://github.com/dracutdevs/dracut/commit/f3dcb60619671f2d353caaa42d38207172c8b3ba)) +* **skipcpio:** speed up and harden skipcpio ([63033495](https://github.com/dracutdevs/dracut/commit/630334950c9a7a714fdf31b6ff545d804b5df2f2)) +* **squash:** + * use busybox for early setup if available ([90f269f6](https://github.com/dracutdevs/dracut/commit/90f269f6afe409925bad86f0bd7e9322ad9b4fb0)) + * install and depmod modules seperately ([5a18b24a](https://github.com/dracutdevs/dracut/commit/5a18b24a8b9c20c98f711963ce5407ceb2f3d57b)) +* **systemd-ac-power:** introducing the systemd-ac-power module ([e7407230](https://github.com/dracutdevs/dracut/commit/e74072306958262f22a9ecf10b928647ebdacf8f)) +* **systemd-hostnamed:** introducing the systemd-hostnamed module ([bf273e3e](https://github.com/dracutdevs/dracut/commit/bf273e3e8632faff68fe19f9d7d7cc42e5a7c480)) +* **systemd-initrd:** add initrd-usr-fs.target ([5eb73610](https://github.com/dracutdevs/dracut/commit/5eb736103d06197f37283bc27815c050adec81ea)) +* **systemd-journald:** introducing the systemd-journald module ([3697891b](https://github.com/dracutdevs/dracut/commit/3697891b754493ecd6b19dbf279701bad3460fcd)) +* **systemd-ldconfig:** introducing the systemd-ldconfig module ([563c434e](https://github.com/dracutdevs/dracut/commit/563c434ecba68c628344c1a684f656cdd8f9f214)) +* **systemd-network-management:** introducing systemd-network-management module ([e942d86c](https://github.com/dracutdevs/dracut/commit/e942d86c9ddad19f9307d58cb2d99169f6e94edb)) +* **systemd-resolved:** introducing the systemd-resolved module ([b7d3caef](https://github.com/dracutdevs/dracut/commit/b7d3caef6780305c553851169ca30b0b05b6ff31)) +* **systemd-rfkill:** introducing the systemd-rfkill module ([21536544](https://github.com/dracutdevs/dracut/commit/215365441e1042793d62c4c9e146be5916ed5aeb)) +* **systemd-sysext:** introducing the systemd-sysext module ([fc88af54](https://github.com/dracutdevs/dracut/commit/fc88af54134ec021be58465b52d1271453c30c55)) +* **systemd-timedated:** introducing the systemd-timedated module ([1c41cc90](https://github.com/dracutdevs/dracut/commit/1c41cc90c52636e03abdf6d0c4fa0f557b7eb449)) +* **systemd-timesyncd:** introducing the systemd-timesyncd module ([2257d545](https://github.com/dracutdevs/dracut/commit/2257d54583d24ca69d10b5e600b986d412a21714)) +* **systemd-tmpfiles:** introducing the systemd-tmpfiles module ([2b61be32](https://github.com/dracutdevs/dracut/commit/2b61be32b890e70b1fce45d984327c27302da9bc)) +* **systemd-udevd:** introducing the systemd-udevd module ([3534789c](https://github.com/dracutdevs/dracut/commit/3534789cc42331bc22cf44d26a1d04db4e010ad9)) +* **systemd-verity:** introducing the systemd-verity module ([3d4dea58](https://github.com/dracutdevs/dracut/commit/3d4dea58f9821e58841d5c738b9935193c680181)) +* **tpm2-tss:** introducing the tpm2-tss module ([8743b073](https://github.com/dracutdevs/dracut/commit/8743b0735692ab3f333815ba311cecdc29d45ecd)) + +#### Contributors + +- Harald Hoyer <harald@redhat.com> +- Jóhann B. Guðmundsson <johannbg@gmail.com> +- Kairui Song <kasong@redhat.com> +- Dusty Mabe <dusty@dustymabe.com> +- Beniamino Galvani <bgalvani@redhat.com> +- Mikhail Novosyolov <m.novosyolov@rosalinux.ru> +- Renaud Métrich <rmetrich@redhat.com> +- Adam Alves <adamoa@gmail.com> +- Daniel Molkentin <daniel.molkentin@suse.com> +- David Hildenbrand <david@redhat.com> +- David Tardon <dtardon@redhat.com> +- Jaroslav Jindrak <dzejrou@gmail.com> +- Jonas Jelten <jj@sft.lol> +- Lennart Poettering <lennart@poettering.net> +- Lev Veyde <lveyde@redhat.com> +- Peter Robinson <pbrobinson@fedoraproject.org> +- Stefan Berger <stefanb@linux.ibm.com> +- Đoàn Trần Công Danh <congdanhqx@gmail.com> + +dracut-053 +========== + +#### Bug Fixes + +* **dracut.sh:** + * unfreeze /boot on exit ([d87ae137](https://github.com/dracutdevs/dracut/commit/d87ae13721d04a8a2192d896af224ac6965caf70)) + * proper return code for inst_multiple in dracut-init.sh ([d437970c](https://github.com/dracutdevs/dracut/commit/d437970c013e3287de263a1e60a117b15239896c)) +* **fcoe:** + * rename rd.nofcoe to rd.fcoe ([6f7823bc](https://github.com/dracutdevs/dracut/commit/6f7823bce65dd4b52497dbb94892b637fd06471a)) + * rd.nofcoe=0 should disable fcoe ([805b46c2](https://github.com/dracutdevs/dracut/commit/805b46c2a81e04d69fc3af912942568516d05ee7)) +* **i18n:** + * get rid of `eval` calls ([5387ed24](https://github.com/dracutdevs/dracut/commit/5387ed24c8b33da1214232d57ab1831e117aaba0)) + * create the keyboard symlinks again ([9e1c7f3d](https://github.com/dracutdevs/dracut/commit/9e1c7f3deadd387adaa97b189593b4ba3d7c6d5a)) +* **network-manager:** + * run as a service if systemd module is present ([c17c5b76](https://github.com/dracutdevs/dracut/commit/c17c5b7604c8d61dd1c00ee22d44c3a5d7d6dfee)) + * rework how NM is started in debug mode ([34c73b33](https://github.com/dracutdevs/dracut/commit/34c73b339baa025dfd8916379c4d191be34a8af5)) +* **drm:** skip empty modalias files in drm module setup ([c3f24184](https://github.com/dracutdevs/dracut/commit/c3f241849de6434d063ef92e6880f6b0335c1800)) + + +dracut-052 +========== + +#### Features + +- **dracut:** + - allow overriding the systemctl command for sysroot with `$SYSTEMCTL` for cross compilation + - add additional global variables + + Variables like `dbusconfdir` or `systemdnetwork` are now exported + to the individual modules as global variables. If they are not set + in the distribution dracut config files, they are set via `pkg-config` + + - A `--no-uefi` option as been added to the CLI options to disable a default `uefi=yes` + set by a configuration file. + +- **kernel-modules:** add modules from `drivers/memory` for arm +- **network-legacy:** send dhcp in parallel on all devices via the `single-dhcp` option +- **dbus:** introduce a meta module for dbus +- **dbus-broker:** introduce the dbus-broker module +- **dbus-daemon:** introduce the dbus-daemon module +- **systemd-ask-password:** introduce the systemd-ask-password module +- **systemd-coredump:** introduce the systemd-coredump module +- **systemd-modules-load:** introduce the systemd-modules-load module +- **systemd-repart:** introduce the systemd-repart module +- **systemd-sysctl:** introduce the systemd-sysctl module +- **systemd-sysusers:** introduce the systemd-sysuser module + +#### Bug Fixes + +- first round of shellcheck for all shell scripts +- revise all module checks to not error out about missing dependencies +- use the top-level `/efi` path to address the EFI partition +- correct the squash quirk +- use `find_binary` instead of other methods, because `find_binary` honors `dracutsysrootdir` +- quote globbing in module-setup.sh for `inst_multiple` +- move ldconfig after library workaround +- do not set cmdline for uefi images unless asked +- **dracut:** don't override `PATH`, if `dracutsysrootdir` is set +- **dracut-functions.sh:** check kernel config from `dracutsysrootdir` +- **dracut-init.sh:** make inst_libdir_file work with `dracutsysrootdir` set +- **dracut-install:** allow globbing for multiple sources +- **06dbus:** + - do not hardcode path to dbus utils + - do not hardcode path to systemd unit +- **uefi** use efivars fs over the deprecated sysfs entries +- **keyring** adding shared keyring mode to systemd unit `dracut-pre-pivot.service` +- **35network-manager:** avoid restarting NetworkManager +- **90kernel-modules:** install generic crypto modules with hostonly unset +- **99squash:** use kernel config instead of modprobe to check modules +- **dbus-daemon:** use uid/gid from sysroot if `dracutsysrootdir` is set +- **kernel-modules:** add reset controllers for arm +- **kernel-network-modules:** also install modules from mdio subdirectory +- **mdraid:** + - remove the `offroot` option (long deprecated) + - add the grow continue service `mdadm-grow-continue` +- **network-legacy:** silent the check for dhcp leaseinfo +- **network-manager:** allow override network manager version +- **plymouth:** install binaries with dependencies +- **shutdown:** add timeout to umount calls +- **watchdog:** fix dependencies in `module-setup.sh` + +#### Contributors + +- Harald Hoyer <harald@redhat.com> +- Jóhann B. Guðmundsson <johannbg@gmail.com> +- Zoltán Böszörményi <zboszor@pr.hu> +- Alexey Shabalin <shaba@altlinux.org> +- Daniel Molkentin <daniel.molkentin@suse.com> +- Luiz Angelo Daros de Luca <luizluca@gmail.com> +- Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +- Alexander Tsoy <alexander@tsoy.me> +- Anjali Kulkarni <anjali.k.kulkarni@oracle.com> +- Beniamino Galvani <bgalvani@redhat.com> +- David Tardon <dtardon@redhat.com> +- Javier Martinez Canillas <javierm@redhat.com> +- Kairui Song <kasong@redhat.com> +- Lukas Nykryn <lnykryn@redhat.com> +- Matthew Thode <mthode@mthode.org> +- Nicolas Chauvet <kwizart@gmail.com> +- Nicolas Saenz Julienne <nsaenzjulienne@suse.de> +- Ondrej Mosnacek <omosnace@redhat.com> +- Peter Levine <plevine457@gmail.com> +- Petr Pavlu <petr.pavlu@suse.com> +- Vladius25 <vkorol2509@icloud.com> +- Yang Liu <50459973+ly4096x@users.noreply.github.com> +- foopub <45460217+foopub@users.noreply.github.com> +- realtime-neil <neil@rtr.ai> + + +dracut-051 +========== + +dracut: +- allow running on a cross-compiled rootfs + + dracutsysrootdir is the root directory, file existence checks use it. + + DRACUT_LDCONFIG can override ldconfig with a different one that works + on the sysroot with foreign binaries. + + DRACUT_LDD can override ldd with a different one that works + with foreign binaries. + + DRACUT_TESTBIN can override /bin/sh. A cross-compiled sysroot + may use symlinks that are valid only when running on the target + so a real file must be provided that exist in the sysroot. + + DRACUT_INSTALL now supports debugging dracut-install in itself + when run by dracut but without debugging the dracut scripts. + E.g. DRACUT_INSTALL="valgrind dracut-install or + DRACUT_INSTALL="dracut-install --debug". + + DRACUT_COMPRESS_BZIP2, DRACUT_COMPRESS_LBZIP2, DRACUT_COMPRESS_LZMA, + DRACUT_COMPRESS_XZ, DRACUT_COMPRESS_GZIP, DRACUT_COMPRESS_PIGZ, + DRACUT_COMPRESS_LZOP, DRACUT_COMPRESS_ZSTD, DRACUT_COMPRESS_LZ4, + DRACUT_COMPRESS_CAT: All of the compression utilities may be + overridden, to support the native binaries in non-standard places. + + DRACUT_ARCH overrides "uname -m". + + SYSTEMD_VERSION overrides "systemd --version". + + The dracut-install utility was overhauled to support sysroot via + a new option -r and fixes for clang-analyze. It supports + cross-compiler-ldd from + https://gist.github.com/jerome-pouiller/c403786c1394f53f44a3b61214489e6f + + DRACUT_INSTALL_PATH was introduced so dracut-install can work with + a different PATH. In a cross-compiled environment (e.g. Yocto), PATH + points to natively built binaries that are not in the host's /bin, + /usr/bin, etc. dracut-install still needs plain /bin and /usr/bin + that are relative to the cross-compiled sysroot. + + DRACUT_INSTALL_LOG_TARGET and DRACUT_INSTALL_LOG_LEVEL were + introduced so dracut-install can use different settings from + DRACUT_LOG_TARGET and DRACUT_LOG_LEVEL. + +- don't call fsfreeze on subvol of root file system +- Use TMPDIR (typically /run/user/$UID) if available +- dracut.sh: add check for invalid configuration files + Emit a warning about possible misconfigured configuration files, where + the spaces around values are missing for +="" +- dracut-functions: fix find_binary() to return full path +- dracut.sh: FIPS workaround for openssl-libs on Fedora/RHEL +- dracut.sh: fix early microcode detection logic +- dracut.sh: fix ia32 detection for uefi executables +- dracut.sh: Add --version +- dracut.sh: Add --hostonly-nics option +- EFI Mode: only write kernel cmdline to UEFI binary +- Allow $DRACUT_INSTALL to be not an absolute path +- Don't print when a module is explicitly omitted (by default) +- Remove uses of bash (and bash specific syntax) in runtime scripts +- dracut-init.sh: Add a helper for detect device kernel modules +- dracut-functions.sh: Fix check_block_and_slaves_all +- dracut-functions.sh: add a helper to check if kernel module is available + +Documentation +- dracut.cmdline.7.asc: clarify usage of `rd.lvm.vg` and `rd.lvm.lv` +- dracut.conf.5.asc: document how to config --no-compress in the config +- fix CI badges in README.md and fix dracut description +- dracut.modules.7.asc: fix typos +- dracut.modules.7.asc: fix reference to insmodpost module +- Add --version to man page +- Adding code of conduct +- Document initqueue/online hook + + +dracut-install: +- install: also install post weak dependencies of kernel modules +- install: Globbing support for resolving "firmware:" + +mkinitrd: +- use vmlinux regex for ppc*, vmlinuz for i686 + +mkinitrd-suse: +- fix i586 platform detection + +modules: + +00systemd: +- skip dependency add for non-existent units +- add missing cryptsetup-related targets + +05busybox: +- simplify listing of supported utilities + +06rngd: +- install dependant libs too +- Do not start inside container + +10i18n: +- i18n: Always install /etc/vconsole.conf + +35network-legacy: +- dhclient-script: Fix typo in output of BOUND & BOUND6 cases +- simplify fallback dhcp setup + +35network-manager: +- ensure that nm-run.sh is executed when needed +- install libnss DNS and mDNS plugins +- always pull in machinery to read ifcfg files +- set kernel hostname from the command line +- move connection generation to a lib file + +40network: +- fix glob matching ipv6 addresses +- net-lib.sh: support infiniband network mac addresses + +45url-lib: +- drop NSS if it's not in curl --version + +80cms: +- regenerate NetworkManager connections + +90btrfs: +- force preload btrfs module +- Install crypto modules in 90kernel-modules + +90crypt: +- cryptroot-ask: no warn if /run/cryptsetup exist +- install crypto modules in 90kernel-modules +- try to catch kernel config changes +- fix force on multiple lines +- pull in remote-cryptsetup.target enablement +- cryptroot-ask: unify /etc/crypttab and rd.luks.key + +90dmsquash-live: +- iso-scan.sh: Provide an easy reference to iso-scan device + +90kernel-modules: +- remove nfit from static module list (see nvdimm module) +- install crypto modules in 90kernel-modules +- add sg kernel module +- add pci_hyperv +- install block drivers more strictly +- install less modules for hostonly mode +- arm: add drivers/hwmon for arm/arm64 + +90kernel-network-modules +- on't install iscsi related module (use 95iscsi) + +90lvm: +- remove unnecessary ${initdir} from lvm_scan.sh +- fix removal of pvscan from udev rules +- do not add newline to cmdline + +90multipath: +- add automatic configuration for multipath + (adds 'rd.multipath=default' to use the default config) +- install kpartx's 11-dm-parts.rules + +90nvdimm: +- new module for NVDIMM support + +90ppcmac: +- respect DRACUT_ARCH, don't exclude ppcle + +90qemu-net: +- in hostonly mode, only install if network is needed +- install less module for strict hostonly mode + +91zipl: +- parse-zipl.sh: honor SYSTEMD_READY + +95cifs: +- pass rootflags to mount +- install new softdeps (sha512, gcm, ccm, aead2) + +95dasd: +- only install /etc/dasd.conf if present + +95dcssblk: +- fix script permissions + +95fcoe: +- fix pre-trigger stage by replacing exit with return in lldpad.sh +- default rd.nofcoe to false +- don't install if there is no FCoE hostonly devices + +95iscsi: +- fix missing space when compiling cmdline args +- fix ipv6 target discovery + +95nfs: +- only install rpc services for NFS < 4 when hostonly is strict +- Change the order of NFS servers during the boot + (next-server option has higher priority than DHCP-server itself) +- install less module if hostonly mode is strict + +95nvmf: +- add module for NVMe-oF +- add NVMe over TCP support + +95resume: +- do not resume on iSCSI, FCoE or NBD + +95rootfs-block: +- mount-root.sh: fix writing fstab file with missing fsck flag +- only write root argument for block device + +95zfcp: +- match simplified rd.zfcp format too + +95zfcp_rules: +- parse-zfcp.sh: remove rule existence check + +95znet: +- add a rd.znet_ifname= option + +98dracut-systemd: +- remove memtrace-ko and rd.memdebug=4 support in dracut +- remove cleanup_trace_mem calls +- dracut-initqueue: Print more useful info in case of timeout +- as of v246 of systemd "syslog" and "syslog-console" switches have been deprecated +- don't wait for root device if remote cryptsetup active + +99base: +- dracut-lib.sh: quote variables in parameter expansion patterns +- remove memtrace-ko and rd.memdebug=4 support in dracut +- remove cleanup_trace_mem calls +- see new module 99memstrack +- prevent creating unexpected files on the host when running dracut + +99memstrack: +- memstrack is a new tool to track the overall memory usage and + allocation, which can help off load the improve the builtin module + memory tracing function in dracut. + +99squash: +- don't hardcode the squash sub directories +- improve pre-requirements check +- check require module earlier, and properly + +new modules: +- nvmf +- watchdog-modules +- dbus +- network-wicked + +removed modules: +- stratis + +test suite: +- use dd from /dev/zero, instead of creating files with a hole +- TEST-03-USR-MOUNT/test.sh: increase loglevel +- TEST-12-RAID-DEG/create-root.sh: more udevadm settle +- TEST-35-ISCSI-MULTI: bump disk space +- TEST-41-NBD-NM/Makefile: should be based on TEST-40-NBD not TEST-20-NFS +- TEST-99: exclude /etc/dnf/* from check + +dracut-050 +========== + +dracut: +- support for running on a cross-compiled rootfs, see README.cross +- add support for creating secureboot signed UEFI images +- use microcode found in packed cpio images +- `-k/--kmodir` must now contain "lib/modules/$KERNEL_VERSION" + use DRACUT_KMODDIR_OVERRIDE=1 to ignore this check +- support the EFI Stub loader's splash image feature. + `--uefi-splash-image <FILE>` + +dracut modules: +- remove bashism in various boot scripts +- emergency mode: use sulogin + +fcoe: +- add rd.nofcoe option to disable the FCoE module from the command line + +10i18n: +- fix keymaps not getting included sometimes +- use eurlatgr as default console font + +iscsi: +- add option `rd.iscsi.testroute` + +multipath: +- fix udev rules detection of multipath devices + +network: +- support NetworkManager + +network-legacy: +- fix classless static route parsing +- ifup: fix typo when calling dhclient --timeout +- ifup: nuke pid and lease files if dhclient failed +- fix ip=dhcp,dhcp6 +- use $name instead of $env{INTERFACE} (systemd-udevd regression) + +shutdown: +- fix for non-systemd reboot/halt/shutdown commands +- set selinux labels +- fix shutdown with console=null + +lsinitrd: +- list squash content as well +- handle UEFI created with dracut --uefi +- make lsinitrd usable for images made with Debian mkinitramfs + +dracut-install: +- fixed ldd parsing +- install kernel module dependencies of dependencies +- fixed segfault for hashing NULL pointers +- add support for compressed firmware files +- dracut_mkdir(): create parent directories as needed. + +configure: +- Find FTS library with --as-needed + +test suite: +- lots of cleanups +- add github actions + +new modules: +- rngd +- network-manager +- ppcmac - thermal/fan control modules on PowerPC based Macs + +dracut-049 +========== +lsinitrd: +- record loaded kernel modules when hostonly mode is enabled + lsinitrd $image -f */lib/dracut/loaded-kernel-modules.txt +- allow to only unpack certain files + +kernel-modules: +- add gpio and pinctrl drivers for arm*/aarch64 +- add nfit + +kernel-network-modules: +- add vlan kernel modules + +ifcfg/write-ifcfg.sh: +- aggregate resolv.conf + +livenet: +- Enable OverlayFS overlay in sysroot.mount generator. + +dmsquash-live: +- Support a flattened squashfs.img +- Remove obsolete osmin.img processing + +dracut-systemd: +- Start systemd-vconsole-setup before dracut-cmdline-ask + +iscsi: +- do not install all of /etc/iscsi unless hostonly +- start iscsid even w/o systemd + +multipath: +- fixed shutdown + +network: +- configure NetworkManager to use dhclient + +mdraid: +- fixed uuid handling ":" versus "-" + +stratis: +- Add additional binaries + +new modules: +- 00warpclock +- 99squash + Adds support for building a squashed initramfs +- 35network-legacy + the old 40network +- 35network-manager + alternative to 35network-legacy +- 90kernel-modules-extra + adds out-of-tree kernel modules + +testsuite: +- now runs on travis +- support new qemu device options +- even runs without kvm now + +dracut-048 +========== + +dracut.sh: +- fixed finding of btrfs devices +- harden dracut against BASH_ENV environment variable +- no more prelinking +- scan and install "external" kernel modules +- fixed instmods with zero input +- rdsosreport: best effort to strip out passwords +- introduce tri-state hostonly mode + + Add a new option --hostonly-mode which accept an <mode> parameter, so we have a tri-state hostonly mode: + + * generic: by passing "--no-hostonly" or not passing anything. + "--hostonly-mode" has no effect in such case. + * sloppy: by passing "--hostonly --hostonly-mode sloppy". This + is also the default mode when only "--hostonly" is given. + * strict: by passing "--hostonly --hostonly-mode strict". + + Sloppy mode is the original hostonly mode, the new introduced strict + mode will allow modules to ignore more drivers or do some extra job to + save memory and disk space, while making the image less portable. + + Also introduced a helper function "optional_hostonly" to make it + easier for modules to leverage new hostonly mode. + + To force install modules only in sloppy hostonly mode, use the form: + + hostonly="$(optional_hostonly)" instmods <modules> + +dracut-install: +- don't error out, if no modules were installed +- support modules.softdep + +lsinitrd.sh: +- fixed zstd file signature + +kernel: +- include all pci/host modules +- add mmc/core for arm +- Include Intel Volume Management Device support + +plymouth: +- fix detection of plymouth directory + +drm: +- make failing installation of drm modules nonfatal +- include virtio DRM drivers in hostonly initramfs + +stratis: +- initial Stratis support + +crypt: +- correct s390 arch to include arch-specific crypto modules +- add cmdline rd.luks.partuuid +- add timeout option rd.luks.timeout + +shutdown: +- sleep a little, if a process was killed + +network: +- introduce ip=either6 option + +iscsi: +- replace iscsistart with iscsid + +qeth_rules: +- new module to copy qeth rules + +multipath-hostonly: +- merged back into multipath + +mdraid: +- fixed case if rd.md.uuid is in ID_FS_UUID format + +dracut-047 +========== +dracut.sh: +- sync initramfs to filesystem with fsfreeze +- introduce "--no-hostonly-default-device" +- disable lsinitrd logging when quiet +- add support for Zstandard compression +- fixed relative paths in --kerneldir +- if /boot/vmlinuz-$version exists use /boot/ as default output dir +- make qemu and qemu-net a default module in non-hostonly mode +- fixed relative symlinks +- support microcode updates for all AMD CPU families +- install all modules-load.d regardless of hostonly +- fixed parsing of "-i" and "--include" +- bump kmod version to >= 23 +- enable 'early_microcode' by default +- fixed check_block_and_slaves() for nvme + +lsinitrd.sh: +- dismiss "cat" error messages + +systemd-bootchart: +- removed + +i18n: +- install all keymaps for a given locale +- add correct fontmaps + +dmsquash-live: +- fixed systemd unit escape + +systemd: +- enable core dumps with systemd from initrd +- fixed setting of timeouts for device units +- emergency.service: use Type=idle and fixed task limit + +multipath: +- include files from /etc/multipath/conf.d +- do not fail startup on missing configuration +- start daemon after udev settle +- add shutdown script +- parse kernel commandline option 'multipath=off' +- start before local-fs-pre.target + +dracut-emergency: +- optionally print filesystem help + +network: +- fixed MTU for bond master +- fixed race condition when wait for networks + +fcoe: +- handle CNAs with DCB firmware support +- allow to specify the FCoE mode via the fcoe= parameter +- always set AUTO_VLAN for fcoemon +- add shutdown script +- fixup fcoe-genrules.sh for VN2VN mode +- switch back to using fipvlan for bnx2fc +- add timeout mechanism + +crypt: +- add basic LUKS detached header support +- escape backslashes for systemd unit names correctly +- put block_uuid.map into initramfs + +dmraid: +- do not delete partitions + +dasd_mod: +- do not set module parameters if dasd_cio_free is not present + +nfs: +- fix mount if IPv4 address is used in /etc/fstab +- support host being a DNS ALIAS + +fips: +- fixed creating path to .hmac of kernel based on BOOT_IMAGE +- turn info calls into fips_info calls +- modprobe failures during manual module loading is not fatal + + +lunmask: +- add module to handle LUN masking + +s390: +- add rd.cio_accept + +dcssblk: +- add new module for DCSS block devices + +zipl: +- add new module to update s390x configuration + +iscsi: +- no more iscsid, either iscsistart or iscsid + +integrity: +- support loading x509 into the trusted/builtin .evm keyring +- support X.509-only EVM configuration + +plymouth: +- improve distro compatibility + +dracut-046 +========== + +dracut.sh: +- bail out if module directory does not exist + if people want to build the initramfs without kernel modules, + then --no-kernel should be specified +- add early microcode support for AMD family 16h +- collect also all modaliases modules from sysfs for hostonly modules +- sync initramfs after creation + +network: +- wait for IPv6 RA if using none/static IPv6 assignment +- ipv6 improvements +- Handle curl using libnssckbi for TLS +- fix dhcp classless_static_routes +- dhclient: send client-identifier matching hardware address +- don't arping for point-to-point connections +- only bring up wired network interfaces (no wlan and wwan) + +mraid: +- mdraid: wait for rd.md.uuid specified devices to be assembled + +crypt: +- handle rd.luks.name + +crypt-gpg: +- For GnuPG >= 2.1 support OpenPGP smartcards + +kernel-install: +- Skip to create initrd if /etc/machine-id is missing or empty + +nfs: +- handle rpcbind /run/rpcbind directory + +s390: +- various fixes + +dmsquash-live: +- add NTFS support + +multipath: +- split out multipath-hostonly module + +lvmmerge: +- new module, see README.md in the module directory + +dracut-systemd: +- fixed dependencies + + +dracut-045 +========== + +Important: dracut now requires libkmod for the dracut-install binary helper, + which nows handles kernel module installing and filtering. + +dracut.sh: +- restorecon final image file +- fail hard, if we find modules and modules.dep is missing +- support --tmpdir as a relative path +- add default path for --uefi + +dracut-functions.sh: +- fix check_vol_slaves() volume group name stripping + +dracut-install: +- catch ldd message "cannot execute binary file" +- added kernel module handling with libkmod + Added parameters: + --module,-m + --mod-filter-path, -p + --mod-filter-nopath, -P + --mod-filter-symbol, -s + --mod-filter-nosymbol, -S + --mod-filter-noname, -N + --silent + --kerneldir + --firmwaredirs +- fallback to non-hostonly mode if lsmod fails + +lsinitrd: +- new option "--unpack" +- new option "--unpackearly" +- and "--verbose" + +general initramfs fixes: +- don't remove 99-cmdline-ask on 'hostonly' cleanup +- call dracut-cmdline-ask.service, if /etc/cmdline.d/*.conf exists +- break at switch_root only for bare rd.break +- add rd.emergency=[reboot|poweroff|halt] + specifies what action to execute in case of a critical failure +- rd.memdebug=4 gives information, about kernel module memory consumption + during loading + +dmsquash-live: +- fixed livenet-generator execution flag + and include only, if systemd is used +- fixed dmsquash-live-root.sh for cases where the fstype of the liveimage is squashfs +- fixed typo for rootfs.img +- enable the use of the OverlayFS for the LiveOS root filesystem + Patch notes: + Integrate the option to use an OverlayFS as the root filesystem + into the 90dmsquash-live module for testing purposes. + + The rd.live.overlay.overlayfs option allows one to request an + OverlayFS overlay. If a persistent overlay is detected at the + standard LiveOS path, the overlay & type detected will be used. + + Tested primarily with transient, in-RAM overlay boots on vfat- + formatted Live USB devices, with persistent overlay directories + on ext4-formatted Live USB devices, and with embedded, persistent + overlay directories on vfat-formatted devices. (Persistent overlay + directories on a vfat-formatted device must be in an embedded + filesystem that supports the creation of trusted.* extended + attributes, and must provide valid d_type in readdir responses.) + + The rd.live.overlay.readonly option, which allows a persistent + overlayfs to be mounted read only through a higher level transient + overlay directory, has been implemented through the multiple lower + layers feature of OverlayFS. + + The default transient DM overlay size has been adjusted up to 32 GiB. + This change supports comparison of transient Device-mapper vs. + transient OverlayFS overlay performance. A transient DM overlay + is a sparse file in memory, so this setting does not consume more + RAM for legacy applications. It does permit a user to use all of + the available root filesystem storage, and fails gently when it is + consumed, as the available free root filesystem storage on a typical + LiveOS build is only a few GiB. Thus, when booted on other- + than-small RAM systems, the transient DM overlay should not overflow. + + OverlayFS offers the potential to use all of the available free RAM + or all of the available free disc storage (on non-vfat-devices) + in its overlay, even beyond the root filesystem available space, + because the OverlayFS root filesystem is a union of directories on + two different partitions. + + This patch also cleans up some message spew at shutdown, shortens + the execution path in a couple of places, and uses persistent + DM targets where required. + +dmraid: +- added "nowatch" option in udev rule, otherwise udev would reread partitions for raid members +- allow booting from degraded MD RAID arrays + +shutdown: +- handle readonly /run on shutdown + +kernel-modules: +- add all HID drivers, regardless of hostonly mode + people swap keyboards sometimes and should be able to enter their disk password +- add usb-storage + To save the rdsosreport.txt to a USB stick, the usb-storage module is needed. +- add xennet +- add nvme + +systemd: +- add /etc/machine-info +- fixed systemd-escape call for names beginning with "-" +- install missing drop-in configuration files for + /etc/systemd/{journal.conf,system.conf} + +filesystems: +- add support to F2FS filesystem (fsck and modules) + +network: +- fix carrier detection +- correctly set mac address for ip=...:<mtu>:<mac> +- fixed vlan, bonding, bridging, team logic + call ifup for the slaves and assemble afterwards +- add mtu to list of variables to store in override +- for rd.neednet=0 a bootdev is not needed anymore +- dhclient-script.sh: add classless-static-routes support +- support for iBFT IPv6 +- support macaddr in brackets [] (commit 740c46c0224a187d6b5a42b4aa56e173238884cc) +- use arping2, if available +- support multiple default gateways from DHCP server +- fixup VLAN handling +- enhance team support +- differ between ipv6 local and global tentative +- ipv6: wait for a router advertised route +- add 'mtu' parameter for bond options +- use 'ip' instead of 'brctl' + +nbd: +- add systemd generator +- use export names instead of port numbers, because port number based + exports are deprecated and were removed. + +fcoe: +- no more /dev/shm state copying + +multipath: +- check all /dev/mapper devices if they are multipath devices, not only mpath* + +fips: +- fixed .hmac installation in FIPS mode + +plymouth: +- also trigger the acpi subsystem + +syslog: +- add imjournal.so to read systemd journal +- move start from udev to initqueue/online + +caps: +- make it a non default module + +livenet: +- support nfs:// urls in livenet-generator + +nfs: +- install all nfs modules non-hostonly + +crypt: +- support keyfiles embedded in the initramfs + +testsuite: +- add TEST-70-BONDBRIDGETEAMVLAN +- make "-cpu host" the default + +dracut-044 +========== +creation: +- better udev & systemd dir detection +- split dracut-functions.sh in dracut-init.sh and dracut-functions.sh + dracut-functions.sh can now be sourced by external tools +- detect all btrfs devices needed +- added flag file if initqueue is needed +- don't overwrite anything, if initramfs image file creation failed +- if no compressor is specified, try to find a suitable one +- drop scanning kernel config for CONFIG_MICROCODE_*_EARLY +- remove "_EARLY" from CONFIG_MICROCODE_* checks +- dracut.sh: add command line option for install_i18_all + --no-hostonly-i18n -> install_i18n_all=yes + --hostonly-i18n -> install_i18n_all=no +- --no-reproducible to turn off reproducible mode +- dracut-function.sh can now be sourced from outside of dracut +- dracut-init.sh contains all functions, which only can be used from + within the dracut infrastructure +- support --mount with just mountpoint as a parameter +- removed action_on_fail support +- removed host_modalias concept +- do not create microcode, if no firmware is available +- skip gpg files in microcode generation + +initramfs: +- ensure pre-mount (and resume) run before root fsck +- add --online option to initqueue + +qemu: +- fixed virtual machine detection + +lvm: +- remove all quirk arguments for lvm >= 2.2.221 + +dmsquash: +- fixup for checkisomd5 +- increase timeout for checkisomd5 +- use non-persistent metadata snapshots for transient overlays. +- overflow support for persistent snapshot. +- use non-persistent metadata snapshots. +- avoid an overlay for persistent, uncompressed, read-write live installations. + +multipath: +- multipath.conf included in hostonly mode +- install all multipath path selector kernel modules + +iSCSI: +- use the iBFT initiator name, if found and set +- iscsid now present in the initramfs +- iscsistart is done with systemd-run asynchrone to do things in + paralllel. Also restarted for every new interface which shows up. +- If rd.iscsi.waitnet (default) is set, iscsistart is done only + after all interfaces are up. +- If not all interfaces are up and rd.iscsi.testroute (default) is set, + the route to a iscsi target IP is checked and skipped, if there is none. +- If all things fail, we issue a "dummy" interface iscsiroot to retry + everything in the initqueue/timeout. + +network: +- added DHCP RENEW/REBIND +- IPv4 DHCP lease time now optional (bootp) +- IPv6 nfs parsing +- fixed IPv6 route parsing +- rd.peerdns=0 parameter to disable DHCP nameserver setting +- detect duplicate IPv4 addresses for static addresses +- if interfaces are specified with its enx* name, bind the correspondent MAC to the interface name +- if multiple "ip=" are present on the kernel command line "rd.neednet=1" is assumed +- add options to tweak timeouts + rd.net.dhcp.retry=<cnt> + If this option is set, dracut will try to connect via dhcp + <cnt> times before failing. Default is 1. + + rd.net.timeout.dhcp=<arg> + If this option is set, dhclient is called with "-timeout <arg>". + + rd.net.timeout.iflink=<seconds> + Wait <seconds> until link shows up. Default is 60 seconds. + + rd.net.timeout.ifup=<seconds> + Wait <seconds> until link has state "UP". Default is 20 seconds. + + rd.net.timeout.route=<seconds> + Wait <seconds> until route shows up. Default is 20 seconds. + + rd.net.timeout.ipv6dad=<seconds> + Wait <seconds> until IPv6 DAD is finished. Default is 50 seconds. + + rd.net.timeout.ipv6auto=<seconds> + Wait <seconds> until IPv6 automatic addresses are assigned. + Default is 40 seconds. + + rd.net.timeout.carrier=<seconds> + Wait <seconds> until carrier is recognized. Default is 5 seconds. + +IMA: +- load signed certificates in the IMA keyring, see modules.d/98integrity/README +- load EVM public key in the kernel _evm keyring + +FCoE: + fcoe: start with fcoemon instead of fipvlan + +dracut-043 +========== +- add missing dmsquash-generator + +dracut-042 +========== +- fixed dmsetup shutdown +- new kernel command line option "rd.live.overlay.thin" + This option changes the underlying mechanism for the overlay in the + dmsquash module. + Instead of a plain dm snapshot a dm thin snapshot is used. The advantage + of the thin snapshot is, that the TRIM command is recognized, which + means that at runtime, only the occupied blocks will be claimed from + memory, and freed blocks will really be freed in ram. +- dmsquash: Add squashfs support to rd.live.fsimg + Previously rd.live.fsimg only supported filesystems residing in + (compressed) archives. + Now rd.live.fsimg can also be used when a squashfs image is used. + This is achieved by extracting the rootfs image from the squashfs and + then continue with the default routines for rd.live.fsimg. +- lvm: add support for LVM system id +- split up the systemd dracut module + Basic systemd functionality is in 00systemd now. + Switching root and the initrd.target is in 00systemd-initrd. + Dracut additions to the systemd initrd are in 98dracut-systemd. +- support for creating a UEFI boot executable via argument "--uefi" + With an EFI stub, the kernel, the initramfs and a kernel cmdline can be + glued together to a single UEFI executable, which can be booted by a + UEFI BIOS. +- network: split out kernel-network-modules, now in 90kernel-network-modules +- support for ethernet point-to-point connections configured via DHCP +- kernel-modules: install all HID drivers +- dracut.pc pkg-config file +- mount /dev, /dev/shm and /run noexec + +dracut-041 +========== +- fixed the shutdown loop +- fixed gzip compression for versions, which do not have --rsyncable +- fixed ifcfg generation for persistent interface names +- multipath: + * new option to turn off multipath "rd.multipath=0" completly + * preload scsi dh modules + * start multipathd via systemd service +- do not fail, if user pressed ESC during media check +- fixed systemd-journal by symlinking /var/log to /run/initramfs/log +- initrd-release moved to /usr/lib +- lots of iSCSI fixes +- new "rd.timeout" to specify the systemd JobTimeoutSec for devices +- if $initrd/etc/cmdline.d/* has a "root=" and the kernel cmdline does not, + generate a mount unit for it +- increased the initqueue timeout for non systemd initramfs to 180s +- $initrd/etc/cmdline.d/ hostonly files are now generated for NFS +- make use of systemd-hibernate-resume, if available +- fixed ldconfig parsing for hwcap output +- network: add support for comma separated autoconf options like ip=eth0:auto6,dhcp +- new parameter "rd.live.overlay.size" to specify the overlay for live images +- changed the test suite for the new sfdisk syntax +- added cache tools for dm-cache setups + +dracut-040 +========== +- fixed dracut module dependency checks +- fixed test suite + +dracut-039 +========== +- DRACUT_PATH can now be used to specify the PATH used by dracut + to search for binaries instead of the default + /usr/sbin:/sbin:/usr/bin:/bin + This should be set in the distribution config file + /usr/lib/dracut/dracut.conf.d/01-dist.conf +- add "--loginstall <DIR>" and loginstall="<DIR>" options + to record all files, which are installed from the host fs +- "rd.writable.fsimg" - support for read/write filesystem images +- "rd.route" kernel command line parameter added +- "--install-optional" and install_optional_items added +- find plymouth pkglibdir on debian +- torrent support for live images + root=live:torrent://example.com/liveboot.img.torrent + and generally added as a download handler +- disable microcode, if the kernel does not support it +- speed up ldconfig_paths() +- more ARM modules +- fixed inst*() functions and "-H" handling +- fixed bridge setup +- added --force-drivers parameter and force_drivers=+ config option + to enforce driver loading at early boot time +- documented "iso-scan/filename" usage in grub +- various bugfixes + +dracut-038 +========== +- "rd.cmdline=ask" will ask the user on the console to enter additional + kernel command line parameters +- "rd.hostonly=0" removes all "hostonly" added custom files, + which is useful in combination with "rd.auto" or other specific parameters, + if you want to boot on the same hardware, but the compiled in configuration + does not match your setup anymore +- inst* functions and dracut-install now accept the "-H" flag, which logs all + installed files to /lib/dracut/hostonly-files. This is used to remove those + files, if rd.hostonly is given on the kernel command line +- strstr now only does literal string match, + please use strglob and strglobin for globs +- fixed unpacking of the microcode image on shutdown +- added systemd-gpt-auto-generator +- fcoe: wait for lldpad to be ready +- network: handle "ip=dhcp6" +- network: DCHPv6: set valid_lft and preferred_lft +- dm: support dm-cache +- fstab: do not mount and fsck from fstab if using systemd +- break at switch_root only for bare rd.break and not for any rd.break=... +- nbd: make use of "--systemd-mark", otherwise it gets killed on switch_root +- fcoe-uefi: fixed cmdline parameter generation +- iscsi: deprecate "ip=ibft", use "rd.iscsi.ibft[=1]" from now on +- "lsinitrd -m" now only lists the dracut modules of the image +- a lot of small bugfixes + +dracut-037 +========== +- dracut: hostonly_cmdline variable and command line switch + Toggle hostonly cmdline storing in the initramfs + --hostonly-cmdline: + Store kernel command line arguments needed in the initramfs + --no-hostonly-cmdline: + Do not store kernel command line arguments needed in the initramfs +- dracut: --mount now understands full fstab lines +- dracut now also includes drivers from the /lib/modules/<version>/updates directory +- dracut: only set the owner of files to 0:0, if generated as non-root +- dracut now directly writes to the initramfs file +- dracut: call lz4 with the legacy flag (linux kernel does not support the new format) +- systemd: rootfs-generator generates JobTimeout=0 units for the root device +- systemd: added the systemd-sysctl service +- systemd: add 80-net-setup-link.rules and .link files for persistent interface renaming +- systemd: make dracut-shutdown.service failure non-fatal +- network: various IPv6 fixes +- network: DCHCP for IPv6 +- network: understand ip=.....:<dns1>:<dns2> +- network: parse ibft nameserver settings +- shutdown: if kexec fails, just reboot +- lvm: handle one LV at a time with lvchange +- module-setup.sh: + New functions require_binaries() and require_any_binary() to be used + in the check() section of module-setup.sh. +- a lot of small bugfixes + +Contributions from: +Harald Hoyer +Alexander Tsoy +Till Maas +Amadeusz Żołnowski +Brian C. Lane +Colin Guthrie +Dave Young +WANG Chao +Shawn W Dunn + +dracut-036 +========== +- fixed skipcpio signature checking + +dracut-035 +========== +- changed dracut tarball compression to xz +- new argument "--rebuild" +- add lzo, lz4 compression +- install: install all binaries with <name> found in PATH +- lsinitrd can now handle initramfs images with an early cpio prepended + (microcode, ACPI tables) +- mkinitrd-suse added as a compat stub for dracut +- lvm: install thin utils for non-hostonly +- resume: fix swap detection in hostonly +- avoid loading unnecessary 32-bit libraries for 64-bit initrds +- crypt: wait for systemd password agents +- crypt: skip crypt swaps with password files +- network: before doing dhcp, dracut now checks, if the link has a carrier +- network: dhclient-script.sh now sets the lease time +- network: include usbnet drivers +- network: include all ethernet drivers +- network: add rd.bootif=0 to ignore BOOTIF +- i18n: introduce i18n_install_all, to install everything i18n related +- support SuSE DASD configurations +- support SuSE zfcp configurations +- support SuSE compressed KEYMAP= setting +- usrmount: always install the module, + so always mount /usr from within the initramfs +- test/TEST-17-LVM-THIN: new test case for lvm thin pools +- "halt" the machine in systemd mode for die() + +dracut-034 +========== +- do not run dhcp on parts of assembled network interfaces (bond, bridge) +- add option to turn on/off prelinking + --prelink, --noprelink + do_prelink=[yes|no] +- add ACPI table overriding +- do not log to syslog/kmsg/journal for UID != 0 +- lvm/mdraid: Fix LVM on MD activation +- bcache module removed (now in bcache-tools upstream) +- mdadm: also install configs from /etc/mdadm.conf.d +- fixes for mdadm-3.2.6+ +- mkinitrd: better compat support for SUSE +- fcoe: add FCoE UEFI boot device support +- rootfs-block: add support for the rootfallback= kernel cmdline option + +Contributions from: +Thomas Renninger +Alexander Tsoy +Peter Rajnoha +WANG Chao +Harald Hoyer + + +dracut-033 +========== +- improved hostonly device recognition +- improved hostonly module recognition +- add dracut.css for dracut.html +- do not install udev rules from /etc in generic mode +- fixed LABEL= parsing for swap devices +- fixed iBFT network setup +- url-lib.sh: handle 0-size files with curl +- dracut.asc: document debugging dracut on shutdown +- if rd.md=0, use dmraid for imsm and ddf +- skip empty dracut modules +- removed caching of kernel cmdline +- fixed iso-scan, if the loop device driver is a kernel module +- bcache: support new blkid +- fixed ifup udev rules +- ifup with dhcp, if no "ip=" specified for the interface + +Contributions from: +WANG Chao +Colin Walters +Harald Hoyer + + +dracut-032 +========== +- add parameter --print-cmdline + This prints the kernel command line parameters for the current disk + layout. + $ dracut --print-cmdline + rd.luks.uuid=luks-e68c8906-6542-4a26-83c4-91b4dd9f0471 + rd.lvm.lv=debian/root rd.lvm.lv=debian/usr root=/dev/mapper/debian-root + rootflags=rw,relatime,errors=remount-ro,user_xattr,barrier=1,data=ordered + rootfstype=ext4 +- dracut.sh: add --persistent-policy option and persistent_policy conf option + --persistent-policy <policy>: + Use <policy> to address disks and partitions. + <policy> can be any directory name found in /dev/disk. + E.g. "by-uuid", "by-label" +- dracut now creates the initramfs without udevadm + that means the udev database does not have to populated + and the initramfs can be built in a chroot with + /sys /dev /proc mounted +- renamed dracut_install() to inst_multiple() for consistent naming +- if $libdirs is unset, fall back to ld.so.cache paths +- always assemble /usr device in initramfs +- bash module added (disable it, if you really want dash) +- continue to boot, if the main loop times out, in systemd mode +- removed inst*() shell pure versions, dracut-install binary is in charge now +- fixed ifcfg file generation for vlan +- do not include adjtime and localtime anymore +- fixed generation of zfcp.conf of CMS setups +- install vt102 terminfo + dracut_install() is still there for backwards compat +- do not strip files in FIPS mode +- fixed iBFT interface configuration +- fs-lib: install fsck and fsck.ext* +- shutdown: fixed killall_proc_mountpoint() +- network: also wait for ethernet interfaces to setup +- fixed checking for FIPS mode + +Contributions from: +Harald Hoyer +WANG Chao +Baoquan He +Daniel Schaal +Dave Young +James Lee +Radek Vykydal + + +dracut-031 +========== +- do not include the resume dracut module in hostonly mode, + if no swap is present +- don't warn twice about omitted modules +- use systemd-cat for logging on systemd systems, if logfile is unset +- fixed PARTUUID parsing +- support kernel module signing keys +- do not install the usrmount dracut module in hostonly mode, + if /sbin/init does not live in /usr +- add debian udev rule files +- add support for bcache +- network: handle bootif style interfaces + e.g. ip=77-77-6f-6f-64-73:dhcp +- add support for kmod static devnodes +- add vlan support for iBFT + +Contributions from: +Harald Hoyer +Amadeusz Żołnowski +Brandon Philips +Colin Walters +James Lee +Kyle McMartin +Peter Jones + +dracut-030 +========== +- support new persistent network interface names +- fix findmnt calls, prevents hang on stale NFS mounts +- add systemd.slice and slice.target units +- major shell cleanup +- support root=PARTLABEL= and root=PARTUUID= +- terminfo: only install l/linux v/vt100 and v/vt220 +- unset all LC_* and LANG, 10% faster +- fixed dependency loop for dracut-cmdline.service +- do not wait_for_dev for the root devices +- do not wait_for_dev for devices, if dracut-initqueue is not needed +- support early microcode loading with --early-microcode +- dmraid, let dmraid setup its own partitions +- sosreport renamed to rdsosreport + +Contributions from: +Harald Hoyer +Konrad Rzeszutek Wilk +WANG Chao + +dracut-029 +========== +- wait for IPv6 autoconfiguration +- i18n: make the default font configurable + To set the default font for your distribution, add + i18n_default_font="latarcyrheb-sun16" + to your /lib/dracut/dracut.conf.d/01-dist.conf distribution config. +- proper handle "rd.break" in systemd mode before switch-root +- systemd: make unit files symlinks +- build without dash requirement +- add dracut-shutdown.service.8 manpage +- handle MACs for "ip=" + "ip=77-77-6f-6f-64-73:dhcp" +- don't explode when mixing BOOTIF and ip= +- 90lvm/module-setup.sh: redirect error message of lvs to /dev/null + +Contributions from: +Harald Hoyer +Will Woods +Baoquan He + +dracut-028 +========== +- full integration of crypto devs in systemd logic +- support for bridge over team and vlan tagged team +- support multiple bonding interfaces +- new kernel command line param "rd.action_on_fail" + to control the emergency action +- support for bridge over a vlan tagged interface +- support for "iso-scan/filename" kernel parameter +- lsinitrd got some love and does not use "file" anymore +- fixed issue with noexec mounted tmp dirs +- FIPS mode fixed +- dracut_install got some love +- fixed some /usr mounting problems +- ifcfg dracut module got some love and fixes +- default installed font is now latarcyrheb-sun16 +- new parameters rd.live.dir and rd.live.squashimg +- lvm: add tools for thin provisioning +- also install non-hwcap libs +- setup correct system time and time zone in initrd +- s390: fixed cms setup +- add systemd-udevd persistent network interface naming + +Contributions from: +Harald Hoyer +Kamil Rytarowski +WANG Chao +Baoquan He +Adam Williamson +Colin Guthrie +Dan Horák +Dave Young +Dennis Gilmore +Dennis Schridde + +dracut-027 +========== +- dracut now has bash-completion +- require bash version 4 +- systemd module now requires systemd >= 199 +- dracut makes use of native systemd initrd units +- added hooks for new-kernel-pkg and kernel-install +- hostonly is now default for fedora +- comply with the BootLoaderSpec paths + http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec +- added rescue module +- host_fs_types is now a hashmap +- new dracut argument "--regenerate-all" +- new dracut argument "--noimageifnotneeded" +- new man page dracut.bootup +- install all host filesystem drivers +- use -D_FILE_OFFSET_BITS=64 to build dracut-install + +dracut-026 +========== +- introduce /usr/lib/dracut/dracut.conf.d/ drop-in directory + + /usr/lib/dracut/dracut.conf.d/*.conf can be overwritten by the same + filenames in /etc/dracut.conf.d. + + Packages should use /usr/lib/dracut/dracut.conf.d rather than + /etc/dracut.conf.d for drop-in configuration files. + + /etc/dracut.conf and /etc/dracut.conf.d belong to the system administrator. + +- uses systemd-198 native initrd units +- totally rely on the fstab-generator in systemd mode for block devices +- dracut systemd now uses dracut.target rather than basic.target +- dracut systemd services optimize themselves away +- fixed hostonly parameter generation +- turn off curl globbing (fixes IPv6) +- modify the udev rules on install and not runtime time +- enable initramfs building without kernel modules (fixed regression) +- in the initqueue/timeout, + reset the main loop counter, as we see new udev events or initqueue/work +- fixed udev rule installation + +dracut-025 +========== +- do not strip signed kernel modules +- add sosreport script and generate /run/initramfs/sosreport.txt +- make short uuid specification for allow-discards work +- turn off RateLimit for the systemd journal +- fixed MAC address assignment +- add systemd checkisomd5 service +- splitout drm kernel modules from plymouth module +- add 'swapoff' to initramfs to fix shutdown/reboot +- add team device support +- add pre-shutdown hook +- kill all processes in shutdown and report remaining ones +- "--device" changed to "--add-device" and "add_device=" added for conf files +- add memory usage trace to different hook points +- cope with optional field #7 in /proc/self/mountinfo +- lots of small bugfixes + +dracut-024 +========== +- new dracut option "--device" +- new dracut kernel command line options "rd.auto" +- new dracut kernel command line options "rd.noverifyssl" +- new dracut option "--kernel-cmdline" and "kernel_cmdline" option for default parameters +- fixes for systemd and crypto +- fix for kexec in shutdown, if not included in initramfs +- create the initramfs non-world readable +- prelink/preunlink in the initramfs +- strip binaries in the initramfs by default now +- various FIPS fixes +- various dracut-install fixes + +dracut-023 +========== +- resume from hibernate fixes +- -N option for --no-hostonly +- support for systemd crypto handling +- new dracut module "crypt-loop" +- deprecate the old kernel command line options +- more documentation +- honor CFLAGS for dracut-install build +- multipath fixes +- / is mounted according to rootflags parameter but forced ro at first. + Later it is remounted according to /etc/fstab + rootflags parameter + and "ro"/"rw". +- support for xfs / reiserfs separate journal device +- new "ro_mnt" option to force ro mount of / and /usr +- root on cifs support +- dracut-install: fixed issue for /var/tmp containing a symlink +- only lazy resolve with ldd, if the /var/tmp partition is not mounted with "noexec" +- i18n: fixed inclusion of "include" keymaps + +dracut-022 +========== +- fixed host-only kernel module bug + +dracut-021 +========== +- fixed systemd in the initramfs (requires systemd >= 187) +- dracut-install: massive speedup with /var on the same filesystem with COW copy +- dracut-install: moved to /usr/lib/dracut until it becomes a general purpose tool +- new options: "rd.usrmount.ro" and "rd.skipfsck" +- less mount/umount +- apply "ro" on the kernel command line also to /usr +- mount according to fstab, if neither "ro" or "rw" is specified +- skip fsck for xfs and btrfs. remount is enough +- give emergency_shell if /usr mount failed +- dracut now uses getopt: + * options can be position independent now!! + * we can now use --option=<arg> +- added option "--kver=<kernel-version>", and the image location can be omitted + # dracut --kver 3.5.0-0.rc7.git1.2.fc18.x86_64 +- dracut.sh: for --include copy also the symbolic links +- man pages: lsinitrd and mkinitrd added +- network: We do not support renaming in the kernel namespace anymore (as udev does + that not anymore). So, if a user wants to use ifname, he has to rename + to a custom namespace. "eth[0-9]+" is not allowed anymore. !!!!! +- resume: moved the resume process to the initqueue. + This should prevent accidently mounting the root file system. +- testsuite: add support for: make V=1 TESTS="01 20 40" check + $ sudo make V=1 clean check + now runs the testsuite in verbose mode + + $ sudo make TESTS="01 20 40" clean check + now only runs the 01, 20 and 40 tests. + +dracut-020 +========== +- changed rd.dasd kernel parameter +- arm kernel modules added to kernel-modules +- make udevdir systemdutildir systemdsystemunitdir global vars + your distribution should ship those settings in + /etc/dracut.conf.d/01-distro.conf + see dracut.conf.d/fedora.conf.example +- kernel modules are now only handled with /sys/modules and modules.dep +- systemd fixups +- mdraid: wait for md devices to be clean, before shutdown +- ifup fixed for ipv6 +- add PARTUUID as root=PARTUUID=<partition uuid> parameter +- fixed instmods() return code and set pipefail globally +- add 04watchdog dracut module +- dracut-shutdown.service: fixed ordering to be before shutdown.target +- make use of "ln -r" instead of shell functions, if new coreutils is installed +- network: support vlan tagged bonding +- new dracut module qemu and qemu-net to install all kernel driver +- fs-lib/fs-lib.sh: removed test mounting of btrfs and xfs +- no more "mknod" in the initramfs!! +- replaced all "tr" calls with "sed" +- speedup with lazy kernel module dependency resolving +- lots of speedup optimizations and last but not least +- dracut-install: + - new binary to significanlty speedup the installation process + - dracut-functions.sh makes use of it, if installed + + +dracut-019 +========== +- initqueue/online hook +- fixes for ifcfg write out +- rootfs-block: avoid remount when options don't change +- Debian multiarch support +- virtfs root filesystem support +- cope with systemd-udevd +- mount tmpfs with strictatime +- include all kernel/drivers/net/phy drivers +- add debug_on() and debug_off() functions +- add arguments for source_hook() and source_all() +- cleanup hook +- plymouth: get consoledev from /sys/class/tty/console/active +- experimental systemd dracut module for systemd in the initramfs +- install xhci-hcd kernel module +- dracut: new "--mount" option +- lsinitrd: new option --printsize +- ARM storage kernel modules added +- s390 cms conf file support +- /etc/initrd-release in the initrd +- vlan support +- full bonding and bridge support +- removed scsi_wait_scan kernel module from standard install +- support rd.luks.allow-discards and honor options in crypttab +- lots of bugfixes + +dracut-018 +========== +- lvm: ignore lvm mirrors +- lsinitrd: handle LZMA images +- iscsi: add rd.iscsi.param +- iscsi: add iscsi interface binding +- new module cms to read and handle z-Series cms config files +- fixed fstab.sys handling +- new dracut option "--tmpdir" +- new dracut option "--no-hostonly" +- nbd: name based nbd connects +- converted manpage and documentation source to asciidoc +- write-ifcfg fixes and cleanups +- ifup is now done in the initqueue +- netroot cleanup +- initqueue/online is now for hooks, which require network +- no more /tmp/root.info +- 98pollcdrom: factored out the ugly cdrom polling in the main loop +- simplified rd.luks.uuid testing +- removed "egrep" and "ls" calls +- speedup kernel module installation +- make bzip2 optional +- lots of bugfixes + +dracut-017 +========== +- a _lot_ faster than dracut-016 in image creation +- systemd service dracut-shutdown.service +- livenet fixes +- ssh-client module install fix +- root=iscsi:... fixed +- lots of restructuring and optimizing in dracut-functions.sh +- usrmount: honor fs_passno in /etc/fstab +- renamed all shell scripts to .sh +- new option "--omit-drivers" and config option "omit_drivers" +- hostonly mode fixups + +dracut-016 +========== +- fixed lsinitrd +- honor binaries in sbin first +- fixed usrmount module +- added systemd service for shutdown +- fixed terminfo on distros with /usr/share/terminfo +- reload udev rules after "pre-trigger" hook +- improved test suite +- new parameter "--omit-drivers" and new conf param omit_drivers +- "--offroot" support for mdraid +- new libs: net-lib.sh, nfs-lib.sh, url-lib.sh, img-lib.sh + full of functions to use in your dracut module + +dracut-015 +========== +- hostonly mode automatically adds command line options for root and /usr +- --add-fstab --mount parameters +- ssh-client module +- --ctty option: add job control +- cleanup /run/initramfs +- convertfs module +- /sbin/ifup can be called directly +- support kernel modules compressed with xz +- s390 iscsi modules added +- terminfo module +- lsinitrd can handle concatened images +- lsinitrd can sort by size + +dracut-014 +========== +- new dracut arguments: + --lvmconf + --nolvmconf + --fscks [LIST] + --nofscks +- new .conf options: + install_items + fscks + nofscks +- new kernel options: + rd.md.ddf + rd.md.waitclean + plymouth.enable +- dracut move from /sbin to /usr/bin +- dracut modules dir moved from /usr/share/dracut to /usr/lib/dracut +- profiling with "dracut --profile" +- new TEST-16-DMSQUASH, test for Fedora LiveCDs +- speedup of initramfs creation +- ask_for_password fallback to CLI +- mdraid completely switched to incremental assembly +- no more cdrom polling +- "switch_root" breakpoint is now very late +- /dev/live is gone +- /dev/root is gone +- fs-lib dracut module for fscks added +- xen dracut module removed +- usb mass storage kernel drivers now included +- usrmount dracut module added: + mount /usr if found in /sysroot/etc/fstab +- only include fsck helper needed for hostonly +- fcoe: support for bnx2fc +- support iSCSI drivers: qla4xxx, cxgb3i, cxgb4i, bnx2i, be2iscsi +- fips-aesni dracut module added +- add install_items to dracut.conf + install_items+=" <file>[ <file> ...] " +- speedup internal testsuite +- internal testsuite: store temporary data in a temporary dir + +dracut-013 +========== +- speedup of initramfs creation +- fixed inst_dir for symbolic links +- add unix kernel module + +dracut-012 +========== +- better fsck handling +- fixed wait condition for LVM volumes +- fix for hardlinks (welcome Debian! :-) +- shutdown bugfixes +- automatic busybox symlink creation +- try to mount /usr, if init points to a path in /usr +- btrfs with multiple devices +- "--force-add" option for dracut, to force-add dracut modules, + without hostonly checks +- lsinitrd also display the initramfs size in human readable form +- livenet module, to mount live-isos over http +- masterkey,ecryptfs,integrity security modules +- initqueue/timeout queue e.g. for starting degraded raids +- "make rpm" creates an rpm with an increasing release number from any + git checkout +- support lvm mirrors +- start degraded lvm mirrors after a timeout +- start degraded md raids after a timeout +- getarg() now returns wildcards without file matching to the current fs +- lots of bugfixes + +dracut-011 +========== +- use udev-168 features for shutting down udev +- introduce "--prefix" to put all initramfs files in e.g "/run/initramfs" +- new shutdown script (called by systemd >= 030) to disassemble the root device +- lots of bugfixes +- new module for gpg-encrypted keys - 91crypt-gpg + +dracut-010 +========== +- lots of bugfixes +- plymouth: use /run/plymouth/pid instead of /run/initramfs/plymouth +- add "/lib/firmware/updates" to default firmware path + +dracut-009 +========== +- dracut generator + - dracut-logger + - xz compression + - better argument handling + +- initramfs + - hooks moved to /lib/dracut/hooks in initramfs + - rd.driver.{blacklist|pre|post} accept comma separated driver list + - iSCSI: iSCSI Boot Firmware Table (iBFT) support + - support for /run + - live image: support for generic rootfs.img (instead of ext3fs.img) + - caps module + - FCoE: EDD support + +dracut-008 +========== +- removed --ignore-kernel-modules option (no longer necessary) +- renamed kernel command line arguments to follow the rd. naming scheme +- merged check, install, installkernel to module-setup.sh +- support for bzip2 and xz compressed initramfs images. +- source code beautification +- lots of documentation +- lsinitrd: "catinitrd" functionality +- dracut: --list-modules +- lvm: support for dynamic LVM SNAPSHOT root volume +- 95fstab-sys: mount all /etc/fstab.sys volumes before switch_root +- 96insmodpost dracut module +- rd.shell=1 per default +- rootfs-block:mount-root.sh add fsck +- busybox shell replacements module +- honor old "real_init=" +- 97biosdevname dracut module + +dracut-007 +========== +- module i18n is no longer fedora/red hat specific (Amadeusz Żołnowski) +- distribution specific conf file +- bootchartd support +- debug module now has fsck +- use "hardlink", if available, to save some space +- /etc/dracut.conf can be overwritten by settings in /etc/dracut.conf.d/*.conf +- gentoo splash module +- --ignore-kernel-modules option +- crypto keys on external devices support +- bugfixes + +dracut-006 +========== +- fixed mdraid with IMSM +- fixed dracut manpages +- dmraid parse different error messages +- add cdrom polling mechanism for slow cdroms +- add module btrfs +- add btrfsctl scan for btrfs multi-devices (raid) +- teach dmsquash live-root to use rootflags +- trigger udev with action=add +- fixed add_drivers handling +- add sr_mod +- use pigz instead of gzip, if available +- boot from LVM mirrors and snapshots +- iscsi: add support for multiple netroot=iscsi: +- Support old version of module-init-tools +- got rid of rdnetdebug +- fixed "ip=auto6" +- dracut.conf: use "+=" as default for config variables +- bugfixes + +dracut-005 +========== +- dcb support to dracut's FCoE support +- add readonly overlay support for dmsquash +- add keyboard kernel modules +- dracut.conf: added add_dracutmodules +- add /etc/dracut.conf.d +- add preliminary IPv6 support +- bugfixes + +dracut-004 +========== +- dracut-lib: read multiple lines from $init/etc/cmdline +- lsinitrd and mkinitrd +- dmsquash: add support for loopmounted *.iso files +- lvm: add rd_LVM_LV and "--poll n" +- user suspend support +- add additional drivers in host-only mode, too +- improved emergency shell +- support for compressed kernel modules +- support for loading Xen modules +- rdloaddriver kernel command line parameter +- man pages for dracut-catimages and dracut-gencmdline +- bugfixes + +dracut-003 +========== +- add debian package modules +- add dracut.conf manpage +- add module 90multipath +- add module 01fips +- crypt: ignore devices in /etc/crypttab (root is not in there) + unless rd_NO_CRYPTTAB is specified +- kernel-modules: add scsi_dh scsi_dh_rdac scsi_dh_emc +- add multinic support +- add s390 zfcp support +- add s390 dasd support +- add s390 network support +- fixed dracut-gencmdline for root=UUID or LABEL +- do not destroy assembled raid arrays if mdadm.conf present +- mount /dev/shm +- let udevd not resolve group and user names +- moved network from udev to initqueue +- improved debug output: specifying "rdinitdebug" now logs + to dmesg, console and /init.log +- strip kernel modules which have no x bit set +- redirect stdin, stdout, stderr all RW to /dev/console + so the user can use "less" to view /init.log and dmesg +- add new device mapper udev rules and dmeventd +- fixed dracut-gencmdline for root=UUID or LABEL +- do not destroy assembled raid arrays if mdadm.conf present +- mount /dev/shm +- let udevd not resolve group and user names +- preserve timestamps of tools on initramfs generation +- generate symlinks for binaries correctly +- moved network from udev to initqueue +- mount nfs3 with nfsvers=3 option and retry with nfsvers=2 +- fixed nbd initqueue-finished +- improved debug output: specifying "rdinitdebug" now logs + to dmesg, console and /init.log +- strip kernel modules which have no x bit set +- redirect stdin, stdout, stderr all RW to /dev/console + so the user can use "less" to view /init.log and dmesg +- make install of new dm/lvm udev rules optionally +- add new device mapper udev rules and dmeventd +- Fix LiveCD boot regression +- bail out if selinux policy could not be loaded and + selinux=0 not specified on kernel command line +- do not cleanup dmraids +- copy over lvm.conf + +dracut-002 +========== +- add ifname= argument for persistent netdev names +- new /initqueue-finished to check if the main loop can be left +- copy mdadm.conf if --mdadmconf set or mdadmconf in dracut.conf +- plymouth: use plymouth-populate-initrd +- add add_drivers for dracut and dracut.conf +- add modprobe scsi_wait_scan to be sure everything was scanned +- fix for several problems with md raid containers +- fix for selinux policy loading +- fix for mdraid for IMSM +- fix for bug, which prevents installing 61-persistent-storage.rules (bug #520109) +- fix for missing grep for md + +dracut-001 +========== +- better --hostonly checks +- better lvm/mdraid/dmraid handling +- fcoe booting support + Supported cmdline formats: + fcoe=<networkdevice>:<dcb|nodcb> + fcoe=<macaddress>:<dcb|nodcb> + + Note currently only nodcb is supported, the dcb option is reserved for + future use. + + Note letters in the macaddress must be lowercase! + + Examples: + fcoe=eth0:nodcb + fcoe=4A:3F:4C:04:F8:D7:nodcb + +- Syslog support for dracut + This module provides syslog functionality in the initrd. + This is especially interesting when complex configuration being + used to provide access to the device the rootfs resides on. + + +dracut-0.9 +========== +- let plymouth attach to the terminal (nice text output now) +- new kernel command line parameter "rdinfo" show dracut output, even when + "quiet" is specified +- rd_LUKS_UUID is now handled correctly +- dracut-gencmdline: rd_LUKS_UUID and rd_MD_UUID is now correctly generated +- now generates initrd-generic with around 15MB +- smaller bugfixes + +dracut-0.8 +========== +- iSCSI with username and password +- support for live images (dmsquashed live images) +- iscsi_firmware fixes +- smaller images +- bugfixes + +dracut-0.7 +========== +- dracut: strip binaries in initramfs + + --strip + strip binaries in the initramfs (default) + + --nostrip + do not strip binaries in the initramfs +- dracut-catimages + + Usage: ./dracut-catimages [OPTION]... <initramfs> <base image> + [<image>...] + Creates initial ramdisk image by concatenating several images from the + command + line and /boot/dracut/ + + -f, --force Overwrite existing initramfs file. + -i, --imagedir Directory with additional images to add + (default: /boot/dracut/) + -o, --overlaydir Overlay directory, which contains files that + will be used to create an additional image + --nooverlay Do not use the overlay directory + --noimagedir Do not use the additional image directory + -h, --help This message + --debug Output debug information of the build process + -v, --verbose Verbose output during the build process + +- s390 dasd support + +dracut-0.6 +========== +- dracut: add --kernel-only and --no-kernel arguments + + --kernel-only + only install kernel drivers and firmware files + + --no-kernel + do not install kernel drivers and firmware files + + All kernel module related install commands moved from "install" + to "installkernel". + + For "--kernel-only" all installkernel scripts of the specified + modules are used, regardless of any checks, so that all modules + which might be needed by any dracut generic image are in. + + The basic idea is to create two images. One image with the kernel + modules and one without. So if the kernel changes, you only have + to replace one image. + + Grub and the kernel can handle multiple images, so grub entry can + look like this: + + title Fedora (2.6.29.5-191.fc11.i586) + root (hd0,0) + kernel /vmlinuz-2.6.29.5-191.fc11.i586 ro rhgb quiet + initrd /initrd-20090722.img /initrd-kernel-2.6.29.5-191.fc11.i586.img /initrd-config.img + + initrd-20090722.img + the image provided by the initrd rpm + one old backup version is kept like with the kernel + + initrd-kernel-2.6.29.5-191.fc11.i586.img + the image provided by the kernel rpm + + initrd-config.img + optional image with local configuration files + +- dracut: add --kmoddir directory, where to look for kernel modules + + -k, --kmoddir [DIR] + specify the directory, where to look for kernel modules + + + +dracut-0.5 +========== +- more generic (all plymouth modules, all keyboards, all console fonts) +- more kernel command line parameters (see also man dracut(8)) +- a helper tool, which generates the kernel command line (dracut-gencmdline) +- bridged network boot +- a lot of new command line parameter + +dracut-0.4 +========== +- bugfixes +- firmware loading support +- new internal queue (initqueue) + initqueue now loops until /dev/root exists or root is mounted + + init now has the following points to inject scripts: + + /cmdline/*.sh + scripts for command line parsing + + /pre-udev/*.sh + scripts to run before udev is started + + /pre-trigger/*.sh + scripts to run before the main udev trigger is pulled + + /initqueue/*.sh + runs in parallel to the udev trigger + Udev events can add scripts here with /sbin/initqueue. + If /sbin/initqueue is called with the "--onetime" option, the script + will be removed after it was run. + If /initqueue/work is created and udev >= 143 then this loop can + process the jobs in parallel to the udevtrigger. + If the udev queue is empty and no root device is found or no root + filesystem was mounted, the user will be dropped to a shell after + a timeout. + Scripts can remove themselves from the initqueue by "rm $job". + + /pre-mount/*.sh + scripts to run before the root filesystem is mounted + NFS is an exception, because it has no device node to be created + and mounts in the udev events + + /mount/*.sh + scripts to mount the root filesystem + NFS is an exception, because it has no device node to be created + and mounts in the udev events + If the udev queue is empty and no root device is found or no root + filesystem was mounted, the user will be dropped to a shell after + a timeout. + + /pre-pivot/*.sh + scripts to run before the real init is executed and the initramfs + disappears + All processes started before should be killed here. + + The behaviour of the dmraid module demonstrates how to use the new + mechanism. If it detects a device which is part of a raidmember from a + udev rule, it installs a job to scan for dmraid devices, if the udev + queue is empty. After a scan, it removes itsself from the queue. + + + +dracut-0.3 +========== + +- first public version + diff --git a/README.md b/README.md new file mode 100644 index 0000000..c584e90 --- /dev/null +++ b/README.md @@ -0,0 +1,50 @@ +dracut +==== + +dracut is an event driven initramfs infrastructure. + +[](docs/CODE_OF_CONDUCT.md) + +dracut (the tool) is used to create an initramfs image by copying tools +and files from an installed system and combining it with the +dracut framework, usually found in /usr/lib/dracut/modules.d. + +Unlike other implementations, dracut hard-codes as little +as possible into the initramfs. The initramfs has +(basically) one purpose in life -- getting the rootfs mounted so that +we can transition to the real rootfs. This is all driven off of +device availability. Therefore, instead of scripts hard-coded to do +various things, we depend on udev to create device nodes for us and +then when we have the rootfs's device node, we mount and carry on. +This helps to keep the time required in the initramfs as little as +possible so that things like a 5 second boot aren't made impossible as +a result of the very existence of an initramfs. + +Most of the initramfs generation functionality in dracut is provided by a bunch +of generator modules that are sourced by the main dracut script to install +specific functionality into the initramfs. They live in the modules.d +subdirectory, and use functionality provided by dracut-functions to do their +work. + +Documentation: + - [Introduction](man/dracut.asc) + - [User Manual](man/dracut.usage.asc) + +Currently dracut is developed on [github.com](https://github.com/dracutdevs/dracut). + +The release tarballs are [here](https://github.com/dracutdevs/dracut/releases). + +Gitter (chat): + - https://gitter.im/dracutdevs/Lobby + +See [News](NEWS.md) for information about changes in the releases and +the [Wiki](https://github.com/dracutdevs/dracut/wiki) to share information. + +See the github issue tracker for things which still need to be done and [Hacking](docs/HACKING.md) +for some instructions on how to get started. There is also a mailing list +that is being used for the discussion -- initramfs@vger.kernel.org. +It is a typical vger list, send mail to majordomo@vger.kernel.org with body +of 'subscribe initramfs email@host.com' + + +Licensed under the GPLv2 diff --git a/configure b/configure new file mode 100755 index 0000000..91af417 --- /dev/null +++ b/configure @@ -0,0 +1,169 @@ +#!/bin/bash + +# We don't support srcdir != builddir +echo \#buildapi-variable-no-builddir > /dev/null + +prefix=/usr + +enable_documentation=yes +enable_dracut_cpio=no + +CC="${CC:-cc}" +PKG_CONFIG="${PKG_CONFIG:-pkg-config}" + +# Little helper function for reading args from the commandline. +# it automatically handles -a b and -a=b variants, and returns 1 if +# we need to shift $3. +read_arg() { + # $1 = arg name + # $2 = arg value + # $3 = arg parameter + local rematch='^[^=]*=(.*)$' + if [[ $2 =~ $rematch ]]; then + read -r "$1" <<< "${BASH_REMATCH[1]}" + else + read -r "$1" <<< "$3" + # There is no way to shift our callers args, so + # return 1 to indicate they should do it instead. + return 1 + fi + return 0 +} + +while (($# > 0)); do + case "${1%%=*}" in + --prefix) read_arg prefix "$@" || shift ;; + --libdir) read_arg libdir "$@" || shift ;; + --datadir) read_arg datadir "$@" || shift ;; + --sysconfdir) read_arg sysconfdir "$@" || shift ;; + --sbindir) read_arg sbindir "$@" || shift ;; + --mandir) read_arg mandir "$@" || shift ;; + --disable-documentation) enable_documentation=no ;; + --program-prefix) read_arg programprefix "$@" || shift ;; + --exec-prefix) read_arg execprefix "$@" || shift ;; + --bindir) read_arg bindir "$@" || shift ;; + --includedir) read_arg includedir "$@" || shift ;; + --libexecdir) read_arg libexecdir "$@" || shift ;; + --localstatedir) read_arg localstatedir "$@" || shift ;; + --sharedstatedir) read_arg sharedstatedir "$@" || shift ;; + --infodir) read_arg infodir "$@" || shift ;; + --systemdsystemunitdir) read_arg systemdsystemunitdir "$@" || shift ;; + --bashcompletiondir) read_arg bashcompletiondir "$@" || shift ;; + --enable-dracut-cpio) enable_dracut_cpio=yes ;; + *) echo "Ignoring unknown option '$1'" ;; + esac + shift +done + +if ! ${PKG_CONFIG} --exists --print-errors " libkmod >= 23 "; then + echo "dracut needs pkg-config and libkmod >= 23." >&2 + exit 1 +fi + +cat << EOF > conftest.c +#include <fts.h> +int main() { + return 0; +} +EOF + +# shellcheck disable=SC2086 +${CC} $CFLAGS $LDFLAGS conftest.c > /dev/null 2>&1 +ret=$? +rm -f conftest.c a.out + +# musl doesn't have fts.h included +if test $ret -ne 0; then + echo "dracut needs fts development files." >&2 + exit 1 +fi + +cat << EOF > conftest.c +#include <fts.h> +int main(void) { + fts_open(0, 0, 0); + return 0; +} +EOF + +found=no +for lib in "-lc" "-lfts"; do + # shellcheck disable=SC2086 + ${CC} $CFLAGS $LDFLAGS conftest.c -Wl,$lib > /dev/null 2>&1 + ret=$? + if test $ret -eq 0; then + FTS_LIBS="$lib" + found=yes + break + fi +done +rm -f conftest.c a.out + +if test $found = no; then + echo "dracut couldn't find usable fts library" >&2 + exit 1 +fi + +cat << EOF > conftest.c +#include <stdio.h> +#include <unistd.h> +#include <sys/syscall.h> + +#ifndef SYS_gettid +#error "SYS_gettid unavailable on this system" +#endif + +#define gettid() ((pid_t) syscall(SYS_gettid)) + +int main(void) { + return getpid() == gettid() ? 0 : -1; +} +EOF + +# shellcheck disable=SC2086 +${CC} $CFLAGS $LDFLAGS conftest.c > /dev/null 2>&1 +ret=$? +rm -f conftest.c a.out + +if test $ret -ne 0; then + echo "dracut needs SYS_gettid support." >&2 + exit 1 +fi + +if test "$enable_dracut_cpio" = "yes"; then + cargo --version > /dev/null + ret=$? + if test $ret -ne 0; then + echo "dracut couldn't find cargo for dracut-cpio build" + exit 1 + fi +fi + +cat > Makefile.inc.$$ << EOF +prefix ?= ${prefix} +libdir ?= ${libdir:-${prefix}/lib} +datadir ?= ${datadir:-${prefix}/share} +sysconfdir ?= ${sysconfdir:-${prefix}/etc} +sbindir ?= ${sbindir:-${prefix}/sbin} +mandir ?= ${mandir:-${prefix}/share/man} +enable_documentation ?= ${enable_documentation:-yes} +enable_dracut_cpio ?= ${enable_dracut_cpio} +bindir ?= ${bindir:-${prefix}/bin} +KMOD_CFLAGS ?= $(${PKG_CONFIG} --cflags " libkmod >= 23 ") +KMOD_LIBS ?= $(${PKG_CONFIG} --libs " libkmod >= 23 ") +FTS_LIBS ?= ${FTS_LIBS} +EOF + +{ + [[ $programprefix ]] && echo "programprefix ?= ${programprefix}" + [[ $execprefix ]] && echo "execprefix ?= ${execprefix}" + [[ $includedir ]] && echo "includedir ?= ${includedir}" + [[ $libexecdir ]] && echo "libexecdir ?= ${libexecdir}" + [[ $localstatedir ]] && echo "localstatedir ?= ${localstatedir}" + [[ $sharedstatedir ]] && echo "sharedstatedir ?= ${sharedstatedir}" + [[ $infodir ]] && echo "infodir ?= ${infodir}" + [[ $systemdsystemunitdir ]] && echo "systemdsystemunitdir ?= ${systemdsystemunitdir}" + [[ $bashcompletiondir ]] && echo "bashcompletiondir ?= ${bashcompletiondir}" +} >> Makefile.inc.$$ + +mv Makefile.inc.$$ Makefile.inc diff --git a/docs/BASH.md b/docs/BASH.md new file mode 100644 index 0000000..e72a2f6 --- /dev/null +++ b/docs/BASH.md @@ -0,0 +1,213 @@ +# BASH Notes + +## basename +Don't use `basename`, use: +```shell + file=${path##*/} +``` + +## dirname +Don't use `dirname`, use: +```shell + dir=${path%/*} +``` + +## shopt +If you set `shopt` in a function, reset to its default state with `trap`: +```shell +func() { + trap "$(shopt -p globstar)" RETURN + shopt -q -s globstar +} +``` + +## find, grep, print0, -0, -z + +Don't use `find` in `for` loops, because filenames can contain spaces. +Try to use `globstar` and `nullglob` or null byte terminated strings. + +Instead of: +```shell +func() { + for file in $(find /usr/lib* -type f -name 'lib*.a' -print0 ); do + echo $file + done +} +``` + +use: +```shell +func() { + trap "$(shopt -p nullglob globstar)" RETURN + shopt -q -s nullglob globstar + + for file in /usr/lib*/**/lib*.a; do + [[ -f $file ]] || continue + echo "$file" + done +} +``` + +Or collect the filenames in an array, if you need them more than once: +```shell +func() { + trap "$(shopt -p globstar)" RETURN + shopt -q -s globstar + + filenames=( /usr/lib*/**/lib*.a ) + + for file in "${filenames[@]}"; do + [[ -f $file ]] || continue + echo "$file" + done +} +``` + +Or, if you really want to use `find`, use `-print0` and an array: +```shell +func() { + mapfile -t -d '' filenames < <(find /usr/lib* -type f -name 'lib*.a' -print0) + for file in "${filenames[@]}"; do + echo "$file" + done +} +``` + +Note: `-d ''` is the same as `-d $'\0'` and sets the null byte as the delimiter. + +or: +```shell +func() { + find /usr/lib* -type f -name 'lib*.a' -print0 | while read -r -d '' file; do + echo "$file" + done +} +``` + +or +```shell +func() { + while read -r -d '' file; do + echo "$file" + done < <(find /usr/lib* -type f -name 'lib*.a' -print0) +} +``` + +Use the tool options for null terminated strings, like `-print0`, `-0`, `-z`, etc. + +## prefix or suffix array elements + +Instead of: +```shell +func() { + other-cmd $(for k in "$@"; do echo "prefix-$k"; done) +} +``` +do +```shell +func() { + other-cmd "${@/#/prefix-}" +} +``` + +or suffix: +```shell +func() { + other-cmd "${@/%/-suffix}" +} +``` + +## Join array elements with a separator char + +Here we have an associate array `_drivers`, where we want to print the keys separated by ',': +```shell + if [[ ${!_drivers[*]} ]]; then + echo "rd.driver.pre=$(IFS=, ;echo "${!_drivers[*]}")" > "${initdir}"/etc/cmdline.d/00-watchdog.conf + fi +``` + +## Optional parameters to commands + +If you want to call a command `cmd` with an option, if a variable is set, rather than doing: + +```shell +func() { + local param="$1" + + if [[ $param ]]; then + param="--this-special-option $param" + fi + + cmd $param +} +``` + +do it like this: + +```shell +func() { + local param="$1" + + cmd ${param:+--this-special-option "$param"} +} + +# cmd --this-special-option 'abc' +func 'abc' + +# cmd +func '' + +# cmd +func +``` + +If you want to specify the option even with an empty string do this: + +```shell +func() { + local -a special_params + + if [[ ${1+_} ]]; then + # only declare `param` if $1 is set (even as null string) + local param="$1" + fi + + # check if `param` is set (even as null string) + if [[ ${param+_} ]]; then + special_params=( --this-special-option "${param}" ) + fi + + cmd ${param+"${special_params[@]}"} +} + +# cmd --this-special-option 'abc' +func 'abc' + +# cmd --this-special-option '' +func '' + +# cmd +func +``` + +Or more simple, if you only have to set an option: +```shell +func() { + if [[ ${1+_} ]]; then + # only declare `param` if $1 is set (even as null string) + local param="$1" + fi + + cmd ${param+--this-special-option} +} + +# cmd --this-special-option +func 'abc' + +# cmd --this-special-option +func '' + +# cmd +func +``` + diff --git a/docs/CODE_OF_CONDUCT.md b/docs/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..b95bf65 --- /dev/null +++ b/docs/CODE_OF_CONDUCT.md @@ -0,0 +1,56 @@ +# Dracut Code of Conduct + +This code of conduct outlines our expectations for participants within the Dracut community, as well as steps for reporting unacceptable behavior. +We are committed to providing a welcoming and inspiring community for all and expect our code of conduct to be honored. +Anyone who violates this code of conduct may be banned from the community. + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience +* Focusing on what is best not just for us as individuals, but for the overall community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or advances of any kind +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others’ private information, such as a physical or email address, without their explicit permission +* Other conduct which could reasonably be considered inappropriate in a professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the project maintainer responsible for enforcement Harald Hoyer <harald@profian.com>. +All complaints will be reviewed and investigated promptly and fairly and will result in a response that is deemed necessary and appropriate to the circumstances. +Project maintainers are obligated to respect the privacy and security of the reporter of any incident. +Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.0, available at https://www.contributor-covenant.org/version/2/0/code_of_conduct.html + +[homepage]: https://www.contributor-covenant.org + +For answers to common questions about this code of conduct, see the FAQ at https://www.contributor-covenant.org/faq. +Translations are available at https://www.contributor-covenant.org/translations. diff --git a/docs/HACKING.md b/docs/HACKING.md new file mode 100644 index 0000000..6a19434 --- /dev/null +++ b/docs/HACKING.md @@ -0,0 +1,279 @@ +# Dracut Developer Guidelines + +Please make sure to follow our [Contribution Guidelines](../CONTRIBUTING.md). + +## git + +Currently dracut lives on github.com. + +* https://github.com/dracutdevs/dracut.git + +Pull requests should be filed preferably on github nowadays. + +### Code Format + +It is recommended, that you install a plugin for your editor, which reads in `.editorconfig`. +Additionally `emacs` and `vim` config files are provided for convenience. + +To reformat C files use `astyle`: +```console +$ astyle --options=.astylerc <FILE> +``` + +For convenience there is also a Makefile `indent-c` target `make indent-c`. + +To reformat shell files use `shfmt`: + +```console +$ shfmt_version=3.2.4 +$ wget "https://github.com/mvdan/sh/releases/download/v${shfmt_version}/shfmt_v${shfmt_version}_linux_amd64" -O shfmt +$ chmod u+x shfmt +$ ./shfmt -w -s . +``` + +or + +```console +$ GO111MODULE=on go get mvdan.cc/sh/v3/cmd/shfmt +$ $GOPATH/bin/shfmt -w -s . +``` + +or if `shfmt` is already in your `PATH`, use `make indent`. + +Some IDEs already have support for shfmt. + +For convenience the `make indent` Makefile target also calls shfmt, if it is in `$PATH`. + +### Commit Messages + +Commit messages should answer these questions: + +* What?: a short summary of what you changed in the subject line. +* Why?: what the intended outcome of the change is (arguably the most important piece of information that should go into a message). +* How?: if multiple approaches for achieving your goal were available, you also want to explain why you chose the used implementation strategy. + Note that you should not explain how your change achieves your goal in your commit message. + That should be obvious from the code itself. + If you cannot achieve that clarity with the used programming language, use comments within the code instead. + +The commit message is primarily the place for documenting the why. + +Commit message titles should follow [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/). + +Format is `<type>[optional scope]: <description>`, where `type` is one of: + +* fix: A bug fix +* feat: A new feature +* perf: A code change that improves performance +* refactor: A code change that neither fixes a bug nor adds a feature +* style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc) +* test: Adding missing tests or correcting existing tests +* docs: Documentation only changes +* revert: Reverts a previous commit +* chore: Other changes that don't modify src or test files +* build: Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm) +* ci: Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs) + +`scope` should be the module name (without numbers) or: + +* cli: for the dracut command line interface +* rt: for the dracut initramfs runtime logic +* functions: for general purpose dracut functions + +Commit messages are checked with [Commisery](https://github.com/tomtom-international/commisery). + +## Writing modules + +Some general rules for writing modules: + +* Use one of the inst family of functions to actually install files + on to the initramfs. They handle mangling the pathnames and (for binaries, + scripts, and kernel modules) installing dependencies as appropriate so + you do not have to. +* Scripts that end up on the initramfs should be POSIX compliant. dracut + will try to use /bin/dash as /bin/sh for the initramfs if it is available, + so you should install it on your system -- dash aims for strict POSIX + compliance to the extent possible. +* Hooks MUST be POSIX compliant -- they are sourced by the init script, + and having a bashism break your user's ability to boot really sucks. +* Generator modules should have a two digit numeric prefix -- they run in + ascending sort order. Anything in the 90-99 range is stuff that dracut + relies on, so try not to break those hooks. +* Hooks must have a .sh extension. +* Generator modules are described in more detail later on. +* We have some breakpoints for debugging your hooks. If you pass 'rdbreak' + as a kernel parameter, the initramfs will drop to a shell just before + switching to a new root. You can pass 'rdbreak=hookpoint', and the initramfs + will break just before hooks in that hookpoint run. + +Also, there is an attempt to keep things as distribution-agnostic as +possible. Every distribution has their own tool here and it's not +something which is really interesting to have separate across them. +So contributions to help decrease the distro-dependencies are welcome. + +Most of the functionality that dracut implements are actually implemented +by dracut modules. dracut modules live in modules.d, and have the following +structure: + +``` +dracut_install_dir/modules.d/ + 00modname/ + module-setup.sh + check + <other files as needed by the hook> +``` + +`00modname`: The name of the module prefixed by a two-digit numeric sort code. + The numeric code must be present and in the range of 00 - 99. + Modules with lower numbers are installed first. This is important + because the dracut install functions (which install files onto + the initrd) refuse to overwrite already installed files. This makes + it easy for an earlier module to override the functionality of a + later module, so that you can have a distro or system specific + module override or modify the functionality of a generic module + without having to patch the more generic module. + +`module-setup.sh`: + dracut sources this script to install the functionality that a + module implements onto the initrd. For the most part, this amounts + to copying files from the host system onto the initrd in a controlled + manner. + +`install()`: + This function of module-setup.sh is called to install all + non-kernel files. dracut supplies several install functions that are + specialized for different file types. Browse through dracut-functions + for more details. dracut also provides a $moddir variable if you + need to install a file from the module directory, such as an initrd + hook, a udev rule, or a specialized executable. + +`installkernel()`: + This function of module-setup.sh is called to install all + kernel related files. + + +`check()`: + dracut calls this function to check and see if a module can be installed + on the initrd. + + When called without options, check should check to make sure that + any files it needs to install into the initrd from the host system + are present. It should exit with a 0 if they are, and a 1 if they are + not. + + When called with $hostonly set, it should perform the same check + that it would without it set, and it should also check to see if the + functionality the module implements is being used on the host system. + For example, if this module handles installing support for LUKS + encrypted volumes, it should return 0 if all the tools to handle + encrypted volumes are available and the host system has the root + partition on an encrypted volume, 1 otherwise. + +`depends()`: + This function should output a list of dracut modules + that it relies upon. An example would be the nfs and iscsi modules, + which rely on the network module to detect and configure network + interfaces. + +Any other files in the module will not be touched by dracut directly. + +You are encouraged to provide a README that describes what the module is for. + + +### Hooks + +init has the following hook points to inject scripts: + +`/lib/dracut/hooks/cmdline/*.sh` + scripts for command line parsing + +`/lib/dracut/hooks/pre-udev/*.sh` + scripts to run before udev is started + +`/lib/dracut/hooks/pre-trigger/*.sh` + scripts to run before the main udev trigger is pulled + +`/lib/dracut/hooks/initqueue/*.sh` + runs in parallel to the udev trigger + Udev events can add scripts here with /sbin/initqueue. + If /sbin/initqueue is called with the "--onetime" option, the script + will be removed after it was run. + If /lib/dracut/hooks/initqueue/work is created and udev >= 143 then + this loop can process the jobs in parallel to the udevtrigger. + If the udev queue is empty and no root device is found or no root + filesystem was mounted, the user will be dropped to a shell after + a timeout. + Scripts can remove themselves from the initqueue by "rm $job". + +`/lib/dracut/hooks/pre-mount/*.sh` + scripts to run before the root filesystem is mounted + Network filesystems like NFS that do not use device files are an + exception. Root can be mounted already at this point. + +`/lib/dracut/hooks/mount/*.sh` + scripts to mount the root filesystem + If the udev queue is empty and no root device is found or no root + filesystem was mounted, the user will be dropped to a shell after + a timeout. + +`/lib/dracut/hooks/pre-pivot/*.sh` + scripts to run before latter initramfs cleanups + +`/lib/dracut/hooks/cleanup/*.sh` + scripts to run before the real init is executed and the initramfs + disappears + All processes started before should be killed here. + + +## Testsuite + +### Rootless in a container with podman + +```console +$ cd <DRACUT_SOURCE> +$ podman pull [CONTAINER] +$ podman run --rm -it \ + --cap-add=SYS_PTRACE --user 0 \ + -v /dev:/dev -v ./:/dracut:z \ + [CONTAINER] \ + bash -l +# cd /dracut +# ./configure +# make -j $(getconf _NPROCESSORS_ONLN) +# cd test +# make KVERSION="$(cd /lib/modules && ls -1 | tail -1)" V=1 SKIP="16 60 61" clean check +``` + +with `[CONTAINER]` being one of the +[github `dracutdevs` containers](https://github.com/orgs/dracutdevs/packages), +e.g. `ghcr.io/dracutdevs/fedora:latest`. + +### On bare metal + +For the testsuite to pass, you will have to install at least the software packages +mentioned in the `test/container` Dockerfiles. + +``` +$ sudo make clean check +``` + +in verbose mode: +``` +$ sudo make V=1 clean check +``` + +only specific test: +``` +$ sudo make TESTS="01 20 40" clean check +``` +only runs the 01, 20 and 40 tests. + +debug a specific test case: +``` +$ cd TEST-01-BASIC +$ sudo make clean setup run +``` +... change some kernel parameters in `test.sh` ... +``` +$ sudo make run +``` +to run the test without doing the setup. diff --git a/docs/README.cross b/docs/README.cross new file mode 100644 index 0000000..91aa5d0 --- /dev/null +++ b/docs/README.cross @@ -0,0 +1,48 @@ +Dracut supports running against a sysroot directory that is different +from the actual root (/) directory of the running system. It is most +useful for creating/bootstrapping a new system that may or may not be +using the same CPU architecture as the host system, i.e. building a +whole Linux system with a cross-compiler framework like Yocto. + +The user-visible frontend change is the introduction of a new option +called "-r" or "--sysroot". It expects a directory that contains the +complete Linux system that has all the files (kernel drivers, firmware, +executables, libraries and others) necessary to construct the initramfs. + +E.g: dracut --sysroot /path/to/sysroot initramfs.img kernelversion + +To support this, a new global variable was introduced inside dracut. +This variable is called "dracutsysrootdir" and all the files installed +into the initramfs image is searched relative to the sysroot directory. +This variable can also be set externally to dracut without using option +-r/--sysroot. + +There are other details that are necessary to tweak to be able to +run on cross-compiled (a.k.a. foreign) binaries. + +dracut uses these crucial utilities during its operation: + +ldd +=== +It lists dynamic library dependencies for executables or libraries + +ldconfig +======== +It creates /etc/ld.so.cache, i.e. the cached information about libraries +known to the system. + +These utilities the way they exist on the host system only work on +the host system. + +To support cross-compiled binaries, a different ldd variant is needed that +works on those binaries. One such ldd script is found at +https://gist.github.com/jerome-pouiller/c403786c1394f53f44a3b61214489e6f + +ldconfig in GLIBC as is does support a sysroot with its -r option. + +Extra environment variables needed to run dracut on the sysroot are +documented in the dracut(8) man page. + +For the Plymouth boot splash to be added to the initramfs image, +this gitlab PR is needed for Plymouth: +https://gitlab.freedesktop.org/plymouth/plymouth/merge_requests/72 diff --git a/docs/README.generic b/docs/README.generic new file mode 100644 index 0000000..58889ac --- /dev/null +++ b/docs/README.generic @@ -0,0 +1,13 @@ +To build a generic initramfs, you have to install the following software packages: + * device-mapper + * cryptsetup-luks + * rpcbind nfs-utils + * lvm2 + * iscsi-initiator-utils + * nbd + * mdadm + * net-tools iproute + +Generic initramfs'es are huge (usually over 10 megs in size uncompressed), but +should be able to automatically boot any bootable configuration with appropriate +boot flags (root device, network configuration information, etc.)
\ No newline at end of file diff --git a/docs/README.kernel b/docs/README.kernel new file mode 100644 index 0000000..69751eb --- /dev/null +++ b/docs/README.kernel @@ -0,0 +1,3 @@ +"dracut --kernel-only" is to build an initrd with only kernel modules and firmware files. +"dracut --kernel-only" only executes "installkernel" in the modules subdirectories. + diff --git a/docs/RELEASE.md b/docs/RELEASE.md new file mode 100644 index 0000000..b043484 --- /dev/null +++ b/docs/RELEASE.md @@ -0,0 +1,48 @@ +# Conducting A Successful Release + +This documents contains the necessary steps to conduct a successful release. + +1. Add all items to `NEWS.md` + + Get a first template with [`clog`](https://github.com/clog-tool/clog-cli) + ```console + $ clog -F -r https://github.com/dracutdevs/dracut + ``` + +2. Update the contributors list in NEWS.md + + Produce the list with: + ```console + $ make CONTRIBUTORS + ``` + + Append the list to the section in `NEWS.md` + +3. Update AUTHORS + + ```console + $ make AUTHORS + ``` + +4. Check in AUTHORS and NEWS.md + + ```console + $ git commit -m "docs: update NEWS.md and AUTHORS" NEWS.md AUTHORS + $ git push origin master + ``` + +5. Tag the release, validate the tag and push + + ```console + $ git tag -s 060 + $ git tag -v 060 + $ git push --tags + ``` + + Add the section from `NEWS.md` to the git tag message excluding the Rendered + view entry. + +6. Create a new release on github (https://github.com/dracutdevs/dracut/releases/new) + - Add the section from `NEWS.md` to the release. + +7. Open a new milestone, move all unfinished issue from the previous milestone to the new one and close the released milestone (https://github.com/dracutdevs/dracut/milestones) diff --git a/docs/SECURITY.md b/docs/SECURITY.md new file mode 100644 index 0000000..35c7689 --- /dev/null +++ b/docs/SECURITY.md @@ -0,0 +1,3 @@ +Security is very important to us. If you discover any issue regarding security, we'd appreciate a non-public disclosure of +the information, so please disclose the information responsibly by sending an email to Harald Hoyer <harald@profian.com> and not by creating a GitHub issue. +We will respond swiftly to fix verifiable security issues with the disclosure being coordinated with distributions and relevant security teams. diff --git a/docs/dracut.css b/docs/dracut.css new file mode 100644 index 0000000..357ede1 --- /dev/null +++ b/docs/dracut.css @@ -0,0 +1,1120 @@ +<?xml version="1.0"?> +<style> + +body, h1, h2, h3, h4, h5, h6, pre, li, div { + line-height: 1.29em; +} + +body { + background-color: white; + margin:0 auto; + font-family: "liberation sans", "Myriad ", "Bitstream Vera Sans", "Lucida Grande", "Luxi Sans", "Trebuchet MS", helvetica, verdana, arial, sans-serif; + font-size:12px; + max-width:55em; + color:black; +} + +/* desktop styles */ +body.desktop { + margin-left: 26em; +} + +body.desktop .book > .toc { + display:block; + width:24em; + height:99%; + position:fixed; + overflow:auto; + top:0px; + left:0px; + padding-left:1em; + background-color:#EEEEEE; +} + +.toc { + line-height:1.35em; +} + +.toc .glossary, +.toc .chapter, .toc .appendix { + margin-top:1em; +} + +.toc .part { + margin-top:1em; + display:block; +} + +span.glossary, +span.appendix { + display:block; + margin-top:0.5em; +} + +div { + padding-top:0px; +} + +div.section { + padding-top:1em; +} + +p, div.para, div.formalpara { + padding-top:0px; + margin-top:0.3em; + padding-bottom:0px; + margin-bottom:1em; +} + +/*Links*/ +a { + outline: none; +} + +a:link { + text-decoration:none; + border-bottom: 1px dotted ; + color:#3366cc; +} + +a:visited { + text-decoration:none; + border-bottom: 1px dotted ; + color:#003366; +} + +div.longdesc-link { + float:right; + color:#999; +} + +.toc a, .qandaset a { + font-weight:normal; +} + +/*headings*/ +h1, h2, h3, h4, h5, h6 { + color: #336699; + margin-top: 0em; + margin-bottom: 0em; + background-color: transparent; +} + +h1 { + font-size:2.0em; +} + +.titlepage h1.title { + font-size: 3.0em; + padding-top: 1em; + text-align:left; +} + +.book > .titlepage h1.title { + text-align:center; +} + +.article > .titlepage h1.title { + text-align:center; +} + +.set .titlepage > div > div > h1.title { + text-align:center; +} + +.producttitle { + margin-top: 0em; + margin-bottom: 0em; + font-size: 3.0em; + font-weight: bold; + color: white; + text-align: center; + padding: 0.7em; +} + +.titlepage .corpauthor { + margin-top: 1em; + text-align: center; +} + +.section h1.title { + font-size: 1.6em; + padding: 0em; + color: #336699; + text-align: left; + background: white; +} + +h2 { + font-size:1.6em; +} + + +h2.subtitle, h3.subtitle { + margin-top: 1em; + margin-bottom: 1em; + font-size: 1.4em; + text-align: center; +} + +.preface > div > div > div > h2.title { + margin-top: 1em; + font-size: 2.0em; +} + +.appendix h2 { + margin-top: 1em; + font-size: 2.0em; +} + + + +h3 { + font-size:1.3em; + padding-top:0em; + padding-bottom:0em; +} +h4 { + font-size:1.1em; + padding-top:0em; + padding-bottom:0em; +} + +h5 { + font-size:1em; +} + +h6 { + font-size:1em; +} + +h5.formalpara { + font-size:1em; + margin-top:2em; + margin-bottom:.8em; +} + +.abstract h6 { + margin-top:1em; + margin-bottom:.5em; + font-size:2em; +} + +/*element rules*/ +hr { + border-collapse: collapse; + border-style:none; + border-top: 1px dotted #ccc; + width:100%; + margin-top: 3em; +} + +/* web site rules */ +ul.languages, .languages li { + display:inline; + padding:0em; +} + +.languages li a { + padding:0em .5em; + text-decoration: none; +} + +.languages li p, .languages li div.para { + display:inline; +} + +.languages li a:link, .languages li a:visited { + color:#444; +} + +.languages li a:hover, .languages li a:focus, .languages li a:active { + color:black; +} + +ul.languages { + display:block; + background-color:#eee; + padding:.5em; +} + +/*supporting stylesheets*/ + +/*unique to the webpage only*/ +.books { + position:relative; +} + +.versions li { + width:100%; + clear:both; + display:block; +} + +a.version { + font-size:2em; + text-decoration:none; + width:100%; + display:block; + padding:1em 0em .2em 0em; + clear:both; +} + +a.version:before { + content:"Version"; + font-size:smaller; +} + +a.version:visited, a.version:link { + color:#666; +} + +a.version:focus, a.version:hover { + color:black; +} + +.books { + display:block; + position:relative; + clear:both; + width:100%; +} + +.books li { + display:block; + width:200px; + float:left; + position:relative; + clear: none ; +} + +.books .html { + width:170px; + display:block; +} + +.books .pdf { + position:absolute; + left:170px; + top:0px; + font-size:smaller; +} + +.books .pdf:link, .books .pdf:visited { + color:#555; +} + +.books .pdf:hover, .books .pdf:focus { + color:#000; +} + +.books li a { + text-decoration:none; +} + +.books li a:hover { + color:black; +} + +/*products*/ +.products li { + display: block; + width:300px; + float:left; +} + +.products li a { + width:300px; + padding:.5em 0em; +} + +.products ul { + clear:both; +} + +/*revision history*/ +.revhistory { + display:block; +} + +.revhistory table { + background-color:transparent; + border-color:#fff; + padding:0em; + margin: 0; + border-collapse:collapse; + border-style:none; +} + +.revhistory td { + text-align :left; + padding:0em; + border: none; + border-top: 1px solid #fff; + font-weight: bold; +} + +.revhistory .simplelist td { + font-weight: normal; +} + +.revhistory .simplelist { + margin-bottom: 1.5em; + margin-left: 1em; +} + +.revhistory table th { + display: none; +} + + +/*credits*/ +.authorgroup div { + clear:both; + text-align: center; +} + +h3.author { + margin: 0em; + padding: 0em; + padding-top: 1em; +} + +.authorgroup h4 { + padding: 0em; + margin: 0em; + padding-top: 1em; + margin-top: 1em; +} + +.author, +.editor, +.translator, +.othercredit, +.contrib { + display: block; +} + +.revhistory .author { + display: inline; +} + +.othercredit h3 { + padding-top: 1em; +} + + +.othercredit { + margin:0em; + padding:0em; +} + +.releaseinfo { + clear: both; +} + +.copyright { + margin-top: 1em; +} + +/* qanda sets */ +.answer { + margin-bottom:1em; + border-bottom:1px dotted #ccc; +} + +.qandaset .toc { + border-bottom:1px dotted #ccc; +} + +.question { + font-weight:bold; +} + +.answer .data, .question .data { + padding-left: 2.6em; +} + +.answer label, .question label { + float:left; + font-weight:bold; +} + + +/*Lists*/ +ul { + padding-left:1.6em; + list-style-type: circle; +} + +ul ul { + list-style-type: circle; +} + +ol { + list-style-image:none; + list-style-type: decimal; +} + +ol ol { + list-style-type: lower-alpha; +} + +ol.arabic { + list-style-type: decimal; +} + +ol.loweralpha { + list-style-type: lower-alpha; +} + +ol.lowerroman { + list-style-type: lower-roman; +} + +ol.upperalpha { + list-style-type: upper-alpha; +} + +ol.upperroman { + list-style-type: upper-roman; +} + +dt { + font-weight:bold; + margin-bottom:0em; + padding-bottom:0em; +} + +dd { + margin:0em; + margin-left:2em; + padding-top:0em; + padding-bottom: 1em; +} + +li { + padding-top:0px; + margin-top:0em; + padding-bottom:0px; + margin-bottom:0.4em; +} + +li p, li div.para { + padding-top:0px; + margin-top:0em; + padding-bottom:0px; + margin-bottom:0.3em; +} + +/*images*/ +img { + display:block; + margin: 2em 0; +} + +.inlinemediaobject, .inlinemediaobject img { + display:inline; + margin:0em; +} + +.figure img { + display:block; + margin:0; +} + +.figure .title { + margin:0em; + margin-bottom:2em; + padding:0px; +} + +/*document modes*/ +.confidential { + background-color:#900; + color:White; + padding:.5em .5em; + text-transform:uppercase; + text-align:center; +} + +.longdesc-link { + display:none; +} + +.longdesc { + display:none; +} + +.prompt { + padding:0em .3em; +} + +/*user interface styles*/ +.screen .replaceable { +} + +.guibutton, .guilabel { + font-family: "liberation mono", "bitstream vera mono", "dejavu mono", monospace; + font-weight: bold; + white-space: nowrap; +} + +.example { + background-color: #ffffff; + border-left: 3px solid #aaaaaa; + padding-top: 1em; + padding-bottom: 0.1em; +} + +.example h6 { + padding-left: 10px; +} + +.example-contents { + padding-left: 10px; + background-color: #ffffff; +} + +.example-contents .para { +/* padding: 10px;*/ +} + +/*terminal/console text*/ +.computeroutput, +.option { + font-family:"liberation mono", "bitstream vera mono", "dejavu mono", monospace; + font-weight:bold; +} + +.replaceable { + font-family:"liberation mono", "bitstream vera mono", "dejavu mono", monospace; + font-style: italic; +} + +.command, .filename, .keycap, .classname, .literal { + font-family:"liberation mono", "bitstream vera mono", "dejavu mono", monospace; + font-weight:bold; +} + +/* no bold in toc */ +.toc * { + font-weight: inherit; +} + +pre { + font-family:"liberation mono", "bitstream vera mono", "dejavu mono", monospace; + display:block; + background-color: #f5f5f5; + color: #000000; + border: 1px solid #aaaaaa; + margin-bottom: 0.3em; + padding:.5em 1em; + white-space: pre-wrap; /* css-3 */ + white-space: -moz-pre-wrap !important; /* Mozilla, since 1999 */ + white-space: -pre-wrap; /* Opera 4-6 */ + white-space: -o-pre-wrap; /* Opera 7 */ + word-wrap: break-word; /* Internet Explorer 5.5+ */ + font-size: 0.9em; +} + +pre .replaceable, +pre .keycap { +} + +code { + font-family:"liberation mono", "bitstream vera mono", "dejavu mono", monospace; + white-space: nowrap; + font-weight:bold; +} + +.parameter code { + display: inline; + white-space: pre-wrap; /* css-3 */ + white-space: -moz-pre-wrap !important; /* Mozilla, since 1999 */ + white-space: -pre-wrap; /* Opera 4-6 */ + white-space: -o-pre-wrap; /* Opera 7 */ + word-wrap: break-word; /* Internet Explorer 5.5+ */ +} + + +div.warning, div.note, div.important { + color: black; + margin: 0em; + padding: 0em; + background: none; + background-color: white; + margin-bottom: 1em; + padding-left: 1em; + border-left: 2px solid #aaaaaa; +} + +div.warning h2, div.note h2,div.important h2 { + margin: 0em; + padding: 0em; + color: #eeeeec; + padding-top: 0px; + padding-bottom: 0px; + height: 1.4em; + line-height: 1.4em; + font-size: 1.4em; + display:inline; +} + +div.admonition_header { + clear: both; + margin: 0em; + padding: 0em; + margin-top: -3.3em; + padding-left: 58px; + line-height: 1.0em; + font-size: 1.0em; +} + + +div.warning p, div.warning div.para, +div.note p, div.note div.para, +div.important p, div.important div.para { + padding: 0em; + margin: 0em; +} + +div.admonition { + border: none; + border-left: 1px solid #aaaaaa; + border-right: 1px solid #aaaaaa; + padding:0em; + margin:0em; + padding-top: 1.5em; + padding-bottom: 1em; + padding-left: 2em; + padding-right: 1em; + background-color: #eeeeec; + -moz-border-radius: 0px; + -webkit-border-radius: 0px; + border-radius: 0px; +} + +/*Page Title*/ +#title { + display:block; + height:45px; + padding-bottom:1em; + margin:0em; +} + +#title a.left{ + display:inline; + border:none; +} + +#title a.left img{ + border:none; + float:left; + margin:0em; + margin-top:.7em; +} + +#title a.right { + padding-bottom:1em; +} + +#title a.right img { + border:none; + float:right; + margin:0em; + margin-top:.7em; +} + +/*Table*/ +table { + border:1px solid #6c614b; + width:100%; + border-collapse:collapse; +} + +table.simplelist, .calloutlist table { + border-style: none; +} + +table th { + text-align:left; + background-color:#6699cc; + padding:.3em .5em; + color:white; +} + +table td { + padding:.15em .5em; +} + +table tr.even td { + background-color:#f5f5f5; +} + +table th p:first-child, table td p:first-child, table li p:first-child, +table th div.para:first-child, table td div.para:first-child, table li div.para:first-child { + margin-top:0em; + padding-top:0em; + display:inline; +} + +th, td { + border-style:none; + vertical-align: top; + border: 1px solid #000; +} + +.simplelist th, .simplelist td { + border: none; +} + +table table td { + border-bottom:1px dotted #aaa; + background-color:white; + padding:.6em 0em; +} + +table table { + border:1px solid white; +} + +td.remarkval { + color:#444; +} + +td.fieldval { + font-weight:bold; +} + +.lbname, .lbtype, .lbdescr, .lbdriver, .lbhost { + color:white; + font-weight:bold; + background-color:#999; + width:120px; +} + +td.remarkval { + width:230px; +} + +td.tname { + font-weight:bold; +} + +th.dbfield { + width:120px; +} + +th.dbtype { + width:70px; +} + +th.dbdefault { + width:70px; +} + +th.dbnul { + width:70px; +} + +th.dbkey { + width:70px; +} + +span.book { + margin-top:4em; + display:block; +} + +span.chapter { + display:block; + margin-top:0.5em; +} + +table.simplelist td, .calloutlist table td { + border-style: none; +} + +/*Breadcrumbs*/ +#breadcrumbs ul li.first:before { + content:" "; +} + +#breadcrumbs { + color:#900; + padding:3px; + margin-bottom:25px; +} + +#breadcrumbs ul { + margin-left:0; + padding-left:0; + display:inline; + border:none; +} + +#breadcrumbs ul li { + margin-left:0; + padding-left:2px; + border:none; + list-style:none; + display:inline; +} + +#breadcrumbs ul li:before { + content:"\0020 \0020 \0020 \00BB \0020"; + color:#333; +} + +/*index*/ +.glossary h3, +.index h3 { + font-size: 2em; + color:#aaa; + margin:0em; +} + +.indexdiv { + margin-bottom:1em; +} + +.glossary dt, +.index dt { + color:#444; + padding-top:.5em; +} + +.glossary dl dl dt, +.index dl dl dt { + color:#777; + font-weight:normal; + padding-top:0em; +} + +.index dl dl dt:before { + content:"- "; + color:#ccc; +} + +/*changes*/ +.footnote { + font-size: .7em; + margin:0em; + color:#222; +} + +table .footnote { +} + +sup { + color:#999; + margin:0em; + padding:0em; + line-height: .4em; + font-size: 1em; + padding-left:0em; +} + +.footnote { + position:relative; +} + +.footnote sup { + color:#e3dcc0; + position:absolute; + left: .4em; +} + +.footnote sup a:link, +.footnote sup a:visited { + color:#92917d; + text-decoration:none; +} + +.footnote:hover sup a { + text-decoration:none; +} + +.footnote p,.footnote div.para { + padding-left:2em; +} + +.footnote a:link, +.footnote a:visited { + color:#00537c; +} + +.footnote a:hover { +} + +/**/ +div.chapter { + margin-top:3em; +} + +div.section { + margin-top:1em; +} + +div.note .replaceable, +div.important .replaceable, +div.warning .replaceable, +div.note .keycap, +div.important .keycap, +div.warning .keycap +{ +} + +ul li p:last-child, ul li div.para:last-child { + margin-bottom:0em; + padding-bottom:0em; +} + + +/* Dirty EVIL Mozilla hack for round corners */ +pre { + -moz-border-radius:11px; + -webkit-border-radius:11px; + border-radius: 11px; +} + +.example { + -moz-border-radius:0px; + -webkit-border-radius:0px; + border-radius: 0px; +} + +.package, .citetitle { + font-style: italic; +} + +.titlepage .edition { + color: #336699; + background-color: transparent; + margin-top: 1em; + margin-bottom: 1em; + font-size: 1.4em; + font-weight: bold; + text-align: center; +} + +span.remark { + background-color: #ff00ff; +} + +.foreignphrase { + font-style: inherit; +} + +dt { + clear:both; +} + +dt img { + border-style: none; + max-width: 112px; +} + +dt object { + max-width: 112px; +} + +dt .inlinemediaobject, dt object { + display: inline; + float: left; + margin-bottom: 1em; + padding-right: 1em; + width: 112px; +} + +dl:after { + display: block; + clear: both; + content: ""; +} + +.toc dd { + padding-bottom: 0em; + margin-bottom: 1em; + padding-left: 1.3em; + margin-left: 0em; +} + +div.toc > dl > dt { + padding-bottom: 0em; + margin-bottom: 0em; + margin-top: 1em; +} + + +.strikethrough { + text-decoration: line-through; +} + +.underline { + text-decoration: underline; +} + +.calloutlist img, .callout { + padding: 0em; + margin: 0em; + width: 12pt; + display: inline; + vertical-align: middle; +} + +.stepalternatives { + list-style-image: none; + list-style-type: none; +} + + +a:link { + color:#0066cc; +} + +a:hover, a:active { + color:#003366; +} + +a:visited { + color:#6699cc; +} + + +h1 { + color:#3c6eb4 +} + +.section h1.title { + color:#3c6eb4; +} + + +h2,h3,h4,h5,h6 { + color:#3c6eb4; +} + +table { + border:1px solid #3c6eb4; +} + +table th { + background-color:#3c6eb4; +} + + +table tr.even td { + background-color:#f5f5f5; +} + +.revhistory table th { + color:#3c6eb4; +} + +.titlepage .edition { + color: #3c6eb4; +} + +</style>
\ No newline at end of file diff --git a/docs/dracut.png b/docs/dracut.png Binary files differnew file mode 100644 index 0000000..0d9265e --- /dev/null +++ b/docs/dracut.png diff --git a/docs/dracut.svg b/docs/dracut.svg new file mode 100644 index 0000000..8025d49 --- /dev/null +++ b/docs/dracut.svg @@ -0,0 +1,1701 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + version="1.0" + width="85.316391" + height="65.840691" + id="svg2963" + inkscape:version="0.48.0 r9654" + sodipodi:docname="dracut.svg"> + <metadata + id="metadata98"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title /> + </cc:Work> + </rdf:RDF> + </metadata> + <sodipodi:namedview + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1" + objecttolerance="10" + gridtolerance="10" + guidetolerance="10" + inkscape:pageopacity="0" + inkscape:pageshadow="2" + inkscape:window-width="1600" + inkscape:window-height="1125" + id="namedview96" + showgrid="false" + inkscape:zoom="4.3457604" + inkscape:cx="29.014935" + inkscape:cy="10.744263" + inkscape:window-x="0" + inkscape:window-y="25" + inkscape:window-maximized="1" + inkscape:current-layer="svg2963" + fit-margin-top="4" + fit-margin-left="4" + fit-margin-right="4" + fit-margin-bottom="4" /> + <defs + id="defs3"> + <radialGradient + cx="605.71429" + cy="486.64789" + r="117.14286" + fx="605.71429" + fy="486.64789" + id="radialGradient6719" + xlink:href="#linearGradient5060" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(-2.774389,0,0,1.969706,112.7623,-872.8854)" /> + <linearGradient + id="linearGradient5060"> + <stop + style="stop-color:#000000;stop-opacity:1" + offset="0" + id="stop5062" /> + <stop + style="stop-color:#000000;stop-opacity:0" + offset="1" + id="stop5064" /> + </linearGradient> + <radialGradient + cx="605.71429" + cy="486.64789" + r="117.14286" + fx="605.71429" + fy="486.64789" + id="radialGradient6717" + xlink:href="#linearGradient5060" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(2.774389,0,0,1.969706,-1891.633,-872.8854)" /> + <linearGradient + id="linearGradient5048"> + <stop + style="stop-color:#000000;stop-opacity:0" + offset="0" + id="stop5050" /> + <stop + style="stop-color:#000000;stop-opacity:1" + offset="0.5" + id="stop5056" /> + <stop + style="stop-color:#000000;stop-opacity:0" + offset="1" + id="stop5052" /> + </linearGradient> + <linearGradient + x1="302.85715" + y1="366.64789" + x2="302.85715" + y2="609.50507" + id="linearGradient6715" + xlink:href="#linearGradient5048" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(2.774389,0,0,1.969706,-1892.179,-872.8854)" /> + <linearGradient + id="linearGradient4995"> + <stop + style="stop-color:#de9523;stop-opacity:1" + offset="0" + id="stop4997" /> + <stop + style="stop-color:#a36d18;stop-opacity:1" + offset="1" + id="stop4999" /> + </linearGradient> + <linearGradient + id="linearGradient4987"> + <stop + style="stop-color:#a0670c;stop-opacity:1" + offset="0" + id="stop4989" /> + <stop + style="stop-color:#a0670c;stop-opacity:0" + offset="1" + id="stop4991" /> + </linearGradient> + <linearGradient + id="linearGradient4979"> + <stop + style="stop-color:#fbf0e0;stop-opacity:1" + offset="0" + id="stop4981" /> + <stop + style="stop-color:#f0ce99;stop-opacity:1" + offset="1" + id="stop4983" /> + </linearGradient> + <linearGradient + id="linearGradient4222"> + <stop + style="stop-color:#ffffff;stop-opacity:1" + offset="0" + id="stop4224" /> + <stop + style="stop-color:#ffffff;stop-opacity:0.68639052" + offset="1" + id="stop4226" /> + </linearGradient> + <linearGradient + id="linearGradient4210"> + <stop + style="stop-color:#eaba6f;stop-opacity:1" + offset="0" + id="stop4212" /> + <stop + style="stop-color:#b97a1b;stop-opacity:1" + offset="1" + id="stop4214" /> + </linearGradient> + <linearGradient + id="linearGradient4192"> + <stop + style="stop-color:#e9b96e;stop-opacity:1" + offset="0" + id="stop4194" /> + <stop + style="stop-color:#f1d19e;stop-opacity:1" + offset="1" + id="stop4196" /> + </linearGradient> + <linearGradient + id="linearGradient4182"> + <stop + style="stop-color:#a36d18;stop-opacity:1" + offset="0" + id="stop4184" /> + <stop + style="stop-color:#d79020;stop-opacity:1" + offset="1" + id="stop4186" /> + </linearGradient> + <linearGradient + x1="30.062469" + y1="13.444801" + x2="17.696169" + y2="12.333632" + id="linearGradient2269" + xlink:href="#linearGradient4979" + gradientUnits="userSpaceOnUse" /> + <linearGradient + x1="36.288929" + y1="14.661557" + x2="47.065834" + y2="15.267649" + id="linearGradient2274" + xlink:href="#linearGradient4995" + gradientUnits="userSpaceOnUse" /> + <linearGradient + x1="25.381256" + y1="24.720648" + x2="24.119167" + y2="16.17037" + id="linearGradient2277" + xlink:href="#linearGradient4192" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,0.986355,0,0.316638)" /> + <linearGradient + x1="16.148972" + y1="12.636667" + x2="34.193642" + y2="12.636667" + id="linearGradient2280" + xlink:href="#linearGradient4182" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,1.039184,0,-0.04057054)" /> + <linearGradient + x1="21.906841" + y1="9.7577486" + x2="22.071806" + y2="16.020695" + id="linearGradient2282" + xlink:href="#linearGradient4987" + gradientUnits="userSpaceOnUse" /> + <linearGradient + x1="18.706615" + y1="19.912336" + x2="30.014812" + y2="47.388485" + id="linearGradient2285" + xlink:href="#linearGradient4222" + gradientUnits="userSpaceOnUse" /> + <linearGradient + x1="24.990499" + y1="34.004856" + x2="24.990499" + y2="22.585211" + id="linearGradient2288" + xlink:href="#linearGradient4210" + gradientUnits="userSpaceOnUse" /> + <linearGradient + x1="27.366341" + y1="26.580296" + x2="31.335964" + y2="30.557772" + id="linearGradient2852" + xlink:href="#linearGradient2846" + gradientUnits="userSpaceOnUse" /> + <radialGradient + cx="24.130018" + cy="37.967922" + r="16.528622" + fx="24.130018" + fy="37.967922" + id="radialGradient2842" + xlink:href="#linearGradient4477" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,0.237968,0,28.93278)" /> + <linearGradient + x1="18.292673" + y1="13.602121" + x2="17.500893" + y2="25.743469" + id="linearGradient2372" + xlink:href="#linearGradient2366" + gradientUnits="userSpaceOnUse" /> + <radialGradient + cx="24.130018" + cy="37.967922" + r="16.528622" + fx="24.130018" + fy="37.967922" + id="radialGradient4493" + xlink:href="#linearGradient4487" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,0.237968,0,28.93278)" /> + <radialGradient + cx="15.414371" + cy="13.078408" + r="6.65625" + fx="15.414371" + fy="13.078408" + id="radialGradient4473" + xlink:href="#linearGradient4467" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(2.592963,0,0,2.252104,-25.05975,-18.941)" /> + <radialGradient + cx="18.240929" + cy="21.817987" + r="8.3085051" + fx="18.240929" + fy="21.817987" + id="radialGradient4460" + xlink:href="#linearGradient4454" + gradientUnits="userSpaceOnUse" /> + <linearGradient + x1="30.65625" + y1="34" + x2="33.21875" + y2="31.0625" + id="linearGradient4446" + xlink:href="#linearGradient4440" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.334593,0,0,1.291292,-6.973842,-7.460658)" /> + <linearGradient + id="linearGradient4440"> + <stop + style="stop-color:#7d7d7d;stop-opacity:1" + offset="0" + id="stop4442" /> + <stop + style="stop-color:#b1b1b1;stop-opacity:1" + offset="0.5" + id="stop4448" /> + <stop + style="stop-color:#686868;stop-opacity:1" + offset="1" + id="stop4444" /> + </linearGradient> + <linearGradient + id="linearGradient4454"> + <stop + style="stop-color:#729fcf;stop-opacity:0.20784314" + offset="0" + id="stop4456" /> + <stop + style="stop-color:#729fcf;stop-opacity:0.6761905" + offset="1" + id="stop4458" /> + </linearGradient> + <linearGradient + id="linearGradient4467"> + <stop + style="stop-color:#ffffff;stop-opacity:1" + offset="0" + id="stop4469" /> + <stop + style="stop-color:#ffffff;stop-opacity:0.24761905" + offset="1" + id="stop4471" /> + </linearGradient> + <linearGradient + id="linearGradient4477"> + <stop + style="stop-color:#000000;stop-opacity:1" + offset="0" + id="stop4479" /> + <stop + style="stop-color:#000000;stop-opacity:0" + offset="1" + id="stop4481" /> + </linearGradient> + <linearGradient + id="linearGradient4487"> + <stop + style="stop-color:#ffffff;stop-opacity:1" + offset="0" + id="stop4489" /> + <stop + style="stop-color:#ffffff;stop-opacity:0" + offset="1" + id="stop4491" /> + </linearGradient> + <linearGradient + id="linearGradient2366"> + <stop + style="stop-color:#ffffff;stop-opacity:1" + offset="0" + id="stop2368" /> + <stop + style="stop-color:#ffffff;stop-opacity:0.21904762" + offset="0.5" + id="stop2374" /> + <stop + style="stop-color:#ffffff;stop-opacity:1" + offset="1" + id="stop2370" /> + </linearGradient> + <linearGradient + id="linearGradient2846"> + <stop + style="stop-color:#8a8a8a;stop-opacity:1" + offset="0" + id="stop2848" /> + <stop + style="stop-color:#484848;stop-opacity:1" + offset="1" + id="stop2850" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2064" + id="linearGradient5790" + gradientUnits="userSpaceOnUse" + x1="18.048874" + y1="25.461344" + x2="22.211937" + y2="12.143078" + gradientTransform="matrix(0.940224,0,0,0.931632,1.331811,5.401537)" /> + <linearGradient + id="linearGradient2064"> + <stop + id="stop2066" + offset="0" + style="stop-color:white;stop-opacity:1;" /> + <stop + style="stop-color:#555753;stop-opacity:0.60000002;" + offset="0.5" + id="stop2070" /> + <stop + id="stop2068" + offset="1" + style="stop-color:#555753;stop-opacity:0;" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient8631" + id="linearGradient5865" + x1="24" + y1="36.638382" + x2="25.818018" + y2="6.8314762" + gradientUnits="userSpaceOnUse" /> + <linearGradient + id="linearGradient8631"> + <stop + id="stop8633" + offset="0" + style="stop-color:#eeeeec;stop-opacity:1" /> + <stop + style="stop-color:#eeeeec;stop-opacity:1;" + offset="0.2" + id="stop8637" /> + <stop + id="stop8635" + offset="1" + style="stop-color:#babdb6;stop-opacity:1" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient5690" + id="linearGradient8603" + x1="20.304037" + y1="24.035707" + x2="18.498415" + y2="40.647167" + gradientUnits="userSpaceOnUse" /> + <linearGradient + id="linearGradient5690"> + <stop + style="stop-color:white;stop-opacity:1;" + offset="0" + id="stop5692" /> + <stop + style="stop-color:#888a85;stop-opacity:0.59848487" + offset="1" + id="stop5694" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient8625" + id="radialGradient8676" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.4792061" + cy="30.36071" + fx="7.4792061" + fy="30.36071" + r="0.53125" /> + <linearGradient + id="linearGradient8625"> + <stop + id="stop8627" + offset="0" + style="stop-color:white;stop-opacity:1" /> + <stop + id="stop8629" + offset="1" + style="stop-color:#babdb6;stop-opacity:1" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient8613" + id="radialGradient8678" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.5177727" + cy="30.573555" + fx="7.5177727" + fy="30.573555" + r="0.53125" /> + <linearGradient + id="linearGradient8613"> + <stop + style="stop-color:#babdb6;stop-opacity:1" + offset="0" + id="stop8615" /> + <stop + style="stop-color:#2e3436;stop-opacity:1" + offset="1" + id="stop8617" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient9641" + id="radialGradient8680" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.4893188" + cy="30.337601" + fx="7.4893188" + fy="30.337601" + r="0.53125" /> + <linearGradient + id="linearGradient9641"> + <stop + style="stop-color:white;stop-opacity:1" + offset="0" + id="stop9643" /> + <stop + style="stop-color:#888a85;stop-opacity:1" + offset="1" + id="stop9645" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient8613" + id="radialGradient8682" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.5177727" + cy="30.573555" + fx="7.5177727" + fy="30.573555" + r="0.53125" /> + <linearGradient + id="linearGradient3375"> + <stop + style="stop-color:#babdb6;stop-opacity:1" + offset="0" + id="stop3377" /> + <stop + style="stop-color:#2e3436;stop-opacity:1" + offset="1" + id="stop3379" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient8710" + id="linearGradient9649" + gradientUnits="userSpaceOnUse" + x1="40.617188" + y1="30.554688" + x2="40.710938" + y2="30.359375" + gradientTransform="matrix(0.866025,-0.5,0.5,0.866025,-38.79233,11.403385)" /> + <linearGradient + id="linearGradient8710"> + <stop + style="stop-color:black;stop-opacity:1;" + offset="0" + id="stop8712" /> + <stop + style="stop-color:white;stop-opacity:1;" + offset="1" + id="stop8714" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient8710" + id="linearGradient9654" + gradientUnits="userSpaceOnUse" + x1="40.617188" + y1="30.554688" + x2="40.710938" + y2="30.359375" + gradientTransform="matrix(0.707107,0.527555,-0.707107,0.527555,29.0058,-20.09196)" /> + <linearGradient + id="linearGradient3386"> + <stop + style="stop-color:black;stop-opacity:1;" + offset="0" + id="stop3388" /> + <stop + style="stop-color:white;stop-opacity:1;" + offset="1" + id="stop3390" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2899-4" + id="linearGradient5655-6" + gradientUnits="userSpaceOnUse" + x1="53.812813" + y1="43.573235" + x2="-2.8138931" + y2="35.500015" + gradientTransform="translate(0,50)" /> + <linearGradient + id="linearGradient2899-4"> + <stop + id="stop2901-1" + offset="0" + style="stop-color:#555753;stop-opacity:1" /> + <stop + id="stop2903-2" + offset="1" + style="stop-color:#2e3436;stop-opacity:1" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2967-8" + id="linearGradient2973-8" + x1="12.5" + y1="43.1875" + x2="12.5" + y2="34.045513" + gradientUnits="userSpaceOnUse" /> + <linearGradient + inkscape:collect="always" + id="linearGradient2967-8"> + <stop + style="stop-color:white;stop-opacity:1;" + offset="0" + id="stop2969-9" /> + <stop + style="stop-color:white;stop-opacity:0;" + offset="1" + id="stop2971-2" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2909-8" + id="linearGradient4711-8" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,1.42294,10.5,-14.95703)" + x1="15.335379" + y1="33.06237" + x2="20.329321" + y2="36.37693" /> + <linearGradient + id="linearGradient2909-8"> + <stop + style="stop-color:white;stop-opacity:0;" + offset="0" + id="stop2911-8" /> + <stop + id="stop2917-6" + offset="0.5" + style="stop-color:white;stop-opacity:1;" /> + <stop + style="stop-color:white;stop-opacity:0;" + offset="1" + id="stop2913-8" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2909-8" + id="linearGradient4713-3" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,1.42294,-0.875,-15.04578)" + x1="15.335379" + y1="33.06237" + x2="20.329321" + y2="36.37693" /> + <linearGradient + id="linearGradient3406"> + <stop + style="stop-color:white;stop-opacity:0;" + offset="0" + id="stop3408" /> + <stop + id="stop3410" + offset="0.5" + style="stop-color:white;stop-opacity:1;" /> + <stop + style="stop-color:white;stop-opacity:0;" + offset="1" + id="stop3412" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2909-8" + id="linearGradient3845" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(0.459833,0,-0.391165,1.370105,40.62503,-13.29892)" + x1="15.335379" + y1="33.06237" + x2="20.329321" + y2="36.37693" /> + <linearGradient + id="linearGradient3415"> + <stop + style="stop-color:white;stop-opacity:0;" + offset="0" + id="stop3417" /> + <stop + id="stop3419" + offset="0.5" + style="stop-color:white;stop-opacity:1;" /> + <stop + style="stop-color:white;stop-opacity:0;" + offset="1" + id="stop3421" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient5740-4" + id="radialGradient5748-9" + cx="25.251999" + cy="16.47991" + fx="25.251999" + fy="16.47991" + r="21.980215" + gradientTransform="matrix(1.032991,-0.596398,0.575121,0.99614,-11.609134,6.2008493)" + gradientUnits="userSpaceOnUse" /> + <linearGradient + id="linearGradient5740-4"> + <stop + style="stop-color:#d0d0cb;stop-opacity:1;" + offset="0" + id="stop5742-2" /> + <stop + style="stop-color:#babdb6;stop-opacity:1" + offset="1" + id="stop5744-2" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2839-7" + id="linearGradient7658-1" + gradientUnits="userSpaceOnUse" + x1="27.057796" + y1="12.669416" + x2="32.042896" + y2="31.219666" /> + <linearGradient + id="linearGradient2839-7"> + <stop + style="stop-color:white;stop-opacity:0.25773194;" + offset="0" + id="stop2841-4" /> + <stop + id="stop2847-3" + offset="0.5472973" + style="stop-color:white;stop-opacity:1;" /> + <stop + style="stop-color:white;stop-opacity:0.24705882;" + offset="0.66243607" + id="stop2849-1" /> + <stop + id="stop2851-4" + offset="0.875" + style="stop-color:white;stop-opacity:0.83505154;" /> + <stop + style="stop-color:white;stop-opacity:0;" + offset="1" + id="stop2843-6" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient9613-9" + id="radialGradient8623-2" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.389748,0,0,1.348872,-2.91982,-10.63815)" + cx="7.5191436" + cy="30.304251" + fx="7.5191436" + fy="30.304251" + r="0.53125" /> + <linearGradient + id="linearGradient9613-9"> + <stop + style="stop-color:white;stop-opacity:1" + offset="0" + id="stop9615-4" /> + <stop + id="stop9619-3" + offset="0.5" + style="stop-color:white;stop-opacity:1;" /> + <stop + style="stop-color:#cccfca;stop-opacity:1" + offset="1" + id="stop9617-5" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2064-6" + id="linearGradient5790-3" + gradientUnits="userSpaceOnUse" + x1="18.048874" + y1="25.461344" + x2="22.211937" + y2="12.143078" + gradientTransform="matrix(0.940224,0,0,0.931632,1.957236,-3.9520937)" /> + <linearGradient + id="linearGradient2064-6"> + <stop + id="stop2066-0" + offset="0" + style="stop-color:white;stop-opacity:1;" /> + <stop + style="stop-color:#555753;stop-opacity:0.60000002;" + offset="0.5" + id="stop2070-5" /> + <stop + id="stop2068-0" + offset="1" + style="stop-color:#555753;stop-opacity:0;" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient3468-4" + id="linearGradient3474-4" + x1="24.748737" + y1="35.354588" + x2="24.998737" + y2="14.997767" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,0.995556,0.625425,-9.284744)" /> + <linearGradient + id="linearGradient3468-4"> + <stop + style="stop-color:#fdfdfc;stop-opacity:1" + offset="0" + id="stop3470-9" /> + <stop + style="stop-color:white;stop-opacity:0.37121212" + offset="1" + id="stop3472-9" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient8631-9" + id="linearGradient5865-1" + x1="24" + y1="36.638382" + x2="25.818018" + y2="6.8314762" + gradientUnits="userSpaceOnUse" /> + <linearGradient + id="linearGradient8631-9"> + <stop + id="stop8633-6" + offset="0" + style="stop-color:#eeeeec;stop-opacity:1" /> + <stop + style="stop-color:#eeeeec;stop-opacity:1;" + offset="0.2" + id="stop8637-2" /> + <stop + id="stop8635-5" + offset="1" + style="stop-color:#babdb6;stop-opacity:1" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient5690-4" + id="linearGradient8603-0" + x1="20.304037" + y1="24.035707" + x2="18.498415" + y2="40.647167" + gradientUnits="userSpaceOnUse" /> + <linearGradient + id="linearGradient5690-4"> + <stop + style="stop-color:white;stop-opacity:1;" + offset="0" + id="stop5692-0" /> + <stop + style="stop-color:#888a85;stop-opacity:0.59848487" + offset="1" + id="stop5694-9" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient8613-9" + id="radialGradient8619-8" + cx="7.5177727" + cy="30.573555" + fx="7.5177727" + fy="30.573555" + r="0.53125" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + gradientUnits="userSpaceOnUse" /> + <linearGradient + id="linearGradient8613-9"> + <stop + style="stop-color:#babdb6;stop-opacity:1" + offset="0" + id="stop8615-6" /> + <stop + style="stop-color:#2e3436;stop-opacity:1" + offset="1" + id="stop8617-1" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient9633-2" + id="radialGradient8664-0" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.569487,0,0,1.523325,-4.288627,-15.92107)" + cx="7.5336008" + cy="30.307562" + fx="7.5336008" + fy="30.307562" + r="0.53125" /> + <linearGradient + id="linearGradient9633-2"> + <stop + style="stop-color:#eeeeec;stop-opacity:1" + offset="0" + id="stop9635-8" /> + <stop + style="stop-color:#888a85;stop-opacity:1" + offset="1" + id="stop9639-3" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient8613-9" + id="radialGradient8666-9" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.5177727" + cy="30.573555" + fx="7.5177727" + fy="30.573555" + r="0.53125" /> + <linearGradient + id="linearGradient3466"> + <stop + style="stop-color:#babdb6;stop-opacity:1" + offset="0" + id="stop3468" /> + <stop + style="stop-color:#2e3436;stop-opacity:1" + offset="1" + id="stop3470" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient8625-5" + id="radialGradient3847" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.4792061" + cy="30.36071" + fx="7.4792061" + fy="30.36071" + r="0.53125" /> + <linearGradient + id="linearGradient8625-5"> + <stop + id="stop8627-5" + offset="0" + style="stop-color:white;stop-opacity:1" /> + <stop + id="stop8629-2" + offset="1" + style="stop-color:#babdb6;stop-opacity:1" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient8613-9" + id="radialGradient8678-2" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.5177727" + cy="30.573555" + fx="7.5177727" + fy="30.573555" + r="0.53125" /> + <linearGradient + id="linearGradient3477"> + <stop + style="stop-color:#babdb6;stop-opacity:1" + offset="0" + id="stop3479" /> + <stop + style="stop-color:#2e3436;stop-opacity:1" + offset="1" + id="stop3481" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient9641-4" + id="radialGradient8680-0" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.4893188" + cy="30.337601" + fx="7.4893188" + fy="30.337601" + r="0.53125" /> + <linearGradient + id="linearGradient9641-4"> + <stop + style="stop-color:white;stop-opacity:1" + offset="0" + id="stop9643-2" /> + <stop + style="stop-color:#888a85;stop-opacity:1" + offset="1" + id="stop9645-2" /> + </linearGradient> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient8613-9" + id="radialGradient8682-2" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.662477,0,0,1.61358,-4.989175,-18.65647)" + cx="7.5177727" + cy="30.573555" + fx="7.5177727" + fy="30.573555" + r="0.53125" /> + <linearGradient + id="linearGradient3488"> + <stop + style="stop-color:#babdb6;stop-opacity:1" + offset="0" + id="stop3490" /> + <stop + style="stop-color:#2e3436;stop-opacity:1" + offset="1" + id="stop3492" /> + </linearGradient> + <linearGradient + gradientTransform="translate(0.625425,-5.3536307)" + inkscape:collect="always" + xlink:href="#linearGradient8710-7" + id="linearGradient8716-4" + x1="40.617188" + y1="30.554688" + x2="40.710938" + y2="30.359375" + gradientUnits="userSpaceOnUse" /> + <linearGradient + id="linearGradient8710-7"> + <stop + style="stop-color:black;stop-opacity:1;" + offset="0" + id="stop8712-0" /> + <stop + style="stop-color:white;stop-opacity:1;" + offset="1" + id="stop8714-4" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient8710-7" + id="linearGradient9605-0" + gradientUnits="userSpaceOnUse" + x1="40.617188" + y1="30.554688" + x2="40.710938" + y2="30.359375" + gradientTransform="matrix(0.602867,-0.797841,0.797841,0.602867,-40.500685,39.274099)" /> + <linearGradient + id="linearGradient3499"> + <stop + style="stop-color:black;stop-opacity:1;" + offset="0" + id="stop3501" /> + <stop + style="stop-color:white;stop-opacity:1;" + offset="1" + id="stop3503" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient8710-7" + id="linearGradient3837" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(0.866025,-0.5,0.5,0.866025,-38.166905,2.0497543)" + x1="40.617188" + y1="30.554688" + x2="40.710938" + y2="30.359375" /> + <linearGradient + id="linearGradient3506"> + <stop + style="stop-color:black;stop-opacity:1;" + offset="0" + id="stop3508" /> + <stop + style="stop-color:white;stop-opacity:1;" + offset="1" + id="stop3510" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient8710-7" + id="linearGradient9654-8" + gradientUnits="userSpaceOnUse" + x1="40.617188" + y1="30.554688" + x2="40.710938" + y2="30.359375" + gradientTransform="matrix(0.707107,0.527555,-0.707107,0.527555,29.631226,-29.445591)" /> + <linearGradient + id="linearGradient3513"> + <stop + style="stop-color:black;stop-opacity:1;" + offset="0" + id="stop3515" /> + <stop + style="stop-color:white;stop-opacity:1;" + offset="1" + id="stop3517" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2986-0" + id="linearGradient3839" + gradientUnits="userSpaceOnUse" + gradientTransform="translate(0.625425,-5.3536307)" + x1="21.9375" + y1="39" + x2="21.9375" + y2="37.995617" /> + <linearGradient + inkscape:collect="always" + id="linearGradient2986-0"> + <stop + style="stop-color:black;stop-opacity:1;" + offset="0" + id="stop2988-7" /> + <stop + style="stop-color:black;stop-opacity:0;" + offset="1" + id="stop2990-5" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2902-1" + id="linearGradient2910-9" + x1="22.101398" + y1="27.658131" + x2="22.971142" + y2="20.903238" + gradientUnits="userSpaceOnUse" + gradientTransform="translate(0.625425,-3.3536307)" /> + <linearGradient + inkscape:collect="always" + id="linearGradient2902-1"> + <stop + style="stop-color:black;stop-opacity:1;" + offset="0" + id="stop2905-4" /> + <stop + style="stop-color:black;stop-opacity:0;" + offset="1" + id="stop2907-9" /> + </linearGradient> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2916-1" + id="linearGradient2922-2" + x1="24.847851" + y1="28.908398" + x2="24.847851" + y2="25.757175" + gradientUnits="userSpaceOnUse" + gradientTransform="translate(0.625425,-3.3536307)" /> + <linearGradient + inkscape:collect="always" + id="linearGradient2916-1"> + <stop + style="stop-color:white;stop-opacity:1;" + offset="0" + id="stop2918-5" /> + <stop + style="stop-color:white;stop-opacity:0;" + offset="1" + id="stop2920-9" /> + </linearGradient> + <linearGradient + y2="25.757175" + x2="24.847851" + y1="28.908398" + x1="24.847851" + gradientTransform="translate(0.625425,-3.3536307)" + gradientUnits="userSpaceOnUse" + id="linearGradient3576" + xlink:href="#linearGradient2916-1" + inkscape:collect="always" /> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient4477" + id="radialGradient3511" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,0.237968,0,28.93278)" + cx="24.130018" + cy="37.967922" + fx="24.130018" + fy="37.967922" + r="16.528622" /> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2846" + id="linearGradient3514" + gradientUnits="userSpaceOnUse" + x1="27.366341" + y1="26.580296" + x2="31.335964" + y2="30.557772" /> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient4440" + id="linearGradient3516" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1.334593,0,0,1.291292,-6.973842,-7.460658)" + x1="30.65625" + y1="34" + x2="33.21875" + y2="31.0625" /> + <linearGradient + inkscape:collect="always" + xlink:href="#linearGradient2366" + id="linearGradient3518" + gradientUnits="userSpaceOnUse" + x1="18.292673" + y1="13.602121" + x2="17.500893" + y2="25.743469" /> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient4487" + id="radialGradient3520" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(1,0,0,0.237968,0,28.93278)" + cx="24.130018" + cy="37.967922" + fx="24.130018" + fy="37.967922" + r="16.528622" /> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient4454" + id="radialGradient3522" + gradientUnits="userSpaceOnUse" + cx="18.240929" + cy="21.817987" + fx="18.240929" + fy="21.817987" + r="8.3085051" /> + <radialGradient + inkscape:collect="always" + xlink:href="#linearGradient4467" + id="radialGradient3524" + gradientUnits="userSpaceOnUse" + gradientTransform="matrix(2.592963,0,0,2.252104,-25.05975,-18.941)" + cx="15.414371" + cy="13.078408" + fx="15.414371" + fy="13.078408" + r="6.65625" /> + </defs> + <g + id="g6707" + style="display:inline" + transform="matrix(0.0370386,0,0,0.03670958,74.545662,41.635225)"> + <rect + id="rect6709" + style="opacity:0.40206185;color:#000000;fill:url(#linearGradient6715);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + y="-150.69685" + x="-1559.2523" + height="478.35718" + width="1339.6335" /> + <path + inkscape:connector-curvature="0" + id="path6711" + style="opacity:0.40206185;color:#000000;fill:url(#radialGradient6717);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + d="m -219.61876,-150.68038 c 0,0 0,478.33079 0,478.33079 142.874166,0.90045 345.40022,-107.16966 345.40014,-239.196175 0,-132.026537 -159.436816,-239.134595 -345.40014,-239.134615 z" /> + <path + inkscape:connector-curvature="0" + id="path6713" + style="opacity:0.40206185;color:#000000;fill:url(#radialGradient6719);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + d="m -1559.2523,-150.68038 c 0,0 0,478.33079 0,478.33079 -142.8742,0.90045 -345.4002,-107.16966 -345.4002,-239.196175 0,-132.026537 159.4368,-239.134595 345.4002,-239.134615 z" /> + </g> + <g + transform="matrix(1.2957479,0,0,1.2957479,9.1984201,1.0434641)" + style="display:inline" + id="g3292"> + <path + inkscape:connector-curvature="0" + sodipodi:nodetypes="cccssscccc" + id="path2784" + d="m 16.110953,16.552805 c -0.573581,0 -1.02837,0.431821 -1.02837,0.989859 l -0.940223,3.230801 c -2.859962,1.276514 -4.6423552,3.099073 -4.6423552,5.123976 0,3.856957 6.4790242,6.987239 14.4853222,6.98724 8.006296,0 14.514705,-3.130284 14.514704,-6.98724 0,-2.039034 -1.835591,-3.875388 -4.730501,-5.153089 l -0.940224,-3.201688 c 0,-0.558038 -0.454788,-0.989859 -1.02837,-0.989859 l -15.689983,0 z" + style="fill:none;stroke:url(#linearGradient5790);stroke-width:1.00000012;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0" /> + <path + transform="translate(0,4)" + d="m 16.125,13 c -0.362612,0 -0.59375,0.214848 -0.59375,0.53125 a 0.44198593,0.44198593 0 0 1 0,0.125 l -0.9375,3.25 a 0.44198593,0.44198593 0 0 1 -0.25,0.28125 c -1.389902,0.620369 -2.498509,1.378237 -3.25,2.1875 -0.751491,0.809263 -1.15625,1.64948 -1.15625,2.53125 0,1.680455 1.454964,3.3092 4,4.53125 2.545036,1.22205 6.116607,2 10.0625,2 3.945892,0 7.517463,-0.77795 10.0625,-2 2.545037,-1.22205 4,-2.850795 4,-4.53125 0,-0.887751 -0.393776,-1.747213 -1.15625,-2.5625 -0.762474,-0.815287 -1.905355,-1.566441 -3.3125,-2.1875 a 0.44198593,0.44198593 0 0 1 -0.25,-0.28125 l -0.9375,-3.21875 a 0.44198593,0.44198593 0 0 1 0,-0.125 C 32.406249,13.214846 32.175114,13 31.8125,13 L 16.125,13 z" + id="path5857" + style="fill:url(#linearGradient5865);fill-opacity:1;stroke:none;display:inline" + inkscape:original="M 16.125 12.5625 C 15.55142 12.5625 15.09375 12.973212 15.09375 13.53125 L 14.15625 16.78125 C 11.296288 18.057765 9.5 19.881347 9.5 21.90625 C 9.5 25.763206 15.993702 28.874999 24 28.875 C 32.006296 28.874999 38.500001 25.763206 38.5 21.90625 C 38.5 19.867215 36.67616 18.027701 33.78125 16.75 L 32.84375 13.53125 C 32.843748 12.973212 32.386082 12.5625 31.8125 12.5625 L 16.125 12.5625 z " + inkscape:radius="-0.44194174" + sodipodi:type="inkscape:offset" /> + <path + transform="matrix(0.449978,0,0,0.349909,16.36363,16.21469)" + d="m 24.748736,25.107418 c 0,2.367553 -3.482407,4.286835 -7.778174,4.286835 -4.295767,0 -7.7781744,-1.919282 -7.7781744,-4.286835 0,-2.367553 3.4824074,-4.286835 7.7781744,-4.286835 4.295767,0 7.778174,1.919282 7.778174,4.286835 z" + sodipodi:ry="4.2868347" + sodipodi:rx="7.7781744" + sodipodi:cy="25.107418" + sodipodi:cx="16.970562" + id="path8595" + style="opacity:0.9;color:#000000;fill:#000000;fill-opacity:0.05303028;fill-rule:nonzero;stroke:url(#linearGradient8603);stroke-width:2.52015233;stroke-linecap:square;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:1.4;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(-2.628602,0,0,1.777765,31.79309,-36.77739)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8668" + style="color:#000000;fill:url(#radialGradient8676);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(1.411772,0,0,0.969697,0.985233,-12.15152)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8670" + style="color:#000000;fill:url(#radialGradient8678);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(-2.628602,0,0,1.777765,56.3029,-36.77739)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8672" + style="color:#000000;fill:url(#radialGradient8680);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(1.411772,0,0,0.969697,25.49504,-12.15152)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8674" + style="color:#000000;fill:url(#radialGradient8682);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + inkscape:connector-curvature="0" + id="path9647" + d="m 11.263531,17.446473 0.972937,-0.06482" + style="opacity:0.4;fill:none;stroke:url(#linearGradient9649);stroke-width:0.29999995;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;display:inline" /> + <path + inkscape:connector-curvature="0" + id="path9652" + d="m 36.124038,17.147874 0.314427,0.688634" + style="opacity:0.4;fill:none;stroke:url(#linearGradient9654);stroke-width:0.29999998;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;display:inline" /> + <g + transform="translate(0.625425,-54.351101)" + id="g5672-9" + style="display:inline"> + <path + inkscape:connector-curvature="0" + style="color:#000000;fill:url(#linearGradient5655-6);fill-opacity:1;fill-rule:nonzero;stroke:#2e3436;stroke-width:1;stroke-linecap:square;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:1.4;marker:none;visibility:visible;display:inline;overflow:visible" + d="m 4.5182287,80.500013 38.9635393,0 c 0.564099,0 1.018229,0.45413 1.018229,1.018229 l 0,2.963543 c 0,1.315584 -0.450231,3.018228 -2.455729,3.018228 L 40.5,87.5 l 0,1 -33,0 0,-1 -1.8567713,1.3e-5 c -1.2712053,0 -2.1432282,-0.884627 -2.1432282,-2.255665 l 0,-3.726106 c 0,-0.564099 0.4541297,-1.018229 1.0182282,-1.018229 z" + id="rect2010-0" + sodipodi:nodetypes="ccccccccccccc" /> + <path + inkscape:connector-curvature="0" + sodipodi:nodetypes="ccccccc" + id="path2076-3" + d="m 4.59375,31.59375 0,3.729743 c 0,0.599619 0.3756505,1.104854 0.8863276,1.104854 l 36.9463294,0 c 0.512469,0 0.979843,-0.507235 0.979843,-1.016466 l 0,-3.818131 -38.8125,0 z" + style="opacity:0.1;color:#000000;fill:none;stroke:url(#linearGradient2973-8);stroke-width:0.99999988;stroke-linecap:square;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dashoffset:1.4;marker:none;visibility:visible;display:inline;overflow:visible" + transform="translate(0,50)" /> + <g + id="g4706-3" + style="opacity:0.5" + transform="translate(0,50)"> + <path + inkscape:connector-curvature="0" + inkscape:export-ydpi="90" + inkscape:export-xdpi="90" + inkscape:export-filename="/home/lapo/Desktop/uhm.png" + sodipodi:nodetypes="ccccc" + id="path2907-3" + d="m 26.144738,32.088747 c 0,0 -1.502602,5.533939 -3.226175,5.911253 0,0 6.231378,-0.125771 6.231378,-0.125771 1.387072,-0.317461 3.358758,-5.785482 3.358758,-5.785482 l -6.363961,0 z" + style="opacity:0.10952382;fill:url(#linearGradient4711-8);fill-opacity:1;fill-rule:evenodd;stroke:none" /> + <path + inkscape:connector-curvature="0" + style="opacity:0.10952382;fill:url(#linearGradient4713-3);fill-opacity:1;fill-rule:evenodd;stroke:none" + d="m 14.769738,32 c 0,0 -1.502602,5.533939 -3.226175,5.911253 0,0 6.231378,-0.125771 6.231378,-0.125771 C 19.162013,37.468021 21.133699,32 21.133699,32 l -6.363961,0 z" + id="path2892-7" + sodipodi:nodetypes="ccccc" + inkscape:export-filename="/home/lapo/Desktop/uhm.png" + inkscape:export-xdpi="90" + inkscape:export-ydpi="90" /> + <path + inkscape:connector-curvature="0" + style="opacity:0.10952382;fill:url(#linearGradient3845);fill-opacity:1;fill-rule:evenodd;stroke:none" + d="m 34.886139,32 c 0,0 -2.212224,5.328458 -3.108503,5.691761 0,0 2.899969,-0.121101 2.899969,-0.121101 C 35.402697,37.264987 37.8125,32 37.8125,32 l -2.926361,0 z" + id="path2896-3" + sodipodi:nodetypes="ccccc" + inkscape:export-filename="/home/lapo/Desktop/uhm.png" + inkscape:export-xdpi="90" + inkscape:export-ydpi="90" /> + </g> + </g> + <path + inkscape:connector-curvature="0" + inkscape:export-ydpi="90" + inkscape:export-xdpi="90" + inkscape:export-filename="/home/lapo/Desktop/uhm.png" + sodipodi:nodetypes="cczzcczzc" + id="rect1879-2" + d="m 12.318553,5.1451573 24.572566,0 c 1.68417,0 2.396517,0.117479 3.040019,2.385005 l 5.074491,17.8811187 c 0.501024,1.765471 -1.355848,2.735101 -3.040018,2.735101 l -34.721555,0 c -1.868408,0 -3.489383,-1.181417 -3.040018,-2.735101 L 9.45447,7.2578663 c 0.568301,-1.964905 1.179912,-2.112709 2.864083,-2.112709 z" + style="fill:url(#radialGradient5748-9);fill-opacity:1;stroke:#888a85;stroke-width:1.00000024;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dashoffset:0;display:inline" /> + <path + d="m 11.6875,11 c -0.826242,0 -1.28475,0.06523 -1.5625,0.25 -0.2777497,0.184768 -0.5402012,0.558525 -0.8125,1.5 l -5.25,18.125 c -0.1708248,0.590628 0.031475,1.039316 0.5,1.4375 C 5.0310253,32.710684 5.7975106,33.000001 6.625,33 l 34.71875,0 c 0.744655,0 1.538941,-0.2482 2.03125,-0.625 0.492309,-0.3768 0.731017,-0.796077 0.53125,-1.5 L 38.84375,13 C 38.534499,11.910283 38.220548,11.458908 37.90625,11.25 37.591952,11.041092 37.112699,11 36.28125,11 L 11.6875,11 z" + id="path5806-6" + style="opacity:0.46240599;fill:url(#linearGradient7658-1);fill-opacity:1;stroke:none;display:inline" + inkscape:original="M 11.6875 10.5 C 10.00333 10.5 9.4120513 10.660095 8.84375 12.625 L 3.59375 30.75 C 3.1443849 32.303684 4.7565918 33.500002 6.625 33.5 L 41.34375 33.5 C 43.02792 33.5 44.876024 32.515471 44.375 30.75 L 39.3125 12.875 C 38.668998 10.607474 37.965419 10.5 36.28125 10.5 L 11.6875 10.5 z " + inkscape:radius="-0.5" + sodipodi:type="inkscape:offset" + transform="translate(0.625425,-5.3536307)" /> + <path + transform="matrix(-2.628602,0,0,1.777765,28.418516,-29.131021)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8621-5" + style="color:#000000;fill:url(#radialGradient8623-2);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + inkscape:connector-curvature="0" + sodipodi:nodetypes="cccssscccc" + id="path2784-2" + d="m 16.736379,7.1991743 c -0.573581,0 -1.02837,0.431821 -1.02837,0.9898587 l -0.940223,3.230801 c -2.859962,1.276514 -4.642356,3.099073 -4.642356,5.123976 0,3.856957 6.479025,6.987239 14.485323,6.98724 8.006296,0 14.514705,-3.130284 14.514704,-6.98724 0,-2.039034 -1.835591,-3.875388 -4.730501,-5.153089 L 33.454732,8.189033 c 0,-0.5580377 -0.454788,-0.9898587 -1.02837,-0.9898587 l -15.689983,0 z" + style="fill:none;stroke:url(#linearGradient5790-3);stroke-width:1.00000012;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;display:inline" /> + <path + inkscape:connector-curvature="0" + sodipodi:nodetypes="csccsccsccscc" + id="path3394-6" + d="m 12.312926,6.1463743 c -0.803124,0 -1.097169,0.07051 -1.218751,0.155556 -0.121582,0.08504 -0.357707,0.40212 -0.6875,1.306667 l -5.25,18.1377857 c -0.13372,0.366765 -0.05483,0.533865 0.3125,0.84 0.367327,0.306136 1.066693,0.56 1.78125,0.560001 l 34.718751,0 c 0.639793,0 1.393345,-0.237954 1.78125,-0.52889 0.387905,-0.290935 0.488311,-0.382809 0.3125,-0.871111 l -5.0625,-17.8577857 c -0.377206,-1.04766 -0.68208,-1.439297 -0.84375,-1.555556 -0.16167,-0.116259 -0.443711,-0.186667 -1.25,-0.186667 l -24.59375,0 z" + style="fill:none;stroke:url(#linearGradient3474-4);stroke-width:1.00000036;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dashoffset:0;display:inline" /> + <g + style="opacity:0.3028571;display:inline" + transform="translate(7.625425,-6.353631)" + id="g5657-5"> + <rect + style="color:#000000;fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:#eeeeec;stroke-width:1.00000024;stroke-linecap:square;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:1.4;marker:none;visibility:visible;display:inline;overflow:visible" + id="rect5641-8" + width="14.000004" + height="1.9999924" + x="18.499996" + y="35.500008" + rx="0.75130093" + ry="0.74712253" /> + <rect + style="color:#000000;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + id="rect5645-7" + width="1" + height="1" + x="19" + y="36" /> + <rect + style="color:#000000;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + id="rect5647-9" + width="1" + height="1" + x="22" + y="36" /> + <rect + style="color:#000000;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + id="rect5649-6" + width="1" + height="1" + x="24" + y="36" /> + <rect + style="color:#000000;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + id="rect5651-0" + width="1" + height="1" + x="26" + y="36" /> + <rect + style="color:#000000;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + id="rect5653-4" + width="2" + height="1" + x="29" + y="36" /> + </g> + <path + d="m 16.125,13 c -0.362612,0 -0.59375,0.214848 -0.59375,0.53125 a 0.44198593,0.44198593 0 0 1 0,0.125 l -0.9375,3.25 a 0.44198593,0.44198593 0 0 1 -0.25,0.28125 c -1.389902,0.620369 -2.498509,1.378237 -3.25,2.1875 -0.751491,0.809263 -1.15625,1.64948 -1.15625,2.53125 0,1.680455 1.454964,3.3092 4,4.53125 2.545036,1.22205 6.116607,2 10.0625,2 3.945892,0 7.517463,-0.77795 10.0625,-2 2.545037,-1.22205 4,-2.850795 4,-4.53125 0,-0.887751 -0.393776,-1.747213 -1.15625,-2.5625 -0.762474,-0.815287 -1.905355,-1.566441 -3.3125,-2.1875 a 0.44198593,0.44198593 0 0 1 -0.25,-0.28125 l -0.9375,-3.21875 a 0.44198593,0.44198593 0 0 1 0,-0.125 C 32.406249,13.214846 32.175114,13 31.8125,13 L 16.125,13 z" + id="path5857-1" + style="fill:url(#linearGradient5865-1);fill-opacity:1;stroke:none;display:inline" + inkscape:original="M 16.125 12.5625 C 15.55142 12.5625 15.09375 12.973212 15.09375 13.53125 L 14.15625 16.78125 C 11.296288 18.057765 9.5 19.881347 9.5 21.90625 C 9.5 25.763206 15.993702 28.874999 24 28.875 C 32.006296 28.874999 38.500001 25.763206 38.5 21.90625 C 38.5 19.867215 36.67616 18.027701 33.78125 16.75 L 32.84375 13.53125 C 32.843748 12.973212 32.386082 12.5625 31.8125 12.5625 L 16.125 12.5625 z " + inkscape:radius="-0.44194174" + sodipodi:type="inkscape:offset" + transform="translate(0.625425,-5.3536307)" /> + <path + transform="matrix(0.449978,0,0,0.349909,16.989056,6.8610593)" + d="m 24.748736,25.107418 c 0,2.367553 -3.482407,4.286835 -7.778174,4.286835 -4.295767,0 -7.7781744,-1.919282 -7.7781744,-4.286835 0,-2.367553 3.4824074,-4.286835 7.7781744,-4.286835 4.295767,0 7.778174,1.919282 7.778174,4.286835 z" + sodipodi:ry="4.2868347" + sodipodi:rx="7.7781744" + sodipodi:cy="25.107418" + sodipodi:cx="16.970562" + id="path8595-0" + style="opacity:0.9;color:#000000;fill:#000000;fill-opacity:0.05303028;fill-rule:nonzero;stroke:url(#linearGradient8603-0);stroke-width:2.52015233;stroke-linecap:square;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:1.4;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(1.411772,0,0,0.969697,-2.389342,-4.5051457)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8611-4" + style="color:#000000;fill:url(#radialGradient8619-8);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(-2.628602,0,0,1.777765,61.41852,-29.131021)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8660-8" + style="color:#000000;fill:url(#radialGradient8664-0);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.46259445;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(1.411772,0,0,0.969697,30.610656,-4.5051457)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8662-7" + style="color:#000000;fill:url(#radialGradient8666-9);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(-2.628602,0,0,1.777765,32.418516,-46.131021)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8668-0" + style="color:#000000;fill:url(#radialGradient3847);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(1.411772,0,0,0.969697,1.610658,-21.505151)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8670-8" + style="color:#000000;fill:url(#radialGradient8678-2);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(-2.628602,0,0,1.777765,56.928326,-46.131021)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8672-6" + style="color:#000000;fill:url(#radialGradient8680-0);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + transform="matrix(1.411772,0,0,0.969697,26.120466,-21.505151)" + d="m 8.15625,30.578125 c 0,0.284772 -0.2378487,0.515625 -0.53125,0.515625 -0.2934013,0 -0.53125,-0.230853 -0.53125,-0.515625 0,-0.284772 0.2378487,-0.515625 0.53125,-0.515625 0.2934013,0 0.53125,0.230853 0.53125,0.515625 z" + sodipodi:ry="0.515625" + sodipodi:rx="0.53125" + sodipodi:cy="30.578125" + sodipodi:cx="7.625" + id="path8674-2" + style="color:#000000;fill:url(#radialGradient8682-2);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + sodipodi:type="arc" /> + <path + inkscape:connector-curvature="0" + id="path8700-4" + d="m 40.953535,24.90777 0.874999,0.430332" + style="opacity:0.4;fill:none;stroke:url(#linearGradient8716-4);stroke-width:0.29999995;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;display:inline" /> + <path + inkscape:connector-curvature="0" + id="path9603-7" + d="M 7.955611,25.342275 8.826456,24.903597" + style="opacity:0.4;fill:none;stroke:url(#linearGradient9605-0);stroke-width:0.29999995;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;display:inline" /> + <path + inkscape:connector-curvature="0" + id="path9647-9" + d="m 11.888957,8.092842 0.972937,-0.06482" + style="opacity:0.4;fill:none;stroke:url(#linearGradient3837);stroke-width:0.29999995;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;display:inline" /> + <path + inkscape:connector-curvature="0" + id="path9652-3" + d="M 36.749464,7.7942433 37.063891,8.482877" + style="opacity:0.4;fill:none;stroke:url(#linearGradient9654-8);stroke-width:0.29999998;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;display:inline" /> + <rect + y="32.64637" + x="8.6254234" + height="1" + width="32.03125" + id="rect2984-9" + style="opacity:0.12000002;color:#000000;fill:url(#linearGradient3839);fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.68183619;marker:none;visibility:visible;display:inline;overflow:visible" /> + <path + inkscape:connector-curvature="0" + sodipodi:nodetypes="ccccccccc" + id="path1997-2" + d="M 11.08558,9.728724 7.476823,22.322131 c 1.446871,0.699749 3.773602,1.491299 3.578427,3.857369 l 26.870059,0 c 0.569515,-1.892216 2.575117,-3.158131 4.046257,-3.283131 L 38.123532,9.728724 32.975561,7.1697163 l -18.031223,0 -3.858758,2.5590077 z" + style="opacity:0.12000002;color:#000000;fill:none;stroke:url(#linearGradient2910-9);stroke-width:1.00000036;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible" /> + <path + inkscape:connector-curvature="0" + style="opacity:0.83428572;color:#000000;fill:none;stroke:url(#linearGradient3576);stroke-width:1.00000036;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible" + d="m 8.601823,21.697131 c 1.446871,0.699749 3.178933,1.433241 3.4257,3.357369 l 25.455844,0 c 0.569515,-1.892216 2.017059,-2.908131 3.488199,-3.033131 L 8.601823,21.697131 z" + id="path2912-8" + sodipodi:nodetypes="ccccc" /> + </g> + <path + style="fill:none;stroke:#000000;stroke-width:5.27750492;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none" + d="M 27.080872,31.163331 54.27344,12.844129" + id="path3526" + inkscape:connector-curvature="0" + sodipodi:nodetypes="cc" /> + <g + id="g4855" + transform="matrix(1.320705,0,0,1.320705,18.139953,1.1689971)"> + <g + id="g1772"> + <path + inkscape:connector-curvature="0" + id="path4475" + style="opacity:0.17112301;color:#000000;fill:url(#radialGradient3511);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + transform="matrix(1.446431,0,0,1.51999,-10.97453,-17.75168)" + d="m 40.65864,37.967922 a 16.528622,3.9332814 0 1 1 -33.0572434,0 16.528622,3.9332814 0 1 1 33.0572434,0 z" /> + <path + inkscape:connector-curvature="0" + id="path2844" + style="color:#000000;fill:#dcdcdc;fill-opacity:1;fill-rule:evenodd;stroke:url(#linearGradient3514);stroke-width:2.00000095;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:10;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible" + d="m 18.627569,3.1435548 c -8.13913,0 -14.7448008,6.6056711 -14.7448008,14.7448012 0,8.13913 6.6056708,14.744802 14.7448008,14.744802 3.479555,0 6.551001,-1.384393 9.073723,-3.402647 -0.205377,1.006881 -0.07803,2.035368 0.756144,2.759925 l 10.964084,9.52741 c 1.233416,1.071329 3.087462,0.93096 4.15879,-0.302457 1.071328,-1.233418 0.930959,-3.087462 -0.302457,-4.15879 L 32.313769,27.529188 c -0.671527,-0.583279 -1.492878,-0.755969 -2.306238,-0.642722 1.9867,-2.512422 3.364839,-5.548803 3.364839,-8.99811 0,-8.1391301 -6.605671,-14.7448012 -14.744801,-14.7448012 z m -0.07562,1.2261833 c 7.639459,0 13.291775,4.7889505 13.291775,13.2917749 0,8.675113 -5.81669,13.291775 -13.291775,13.291775 -7.302949,0 -13.2917734,-5.478092 -13.2917734,-13.291775 0,-7.9841069 5.8246384,-13.291775 13.2917734,-13.2917749 z" /> + <path + inkscape:connector-curvature="0" + id="path4430" + style="color:#000000;fill:#dcdcdc;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1.00000036;marker:none;visibility:visible;display:inline;overflow:visible" + d="m 18.602905,3.0803551 c -8.16544,0 -14.7924642,6.627024 -14.7924642,14.7924639 0,8.16544 6.6270242,14.792464 14.7924642,14.792464 3.490803,0 6.572177,-1.388867 9.103055,-3.413645 -0.206041,1.010136 -0.07829,2.041947 0.758587,2.768846 l 10.999526,9.558207 c 1.237403,1.074792 3.097442,0.93397 4.172233,-0.303435 1.074791,-1.237404 0.933968,-3.097442 -0.303435,-4.172233 L 32.333346,27.544815 c -0.673698,-0.585164 -1.497704,-0.758413 -2.313693,-0.644799 1.993122,-2.520544 3.375716,-5.56674 3.375716,-9.027197 0,-8.1654399 -6.627024,-14.7924639 -14.792464,-14.7924639 z m -0.07586,3.1860692 c 6.281108,2e-7 11.378818,5.0977107 11.378818,11.3788187 0,6.281108 -5.09771,11.378818 -11.378818,11.378818 -6.281108,0 -11.3788184,-5.09771 -11.3788184,-11.378818 2e-7,-6.281108 5.0977104,-11.3788187 11.3788184,-11.3788187 z" /> + <path + inkscape:connector-curvature="0" + id="path4438" + style="color:#000000;fill:url(#linearGradient3516);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + d="m 39.507004,41.57769 c -0.478672,-2.273187 1.39733,-4.811422 3.584053,-4.788375 0,0 -10.760367,-9.258111 -10.760367,-9.258111 -2.944791,-0.05671 -4.269502,2.272616 -3.776814,4.599922 l 10.953128,9.446564 z" /> + <path + inkscape:connector-curvature="0" + id="path4450" + style="color:#000000;fill:none;stroke:url(#linearGradient3518);stroke-width:0.8027336;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:10;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible" + transform="matrix(1.245743,0,0,1.245743,-3.425346,-6.177033)" + d="m 28.549437,18.920233 a 11.048544,11.048544 0 1 1 -22.0970883,0 11.048544,11.048544 0 1 1 22.0970883,0 z" /> + <path + inkscape:connector-curvature="0" + id="path4485" + style="color:#000000;fill:url(#radialGradient3520);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + transform="matrix(0.497764,0,0,0.609621,8.973526,15.61929)" + d="m 40.65864,37.967922 a 16.528622,3.9332814 0 1 1 -33.0572434,0 16.528622,3.9332814 0 1 1 33.0572434,0 z" /> + <rect + id="rect4495" + style="opacity:0.43315507;color:#000000;fill:none;stroke:#ffffff;stroke-width:1.00003111;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:10;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible" + transform="matrix(0.752986,0.658037,-0.648902,0.760872,0,0)" + y="0.14086054" + x="40.373337" + ry="1.8879365" + rx="2.1366608" + height="4.4404783" + width="19.048439" /> + <path + inkscape:connector-curvature="0" + id="path4452" + style="color:#000000;fill:url(#radialGradient3522);fill-opacity:1;fill-rule:evenodd;stroke:#3063a3;stroke-width:0.71499395;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:10;stroke-opacity:1;stroke-dashoffset:0;marker:none;visibility:visible" + transform="matrix(1.398614,0,0,1.398614,-6.224338,-8.298958)" + d="m 25.897786,18.478292 a 8.3085051,8.3085051 0 1 1 -16.61701,0 8.3085051,8.3085051 0 1 1 16.61701,0 z" /> + <path + inkscape:connector-curvature="0" + id="path4462" + style="opacity:0.83422457;color:#000000;fill:url(#radialGradient3524);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1;marker:none;visibility:visible;display:inline;overflow:visible" + d="m 18.156915,7.3966938 c -5.20759,0 -9.4245469,4.2169572 -9.4245469,9.4245472 0,1.503975 0.4203072,2.887773 1.0471719,4.149903 1.25238,0.461613 2.582757,0.775683 3.994767,0.775683 6.170955,0 11.099282,-4.861637 11.480106,-10.937129 C 23.523449,8.7641668 21.044374,7.3966938 18.156915,7.3966938 z" /> + </g> + </g> +</svg> diff --git a/dracut-catimages.sh b/dracut-catimages.sh new file mode 100755 index 0000000..b87e000 --- /dev/null +++ b/dracut-catimages.sh @@ -0,0 +1,150 @@ +#!/bin/bash --norc +# +# Copyright 2009 Red Hat, Inc. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +dwarning() { + echo "Warning: $*" >&2 +} + +dinfo() { + [[ $beverbose ]] && echo "$@" >&2 +} + +derror() { + echo "Error: $*" >&2 +} + +usage() { + # 80x25 linebreak here ^ + cat << EOF +Usage: $0 [OPTION]... <initramfs> <base image> [<image>...] +Creates initial ramdisk image by concatenating several images from the command +line and /boot/dracut/ + + -f, --force Overwrite existing initramfs file. + -i, --imagedir Directory with additional images to add + (default: /boot/dracut/) + -o, --overlaydir Overlay directory, which contains files that + will be used to create an additional image + --nooverlay Do not use the overlay directory + --noimagedir Do not use the additional image directory + -h, --help This message + --debug Output debug information of the build process + -v, --verbose Verbose output during the build process +EOF +} + +imagedir=/boot/dracut/ +overlay=/var/lib/dracut/overlay + +while (($# > 0)); do + case $1 in + -f | --force) force=yes ;; + -i | --imagedir) + imagedir=$2 + shift + ;; + -o | --overlaydir) + overlay=$2 + shift + ;; + --nooverlay) + no_overlay=yes + shift + ;; + --noimagedir) + no_imagedir=yes + shift + ;; + -h | --help) + usage + exit 1 + ;; + --debug) export debug="yes" ;; + -v | --verbose) beverbose="yes" ;; + -*) + printf "\nUnknown option: %s\n\n" "$1" >&2 + usage + exit 1 + ;; + *) break ;; + esac + shift +done + +outfile=$1 +shift + +if [[ -z $outfile ]]; then + derror "No output file specified." + usage + exit 1 +fi + +baseimage=$1 +shift + +if [[ -z $baseimage ]]; then + derror "No base image specified." + usage + exit 1 +fi + +if [[ -f $outfile && ! $force ]]; then + derror "Will not override existing initramfs ($outfile) without --force" + exit 1 +fi + +if [[ ! $no_imagedir && ! -d $imagedir ]]; then + derror "Image directory $overlay is not a directory" + exit 1 +fi + +if [[ ! $no_overlay && ! -d $overlay ]]; then + derror "Overlay $overlay is not a directory" + exit 1 +fi + +if [[ ! $no_overlay ]]; then + ofile="$imagedir/90-overlay.img" + dinfo "Creating image $ofile from directory $overlay" + type pigz &> /dev/null && gzip=pigz || gzip=gzip + ( + cd "$overlay" || return 1 + find . | cpio --quiet -H newc -o | $gzip -9 > "$ofile" + ) +fi + +if [[ ! $no_imagedir ]]; then + for i in "$imagedir/"*.img; do + [[ -f $i ]] && images+=("$i") + done +fi + +images+=("$@") + +dinfo "Using base image $baseimage" +cat -- "$baseimage" > "$outfile" + +for i in "${images[@]}"; do + dinfo "Appending $i" + cat -- "$i" >> "$outfile" +done + +dinfo "Created $outfile" + +exit 0 diff --git a/dracut-functions.sh b/dracut-functions.sh new file mode 100755 index 0000000..4535871 --- /dev/null +++ b/dracut-functions.sh @@ -0,0 +1,1083 @@ +#!/bin/bash +# +# functions used by dracut and other tools. +# +# Copyright 2005-2009 Red Hat, Inc. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# +export LC_MESSAGES=C + +# is_func <command> +# Check whether $1 is a function. +is_func() { + [[ "$(type -t "$1")" == "function" ]] +} + +# Generic substring function. If $2 is in $1, return 0. +strstr() { [[ $1 == *"$2"* ]]; } +# Generic glob matching function. If glob pattern $2 matches anywhere in $1, OK +strglobin() { [[ $1 == *$2* ]]; } +# Generic glob matching function. If glob pattern $2 matches all of $1, OK +# shellcheck disable=SC2053 +strglob() { [[ $1 == $2 ]]; } +# returns OK if $1 contains literal string $2 at the beginning, and isn't empty +str_starts() { [ "${1#"$2"*}" != "$1" ]; } +# returns OK if $1 contains literal string $2 at the end, and isn't empty +str_ends() { [ "${1%*"$2"}" != "$1" ]; } + +trim() { + local var="$*" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + printf "%s" "$var" +} + +# find a binary. If we were not passed the full path directly, +# search in the usual places to find the binary. +find_binary() { + local _delim + local _path + local l + local p + [[ -z ${1##/*} ]] || _delim="/" + + if [[ $1 == *.so* ]]; then + for l in $libdirs; do + _path="${l}${_delim}${1}" + if { $DRACUT_LDD "${dracutsysrootdir}${_path}" &> /dev/null; }; then + printf "%s\n" "${_path}" + return 0 + fi + done + _path="${_delim}${1}" + if { $DRACUT_LDD "${dracutsysrootdir}${_path}" &> /dev/null; }; then + printf "%s\n" "${_path}" + return 0 + fi + fi + if [[ $1 == */* ]]; then + _path="${_delim}${1}" + if [[ -L ${dracutsysrootdir}${_path} ]] || [[ -x ${dracutsysrootdir}${_path} ]]; then + printf "%s\n" "${_path}" + return 0 + fi + fi + for p in $DRACUT_PATH; do + _path="${p}${_delim}${1}" + if [[ -L ${dracutsysrootdir}${_path} ]] || [[ -x ${dracutsysrootdir}${_path} ]]; then + printf "%s\n" "${_path}" + return 0 + fi + done + + [[ -n $dracutsysrootdir ]] && return 1 + type -P "${1##*/}" +} + +ldconfig_paths() { + $DRACUT_LDCONFIG ${dracutsysrootdir:+-r ${dracutsysrootdir} -f /etc/ld.so.conf} -pN 2> /dev/null | grep -E -v '/(lib|lib64|usr/lib|usr/lib64)/[^/]*$' | sed -n 's,.* => \(.*\)/.*,\1,p' | sort | uniq +} + +# Version comparison function. Assumes Linux style version scheme. +# $1 = version a +# $2 = comparison op (gt, ge, eq, le, lt, ne) +# $3 = version b +vercmp() { + local _n1 + read -r -a _n1 <<< "${1//./ }" + local _op=$2 + local _n2 + read -r -a _n2 <<< "${3//./ }" + local _i _res + + for ((_i = 0; ; _i++)); do + if [[ ! ${_n1[_i]}${_n2[_i]} ]]; then + _res=0 + elif ((${_n1[_i]:-0} > ${_n2[_i]:-0})); then + _res=1 + elif ((${_n1[_i]:-0} < ${_n2[_i]:-0})); then + _res=2 + else + continue + fi + break + done + + case $_op in + gt) ((_res == 1)) ;; + ge) ((_res != 2)) ;; + eq) ((_res == 0)) ;; + le) ((_res != 1)) ;; + lt) ((_res == 2)) ;; + ne) ((_res != 0)) ;; + esac +} + +# Create all subdirectories for given path without creating the last element. +# $1 = path +mksubdirs() { + # shellcheck disable=SC2174 + [[ -e ${1%/*} ]] || mkdir -m 0755 -p -- "${1%/*}" +} + +# Function prints global variables in format name=value line by line. +# $@ = list of global variables' name +print_vars() { + local _var _value + + for _var in "$@"; do + eval printf -v _value "%s" \""\$$_var"\" + [[ ${_value} ]] && printf '%s="%s"\n' "$_var" "$_value" + done +} + +# normalize_path <path> +# Prints the normalized path, where it removes any duplicated +# and trailing slashes. +# Example: +# $ normalize_path ///test/test// +# /test/test +normalize_path() { + # shellcheck disable=SC2064 + trap "$(shopt -p extglob)" RETURN + shopt -q -s extglob + local p=${1//+(\/)//} + printf "%s\n" "${p%/}" +} + +# convert_abs_rel <from> <to> +# Prints the relative path, when creating a symlink to <to> from <from>. +# Example: +# $ convert_abs_rel /usr/bin/test /bin/test-2 +# ../../bin/test-2 +# $ ln -s $(convert_abs_rel /usr/bin/test /bin/test-2) /usr/bin/test +convert_abs_rel() { + local __current __absolute __abssize __cursize __newpath + local -i __i __level + + set -- "$(normalize_path "$1")" "$(normalize_path "$2")" + + # corner case #1 - self looping link + [[ $1 == "$2" ]] && { + printf "%s\n" "${1##*/}" + return + } + + # corner case #2 - own dir link + [[ ${1%/*} == "$2" ]] && { + printf ".\n" + return + } + + IFS=/ read -r -a __current <<< "$1" + IFS=/ read -r -a __absolute <<< "$2" + + __abssize=${#__absolute[@]} + __cursize=${#__current[@]} + + while [[ ${__absolute[__level]} == "${__current[__level]}" ]]; do + ((__level++)) + if ((__level > __abssize || __level > __cursize)); then + break + fi + done + + for ((__i = __level; __i < __cursize - 1; __i++)); do + if ((__i > __level)); then + __newpath=$__newpath"/" + fi + __newpath=$__newpath".." + done + + for ((__i = __level; __i < __abssize; __i++)); do + if [[ -n $__newpath ]]; then + __newpath=$__newpath"/" + fi + __newpath=$__newpath${__absolute[__i]} + done + + printf -- "%s\n" "$__newpath" +} + +# get_fs_env <device> +# Get and the ID_FS_TYPE variable from udev for a device. +# Example: +# $ get_fs_env /dev/sda2 +# ext4 +get_fs_env() { + [[ $1 ]] || return + unset ID_FS_TYPE + ID_FS_TYPE=$(blkid -u filesystem -o export -- "$1" \ + | while read -r line || [ -n "$line" ]; do + if [[ $line == "TYPE="* ]]; then + printf "%s" "${line#TYPE=}" + exit 0 + fi + done) + if [[ $ID_FS_TYPE ]]; then + printf "%s" "$ID_FS_TYPE" + return 0 + fi + return 1 +} + +# get_maj_min <device> +# Prints the major and minor of a device node. +# Example: +# $ get_maj_min /dev/sda2 +# 8:2 +get_maj_min() { + local _majmin + local _out + + if [[ $get_maj_min_cache_file ]]; then + _out="$(grep -m1 -oE "^$1 \S+$" "$get_maj_min_cache_file" | awk '{print $NF}')" + fi + + if ! [[ "$_out" ]]; then + _majmin="$(stat -L -c '%t:%T' "$1" 2> /dev/null)" + _out="$(printf "%s" "$((0x${_majmin%:*})):$((0x${_majmin#*:}))")" + if [[ $get_maj_min_cache_file ]]; then + echo "$1 $_out" >> "$get_maj_min_cache_file" + fi + fi + echo -n "$_out" +} + +# get_devpath_block <device> +# get the DEVPATH in /sys of a block device +get_devpath_block() { + local _majmin _i + _majmin=$(get_maj_min "$1") + + for _i in /sys/block/*/dev /sys/block/*/*/dev; do + [[ -e $_i ]] || continue + if [[ $_majmin == "$(< "$_i")" ]]; then + printf "%s" "${_i%/dev}" + return 0 + fi + done + return 1 +} + +# get a persistent path from a device +get_persistent_dev() { + local i _tmp _dev _pol + + _dev=$(get_maj_min "$1") + [ -z "$_dev" ] && return + + if [[ -n $persistent_policy ]]; then + _pol="/dev/disk/${persistent_policy}/*" + else + _pol= + fi + + for i in \ + $_pol \ + /dev/mapper/* \ + /dev/disk/by-uuid/* \ + /dev/disk/by-label/* \ + /dev/disk/by-partuuid/* \ + /dev/disk/by-partlabel/* \ + /dev/disk/by-id/* \ + /dev/disk/by-path/*; do + [[ -e $i ]] || continue + [[ $i == /dev/mapper/control ]] && continue + [[ $i == /dev/mapper/mpath* ]] && continue + _tmp=$(get_maj_min "$i") + if [ "$_tmp" = "$_dev" ]; then + printf -- "%s" "$i" + return + fi + done + printf -- "%s" "$1" +} + +expand_persistent_dev() { + local _dev=$1 + + case "$_dev" in + LABEL=*) + _dev="/dev/disk/by-label/${_dev#LABEL=}" + ;; + UUID=*) + _dev="${_dev#UUID=}" + _dev="${_dev,,}" + _dev="/dev/disk/by-uuid/${_dev}" + ;; + PARTUUID=*) + _dev="${_dev#PARTUUID=}" + _dev="${_dev,,}" + _dev="/dev/disk/by-partuuid/${_dev}" + ;; + PARTLABEL=*) + _dev="/dev/disk/by-partlabel/${_dev#PARTLABEL=}" + ;; + esac + printf "%s" "$_dev" +} + +shorten_persistent_dev() { + local _dev="$1" + case "$_dev" in + /dev/disk/by-uuid/*) + printf "%s" "UUID=${_dev##*/}" + ;; + /dev/disk/by-label/*) + printf "%s" "LABEL=${_dev##*/}" + ;; + /dev/disk/by-partuuid/*) + printf "%s" "PARTUUID=${_dev##*/}" + ;; + /dev/disk/by-partlabel/*) + printf "%s" "PARTLABEL=${_dev##*/}" + ;; + *) + printf "%s" "$_dev" + ;; + esac +} + +# find_block_device <mountpoint> +# Prints the major and minor number of the block device +# for a given mountpoint. +# Unless $use_fstab is set to "yes" the functions +# uses /proc/self/mountinfo as the primary source of the +# information and only falls back to /etc/fstab, if the mountpoint +# is not found there. +# Example: +# $ find_block_device /usr +# 8:4 +find_block_device() { + local _dev _majmin _find_mpt + _find_mpt="$1" + + if [[ $use_fstab != yes ]]; then + [[ -d $_find_mpt/. ]] + findmnt -e -v -n -o 'MAJ:MIN,SOURCE' --target "$_find_mpt" | { + while read -r _majmin _dev || [ -n "$_dev" ]; do + if [[ -b $_dev ]]; then + if ! [[ $_majmin ]] || [[ $_majmin == 0:* ]]; then + _majmin=$(get_maj_min "$_dev") + fi + if [[ $_majmin ]]; then + printf "%s\n" "$_majmin" + else + printf "%s\n" "$_dev" + fi + return 0 + fi + if [[ $_dev == *:* ]]; then + printf "%s\n" "$_dev" + return 0 + fi + done + return 1 + } && return 0 + fi + # fall back to /etc/fstab + [[ ! -f "$dracutsysrootdir"/etc/fstab ]] && return 1 + + findmnt -e --fstab -v -n -o 'MAJ:MIN,SOURCE' --target "$_find_mpt" | { + while read -r _majmin _dev || [ -n "$_dev" ]; do + if ! [[ $_dev ]]; then + _dev="$_majmin" + unset _majmin + fi + if [[ -b $_dev ]]; then + [[ $_majmin ]] || _majmin=$(get_maj_min "$_dev") + if [[ $_majmin ]]; then + printf "%s\n" "$_majmin" + else + printf "%s\n" "$_dev" + fi + return 0 + fi + if [[ $_dev == *:* ]]; then + printf "%s\n" "$_dev" + return 0 + fi + done + return 1 + } && return 0 + + return 1 +} + +# find_mp_fstype <mountpoint> +# Echo the filesystem type for a given mountpoint. +# /proc/self/mountinfo is taken as the primary source of information +# and /etc/fstab is used as a fallback. +# No newline is appended! +# Example: +# $ find_mp_fstype /;echo +# ext4 +find_mp_fstype() { + local _fs + + if [[ $use_fstab != yes ]]; then + findmnt -e -v -n -o 'FSTYPE' --target "$1" | { + while read -r _fs || [ -n "$_fs" ]; do + [[ $_fs ]] || continue + [[ $_fs == "autofs" ]] && continue + printf "%s" "$_fs" + return 0 + done + return 1 + } && return 0 + fi + + [[ ! -f "$dracutsysrootdir"/etc/fstab ]] && return 1 + + findmnt --fstab -e -v -n -o 'FSTYPE' --target "$1" | { + while read -r _fs || [ -n "$_fs" ]; do + [[ $_fs ]] || continue + [[ $_fs == "autofs" ]] && continue + printf "%s" "$_fs" + return 0 + done + return 1 + } && return 0 + + return 1 +} + +# find_dev_fstype <device> +# Echo the filesystem type for a given device. +# /proc/self/mountinfo is taken as the primary source of information +# and /etc/fstab is used as a fallback. +# No newline is appended! +# Example: +# $ find_dev_fstype /dev/sda2;echo +# ext4 +find_dev_fstype() { + local _find_dev _fs + _find_dev="$1" + if ! [[ $_find_dev == /dev* ]]; then + [[ -b "/dev/block/$_find_dev" ]] && _find_dev="/dev/block/$_find_dev" + fi + + if [[ $use_fstab != yes ]]; then + findmnt -e -v -n -o 'FSTYPE' --source "$_find_dev" | { + while read -r _fs || [ -n "$_fs" ]; do + [[ $_fs ]] || continue + [[ $_fs == "autofs" ]] && continue + printf "%s" "$_fs" + return 0 + done + return 1 + } && return 0 + fi + + [[ ! -f "$dracutsysrootdir"/etc/fstab ]] && return 1 + + findmnt --fstab -e -v -n -o 'FSTYPE' --source "$_find_dev" | { + while read -r _fs || [ -n "$_fs" ]; do + [[ $_fs ]] || continue + [[ $_fs == "autofs" ]] && continue + printf "%s" "$_fs" + return 0 + done + return 1 + } && return 0 + + return 1 +} + +# find_mp_fsopts <mountpoint> +# Echo the filesystem options for a given mountpoint. +# /proc/self/mountinfo is taken as the primary source of information +# and /etc/fstab is used as a fallback. +# No newline is appended! +# Example: +# $ find_mp_fsopts /;echo +# rw,relatime,discard,data=ordered +find_mp_fsopts() { + if [[ $use_fstab != yes ]]; then + findmnt -e -v -n -o 'OPTIONS' --target "$1" 2> /dev/null && return 0 + fi + + [[ ! -f "$dracutsysrootdir"/etc/fstab ]] && return 1 + + findmnt --fstab -e -v -n -o 'OPTIONS' --target "$1" +} + +# find_dev_fsopts <device> +# Echo the filesystem options for a given device. +# /proc/self/mountinfo is taken as the primary source of information +# and /etc/fstab is used as a fallback. +# if `use_fstab == yes`, then only `/etc/fstab` is used. +# +# Example: +# $ find_dev_fsopts /dev/sda2 +# rw,relatime,discard,data=ordered +find_dev_fsopts() { + local _find_dev + _find_dev="$1" + if ! [[ $_find_dev == /dev* ]]; then + [[ -b "/dev/block/$_find_dev" ]] && _find_dev="/dev/block/$_find_dev" + fi + + if [[ $use_fstab != yes ]]; then + findmnt -e -v -n -o 'OPTIONS' --source "$_find_dev" 2> /dev/null && return 0 + fi + + [[ ! -f "$dracutsysrootdir"/etc/fstab ]] && return 1 + + findmnt --fstab -e -v -n -o 'OPTIONS' --source "$_find_dev" +} + +# finds the major:minor of the block device backing the root filesystem. +find_root_block_device() { find_block_device /; } + +# for_each_host_dev_fs <func> +# Execute "<func> <dev> <filesystem>" for every "<dev> <fs>" pair found +# in ${host_fs_types[@]} +for_each_host_dev_fs() { + local _func="$1" + local _dev + local _ret=1 + + [[ "${#host_fs_types[@]}" ]] || return 2 + + for _dev in "${!host_fs_types[@]}"; do + $_func "$_dev" "${host_fs_types[$_dev]}" && _ret=0 + done + return $_ret +} + +host_fs_all() { + printf "%s\n" "${host_fs_types[@]}" +} + +# Walk all the slave relationships for a given block device. +# Stop when our helper function returns success +# $1 = function to call on every found block device +# $2 = block device in major:minor format +check_block_and_slaves() { + local _x + [[ -b /dev/block/$2 ]] || return 1 # Not a block device? So sorry. + if ! lvm_internal_dev "$2"; then "$1" "$2" && return; fi + check_vol_slaves "$@" && return 0 + if [[ -f /sys/dev/block/$2/../dev ]] && [[ /sys/dev/block/$2/../subsystem -ef /sys/class/block ]]; then + check_block_and_slaves "$1" "$(< "/sys/dev/block/$2/../dev")" && return 0 + fi + for _x in /sys/dev/block/"$2"/slaves/*; do + [[ -f $_x/dev ]] || continue + [[ $_x/subsystem -ef /sys/class/block ]] || continue + check_block_and_slaves "$1" "$(< "$_x/dev")" && return 0 + done + return 1 +} + +check_block_and_slaves_all() { + local _x _ret=1 + [[ -b /dev/block/$2 ]] || return 1 # Not a block device? So sorry. + if ! lvm_internal_dev "$2" && "$1" "$2"; then + _ret=0 + fi + check_vol_slaves_all "$@" && return 0 + if [[ -f /sys/dev/block/$2/../dev ]] && [[ /sys/dev/block/$2/../subsystem -ef /sys/class/block ]]; then + check_block_and_slaves_all "$1" "$(< "/sys/dev/block/$2/../dev")" && _ret=0 + fi + for _x in /sys/dev/block/"$2"/slaves/*; do + [[ -f $_x/dev ]] || continue + [[ $_x/subsystem -ef /sys/class/block ]] || continue + check_block_and_slaves_all "$1" "$(< "$_x/dev")" && _ret=0 + done + return $_ret +} +# for_each_host_dev_and_slaves <func> +# Execute "<func> <dev>" for every "<dev>" found +# in ${host_devs[@]} and their slaves +for_each_host_dev_and_slaves_all() { + local _func="$1" + local _dev + local _ret=1 + + [[ "${host_devs[*]}" ]] || return 2 + + for _dev in "${host_devs[@]}"; do + [[ -b $_dev ]] || continue + if check_block_and_slaves_all "$_func" "$(get_maj_min "$_dev")"; then + _ret=0 + fi + done + return $_ret +} + +for_each_host_dev_and_slaves() { + local _func="$1" + local _dev + + [[ "${host_devs[*]}" ]] || return 2 + + for _dev in "${host_devs[@]}"; do + [[ -b $_dev ]] || continue + check_block_and_slaves "$_func" "$(get_maj_min "$_dev")" && return 0 + done + return 1 +} + +# /sys/dev/block/major:minor is symbol link to real hardware device +# go downstream $(realpath /sys/dev/block/major:minor) to detect driver +get_blockdev_drv_through_sys() { + local _block_mods="" + local _path + + _path=$(realpath "$1") + while true; do + if [[ -L "$_path"/driver/module ]]; then + _mod=$(realpath "$_path"/driver/module) + _mod=$(basename "$_mod") + _block_mods="$_block_mods $_mod" + fi + _path=$(dirname "$_path") + if [[ $_path == '/sys/devices' ]] || [[ $_path == '/' ]]; then + break + fi + done + echo "$_block_mods" +} + +# ugly workaround for the lvm design +# There is no volume group device, +# so, there are no slave devices for volume groups. +# Logical volumes only have the slave devices they really live on, +# but you cannot create the logical volume without the volume group. +# And the volume group might be bigger than the devices the LV needs. +check_vol_slaves() { + local _vg _pv _dm _majmin + _majmin="$2" + _dm=/sys/dev/block/$_majmin/dm + [[ -f $_dm/uuid && $(< "$_dm"/uuid) =~ LVM-* ]] || return 1 + _vg=$(dmsetup splitname --noheadings -o vg_name "$(< "$_dm/name")") + # strip space + _vg="${_vg//[[:space:]]/}" + if [[ $_vg ]]; then + for _pv in $(lvm vgs --noheadings -o pv_name "$_vg" 2> /dev/null); do + check_block_and_slaves "$1" "$(get_maj_min "$_pv")" && return 0 + done + fi + return 1 +} + +check_vol_slaves_all() { + local _vg _pv _majmin + _majmin="$2" + _dm="/sys/dev/block/$_majmin/dm" + [[ -f $_dm/uuid && $(< "$_dm"/uuid) =~ LVM-* ]] || return 1 + _vg=$(dmsetup splitname --noheadings -o vg_name "$(< "$_dm/name")") + # strip space + _vg="${_vg//[[:space:]]/}" + if [[ $_vg ]]; then + # when filter/global_filter is set, lvm may be failed + if ! lvm lvs --noheadings -o vg_name "$_vg" 2> /dev/null 1> /dev/null; then + return 1 + fi + + for _pv in $(lvm vgs --noheadings -o pv_name "$_vg" 2> /dev/null); do + check_block_and_slaves_all "$1" "$(get_maj_min "$_pv")" + done + return 0 + fi + return 1 +} + +# fs_get_option <filesystem options> <search for option> +# search for a specific option in a bunch of filesystem options +# and return the value +fs_get_option() { + local _fsopts=$1 + local _option=$2 + local OLDIFS="$IFS" + IFS=, + # shellcheck disable=SC2086 + set -- $_fsopts + IFS="$OLDIFS" + while [ $# -gt 0 ]; do + case $1 in + $_option=*) + echo "${1#"${_option}"=}" + break + ;; + esac + shift + done +} + +check_kernel_config() { + local _config_opt="$1" + local _config_file + [[ -f $dracutsysrootdir/boot/config-$kernel ]] \ + && _config_file="/boot/config-$kernel" + [[ -f $dracutsysrootdir/lib/modules/$kernel/config ]] \ + && _config_file="/lib/modules/$kernel/config" + + # no kernel config file, so return true + [[ $_config_file ]] || return 0 + + grep -q -F "${_config_opt}=" "$dracutsysrootdir$_config_file" && return 0 + return 1 +} + +# 0 if the kernel module is either built-in or available +# 1 if the kernel module is not enabled +check_kernel_module() { + modprobe -d "$dracutsysrootdir" -S "$kernel" --dry-run "$1" &> /dev/null || return 1 +} + +# get_cpu_vendor +# Only two values are returned: AMD or Intel +get_cpu_vendor() { + if grep -qE AMD /proc/cpuinfo; then + printf "AMD" + fi + if grep -qE Intel /proc/cpuinfo; then + printf "Intel" + fi +} + +# get_host_ucode +# Get the hosts' ucode file based on the /proc/cpuinfo +get_ucode_file() { + local family + local model + local stepping + family=$(grep -E "cpu family" /proc/cpuinfo | head -1 | sed "s/.*:\ //") + model=$(grep -E "model" /proc/cpuinfo | grep -v name | head -1 | sed "s/.*:\ //") + stepping=$(grep -E "stepping" /proc/cpuinfo | head -1 | sed "s/.*:\ //") + + if [[ "$(get_cpu_vendor)" == "AMD" ]]; then + if [[ $family -ge 21 ]]; then + printf "microcode_amd_fam%xh.bin" "$family" + else + printf "microcode_amd.bin" + fi + fi + if [[ "$(get_cpu_vendor)" == "Intel" ]]; then + # The /proc/cpuinfo are in decimal. + printf "%02x-%02x-%02x" "${family}" "${model}" "${stepping}" + fi +} + +# Not every device in /dev/mapper should be examined. +# If it is an LVM device, touch only devices which have /dev/VG/LV symlink. +lvm_internal_dev() { + local dev_dm_dir=/sys/dev/block/$1/dm + [[ ! -f $dev_dm_dir/uuid || $(< "$dev_dm_dir"/uuid) != LVM-* ]] && return 1 # Not an LVM device + local DM_VG_NAME DM_LV_NAME DM_LV_LAYER + eval "$(dmsetup splitname --nameprefixes --noheadings --rows "$(< "$dev_dm_dir"/name)" 2> /dev/null)" + [[ ${DM_VG_NAME} ]] && [[ ${DM_LV_NAME} ]] || return 0 # Better skip this! + [[ ${DM_LV_LAYER} ]] || [[ ! -L /dev/${DM_VG_NAME}/${DM_LV_NAME} ]] +} + +btrfs_devs() { + local _mp="$1" + btrfs device usage "$_mp" \ + | while read -r _dev _; do + str_starts "$_dev" "/" || continue + _dev=${_dev%,} + printf -- "%s\n" "$_dev" + done +} + +zfs_devs() { + local _mp="$1" + zpool list -H -v -P "${_mp%%/*}" | awk -F$'\t' '$2 ~ /^\// {print $2}' \ + | while read -r _dev; do + realpath "${_dev}" + done +} + +iface_for_remote_addr() { + # shellcheck disable=SC2046 + set -- $(ip -o route get to "$1") + while [ $# -gt 0 ]; do + case $1 in + dev) + echo "$2" + return + ;; + esac + shift + done +} + +local_addr_for_remote_addr() { + # shellcheck disable=SC2046 + set -- $(ip -o route get to "$1") + while [ $# -gt 0 ]; do + case $1 in + src) + echo "$2" + return + ;; + esac + shift + done +} + +peer_for_addr() { + local addr=$1 + local qtd + + # quote periods in IPv4 address + qtd=${addr//./\\.} + ip -o addr show \ + | sed -n 's%^.* '"$qtd"' peer \([0-9a-f.:]\{1,\}\(/[0-9]*\)\?\).*$%\1%p' +} + +netmask_for_addr() { + local addr=$1 + local qtd + + # quote periods in IPv4 address + qtd=${addr//./\\.} + ip -o addr show | sed -n 's,^.* '"$qtd"'/\([0-9]*\) .*$,\1,p' +} + +gateway_for_iface() { + local ifname=$1 addr=$2 + + case $addr in + *.*) proto=4 ;; + *:*) proto=6 ;; + *) return ;; + esac + ip -o -$proto route show \ + | sed -n "s/^default via \([0-9a-z.:]\{1,\}\) dev $ifname .*\$/\1/p" +} + +# This works only for ifcfg-style network configuration! +bootproto_for_iface() { + local ifname=$1 + local dir + + # follow ifcfg settings for boot protocol + for dir in network-scripts network; do + [ -f "/etc/sysconfig/$dir/ifcfg-$ifname" ] && { + sed -n "s/BOOTPROTO=[\"']\?\([[:alnum:]]\{1,\}\)[\"']\?.*\$/\1/p" \ + "/etc/sysconfig/$dir/ifcfg-$ifname" + return + } + done +} + +is_unbracketed_ipv6_address() { + strglob "$1" '*:*' && ! strglob "$1" '\[*:*\]' +} + +# Create an ip= string to set up networking such that the given +# remote address can be reached +ip_params_for_remote_addr() { + local remote_addr=$1 + local ifname local_addr peer netmask gateway ifmac + + [[ $remote_addr ]] || return 1 + ifname=$(iface_for_remote_addr "$remote_addr") + [[ $ifname ]] || { + berror "failed to determine interface to connect to $remote_addr" + return 1 + } + + # ifname clause to bind the interface name to a MAC address + if [ -d "/sys/class/net/$ifname/bonding" ]; then + dinfo "Found bonded interface '${ifname}'. Make sure to provide an appropriate 'bond=' cmdline." + elif [ -e "/sys/class/net/$ifname/address" ]; then + ifmac=$(cat "/sys/class/net/$ifname/address") + [[ $ifmac ]] && printf 'ifname=%s:%s ' "${ifname}" "${ifmac}" + fi + + bootproto=$(bootproto_for_iface "$ifname") + case $bootproto in + dhcp | dhcp6 | auto6) ;; + dhcp4) + bootproto=dhcp + ;; + static* | "") + bootproto= + ;; + *) + derror "bootproto \"$bootproto\" is unsupported by dracut, trying static configuration" + bootproto= + ;; + esac + if [[ $bootproto ]]; then + printf 'ip=%s:%s ' "${ifname}" "${bootproto}" + else + local_addr=$(local_addr_for_remote_addr "$remote_addr") + [[ $local_addr ]] || { + berror "failed to determine local address to connect to $remote_addr" + return 1 + } + peer=$(peer_for_addr "$local_addr") + # Set peer or netmask, but not both + [[ $peer ]] || netmask=$(netmask_for_addr "$local_addr") + gateway=$(gateway_for_iface "$ifname" "$local_addr") + # Quote IPv6 addresses with brackets + is_unbracketed_ipv6_address "$local_addr" && local_addr="[$local_addr]" + is_unbracketed_ipv6_address "$peer" && peer="[$peer]" + is_unbracketed_ipv6_address "$gateway" && gateway="[$gateway]" + printf 'ip=%s:%s:%s:%s::%s:none ' \ + "${local_addr}" "${peer}" "${gateway}" "${netmask}" "${ifname}" + fi + +} + +# block_is_nbd <maj:min> +# Check whether $1 is an nbd device +block_is_nbd() { + [[ -b /dev/block/$1 && $1 == 43:* ]] +} + +# block_is_iscsi <maj:min> +# Check whether $1 is an iSCSI device +block_is_iscsi() { + local _dir + local _dev=$1 + [[ -L "/sys/dev/block/$_dev" ]] || return + _dir="$(readlink -f "/sys/dev/block/$_dev")" || return + until [[ -d "$_dir/sys" || -d "$_dir/iscsi_session" ]]; do + _dir="$_dir/.." + done + [[ -d "$_dir/iscsi_session" ]] +} + +# block_is_fcoe <maj:min> +# Check whether $1 is an FCoE device +# Will not work for HBAs that hide the ethernet aspect +# completely and present a pure FC device +block_is_fcoe() { + local _dir + local _dev=$1 + [[ -L "/sys/dev/block/$_dev" ]] || return + _dir="$(readlink -f "/sys/dev/block/$_dev")" + until [[ -d "$_dir/sys" ]]; do + _dir="$_dir/.." + if [[ -d "$_dir/subsystem" ]]; then + subsystem=$(basename "$(readlink "$_dir"/subsystem)") + [[ $subsystem == "fcoe" ]] && return 0 + fi + done + return 1 +} + +# block_is_netdevice <maj:min> +# Check whether $1 is a net device +block_is_netdevice() { + block_is_nbd "$1" || block_is_iscsi "$1" || block_is_fcoe "$1" +} + +# convert the driver name given by udevadm to the corresponding kernel module name +get_module_name() { + local dev_driver + while read -r dev_driver; do + case "$dev_driver" in + mmcblk) + echo "mmc_block" + ;; + *) + echo "$dev_driver" + ;; + esac + done +} + +# get the corresponding kernel modules of a /sys/class/*/* or/dev/* device +get_dev_module() { + local dev_attr_walk + local dev_drivers + local dev_paths + dev_attr_walk=$(udevadm info -a "$1") + dev_drivers=$(echo "$dev_attr_walk" \ + | sed -n 's/\s*DRIVERS=="\(\S\+\)"/\1/p' \ + | get_module_name) + + # also return modalias info from sysfs paths parsed by udevadm + dev_paths=$(echo "$dev_attr_walk" | sed -n 's/.*\(\/devices\/.*\)'\'':/\1/p') + local dev_path + for dev_path in $dev_paths; do + local modalias_file="/sys$dev_path/modalias" + if [ -e "$modalias_file" ]; then + dev_drivers="$(printf "%s\n%s" "$dev_drivers" "$(cat "$modalias_file")")" + fi + done + + # if no kernel modules found and device is in a virtual subsystem, follow symlinks + if [[ -z $dev_drivers && $(udevadm info -q path "$1") == "/devices/virtual"* ]]; then + local dev_vkernel + local dev_vsubsystem + local dev_vpath + dev_vkernel=$(echo "$dev_attr_walk" | sed -n 's/\s*KERNELS=="\(\S\+\)"/\1/p' | tail -1) + dev_vsubsystem=$(echo "$dev_attr_walk" | sed -n 's/\s*SUBSYSTEMS=="\(\S\+\)"/\1/p' | tail -1) + dev_vpath="/sys/devices/virtual/$dev_vsubsystem/$dev_vkernel" + if [[ -n $dev_vkernel && -n $dev_vsubsystem && -d $dev_vpath ]]; then + local dev_links + local dev_link + dev_links=$(find "$dev_vpath" -maxdepth 1 -type l ! -name "subsystem" -exec readlink {} \;) + for dev_link in $dev_links; do + [[ -n $dev_drivers && ${dev_drivers: -1} != $'\n' ]] && dev_drivers+=$'\n' + dev_drivers+=$(udevadm info -a "$dev_vpath/$dev_link" \ + | sed -n 's/\s*DRIVERS=="\(\S\+\)"/\1/p' \ + | get_module_name \ + | grep -v -e pcieport) + done + fi + fi + echo "$dev_drivers" +} + +# Check if file is in PE format +pe_file_format() { + if [[ $# -eq 1 ]]; then + local magic + magic=$(objdump -p "$1" \ + | gawk '{if ($1 == "Magic"){print strtonum("0x"$2)}}') + magic=$(printf "0x%x" "$magic") + # 0x10b (PE32), 0x20b (PE32+) + [[ $magic == 0x20b || $magic == 0x10b ]] && return 0 + fi + return 1 +} + +# Get specific data from the PE header +pe_get_header_data() { + local data_header + [[ $# -ne "2" ]] && return 1 + [[ $(pe_file_format "$1") -eq 1 ]] && return 1 + data_header=$(objdump -p "$1" \ + | awk -v data="$2" '{if ($1 == data){print $2}}') + echo "$data_header" +} + +# Get the SectionAlignment data from the PE header +pe_get_section_align() { + local align_hex + [[ $# -ne "1" ]] && return 1 + align_hex=$(pe_get_header_data "$1" "SectionAlignment") + [[ $? -eq 1 ]] && return 1 + echo "$((16#$align_hex))" +} + +# Get the ImageBase data from the PE header +pe_get_image_base() { + local base_image + [[ $# -ne "1" ]] && return 1 + base_image=$(pe_get_header_data "$1" "ImageBase") + [[ $? -eq 1 ]] && return 1 + echo "$((16#$base_image))" +} diff --git a/dracut-init.sh b/dracut-init.sh new file mode 100755 index 0000000..6b81833 --- /dev/null +++ b/dracut-init.sh @@ -0,0 +1,1155 @@ +#!/bin/bash +# +# functions used only by dracut and dracut modules +# +# Copyright 2005-2009 Red Hat, Inc. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# +export LC_MESSAGES=C + +if [[ $EUID == "0" ]] && ! [[ $DRACUT_NO_XATTR ]]; then + export DRACUT_CP="cp --reflink=auto --sparse=auto --preserve=mode,timestamps,xattr,links -dfr" +else + export DRACUT_CP="cp --reflink=auto --sparse=auto --preserve=mode,timestamps,links -dfr" +fi + +# is_func <command> +# Check whether $1 is a function. +is_func() { + [[ "$(type -t "$1")" == "function" ]] +} + +if ! [[ $dracutbasedir ]]; then + dracutbasedir=${BASH_SOURCE[0]%/*} + [[ $dracutbasedir == dracut-functions* ]] && dracutbasedir="." + [[ $dracutbasedir ]] || dracutbasedir="." + dracutbasedir="$(readlink -f $dracutbasedir)" +fi + +if ! is_func dinfo > /dev/null 2>&1; then + # shellcheck source=./dracut-logger.sh + . "$dracutbasedir/dracut-logger.sh" + dlog_init +fi + +if ! [[ $initdir ]]; then + dfatal "initdir not set" + exit 1 +fi + +if ! [[ -d $initdir ]]; then + mkdir -p "$initdir" +fi + +if ! [[ $kernel ]]; then + kernel=$(uname -r) + export kernel +fi + +srcmods="$dracutsysrootdir/lib/modules/$kernel/" + +[[ $drivers_dir ]] && { + if ! command -v kmod &> /dev/null && vercmp "$(modprobe --version | cut -d' ' -f3)" lt 3.7; then + dfatal 'To use --kmoddir option module-init-tools >= 3.7 is required.' + exit 1 + fi + srcmods="$drivers_dir" +} +export srcmods + +# export standard hookdirs +[[ $hookdirs ]] || { + hookdirs="cmdline pre-udev pre-trigger netroot " + hookdirs+="initqueue initqueue/settled initqueue/online initqueue/finished initqueue/timeout " + hookdirs+="pre-mount pre-pivot cleanup mount " + hookdirs+="emergency shutdown-emergency pre-shutdown shutdown " + export hookdirs +} + +DRACUT_LDD=${DRACUT_LDD:-ldd} +DRACUT_TESTBIN=${DRACUT_TESTBIN:-/bin/sh} +DRACUT_LDCONFIG=${DRACUT_LDCONFIG:-ldconfig} + +# shellcheck source=./dracut-functions.sh +. "$dracutbasedir"/dracut-functions.sh + +# Detect lib paths +if ! [[ $libdirs ]]; then + if [[ $("$DRACUT_LDD" "$dracutsysrootdir$DRACUT_TESTBIN") == */lib64/* ]] &> /dev/null \ + && [[ -d $dracutsysrootdir/lib64 ]]; then + libdirs+=" /lib64" + [[ -d $dracutsysrootdir/usr/lib64 ]] && libdirs+=" /usr/lib64" + else + libdirs+=" /lib" + [[ -d $dracutsysrootdir/usr/lib ]] && libdirs+=" /usr/lib" + fi + + libdirs+=" $(ldconfig_paths)" + + export libdirs +fi + +# helper function for check() in module-setup.sh +# to check for required installed binaries +# issues a standardized warning message +require_binaries() { + local _module_name="${moddir##*/}" + local _ret=0 + + if [[ $1 == "-m" ]]; then + _module_name="$2" + shift 2 + fi + + for cmd in "$@"; do + if ! find_binary "$cmd" &> /dev/null; then + dinfo "Module '${_module_name#[0-9][0-9]}' will not be installed, because command '$cmd' could not be found!" + ((_ret++)) + fi + done + return "$_ret" +} + +require_any_binary() { + local _module_name="${moddir##*/}" + local _ret=1 + + if [[ $1 == "-m" ]]; then + _module_name="$2" + shift 2 + fi + + for cmd in "$@"; do + if find_binary "$cmd" &> /dev/null; then + _ret=0 + break + fi + done + + if ((_ret != 0)); then + dinfo "$_module_name: Could not find any command of '$*'!" + return 1 + fi + + return 0 +} + +# helper function for check() in module-setup.sh +# to check for required kernel modules +# issues a standardized warning message +require_kernel_modules() { + local _module_name="${moddir##*/}" + local _ret=0 + + # Ignore kernel module requirement for no-kernel build + [[ $no_kernel == yes ]] && return 0 + + if [[ $1 == "-m" ]]; then + _module_name="$2" + shift 2 + fi + + for mod in "$@"; do + if ! check_kernel_module "$mod" &> /dev/null; then + dinfo "Module '${_module_name#[0-9][0-9]}' will not be installed, because kernel module '$mod' is not available!" + ((_ret++)) + fi + done + return "$_ret" +} + +dracut_need_initqueue() { + : > "$initdir/lib/dracut/need-initqueue" +} + +dracut_module_included() { + [[ " $mods_to_load $modules_loaded " == *\ $*\ * ]] +} + +dracut_no_switch_root() { + : > "$initdir/lib/dracut/no-switch-root" +} + +dracut_module_path() { + local _dir + + # shellcheck disable=SC2231 + for _dir in "${dracutbasedir}"/modules.d/??${1}; do + echo "$_dir" + return 0 + done + return 1 +} + +if ! [[ $DRACUT_INSTALL ]]; then + DRACUT_INSTALL=$(find_binary dracut-install) +fi + +if ! [[ $DRACUT_INSTALL ]] && [[ -x $dracutbasedir/dracut-install ]]; then + DRACUT_INSTALL=$dracutbasedir/dracut-install +elif ! [[ $DRACUT_INSTALL ]] && [[ -x $dracutbasedir/src/install/dracut-install ]]; then + DRACUT_INSTALL=$dracutbasedir/src/install/dracut-install +fi + +# Test if dracut-install is a standalone executable with no options. +# E.g. DRACUT_INSTALL may be set externally as: +# DRACUT_INSTALL="valgrind dracut-install" +# or +# DRACUT_INSTALL="dracut-install --debug" +# in which case the string cannot be tested for being executable. +DRINSTALLPARTS=0 +for i in $DRACUT_INSTALL; do + DRINSTALLPARTS=$((DRINSTALLPARTS + 1)) +done + +if [[ $DRINSTALLPARTS == 1 ]] && ! command -v "$DRACUT_INSTALL" > /dev/null 2>&1; then + dfatal "dracut-install not found!" + exit 10 +fi + +if [[ $hostonly == "-h" ]]; then + if ! [[ $DRACUT_KERNEL_MODALIASES ]] || ! [[ -f $DRACUT_KERNEL_MODALIASES ]]; then + export DRACUT_KERNEL_MODALIASES="${DRACUT_TMPDIR}/modaliases" + $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${srcmods:+--kerneldir "$srcmods"} --modalias > "$DRACUT_KERNEL_MODALIASES" + fi +fi + +[[ $DRACUT_RESOLVE_LAZY ]] || export DRACUT_RESOLVE_DEPS=1 +inst_dir() { + local _ret + [[ -e ${initdir}/"$1" ]] && return 0 # already there + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} -d "$@"; then + return 0 + else + _ret=$? + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} -d "$@" + return $_ret + fi +} + +inst() { + local _ret _hostonly_install + if [[ $1 == "-H" ]]; then + _hostonly_install="-H" + shift + fi + [[ -e ${initdir}/"${2:-$1}" ]] && return 0 # already there + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"; then + return 0 + else + _ret=$? + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@" + return $_ret + fi +} + +inst_simple() { + local _ret _hostonly_install + if [[ $1 == "-H" ]]; then + _hostonly_install="-H" + shift + fi + [[ -e ${initdir}/"${2:-$1}" ]] && return 0 # already there + [[ -e $1 ]] || return 1 # no source + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${_hostonly_install:+-H} "$@"; then + return 0 + else + _ret=$? + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${_hostonly_install:+-H} "$@" + return $_ret + fi +} + +inst_symlink() { + local _ret _hostonly_install + if [[ $1 == "-H" ]]; then + _hostonly_install="-H" + shift + fi + [[ -e ${initdir}/"${2:-$1}" ]] && return 0 # already there + [[ -L $1 ]] || return 1 + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"; then + return 0 + else + _ret=$? + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@" + return $_ret + fi +} + +inst_multiple() { + local _ret _hostonly_install + if [[ $1 == "-H" ]]; then + _hostonly_install="-H" + shift + fi + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} -a ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"; then + return 0 + else + _ret=$? + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} -a ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@" + return $_ret + fi +} + +dracut_install() { + inst_multiple "$@" +} + +dracut_instmods() { + local _ret _silent=0 + local i + [[ $no_kernel == yes ]] && return + for i in "$@"; do + [[ $i == "--silent" ]] && _silent=1 + done + + if $DRACUT_INSTALL \ + ${dracutsysrootdir:+-r "$dracutsysrootdir"} \ + ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${hostonly:+-H} ${omit_drivers:+-N "$omit_drivers"} ${srcmods:+--kerneldir "$srcmods"} -m "$@"; then + return 0 + else + _ret=$? + if ((_silent == 0)); then + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${hostonly:+-H} ${omit_drivers:+-N "$omit_drivers"} ${srcmods:+--kerneldir "$srcmods"} -m "$@" + fi + return $_ret + fi +} + +inst_library() { + local _ret _hostonly_install + if [[ $1 == "-H" ]]; then + _hostonly_install="-H" + shift + fi + [[ -e ${initdir}/"${2:-$1}" ]] && return 0 # already there + [[ -e $1 ]] || return 1 # no source + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@"; then + return 0 + else + _ret=$? + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} ${_hostonly_install:+-H} "$@" + return $_ret + fi +} + +inst_binary() { + local _ret + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} "$@"; then + return 0 + else + _ret=$? + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} "$@" + return $_ret + fi +} + +inst_script() { + local _ret + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} "$@"; then + return 0 + else + _ret=$? + derror FAILED: "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} "$@" + return $_ret + fi +} + +inst_fsck_help() { + local _ret _helper="/run/dracut/fsck/fsck_help_$1.txt" + if $DRACUT_INSTALL ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} "$2" "$_helper"; then + return 0 + else + _ret=$? + derror "$DRACUT_INSTALL" ${dracutsysrootdir:+-r "$dracutsysrootdir"} ${initdir:+-D "$initdir"} ${loginstall:+-L "$loginstall"} ${DRACUT_RESOLVE_DEPS:+-l} ${DRACUT_FIPS_MODE:+-f} "$2" "$_helper" + return $_ret + fi +} + +# Use with form hostonly="$(optional_hostonly)" inst_xxxx <args> +# If hostonly mode is set to "strict", hostonly restrictions will still +# be applied, else will ignore hostonly mode and try to install all +# given modules. +optional_hostonly() { + if [[ $hostonly_mode == "strict" ]]; then + printf -- "%s" "$hostonly" + else + printf "" + fi +} + +mark_hostonly() { + for i in "$@"; do + echo "$i" >> "$initdir/lib/dracut/hostonly-files" + done +} + +# find symlinks linked to given library file +# $1 = library file +# Function searches for symlinks by stripping version numbers appended to +# library filename, checks if it points to the same target and finally +# prints the list of symlinks to stdout. +# +# Example: +# rev_lib_symlinks libfoo.so.8.1 +# output: libfoo.so.8 libfoo.so +# (Only if libfoo.so.8 and libfoo.so exists on host system.) +rev_lib_symlinks() { + local _fn + local _orig + local _links + + [[ ! $1 ]] && return 0 + + _fn="$1" + _orig="$(readlink -f "$1")" + _links=() + + [[ ${_fn} == *.so.* ]] || return 1 + + until [[ ${_fn##*.} == so ]]; do + _fn="${_fn%.*}" + [[ -L ${_fn} ]] && [[ $(readlink -f "${_fn}") == "${_orig}" ]] && _links+=("${_fn}") + done + + echo "${_links[*]}}" +} + +# attempt to install any programs specified in a udev rule +inst_rule_programs() { + local _prog _bin + + # shellcheck disable=SC2013 + for _prog in $(sed -nr 's/.*PROGRAM==?"([^ "]+).*/\1/p' "$1"); do + _bin="" + if [[ -x ${udevdir}/$_prog ]]; then + _bin="${udevdir}"/$_prog + elif [[ ${_prog/\$env\{/} == "$_prog" ]]; then + _bin=$(find_binary "$_prog") || { + dinfo "Skipping program $_prog using in udev rule ${1##*/} as it cannot be found" + continue + } + fi + + [[ $_bin ]] && inst_binary "$_bin" + done + + # shellcheck disable=SC2013 + for _prog in $(sed -nr 's/.*RUN[+=]=?"([^ "]+).*/\1/p' "$1"); do + _bin="" + if [[ -x ${udevdir}/$_prog ]]; then + _bin=${udevdir}/$_prog + elif [[ ${_prog/\$env\{/} == "$_prog" ]] && [[ ${_prog} != "/sbin/initqueue" ]]; then + _bin=$(find_binary "$_prog") || { + dinfo "Skipping program $_prog using in udev rule ${1##*/} as it cannot be found" + continue + } + fi + + [[ $_bin ]] && inst_binary "$_bin" + done + + # shellcheck disable=SC2013 + for _prog in $(sed -nr 's/.*IMPORT\{program\}==?"([^ "]+).*/\1/p' "$1"); do + _bin="" + if [[ -x ${udevdir}/$_prog ]]; then + _bin=${udevdir}/$_prog + elif [[ ${_prog/\$env\{/} == "$_prog" ]]; then + _bin=$(find_binary "$_prog") || { + dinfo "Skipping program $_prog using in udev rule ${1##*/} as it cannot be found" + continue + } + fi + + [[ $_bin ]] && dracut_install "$_bin" + done +} + +# attempt to create any groups and users specified in a udev rule +inst_rule_group_owner() { + local i + + # shellcheck disable=SC2013 + for i in $(sed -nr 's/.*OWNER=?"([^ "]+).*/\1/p' "$1"); do + if ! grep -Eq "^$i:" "$initdir/etc/passwd" 2> /dev/null; then + grep -E "^$i:" "$dracutsysrootdir"/etc/passwd 2> /dev/null >> "$initdir/etc/passwd" + fi + done + + # shellcheck disable=SC2013 + for i in $(sed -nr 's/.*GROUP=?"([^ "]+).*/\1/p' "$1"); do + if ! grep -Eq "^$i:" "$initdir/etc/group" 2> /dev/null; then + grep -E "^$i:" "$dracutsysrootdir"/etc/group 2> /dev/null >> "$initdir/etc/group" + fi + done +} + +inst_rule_initqueue() { + if grep -q -F initqueue "$1"; then + dracut_need_initqueue + fi +} + +# udev rules always get installed in the same place, so +# create a function to install them to make life simpler. +inst_rules() { + local _target=/etc/udev/rules.d _rule _found + + inst_dir "${udevdir}/rules.d" + inst_dir "$_target" + for _rule in "$@"; do + if [ "${_rule#/}" = "$_rule" ]; then + for r in "$dracutsysrootdir${udevdir}/rules.d" ${hostonly:+"$dracutsysrootdir"/etc/udev/rules.d}; do + [[ -e $r/$_rule ]] || continue + _found="$r/$_rule" + inst_rule_programs "$_found" + inst_rule_group_owner "$_found" + inst_rule_initqueue "$_found" + inst_simple "$_found" + done + fi + for r in '' "$dracutsysrootdir$dracutbasedir/rules.d/"; do + # skip rules without an absolute path + [[ "${r}$_rule" != /* ]] && continue + [[ -f ${r}$_rule ]] || continue + _found="${r}$_rule" + inst_rule_programs "$_found" + inst_rule_group_owner "$_found" + inst_rule_initqueue "$_found" + inst_simple "$_found" "$_target/${_found##*/}" + done + [[ $_found ]] || ddebug "Skipping udev rule: $_rule" + done +} + +inst_rules_wildcard() { + local _target=/etc/udev/rules.d _rule _found + + inst_dir "${udevdir}/rules.d" + inst_dir "$_target" + for _rule in ${udevdir}/rules.d/$1 ${dracutbasedir}/rules.d/$1; do + [[ -e $_rule ]] || continue + inst_rule_programs "$_rule" + inst_rule_group_owner "$_rule" + inst_rule_initqueue "$_rule" + inst_simple "$_rule" + _found=$_rule + done + if [[ -n ${hostonly} ]]; then + for _rule in ${_target}/$1; do + [[ -f $_rule ]] || continue + inst_rule_programs "$_rule" + inst_rule_group_owner "$_rule" + inst_rule_initqueue "$_rule" + inst_simple "$_rule" + _found=$_rule + done + fi + [[ $_found ]] || ddebug "Skipping udev rule: $_rule" +} + +# make sure that library links are correct and up to date +build_ld_cache() { + for f in "$dracutsysrootdir"/etc/ld.so.conf "$dracutsysrootdir"/etc/ld.so.conf.d/*; do + [[ -f $f ]] && inst_simple "${f#"$dracutsysrootdir"}" + done + if ! $DRACUT_LDCONFIG -r "$initdir" -f /etc/ld.so.conf; then + if [[ $EUID == 0 ]]; then + derror "ldconfig exited ungracefully" + else + derror "ldconfig might need uid=0 (root) for chroot()" + fi + fi +} + +prepare_udev_rules() { + dwarn "prepare_udev_rules: deprecated and will be removed" + + if [ -z "$UDEVVERSION" ]; then + UDEVVERSION=$(udevadm --version) + export UDEVVERSION + fi + + if [ -z "$UDEVVERSION" ]; then + derror "Failed to detect udev version!" + return 1 + fi + if [ -z "${UDEVVERSION##*[!0-9]*}" ]; then + derror "udevadm --version did not report an integer, udev version cannot be determined!" + return 1 + fi + + for f in "$@"; do + f="${initdir}/etc/udev/rules.d/$f" + [ -e "$f" ] || continue + while read -r line || [ -n "$line" ]; do + if [ "${line%%IMPORT PATH_ID}" != "$line" ]; then + if ((UDEVVERSION >= 174)); then + printf '%sIMPORT{builtin}="path_id"\n' "${line%%IMPORT PATH_ID}" + else + printf '%sIMPORT{program}="path_id %%p"\n' "${line%%IMPORT PATH_ID}" + fi + elif [ "${line%%IMPORT BLKID}" != "$line" ]; then + if ((UDEVVERSION >= 176)); then + printf '%sIMPORT{builtin}="blkid"\n' "${line%%IMPORT BLKID}" + else + # shellcheck disable=SC2016 + printf '%sIMPORT{program}="/sbin/blkid -o udev -p $tempnode"\n' "${line%%IMPORT BLKID}" + fi + else + echo "$line" + fi + done < "${f}" > "${f}.new" + mv "${f}.new" "$f" + done +} + +# install function specialized for hooks +# $1 = type of hook, $2 = hook priority (lower runs first), $3 = hook +# All hooks should be POSIX/SuS compliant, they will be sourced by init. +inst_hook() { + local hook + if ! [[ -f $3 ]]; then + dfatal "Cannot install a hook ($3) that does not exist." + dfatal "Aborting initrd creation." + exit 1 + elif ! [[ $hookdirs == *$1* ]]; then + dfatal "No such hook type $1. Aborting initrd creation." + exit 1 + fi + hook="/lib/dracut/hooks/${1}/${2}-${3##*/}" + inst_simple "$3" "$hook" + chmod u+x "$initdir/$hook" +} + +# install any of listed files +# +# If first argument is '-d' and second some destination path, first accessible +# source is installed into this path, otherwise it will installed in the same +# path as source. If none of listed files was installed, function return 1. +# On first successful installation it returns with 0 status. +# +# Example: +# +# inst_any -d /bin/foo /bin/bar /bin/baz +# +# Lets assume that /bin/baz exists, so it will be installed as /bin/foo in +# initramfs. +inst_any() { + local to f + + [[ $1 == '-d' ]] && to="$2" && shift 2 + + for f in "$@"; do + [[ -e $f ]] || continue + [[ $to ]] && inst "$f" "$to" && return 0 + inst "$f" && return 0 + done + + return 1 +} + +# inst_libdir_dir <dir> [<dir>...] +# Install a <dir> located on a lib directory to the initramfs image +inst_libdir_dir() { + local -a _dirs + for _dir in $libdirs; do + for _i in "$@"; do + for _d in "$dracutsysrootdir$_dir"/$_i; do + [[ -d $_d ]] && _dirs+=("${_d#"$dracutsysrootdir"}") + done + done + done + for _dir in "${_dirs[@]}"; do + inst_dir "$_dir" + done +} + +# inst_libdir_file [-n <pattern>] <file> [<file>...] +# Install a <file> located on a lib directory to the initramfs image +# -n <pattern> install matching files +inst_libdir_file() { + local -a _files + if [[ $1 == "-n" ]]; then + local _pattern=$2 + shift 2 + for _dir in $libdirs; do + for _i in "$@"; do + for _f in "$dracutsysrootdir$_dir"/$_i; do + [[ ${_f#"$dracutsysrootdir"} =~ $_pattern ]] || continue + [[ -e $_f ]] && _files+=("${_f#"$dracutsysrootdir"}") + done + done + done + else + for _dir in $libdirs; do + for _i in "$@"; do + for _f in "$dracutsysrootdir$_dir"/$_i; do + [[ -e $_f ]] && _files+=("${_f#"$dracutsysrootdir"}") + done + done + done + fi + [[ ${#_files[@]} -gt 0 ]] && inst_multiple "${_files[@]}" +} + +# get a command to decompress the given file +get_decompress_cmd() { + case "$1" in + *.gz) echo 'gzip -f -d' ;; + *.bz2) echo 'bzip2 -d' ;; + *.xz) echo 'xz -f -d' ;; + *.zst) echo 'zstd -f -d ' ;; + esac +} + +# install function decompressing the target and handling symlinks +# $@ = list of compressed (gz or bz2) files or symlinks pointing to such files +# +# Function install targets in the same paths inside overlay but decompressed +# and without extensions (.gz, .bz2). +inst_decompress() { + local _src _cmd + + for _src in "$@"; do + _cmd=$(get_decompress_cmd "${_src}") + [[ -z ${_cmd} ]] && return 1 + inst_simple "${_src}" + # Decompress with chosen tool. We assume that tool changes name e.g. + # from 'name.gz' to 'name'. + ${_cmd} "${initdir}${_src}" + done +} + +# It's similar to above, but if file is not compressed, performs standard +# install. +# $@ = list of files +inst_opt_decompress() { + local _src + + for _src in "$@"; do + inst_decompress "${_src}" || inst "${_src}" + done +} + +# module_check <dracut module> [<forced>] [<module path>] +# execute the check() function of module-setup.sh of <dracut module> +# or the "check" script, if module-setup.sh is not found +# "check $hostonly" is called +module_check() { + local _moddir=$3 + local _ret + local _forced=0 + local _hostonly=$hostonly + [[ -z $_moddir ]] && _moddir=$(dracut_module_path "$1") + [ $# -ge 2 ] && _forced=$2 + [[ -f $_moddir/module-setup.sh ]] || return 1 + unset check depends cmdline install installkernel + check() { true; } + # shellcheck disable=SC1090 + . "$_moddir"/module-setup.sh + is_func check || return 0 + [[ $_forced != 0 ]] && unset hostonly + # don't quote $hostonly to leave argument empty + # shellcheck disable=SC2086 + moddir="$_moddir" check $hostonly + _ret=$? + unset check depends cmdline install installkernel + hostonly=$_hostonly + return $_ret +} + +# module_check_mount <dracut module> [<module path>] +# execute the check() function of module-setup.sh of <dracut module> +# or the "check" script, if module-setup.sh is not found +# "mount_needs=1 check 0" is called +module_check_mount() { + local _moddir=$2 + local _ret + export mount_needs=1 + [[ -z $_moddir ]] && _moddir=$(dracut_module_path "$1") + [[ -f $_moddir/module-setup.sh ]] || return 1 + unset check depends cmdline install installkernel + check() { false; } + # shellcheck disable=SC1090 + . "$_moddir"/module-setup.sh + moddir=$_moddir check 0 + _ret=$? + unset check depends cmdline install installkernel + unset mount_needs + return "$_ret" +} + +# module_depends <dracut module> [<module path>] +# execute the depends() function of module-setup.sh of <dracut module> +# or the "depends" script, if module-setup.sh is not found +module_depends() { + local _moddir=$2 + local _ret + [[ -z $_moddir ]] && _moddir=$(dracut_module_path "$1") + [[ -f $_moddir/module-setup.sh ]] || return 1 + unset check depends cmdline install installkernel + depends() { true; } + # shellcheck disable=SC1090 + . "$_moddir"/module-setup.sh + moddir=$_moddir depends + _ret=$? + unset check depends cmdline install installkernel + return $_ret +} + +# module_cmdline <dracut module> [<module path>] +# execute the cmdline() function of module-setup.sh of <dracut module> +# or the "cmdline" script, if module-setup.sh is not found +module_cmdline() { + local _moddir=$2 + local _ret + [[ -z $_moddir ]] && _moddir=$(dracut_module_path "$1") + [[ -f $_moddir/module-setup.sh ]] || return 1 + unset check depends cmdline install installkernel + cmdline() { true; } + # shellcheck disable=SC1090 + . "$_moddir"/module-setup.sh + moddir="$_moddir" cmdline + _ret=$? + unset check depends cmdline install installkernel + return $_ret +} + +# module_install <dracut module> [<module path>] +# execute the install() function of module-setup.sh of <dracut module> +# or the "install" script, if module-setup.sh is not found +module_install() { + local _moddir=$2 + local _ret + [[ -z $_moddir ]] && _moddir=$(dracut_module_path "$1") + [[ -f $_moddir/module-setup.sh ]] || return 1 + unset check depends cmdline install installkernel + install() { true; } + # shellcheck disable=SC1090 + . "$_moddir"/module-setup.sh + moddir="$_moddir" install + _ret=$? + unset check depends cmdline install installkernel + return $_ret +} + +# module_installkernel <dracut module> [<module path>] +# execute the installkernel() function of module-setup.sh of <dracut module> +# or the "installkernel" script, if module-setup.sh is not found +module_installkernel() { + local _moddir=$2 + local _ret + [[ -z $_moddir ]] && _moddir=$(dracut_module_path "$1") + [[ -f $_moddir/module-setup.sh ]] || return 1 + unset check depends cmdline install installkernel + installkernel() { true; } + # shellcheck disable=SC1090 + . "$_moddir"/module-setup.sh + moddir="$_moddir" installkernel + _ret=$? + unset check depends cmdline install installkernel + return $_ret +} + +# check_mount <dracut module> [<use_as_dep>] [<module path>] +# check_mount checks, if a dracut module is needed for the given +# device and filesystem types in "${host_fs_types[@]}" +check_mount() { + local _mod=$1 + local _moddir=$3 + local _ret + local _moddep + + [[ -z $_moddir ]] && _moddir=$(dracut_module_path "$1") + [ "${#host_fs_types[@]}" -le 0 ] && return 1 + + # If we are already scheduled to be loaded, no need to check again. + [[ " $mods_to_load " == *\ $_mod\ * ]] && return 0 + [[ " $mods_checked_as_dep " == *\ $_mod\ * ]] && return 1 + + # This should never happen, but... + [[ -d $_moddir ]] || return 1 + + [[ $2 ]] || mods_checked_as_dep+=" $_mod " + + if [[ " $omit_dracutmodules " == *\ $_mod\ * ]]; then + return 1 + fi + + if [[ " $dracutmodules $add_dracutmodules $force_add_dracutmodules" == *\ $_mod\ * ]]; then + module_check_mount "$_mod" "$_moddir" + _ret=$? + + # explicit module, so also accept _ret=255 + [[ $_ret == 0 || $_ret == 255 ]] || return 1 + else + # module not in our list + if [[ $dracutmodules == all ]]; then + # check, if we can and should install this module + module_check_mount "$_mod" "$_moddir" || return 1 + else + # skip this module + return 1 + fi + fi + + for _moddep in $(module_depends "$_mod" "$_moddir"); do + # handle deps as if they were manually added + [[ " $dracutmodules " == *\ $_mod\ * ]] \ + && [[ " $dracutmodules " != *\ $_moddep\ * ]] \ + && dracutmodules+=" $_moddep " + [[ " $add_dracutmodules " == *\ $_mod\ * ]] \ + && [[ " $add_dracutmodules " != *\ $_moddep\ * ]] \ + && add_dracutmodules+=" $_moddep " + [[ " $force_add_dracutmodules " == *\ $_mod\ * ]] \ + && [[ " $force_add_dracutmodules " != *\ $_moddep\ * ]] \ + && force_add_dracutmodules+=" $_moddep " + # if a module we depend on fail, fail also + if ! check_module "$_moddep"; then + derror "Module '$_mod' depends on '$_moddep', which can't be installed" + return 1 + fi + done + + [[ " $mods_to_load " == *\ $_mod\ * ]] \ + || mods_to_load+=" $_mod " + + return 0 +} + +# check_module <dracut module> [<use_as_dep>] [<module path>] +# check if a dracut module is to be used in the initramfs process +# if <use_as_dep> is set, then the process also keeps track +# that the modules were checked for the dependency tracking process +check_module() { + local _mod=$1 + local _moddir=$3 + local _ret + local _moddep + + [[ -z $_moddir ]] && _moddir=$(dracut_module_path "$1") + # If we are already scheduled to be loaded, no need to check again. + [[ " $mods_to_load " == *\ $_mod\ * ]] && return 0 + [[ " $mods_checked_as_dep " == *\ $_mod\ * ]] && return 1 + + # This should never happen, but... + [[ -d $_moddir ]] || return 1 + + [[ $2 ]] || mods_checked_as_dep+=" $_mod " + + if [[ " $omit_dracutmodules " == *\ $_mod\ * ]]; then + ddebug "Module '$_mod' will not be installed, because it's in the list to be omitted!" + return 1 + fi + + if [[ " $dracutmodules $add_dracutmodules $force_add_dracutmodules" == *\ $_mod\ * ]]; then + if [[ " $dracutmodules $force_add_dracutmodules " == *\ $_mod\ * ]]; then + module_check "$_mod" 1 "$_moddir" + _ret=$? + else + module_check "$_mod" 0 "$_moddir" + _ret=$? + fi + # explicit module, so also accept _ret=255 + [[ $_ret == 0 || $_ret == 255 ]] || return 1 + else + # module not in our list + if [[ $dracutmodules == all ]]; then + # check, if we can and should install this module + module_check "$_mod" 0 "$_moddir" + _ret=$? + if [[ $_ret != 0 ]]; then + [[ $2 ]] && return 1 + [[ $_ret != 255 ]] && return 1 + fi + else + # skip this module + return 1 + fi + fi + + for _moddep in $(module_depends "$_mod" "$_moddir"); do + # handle deps as if they were manually added + [[ " $dracutmodules " == *\ $_mod\ * ]] \ + && [[ " $dracutmodules " != *\ $_moddep\ * ]] \ + && dracutmodules+=" $_moddep " + [[ " $add_dracutmodules " == *\ $_mod\ * ]] \ + && [[ " $add_dracutmodules " != *\ $_moddep\ * ]] \ + && add_dracutmodules+=" $_moddep " + [[ " $force_add_dracutmodules " == *\ $_mod\ * ]] \ + && [[ " $force_add_dracutmodules " != *\ $_moddep\ * ]] \ + && force_add_dracutmodules+=" $_moddep " + # if a module we depend on fail, fail also + if ! check_module "$_moddep"; then + derror "Module '$_mod' depends on '$_moddep', which can't be installed" + return 1 + fi + done + + [[ " $mods_to_load " == *\ $_mod\ * ]] \ + || mods_to_load+=" $_mod " + + return 0 +} + +# for_each_module_dir <func> +# execute "<func> <dracut module> 1 <module path>" +for_each_module_dir() { + local _modcheck + local _mod + local _moddir + local _func + local _reason + _func=$1 + for _moddir in "$dracutbasedir/modules.d"/[0-9][0-9]*; do + [[ -e $_moddir/module-setup.sh ]] || continue + _mod=${_moddir##*/} + _mod=${_mod#[0-9][0-9]} + $_func "$_mod" 1 "$_moddir" + done + + # Report any missing dracut modules, the user has specified + _modcheck="$add_dracutmodules $force_add_dracutmodules" + [[ $dracutmodules != all ]] && _modcheck="$_modcheck $dracutmodules" + for _mod in $_modcheck; do + [[ " $mods_to_load " == *\ $_mod\ * ]] && continue + + [[ " $force_add_dracutmodules " != *\ $_mod\ * ]] \ + && [[ " $dracutmodules " != *\ $_mod\ * ]] \ + && [[ " $omit_dracutmodules " == *\ $_mod\ * ]] \ + && continue + + [[ -d $(echo "$dracutbasedir/modules.d"/[0-9][0-9]"$_mod") ]] \ + && _reason="installed" \ + || _reason="found" + derror "Module '$_mod' cannot be $_reason." + [[ " $force_add_dracutmodules " == *\ $_mod\ * ]] && exit 1 + [[ " $dracutmodules " == *\ $_mod\ * ]] && exit 1 + [[ " $add_dracutmodules " == *\ $_mod\ * ]] && exit 1 + done +} + +dracut_kernel_post() { + for _f in modules.builtin modules.builtin.alias modules.builtin.modinfo modules.order; do + [[ -e $srcmods/$_f ]] && inst_simple "$srcmods/$_f" "/lib/modules/$kernel/$_f" + done + + # generate module dependencies for the initrd + if [[ -d $initdir/lib/modules/$kernel ]] \ + && ! depmod -a -b "$initdir" "$kernel"; then + dfatal "\"depmod -a $kernel\" failed." + exit 1 + fi + +} + +instmods() { + # instmods [-c [-s]] <kernel module> [<kernel module> ... ] + # instmods [-c [-s]] <kernel subsystem> + # install kernel modules along with all their dependencies. + # <kernel subsystem> can be e.g. "=block" or "=drivers/usb/storage" + # -c check + # -s silent + local _optional="-o" + local _silent + local _ret + + [[ $no_kernel == yes ]] && return + + if [[ $1 == '-c' ]]; then + unset _optional + shift + fi + if [[ $1 == '-s' ]]; then + _silent=1 + shift + fi + + if (($# == 0)); then + read -r -d '' -a args + set -- "${args[@]}" + fi + + if (($# == 0)); then + return 0 + fi + + $DRACUT_INSTALL \ + ${initdir:+-D "$initdir"} \ + ${dracutsysrootdir:+-r "$dracutsysrootdir"} \ + ${loginstall:+-L "$loginstall"} \ + ${hostonly:+-H} \ + ${omit_drivers:+-N "$omit_drivers"} \ + ${srcmods:+--kerneldir "$srcmods"} \ + ${_optional:+-o} \ + ${_silent:+--silent} \ + -m "$@" + _ret=$? + + if ((_ret != 0)) && [[ -z $_silent ]]; then + derror "FAILED: " \ + "$DRACUT_INSTALL" \ + ${initdir:+-D "$initdir"} \ + ${dracutsysrootdir:+-r "$dracutsysrootdir"} \ + ${loginstall:+-L "$loginstall"} \ + ${hostonly:+-H} \ + ${omit_drivers:+-N "$omit_drivers"} \ + ${srcmods:+--kerneldir "$srcmods"} \ + ${_optional:+-o} \ + ${_silent:+--silent} \ + -m "$@" + fi + + [[ "$_optional" ]] && return 0 + return $_ret +} + +if [[ "$(ln --help)" == *--relative* ]]; then + ln_r() { + ln -sfnr "${initdir}/$1" "${initdir}/$2" + } +else + ln_r() { + local _source=$1 + local _dest=$2 + [[ -d ${_dest%/*} ]] && _dest=$(readlink -f "${_dest%/*}")/${_dest##*/} + ln -sfn -- "$(convert_abs_rel "${_dest}" "${_source}")" "${initdir}/${_dest}" + } +fi + +is_qemu_virtualized() { + # 0 if a virt environment was detected + # 1 if a virt environment could not be detected + # 255 if any error was encountered + if type -P systemd-detect-virt > /dev/null 2>&1; then + if ! vm=$(systemd-detect-virt --vm 2> /dev/null); then + return 255 + fi + [[ $vm == "qemu" ]] && return 0 + [[ $vm == "kvm" ]] && return 0 + [[ $vm == "bochs" ]] && return 0 + fi + + for i in /sys/class/dmi/id/*_vendor; do + [[ -f $i ]] || continue + read -r vendor < "$i" + [[ $vendor == "QEMU" ]] && return 0 + [[ $vendor == "Red Hat" ]] && return 0 + [[ $vendor == "Bochs" ]] && return 0 + done + return 1 +} diff --git a/dracut-initramfs-restore.sh b/dracut-initramfs-restore.sh new file mode 100755 index 0000000..995e13a --- /dev/null +++ b/dracut-initramfs-restore.sh @@ -0,0 +1,86 @@ +#!/bin/bash + +set -e + +# do some sanity checks first +[ -e /run/initramfs/bin/sh ] && exit 0 +[ -e /run/initramfs/.need_shutdown ] || exit 0 + +# SIGTERM signal is received upon forced shutdown: ignore the signal +# We want to remain alive to be able to trap unpacking errors to avoid +# switching root to an incompletely unpacked initramfs +trap 'echo "Received SIGTERM signal, ignoring!" >&2' TERM + +KERNEL_VERSION="$(uname -r)" + +[[ $dracutbasedir ]] || dracutbasedir=/usr/lib/dracut +SKIP="$dracutbasedir/skipcpio" +[[ -x $SKIP ]] || SKIP="cat" + +if [[ -d /efi/Default ]] || [[ -d /boot/Default ]] || [[ -d /boot/efi/Default ]]; then + MACHINE_ID="Default" +elif [[ -s /etc/machine-id ]]; then + read -r MACHINE_ID < /etc/machine-id + [[ $MACHINE_ID == "uninitialized" ]] && MACHINE_ID="Default" +else + MACHINE_ID="Default" +fi + +mount -o ro /boot &> /dev/null || true + +if [[ -d /efi/loader/entries || -L /efi/loader/entries ]] \ + && [[ -d /efi/$MACHINE_ID || -L /efi/$MACHINE_ID ]]; then + IMG="/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd" +elif [[ -d /boot/loader/entries || -L /boot/loader/entries ]] \ + && [[ -d /boot/$MACHINE_ID || -L /boot/$MACHINE_ID ]]; then + IMG="/boot/${MACHINE_ID}/${KERNEL_VERSION}/initrd" +elif [[ -d /boot/efi/loader/entries || -L /boot/efi/loader/entries ]] \ + && [[ -d /boot/efi/$MACHINE_ID || -L /boot/efi/$MACHINE_ID ]]; then + IMG="/boot/efi/$MACHINE_ID/$KERNEL_VERSION/initrd" +elif [[ -f /lib/modules/${KERNEL_VERSION}/initrd ]]; then + IMG="/lib/modules/${KERNEL_VERSION}/initrd" +elif [[ -f /boot/initramfs-${KERNEL_VERSION}.img ]]; then + IMG="/boot/initramfs-${KERNEL_VERSION}.img" +elif mountpoint -q /efi; then + IMG="/efi/$MACHINE_ID/$KERNEL_VERSION/initrd" +elif mountpoint -q /boot/efi; then + IMG="/boot/efi/$MACHINE_ID/$KERNEL_VERSION/initrd" +else + echo "No initramfs image found to restore!" + exit 1 +fi + +cd /run/initramfs + +if (command -v zcat > /dev/null && $SKIP "$IMG" 2> /dev/null | zcat 2> /dev/null | cpio -id --no-absolute-filenames --quiet > /dev/null 2>&1) \ + || (command -v bzcat > /dev/null && $SKIP "$IMG" 2> /dev/null | bzcat 2> /dev/null | cpio -id --no-absolute-filenames --quiet > /dev/null 2>&1) \ + || (command -v xzcat > /dev/null && $SKIP "$IMG" 2> /dev/null | xzcat 2> /dev/null | cpio -id --no-absolute-filenames --quiet > /dev/null 2>&1) \ + || (command -v lz4 > /dev/null && $SKIP "$IMG" 2> /dev/null | lz4 -d -c 2> /dev/null | cpio -id --no-absolute-filenames --quiet > /dev/null 2>&1) \ + || (command -v lzop > /dev/null && $SKIP "$IMG" 2> /dev/null | lzop -d -c 2> /dev/null | cpio -id --no-absolute-filenames --quiet > /dev/null 2>&1) \ + || (command -v zstd > /dev/null && $SKIP "$IMG" 2> /dev/null | zstd -d -c 2> /dev/null | cpio -id --no-absolute-filenames --quiet > /dev/null 2>&1) \ + || ($SKIP "$IMG" 2> /dev/null | cpio -id --no-absolute-filenames --quiet > /dev/null 2>&1); then + rm -f -- .need_shutdown +else + # something failed, so we clean up + echo "Unpacking of $IMG to /run/initramfs failed" >&2 + rm -f -- /run/initramfs/shutdown + exit 1 +fi + +if [[ -d squash ]]; then + if ! unsquashfs -no-xattrs -f -d . squash-root.img > /dev/null; then + echo "Squash module is enabled for this initramfs but failed to unpack squash-root.img" >&2 + rm -f -- /run/initramfs/shutdown + exit 1 + fi +fi + +if grep -q -w selinux /sys/kernel/security/lsm 2> /dev/null \ + && [ -e /etc/selinux/config -a -x /usr/sbin/setfiles ]; then + . /etc/selinux/config + if [[ $SELINUX != "disabled" && -n $SELINUXTYPE ]]; then + /usr/sbin/setfiles -v -r /run/initramfs /etc/selinux/"${SELINUXTYPE}"/contexts/files/file_contexts /run/initramfs > /dev/null + fi +fi + +exit 0 diff --git a/dracut-logger.sh b/dracut-logger.sh new file mode 100755 index 0000000..1a57e5e --- /dev/null +++ b/dracut-logger.sh @@ -0,0 +1,455 @@ +#!/bin/bash +# +# logging faciality module for dracut both at build- and boot-time +# +# Copyright 2010 Amadeusz Żołnowski <aidecoe@aidecoe.name> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +export __DRACUT_LOGGER__=1 + +## @brief Logging facility module for dracut both at build- and boot-time. +# +# @section intro Introduction +# +# The logger takes a bit from Log4j philosophy. There are defined 6 logging +# levels: +# - TRACE (6) +# The TRACE Level designates finer-grained informational events than the +# DEBUG. +# - DEBUG (5) +# The DEBUG Level designates fine-grained informational events that are most +# useful to debug an application. +# - INFO (4) +# The INFO level designates informational messages that highlight the +# progress of the application at coarse-grained level. +# - WARN (3) +# The WARN level designates potentially harmful situations. +# - ERROR (2) +# The ERROR level designates error events that might still allow the +# application to continue running. +# - FATAL (1) +# The FATAL level designates very severe error events that will presumably +# lead the application to abort. +# Descriptions are borrowed from Log4j documentation: +# http://logging.apache.org/log4j/1.2/apidocs/org/apache/log4j/Level.html +# +# @section usage Usage +# +# First of all you have to start with dlog_init() function which initializes +# required variables. Don't call any other logging function before that one! +# If you're ready with this, you can use following functions which corresponds +# clearly to levels listed in @ref intro Introduction. Here they are: +# - dtrace() +# - ddebug() +# - dinfo() +# - dwarn() +# - derror() +# - dfatal() +# They take all arguments given as a single message to be logged. See dlog() +# function for details how it works. Note that you shouldn't use dlog() by +# yourself. It's wrapped with above functions. +# +# @see dlog_init() dlog() +# +# @section conf Configuration +# +# Logging is controlled by following global variables: +# - @var stdloglvl - logging level to standard error (console output) +# - @var sysloglvl - logging level to syslog (by logger command) +# - @var fileloglvl - logging level to file +# - @var kmsgloglvl - logging level to /dev/kmsg (only for boot-time) +# - @var logfile - log file which is used when @var fileloglvl is higher +# than 0 +# and two global variables: @var maxloglvl and @var syslogfacility which <b>must +# not</b> be overwritten. Both are set by dlog_init(). @var maxloglvl holds +# maximum logging level of those three and indicates that dlog_init() was run. +# @var syslogfacility is set either to 'user' (when building initramfs) or +# 'daemon' (when booting). +# +# Logging level set by the variable means that messages from this logging level +# and above (FATAL is the highest) will be shown. Logging levels may be set +# independently for each destination (stderr, syslog, file, kmsg). +# +# @see dlog_init() + +## @brief Initializes dracut Logger. +# +# @retval 1 if something has gone wrong +# @retval 0 on success. +# +# @note This function need to be called before any other from this file. +# +# If any of the variables is not set, this function set it to default: +# - @var stdloglvl = 4 (info) +# - @var sysloglvl = 0 (no logging) +# - @var fileloglvl is set to 4 when @var logfile is set too, otherwise it's +# - @var kmsgloglvl = 0 (no logging) +# set to 0 +# +# @warning Function sets global variables @var maxloglvl and @syslogfacility. +# See file doc comment for details. +dlog_init() { + local __oldumask + local ret=0 + local errmsg + [ -z "$stdloglvl" ] && stdloglvl=4 + [ -z "$sysloglvl" ] && sysloglvl=0 + [ -z "$kmsgloglvl" ] && kmsgloglvl=0 + # Skip initialization if it's already done. + [ -n "$maxloglvl" ] && return 0 + + if [ -z "$fileloglvl" ]; then + [ -w "$logfile" ] && fileloglvl=4 || fileloglvl=0 + elif ((fileloglvl > 0)); then + if [[ $logfile ]]; then + __oldumask=$(umask) + umask 0377 + ! [ -e "$logfile" ] && : > "$logfile" + umask "$__oldumask" + if [[ -w $logfile ]] && [[ -f $logfile ]]; then + # Mark new run in the log file + echo >> "$logfile" + if command -v date > /dev/null; then + echo "=== $(date) ===" >> "$logfile" + else + echo "===============================================" >> "$logfile" + fi + echo >> "$logfile" + else + # We cannot log to file, so turn this facility off. + fileloglvl=0 + ret=1 + errmsg="'$logfile' is not a writable file" + fi + fi + fi + + if ((UID != 0)); then + kmsgloglvl=0 + sysloglvl=0 + fi + + if ((sysloglvl > 0)); then + if [[ -d /run/systemd/journal ]] \ + && type -P systemd-cat &> /dev/null \ + && systemctl --quiet is-active systemd-journald.socket &> /dev/null \ + && { echo "dracut-$DRACUT_VERSION" | systemd-cat -t 'dracut' &> /dev/null; }; then + readonly _systemdcatfile="$DRACUT_TMPDIR/systemd-cat" + mkfifo "$_systemdcatfile" + readonly _dlogfd=15 + systemd-cat -t 'dracut' --level-prefix=true < "$_systemdcatfile" & + exec 15> "$_systemdcatfile" + elif ! ([[ -S /dev/log ]] && [[ -w /dev/log ]] && command -v logger > /dev/null); then + # We cannot log to syslog, so turn this facility off. + kmsgloglvl=$sysloglvl + sysloglvl=0 + ret=1 + errmsg="No '/dev/log' or 'logger' included for syslog logging" + fi + fi + + if ((sysloglvl > 0)) || ((kmsgloglvl > 0)); then + if [ -n "$dracutbasedir" ]; then + readonly syslogfacility=user + else + readonly syslogfacility=daemon + fi + export syslogfacility + fi + + local lvl + local maxloglvl_l=0 + for lvl in $stdloglvl $sysloglvl $fileloglvl $kmsgloglvl; do + ((lvl > maxloglvl_l)) && maxloglvl_l=$lvl + done + readonly maxloglvl=$maxloglvl_l + export maxloglvl + + if ((stdloglvl < 6)) && ((kmsgloglvl < 6)) && ((fileloglvl < 6)) && ((sysloglvl < 6)); then + unset dtrace + dtrace() { :; } + fi + + if ((stdloglvl < 5)) && ((kmsgloglvl < 5)) && ((fileloglvl < 5)) && ((sysloglvl < 5)); then + unset ddebug + ddebug() { :; } + fi + + if ((stdloglvl < 4)) && ((kmsgloglvl < 4)) && ((fileloglvl < 4)) && ((sysloglvl < 4)); then + unset dinfo + dinfo() { :; } + fi + + if ((stdloglvl < 3)) && ((kmsgloglvl < 3)) && ((fileloglvl < 3)) && ((sysloglvl < 3)); then + unset dwarn + dwarn() { :; } + unset dwarning + dwarning() { :; } + fi + + if ((stdloglvl < 2)) && ((kmsgloglvl < 2)) && ((fileloglvl < 2)) && ((sysloglvl < 2)); then + unset derror + derror() { :; } + fi + + if ((stdloglvl < 1)) && ((kmsgloglvl < 1)) && ((fileloglvl < 1)) && ((sysloglvl < 1)); then + unset dfatal + dfatal() { :; } + fi + + [ -n "$errmsg" ] && derror "$errmsg" + + return $ret +} + +## @brief Converts numeric logging level to the first letter of level name. +# +# @param lvl Numeric logging level in range from 1 to 6. +# @retval 1 if @a lvl is out of range. +# @retval 0 if @a lvl is correct. +# @result Echoes first letter of level name. +_lvl2char() { + case "$1" in + 1) echo F ;; + 2) echo E ;; + 3) echo W ;; + 4) echo I ;; + 5) echo D ;; + 6) echo T ;; + *) return 1 ;; + esac +} + +## @brief Converts numeric level to logger priority defined by POSIX.2. +# +# @param lvl Numeric logging level in range from 1 to 6. +# @retval 1 if @a lvl is out of range. +# @retval 0 if @a lvl is correct. +# @result Echoes logger priority. +_lvl2syspri() { + printf -- "%s" "$syslogfacility." + case "$1" in + 1) echo crit ;; + 2) echo error ;; + 3) echo warning ;; + 4) echo info ;; + 5) echo debug ;; + 6) echo debug ;; + *) return 1 ;; + esac +} + +## @brief Converts dracut-logger numeric level to syslog log level +# +# @param lvl Numeric logging level in range from 1 to 6. +# @retval 1 if @a lvl is out of range. +# @retval 0 if @a lvl is correct. +# @result Echoes kernel console numeric log level +# +# Conversion is done as follows: +# +# <tt> +# none -> LOG_EMERG (0) +# none -> LOG_ALERT (1) +# FATAL(1) -> LOG_CRIT (2) +# ERROR(2) -> LOG_ERR (3) +# WARN(3) -> LOG_WARNING (4) +# none -> LOG_NOTICE (5) +# INFO(4) -> LOG_INFO (6) +# DEBUG(5) -> LOG_DEBUG (7) +# TRACE(6) / +# </tt> +# +# @see /usr/include/sys/syslog.h +_dlvl2syslvl() { + local lvl + + case "$1" in + 1) lvl=2 ;; + 2) lvl=3 ;; + 3) lvl=4 ;; + 4) lvl=6 ;; + 5) lvl=7 ;; + 6) lvl=7 ;; + *) return 1 ;; + esac + + [ "$syslogfacility" = user ] && echo $((8 + lvl)) || echo $((24 + lvl)) +} + +## @brief Prints to stderr and/or writes to file, to syslog and/or /dev/kmsg +# given message with given level (priority). +# +# @param lvl Numeric logging level. +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +# +# @note This function is not supposed to be called manually. Please use +# dtrace(), ddebug(), or others instead which wrap this one. +# +# This is core logging function which logs given message to standard error, file +# and/or syslog (with POSIX shell command <tt>logger</tt>) and/or to /dev/kmsg. +# The format is following: +# +# <tt>X: some message</tt> +# +# where @c X is the first letter of logging level. See module description for +# details on that. +# +# Message to syslog is sent with tag @c dracut. Priorities are mapped as +# following: +# - @c FATAL to @c crit +# - @c ERROR to @c error +# - @c WARN to @c warning +# - @c INFO to @c info +# - @c DEBUG and @c TRACE both to @c debug +_do_dlog() { + local lvlc + local lvl="$1" + shift + lvlc=$(_lvl2char "$lvl") || return 0 + local msg="$*" + local lmsg="$lvlc: $*" + + ((lvl <= stdloglvl)) && printf -- 'dracut[%s]: %s\n' "$lvlc" "$msg" >&2 + + if ((lvl <= sysloglvl)); then + if [[ "$_dlogfd" ]]; then + printf -- "<%s>%s\n" "$(($(_dlvl2syslvl "$lvl") & 7))" "$msg" >&$_dlogfd + else + logger -t "dracut[$$]" -p "$(_lvl2syspri "$lvl")" -- "$msg" + fi + fi + + if ((lvl <= fileloglvl)) && [[ -w $logfile ]] && [[ -f $logfile ]]; then + echo "$lmsg" >> "$logfile" + fi + + ((lvl <= kmsgloglvl)) \ + && echo "<$(_dlvl2syslvl "$lvl")>dracut[$$] $msg" > /dev/kmsg +} + +## @brief Internal helper function for _do_dlog() +# +# @param lvl Numeric logging level. +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +# +# @note This function is not supposed to be called manually. Please use +# dtrace(), ddebug(), or others instead which wrap this one. +# +# This function calls _do_dlog() either with parameter msg, or if +# none is given, it will read standard input and will use every line as +# a message. +# +# This enables: +# dwarn "This is a warning" +# echo "This is a warning" | dwarn +dlog() { + [ -z "$maxloglvl" ] && return 0 + (($1 <= maxloglvl)) || return 0 + + if (($# > 1)); then + _do_dlog "$@" + else + while read -r line || [ -n "$line" ]; do + _do_dlog "$1" "$line" + done + fi +} + +## @brief Logs message at TRACE level (6) +# +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +dtrace() { + set +x + dlog 6 "$@" + if [ -n "$debug" ]; then + set -x + fi +} + +## @brief Logs message at DEBUG level (5) +# +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +ddebug() { + set +x + dlog 5 "$@" + if [ -n "$debug" ]; then + set -x + fi +} + +## @brief Logs message at INFO level (4) +# +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +dinfo() { + set +x + dlog 4 "$@" + if [ -n "$debug" ]; then + set -x + fi +} + +## @brief Logs message at WARN level (3) +# +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +dwarn() { + set +x + dlog 3 "$@" + if [ -n "$debug" ]; then + set -x + fi +} + +## @brief It's an alias to dwarn() function. +# +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +dwarning() { + set +x + dwarn "$@" + if [ -n "$debug" ]; then + set -x + fi +} + +## @brief Logs message at ERROR level (2) +# +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +derror() { + set +x + dlog 2 "$@" + if [ -n "$debug" ]; then + set -x + fi +} + +## @brief Logs message at FATAL level (1) +# +# @param msg Message. +# @retval 0 It's always returned, even if logging failed. +dfatal() { + set +x + dlog 1 "$@" + if [ -n "$debug" ]; then + set -x + fi +} diff --git a/dracut-version.sh b/dracut-version.sh new file mode 100755 index 0000000..4a3b3c8 --- /dev/null +++ b/dracut-version.sh @@ -0,0 +1,3 @@ +#!/bin/sh +# shellcheck disable=SC2034 +DRACUT_VERSION=060 diff --git a/dracut.conf b/dracut.conf new file mode 100644 index 0000000..d6317a0 --- /dev/null +++ b/dracut.conf @@ -0,0 +1,3 @@ +# PUT YOUR CONFIG IN separate files +# in /etc/dracut.conf.d named "<name>.conf" +# SEE man dracut.conf(5) for options diff --git a/dracut.conf.d/fedora.conf.example b/dracut.conf.d/fedora.conf.example new file mode 100644 index 0000000..720a06c --- /dev/null +++ b/dracut.conf.d/fedora.conf.example @@ -0,0 +1,46 @@ +# dracut config file customized for RedHat/Fedora. + +# i18n +i18n_vars="/etc/sysconfig/keyboard:KEYTABLE-KEYMAP /etc/sysconfig/i18n:SYSFONT-FONT,FONTACM-FONT_MAP,FONT_UNIMAP" +i18n_default_font="eurlatgr" +i18n_install_all="yes" + + +stdloglvl=3 +sysloglvl=5 +install_optional_items+=" vi /usr/libexec/vi /etc/virc ps grep cat rm " +prefix="/" +environment=/usr/lib/environment.d +environmentconfdir=/etc/environment.d +dbus=/usr/share/dbus-1 +dbusinterfaces=/usr/share/dbus-1/interfaces +dbusservices=/usr/share/dbus-1/services +dbussession=/usr/share/dbus-1/session.d +dbussystem=/usr/share/dbus-1/system.d +dbussystemservices=/usr/share/dbus-1/system-services +dbusconfdir=/etc/dbus-1 +dbusinterfacesconfdir=/etc/dbus-1/interfaces +dbusservicesconfdir=/etc/dbus-1/services +dbussessionconfdir=/etc/dbus-1/session.d +dbussystemconfdir=/etc/dbus-1/system.d +dbussystemservicesconfdir=/etc/dbus-1/system-services +sysctld=/usr/lib/sysctl.d +sysctlconfdir=/etc/sysctl.d +systemdutildir=/usr/lib/systemd +systemdutilconfdir=/etc/systemd +systemdcatalog=/usr/lib/systemd/catalog +systemdntpunits=/usr/lib/systemd/ntp-units.d +systemdntpunitsconfdir=/etc/systemd/ntp-units.d +systemdportable=/usr/lib/systemd/portable +systemdportableconfdir=/etc/systemd/portable +systemdsystemunitdir=/usr/lib/systemd/system +systemdsystemconfdir=/etc/systemd/system +systemduser=/usr/lib/systemd/user +systemduserconfdir=/etc/systemd/user +sysusers=/usr/lib/sysusers.d +sysusersconfdir=/etc/sysusers.d +udevdir=/usr/lib/udev +hostonly="yes" +hostonly_cmdline="no" +early_microcode="yes" +reproducible="yes" diff --git a/dracut.conf.d/fips.conf.example b/dracut.conf.d/fips.conf.example new file mode 100644 index 0000000..ccf56c7 --- /dev/null +++ b/dracut.conf.d/fips.conf.example @@ -0,0 +1,3 @@ +# turn on fips module + +add_dracutmodules+=" fips " diff --git a/dracut.conf.d/suse.conf.example b/dracut.conf.d/suse.conf.example new file mode 100644 index 0000000..b9b0c37 --- /dev/null +++ b/dracut.conf.d/suse.conf.example @@ -0,0 +1,14 @@ +# SUSE specific dracut settings +# +# SUSE by default always builds as small as possible initrd for performance +# and resource reasons. +# If you like to build a generic initrd which works on other platforms than +# on the one dracut got called comment out below setting(s). +hostonly="yes" +hostonly_cmdline="yes" + +compress="zstd -3 -T0 -q" + +i18n_vars="/etc/sysconfig/language:RC_LANG-LANG,RC_LC_ALL-LC_ALL /etc/sysconfig/console:CONSOLE_UNICODEMAP-FONT_UNIMAP,CONSOLE_FONT-FONT,CONSOLE_SCREENMAP-FONT_MAP /etc/sysconfig/keyboard:KEYTABLE-KEYMAP" +omit_drivers+=" i2o_scsi " + diff --git a/dracut.sh b/dracut.sh new file mode 100755 index 0000000..3b29291 --- /dev/null +++ b/dracut.sh @@ -0,0 +1,2671 @@ +#!/bin/bash -p +# +# Generator script for a dracut initramfs + +# Copyright 2005-2013 Red Hat, Inc. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +# store for logging + +unset BASH_ENV +unset GZIP + +# Verify bash version, current minimum is 4 +if ((BASH_VERSINFO[0] < 4)); then + printf "%s\n" "dracut[F]: dracut requires at least Bash 4." >&2 + exit 1 +fi + +dracut_args=("$@") +# shellcheck disable=SC2155 +readonly dracut_cmd=$(readlink -f "$0") + +set -o pipefail + +usage() { + [[ $sysroot_l ]] && dracutsysrootdir="$sysroot_l" + [[ $dracutbasedir ]] || dracutbasedir="$dracutsysrootdir"/usr/lib/dracut + if [[ -f $dracutbasedir/dracut-version.sh ]]; then + # shellcheck source=./dracut-version.sh + . "$dracutbasedir"/dracut-version.sh + fi + + # 80x25 linebreak here ^ + cat << EOF +Usage: $dracut_cmd [OPTION]... [<initramfs> [<kernel-version>]] + +Version: $DRACUT_VERSION + +Creates initial ramdisk images for preloading modules + + -h, --help Display all options + +If a [LIST] has multiple arguments, then you have to put these in quotes. + +For example: + + # dracut --add-drivers "module1 module2" ... + +EOF +} + +long_usage() { + [[ $dracutbasedir ]] || dracutbasedir="$dracutsysrootdir"/usr/lib/dracut + if [[ -f $dracutbasedir/dracut-version.sh ]]; then + # shellcheck source=./dracut-version.sh + . "$dracutbasedir"/dracut-version.sh + fi + + # 80x25 linebreak here ^ + cat << EOF +Usage: $dracut_cmd [OPTION]... [<initramfs> [<kernel-version>]] + +Version: $DRACUT_VERSION + +Creates initial ramdisk images for preloading modules + + --kver [VERSION] Set kernel version to [VERSION]. + -f, --force Overwrite existing initramfs file. + [OUTPUT_FILE] --rebuild + Append the current arguments to those with which the + input initramfs image was built. This option helps in + incrementally building the initramfs for testing. + If optional [OUTPUT_FILE] is not provided, the input + initramfs provided to rebuild will be used as output + file. + -a, --add [LIST] Add a space-separated list of dracut modules. + --force-add [LIST] Force to add a space-separated list of dracut modules + to the default set of modules, when -H is specified. + -o, --omit [LIST] Omit a space-separated list of dracut modules. + -m, --modules [LIST] Specify a space-separated list of dracut modules to + call when building the initramfs. Modules are located + in /usr/lib/dracut/modules.d. + This option forces dracut to only include the specified + dracut modules. + In most cases the --add option is what you want to use. + --add-drivers [LIST] Specify a space-separated list of kernel + modules to add to the initramfs. + --force-drivers [LIST] + Specify a space-separated list of kernel + modules to add to the initramfs and make sure they + are tried to be loaded via modprobe same as passing + rd.driver.pre=DRIVER kernel parameter. + --omit-drivers [LIST] Specify a space-separated list of kernel + modules not to add to the initramfs. + -d, --drivers [LIST] Specify a space-separated list of kernel modules to + exclusively include in the initramfs. + --filesystems [LIST] Specify a space-separated list of kernel filesystem + modules to exclusively include in the generic + initramfs. + -k, --kmoddir [DIR] Specify the directory where to look for kernel + modules. + --fwdir [DIR] Specify additional colon-separated list of directories + where to look for firmware files. + --libdirs [LIST] Specify a space-separated list of directories + where to look for libraries. + --kernel-only Only install kernel drivers and firmware files. + --no-kernel Do not install kernel drivers and firmware files. + --print-cmdline Print the kernel command line for the given disk layout. + --early-microcode Combine early microcode with ramdisk. + --no-early-microcode Do not combine early microcode with ramdisk. + --kernel-cmdline [PARAMETERS] + Specify default kernel command line parameters. + --strip Strip binaries in the initramfs. + --aggressive-strip Strip more than just debug symbol and sections, + for a smaller initramfs build. The --strip option must + also be specified. + --nostrip Do not strip binaries in the initramfs. + --hardlink Hardlink files in the initramfs. + --nohardlink Do not hardlink files in the initramfs. + --prefix [DIR] Prefix initramfs files with [DIR]. + --noprefix Do not prefix initramfs files. + --mdadmconf Include local /etc/mdadm.conf file. + --nomdadmconf Do not include local /etc/mdadm.conf file. + --lvmconf Include local /etc/lvm/lvm.conf file. + --nolvmconf Do not include local /etc/lvm/lvm.conf file. + --fscks [LIST] Add a space-separated list of fsck helpers. + --nofscks Inhibit installation of any fsck helpers. + --ro-mnt Mount / and /usr read-only by default. + -h, --help This message. + --debug Output debug information of the build process. + --profile Output profile information of the build process. + -L, --stdlog [0-6] Specify logging level (to standard error) + 0 - suppress any messages + 1 - only fatal errors + 2 - all errors + 3 - warnings + 4 - info + 5 - debug info (here starts lots of output) + 6 - trace info (and even more) + -v, --verbose Increase verbosity level. + -q, --quiet Decrease verbosity level. + -c, --conf [FILE] Specify configuration file to use. + Default: /etc/dracut.conf + --confdir [DIR] Specify configuration directory to use *.conf files + from. Default: /etc/dracut.conf.d + --tmpdir [DIR] Temporary directory to be used instead of default + ${TMPDIR:-/var/tmp}. + -r, --sysroot [DIR] Specify sysroot directory to collect files from. + -l, --local Local mode. Use modules from the current working + directory instead of the system-wide installed in + /usr/lib/dracut/modules.d. + Useful when running dracut from a git checkout. + -H, --hostonly Host-only mode: Install only what is needed for + booting the local host instead of a generic host. + -N, --no-hostonly Disables host-only mode. + --hostonly-mode [MODE] + Specify the host-only mode to use. [MODE] could be + one of "sloppy" or "strict". "sloppy" mode is used + by default. + In "sloppy" host-only mode, extra drivers and modules + will be installed, so minor hardware change won't make + the image unbootable (e.g. changed keyboard), and the + image is still portable among similar hosts. + With "strict" mode enabled, anything not necessary + for booting the local host in its current state will + not be included, and modules may do some extra job + to save more space. Minor change of hardware or + environment could make the image unbootable. + DO NOT use "strict" mode unless you know what you + are doing. + --hostonly-cmdline Store kernel command line arguments needed + in the initramfs. + --no-hostonly-cmdline Do not store kernel command line arguments needed + in the initramfs. + --no-hostonly-default-device + Do not generate implicit host devices like root, + swap, fstab, etc. Use "--mount" or "--add-device" + to explicitly add devices as needed. + --hostonly-i18n Install only needed keyboard and font files according + to the host configuration (default). + --no-hostonly-i18n Install all keyboard and font files available. + --hostonly-nics [LIST] + Only enable listed NICs in the initramfs. The list can + be empty, so other modules can install only the + necessary network drivers. + --persistent-policy [POLICY] + Use [POLICY] to address disks and partitions. + POLICY can be any directory name found in /dev/disk + (e.g. "by-uuid", "by-label"), or "mapper" to use + /dev/mapper device names (default). + --fstab Use /etc/fstab to determine the root device. + --add-fstab [FILE] Add file to the initramfs fstab. + --mount "[DEV] [MP] [FSTYPE] [FSOPTS]" + Mount device [DEV] on mountpoint [MP] with filesystem + [FSTYPE] and options [FSOPTS] in the initramfs. + --mount "[MP]" Same as above, but [DEV], [FSTYPE] and [FSOPTS] are + determined by looking at the current mounts. + --add-device "[DEV]" Bring up [DEV] in initramfs. + -i, --include [SOURCE] [TARGET] + Include the files in the SOURCE directory into the + Target directory in the final initramfs. + If SOURCE is a file, it will be installed to TARGET + in the final initramfs. + -I, --install [LIST] Install the space separated list of files into the + initramfs. + --install-optional [LIST] + Install the space separated list of files into the + initramfs, if they exist. + --gzip Compress the generated initramfs using gzip. + This will be done by default, unless another + compression option or --no-compress is passed. + --bzip2 Compress the generated initramfs using bzip2. + Make sure your kernel has bzip2 decompression support + compiled in, otherwise you will not be able to boot. + --lzma Compress the generated initramfs using lzma. + Make sure your kernel has lzma support compiled in, + otherwise you will not be able to boot. + --xz Compress the generated initramfs using xz. + Make sure that your kernel has xz support compiled + in, otherwise you will not be able to boot. + --lzo Compress the generated initramfs using lzop. + Make sure that your kernel has lzo support compiled + in, otherwise you will not be able to boot. + --lz4 Compress the generated initramfs using lz4. + Make sure that your kernel has lz4 support compiled + in, otherwise you will not be able to boot. + --zstd Compress the generated initramfs using Zstandard. + Make sure that your kernel has zstd support compiled + in, otherwise you will not be able to boot. + --compress [COMPRESSION] + Compress the generated initramfs with the + passed compression program. Make sure your kernel + knows how to decompress the generated initramfs, + otherwise you will not be able to boot. + --no-compress Do not compress the generated initramfs. This will + override any other compression options. + --squash-compressor [COMPRESSION] + Specify the compressor and compressor specific options + used by mksquashfs if squash module is called when + building the initramfs. + --enhanced-cpio Attempt to reflink cpio file data using dracut-cpio. + --list-modules List all available dracut modules. + -M, --show-modules Print included module's name to standard output during + build. + --keep Keep the temporary initramfs for debugging purposes. + --printsize Print out the module install size. + --sshkey [SSHKEY] Add SSH key to initramfs (use with ssh-client module). + --logfile [FILE] Logfile to use (overrides configuration setting). + --reproducible Create reproducible images. + --no-reproducible Do not create reproducible images. + --loginstall [DIR] Log all files installed from the host to [DIR]. + --uefi Create an UEFI executable with the kernel cmdline and + kernel combined. + --no-uefi Disables UEFI mode. + --no-machineid Affects the default output filename of the UEFI + executable, discarding the <MACHINE_ID> part. + --uefi-stub [FILE] Use the UEFI stub [FILE] to create an UEFI executable. + --uefi-splash-image [FILE] + Use [FILE] as a splash image when creating an UEFI + executable. Requires bitmap (.bmp) image format. + --kernel-image [FILE] Location of the kernel image. + --sbat [PARAMETERS] The SBAT parameters to be added to .sbat. + The string "sbat,1,SBAT Version,sbat,1, + https://github.com/rhboot/shim/blob/main/SBAT.md" is + already added by default. + --regenerate-all Regenerate all initramfs images at the default location + for the kernel versions found on the system. + -p, --parallel Use parallel processing if possible (currently only + supported --regenerate-all) + images simultaneously. + --version Display version. + +If [LIST] has multiple arguments, then you have to put these in quotes. + +For example: + + # dracut --add-drivers "module1 module2" ... + +EOF +} + +long_version() { + [[ $dracutbasedir ]] || dracutbasedir="$dracutsysrootdir"/usr/lib/dracut + if [[ -f $dracutbasedir/dracut-version.sh ]]; then + # shellcheck source=./dracut-version.sh + . "$dracutbasedir"/dracut-version.sh + fi + echo "dracut $DRACUT_VERSION" +} + +# Fills up host_devs stack variable and makes sure there are no duplicates +push_host_devs() { + local _dev + for _dev in "$@"; do + [[ " ${host_devs[*]} " == *" $_dev "* ]] && return + host_devs+=("$_dev") + done +} + +# Little helper function for reading args from the commandline. +# it automatically handles -a b and -a=b variants, and returns 1 if +# we need to shift $3. +read_arg() { + # $1 = arg name + # $2 = arg value + # $3 = arg parameter + local rematch='^[^=]*=(.*)$' + if [[ $2 =~ $rematch ]]; then + read -r "$1" <<< "${BASH_REMATCH[1]}" + else + read -r "$1" <<< "$3" + # There is no way to shift our callers args, so + # return 1 to indicate they should do it instead. + return 1 + fi +} + +check_conf_file() { + if grep -H -e '^[^#]*[+]=\("[^ ]\|.*[^ ]"\)' "$@"; then + printf '\ndracut[W]: <key>+=" <values> ": <values> should have surrounding white spaces!\n' >&2 + printf 'dracut[W]: This will lead to unwanted side effects! Please fix the configuration file.\n\n' >&2 + fi +} + +dropindirs_sort() { + local suffix=$1 + shift + local -a files + local f d + + for d in "$@"; do + for i in "$d/"*"$suffix"; do + if [[ -e $i ]]; then + printf "%s\n" "${i##*/}" + fi + done + done | sort -Vu | { + readarray -t files + + for f in "${files[@]}"; do + for d in "$@"; do + if [[ -e "$d/$f" ]]; then + printf "%s\n" "$d/$f" + continue 2 + fi + done + done + } +} + +rearrange_params() { + # Workaround -i, --include taking 2 arguments + newat=() + for i in "$@"; do + if [[ $i == "-i" ]] || [[ $i == "--include" ]]; then + newat+=("++include") # Replace --include by ++include + else + newat+=("$i") + fi + done + set -- "${newat[@]}" # Set new $@ + + TEMP=$( + unset POSIXLY_CORRECT + getopt \ + -o "a:m:o:d:I:k:c:r:L:fvqlHhMNp" \ + --long kver: \ + --long add: \ + --long force-add: \ + --long add-drivers: \ + --long force-drivers: \ + --long omit-drivers: \ + --long modules: \ + --long omit: \ + --long drivers: \ + --long filesystems: \ + --long install: \ + --long install-optional: \ + --long fwdir: \ + --long libdirs: \ + --long fscks: \ + --long add-fstab: \ + --long mount: \ + --long device: \ + --long add-device: \ + --long nofscks \ + --long ro-mnt \ + --long kmoddir: \ + --long conf: \ + --long confdir: \ + --long tmpdir: \ + --long sysroot: \ + --long stdlog: \ + --long compress: \ + --long squash-compressor: \ + --long prefix: \ + --long rebuild: \ + --long force \ + --long kernel-only \ + --long no-kernel \ + --long print-cmdline \ + --long kernel-cmdline: \ + --long strip \ + --long aggressive-strip \ + --long nostrip \ + --long hardlink \ + --long nohardlink \ + --long noprefix \ + --long mdadmconf \ + --long nomdadmconf \ + --long lvmconf \ + --long nolvmconf \ + --long debug \ + --long profile \ + --long sshkey: \ + --long logfile: \ + --long verbose \ + --long quiet \ + --long local \ + --long hostonly \ + --long host-only \ + --long no-hostonly \ + --long no-host-only \ + --long hostonly-mode: \ + --long hostonly-cmdline \ + --long no-hostonly-cmdline \ + --long no-hostonly-default-device \ + --long persistent-policy: \ + --long fstab \ + --long help \ + --long bzip2 \ + --long lzma \ + --long xz \ + --long lzo \ + --long lz4 \ + --long zstd \ + --long no-compress \ + --long gzip \ + --long enhanced-cpio \ + --long list-modules \ + --long show-modules \ + --long keep \ + --long printsize \ + --long regenerate-all \ + --long parallel \ + --long noimageifnotneeded \ + --long early-microcode \ + --long no-early-microcode \ + --long reproducible \ + --long no-reproducible \ + --long loginstall: \ + --long uefi \ + --long no-uefi \ + --long uefi-stub: \ + --long uefi-splash-image: \ + --long kernel-image: \ + --long sbat: \ + --long no-hostonly-i18n \ + --long hostonly-i18n \ + --long hostonly-nics: \ + --long no-machineid \ + --long version \ + -- "$@" + ) + + # shellcheck disable=SC2181 + if (($? != 0)); then + usage + exit 1 + fi +} + +verbosity_mod_l=0 +unset kernel +unset outfile + +rearrange_params "$@" +eval set -- "$TEMP" + +# parse command line args to check if '--rebuild' option is present +unset append_args_l +unset rebuild_file +while :; do + if [ "$1" == "--" ]; then + shift + break + fi + if [ "$1" == "--rebuild" ]; then + append_args_l="yes" + rebuild_file="$2" + if [ ! -e "$rebuild_file" ]; then + echo "Image file '$rebuild_file', for rebuild, does not exist!" + exit 1 + fi + abs_rebuild_file=$(readlink -f "$rebuild_file") && rebuild_file="$abs_rebuild_file" + shift + continue + fi + shift +done + +# get output file name and kernel version from command line arguments +while (($# > 0)); do + case ${1%%=*} in + ++include) + shift 2 + ;; + *) + if ! [[ ${outfile+x} ]]; then + outfile=$1 + elif ! [[ ${kernel+x} ]]; then + kernel=$1 + else + printf "\nUnknown arguments: %s\n\n" "$*" >&2 + usage + exit 1 + fi + ;; + esac + shift +done + +# extract input image file provided with rebuild option to get previous parameters, if any +if [[ $append_args_l == "yes" ]]; then + unset rebuild_param + + # determine resultant file + if ! [[ $outfile ]]; then + outfile=$rebuild_file + fi + + if ! rebuild_param=$(lsinitrd "$rebuild_file" '*lib/dracut/build-parameter.txt'); then + echo "Image '$rebuild_file' has no rebuild information stored" + exit 1 + fi + + # prepend previous parameters to current command line args + if [[ $rebuild_param ]]; then + TEMP="$rebuild_param $TEMP" + eval set -- "$TEMP" + rearrange_params "$@" + fi +fi + +unset PARMS_TO_STORE +PARMS_TO_STORE="" + +eval set -- "$TEMP" + +while :; do + if [[ $1 != "--" ]] && [[ $1 != "--rebuild" ]]; then + PARMS_TO_STORE+=" $1" + fi + case $1 in + --kver) + kernel="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + -a | --add) + add_dracutmodules_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --force-add) + force_add_dracutmodules_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --add-drivers) + add_drivers_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --force-drivers) + force_drivers_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --omit-drivers) + omit_drivers_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + -m | --modules) + dracutmodules_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + -o | --omit) + omit_dracutmodules_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + -d | --drivers) + drivers_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --filesystems) + filesystems_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + -I | --install) + install_items_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --install-optional) + install_optional_items_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --fwdir) + fw_dir_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --libdirs) + libdirs_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --fscks) + fscks_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --add-fstab) + add_fstab_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --mount) + fstab_lines+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --add-device | --device) + add_device_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --kernel-cmdline) + kernel_cmdline_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --nofscks) nofscks_l="yes" ;; + --ro-mnt) ro_mnt_l="yes" ;; + -k | --kmoddir) + drivers_dir_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + -c | --conf) + conffile="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --confdir) + confdir="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --tmpdir) + tmpdir_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + -r | --sysroot) + sysroot_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + -L | --stdlog) + stdloglvl_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --compress) + compress_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --squash-compressor) + squash_compress_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --prefix) + prefix_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --loginstall) + loginstall_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --rebuild) + if [[ $rebuild_file == "$outfile" ]]; then + force=yes + fi + shift + ;; + -f | --force) force=yes ;; + --kernel-only) + kernel_only="yes" + no_kernel="no" + ;; + --no-kernel) + kernel_only="no" + no_kernel="yes" + ;; + --print-cmdline) + print_cmdline="yes" + hostonly_l="yes" + kernel_only="yes" + no_kernel="yes" + ;; + --early-microcode) + early_microcode_l="yes" + ;; + --no-early-microcode) + early_microcode_l="no" + ;; + --strip) do_strip_l="yes" ;; + --aggressive-strip) aggressive_strip_l="yes" ;; + --nostrip) do_strip_l="no" ;; + --hardlink) do_hardlink_l="yes" ;; + --nohardlink) do_hardlink_l="no" ;; + --noprefix) prefix_l="/" ;; + --mdadmconf) mdadmconf_l="yes" ;; + --nomdadmconf) mdadmconf_l="no" ;; + --lvmconf) lvmconf_l="yes" ;; + --nolvmconf) lvmconf_l="no" ;; + --debug) debug="yes" ;; + --profile) profile="yes" ;; + --sshkey) + sshkey="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --logfile) + logfile_l="$2" + shift + ;; + -v | --verbose) ((verbosity_mod_l++)) ;; + -q | --quiet) ((verbosity_mod_l--)) ;; + -l | --local) + allowlocal="yes" + [[ -f "$(readlink -f "${0%/*}")/dracut-init.sh" ]] \ + && dracutbasedir="$(readlink -f "${0%/*}")" + ;; + -H | --hostonly | --host-only) + hostonly_l="yes" + ;; + -N | --no-hostonly | --no-host-only) + hostonly_l="no" + ;; + --hostonly-mode) + hostonly_mode_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --hostonly-cmdline) + hostonly_cmdline_l="yes" + ;; + --hostonly-i18n) + i18n_install_all_l="no" + ;; + --hostonly-nics) + hostonly_nics_l+=("$2") + PARMS_TO_STORE+=" '$2'" + shift + ;; + --no-hostonly-i18n) + i18n_install_all_l="yes" + ;; + --no-hostonly-cmdline) + hostonly_cmdline_l="no" + ;; + --no-hostonly-default-device) + hostonly_default_device="no" + ;; + --persistent-policy) + persistent_policy_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --fstab) use_fstab_l="yes" ;; + -h | --help) + long_usage + exit 0 + ;; + --bzip2) compress_l="bzip2" ;; + --lzma) compress_l="lzma" ;; + --xz) compress_l="xz" ;; + --lzo) compress_l="lzop" ;; + --lz4) compress_l="lz4" ;; + --zstd) compress_l="zstd" ;; + --no-compress) _no_compress_l="cat" ;; + --gzip) compress_l="gzip" ;; + --enhanced-cpio) enhanced_cpio_l="yes" ;; + --list-modules) do_list="yes" ;; + -M | --show-modules) + show_modules_l="yes" + ;; + --keep) keep="yes" ;; + --printsize) printsize="yes" ;; + --regenerate-all) regenerate_all_l="yes" ;; + -p | --parallel) parallel_l="yes" ;; + --noimageifnotneeded) noimageifnotneeded="yes" ;; + --reproducible) reproducible_l="yes" ;; + --no-reproducible) reproducible_l="no" ;; + --uefi) uefi_l="yes" ;; + --no-uefi) uefi_l="no" ;; + --uefi-stub) + uefi_stub_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --uefi-splash-image) + uefi_splash_image_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --kernel-image) + kernel_image_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --sbat) + sbat_l="$2" + PARMS_TO_STORE+=" '$2'" + shift + ;; + --no-machineid) + machine_id_l="no" + ;; + --version) + long_version + exit 0 + ;; + --) + shift + break + ;; + + *) # should not even reach this point + printf "\n!Unknown option: '%s'\n\n" "$1" >&2 + usage + exit 1 + ;; + esac + shift +done + +# getopt cannot handle multiple arguments, so just handle "-I,--include" +# the old fashioned way + +while (($# > 0)); do + if [ "${1%%=*}" == "++include" ]; then + include_src+=("$2") + include_target+=("$3") + PARMS_TO_STORE+=" --include '$2' '$3'" + shift 2 + fi + shift +done + +[[ $sysroot_l ]] && dracutsysrootdir="$sysroot_l" + +export LC_ALL=C +export LANG=C +unset LC_MESSAGES +unset LC_CTYPE +unset LD_LIBRARY_PATH +unset LD_PRELOAD +unset GREP_OPTIONS + +export DRACUT_LOG_LEVEL=warning +[[ $debug ]] && { + export DRACUT_LOG_LEVEL=debug + export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]-}): ' + set -x +} + +[[ $profile ]] && { + export PS4='+ $(date "+%s.%N") ${BASH_SOURCE}@${LINENO}: ' + set -x + debug=yes +} + +[[ $dracutbasedir ]] || dracutbasedir="$dracutsysrootdir"/usr/lib/dracut + +# if we were not passed a config file, try the default one +if [[ -z $conffile ]]; then + if [[ $allowlocal ]]; then + conffile="$dracutbasedir/dracut.conf" + else + conffile="$dracutsysrootdir/etc/dracut.conf" + fi +elif [[ ! -e $conffile ]]; then + printf "%s\n" "dracut[F]: Configuration file '$conffile' not found." >&2 + exit 1 +fi + +if [[ -z $confdir ]]; then + if [[ $allowlocal ]]; then + confdir="$dracutbasedir/dracut.conf.d" + else + confdir="$dracutsysrootdir/etc/dracut.conf.d" + fi +elif [[ ! -d $confdir ]]; then + printf "%s\n" "dracut[F]: Configuration directory '$confdir' not found." >&2 + exit 1 +fi + +# source our config file +if [[ -f $conffile ]]; then + check_conf_file "$conffile" + # shellcheck disable=SC1090 + . "$conffile" +fi + +# source our config dir +for f in $(dropindirs_sort ".conf" "$confdir" "$dracutbasedir/dracut.conf.d"); do + check_conf_file "$f" + # shellcheck disable=SC1090 + [[ -e $f ]] && . "$f" +done + +# regenerate_all shouldn't be set in conf files +regenerate_all=$regenerate_all_l +if [[ $parallel_l == "yes" ]]; then + parallel=yes +fi + +if [[ $regenerate_all == "yes" ]]; then + ret=0 + if [[ $kernel ]]; then + printf "%s\n" "dracut[F]: --regenerate-all cannot be called with a kernel version." >&2 + exit 1 + fi + + if [[ $outfile ]]; then + printf "%s\n" "dracut[F]: --regenerate-all cannot be called with an image file." >&2 + exit 1 + fi + + ((len = ${#dracut_args[@]})) + for ((i = 0; i < len; i++)); do + case ${dracut_args[$i]} in + --regenerate-all | --parallel) + # shellcheck disable=SC2184 + unset dracut_args["$i"] + ;; + esac + done + + cd "$dracutsysrootdir"/lib/modules || exit 1 + if [[ $parallel != "yes" ]]; then + for i in *; do + [[ -f $i/modules.dep ]] || [[ -f $i/modules.dep.bin ]] || continue + "$dracut_cmd" --kver="$i" "${dracut_args[@]}" + ((ret += $?)) + done + else + for i in *; do + [[ -f $i/modules.dep ]] || [[ -f $i/modules.dep.bin ]] || continue + "$dracut_cmd" --kver="$i" "${dracut_args[@]}" & + done + while true; do + wait -n + wst=$? + if [[ $wst == 127 ]]; then + break + else + ((ret += wst)) + fi + done + fi + exit "$ret" +fi + +if ! [[ $kernel ]]; then + kernel=$(uname -r) +fi + +DRACUT_PATH=${DRACUT_PATH:-/sbin /bin /usr/sbin /usr/bin} + +for i in $DRACUT_PATH; do + rl=$i + if [ -L "$dracutsysrootdir$i" ]; then + rl=$(readlink -f "$dracutsysrootdir$i") + fi + rl="${rl#"$dracutsysrootdir"}" + if [[ $NPATH != *:$rl* ]]; then + NPATH+=":$rl" + fi +done +[[ -z $dracutsysrootdir ]] && export PATH="${NPATH#:}" +unset NPATH + +export SYSTEMCTL=${SYSTEMCTL:-systemctl} + +# these options add to the stuff in the config file +((${#add_dracutmodules_l[@]})) && add_dracutmodules+=" ${add_dracutmodules_l[*]} " +((${#omit_dracutmodules_l[@]})) && omit_dracutmodules+=" ${omit_dracutmodules_l[*]} " +((${#force_add_dracutmodules_l[@]})) && force_add_dracutmodules+=" ${force_add_dracutmodules_l[*]} " +((${#fscks_l[@]})) && fscks+=" ${fscks_l[*]} " +((${#add_fstab_l[@]})) && add_fstab+=" ${add_fstab_l[*]} " +((${#install_items_l[@]})) && install_items+=" ${install_items_l[*]} " +((${#install_optional_items_l[@]})) && install_optional_items+=" ${install_optional_items_l[*]} " +((${#hostonly_nics_l[@]})) && hostonly_nics+=" ${hostonly_nics_l[*]} " + +# these options override the stuff in the config file +((${#dracutmodules_l[@]})) && dracutmodules="${dracutmodules_l[*]}" +((${#filesystems_l[@]})) && filesystems="${filesystems_l[*]}" +((${#fw_dir_l[@]})) && fw_dir="${fw_dir_l[*]}" +((${#libdirs_l[@]})) && libdirs="${libdirs_l[*]}" + +[[ $stdloglvl_l ]] && stdloglvl=$stdloglvl_l +[[ ! $stdloglvl ]] && stdloglvl=4 +stdloglvl=$((stdloglvl + verbosity_mod_l)) +((stdloglvl > 6)) && stdloglvl=6 +((stdloglvl < 0)) && stdloglvl=0 + +[[ $drivers_dir_l ]] && drivers_dir=$drivers_dir_l +drivers_dir="${drivers_dir%"${drivers_dir##*[!/]}"}" +[[ $do_strip_l ]] && do_strip=$do_strip_l +[[ $do_strip ]] || do_strip=yes +[[ $aggressive_strip_l ]] && aggressive_strip=$aggressive_strip_l +[[ $do_hardlink_l ]] && do_hardlink=$do_hardlink_l +[[ $do_hardlink ]] || do_hardlink=yes +[[ $prefix_l ]] && prefix=$prefix_l +[[ $prefix == "/" ]] && unset prefix +[[ $hostonly_l ]] && hostonly=$hostonly_l +[[ $hostonly_cmdline_l ]] && hostonly_cmdline=$hostonly_cmdline_l +[[ $hostonly_mode_l ]] && hostonly_mode=$hostonly_mode_l +[[ $hostonly == "yes" ]] && ! [[ $hostonly_cmdline ]] && hostonly_cmdline="yes" +# shellcheck disable=SC2034 +[[ $i18n_install_all_l ]] && i18n_install_all=$i18n_install_all_l +# shellcheck disable=SC2034 +[[ $persistent_policy_l ]] && persistent_policy=$persistent_policy_l +[[ $use_fstab_l ]] && use_fstab=$use_fstab_l +[[ $mdadmconf_l ]] && mdadmconf=$mdadmconf_l +[[ $lvmconf_l ]] && lvmconf=$lvmconf_l +[[ $dracutbasedir ]] || dracutbasedir="$dracutsysrootdir"/usr/lib/dracut +[[ $fw_dir ]] || { + fw_path_para=$(< /sys/module/firmware_class/parameters/path) + fw_dir="${fw_path_para:+$dracutsysrootdir$fw_path_para:}$dracutsysrootdir/lib/firmware/updates/$kernel:$dracutsysrootdir/lib/firmware/updates:$dracutsysrootdir/lib/firmware/$kernel:$dracutsysrootdir/lib/firmware" +} +[[ $tmpdir_l ]] && tmpdir="$tmpdir_l" +[[ $tmpdir ]] || tmpdir="$TMPDIR" +[[ $tmpdir ]] || tmpdir="$dracutsysrootdir"/var/tmp +[[ $INITRD_COMPRESS ]] && compress=$INITRD_COMPRESS +[[ $compress_l ]] && compress=$compress_l +[[ $squash_compress_l ]] && squash_compress=$squash_compress_l +[[ $enhanced_cpio_l ]] && enhanced_cpio=$enhanced_cpio_l +[[ $show_modules_l ]] && show_modules=$show_modules_l +[[ $nofscks_l ]] && nofscks="yes" +[[ $ro_mnt_l ]] && ro_mnt="yes" +[[ $early_microcode_l ]] && early_microcode=$early_microcode_l +[[ $early_microcode ]] || early_microcode=yes +[[ $early_microcode_image_dir ]] || early_microcode_image_dir=('/boot') +[[ $early_microcode_image_name ]] \ + || early_microcode_image_name=('intel-uc.img' 'intel-ucode.img' 'amd-uc.img' 'amd-ucode.img' 'early_ucode.cpio' 'microcode.cpio') +[[ $logfile_l ]] && logfile="$logfile_l" +[[ $reproducible_l ]] && reproducible="$reproducible_l" +[[ $loginstall_l ]] && loginstall="$loginstall_l" +[[ $uefi_l ]] && uefi=$uefi_l +[[ $uefi_stub_l ]] && uefi_stub="$uefi_stub_l" +[[ $uefi_splash_image_l ]] && uefi_splash_image="$uefi_splash_image_l" +[[ $kernel_image_l ]] && kernel_image="$kernel_image_l" +[[ $sbat_l ]] && sbat="$sbat_l" +[[ $machine_id_l ]] && machine_id="$machine_id_l" + +if ! [[ $outfile ]]; then + if [[ $machine_id != "no" ]]; then + if [[ -d "$dracutsysrootdir"/efi/Default ]] \ + || [[ -d "$dracutsysrootdir"/boot/Default ]] \ + || [[ -d "$dracutsysrootdir"/boot/efi/Default ]]; then + MACHINE_ID="Default" + elif [[ -s "$dracutsysrootdir"/etc/machine-id ]]; then + read -r MACHINE_ID < "$dracutsysrootdir"/etc/machine-id + [[ $MACHINE_ID == "uninitialized" ]] && MACHINE_ID="Default" + else + MACHINE_ID="Default" + fi + fi + + if [[ $uefi == "yes" ]]; then + if [[ -n $uefi_secureboot_key && -z $uefi_secureboot_cert ]] || [[ -z $uefi_secureboot_key && -n $uefi_secureboot_cert ]]; then + printf "%s\n" "dracut[F]: Need 'uefi_secureboot_key' and 'uefi_secureboot_cert' both to be set." >&2 + exit 1 + fi + + if [[ -n $uefi_secureboot_key && -n $uefi_secureboot_cert ]] && ! command -v sbsign &> /dev/null; then + printf "%s\n" "dracut[F]: Need 'sbsign' to create a signed UEFI executable." >&2 + exit 1 + fi + + BUILD_ID=$(cat "$dracutsysrootdir"/etc/os-release "$dracutsysrootdir"/usr/lib/os-release \ + | while read -r line || [[ $line ]]; do + [[ $line =~ BUILD_ID\=* ]] && eval "$line" && echo "$BUILD_ID" && break + done) + if [[ -z $dracutsysrootdir ]]; then + if [[ -d /efi ]] && mountpoint -q /efi; then + efidir=/efi/EFI + else + efidir=/boot/EFI + if [[ -d /boot/efi/EFI ]]; then + efidir=/boot/efi/EFI + fi + fi + else + efidir=/boot/EFI + if [[ -d $dracutsysrootdir/boot/efi/EFI ]]; then + efidir=/boot/efi/EFI + fi + fi + mkdir -p "$dracutsysrootdir$efidir/Linux" + outfile="$dracutsysrootdir$efidir/Linux/linux-$kernel${MACHINE_ID:+-${MACHINE_ID}}${BUILD_ID:+-${BUILD_ID}}.efi" + else + if [[ -d "$dracutsysrootdir"/efi/loader/entries || -L "$dracutsysrootdir"/efi/loader/entries ]] \ + && [[ $MACHINE_ID ]] \ + && [[ -d "$dracutsysrootdir"/efi/${MACHINE_ID} || -L "$dracutsysrootdir"/efi/${MACHINE_ID} ]]; then + outfile="$dracutsysrootdir/efi/${MACHINE_ID}/${kernel}/initrd" + elif [[ -d "$dracutsysrootdir"/boot/loader/entries || -L "$dracutsysrootdir"/boot/loader/entries ]] \ + && [[ $MACHINE_ID ]] \ + && [[ -d "$dracutsysrootdir"/boot/${MACHINE_ID} || -L "$dracutsysrootdir"/boot/${MACHINE_ID} ]]; then + outfile="$dracutsysrootdir/boot/${MACHINE_ID}/${kernel}/initrd" + elif [[ -d "$dracutsysrootdir"/boot/efi/loader/entries || -L "$dracutsysrootdir"/boot/efi/loader/entries ]] \ + && [[ $MACHINE_ID ]] \ + && [[ -d "$dracutsysrootdir"/boot/efi/${MACHINE_ID} || -L "$dracutsysrootdir"/boot/efi/${MACHINE_ID} ]]; then + outfile="$dracutsysrootdir/boot/efi/${MACHINE_ID}/${kernel}/initrd" + elif [[ -f "$dracutsysrootdir"/lib/modules/${kernel}/initrd ]]; then + outfile="$dracutsysrootdir/lib/modules/${kernel}/initrd" + elif [[ -e $dracutsysrootdir/boot/vmlinuz-${kernel} ]]; then + outfile="$dracutsysrootdir/boot/initramfs-${kernel}.img" + elif [[ -z $dracutsysrootdir ]] \ + && [[ $MACHINE_ID ]] \ + && mountpoint -q /efi; then + outfile="/efi/${MACHINE_ID}/${kernel}/initrd" + elif [[ -z $dracutsysrootdir ]] \ + && [[ $MACHINE_ID ]] \ + && mountpoint -q /boot/efi; then + outfile="/boot/efi/${MACHINE_ID}/${kernel}/initrd" + else + outfile="$dracutsysrootdir/boot/initramfs-${kernel}.img" + fi + fi +fi + +# eliminate IFS hackery when messing with fw_dir +export DRACUT_FIRMWARE_PATH=${fw_dir// /:} +fw_dir=${fw_dir//:/ } + +# check for logfile and try to create one if it doesn't exist +if [[ -n $logfile ]]; then + if [[ ! -f $logfile ]]; then + if touch "$logfile"; then + printf "%s\n" "dracut[W]: touch $logfile failed." >&2 + fi + fi +fi + +# handle compression options. +DRACUT_COMPRESS_BZIP2=${DRACUT_COMPRESS_BZIP2:-bzip2} +DRACUT_COMPRESS_LBZIP2=${DRACUT_COMPRESS_LBZIP2:-lbzip2} +DRACUT_COMPRESS_LZMA=${DRACUT_COMPRESS_LZMA:-lzma} +DRACUT_COMPRESS_XZ=${DRACUT_COMPRESS_XZ:-xz} +DRACUT_COMPRESS_GZIP=${DRACUT_COMPRESS_GZIP:-gzip} +DRACUT_COMPRESS_PIGZ=${DRACUT_COMPRESS_PIGZ:-pigz} +DRACUT_COMPRESS_LZOP=${DRACUT_COMPRESS_LZOP:-lzop} +DRACUT_COMPRESS_ZSTD=${DRACUT_COMPRESS_ZSTD:-zstd} +DRACUT_COMPRESS_LZ4=${DRACUT_COMPRESS_LZ4:-lz4} +DRACUT_COMPRESS_CAT=${DRACUT_COMPRESS_CAT:-cat} + +if [[ $_no_compress_l == "$DRACUT_COMPRESS_CAT" ]]; then + compress="$DRACUT_COMPRESS_CAT" +fi + +[[ $hostonly == yes ]] && hostonly="-h" +[[ $hostonly != "-h" ]] && unset hostonly + +case $hostonly_mode in + '') + [[ $hostonly ]] && hostonly_mode="sloppy" + ;; + sloppy | strict) + if [[ ! $hostonly ]]; then + unset hostonly_mode + fi + ;; + *) + printf "%s\n" "dracut[F]: Invalid hostonly mode '$hostonly_mode'." >&2 + exit 1 + ;; +esac + +[[ $reproducible == yes ]] && DRACUT_REPRODUCIBLE=1 + +if [[ -z $DRACUT_KMODDIR_OVERRIDE && -n $drivers_dir ]]; then + drivers_basename="${drivers_dir##*/}" + if [[ -n $drivers_basename && $drivers_basename != "$kernel" ]]; then + printf "%s\n" "dracut[F]: The provided directory where to look for kernel modules ($drivers_basename)" >&2 + printf "%s\n" "dracut[F]: does not match the kernel version set for the initramfs ($kernel)." >&2 + printf "%s\n" "dracut[F]: Set DRACUT_KMODDIR_OVERRIDE=1 to ignore this check." >&2 + exit 1 + fi + drivers_dirname="${drivers_dir%/*}/" + if [[ ! $drivers_dirname =~ .*/lib/modules/$ ]]; then + printf "%s\n" "dracut[F]: drivers_dir path ${drivers_dir_l:+"set via -k/--kmoddir "}must contain \"/lib/modules/\" as a parent of your kernel module directory," >&2 + printf "%s\n" "dracut[F]: or modules may not be placed in the correct location inside the initramfs." >&2 + printf "%s\n" "dracut[F]: was given: ${drivers_dir}" >&2 + printf "%s\n" "dracut[F]: expected: ${drivers_dirname}lib/modules/${kernel}" >&2 + printf "%s\n" "dracut[F]: Please move your modules into the correct directory structure and pass the new location," >&2 + printf "%s\n" "dracut[F]: or set DRACUT_KMODDIR_OVERRIDE=1 to ignore this check." >&2 + exit 1 + fi +fi + +# shellcheck disable=SC2155 +readonly TMPDIR="$(realpath -e "$tmpdir")" +[ -d "$TMPDIR" ] || { + printf "%s\n" "dracut[F]: Invalid tmpdir '$tmpdir'." >&2 + exit 1 +} + +if findmnt --raw -n --target "$tmpdir" --output=options | grep -q noexec; then + [[ $debug == yes ]] && printf "%s\n" "dracut[D]: Tmpdir '$tmpdir' is mounted with 'noexec'." >&2 + noexec=1 +fi + +# shellcheck disable=SC2155 +readonly DRACUT_TMPDIR="$(mktemp -p "$TMPDIR/" -d -t dracut.XXXXXX)" +[ -d "$DRACUT_TMPDIR" ] || { + printf "%s\n" "dracut[F]: mktemp -p '$TMPDIR/' -d -t dracut.XXXXXX failed." >&2 + exit 1 +} + +# Cache file used to optimize get_maj_min() +declare -x -r get_maj_min_cache_file="${DRACUT_TMPDIR}/majmin_cache" +: > "$get_maj_min_cache_file" + +# clean up after ourselves no matter how we die. +trap ' + ret=$?; + [[ $keep ]] && echo "Not removing $DRACUT_TMPDIR." >&2 || { [[ $DRACUT_TMPDIR ]] && rm -rf -- "$DRACUT_TMPDIR"; }; + if [[ ${FSFROZEN} ]]; then + fsfreeze -u "${FSFROZEN}" + fi + exit $ret; + ' EXIT + +# clean up after ourselves no matter how we die. +trap 'exit 1;' SIGINT + +readonly initdir="${DRACUT_TMPDIR}/initramfs" +mkdir -p "$initdir" + +if [[ $early_microcode == yes ]] || { [[ $acpi_override == yes ]] && [[ -d $acpi_table_dir ]]; }; then + readonly early_cpio_dir="${DRACUT_TMPDIR}/earlycpio" + mkdir "$early_cpio_dir" +fi + +[[ "$dracutsysrootdir" ]] || [[ "$noexec" ]] || export DRACUT_RESOLVE_LAZY="1" + +if [[ $print_cmdline ]]; then + stdloglvl=0 + sysloglvl=0 + fileloglvl=0 + kmsgloglvl=0 +fi + +if [[ -f $dracutbasedir/dracut-version.sh ]]; then + # shellcheck source=./dracut-version.sh + . "$dracutbasedir"/dracut-version.sh +fi + +if systemd-detect-virt -c &> /dev/null; then + export DRACUT_NO_MKNOD=1 DRACUT_NO_XATTR=1 + if [[ $hostonly ]]; then + printf "%s\n" "dracut[W]: Running in hostonly mode in a container!" >&2 + fi +fi + +if [[ -f $dracutbasedir/dracut-init.sh ]]; then + # shellcheck source=./dracut-init.sh + . "$dracutbasedir"/dracut-init.sh +else + printf "%s\n" "dracut[F]: Cannot find $dracutbasedir/dracut-init.sh." >&2 + printf "%s\n" "dracut[F]: Are you running from a git checkout?" >&2 + printf "%s\n" "dracut[F]: Try passing -l as an argument to $dracut_cmd" >&2 + exit 1 +fi + +if [[ $persistent_policy == "mapper" ]]; then + unset persistent_policy +elif [[ -n $persistent_policy && ! -d "/dev/disk/${persistent_policy}" ]]; then + dwarn "Invalid persistent policy, your system does not have a /dev/disk/${persistent_policy} directory." + unset persistent_policy +fi + +if [[ $enhanced_cpio == "yes" ]]; then + enhanced_cpio="$dracutbasedir/dracut-cpio" + if [[ -x $enhanced_cpio ]]; then + # align based on statfs optimal transfer size + cpio_align=$(stat --file-system -c "%s" -- "$initdir") + else + dinfo "--enhanced-cpio ignored due to lack of dracut-cpio" + unset enhanced_cpio + fi +else + unset enhanced_cpio +fi + +if [[ $no_kernel != yes ]] && ! [[ -d $srcmods ]]; then + dfatal "Cannot find module directory $srcmods" + dfatal "and --no-kernel was not specified" + exit 1 +fi + +if ! [[ $print_cmdline ]]; then + inst "$DRACUT_TESTBIN" + if ! $DRACUT_INSTALL ${initdir:+-D "$initdir"} ${dracutsysrootdir:+-r "$dracutsysrootdir"} -R "$DRACUT_TESTBIN" &> /dev/null; then + unset DRACUT_RESOLVE_LAZY + export DRACUT_RESOLVE_DEPS=1 + fi + rm -fr -- "${initdir:?}"/* +fi + +dracutfunctions=$dracutbasedir/dracut-functions.sh +export dracutfunctions + +((${#drivers_l[@]})) && drivers="${drivers_l[*]}" +drivers=${drivers/-/_} + +((${#add_drivers_l[@]})) && add_drivers+=" ${add_drivers_l[*]} " +add_drivers=${add_drivers/-/_} + +((${#force_drivers_l[@]})) && force_drivers+=" ${force_drivers_l[*]} " +force_drivers=${force_drivers/-/_} + +((${#omit_drivers_l[@]})) && omit_drivers+=" ${omit_drivers_l[*]} " +omit_drivers=${omit_drivers/-/_} + +((${#kernel_cmdline_l[@]})) && kernel_cmdline+=" ${kernel_cmdline_l[*]} " + +omit_drivers_corrected="" +for d in $omit_drivers; do + [[ " $drivers $add_drivers " == *\ $d\ * ]] && continue + [[ " $drivers $force_drivers " == *\ $d\ * ]] && continue + omit_drivers_corrected+="^$d$|" +done +omit_drivers="${omit_drivers_corrected%|}" +unset omit_drivers_corrected + +# prepare args for logging +for ((i = 0; i < ${#dracut_args[@]}; i++)); do + [[ ${dracut_args[$i]} == *\ * ]] \ + && dracut_args[$i]="\"${dracut_args[$i]}\"" + #" keep vim happy +done + +dinfo "Executing: $dracut_cmd ${dracut_args[*]}" + +[[ $do_list == yes ]] && { + for mod in "$dracutbasedir"/modules.d/*; do + [[ -e $mod/module-setup.sh ]] || continue + printf "%s\n" "${mod##*/??}" + done + exit 0 +} + +# This is kinda legacy -- eventually it should go away. +case $dracutmodules in + "" | auto) dracutmodules="all" ;; +esac + +abs_outfile=$(readlink -f "$outfile") && outfile="$abs_outfile" + +# Helper function to set global variables +# set_global_var <pkg_config> <pkg_var[:exported_var]> <value[:check_file]> [<value[:check_file]>] ... +set_global_var() { + local _pkgconfig="$1" + local _pkgvar="${2%:*}" + local _var="${2#*:}" + [[ -z ${!_var} || ! -d ${dracutsysrootdir}${!_var} ]] \ + && export "$_var"="$(pkg-config "$_pkgconfig" --variable="$_pkgvar" 2> /dev/null)" + if [[ -z ${!_var} || ! -d ${dracutsysrootdir}${!_var} ]]; then + shift 2 + if (($# == 1)); then + export "$_var"="$1" + else + local _val + for _val in "$@"; do + _check=${_val##*:} + _val=${_val%:*} + [[ -e ${dracutsysrootdir}${_check} ]] && export "$_var"="$_val" + done + fi + fi +} + +# dbus global variables +set_global_var "dbus" "dbus" "/usr/share/dbus-1" +set_global_var "dbus" "dbusconfdir" "/etc/dbus-1" +set_global_var "dbus" "dbusinterfaces" "${dbus}/interfaces" +set_global_var "dbus" "dbusinterfacesconfdir" "${dbusconfdir}/interfaces" +set_global_var "dbus" "dbusservices" "${dbus}/services" +set_global_var "dbus" "dbusservicesconfdir" "${dbusconfdir}/services" +set_global_var "dbus" "dbussession" "${dbus}/session.d" +set_global_var "dbus" "dbussessionconfdir" "${dbusconfdir}/session.d" +set_global_var "dbus" "dbussystem" "${dbus}/system.d" +set_global_var "dbus" "dbussystemconfdir" "${dbusconfdir}/system.d" +set_global_var "dbus" "dbussystemservices" "${dbus}/system-services" +set_global_var "dbus" "dbussystemservicesconfdir" "${dbusconfdir}/system-services" + +# udev global variables +set_global_var "udev" "udevdir" "/lib/udev:/lib/udev/ata_id" "/usr/lib/udev:/usr/lib/udev/ata_id" +set_global_var "udev" "udevconfdir" "/etc/udev" +set_global_var "udev" "udevrulesdir" "${udevdir}/rules.d" +set_global_var "udev" "udevrulesconfdir" "${udevconfdir}/rules.d" + +# systemd global variables +set_global_var "systemd" "prefix:systemdprefix" "/usr" +set_global_var "systemd" "systemdutildir" "/lib/systemd:/lib/systemd/systemd-udevd" "/usr/lib/systemd:/usr/lib/systemd/systemd-udevd" +set_global_var "systemd" "systemdutilconfdir" "/etc/systemd" +set_global_var "systemd" "environment" "/usr/lib/environment.d" +set_global_var "systemd" "environmentconfdir" "/etc/environment.d" +set_global_var "systemd" "modulesload" "/usr/lib/modules-load.d" +set_global_var "systemd" "modulesloadconfdir" "/etc/modules-load.d" +set_global_var "systemd" "sysctld" "/usr/lib/sysctl.d" +set_global_var "systemd" "sysctlconfdir" "/etc/sysctl.d" +set_global_var "systemd" "systemdcatalog" "${systemdutildir}/catalog" +set_global_var "systemd" "systemdnetwork" "${systemdutildir}/network" +set_global_var "systemd" "systemdnetworkconfdir" "${systemdutilconfdir}/network" +set_global_var "systemd" "systemdntpunits" "${systemdutildir}/ntp-units.d" +set_global_var "systemd" "systemdntpunitsconfdir" "${systemdutilconfdir}/ntp-units.d" +set_global_var "systemd" "systemdportable" "${systemdutildir}/portable" +set_global_var "systemd" "systemdportableconfdir" "${systemdutilconfdir}/portable" +set_global_var "systemd" "systemdsystemunitdir" "${systemdutildir}/system" +set_global_var "systemd" "systemdsystemconfdir" "${systemdutilconfdir}/system" +set_global_var "systemd" "systemduser" "${systemdutildir}/user" +set_global_var "systemd" "systemduserconfdir" "${systemdutilconfdir}/user" +set_global_var "systemd" "sysusers" "/usr/lib/sysusers.d" +set_global_var "systemd" "sysusersconfdir" "/etc/sysusers.d" +set_global_var "systemd" "tmpfilesdir" "/lib/tmpfiles.d" "/usr/lib/tmpfiles.d" +set_global_var "systemd" "tmpfilesconfdir" "/etc/tmpfiles.d" + +# libkmod global variables +set_global_var "libkmod" "depmodd" "/usr/lib/depmod.d" +set_global_var "libkmod" "depmodconfdir" "/etc/depmod.d" + +if [[ $no_kernel != yes ]] && [[ -d $srcmods ]]; then + if ! [[ -f $srcmods/modules.dep ]]; then + if [[ -n "$(find "$srcmods" -name '*.ko*')" ]]; then + dfatal "$srcmods/modules.dep is missing. Did you run depmod?" + exit 1 + else + dwarn "$srcmods/modules.dep is missing. Did you run depmod?" + fi + fi +fi + +if [[ ! $print_cmdline ]]; then + if [[ -f $outfile && ! $force ]]; then + dfatal "Will not override existing initramfs ($outfile) without --force" + exit 1 + fi + + outdir=${outfile%/*} + [[ $outdir ]] || outdir="/" + + if [[ ! -d $outdir ]]; then + dfatal "Can't write to $outdir: Directory $outdir does not exist or is not accessible." + exit 1 + elif [[ ! -w $outdir ]]; then + dfatal "No permission to write to $outdir." + exit 1 + elif [[ -f $outfile && ! -w $outfile ]]; then + dfatal "No permission to write $outfile." + exit 1 + fi + + if [[ $loginstall ]]; then + if ! mkdir -p "$loginstall"; then + dfatal "Could not create directory to log installed files to '$loginstall'." + exit 1 + fi + loginstall=$(readlink -f "$loginstall") + fi + + if [[ $uefi == yes ]]; then + if ! command -v objcopy &> /dev/null; then + dfatal "Need 'objcopy' to create a UEFI executable" + exit 1 + fi + unset EFI_MACHINE_TYPE_NAME + case "${DRACUT_ARCH:-$(uname -m)}" in + x86_64) + EFI_MACHINE_TYPE_NAME=x64 + ;; + i?86) + EFI_MACHINE_TYPE_NAME=ia32 + ;; + aarch64) + EFI_MACHINE_TYPE_NAME=aa64 + ;; + *) + dfatal "Architecture '${DRACUT_ARCH:-$(uname -m)}' not supported to create a UEFI executable" + exit 1 + ;; + esac + + if ! [[ -s $uefi_stub ]]; then + uefi_stub="$dracutsysrootdir${systemdprefix}/lib/systemd/boot/efi/linux${EFI_MACHINE_TYPE_NAME}.efi.stub" + fi + + if ! [[ -s $uefi_stub ]]; then + dfatal "Can't find a uefi stub '$uefi_stub' to create a UEFI executable" + exit 1 + fi + + if ! [[ $kernel_image ]]; then + for kernel_image in "$dracutsysrootdir/lib/modules/$kernel/vmlinuz" "$dracutsysrootdir/boot/vmlinuz-$kernel"; do + [[ -s $kernel_image ]] || continue + break + done + fi + if ! [[ -s $kernel_image ]]; then + dfatal "Can't find a kernel image '$kernel_image' to create a UEFI executable" + exit 1 + fi + fi +fi + +if [[ $acpi_override == yes ]] && ! (check_kernel_config CONFIG_ACPI_TABLE_UPGRADE || check_kernel_config CONFIG_ACPI_INITRD_TABLE_OVERRIDE); then + dwarn "Disabling ACPI override, because kernel does not support it. CONFIG_ACPI_INITRD_TABLE_OVERRIDE!=y or CONFIG_ACPI_TABLE_UPGRADE!=y" + unset acpi_override +fi + +if [[ $early_microcode == yes ]]; then + if [[ $hostonly ]]; then + if [[ $(get_cpu_vendor) == "AMD" || $(get_cpu_vendor) == "Intel" ]]; then + check_kernel_config CONFIG_MICROCODE || unset early_microcode + else + unset early_microcode + fi + else + ! check_kernel_config CONFIG_MICROCODE \ + && unset early_microcode + fi + # Do not complain on non-x86 architectures as it makes no sense + case "${DRACUT_ARCH:-$(uname -m)}" in + x86_64 | i?86) + [[ $early_microcode != yes ]] \ + && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE!=y" + ;; + *) ;; + esac +fi + +# Need to be able to have non-root users read stuff (rpcbind etc) +chmod 755 "$initdir" + +if [[ $hostonly ]]; then + for i in /sys /proc /run /dev; do + if ! findmnt --target "$i" &> /dev/null; then + dwarning "Turning off host-only mode: '$i' is not mounted!" + unset hostonly + fi + done +fi + +declare -A host_fs_types + +for line in "${fstab_lines[@]}"; do + # shellcheck disable=SC2086 + set -- $line + dev="$1" + #dev mp fs fsopts + case "$dev" in + UUID=*) + dev=$(blkid -l -t "UUID=${dev#UUID=}" -o device) + ;; + LABEL=*) + dev=$(blkid -l -t "LABEL=${dev#LABEL=}" -o device) + ;; + PARTUUID=*) + dev=$(blkid -l -t "PARTUUID=${dev#PARTUUID=}" -o device) + ;; + PARTLABEL=*) + dev=$(blkid -l -t "PARTLABEL=${dev#PARTLABEL=}" -o device) + ;; + esac + [ -z "$dev" ] && dwarn "Bad fstab entry $*" && continue + if [[ $3 == btrfs ]]; then + for mp in $(findmnt --source "$1" -o TARGET -n); do + for i in $(btrfs_devs "$mp"); do + push_host_devs "$i" + done + done + elif [[ $3 == zfs ]]; then + for mp in $(zfs_devs "$1"); do + push_host_devs "$mp" + done + fi + push_host_devs "$dev" + host_fs_types["$dev"]="$3" +done + +for f in $add_fstab; do + [[ -e $f ]] || continue + while read -r dev rest || [ -n "$dev" ]; do + push_host_devs "$dev" + done < "$f" +done + +for dev in $add_device; do + push_host_devs "$dev" +done + +if ((${#add_device_l[@]})); then + add_device+=" ${add_device_l[*]} " + push_host_devs "${add_device_l[@]}" +fi + +if [[ $hostonly ]] && [[ $hostonly_default_device != "no" ]]; then + # in hostonly mode, determine all devices, which have to be accessed + # and examine them for filesystem types + + for mp in \ + "/" \ + "/etc" \ + "/bin" \ + "/sbin" \ + "/lib" \ + "/lib64" \ + "/usr" \ + "/usr/bin" \ + "/usr/sbin" \ + "/usr/lib" \ + "/usr/lib64" \ + "/boot" \ + "/boot/efi" \ + "/boot/zipl"; do + mp=$(readlink -f "$dracutsysrootdir$mp") + mountpoint "$mp" > /dev/null 2>&1 || continue + _dev=$(find_block_device "$mp") + _bdev=$(readlink -f "/dev/block/$_dev") + [[ -b $_bdev ]] && _dev=$_bdev + [[ $mp == "/" ]] && root_devs+=("$_dev") + push_host_devs "$_dev" + if [[ $(find_mp_fstype "$mp") == btrfs ]]; then + for i in $(btrfs_devs "$mp"); do + [[ $mp == "/" ]] && root_devs+=("$i") + push_host_devs "$i" + done + elif [[ $(find_mp_fstype "$mp") == zfs ]]; then + for i in $(zfs_devs "$(findmnt -n -o SOURCE "$mp")"); do + [[ $mp == "/" ]] && root_devs+=("$i") + push_host_devs "$i" + done + fi + + done + + # TODO - with sysroot, /proc/swaps is not relevant + if [[ -f /proc/swaps ]] && [[ -f $dracutsysrootdir/etc/fstab ]]; then + while read -r dev type rest || [ -n "$dev" ]; do + [[ -b $dev ]] || continue + [[ $type == "partition" ]] || continue + + while read -r _d _m _t _o _ || [ -n "$_d" ]; do + [[ $_d == \#* ]] && continue + [[ $_d ]] || continue + [[ $_t != "swap" ]] && continue + [[ $_m != "swap" ]] && [[ $_m != "none" ]] && continue + [[ $_o == *noauto* ]] && continue + _d=$(expand_persistent_dev "$_d") + [[ $_d -ef $dev ]] || continue + + if [[ -f $dracutsysrootdir/etc/crypttab ]]; then + while read -r _mapper _ _p _o || [ -n "$_mapper" ]; do + [[ $_mapper == \#* ]] && continue + [[ $_d -ef /dev/mapper/"$_mapper" ]] || continue + [[ "$_o" ]] || _o="$_p" + # skip entries with password files + [[ $_p == /* ]] && [[ -f $_p ]] && continue 2 + # skip mkswap swap + [[ $_o == *swap* ]] && continue 2 + done < "$dracutsysrootdir"/etc/crypttab + fi + + _dev="$(readlink -f "$dev")" + push_host_devs "$_dev" + swap_devs+=("$_dev") + break + done < "$dracutsysrootdir"/etc/fstab + done < /proc/swaps + fi + + # collect all "x-initrd.mount" entries from /etc/fstab + if [[ -f $dracutsysrootdir/etc/fstab ]]; then + while read -r _d _m _t _o _ || [ -n "$_d" ]; do + [[ $_d == \#* ]] && continue + [[ $_d ]] || continue + [[ $_o != *x-initrd.mount* ]] && continue + _dev=$(expand_persistent_dev "$_d") + _dev="$(readlink -f "$_dev")" + [[ -b $_dev ]] || continue + + push_host_devs "$_dev" + if [[ $_t == btrfs ]]; then + for i in $(btrfs_devs "$_m"); do + push_host_devs "$i" + done + elif [[ $_t == zfs ]]; then + for i in $(zfs_devs "$_d"); do + push_host_devs "$i" + done + fi + done < "$dracutsysrootdir"/etc/fstab + fi +fi + +unset m +unset rest + +_get_fs_type() { + [[ $1 ]] || return + if [[ -b /dev/block/$1 ]]; then + ID_FS_TYPE=$(get_fs_env "/dev/block/$1") && host_fs_types["$(readlink -f "/dev/block/$1")"]="$ID_FS_TYPE" + return 1 + fi + if [[ -b $1 ]]; then + ID_FS_TYPE=$(get_fs_env "$1") && host_fs_types["$(readlink -f "$1")"]="$ID_FS_TYPE" + return 1 + fi + if fstype=$(find_dev_fstype "$1"); then + host_fs_types["$1"]="$fstype" + return 1 + fi + return 1 +} + +for dev in "${host_devs[@]}"; do + _get_fs_type "$dev" + check_block_and_slaves_all _get_fs_type "$(get_maj_min "$dev")" +done + +for dev in "${!host_fs_types[@]}"; do + [[ ${host_fs_types[$dev]} == "reiserfs" ]] || [[ ${host_fs_types[$dev]} == "xfs" ]] || continue + rootopts=$(find_dev_fsopts "$dev") + if [[ ${host_fs_types[$dev]} == "reiserfs" ]]; then + journaldev=$(fs_get_option "$rootopts" "jdev") + elif [[ ${host_fs_types[$dev]} == "xfs" ]]; then + journaldev=$(fs_get_option "$rootopts" "logdev") + fi + if [[ $journaldev ]]; then + dev="$(readlink -f "$dev")" + push_host_devs "$dev" + _get_fs_type "$dev" + check_block_and_slaves_all _get_fs_type "$(get_maj_min "$dev")" + fi +done + +export initdir dracutbasedir \ + dracutmodules force_add_dracutmodules add_dracutmodules omit_dracutmodules \ + mods_to_load \ + fw_dir drivers_dir debug no_kernel kernel_only \ + omit_drivers mdadmconf lvmconf root_devs \ + use_fstab fstab_lines libdirs fscks nofscks ro_mnt \ + stdloglvl sysloglvl fileloglvl kmsgloglvl logfile \ + host_fs_types host_devs swap_devs sshkey add_fstab \ + DRACUT_VERSION \ + prefix filesystems drivers \ + hostonly_cmdline loginstall + +mods_to_load="" +# check all our modules to see if they should be sourced. +# This builds a list of modules that we will install next. +for_each_module_dir check_module +for_each_module_dir check_mount + +dracut_module_included "fips" && export DRACUT_FIPS_MODE=1 + +do_print_cmdline() { + local -A _mods_to_print + for i in $modules_loaded $mods_to_load; do + _mods_to_print[$i]=1 + done + + # source our modules. + for moddir in "$dracutbasedir/modules.d"/[0-9][0-9]*; do + _d_mod=${moddir##*/} + _d_mod=${_d_mod#[0-9][0-9]} + [[ ${_mods_to_print[$_d_mod]} ]] || continue + module_cmdline "$_d_mod" "$moddir" + done + unset moddir +} + +if [[ $print_cmdline ]]; then + do_print_cmdline + printf "\n" + exit 0 +fi + +# Create some directory structure first +# shellcheck disable=SC2174 +[[ $prefix ]] && mkdir -m 0755 -p "${initdir}${prefix}" + +# shellcheck disable=SC2174 +[[ -L $dracutsysrootdir/lib ]] || mkdir -m 0755 -p "${initdir}${prefix}/lib" +[[ $prefix ]] && ln -sfn "${prefix#/}/lib" "$initdir/lib" + +if [[ $prefix ]]; then + for d in bin etc lib sbin tmp usr var $libdirs; do + d=${d#/} + [[ $d == */* ]] && continue + ln -sfn "${prefix#/}/${d#/}" "$initdir/$d" + done +fi + +if [[ $kernel_only != yes ]]; then + for d in usr usr/bin usr/sbin bin etc lib sbin tmp var var/tmp $libdirs; do + d=${d#/} + [[ -e "${initdir}${prefix}/$d" ]] && continue + if [ -L "/$d" ]; then + inst_symlink "/$d" "${prefix}/$d" + else + # shellcheck disable=SC2174 + mkdir -m 0755 -p "${initdir}${prefix}/$d" + fi + done + + for d in dev proc sys sysroot root run; do + if [ -L "/$d" ]; then + inst_symlink "/$d" + else + # shellcheck disable=SC2174 + mkdir -m 0755 -p "$initdir/$d" + fi + done + + ln -sfn ../run "$initdir/var/run" + ln -sfn ../run/lock "$initdir/var/lock" +else + for d in lib "$libdirs"; do + [[ -e "${initdir}${prefix}/$d" ]] && continue + if [ -h "/$d" ]; then + inst "/$d" "${prefix}/$d" + else + # shellcheck disable=SC2174 + mkdir -m 0755 -p "${initdir}${prefix}/$d" + fi + done +fi + +mkdir -p "${initdir}"/lib/dracut + +if [[ $kernel_only != yes ]]; then + mkdir -p "${initdir}/etc/cmdline.d" + mkdir -m 0755 "${initdir}"/lib/dracut/hooks + for _d in $hookdirs; do + # shellcheck disable=SC2174 + mkdir -m 0755 -p "${initdir}/lib/dracut/hooks/$_d" + done + if [[ $EUID == "0" ]] && ! [[ $DRACUT_NO_MKNOD ]]; then + [[ -c ${initdir}/dev/null ]] || mknod "${initdir}"/dev/null c 1 3 + [[ -c ${initdir}/dev/kmsg ]] || mknod "${initdir}"/dev/kmsg c 1 11 + [[ -c ${initdir}/dev/console ]] || mknod "${initdir}"/dev/console c 5 1 + [[ -c ${initdir}/dev/random ]] || mknod "${initdir}"/dev/random c 1 8 + [[ -c ${initdir}/dev/urandom ]] || mknod "${initdir}"/dev/urandom c 1 9 + fi +fi + +_isize=0 #initramfs size +modules_loaded=" " +# source our modules. +for moddir in "$dracutbasedir/modules.d"/[0-9][0-9]*; do + _d_mod=${moddir##*/} + _d_mod=${_d_mod#[0-9][0-9]} + [[ $mods_to_load == *\ $_d_mod\ * ]] || continue + if [[ $show_modules == yes ]]; then + printf "%s\n" "$_d_mod" + else + dinfo "*** Including module: $_d_mod ***" + fi + if [[ $kernel_only == yes ]]; then + module_installkernel "$_d_mod" "$moddir" || { + dfatal "installkernel failed in module $_d_mod" + exit 1 + } + else + module_install "$_d_mod" "$moddir" + if [[ $no_kernel != yes ]]; then + module_installkernel "$_d_mod" "$moddir" || { + dfatal "installkernel failed in module $_d_mod" + exit 1 + } + fi + fi + mods_to_load=${mods_to_load// $_d_mod /} + modules_loaded+="$_d_mod " + + #print the module install size + if [ -n "$printsize" ]; then + _isize_new=$(du -sk "${initdir}" | { + read -r a _ + echo -n "$a" + }) + _isize_delta=$((_isize_new - _isize)) + printf "%s\n" "$_d_mod install size: ${_isize_delta}k" + _isize=$_isize_new + fi +done +unset moddir + +for i in $modules_loaded; do + printf "%s\n" "$i" >> "$initdir"/lib/dracut/modules.txt +done + +dinfo "*** Including modules done ***" + +## final stuff that has to happen +if [[ $no_kernel != yes ]]; then + if [[ $hostonly_mode == "strict" ]]; then + cp "$DRACUT_KERNEL_MODALIASES" "$initdir"/lib/dracut/hostonly-kernel-modules.txt + fi + + if [[ $drivers ]]; then + # shellcheck disable=SC2086 + hostonly='' instmods $drivers + fi + + if [[ -n ${add_drivers// /} ]]; then + # shellcheck disable=SC2086 + hostonly='' instmods -c $add_drivers + fi + if [[ $force_drivers ]]; then + # shellcheck disable=SC2086 + hostonly='' instmods -c $force_drivers + rm -f "$initdir"/etc/cmdline.d/20-force_driver.conf + for mod in $force_drivers; do + echo "rd.driver.pre=$mod" >> "$initdir"/etc/cmdline.d/20-force_drivers.conf + done + fi + if [[ $filesystems ]]; then + # shellcheck disable=SC2086 + hostonly='' instmods -c $filesystems + fi + + dinfo "*** Installing kernel module dependencies ***" + dracut_kernel_post + dinfo "*** Installing kernel module dependencies done ***" + + if [[ $noimageifnotneeded == yes ]] && [[ $hostonly ]]; then + if [[ ! -f "$initdir/lib/dracut/need-initqueue" ]] \ + && [[ -f ${initdir}/lib/modules/$kernel/modules.dep && ! -s ${initdir}/lib/modules/$kernel/modules.dep ]]; then + for i in "${initdir}"/etc/cmdline.d/*.conf; do + # We need no initramfs image and do not generate one. + [[ $i == "${initdir}/etc/cmdline.d/*.conf" ]] && exit 0 + done + fi + fi +fi + +if [[ $kernel_only != yes ]]; then + # FIXME: handle legacy item split + # shellcheck disable=SC2068 + ((${#install_items[@]} > 0)) && inst_multiple ${install_items[@]} + # shellcheck disable=SC2068 + ((${#install_optional_items[@]} > 0)) && inst_multiple -o ${install_optional_items[@]} + + if [[ $kernel_cmdline ]] && [[ $uefi != yes ]]; then + printf "%s\n" "$kernel_cmdline" >> "${initdir}/etc/cmdline.d/01-default.conf" + fi + + for line in "${fstab_lines[@]}"; do + read -r -a fstab_field <<< "$line" + if [ -z "${fstab_field[1]}" ]; then + # Determine device and mount options from current system + mountpoint -q "${fstab_field[0]}" || derror "${fstab_field[0]} is not a mount point!" + read -r -a fstab_field < <(findmnt --raw -n --target "${fstab_field[0]}" --output=source,target,fstype,options) + dinfo "Line for ${fstab_field[1]}: ${fstab_field[*]}" + else + # Use default options + [ -z "${fstab_field[3]}" ] && fstab_field[3]="defaults" + fi + + # Default options for freq and passno + [ -z "${fstab_field[4]}" ] && fstab_field[4]="0" + [ -z "${fstab_field[5]}" ] && fstab_field[5]="2" + + strstr "${fstab_field[2]}" "nfs" && fstab_field[5]="0" + echo "${fstab_field[@]}" >> "${initdir}/etc/fstab" + done + + for f in $add_fstab; do + cat "$f" >> "${initdir}/etc/fstab" + done + + if [[ $dracutsysrootdir$systemdutildir ]]; then + if [[ -d ${initdir}/$systemdutildir ]]; then + mkdir -p "${initdir}"/etc/conf.d + { + printf "%s\n" "systemdutildir=\"$systemdutildir\"" + printf "%s\n" "systemdsystemunitdir=\"$systemdsystemunitdir\"" + printf "%s\n" "systemdsystemconfdir=\"$systemdsystemconfdir\"" + } > "${initdir}"/etc/conf.d/systemd.conf + fi + fi + + if [[ $DRACUT_RESOLVE_LAZY ]] && [[ $DRACUT_INSTALL ]]; then + dinfo "*** Resolving executable dependencies ***" + # shellcheck disable=SC2086 + find "$initdir" -type f -perm /0111 -not -path '*.ko' -print0 \ + | xargs -r -0 $DRACUT_INSTALL ${initdir:+-D "$initdir"} ${dracutsysrootdir:+-r "$dracutsysrootdir"} -R ${DRACUT_FIPS_MODE:+-f} -- + # shellcheck disable=SC2181 + if (($? == 0)); then + dinfo "*** Resolving executable dependencies done ***" + else + dfatal "Resolving executable dependencies failed" + exit 1 + fi + fi + + # Now we are done with lazy resolving, always install dependencies + unset DRACUT_RESOLVE_LAZY + export DRACUT_RESOLVE_DEPS=1 +fi + +for ((i = 0; i < ${#include_src[@]}; i++)); do + src="${include_src[$i]}" + target="${include_target[$i]}" + if [[ $src && $target ]]; then + if [[ -f $src ]]; then + inst "$src" "$target" + elif [[ -d $src ]]; then + ddebug "Including directory: $src" + destdir="${initdir}/${target}" + mkdir -p "$destdir" + # check for preexisting symlinks, so we can cope with the + # symlinks to $prefix + # Objectname is a file or a directory + reset_dotglob="$(shopt -p dotglob)" + shopt -q -s dotglob + for objectname in "$src"/*; do + [[ -e $objectname || -L $objectname ]] || continue + if [[ -d $objectname ]] && [[ ! -L $objectname ]]; then + # objectname is a directory, let's compute the final directory name + object_destdir=${destdir}/${objectname#"$src"/} + if ! [[ -e $object_destdir ]]; then + # shellcheck disable=SC2174 + mkdir -m 0755 -p "$object_destdir" + chmod --reference="$objectname" "$object_destdir" + fi + $DRACUT_CP -t "$object_destdir" "$dracutsysrootdir$objectname"/. + else + $DRACUT_CP -t "$destdir" "$dracutsysrootdir$objectname" + fi + done + eval "$reset_dotglob" + elif [[ -e $src ]]; then + derror "$src is neither a directory nor a regular file" + else + derror "$src doesn't exist" + fi + fi +done + +if [[ $do_hardlink == yes ]] && command -v hardlink > /dev/null; then + dinfo "*** Hardlinking files ***" + hardlink "$initdir" 2>&1 | ddebug + dinfo "*** Hardlinking files done ***" +fi + +# strip binaries +if [[ $do_strip == yes ]]; then + # Prefer strip from elfutils for package size + declare strip_cmd + strip_cmd=$(command -v eu-strip) + [ -z "$strip_cmd" ] && strip_cmd="strip" + + for p in $strip_cmd xargs find; do + if ! type -P $p > /dev/null; then + dinfo "Could not find '$p'. Not stripping the initramfs." + do_strip=no + fi + done + + if [[ $aggressive_strip == yes ]]; then + # `eu-strip` and `strip` both strips all unneeded parts by default + strip_args=(-p) + else + strip_args=(-g -p) + fi +fi + +# cleanup empty ldconfig_paths directories +for d in $(ldconfig_paths); do + rmdir -p --ignore-fail-on-non-empty "$initdir/$d" > /dev/null 2>&1 +done + +if [[ $early_microcode == yes ]]; then + dinfo "*** Generating early-microcode cpio image ***" + ucode_dir=(amd-ucode intel-ucode) + ucode_dest=(AuthenticAMD.bin GenuineIntel.bin) + _dest_dir="$early_cpio_dir/d/kernel/x86/microcode" + _dest_idx="0 1" + mkdir -p "$_dest_dir" + if [[ $hostonly ]]; then + [[ $(get_cpu_vendor) == "AMD" ]] && _dest_idx="0" + [[ $(get_cpu_vendor) == "Intel" ]] && _dest_idx="1" + fi + for idx in $_dest_idx; do + _fw=${ucode_dir[$idx]} + for _fwdir in $fw_dir; do + if [[ -d $_fwdir && -d $_fwdir/$_fw ]]; then + _src="*" + dinfo "*** Constructing ${ucode_dest[$idx]} ***" + if [[ $hostonly ]]; then + _src=$(get_ucode_file) + [[ $_src ]] || break + [[ -r $_fwdir/$_fw/$_src ]] || _src="${_src}.early" + [[ -r $_fwdir/$_fw/$_src ]] || break + fi + + for i in $_fwdir/$_fw/$_src; do + [ -e "$i" ] && break + break 2 + done + for i in $_fwdir/$_fw/$_src; do + [[ -e $i ]] || continue + # skip gpg files + str_ends "$i" ".asc" && continue + cat "$i" >> "$_dest_dir/${ucode_dest[$idx]}" + done + create_early_cpio="yes" + fi + done + if [[ ! -e "$_dest_dir/${ucode_dest[$idx]}" ]]; then + if cd "$early_cpio_dir/d"; then + for _ucodedir in "${early_microcode_image_dir[@]}"; do + for _ucodename in "${early_microcode_image_name[@]}"; do + [[ -e "$_ucodedir/$_ucodename" ]] \ + && cpio --extract --file "$_ucodedir/$_ucodename" --quiet \ + "kernel/x86/microcode/${ucode_dest[$idx]}" + if [[ -e "$_dest_dir/${ucode_dest[$idx]}" ]]; then + dinfo "*** Using microcode found in '$_ucodedir/$_ucodename' ***" + create_early_cpio="yes" + break 2 + fi + done + done + fi + fi + done +fi + +if [[ $acpi_override == yes ]] && [[ -d $acpi_table_dir ]]; then + dinfo "*** Packaging ACPI tables to override BIOS provided ones ***" + _dest_dir="$early_cpio_dir/d/kernel/firmware/acpi" + mkdir -p "$_dest_dir" + for table in "$acpi_table_dir"/*.aml; do + dinfo " Adding ACPI table: $table" + $DRACUT_CP "$table" "$_dest_dir" + create_early_cpio="yes" + done +fi + +dinfo "*** Store current command line parameters ***" +if ! (echo "$PARMS_TO_STORE" > "$initdir"/lib/dracut/build-parameter.txt); then + dfatal "Could not store the current command line parameters" + exit 1 +fi + +if [[ $hostonly_cmdline == "yes" ]]; then + unset _stored_cmdline + if [[ -d $initdir/etc/cmdline.d ]]; then + dinfo "Stored kernel commandline:" + for conf in "$initdir"/etc/cmdline.d/*.conf; do + [ -e "$conf" ] || continue + dinfo "$(< "$conf")" + _stored_cmdline=1 + done + fi + if ! [[ $_stored_cmdline ]]; then + dinfo "No dracut internal kernel commandline stored in the initramfs" + fi +fi + +if [[ $kernel_only != yes ]]; then + # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so + for _dir in $libdirs; do + for _f in "$dracutsysrootdir$_dir/libpthread.so"*; do + [[ -e $_f ]] || continue + inst_libdir_file "libgcc_s.so*" + break 2 + done + done + + # FIPS workaround for Fedora/RHEL: libcrypto needs libssl when FIPS is enabled + if [[ $DRACUT_FIPS_MODE ]]; then + for _dir in $libdirs; do + for _f in "$dracutsysrootdir$_dir/libcrypto.so"*; do + [[ -e $_f ]] || continue + inst_libdir_file -o "libssl.so*" + break 2 + done + done + fi +fi + +if [[ $kernel_only != yes ]]; then + # make sure that library links are correct and up to date + build_ld_cache +fi + +if dracut_module_included "squash"; then + readonly squash_dir="$initdir/squash/root" + readonly squash_img="$initdir/squash-root.img" + mkdir -p "$squash_dir" + dinfo "*** Install squash loader ***" + DRACUT_SQUASH_POST_INST=1 module_install "squash" +fi + +if [[ $do_strip == yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then + # stripping files negates (dedup) benefits of using reflink + [[ -n $enhanced_cpio ]] && ddebug "strip is enabled alongside cpio reflink" + dinfo "*** Stripping files ***" + find "$initdir" -type f \ + -executable -not -path '*/lib/modules/*.ko' -print0 \ + | xargs -r -0 $strip_cmd "${strip_args[@]}" 2> /dev/null + + # strip kernel modules, but do not touch signed modules + find "$initdir" -type f -path '*/lib/modules/*.ko' -print0 \ + | while read -r -d $'\0' f || [ -n "$f" ]; do + SIG=$(tail -c 28 "$f" | tr -d '\000') + [[ $SIG == '~Module signature appended~' ]] || { printf "%s\000" "$f"; } + done | xargs -r -0 $strip_cmd "${strip_args[@]}" + dinfo "*** Stripping files done ***" +fi + +if dracut_module_included "squash"; then + dinfo "*** Squashing the files inside the initramfs ***" + declare squash_compress_arg + # shellcheck disable=SC2086 + if [[ $squash_compress ]]; then + if ! mksquashfs /dev/null "$DRACUT_TMPDIR"/.squash-test.img -no-progress -comp $squash_compress &> /dev/null; then + dwarn "mksquashfs doesn't support compressor '$squash_compress', failing back to default compressor." + else + squash_compress_arg="$squash_compress" + fi + fi + + # shellcheck disable=SC2086 + if ! mksquashfs "$squash_dir" "$squash_img" \ + -no-xattrs -no-exports -noappend -no-recovery -always-use-fragments \ + -no-progress ${squash_compress_arg:+-comp $squash_compress_arg} 1> /dev/null; then + dfatal "Failed making squash image" + exit 1 + fi + + rm -rf "$squash_dir" + dinfo "*** Squashing the files inside the initramfs done ***" + + # Skip initramfs compress + compress="cat" +fi + +dinfo "*** Creating image file '$outfile' ***" + +if [[ $uefi == yes ]]; then + readonly uefi_outdir="$DRACUT_TMPDIR/uefi" + mkdir -p "$uefi_outdir" +fi + +if [[ $DRACUT_REPRODUCIBLE ]]; then + find "$initdir" -newer "$dracutbasedir/dracut-functions.sh" -print0 \ + | xargs -r -0 touch -h -m -c -r "$dracutbasedir/dracut-functions.sh" + + if [[ "$(cpio --help)" == *--reproducible* ]]; then + CPIO_REPRODUCIBLE=1 + else + dinfo "cpio does not support '--reproducible'. Resulting image will not be reproducible." + fi +fi + +[[ $EUID != 0 ]] && cpio_owner="0:0" + +if [[ $create_early_cpio == yes ]]; then + echo 1 > "$early_cpio_dir/d/early_cpio" + + if [[ $DRACUT_REPRODUCIBLE ]]; then + find "$early_cpio_dir/d" -newer "$dracutbasedir/dracut-functions.sh" -print0 \ + | xargs -r -0 touch -h -m -c -r "$dracutbasedir/dracut-functions.sh" + fi + + # The microcode blob is _before_ the initramfs blob, not after + if [[ -n $enhanced_cpio ]]; then + if ! ( + umask 077 + cd "$early_cpio_dir/d" + find . -print0 | sort -z \ + | $enhanced_cpio --null ${cpio_owner:+--owner "$cpio_owner"} \ + --mtime 0 --data-align "$cpio_align" --truncate-existing \ + "${DRACUT_TMPDIR}/initramfs.img" + ); then + dfatal "dracut-cpio: creation of $outfile failed" + exit 1 + fi + else + if ! ( + umask 077 + cd "$early_cpio_dir/d" + find . -print0 | sort -z \ + | cpio ${CPIO_REPRODUCIBLE:+--reproducible} --null \ + ${cpio_owner:+-R "$cpio_owner"} -H newc -o --quiet > "${DRACUT_TMPDIR}/initramfs.img" + ); then + dfatal "Creation of $outfile failed" + exit 1 + fi + fi +fi + +if check_kernel_config CONFIG_RD_ZSTD; then + DRACUT_KERNEL_RD_ZSTD=yes +else + DRACUT_KERNEL_RD_ZSTD= +fi + +if [[ $compress == $DRACUT_COMPRESS_ZSTD* && ! $DRACUT_KERNEL_RD_ZSTD ]]; then + dwarn "Kernel has no zstd support compiled in." + compress= +fi + +if [[ $compress && $compress != cat ]]; then + if ! command -v "${compress%% *}" &> /dev/null; then + derror "Cannot execute compression command '$compress', falling back to default" + compress= + fi +fi + +if ! [[ $compress ]]; then + # check all known compressors, if none specified + for i in $DRACUT_COMPRESS_PIGZ $DRACUT_COMPRESS_GZIP $DRACUT_COMPRESS_LZ4 $DRACUT_COMPRESS_LZOP $DRACUT_COMPRESS_ZSTD $DRACUT_COMPRESS_LZMA $DRACUT_COMPRESS_XZ $DRACUT_COMPRESS_LBZIP2 $DRACUT_COMPRESS_BZIP2 $DRACUT_COMPRESS_CAT; do + [[ $i != "$DRACUT_COMPRESS_ZSTD" || $DRACUT_KERNEL_RD_ZSTD ]] || continue + command -v "$i" &> /dev/null || continue + compress="$i" + break + done + if [[ $compress == cat ]]; then + dwarn "No compression tool available. Initramfs image is going to be big." + else + dinfo "Using auto-determined compression method '$compress'" + fi +fi + +# choose the right arguments for the compressor +case $compress in + bzip2 | lbzip2) + if [[ $compress == lbzip2 ]] || command -v "$DRACUT_COMPRESS_LBZIP2" &> /dev/null; then + compress="$DRACUT_COMPRESS_LBZIP2 -9" + else + compress="$DRACUT_COMPRESS_BZIP2 -9" + fi + ;; + lzma) + compress="$DRACUT_COMPRESS_LZMA -9 -T0" + ;; + xz) + compress="$DRACUT_COMPRESS_XZ --check=crc32 --lzma2=dict=1MiB -T0" + ;; + gzip | pigz) + if [[ $compress == pigz ]] || command -v "$DRACUT_COMPRESS_PIGZ" &> /dev/null; then + compress="$DRACUT_COMPRESS_PIGZ -9 -n -T -R" + elif command -v gzip &> /dev/null && $DRACUT_COMPRESS_GZIP --help 2>&1 | grep -q rsyncable; then + compress="$DRACUT_COMPRESS_GZIP -n -9 --rsyncable" + else + compress="$DRACUT_COMPRESS_GZIP -n -9" + fi + ;; + lzo | lzop) + compress="$DRACUT_COMPRESS_LZOP -9" + ;; + lz4) + compress="$DRACUT_COMPRESS_LZ4 -l -9" + ;; + zstd) + compress="$DRACUT_COMPRESS_ZSTD -15 -q -T0" + ;; +esac + +if [[ -n $enhanced_cpio ]]; then + if [[ $compress == "cat" ]]; then + # dracut-cpio appends by default, so any ucode remains + cpio_outfile="${DRACUT_TMPDIR}/initramfs.img" + else + ddebug "$compress compression enabled alongside cpio reflink" + # dracut-cpio doesn't output to stdout, so stage for compression + cpio_outfile="${DRACUT_TMPDIR}/initramfs.img.uncompressed" + fi + + if ! ( + umask 077 + cd "$initdir" + find . -print0 | sort -z \ + | $enhanced_cpio --null ${cpio_owner:+--owner "$cpio_owner"} \ + --mtime 0 --data-align "$cpio_align" "$cpio_outfile" || exit 1 + [[ $compress == "cat" ]] && exit 0 + $compress < "$cpio_outfile" >> "${DRACUT_TMPDIR}/initramfs.img" \ + && rm "$cpio_outfile" + ); then + dfatal "dracut-cpio: creation of $outfile failed" + exit 1 + fi + unset cpio_outfile +else + if ! ( + umask 077 + cd "$initdir" + find . -print0 | sort -z \ + | cpio ${CPIO_REPRODUCIBLE:+--reproducible} --null ${cpio_owner:+-R "$cpio_owner"} -H newc -o --quiet \ + | $compress >> "${DRACUT_TMPDIR}/initramfs.img" + ); then + dfatal "Creation of $outfile failed" + exit 1 + fi +fi + +if ((maxloglvl >= 5)) && ((verbosity_mod_l >= 0)); then + if [[ $allowlocal ]]; then + "$dracutbasedir/lsinitrd.sh" "${DRACUT_TMPDIR}/initramfs.img" | ddebug + else + lsinitrd "${DRACUT_TMPDIR}/initramfs.img" | ddebug + fi +fi + +umask 077 + +SBAT_DEFAULT="sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md" +sbat_out=$uefi_outdir/uki.sbat + +clean_sbat_string() { + local inp=$1 + local temp=$uefi_outdir/temp.sbat + sed "/${SBAT_DEFAULT//\//\\/}/d" "$inp" > "$temp" + [[ -s $temp ]] && cat "$temp" >> "$sbat_out" + rm "$temp" +} + +get_sbat_string() { + local inp=$1 + local out=$uefi_outdir/$2 + objcopy -O binary --only-section=.sbat "$inp" "$out" + clean_sbat_string "$out" +} + +if [[ $uefi == yes ]]; then + if [[ $kernel_cmdline ]]; then + echo -n "$kernel_cmdline" > "$uefi_outdir/cmdline.txt" + elif [[ $hostonly_cmdline == yes ]]; then + if [ -d "$initdir/etc/cmdline.d" ]; then + for conf in "$initdir"/etc/cmdline.d/*.conf; do + [ -e "$conf" ] || continue + printf "%s " "$(< "$conf")" >> "$uefi_outdir/cmdline.txt" + done + elif [ -e "/proc/cmdline" ]; then + printf "%s " "$(< "/proc/cmdline")" > "$uefi_outdir/cmdline.txt" + fi + fi + + offs=$(objdump -h "$uefi_stub" 2> /dev/null | gawk 'NF==7 {size=strtonum("0x"$3); + offset=strtonum("0x"$4)} END {print size + offset}') + if [[ $offs -eq 0 ]]; then + dfatal "Failed to get the size of $uefi_stub to create UEFI image file" + exit 1 + fi + align=$(pe_get_section_align "$uefi_stub") + if [[ $? -eq 1 ]]; then + dfatal "Failed to get the SectionAlignment of the stub PE header to create the UEFI image file" + exit 1 + fi + offs=$((offs + "$align" - offs % "$align")) + [[ -s $dracutsysrootdir/usr/lib/os-release ]] && uefi_osrelease="$dracutsysrootdir/usr/lib/os-release" + [[ -s $dracutsysrootdir/etc/os-release ]] && uefi_osrelease="$dracutsysrootdir/etc/os-release" + [[ -s $uefi_osrelease ]] \ + && uefi_osrelease_offs=${offs} \ + && offs=$((offs + $(stat -Lc%s "$uefi_osrelease"))) \ + && offs=$((offs + "$align" - offs % "$align")) + + if [[ $kernel_cmdline ]] || [[ $hostonly_cmdline == yes && -e "${uefi_outdir}/cmdline.txt" ]]; then + echo -ne "\x00" >> "$uefi_outdir/cmdline.txt" + dinfo "Using UEFI kernel cmdline:" + dinfo "$(tr -d '\000' < "$uefi_outdir/cmdline.txt")" + uefi_cmdline="${uefi_outdir}/cmdline.txt" + uefi_cmdline_offs=${offs} + offs=$((offs + $(stat -Lc%s "$uefi_cmdline"))) + offs=$((offs + "$align" - offs % "$align")) + else + unset uefi_cmdline + fi + + if [[ -s ${dracutsysrootdir}${uefi_splash_image} ]]; then + uefi_splash_image="${dracutsysrootdir}${uefi_splash_image}" + uefi_splash_offs=${offs} + offs=$((offs + $(stat -Lc%s "$uefi_splash_image"))) + offs=$((offs + "$align" - offs % "$align")) + else + unset uefi_splash_image + fi + + echo "$SBAT_DEFAULT" > "$sbat_out" + if [[ -n $sbat ]]; then + echo "$sbat" | sed "/${SBAT_DEFAULT//\//\\/}/d" >> "$sbat_out" + fi + get_sbat_string "$kernel_image" kernel.sbat + get_sbat_string "$uefi_stub" stub.sbat + + uefi_sbat_offs="${offs}" + offs=$((offs + $(stat -Lc%s "$sbat_out"))) + offs=$((offs + "$align" - offs % "$align")) + uefi_linux_offs="${offs}" + offs=$((offs + $(stat -Lc%s "$kernel_image"))) + offs=$((offs + "$align" - offs % "$align")) + uefi_initrd_offs="${offs}" + + base_image=$(pe_get_image_base "$uefi_stub") + if [[ $? -eq 1 ]]; then + dfatal "Failed to get ImageBase data of $uefi_stub to create UEFI image file" + exit 1 + fi + + tmp_uefi_stub=$uefi_outdir/elf.stub + cp "$uefi_stub" "$tmp_uefi_stub" + objcopy --remove-section .sbat "$tmp_uefi_stub" &> /dev/null + + if objcopy \ + ${uefi_osrelease:+--add-section .osrel="$uefi_osrelease" --change-section-vma .osrel=$(printf 0x%x "$uefi_osrelease_offs")} \ + ${uefi_cmdline:+--add-section .cmdline="$uefi_cmdline" --change-section-vma .cmdline=$(printf 0x%x "$uefi_cmdline_offs")} \ + ${uefi_splash_image:+--add-section .splash="$uefi_splash_image" --change-section-vma .splash=$(printf 0x%x "$uefi_splash_offs")} \ + --add-section .sbat="$sbat_out" --change-section-vma .sbat="$(printf 0x%x "$uefi_sbat_offs")" \ + --add-section .linux="$kernel_image" --change-section-vma .linux="$(printf 0x%x "$uefi_linux_offs")" \ + --add-section .initrd="${DRACUT_TMPDIR}/initramfs.img" --change-section-vma .initrd="$(printf 0x%x "$uefi_initrd_offs")" \ + --image-base="$(printf 0x%x "$base_image")" \ + "$tmp_uefi_stub" "${uefi_outdir}/linux.efi"; then + if [[ -n ${uefi_secureboot_key} && -n ${uefi_secureboot_cert} ]]; then + if sbsign \ + ${uefi_secureboot_engine:+--engine "$uefi_secureboot_engine"} \ + --key "${uefi_secureboot_key}" \ + --cert "${uefi_secureboot_cert}" \ + --output "$outfile" "${uefi_outdir}/linux.efi" \ + && sbverify --cert "${uefi_secureboot_cert}" "$outfile" > /dev/null 2>&1; then + dinfo "*** Creating signed UEFI image file '$outfile' done ***" + else + rm -f -- "$outfile" + dfatal "*** Creating signed UEFI image file '$outfile' failed ***" + exit 1 + fi + else + if cp --reflink=auto "${uefi_outdir}/linux.efi" "$outfile"; then + dinfo "*** Creating UEFI image file '$outfile' done ***" + else + rm -f -- "$outfile" + dfatal "Creation of $outfile failed" + exit 1 + fi + fi + else + rm -f -- "$outfile" + dfatal "*** Creating UEFI image file '$outfile' failed ***" + exit 1 + fi +else + if cp --reflink=auto "${DRACUT_TMPDIR}/initramfs.img" "$outfile"; then + dinfo "*** Creating initramfs image file '$outfile' done ***" + else + rm -f -- "$outfile" + dfatal "Creation of $outfile failed" + exit 1 + fi +fi + +btrfs_uuid() { + btrfs filesystem show "$1" | sed -n '1s/^.*uuid: //p' +} + +freeze_ok_for_btrfs() { + local mnt uuid1 uuid2 + # If the output file is on btrfs, we need to make sure that it's + # not on a subvolume of the same file system as the root FS. + # Otherwise, fsfreeze() might freeze the entire system. + # This is most conveniently checked by comparing the FS uuid. + + [[ "$(stat -f -c %T -- "/")" == "btrfs" ]] || return 0 + mnt=$(stat -c %m -- "$1") + uuid1=$(btrfs_uuid "$mnt") + uuid2=$(btrfs_uuid "/") + [[ $uuid1 && $uuid2 && $uuid1 != "$uuid2" ]] +} + +freeze_ok_for_fstype() { + local outfile=$1 + local fstype + + [[ "$(stat -c %m -- "$outfile")" == "/" ]] && return 1 + fstype=$(stat -f -c %T -- "$outfile") + case $fstype in + msdos) + return 1 + ;; + zfs) + return 1 + ;; + tmpfs) + return 1 + ;; + btrfs) + freeze_ok_for_btrfs "$outfile" + ;; + *) + return 0 + ;; + esac +} + +# We sync/fsfreeze only if we're operating on a live booted system. +# It's possible for e.g. `kernel` to be installed as an RPM BuildRequires or equivalent, +# and there's no reason to sync, and *definitely* no reason to fsfreeze. +# Another case where this happens is rpm-ostree, which performs its own sync/fsfreeze +# globally. See e.g. https://github.com/ostreedev/ostree/commit/8642ef5ab3fec3ac8eb8f193054852f83a8bc4d0 +if [[ -d $dracutsysrootdir/run/systemd/system ]]; then + if ! sync "$outfile" 2> /dev/null; then + dinfo "sync operation on newly created initramfs $outfile failed" + exit 1 + fi + + # use fsfreeze only if we're not writing to / + if [[ "$(stat -c %m -- "$outfile")" != "/" ]] && freeze_ok_for_fstype "$outfile"; then + FSFROZEN="$(dirname "$outfile")" + if ! (fsfreeze -f "${FSFROZEN}" 2> /dev/null && fsfreeze -u "${FSFROZEN}" 2> /dev/null); then + dwarn "Could not fsfreeze $(dirname "$outfile")" + fi + unset FSFROZEN + fi +fi + +exit 0 diff --git a/install.d/50-dracut.install b/install.d/50-dracut.install new file mode 100755 index 0000000..441414a --- /dev/null +++ b/install.d/50-dracut.install @@ -0,0 +1,117 @@ +#!/bin/bash + +COMMAND="$1" +KERNEL_VERSION="$2" +BOOT_DIR_ABS="$3" +KERNEL_IMAGE="$4" + +# If KERNEL_INSTALL_MACHINE_ID is defined but empty, BOOT_DIR_ABS is a fake directory. +# So, let's skip to create initrd. +if ! [[ ${KERNEL_INSTALL_MACHINE_ID-x} ]]; then + exit 0 +fi + +# Do not attempt to create initramfs if the supplied image is already a UKI +if [[ "$KERNEL_INSTALL_IMAGE_TYPE" = "uki" ]]; then + exit 0 +fi + +# Mismatching the install layout and the --uefi/--no-uefi opts just creates a mess. +if [[ $KERNEL_INSTALL_LAYOUT == "uki" && -n $KERNEL_INSTALL_STAGING_AREA ]]; then + BOOT_DIR_ABS="$KERNEL_INSTALL_STAGING_AREA" + if [[ -z $KERNEL_INSTALL_UKI_GENERATOR || $KERNEL_INSTALL_UKI_GENERATOR == "dracut" ]]; then + # No uki generator preference set or we have been chosen + IMAGE="uki.efi" + UEFI_OPTS="--uefi" + elif [[ -z $KERNEL_INSTALL_INITRD_GENERATOR || $KERNEL_INSTALL_INITRD_GENERATOR == "dracut" ]]; then + # We aren't the uki generator, but we have been requested to make the initrd + IMAGE="initrd" + UEFI_OPTS="--no-uefi" + else + exit 0 + fi +elif [[ $KERNEL_INSTALL_LAYOUT == "bls" && -n $KERNEL_INSTALL_STAGING_AREA ]]; then + BOOT_DIR_ABS="$KERNEL_INSTALL_STAGING_AREA" + if [[ -z $KERNEL_INSTALL_INITRD_GENERATOR || $KERNEL_INSTALL_INITRD_GENERATOR == "dracut" ]]; then + IMAGE="initrd" + UEFI_OPTS="--no-uefi" + else + exit 0 + fi +else + # No layout information, use users --uefi/--no-uefi preference + UEFI_OPTS="" + if [[ -d $BOOT_DIR_ABS ]]; then + IMAGE="initrd" + else + BOOT_DIR_ABS="/boot" + IMAGE="initramfs-${KERNEL_VERSION}.img" + fi +fi + +ret=0 + +case "$COMMAND" in + add) + if [[ $IMAGE == "uki.efi" ]]; then + IMAGE_PREGENERATED=${KERNEL_IMAGE%/*}/uki.efi + else + IMAGE_PREGENERATED=${KERNEL_IMAGE%/*}/initrd + fi + if [[ -f ${IMAGE_PREGENERATED} ]]; then + # we found an initrd or uki.efi at the same place as the kernel + # use this and don't generate a new one + [[ $KERNEL_INSTALL_VERBOSE == 1 ]] && echo \ + "There is an ${IMAGE} image at the same place as the kernel, skipping generating a new one" + cp --reflink=auto "$IMAGE_PREGENERATED" "$BOOT_DIR_ABS/$IMAGE" \ + && chown root:root "$BOOT_DIR_ABS/$IMAGE" \ + && chmod 0600 "$BOOT_DIR_ABS/$IMAGE" \ + && exit 0 + fi + + if [ -n "$KERNEL_INSTALL_CONF_ROOT" ]; then + if [ -f "$KERNEL_INSTALL_CONF_ROOT/cmdline" ]; then + read -r -d '' -a BOOT_OPTIONS < "$KERNEL_INSTALL_CONF_ROOT/cmdline" + fi + elif [[ -f /etc/kernel/cmdline ]]; then + read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline + elif [[ -f /usr/lib/kernel/cmdline ]]; then + read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline + else + declare -a BOOT_OPTIONS + + read -r -d '' -a line < /proc/cmdline + for i in "${line[@]}"; do + [[ ${i#initrd=*} != "$i" ]] && continue + BOOT_OPTIONS+=("$i") + done + fi + + unset noimageifnotneeded + + for ((i = 0; i < "${#BOOT_OPTIONS[@]}"; i++)); do + # shellcheck disable=SC1001 + if [[ ${BOOT_OPTIONS[$i]} == root\=PARTUUID\=* ]]; then + noimageifnotneeded="yes" + break + fi + done + + # shellcheck disable=SC2046 + dracut -f \ + ${noimageifnotneeded:+--noimageifnotneeded} \ + $([[ $KERNEL_INSTALL_VERBOSE == 1 ]] && echo --verbose) \ + $([[ -n $KERNEL_IMAGE ]] && echo --kernel-image "$KERNEL_IMAGE") \ + "$UEFI_OPTS" \ + --kver "$KERNEL_VERSION" \ + "$BOOT_DIR_ABS/$IMAGE" + ret=$? + ;; + + remove) + rm -f -- "$BOOT_DIR_ABS/$IMAGE" + ret=$? + ;; +esac + +exit $ret diff --git a/install.d/51-dracut-rescue.install b/install.d/51-dracut-rescue.install new file mode 100755 index 0000000..aa0ccdc --- /dev/null +++ b/install.d/51-dracut-rescue.install @@ -0,0 +1,152 @@ +#!/bin/bash + +export LANG=C + +COMMAND="$1" +KERNEL_VERSION="$2" +BOOT_DIR_ABS="${3%/*}/0-rescue" +KERNEL_IMAGE="$4" + +dropindirs_sort() { + suffix=$1 + shift + args=("$@") + files=$( + while (($# > 0)); do + for i in "${1}"/*"${suffix}"; do + [[ -f $i ]] && echo "${i##*/}" + done + shift + done | sort -Vu + ) + + for f in $files; do + for d in "${args[@]}"; do + if [[ -f "$d/$f" ]]; then + echo "$d/$f" + continue 2 + fi + done + done +} + +if [[ -f /etc/os-release ]]; then + . /etc/os-release +elif [[ -f /usr/lib/os-release ]]; then + . /usr/lib/os-release +fi + +[[ -n $PRETTY_NAME ]] || PRETTY_NAME="Linux $KERNEL_VERSION" + +if [[ ${KERNEL_INSTALL_MACHINE_ID+x} ]]; then + MACHINE_ID=$KERNEL_INSTALL_MACHINE_ID +elif [[ -f /etc/machine-id ]]; then + read -r MACHINE_ID < /etc/machine-id +fi + +if ! [[ $MACHINE_ID ]]; then + exit 0 +fi + +if [ -n "$KERNEL_INSTALL_CONF_ROOT" ]; then + if [ -f "$KERNEL_INSTALL_CONF_ROOT/cmdline" ]; then + read -r -d '' -a BOOT_OPTIONS < "$KERNEL_INSTALL_CONF_ROOT/cmdline" + fi +elif [[ -f /etc/kernel/cmdline ]]; then + read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline +elif [[ -f /usr/lib/kernel/cmdline ]]; then + read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline +else + declare -a BOOT_OPTIONS + + read -r -d '' -a line < /proc/cmdline + for i in "${line[@]}"; do + [[ ${i#initrd=*} != "$i" ]] && continue + BOOT_OPTIONS+=("$i") + done +fi + +if [[ -d ${BOOT_DIR_ABS%/*} ]]; then + BOOT_DIR="/${MACHINE_ID}/0-rescue" + BOOT_ROOT=${BOOT_DIR_ABS%"$BOOT_DIR"} + LOADER_ENTRY="$BOOT_ROOT/loader/entries/${MACHINE_ID}-0-rescue.conf" + KERNEL="linux" + INITRD="initrd" +else + BLS_DIR="/boot/loader/entries" + BOOT_DIR_ABS="/boot" + LOADER_ENTRY="$BLS_DIR/${MACHINE_ID}-0-rescue.conf" + KERNEL="vmlinuz-0-rescue-${MACHINE_ID}" + INITRD="initramfs-0-rescue-${MACHINE_ID}.img" +fi + +ret=0 + +case "$COMMAND" in + add) + if [[ -f $LOADER_ENTRY ]] && [[ -f "$BOOT_DIR_ABS/$KERNEL" ]] \ + && [[ -f "$BOOT_DIR_ABS/$INITRD" ]]; then + [[ $KERNEL_INSTALL_VERBOSE == 1 ]] \ + && echo "Skipping, there is already a rescue image generated with the same input parameters" + exit 0 + fi + + # source our config dir + for f in $(dropindirs_sort ".conf" "/etc/dracut.conf.d" "/usr/lib/dracut/dracut.conf.d"); do + if [[ -e $f ]]; then + # shellcheck disable=SC1090 + . "$f" + fi + done + + if [[ $dracut_rescue_image != "yes" ]]; then + [[ $KERNEL_INSTALL_VERBOSE == 1 ]] \ + && echo "Skipping, 'dracut_rescue_image' not set to 'yes' in any dracut configuration file" + exit 0 + fi + + [[ -d $BOOT_DIR_ABS ]] || mkdir -p "$BOOT_DIR_ABS" + + if ! cp --reflink=auto "$KERNEL_IMAGE" "$BOOT_DIR_ABS/$KERNEL"; then + echo "Can't copy '$KERNEL_IMAGE to '$BOOT_DIR_ABS/$KERNEL'!" >&2 + fi + + if [[ ! -f "$BOOT_DIR_ABS/$INITRD" ]]; then + # shellcheck disable=SC2046 + dracut -f --no-hostonly --no-uefi \ + -a "rescue" \ + $([[ $KERNEL_INSTALL_VERBOSE == 1 ]] && echo --verbose) \ + --kver "$KERNEL_VERSION" \ + "$BOOT_DIR_ABS/$INITRD" + ((ret += $?)) + fi + + [[ $KERNEL_INSTALL_VERBOSE == 1 ]] && echo "Creating $LOADER_ENTRY" + if [[ ${BOOT_DIR_ABS} != "/boot" ]]; then + { + echo "title $PRETTY_NAME - Rescue Image" + echo "version $KERNEL_VERSION" + echo "machine-id $MACHINE_ID" + echo "options ${BOOT_OPTIONS[*]} rd.auto=1" + echo "linux $BOOT_DIR/linux" + echo "initrd $BOOT_DIR/initrd" + } > "$LOADER_ENTRY" + else + if [[ -e "${BLS_DIR}/${MACHINE_ID}-${KERNEL_VERSION}.conf" ]]; then + cp -aT "${BLS_DIR}/${MACHINE_ID}-${KERNEL_VERSION}.conf" "$LOADER_ENTRY" + else + cp -aT "${KERNEL_IMAGE%/*}/bls.conf" "$LOADER_ENTRY" + fi + sed -i "s/${KERNEL_VERSION}/0-rescue-${MACHINE_ID}/" "$LOADER_ENTRY" + fi + + ((ret += $?)) + ;; + + remove) + exit 0 + ;; + +esac + +exit $ret diff --git a/lsinitrd.sh b/lsinitrd.sh new file mode 100755 index 0000000..ada6cf5 --- /dev/null +++ b/lsinitrd.sh @@ -0,0 +1,397 @@ +#!/bin/bash +# +# Copyright 2005-2010 Harald Hoyer <harald@redhat.com> +# Copyright 2005-2010 Red Hat, Inc. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +usage() { + { + echo "Usage: ${0##*/} [options] [<initramfs file> [<filename> [<filename> [...] ]]]" + echo "Usage: ${0##*/} [options] -k <kernel version>" + echo + echo "-h, --help print a help message and exit." + echo "-s, --size sort the contents of the initramfs by size." + echo "-m, --mod list modules." + echo "-f, --file <filename> print the contents of <filename>." + echo "--unpack unpack the initramfs, instead of displaying the contents." + echo " If optional filenames are given, will only unpack specified files," + echo " else the whole image will be unpacked. Won't unpack anything from early cpio part." + echo "--unpackearly unpack the early microcode part of the initramfs." + echo " Same as --unpack, but only unpack files from early cpio part." + echo "-v, --verbose unpack verbosely." + echo "-k, --kver <kernel version> inspect the initramfs of <kernel version>." + echo + } >&2 +} + +[[ $dracutbasedir ]] || dracutbasedir=/usr/lib/dracut + +sorted=0 +modules=0 +unset verbose +declare -A filenames + +unset POSIXLY_CORRECT +TEMP=$(getopt \ + -o "vshmf:k:" \ + --long kver: \ + --long file: \ + --long mod \ + --long help \ + --long size \ + --long unpack \ + --long unpackearly \ + --long verbose \ + -- "$@") + +# shellcheck disable=SC2181 +if (($? != 0)); then + usage + exit 1 +fi + +eval set -- "$TEMP" + +while (($# > 0)); do + case $1 in + -k | --kver) + KERNEL_VERSION="$2" + shift + ;; + -f | --file) + filenames[${2#/}]=1 + shift + ;; + -s | --size) sorted=1 ;; + -h | --help) + usage + exit 0 + ;; + -m | --mod) modules=1 ;; + -v | --verbose) verbose="--verbose" ;; + --unpack) unpack=1 ;; + --unpackearly) unpackearly=1 ;; + --) + shift + break + ;; + *) + usage + exit 1 + ;; + esac + shift +done + +[[ $KERNEL_VERSION ]] || KERNEL_VERSION="$(uname -r)" + +if [[ $1 ]]; then + image="$1" + if ! [[ -f $image ]]; then + { + echo "$image does not exist" + echo + } >&2 + usage + exit 1 + fi +else + if [[ -d /efi/Default ]] || [[ -d /boot/Default ]] || [[ -d /boot/efi/Default ]]; then + MACHINE_ID="Default" + elif [[ -s /etc/machine-id ]]; then + read -r MACHINE_ID < /etc/machine-id + [[ $MACHINE_ID == "uninitialized" ]] && MACHINE_ID="Default" + else + MACHINE_ID="Default" + fi + + if [[ -d /efi/loader/entries || -L /efi/loader/entries ]] \ + && [[ $MACHINE_ID ]] \ + && [[ -d /efi/${MACHINE_ID} || -L /efi/${MACHINE_ID} ]]; then + image="/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd" + elif [[ -d /boot/loader/entries || -L /boot/loader/entries ]] \ + && [[ $MACHINE_ID ]] \ + && [[ -d /boot/${MACHINE_ID} || -L /boot/${MACHINE_ID} ]]; then + image="/boot/${MACHINE_ID}/${KERNEL_VERSION}/initrd" + elif [[ -d /boot/efi/loader/entries || -L /boot/efi/loader/entries ]] \ + && [[ $MACHINE_ID ]] \ + && [[ -d /boot/efi/${MACHINE_ID} || -L /boot/efi/${MACHINE_ID} ]]; then + image="/boot/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd" + elif [[ -f /lib/modules/${KERNEL_VERSION}/initrd ]]; then + image="/lib/modules/${KERNEL_VERSION}/initrd" + elif [[ -f /lib/modules/${KERNEL_VERSION}/initramfs.img ]]; then + image="/lib/modules/${KERNEL_VERSION}/initramfs.img" + elif [[ -f /boot/initramfs-${KERNEL_VERSION}.img ]]; then + image="/boot/initramfs-${KERNEL_VERSION}.img" + elif [[ $MACHINE_ID ]] \ + && mountpoint -q /efi; then + image="/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd" + elif [[ $MACHINE_ID ]] \ + && mountpoint -q /boot/efi; then + image="/boot/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd" + else + image="" + fi +fi + +shift +while (($# > 0)); do + filenames[${1#/}]=1 + shift +done + +if ! [[ -f $image ]]; then + { + echo "No <initramfs file> specified and the default image '$image' cannot be accessed!" + echo + } >&2 + usage + exit 1 +fi + +TMPDIR="$(mktemp -d -t lsinitrd.XXXXXX)" +# shellcheck disable=SC2064 +trap "rm -rf '$TMPDIR'" EXIT + +dracutlibdirs() { + for d in lib64/dracut lib/dracut usr/lib64/dracut usr/lib/dracut; do + echo "$d/$1" + done +} + +extract_files() { + ((${#filenames[@]} == 1)) && nofileinfo=1 + for f in "${!filenames[@]}"; do + [[ $nofileinfo ]] || echo "initramfs:/$f" + [[ $nofileinfo ]] || echo "========================================================================" + # shellcheck disable=SC2001 + [[ $f == *"\\x"* ]] && f=$(echo "$f" | sed 's/\\x.\{2\}/????/g') + $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout "$f" 2> /dev/null + ((ret += $?)) + [[ $nofileinfo ]] || echo "========================================================================" + [[ $nofileinfo ]] || echo + done +} + +list_modules() { + echo "dracut modules:" + # shellcheck disable=SC2046 + $CAT "$image" | cpio --extract --verbose --quiet --to-stdout -- \ + $(dracutlibdirs modules.txt) 2> /dev/null + ((ret += $?)) +} + +list_files() { + echo "========================================================================" + if [ "$sorted" -eq 1 ]; then + $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --list | sort -n -k5 + else + $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --list | sort -k9 + fi + ((ret += $?)) + echo "========================================================================" +} + +list_squash_content() { + SQUASH_IMG="squash-root.img" + SQUASH_TMPFILE="$TMPDIR/initrd.root.sqsh" + + $CAT "$image" 2> /dev/null | cpio --extract --verbose --quiet --to-stdout -- \ + $SQUASH_IMG > "$SQUASH_TMPFILE" 2> /dev/null + if [[ -s $SQUASH_TMPFILE ]]; then + echo "Squashed content ($SQUASH_IMG):" + echo "========================================================================" + unsquashfs -ll "$SQUASH_TMPFILE" | tail -n +4 + echo "========================================================================" + fi +} + +unpack_files() { + if ((${#filenames[@]} > 0)); then + for f in "${!filenames[@]}"; do + # shellcheck disable=SC2001 + [[ $f == *"\\x"* ]] && f=$(echo "$f" | sed 's/\\x.\{2\}/????/g') + $CAT "$image" 2> /dev/null | cpio -id --quiet $verbose "$f" + ((ret += $?)) + done + else + $CAT "$image" 2> /dev/null | cpio -id --quiet $verbose + ((ret += $?)) + fi +} + +read -r -N 2 bin < "$image" +if [ "$bin" = "MZ" ]; then + command -v objcopy > /dev/null || { + echo "Need 'objcopy' to unpack an UEFI executable." + exit 1 + } + objcopy \ + --dump-section .linux="$TMPDIR/vmlinuz" \ + --dump-section .initrd="$TMPDIR/initrd.img" \ + --dump-section .cmdline="$TMPDIR/cmdline.txt" \ + --dump-section .osrel="$TMPDIR/osrel.txt" \ + "$image" /dev/null + uefi="$image" + image="$TMPDIR/initrd.img" + [ -f "$image" ] || exit 1 +fi + +if ((${#filenames[@]} <= 0)) && [[ -z $unpack ]] && [[ -z $unpackearly ]]; then + if [ -n "$uefi" ]; then + echo -n "initrd in UEFI: $uefi: " + du -h "$image" | while read -r a _ || [ -n "$a" ]; do echo "$a"; done + if [ -f "$TMPDIR/osrel.txt" ]; then + name=$(sed -En '/^PRETTY_NAME/ s/^\w+=["'"'"']?([^"'"'"'$]*)["'"'"']?/\1/p' "$TMPDIR/osrel.txt") + id=$(sed -En '/^ID/ s/^\w+=["'"'"']?([^"'"'"'$]*)["'"'"']?/\1/p' "$TMPDIR/osrel.txt") + build=$(sed -En '/^BUILD_ID/ s/^\w+=["'"'"']?([^"'"'"'$]*)["'"'"']?/\1/p' "$TMPDIR/osrel.txt") + echo "OS Release: $name (${id}-${build})" + fi + if [ -f "$TMPDIR/vmlinuz" ]; then + version=$(strings -n 20 "$TMPDIR/vmlinuz" | sed -En '/[0-9]+\.[0-9]+\.[0-9]+/ { p; q 0 }') + echo "Kernel Version: $version" + fi + if [ -f "$TMPDIR/cmdline.txt" ]; then + echo "Command line:" + sed -En 's/\s+/\n/g; s/\x00/\n/; p' "$TMPDIR/cmdline.txt" + fi + else + echo -n "Image: $image: " + du -h "$image" | while read -r a _ || [ -n "$a" ]; do echo "$a"; done + fi + + echo "========================================================================" +fi + +read -r -N 6 bin < "$image" +case $bin in + $'\x71\xc7'* | 070701) + CAT="cat --" + is_early=$(cpio --extract --verbose --quiet --to-stdout -- 'early_cpio' < "$image" 2> /dev/null) + # Debian mkinitramfs does not create the file 'early_cpio', so let's check if firmware files exist + [[ "$is_early" ]] || is_early=$(cpio --list --verbose --quiet --to-stdout -- 'kernel/*/microcode/*.bin' < "$image" 2> /dev/null) + if [[ "$is_early" ]]; then + if [[ -n $unpack ]]; then + # should use --unpackearly for early CPIO + : + elif [[ -n $unpackearly ]]; then + unpack_files + elif ((${#filenames[@]} > 0)); then + extract_files + else + echo "Early CPIO image" + list_files + fi + if [[ -d "$dracutbasedir/src/skipcpio" ]]; then + SKIP="$dracutbasedir/src/skipcpio/skipcpio" + else + SKIP="$dracutbasedir/skipcpio" + fi + if ! [[ -x $SKIP ]]; then + echo + echo "'$SKIP' not found, cannot display remaining contents!" >&2 + echo + exit 0 + fi + fi + ;; +esac + +if [[ $SKIP ]]; then + bin="$($SKIP "$image" | { read -r -N 6 bin && echo "$bin"; })" +else + read -r -N 6 bin < "$image" +fi +case $bin in + $'\x1f\x8b'*) + CAT="zcat --" + ;; + BZh*) + CAT="bzcat --" + ;; + $'\x71\xc7'* | 070701) + CAT="cat --" + ;; + $'\x02\x21'*) + CAT="lz4 -d -c" + ;; + $'\x89'LZO$'\0'*) + CAT="lzop -d -c" + ;; + $'\x28\xB5\x2F\xFD'*) + CAT="zstd -d -c" + ;; + *) + if echo "test" | xz | xzcat --single-stream > /dev/null 2>&1; then + CAT="xzcat --single-stream --" + else + CAT="xzcat --" + fi + ;; +esac + +type "${CAT%% *}" > /dev/null 2>&1 || { + echo "Need '${CAT%% *}' to unpack the initramfs." + exit 1 +} + +skipcpio() { + $SKIP "$@" | $ORIG_CAT +} + +if [[ $SKIP ]]; then + ORIG_CAT="$CAT" + CAT=skipcpio +fi + +if ((${#filenames[@]} > 1)); then + TMPFILE="$TMPDIR/initrd.cpio" + $CAT "$image" 2> /dev/null > "$TMPFILE" + pre_decompress() { + cat "$TMPFILE" + } + CAT=pre_decompress +fi + +ret=0 + +if [[ -n $unpack ]]; then + unpack_files +elif ((${#filenames[@]} > 0)); then + extract_files +else + # shellcheck disable=SC2046 + version=$($CAT "$image" | cpio --extract --verbose --quiet --to-stdout -- \ + $(dracutlibdirs 'dracut-*') 2> /dev/null) + ((ret += $?)) + echo "Version: $version" + echo + if [ "$modules" -eq 1 ]; then + list_modules + echo "========================================================================" + else + echo -n "Arguments: " + # shellcheck disable=SC2046 + $CAT "$image" | cpio --extract --verbose --quiet --to-stdout -- \ + $(dracutlibdirs build-parameter.txt) 2> /dev/null + echo + list_modules + list_files + list_squash_content + fi +fi + +exit "$ret" diff --git a/man/dracut-catimages.8.asc b/man/dracut-catimages.8.asc new file mode 100644 index 0000000..621f8af --- /dev/null +++ b/man/dracut-catimages.8.asc @@ -0,0 +1,59 @@ +DRACUT-CATIMAGES(8) +=================== +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-catimages - creates initial ramdisk image by concatenating images + +SYNOPSIS +-------- +**dracut-catimages** [_OPTION_...] _<initramfs base image>_ [_<image>_...] + +DESCRIPTION +----------- +dracut-catimages creates an initial ramdisk image by concatenating several +images from the command line and /boot/dracut/*.img + +OPTIONS +------- +**-f, --force**:: + overwrite existing initramfs file. + +**-i, --imagedir**:: + Directory with additional images to add (default: /boot/dracut/) + +**-o, --overlaydir**:: + Overlay directory, which contains additional files that will be used to + create an additional image + +**--nooverlay**:: Do not use the overlay directory + +**--noimagedir**:: Do not use the additional image directory + +**-h, --help**:: display help text and exit. + +**--debug**:: output debug information of the build process + +**-v, --verbose**:: verbose output during the build process + +FILES +----- +_/boot/dracut/*.img_:: + images to work with + +AUTHORS +------- +Harald Hoyer + +AVAILABILITY +------------ +The dracut-catimages command is part of the dracut package and is available from +link:$$https://github.com/dracutdevs/dracut$$[https://github.com/dracutdevs/dracut] + +SEE ALSO +-------- +*dracut*(8) + diff --git a/man/dracut.8.asc b/man/dracut.8.asc new file mode 100644 index 0000000..ae4497e --- /dev/null +++ b/man/dracut.8.asc @@ -0,0 +1,771 @@ +DRACUT(8) +========= +:doctype: manpage +:man source: dracut +:man manual: dracut +:man version: {version} + +NAME +---- +dracut - low-level tool for generating an initramfs/initrd image + +SYNOPSIS +-------- +*dracut* [__OPTION...__] [__<image>__ [__<kernel version>__]] + +DESCRIPTION +----------- + +Create an initramfs <image> for the kernel with the version <kernel version>. +If <kernel version> is omitted, then the version of the actual running +kernel is used. If <image> is omitted or empty, depending on bootloader +specification, the default location can be +_/efi/<machine-id>/<kernel-version>/initrd_, +_/boot/<machine-id>/<kernel-version>/initrd_, +_/boot/efi/<machine-id>/<kernel-version>/initrd_, +_/lib/modules/<kernel-version>/initrd_ or +_/boot/initramfs-<kernel-version>.img_. + +dracut creates an initial image used by the kernel for preloading the block +device modules (such as IDE, SCSI or RAID) which are needed to access the root +filesystem, mounting the root filesystem and booting into the real system. + +At boot time, the kernel unpacks that archive into RAM disk, mounts and uses it +as initial root file system. All finding of the root device happens in this +early userspace. + +Initramfs images are also called "initrd". + +For a complete list of kernel command line options see *dracut.cmdline*(7). + +If you are dropped to an emergency shell, while booting your initramfs, +the file _/run/initramfs/rdsosreport.txt_ is created, which can be saved to a +(to be mounted by hand) partition (usually /boot) or a USB stick. +Additional debugging info can be produced by adding **rd.debug** to the kernel +command line. _/run/initramfs/rdsosreport.txt_ contains all logs and the output +of some tools. It should be attached to any report about dracut problems. + +USAGE +----- + +include::dracut.usage.asc[] + +OPTIONS +------- +**--kver** _<kernel version>_:: + Set the kernel version. This enables to specify the kernel version, without + specifying the location of the initramfs image. For example: +---- +# dracut --kver 3.5.0-0.rc7.git1.2.fc18.x86_64 +---- + +**-f, --force**:: + Overwrite existing initramfs file. + +_<output file>_ **--rebuild**:: + Append the current arguments to those with which the input initramfs image + was built. This option helps in incrementally building the initramfs for + testing. If optional _<output file>_ is not provided, the input initramfs + provided to rebuild will be used as output file. + +**-a, --add** _<list of dracut modules>_:: + Add a space-separated list of dracut modules to the default set of modules. + This parameter can be specified multiple times. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --add "module1 module2" ... +---- +=============================== + +**--force-add** _<list of dracut modules>_:: + Force to add a space-separated list of dracut modules to the default set of + modules, when -H is specified. This parameter can be specified multiple + times. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --force-add "module1 module2" ... +---- +=============================== + +**-o, --omit** _<list of dracut modules>_:: + Omit a space-separated list of dracut modules. This parameter can be + specified multiple times. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --omit "module1 module2" ... +---- +=============================== + +**-m, --modules** _<list of dracut modules>_:: + Specify a space-separated list of dracut modules to call when building the + initramfs. Modules are located in _/usr/lib/dracut/modules.d_. This + parameter can be specified multiple times. + This option forces dracut to only include the specified dracut modules. + In most cases the "--add" option is what you want to use. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --modules "module1 module2" ... +---- +=============================== + +**-d, --drivers** _<list of kernel modules>_:: + Specify a space-separated list of kernel modules to exclusively include + in the initramfs. The kernel modules have to be specified without the ".ko" + suffix. This parameter can be specified multiple times. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --drivers "kmodule1 kmodule2" ... +---- +=============================== + +**--add-drivers** _<list of kernel modules>_:: + Specify a space-separated list of kernel modules to add to the initramfs. + The kernel modules have to be specified without the ".ko" suffix. This + parameter can be specified multiple times. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --add-drivers "kmodule1 kmodule2" ... +---- +=============================== + +**--force-drivers** _<list of kernel modules>_:: + See add-drivers above. But in this case it is ensured that the drivers + are tried to be loaded early via modprobe. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --force-drivers "kmodule1 kmodule2" ... +---- +=============================== + +**--omit-drivers** _<list of kernel modules>_:: + Specify a space-separated list of kernel modules not to add to the + initramfs. + The kernel modules have to be specified without the ".ko" suffix. This + parameter can be specified multiple times. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --omit-drivers "kmodule1 kmodule2" ... +---- +=============================== + +**--filesystems** _<list of filesystems>_:: + Specify a space-separated list of kernel filesystem modules to exclusively + include in the generic initramfs. This parameter can be specified multiple + times. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --filesystems "filesystem1 filesystem2" ... +---- +=============================== + +**-k, --kmoddir** _<kernel directory>_:: + Specify the directory, where to look for kernel modules. + +**--fwdir** _<dir>[:<dir>...]++_:: + Specify additional directories, where to look for firmwares. This parameter + can be specified multiple times. + +**--libdirs** _<list of directories>_:: + Specify a space-separated list of directories to look for libraries to + include in the generic initramfs. This parameter can be specified multiple + times. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --libdirs "dir1 dir2" ... +---- +=============================== + +**--kernel-cmdline <parameters>**:: + Specify default kernel command line parameters. + +**--kernel-only**:: + Only install kernel drivers and firmware files. + +**--no-kernel**:: + Do not install kernel drivers and firmware files. + +**--early-microcode**:: + Combine early microcode with ramdisk. + +**--no-early-microcode**:: + Do not combine early microcode with ramdisk. + +**--print-cmdline**:: + Print the kernel command line for the current disk layout. + +**--mdadmconf**:: + Include local _/etc/mdadm.conf_ file. + +**--nomdadmconf**:: + Do not include local _/etc/mdadm.conf_ file. + +**--lvmconf**:: + Include local _/etc/lvm/lvm.conf_ file. + +**--nolvmconf**:: + Do not include local _/etc/lvm/lvm.conf_ file. + +**--fscks** _<list of fsck tools>_:: + Add a space-separated list of fsck tools, in addition to _dracut.conf_'s + specification; the installation is opportunistic (non-existing tools are + ignored). ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --fscks "fsck.foo barfsck" ... +---- +=============================== + +**--nofscks**:: + Inhibit installation of any fsck tools. + +**--strip**:: + Strip binaries in the initramfs (default). + +**--aggressive-strip**:: + Strip more than just debug symbol and sections, for a smaller initramfs + build. The --strip option must also be specified. + +**--nostrip**:: + Do not strip binaries in the initramfs. + +**--hardlink**:: + Hardlink files in the initramfs (default). + +**--nohardlink**:: + Do not hardlink files in the initramfs. + +**--prefix** _<dir>_:: + Prefix initramfs files with the specified directory. + +**--noprefix**:: + Do not prefix initramfs files (default). + +**-h, --help**:: + Display help text and exit. + +**--debug**:: + Output debug information of the build process. + +**-v, --verbose**:: + Increase verbosity level (default is info(4)). + +**--version**:: + Display version and exit. + +**-q, --quiet**:: + Decrease verbosity level (default is info(4)). + +**-c, --conf** _<dracut configuration file>_:: + Specify configuration file to use. ++ +Default: + _/etc/dracut.conf_ + +**--confdir** _<configuration directory>_:: + Specify configuration directory to use. ++ +Default: + _/etc/dracut.conf.d_ + +**--tmpdir** _<temporary directory>_:: + Specify temporary directory to use. ++ +Default: + _/var/tmp_ + +**-r, --sysroot** _<sysroot directory>_:: + Specify the sysroot directory to collect files from. + This is useful to create the initramfs image from + a cross-compiled sysroot directory. For the extra helper + variables, see *ENVIRONMENT* below. ++ +Default: + _empty_ + +**--sshkey** _<sshkey file>_:: + SSH key file used with ssh-client module. + +**--logfile** _<logfile>_:: + Logfile to use; overrides any setting from the configuration files. ++ +Default: + _/var/log/dracut.log_ + +**-l, --local**:: + Activates the local mode. dracut will use modules from the current working + directory instead of the system-wide installed modules in + _/usr/lib/dracut/modules.d_. + This is useful when running dracut from a git checkout. + +**-H, --hostonly**:: + Host-only mode: Install only what is needed for booting the local host + instead of a generic host and generate host-specific configuration. ++ +[WARNING] +==== +If chrooted to another root other than the real root device, use "--fstab" and +provide a valid _/etc/fstab_. +==== + +**-N, --no-hostonly**:: + Disable host-only mode. + +**--hostonly-mode _<mode>_**:: + Specify the host-only mode to use. _<mode>_ could be one of "sloppy" or + "strict". + In "sloppy" host-only mode, extra drivers and modules will be installed, so + minor hardware change won't make the image unbootable (e.g. changed + keyboard), and the image is still portable among similar hosts. + With "strict" mode enabled, anything not necessary for booting the local + host in its current state will not be included, and modules may do some + extra job to save more space. Minor change of hardware or environment could + make the image unbootable. ++ +Default: + _sloppy_ + +**--hostonly-cmdline**:: + Store kernel command line arguments needed in the initramfs. + +**--no-hostonly-cmdline**:: + Do not store kernel command line arguments needed in the initramfs. + +**--no-hostonly-default-device**:: + Do not generate implicit host devices like root, swap, fstab, etc. + Use "--mount" or "--add-device" to explicitly add devices as needed. + +**--hostonly-i18n**:: + Install only needed keyboard and font files according to the host + configuration (default). + +**--no-hostonly-i18n**:: + Install all keyboard and font files available. + +**--hostonly-nics** _<list of nics>_:: + Only enable listed NICs in the initramfs. The list can be empty, so other + modules can install only the necessary network drivers. + +**--persistent-policy** _<policy>_:: + Use _<policy>_ to address disks and partitions. + _<policy>_ can be any directory name found in /dev/disk (e.g. "by-uuid", + "by-label"), or "mapper" to use /dev/mapper device names (default). + +**--fstab**:: + Use _/etc/fstab_ instead of _/proc/self/mountinfo_. + +**--add-fstab** _<filename>_:: + Add entries of _<filename>_ to the initramfs /etc/fstab. + +**--mount** "_<device>_ _<mountpoint>_ _<filesystem type>_ [_<filesystem options>_ [_<dump frequency>_ [_<fsck order>_]]]":: + Mount _<device>_ on _<mountpoint>_ with _<filesystem type>_ in the + initramfs. _<filesystem options>_, _<dump options>_ and _<fsck order>_ can + be specified, see fstab manpage for the details. + The default _<filesystem options>_ is "defaults". + The default _<dump frequency>_ is "0". + The default _<fsck order>_ is "2". + +**--mount** "_<mountpoint>_":: + Like above, but _<device>_, _<filesystem type>_ and _<filesystem options>_ + are determined by looking at the current mounts. + +**--add-device** _<device>_ :: + Bring up _<device>_ in initramfs, _<device>_ should be the device name. + This can be useful in host-only mode for resume support when your swap is on + LVM or an encrypted partition. + [NB --device can be used for compatibility with earlier releases] + +**-i, --include** _<SOURCE>_ _<TARGET>_:: + Include the files in the SOURCE directory into the + TARGET directory in the final initramfs. If SOURCE is a file, it will be + installed to TARGET in the final initramfs. This parameter can be specified + multiple times. + +**-I, --install** _<file list>_:: + Install the space separated list of files into the initramfs. ++ +[NOTE] +=============================== +If the list has multiple arguments, then you have to put these in quotes. For +example: +---- +# dracut --install "/bin/foo /sbin/bar" ... +---- +=============================== + +**--install-optional** _<file list>_:: + Install the space separated list of files into the initramfs, if they exist. + +**--gzip**:: + Compress the generated initramfs using gzip. This will be done by default, + unless another compression option or --no-compress is passed. Equivalent to + "--compress=gzip -9". + +**--bzip2**:: + Compress the generated initramfs using bzip2. ++ +[WARNING] +==== +Make sure your kernel has bzip2 decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=bzip2 -9". +==== + +**--lzma**:: + Compress the generated initramfs using lzma. ++ +[WARNING] +==== +Make sure your kernel has lzma decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=lzma -9 -T0". +==== + +**--xz**:: + Compress the generated initramfs using xz. ++ +[WARNING] +==== +Make sure your kernel has xz decompression support compiled in, otherwise you +will not be able to boot. Equivalent to +"--compress=xz --check=crc32 --lzma2=dict=1MiB -T0". +==== + +**--lzo**:: + Compress the generated initramfs using lzop. ++ +[WARNING] +==== +Make sure your kernel has lzo decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=lzop -9". +==== + +**--lz4**:: + Compress the generated initramfs using lz4. ++ +[WARNING] +==== +Make sure your kernel has lz4 decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=lz4 -l -9". +==== + +**--zstd**:: + Compress the generated initramfs using Zstandard. ++ +[WARNING] +==== +Make sure your kernel has zstd decompression support compiled in, otherwise you +will not be able to boot. Equivalent to "--compress=zstd -15 -q -T0". +==== + +**--compress** _<compressor>_:: + Compress the generated initramfs using the passed compression program. If + you pass it just the name of a compression program, it will call that + program with known-working arguments. If you pass a quoted string with + arguments, it will be called with exactly those arguments. Depending on what + you pass, this may result in an initramfs that the kernel cannot decompress. + The default value can also be set via the _INITRD_COMPRESS_ environment + variable. + +**--squash-compressor** _<compressor>_:: + Compress the squashfs image using the passed compressor and compressor + specific options for mksquashfs. You can refer to mksquashfs manual for + supported compressors and compressor specific options. If squash module is + not called when building the initramfs, this option will not take effect. + +**--no-compress**:: + Do not compress the generated initramfs. This will override any other + compression options. + +**--reproducible**:: + Create reproducible images. + +**--no-reproducible**:: + Do not create reproducible images. + +**--list-modules**:: + List all available dracut modules. + +**-M, --show-modules**:: + Print included module's name to standard output during build. + +**--keep**:: + Keep the initramfs temporary directory for debugging purposes. + +**--printsize**:: + Print out the module install size. + +**--profile**:: + Output profile information of the build process. + +**--ro-mnt**:: + Mount / and /usr read-only by default. + +**-L, --stdlog** _<level>_:: + [0-6] Specify logging level (to standard error). +---- + 0 - suppress any messages + 1 - only fatal errors + 2 - all errors + 3 - warnings + 4 - info + 5 - debug info (here starts lots of output) + 6 - trace info (and even more) +---- + +**--regenerate-all**:: + Regenerate all initramfs images at the default location with the kernel + versions found on the system. Additional parameters are passed through. + +**-p, --parallel**:: + Try to execute tasks in parallel. Currently only supported with + **--regenerate-all** (build initramfs images for all kernel + versions simultaneously). + +**--noimageifnotneeded**:: + Do not create an image in host-only mode, if no kernel driver is needed +and no /etc/cmdline/*.conf will be generated into the initramfs. + +**--loginstall _<directory>_**:: + Log all files installed from the host to _<directory>_. + +**--uefi**:: + Instead of creating an initramfs image, dracut will create an UEFI + executable, which can be executed by an UEFI BIOS. The default output + filename is _<EFI>/EFI/Linux/linux-$kernel$-<MACHINE_ID>-<BUILD_ID>.efi_. + <EFI> might be _/efi_, _/boot_ or _/boot/efi_ depending on where the ESP + partition is mounted. The <BUILD_ID> is taken from BUILD_ID in + _/usr/lib/os-release_ or if it exists _/etc/os-release_ and is left out, + if BUILD_ID is non-existent or empty. + +**--no-uefi**:: + Disables UEFI mode. + +**--no-machineid**:: + Affects the default output filename of **--uefi** and will discard the + <MACHINE_ID> part. + +**--uefi-stub _<file>_**:: + Specifies the UEFI stub loader, which will load the attached kernel, + initramfs and kernel command line and boots the kernel. The default is + _$prefix/lib/systemd/boot/efi/linux<EFI-MACHINE-TYPE-NAME>.efi.stub_. + +**--uefi-splash-image _<file>_**:: + Specifies the UEFI stub loader's splash image. Requires bitmap (**.bmp**) + image format. + +**--kernel-image _<file>_**:: + Specifies the kernel image, which to include in the UEFI executable. The + default is _/lib/modules/<KERNEL-VERSION>/vmlinuz_ or + _/boot/vmlinuz-<KERNEL-VERSION>_. + +**--sbat <parameters>**:: + Specifies the SBAT parameters, which to include in the UEFI executable. By default + the default SBAT string added is "sbat,1,SBAT Version,sbat,1, + https://github.com/rhboot/shim/blob/main/SBAT.md". + +**--enhanced-cpio**:: + Attempt to use the dracut-cpio binary, which optimizes archive creation for + copy-on-write filesystems by using the copy_file_range(2) syscall via Rust's + io::copy(). When specified, initramfs archives are also padded to ensure + optimal data alignment for extent sharing. To retain reflink data + deduplication benefits, this should be used alongside the **--no-compress** + and **--nostrip** parameters, with initramfs source files, **--tmpdir** + staging area and destination all on the same copy-on-write capable + filesystem. + +ENVIRONMENT +----------- + +_INITRD_COMPRESS_:: + sets the default compression program. See **--compress**. + +_DRACUT_LDCONFIG_:: + sets the _ldconfig_ program path and options. Optional. + Used for **--sysroot**. ++ +Default: + _ldconfig_ + +_DRACUT_LDD_:: + sets the _ldd_ program path and options. Optional. + Used for **--sysroot**. ++ +Default: + _ldd_ + +_DRACUT_TESTBIN_:: + sets the initially tested binary for detecting library paths. + Optional. Used for **--sysroot**. In the cross-compiled sysroot, + the default value (_/bin/sh_) is unusable, as it is an absolute + symlink and points outside the sysroot directory. ++ +Default: + _/bin/sh_ + +_DRACUT_INSTALL_:: + overrides path and options for executing _dracut-install_ internally. + Optional. Can be used to debug _dracut-install_ while running the + main dracut script. ++ +Default: + _dracut-install_ ++ +Example: + DRACUT_INSTALL="valgrind dracut-install" + +_DRACUT_COMPRESS_BZIP2_:: +_DRACUT_COMPRESS_LBZIP2_:: +_DRACUT_COMPRESS_LZMA_:: +_DRACUT_COMPRESS_XZ_:: +_DRACUT_COMPRESS_GZIP_:: +_DRACUT_COMPRESS_PIGZ_:: +_DRACUT_COMPRESS_LZOP_:: +_DRACUT_COMPRESS_ZSTD_:: +_DRACUT_COMPRESS_LZ4_:: +_DRACUT_COMPRESS_CAT_:: + overrides for compression utilities to support using them from + non-standard paths. ++ +Default values are the default compression utility names to be found in **PATH**. + +_DRACUT_ARCH_:: + overrides the value of **uname -m**. Used for **--sysroot**. ++ +Default: + _empty_ (the value of **uname -m** on the host system) + +_SYSTEMD_VERSION_:: + overrides systemd version. Used for **--sysroot**. + +_SYSTEMCTL_:: + overrides the systemctl binary. Used for **--sysroot**. + +_NM_VERSION_:: + overrides the NetworkManager version. Used for **--sysroot**. + +_DRACUT_INSTALL_PATH_:: + overrides **PATH** environment for **dracut-install** to look for + binaries relative to **--sysroot**. In a cross-compiled environment + (e.g. Yocto), PATH points to natively built binaries that are not + in the host's /bin, /usr/bin, etc. **dracut-install** still needs plain + /bin and /usr/bin that are relative to the cross-compiled sysroot. ++ +Default: + _PATH_ + +_DRACUT_INSTALL_LOG_TARGET_:: + overrides **DRACUT_LOG_TARGET** for **dracut-install**. It allows + running **dracut-install* to run with different log target that + **dracut** runs with. ++ +Default: + _DRACUT_LOG_TARGET_ + +_DRACUT_INSTALL_LOG_LEVEL_:: + overrides **DRACUT_LOG_LEVEL** for **dracut-install**. It allows + running **dracut-install* to run with different log level that + **dracut** runs with. ++ +Default: + _DRACUT_LOG_LEVEL_ + +FILES +----- +_/var/log/dracut.log_:: + logfile of initramfs image creation + +_/tmp/dracut.log_:: + logfile of initramfs image creation, if _/var/log/dracut.log_ is not + writable + +_/etc/dracut.conf_:: + see dracut.conf5 + +_/etc/dracut.conf.d/*.conf_:: + see dracut.conf5 + +_/usr/lib/dracut/dracut.conf.d/*.conf_:: + see dracut.conf5 + +Configuration in the initramfs +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +_/etc/conf.d/_:: + Any files found in _/etc/conf.d/_ will be sourced in the initramfs to + set initial values. Command line options will override these values + set in the configuration files. + +_/etc/cmdline_:: + Can contain additional command line options. Deprecated, better use + /etc/cmdline.d/*.conf. + +_/etc/cmdline.d/*.conf_:: + Can contain additional command line options. + +AVAILABILITY +------------ +The dracut command is part of the dracut package and is available from +link:$$https://github.com/dracutdevs/dracut$$[https://github.com/dracutdevs/dracut] + +AUTHORS +------- +Harald Hoyer + +Victor Lowther + +Amadeusz Żołnowski + +Hannes Reinecke + +Daniel Molkentin + +Will Woods + +Philippe Seewer + +Warren Togami + +SEE ALSO +-------- +*dracut.cmdline*(7) *dracut.conf*(5) *lsinitrd*(1) diff --git a/man/dracut.asc b/man/dracut.asc new file mode 100644 index 0000000..c806ab2 --- /dev/null +++ b/man/dracut.asc @@ -0,0 +1,182 @@ +dracut {mainversion} +==================== +:author: Harald Hoyer +:email: harald@profian.com +:revnumber: {version} +:language: bash + += Introduction +This section is a modified version of +http://en.wikipedia.org/wiki/Initrd which is licensed under the +Creative Commons Attribution/Share-Alike License. + +== Definition +An _initial ramdisk_ is a temporary file system used in the boot process of the +Linux kernel. _initrd_ and _initramfs_ refer to slightly different schemes for +loading this file system into memory. Both are commonly used to make +preparations before the real root file system can be mounted. + +== Rationale +Many Linux distributions ship a single, generic kernel image that is intended to +boot as wide a variety of hardware as possible. The device drivers for this +generic kernel image are included as loadable modules, as it is not possible to +statically compile them all into the one kernel without making it too large to +boot from computers with limited memory or from lower-capacity media like floppy +disks. + +This then raises the problem of detecting and loading the modules necessary to +mount the root file system at boot time (or, for that matter, deducing where or +what the root file system is). + +To further complicate matters, the root file system may be on a software RAID +volume, LVM, NFS (on diskless workstations), or on an encrypted partition. All +of these require special preparations to mount. + +Another complication is kernel support for hibernation, which suspends the +computer to disk by dumping an image of the entire system to a swap partition or +a regular file, then powering off. On next boot, this image has to be made +accessible before it can be loaded back into memory. + +To avoid having to hardcode handling for so many special cases into the kernel, +an initial boot stage with a temporary root file system +—now dubbed early user space— is used. This root file system would contain +user-space helpers that would do the hardware detection, module loading and +device discovery necessary to get the real root file system mounted. + +== Implementation +An image of this initial root file system (along with the kernel image) must be +stored somewhere accessible by the Linux bootloader or the boot firmware of the +computer. This can be: + +* The root file system itself +* A boot image on an optical disc +* A small ext2/ext3/ext4 or FAT-formatted partition on a local disk + (a _boot partition_) +* A TFTP server (on systems that can boot from Ethernet) + +The bootloader will load the kernel and initial root file system image into +memory and then start the kernel, passing in the memory address of the image. + +Depending on which algorithms were compiled statically into it, the kernel can +currently unpack initrd/initramfs images compressed with gzip, bzip2 and LZMA. + +== Mount preparations +dracut can generate a customized initramfs image which contains only whatever is +necessary to boot some particular computer, such as ATA, SCSI and filesystem +kernel modules (host-only mode). + +dracut can also generate a more generic initramfs image (default mode). + +dracut's initramfs starts only with the device name of the root file system (or +its UUID) and must discover everything else at boot time. A complex cascade of +tasks must be performed to get the root file system mounted: + +* Any hardware drivers that the boot process depends on must be loaded. All +kernel modules for common storage devices are packed onto the initramfs and then +udev pulls in modules matching the computer's detected hardware. + +* On systems which display a boot rd.splash screen, the video hardware must be +initialized and a user-space helper started to paint animations onto the display +in lockstep with the boot process. + +* If the root file system is on NFS, dracut does then: +** Bring up the primary network interface. +** Invoke a DHCP client, with which it can obtain a DHCP lease. +** Extract the name of the NFS share and the address of the NFS server from the +lease. +** Mount the NFS share. + +* If the root file system appears to be on a software RAID device, there is no +way of knowing which devices the RAID volume spans; the standard MD utilities +must be invoked to scan all available block devices with a raid signature and +bring the required ones online. + +* If the root file system appears to be on a logical volume, the LVM utilities +must be invoked to scan for and activate the volume group containing it. + +* If the root file system is on an encrypted block device: +** Invoke a helper script to prompt the user to type in a passphrase and/or +insert a hardware token (such as a smart card or a USB security dongle). + +* Create a decryption target with the device mapper. + +dracut uses udev, an event-driven hotplug agent, which invokes helper programs +as hardware devices, disk partitions and storage volumes matching certain rules +come online. This allows discovery to run in parallel, and to progressively +cascade into arbitrary nestings of LVM, RAID or encryption to get at the root +file system. + +When the root file system finally becomes visible: + +* Any maintenance tasks which cannot run on a mounted root file system +are done. +* The root file system is mounted read-only. +* Any processes which must continue running (such as the rd.splash screen helper +and its command FIFO) are hoisted into the newly-mounted root file system. + +The final root file system cannot simply be mounted over /, since that would +make the scripts and tools on the initial root file system inaccessible for any +final cleanup tasks. On an initramfs, the initial root file system cannot be +rotated away. Instead, it is simply emptied and the final root file system +mounted over the top. + +If the systemd module is used in the initramfs, the ordering of the services +started looks like <<dracutbootup7>>. + +== Dracut on shutdown + +On a systemd driven system, the dracut initramfs is also used for the shutdown +procedure. + +The following steps are executed during a shutdown: + +* systemd switches to the shutdown.target +* systemd starts + $prefix/lib/systemd/system/shutdown.target.wants/dracut-shutdown.service +* dracut-shutdown.service executes /usr/lib/dracut/dracut-initramfs-restore + which unpacks the initramfs to /run/initramfs +* systemd finishes shutdown.target +* systemd kills all processes +* systemd tries to unmount everything and mounts the remaining read-only +* systemd checks, if there is a /run/initramfs/shutdown executable +* if yes, it does a pivot_root to /run/initramfs and executes ./shutdown. + The old root is then mounted on /oldroot. + /usr/lib/dracut/modules.d/99shutdown/shutdown.sh is the shutdown executable. +* shutdown will try to unmount every /oldroot mount and calls the various + shutdown hooks from the dracut modules + +This ensures, that all devices are disassembled and unmounted cleanly. + += User Manual + +:leveloffset: 1 +include::dracut.8.asc[] + +:leveloffset: 1 +[[dracutconf5]] +include::dracut.conf.5.asc[] + +[[dracutcmdline7]] +include::dracut.cmdline.7.asc[] + +[[lsinitrd1]] +include::lsinitrd.1.asc[] + += Developer Manual + +:leveloffset: 1 +[[dracutmodules7]] +include::dracut.modules.7.asc[] + +[[dracutbootup7]] +include::dracut.bootup.7.asc[] + +:leveloffset: 0 +[appendix] +License +------- +This work is licensed under the Creative Commons Attribution/Share-Alike +License. To view a copy of this license, visit +http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative +Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. + diff --git a/man/dracut.bootup.7.asc b/man/dracut.bootup.7.asc new file mode 100644 index 0000000..b2aba6a --- /dev/null +++ b/man/dracut.bootup.7.asc @@ -0,0 +1,127 @@ +DRACUT.BOOTUP(7) +================ +:doctype: manpage +:man source: dracut +:man manual: dracut +:man version: {version} + +NAME +---- +dracut.bootup - boot ordering in the initramfs + +DESCRIPTION +----------- + +This flow chart illustrates the ordering of the services, if systemd is used in +the dracut initramfs. +---- + + systemd-journal.socket + | + v + dracut-cmdline.service + | + v + dracut-pre-udev.service + | + v + systemd-udevd.service + | + v +local-fs-pre.target dracut-pre-trigger.service + | | + v v + (various mounts) (various swap systemd-udev-trigger.service + | devices...) | (various low-level (various low-level + | | | services: seed, API VFS mounts: + v v v tmpfiles, random mqueue, configfs, + local-fs.target swap.target dracut-initqueue.service sysctl, ...) debugfs, ...) + | | | | | + \_______________|____________________ | ___________________|____________________/ + \|/ + v + sysinit.target + | + _________________/|\___________________ + / | \ + | | | + v | v + (various | rescue.service + sockets...) | | + | | v + v | rescue.target + sockets.target | + | | + \_________________ | emergency.service + \| | + v v + basic.target emergency.target + | + ______________________/| + / | + | v + | initrd-root-device.target + | | + | v + | dracut-pre-mount.service + | | + | v + | sysroot.mount + | | + | v + | initrd-root-fs.target + (custom initrd services) | + | v + | dracut-mount.service + | | + | v + | initrd-parse-etc.service + | | + | v + | (sysroot-usr.mount and + | various mounts marked + | with fstab option + | x-initrd.mount) + | | + | v + | initrd-fs.target + \______________________ | + \| + v + initrd.target + | + v + dracut-pre-pivot.service + | + v + initrd-cleanup.service + isolates to + initrd-switch-root.target + | + v + ______________________/| + / | + | initrd-udevadm-cleanup-db.service + | | + (custom initrd services) | + | | + \______________________ | + \| + v + initrd-switch-root.target + | + v + initrd-switch-root.service + | + v + switch-root +---- + + +AUTHOR +------ +Harald Hoyer + +SEE ALSO +-------- +*dracut*(8) *bootup*(7) diff --git a/man/dracut.cmdline.7.asc b/man/dracut.cmdline.7.asc new file mode 100644 index 0000000..fefa209 --- /dev/null +++ b/man/dracut.cmdline.7.asc @@ -0,0 +1,1475 @@ +DRACUT.CMDLINE(7) +================= +:doctype: manpage +:man source: dracut +:man manual: dracut +:man version: {version} + +NAME +---- +dracut.cmdline - dracut kernel command line options + +DESCRIPTION +----------- +The root device used by the kernel is specified in the boot configuration +file on the kernel command line, as always. + +The traditional _root=/dev/sda1_ style device specification is allowed, but not +encouraged. The root device should better be identified by LABEL or UUID. If a +label is used, as in _root=LABEL=<label_of_root>_ the initramfs will search all +available devices for a filesystem with the appropriate label, and mount that +device as the root filesystem. _root=UUID=<uuidnumber>_ will mount the partition +with that UUID as the root filesystem. + +In the following all kernel command line parameters, which are processed by +dracut, are described. + +"rd.*" parameters mentioned without "=" are boolean parameters. They can be +turned on/off by setting them to {0|1}. If the assignment with "=" is missing +"=1" is implied. For example _rd.info_ can be turned off with _rd.info=0_ or +turned on with _rd.info=1_ or _rd.info_. The last value in the kernel command +line is the value, which is honored. + +Standard +~~~~~~~~ +**init=**__<path to real init>__:: + specify the path to the init program to be started after the initramfs has + finished + +**root=**__<path to blockdevice>__:: + specify the block device to use as the root filesystem. ++ +[listing] +.Example +-- +root=/dev/sda1 +root=/dev/disk/by-path/pci-0000:00:1f.1-scsi-0:0:1:0-part1 +root=/dev/disk/by-label/Root +root=LABEL=Root +root=/dev/disk/by-uuid/3f5ad593-4546-4a94-a374-bcfb68aa11f7 +root=UUID=3f5ad593-4546-4a94-a374-bcfb68aa11f7 +root=PARTUUID=3f5ad593-4546-4a94-a374-bcfb68aa11f7 +-- + +**rootfstype=**__<filesystem type>__:: "auto" if not specified. ++ +[listing] +.Example +-- +rootfstype=ext4 +-- + +**rootflags=**__<mount options>__:: + specify additional mount options for the root filesystem. If not set, + _/etc/fstab_ of the real root will be parsed for special mount options and + mounted accordingly. + +**ro**:: + force mounting _/_ and _/usr_ (if it is a separate device) read-only. If + none of ro and rw is present, both are mounted according to _/etc/fstab_. + +**rw**:: + force mounting _/_ and _/usr_ (if it is a separate device) read-write. + See also ro option. + +**rootfallback=**__<path to blockdevice>__:: + specify the block device to use as the root filesystem, if the normal root + cannot be found. This can only be a simple block device with a simple file + system, for which the filesystem driver is either compiled in, or added + manually to the initramfs. This parameter can be specified multiple times. + +**rd.auto** **rd.auto=1**:: + enable autoassembly of special devices like cryptoLUKS, dmraid, mdraid or + lvm. Default is off as of dracut version >= 024. + +**rd.hostonly=0**:: + removes all compiled in configuration of the host system the initramfs image + was built on. This helps booting, if any disk layout changed, especially in + combination with rd.auto or other parameters specifying the layout. + +**rd.cmdline=ask**:: + prompts the user for additional kernel command line parameters + +**rd.fstab=0**:: + do not honor special mount options for the root filesystem found in + _/etc/fstab_ of the real root. + +**resume=**__<path to resume partition>__:: + resume from a swap partition ++ +[listing] +.Example +-- +resume=/dev/disk/by-path/pci-0000:00:1f.1-scsi-0:0:1:0-part1 +resume=/dev/disk/by-uuid/3f5ad593-4546-4a94-a374-bcfb68aa11f7 +resume=UUID=3f5ad593-4546-4a94-a374-bcfb68aa11f7 +-- + +**rd.skipfsck**:: + skip fsck for rootfs and _/usr_. If you're mounting _/usr_ read-only and + the init system performs fsck before remount, you might want to use this + option to avoid duplication. + +iso-scan/filename +~~~~~~~~~~~~~~~~~ + +Mount all mountable devices and search for ISO pointed by the argument. When +the ISO is found set it up as a loop device. Device containing this ISO +image will stay mounted at /run/initramfs/isoscandev. +Using iso-scan/filename with a Fedora/Red Hat/CentOS Live iso should just work +by copying the original kernel cmdline parameters. + +[listing] +.Example +-- +menuentry 'Live Fedora 20' --class fedora --class gnu-linux --class gnu --class os { + set isolabel=Fedora-Live-LXDE-x86_64-20-1 + set isofile="/boot/iso/Fedora-Live-LXDE-x86_64-20-1.iso" + loopback loop $isofile + linux (loop)/isolinux/vmlinuz0 boot=isolinux iso-scan/filename=$isofile root=live:LABEL=$isolabel ro rd.live.image quiet rhgb + initrd (loop)/isolinux/initrd0.img +} +-- + +Misc +~~~~ +**rd.emergency=**__[reboot|poweroff|halt]__:: + specify, what action to execute in case of a critical failure. rd.shell=0 must also + be specified. + +**rd.driver.blacklist=**__<drivername>__[,__<drivername>__,...]:: + do not load kernel module <drivername>. This parameter can be specified + multiple times. + +**rd.driver.pre=**__<drivername>__[,__<drivername>__,...]:: + force loading kernel module <drivername>. This parameter can be specified + multiple times. + +**rd.driver.post=**__<drivername>__[,__<drivername>__,...]:: + force loading kernel module <drivername> after all automatic loading modules + have been loaded. This parameter can be specified multiple times. + +**rd.retry=**__<seconds>__:: + specify how long dracut should retry the initqueue to configure devices. + The default is 180 seconds. After 2/3 of the time, degraded raids are force + started. If you have hardware, which takes a very long time to announce its + drives, you might want to extend this value. + +**rd.timeout=**__<seconds>__:: + specify how long dracut should wait for devices to appear. The + default is '0', which means 'forever'. Note that this timeout + should be longer than rd.retry to allow for proper configuration. + +**rd.noverifyssl**:: + accept self-signed certificates for ssl downloads. + +**rd.ctty=**__<terminal device>__:: + specify the controlling terminal for the console. + This is useful, if you have multiple "console=" arguments. + +**rd.shutdown.timeout.umount=**__<seconds>__:: + specify how long dracut should wait for an individual umount to finish + during shutdown. This avoids the system from blocking when unmounting a file + system cannot complete and waits indefinitely. Value '0' means to wait + 'forever'. The default is 90 seconds. + +[[dracutkerneldebug]] +Debug +~~~~~ +If you are dropped to an emergency shell, the file +_/run/initramfs/rdsosreport.txt_ is created, which can be saved to a (to be +mounted by hand) partition (usually /boot) or a USB stick. Additional debugging +info can be produced by adding **rd.debug** to the kernel command line. +_/run/initramfs/rdsosreport.txt_ contains all logs and the output of some tools. +It should be attached to any report about dracut problems. + +**rd.info**:: + print informational output though "quiet" is set + +**rd.shell**:: + allow dropping to a shell, if root mounting fails + +**rd.debug**:: + set -x for the dracut shell. + If systemd is active in the initramfs, all output is logged to the systemd + journal, which you can inspect with "journalctl -ab". + If systemd is not active, the logs are written to dmesg and + _/run/initramfs/init.log_. + If "quiet" is set, it also logs to the console. + +**rd.memdebug=[0-5]**:: + Print memory usage info at various points, set the verbose level from 0 to 5. ++ + Higher level means more debugging output: ++ +---- + 0 - no output + 1 - partial /proc/meminfo + 2 - /proc/meminfo + 3 - /proc/meminfo + /proc/slabinfo + 4 - /proc/meminfo + /proc/slabinfo + memstrack summary + NOTE: memstrack is a memory tracing tool that tracks the total memory + consumption, and peak memory consumption of each kernel modules + and userspace progress during the whole initramfs runtime, report + is generated and the end of initramsfs run. + 5 - /proc/meminfo + /proc/slabinfo + memstrack (with top memory stacktrace) + NOTE: memstrack (with top memory stacktrace) will print top memory + allocation stack traces during the whole initramfs runtime. +---- + +**rd.break**:: + drop to a shell at the end + +**rd.break=**__{cmdline|pre-udev|pre-trigger|initqueue|pre-mount|mount|pre-pivot|cleanup}__:: + drop to a shell before the defined breakpoint starts + +**rd.udev.info**:: + set udev to loglevel info + +**rd.udev.debug**:: + set udev to loglevel debug + +I18N +~~~~ +**rd.vconsole.keymap=**__<keymap base file name>__:: + keyboard translation table loaded by loadkeys; taken from keymaps directory; + will be written as KEYMAP to _/etc/vconsole.conf_ in the initramfs. ++ +[listing] +.Example +-- +rd.vconsole.keymap=de-latin1-nodeadkeys +-- + +**rd.vconsole.keymap.ext=**__<list of keymap base file names>__:: + list of extra keymaps to bo loaded (sep. by space); will be written as + EXT_KEYMAP to _/etc/vconsole.conf_ in the initramfs + +**rd.vconsole.unicode**:: + boolean, indicating UTF-8 mode; will be written as UNICODE to + _/etc/vconsole.conf_ in the initramfs + +**rd.vconsole.font=**__<font base file name>__:: + console font; taken from consolefonts directory; will be written as FONT to + _/etc/vconsole.conf_ in the initramfs. ++ +[listing] +.Example +-- +rd.vconsole.font=eurlatgr +-- + +**rd.vconsole.font.map=**__<console map base file name>__:: + see description of '-m' parameter in setfont manual; taken from consoletrans + directory; will be written as FONT_MAP to _/etc/vconsole.conf_ in the + initramfs + +**rd.vconsole.font.unimap=**__<unicode table base file name>__:: + see description of '-u' parameter in setfont manual; taken from unimaps + directory; will be written as FONT_UNIMAP to _/etc/vconsole.conf_ in the + initramfs + +**rd.locale.LANG=**__<locale>__:: + taken from the environment; if no UNICODE is defined we set its value in + basis of LANG value (whether it ends with ".utf8" (or similar) or not); will + be written as LANG to _/etc/locale.conf_ in the initramfs. ++ +[listing] +.Example +-- +rd.locale.LANG=pl_PL.utf8 +-- + +**rd.locale.LC_ALL=**__<locale>__:: + taken from the environment; will be written as LC_ALL to _/etc/locale.conf_ + in the initramfs + +LVM +~~~ +**rd.lvm=0**:: + disable LVM detection + +**rd.lvm.vg=**__<volume group name>__:: + only activate all logical volumes in the the volume groups with the given name. + rd.lvm.vg can be specified multiple times on the kernel command line. + +**rd.lvm.lv=**__<volume group name>/<logical volume name>__:: + only activate the logical volumes with the given name. + rd.lvm.lv can be specified multiple times on the kernel command line. + +**rd.lvm.conf=0**:: + remove any _/etc/lvm/lvm.conf_, which may exist in the initramfs + +crypto LUKS +~~~~~~~~~~~ +**rd.luks=0**:: + disable crypto LUKS detection + +**rd.luks.uuid=**__<luks uuid>__:: + only activate the LUKS partitions with the given UUID. Any "luks-" of the + LUKS UUID is removed before comparing to _<luks uuid>_. + The comparisons also matches, if _<luks uuid>_ is only the beginning of the + LUKS UUID, so you don't have to specify the full UUID. + This parameter can be specified multiple times. + _<luks uuid>_ may be prefixed by the keyword `keysource:`, see + _rd.luks.key_ below. + +**rd.luks.allow-discards=**__<luks uuid>__:: + Allow using of discards (TRIM) requests for LUKS partitions with the given + UUID. Any "luks-" of the LUKS UUID is removed before comparing to + _<luks uuid>_. The comparisons also matches, if _<luks uuid>_ is only the + beginning of the LUKS UUID, so you don't have to specify the full UUID. + This parameter can be specified multiple times. + +**rd.luks.allow-discards**:: + Allow using of discards (TRIM) requests on all LUKS partitions. + +**rd.luks.crypttab=0**:: + do not check, if LUKS partition is in _/etc/crypttab_ + +**rd.luks.timeout=**__<seconds>__:: + specify how long dracut should wait when waiting for the user to enter the + password. This avoid blocking the boot if no password is entered. It does + not apply to luks key. The default is '0', which means 'forever'. + +crypto LUKS - key on removable device support +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +NB: If systemd is included in the dracut initrd, dracut's built in +removable device keying support won't work. systemd will prompt for +a password from the console even if you've supplied **rd.luks.key**. +You may be able to use standard systemd *fstab*(5) syntax to +get the same effect. If you do need **rd.luks.key** to work, +you will have to exclude the "systemd" dracut module and any modules +that depend on it. See *dracut.conf*(5) and +https://bugzilla.redhat.com/show_bug.cgi?id=905683 for more +information. + +**rd.luks.key=**_<keypath>[:<keydev>[:<luksdev>]]_:: + _<keypath>_ is the pathname of a key file, relative to the root + of the filesystem on some device. It's REQUIRED. When + _<keypath>_ ends with '.gpg' it's considered to be key encrypted + symmetrically with GPG. You will be prompted for the GPG password on + boot. GPG support comes with the 'crypt-gpg' module, which needs to be + added explicitly. ++ +_<keydev>_ identifies the device on which the key file resides. It may +be the kernel name of the device (should start with "/dev/"), a UUID +(prefixed with "UUID=") or a label (prefix with "LABEL="). You don't +have to specify a full UUID. Just its beginning will suffice, even if +its ambiguous. All matching devices will be probed. This parameter is +recommended, but not required. If it's not present, all block devices will +be probed, which may significantly increase boot time. ++ +If _<luksdev>_ is given, the specified key will only be used for +the specified LUKS device. Possible values are the same as for +_<keydev>_. Unless you have several LUKS devices, you don't have to +specify this parameter. The simplest usage is: ++ +[listing] +.Example +-- +rd.luks.key=/foo/bar.key +-- ++ +As you see, you can skip colons in such a case. + +[NOTE] +=============================== +Your LUKS partition must match your key file. + +dracut provides keys to cryptsetup with _-d_ (an older alias for +_--key-file_). This uses the entire binary +content of the key file as part of the secret. If +you pipe a password into cryptsetup *without* _-d_ or _--key-file_, +it will be treated as text user input, and only characters before +the first newline will be used. Therefore, when you're creating +an encrypted partition for dracut to mount, and you pipe a key into +_cryptsetup luksFormat_,you must use _-d -_. + +Here is an example for a key encrypted with GPG (warning: +_--batch-mode_ will overwrite the device without asking for +confirmation): + +[listing] +-- +gpg --quiet --decrypt rootkey.gpg | \ +cryptsetup --batch-mode --key-file - \ + luksFormat /dev/sda47 +-- + +If you use unencrypted key files, just use the key file pathname +instead of the standard input. For a random key with 256 bits of +entropy, you might use: + +[listing] +-- +head -32c /dev/urandom > rootkey.key +cryptsetup --batch-mode --key-file rootkey.key \ + luksFormat /dev/sda47 +-- + +You can also use regular key files on an encrypted _keydev_. + +Compared to using GPG encrypted keyfiles on an unencrypted +device this provides the following advantages: + +- you can unlock your disk(s) using multiple passphrases +- better security by not losing the key stretching mechanism + +To use an encrypted _keydev_ you *must* ensure that it becomes +available by using the keyword `keysource`, e.g. +`rd.luks.uuid=keysource:aaaa` +_aaaa_ being the uuid of the encrypted _keydev_. + +Example: + +Lets assume you have three disks _A_, _B_ and _C_ with the uuids +_aaaa_, _bbbb_ and _cccc_. + +You want to unlock _A_ and _B_ using keyfile _keyfile_. + +The unlocked volumes be _A'_, _B'_ and _C'_ with the uuids +_AAAA_, _BBBB_ and _CCCC_. + +_keyfile_ is saved on _C'_ as _/keyfile_. + +One luks keyslot of each _A_, _B_ and _C_ is setup with a +passphrase. + +Another luks keyslot of each _A_ and _B_ is setup with _keyfile_. + +To boot this configuration you could use: +[listing] +-- +rd.luks.uuid=aaaa +rd.luks.uuid=bbbb +rd.luks.uuid=keysource:cccc +rd.luks.key=/keyfile:UUID=CCCC +-- +Dracut asks for the passphrase for _C_ and uses the +keyfile to unlock _A_ and _B_. + +If getting the passphrase for _C_ fails it falls back to +asking for the passphrases for _A_ and _B_. + +If you want _C'_ to stay unlocked, specify a luks name for +it, e.g. `rd.luks.name=cccc=mykeys`, otherwise it gets closed +when not needed anymore. +=============================== + +**rd.luks.key.tout=0**:: + specify how many times dracut will try to read the keys specified in in + rd.luk.key. This gives a chance to the removable device containing the key + to initialise. + +MD RAID +~~~~~~~ +**rd.md=0**:: + disable MD RAID detection + +**rd.md.imsm=0**:: + disable MD RAID for imsm/isw raids, use DM RAID instead + +**rd.md.ddf=0**:: + disable MD RAID for SNIA ddf raids, use DM RAID instead + +**rd.md.conf=0**:: + ignore mdadm.conf included in initramfs + +**rd.md.waitclean=1**:: + wait for any resync, recovery, or reshape activity to finish before + continuing + +**rd.md.uuid=**__<md raid uuid>__:: + only activate the raid sets with the given UUID. This parameter can be + specified multiple times. + +DM RAID +~~~~~~~ +**rd.dm=0**:: + disable DM RAID detection + +**rd.dm.uuid=**__<dm raid uuid>__:: + only activate the raid sets with the given UUID. This parameter can be + specified multiple times. + +MULTIPATH +~~~~~~~~~ +**rd.multipath=0**:: + disable multipath detection + +**rd.multipath=default**:: + use default multipath settings + +FIPS +~~~~ +**rd.fips**:: + enable FIPS + +**boot=**__<boot device>__:: + specify the device, where /boot is located. ++ +[listing] +.Example +-- +boot=/dev/sda1 +boot=/dev/disk/by-path/pci-0000:00:1f.1-scsi-0:0:1:0-part1 +boot=UUID=<uuid> +boot=LABEL=<label> +-- + +**rd.fips.skipkernel**:: + skip checksum check of the kernel image. Useful, if the kernel image is not + in a separate boot partition. + +Network +~~~~~~~ + +[IMPORTANT] +===================== +It is recommended to either bind an interface to a MAC with the **ifname** +argument, or to use the systemd-udevd predictable network interface names. + +Predictable network interface device names based on: + +- firmware/bios-provided index numbers for on-board devices +- firmware-provided pci-express hotplug slot index number +- physical/geographical location of the hardware +- the interface's MAC address + +See: +http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames + +Two character prefixes based on the type of interface: + +en:: ethernet +wl:: wlan +ww:: wwan + +Type of names: + +o<index>:: on-board device index number +s<slot>[f<function>][d<dev_id>]:: hotplug slot index number +x<MAC>:: MAC address +[P<domain>]p<bus>s<slot>[f<function>][d<dev_id>]:: PCI geographical location +[P<domain>]p<bus>s<slot>[f<function>][u<port>][..][c<config>][i<interface>]:: USB port number chain + +All multi-function PCI devices will carry the [f<function>] number in the +device name, including the function 0 device. + +When using PCI geography, The PCI domain is only prepended when it is not 0. + +For USB devices the full chain of port numbers of hubs is composed. If the +name gets longer than the maximum number of 15 characters, the name is not +exported. +The usual USB configuration == 1 and interface == 0 values are suppressed. + +PCI ethernet card with firmware index "1":: +* eno1 + +PCI ethernet card in hotplug slot with firmware index number:: +* ens1 + +PCI ethernet multi-function card with 2 ports:: +* enp2s0f0 +* enp2s0f1 + +PCI wlan card:: +* wlp3s0 + +USB built-in 3G modem:: +* wwp0s29u1u4i6 + +USB Android phone:: +* enp0s29u1u2 +===================== + +The following options are supported by the 'network-legacy' dracut +module. Other network modules might support a slightly different set of +options; refer to the documentation of the specific network module in use. For +NetworkManager, see *nm-initrd-generator*(8). + +**ip=**__{dhcp|on|any|dhcp6|auto6|either6|link6|single-dhcp}__:: + dhcp|on|any::: get ip from dhcp server from all interfaces. If netroot=dhcp, + loop sequentially through all interfaces (eth0, eth1, ...) and use the first + with a valid DHCP root-path. + + single-dhcp::: Send DHCP on all available interfaces in parallel, as + opposed to one after another. After the first DHCP response is received, + stop DHCP on all other interfaces. This gives the fastest boot time by + using the IP on interface for which DHCP succeeded first during early boot. + Caveat: Does not apply to Network Manager. + + auto6::: IPv6 autoconfiguration + + dhcp6::: IPv6 DHCP + + either6::: if auto6 fails, then dhcp6 + + link6::: bring up interface for IPv6 link-local addressing + +**ip=**__<interface>__:__{dhcp|on|any|dhcp6|auto6|link6}__[:[__<mtu>__][:__<macaddr>__]]:: + This parameter can be specified multiple times. ++ +===================== +dhcp|on|any|dhcp6::: get ip from dhcp server on a specific interface +auto6::: do IPv6 autoconfiguration +link6::: bring up interface for IPv6 link local address +<macaddr>::: optionally **set** <macaddr> on the <interface>. This +cannot be used in conjunction with the **ifname** argument for the +same <interface>. +===================== + +**ip=**__<client-IP>__:[__<peer>__]:__<gateway-IP>__:__<netmask>__:__<client_hostname>__:__<interface>__:__{none|off|dhcp|on|any|dhcp6|auto6|ibft}__[:[__<mtu>__][:__<macaddr>__]]:: + explicit network configuration. If you want do define a IPv6 address, put it + in brackets (e.g. [2001:DB8::1]). This parameter can be specified multiple + times. __<peer>__ is optional and is the address of the remote endpoint + for pointopoint interfaces and it may be followed by a slash and a decimal + number, encoding the network prefix length. ++ +===================== +<macaddr>::: optionally **set** <macaddr> on the <interface>. This +cannot be used in conjunction with the **ifname** argument for the +same <interface>. +===================== + +**ip=**__<client-IP>__:[__<peer>__]:__<gateway-IP>__:__<netmask>__:__<client_hostname>__:__<interface>__:__{none|off|dhcp|on|any|dhcp6|auto6|ibft}__[:[__<dns1>__][:__<dns2>__]]:: + explicit network configuration. If you want do define a IPv6 address, put it + in brackets (e.g. [2001:DB8::1]). This parameter can be specified multiple + times. __<peer>__ is optional and is the address of the remote endpoint + for pointopoint interfaces and it may be followed by a slash and a decimal + number, encoding the network prefix length. + +**ifname=**__<interface>__:__<MAC>__:: + Assign network device name <interface> (i.e. "bootnet") to the NIC with + MAC <MAC>. ++ +WARNING: Do **not** use the default kernel naming scheme for the interface name, +as it can conflict with the kernel names. So, don't use "eth[0-9]+" for the +interface name. Better name it "bootnet" or "bluesocket". + +**rd.route=**__<net>__/__<netmask>__:__<gateway>__[:__<interface>__]:: + Add a static route with route options, which are separated by a colon. + IPv6 addresses have to be put in brackets. ++ +[listing] +.Example +-- + rd.route=192.168.200.0/24:192.168.100.222:ens10 + rd.route=192.168.200.0/24:192.168.100.222 + rd.route=192.168.200.0/24::ens10 + rd.route=[2001:DB8:3::/8]:[2001:DB8:2::1]:ens10 +-- + +**bootdev=**__<interface>__:: + specify network interface to use routing and netroot information from. + Required if multiple ip= lines are used. + +**BOOTIF=**__<MAC>__:: + specify network interface to use routing and netroot information from. + +**rd.bootif=0**:: + Disable BOOTIF parsing, which is provided by PXE + +**nameserver=**__<IP>__ [**nameserver=**__<IP>__ ...]:: + specify nameserver(s) to use + +**rd.peerdns=0**:: + Disable DNS setting of DHCP parameters. + +**biosdevname=0**:: + boolean, turn off biosdevname network interface renaming + +**rd.neednet=1**:: + boolean, bring up network even without netroot set + +**vlan=**__<vlanname>__:__<phydevice>__:: + Setup vlan device named <vlanname> on <phydevice>. + We support the four styles of vlan names: VLAN_PLUS_VID (vlan0005), + VLAN_PLUS_VID_NO_PAD (vlan5), DEV_PLUS_VID (eth0.0005), + DEV_PLUS_VID_NO_PAD (eth0.5) + +**bond=**__<bondname>__[:__<bondslaves>__:[:__<options>__[:<mtu>]]]:: + Setup bonding device <bondname> on top of <bondslaves>. + <bondslaves> is a comma-separated list of physical (ethernet) interfaces. + <options> is a comma-separated list on bonding options (modinfo bonding for + details) in format compatible with initscripts. If <options> includes + multi-valued arp_ip_target option, then its values should be separated by + semicolon. if the mtu is specified, it will be set on the bond master. + Bond without parameters assumes + bond=bond0:eth0,eth1:mode=balance-rr + +**team=**__<teammaster>__:__<teamslaves>__[:__<teamrunner>__]:: + Setup team device <teammaster> on top of <teamslaves>. + <teamslaves> is a comma-separated list of physical (ethernet) interfaces. + <teamrunner> is the runner type to be used (see *teamd.conf*(5)); defaults to + activebackup. + Team without parameters assumes + team=team0:eth0,eth1:activebackup + +**bridge=**__<bridgename>__:__<ethnames>__:: + Setup bridge <bridgename> with <ethnames>. <ethnames> is a comma-separated + list of physical (ethernet) interfaces. Bridge without parameters assumes + bridge=br0:eth0 + +NFS +~~~ +**root=**\[_<server-ip>_:]__<root-dir>__[:__<nfs-options>__]:: + mount nfs share from <server-ip>:/<root-dir>, if no server-ip is given, use + dhcp next_server. If server-ip is an IPv6 address it has to be put in + brackets, e.g. [2001:DB8::1]. NFS options can be appended with the prefix + ":" or "," and are separated by ",". + +**root=**nfs:\[_<server-ip>_:]__<root-dir>__[:__<nfs-options>__], **root=**nfs4:\[_<server-ip>_:]__<root-dir>__[:__<nfs-options>__], **root=**__{dhcp|dhcp6}__:: + netroot=dhcp alone directs initrd to look at the DHCP root-path where NFS + options can be specified. ++ +[listing] +.Example +-- + root-path=<server-ip>:<root-dir>[,<nfs-options>] + root-path=nfs:<server-ip>:<root-dir>[,<nfs-options>] + root-path=nfs4:<server-ip>:<root-dir>[,<nfs-options>] +-- + +**root=**_/dev/nfs_ nfsroot=\[_<server-ip>_:]__<root-dir>__[:__<nfs-options>__]:: + _Deprecated!_ kernel Documentation_/filesystems/nfsroot.txt_ defines this + method. This is supported by dracut, but not recommended. + +**rd.nfs.domain=**__<NFSv4 domain name>__:: + Set the NFSv4 domain name. Will override the settings in _/etc/idmap.conf_. + +**rd.net.dhcp.retry=**__<cnt>__:: + If this option is set, dracut will try to connect via dhcp <cnt> times before failing. + Default is 1. + +**rd.net.timeout.dhcp=**__<arg>__:: + If this option is set, dhclient is called with "--timeout <arg>". + +**rd.net.timeout.iflink=**__<seconds>__:: + Wait <seconds> until link shows up. Default is 60 seconds. + +**rd.net.timeout.ifup=**__<seconds>__:: + Wait <seconds> until link has state "UP". Default is 20 seconds. + +**rd.net.timeout.route=**__<seconds>__:: + Wait <seconds> until route shows up. Default is 20 seconds. + +**rd.net.timeout.ipv6dad=**__<seconds>__:: + Wait <seconds> until IPv6 DAD is finished. Default is 50 seconds. + +**rd.net.timeout.ipv6auto=**__<seconds>__:: + Wait <seconds> until IPv6 automatic addresses are assigned. Default is 40 seconds. + +**rd.net.timeout.carrier=**__<seconds>__:: + Wait <seconds> until carrier is recognized. Default is 10 seconds. + +CIFS +~~~ +**root=**cifs://[__<username>__[:__<password>__]@]__<server-ip>__:__<root-dir>__:: + mount cifs share from <server-ip>:/<root-dir>, if no server-ip is given, use + dhcp next_server. if server-ip is an IPv6 address it has to be put in + brackets, e.g. [2001:DB8::1]. If a username or password are not specified +as part of the root, then they must be passed on the command line through +cifsuser/cifspass. ++ +WARNING: Passwords specified on the kernel command line are visible for all +users via the file _/proc/cmdline_ and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path. + +**cifsuser**=__<username>__:: + Set the cifs username, if not specified as part of the root. + +**cifspass**=__<password>__:: + Set the cifs password, if not specified as part of the root. ++ +WARNING: Passwords specified on the kernel command line are visible for all +users via the file _/proc/cmdline_ and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path. + +iSCSI +~~~~~ +**root=**iscsi:[__<username>__:__<password>__[:__<reverse>__:__<password>__]@][__<servername>__]:[__<protocol>__]:[__<port>__][:[__<iscsi_iface_name>__]:[__<netdev_name>__]]:[__<LUN>__]:__<targetname>__:: + protocol defaults to "6", LUN defaults to "0". If the "servername" field is + provided by BOOTP or DHCP, then that field is used in conjunction with other + associated fields to contact the boot server in the Boot stage. However, if + the "servername" field is not provided, then the "targetname" field is then + used in the Discovery Service stage in conjunction with other associated + fields. See + link:$$http://tools.ietf.org/html/rfc4173#section-5$$[rfc4173]. ++ +WARNING: Passwords specified on the kernel command line are visible for all +users via the file _/proc/cmdline_ and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path. ++ +[listing] +.Example +-- +root=iscsi:192.168.50.1::::iqn.2009-06.dracut:target0 +-- ++ +If servername is an IPv6 address, it has to be put in brackets: ++ +[listing] +.Example +-- +root=iscsi:[2001:DB8::1]::::iqn.2009-06.dracut:target0 +-- + +**root=**__???__ **netroot=**iscsi:[__<username>__:__<password>__[:__<reverse>__:__<password>__]@][__<servername>__]:[__<protocol>__]:[__<port>__][:[__<iscsi_iface_name>__]:[__<netdev_name>__]]:[__<LUN>__]:__<targetname>__ ...:: + multiple netroot options allow setting up multiple iscsi disks: ++ +[listing] +.Example +-- +root=UUID=12424547 +netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target0 +netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target1 +-- ++ +If servername is an IPv6 address, it has to be put in brackets: ++ +[listing] +.Example +-- +netroot=iscsi:[2001:DB8::1]::::iqn.2009-06.dracut:target0 +-- ++ +WARNING: Passwords specified on the kernel command line are visible for all +users via the file _/proc/cmdline_ and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path. +You may want to use rd.iscsi.firmware. + +**root=**__???__ **rd.iscsi.initiator=**__<initiator>__ **rd.iscsi.target.name=**__<target name>__ **rd.iscsi.target.ip=**__<target ip>__ **rd.iscsi.target.port=**__<target port>__ **rd.iscsi.target.group=**__<target group>__ **rd.iscsi.username=**__<username>__ **rd.iscsi.password=**__<password>__ **rd.iscsi.in.username=**__<in username>__ **rd.iscsi.in.password=**__<in password>__:: + manually specify all iscsistart parameter (see **+iscsistart --help+**) ++ +WARNING: Passwords specified on the kernel command line are visible for all +users via the file _/proc/cmdline_ and via dmesg or can be sniffed on the +network, when using DHCP with DHCP root-path. +You may want to use rd.iscsi.firmware. + +**root=**_???_ **netroot=**iscsi **rd.iscsi.firmware=1**:: + will read the iscsi parameter from the BIOS firmware + +**rd.iscsi.login_retry_max=**__<num>__:: + maximum number of login retries + +**rd.iscsi.param=**__<param>__:: + <param> will be passed as "--param <param>" to iscsistart. + This parameter can be specified multiple times. ++ +[listing] +.Example +-- +"netroot=iscsi rd.iscsi.firmware=1 rd.iscsi.param=node.session.timeo.replacement_timeout=30" +-- ++ +will result in ++ +[listing] +-- +iscsistart -b --param node.session.timeo.replacement_timeout=30 +-- + +**rd.iscsi.ibft** **rd.iscsi.ibft=1**: + Turn on iBFT autoconfiguration for the interfaces + +**rd.iscsi.mp** **rd.iscsi.mp=1**: + Configure all iBFT interfaces, not only used for booting (multipath) + +**rd.iscsi.waitnet=0**: + Turn off waiting for all interfaces to be up before trying to login to the iSCSI targets. + +**rd.iscsi.testroute=0**: + Turn off checking, if the route to the iSCSI target IP is possible before trying to login. + +FCoE +~~~~ +**rd.fcoe=0**:: + disable FCoE and lldpad + +**fcoe=**__<edd|interface|MAC>__:__{dcb|nodcb}__:__{fabric|vn2vn}__:: + Try to connect to a FCoE SAN through the NIC specified by _<interface>_ or + _<MAC>_ or EDD settings. The second argument specifies if DCB + should be used. The optional third argument specifies whether + fabric or VN2VN mode should be used. + This parameter can be specified multiple times. ++ +NOTE: letters in the MAC-address must be lowercase! + +NVMf +~~~~ +**rd.nonvmf**:: + Disable NVMf + +**rd.nvmf.nonbft**:: + Disable connecting to targets from the NVMe Boot Firmware Table. Without + this parameter, NBFT connections will take precedence over _rd.nvmf.discover_. + +**rd.nvmf.nostatic**:: + Disable connecting to targets that have been statically configured when + the initramfs was built. Targets specified with rd.nvmf.discover on the + kernel command line will still be tried. + +**rd.nvmf.hostnqn=**__<hostNQN>__:: + NVMe host NQN to use + +**rd.nvmf.hostid=**__<hostID>__:: + NVMe host id to use + +**rd.nvmf.discover=**__{rdma|fc|tcp}__,__<traddr>__,[__<host_traddr>__],[__<trsvcid>__]:: + Discover and connect to a NVMe-over-Fabric controller specified by + _<traddr>_ and the optionally _<host_traddr>_ or _<trsvcid>_. + The first argument specifies the transport to use; currently only + 'rdma', 'fc', or 'tcp' are supported. + This parameter can be specified multiple times. ++ +[listing] +.Examples +-- +rd.nvmf.discover=tcp,192.168.10.10,,4420 +rd.nvmf.discover=fc,nn-0x201700a05634f5bf:pn-0x201900a05634f5bf,nn-0x200000109b579ef3:pn-0x100000109b579ef3 +-- + +**rd.nvmf.discover=fc,auto**:: + This special syntax determines that Fibre Channel autodiscovery + is to be used rather than regular NVMe discovery. It takes precedence + over all other _rd.nvmf.discover=_ arguments. + +NBD +~~~ +**root=**??? **netroot=**nbd:__<server>__:__<port/exportname>__[:__<fstype>__[:__<mountopts>__[:__<nbdopts>__]]]:: + mount nbd share from <server>. ++ +NOTE: + If "exportname" instead of "port" is given the standard port is used. + Newer versions of nbd are only supported with "exportname". + +**root=/dev/root netroot=dhcp** with **dhcp** **root-path=**nbd:__<server>__:__<port/exportname>__[:__<fstype>__[:__<mountopts>__[:__<nbdopts>__]]]:: + netroot=dhcp alone directs initrd to look at the DHCP root-path where NBD + options can be specified. This syntax is only usable in cases where you are + directly mounting the volume as the rootfs. ++ +NOTE: + If "exportname" instead of "port" is given the standard port is used. + Newer versions of nbd are only supported with "exportname". + +VIRTIOFS +~~~~~~~~ +**root=**virtiofs:__<mount-tag>__:: + mount virtiofs share using the tag <mount-tag>. + The tag name is arbitrary and must match the tag given in the qemu '-device' command. + +**rootfstype=**virtiofs **root=**__<mount-tag>__:: + mount virtiofs share using the tag <mount-tag>. + The tag name is arbitrary and must match the tag given in the qemu '-device' command. + +Both formats are supported by the 'virtiofs' dracut module. +See https://gitlab.com/virtio-fs/virtiofsd for more information. + +[listing] +.Example +-- +root=virtiofs:host rw +-- + +DASD +~~~~ +**rd.dasd=**....:: + same syntax as the kernel module parameter (s390 only) + +ZFCP +~~~~ +**rd.zfcp=**__<zfcp adaptor device bus ID>__,__<WWPN>__,__<FCPLUN>__:: + rd.zfcp can be specified multiple times on the kernel command + line. + +**rd.zfcp=**__<zfcp adaptor device bus ID>__:: + If NPIV is enabled and the 'allow_lun_scan' parameter to the zfcp + module is set to 'Y' then the zfcp adaptor will be initiating a + scan internally and the <WWPN> and <FCPLUN> parameters can be omitted. ++ +[listing] +.Example +-- +rd.zfcp=0.0.4000,0x5005076300C213e9,0x5022000000000000 +rd.zfcp=0.0.4000 +-- + +**rd.zfcp.conf=0**:: + ignore zfcp.conf included in the initramfs + +ZNET +~~~~ +**rd.znet=**__<nettype>__,__<subchannels>__,__<options>__:: + The whole parameter is appended to /etc/ccw.conf, which is used on + RHEL/Fedora with ccw_init, which is called from udev for certain + devices on z-series. + rd.znet can be specified multiple times on the kernel command line. + +**rd.znet_ifname=**__<ifname>__:__<subchannels>__:: + Assign network device name <interface> (i.e. "bootnet") to the NIC + corresponds to the subchannels. This is useful when dracut's default + "ifname=" doesn't work due to device having a changing MAC address. ++ +[listing] +.Example +-- +rd.znet=qeth,0.0.0600,0.0.0601,0.0.0602,layer2=1,portname=foo +rd.znet=ctc,0.0.0600,0.0.0601,protocol=bar +-- + +Booting live images +~~~~~~~~~~~~~~~~~~~ +Dracut offers multiple options for live booted images: + +===================== +SquashFS with read-only filesystem image::: The system will boot with a +read-only filesystem from the SquashFS and apply a writable Device-mapper +snapshot or an OverlayFS overlay mount for the read-only base filesystem. This +method ensures a relatively fast boot and lower RAM usage. Users **must be +careful** to avoid writing too many blocks to a snapshot volume. Once the +blocks of the snapshot overlay are exhausted, the root filesystem becomes +read-only and may cause application failures. The snapshot overlay file is +marked 'Overflow', and a difficult recovery is required to repair and enlarge +the overlay offline. Non-persistent overlays are sparse files in RAM that only +consume content space as required blocks are allocated. They default to an +apparent size of 32 GiB in RAM. The size can be adjusted with the +**rd.live.overlay.size=** kernel command line option. ++ +The filesystem structure is traditionally expected to be: ++ +[listing] +-- +squashfs.img | SquashFS from LiveCD .iso + !(mount) + /LiveOS + |- rootfs.img | Filesystem image to mount read-only + !(mount) + /bin | Live filesystem + /boot | + /dev | + ... | +-- ++ +For OverlayFS mount overlays, the filesystem structure may also be a direct +compression of the root filesystem: ++ +[listing] +-- +squashfs.img | SquashFS from LiveCD .iso + !(mount) + /bin | Live filesystem + /boot | + /dev | + ... | +-- ++ +Dracut uses one of the overlay methods of live booting by default. No +additional command line options are required other than **root=live:<URL>** to +specify the location of your squashed filesystem. ++ +- The compressed SquashFS image can be copied during boot to RAM at +`/run/initramfs/squashed.img` by using the **rd.live.ram=1** option. +- A device with a persistent overlay can be booted read-only by using the +**rd.live.overlay.readonly** option on the kernel command line. This will +either cause a temporary, writable overlay to be stacked over a read-only +snapshot of the root filesystem or the OverlayFS mount will use an additional +lower layer with the root filesystem. ++ +Uncompressed live filesystem image::: +When the live system was installed with the '--skipcompress' option of the +__livecd-iso-to-disk__ installation script for Live USB devices, the root +filesystem image, __rootfs.img__, is expanded on installation and no SquashFS +is involved during boot. ++ +- If **rd.live.ram=1** is used in this situation, the full, uncompressed +root filesystem is copied during boot to `/run/initramfs/rootfs.img` in the +`/run` tmpfs. ++ +- If **rd.live.overlay=none** is provided as a kernel command line option, +a writable, linear Device-mapper target is created on boot with no overlay. + +Writable filesystem image::: +The system will retrieve a compressed filesystem image, extract it to +`/run/initramfs/fsimg/rootfs.img`, connect it to a loop device, create a +writable, linear Device-mapper target at `/dev/mapper/live-rw`, and mount that +as a writable volume at `/`. More RAM is required during boot but the live +filesystem is easier to manage if it becomes full. Users can make a filesystem +image of any size and that size will be maintained when the system boots. There +is no persistence of root filesystem changes between boots with this option. ++ +The filesystem structure is expected to be: ++ +[listing] +-- +rootfs.tgz | Compressed tarball containing filesystem image + !(unpack) + /rootfs.img | Filesystem image at /run/initramfs/fsimg/ + !(mount) + /bin | Live filesystem + /boot | + /dev | + ... | +-- ++ +To use this boot option, ensure that **rd.writable.fsimg=1** is in your kernel +command line and add the **root=live:<URL>** to specify the location +of your compressed filesystem image tarball or SquashFS image. +===================== + +**rd.writable.fsimg=**1:: +Enables writable filesystem support. The system will boot with a fully +writable (but non-persistent) filesystem without snapshots __(see notes above +about available live boot options)__. You can use the **rootflags** option to +set mount options for the live filesystem as well __(see documentation about +rootflags in the **Standard** section above)__. +This implies that the whole image is copied to RAM before the boot continues. ++ +NOTE: There must be enough free RAM available to hold the complete image. ++ +This method is very suitable for diskless boots. + +**rd.minmem=**__<megabyte>__:: +Specify minimum free RAM in MB after copying a live disk image into memory. +The default is 1024. ++ +This parameter only applies together with the parameters rd.writable.fsimg +or rd.live.ram. + +**root=**live:__<url>__:: +Boots a live image retrieved from __<url>__. Requires the dracut 'livenet' +module. Valid handlers: __http, https, ftp, torrent, tftp__. ++ +[listing] +.Examples +-- +root=live:http://example.com/liveboot.img +root=live:ftp://ftp.example.com/liveboot.img +root=live:torrent://example.com/liveboot.img.torrent +-- + +**rd.live.debug=**1:: +Enables debug output from the live boot process. + +**rd.live.dir=**__<path>__:: +Specifies the directory within the boot device where the squashfs.img or +rootfs.img can be found. By default, this is `/LiveOS`. + +**rd.live.squashimg=**__<filename of SquashFS image>__:: +Specifies the filename for a SquashFS image of the root filesystem. +By default, this is __squashfs.img__. + +**rd.live.ram=**1:: +Copy the complete image to RAM and use this for booting. This is useful +when the image resides on, e.g., a DVD which needs to be ejected later on. + +**rd.live.overlay={**__<devspec>__[:__{<pathspec>|auto}__]|__none__}:: +Manage the usage of a permanent overlay. ++ +-- +* _<devspec>_ specifies the path to a device with a mountable filesystem. +* _<pathspec>_ is the path to a file within that filesystem, which shall be +used to persist the changes made to the device specified by the +**root=live:__<url>__** option. ++ +The default _pathspec_, when _auto_ or no _:<pathspec>_ is given, is +`/<rd.live.dir>/overlay-<label>-<uuid>`, where _<label>_ is the +device LABEL, and _<uuid>_ is the device UUID. +* _none_ (the word itself) specifies that no overlay will be used, such as when +an uncompressed, writable live root filesystem is available. ++ +If a persistent overlay __is detected__ at the standard LiveOS path, the +overlay & overlay type detected, whether Device-mapper or OverlayFS, will be +used. +-- ++ +[listing] +.Examples +-- +rd.live.overlay=/dev/sdb1:persistent-overlay.img +rd.live.overlay=UUID=99440c1f-8daa-41bf-b965-b7240a8996f4 +-- + +**rd.live.overlay.cowfs=**__[btrfs|ext4|xfs]__:: +Specifies the filesystem to use when formatting the overlay partition. +The default is ext4. + +**rd.live.overlay.size=**__<size_MiB>__:: +Specifies a non-persistent Device-mapper overlay size in MiB. The default is +_32768_. + +**rd.live.overlay.readonly=**1:: +This is used to boot with a normally read-write persistent overlay in a +read-only mode. With this option, either an additional, non-persistent, +writable snapshot overlay will be stacked over a read-only snapshot, +`/dev/mapper/live‑ro`, of the base filesystem with the persistent overlay, or a +read-only loop device, in the case of a writable __rootfs.img__, or an OverlayFS +mount will use the persistent overlay directory linked at `/run/overlayfs‑r` as +an additional lower layer along with the base root filesystem and apply a +transient, writable upper directory overlay, in order to complete the booted +root filesystem. + +**rd.live.overlay.reset=**1:: +Specifies that a persistent overlay should be reset on boot. All previous root +filesystem changes are vacated by this action. + +**rd.live.overlay.thin=**1:: +Enables the usage of thin snapshots instead of classic dm snapshots. +The advantage of thin snapshots is that they support discards, and will free +blocks that are not claimed by the filesystem. In this use case, this means +that memory is given back to the kernel when the filesystem does not claim it +anymore. + +**rd.live.overlay.overlayfs=**1:: +Enables the use of the *OverlayFS* kernel module, if available, to provide a +copy-on-write union directory for the root filesystem. OverlayFS overlays are +directories of the files that have changed on the read-only base (lower) +filesystem. The root filesystem is provided through a special overlay type +mount that merges the lower and upper directories. If an OverlayFS upper +directory is not present on the boot device, a tmpfs directory will be created +at `/run/overlayfs` to provide temporary storage. Persistent storage can be +provided on vfat or msdos formatted devices by supplying the OverlayFS upper +directory within an embedded filesystem that supports the creation of trusted.* +extended attributes and provides a valid d_type in readdir responses, such as +with ext4 and xfs. On non-vfat-formatted devices, a persistent OverlayFS +overlay can extend the available root filesystem storage up to the capacity of +the LiveOS disk device. ++ +If a persistent overlay is detected at the standard LiveOS path, the overlay & +overlay type detected, whether OverlayFS or Device-mapper, will be used. ++ +The **rd.live.overlay.readonly** option, which allows a persistent overlayfs to +be mounted read-only through a higher level transient overlay directory, has +been implemented through the multiple lower layers feature of OverlayFS. + + +ZIPL +~~~~ +**rd.zipl=**__<path to blockdevice>__:: + Update the dracut commandline with the values found in the + _dracut-cmdline.conf_ file on the given device. + The values are merged into the existing commandline values + and the udev events are regenerated. ++ +[listing] +.Example +-- +rd.zipl=UUID=0fb28157-99e3-4395-adef-da3f7d44835a +-- + +CIO_IGNORE +~~~~~~~~~~ +**rd.cio_accept=**__<device-ids>__:: + Remove the devices listed in <device-ids> from the default + cio_ignore kernel command-line settings. + <device-ids> is a list of comma-separated CCW device ids. + The default for this value is taken from the + _/boot/zipl/active_devices.txt_ file. ++ +[listing] +.Example +-- +rd.cio_accept=0.0.0180,0.0.0800,0.0.0801,0.0.0802 +-- + +Plymouth Boot Splash +~~~~~~~~~~~~~~~~~~~~ +**plymouth.enable=0**:: + disable the plymouth bootsplash completely. + +**rd.plymouth=0**:: + disable the plymouth bootsplash only for the initramfs. + +Kernel keys +~~~~~~~~~~~ +**masterkey=**__<kernel master key path name>__:: + Set the path name of the kernel master key. ++ +[listing] +.Example +-- +masterkey=/etc/keys/kmk-trusted.blob +-- + +**masterkeytype=**__<kernel master key type>__:: + Set the type of the kernel master key. ++ +[listing] +.Example +-- +masterkeytype=trusted +-- + +**evmkey=**__<EVM HMAC key path name>__:: + Set the path name of the EVM HMAC key. ++ +[listing] +.Example +-- +evmkey=/etc/keys/evm-trusted.blob +-- + +**evmx509=**__<EVM X.509 cert path name>__:: + Set the path name of the EVM X.509 certificate. ++ +[listing] +.Example +-- +evmx509=/etc/keys/x509_evm.der +-- + +**ecryptfskey=**__<eCryptfs key path name>__:: + Set the path name of the eCryptfs key. ++ +[listing] +.Example +-- +ecryptfskey=/etc/keys/ecryptfs-trusted.blob +-- + +Deprecated, renamed Options +~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Here is a list of options, which were used in dracut prior to version 008, and +their new replacement. + +rdbreak:: rd.break + +rd.ccw:: rd.znet +rd_CCW:: rd.znet + +rd_DASD_MOD:: rd.dasd + +rd_DASD:: rd.dasd + +rdinitdebug rdnetdebug:: rd.debug + +rd_NO_DM:: rd.dm=0 + +rd_DM_UUID:: rd.dm.uuid + +rdblacklist:: rd.driver.blacklist + +rdinsmodpost:: rd.driver.post + +rdloaddriver:: rd.driver.pre + +rd_NO_FSTAB:: rd.fstab=0 + +rdinfo:: rd.info + +check:: rd.live.check + +rdlivedebug:: rd.live.debug + +live_dir:: rd.live.dir + +liveimg:: rd.live.image + +overlay:: rd.live.overlay + +readonly_overlay:: rd.live.overlay.readonly + +reset_overlay:: rd.live.overlay.reset + +live_ram:: rd.live.ram + +rd_NO_CRYPTTAB:: rd.luks.crypttab=0 + +rd_LUKS_KEYDEV_UUID:: rd.luks.keydev.uuid + +rd_LUKS_KEYPATH:: rd.luks.keypath + +rd_NO_LUKS:: rd.luks=0 + +rd_LUKS_UUID:: rd.luks.uuid + +rd_NO_LVMCONF:: rd.lvm.conf + +rd_LVM_LV:: rd.lvm.lv + +rd_NO_LVM:: rd.lvm=0 + +rd_LVM_VG:: rd.lvm.vg + +rd_NO_MDADMCONF:: rd.md.conf=0 + +rd_NO_MDIMSM:: rd.md.imsm=0 + +rd_NO_MD:: rd.md=0 + +rd_MD_UUID:: rd.md.uuid + +rd_NO_MULTIPATH: rd.multipath=0 + +rd_NFS_DOMAIN:: rd.nfs.domain + +iscsi_initiator:: rd.iscsi.initiator + +iscsi_target_name:: rd.iscsi.target.name + +iscsi_target_ip:: rd.iscsi.target.ip + +iscsi_target_port:: rd.iscsi.target.port + +iscsi_target_group:: rd.iscsi.target.group + +iscsi_username:: rd.iscsi.username + +iscsi_password:: rd.iscsi.password + +iscsi_in_username:: rd.iscsi.in.username + +iscsi_in_password:: rd.iscsi.in.password + +iscsi_firmware:: rd.iscsi.firmware=0 + +rd_NO_PLYMOUTH:: rd.plymouth=0 + +rd_retry:: rd.retry + +rdshell:: rd.shell + +rd_NO_SPLASH:: rd.splash + +rdudevdebug:: rd.udev.debug + +rdudevinfo:: rd.udev.info + +rd_NO_ZFCPCONF:: rd.zfcp.conf=0 + +rd_ZFCP:: rd.zfcp + +rd_ZNET:: rd.znet + +KEYMAP:: vconsole.keymap + +KEYTABLE:: vconsole.keymap + +SYSFONT:: vconsole.font + +CONTRANS:: vconsole.font.map + +UNIMAP:: vconsole.font.unimap + +UNICODE:: vconsole.unicode + +EXT_KEYMAP:: vconsole.keymap.ext + +Configuration in the Initramfs +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +_/etc/conf.d/_:: + Any files found in _/etc/conf.d/_ will be sourced in the initramfs to + set initial values. Command line options will override these values + set in the configuration files. + +_/etc/cmdline_:: + Can contain additional command line options. Deprecated, better use + /etc/cmdline.d/*.conf. + +_/etc/cmdline.d/*.conf_:: + Can contain additional command line options. + +AUTHOR +------ +Harald Hoyer + +SEE ALSO +-------- +*dracut*(8) *dracut.conf*(5) diff --git a/man/dracut.conf.5.asc b/man/dracut.conf.5.asc new file mode 100644 index 0000000..f1705ce --- /dev/null +++ b/man/dracut.conf.5.asc @@ -0,0 +1,341 @@ +DRACUT.CONF(5) +============== +:doctype: manpage +:man source: dracut +:man manual: dracut +:man version: {version} + +NAME +---- +dracut.conf - configuration file(s) for dracut + +SYNOPSIS +-------- +_/etc/dracut.conf_ +_/etc/dracut.conf.d/\*.conf_ +_/usr/lib/dracut/dracut.conf.d/*.conf_ + +Description +----------- +_dracut.conf_ is loaded during the initialisation phase of dracut. Command line +parameter will override any values set here. + +_*.conf_ files are read from /usr/lib/dracut/dracut.conf.d and +/etc/dracut.conf.d. Files with the same name in /etc/dracut.conf.d will replace +files in /usr/lib/dracut/dracut.conf.d. +The files are then read in alphanumerical order and will override parameters +set in _/etc/dracut.conf_. Each line specifies an attribute and a value. A '#' +indicates the beginning of a comment; following characters, up to the end of the +line are not interpreted. + +dracut command line options will override any values set here. + +Configuration files must have the extension .conf; other extensions are ignored. + +*add_dracutmodules+=*" __<dracut modules>__ ":: + Add a space-separated list of dracut modules to call when building the + initramfs. Modules are located in _/usr/lib/dracut/modules.d_. + +*force_add_dracutmodules+=*" __<dracut modules>__ ":: + Force to add a space-separated list of dracut modules to the default set of + modules, when host-only mode is specified. This parameter can be specified + multiple times. + +*omit_dracutmodules+=*" __<dracut modules>__ ":: + Omit a space-separated list of dracut modules to call when building the + initramfs. Modules are located in _/usr/lib/dracut/modules.d_. + +*dracutmodules+=*" __<dracut modules>__ ":: + Specify a space-separated list of dracut modules to call when building the + initramfs. Modules are located in _/usr/lib/dracut/modules.d_. + This option forces dracut to only include the specified dracut modules. + In most cases the "add_dracutmodules" option is what you want to use. + +*add_drivers+=*" __<kernel modules>__ ":: + Specify a space-separated list of kernel modules to add to the initramfs. + The kernel modules have to be specified without the ".ko" suffix. + +*force_drivers+=*" __<list of kernel modules>__ ":: + See add_drivers above. But in this case it is ensured that the drivers + are tried to be loaded early via modprobe. + +*omit_drivers+=*" __<kernel modules>__ ":: + Specify a space-separated list of kernel modules not to add to the + initramfs. The kernel modules have to be specified without the ".ko" suffix. + +*drivers+=*" __<kernel modules>__ ":: + Specify a space-separated list of kernel modules to exclusively include in + the initramfs. The kernel modules have to be specified without the ".ko" + suffix. + +*filesystems+=*" __<filesystem names>__ ":: + Specify a space-separated list of kernel filesystem modules to exclusively + include in the generic initramfs. + +*drivers_dir=*"__<kernel modules directory>__":: + Specify the directory where to look for kernel modules. + +*fw_dir+=*" :__<dir>__[:__<dir>__ ...] ":: + Specify additional colon-separated list of directories where to look for + firmware files. + +*libdirs+=*" __<dir>__[ __<dir>__ ...] ":: + Specify a space-separated list of directories where to look for libraries. + +*install_items+=*" __<file>__[ __<file>__ ...] ":: + Specify additional files to include in the initramfs, separated by spaces. + +*install_optional_items+=*" __<file>__[ __<file>__ ...] ":: + Specify additional files to include in the initramfs, separated by spaces, + if they exist. + +*compress=*"__{cat|bzip2|lzma|xz|gzip|lzop|lz4|zstd|<compressor [args ...]>}__":: + Compress the generated initramfs using the passed compression program. If + you pass it just the name of a compression program, it will call that + program with known-working arguments. If you pass arguments, it will be + called with exactly those arguments. Depending on what you pass, this may + result in an initramfs that the kernel cannot decompress. + To disable compression, use "cat". + +*squash_compress=*"__{<compressor [args ...]>}__":: + Compress the squashfs image using the passed compressor and compressor + specific options for mksquashfs. You can refer to mksquashfs manual for + supported compressors and compressor specific options. If squash module is + not called when building the initramfs, this option will not take effect. + +*do_strip=*"__{yes|no}__":: + Strip binaries in the initramfs (default=yes). + +*aggressive_strip=*"__{yes|no}__":: + Strip more than just debug symbol and sections, for a smaller initramfs + build. The "do_strip=yes" option must also be specified (default=no). + +*do_hardlink=*"__{yes|no}__":: + Hardlink files in the initramfs (default=yes). + +*prefix=*" __<directory>__ ":: + Prefix initramfs files with __<directory>__. + +*hostonly=*"__{yes|no}__":: + Host-only mode: Install only what is needed for booting the local host + instead of a generic host and generate host-specific configuration + (default=no). + +*hostonly_mode=*"__{sloppy|strict}__":: + Specify the host-only mode to use (default=sloppy). + In "sloppy" host-only mode, extra drivers and modules will be installed, so + minor hardware change won't make the image unbootable (e.g. changed + keyboard), and the image is still portable among similar hosts. + With "strict" mode enabled, anything not necessary for booting the local + host in its current state will not be included, and modules may do some + extra job to save more space. Minor change of hardware or environment could + make the image unbootable. + +*hostonly_cmdline=*"__{yes|no}__":: + If set to "yes", store the kernel command line arguments needed in the + initramfs. If **hostonly="yes"** and this option is not configured, it's + automatically set to "yes". + +*hostonly_nics+=*" [__<nic>__[ __<nic>__ ...]] ":: + Only enable listed NICs in the initramfs. The list can be empty, so other + modules can install only the necessary network drivers. + +*persistent_policy=*"__<policy>__":: + Use _<policy>_ to address disks and partitions. + _<policy>_ can be any directory name found in /dev/disk (e.g. "by-uuid", + "by-label"), or "mapper" to use /dev/mapper device names (default=mapper). + +*tmpdir=*"__<temporary directory>__":: + Specify temporary directory to use. + +[WARNING] +==== +If chrooted to another root other than the real root device, use --fstab and +provide a valid _/etc/fstab_. +==== + +*use_fstab=*"__{yes|no}__":: + Use _/etc/fstab_ instead of _/proc/self/mountinfo_ (default=no). + +*add_fstab+=*" __<filename>__ ":: + Add entries of __<filename>__ to the initramfs /etc/fstab. + +*add_device+=*" __<device>__ ":: + Bring up _<device>_ in initramfs, _<device>_ should be the device name. + This can be useful in host-only mode for resume support when your swap is on + LVM an encrypted partition. + +*mdadmconf=*"__{yes|no}__":: + Include local _/etc/mdadm.conf_ (default=no). + +*lvmconf=*"__{yes|no}__":: + Include local _/etc/lvm/lvm.conf_ (default=no). + +*fscks=*" __<fsck tools>__ ":: + Add a space-separated list of fsck tools. If nothing is specified, the + default is: "umount mount /sbin/fsck* xfs_db xfs_check xfs_repair e2fsck + jfs_fsck reiserfsck btrfsck". The installation is opportunistic + (non-existing tools are ignored). + +*nofscks=*"__{yes|no}__":: + If specified, inhibit installation of any fsck tools (default=no). + +*ro_mnt=*"__{yes|no}__":: + Mount _/_ and _/usr_ read-only by default (default=no). + +*kernel_cmdline=*"__parameters__":: + Specify default kernel command line parameters. + +*kernel_only=*"__{yes|no}__":: + Only install kernel drivers and firmware files (default=no). + +*no_kernel=*"__{yes|no}__":: + Do not install kernel drivers and firmware files (default=no). + +*acpi_override=*"__{yes|no}__":: + [WARNING] ONLY USE THIS IF YOU KNOW WHAT YOU ARE DOING! + + Override BIOS provided ACPI tables. For further documentation read + Documentation/acpi/initrd_table_override.txt in the kernel sources. + Search for ACPI table files (must have .aml suffix) in acpi_table_dir= + directory (see below) and add them to a separate uncompressed cpio + archive. This cpio archive gets glued (concatenated, uncompressed one + must be the first one) to the compressed cpio archive. The first, + uncompressed cpio archive is for data which the kernel must be able + to access very early (and cannot make use of uncompress algorithms yet) + like microcode or ACPI tables (default=no). + +*acpi_table_dir=*"__<dir>__":: + Directory to search for ACPI tables if acpi_override= is set to yes. + +*early_microcode=*"{yes|no}":: + Combine early microcode with ramdisk (default=yes). + +*stdloglvl*="__\{0-6\}__":: + Specify logging level for standard error (default=4). + +[NOTE] +=============================== +Logging levels: +---- + 0 - suppress any messages + 1 - only fatal errors + 2 - all errors + 3 - warnings + 4 - info + 5 - debug info (here starts lots of output) + 6 - trace info (and even more) +---- +=============================== + +*sysloglvl*="__\{0-6\}__":: + Specify logging level for syslog (default=0). + +*fileloglvl=*"__\{0-6\}__":: + Specify logging level for logfile (default=4). + +*logfile=*"__<file>__":: + Path to logfile. + +*sshkey=*"__<file>__":: + SSH key file used with ssh-client module. + +*show_modules=*"__{yes|no}__":: + Print the name of the included modules to standard output during build + (default=no). + +*i18n_vars=*"__<variable mapping>__":: + Distribution specific variable mapping. + See dracut/modules.d/10i18n/README for a detailed description. + +*i18n_default_font=*"__<fontname>__":: + The font <fontname> to install, if not specified otherwise. + Default is "eurlatgr". + +*i18n_install_all=*"__{yes|no}__":: + Install everything regardless of generic or host-only mode (default=no). + +*reproducible=*"__{yes|no}__":: + Create reproducible images (default=no). + +*noimageifnotneeded=*"__{yes|no}__":: + Do not create an image in host-only mode, if no kernel driver is needed + and no /etc/cmdline/*.conf will be generated into the initramfs + (default=no). + +*loginstall=*"__<directory>__":: + Log all files installed from the host to _<directory>_. + +*uefi=*"__{yes|no}__":: + Instead of creating an initramfs image, dracut will create an UEFI + executable, which can be executed by an UEFI BIOS (default=no). + The default output filename is + _<EFI>/EFI/Linux/linux-$kernel$-<MACHINE_ID>-<BUILD_ID>.efi_. + <EFI> might be _/efi_, _/boot_ or _/boot/efi_ depending on where the ESP + partition is mounted. The <BUILD_ID> is taken from BUILD_ID in + _/usr/lib/os-release_ or if it exists _/etc/os-release_ and is left out, + if BUILD_ID is non-existent or empty. + +*machine_id=*"__{yes|no}__":: + Affects the default output filename of the UEFI executable, including the + <MACHINE_ID> part (default=yes). + +*uefi_stub=*"_<file>_":: + Specifies the UEFI stub loader, which will load the attached kernel, + initramfs and kernel command line and boots the kernel. The default is + _/lib/systemd/boot/efi/linux<EFI-MACHINE-TYPE-NAME>.efi.stub_. + +*uefi_splash_image=*"_<file>_":: + Specifies the UEFI stub loader's splash image. Requires bitmap (**.bmp**) + image format. + +*uefi_secureboot_cert=*"_<file>_", *uefi_secureboot_key=*"_<file>_":: + Specifies a certificate and corresponding key, which are used to sign the + created UEFI executable. + Requires both certificate and key need to be specified and _sbsign_ to be + installed. + +*uefi_secureboot_engine=*"_parameter_":: + Specifies an engine to use when signing the created UEFI executable. E.g. "pkcs11" + +*kernel_image=*"_<file>_":: + Specifies the kernel image, which to include in the UEFI executable. The + default is _/lib/modules/<KERNEL-VERSION>/vmlinuz_ or + _/boot/vmlinuz-<KERNEL-VERSION>_. + +*sbat=*"__parameters__":: + Specifies the SBAT parameters, which to include in the UEFI executable. By default + the default SBAT string added is "sbat,1,SBAT Version,sbat,1, + https://github.com/rhboot/shim/blob/main/SBAT.md". + +*enhanced_cpio=*"__{yes|no}__":: + Attempt to use the dracut-cpio binary, which optimizes archive creation for + copy-on-write filesystems (default=no). + When specified, initramfs archives are also padded to ensure optimal data + alignment for extent sharing. To retain reflink data deduplication benefits, + this should be used alongside the **compress="cat"** and **do_strip="no"** + parameters, with initramfs source files, **tmpdir** staging area and + destination all on the same copy-on-write capable filesystem. + +*parallel=*"__{yes|no}__":: + If set to _yes_, try to execute tasks in parallel (currently only supported + for _--regenerate-all_). + +Files +----- +_/etc/dracut.conf_:: + Old configuration file. You better use your own file in + _/etc/dracut.conf.d/_. + +_/etc/dracut.conf.d/_:: + Any _/etc/dracut.conf.d/*.conf_ file can override the values in + _/etc/dracut.conf_. The configuration files are read in alphanumerical + order. + +AUTHOR +------ +Harald Hoyer + +See Also +-------- +*dracut*(8) *dracut.cmdline*(7) + diff --git a/man/dracut.modules.7.asc b/man/dracut.modules.7.asc new file mode 100644 index 0000000..c1e8624 --- /dev/null +++ b/man/dracut.modules.7.asc @@ -0,0 +1,307 @@ +DRACUT.MODULES(7) +================= +:doctype: manpage +:man source: dracut +:man manual: dracut +:man version: {version} + +NAME +---- +dracut.modules - dracut modules + +DESCRIPTION +----------- + +dracut uses a modular system to build and extend the initramfs image. All +modules are located in _/usr/lib/dracut/modules.d_ or in _<git-src>/modules.d_. +The most basic dracut module is _99base_. In _99base_ the initial shell script +init is defined, which gets run by the kernel after initramfs loading. Although +you can replace init with your own version of _99base_, this is not encouraged. +Instead you should use, if possible, the hooks of dracut. All hooks, and the +point of time in which they are executed, are described in <<stages>>. + +The main script, which creates the initramfs is dracut itself. It parses all +arguments and sets up the directory, in which everything is installed. It then +executes all check, install, installkernel scripts found in the modules, which +are to be processed. After everything is installed, the install directory is +archived and compressed to the final initramfs image. All helper functions used +by check, install and installkernel are found in in the file _dracut-functions_. +These shell functions are available to all module installer (install, +installkernel) scripts, without the need to source _dracut-functions_. + +A module can check the preconditions for install and installkernel with the +check script. Also dependencies can be expressed with check. If a module passed +check, install and installkernel will be called to install all of the necessary +files for the module. To split between kernel and non-kernel parts of the +installation, all kernel module related parts have to be in installkernel. All +other files found in a module directory are module specific and mostly are hook +scripts and udev rules. + + +[[stages]] +== Boot Process Stages + +dracut modules can insert custom script at various points, to control the boot +process. +These hooks are plain directories containing shell scripts ending with ".sh", +which are sourced by init. +Common used functions are in _dracut-lib.sh_, which can be sourced by any script. + +=== Hook: cmdline + +The _cmdline_ hook is a place to insert scripts to parse the kernel command line +and prepare the later actions, like setting up udev rules and configuration +files. + +In this hook the most important environment variable is defined: root. The +second one is rootok, which indicates, that a module claimed to be able to parse +the root defined. So for example, **root=**__iscsi:....__ will be claimed by the +iscsi dracut module, which then sets rootok. + +=== Hook: pre-udev + +This hook is executed right after the cmdline hook and a check if root and +rootok were set. Here modules can take action with the final root, and before +udev has been run. + +=== Start Udev + +Now udev is started and the logging for udev is setup. + +=== Hook: pre-trigger + +In this hook, you can set udev environment variables with **udevadm control +--property=KEY=_value_** or control the further execution of udev with +udevadm. + +=== Trigger Udev + +udev is triggered by calling udevadm trigger, which sends add events for all +devices and subsystems. + +=== Main Loop + +In the main loop of dracut loops until udev has settled and +all scripts in _initqueue/finished_ returned true. +In this loop there are three hooks, where scripts can be inserted +by calling /sbin/initqueue. + +==== Initqueue + +This hook gets executed every time a script is inserted here, regardless of the +udev state. + +==== Initqueue settled + +This hook (initqueue/settled) gets executed every time udev has settled. + +==== Initqueue timeout + +This hook (initqueue/timeout) gets executed, when the main loop counter becomes +half of the rd.retry counter. + +==== Initqueue online + +This hook (initqueue/online) gets executed whenever a network interface comes online +(that is, once it is up and configured by the configured network module). + +==== Initqueue finished + +This hook (initqueue/finished) is called after udev has settled and +if all scripts herein return 0 the main loop will be ended. +Arbitrary scripts can be added here, to loop in the +initqueue until something happens, which a dracut module wants to wait for. + +=== Hook: pre-mount + +Before the root device is mounted all scripts in the hook pre-mount are +executed. In some cases (e.g. NFS) the real root device is already mounted, +though. + +=== Hook: mount + +This hook is mainly to mount the real root device. + +=== Hook: pre-pivot + +This hook is called before cleanup hook, This is a good place for +actions other than cleanups which need to be called before pivot. + +=== Hook: cleanup + +This hook is the last hook and is called before init finally switches root to +the real root device. This is a good place to clean up and kill processes not +needed anymore. + + +=== Cleanup and switch_root + +Init (or systemd) kills all udev processes, cleans up the environment, +sets up the arguments for the real init process and finally calls switch_root. +switch_root removes the whole filesystem hierarchy of the initramfs, +chroot()s to the real root device and calls /sbin/init with the specified +arguments. + +To ensure all files in the initramfs hierarchy can be removed, all processes +still running from the initramfs should not have any open file descriptors left. + +== Network Infrastructure + +FIXME + +== Writing a Module + +A simple example module is _90kernel-modules_, which modprobes a kernel module +after udev has settled and the basic device drivers have been loaded. + +All module installation information is in the file module-setup.sh. + +First we create a check() function, which just exits with 0 indicating that this +module should be included by default. + +check(): +---- +return 0 +---- + +Then we create the install() function, which installs a cmdline hook with +priority number 20 called _parse-insmodpost.sh_. It also installs the +_insmodpost.sh_ script in _/sbin_. + +install(): +---- +inst_hook cmdline 20 "$moddir/parse-insmodpost.sh" +inst_simple "$moddir/insmodpost.sh" /sbin/insmodpost.sh +---- + +The _parse-instmodpost.sh_ parses the kernel command line for a argument +rd.driver.post, blacklists the module from being autoloaded and installs the +hook _insmodpost.sh_ in the _initqueue/settled_. + +_parse-insmodpost.sh_: +---- +for p in $(getargs rd.driver.post=); do + echo "blacklist $p" >> /etc/modprobe.d/initramfsblacklist.conf + _do_insmodpost=1 +done + +[ -n "$_do_insmodpost" ] && /sbin/initqueue --settled --unique --onetime /sbin/insmodpost.sh +unset _do_insmodpost + +---- + +_insmodpost.sh_, which is called in the _initqueue/settled_ hook will just +modprobe the kernel modules specified in all rd.driver.post kernel command line +parameters. It runs after udev has settled and is only called once (--onetime). + +_insmodpost.sh_: +---- +. /lib/dracut-lib.sh + +for p in $(getargs rd.driver.post=); do + modprobe $p +done + +---- + + +=== module-setup.sh: check() + +_check()_ is called by dracut to evaluate the inclusion of a dracut module in +the initramfs. + +$hostonly:: If the $hostonly variable is set, then the module check() function +should be in "hostonly" mode, which means, that the check() should only return +0, if the module is really needed to boot this specific host. + +check() should return with: + +0:: Include the dracut module in the initramfs. + +1:: Do not include the dracut module. The requirements are not fulfilled +(missing tools, etc.) + +255:: Only include the dracut module, if another module requires it or if +explicitly specified in the config file or on the argument list. + + +=== module-setup.sh: depends() + +The function depends() should echo all other dracut module names the module +depends on. + +=== module-setup.sh: cmdline() + +This function should print the kernel command line options needed to boot the +current machine setup. It should start with a space and should not print a +newline. + +=== module-setup.sh: install() + +The install() function is called to install everything non-kernel related. +To install binaries, scripts, and other files, you can use the functions +mentioned in <<creation>>. + +To address a file in the current module directory, use the variable "$moddir". + +=== module-setup.sh: installkernel() + +In installkernel() all kernel related files should be installed. You can use all +of the functions mentioned in <<creation>> to install files. + +=== [[creation]]Creation Functions + +==== inst_multiple [-o] <file> [ <file> ...] + +installs multiple binaries and files. If executables are specified without a +path, dracut will search the path PATH=/usr/sbin:/sbin:/usr/bin:/bin for the +binary. If the option "-o" is given as the first parameter, a missing file does +not lead to an error. + +==== inst <src> [<dst>] + +installs _one_ file <src> either to the same place in the initramfs or to an +optional <dst>. inst with more than two arguments is treated the same as +inst_multiple, all arguments are treated as files to install and none as +install destinations. + +==== inst_hook <hookdir> <prio> <src> + +installs an executable/script <src> in the dracut hook <hookdir> with priority +<prio>. + +==== inst_rules <udevrule> [ <udevrule> ...] + +installs one or more udev rules. Non-existent udev rules are reported, but do +not let dracut fail. + +==== instmods <kernelmodule> [ <kernelmodule> ... ] + +instmods should be used only in the installkernel() function. + +instmods installs one or more kernel modules in the initramfs. <kernelmodule> +can also be a whole subsystem, if prefixed with a "=", like "=drivers/net/team". + +instmods will not install the kernel module, if $hostonly is set and the kernel +module is not currently needed by any /sys/*...*/uevent MODALIAS. +To install a kernel module regardless of the hostonly mode use the form: +---- +hostonly='' instmods <kernelmodule> +---- + +=== Initramfs Functions + +FIXME + + +=== Network Modules + +FIXME + +AUTHOR +------ +Harald Hoyer + +SEE ALSO +-------- +*dracut*(8) diff --git a/man/dracut.usage.asc b/man/dracut.usage.asc new file mode 100644 index 0000000..b83abf6 --- /dev/null +++ b/man/dracut.usage.asc @@ -0,0 +1,519 @@ +To create a initramfs image, the most simple command is: +---- +# dracut +---- + +This will generate a general purpose initramfs image, with all possible +functionality resulting of the combination of the installed dracut modules and +system tools. The image, depending on bootloader specification, can be +_/efi/_++<machine-id>++_/_++<kernel-version>++_/initrd_, +_/boot/_++<machine-id>++_/_++<kernel-version>++_/initrd_, +_/boot/efi/_++<machine-id>++_/_++<kernel-version>++_/initrd_, +_/lib/modules/_++<kernel-version>++_/initrd_ or +_/boot/initramfs-_++<kernel-version>++_.img_ and contains the kernel modules of +the currently active kernel with version _++<kernel-version>++_. + +If the initramfs image already exists, dracut will display an error message, and +to overwrite the existing image, you have to use the --force option. +---- +# dracut --force +---- + +If you want to specify another filename for the resulting image you would issue +a command like: +---- +# dracut foobar.img +---- + +To generate an image for a specific kernel version, the command would be: +---- +# dracut foobar.img 2.6.40-1.rc5.f20 +---- + +A shortcut to generate the image at the default location for a specific kernel +version is: +---- +# dracut --kver 2.6.40-1.rc5.f20 +---- + +If you want to create lighter, smaller initramfs images, you may want to specify +the --hostonly or -H option. Using this option, the resulting image will +contain only those dracut modules, kernel modules and filesystems, which are +needed to boot this specific machine. This has the drawback, that you can't put +the disk on another controller or machine, and that you can't switch to another +root filesystem, without recreating the initramfs image. The usage of the +--hostonly option is only for experts and you will have to keep the broken +pieces. At least keep a copy of a general purpose image (and corresponding +kernel) as a fallback to rescue your system. + +=== Inspecting the Contents +To see the contents of the image created by dracut, you can use the lsinitrd +tool. +---- +# lsinitrd | less +---- + +To display the contents of a file in the initramfs also use the lsinitrd tool: +---- +# lsinitrd -f /etc/ld.so.conf +include ld.so.conf.d/*.conf +---- + +=== Adding dracut Modules +Some dracut modules are turned off by default and have to be activated manually. +You can do this by adding the dracut modules to the configuration file +_/etc/dracut.conf_ or _/etc/dracut.conf.d/myconf.conf_. See *dracut.conf*(5). +You can also add dracut modules on the command line +by using the -a or --add option: +---- +# dracut --add module initramfs-module.img +---- + +To see a list of available dracut modules, use the --list-modules option: +---- +# dracut --list-modules +---- + +=== Omitting dracut Modules +Sometimes you don't want a dracut module to be included for reasons of speed, +size or functionality. To do this, either specify the omit_dracutmodules +variable in the _dracut.conf_ or _/etc/dracut.conf.d/myconf.conf_ configuration +file (see *dracut.conf*(5)), or use the -o or --omit option +on the command line: +---- +# dracut -o "multipath lvm" no-multipath-lvm.img +---- + +=== Adding Kernel Modules +If you need a special kernel module in the initramfs, which is not +automatically picked up by dracut, you have the use the --add-drivers option +on the command line or the drivers variable in the _/etc/dracut.conf_ +or _/etc/dracut.conf.d/myconf.conf_ configuration file (see *dracut.conf*(5)): +---- +# dracut --add-drivers mymod initramfs-with-mymod.img +---- + +=== Boot parameters +An initramfs generated without the "hostonly" mode, does not contain any system +configuration files (except for some special exceptions), so the configuration +has to be done on the kernel command line. With this flexibility, you can easily +boot from a changed root partition, without the need to recompile the initramfs +image. So, you could completely change your root partition (move it inside a md +raid with encryption and LVM on top), as long as you specify the correct +filesystem LABEL or UUID on the kernel command line for your root device, dracut +will find it and boot from it. + +The kernel command line can also be provided by the dhcp server with the +root-path option. See <<NetworkBoot>>. + +For a full reference of all kernel command line parameters, +see *dracut.cmdline*(7). + +To get a quick start for the suitable kernel command line on your system, +use the __--print-cmdline__ option: +---- +# dracut --print-cmdline + root=UUID=8b8b6f91-95c7-4da2-831b-171e12179081 rootflags=rw,relatime,discard,data=ordered rootfstype=ext4 +---- + +==== Specifying the root Device +This is the only option dracut really needs to boot from your root partition. +Because your root partition can live in various environments, there are a lot of +formats for the root= option. The most basic one is root=_++<path to device +node>++_: +---- +root=/dev/sda2 +---- + +Because device node names can change, dependent on the drive ordering, you are +encouraged to use the filesystem identifier (UUID) or filesystem label (LABEL) +to specify your root partition: +---- +root=UUID=19e9dda3-5a38-484d-a9b0-fa6b067d0331 +---- + +or + +---- +root=LABEL=myrootpartitionlabel +---- + +To see all UUIDs or LABELs on your system, do: +---- +# ls -l /dev/disk/by-uuid +---- + +or + +---- +# ls -l /dev/disk/by-label +---- + +If your root partition is on the network see <<NetworkBoot>>. + +==== Keyboard Settings +If you have to input passwords for encrypted disk volumes, you might want to set +the keyboard layout and specify a display font. + +A typical german kernel command line would contain: +---- +rd.vconsole.font=eurlatgr rd.vconsole.keymap=de-latin1-nodeadkeys rd.locale.LANG=de_DE.UTF-8 +---- + +Setting these options can override the setting stored on your system, if you use +a modern init system, like systemd. + +==== Blacklisting Kernel Modules +Sometimes it is required to prevent the automatic kernel module loading of a +specific kernel module. To do this, just add rd.driver.blacklist=_++<kernel +module name>++_, with _++<kernel module name>++_ not containing the _.ko_ +suffix, to the kernel command line. For example: +---- +rd.driver.blacklist=mptsas rd.driver.blacklist=nouveau +---- + +The option can be specified multiple times on the kernel command line. + +==== Speeding up the Boot Process +If you want to speed up the boot process, you can specify as much information +for dracut on the kernel command as possible. For example, you can tell dracut, +that you root partition is not on a LVM volume or not on a raid partition, or +that it lives inside a specific crypto LUKS encrypted volume. By default, dracut +searches everywhere. A typical dracut kernel command line for a plain primary or +logical partition would contain: +---- +rd.luks=0 rd.lvm=0 rd.md=0 rd.dm=0 +---- + +This turns off every automatic assembly of LVM, MD raids, DM raids and +crypto LUKS. + +Of course, you could also omit the dracut modules in the initramfs creation +process, but then you would lose the possibility to turn it on on demand. + + +[[Injecting]] +=== Injecting custom Files +To add your own files to the initramfs image, you have several possibilities. + +The --include option let you specify a source path and a target path. +For example +---- +# dracut --include cmdline-preset /etc/cmdline.d/mycmdline.conf initramfs-cmdline-pre.img +---- +will create an initramfs image, where the file cmdline-preset will be copied +inside the initramfs to _/etc/cmdline.d/mycmdline.conf_. --include can only +be specified once. + + +---- +# mkdir -p rd.live.overlay/etc/cmdline.d +# mkdir -p rd.live.overlay/etc/conf.d +# echo "ip=dhcp" >> rd.live.overlay/etc/cmdline.d/mycmdline.conf +# echo export FOO=testtest >> rd.live.overlay/etc/conf.d/testvar.conf +# echo export BAR=testtest >> rd.live.overlay/etc/conf.d/testvar.conf +# tree rd.live.overlay/ +rd.live.overlay/ +`-- etc + |-- cmdline.d + | `-- mycmdline.conf + `-- conf.d + `-- testvar.conf + +# dracut --include rd.live.overlay / initramfs-rd.live.overlay.img +---- + +This will put the contents of the rd.live.overlay directory into the root of the +initramfs image. + +The --install option let you specify several files, which will get installed in +the initramfs image at the same location, as they are present on initramfs +creation time. + + +---- +# dracut --install 'strace fsck.ext4 ssh' initramfs-dbg.img +---- + +This will create an initramfs with the strace, fsck.ext4 and ssh executables, +together with the libraries needed to start those. The --install option can be +specified multiple times. + + +[[NetworkBoot]] +=== Network Boot + +If your root partition is on a network drive, you have to have the network +dracut modules installed to create a network aware initramfs image. + +If you specify ip=dhcp on the kernel command line, then dracut asks a dhcp +server about the ip address for the machine. The dhcp server can also serve an +additional root-path, which will set the root device for dracut. With this +mechanism, you have static configuration on your client machine and a +centralized boot configuration on your TFTP/DHCP server. If you can't pass a +kernel command line, then you can inject _/etc/cmdline.d/mycmdline.conf_, with a +method described in <<Injecting>>. + +==== Reducing the Image Size + +To reduce the size of the initramfs, you should create it with by omitting all +dracut modules, which you know, you don't need to boot the machine. + +You can also specify the exact dracut and kernel modules to produce a very tiny +initramfs image. + +For example for a NFS image, you would do: + + +---- +# dracut -m "nfs network base" initramfs-nfs-only.img +---- + +Then you would boot from this image with your target machine and reduce the size +once more by creating it on the target machine with the --host-only option: + + +---- +# dracut -m "nfs network base" --host-only initramfs-nfs-host-only.img +---- + +This will reduce the size of the initramfs image significantly. + + +== Troubleshooting + +If the boot process does not succeed, you have several options to debug the +situation. + +[[identifying-your-problem-area]] +=== Identifying your problem area +. Remove ''rhgb'' and ''quiet'' from the kernel command line +. Add ''rd.shell'' to the kernel command line. This will present a shell should +dracut be unable to locate your root device +. Add ''rd.shell rd.debug log_buf_len=1M'' to the kernel command line so that +dracut shell commands are printed as they are executed +. The file /run/initramfs/rdsosreport.txt is generated, +which contains all the logs and the output of all significant tools, which are +mentioned later. + +If you want to save that output, simply mount /boot by hand or insert an USB +stick and mount that. Then you can store the output for later inspection. + +[[information-to-include-in-your-report]] +=== Information to include in your report + +[[all-bug-reports]] +==== All bug reports +In all cases, the following should be mentioned and attached to your bug report: + +* The exact kernel command-line used. Typically from the bootloader +configuration file (e.g. _/boot/grub2/grub.cfg_) or from _/proc/cmdline_. +* A copy of your disk partition information from _/etc/fstab_, which might be +obtained booting an old working initramfs or a rescue medium. +* Turn on dracut debugging (see _the 'debugging dracut' section_), and attach +the file /run/initramfs/rdsosreport.txt. +* If you use a dracut configuration file, please include _/etc/dracut.conf_ and +all files in _/etc/dracut.conf.d/*.conf_ + +[[network-root-device-related-problems]] +==== Network root device related problems +This section details information to include when experiencing problems on a +system whose root device is located on a network attached volume (e.g. iSCSI, +NFS or NBD). As well as the information from <<all-bug-reports>>, include the +following information: + + +* Please include the output of ++ +---- +# /sbin/ifup <interfacename> +# ip addr show +---- + +[[debugging-dracut]] +=== Debugging dracut + + +[[configure-a-serial-console]] +==== Configure a serial console + +Successfully debugging dracut will require some form of console +logging during the system boot. This section documents configuring a +serial console connection to record boot messages. + +. First, enable serial console output for both the kernel and the bootloader. +. Open the file _/boot/grub2/grub.cfg_ for editing. Below the line ''timeout=5'', add +the following: ++ +---- +serial --unit=0 --speed=9600 +terminal --timeout=5 serial console +---- ++ +. Also in _/boot/grub2/grub.cfg_, add the following boot arguments to the ''kernel'' +line: ++ +---- +console=tty0 console=ttyS0,9600 +---- ++ +. When finished, the _/boot/grub2/grub.cfg_ file should look similar to the example +below. ++ +---- +default=0 +timeout=5 +serial --unit=0 --speed=9600 +terminal --timeout=5 serial console +title Fedora (2.6.29.5-191.fc11.x86_64) + root (hd0,0) + kernel /vmlinuz-2.6.29.5-191.fc11.x86_64 ro root=/dev/mapper/vg_uc1-lv_root console=tty0 console=ttyS0,9600 + initrd /dracut-2.6.29.5-191.fc11.x86_64.img +---- ++ +. More detailed information on how to configure the kernel for console output +can be found at +http://www.faqs.org/docs/Linux-HOWTO/Remote-Serial-Console-HOWTO.html#CONFIGURE-KERNEL. +. Redirecting non-interactive output ++ +-- +NOTE: You can redirect all non-interactive output to _/dev/kmsg_ and the kernel +will put it out on the console when it reaches the kernel buffer by doing + +---- +# exec >/dev/kmsg 2>&1 </dev/console +---- +-- + +[[using-the-dracut-shell]] +==== Using the dracut shell + +dracut offers a shell for interactive debugging in the event dracut fails to +locate your root filesystem. To enable the shell: + +. Add the boot parameter ''rd.shell'' to your bootloader configuration file +(e.g. _/boot/grub2/grub.cfg_) +. Remove the boot arguments ''rhgb'' and ''quiet'' ++ +A sample _/boot/grub2/grub.cfg_ bootloader configuration file is listed below. ++ +---- +default=0 +timeout=5 +serial --unit=0 --speed=9600 +terminal --timeout=5 serial console +title Fedora (2.6.29.5-191.fc11.x86_64) + root (hd0,0) + kernel /vmlinuz-2.6.29.5-191.fc11.x86_64 ro root=/dev/mapper/vg_uc1-lv_root console=tty0 rd.shell + initrd /dracut-2.6.29.5-191.fc11.x86_64.img +---- ++ +. If system boot fails, you will be dropped into a shell as seen in the example +below. ++ +---- +No root device found +Dropping to debug shell. + +# +---- ++ +. Use this shell prompt to gather the information requested above +(see <<all-bug-reports>>). + +[[accessing-the-root-volume-from-the-dracut-shell]] +==== Accessing the root volume from the dracut shell +From the dracut debug shell, you can manually perform the task of locating and +preparing your root volume for boot. The required steps will depend on how your +root volume is configured. Common scenarios include: + +* A block device (e.g. _/dev/sda7_) +* A LVM logical volume (e.g. _/dev/VolGroup00/LogVol00_) +* An encrypted device + (e.g. _/dev/mapper/luks-4d5972ea-901c-4584-bd75-1da802417d83_) +* A network attached device + (e.g. _netroot=iscsi:@192.168.0.4::3260::iqn.2009-02.org.example:for.all_) + +The exact method for locating and preparing will vary. However, to continue with +a successful boot, the objective is to locate your root volume and create a +symlink _/dev/root_ which points to the file system. For example, the following +example demonstrates accessing and booting a root volume that is an encrypted +LVM Logical volume. + +. Inspect your partitions using parted ++ +---- +# parted /dev/sda -s p +Model: ATA HTS541060G9AT00 (scsi) +Disk /dev/sda: 60.0GB +Sector size (logical/physical): 512B/512B +Partition Table: msdos +Number Start End Size Type File system Flags +1 32.3kB 10.8GB 107MB primary ext4 boot +2 10.8GB 55.6GB 44.7GB logical lvm +---- ++ +. You recall that your root volume was a LVM logical volume. Scan and activate +any logical volumes. ++ +---- +# lvm vgscan +# lvm vgchange -ay +---- ++ +. You should see any logical volumes now using the command blkid: ++ +---- +# blkid +/dev/sda1: UUID="3de247f3-5de4-4a44-afc5-1fe179750cf7" TYPE="ext4" +/dev/sda2: UUID="Ek4dQw-cOtq-5MJu-OGRF-xz5k-O2l8-wdDj0I" TYPE="LVM2_member" +/dev/mapper/linux-root: UUID="def0269e-424b-4752-acf3-1077bf96ad2c" TYPE="crypto_LUKS" +/dev/mapper/linux-home: UUID="c69127c1-f153-4ea2-b58e-4cbfa9257c5e" TYPE="ext4" +/dev/mapper/linux-swap: UUID="47b4d329-975c-4c08-b218-f9c9bf3635f1" TYPE="swap" +---- ++ +. From the output above, you recall that your root volume exists on an encrypted +block device. Following the guidance disk encryption guidance from the +Installation Guide, you unlock your encrypted root volume. ++ +---- +# UUID=$(cryptsetup luksUUID /dev/mapper/linux-root) +# cryptsetup luksOpen /dev/mapper/linux-root luks-$UUID +Enter passphrase for /dev/mapper/linux-root: +Key slot 0 unlocked. +---- ++ +. Next, make a symbolic link to the unlocked root volume ++ +---- +# ln -s /dev/mapper/luks-$UUID /dev/root +---- ++ +. With the root volume available, you may continue booting the system by exiting +the dracut shell ++ +---- +# exit +---- + +[[additional-dracut-boot-parameters]] +==== Additional dracut boot parameters +For more debugging options, see *dracut.cmdline*(7). + + +[[debugging-dracut-on-shutdown]] +==== Debugging dracut on shutdown + +To debug the shutdown sequence on systemd systems, you can _rd.break_ +on _pre-shutdown_ or _shutdown_. + +To do this from an already booted system: +---- +# mkdir -p /run/initramfs/etc/cmdline.d +# echo "rd.debug rd.break=pre-shutdown rd.break=shutdown" > /run/initramfs/etc/cmdline.d/debug.conf +# touch /run/initramfs/.need_shutdown +---- + +This will give you a dracut shell after the system pivot'ed back in the +initramfs. + diff --git a/man/lsinitrd.1.asc b/man/lsinitrd.1.asc new file mode 100644 index 0000000..05f63e3 --- /dev/null +++ b/man/lsinitrd.1.asc @@ -0,0 +1,71 @@ +LSINITRD(1) +========= +:doctype: manpage +:man source: dracut +:man manual: dracut +:man version: {version} + +NAME +---- +lsinitrd - tool to show the contents of an initramfs image + +SYNOPSIS +-------- +*lsinitrd* ['OPTION...'] [<image> [<filename> [<filename> [...] ]]] + +*lsinitrd* ['OPTION...'] -k <kernel version> + +DESCRIPTION +----------- +lsinitrd shows the contents of an initramfs image. if <image> is omitted, then +lsinitrd uses the default image _/efi/<machine-id>/<kernel-version>/initrd_, +_/boot/<machine-id>/<kernel-version>/initrd_, +_/boot/efi/<machine-id>/<kernel-version>/initrd_, +_/lib/modules/<kernel-version>/initrd_ or +_/boot/initramfs-<kernel-version>.img_. + +OPTIONS +------- +**-h, --help**:: + print a help message and exit. + +**-s, --size**:: + sort the contents of the initramfs by size. + +**-f, --file** _<filename>_:: + print the contents of <filename>. + +**-k, --kver** _<kernel version>_:: + inspect the initramfs of <kernel version>. + +**-m, --mod**:: + list dracut modules included of the initramfs image. + +**--unpack**:: + unpack the initramfs to the current directory, instead of displaying the contents. + If optional filenames are given, will only unpack specified files, else the whole image will be unpacked. + Won't unpack anything from early cpio part. + +**--unpackearly**:: + unpack the early microcode initramfs to the current directory, instead of displaying the contents. + Same as --unpack, but only unpack files from early cpio part. + +**-v, --verbose**:: + unpack verbosely + +AVAILABILITY +------------ +The lsinitrd command is part of the dracut package and is available from +link:$$https://github.com/dracutdevs/dracut$$[https://github.com/dracutdevs/dracut] + +AUTHORS +------- +Harald Hoyer + +Amerigo Wang + +Nikoli + +SEE ALSO +-------- +*dracut*(8) diff --git a/modules.d/00bash/module-setup.sh b/modules.d/00bash/module-setup.sh new file mode 100755 index 0000000..89ef654 --- /dev/null +++ b/modules.d/00bash/module-setup.sh @@ -0,0 +1,32 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries bash || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst /bin/bash + + # Prefer bash as default shell if no other shell is preferred. + [[ -L $initdir/bin/sh ]] || ln -sf bash "${initdir}/bin/sh" + +} diff --git a/modules.d/00dash/module-setup.sh b/modules.d/00dash/module-setup.sh new file mode 100755 index 0000000..4a0c0e7 --- /dev/null +++ b/modules.d/00dash/module-setup.sh @@ -0,0 +1,32 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries dash || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst /bin/dash + + # Prefer dash as default shell if no other shell is preferred. + [[ -L $initdir/bin/sh ]] || ln -sf dash "${initdir}/bin/sh" + +} diff --git a/modules.d/00mksh/module-setup.sh b/modules.d/00mksh/module-setup.sh new file mode 100755 index 0000000..8942b42 --- /dev/null +++ b/modules.d/00mksh/module-setup.sh @@ -0,0 +1,34 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries mksh || return 1 + require_binaries printf || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst /bin/mksh + inst printf + + # Prefer mksh as default shell if no other shell is preferred. + [[ -L $initdir/bin/sh ]] || ln -sf mksh "${initdir}/bin/sh" + +} diff --git a/modules.d/00systemd-network-management/module-setup.sh b/modules.d/00systemd-network-management/module-setup.sh new file mode 100755 index 0000000..f8ba351 --- /dev/null +++ b/modules.d/00systemd-network-management/module-setup.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd systemd-hostnamed systemd-networkd systemd-resolved systemd-timedated systemd-timesyncd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} diff --git a/modules.d/00systemd/module-setup.sh b/modules.d/00systemd/module-setup.sh new file mode 100755 index 0000000..9a13a1d --- /dev/null +++ b/modules.d/00systemd/module-setup.sh @@ -0,0 +1,267 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + [[ $mount_needs ]] && return 1 + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries "$systemdutildir"/systemd || return 1 + # Return 255 to only include the module, if another module requires it. + return 255 +} + +# called by dracut +depends() { + return 0 +} + +installkernel() { + hostonly='' instmods autofs4 ipv6 algif_hash hmac sha256 + instmods -s efivarfs +} + +# called by dracut +install() { + local _mods + + if [[ $prefix == /run/* ]]; then + dfatal 'systemd does not work with a prefix, which contains "/run"!!' + exit 1 + fi + + inst_multiple -o \ + "$systemdutildir"/systemd \ + "$systemdutildir"/systemd-coredump \ + "$systemdutildir"/systemd-cgroups-agent \ + "$systemdutildir"/systemd-executor \ + "$systemdutildir"/systemd-shutdown \ + "$systemdutildir"/systemd-reply-password \ + "$systemdutildir"/systemd-fsck \ + "$systemdutildir"/systemd-udevd \ + "$systemdutildir"/systemd-journald \ + "$systemdutildir"/systemd-sysctl \ + "$systemdutildir"/systemd-modules-load \ + "$systemdutildir"/systemd-vconsole-setup \ + "$systemdutildir"/systemd-volatile-root \ + "$systemdutildir"/systemd-sysroot-fstab-check \ + "$systemdutildir"/system-generators/systemd-debug-generator \ + "$systemdutildir"/system-generators/systemd-fstab-generator \ + "$systemdutildir"/system-generators/systemd-gpt-auto-generator \ + "$systemdsystemunitdir"/debug-shell.service \ + "$systemdsystemunitdir"/cryptsetup.target \ + "$systemdsystemunitdir"/cryptsetup-pre.target \ + "$systemdsystemunitdir"/remote-cryptsetup.target \ + "$systemdsystemunitdir"/emergency.target \ + "$systemdsystemunitdir"/sysinit.target \ + "$systemdsystemunitdir"/basic.target \ + "$systemdsystemunitdir"/halt.target \ + "$systemdsystemunitdir"/kexec.target \ + "$systemdsystemunitdir"/local-fs.target \ + "$systemdsystemunitdir"/local-fs-pre.target \ + "$systemdsystemunitdir"/remote-fs.target \ + "$systemdsystemunitdir"/remote-fs-pre.target \ + "$systemdsystemunitdir"/multi-user.target \ + "$systemdsystemunitdir"/network.target \ + "$systemdsystemunitdir"/network-pre.target \ + "$systemdsystemunitdir"/network-online.target \ + "$systemdsystemunitdir"/nss-lookup.target \ + "$systemdsystemunitdir"/nss-user-lookup.target \ + "$systemdsystemunitdir"/poweroff.target \ + "$systemdsystemunitdir"/reboot.target \ + "$systemdsystemunitdir"/rescue.target \ + "$systemdsystemunitdir"/rpcbind.target \ + "$systemdsystemunitdir"/shutdown.target \ + "$systemdsystemunitdir"/final.target \ + "$systemdsystemunitdir"/sigpwr.target \ + "$systemdsystemunitdir"/sockets.target \ + "$systemdsystemunitdir"/swap.target \ + "$systemdsystemunitdir"/timers.target \ + "$systemdsystemunitdir"/paths.target \ + "$systemdsystemunitdir"/umount.target \ + "$systemdsystemunitdir"/sys-kernel-config.mount \ + "$systemdsystemunitdir"/modprobe@.service \ + "$systemdsystemunitdir"/kmod-static-nodes.service \ + "$systemdsystemunitdir"/systemd-tmpfiles-setup.service \ + "$systemdsystemunitdir"/systemd-tmpfiles-setup-dev.service \ + "$systemdsystemunitdir"/systemd-tmpfiles-setup-dev-early.service \ + "$systemdsystemunitdir"/systemd-ask-password-console.path \ + "$systemdsystemunitdir"/systemd-udevd-control.socket \ + "$systemdsystemunitdir"/systemd-udevd-kernel.socket \ + "$systemdsystemunitdir"/systemd-ask-password-plymouth.path \ + "$systemdsystemunitdir"/systemd-journald.socket \ + "$systemdsystemunitdir"/systemd-journald-audit.socket \ + "$systemdsystemunitdir"/systemd-ask-password-console.service \ + "$systemdsystemunitdir"/systemd-modules-load.service \ + "$systemdsystemunitdir"/systemd-halt.service \ + "$systemdsystemunitdir"/systemd-poweroff.service \ + "$systemdsystemunitdir"/systemd-reboot.service \ + "$systemdsystemunitdir"/systemd-kexec.service \ + "$systemdsystemunitdir"/systemd-fsck@.service \ + "$systemdsystemunitdir"/systemd-udevd.service \ + "$systemdsystemunitdir"/systemd-udev-trigger.service \ + "$systemdsystemunitdir"/systemd-udev-settle.service \ + "$systemdsystemunitdir"/systemd-ask-password-plymouth.service \ + "$systemdsystemunitdir"/systemd-journald.service \ + "$systemdsystemunitdir"/systemd-vconsole-setup.service \ + "$systemdsystemunitdir"/systemd-volatile-root.service \ + "$systemdsystemunitdir"/systemd-sysctl.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-modules-load.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-ask-password-console.path \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-journald.service \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-udevd-control.socket \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-udevd-kernel.socket \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-journald.socket \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-journald-audit.socket \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-journald-dev-log.socket \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-udevd.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-udev-trigger.service \ + "$systemdsystemunitdir"/sysinit.target.wants/kmod-static-nodes.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-tmpfiles-setup.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-tmpfiles-setup-dev.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-tmpfiles-setup-dev-early.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-sysctl.service \ + "$systemdsystemunitdir"/ctrl-alt-del.target \ + "$systemdsystemunitdir"/reboot.target \ + "$systemdsystemunitdir"/systemd-reboot.service \ + "$systemdsystemunitdir"/syslog.socket \ + "$systemdsystemunitdir"/slices.target \ + "$systemdsystemunitdir"/system.slice \ + "$systemdsystemunitdir"/-.slice \ + "$tmpfilesdir"/systemd.conf \ + journalctl systemctl \ + echo swapoff \ + kmod insmod rmmod modprobe modinfo depmod lsmod \ + mount umount reboot poweroff \ + systemd-run systemd-escape \ + systemd-cgls systemd-tmpfiles \ + systemd-ask-password systemd-tty-ask-password-agent \ + /etc/udev/udev.hwdb + + inst_multiple -o \ + /usr/lib/modules-load.d/*.conf \ + /usr/lib/sysctl.d/*.conf + + modules_load_get() { + local _line i + for i in "$dracutsysrootdir$1"/*.conf; do + [[ -f $i ]] || continue + while read -r _line || [ -n "$_line" ]; do + case $_line in + \#*) ;; + + \;*) ;; + + *) + echo "$_line" + ;; + esac + done < "$i" + done + } + + mapfile -t _mods < <(modules_load_get /usr/lib/modules-load.d) + [[ ${#_mods[@]} -gt 0 ]] && hostonly='' instmods "${_mods[@]}" + + if [[ $hostonly ]]; then + inst_multiple -H -o \ + /etc/systemd/journald.conf \ + /etc/systemd/journald.conf.d/*.conf \ + /etc/systemd/system.conf \ + /etc/systemd/system.conf.d/*.conf \ + "$systemdsystemconfdir"/modprobe@.service \ + "$systemdsystemconfdir/modprobe@.service.d/*.conf" \ + /etc/hosts \ + /etc/hostname \ + /etc/nsswitch.conf \ + /etc/machine-id \ + /etc/machine-info \ + /etc/vconsole.conf \ + /etc/locale.conf \ + /etc/modules-load.d/*.conf \ + /etc/sysctl.d/*.conf \ + /etc/sysctl.conf \ + /etc/udev/udev.conf + + mapfile -t _mods < <(modules_load_get /etc/modules-load.d) + [[ ${#_mods[@]} -gt 0 ]] && hostonly='' instmods "${_mods[@]}" + fi + + if ! [[ -e "$initdir/etc/machine-id" ]]; then + : > "$initdir/etc/machine-id" + chmod 444 "$initdir/etc/machine-id" + fi + + # install adm user/group for journald + inst_multiple nologin + { + grep '^systemd-journal:' "$dracutsysrootdir"/etc/passwd 2> /dev/null + grep '^adm:' "$dracutsysrootdir"/etc/passwd 2> /dev/null + # we don't use systemd-networkd, but the user is in systemd.conf tmpfiles snippet + grep '^systemd-network:' "$dracutsysrootdir"/etc/passwd 2> /dev/null + } >> "$initdir/etc/passwd" + + { + grep '^systemd-journal:' "$dracutsysrootdir"/etc/group 2> /dev/null + grep '^wheel:' "$dracutsysrootdir"/etc/group 2> /dev/null + grep '^adm:' "$dracutsysrootdir"/etc/group 2> /dev/null + grep '^utmp:' "$dracutsysrootdir"/etc/group 2> /dev/null + grep '^root:' "$dracutsysrootdir"/etc/group 2> /dev/null + # we don't use systemd-networkd, but the user is in systemd.conf tmpfiles snippet + grep '^systemd-network:' "$dracutsysrootdir"/etc/group 2> /dev/null + } >> "$initdir/etc/group" + + local _systemdbinary="$systemdutildir"/systemd + + if ldd "$_systemdbinary" | grep -qw libasan; then + local _wrapper="$systemdutildir"/systemd-asan-wrapper + cat > "$initdir"/"$_wrapper" << EOF +#!/bin/sh +mount -t proc -o nosuid,nodev,noexec proc /proc +exec $_systemdbinary +EOF + chmod 755 "$initdir"/"$_wrapper" + _systemdbinary="$_wrapper" + unset _wrapper + fi + ln_r "$_systemdbinary" "/init" + ln_r "$_systemdbinary" "/sbin/init" + + unset _systemdbinary + + inst_binary true + ln_r "$(find_binary true)" "/usr/bin/loginctl" + ln_r "$(find_binary true)" "/bin/loginctl" + inst_rules \ + 70-uaccess.rules \ + 71-seat.rules \ + 73-seat-late.rules \ + 90-vconsole.rules \ + 99-systemd.rules + + for i in \ + emergency.target \ + rescue.target \ + systemd-ask-password-console.service \ + systemd-ask-password-plymouth.service; do + [[ -f "$systemdsystemunitdir"/$i ]] || continue + $SYSTEMCTL -q --root "$initdir" add-wants "$i" systemd-vconsole-setup.service + done + + mkdir -p "$initdir/etc/systemd" + # We must use a volatile journal, and we don't want rate-limiting + { + echo "[Journal]" + echo "Storage=volatile" + echo "RateLimitInterval=0" + echo "RateLimitBurst=0" + } >> "$initdir/etc/systemd/journald.conf" + + $SYSTEMCTL -q --root "$initdir" set-default multi-user.target + + # Install library file(s) + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file \ + {"tls/$_arch/",tls/,"$_arch/",}"libnss_*" + +} diff --git a/modules.d/00warpclock/module-setup.sh b/modules.d/00warpclock/module-setup.sh new file mode 100755 index 0000000..44aa177 --- /dev/null +++ b/modules.d/00warpclock/module-setup.sh @@ -0,0 +1,39 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # hwclock does not exist on S390(x), bail out silently then + local _arch=${DRACUT_ARCH:-$(uname -m)} + [ "$_arch" = "s390" -o "$_arch" = "s390x" ] && return 1 + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries hwclock || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_hook pre-trigger 00 "$moddir/warpclock.sh" + + inst_multiple -o \ + /usr/share/zoneinfo/UTC \ + /etc/localtime \ + /etc/adjtime \ + hwclock + +} diff --git a/modules.d/00warpclock/warpclock.sh b/modules.d/00warpclock/warpclock.sh new file mode 100755 index 0000000..fb4df0b --- /dev/null +++ b/modules.d/00warpclock/warpclock.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# This file is part of dracut warpclock module. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Set the kernel's timezone and reset the system time +# if adjtime is set to LOCAL. + +if test -e /etc/adjtime; then + while read -r line; do + if test "$line" = LOCAL; then + hwclock --systz + fi + done < /etc/adjtime +fi diff --git a/modules.d/01fips/fips-boot.sh b/modules.d/01fips/fips-boot.sh new file mode 100755 index 0000000..34760e0 --- /dev/null +++ b/modules.d/01fips/fips-boot.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if ! fipsmode=$(getarg fips) || [ "$fipsmode" = "0" ]; then + rm -f -- /etc/modprobe.d/fips.conf > /dev/null 2>&1 +elif [ -z "$fipsmode" ]; then + die "FIPS mode have to be enabled by 'fips=1' not just 'fips'" +elif getarg boot= > /dev/null; then + . /sbin/fips.sh + fips_info "fips-boot: start" + if mount_boot; then + do_fips || die "FIPS integrity test failed" + fi + fips_info "fips-boot: done!" +fi diff --git a/modules.d/01fips/fips-load-crypto.sh b/modules.d/01fips/fips-load-crypto.sh new file mode 100755 index 0000000..6ef42b9 --- /dev/null +++ b/modules.d/01fips/fips-load-crypto.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if ! fipsmode=$(getarg fips) || [ "$fipsmode" = "0" ]; then + rm -f -- /etc/modprobe.d/fips.conf > /dev/null 2>&1 +elif [ -z "$fipsmode" ]; then + die "FIPS mode have to be enabled by 'fips=1' not just 'fips'" +else + . /sbin/fips.sh + fips_info "fips-load-crypto: start" + fips_load_crypto || die "FIPS integrity test failed" + fips_info "fips-load-crypto: done!" +fi diff --git a/modules.d/01fips/fips-noboot.sh b/modules.d/01fips/fips-noboot.sh new file mode 100755 index 0000000..963a034 --- /dev/null +++ b/modules.d/01fips/fips-noboot.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if ! fipsmode=$(getarg fips) || [ "$fipsmode" = "0" ]; then + rm -f -- /etc/modprobe.d/fips.conf > /dev/null 2>&1 +elif [ -z "$fipsmode" ]; then + die "FIPS mode have to be enabled by 'fips=1' not just 'fips'" +elif ! [ -f /tmp/fipsdone ]; then + . /sbin/fips.sh + fips_info "fips-noboot: start" + mount_boot + do_fips || die "FIPS integrity test failed" + fips_info "fips-noboot: done!" +fi diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh new file mode 100755 index 0000000..2e7b7cb --- /dev/null +++ b/modules.d/01fips/fips.sh @@ -0,0 +1,195 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +# systemd lets stdout go to journal only, but the system +# has to halt when the integrity check fails to satisfy FIPS. +if [ -z "$DRACUT_SYSTEMD" ]; then + fips_info() { + info "$*" + } +else + fips_info() { + echo "$*" >&2 + } +fi + +mount_boot() { + boot=$(getarg boot=) + + if [ -n "$boot" ]; then + if [ -d /boot ] && ismounted /boot; then + boot_dev= + if command -v findmnt > /dev/null; then + boot_dev=$(findmnt -n -o SOURCE /boot) + fi + fips_info "Ignoring 'boot=$boot' as /boot is already mounted ${boot_dev:+"from '$boot_dev'"}" + return 0 + fi + + case "$boot" in + LABEL=* | UUID=* | PARTUUID=* | PARTLABEL=*) + boot="$(label_uuid_to_dev "$boot")" + ;; + /dev/*) ;; + + *) + die "You have to specify boot=<boot device> as a boot option for fips=1" + ;; + esac + + if ! [ -e "$boot" ]; then + udevadm trigger --action=add > /dev/null 2>&1 + + i=0 + while ! [ -e "$boot" ]; do + udevadm settle --exit-if-exists="$boot" + [ -e "$boot" ] && break + sleep 0.5 + i=$((i + 1)) + [ $i -gt 40 ] && break + done + fi + + [ -e "$boot" ] || return 1 + + mkdir -p /boot + fips_info "Mounting $boot as /boot" + mount -oro "$boot" /boot || return 1 + FIPS_MOUNTED_BOOT=1 + elif ! ismounted /boot && [ -d "$NEWROOT/boot" ]; then + # shellcheck disable=SC2114 + rm -fr -- /boot + ln -sf "$NEWROOT/boot" /boot + else + die "You have to specify boot=<boot device> as a boot option for fips=1" + fi +} + +do_rhevh_check() { + KERNEL=$(uname -r) + kpath=${1} + + # If we're on RHEV-H, the kernel is in /run/initramfs/live/vmlinuz0 + HMAC_SUM_ORIG=$(while read -r a _ || [ -n "$a" ]; do printf "%s\n" "$a"; done < "$NEWROOT/boot/.vmlinuz-${KERNEL}.hmac") + HMAC_SUM_CALC=$(sha512hmac "$kpath" | while read -r a _ || [ -n "$a" ]; do printf "%s\n" "$a"; done || return 1) + if [ -z "$HMAC_SUM_ORIG" ] || [ -z "$HMAC_SUM_CALC" ] || [ "${HMAC_SUM_ORIG}" != "${HMAC_SUM_CALC}" ]; then + warn "HMAC sum mismatch" + return 1 + fi + fips_info "rhevh_check OK" + return 0 +} + +nonfatal_modprobe() { + modprobe "$1" 2>&1 > /dev/stdout \ + | while read -r line || [ -n "$line" ]; do + echo "${line#modprobe: FATAL: }" >&2 + done +} + +fips_load_crypto() { + local _k + local _v + local _module + local _found + + read -d '' -r FIPSMODULES < /etc/fipsmodules + + fips_info "Loading and integrity checking all crypto modules" + mv /etc/modprobe.d/fips.conf /etc/modprobe.d/fips.conf.bak + for _module in $FIPSMODULES; do + if [ "$_module" != "tcrypt" ]; then + if ! nonfatal_modprobe "${_module}" 2> /tmp/fips.modprobe_err; then + # check if kernel provides generic algo + _found=0 + while read -r _k _ _v || [ -n "$_k" ]; do + [ "$_k" != "name" -a "$_k" != "driver" ] && continue + [ "$_v" != "$_module" ] && continue + _found=1 + break + done < /proc/crypto + [ "$_found" = "0" ] && cat /tmp/fips.modprobe_err >&2 && return 1 + fi + fi + done + mv /etc/modprobe.d/fips.conf.bak /etc/modprobe.d/fips.conf + + fips_info "Self testing crypto algorithms" + modprobe tcrypt || return 1 + rmmod tcrypt +} + +do_fips() { + KERNEL=$(uname -r) + + if ! getarg rd.fips.skipkernel > /dev/null; then + + fips_info "Checking integrity of kernel" + if [ -e "/run/initramfs/live/vmlinuz0" ]; then + do_rhevh_check /run/initramfs/live/vmlinuz0 || return 1 + elif [ -e "/run/initramfs/live/isolinux/vmlinuz0" ]; then + do_rhevh_check /run/initramfs/live/isolinux/vmlinuz0 || return 1 + elif [ -e "/run/install/repo/images/pxeboot/vmlinuz" ]; then + # This is a boot.iso with the .hmac inside the install.img + do_rhevh_check /run/install/repo/images/pxeboot/vmlinuz || return 1 + else + BOOT_IMAGE="$(getarg BOOT_IMAGE)" + + # On s390x, BOOT_IMAGE isn't a path but an integer representing the + # entry number selected. Let's try the root of /boot first, and + # otherwise fallback to trying to parse the BLS entries if it's a + # BLS-based system. + if [ "$(uname -m)" = s390x ]; then + if [ -e "/boot/vmlinuz-${KERNEL}" ]; then + BOOT_IMAGE="vmlinuz-${KERNEL}" + elif [ -d /boot/loader/entries ]; then + bls=$(find /boot/loader/entries -name '*.conf' | sort -rV | sed -n "$((BOOT_IMAGE + 1))p") + if [ -e "${bls}" ]; then + BOOT_IMAGE=$(grep ^linux "${bls}" | cut -d' ' -f2) + fi + fi + fi + + # Trim off any leading GRUB boot device (e.g. ($root) ) + BOOT_IMAGE="$(echo "${BOOT_IMAGE}" | sed 's/^(.*)//')" + + BOOT_IMAGE_NAME="${BOOT_IMAGE##*/}" + BOOT_IMAGE_PATH="${BOOT_IMAGE%"${BOOT_IMAGE_NAME}"}" + + if [ -z "$BOOT_IMAGE_NAME" ]; then + BOOT_IMAGE_NAME="vmlinuz-${KERNEL}" + elif ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE_NAME}" ]; then + #if /boot is not a separate partition BOOT_IMAGE might start with /boot + BOOT_IMAGE_PATH=${BOOT_IMAGE_PATH#"/boot"} + #on some architectures BOOT_IMAGE does not contain path to kernel + #so if we can't find anything, let's treat it in the same way as if it was empty + if ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE_NAME}" ]; then + BOOT_IMAGE_NAME="vmlinuz-${KERNEL}" + BOOT_IMAGE_PATH="" + fi + fi + + BOOT_IMAGE_HMAC="/boot/${BOOT_IMAGE_PATH}/.${BOOT_IMAGE_NAME}.hmac" + if ! [ -e "${BOOT_IMAGE_HMAC}" ]; then + warn "${BOOT_IMAGE_HMAC} does not exist" + return 1 + fi + + (cd "${BOOT_IMAGE_HMAC%/*}" && sha512hmac -c "${BOOT_IMAGE_HMAC}") || return 1 + fi + fi + + fips_info "All initrd crypto checks done" + + : > /tmp/fipsdone + + if [ "$FIPS_MOUNTED_BOOT" = 1 ]; then + fips_info "Unmounting /boot" + umount /boot > /dev/null 2>&1 + else + fips_info "Not unmounting /boot" + fi + + return 0 +} diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh new file mode 100755 index 0000000..0e47c84 --- /dev/null +++ b/modules.d/01fips/module-setup.sh @@ -0,0 +1,85 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + local _fipsmodules _mod _bootfstype + if [[ -f "${srcmods}/modules.fips" ]]; then + read -d '' -r _fipsmodules < "${srcmods}/modules.fips" + else + _fipsmodules="" + + # Hashes: + _fipsmodules+="sha1 sha224 sha256 sha384 sha512 " + _fipsmodules+="sha3-224 sha3-256 sha3-384 sha3-512 " + _fipsmodules+="crc32c crct10dif ghash " + + # Ciphers: + _fipsmodules+="cipher_null des3_ede aes cfb dh ecdh " + + # Modes/templates: + _fipsmodules+="ecb cbc ctr xts gcm ccm authenc hmac cmac ofb cts " + + # Compression algs: + _fipsmodules+="deflate lzo zlib " + + # PRNG algs: + _fipsmodules+="ansi_cprng " + + # Misc: + _fipsmodules+="aead cryptomgr tcrypt crypto_user " + fi + + # shellcheck disable=SC2174 + mkdir -m 0755 -p "${initdir}/etc/modprobe.d" + + for _mod in $_fipsmodules; do + if hostonly='' instmods -c -s "$_mod"; then + echo "$_mod" >> "${initdir}/etc/fipsmodules" + echo "blacklist $_mod" >> "${initdir}/etc/modprobe.d/fips.conf" + fi + done + + # with hostonly_default_device fs module for /boot is not installed by default + if [[ $hostonly ]] && [[ $hostonly_default_device == "no" ]]; then + _bootfstype=$(find_mp_fstype /boot) + if [[ -n $_bootfstype ]]; then + hostonly='' instmods "$_bootfstype" + else + dwarning "Can't determine fs type for /boot, FIPS check may fail." + fi + fi +} + +# called by dracut +install() { + inst_hook pre-pivot 00 "$moddir/fips-boot.sh" + inst_hook pre-pivot 01 "$moddir/fips-noboot.sh" + inst_hook pre-udev 01 "$moddir/fips-load-crypto.sh" + inst_script "$moddir/fips.sh" /sbin/fips.sh + + inst_multiple sha512hmac rmmod insmod mount uname umount grep sed cut find sort + + inst_simple /etc/system-fips + [ -c "${initdir}"/dev/random ] || mknod "${initdir}"/dev/random c 1 8 \ + || { + dfatal "Cannot create /dev/random" + dfatal "To create an initramfs with fips support, dracut has to run as root" + return 1 + } + [ -c "${initdir}"/dev/urandom ] || mknod "${initdir}"/dev/urandom c 1 9 \ + || { + dfatal "Cannot create /dev/urandom" + dfatal "To create an initramfs with fips support, dracut has to run as root" + return 1 + } +} diff --git a/modules.d/01systemd-ac-power/99-initrd-power-targets.rules b/modules.d/01systemd-ac-power/99-initrd-power-targets.rules new file mode 100644 index 0000000..1490a22 --- /dev/null +++ b/modules.d/01systemd-ac-power/99-initrd-power-targets.rules @@ -0,0 +1,3 @@ +# This file is part of dracut systemd ac power module +SUBSYSTEM=="power_supply", KERNEL=="AC", ATTR{online}=="0", RUN+="/usr/sbin/systemctl start initrd-on-battery-power.target" +SUBSYSTEM=="power_supply", KERNEL=="AC", ATTR{online}=="1", RUN+="/usr/sbin/systemctl start initrd-on-ac-power.target" diff --git a/modules.d/01systemd-ac-power/initrd-on-ac-power.target b/modules.d/01systemd-ac-power/initrd-on-ac-power.target new file mode 100644 index 0000000..73a9978 --- /dev/null +++ b/modules.d/01systemd-ac-power/initrd-on-ac-power.target @@ -0,0 +1,8 @@ +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +[Unit] +Description=Initial RAM Disk On AC Power +ConditionPathExists=/usr/lib/initrd-release +DefaultDependencies=no +StopWhenUnneeded=yes diff --git a/modules.d/01systemd-ac-power/initrd-on-battery-power.target b/modules.d/01systemd-ac-power/initrd-on-battery-power.target new file mode 100644 index 0000000..fdd54a5 --- /dev/null +++ b/modules.d/01systemd-ac-power/initrd-on-battery-power.target @@ -0,0 +1,8 @@ +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +[Unit] +Description=Initial RAM Disk On Battery Power +ConditionPathExists=/usr/lib/initrd-release +DefaultDependencies=no +StopWhenUnneeded=yes diff --git a/modules.d/01systemd-ac-power/module-setup.sh b/modules.d/01systemd-ac-power/module-setup.sh new file mode 100755 index 0000000..c4e7fdd --- /dev/null +++ b/modules.d/01systemd-ac-power/module-setup.sh @@ -0,0 +1,29 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_rules "$moddir/99-initrd-power-targets.rules" + inst systemd-ac-power + inst_simple "$moddir/initrd-on-ac-power.target" "$systemdsystemunitdir/initrd-on-ac-power.target" + inst_simple "$moddir/initrd-on-battery-power.target" "$systemdsystemunitdir/initrd-on-battery-power.target" + +} diff --git a/modules.d/01systemd-ask-password/module-setup.sh b/modules.d/01systemd-ask-password/module-setup.sh new file mode 100755 index 0000000..6e78075 --- /dev/null +++ b/modules.d/01systemd-ask-password/module-setup.sh @@ -0,0 +1,60 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries \ + systemd-ask-password \ + systemd-tty-ask-password-agent \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) for the module in the initramfs. +install() { + + inst_multiple -o \ + "$systemdsystemunitdir"/systemd-ask-password-console.path \ + "$systemdsystemunitdir"/systemd-ask-password-console.service \ + "$systemdsystemunitdir"/multi-user.target.wants/systemd-ask-password-wall.path \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-ask-password-console.path \ + systemd-ask-password \ + systemd-tty-ask-password-agent + + # Enable the systemd type service unit for systemd-ask-password. + $SYSTEMCTL -q --root "$initdir" enable systemd-ask-password-console.service + + # Install systemd-ask-password plymouth units if plymouth is enabled. + if dracut_module_included "plymouth"; then + inst_multiple -o \ + "$systemdsystemunitdir"/systemd-ask-password-plymouth.path \ + "$systemdsystemunitdir"/systemd-ask-password-plymouth.service + + $SYSTEMCTL -q --root "$initdir" enable systemd-ask-password-plymouth.service + fi + + # Uncomment this section if the usecase for wall module in the initramfs arises. + # Install systemd-ask-password wall units if <wall module> is enabled. + #if dracut_module_included "<wall module>"; then + # inst_multiple -o \ + # $systemdsystemunitdir/systemd-ask-password-wall.path \ + # $systemdsystemunitdir/systemd-ask-password-wall.service \ + # $systemdsystemunitdir/multi-user.target.wants/systemd-ask-password-wall.path \ + # + # $SYSTEMCTL -q --root "$initdir" enable systemd-ask-password-wall.service + #fi +} diff --git a/modules.d/01systemd-coredump/module-setup.sh b/modules.d/01systemd-coredump/module-setup.sh new file mode 100755 index 0000000..69ec966 --- /dev/null +++ b/modules.d/01systemd-coredump/module-setup.sh @@ -0,0 +1,55 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries \ + coredumpctl \ + "$systemdutildir"/systemd-coredump \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on the systemd module. + echo systemd-journald systemd-sysctl systemd-sysusers + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_dir /var/lib/systemd/coredump + inst_multiple -o \ + "$sysctld"/50-coredump.conf \ + "$systemdutildir"/coredump.conf \ + "$systemdutildir"/systemd-coredump \ + "$systemdsystemunitdir"/systemd-coredump.socket \ + "$systemdsystemunitdir"/systemd-coredump@.service \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-coredump.socket \ + "$sysusers"/systemd-coredump.conf \ + coredumpctl + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdutilconfdir"/coredump.conf \ + "$systemdsystemconfdir/coredump.conf.d/*.conf" \ + "$systemdsystemconfdir"/systemd-coredump.socket \ + "$systemdsystemconfdir/systemd-coredump.socket.d/*.conf" \ + "$systemdsystemconfdir"/systemd-coredump@.service \ + "$systemdsystemconfdir/systemd-coredump@.service.d/*.conf" \ + "$systemdsystemconfdir"/sockets.target.wants/systemd-coredump.socket \ + "$sysusersconfdir"/systemd-coredump.conf + fi +} diff --git a/modules.d/01systemd-creds/module-setup.sh b/modules.d/01systemd-creds/module-setup.sh new file mode 100755 index 0000000..1b66519 --- /dev/null +++ b/modules.d/01systemd-creds/module-setup.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries systemd-creds || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + local deps + + # This module has external dependency on other module(s). + deps="systemd" + systemd-creds -q has-tpm2 && deps+=" tpm2-tss" + echo "$deps" + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "/usr/lib/credstore/*" \ + "/usr/lib/credstore.encrypted/*" \ + "$tmpfilesdir/credstore.conf" \ + systemd-creds + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "/etc/credstore/*" \ + "/etc/credstore.encrypted/*" + fi + +} diff --git a/modules.d/01systemd-hostnamed/99-systemd-networkd-dracut.conf b/modules.d/01systemd-hostnamed/99-systemd-networkd-dracut.conf new file mode 100644 index 0000000..2e53e2d --- /dev/null +++ b/modules.d/01systemd-hostnamed/99-systemd-networkd-dracut.conf @@ -0,0 +1,6 @@ +# This file is part of dracut systemd-hostnamed module. + +[Service] +User=systemd-network +Group=systemd-hostname +AmbientCapabilities=CAP_SYS_ADMIN diff --git a/modules.d/01systemd-hostnamed/module-setup.sh b/modules.d/01systemd-hostnamed/module-setup.sh new file mode 100755 index 0000000..2a1fa02 --- /dev/null +++ b/modules.d/01systemd-hostnamed/module-setup.sh @@ -0,0 +1,52 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries \ + hostnamectl \ + "$systemdutildir"/systemd-hostnamed \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo dbus systemd-sysusers + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_simple "$moddir/systemd-hostname-dracut.conf" "$sysusers/systemd-hostname-dracut.conf" + inst_simple "$moddir/org.freedesktop.hostname1_dracut.conf" "$dbussystem/org.freedesktop.hostname1_dracut.conf" + inst_simple "$moddir/99-systemd-networkd-dracut.conf" "$systemdsystemunitdir/systemd-hostnamed.service.d/99-systemd-networkd-dracut.conf" + + inst_multiple -o \ + "$dbussystem"/org.freedesktop.hostname1.conf \ + "$dbussystemservices"/org.freedesktop.hostname1.service \ + "$systemdutildir"/systemd-hostnamed \ + "$systemdsystemunitdir"/systemd-hostnamed.service \ + "$systemdsystemunitdir/systemd-hostnamed.service.d/*.conf" \ + "$systemdsystemunitdir"/dbus-org.freedesktop.hostname1.service \ + hostnamectl + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + /etc/hostname \ + "$systemdsystemconfdir"/systemd-hostnamed.service \ + "$systemdsystemconfdir/systemd-hostnamed.service.d/*.conf" + fi +} diff --git a/modules.d/01systemd-hostnamed/org.freedesktop.hostname1_dracut.conf b/modules.d/01systemd-hostnamed/org.freedesktop.hostname1_dracut.conf new file mode 100644 index 0000000..4410c1c --- /dev/null +++ b/modules.d/01systemd-hostnamed/org.freedesktop.hostname1_dracut.conf @@ -0,0 +1,19 @@ +<?xml version="1.0"?> <!--*-nxml-*--> +<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> + +<!-- + + This file is part of dracut systemd-hostnamed module. + +--> + +<busconfig> + + <policy group="systemd-hostname"> + <allow own="org.freedesktop.hostname1"/> + <allow send_destination="org.freedesktop.hostname1"/> + <allow receive_sender="org.freedesktop.hostname1"/> + </policy> + +</busconfig> diff --git a/modules.d/01systemd-hostnamed/systemd-hostname-dracut.conf b/modules.d/01systemd-hostnamed/systemd-hostname-dracut.conf new file mode 100644 index 0000000..3acb748 --- /dev/null +++ b/modules.d/01systemd-hostnamed/systemd-hostname-dracut.conf @@ -0,0 +1,2 @@ +# This file is part of dracut systemd-hostnamed module. +g systemd-hostname - diff --git a/modules.d/01systemd-initrd/module-setup.sh b/modules.d/01systemd-initrd/module-setup.sh new file mode 100755 index 0000000..f65041f --- /dev/null +++ b/modules.d/01systemd-initrd/module-setup.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +# called by dracut +check() { + [[ $mount_needs ]] && return 1 + + return 0 +} + +# called by dracut +depends() { + echo "systemd" +} + +installkernel() { + return 0 +} + +# called by dracut +install() { + inst_multiple -o \ + "$systemdsystemunitdir"/initrd.target \ + "$systemdsystemunitdir"/initrd-fs.target \ + "$systemdsystemunitdir"/initrd-root-device.target \ + "$systemdsystemunitdir"/initrd-root-fs.target \ + "$systemdsystemunitdir"/initrd-usr-fs.target \ + "$systemdsystemunitdir"/initrd-switch-root.target \ + "$systemdsystemunitdir"/initrd-switch-root.service \ + "$systemdsystemunitdir"/initrd-cleanup.service \ + "$systemdsystemunitdir"/initrd-udevadm-cleanup-db.service \ + "$systemdsystemunitdir"/initrd-parse-etc.service + + $SYSTEMCTL -q --root "$initdir" set-default initrd.target +} diff --git a/modules.d/01systemd-integritysetup/module-setup.sh b/modules.d/01systemd-integritysetup/module-setup.sh new file mode 100755 index 0000000..3d17640 --- /dev/null +++ b/modules.d/01systemd-integritysetup/module-setup.sh @@ -0,0 +1,59 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries \ + "$systemdutildir"/systemd-integritysetup \ + "$systemdutildir"/system-generators/systemd-integritysetup-generator \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd dm + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +installkernel() { + instmods dm-integrity +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "$systemdutildir"/systemd-integritysetup \ + "$systemdutildir"/system-generators/systemd-integritysetup-generator \ + "$systemdsystemunitdir"/integritysetup-pre.target \ + "$systemdsystemunitdir"/integritysetup.target \ + "$systemdsystemunitdir"/sysinit.target.wants/integritysetup.target + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + /etc/integritytab \ + "$systemdsystemconfdir"/integritysetup.target \ + "$systemdsystemconfdir/integritysetup.target.wants/*.target" \ + "$systemdsystemconfdir"/integritysetup-pre.target \ + "$systemdsystemconfdir/integritysetup-pre.target.wants/*.target" \ + "$systemdsystemconfdir"/sysinit.target.wants/integritysetup.target \ + "$systemdsystemconfdir/sysinit.target.wants/integritysetup.target.wants/*.target" + fi + + # Install required libraries. + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file {"tls/$_arch/",tls/,"$_arch/",}"libcryptsetup.so.*" + +} diff --git a/modules.d/01systemd-journald/initrd.conf b/modules.d/01systemd-journald/initrd.conf new file mode 100644 index 0000000..1246e05 --- /dev/null +++ b/modules.d/01systemd-journald/initrd.conf @@ -0,0 +1,9 @@ +# This file is part of dracut systemd-journal module. +# SPDX-License-Identifier: GPL-2.0-or-later +# +# Dracut requires volatile journal without rate-limiting + +[Journal] +Storage=volatile +RateLimitInterval=0 +RateLimitBurst=0 diff --git a/modules.d/01systemd-journald/module-setup.sh b/modules.d/01systemd-journald/module-setup.sh new file mode 100755 index 0000000..3cf2a1a --- /dev/null +++ b/modules.d/01systemd-journald/module-setup.sh @@ -0,0 +1,72 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries \ + journalctl \ + "$systemdutildir"/systemd-journald \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd-sysusers + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_simple "$moddir/initrd.conf" "$systemdutildir/journald.conf.d/initrd.conf" + + inst_multiple -o \ + "$systemdutildir"/journald.conf \ + "$systemdutildir/journald.conf.d/*.conf" \ + "$systemdutildir"/systemd-journald \ + "$systemdsystemunitdir"/systemd-journald.service \ + "$systemdsystemunitdir"/systemd-journald.socket \ + "$systemdsystemunitdir"/systemd-journald@.service \ + "$systemdsystemunitdir"/systemd-journald@.socket \ + "$systemdsystemunitdir"/systemd-journald-audit.socket \ + "$systemdsystemunitdir"/systemd-journald-dev-log.socket \ + "$systemdsystemunitdir"/systemd-journald-varlink@.socket \ + "$systemdsystemunitdir"/systemd-journal-catalog-update.service \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-journald-audit.socket \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-journald-dev-log.socket \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-journald.socket \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-journald.service \ + "$sysusers"/systemd-journal.conf \ + journalctl + + # Install library file(s) + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file \ + {"tls/$_arch/",tls/,"$_arch/",}"liblz4.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libzstd.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"liblzma.so.*" + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdutilconfdir"/journald.conf \ + "$systemdutilconfdir/journald.conf.d/*.conf" \ + "$systemdsystemconfdir"/systemd-journald.service \ + "$systemdsystemconfdir/systemd-journald.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-journal-catalog-update.service \ + "$systemdsystemconfdir/systemd-journal-catalog-update.service.d/*.conf" \ + "$sysusersconfdir"/systemd-journal.conf + fi + +} diff --git a/modules.d/01systemd-ldconfig/module-setup.sh b/modules.d/01systemd-ldconfig/module-setup.sh new file mode 100755 index 0000000..3a5842a --- /dev/null +++ b/modules.d/01systemd-ldconfig/module-setup.sh @@ -0,0 +1,49 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries ldconfig || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + /etc/ld.so.cache \ + /etc/ld.so.conf \ + "/etc/ld.so.conf.d/*.conf" \ + "$systemdsystemunitdir"/ldconfig.service \ + "$systemdsystemunitdir/ldconfig.service.d/*.conf" \ + "$systemdsystemunitdir"/sysinit.target.wants/ldconfig.service \ + ldconfig + + # Install required libraries. + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file {"tls/$_arch/",tls/,"$_arch/",}"ld.so" + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdsystemconfdir"/ldconfig.service \ + "$systemdsystemconfdir/ldconfig.service.d/*.conf" + fi + +} diff --git a/modules.d/01systemd-modules-load/module-setup.sh b/modules.d/01systemd-modules-load/module-setup.sh new file mode 100755 index 0000000..f9adfea --- /dev/null +++ b/modules.d/01systemd-modules-load/module-setup.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries "$systemdutildir"/systemd-modules-load || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "$modulesload/*.conf" \ + "$systemdutildir"/systemd-modules-load \ + "$systemdsystemunitdir"/systemd-modules-load.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-modules-load.service + + # Enable systemd type unit(s) + $SYSTEMCTL -q --root "$initdir" enable systemd-modules-load.service + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$modulesloadconfdir/*.conf" \ + "$systemdsystemconfdir"/systemd-modules-load.service \ + "$systemdsystemconfdir/systemd-modules-load.service.d/*.conf" + fi + +} diff --git a/modules.d/01systemd-networkd/module-setup.sh b/modules.d/01systemd-networkd/module-setup.sh new file mode 100755 index 0000000..7bbf83c --- /dev/null +++ b/modules.d/01systemd-networkd/module-setup.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + [[ $mount_needs ]] && return 1 + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries ip networkctl \ + "$systemdutildir"/systemd-networkd \ + "$systemdutildir"/systemd-network-generator \ + "$systemdutildir"/systemd-networkd-wait-online \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo dbus kernel-network-modules systemd-sysusers + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "$tmpfilesdir"/systemd-network.conf \ + "$dbussystem"/org.freedesktop.network1.conf \ + "$dbussystemservices"/org.freedesktop.network1.service \ + "$systemdutildir"/networkd.conf \ + "$systemdutildir/networkd.conf.d/*.conf" \ + "$systemdutildir"/systemd-networkd \ + "$systemdutildir"/systemd-network-generator \ + "$systemdutildir"/systemd-networkd-wait-online \ + "$systemdnetwork"/80-6rd-tunnel.network \ + "$systemdnetwork"/80-container-host0.network \ + "$systemdnetwork"/80-container-vb.network \ + "$systemdnetwork"/80-container-ve.network \ + "$systemdnetwork"/80-container-vz.network \ + "$systemdnetwork"/80-vm-vt.network \ + "$systemdnetwork"/80-wifi-adhoc.network \ + "$systemdnetwork"/99-default.link \ + "$systemdsystemunitdir"/systemd-networkd.service \ + "$systemdsystemunitdir"/systemd-networkd.socket \ + "$systemdsystemunitdir"/systemd-network-generator.service \ + "$systemdsystemunitdir"/systemd-networkd-wait-online.service \ + "$systemdsystemunitdir"/systemd-networkd-wait-online@.service \ + "$systemdsystemunitdir"/systemd-network-generator.service \ + "$sysusers"/systemd-network.conf \ + networkctl ip + + # Enable systemd type units + for i in \ + systemd-networkd.service \ + systemd-networkd.socket \ + systemd-network-generator.service \ + systemd-networkd-wait-online.service; do + $SYSTEMCTL -q --root "$initdir" enable "$i" + done + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdutilconfdir"/networkd.conf \ + "$systemdutilconfdir/networkd.conf.d/*.conf" \ + "$systemdnetworkconfdir/*" \ + "$systemdsystemconfdir"/systemd-networkd.service \ + "$systemdsystemconfdir/systemd-networkd.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-networkd.socket \ + "$systemdsystemconfdir/systemd-networkd.socket.d/*.conf" \ + "$systemdsystemconfdir"/systemd-network-generator.service \ + "$systemdsystemconfdir/systemd-network-generator.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-networkd-wait-online.service \ + "$systemdsystemconfdir/systemd-networkd-wait-online.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-networkd-wait-online@.service \ + "$systemdsystemconfdir/systemd-networkd-wait-online@.service.d/*.conf" \ + "$sysusersconfdir"/systemd-network.conf + fi +} diff --git a/modules.d/01systemd-pcrphase/module-setup.sh b/modules.d/01systemd-pcrphase/module-setup.sh new file mode 100755 index 0000000..fa960a4 --- /dev/null +++ b/modules.d/01systemd-pcrphase/module-setup.sh @@ -0,0 +1,43 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries "$systemdutildir"/systemd-pcrphase || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd tpm2-tss + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "$systemdutildir"/systemd-pcrphase \ + "$systemdsystemunitdir"/systemd-pcrphase-initrd.service \ + "$systemdsystemunitdir/systemd-pcrphase-initrd.service.d/*.conf" \ + "$systemdsystemunitdir"/initrd.target.wants/systemd-pcrphase-initrd.service + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdsystemconfdir"/systemd-pcrphase-initrd.service \ + "$systemdsystemconfdir/systemd-pcrphase-initrd.service.d/*.conf" \ + "$systemdsystemconfdir"/initrd.target.wants/systemd-pcrphase-initrd.service + fi + +} diff --git a/modules.d/01systemd-portabled/module-setup.sh b/modules.d/01systemd-portabled/module-setup.sh new file mode 100755 index 0000000..ccbc11f --- /dev/null +++ b/modules.d/01systemd-portabled/module-setup.sh @@ -0,0 +1,82 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries \ + portablectl \ + "$systemdutildir"/systemd-portabled \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo dbus + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install kernel module(s). +installkernel() { + instmods loop squashfs +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + # It's intended to work only with raw binary disk images contained in + # regular files, but not with directory trees. + local _nonraw + _nonraw=$(portablectl --no-pager --no-legend list | grep -v " raw " | cut -d ' ' -f1 | tr '\n' ' ') + if [ -n "$_nonraw" ]; then + dwarn "systemd-portabled: this module only installs raw disk images in the initramfs; skipping: $_nonraw" + fi + + inst_multiple -o \ + "/var/lib/portables/*.raw" \ + "/usr/lib/portables/*.raw" \ + "$tmpfilesdir/portables.conf" \ + "$dbussystem"/org.freedesktop.portable1.conf \ + "$dbussystemservices"/org.freedesktop.portable1.service \ + "$systemdutildir"/systemd-portabled \ + "$systemdutildir/portable/profile/default/*.conf" \ + "$systemdutildir/portable/profile/nonetwork/*.conf" \ + "$systemdutildir/portable/profile/strict/*.conf" \ + "$systemdutildir/portable/profile/trusted/*.conf" \ + "$systemdsystemunitdir"/systemd-portabled.service \ + "$systemdsystemunitdir/systemd-portabled.service.d/*.conf" \ + "$systemdsystemunitdir"/dbus-org.freedesktop.portable1.service \ + portablectl + + # The existence of this file is required + touch "$initdir"/etc/resolv.conf + + # Enable systemd type unit(s) + $SYSTEMCTL -q --root "$initdir" add-wants initrd.target systemd-portabled.service + $SYSTEMCTL -q --root "$initdir" enable systemd-portabled.service + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "/etc/portables/*.raw" \ + "$systemdutilconfdir/system.attached/*" \ + "$systemdutilconfdir/system.attached/*/*" \ + "$systemdutilconfdir/portable/profile/default/*.conf" \ + "$systemdutilconfdir/portable/profile/nonetwork/*.conf" \ + "$systemdutilconfdir/portable/profile/strict/*.conf" \ + "$systemdutilconfdir/portable/profile/trusted/*.conf" \ + "$systemdsystemconfdir"/systemd-portabled.service \ + "$systemdsystemconfdir/systemd-portabled.service.d/*.conf" + fi + +} diff --git a/modules.d/01systemd-pstore/module-setup.sh b/modules.d/01systemd-pstore/module-setup.sh new file mode 100755 index 0000000..67034bb --- /dev/null +++ b/modules.d/01systemd-pstore/module-setup.sh @@ -0,0 +1,53 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries "$systemdutildir"/systemd-pstore || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install kernel module(s). +installkernel() { + instmods efi-pstore +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_dir /var/lib/systemd/pstore + inst_multiple -o \ + "$tmpfilesdir/systemd-pstore.conf" \ + "$systemdutildir"/systemd-pstore \ + "$systemdsystemunitdir"/systemd-pstore.service \ + "$systemdsystemunitdir/systemd-pstore.service.d/*.conf" + + # Enable systemd type unit(s) + $SYSTEMCTL -q --root "$initdir" enable systemd-pstore.service + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdutilconfdir"/pstore.conf \ + "$systemdutilconfdir/pstore.conf.d/*.conf" \ + "$systemdsystemconfdir"/systemd-pstore.service \ + "$systemdsystemconfdir/systemd-pstore.service.d/*.conf" + fi + +} diff --git a/modules.d/01systemd-repart/module-setup.sh b/modules.d/01systemd-repart/module-setup.sh new file mode 100755 index 0000000..19b7e73 --- /dev/null +++ b/modules.d/01systemd-repart/module-setup.sh @@ -0,0 +1,40 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries systemd-repart || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) for the module in the initramfs. +install() { + + inst_multiple -o \ + "/usr/lib/repart.d/*.conf" \ + "$systemdsystemunitdir"/systemd-repart.service \ + "$systemdsystemunitdir"/initrd-root-fs.target.wants/systemd-repart.service \ + systemd-repart + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "/etc/repart.d/*.conf" \ + "$systemdsystemconfdir"/systemd-repart.service \ + "$systemdsystemconfdir/systemd-repart.service.d/*.conf" + fi +} diff --git a/modules.d/01systemd-resolved/module-setup.sh b/modules.d/01systemd-resolved/module-setup.sh new file mode 100755 index 0000000..0c2e8c2 --- /dev/null +++ b/modules.d/01systemd-resolved/module-setup.sh @@ -0,0 +1,58 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries \ + resolvectl \ + "$systemdutildir"/systemd-resolved \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo dbus systemd-sysusers + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_simple "$moddir/resolved-tmpfile-dracut.conf" "$tmpfilesdir/resolved-tmpfile-dracut.conf" + + inst_multiple -o \ + "$dbussystem"/org.freedesktop.resolve1.conf \ + "$dbussystemservices"/org.freedesktop.resolve1.service \ + "$systemdutildir"/resolv.conf \ + "$systemdutildir"/resolved.conf \ + "$systemdutildir/resolved.conf.d/*.conf" \ + "$systemdutildir"/systemd-resolved \ + "$systemdsystemunitdir"/systemd-resolved.service \ + "$systemdsystemunitdir/systemd-resolved.service.d/*.conf" \ + "$sysusers"/systemd-resolve.conf \ + resolvectl + + # Enable systemd type unit(s) + $SYSTEMCTL -q --root "$initdir" enable systemd-resolved.service + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdutilconfdir"/resolved.conf \ + "$systemdutilconfdir/resolved.conf.d/*.conf" \ + "$systemdsystemconfdir"/systemd-resolved.service \ + "$systemdsystemconfdir/systemd-resolved.service.d/*.conf" \ + "$sysusersconfdir"/systemd-resolve.conf + fi +} diff --git a/modules.d/01systemd-resolved/resolved-tmpfile-dracut.conf b/modules.d/01systemd-resolved/resolved-tmpfile-dracut.conf new file mode 100644 index 0000000..6b7daa9 --- /dev/null +++ b/modules.d/01systemd-resolved/resolved-tmpfile-dracut.conf @@ -0,0 +1,2 @@ +# This file is part of dracut systemd-resolved module. +L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf diff --git a/modules.d/01systemd-sysctl/module-setup.sh b/modules.d/01systemd-sysctl/module-setup.sh new file mode 100755 index 0000000..d0eb779 --- /dev/null +++ b/modules.d/01systemd-sysctl/module-setup.sh @@ -0,0 +1,47 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries "$systemdutildir"/systemd-sysctl || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd-modules-load + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) for the module in the initramfs. +install() { + + inst_multiple -o \ + "$sysctld/*.conf" \ + "$systemdsystemunitdir"/systemd-sysctl.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-sysctl.service \ + "$systemdutildir"/systemd-sysctl + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + /etc/sysctl.conf \ + "$sysctlconfdir/*.conf" \ + "$systemdsystemconfdir"/systemd-sysctl.service \ + "$systemdsystemconfdir/systemd-sysctl.service.d/*.conf" + fi + + # Enable the systemd type service unit for sysctl. + $SYSTEMCTL -q --root "$initdir" enable systemd-sysctl.service + +} diff --git a/modules.d/01systemd-sysext/module-setup.sh b/modules.d/01systemd-sysext/module-setup.sh new file mode 100755 index 0000000..b95a480 --- /dev/null +++ b/modules.d/01systemd-sysext/module-setup.sh @@ -0,0 +1,47 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries systemd-sysext || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "/usr/lib/extensions/*" \ + "/usr/lib/extension-release.d/extension-release.*" \ + "$systemdsystemunitdir"/systemd-sysext.service \ + "$systemdsystemunitdir/systemd-sysext.service.d/*.conf" \ + systemd-sysext + + # Enable systemd type unit(s) + $SYSTEMCTL -q --root "$initdir" enable systemd-sysext.service + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "/etc/extensions/*" \ + "$systemdsystemconfdir"/systemd-sysext.service \ + "$systemdsystemconfdir/systemd-sysext.service.d/*.conf" + fi + +} diff --git a/modules.d/01systemd-sysusers/module-setup.sh b/modules.d/01systemd-sysusers/module-setup.sh new file mode 100755 index 0000000..4ec48dc --- /dev/null +++ b/modules.d/01systemd-sysusers/module-setup.sh @@ -0,0 +1,45 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries systemd-sysusers || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_simple "$moddir/sysusers-dracut.conf" "$systemdsystemunitdir/systemd-sysusers.service.d/sysusers-dracut.conf" + + inst_multiple -o \ + "$sysusers"/basic.conf \ + "$sysusers"/systemd.conf \ + "$systemdsystemunitdir"/systemd-sysusers.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-sysusers.service \ + systemd-sysusers + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$sysusersconfdir"/basic.conf \ + "$sysusersconfdir"/systemd.conf \ + "$systemdsystemconfdir"/systemd-sysusers.service \ + "$systemdsystemconfdir/systemd-sysusers.service.d/*.conf" + fi + +} diff --git a/modules.d/01systemd-sysusers/sysusers-dracut.conf b/modules.d/01systemd-sysusers/sysusers-dracut.conf new file mode 100644 index 0000000..9b13364 --- /dev/null +++ b/modules.d/01systemd-sysusers/sysusers-dracut.conf @@ -0,0 +1,2 @@ +[Unit] +ConditionNeedsUpdate= diff --git a/modules.d/01systemd-timedated/module-setup.sh b/modules.d/01systemd-timedated/module-setup.sh new file mode 100755 index 0000000..5e9c5ca --- /dev/null +++ b/modules.d/01systemd-timedated/module-setup.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries \ + timedatectl \ + "$systemdutildir"/systemd-timedated \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo dbus + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "$dbussystem"/org.freedesktop.timedate1.conf \ + "$dbussystemservices"/org.freedesktop.timedate1.service \ + "$systemdutildir"/systemd-timedated \ + "$systemdsystemunitdir"/systemd-timedated.service \ + "$systemdsystemunitdir"/dbus-org.freedesktop.timedate1.service \ + timedatectl + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdsystemconfdir"/systemd-timedated.service \ + "$systemdsystemconfdir/systemd-timedated.service.d/*.conf" + fi +} diff --git a/modules.d/01systemd-timesyncd/module-setup.sh b/modules.d/01systemd-timesyncd/module-setup.sh new file mode 100755 index 0000000..a2c6754 --- /dev/null +++ b/modules.d/01systemd-timesyncd/module-setup.sh @@ -0,0 +1,67 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries \ + "$systemdutildir"/systemd-timesyncd \ + "$systemdutildir"/systemd-time-wait-sync \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo dbus systemd-sysusers systemd-timedated + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + # Enable this if networkd ( not the module ) is disabled at build time and you want to use timesyncd + # inst_simple "$moddir/timesyncd-tmpfile-dracut.conf" "$tmpfilesdir/timesyncd-tmpfile-dracut.conf" + + inst_multiple -o \ + "$dbussystem"/org.freedesktop.timesync1.conf \ + "$dbussystemservices"/org.freedesktop.timesync1.service \ + "$systemdntpunits/*.list" \ + "$systemdutildir"/systemd-timesyncd \ + "$systemdutildir"/systemd-time-wait-sync \ + "$systemdutildir/timesyncd.conf.d/*.conf" \ + "$systemdsystemunitdir"/systemd-timesyncd.service \ + "$systemdsystemunitdir/systemd-timesyncd.service.d/*.conf" \ + "$systemdsystemunitdir"/systemd-time-wait-sync.service \ + "$systemdsystemunitdir/systemd-time-wait-sync.service.d/*.conf" \ + "$sysusers"/systemd-timesync.conf + + # Enable systemd type unit(s) + for i in \ + systemd-timesyncd.service \ + systemd-time-wait-sync.service; do + $SYSTEMCTL -q --root "$initdir" enable "$i" + done + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$systemdntpunitsconfdir/*.list" \ + "$systemdutilconfdir"/timesyncd.conf \ + "$systemdutilconfdir/timesyncd.conf.d/*.conf" \ + "$systemdsystemconfdir"/systemd-timesyncd.service \ + "$systemdsystemconfdir/systemd-timesyncd.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-time-wait-sync.service \ + "$systemdsystemconfdir/systemd-time-wait-sync.service.d/*.conf" \ + "$sysusersconfdir"/systemd-timesync.conf + fi +} diff --git a/modules.d/01systemd-timesyncd/timesyncd-tmpfile-dracut.conf b/modules.d/01systemd-timesyncd/timesyncd-tmpfile-dracut.conf new file mode 100644 index 0000000..14c78bb --- /dev/null +++ b/modules.d/01systemd-timesyncd/timesyncd-tmpfile-dracut.conf @@ -0,0 +1,2 @@ +# This file is part of dracut systemd-timesyncd module. +d /run/systemd/netif/links 0755 root root - diff --git a/modules.d/01systemd-tmpfiles/module-setup.sh b/modules.d/01systemd-tmpfiles/module-setup.sh new file mode 100755 index 0000000..6bd42c0 --- /dev/null +++ b/modules.d/01systemd-tmpfiles/module-setup.sh @@ -0,0 +1,71 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries systemd-tmpfiles || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + # Excluding "$tmpfilesdir/home.conf", sets up /home /srv + # Excluding "$tmpfilesdir/journal-nocow.conf", requires specific btrfs setup + # Excluding "$tmpfilesdir/legacy.conf", belongs in separated legacy module + # Excluding "$tmpfilesdir/systemd-nologin.conf", belongs in separated pam module + # Excluding "$tmpfilesdir/systemd-nspawn.conf", belongs in separated machined module + # Excluding "$tmpfilesdir/x11.conf", belongs in separated x11 module + + inst_multiple -o \ + /usr/lib/group \ + /usr/lib/passwd \ + "$tmpfilesdir/etc.conf" \ + "$tmpfilesdir/static-nodes-permissions.conf" \ + "$tmpfilesdir/systemd-tmp.conf" \ + "$tmpfilesdir/systemd.conf" \ + "$tmpfilesdir/var.conf" \ + "$systemdsystemunitdir"/systemd-tmpfiles-clean.service \ + "$systemdsystemunitdir/systemd-tmpfiles-clean.service.d/*.conf" \ + "$systemdsystemunitdir"/systemd-tmpfiles-setup.service \ + "$systemdsystemunitdir/systemd-tmpfiles-setup.service.d/*.conf" \ + "$systemdsystemunitdir"/systemd-tmpfiles-setup-dev.service \ + "$systemdsystemunitdir/systemd-tmpfiles-setup-dev.service.d/*.conf" \ + "$systemdsystemunitdir"/systemd-tmpfiles-setup-dev-early.service \ + "$systemdsystemunitdir/systemd-tmpfiles-setup-dev-early.service.d/*.conf" \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-tmpfiles-setup.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-tmpfiles-setup-dev.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-tmpfiles-setup-dev-early.service \ + systemd-tmpfiles + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + /etc/group \ + /etc/passwd \ + "$tmpfilesconfdir/*.conf" \ + "$systemdsystemconfdir"/systemd-tmpfiles-clean.service \ + "$systemdsystemconfdir/systemd-tmpfiles-clean.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-tmpfiles-setup.service \ + "$systemdsystemconfdir/systemd-tmpfiles-setup.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-tmpfiles-setup-dev.service \ + "$systemdsystemconfdir/systemd-tmpfiles-setup-dev.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-tmpfiles-setup-dev-early.service \ + "$systemdsystemconfdir/systemd-tmpfiles-setup-dev-early.service.d/*.conf" + fi + +} diff --git a/modules.d/01systemd-udevd/module-setup.sh b/modules.d/01systemd-udevd/module-setup.sh new file mode 100755 index 0000000..ce5d2a3 --- /dev/null +++ b/modules.d/01systemd-udevd/module-setup.sh @@ -0,0 +1,112 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries \ + udevadm \ + "$systemdutildir"/systemd-udevd \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "$udevdir"/hwdb.bin \ + "$udevdir"/udev.conf \ + "$udevdir"/ata_id \ + "$udevdir"/cdrom_id \ + "$udevdir"/dmi_memory_id \ + "$udevdir"/fido_id \ + "$udevdir"/mtd_probe \ + "$udevdir"/mtp-probe \ + "$udevdir"/scsi_id \ + "$udevdir"/v4l_id \ + "$udevrulesdir"/50-udev-default.rules \ + "$udevrulesdir"/60-autosuspend.rules \ + "$udevrulesdir"/60-block.rules \ + "$udevrulesdir"/60-cdrom_id.rules \ + "$udevrulesdir"/60-drm.rules \ + "$udevrulesdir"/60-evdev.rules \ + "$udevrulesdir"/60-fido-id.rules \ + "$udevrulesdir"/60-input-id.rules \ + "$udevrulesdir"/60-persistent-alsa.rules \ + "$udevrulesdir"/60-persistent-input.rules \ + "$udevrulesdir"/60-persistent-storage-tape.rules \ + "$udevrulesdir"/60-persistent-storage.rules \ + "$udevrulesdir"/60-persistent-v4l.rules \ + "$udevrulesdir"/60-sensor.rules \ + "$udevrulesdir"/60-serial.rules \ + "$udevrulesdir"/64-btrfs.rules \ + "$udevrulesdir"/70-joystick.rules \ + "$udevrulesdir"/70-memory.rules \ + "$udevrulesdir"/70-mouse.rules \ + "$udevrulesdir"/70-touchpad.rules \ + "$udevrulesdir"/75-net-description.rules \ + "$udevrulesdir"/75-probe_mtd.rules \ + "$udevrulesdir"/78-sound-card.rules \ + "$udevrulesdir"/80-drivers.rules \ + "$udevrulesdir"/80-net-setup-link.rules \ + "$udevrulesdir"/81-net-dhcp.rules \ + "$udevrulesdir"/99-systemd.rules \ + "$systemdutildir"/systemd-udevd \ + "$systemdsystemunitdir"/systemd-udevd.service \ + "$systemdsystemunitdir/systemd-udevd.service.d/*.conf" \ + "$systemdsystemunitdir"/systemd-udev-trigger.service \ + "$systemdsystemunitdir/systemd-udev-trigger.service.d/*.conf" \ + "$systemdsystemunitdir"/systemd-udev-settle.service \ + "$systemdsystemunitdir/systemd-udev-settle.service.d/*.conf" \ + "$systemdsystemunitdir"/systemd-udevd-control.socket \ + "$systemdsystemunitdir"/systemd-udevd-kernel.socket \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-udevd-control.socket \ + "$systemdsystemunitdir"/sockets.target.wants/systemd-udevd-kernel.socket \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-udevd.service \ + "$systemdsystemunitdir"/sysinit.target.wants/systemd-udev-trigger.service \ + udevadm + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$udevconfdir"/hwdb.bin \ + "$udevconfdir"/udev.conf \ + "$udevrulesconfdir/*.rules" \ + "$systemdutilconfdir"/hwdb/hwdb.bin \ + "$systemdsystemconfdir"/systemd-udevd.service \ + "$systemdsystemconfdir/systemd-udevd.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-udev-trigger.service \ + "$systemdsystemconfdir/systemd-udev-trigger.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-udev-settle.service \ + "$systemdsystemconfdir/systemd-udev-settle.service.d/*.conf" \ + "$systemdsystemconfdir"/systemd-udevd-control.socket \ + "$systemdsystemconfdir/systemd-udevd-control.socket.d/*.conf" \ + "$systemdsystemconfdir"/systemd-udevd-kernel.socket \ + "$systemdsystemconfdir/systemd-udevd-kernel.socket.d/*.conf" \ + "$systemdsystemconfdir"/sockets.target.wants/systemd-udevd-control.socket \ + "$systemdsystemconfdir"/sockets.target.wants/systemd-udevd-kernel.socket \ + "$systemdsystemconfdir"/sysinit.target.wants/systemd-udevd.service \ + "$systemdsystemconfdir"/sysinit.target.wants/systemd-udev-trigger.service + fi + + # Install required libraries. + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file {"tls/$_arch/",tls/,"$_arch/",}"libudev.so.*" + +} diff --git a/modules.d/01systemd-veritysetup/module-setup.sh b/modules.d/01systemd-veritysetup/module-setup.sh new file mode 100755 index 0000000..fecfecc --- /dev/null +++ b/modules.d/01systemd-veritysetup/module-setup.sh @@ -0,0 +1,60 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries \ + "$systemdutildir"/systemd-veritysetup \ + "$systemdutildir"/system-generators/systemd-veritysetup-generator \ + || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd dm + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "$systemdutildir"/systemd-veritysetup \ + "$systemdutildir"/system-generators/systemd-veritysetup-generator \ + "$systemdsystemunitdir"/remote-veritysetup.target \ + "$systemdsystemunitdir"/veritysetup-pre.target \ + "$systemdsystemunitdir"/veritysetup.target \ + "$systemdsystemunitdir"/sysinit.target.wants/veritysetup.target \ + "$systemdsystemunitdir"/initrd-root-device.target.wants/remote-veritysetup.target + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + /etc/veritytab \ + "$systemdsystemconfdir"/veritysetup.target \ + "$systemdsystemconfdir/veritysetup.target.wants/*.target" \ + "$systemdsystemconfdir"/veritysetup-pre.target \ + "$systemdsystemconfdir/veritysetup-pre.target.wants/*.target" \ + "$systemdsystemconfdir"/remote-veritysetup.target \ + "$systemdsystemconfdir/remote-veritysetup.target.wants/*.target" \ + "$systemdsystemconfdir"/sysinit.target.wants/veritysetup.target \ + "$systemdsystemconfdir/sysinit.target.wants/veritysetup.target.wants/*.target" \ + "$systemdsystemconfdir"/initrd-root-device.target.wants/remote-veritysetup.target + fi + + # Install required libraries. + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file {"tls/$_arch/",tls/,"$_arch/",}"libcryptsetup.so.*" + +} diff --git a/modules.d/02caps/README b/modules.d/02caps/README new file mode 100644 index 0000000..34e0f02 --- /dev/null +++ b/modules.d/02caps/README @@ -0,0 +1,33 @@ +This adds the following parameters: +rd.caps=1 + turn the caps module on/off +rd.caps.initdrop=cap_sys_module,cap_sys_rawio + drop the specified comma separated capabilities +rd.caps.disablemodules=1 + turn off module loading +rd.caps.disablekexec=1 + turn off the kexec functionality + +If module loading is turned off, all modules have to be loaded in the +initramfs, which are used later on. This can be done with +"rd.driver.pre=" +rd.driver.pre=autofs4,sunrpc,ipt_REJECT,nf_conntrack_ipv4,.... + +Because the kernel command line would get huge with all those drivers, I +recommend to make use of $initramfs/etc/cmdline. + +So, all rd.caps.* and rd.driver.pre arguments are in caps.conf can be +copied to $initramfs/etc/cmdline with "-i caps.conf /etc/cmdline". + +Also all modules have to be loaded in the initramfs via "--add-drivers". + +The resulting initramfs creation would look like this: + + --add-drivers "autofs4 sunrpc ipt_REJECT nf_conntrack_ipv4 \ + nf_defrag_ipv4 iptable_filter ip_tables + ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack + ip6table_filter ip6_tables dm_mirror dm_region_hash dm_log uinput ppdev + parport_pc parport ipv6 sg 8139too 8139cp mii i2c_piix4 i2c_core ext3 + jbd mbcache sd_mod crc_t10dif sr_mod cdrom ata_generic pata_acpi ata_piix + dm_mod" \ + /boot/initramfs-caps.img diff --git a/modules.d/02caps/caps.sh b/modules.d/02caps/caps.sh new file mode 100755 index 0000000..6c28299 --- /dev/null +++ b/modules.d/02caps/caps.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +capsmode=$(getarg rd.caps) + +if [ "$capsmode" = "1" ]; then + CAPS_INIT_DROP=$(getarg rd.caps.initdrop=) + # shellcheck disable=SC2016 + CAPS_USERMODEHELPER_BSET=$(capsh --drop="$CAPS_INIT_DROP" -- -c 'while read a b || [ -n "$a" ]; do [ "$a" = "CapBnd:" ] && echo $((0x${b:$((${#b}-8)):8})) $((0x${b:$((${#b}-16)):8})) && break; done < /proc/self/status') + CAPS_MODULES_DISABLED=$(getarg rd.caps.disablemodules=) + CAPS_KEXEC_DISABLED=$(getarg rd.caps.disablekexec=) + + info "Loading CAPS_MODULES $CAPS_MODULES" + for i in $CAPS_MODULES; do modprobe "$i" 2>&1 > /dev/null | vinfo; done + + if [ "$CAPS_MODULES_DISABLED" = "1" -a -e /proc/sys/kernel/modules_disabled ]; then + info "Disabling module loading." + echo "$CAPS_MODULES_DISABLED" > /proc/sys/kernel/modules_disabled + fi + + if [ "$CAPS_KEXEC_DISABLED" = "1" -a -e /proc/sys/kernel/kexec_disabled ]; then + info "Disabling kexec." + echo "$CAPS_KEXEC_DISABLED" > /proc/sys/kernel/kexec_disabled + fi + + info "CAPS_USERMODEHELPER_BSET=$CAPS_USERMODEHELPER_BSET" + if [ -e /proc/sys/kernel/usermodehelper/bset ]; then + info "Setting usermode helper bounding set." + echo "$CAPS_USERMODEHELPER_BSET" > /proc/sys/kernel/usermodehelper/bset + echo "$CAPS_USERMODEHELPER_BSET" > /proc/sys/kernel/usermodehelper/inheritable + fi + + echo "CAPS_INIT_DROP=\"$CAPS_INIT_DROP\"" > /etc/capsdrop + info "Will drop capabilities $CAPS_INIT_DROP from init." +fi diff --git a/modules.d/02caps/module-setup.sh b/modules.d/02caps/module-setup.sh new file mode 100755 index 0000000..18073e2 --- /dev/null +++ b/modules.d/02caps/module-setup.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +# called by dracut +check() { + require_binaries capsh + return 255 +} + +# called by dracut +depends() { + echo bash + return 0 +} + +# called by dracut +install() { + if ! dracut_module_included "systemd"; then + inst_hook pre-pivot 00 "$moddir/caps.sh" + inst "$(find_binary capsh 2> /dev/null)" /usr/sbin/capsh + # capsh wants bash and we need bash also + inst /bin/bash + else + dwarning "caps: does not work with systemd in the initramfs" + fi +} diff --git a/modules.d/03modsign/load-modsign-keys.sh b/modules.d/03modsign/load-modsign-keys.sh new file mode 100755 index 0000000..a489067 --- /dev/null +++ b/modules.d/03modsign/load-modsign-keys.sh @@ -0,0 +1,11 @@ +#!/bin/sh +# +# Licensed under the GPLv2 +# +# Copyright 2013 Red Hat, Inc. +# Peter Jones <pjones@redhat.com> + +for x in /lib/modules/keys/*; do + [ "${x}" = "/lib/modules/keys/*" ] && break + keyctl padd asymmetric "" %:.secondary_trusted_keys < "${x}" +done diff --git a/modules.d/03modsign/module-setup.sh b/modules.d/03modsign/module-setup.sh new file mode 100755 index 0000000..56e2bdb --- /dev/null +++ b/modules.d/03modsign/module-setup.sh @@ -0,0 +1,38 @@ +#!/bin/bash +# +# Licensed under the GPLv2 +# +# Copyright 2013 Red Hat, Inc. +# Peter Jones <pjones@redhat.com> + +# called by dracut +check() { + require_binaries keyctl || return 1 + + # do not include module in hostonly mode, + # if no keys are present + if [[ $hostonly ]]; then + x=$(echo "$dracutsysrootdir"/lib/modules/keys/*) + [[ ${x} == "$dracutsysrootdir/lib/modules/keys/*" ]] && return 255 + fi + + return 0 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_dir /lib/modules/keys + inst_binary keyctl + + inst_hook pre-trigger 01 "$moddir/load-modsign-keys.sh" + + for x in "$dracutsysrootdir"/lib/modules/keys/*; do + [[ ${x} == "$dracutsysrootdir/lib/modules/keys/*" ]] && break + inst_simple "${x#"$dracutsysrootdir"}" + done +} diff --git a/modules.d/03rescue/module-setup.sh b/modules.d/03rescue/module-setup.sh new file mode 100755 index 0000000..d7e7e6f --- /dev/null +++ b/modules.d/03rescue/module-setup.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +# called by dracut +check() { + # do not add this module by default + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_multiple -o ps grep more cat rm strace free showmount \ + ping netstat rpcinfo vi scp ping6 ssh \ + fsck fsck.ext2 fsck.ext4 fsck.ext3 fsck.ext4dev fsck.f2fs fsck.vfat e2fsck +} diff --git a/modules.d/04watchdog-modules/module-setup.sh b/modules.d/04watchdog-modules/module-setup.sh new file mode 100755 index 0000000..2a94e34 --- /dev/null +++ b/modules.d/04watchdog-modules/module-setup.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + return 0 +} + +installkernel() { + local -A _drivers + local _wdtdrv + + for _wd in /sys/class/watchdog/*; do + ! [ -e "$_wd" ] && continue + _wdtdrv=$(get_dev_module "$_wd") + if [[ $_wdtdrv ]]; then + instmods "$_wdtdrv" + for i in $_wdtdrv; do + _drivers[$i]=1 + done + fi + done + + # ensure that watchdog module is loaded as early as possible + if [[ ${!_drivers[*]} ]]; then + echo "rd.driver.pre=\"$( + IFS=, + echo "${!_drivers[*]}" + )\"" > "${initdir}"/etc/cmdline.d/00-watchdog.conf + fi + return 0 +} diff --git a/modules.d/04watchdog/module-setup.sh b/modules.d/04watchdog/module-setup.sh new file mode 100755 index 0000000..e9ce878 --- /dev/null +++ b/modules.d/04watchdog/module-setup.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + echo watchdog-modules + return 0 +} + +# called by dracut +install() { + # Do not add watchdog hooks if systemd module is included + # In that case, systemd will manage watchdog kick + if ! dracut_module_included "systemd"; then + inst_hook cmdline 00 "$moddir/watchdog.sh" + inst_hook cmdline 50 "$moddir/watchdog.sh" + inst_hook pre-trigger 00 "$moddir/watchdog.sh" + inst_hook initqueue 00 "$moddir/watchdog.sh" + inst_hook mount 00 "$moddir/watchdog.sh" + inst_hook mount 50 "$moddir/watchdog.sh" + inst_hook mount 99 "$moddir/watchdog.sh" + inst_hook pre-pivot 00 "$moddir/watchdog.sh" + inst_hook pre-pivot 99 "$moddir/watchdog.sh" + inst_hook cleanup 00 "$moddir/watchdog.sh" + inst_hook cleanup 99 "$moddir/watchdog.sh" + fi + + inst_hook emergency 02 "$moddir/watchdog-stop.sh" + inst_multiple -o wdctl +} diff --git a/modules.d/04watchdog/watchdog-stop.sh b/modules.d/04watchdog/watchdog-stop.sh new file mode 100755 index 0000000..921f969 --- /dev/null +++ b/modules.d/04watchdog/watchdog-stop.sh @@ -0,0 +1,2 @@ +#!/bin/sh +[ -c /dev/watchdog ] && printf 'V' > /dev/watchdog diff --git a/modules.d/04watchdog/watchdog.sh b/modules.d/04watchdog/watchdog.sh new file mode 100755 index 0000000..22919ee --- /dev/null +++ b/modules.d/04watchdog/watchdog.sh @@ -0,0 +1,12 @@ +#!/bin/sh +if [ -e /dev/watchdog ]; then + if [ ! -e /tmp/watchdog_timeout ]; then + wdctl -s 60 /dev/watchdog > /dev/null 2>&1 + : > /tmp/watchdog_timeout + fi + info "Triggering watchdog" + : > /dev/watchdog +else + modprobe ib700wdt + modprobe i6300esb +fi diff --git a/modules.d/05busybox/module-setup.sh b/modules.d/05busybox/module-setup.sh new file mode 100755 index 0000000..86b3761 --- /dev/null +++ b/modules.d/05busybox/module-setup.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +# called by dracut +check() { + require_binaries busybox || return 1 + + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + local _i _path _busybox + local _progs=() + _busybox=$(find_binary busybox) + inst "$_busybox" /usr/bin/busybox + for _i in $($_busybox --list); do + [[ ${_i} == busybox ]] && continue + _progs+=("${_i}") + done + + for _i in "${_progs[@]}"; do + _path=$(find_binary "$_i") + [ -z "$_path" ] && continue + ln_r /usr/bin/busybox "$_path" + done +} diff --git a/modules.d/06dbus-broker/module-setup.sh b/modules.d/06dbus-broker/module-setup.sh new file mode 100755 index 0000000..a38fce8 --- /dev/null +++ b/modules.d/06dbus-broker/module-setup.sh @@ -0,0 +1,93 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries busctl || return 1 + require_binaries dbus-broker || return 1 + require_binaries dbus-broker-launch || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + # This module has external dependency on the systemd module. + echo systemd systemd-sysusers + # Return 0 to include the dependent systemd module in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + # Create dbus related directories. + inst_dir "$dbus" + inst_dir "$dbusinterfaces" + inst_dir "$dbusservices" + inst_dir "$dbussession" + inst_dir "$dbussystem" + inst_dir "$dbussystemservices" + inst_dir "$dbusconfdir" + inst_dir "$dbusinterfacesconfdir" + inst_dir "$dbusservicesconfdir" + inst_dir "$dbussessionconfdir" + inst_dir "$dbussystemconfdir" + inst_dir "$dbussystemservicesconfdir" + + inst_multiple -o \ + "$dbus"/session.conf \ + "$dbus"/system.conf \ + "$dbussystem"/org.freedesktop.systemd1.conf \ + "$dbusservicesconfdir"/org.freedesktop.systemd1.service \ + "$dbussystemservices"/org.freedesktop.systemd1.service \ + "$sysusers"/dbus.conf \ + "$systemdcatalog"/dbus-broker.catalog \ + "$systemdcatalog"/dbus-broker-launch.catalog \ + "$systemdsystemunitdir"/dbus-broker.service \ + "$systemduser"/dbus-broker.service \ + "$systemdsystemunitdir"/dbus.socket \ + "$systemduser"/dbus.socket \ + "$systemdsystemunitdir"/sockets.target.wants/dbus.socket \ + "$systemduser"/sockets.target.wants/dbus.socket \ + "$systemdsystemunitdir"/dbus.target.wants \ + busctl dbus-broker dbus-broker-launch + + # Adjusting dependencies for initramfs in the dbus socket unit. + # shellcheck disable=SC1004 + sed -i -e \ + '/^\[Unit\]/aDefaultDependencies=no\ + Conflicts=shutdown.target\ + Before=shutdown.target + /^\[Socket\]/aRemoveOnStop=yes' \ + "$initdir$systemdsystemunitdir/dbus.socket" + + $SYSTEMCTL -q --root "$initdir" enable dbus-broker.service + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$dbusconfdir"/session.conf \ + "$dbusconfdir"/system.conf \ + "$sysusersconfdir"/dbus.conf \ + "$systemdsystemconfdir"/dbus.socket \ + "$systemdsystemconfdir"/dbus.socket.d/*.conf \ + "$systemdsystemconfdir"/dbus-broker.service \ + "$systemdsystemconfdir"/dbus-broker.service.d/*.conf \ + "$systemdsystemconfdir"/sockets.target.wants/dbus.socket + fi + + # We need to make sure that systemd-tmpfiles-setup.service->dbus.socket + # will not wait for local-fs.target to start if swap is encrypted, + # this would make dbus wait the timeout for the swap before loading. + # This could delay sysinit services that are dependent on dbus.service. + sed -i -Ee \ + '/^After/s/(After[[:space:]]*=.*)(local-fs.target[[:space:]]*)(.*)/\1-\.mount \3/' \ + "$initdir$systemdsystemunitdir/systemd-tmpfiles-setup.service" +} diff --git a/modules.d/06dbus-daemon/module-setup.sh b/modules.d/06dbus-daemon/module-setup.sh new file mode 100755 index 0000000..8345585 --- /dev/null +++ b/modules.d/06dbus-daemon/module-setup.sh @@ -0,0 +1,96 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed + require_binaries busctl || return 1 + require_binaries dbus-daemon || return 1 + require_binaries dbus-send || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on the systemd module. + echo systemd + # Return 0 to include the dependent systemd module in the initramfs. + return 0 +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + # dbus conflicts with dbus-broker. + if dracut_module_included "dbus-broker"; then + derror "dbus conflicts with dbus-broker in the initramfs." + return 1 + fi + + # Create dbus related directories. + inst_dir "$dbus" + inst_dir "$dbusinterfaces" + inst_dir "$dbusservices" + inst_dir "$dbussession" + inst_dir "$dbussystem" + inst_dir "$dbussystemservices" + inst_dir "$dbusconfdir" + inst_dir "$dbusinterfacesconfdir" + inst_dir "$dbusservicesconfdir" + inst_dir "$dbussessionconfdir" + inst_dir "$dbussystemconfdir" + inst_dir "$dbussystemservicesconfdir" + + inst_multiple -o \ + "$dbus"/system.conf \ + "$dbussystem"/org.freedesktop.systemd1.conf \ + "$dbusservicesconfdir"/org.freedesktop.systemd1.service \ + "$dbussystemservices"/org.freedesktop.systemd1.service \ + "$systemdsystemunitdir"/dbus.service \ + "$systemdsystemunitdir"/dbus.socket \ + "$systemdsystemunitdir"/dbus.target.wants \ + busctl dbus-send dbus-daemon + + # Adjusting dependencies for initramfs in the dbus service unit. + # shellcheck disable=SC1004 + sed -i -e \ + '/^\[Unit\]/aDefaultDependencies=no\ + Conflicts=shutdown.target\ + Before=shutdown.target' \ + "$initdir$systemdsystemunitdir/dbus.service" + + # Adjusting dependencies for initramfs in the dbus socket unit. + # shellcheck disable=SC1004 + sed -i -e \ + '/^\[Unit\]/aDefaultDependencies=no\ + Conflicts=shutdown.target\ + Before=shutdown.target + /^\[Socket\]/aRemoveOnStop=yes' \ + "$initdir$systemdsystemunitdir/dbus.socket" + + # Adding the user and group for dbus + grep '^\(d\|message\)bus:' "$dracutsysrootdir"/etc/passwd >> "$initdir/etc/passwd" + grep '^\(d\|message\)bus:' "$dracutsysrootdir"/etc/group >> "$initdir/etc/group" + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + "$dbusconfdir"/system.conf \ + "$systemdsystemconfdir"/dbus.socket \ + "$systemdsystemconfdir"/dbus.socket.d/*.conf \ + "$systemdsystemconfdir"/dbus.service \ + "$systemdsystemconfdir"/dbus.service.d/*.conf + fi + + # We need to make sure that systemd-tmpfiles-setup.service->dbus.socket + # will not wait for local-fs.target to start if swap is encrypted, + # this would make dbus wait the timeout for the swap before loading. + # This could delay sysinit services that are dependent on dbus.service. + sed -i -Ee \ + '/^After/s/(After[[:space:]]*=.*)(local-fs.target[[:space:]]*)(.*)/\1-\.mount \3/' \ + "$initdir$systemdsystemunitdir/systemd-tmpfiles-setup.service" +} diff --git a/modules.d/06rngd/module-setup.sh b/modules.d/06rngd/module-setup.sh new file mode 100755 index 0000000..aec8d57 --- /dev/null +++ b/modules.d/06rngd/module-setup.sh @@ -0,0 +1,40 @@ +#!/bin/bash +# vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80: +# +# Copyright (c) 2019 Red Hat, Inc. +# Author: Renaud Métrich <rmetrich@redhat.com> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +check() { + # if there's no rngd binary, no go. + require_binaries rngd || return 1 + + return 0 +} + +depends() { + echo systemd + return 0 +} + +install() { + inst rngd + inst_simple "${moddir}/rngd.service" "${systemdsystemunitdir}/rngd.service" + # make sure dependent libs are installed too + inst_libdir_file opensc-pkcs11.so + + $SYSTEMCTL -q --root "$initdir" add-wants sysinit.target rngd.service +} diff --git a/modules.d/06rngd/rngd.service b/modules.d/06rngd/rngd.service new file mode 100644 index 0000000..dd5374d --- /dev/null +++ b/modules.d/06rngd/rngd.service @@ -0,0 +1,8 @@ +[Unit] +Description=Hardware RNG Entropy Gatherer Daemon +DefaultDependencies=no +Before=systemd-udevd.service +ConditionVirtualization=!container + +[Service] +ExecStart=/usr/sbin/rngd -f diff --git a/modules.d/09dbus/module-setup.sh b/modules.d/09dbus/module-setup.sh new file mode 100755 index 0000000..679483d --- /dev/null +++ b/modules.d/09dbus/module-setup.sh @@ -0,0 +1,31 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + # We only want to return 255 since this is a meta module. + return 255 +} + +# Module dependency requirements. +depends() { + local _module + # Add a dbus meta dependency based on the module in use. + for _module in dbus-daemon dbus-broker; do + if dracut_module_included "$_module"; then + echo "$_module" + return 0 + fi + done + + if check_module "dbus-broker"; then + echo "dbus-broker" + return 0 + else + echo "dbus-daemon" + return 0 + fi + + return 1 +} diff --git a/modules.d/10i18n/10-console.rules b/modules.d/10i18n/10-console.rules new file mode 100644 index 0000000..640b1db --- /dev/null +++ b/modules.d/10i18n/10-console.rules @@ -0,0 +1,2 @@ +# Console initialization - keyboard, font, etc. +KERNEL=="tty0", RUN+="/sbin/initqueue --onetime --unique --name console_init_$name /lib/udev/console_init $root/$name" diff --git a/modules.d/10i18n/README b/modules.d/10i18n/README new file mode 100644 index 0000000..6cbbae9 --- /dev/null +++ b/modules.d/10i18n/README @@ -0,0 +1,124 @@ +dracut i18n module +------------------ + +INDEX + +0. Introduction +1. Hostonly vs Generic +2. Configuration + 2.1. Variables + 2.2. Setting up mappings + 2.3. Additional settings +3. Kernel parameters + +~ + +0. Introduction + +i18n module provides internationalization for initramfs at runtime. It +is intended to be generic across different GNU/Linux distributions. + +i18n and keyboard settings are stored in different files among +distributions. To deal with it avoiding hardcoding those differences in +the installation script we handle it by mappings between variables used +by dracut and the ones in the system. Package maintainer is expected to +create those for his/her distribution and it's appreciated to share it +with us, so we can include it in source package. + + +1. Hostonly vs Generic + +If you invoke dracut with '-H' option, i18n module install script will +gather variables values from your configuration files using mappings +provided in "/etc/dracut.conf.d/<foo>.conf". Those variables will be +put in "etc/vconsole.conf" and "etc/locale.conf" files inside initramfs +image. Next it will install only declared font, keymaps and so. + +When building generic image (dracut without '-H' option), install script +copies all content of directories: consolefonts, consoletrans, unimaps +and keymaps to image. Take into account that's about 4 MiB. + + +2. Configuration + +2.1. Variables + +The following variables are used by i18n install script and at initramfs +runtime: + + KEYMAP - keyboard translation table loaded by loadkeys + KEYTABLE - base name for keyboard translation table; if UNICODE is + true, Unicode version will be loaded. Overrides KEYMAP. + EXT_KEYMAPS - list of extra keymaps to bo loaded (sep. by space) + UNICODE - boolean, indicating UTF-8 mode + FONT - console font + FONT_MAP - see description of '-m' parameter in setfont manual + FONT_UNIMAP - see description of '-u' parameter in setfont manual + +The following are appended to EXT_KEYMAPS only during build time: + + UNIKEYMAP + GRP_TOGGLE + +They were used in 10redhat-i18n module, but not sure of its purpose. +I'm leaving it in case... The following are taken from the environment: + + LANG + LC_ALL + +If UNICODE variable is not provided, script indicates if UTF-8 should be +used on the basis of LANG value (if it ends with ".utf8" or similar). + + +2.2. Setting up mappings + +Mappings between variables listed in 2.1. and the ones spread around +your system are set up in /etc/dracut.conf.d/<foo>.conf. You need to +assign mappings to i18n_vars. Here's an example: + +i18n_vars="/etc/conf.d/keymaps:KEYMAP,EXTENDED_KEYMAPS-EXT_KEYMAPS /etc/conf.d/consolefont:CONSOLEFONT-FONT,CONSOLETRANSLATION-FONT_MAP /etc/rc.conf:UNICODE" + +First we've got name of file in host file system tree. After colon +there's mapping: <from>-<to>. If both variables have the same name you +can enter just a single, but it's important to specify it! The module +will source only variables you've listed. + +Below there's detailed description in BNF: + +<list> ::= <element> | <element> " " <list> +<element> ::= <conf-file-name> ":" <map-list> +<map-list> ::= <mapping> | <mapping> "," <map-list> +<mapping> ::= <src-var> "-" <dst-var> | <src-var> + +We assume no whitespace are allowed between symbols. +<conf-file-name> is a file holding <src-var> in your system. +<src-var> is a variable holding value of meaning the same as <dst-var>. +<dst-var> is a variable which will be set up inside initramfs. +If <dst-var> has the same name as <src-var> we can omit <dst-var>. + +Example: +/etc/conf.d/keymaps:KEYMAP,extended_keymaps-EXT_KEYMAPS +<list> = /etc/conf.d/keymaps:KEYMAP,extended_keymaps-EXT_KEYMAPS +<element> = /etc/conf.d/keymaps:KEYMAP,extended_keymaps-EXT_KEYMAPS +<conf-file-name> = /etc/conf.d/keymaps +<map-list> = KEYMAP,extended_keymaps-EXT_KEYMAPS +<mapping> = KEYMAP +<src-var> = KEYMAP +<mapping> = extended_keymaps-EXT_KEYMAPS +<src-var> = extended_keymaps +<dst-var> = EXT_KEYMAPS + + +2.3. Additional settings + +If you encounter following error message: "Directories consolefonts, +consoletrans, keymaps, unimaps not found.", you can provide path where +those directories lie in your system by setting kbddir in configuration +file (the same where you put mappings). + + +3. Kernel parameters + +If you create generic initramfs you can set up i18n by kernel +parameters using variables listed in 2.1. (except of UNIKEYMAP +and GRP_TOGGLE) The recommended minimum is: FONT and KEYMAP. diff --git a/modules.d/10i18n/console_init.sh b/modules.d/10i18n/console_init.sh new file mode 100755 index 0000000..3ca0ac1 --- /dev/null +++ b/modules.d/10i18n/console_init.sh @@ -0,0 +1,89 @@ +#!/bin/sh + +[ -n "$DRACUT_SYSTEMD" ] && exit 0 + +if [ -x "$systemdutildir"/systemd-vconsole-setup ]; then + "$systemdutildir"/systemd-vconsole-setup "$@" +fi + +[ -e /etc/vconsole.conf ] && . /etc/vconsole.conf + +DEFAULT_FONT=eurlatgr +DEFAULT_KEYMAP=/etc/sysconfig/console/default.kmap + +set_keyboard() { + local param + + [ "${UNICODE}" = 1 ] && param=-u || param=-a + kbd_mode ${param} +} + +set_terminal() { + local dev="$1" + + if [ "${UNICODE}" = 1 ]; then + printf '\033%%G' >&7 + stty -F "${dev}" iutf8 + else + printf '\033%%@' >&7 + stty -F "${dev}" -iutf8 + fi +} + +set_keymap() { + local utf_switch + + if [ -z "${KEYMAP}" ]; then + [ -f "${DEFAULT_KEYMAP}" ] && KEYMAP=${DEFAULT_KEYMAP} + fi + + [ -n "${KEYMAP}" ] || return 1 + + [ "${UNICODE}" = 1 ] && utf_switch=-u + + # shellcheck disable=SC2086 + loadkeys -q ${utf_switch} ${KEYMAP} ${EXT_KEYMAPS} +} + +set_font() { + setfont "${FONT-${DEFAULT_FONT}}" \ + -C "${1}" \ + ${FONT_MAP:+-m "${FONT_MAP}"} \ + ${FONT_UNIMAP:+-u "${FONT_UNIMAP}"} +} + +dev_close() { + exec 6>&- + exec 7>&- +} + +dev_open() { + local dev="$1" + + exec 6< "${dev}" \ + && exec 7>> "${dev}" +} + +dev=/dev/${1#/dev/} + +[ -c "${dev}" ] || { + echo "Usage: $0 device" >&2 + exit 1 +} + +dev_open "${dev}" + +for fd in 6 7; do + if ! [ -t ${fd} ]; then + echo "ERROR: File descriptor not opened: ${fd}" >&2 + dev_close + exit 1 + fi +done + +set_keyboard +set_terminal "${dev}" +set_font "${dev}" +set_keymap + +dev_close diff --git a/modules.d/10i18n/module-setup.sh b/modules.d/10i18n/module-setup.sh new file mode 100755 index 0000000..ac45611 --- /dev/null +++ b/modules.d/10i18n/module-setup.sh @@ -0,0 +1,297 @@ +#!/bin/bash + +# called by dracut +check() { + [[ "$mount_needs" ]] && return 1 + + require_binaries setfont loadkeys kbd_mode || return 1 + + return 0 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + declare -A KEYMAPS + + if dracut_module_included "systemd"; then + unset FONT + unset KEYMAP + # shellcheck disable=SC1090 + [[ -f "$dracutsysrootdir"/etc/vconsole.conf ]] && . "$dracutsysrootdir"/etc/vconsole.conf + fi + + KBDSUBDIRS=(consolefonts consoletrans keymaps unimaps) + DEFAULT_FONT="${i18n_default_font:-eurlatgr}" + I18N_CONF="/etc/locale.conf" + VCONFIG_CONF="/etc/vconsole.conf" + + findkeymap() { + local -a MAPS + local MAPNAME + local INCLUDES + local MAP + local CMD + local FN + + if [[ -f $dracutsysrootdir$1 ]]; then + MAPS=("$1") + else + MAPNAME=${1%.map*} + + mapfile -t -d '' MAPS < <( + find "${dracutsysrootdir}${kbddir}"/keymaps/ -type f \( -name "${MAPNAME}" -o -name "${MAPNAME}.map*" \) -print0 + ) + fi + + for MAP in "${MAPS[@]}"; do + [[ -f $MAP ]] || continue + [[ -v KEYMAPS["$MAP"] ]] && continue + + KEYMAPS["$MAP"]=1 + + case "$MAP" in + *.gz) CMD="zgrep" ;; + *.bz2) CMD="bzgrep" ;; + *) CMD="grep" ;; + esac + + readarray -t INCLUDES < <("$CMD" '^include ' "$MAP" | while read -r _ a _ || [ -n "$a" ]; do echo "${a//\"/}"; done) + + for INCL in "${INCLUDES[@]}"; do + local -a FNS + mapfile -t -d '' FNS < <(find "${dracutsysrootdir}${kbddir}"/keymaps/ -type f -name "${INCL}*" -print0) + for FN in "${FNS[@]}"; do + [[ -f $FN ]] || continue + [[ -v KEYMAPS["$FN"] ]] || findkeymap "$FN" + done + done + done + } + + # Function gathers variables from distributed files among the tree, maps to + # specified names and prints the result in format "new-name=value". + # + # $@ = list in format specified below (BNF notation) + # + # <list> ::= <element> | <element> " " <list> + # <element> ::= <conf-file-name> ":" <map-list> + # <map-list> ::= <mapping> | <mapping> "," <map-list> + # <mapping> ::= <src-var> "-" <dst-var> | <src-var> + # + # We assume no whitespace are allowed between symbols. + # <conf-file-name> is a file holding <src-var> in your system. + # <src-var> is a variable holding value of meaning the same as <dst-var>. + # <dst-var> is a variable which will be set up inside initramfs. + # If <dst-var> has the same name as <src-var> we can omit <dst-var>. + # + # Example: + # /etc/conf.d/keymaps:KEYMAP,extended_keymaps-EXT_KEYMAPS + # <list> = /etc/conf.d/keymaps:KEYMAP,extended_keymaps-EXT_KEYMAPS + # <element> = /etc/conf.d/keymaps:KEYMAP,extended_keymaps-EXT_KEYMAPS + # <conf-file-name> = /etc/conf.d/keymaps + # <map-list> = KEYMAP,extended_keymaps-EXT_KEYMAPS + # <mapping> = KEYMAP + # <src-var> = KEYMAP + # <mapping> = extended_keymaps-EXT_KEYMAPS + # <src-var> = extended_keymaps + # <dst-var> = EXT_KEYMAPS + gather_vars() { + local item map value + + # FIXME: double check + # shellcheck disable=SC2068 + for item in "$@"; do + read -r -a item <<< "${item/:/ }" + for map in ${item[1]//,/ }; do + read -r -a map <<< "${map//-/ }" + if [[ -f "$dracutsysrootdir${item[0]}" ]]; then + value=$(grep "^${map[0]}=" "$dracutsysrootdir${item[0]}") + value=${value#*=} + echo "${map[1]:-${map[0]}}=${value}" + fi + unset map + done + done + } + + install_base() { + inst_multiple setfont loadkeys kbd_mode stty + + if ! dracut_module_included "systemd"; then + inst "${moddir}"/console_init.sh /lib/udev/console_init + inst_rules "${moddir}"/10-console.rules + inst_hook cmdline 20 "${moddir}/parse-i18n.sh" + fi + + if [[ ${kbddir} != "/usr/share" ]]; then + inst_dir /usr/share + for _src in "${KBDSUBDIRS[@]}"; do + [ ! -e "${initdir}/usr/share/${_src}" ] && ln -s "${kbddir}/${_src}" "${initdir}/usr/share/${_src}" + done + fi + } + + install_all_kbd() { + local _src _line + + for _src in "${KBDSUBDIRS[@]}"; do + inst_dir "${kbddir}/$_src" + $DRACUT_CP -L -t "${initdir}/${kbddir}/$_src" "${dracutsysrootdir}${kbddir}/$_src"/* + done + + # remove unnecessary files + rm -f -- "${initdir}${kbddir}/consoletrans/utflist" + find "${initdir}${kbddir}/" -name README\* -delete + find "${initdir}${kbddir}/" -name '*.gz' -print -quit \ + | while read -r _line || [ -n "$_line" ]; do + inst_multiple gzip + done + + find "${initdir}${kbddir}/" -name '*.bz2' -print -quit \ + | while read -r _line || [ -n "$_line" ]; do + inst_multiple bzip2 + done + } + + install_local_i18n() { + local map + + # shellcheck disable=SC2086 + eval "$(gather_vars ${i18n_vars})" + # shellcheck disable=SC1090 + [ -f "$dracutsysrootdir"$I18N_CONF ] && . "$dracutsysrootdir"$I18N_CONF + # shellcheck disable=SC1090 + [ -f "$dracutsysrootdir"$VCONFIG_CONF ] && . "$dracutsysrootdir"$VCONFIG_CONF + + shopt -q -s nocasematch + if [[ ${UNICODE} ]]; then + if [[ ${UNICODE} == YES || ${UNICODE} == 1 ]]; then + UNICODE=1 + elif [[ ${UNICODE} == NO || ${UNICODE} == 0 ]]; then + UNICODE=0 + else + UNICODE='' + fi + fi + if [[ ! ${UNICODE} && ${LANG} =~ .*\.UTF-?8 ]]; then + UNICODE=1 + fi + shopt -q -u nocasematch + + # Gentoo user may have KEYMAP set to something like "-u pl2", + KEYMAP=${KEYMAP#-* } + + # openSUSE user may have KEYMAP set to something like ".gz" + KEYMAP=${KEYMAP/.gz/} + + # KEYTABLE is a bit special - it defines base keymap name and UNICODE + # determines whether non-UNICODE or UNICODE version is used + + if [[ ${KEYTABLE} ]]; then + if [[ ${UNICODE} == 1 ]]; then + [[ ${KEYTABLE} =~ .*\.uni.* ]] || KEYTABLE=${KEYTABLE%.map*}.uni + fi + KEYMAP=${KEYTABLE} + fi + + # I'm not sure of the purpose of UNIKEYMAP and GRP_TOGGLE. They were in + # original redhat-i18n module. Anyway it won't hurt. + EXT_KEYMAPS+=\ ${UNIKEYMAP}\ ${GRP_TOGGLE} + + [[ ${KEYMAP} ]] || { + dinfo 'No KEYMAP configured.' + return 1 + } + + findkeymap "${KEYMAP}" + + for map in ${EXT_KEYMAPS}; do + ddebug "Adding extra map: ${map}" + findkeymap "${map}" + done + + for keymap in "${!KEYMAPS[@]}"; do + inst_opt_decompress "${keymap}" + done + + inst_opt_decompress "${kbddir}"/consolefonts/"${DEFAULT_FONT}".* + + if [[ ${FONT} ]] && [[ ${FONT} != "${DEFAULT_FONT}" ]]; then + if [[ -f "${kbddir}"/consolefonts/"${FONT}" ]]; then + inst_opt_decompress "${kbddir}"/consolefonts/"${FONT}" + else + FONT=${FONT%.psf*} + inst_opt_decompress "${kbddir}"/consolefonts/"${FONT}".* + fi + fi + + if [[ ${FONT_MAP} ]]; then + FONT_MAP=${FONT_MAP%.trans} + # There are three different formats that setfont supports + inst_simple "${kbddir}"/consoletrans/"${FONT_MAP}" \ + || inst_simple "${kbddir}"/consoletrans/"${FONT_MAP}".trans \ + || inst_simple "${kbddir}"/consoletrans/"${FONT_MAP}"_to_uni.trans \ + || dwarn "Could not find FONT_MAP ${FONT_MAP}!" + fi + + if [[ ${FONT_UNIMAP} ]]; then + FONT_UNIMAP=${FONT_UNIMAP%.uni} + inst_simple "${kbddir}"/unimaps/"${FONT_UNIMAP}".uni + fi + + if dracut_module_included "systemd" && [[ -f $dracutsysrootdir${I18N_CONF} ]]; then + inst_simple ${I18N_CONF} + else + mksubdirs "${initdir}"${I18N_CONF} + print_vars LC_ALL LANG >> "${initdir}"${I18N_CONF} + fi + + if ! dracut_module_included "systemd"; then + mksubdirs "${initdir}"${VCONFIG_CONF} + print_vars KEYMAP EXT_KEYMAPS UNICODE FONT FONT_MAP FONT_UNIMAP >> "${initdir}"${VCONFIG_CONF} + fi + + return 0 + } + + checks() { + for kbddir in ${kbddir} /usr/lib/kbd /lib/kbd /usr/share /usr/share/kbd; do + if [[ -d "$dracutsysrootdir${kbddir}" ]]; then + for dir in "${KBDSUBDIRS[@]}"; do + [[ -d "$dracutsysrootdir${kbddir}/${dir}" ]] && continue + false + done && break + fi + kbddir='' + done + + [[ "$kbddir" ]] || return 1 + + [[ -f $dracutsysrootdir$I18N_CONF && -f $dracutsysrootdir$VCONFIG_CONF ]] \ + || [[ ! ${hostonly} || ${i18n_vars} ]] || { + derror 'i18n_vars not set! Please set up i18n_vars in ' \ + 'configuration file.' + } + return 0 + } + + if checks; then + install_base + + # https://github.com/dracutdevs/dracut/issues/796 + if dracut_module_included "systemd" && [[ -f $dracutsysrootdir${VCONFIG_CONF} ]]; then + inst_simple ${VCONFIG_CONF} + fi + + if [[ ${hostonly} ]] && ! [[ ${i18n_install_all} == "yes" ]]; then + install_local_i18n || install_all_kbd + else + install_all_kbd + fi + fi +} diff --git a/modules.d/10i18n/parse-i18n.sh b/modules.d/10i18n/parse-i18n.sh new file mode 100755 index 0000000..2deb2c4 --- /dev/null +++ b/modules.d/10i18n/parse-i18n.sh @@ -0,0 +1,36 @@ +#!/bin/sh + +inst_key_val() { + local _value + local _file + local _default + _file="$1" + shift + _key="$1" + shift + _default="$1" + shift + _value="$(getarg "$@")" + [ -z "${_value}" ] && _value=$_default + if [ -n "${_value}" ]; then + printf -- '%s="%s"\n' "${_key}" "${_value}" >> "$_file" + fi + unset _file + unset _value +} + +inst_key_val /etc/vconsole.conf KEYMAP '' rd.vconsole.keymap KEYMAP -d KEYTABLE +inst_key_val /etc/vconsole.conf FONT '' rd.vconsole.font FONT -d SYSFONT +inst_key_val /etc/vconsole.conf FONT_MAP '' rd.vconsole.font.map FONT_MAP -d CONTRANS +inst_key_val /etc/vconsole.conf FONT_UNIMAP '' rd.vconsole.font.unimap FONT_UNIMAP -d UNIMAP +inst_key_val /etc/vconsole.conf UNICODE 1 rd.vconsole.font.unicode UNICODE vconsole.unicode +inst_key_val /etc/vconsole.conf EXT_KEYMAP '' rd.vconsole.keymap.ext EXT_KEYMAP + +inst_key_val /etc/locale.conf LANG '' rd.locale.LANG LANG +inst_key_val /etc/locale.conf LC_ALL '' rd.locale.LC_ALL LC_ALL + +if [ -f /etc/locale.conf ]; then + . /etc/locale.conf + export LANG + export LC_ALL +fi diff --git a/modules.d/30convertfs/convertfs.sh b/modules.d/30convertfs/convertfs.sh new file mode 100755 index 0000000..58fa56d --- /dev/null +++ b/modules.d/30convertfs/convertfs.sh @@ -0,0 +1,193 @@ +#!/bin/bash + +type ismounted > /dev/null 2>&1 || . /lib/dracut-lib.sh + +ROOT="$1" + +if [[ ! -d $ROOT ]]; then + echo "Usage: $0 <rootdir>" + exit 1 +fi + +if [[ $ROOT -ef / ]]; then + echo "Can't convert the running system." + echo "Please boot with 'rd.convertfs' on the kernel command line," + echo "to update with the help of the initramfs," + echo "or run this script from a rescue system." + exit 1 +fi + +while [[ $ROOT != "${ROOT%/}" ]]; do + ROOT=${ROOT%/} +done + +if [ ! -L "$ROOT"/var/run -a -e "$ROOT"/var/run ]; then + echo "Converting /var/run to symlink" + mv -f "$ROOT"/var/run "$ROOT"/var/run.runmove~ + ln -sfn ../run "$ROOT"/var/run +fi + +if [ ! -L "$ROOT"/var/lock -a -e "$ROOT"/var/lock ]; then + echo "Converting /var/lock to symlink" + mv -f "$ROOT"/var/lock "$ROOT"/var/lock.lockmove~ + ln -sfn ../run/lock "$ROOT"/var/lock +fi + +needconvert() { + for dir in "$ROOT/bin" "$ROOT/sbin" "$ROOT/lib" "$ROOT/lib64"; do + if [[ -e $dir ]]; then + [[ -L $dir ]] || return 0 + fi + done + return 1 +} + +if ! [ -e "$ROOT/usr/bin" ]; then + echo "$ROOT/usr/bin does not exist!" + echo "Make sure, the kernel command line has enough information" + echo "to mount /usr (man dracut.cmdline)" + exit 1 +fi + +if ! needconvert; then + echo "Your system is already converted." + exit 0 +fi + +testfile="$ROOT/.usrmovecheck$$" +rm -f -- "$testfile" +: > "$testfile" +if [[ ! -e $testfile ]]; then + echo "Cannot write to $ROOT/" + exit 1 +fi +rm -f -- "$testfile" + +testfile="$ROOT/usr/.usrmovecheck$$" +rm -f -- "$testfile" +: > "$testfile" +if [[ ! -e $testfile ]]; then + echo "Cannot write to $ROOT/usr/" + exit 1 +fi +rm -f -- "$testfile" + +find_mount() { + local dev wanted_dev + wanted_dev="$(readlink -e -q "$1")" + while read -r dev _ || [ -n "$dev" ]; do + [ "$dev" = "$wanted_dev" ] && echo "$dev" && return 0 + done < /proc/mounts + return 1 +} + +# clean up after ourselves no matter how we die. +cleanup() { + echo "Something failed. Move back to the original state" + for dir in "$ROOT/bin" "$ROOT/sbin" "$ROOT/lib" "$ROOT/lib64" \ + "$ROOT/usr/bin" "$ROOT/usr/sbin" "$ROOT/usr/lib" \ + "$ROOT/usr/lib64"; do + [[ -d "${dir}.usrmove-new" ]] && rm -fr -- "${dir}.usrmove-new" + if [[ -d "${dir}.usrmove-old" ]]; then + mv "$dir" "${dir}.del~" + mv "${dir}.usrmove-old" "$dir" + rm -fr -- "${dir}.del~" + fi + done +} + +trap 'ret=$?; [[ $ret -ne 0 ]] && cleanup;exit $ret;' EXIT +trap 'exit 1;' SIGINT + +ismounted "$ROOT/usr" || CP_HARDLINK="-l" + +set -e + +# merge / and /usr in new dir in /usr +for dir in bin sbin lib lib64; do + rm -rf -- "$ROOT/usr/${dir}.usrmove-new" + [[ -L "$ROOT/$dir" ]] && continue + [[ -d "$ROOT/$dir" ]] || continue + echo "Make a copy of \`$ROOT/usr/$dir'." + [[ -d "$ROOT/usr/$dir" ]] \ + && cp -ax -l "$ROOT/usr/$dir" "$ROOT/usr/${dir}.usrmove-new" + echo "Merge the copy with \`$ROOT/$dir'." + [[ -d "$ROOT/usr/${dir}.usrmove-new" ]] \ + || mkdir -p "$ROOT/usr/${dir}.usrmove-new" + cp -axT $CP_HARDLINK --backup --suffix=.usrmove~ "$ROOT/$dir" "$ROOT/usr/${dir}.usrmove-new" + echo "Clean up duplicates in \`$ROOT/usr/$dir'." + # delete all symlinks that have been backed up + find "$ROOT/usr/${dir}.usrmove-new" -type l -name '*.usrmove~' -delete || : + # replace symlink with backed up binary + # shellcheck disable=SC2156 + find "$ROOT/usr/${dir}.usrmove-new" \ + -name '*.usrmove~' \ + -type f \ + -exec bash -c 'p="{}";o=${p%%%%.usrmove~}; + [[ -L "$o" ]] && mv -f "$p" "$o"' ';' || : +done +# switch over merged dirs in /usr +for dir in bin sbin lib lib64; do + [[ -d "$ROOT/usr/${dir}.usrmove-new" ]] || continue + echo "Switch to new \`$ROOT/usr/$dir'." + rm -fr -- "$ROOT/usr/${dir}.usrmove-old" + mv "$ROOT/usr/$dir" "$ROOT/usr/${dir}.usrmove-old" + mv "$ROOT/usr/${dir}.usrmove-new" "$ROOT/usr/$dir" +done + +# replace dirs in / with links to /usr +for dir in bin sbin lib lib64; do + [[ -L "$ROOT/$dir" ]] && continue + [[ -d "$ROOT/$dir" ]] || continue + echo "Create \`$ROOT/$dir' symlink." + rm -fr -- "$ROOT/${dir}.usrmove-old" || : + mv "$ROOT/$dir" "$ROOT/${dir}.usrmove-old" + ln -sfn usr/$dir "$ROOT/$dir" +done + +echo "Clean up backup files." +# everything seems to work; cleanup +for dir in bin sbin lib lib64; do + # if we get killed in the middle of "rm -rf", ensure not to leave + # an incomplete directory, which is moved back by cleanup() + [[ -d "$ROOT/usr/${dir}.usrmove-old" ]] \ + && mv "$ROOT/usr/${dir}.usrmove-old" "$ROOT/usr/${dir}.usrmove-old~" + [[ -d "$ROOT/${dir}.usrmove-old" ]] \ + && mv "$ROOT/${dir}.usrmove-old" "$ROOT/${dir}.usrmove-old~" +done + +for dir in bin sbin lib lib64; do + if [[ -d "$ROOT/usr/${dir}.usrmove-old~" ]]; then + rm -rf -- "$ROOT/usr/${dir}.usrmove-old~" + fi + + if [[ -d "$ROOT/${dir}.usrmove-old~" ]]; then + rm -rf -- "$ROOT/${dir}.usrmove-old~" + fi +done + +for dir in lib lib64; do + [[ -d "$ROOT/$dir" ]] || continue + for lib in "$ROOT"/usr/"${dir}"/lib*.so*.usrmove~; do + [[ -f $lib ]] || continue + mv "$lib" "${lib/.so/_so}" + done +done + +set +e + +echo "Run ldconfig." +ldconfig -r "$ROOT" + +if [[ -f "$ROOT"/etc/selinux/config ]]; then + # shellcheck disable=SC1090 + . "$ROOT"/etc/selinux/config +fi + +if [ -n "$(command -v setfiles)" ] && [ "$SELINUX" != "disabled" ] && [ -f /etc/selinux/"${SELINUXTYPE}"/contexts/files/file_contexts ]; then + echo "Fixing SELinux labels" + setfiles -r "$ROOT" -p /etc/selinux/"${SELINUXTYPE}"/contexts/files/file_contexts "$ROOT"/sbin "$ROOT"/bin "$ROOT"/lib "$ROOT"/lib64 "$ROOT"/usr/lib "$ROOT"/usr/lib64 "$ROOT"/etc/ld.so.cache "$ROOT"/var/cache/ldconfig || : +fi + +echo "Done." +exit 0 diff --git a/modules.d/30convertfs/do-convertfs.sh b/modules.d/30convertfs/do-convertfs.sh new file mode 100755 index 0000000..6ce31cb --- /dev/null +++ b/modules.d/30convertfs/do-convertfs.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +if getargbool 0 rd.convertfs; then + if getargbool 0 rd.debug; then + bash -x convertfs "$NEWROOT" 2>&1 | vinfo + else + convertfs "$NEWROOT" 2>&1 | vinfo + fi +fi diff --git a/modules.d/30convertfs/module-setup.sh b/modules.d/30convertfs/module-setup.sh new file mode 100755 index 0000000..68fb78f --- /dev/null +++ b/modules.d/30convertfs/module-setup.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +# called by dracut +check() { + [[ $mount_needs ]] && return 1 + return 255 +} + +# called by dracut +depends() { + echo base bash +} + +# called by dracut +install() { + inst_multiple bash find ldconfig mv rm cp ln + inst_hook pre-pivot 99 "$moddir/do-convertfs.sh" + inst_script "$moddir/convertfs.sh" /usr/bin/convertfs +} diff --git a/modules.d/35connman/cm-config.sh b/modules.d/35connman/cm-config.sh new file mode 100755 index 0000000..6ae754a --- /dev/null +++ b/modules.d/35connman/cm-config.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +type cm_generate_connections > /dev/null 2>&1 || . /lib/cm-lib.sh + +if [ -n "$netroot" ] || [ -e /tmp/net.ifaces ]; then + echo rd.neednet >> /etc/cmdline.d/connman.conf +fi + +if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then + if [ -n "$DRACUT_SYSTEMD" ]; then + # Enable tty output if a usable console is found + # shellcheck disable=SC2217 + if [ -w /dev/console ] && (echo < /dev/console) > /dev/null 2> /dev/null; then + mkdir -p /run/systemd/system/cm-initrd.service.d + cat << EOF > /run/systemd/system/cm-initrd.service.d/tty-output.conf +[Service] +StandardOutput=tty +EOF + systemctl --no-block daemon-reload + fi + fi +fi + +cm_generate_connections diff --git a/modules.d/35connman/cm-initrd.service b/modules.d/35connman/cm-initrd.service new file mode 100644 index 0000000..cecb408 --- /dev/null +++ b/modules.d/35connman/cm-initrd.service @@ -0,0 +1,24 @@ +[Unit] +DefaultDependencies=no +Wants=systemd-udev-trigger.service +After=systemd-udev-trigger.service +After=dracut-cmdline.service +Wants=network.target +Before=network.target +RequiresMountsFor=/var/lib/connman +After=dbus.service +ConditionPathExists=/run/connman/initrd/neednet + +[Service] +Type=dbus +BusName=net.connman +Restart=on-failure +ExecStart=/usr/sbin/connmand -n +StandardOutput=null +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_ADMIN +ProtectHome=true +ProtectSystem=full + +[Install] +WantedBy=initrd.target +Also=cm-wait-online-initrd.service diff --git a/modules.d/35connman/cm-lib.sh b/modules.d/35connman/cm-lib.sh new file mode 100755 index 0000000..69c4fa2 --- /dev/null +++ b/modules.d/35connman/cm-lib.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +type getcmdline > /dev/null 2>&1 || . /lib/dracut-lib.sh + +cm_generate_connections() { + if getargbool 0 rd.neednet; then + mkdir -p "$hookdir"/initqueue/finished + echo '[ -f /tmp/cm.done ]' > "$hookdir"/initqueue/finished/cm.sh + mkdir -p /run/connman/initrd + : > /run/connman/initrd/neednet # activate ConnMan services + fi +} diff --git a/modules.d/35connman/cm-run.sh b/modules.d/35connman/cm-run.sh new file mode 100755 index 0000000..a9dcf05 --- /dev/null +++ b/modules.d/35connman/cm-run.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +type source_hook > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if [ -e /tmp/cm.done ]; then + return +fi + +while read -r _serv; do + ifname=$(connmanctl services "$_serv" | grep Interface= | sed 's/^.*Interface=\([^,]*\).*$/\1/') + source_hook initqueue/online "$ifname" + /sbin/netroot "$ifname" +done < <(connmanctl services | grep -oE '[^ ]+$') + +: > /tmp/cm.done diff --git a/modules.d/35connman/cm-wait-online-initrd.service b/modules.d/35connman/cm-wait-online-initrd.service new file mode 100644 index 0000000..08e6941 --- /dev/null +++ b/modules.d/35connman/cm-wait-online-initrd.service @@ -0,0 +1,16 @@ +[Unit] +DefaultDependencies=no +Requires=cm-initrd.service +After=cm-initrd.service +Before=network-online.target +Before=dracut-initqueue.service +ConditionPathExists=/run/connman/initrd/neednet + +[Service] +Type=oneshot +ExecStart=/usr/sbin/connmand-wait-online +RemainAfterExit=yes + +[Install] +WantedBy=initrd.target +WantedBy=network-online.target diff --git a/modules.d/35connman/module-setup.sh b/modules.d/35connman/module-setup.sh new file mode 100755 index 0000000..6502d30 --- /dev/null +++ b/modules.d/35connman/module-setup.sh @@ -0,0 +1,47 @@ +#!/bin/bash + +# called by dracut +check() { + require_binaries sed grep connmand connmanctl connmand-wait-online || return 1 + + # do not add this module by default + return 255 +} + +# called by dracut +depends() { + echo dbus systemd bash + return 0 +} + +# called by dracut +installkernel() { + return 0 +} + +# called by dracut +install() { + # We don't need `ip` but having it is *really* useful for people debugging + # in an emergency shell. + inst_multiple ip sed grep + + inst_script "$moddir/netroot.sh" "/sbin/netroot" + inst connmand + inst connmanctl + inst connmand-wait-online + inst "$dbussystem"/connman.conf + [[ $hostonly ]] && [[ -f $dracutsysrootdir/etc/connman/main.conf ]] && inst /etc/connman/main.conf + inst_dir /usr/lib/connman/plugins + inst_dir /var/lib/connman + + inst_hook cmdline 99 "$moddir/cm-config.sh" + + inst_simple "$moddir"/cm-initrd.service "$systemdsystemunitdir"/cm-initrd.service + inst_simple "$moddir"/cm-wait-online-initrd.service "$systemdsystemunitdir"/cm-wait-online-initrd.service + + $SYSTEMCTL -q --root "$initdir" enable cm-initrd.service + + inst_hook initqueue/settled 99 "$moddir/cm-run.sh" + + inst_simple "$moddir/cm-lib.sh" "/lib/cm-lib.sh" +} diff --git a/modules.d/35connman/netroot.sh b/modules.d/35connman/netroot.sh new file mode 100755 index 0000000..8f97774 --- /dev/null +++ b/modules.d/35connman/netroot.sh @@ -0,0 +1,92 @@ +#!/bin/sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v getarg > /dev/null || . /lib/dracut-lib.sh +command -v setup_net > /dev/null || . /lib/net-lib.sh + +# Huh? Empty $1? +[ -z "$1" ] && exit 1 + +# [ ! -z $2 ] means this is for manually bringing up network +# instead of real netroot; If It's called without $2, then there's +# no sense in doing something if no (net)root info is available +# or root is already there +[ -d "$NEWROOT"/proc ] && exit 0 + +if [ -z "$netroot" ]; then + netroot=$(getarg netroot=) +fi + +[ -z "$netroot" ] && exit 1 + +# Set or override primary interface +netif=$1 +[ -e "/tmp/net.bootdev" ] && read -r netif < /tmp/net.bootdev + +case "$netif" in + ??:??:??:??:??:??) # MAC address + for i in /sys/class/net/*/address; do + read -r mac < "$i" + if [ "$mac" = "$netif" ]; then + i=${i%/address} + netif=${i##*/} + break + fi + done ;; +esac + +# Figure out the handler for root=dhcp by recalling all netroot cmdline +# handlers when this is not called from manually network bringing up. +if [ -z "$2" ]; then + if getarg "root=dhcp" || getarg "netroot=dhcp" || getarg "root=dhcp6" || getarg "netroot=dhcp6"; then + # Load dhcp options + # shellcheck disable=SC1090 + [ -e /tmp/dhclient."$netif".dhcpopts ] && . /tmp/dhclient."$netif".dhcpopts + + # If we have a specific bootdev with no dhcpoptions or empty root-path, + # we die. Otherwise we just warn + if [ -z "$new_root_path" ]; then + [ -n "$BOOTDEV" ] && die "No dhcp root-path received for '$BOOTDEV'" + warn "No dhcp root-path received for '$netif' trying other interfaces if available" + exit 1 + fi + + rm -f -- "$hookdir"/initqueue/finished/dhcp.sh + + # Set netroot to new_root_path, so cmdline parsers don't call + netroot=$new_root_path + + # FIXME! + unset rootok + for f in "$hookdir"/cmdline/90*.sh; do + # shellcheck disable=SC1090 + [ -f "$f" ] && . "$f" + done + else + rootok="1" + fi + + # Check: do we really know how to handle (net)root? + if [ -z "$root" ]; then + root=$(getarg root=) + fi + [ -z "$root" ] && die "No or empty root= argument" + [ -z "$rootok" ] && die "Don't know how to handle 'root=$root'" + + handler=${netroot%%:*} + handler=${handler%%4} + handler=$(command -v "${handler}"root) + if [ -z "$netroot" ] || [ ! -e "$handler" ]; then + die "No handler for netroot type '$netroot'" + fi +fi + +# Source netroot hooks before we start the handler +source_hook netroot "$netif" + +# Run the handler; don't store the root, it may change from device to device +# XXX other variables to export? +[ -n "$handler" ] && "$handler" "$netif" "$netroot" "$NEWROOT" +save_netinfo "$netif" + +exit 0 diff --git a/modules.d/35network-legacy/dhclient-script.sh b/modules.d/35network-legacy/dhclient-script.sh new file mode 100755 index 0000000..b3e5e75 --- /dev/null +++ b/modules.d/35network-legacy/dhclient-script.sh @@ -0,0 +1,275 @@ +#!/bin/sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +type ip_to_var > /dev/null 2>&1 || . /lib/net-lib.sh + +# We already need a set netif here +netif=$interface + +setup_interface() { + ip=$new_ip_address + mtu=$new_interface_mtu + mask=$new_subnet_mask + bcast=$new_broadcast_address + gw=${new_routers%%,*} + domain=$new_domain_name + # get rid of control chars + search=$(printf -- "%s" "$new_domain_search" | tr -d '[:cntrl:]') + namesrv=$new_domain_name_servers + hostname=$new_host_name + [ -n "$new_dhcp_lease_time" ] && lease_time=$new_dhcp_lease_time + [ -n "$new_max_life" ] && lease_time=$new_max_life + preferred_lft=$lease_time + [ -n "$new_preferred_life" ] && preferred_lft=$new_preferred_life + + # shellcheck disable=SC1090 + [ -f /tmp/net."$netif".override ] && . /tmp/net."$netif".override + + # Taken from debian dhclient-script: + # The 576 MTU is only used for X.25 and dialup connections + # where the admin wants low latency. Such a low MTU can cause + # problems with UDP traffic, among other things. As such, + # disallow MTUs from 576 and below by default, so that broken + # MTUs are ignored, but higher stuff is allowed (1492, 1500, etc). + if [ -n "$mtu" ] && [ "$mtu" -gt 576 ]; then + if ! ip link set "$netif" mtu "$mtu"; then + ip link set "$netif" down + ip link set "$netif" mtu "$mtu" + linkup "$netif" + fi + fi + + ip addr add "$ip"${mask:+/$mask} ${bcast:+broadcast $bcast} dev "$netif" \ + ${lease_time:+valid_lft $lease_time} \ + ${preferred_lft:+preferred_lft ${preferred_lft}} + + if [ -n "$gw" ]; then + if [ "$mask" = "255.255.255.255" ]; then + # point-to-point connection => set explicit route to gateway + echo ip route add "$gw" dev "$netif" > /tmp/net."$netif".gw + fi + + echo "$gw" | { + IFS=' ' read -r main_gw other_gw + echo ip route replace default via "$main_gw" dev "$netif" >> /tmp/net."$netif".gw + if [ -n "$other_gw" ]; then + for g in $other_gw; do + echo ip route add default via "$g" dev "$netif" >> /tmp/net."$netif".gw + done + fi + } + fi + + if getargbool 1 rd.peerdns; then + [ -n "${search}${domain}" ] && echo "search $search $domain" > /tmp/net."$netif".resolv.conf + if [ -n "$namesrv" ]; then + for s in $namesrv; do + echo nameserver "$s" + done + fi >> /tmp/net."$netif".resolv.conf + fi + # Note: hostname can be fqdn OR short hostname, so chop off any + # trailing domain name and explicitly add any domain if set. + [ -n "$hostname" ] && echo "echo ${hostname%."$domain"}${domain:+.$domain} > /proc/sys/kernel/hostname" > /tmp/net."$netif".hostname +} + +setup_interface6() { + domain=$new_domain_name + # get rid of control chars + search=$(printf -- "%s" "$new_dhcp6_domain_search" | tr -d '[:cntrl:]') + namesrv=$new_dhcp6_name_servers + hostname=$new_host_name + [ -n "$new_dhcp_lease_time" ] && lease_time=$new_dhcp_lease_time + [ -n "$new_max_life" ] && lease_time=$new_max_life + preferred_lft=$lease_time + [ -n "$new_preferred_life" ] && preferred_lft=$new_preferred_life + + # shellcheck disable=SC1090 + [ -f /tmp/net."$netif".override ] && . /tmp/net."$netif".override + + ip -6 addr add "${new_ip6_address}"/"${new_ip6_prefixlen}" \ + dev "${netif}" scope global \ + ${lease_time:+valid_lft $lease_time} \ + ${preferred_lft:+preferred_lft ${preferred_lft}} + + if getargbool 1 rd.peerdns; then + [ -n "${search}${domain}" ] && echo "search $search $domain" > /tmp/net."$netif".resolv.conf + if [ -n "$namesrv" ]; then + for s in $namesrv; do + echo nameserver "$s" + done + fi >> /tmp/net."$netif".resolv.conf + fi + + # Note: hostname can be fqdn OR short hostname, so chop off any + # trailing domain name and explicitly add any domain if set. + [ -n "$hostname" ] && echo "echo ${hostname%."$domain"}${domain:+.$domain} > /proc/sys/kernel/hostname" > /tmp/net."$netif".hostname +} + +parse_option_121() { + while [ $# -ne 0 ]; do + mask="$1" + shift + + # Is the destination a multicast group? + if [ "$1" -ge 224 -a "$1" -lt 240 ]; then + multicast=1 + else + multicast=0 + fi + + # Parse the arguments into a CIDR net/mask string + if [ "$mask" -gt 24 ]; then + destination="$1.$2.$3.$4/$mask" + shift + shift + shift + shift + elif [ "$mask" -gt 16 ]; then + destination="$1.$2.$3.0/$mask" + shift + shift + shift + elif [ "$mask" -gt 8 ]; then + destination="$1.$2.0.0/$mask" + shift + shift + elif [ "$mask" -gt 0 ]; then + destination="$1.0.0.0/$mask" + shift + else + destination="0.0.0.0/$mask" + fi + + # Read the gateway + gateway="$1.$2.$3.$4" + shift + shift + shift + shift + + # Multicast routing on Linux + # - If you set a next-hop address for a multicast group, this breaks with Cisco switches + # - If you simply leave it link-local and attach it to an interface, it works fine. + if [ $multicast -eq 1 -o "$gateway" = "0.0.0.0" ]; then + temp_result="$destination dev $interface" + else + temp_result="$destination via $gateway dev $interface" + fi + + echo "/sbin/ip route replace $temp_result" + done +} + +case $reason in + PREINIT) + echo "dhcp: PREINIT $netif up" + linkup "$netif" + ;; + + PREINIT6) + echo "dhcp: PREINIT6 $netif up" + linkup "$netif" + wait_for_ipv6_dad_link "$netif" + ;; + + BOUND) + echo "dhcp: BOUND setting up $netif" + unset layer2 + if [ -f /sys/class/net/"$netif"/device/layer2 ]; then + read -r layer2 < /sys/class/net/"$netif"/device/layer2 + fi + if [ "$layer2" != "0" ]; then + if command -v arping2 > /dev/null; then + if arping2 -q -C 1 -c 2 -I "$netif" -0 "$new_ip_address"; then + warn "Duplicate address detected for $new_ip_address while doing dhcp. retrying" + exit 1 + fi + else + if ! arping -f -q -D -c 2 -I "$netif" "$new_ip_address"; then + warn "Duplicate address detected for $new_ip_address while doing dhcp. retrying" + exit 1 + fi + fi + fi + unset layer2 + setup_interface + set | while read -r line || [ -n "$line" ]; do + [ "${line#new_}" = "$line" ] && continue + echo "$line" + done > /tmp/dhclient."$netif".dhcpopts + + { + echo '. /lib/net-lib.sh' + echo "setup_net $netif" + if [ -n "$new_classless_static_routes" ]; then + OLDIFS="$IFS" + IFS=".$IFS" + parse_option_121 "$new_classless_static_routes" + IFS="$OLDIFS" + fi + echo "source_hook initqueue/online $netif" + [ -e /tmp/net."$netif".manualup ] || echo "/sbin/netroot $netif" + echo "rm -f -- $hookdir/initqueue/setup_net_$netif.sh" + } > "$hookdir"/initqueue/setup_net_"$netif".sh + + echo "[ -f /tmp/net.$netif.did-setup ]" > "$hookdir"/initqueue/finished/dhclient-"$netif".sh + : > /tmp/net."$netif".up + if [ -e /sys/class/net/"${netif}"/address ]; then + : > "/tmp/net.$(cat /sys/class/net/"${netif}"/address).up" + fi + + ;; + + RENEW | REBIND) + unset lease_time + [ -n "$new_dhcp_lease_time" ] && lease_time=$new_dhcp_lease_time + [ -n "$new_max_life" ] && lease_time=$new_max_life + preferred_lft=$lease_time + [ -n "$new_preferred_life" ] && preferred_lft=$new_preferred_life + ip -4 addr change "${new_ip_address}"/"${new_subnet_mask}" broadcast "${new_broadcast_address}" dev "${interface}" \ + ${lease_time:+valid_lft $lease_time} ${preferred_lft:+preferred_lft ${preferred_lft}} \ + > /dev/null 2>&1 + ;; + + BOUND6) + echo "dhcp: BOUND6 setting up $netif" + setup_interface6 + + set | while read -r line || [ -n "$line" ]; do + [ "${line#new_}" = "$line" ] && continue + echo "$line" + done > /tmp/dhclient."$netif".dhcpopts + + { + echo '. /lib/net-lib.sh' + echo "setup_net $netif" + echo "source_hook initqueue/online $netif" + [ -e /tmp/net."$netif".manualup ] || echo "/sbin/netroot $netif" + echo "rm -f -- $hookdir/initqueue/setup_net_$netif.sh" + } > "$hookdir"/initqueue/setup_net_"$netif".sh + + echo "[ -f /tmp/net.$netif.did-setup ]" > "$hookdir"/initqueue/finished/dhclient-"$netif".sh + : > /tmp/net."$netif".up + if [ -e /sys/class/net/"${netif}"/address ]; then + : > "/tmp/net.$(cat /sys/class/net/"${netif}"/address).up" + fi + ;; + + RENEW6 | REBIND6) + unset lease_time + [ -n "$new_dhcp_lease_time" ] && lease_time=$new_dhcp_lease_time + [ -n "$new_max_life" ] && lease_time=$new_max_life + preferred_lft=$lease_time + [ -n "$new_preferred_life" ] && preferred_lft=$new_preferred_life + ip -6 addr change "${new_ip6_address}"/"${new_ip6_prefixlen}" dev "${interface}" scope global \ + ${lease_time:+valid_lft $lease_time} ${preferred_lft:+preferred_lft ${preferred_lft}} \ + > /dev/null 2>&1 + ;; + + *) echo "dhcp: $reason" ;; +esac + +exit 0 diff --git a/modules.d/35network-legacy/dhclient.conf b/modules.d/35network-legacy/dhclient.conf new file mode 100644 index 0000000..ffd24ef --- /dev/null +++ b/modules.d/35network-legacy/dhclient.conf @@ -0,0 +1,11 @@ + +option classless-static-routes code 121 = array of unsigned integer 8; + +send dhcp-client-identifier = hardware; + +request subnet-mask, broadcast-address, time-offset, routers, + domain-name, domain-name-servers, domain-search, host-name, + root-path, interface-mtu, classless-static-routes, + netbios-name-servers, netbios-scope, ntp-servers, + dhcp6.domain-search, dhcp6.fqdn, + dhcp6.name-servers, dhcp6.sntp-servers; diff --git a/modules.d/35network-legacy/dhcp-multi.sh b/modules.d/35network-legacy/dhcp-multi.sh new file mode 100755 index 0000000..60e0374 --- /dev/null +++ b/modules.d/35network-legacy/dhcp-multi.sh @@ -0,0 +1,133 @@ +#!/bin/sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh +# +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +# File to start dhclient requests on different interfaces in parallel + +. /lib/dracut-lib.sh +. /lib/net-lib.sh + +netif=$1 +do_vlan=$2 +arg=$3 + +# Run dhclient in parallel +do_dhclient() { + local _COUNT=0 + local _timeout + local _DHCPRETRY + _timeout=$(getarg rd.net.timeout.dhcp=) + _DHCPRETRY=$(getargnum 1 1 1000000000 rd.net.dhcp.retry=) + + if [ -n "$_timeout" ]; then + if ! (dhclient --help 2>&1 | grep -q -F -- '--timeout' 2> /dev/null); then + warn "rd.net.timeout.dhcp has no effect because dhclient does not implement the --timeout option" + unset _timeout + fi + fi + + while [ $_COUNT -lt "$_DHCPRETRY" ]; do + info "Starting dhcp for interface $netif" + dhclient "$arg" \ + ${_timeout:+--timeout "$_timeout"} \ + -q \ + -1 \ + -cf /etc/dhclient.conf \ + -pf /tmp/dhclient."$netif".pid \ + -lf /tmp/dhclient."$netif".lease \ + "$netif" & + wait $! 2> /dev/null + + # wait will return the return value of dhclient + retv=$? + + # dhclient and hence wait returned success, 0. + if [ $retv -eq 0 ]; then + return 0 + fi + + # If dhclient exited before wait was called, or it was killed by + # another thread for interface whose DHCP succeeded, then it will not + # find the process with that pid and return error code 127. In that + # case we need to check if /tmp/dhclient.$netif.lease exists. If it + # does, it means dhclient finished executing before wait was called, + # and it was successful (return 0). If /tmp/dhclient.$netif.lease + # does not exist, then it means dhclient was killed by another thread + # or it finished execution but failed dhcp on that interface. + + if [ $retv -eq 127 ]; then + read -r pid < /tmp/dhclient."$netif".pid + info "PID $pid was not found by wait for $netif" + if [ -e /tmp/dhclient."$netif".lease ]; then + info "PID $pid not found but DHCP successful on $netif" + return 0 + fi + fi + + _COUNT=$((_COUNT + 1)) + [ $_COUNT -lt "$_DHCPRETRY" ] && sleep 1 + done + warn "dhcp for interface $netif failed" + # nuke those files since we failed; we might retry dhcp again if it's e.g. + # `ip=dhcp,dhcp6` and we check for the PID file earlier + rm -f /tmp/dhclient."$netif".pid /tmp/dhclient."$netif".lease + return 1 +} + +do_dhclient +ret=$? + +# setup nameserver +for s in "$dns1" "$dns2" $(getargs nameserver); do + [ -n "$s" ] || continue + echo nameserver "$s" >> /tmp/net."$netif".resolv.conf +done + +if [ $ret -eq 0 ]; then + : > /tmp/net."${netif}".up + + if [ -z "$do_vlan" ] && [ -e /sys/class/net/"${netif}"/address ]; then + : > "/tmp/net.$(cat /sys/class/net/"${netif}"/address).up" + fi + + # Check if DHCP also succeeded on another interface before this one. + # We will always use the first one on which DHCP succeeded, by using + # a common file $IFNETFILE, to synchronize between threads. + # Consider the race condition in which multiple threads + # corresponding to different interfaces may try to read $IFNETFILE + # and find it does not exist; they may all end up thinking they are the + # first to succeed (hence more than one thread may end up writing to + # $IFNETFILE). To take care of this, instead of checking if $IFNETFILE + # exists to determine if we are the first, we create a symbolic link + # in $IFNETFILE, pointing to the interface name ($netif), thus storing + # the interface name in the link pointer. + # Creating a link will fail, if the link already exists, hence kernel + # will take care of allowing only first thread to create link, which + # takes care of the race condition for us. Subsequent threads will fail. + # Also, the link points to the interface name, which will tell us which + # interface succeeded. + + if ln -s "$netif" "$IFNETFILE" 2> /dev/null; then + intf=$(readlink "$IFNETFILE") + if [ -e /tmp/dhclient."$intf".lease ]; then + info "DHCP successful on interface $intf" + # Kill all existing dhclient calls for other interfaces, since we + # already got one successful interface + + read -r npid < /tmp/dhclient."$netif".pid + pidlist=$(pgrep dhclient) + for pid in $pidlist; do + [ "$pid" -eq "$npid" ] && continue + kill -9 "$pid" > /dev/null 2>&1 + done + else + echo "ERROR! $IFNETFILE exists but /tmp/dhclient.$intf.lease does not exist!!!" + fi + else + info "DHCP success on $netif, and also on $intf" + exit 0 + fi + exit $ret +fi diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh new file mode 100755 index 0000000..3b54b6c --- /dev/null +++ b/modules.d/35network-legacy/ifup.sh @@ -0,0 +1,563 @@ +#!/bin/sh +# +# We don't need to check for ip= errors here, that is handled by the +# cmdline parser script +# +# without $2 means this is for real netroot case +# or it is for manually bring up network ie. for kdump scp vmcore +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +type ip_to_var > /dev/null 2>&1 || . /lib/net-lib.sh + +# Huh? No $1? +[ -z "$1" ] && exit 1 + +# $netif reads easier than $1 +netif=$1 + +# loopback is always handled the same way +if [ "$netif" = "lo" ]; then + ip link set lo up + ip addr add 127.0.0.1/8 dev lo + exit 0 +fi + +do_dhcp_parallel() { + # dhclient-script will mark the netif up and generate the online + # event for nfsroot + # XXX add -V vendor class and option parsing per kernel + + [ -e "/tmp/dhclient.$netif.pid" ] && return 0 + + if ! iface_has_carrier "$netif"; then + warn "No carrier detected on interface $netif" + return 1 + fi + + bootintf=$(readlink "$IFNETFILE") + if [ -n "$bootintf" ] && [ -e "/tmp/dhclient.${bootintf}.lease" ]; then + info "DHCP already succeeded for $bootintf, exiting for $netif" + return 1 + fi + + if [ ! -e /run/NetworkManager/conf.d/10-dracut-dhclient.conf ]; then + mkdir -p /run/NetworkManager/conf.d + echo '[main]' > /run/NetworkManager/conf.d/10-dracut-dhclient.conf + echo 'dhcp=dhclient' >> /run/NetworkManager/conf.d/10-dracut-dhclient.conf + fi + + chmod +x /sbin/dhcp-multi.sh + /sbin/dhcp-multi.sh "$netif" "$DO_VLAN" "$@" & + return 0 +} + +# Run dhclient +do_dhcp() { + # dhclient-script will mark the netif up and generate the online + # event for nfsroot + # XXX add -V vendor class and option parsing per kernel + + local _COUNT + local _timeout + local _DHCPRETRY + + _COUNT=0 + _timeout=$(getarg rd.net.timeout.dhcp=) + _DHCPRETRY=$(getargnum 1 1 1000000000 rd.net.dhcp.retry=) + + [ -e "/tmp/dhclient.${netif}.pid" ] && return 0 + + if ! iface_has_carrier "$netif"; then + warn "No carrier detected on interface $netif" + return 1 + fi + + if [ -n "$_timeout" ]; then + if ! (dhclient --help 2>&1 | grep -q -F -- '--timeout' 2> /dev/null); then + warn "rd.net.timeout.dhcp has no effect because dhclient does not implement the --timeout option" + unset _timeout + fi + fi + + if [ ! -e /run/NetworkManager/conf.d/10-dracut-dhclient.conf ]; then + mkdir -p /run/NetworkManager/conf.d + echo '[main]' > /run/NetworkManager/conf.d/10-dracut-dhclient.conf + echo 'dhcp=dhclient' >> /run/NetworkManager/conf.d/10-dracut-dhclient.conf + fi + + while [ "$_COUNT" -lt "$_DHCPRETRY" ]; do + info "Starting dhcp for interface $netif" + dhclient "$@" \ + ${_timeout:+--timeout "$_timeout"} \ + -q \ + -1 \ + -cf /etc/dhclient.conf \ + -pf "/tmp/dhclient.${netif}.pid" \ + -lf "/tmp/dhclient.${netif}.lease" \ + "$netif" \ + && return 0 + _COUNT=$((_COUNT + 1)) + [ "$_COUNT" -lt "$_DHCPRETRY" ] && sleep 1 + done + warn "dhcp for interface $netif failed" + # nuke those files since we failed; we might retry dhcp again if it's e.g. + # `ip=dhcp,dhcp6` and we check for the PID file at the top + rm -f /tmp/dhclient."$netif".pid /tmp/dhclient."$netif".lease + return 1 +} + +load_ipv6() { + [ -d /proc/sys/net/ipv6 ] && return + modprobe ipv6 + i=0 + while [ ! -d /proc/sys/net/ipv6 ]; do + i=$((i + 1)) + [ $i -gt 10 ] && break + sleep 0.1 + done +} + +do_ipv6auto() { + local ret + load_ipv6 + echo 0 > /proc/sys/net/ipv6/conf/"${netif}"/forwarding + echo 1 > /proc/sys/net/ipv6/conf/"${netif}"/accept_ra + echo 1 > /proc/sys/net/ipv6/conf/"${netif}"/accept_redirects + linkup "$netif" + wait_for_ipv6_auto "$netif" + ret=$? + + [ -n "$hostname" ] && echo "echo $hostname > /proc/sys/kernel/hostname" > "/tmp/net.${netif}.hostname" + + return "$ret" +} + +do_ipv6link() { + local ret + load_ipv6 + echo 0 > /proc/sys/net/ipv6/conf/"${netif}"/forwarding + echo 0 > /proc/sys/net/ipv6/conf/"${netif}"/accept_ra + echo 0 > /proc/sys/net/ipv6/conf/"${netif}"/accept_redirects + linkup "$netif" + + [ -n "$hostname" ] && echo "echo $hostname > /proc/sys/kernel/hostname" > "/tmp/net.${netif}.hostname" + + return "$ret" +} + +# Handle static ip configuration +do_static() { + strglobin "$ip" '*:*:*' && load_ipv6 + + if ! iface_has_carrier "$netif"; then + warn "No carrier detected on interface $netif" + return 1 + elif ! linkup "$netif"; then + warn "Could not bring interface $netif up!" + return 1 + fi + + ip route get "$ip" 2> /dev/null | { + read -r a rest + if [ "$a" = "local" ]; then + warn "Not assigning $ip to interface $netif, cause it is already assigned!" + return 1 + fi + return 0 + } || return 1 + + [ -n "$macaddr" ] && ip link set address "$macaddr" dev "$netif" + [ -n "$mtu" ] && ip link set mtu "$mtu" dev "$netif" + if strglobin "$ip" '*:*:*'; then + # note no ip addr flush for ipv6 + ip addr add "$ip/$mask" ${srv:+peer "$srv"} dev "$netif" + echo 0 > /proc/sys/net/ipv6/conf/"${netif}"/forwarding + echo 1 > /proc/sys/net/ipv6/conf/"${netif}"/accept_ra + echo 1 > /proc/sys/net/ipv6/conf/"${netif}"/accept_redirects + wait_for_ipv6_dad "$netif" + else + if [ -z "$srv" ]; then + if command -v arping2 > /dev/null; then + if arping2 -q -C 1 -c 2 -I "$netif" -0 "$ip"; then + warn "Duplicate address detected for $ip for interface $netif." + return 1 + fi + else + if ! arping -f -q -D -c 2 -I "$netif" "$ip"; then + warn "Duplicate address detected for $ip for interface $netif." + return 1 + fi + fi + fi + ip addr flush dev "$netif" + ip addr add "$ip/$mask" ${srv:+peer "$srv"} brd + dev "$netif" + fi + + [ -n "$gw" ] && echo "ip route replace default via '$gw' dev '$netif'" > "/tmp/net.$netif.gw" + [ -n "$hostname" ] && echo "echo '$hostname' > /proc/sys/kernel/hostname" > "/tmp/net.$netif.hostname" + + return 0 +} + +get_vid() { + case "$1" in + vlan*) + echo "${1#vlan}" + ;; + *.*) + echo "${1##*.}" + ;; + esac +} + +# check, if we need VLAN's for this interface +if [ -z "$DO_VLAN_PHY" ] && [ -e "/tmp/vlan.${netif}.phy" ]; then + unset DO_VLAN + NO_AUTO_DHCP=yes DO_VLAN_PHY=yes ifup "$netif" + modprobe -b -q 8021q + + for i in /tmp/vlan.*."${netif}"; do + [ -e "$i" ] || continue + unset vlanname + unset phydevice + # shellcheck disable=SC1090 + . "$i" + if [ -n "$vlanname" ]; then + linkup "$phydevice" + ip link add dev "$vlanname" link "$phydevice" type vlan id "$(get_vid "$vlanname")" + ifup "$vlanname" + fi + done + exit 0 +fi + +# Check, if interface is VLAN interface +if ! [ -e "/tmp/vlan.${netif}.phy" ]; then + for i in "/tmp/vlan.${netif}".*; do + [ -e "$i" ] || continue + export DO_VLAN=yes + break + done +fi + +# bridge this interface? +if [ -z "$NO_BRIDGE_MASTER" ]; then + for i in /tmp/bridge.*.info; do + [ -e "$i" ] || continue + unset bridgeslaves + unset bridgename + # shellcheck disable=SC1090 + . "$i" + for ethname in $bridgeslaves; do + [ "$netif" != "$ethname" ] && continue + + NO_BRIDGE_MASTER=yes NO_AUTO_DHCP=yes ifup "$ethname" + linkup "$ethname" + if [ ! -e "/tmp/bridge.$bridgename.up" ]; then + ip link add name "$bridgename" type bridge + echo 0 > "/sys/devices/virtual/net/$bridgename/bridge/forward_delay" + : > "/tmp/bridge.$bridgename.up" + fi + ip link set dev "$ethname" master "$bridgename" + ifup "$bridgename" + exit 0 + done + done +fi + +# enslave this interface to bond? +if [ -z "$NO_BOND_MASTER" ]; then + for i in /tmp/bond.*.info; do + [ -e "$i" ] || continue + unset bondslaves + unset bondname + # shellcheck disable=SC1090 + . "$i" + for testslave in $bondslaves; do + [ "$netif" != "$testslave" ] && continue + + # already setup + [ -e "/tmp/bond.$bondname.up" ] && exit 0 + + # wait for all slaves to show up + for slave in $bondslaves; do + # try to create the slave (maybe vlan or bridge) + NO_BOND_MASTER=yes NO_AUTO_DHCP=yes ifup "$slave" + + if ! ip link show dev "$slave" > /dev/null 2>&1; then + # wait for the last slave to show up + exit 0 + fi + done + + modprobe -q -b bonding + echo "+$bondname" > /sys/class/net/bonding_masters 2> /dev/null + ip link set "$bondname" down + + # Stolen from ifup-eth + # add the bits to setup driver parameters here + for arg in $bondoptions; do + key=${arg%%=*} + value=${arg##*=} + # %{value:0:1} is replaced with non-bash specific construct + if [ "${key}" = "arp_ip_target" -a "${#value}" != "0" -a "+${value%%+*}" != "+" ]; then + OLDIFS=$IFS + IFS=',' + for arp_ip in $value; do + echo "+$arp_ip" > "/sys/class/net/${bondname}/bonding/$key" + done + IFS=$OLDIFS + else + echo "$value" > "/sys/class/net/${bondname}/bonding/$key" + fi + done + + linkup "$bondname" + + for slave in $bondslaves; do + cat "/sys/class/net/$slave/address" > "/tmp/net.${bondname}.${slave}.hwaddr" + ip link set "$slave" down + echo "+$slave" > "/sys/class/net/$bondname/bonding/slaves" + linkup "$slave" + done + + # Set mtu on bond master + [ -n "$bondmtu" ] && ip link set mtu "$bondmtu" dev "$bondname" + + # add the bits to setup the needed post enslavement parameters + for arg in $bondoptions; do + key=${arg%%=*} + value=${arg##*=} + if [ "${key}" = "primary" ]; then + echo "$value" > "/sys/class/net/${bondname}/bonding/$key" + fi + done + + : > "/tmp/bond.$bondname.up" + + NO_BOND_MASTER=yes ifup "$bondname" + exit $? + done + done +fi + +if [ -z "$NO_TEAM_MASTER" ]; then + for i in /tmp/team.*.info; do + [ -e "$i" ] || continue + unset teammaster + unset teamslaves + # shellcheck disable=SC1090 + . "$i" + for testslave in $teamslaves; do + [ "$netif" != "$testslave" ] && continue + + [ -e "/tmp/team.$teammaster.up" ] && exit 0 + + # wait for all slaves to show up + for slave in $teamslaves; do + # try to create the slave (maybe vlan or bridge) + NO_TEAM_MASTER=yes NO_AUTO_DHCP=yes ifup "$slave" + + if ! ip link show dev "$slave" > /dev/null 2>&1; then + # wait for the last slave to show up + exit 0 + fi + done + + if [ ! -e "/tmp/team.$teammaster.up" ]; then + # We shall only bring up those _can_ come up + # in case of some slave is gone in active-backup mode + working_slaves="" + for slave in $teamslaves; do + teamdctl "${teammaster}" port present "${slave}" 2> /dev/null \ + && continue + ip link set dev "$slave" up 2> /dev/null + if wait_for_if_up "$slave"; then + working_slaves="$working_slaves$slave " + fi + done + # Do not add slaves now + teamd -d -U -n -N -t "$teammaster" -f "/etc/teamd/${teammaster}.conf" + for slave in $working_slaves; do + # team requires the slaves to be down before joining team + ip link set dev "$slave" down + ( + unset TEAM_PORT_CONFIG + read -r _hwaddr < "/sys/class/net/$slave/address" + _subchannels=$(iface_get_subchannels "$slave") + if [ -n "$_hwaddr" ] && [ -e "/etc/sysconfig/network-scripts/mac-${_hwaddr}.conf" ]; then + # shellcheck disable=SC1090 + . "/etc/sysconfig/network-scripts/mac-${_hwaddr}.conf" + elif [ -n "$_subchannels" ] && [ -e "/etc/sysconfig/network-scripts/ccw-${_subchannels}.conf" ]; then + # shellcheck disable=SC1090 + . "/etc/sysconfig/network-scripts/ccw-${_subchannels}.conf" + elif [ -e "/etc/sysconfig/network-scripts/ifcfg-${slave}" ]; then + # shellcheck disable=SC1090 + . "/etc/sysconfig/network-scripts/ifcfg-${slave}" + fi + + if [ -n "${TEAM_PORT_CONFIG}" ]; then + /usr/bin/teamdctl "${teammaster}" port config update "${slave}" "${TEAM_PORT_CONFIG}" + fi + ) + teamdctl "$teammaster" port add "$slave" + done + + ip link set dev "$teammaster" up + + : > "/tmp/team.$teammaster.up" + NO_TEAM_MASTER=yes ifup "$teammaster" + exit $? + fi + done + done +fi + +# all synthetic interfaces done.. now check if the interface is available +if ! ip link show dev "$netif" > /dev/null 2>&1; then + exit 1 +fi + +# disable manual ifup while netroot is set for simplifying our logic +# in netroot case we prefer netroot to bringup $netif automatically +[ -n "$2" -a "$2" = "-m" ] && [ -z "$netroot" ] && manualup="$2" + +if [ -n "$manualup" ]; then + : > "/tmp/net.$netif.manualup" + rm -f "/tmp/net.${netif}.did-setup" +else + [ -e "/tmp/net.${netif}.did-setup" ] && exit 0 + [ -z "$DO_VLAN" ] \ + && [ -e "/sys/class/net/$netif/address" ] \ + && [ -e "/tmp/net.$(cat "/sys/class/net/$netif/address").did-setup" ] && exit 0 +fi + +# Specific configuration, spin through the kernel command line +# looking for ip= lines +for p in $(getargs ip=); do + ip_to_var "$p" + # skip ibft + [ "$autoconf" = "ibft" ] && continue + + case "$dev" in + ??:??:??:??:??:??) # MAC address + _dev=$(iface_for_mac "$dev") + [ -n "$_dev" ] && dev="$_dev" + ;; + ??-??-??-??-??-??) # MAC address in BOOTIF form + _dev=$(iface_for_mac "$(fix_bootif "$dev")") + [ -n "$_dev" ] && dev="$_dev" + ;; + esac + + # If this option isn't directed at our interface, skip it + if [ -n "$dev" ]; then + if [ "$dev" != "$netif" ]; then + [ ! -e "/sys/class/net/$dev" ] \ + && warn "Network interface '$dev' does not exist!" + continue + fi + else + iface_is_enslaved "$netif" && continue + fi + + # Store config for later use + for i in ip srv gw mask hostname macaddr mtu dns1 dns2; do + eval '[ "$'$i'" ] && echo '$i'="$'$i'"' + done > "/tmp/net.$netif.override" + + for autoopt in $(str_replace "$autoconf" "," " "); do + case $autoopt in + dhcp | on | any) + do_dhcp -4 + ;; + single-dhcp) + do_dhcp_parallel -4 + exit 0 + ;; + dhcp6) + load_ipv6 + do_dhcp -6 + ;; + auto6) + do_ipv6auto + ;; + either6) + do_ipv6auto || do_dhcp -6 + ;; + link6) + do_ipv6link + ;; + *) + do_static + ;; + esac + done + ret=$? + + # setup nameserver + for s in "$dns1" "$dns2" $(getargs nameserver); do + [ -n "$s" ] || continue + echo "nameserver $s" >> "/tmp/net.$netif.resolv.conf" + done + + if [ $ret -eq 0 ]; then + : > "/tmp/net.${netif}.up" + + if [ -z "$DO_VLAN" ] && [ -e "/sys/class/net/${netif}/address" ]; then + : > "/tmp/net.$(cat "/sys/class/net/${netif}/address").up" + fi + + # and finally, finish interface set up if there isn't already a script + # to do so (which is the case in the dhcp path) + if [ ! -e "$hookdir/initqueue/setup_net_$netif.sh" ]; then + setup_net "$netif" + source_hook initqueue/online "$netif" + if [ -z "$manualup" ]; then + /sbin/netroot "$netif" + fi + fi + + exit $ret + fi +done + +# no ip option directed at our interface? +if [ -z "$NO_AUTO_DHCP" ] && [ ! -e "/tmp/net.${netif}.up" ]; then + ret=1 + if [ -e /tmp/net.bootdev ]; then + read -r BOOTDEV < /tmp/net.bootdev + if [ "$netif" = "$BOOTDEV" ] || [ "$BOOTDEV" = "$(cat "/sys/class/net/${netif}/address")" ]; then + do_dhcp + ret=$? + fi + else + # No ip lines, no bootdev -> default to dhcp + ip=$(getarg ip) + + if getargs 'ip=dhcp6' > /dev/null || [ -z "$ip" -a "$netroot" = "dhcp6" ]; then + load_ipv6 + do_dhcp -6 + ret=$? + fi + if getargs 'ip=dhcp' > /dev/null || [ -z "$ip" -a "$netroot" != "dhcp6" ]; then + do_dhcp -4 + ret=$? + fi + fi + + for s in $(getargs nameserver); do + [ -n "$s" ] || continue + echo "nameserver $s" >> "/tmp/net.$netif.resolv.conf" + done + + if [ "$ret" -eq 0 ] && [ -n "$(ls "/tmp/leaseinfo.${netif}"* 2> /dev/null)" ]; then + : > "/tmp/net.${netif}.did-setup" + if [ -e "/sys/class/net/${netif}/address" ]; then + : > "/tmp/net.$(cat "/sys/class/net/${netif}/address").did-setup" + fi + fi +fi + +exit 0 diff --git a/modules.d/35network-legacy/kill-dhclient.sh b/modules.d/35network-legacy/kill-dhclient.sh new file mode 100755 index 0000000..9ed615f --- /dev/null +++ b/modules.d/35network-legacy/kill-dhclient.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +for f in /tmp/dhclient.*.pid; do + [ -e "$f" ] || continue + read -r PID < "$f" + kill "$PID" > /dev/null 2>&1 +done + +sleep 0.1 + +for f in /tmp/dhclient.*.pid; do + [ -e "$f" ] || continue + read -r PID < "$f" + kill -9 "$PID" > /dev/null 2>&1 +done diff --git a/modules.d/35network-legacy/module-setup.sh b/modules.d/35network-legacy/module-setup.sh new file mode 100755 index 0000000..868ea8f --- /dev/null +++ b/modules.d/35network-legacy/module-setup.sh @@ -0,0 +1,99 @@ +#!/bin/bash + +# called by dracut +check() { + require_binaries ip dhclient sed awk grep pgrep tr expr || return 1 + require_any_binary arping arping2 || return 1 + + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + # arping depends on af_packet + hostonly='' instmods af_packet +} + +# called by dracut +install() { + local _arch + + #Adding default link + if dracut_module_included "systemd"; then + inst_multiple -o "${systemdnetwork}/99-default.link" + [[ $hostonly ]] && inst_multiple -H -o "${systemdnetworkconfdir}/*.link" + fi + + inst_multiple ip dhclient sed awk grep pgrep tr expr + + inst_multiple -o arping arping2 + strstr "$(arping 2>&1)" "ARPing 2" && mv "$initdir/bin/arping" "$initdir/bin/arping2" + + inst_multiple -o ping ping6 + inst_multiple -o teamd teamdctl teamnl + inst_simple /etc/libnl/classid + inst_script "$moddir/ifup.sh" "/sbin/ifup" + inst_script "$moddir/dhcp-multi.sh" "/sbin/dhcp-multi.sh" + inst_script "$moddir/dhclient-script.sh" "/sbin/dhclient-script" + inst_simple -H "/etc/dhclient.conf" + cat "$moddir/dhclient.conf" >> "${initdir}/etc/dhclient.conf" + inst_hook pre-udev 60 "$moddir/net-genrules.sh" + inst_hook cmdline 92 "$moddir/parse-ibft.sh" + inst_hook cmdline 95 "$moddir/parse-vlan.sh" + inst_hook cmdline 96 "$moddir/parse-bond.sh" + inst_hook cmdline 96 "$moddir/parse-team.sh" + inst_hook cmdline 97 "$moddir/parse-bridge.sh" + inst_hook cmdline 98 "$moddir/parse-ip-opts.sh" + inst_hook cmdline 99 "$moddir/parse-ifname.sh" + inst_hook cleanup 10 "$moddir/kill-dhclient.sh" + + # install all config files for teaming + unset TEAM_MASTER + unset TEAM_CONFIG + unset TEAM_PORT_CONFIG + unset HWADDR + unset SUBCHANNELS + for i in /etc/sysconfig/network-scripts/ifcfg-*; do + [ -e "$i" ] || continue + case "$i" in + *~ | *.bak | *.orig | *.rpmnew | *.rpmorig | *.rpmsave) + continue + ;; + esac + ( + # shellcheck disable=SC1090 + . "$i" + if ! [ "${ONBOOT}" = "no" -o "${ONBOOT}" = "NO" ] \ + && [ -n "${TEAM_MASTER}${TEAM_CONFIG}${TEAM_PORT_CONFIG}" ]; then + if [ -n "$TEAM_CONFIG" ] && [ -n "$DEVICE" ]; then + mkdir -p "$initdir"/etc/teamd + printf -- "%s" "$TEAM_CONFIG" > "$initdir/etc/teamd/${DEVICE}.conf" + elif [ -n "$TEAM_PORT_CONFIG" ]; then + inst_simple "$i" + + HWADDR="$(echo "$HWADDR" | sed 'y/ABCDEF/abcdef/')" + if [ -n "$HWADDR" ]; then + ln_r "$i" "/etc/sysconfig/network-scripts/mac-${HWADDR}.conf" + fi + + SUBCHANNELS="$(echo "$SUBCHANNELS" | sed 'y/ABCDEF/abcdef/')" + if [ -n "$SUBCHANNELS" ]; then + ln_r "$i" "/etc/sysconfig/network-scripts/ccw-${SUBCHANNELS}.conf" + fi + fi + fi + ) + done + + _arch=${DRACUT_ARCH:-$(uname -m)} + + inst_libdir_file {"tls/$_arch/",tls/,"$_arch/",}"libnss_dns.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libnss_mdns4_minimal.so.*" + + dracut_need_initqueue +} diff --git a/modules.d/35network-legacy/net-genrules.sh b/modules.d/35network-legacy/net-genrules.sh new file mode 100755 index 0000000..686db59 --- /dev/null +++ b/modules.d/35network-legacy/net-genrules.sh @@ -0,0 +1,125 @@ +#!/bin/sh + +getargbool 0 rd.neednet && NEEDNET=1 + +# Don't continue if we don't need network +if [ -z "$netroot" ] && [ ! -e "/tmp/net.ifaces" ] && [ "$NEEDNET" != "1" ]; then + return +fi + +command -v fix_bootif > /dev/null || . /lib/net-lib.sh + +# Write udev rules +{ + # bridge: attempt only the defined interface + for i in /tmp/bridge.*.info; do + [ -e "$i" ] || continue + unset bridgeslaves + unset bridgename + # shellcheck disable=SC1090 + . "$i" + RAW_IFACES="$RAW_IFACES $bridgeslaves" + MASTER_IFACES="$MASTER_IFACES $bridgename" + done + + # bond: attempt only the defined interface (override bridge defines) + for i in /tmp/bond.*.info; do + [ -e "$i" ] || continue + unset bondslaves + unset bondname + # shellcheck disable=SC1090 + . "$i" + # It is enough to fire up only one + RAW_IFACES="$RAW_IFACES $bondslaves" + MASTER_IFACES="$MASTER_IFACES ${bondname}" + done + + for i in /tmp/team.*.info; do + [ -e "$i" ] || continue + unset teamslaves + unset teammaster + # shellcheck disable=SC1090 + . "$i" + RAW_IFACES="$RAW_IFACES ${teamslaves}" + MASTER_IFACES="$MASTER_IFACES ${teammaster}" + done + + for i in /tmp/vlan.*.phy; do + [ -e "$i" ] || continue + unset phydevice + # shellcheck disable=SC1090 + . "$i" + RAW_IFACES="$RAW_IFACES $phydevice" + for j in /tmp/vlan.*".${phydevice}"; do + [ -e "$j" ] || continue + unset vlanname + # shellcheck disable=SC1090 + . "$j" + MASTER_IFACES="$MASTER_IFACES ${vlanname}" + done + done + + MASTER_IFACES="$(trim "$MASTER_IFACES")" + RAW_IFACES="$(trim "$RAW_IFACES")" + + if [ -z "$IFACES" ]; then + [ -e /tmp/net.ifaces ] && read -r IFACES < /tmp/net.ifaces + fi + + if [ -e /tmp/net.bootdev ]; then + read -r bootdev < /tmp/net.bootdev + fi + + # shellcheck disable=SC2016 + ifup='/sbin/ifup $name' + + runcmd="RUN+=\"/sbin/initqueue --name ifup-\$name --unique --onetime $ifup\"" + + # We have some specific interfaces to handle + if [ -n "${RAW_IFACES}${IFACES}" ]; then + echo 'SUBSYSTEM!="net", GOTO="net_end"' + echo 'ACTION!="add|change|move", GOTO="net_end"' + for iface in $IFACES $RAW_IFACES; do + case "$iface" in + ??:??:??:??:??:??) # MAC address + cond="ATTR{address}==\"$iface\"" + echo "$cond, $runcmd, GOTO=\"net_end\"" + ;; + ??-??-??-??-??-??) # MAC address in BOOTIF form + cond="ATTR{address}==\"$(fix_bootif "$iface")\"" + echo "$cond, $runcmd, GOTO=\"net_end\"" + ;; + *) # an interface name + cond="ENV{INTERFACE}==\"$iface\"" + echo "$cond, $runcmd, GOTO=\"net_end\"" + cond="NAME==\"$iface\"" + echo "$cond, $runcmd, GOTO=\"net_end\"" + ;; + esac + # The GOTO prevents us from trying to ifup the same device twice + done + echo 'LABEL="net_end"' + + for iface in $IFACES; do + if [ "$bootdev" = "$iface" ] || [ "$NEEDNET" = "1" ]; then + if [ -n "$netroot" ] && [ -n "$DRACUT_SYSTEMD" ]; then + echo "systemctl is-active initrd-root-device.target || [ -f /tmp/net.${iface}.did-setup ]" + else + echo "[ -f /tmp/net.${iface}.did-setup ]" + fi > "$hookdir"/initqueue/finished/wait-"$iface".sh + fi + done + # Default: We don't know the interface to use, handle all + # Fixme: waiting for the interface as well. + else + cond='ACTION=="add", SUBSYSTEM=="net", ENV{DEVTYPE}!="wlan|wwan"' + # if you change the name of "91-default-net.rules", also change modules.d/80cms/cmssetup.sh + echo "$cond, $runcmd" > /etc/udev/rules.d/91-default-net.rules + if [ "$NEEDNET" = "1" ]; then + # shellcheck disable=SC2016 + echo 'for i in /tmp/net.*.did-setup; do [ -f "$i" ] && exit 0; done; exit 1' > "$hookdir"/initqueue/finished/wait-network.sh + fi + fi + + # if you change the name of "90-net.rules", also change modules.d/80cms/cmssetup.sh +} > /etc/udev/rules.d/90-net.rules diff --git a/modules.d/35network-legacy/parse-bond.sh b/modules.d/35network-legacy/parse-bond.sh new file mode 100755 index 0000000..ba30a3b --- /dev/null +++ b/modules.d/35network-legacy/parse-bond.sh @@ -0,0 +1,76 @@ +#!/bin/sh +# +# Format: +# bond=<bondname>[:<bondslaves>[:<options>[:<mtu>]]] +# +# bondslaves is a comma-separated list of physical (ethernet) interfaces +# options is a comma-separated list on bonding options (modinfo bonding for details) in format compatible with initscripts +# if options include multi-valued arp_ip_target option, then its values should be separated by semicolon. +# +# bond without parameters assumes bond=bond0:eth0,eth1:mode=balance-rr +# +# if the mtu is specified, it will be set on the bond master +# + +# We translate list of slaves to space-separated here to make it easier to loop over them in ifup +# Ditto for bonding options +parsebond() { + local v="${1}": + set -- + while [ -n "$v" ]; do + set -- "$@" "${v%%:*}" + v=${v#*:} + done + + case $# in + 0) + bondname=bond0 + bondslaves="eth0 eth1" + ;; + 1) + bondname=$1 + bondslaves="eth0 eth1" + ;; + 2) + bondname=$1 + bondslaves=$(str_replace "$2" "," " ") + ;; + 3) + bondname=$1 + bondslaves=$(str_replace "$2" "," " ") + bondoptions=$(str_replace "$3" "," " ") + ;; + 4) + bondname=$1 + bondslaves=$(str_replace "$2" "," " ") + bondoptions=$(str_replace "$3" "," " ") + bondmtu=$4 + ;; + *) die "bond= requires zero to four parameters" ;; + esac +} + +# Parse bond for bondname, bondslaves, bondmode, bondoptions and bondmtu +for bond in $(getargs bond=); do + unset bondname + unset bondslaves + unset bondoptions + unset bondmtu + if [ "$bond" != "bond" ]; then + parsebond "$bond" + fi + # Simple default bond + if [ -z "$bondname" ]; then + bondname=bond0 + bondslaves="eth0 eth1" + fi + # Make it suitable for initscripts export + bondoptions=$(str_replace "$bondoptions" ";" ",") + + { + echo "bondname=$bondname" + echo "bondslaves=\"$bondslaves\"" + echo "bondoptions=\"$bondoptions\"" + echo "bondmtu=\"$bondmtu\"" + } > "/tmp/bond.${bondname}.info" +done diff --git a/modules.d/35network-legacy/parse-bridge.sh b/modules.d/35network-legacy/parse-bridge.sh new file mode 100755 index 0000000..caea1da --- /dev/null +++ b/modules.d/35network-legacy/parse-bridge.sh @@ -0,0 +1,49 @@ +#!/bin/sh +# +# Format: +# bridge=<bridgename>:<bridgeslaves> +# +# <bridgeslaves> is a comma-separated list of physical (ethernet) interfaces +# bridge without parameters assumes bridge=br0:eth0 +# + +parsebridge() { + local v="${1}": + set -- + while [ -n "$v" ]; do + set -- "$@" "${v%%:*}" + v=${v#*:} + done + case $# in + 0) + bridgename=br0 + bridgeslaves=$iface + ;; + 1) die "bridge= requires two parameters" ;; + 2) + bridgename=$1 + bridgeslaves=$(str_replace "$2" "," " ") + ;; + *) die "bridge= requires two parameters" ;; + esac +} + +# Parse bridge for bridgename and bridgeslaves +for bridge in $(getargs bridge=); do + unset bridgename + unset bridgeslaves + iface=eth0 + # Read bridge= parameters if they exist + if [ "$bridge" != "bridge" ]; then + parsebridge "$bridge" + fi + # Simple default bridge + if [ -z "$bridgename" ]; then + bridgename=br0 + bridgeslaves=$iface + fi + { + echo "bridgename=$bridgename" + echo "bridgeslaves=\"$bridgeslaves\"" + } > /tmp/bridge.${bridgename}.info +done diff --git a/modules.d/35network-legacy/parse-ibft.sh b/modules.d/35network-legacy/parse-ibft.sh new file mode 100755 index 0000000..1937f13 --- /dev/null +++ b/modules.d/35network-legacy/parse-ibft.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +command -v getarg > /dev/null || . /lib/dracut-lib.sh +command -v ibft_to_cmdline > /dev/null || . /lib/net-lib.sh + +if getargbool 0 rd.iscsi.ibft -d "ip=ibft"; then + modprobe -b -q iscsi_boot_sysfs 2> /dev/null + modprobe -b -q iscsi_ibft + ibft_to_cmdline +fi diff --git a/modules.d/35network-legacy/parse-ifname.sh b/modules.d/35network-legacy/parse-ifname.sh new file mode 100755 index 0000000..be7b6ad --- /dev/null +++ b/modules.d/35network-legacy/parse-ifname.sh @@ -0,0 +1,24 @@ +#!/bin/sh +# +# Format: +# ifname=<interface>:<mac> +# +# Note letters in the macaddress must be lowercase! +# +# Examples: +# ifname=eth0:4a:3f:4c:04:f8:d7 +# +# Note when using ifname= to get persistent interface names, you must specify +# an ifname= argument for each interface used in an ip= or fcoe= argument + +# check if there are any ifname parameters +if ! getarg ifname= > /dev/null; then + return +fi + +command -v parse_ifname_opts > /dev/null || . /lib/net-lib.sh + +# Check ifname= lines +for p in $(getargs ifname=); do + parse_ifname_opts "$p" +done diff --git a/modules.d/35network-legacy/parse-ip-opts.sh b/modules.d/35network-legacy/parse-ip-opts.sh new file mode 100755 index 0000000..8263321 --- /dev/null +++ b/modules.d/35network-legacy/parse-ip-opts.sh @@ -0,0 +1,151 @@ +#!/bin/sh +# +# Format: +# ip=[dhcp|on|any|single-dhcp] +# +# ip=<interface>:[dhcp|on|any][:[<mtu>][:<macaddr>]] +# +# ip=<client-IP-number>:<server-IP-number>:<gateway-IP-number>:<netmask>:<client-hostname>:<interface>:{dhcp|on|any|none|off}[:[<mtu>][:<macaddr>]] +# +# When supplying more than only ip= line, <interface> is mandatory and +# bootdev= must contain the name of the primary interface to use for +# routing,dns,dhcp-options,etc. +# + +# we really need to use `expr substr` with dash +# shellcheck disable=SC2003 disable=SC2308 + +command -v getarg > /dev/null || . /lib/dracut-lib.sh + +if [ -n "$netroot" ] && [ -z "$(getarg ip=)" ] && [ -z "$(getarg BOOTIF=)" ]; then + # No ip= argument(s) for netroot provided, defaulting to DHCP + return +fi + +# Count ip= lines to decide whether we need bootdev= or not +if [ -z "$NEEDBOOTDEV" ]; then + count=0 + for p in $(getargs ip=); do + case "$p" in + ibft) + continue + ;; + esac + count=$((count + 1)) + done + [ $count -gt 1 ] && NEEDBOOTDEV=1 +fi +unset count + +# If needed, check if bootdev= contains anything usable +BOOTDEV=$(getarg bootdev=) + +if [ -n "$NEEDBOOTDEV" ] && getargbool 1 rd.neednet; then + #[ -z "$BOOTDEV" ] && warn "Please supply bootdev argument for multiple ip= lines" + echo "rd.neednet=1" > /etc/cmdline.d/dracut-neednet.conf + info "Multiple ip= arguments: assuming rd.neednet=1" +else + unset NEEDBOOTDEV +fi + +# Check ip= lines +# XXX Would be nice if we could errorcheck ip addresses here as well +for p in $(getargs ip=); do + ip_to_var "$p" + + # make first device specified the BOOTDEV + if [ -n "$NEEDBOOTDEV" ] && [ -z "$BOOTDEV" ] && [ -n "$dev" ]; then + BOOTDEV="$dev" + info "Setting bootdev to '$BOOTDEV'" + fi + + # skip ibft since we did it above + [ "$autoconf" = "ibft" ] && continue + + # Empty autoconf defaults to 'dhcp' + if [ -z "$autoconf" ]; then + warn "Empty autoconf values default to dhcp" + autoconf="dhcp" + fi + + # Error checking for autoconf in combination with other values + for autoopt in $(str_replace "$autoconf" "," " "); do + case $autoopt in + error) die "Error parsing option 'ip=$p'" ;; + bootp | rarp | both) die "Sorry, ip=$autoopt is currently unsupported" ;; + none | off) + [ -z "$ip" ] \ + && die "For argument 'ip=$p'\nValue '$autoopt' without static configuration does not make sense" + [ -z "$mask" ] \ + && die "Sorry, automatic calculation of netmask is not yet supported" + ;; + auto6 | link6) ;; + either6) ;; + dhcp | dhcp6 | on | any | single-dhcp) + [ -n "$NEEDBOOTDEV" ] && [ -z "$dev" ] \ + && die "Sorry, 'ip=$p' does not make sense for multiple interface configurations" + [ -n "$ip" ] \ + && die "For argument 'ip=$p'\nSorry, setting client-ip does not make sense for '$autoopt'" + ;; + *) die "For argument 'ip=$p'\nSorry, unknown value '$autoopt'" ;; + esac + done + + if [ -n "$dev" ]; then + # We don't like duplicate device configs + if [ -n "$IFACES" ]; then + for i in $IFACES; do + [ "$dev" = "$i" ] && die "For argument 'ip=$p'\nDuplication configurations for '$dev'" + done + fi + # IFACES list for later use + IFACES="$IFACES $dev" + + # Interface should exist + if [ ! -e "/sys/class/net/$dev" ]; then + warn "Network interface '$dev' does not exist" + fi + fi + + # Do we need to check for specific options? + if [ -n "$NEEDDHCP" ] || [ -n "$DHCPORSERVER" ]; then + # Correct device? (Empty is ok as well) + [ "$dev" = "$BOOTDEV" ] || continue + # Server-ip is there? + [ -n "$DHCPORSERVER" ] && [ -n "$srv" ] && continue + # dhcp? (It's simpler to check for a set ip. Checks above ensure that if + # ip is there, we're static + [ -z "$ip" ] && continue + # Not good! + die "Server-ip or dhcp for netboot needed, but current arguments say otherwise" + fi + + if str_starts "$dev" "enx" && [ ${#dev} -eq 15 ]; then + # shellcheck disable=SC2003 + printf -- "ifname=%s:%s:%s:%s:%s:%s:%s\n" \ + "$dev" \ + "$(expr substr "$dev" 3 2)" \ + "$(expr substr "$dev" 5 2)" \ + "$(expr substr "$dev" 7 2)" \ + "$(expr substr "$dev" 9 2)" \ + "$(expr substr "$dev" 11 2)" \ + "$(expr substr "$dev" 13 2)" \ + >> /etc/cmdline.d/80-enx.conf + fi +done + +# put BOOTIF in IFACES to make sure it comes up +if getargbool 1 "rd.bootif" && BOOTIF="$(getarg BOOTIF=)"; then + BOOTDEV=$(fix_bootif "$BOOTIF") + IFACES="$BOOTDEV $IFACES" +fi + +# This ensures that BOOTDEV is always first in IFACES +if [ -n "$BOOTDEV" ] && [ -n "$IFACES" ]; then + IFACES="${IFACES%"$BOOTDEV"*} ${IFACES#*"$BOOTDEV"}" + IFACES="$BOOTDEV $IFACES" +fi + +# Store BOOTDEV and IFACES for later use +[ -n "$BOOTDEV" ] && echo "$BOOTDEV" > /tmp/net.bootdev +[ -n "$IFACES" ] && echo "$IFACES" > /tmp/net.ifaces diff --git a/modules.d/35network-legacy/parse-team.sh b/modules.d/35network-legacy/parse-team.sh new file mode 100755 index 0000000..83badc9 --- /dev/null +++ b/modules.d/35network-legacy/parse-team.sh @@ -0,0 +1,66 @@ +#!/bin/sh +# +# Format: +# team=<teammaster>:<teamslaves>[:<teamrunner>] +# +# teamslaves is a comma-separated list of physical (ethernet) interfaces +# teamrunner is the runner type to be used (see teamd.conf(5)); defaults to activebackup +# +# team without parameters assumes team=team0:eth0,eth1:activebackup +# + +parseteam() { + local v="${1}": + set -- + while [ -n "$v" ]; do + set -- "$@" "${v%%:*}" + v=${v#*:} + done + + case $# in + 0) + teammaster=team0 + teamslaves="eth0 eth1" + teamrunner="activebackup" + ;; + 1) + teammaster=$1 + teamslaves="eth0 eth1" + teamrunner="activebackup" + ;; + 2) + teammaster=$1 + teamslaves=$(str_replace "$2" "," " ") + teamrunner="activebackup" + ;; + 3) + teammaster=$1 + teamslaves=$(str_replace "$2" "," " ") + teamrunner=$3 + ;; + *) die "team= requires zero to three parameters" ;; + esac + return 0 +} + +for team in $(getargs team); do + [ "$team" = "team" ] && continue + + unset teammaster + unset teamslaves + unset teamrunner + + parseteam "$team" || continue + + { + echo "teammaster=$teammaster" + echo "teamslaves=\"$teamslaves\"" + echo "teamrunner=\"$teamrunner\"" + } > /tmp/team."${teammaster}".info + + if ! [ -e /etc/teamd/"${teammaster}".conf ]; then + warn "Team master $teammaster specified, but no /etc/teamd/$teammaster.conf present. Using $teamrunner." + mkdir -p /etc/teamd + printf -- "%s" "{\"runner\": {\"name\": \"$teamrunner\"}, \"link_watch\": {\"name\": \"ethtool\"}}" > "/tmp/${teammaster}.conf" + fi +done diff --git a/modules.d/35network-legacy/parse-vlan.sh b/modules.d/35network-legacy/parse-vlan.sh new file mode 100755 index 0000000..c23f833 --- /dev/null +++ b/modules.d/35network-legacy/parse-vlan.sh @@ -0,0 +1,37 @@ +#!/bin/sh +# +# Format: +# vlan=<vlanname>:<phydevice> +# + +parsevlan() { + local v="${1}": + set -- + while [ -n "$v" ]; do + set -- "$@" "${v%%:*}" + v=${v#*:} + done + + unset vlanname phydevice + case $# in + 2) + vlanname=$1 + phydevice=$2 + ;; + *) die "vlan= requires two parameters" ;; + esac +} + +for vlan in $(getargs vlan=); do + unset vlanname + unset phydevice + if [ ! "$vlan" = "vlan" ]; then + parsevlan "$vlan" + fi + + echo "phydevice=\"$phydevice\"" > /tmp/vlan."${phydevice}".phy + { + echo "vlanname=\"$vlanname\"" + echo "phydevice=\"$phydevice\"" + } > /tmp/vlan."${vlanname}"."${phydevice}" +done diff --git a/modules.d/35network-manager/initrd-no-auto-default.conf b/modules.d/35network-manager/initrd-no-auto-default.conf new file mode 100644 index 0000000..8a06e52 --- /dev/null +++ b/modules.d/35network-manager/initrd-no-auto-default.conf @@ -0,0 +1,5 @@ +[.config] +enable=env:initrd + +[main] +no-auto-default=* diff --git a/modules.d/35network-manager/module-setup.sh b/modules.d/35network-manager/module-setup.sh new file mode 100755 index 0000000..d9a244a --- /dev/null +++ b/modules.d/35network-manager/module-setup.sh @@ -0,0 +1,84 @@ +#!/bin/bash + +# called by dracut +check() { + require_binaries sed grep NetworkManager || return 1 + + # do not add this module by default + return 255 +} + +# called by dracut +depends() { + echo dbus bash + return 0 +} + +# called by dracut +installkernel() { + return 0 +} + +# called by dracut +install() { + local _nm_version + + _nm_version=${NM_VERSION:-$(NetworkManager --version)} + + # We don't need `ip` but having it is *really* useful for people debugging + # in an emergency shell. + inst_multiple ip sed grep + + inst NetworkManager + inst_multiple -o /usr/{lib,libexec}/nm-initrd-generator + inst_multiple -o /usr/{lib,libexec}/nm-daemon-helper + inst_multiple -o teamd dhclient + inst_hook cmdline 99 "$moddir/nm-config.sh" + if dracut_module_included "systemd"; then + + inst "$dbussystem"/org.freedesktop.NetworkManager.conf + inst_multiple nmcli nm-online + + # teaming support under systemd+dbus + inst_multiple -o \ + "$dbussystem"/teamd.conf \ + "$dbussystemconfdir"/teamd.conf + + # Install a configuration snippet to prevent the automatic creation of + # "Wired connection #" DHCP connections for Ethernet interfaces + inst_simple "$moddir"/initrd-no-auto-default.conf /usr/lib/NetworkManager/conf.d/ + + inst_simple "$moddir"/nm-initrd.service "$systemdsystemunitdir"/nm-initrd.service + inst_simple "$moddir"/nm-wait-online-initrd.service "$systemdsystemunitdir"/nm-wait-online-initrd.service + + # Adding default link + inst_multiple -o "${systemdnetwork}/99-default.link" + [[ $hostonly ]] && inst_multiple -H -o "${systemdnetworkconfdir}/*.link" + + $SYSTEMCTL -q --root "$initdir" enable nm-initrd.service + fi + + inst_hook initqueue/settled 99 "$moddir/nm-run.sh" + + inst_rules 85-nm-unmanaged.rules + inst_libdir_dir "NetworkManager/$_nm_version" + inst_libdir_file "NetworkManager/$_nm_version/libnm-device-plugin-team.so" + inst_simple "$moddir/nm-lib.sh" "/lib/nm-lib.sh" + + if [[ -x "$initdir/usr/sbin/dhclient" ]]; then + inst_multiple -o /usr/{lib,libexec}/nm-dhcp-helper + elif ! [[ -e "$initdir/etc/machine-id" ]]; then + # The internal DHCP client silently fails if we + # have no machine-id + systemd-machine-id-setup --root="$initdir" + fi + + # We don't install the ifcfg files from the host automatically. + # But the user might choose to include them, so we pull in the machinery to read them. + inst_libdir_file "NetworkManager/$_nm_version/libnm-settings-plugin-ifcfg-rh.so" + + _arch=${DRACUT_ARCH:-$(uname -m)} + + inst_libdir_file {"tls/$_arch/",tls/,"$_arch/",}"libnss_dns.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libnss_mdns4_minimal.so.*" +} diff --git a/modules.d/35network-manager/nm-config.sh b/modules.d/35network-manager/nm-config.sh new file mode 100755 index 0000000..2b13d0a --- /dev/null +++ b/modules.d/35network-manager/nm-config.sh @@ -0,0 +1,35 @@ +#!/bin/sh + +type nm_generate_connections > /dev/null 2>&1 || . /lib/nm-lib.sh + +if [ -n "$netroot" ] || [ -e /tmp/net.ifaces ]; then + echo rd.neednet >> /etc/cmdline.d/35-neednet.conf +fi + +if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then + # shellcheck disable=SC2174 + mkdir -m 0755 -p /run/NetworkManager/conf.d + ( + echo '[.config]' + echo 'enable=env:initrd' + echo + echo '[logging]' + echo 'level=TRACE' + ) > /run/NetworkManager/conf.d/initrd-logging.conf + + if [ -n "$DRACUT_SYSTEMD" ]; then + # Enable tty output if a usable console is found + # See https://github.com/coreos/fedora-coreos-tracker/issues/943 + # shellcheck disable=SC2217 + if [ -w /dev/console ] && (echo < /dev/console) > /dev/null 2> /dev/null; then + mkdir -p /run/systemd/system/nm-initrd.service.d + cat << EOF > /run/systemd/system/nm-initrd.service.d/tty-output.conf +[Service] +StandardOutput=tty +EOF + systemctl --no-block daemon-reload + fi + fi +fi + +nm_generate_connections diff --git a/modules.d/35network-manager/nm-initrd.service b/modules.d/35network-manager/nm-initrd.service new file mode 100644 index 0000000..dbd8caa --- /dev/null +++ b/modules.d/35network-manager/nm-initrd.service @@ -0,0 +1,31 @@ +[Unit] +DefaultDependencies=no +Wants=systemd-udev-trigger.service +After=systemd-udev-trigger.service +After=dracut-cmdline.service +After=dbus.service +Wants=network.target +Before=network.target +ConditionPathExists=/run/NetworkManager/initrd/neednet +ConditionPathExistsGlob=|/usr/lib/NetworkManager/system-connections/* +ConditionPathExistsGlob=|/run/NetworkManager/system-connections/* +ConditionPathExistsGlob=|/etc/NetworkManager/system-connections/* +ConditionPathExistsGlob=|/etc/sysconfig/network-scripts/ifcfg-* + +[Service] +Type=dbus +BusName=org.freedesktop.NetworkManager +ExecReload=/usr/bin/busctl call org.freedesktop.NetworkManager /org/freedesktop/NetworkManager org.freedesktop.NetworkManager Reload u 0 +ExecStart=/usr/sbin/NetworkManager --debug +KillMode=process +# The following gets changed to StandardOutput=tty by nm-config.sh +# when debug is enabled and a usable console is found. +StandardOutput=null +Environment=NM_CONFIG_ENABLE_TAG=initrd +Restart=on-failure +ProtectSystem=true +ProtectHome=read-only + +[Install] +WantedBy=initrd.target +Also=nm-wait-online-initrd.service diff --git a/modules.d/35network-manager/nm-lib.sh b/modules.d/35network-manager/nm-lib.sh new file mode 100755 index 0000000..32a288d --- /dev/null +++ b/modules.d/35network-manager/nm-lib.sh @@ -0,0 +1,34 @@ +#!/bin/sh + +type getcmdline > /dev/null 2>&1 || . /lib/dracut-lib.sh + +nm_generate_connections() { + rm -f /run/NetworkManager/system-connections/* + if [ -x /usr/libexec/nm-initrd-generator ]; then + # shellcheck disable=SC2046 + /usr/libexec/nm-initrd-generator -- $(getcmdline) + elif [ -x /usr/lib/nm-initrd-generator ]; then + # shellcheck disable=SC2046 + /usr/lib/nm-initrd-generator -- $(getcmdline) + else + warn "nm-initrd-generator not found" + fi + + if getargbool 0 rd.neednet; then + for i in /usr/lib/NetworkManager/system-connections/* \ + /run/NetworkManager/system-connections/* \ + /etc/NetworkManager/system-connections/* \ + /etc/sysconfig/network-scripts/ifcfg-*; do + [ -f "$i" ] || continue + mkdir -p "$hookdir"/initqueue/finished + echo '[ -f /tmp/nm.done ]' > "$hookdir"/initqueue/finished/nm.sh + mkdir -p /run/NetworkManager/initrd + : > /run/NetworkManager/initrd/neednet # activate NM services + break + done + fi +} + +nm_reload_connections() { + [ -n "$DRACUT_SYSTEMD" ] && systemctl is-active nm-initrd.service && nmcli connection reload +} diff --git a/modules.d/35network-manager/nm-run.sh b/modules.d/35network-manager/nm-run.sh new file mode 100755 index 0000000..14b9cb1 --- /dev/null +++ b/modules.d/35network-manager/nm-run.sh @@ -0,0 +1,68 @@ +#!/bin/bash + +type source_hook > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if [ -z "$DRACUT_SYSTEMD" ]; then + # Only start NM if networking is needed + if [ -e /run/NetworkManager/initrd/neednet ]; then + for i in /usr/lib/NetworkManager/system-connections/* \ + /run/NetworkManager/system-connections/* \ + /etc/NetworkManager/system-connections/* \ + /etc/sysconfig/network-scripts/ifcfg-*; do + [ -f "$i" ] || continue + /usr/sbin/NetworkManager --configure-and-quit=initrd --no-daemon + break + done + fi +fi + +if [ -s /run/NetworkManager/initrd/hostname ]; then + cat /run/NetworkManager/initrd/hostname > /proc/sys/kernel/hostname +fi + +kf_get_string() { + # NetworkManager writes keyfiles (glib's GKeyFile API). Have a naive + # parser for it. + # + # But GKeyFile will backslash escape certain keys (\s, \t, \n) but also + # escape backslash. As an approximation, interpret the string with printf's + # '%b'. + # + # This is supposed to mimic g_key_file_get_string() (poorly). + + v1="$(sed -n "s/^$1=/=/p" | sed '1!d')" + test "$v1" = "${v1#=}" && return 1 + printf "%b" "${v1#=}" +} + +kf_unescape() { + # Another layer of unescaping. While values in GKeyFile format + # are backslash escaped, the original strings (which are in no + # defined encoding) are backslash escaped too to be valid UTF-8. + # This will undo the second layer of escaping to give binary "strings". + printf "%b" "$1" +} + +kf_parse() { + v3="$(kf_get_string "$1")" || return 1 + v3="$(kf_unescape "$v3")" + printf '%s=%s\n' "$2" "$(printf '%q' "$v3")" +} + +dhcpopts_create() { + kf_parse root-path new_root_path < "$1" + kf_parse next-server new_next_server < "$1" + kf_parse dhcp-bootfile filename < "$1" +} + +for _i in /sys/class/net/*; do + [ -d "$_i" ] || continue + state="/run/NetworkManager/devices/$(cat "$_i"/ifindex)" + grep -q '^connection-uuid=' "$state" 2> /dev/null || continue + ifname="${_i##*/}" + dhcpopts_create "$state" > /tmp/dhclient."$ifname".dhcpopts + source_hook initqueue/online "$ifname" + /sbin/netroot "$ifname" +done + +: > /tmp/nm.done diff --git a/modules.d/35network-manager/nm-wait-online-initrd.service b/modules.d/35network-manager/nm-wait-online-initrd.service new file mode 100644 index 0000000..ac8762a --- /dev/null +++ b/modules.d/35network-manager/nm-wait-online-initrd.service @@ -0,0 +1,16 @@ +[Unit] +DefaultDependencies=no +Requires=nm-initrd.service +After=nm-initrd.service +Before=network-online.target +Before=dracut-initqueue.service +ConditionPathExists=/run/NetworkManager/initrd/neednet + +[Service] +Type=oneshot +ExecStart=/usr/bin/nm-online -s -q -t 3600 +RemainAfterExit=yes + +[Install] +WantedBy=initrd.target +WantedBy=network-online.target diff --git a/modules.d/40network/dhcp-root.sh b/modules.d/40network/dhcp-root.sh new file mode 100755 index 0000000..3f11221 --- /dev/null +++ b/modules.d/40network/dhcp-root.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +# This script is sourced, so root should be set. But let's be paranoid +[ -z "$root" ] && root=$(getarg root=) + +if [ -z "$netroot" ]; then + for netroot in $(getargs netroot=); do + [ "$netroot" = "dhcp" ] && break + [ "$netroot" = "dhcp6" ] && break + done + [ "$netroot" = "dhcp" ] || [ "$netroot" = "dhcp6" ] || unset netroot +fi + +if [ "$root" = "dhcp" ] || [ "$root" = "dhcp6" ] || [ "$netroot" = "dhcp" ] || [ "$netroot" = "dhcp6" ]; then + # Tell ip= checker that we need dhcp + # shellcheck disable=SC2034 + NEEDDHCP="1" + + # Done, all good! + # shellcheck disable=SC2034 + rootok=1 + if [ "$netroot" != "dhcp" ] && [ "$netroot" != "dhcp6" ]; then + netroot=$root + fi + + # Shut up init error check + [ -z "$root" ] && root="dhcp" + # shellcheck disable=SC2016 + echo '[ -d $NEWROOT/proc -o -e /dev/root ]' > "$hookdir"/initqueue/finished/dhcp.sh +fi diff --git a/modules.d/40network/ifname-genrules.sh b/modules.d/40network/ifname-genrules.sh new file mode 100755 index 0000000..b9b95c4 --- /dev/null +++ b/modules.d/40network/ifname-genrules.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +# if there are no ifname parameters, just use NAME=KERNEL +if ! getarg ifname= > /dev/null; then + return +fi + +command -v parse_ifname_opts > /dev/null || . /lib/net-lib.sh + +{ + for p in $(getargs ifname=); do + parse_ifname_opts "$p" + + if [ -f /tmp/ifname-"$ifname_mac" ]; then + read -r oldif < /tmp/ifname-"$ifname_mac" + fi + if [ -f /tmp/ifname-"$ifname_if" ]; then + read -r oldmac < /tmp/ifname-"$ifname_if" + fi + if [ -n "$oldif" -a -n "$oldmac" -a "$oldif" = "$ifname_if" -a "$oldmac" = "$ifname_mac" ]; then + # skip same ifname= declaration + continue + fi + + [ -n "$oldif" ] && warn "Multiple interface names specified for MAC $ifname_mac: $oldif" + [ -n "$oldmac" ] && warn "Multiple MAC specified for $ifname_if: $oldmac" + + printf 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="%s", ATTR{type}=="1", NAME="%s"\n' "$ifname_mac" "$ifname_if" + echo "$ifname_if" > /tmp/ifname-"$ifname_mac" + echo "$ifname_mac" > /tmp/ifname-"$ifname_if" + done +} >> /etc/udev/rules.d/80-ifname.rules diff --git a/modules.d/40network/module-setup.sh b/modules.d/40network/module-setup.sh new file mode 100755 index 0000000..4c77ff3 --- /dev/null +++ b/modules.d/40network/module-setup.sh @@ -0,0 +1,48 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + is_qemu_virtualized && echo -n "qemu-net " + + for module in connman network-manager network-legacy systemd-networkd; do + if dracut_module_included "$module"; then + network_handler="$module" + break + fi + done + + if [ -z "$network_handler" ]; then + if check_module "connman"; then + network_handler="connman" + elif check_module "network-manager"; then + network_handler="network-manager" + elif check_module "systemd-networkd"; then + network_handler="systemd-networkd" + else + network_handler="network-legacy" + fi + fi + echo "kernel-network-modules $network_handler" + return 0 +} + +# called by dracut +installkernel() { + return 0 +} + +# called by dracut +install() { + inst_script "$moddir/netroot.sh" "/sbin/netroot" + inst_simple "$moddir/net-lib.sh" "/lib/net-lib.sh" + inst_hook pre-udev 50 "$moddir/ifname-genrules.sh" + inst_hook cmdline 91 "$moddir/dhcp-root.sh" + inst_multiple ip sed awk grep pgrep tr + inst_multiple -o arping arping2 + dracut_need_initqueue +} diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh new file mode 100755 index 0000000..9d88e0d --- /dev/null +++ b/modules.d/40network/net-lib.sh @@ -0,0 +1,906 @@ +#!/bin/sh + +# shellcheck disable=SC2034 +IFNETFILE="/tmp/bootnetif" + +is_ip() { + echo "$1" | { + IFS=. read -r a b c d + test "$a" -ge 0 -a "$a" -le 255 \ + -a "$b" -ge 0 -a "$b" -le 255 \ + -a "$c" -ge 0 -a "$c" -le 255 \ + -a "$d" -ge 0 -a "$d" -le 255 \ + 2> /dev/null + } && return 0 + return 1 +} + +get_ip() { + local iface="$1" ip="" + ip=$(ip -f inet addr show "$iface") + ip=${ip%%/*} + ip=${ip##* } + echo "$ip" +} + +iface_for_remote_addr() { + # shellcheck disable=SC2046 + set -- $(ip route get to "$@" | sed 's/.*\bdev\b//p;q') + echo "$1" +} + +iface_for_ip() { + # shellcheck disable=SC2046 + set -- $(ip addr show to "$@") + echo "${2%:}" +} + +iface_for_mac() { + local interface="" + local mac + mac="$(echo "$@" | sed 'y/ABCDEF/abcdef/')" + for interface in /sys/class/net/*; do + if [ "$(cat "$interface"/address)" = "$mac" ]; then + echo "${interface##*/}" + fi + done +} + +# get the iface name for the given identifier - either a MAC, IP, or iface name +iface_name() { + case "$1" in + ??:??:??:??:??:?? | ??-??-??-??-??-??) iface_for_mac "$1" ;; + *:*:* | *.*.*.*) iface_for_ip "$1" ;; + *) echo "$1" ;; + esac +} + +# list the configured interfaces +configured_ifaces() { + local IFACES="" iface_id="" rv=1 + [ -e "/tmp/net.ifaces" ] && read -r IFACES < /tmp/net.ifaces + if { pidof udevd || pidof systemd-udevd; } > /dev/null; then + for iface_id in $IFACES; do + printf "%s\n" "$(iface_name "$iface_id")" + rv=0 + done + else + warn "configured_ifaces called before udev is running" + echo "$IFACES" + [ -n "$IFACES" ] && rv=0 + fi + return $rv +} + +all_ifaces_up() { + local iface="" IFACES="" + [ -e "/tmp/net.ifaces" ] && read -r IFACES < /tmp/net.ifaces + for iface in $IFACES; do + [ -e /tmp/net."$iface".up ] || return 1 + done +} + +all_ifaces_setup() { + local iface="" IFACES="" + [ -e "/tmp/net.ifaces" ] && read -r IFACES < /tmp/net.ifaces + for iface in $IFACES; do + [ -e /tmp/net."$iface".did-setup ] || return 1 + done +} + +get_netroot_ip() { + local prefix="" server="" rest="" + splitsep ":" "$1" prefix server rest + case $server in + [0-9]*\.[0-9]*\.[0-9]*\.[0-9]*) + echo "$server" + return 0 + ;; + esac + return 1 +} + +ip_is_local() { + li=$(ip route get "$@" 2> /dev/null) + if [ -n "$li" ]; then + strstr "$li" " via " || return 0 + fi + return 1 +} + +ifdown() { + local netif="$1" + # ip down/flush ensures that routing info goes away as well + ip link set "$netif" down + ip addr flush dev "$netif" + echo "#empty" > /etc/resolv.conf + rm -f -- /tmp/net."$netif".did-setup + [ -z "$DO_VLAN" ] \ + && [ -e /sys/class/net/"$netif"/address ] \ + && rm -f -- "/tmp/net.$(cat /sys/class/net/"$netif"/address).did-setup" + # TODO: send "offline" uevent? +} + +setup_net() { + local netif="$1" f="" gw_ip="" netroot_ip="" iface="" IFACES="" + local _p + [ -e /tmp/net."$netif".did-setup ] && return + [ -z "$DO_VLAN" ] \ + && [ -e /sys/class/net/"$netif"/address ] \ + && [ -e "/tmp/net.$(cat /sys/class/net/"$netif"/address).did-setup" ] && return + [ -e "/tmp/net.ifaces" ] && read -r IFACES < /tmp/net.ifaces + [ -z "$IFACES" ] && IFACES="$netif" + # run the scripts written by ifup + # shellcheck disable=SC1090 + [ -e /tmp/net."$netif".hostname ] && . /tmp/net."$netif".hostname + # shellcheck disable=SC1090 + [ -e /tmp/net."$netif".override ] && . /tmp/net."$netif".override + # shellcheck disable=SC1090 + [ -e /tmp/dhclient."$netif".dhcpopts ] && . /tmp/dhclient."$netif".dhcpopts + # set up resolv.conf + [ -e /tmp/net."$netif".resolv.conf ] \ + && awk '!array[$0]++' /tmp/net."$netif".resolv.conf > /etc/resolv.conf + # shellcheck disable=SC1090 + [ -e /tmp/net."$netif".gw ] && . /tmp/net."$netif".gw + + # add static route + for _p in $(getargs rd.route); do + route_to_var "$_p" || continue + [ -n "$route_dev" ] && [ "$route_dev" != "$netif" ] && continue + ip route add "$route_mask" ${route_gw:+via $route_gw} ${route_dev:+dev $route_dev} + if strstr "$route_mask" ":"; then + printf -- "%s\n" "$route_mask ${route_gw:+via $route_gw} ${route_dev:+dev $route_dev}" \ + > /tmp/net.route6."$netif" + else + printf -- "%s\n" "$route_mask ${route_gw:+via $route_gw} ${route_dev:+dev $route_dev}" \ + > /tmp/net.route."$netif" + fi + done + + # If a static route was necessary to reach the gateway, the + # first gateway setup call will have failed with + # RTNETLINK answers: Network is unreachable + # Replace the default route again after static routes to cover + # this scenario. + # shellcheck disable=SC1090 + [ -e /tmp/net."$netif".gw ] && . /tmp/net."$netif".gw + + # Handle STP Timeout: arping the default gateway. + # (or the root server, if a) it's local or b) there's no gateway.) + # Note: This assumes that if no router is present the + # root server is on the same subnet. + + # Get DHCP-provided router IP, or the cmdline-provided "gw=" argument + [ -n "$new_routers" ] && gw_ip=${new_routers%%,*} + [ -n "$gw" ] && gw_ip=$gw + + # Get the "netroot" IP (if there's an IP address in there) + netroot_ip=$(get_netroot_ip "$netroot") + + # try netroot if it's local (or there's no gateway) + if ip_is_local "$netroot_ip" || [ -z "$gw_ip" ]; then + dest="$netroot_ip" + else + dest="$gw_ip" + fi + + unset layer2 + if [ -f /sys/class/net/"$netif"/device/layer2 ]; then + read -r layer2 < /sys/class/net/"$netif"/device/layer2 + fi + + if [ "$layer2" != "0" ] && [ -n "$dest" ] && ! strstr "$dest" ":"; then + if command -v arping2 > /dev/null; then + arping2 -q -C 1 -c 60 -I "$netif" "$dest" || info "Resolving $dest via ARP on $netif failed" + else + arping -q -f -w 60 -I "$netif" "$dest" || info "Resolving $dest via ARP on $netif failed" + fi + fi + unset layer2 + + : > /tmp/net."$netif".did-setup + [ -z "$DO_VLAN" ] \ + && [ -e /sys/class/net/"$netif"/address ] \ + && : > "/tmp/net.$(cat /sys/class/net/"$netif"/address).did-setup" +} + +save_netinfo() { + local netif="$1" IFACES="" f="" i="" + [ -e /tmp/net.ifaces ] && read -r IFACES < /tmp/net.ifaces + # Add $netif to the front of IFACES (if it's not there already). + set -- "$netif" + for i in $IFACES; do [ "$i" != "$netif" ] && set -- "$@" "$i"; done + IFACES="$*" + for i in $IFACES; do + for f in "/tmp/dhclient.$i."*; do + [ -f "$f" ] && cp -f "$f" /tmp/net."${f#/tmp/dhclient.}" + done + done + echo "$IFACES" > /tmp/.net.ifaces.new + mv /tmp/.net.ifaces.new /tmp/net.ifaces +} + +set_ifname() { + local name="$1" mac="$2" num=-1 n="" + # if it's already set, return the existing name + for n in $(getargs ifname=); do + strstr "$n" "$mac" && echo "${n%%:*}" && return + done + [ ! -f "/tmp/set_ifname_$name" ] || read -r num < "/tmp/set_ifname_$name" + # otherwise, pick a new name and use that + while :; do + num=$((num + 1)) + [ -e /sys/class/net/"$name"$num ] && continue + for n in $(getargs ifname=); do + [ "$name$num" = "${n%%:*}" ] && continue 2 + done + break + done + echo "ifname=$name$num:$mac" >> /etc/cmdline.d/45-ifname.conf + echo "$num" > "/tmp/set_ifname_$name" + echo "$name$num" +} + +# pxelinux provides macaddr '-' separated, but we need ':' +fix_bootif() { + local macaddr="${1}" + local IFS='-' + # shellcheck disable=SC2086 + macaddr=$(printf '%s:' ${macaddr}) + macaddr=${macaddr%:} + # strip hardware type field from pxelinux + [ -n "${macaddr%??:??:??:??:??:??}" ] && macaddr=${macaddr#??:} + # return macaddr with lowercase alpha characters expected by udev + echo "$macaddr" | sed 'y/ABCDEF/abcdef/' +} + +ibft_to_cmdline() { + local iface="" + modprobe -q iscsi_ibft + ( + for iface in /sys/firmware/ibft/ethernet*; do + local mac="" dev="" + local dhcp="" ip="" gw="" mask="" hostname="" + local dns1 dns2 + + [ -e "${iface}"/mac ] || continue + read -r mac < "${iface}"/mac + [ -z "$mac" ] && continue + dev=$(set_ifname ibft "$mac") + + [ -e /tmp/net."${dev}".has_ibft_config ] && continue + + [ -e "${iface}"/flags ] && read -r flags < "${iface}"/flags + # Skip invalid interfaces + awk -- 'BEGIN { exit (!and('"$flags"',1)) }' || continue + # Skip interfaces not used for booting unless using multipath + if ! getargbool 0 rd.iscsi.mp; then + awk -- 'BEGIN { exit (!and('"$flags"',2)) }' || continue + fi + [ -e "${iface}"/dhcp ] && read -r dhcp < "${iface}"/dhcp + [ -e "${iface}"/origin ] && read -r origin < "${iface}"/origin + [ -e "${iface}"/ip-addr ] && read -r ip < "${iface}"/ip-addr + + if [ -n "$ip" ]; then + case "$ip" in + *.*.*.*) + family=ipv4 + ;; + *:*) + family=ipv6 + ;; + esac + fi + if [ -n "$dhcp" ] || [ "$origin" -eq 3 ]; then + if [ "$family" = "ipv6" ]; then + echo "ip=$dev:dhcp6" + else + echo "ip=$dev:dhcp" + fi + elif [ -e "${iface}"/ip-addr ]; then + # skip not assigned ip addresses + [ "$ip" = "0.0.0.0" ] && continue + [ -e "${iface}"/gateway ] && read -r gw < "${iface}"/gateway + [ "$gw" = "0.0.0.0" ] && unset gw + [ -e "${iface}"/subnet-mask ] && read -r mask < "${iface}"/subnet-mask + [ -e "${iface}"/prefix-len ] && read -r prefix < "${iface}"/prefix-len + [ -e "${iface}"/primary-dns ] && read -r dns1 < "${iface}"/primary-dns + [ "$dns1" = "0.0.0.0" ] && unset dns1 + [ -e "${iface}"/secondary-dns ] && read -r dns2 < "${iface}"/secondary-dns + [ "$dns2" = "0.0.0.0" ] && unset dns + [ -e "${iface}"/hostname ] && read -r hostname < "${iface}"/hostname + if [ "$family" = "ipv6" ]; then + if [ -n "$ip" ]; then + [ -n "$prefix" ] || prefix=128 + ip="[${ip}]" + mask=$prefix + fi + if [ -n "$gw" ]; then + gw="[${gw}]" + fi + fi + if [ -n "$ip" ] && [ -n "$mask" -o -n "$prefix" ]; then + echo "ip=$ip::$gw:$mask:$hostname:$dev:none${dns1:+:$dns1}${dns2:+:$dns2}" + else + warn "${iface} does not contain a valid iBFT configuration" + warn "ip-addr=$ip" + warn "gateway=$gw" + warn "subnet-mask=$mask" + warn "hostname=$hostname" + fi + else + info "${iface} does not contain a valid iBFT configuration" + # shellcheck disable=SC2012 + ls -l "${iface}" | vinfo + fi + + if [ -e "${iface}"/vlan ]; then + read -r vlan < "${iface}"/vlan + if [ "$vlan" -ne "0" ]; then + case "$vlan" in + [0-9]*) + echo "vlan=$dev.$vlan:$dev" + echo "$mac" > /tmp/net."${dev}"."${vlan}".has_ibft_config + ;; + *) + echo "vlan=$vlan:$dev" + echo "$mac" > /tmp/net."${vlan}".has_ibft_config + ;; + esac + else + echo "$mac" > /tmp/net."${dev}".has_ibft_config + fi + else + echo "$mac" > /tmp/net."${dev}".has_ibft_config + fi + + done + ) >> /etc/cmdline.d/40-ibft.conf +} + +parse_iscsi_root() { + local v + v=${1#iscsi:} + + # extract authentication info + case "$v" in + *@*:*:*:*:*) + authinfo=${v%%@*} + v=${v#*@} + # allow empty authinfo to allow having an @ in iscsi_target_name like this: + # netroot=iscsi:@192.168.1.100::3260::iqn.2009-01.com.example:testdi@sk + if [ -n "$authinfo" ]; then + OLDIFS="$IFS" + IFS=: + # shellcheck disable=SC2086 + set $authinfo + IFS="$OLDIFS" + if [ $# -gt 4 ]; then + warn "Wrong authentication info in iscsi: parameter!" + return 1 + fi + iscsi_username=$1 + iscsi_password=$2 + if [ $# -gt 2 ]; then + iscsi_in_username=$3 + iscsi_in_password=$4 + fi + fi + ;; + esac + + # extract target ip + case "$v" in + [[]*[]]:*) + iscsi_target_ip=${v#[[]} + iscsi_target_ip=${iscsi_target_ip%%[]]*} + v=${v#[[]"$iscsi_target_ip"[]]:} + ;; + *) + iscsi_target_ip=${v%%[:]*} + v=${v#"$iscsi_target_ip":} + ;; + esac + + unset iscsi_target_name + # extract target name + case "$v" in + *:iqn.*) + iscsi_target_name=iqn.${v##*:iqn.} + v=${v%:iqn.*}: + ;; + *:eui.*) + iscsi_target_name=eui.${v##*:eui.} + v=${v%:eui.*}: + ;; + *:naa.*) + iscsi_target_name=naa.${v##*:naa.} + v=${v%:naa.*}: + ;; + esac + + # parse the rest + OLDIFS="$IFS" + IFS=: + # shellcheck disable=SC2086 + set $v + IFS="$OLDIFS" + + iscsi_protocol=$1 + shift # ignored + iscsi_target_port=$1 + shift + + if [ -n "$iscsi_target_name" ]; then + if [ $# -eq 3 ]; then + iscsi_iface_name=$1 + shift + fi + if [ $# -eq 2 ]; then + iscsi_netdev_name=$1 + shift + fi + iscsi_lun=$1 + shift + if [ $# -ne 0 ]; then + warn "Invalid parameter in iscsi: parameter!" + return 1 + fi + return 0 + fi + + if [ $# -gt 3 ] && [ -n "$1$2" ]; then + if [ -z "$3" ] || [ "$3" -ge 0 ] 2> /dev/null; then + iscsi_iface_name=$1 + shift + iscsi_netdev_name=$1 + shift + fi + fi + + iscsi_lun=$1 + shift + + iscsi_target_name=$(printf "%s:" "$@") + iscsi_target_name=${iscsi_target_name%:} +} + +ip_to_var() { + local v="${1}": + local i + set -- + while [ -n "$v" ]; do + if [ "${v#\[*:*:*\]:}" != "$v" ]; then + # handle IPv6 address + i="${v%%\]:*}" + i="${i##\[}" + set -- "$@" "$i" + v=${v#\["$i"\]:} + else + set -- "$@" "${v%%:*}" + v=${v#*:} + fi + done + + unset ip srv gw mask hostname dev autoconf macaddr mtu dns1 dns2 + + if [ $# -eq 0 ]; then + autoconf="error" + return 0 + fi + + if [ $# -eq 1 ]; then + # format: ip={dhcp|on|any|dhcp6|auto6|either6|single-dhcp} + # or + # ip=<ipv4-address> means anaconda-style static config argument cluster + autoconf="$1" + + if strglob "$autoconf" "*.*.*.*"; then + # ip=<ipv4-address> means anaconda-style static config argument cluster: + # ip=<ip> gateway=<gw> netmask=<nm> hostname=<host> mtu=<mtu> + # ksdevice={link|bootif|ibft|<MAC>|<ifname>} + ip="$autoconf" + gw=$(getarg gateway=) + mask=$(getarg netmask=) + hostname=$(getarg hostname=) + dev=$(getarg ksdevice=) + autoconf="none" + mtu=$(getarg mtu=) + + # handle special values for ksdevice + case "$dev" in + bootif | BOOTIF) dev=$(fix_bootif "$(getarg BOOTIF=)") ;; + link) dev="" ;; # FIXME: do something useful with this + ibft) dev="" ;; # ignore - ibft is handled elsewhere + esac + fi + return 0 + fi + + if [ "$2" = "dhcp" -o "$2" = "on" -o "$2" = "any" -o "$2" = "dhcp6" -o "$2" = "auto6" -o "$2" = "either6" ]; then + # format: ip=<interface>:{dhcp|on|any|dhcp6|auto6}[:[<mtu>][:<macaddr>]] + [ -n "$1" ] && dev="$1" + [ -n "$2" ] && autoconf="$2" + [ -n "$3" ] && mtu=$3 + if [ -z "$5" ]; then + macaddr="$4" + else + macaddr="${4}:${5}:${6}:${7}:${8}:${9}" + fi + return 0 + fi + + # format: ip=<client-IP>:[<peer>]:<gateway-IP>:<netmask>:<client_hostname>:<interface>:{none|off|dhcp|on|any|dhcp6|auto6|ibft}:[:[<mtu>][:<macaddr>]] + + [ -n "$1" ] && ip=$1 + [ -n "$2" ] && srv=$2 + [ -n "$3" ] && gw=$3 + [ -n "$4" ] && mask=$4 + [ -n "$5" ] && hostname=$5 + [ -n "$6" ] && dev=$6 + [ -n "$7" ] && autoconf=$7 + case "$8" in + [0-9a-fA-F]*:* | [0-9]*.[0-9]*.[0-9]*.[0-9]*) + dns1="$8" + [ -n "$9" ] && dns2="$9" + ;; + [0-9]*) + mtu="$8" + if [ -n "${9}" -a -z "${10}" ]; then + macaddr="${9}" + elif [ -n "${9}" -a -n "${10}" -a -n "${11}" -a -n "${12}" -a -n "${13}" -a -n "${14}" ]; then + macaddr="${9}:${10}:${11}:${12}:${13}:${14}" + fi + ;; + *) + if [ -n "${9}" -a -z "${10}" ]; then + macaddr="${9}" + elif [ -n "${9}" -a -n "${10}" -a -n "${11}" -a -n "${12}" -a -n "${13}" -a -n "${14}" ]; then + macaddr="${9}:${10}:${11}:${12}:${13}:${14}" + fi + ;; + esac + return 0 +} + +route_to_var() { + local v="${1}": + local i + set -- + while [ -n "$v" ]; do + if [ "${v#\[*:*:*\]:}" != "$v" ]; then + # handle IPv6 address + i="${v%%\]:*}" + i="${i##\[}" + set -- "$@" "$i" + v=${v#\["$i"\]:} + else + set -- "$@" "${v%%:*}" + v=${v#*:} + fi + done + + unset route_mask route_gw route_dev + case $# in + 2) + [ -n "$1" ] && route_mask="$1" + [ -n "$2" ] && route_gw="$2" + return 0 + ;; + 3) + [ -n "$1" ] && route_mask="$1" + [ -n "$2" ] && route_gw="$2" + [ -n "$3" ] && route_dev="$3" + return 0 + ;; + *) return 1 ;; + esac +} + +parse_ifname_opts() { + local IFS=: + # shellcheck disable=SC2086 + set -- $1 + + case $# in + 7) + ifname_if=$1 + # udev requires MAC addresses to be lower case + ifname_mac=$(echo "$2:$3:$4:$5:$6:$7" | sed 'y/ABCDEF/abcdef/') + ;; + 21) + ifname_if=$1 + # udev requires MAC addresses to be lower case + ifname_mac=$(echo "$2:$3:$4:$5:$6:$7:$8:$9:${10}:${11}:${12}:${13}:${14}:${15}:${16}:${17}:${18}:${19}:${20}:${21}" | sed 'y/ABCDEF/abcdef/') + ;; + *) + die "Invalid arguments for ifname=" + ;; + esac + + case $ifname_if in + eth[0-9] | eth[0-9][0-9] | eth[0-9][0-9][0-9] | eth[0-9][0-9][0-9][0-9]) + warn "ifname=$ifname_if uses the kernel name space for interfaces" + warn "This can fail for multiple network interfaces and is discouraged!" + warn 'Please use a custom name like "netboot" or "bluesocket"' + warn "or use biosdevname and no ifname= at all." + ;; + esac + +} + +# some network driver need long time to initialize, wait before it's ready. +wait_for_if_link() { + local cnt=0 + local li + local timeout + timeout=$(getargs rd.net.timeout.iflink=) + timeout=${timeout:-60} + timeout=$((timeout * 10)) + + while [ $cnt -lt $timeout ]; do + li=$(ip link show dev "$@" 2> /dev/null) + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_if_up() { + local cnt=0 + local li + local timeout + timeout=$(getargs rd.net.timeout.ifup=) + timeout=${timeout:-20} + timeout=$((timeout * 10)) + + while [ $cnt -lt $timeout ]; do + li=$(ip link show up dev "$@") + if [ -n "$li" ]; then + case "$li" in + *\<UP*) + return 0 + ;; + *\<*,UP\>*) + return 0 + ;; + *\<*,UP,*\>*) + return 0 + ;; + esac + fi + if strstr "$li" "LOWER_UP" \ + && strstr "$li" "state UNKNOWN" \ + && ! strstr "$li" "DORMANT"; then + return 0 + fi + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_route_ok() { + local cnt=0 + local timeout + timeout=$(getargs rd.net.timeout.route=) + timeout=${timeout:-20} + timeout=$((timeout * 10)) + + while [ $cnt -lt $timeout ]; do + li=$(ip route show) + [ -n "$li" ] && [ -z "${li##*"$1"*}" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_ipv6_dad_link() { + local cnt=0 + local timeout + timeout=$(getargs rd.net.timeout.ipv6dad=) + timeout=${timeout:-50} + timeout=$((timeout * 10)) + + while [ $cnt -lt $timeout ]; do + [ -n "$(ip -6 addr show dev "$@" scope link)" ] \ + && [ -z "$(ip -6 addr show dev "$@" scope link tentative)" ] \ + && return 0 + [ -n "$(ip -6 addr show dev "$@" scope link dadfailed)" ] \ + && return 1 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_ipv6_dad() { + local cnt=0 + local timeout + timeout=$(getargs rd.net.timeout.ipv6dad=) + timeout=${timeout:-50} + timeout=$((timeout * 10)) + + while [ $cnt -lt $timeout ]; do + [ -n "$(ip -6 addr show dev "$@")" ] \ + && [ -z "$(ip -6 addr show dev "$@" tentative)" ] \ + && return 0 + [ -n "$(ip -6 addr show dev "$@" dadfailed)" ] \ + && return 1 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_ipv6_auto() { + local cnt=0 + local timeout + timeout=$(getargs rd.net.timeout.ipv6auto=) + timeout=${timeout:-40} + timeout=$((timeout * 10)) + + while [ $cnt -lt $timeout ]; do + [ -z "$(ip -6 addr show dev "$@" tentative)" ] \ + && { ip -6 route list proto ra dev "$@" | grep -q ^default; } \ + && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +linkup() { + wait_for_if_link "$@" 2> /dev/null && ip link set "$@" up 2> /dev/null && wait_for_if_up "$@" 2> /dev/null +} + +type hostname > /dev/null 2>&1 \ + || hostname() { + cat /proc/sys/kernel/hostname + } + +iface_has_carrier() { + local cnt=0 + local iface="$1" flags="" + local timeout + local iface_sys_path + [ -n "$iface" ] || return 2 + iface_sys_path="/sys/class/net/$iface" + [ -d "$iface_sys_path" ] || return 2 + timeout=$(getargs rd.net.timeout.carrier=) + timeout=${timeout:-10} + timeout=$((timeout * 10)) + + linkup "$1" + + li=$(ip link show up dev "$iface") + strstr "$li" "NO-CARRIER" && _no_carrier_flag=1 + + while [ $cnt -lt $timeout ]; do + if [ -n "$_no_carrier_flag" ]; then + li=$(ip link show up dev "$iface") + # NO-CARRIER flag was cleared + strstr "$li" "NO-CARRIER" || return 0 + elif ! [ -e "$iface_sys_path/carrier" ]; then + # sysfs not available and "NO-CARRIER" not displayed + return 0 + fi + # double check the syscfs carrier flag + [ -e "$iface_sys_path/carrier" ] && [ "$(cat "$iface_sys_path"/carrier)" = 1 ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +iface_has_link() { + iface_has_carrier "$@" +} + +iface_is_enslaved() { + local _li + _li=$(ip link show dev "$@") + strstr "$_li" " master " || return 1 + return 0 +} + +find_iface_with_link() { + local iface_path="" iface="" + for iface_path in /sys/class/net/*; do + iface=${iface_path##*/} + str_starts "$iface" "lo" && continue + if iface_has_link "$iface"; then + echo "$iface" + return 0 + fi + done + return 1 +} + +is_persistent_ethernet_name() { + local _netif="$1" + local _name_assign_type="0" + + [ -f "/sys/class/net/$_netif/name_assign_type" ] \ + && read -r _name_assign_type < "/sys/class/net/$_netif/name_assign_type" 2> /dev/null + + # NET_NAME_ENUM 1 + [ "$_name_assign_type" = "1" ] && return 1 + + # NET_NAME_PREDICTABLE 2 + [ "$_name_assign_type" = "2" ] && return 0 + + case "$_netif" in + # udev persistent interface names + eno[0-9] | eno[0-9][0-9] | eno[0-9][0-9][0-9]*) ;; + + ens[0-9] | ens[0-9][0-9] | ens[0-9][0-9][0-9]*) ;; + + enp[0-9]s[0-9]* | enp[0-9][0-9]s[0-9]* | enp[0-9][0-9][0-9]*s[0-9]*) ;; + + enP*p[0-9]s[0-9]* | enP*p[0-9][0-9]s[0-9]* | enP*p[0-9][0-9][0-9]*s[0-9]*) ;; + + # biosdevname + em[0-9] | em[0-9][0-9] | em[0-9][0-9][0-9]*) ;; + + p[0-9]p[0-9]* | p[0-9][0-9]p[0-9]* | p[0-9][0-9][0-9]*p[0-9]*) ;; + + *) + return 1 + ;; + esac + return 0 +} + +is_kernel_ethernet_name() { + local _netif="$1" + local _name_assign_type="1" + + if [ -e "/sys/class/net/$_netif/name_assign_type" ]; then + read -r _name_assign_type < "/sys/class/net/$_netif/name_assign_type" + + case "$_name_assign_type" in + 2 | 3 | 4) + # NET_NAME_PREDICTABLE 2 + # NET_NAME_USER 3 + # NET_NAME_RENAMED 4 + return 1 + ;; + 1 | *) + # NET_NAME_ENUM 1 + return 0 + ;; + esac + fi + + # fallback to error prone manual name check + case "$_netif" in + eth[0-9] | eth[0-9][0-9] | eth[0-9][0-9][0-9]*) + return 0 + ;; + *) + return 1 + ;; + esac + +} + +iface_get_subchannels() { + local _netif + local _subchannels + + _netif="$1" + + _subchannels=$({ + for i in /sys/class/net/"$_netif"/device/cdev[0-9]*; do + [ -e "$i" ] || continue + channel=$(readlink -f "$i") + printf -- "%s" "${channel##*/}," + done + }) + [ -n "$_subchannels" ] || return 1 + + printf -- "%s" "${_subchannels%,}" +} diff --git a/modules.d/40network/netroot.sh b/modules.d/40network/netroot.sh new file mode 100755 index 0000000..8f97774 --- /dev/null +++ b/modules.d/40network/netroot.sh @@ -0,0 +1,92 @@ +#!/bin/sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v getarg > /dev/null || . /lib/dracut-lib.sh +command -v setup_net > /dev/null || . /lib/net-lib.sh + +# Huh? Empty $1? +[ -z "$1" ] && exit 1 + +# [ ! -z $2 ] means this is for manually bringing up network +# instead of real netroot; If It's called without $2, then there's +# no sense in doing something if no (net)root info is available +# or root is already there +[ -d "$NEWROOT"/proc ] && exit 0 + +if [ -z "$netroot" ]; then + netroot=$(getarg netroot=) +fi + +[ -z "$netroot" ] && exit 1 + +# Set or override primary interface +netif=$1 +[ -e "/tmp/net.bootdev" ] && read -r netif < /tmp/net.bootdev + +case "$netif" in + ??:??:??:??:??:??) # MAC address + for i in /sys/class/net/*/address; do + read -r mac < "$i" + if [ "$mac" = "$netif" ]; then + i=${i%/address} + netif=${i##*/} + break + fi + done ;; +esac + +# Figure out the handler for root=dhcp by recalling all netroot cmdline +# handlers when this is not called from manually network bringing up. +if [ -z "$2" ]; then + if getarg "root=dhcp" || getarg "netroot=dhcp" || getarg "root=dhcp6" || getarg "netroot=dhcp6"; then + # Load dhcp options + # shellcheck disable=SC1090 + [ -e /tmp/dhclient."$netif".dhcpopts ] && . /tmp/dhclient."$netif".dhcpopts + + # If we have a specific bootdev with no dhcpoptions or empty root-path, + # we die. Otherwise we just warn + if [ -z "$new_root_path" ]; then + [ -n "$BOOTDEV" ] && die "No dhcp root-path received for '$BOOTDEV'" + warn "No dhcp root-path received for '$netif' trying other interfaces if available" + exit 1 + fi + + rm -f -- "$hookdir"/initqueue/finished/dhcp.sh + + # Set netroot to new_root_path, so cmdline parsers don't call + netroot=$new_root_path + + # FIXME! + unset rootok + for f in "$hookdir"/cmdline/90*.sh; do + # shellcheck disable=SC1090 + [ -f "$f" ] && . "$f" + done + else + rootok="1" + fi + + # Check: do we really know how to handle (net)root? + if [ -z "$root" ]; then + root=$(getarg root=) + fi + [ -z "$root" ] && die "No or empty root= argument" + [ -z "$rootok" ] && die "Don't know how to handle 'root=$root'" + + handler=${netroot%%:*} + handler=${handler%%4} + handler=$(command -v "${handler}"root) + if [ -z "$netroot" ] || [ ! -e "$handler" ]; then + die "No handler for netroot type '$netroot'" + fi +fi + +# Source netroot hooks before we start the handler +source_hook netroot "$netif" + +# Run the handler; don't store the root, it may change from device to device +# XXX other variables to export? +[ -n "$handler" ] && "$handler" "$netif" "$netroot" "$NEWROOT" +save_netinfo "$netif" + +exit 0 diff --git a/modules.d/45ifcfg/module-setup.sh b/modules.d/45ifcfg/module-setup.sh new file mode 100755 index 0000000..b0d4418 --- /dev/null +++ b/modules.d/45ifcfg/module-setup.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +# called by dracut +check() { + [[ -d $dracutsysrootdir/etc/sysconfig/network-scripts ]] && return 0 + return 255 +} + +# called by dracut +depends() { + echo "network" + return 0 +} + +# called by dracut +install() { + inst_binary awk + inst_hook pre-pivot 85 "$moddir/write-ifcfg.sh" +} diff --git a/modules.d/45ifcfg/write-ifcfg.sh b/modules.d/45ifcfg/write-ifcfg.sh new file mode 100755 index 0000000..5550cce --- /dev/null +++ b/modules.d/45ifcfg/write-ifcfg.sh @@ -0,0 +1,311 @@ +#!/bin/sh + +# NFS root might have reached here before /tmp/net.ifaces was written +type is_persistent_ethernet_name > /dev/null 2>&1 || . /lib/net-lib.sh + +udevadm settle --timeout=30 + +# shellcheck disable=SC2174 +mkdir -m 0755 -p /tmp/ifcfg/ +# shellcheck disable=SC2174 +mkdir -m 0755 -p /tmp/ifcfg-leases/ + +get_config_line_by_subchannel() { + local CHANNELS + local line + + CHANNELS="$1" + while read -r line || [ -n "$line" ]; do + if strstr "$line" "$CHANNELS"; then + echo "$line" + return 0 + fi + done < /etc/ccw.conf + return 1 +} + +print_s390() { + local _netif + local SUBCHANNELS + local OPTIONS + local NETTYPE + local CONFIG_LINE + local i + local channel + local OLD_IFS + + _netif="$1" + # if we find ccw channel, then use those, instead of + # of the MAC + SUBCHANNELS=$({ + for i in /sys/class/net/"$_netif"/device/cdev[0-9]*; do + [ -e "$i" ] || continue + channel=$(readlink -f "$i") + printf '%s' "${channel##*/}," + done + }) + [ -n "$SUBCHANNELS" ] || return 1 + + SUBCHANNELS=${SUBCHANNELS%,} + echo "SUBCHANNELS=\"${SUBCHANNELS}\"" + + CONFIG_LINE=$(get_config_line_by_subchannel "$SUBCHANNELS") + # shellcheck disable=SC2181 + [ $? -ne 0 -o -z "$CONFIG_LINE" ] && return 0 + + OLD_IFS=$IFS + IFS="," + # shellcheck disable=SC2086 + set -- $CONFIG_LINE + IFS=$OLD_IFS + NETTYPE=$1 + shift + SUBCHANNELS="$1" + OPTIONS="" + shift + while [ $# -gt 0 ]; do + case $1 in + *=*) OPTIONS="$OPTIONS $1" ;; + esac + shift + done + OPTIONS=${OPTIONS## } + echo "NETTYPE=\"${NETTYPE}\"" + echo "OPTIONS=\"${OPTIONS}\"" + return 0 +} + +hw_bind() { + local _netif="$1" + local _macaddr="$2" + + [ -n "$_macaddr" ] \ + && echo "MACADDR=\"$_macaddr\"" + + print_s390 "$_netif" \ + && return 0 + + [ -n "$_macaddr" ] && return 0 + + is_persistent_ethernet_name "$_netif" && return 0 + + [ -f "/sys/class/net/$_netif/addr_assign_type" ] \ + && [ "$(cat "/sys/class/net/$_netif/addr_assign_type")" != "0" ] \ + && return 1 + + [ -f "/sys/class/net/$_netif/address" ] \ + || return 1 + + echo "HWADDR=\"$(cat /sys/class/net/"$_netif"/address)\"" +} + +interface_bind() { + local _netif="$1" + local _macaddr="$2" + + if [ ! -e "/sys/class/net/$_netif" ]; then + warn "Cannot find network interface '$_netif'!" + return 1 + fi + + # see, if we can bind it to some hw params + if hw_bind "$_netif" "$_macaddr"; then + # only print out DEVICE, if it's user assigned + is_kernel_ethernet_name "$_netif" && return 0 + fi + + echo "DEVICE=\"$_netif\"" +} + +for netup in /tmp/net.*.did-setup; do + [ -f "$netup" ] || continue + + netif=${netup%%.did-setup} + netif=${netif##*/net.} + strglobin "$netif" ":*:*:*:*:" && continue + [ -e /tmp/ifcfg/ifcfg-"$netif" ] && continue + unset bridge + unset bond + unset bondslaves + unset bondname + unset bondoptions + unset bridgename + unset bridgeslaves + unset team + unset uuid + unset ip + unset gw + unset mtu + unset mask + unset macaddr + unset slave + unset ethname + unset vlan + unset vlanname + unset phydevice + + # shellcheck disable=SC1090 + [ -e /tmp/bond."${netif}".info ] && . /tmp/bond."${netif}".info + # shellcheck disable=SC1090 + [ -e /tmp/bridge."${netif}".info ] && . /tmp/bridge."${netif}".info + # shellcheck disable=SC1090 + [ -e /tmp/team."${netif}".info ] && . /tmp/team."${netif}".info + + read -r uuid < /proc/sys/kernel/random/uuid + if [ "$netif" = "$bridgename" ]; then + bridge=yes + elif [ "$netif" = "$teammaster" ]; then + team=yes + elif [ "$netif" = "$bondname" ]; then + # $netif can't be bridge and bond at the same time + bond=yes + fi + + for i in "/tmp/vlan.${netif}."*; do + [ ! -e "$i" ] && continue + # shellcheck disable=SC1090 + . "$i" + vlan=yes + break + done + + # skip team interfaces for now, the host config must be in sync + [ "$netif" = "$teammaster" ] && continue + + { + echo "# Generated by dracut initrd" + echo "NAME=\"$netif\"" + [ -z "$vlan" ] && interface_bind "$netif" "$macaddr" + echo "ONBOOT=yes" + echo "NETBOOT=yes" + echo "UUID=\"$uuid\"" + strstr "$(ip -6 addr show dev "$netif")" 'inet6' && echo "IPV6INIT=yes" + if [ -f /tmp/dhclient."$netif".lease ]; then + # shellcheck disable=SC1090 + [ -f /tmp/dhclient."$netif".dhcpopts ] && . /tmp/dhclient."$netif".dhcpopts + if [ -f /tmp/net."$netif".has_ibft_config ]; then + echo "BOOTPROTO=ibft" + else + echo "BOOTPROTO=dhcp" + fi + cp /tmp/dhclient."$netif".lease /tmp/ifcfg-leases/dhclient-"$uuid"-"$netif".lease + else + # If we've booted with static ip= lines, the override file is there + # shellcheck disable=SC1090 + [ -e /tmp/net."$netif".override ] && . /tmp/net."$netif".override + if strglobin "$ip" '*:*:*'; then + echo "IPV6INIT=yes" + echo "IPV6_AUTOCONF=no" + echo "IPV6ADDR=\"$ip/$mask\"" + else + if [ -f /tmp/net."$netif".has_ibft_config ]; then + echo "BOOTPROTO=ibft" + else + echo "BOOTPROTO=none" + echo "IPADDR=\"$ip\"" + if strstr "$mask" "."; then + echo "NETMASK=\"$mask\"" + else + echo "PREFIX=\"$mask\"" + fi + fi + fi + if strglobin "$gw" '*:*:*'; then + echo "IPV6_DEFAULTGW=\"$gw\"" + elif [ -n "$gw" ]; then + echo "GATEWAY=\"$gw\"" + fi + fi + [ -n "$mtu" ] && echo "MTU=\"$mtu\"" + } > /tmp/ifcfg/ifcfg-"$netif" + + # bridge needs different things written to ifcfg + if [ -z "$bridge" ] && [ -z "$bond" ] && [ -z "$vlan" ] && [ -z "$team" ]; then + # standard interface + echo "TYPE=Ethernet" >> /tmp/ifcfg/ifcfg-"$netif" + fi + + if [ -n "$vlan" ]; then + { + echo "TYPE=Vlan" + echo "DEVICE=\"$netif\"" + echo "VLAN=yes" + echo "PHYSDEV=\"$phydevice\"" + } >> /tmp/ifcfg/ifcfg-"$netif" + fi + + if [ -n "$bond" ]; then + # bond interface + { + # This variable is an indicator of a bond interface for initscripts + echo "BONDING_OPTS=\"$bondoptions\"" + echo "NAME=\"$netif\"" + echo "TYPE=Bond" + } >> /tmp/ifcfg/ifcfg-"$netif" + + for slave in $bondslaves; do + # write separate ifcfg file for the raw eth interface + ( + echo "# Generated by dracut initrd" + echo "NAME=\"$slave\"" + echo "TYPE=Ethernet" + echo "ONBOOT=yes" + echo "NETBOOT=yes" + echo "SLAVE=yes" + echo "MASTER=\"$netif\"" + echo "UUID=\"$(cat /proc/sys/kernel/random/uuid)\"" + unset macaddr + # shellcheck disable=SC1090 + [ -e /tmp/net."$slave".override ] && . /tmp/net."$slave".override + interface_bind "$slave" "$macaddr" + ) >> /tmp/ifcfg/ifcfg-"$slave" + done + fi + + if [ -n "$bridge" ]; then + # bridge + { + echo "TYPE=Bridge" + echo "NAME=\"$netif\"" + } >> /tmp/ifcfg/ifcfg-"$netif" + for slave in $bridgeslaves; do + # write separate ifcfg file for the raw eth interface + ( + echo "# Generated by dracut initrd" + echo "NAME=\"$slave\"" + echo "TYPE=Ethernet" + echo "ONBOOT=yes" + echo "NETBOOT=yes" + echo "BRIDGE=\"$bridgename\"" + echo "UUID=\"$(cat /proc/sys/kernel/random/uuid)\"" + unset macaddr + # shellcheck disable=SC1090 + [ -e /tmp/net."$slave".override ] && . /tmp/net."$slave".override + interface_bind "$slave" "$macaddr" + ) >> /tmp/ifcfg/ifcfg-"$slave" + done + fi + i=1 + for ns in $(getargs nameserver) $dns1 $dns2; do + echo "DNS${i}=\"${ns}\"" >> /tmp/ifcfg/ifcfg-"$netif" + i=$((i + 1)) + done + + [ -f /tmp/net.route6."$netif" ] && cp /tmp/net.route6."$netif" /tmp/ifcfg/route6-"$netif" + [ -f /tmp/net.route."$netif" ] && cp /tmp/net.route."$netif" /tmp/ifcfg/route-"$netif" +done + +# Pass network opts +mkdir -m 0755 -p /run/initramfs/state/etc/sysconfig/network-scripts +mkdir -m 0755 -p /run/initramfs/state/var/lib/dhclient +echo "files /etc/sysconfig/network-scripts" >> /run/initramfs/rwtab +echo "files /var/lib/dhclient" >> /run/initramfs/rwtab +{ + cp /tmp/net.* /run/initramfs/ + for i in /tmp/net.*.resolv.conf; do + [ -f "$i" ] && cat "$i" + done | awk '!($0 in a) { a[$0]; print }' > /run/initramfs/state/etc/resolv.conf + [ -s /run/initramfs/state/etc/resolv.conf ] || rm -f /run/initramfs/state/etc/resolv.conf + copytree /tmp/ifcfg /run/initramfs/state/etc/sysconfig/network-scripts + cp /tmp/ifcfg-leases/* /run/initramfs/state/var/lib/dhclient +} > /dev/null 2>&1 diff --git a/modules.d/45url-lib/module-setup.sh b/modules.d/45url-lib/module-setup.sh new file mode 100755 index 0000000..65da87e --- /dev/null +++ b/modules.d/45url-lib/module-setup.sh @@ -0,0 +1,88 @@ +#!/bin/bash +# module-setup for url-lib + +# called by dracut +check() { + require_binaries curl || return 1 + return 255 +} + +# called by dracut +depends() { + echo network + return 0 +} + +# called by dracut +install() { + local _dir _crt _crts _found _lib _nssckbi _p11roots _p11root + inst_simple "$moddir/url-lib.sh" "/lib/url-lib.sh" + inst_multiple -o ctorrent + inst_multiple curl sed + if curl --version | grep -qi '\bNSS\b'; then + # also install libs for curl https + inst_libdir_file "libnsspem.so*" + inst_libdir_file "libnsssysinit.so*" + inst_libdir_file "libsoftokn3.so*" + inst_libdir_file "libsqlite3.so*" + fi + + for _dir in $libdirs; do + [[ -d $dracutsysrootdir$_dir ]] || continue + for _lib in "$dracutsysrootdir$_dir"/libcurl.so.* "$dracutsysrootdir$_dir"/libcrypto.so.*; do + [[ -e $_lib ]] || continue + if ! [[ $_nssckbi ]]; then + read -r -d '' _nssckbi < <(grep -F --binary-files=text -z libnssckbi "$_lib") + fi + read -r -d '' _crt < <(grep -E --binary-files=text -z "\.(pem|crt)" "$_lib" | sed 's/\x0//g') + [[ $_crt ]] || continue + [[ $_crt == /*/* ]] || continue + if [[ -e $_crt ]]; then + _crts="$_crts $_crt" + _found=1 + fi + done + done + if [[ $_found ]] && [[ -n $_crts ]]; then + for _crt in $_crts; do + if ! inst "${_crt#"$dracutsysrootdir"}"; then + dwarn "Couldn't install '$_crt' SSL CA cert bundle; HTTPS might not work." + continue + fi + done + fi + # If we found no cert bundle files referenced in libcurl but we + # *did* find a mention of libnssckbi (checked above), install it. + # If its truly NSS libnssckbi, it includes its own trust bundle, + # but if it's really p11-kit-trust.so, we need to find the dirs + # where it will look for a trust bundle and install them too. + if ! [[ $_found ]] && [[ $_nssckbi ]]; then + _found=1 + inst_libdir_file "libnssckbi.so*" || _found= + for _dir in $libdirs; do + [[ -e $dracutsysrootdir$_dir/libnssckbi.so ]] || continue + # this looks for directory-ish strings in the file + grep -z -o --binary-files=text '/[[:alpha:]][[:print:]]*' "${dracutsysrootdir}${_dir}"/libnssckbi.so \ + | while read -r -d '' _p11roots || [[ $_p11roots ]]; do + IFS=":" read -r -a _p11roots <<< "$_p11roots" + # the string can be a :-separated list of dirs + for _p11root in "${_p11roots[@]}"; do + # check if it's actually a directory (there are + # several false positives in the results) + [[ -d "$dracutsysrootdir$_p11root" ]] || continue + # check if it has some specific subdirs that all + # p11-kit trust dirs have + [[ -d "$dracutsysrootdir${_p11root}/anchors" ]] || continue + [[ -d "$dracutsysrootdir${_p11root}/blacklist" ]] || continue + # so now we know it's really a p11-kit trust dir; + # install everything in it + mkdir -p -- "${initdir}/${_p11root}" + if ! $DRACUT_CP -L -t "${initdir}/${_p11root}" "${dracutsysrootdir}${_p11root}"/*; then + dwarn "Couldn't install from p11-kit trust dir '${_p11root#"$dracutsysrootdir"}'; HTTPS might not work." + fi + done + done + done + fi + [[ $_found ]] || dwarn "Couldn't find SSL CA cert bundle or libnssckbi.so; HTTPS won't work." +} diff --git a/modules.d/45url-lib/url-lib.sh b/modules.d/45url-lib/url-lib.sh new file mode 100755 index 0000000..7c3ef1e --- /dev/null +++ b/modules.d/45url-lib/url-lib.sh @@ -0,0 +1,174 @@ +#!/bin/sh +# url-lib.sh - functions for handling URLs (file fetching etc.) +# +# Authors: +# Will Woods <wwoods@redhat.com> + +type mkuniqdir > /dev/null 2>&1 || . /lib/dracut-lib.sh + +# fetch_url URL [OUTFILE] +# fetch the given URL to a locally-visible location. +# if OUTFILE is given, the URL will be fetched to that filename, +# overwriting it if present. +# If the URL is something mountable (e.g. nfs://) and no OUTFILE is given, +# the server will be left mounted until pre-pivot. +# the return values are as follows: +# 0: success +# 253: unknown error (file missing) +# 254: unhandled URL scheme / protocol +# 255: bad arguments / unparsable URLs +# other: fetch command failure (whatever curl/mount/etc return) +fetch_url() { + local url="$1" outloc="$2" + local handler + handler="$(get_url_handler "$url")" + [ -n "$handler" ] || return 254 + [ -n "$url" ] || return 255 + "$handler" "$url" "$outloc" +} + +# get_url_handler URL +# returns the first HANDLERNAME corresponding to the URL's scheme +get_url_handler() { + local scheme="${1%%:*}" item="" + for item in $url_handler_map; do + [ "$scheme" = "${item%%:*}" ] && echo "${item#*:}" && return 0 + done + return 1 +} + +# add_url_handler HANDLERNAME SCHEME [SCHEME...] +# associate the named handler with the named scheme(s). +add_url_handler() { + local handler="$1" + shift + local schemes="$*" scheme="" + set -- + for scheme in $schemes; do + [ "$(get_url_handler "$scheme")" = "$handler" ] && continue + set -- "$@" "$scheme:$handler" + done + set -- "$@" "$url_handler_map" # add new items to *front* of list + url_handler_map="$*" +} + +### HTTP, HTTPS, FTP ################################################# + +export CURL_HOME="/run/initramfs/url-lib" +mkdir -p $CURL_HOME +curl_args="--globoff --location --retry 3 --retry-connrefused --fail --show-error" +getargbool 0 rd.noverifyssl && curl_args="$curl_args --insecure" + +proxy=$(getarg proxy=) +[ -n "$proxy" ] && curl_args="$curl_args --proxy $proxy" + +curl_fetch_url() { + local url="$1" outloc="$2" + echo "$url" > /proc/self/fd/0 + if [ -n "$outloc" ]; then + # shellcheck disable=SC2086 + curl $curl_args --output "$outloc" -- "$url" || return $? + else + local outdir + outdir="$(mkuniqdir /tmp curl_fetch_url)" + ( + cd "$outdir" || exit + # shellcheck disable=SC2086 + curl $curl_args --remote-name "$url" || return $? + ) + outloc="$outdir/$(ls -A "$outdir")" + fi + if ! [ -f "$outloc" ]; then + warn "Downloading '$url' failed!" + return 253 + fi + if [ -z "$2" ]; then echo "$outloc"; fi +} +add_url_handler curl_fetch_url http https ftp tftp + +set_http_header() { + echo "header = \"$1: $2\"" >> $CURL_HOME/.curlrc +} + +### TORRENT ########################################################## + +ctorrent_args="-E 0 -e 0" + +ctorrent_fetch_url() { + local url="$1" outloc="$2" + url=${url#*//} + torrent_outloc="$outloc.torrent" + echo "$url" > /proc/self/fd/0 + if [ -n "$outloc" ]; then + # shellcheck disable=SC2086 + curl $curl_args --output "$torrent_outloc" -- "$url" || return $? + else + local outdir + outdir="$(mkuniqdir /tmp torrent_fetch_url)" + ( + cd "$outdir" || exit + # shellcheck disable=SC2086 + curl $curl_args --remote-name "$url" || return $? + ) + torrent_outloc="$outdir/$(ls -A "$outdir")" + outloc=${torrent_outloc%.*} + fi + if ! [ -f "$torrent_outloc" ]; then + warn "Downloading '$url' failed!" + return 253 + fi + # shellcheck disable=SC2086 + ctorrent $ctorrent_args -s "$outloc" "$torrent_outloc" >&2 + if ! [ -f "$outloc" ]; then + warn "Torrent download of '$url' failed!" + return 253 + fi + if [ -z "$2" ]; then echo "$outloc"; fi +} + +command -v ctorrent > /dev/null \ + && add_url_handler ctorrent_fetch_url torrent + +### NFS ############################################################## + +[ -e /lib/nfs-lib.sh ] && . /lib/nfs-lib.sh + +nfs_already_mounted() { + local server="$1" path="$2" s="" p="" + while read -r src mnt rest || [ -n "$src" ]; do + splitsep ":" "$src" s p + p=${p%/} + if [ "$server" = "$s" ]; then + if [ "$path" = "$p" ]; then + echo "$mnt" + elif str_starts "$path" "$p"; then + echo "$mnt"/"${path#"$p"/}" + fi + fi + done < /proc/mounts +} + +nfs_fetch_url() { + local url="$1" outloc="$2" nfs="" server="" path="" options="" + nfs_to_var "$url" || return 255 + local filepath="${path%/*}" filename="${path##*/}" mntdir="" + + # skip mount if server:/filepath is already mounted + mntdir=$(nfs_already_mounted "$server" "$filepath") + if [ -z "$mntdir" ]; then + local mntdir + mntdir="$(mkuniqdir /run nfs_mnt)" + mount_nfs "$nfs:$server:$filepath${options:+:$options}" "$mntdir" + # lazy unmount during pre-pivot hook + inst_hook --hook pre-pivot --name 99url-lib-umount-nfs-"$(basename "$mntdir")" umount -l -- "$mntdir" + fi + + if [ -z "$outloc" ]; then + outloc="$mntdir/$filename" + else + cp -f -- "$mntdir/$filename" "$outloc" || return $? + fi + [ -f "$outloc" ] || return 253 + if [ -z "$2" ]; then echo "$outloc"; fi +} +command -v nfs_to_var > /dev/null && add_url_handler nfs_fetch_url nfs nfs4 diff --git a/modules.d/50drm/module-setup.sh b/modules.d/50drm/module-setup.sh new file mode 100755 index 0000000..1fb3867 --- /dev/null +++ b/modules.d/50drm/module-setup.sh @@ -0,0 +1,59 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + # Include KMS capable drm drivers + + if [[ ${DRACUT_ARCH:-$(uname -m)} == arm* || ${DRACUT_ARCH:-$(uname -m)} == aarch64 ]]; then + # arm/aarch64 specific modules needed by drm + instmods \ + "=drivers/gpu/drm/i2c" \ + "=drivers/gpu/drm/panel" \ + "=drivers/gpu/drm/bridge" \ + "=drivers/video/backlight" + fi + + instmods amdkfd hyperv_fb "=drivers/pwm" + + # if the hardware is present, include module even if it is not currently loaded, + # as we could e.g. be in the installer; nokmsboot boot parameter will disable + # loading of the driver if needed + if [[ $hostonly ]]; then + local i modlink modname + + for i in /sys/bus/{pci/devices,platform/devices,virtio/devices,soc/devices/soc?,vmbus/devices}/*/modalias; do + [[ -e $i ]] || continue + [[ -n $(< "$i") ]] || continue + # shellcheck disable=SC2046 + if hostonly="" dracut_instmods --silent -s "drm_crtc_init|drm_dev_register|drm_encoder_init" -S "iw_handler_get_spy" $(< "$i"); then + if strstr "$(modinfo -F filename $(< "$i") 2> /dev/null)" radeon.ko; then + hostonly='' instmods amdkfd + fi + fi + done + # if there is a privacy screen then its driver must be loaded before the + # kms driver will bind, otherwise its probe() will return -EPROBE_DEFER + # note privacy screens always register, even with e.g. nokmsboot + for i in /sys/class/drm/privacy_screen-*/device/driver/module; do + [[ -L $i ]] || continue + modlink=$(readlink "$i") + modname=$(basename "$modlink") + instmods "$modname" + done + else + dracut_instmods -o -s "drm_crtc_init|drm_dev_register|drm_encoder_init" "=drivers/gpu/drm" "=drivers/staging" + # also include privacy screen providers (see above comment) + # atm all providers live under drivers/platform/x86 + dracut_instmods -o -s "drm_privacy_screen_register" "=drivers/platform/x86" + fi +} diff --git a/modules.d/50plymouth/module-setup.sh b/modules.d/50plymouth/module-setup.sh new file mode 100755 index 0000000..cc6629b --- /dev/null +++ b/modules.d/50plymouth/module-setup.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +pkglib_dir() { + local _dirs="/usr/lib/plymouth /usr/libexec/plymouth/" + if find_binary dpkg-architecture &> /dev/null; then + local _arch + _arch=$(dpkg-architecture -qDEB_HOST_MULTIARCH 2> /dev/null) + [ -n "$_arch" ] && _dirs+=" /usr/lib/$_arch/plymouth" + fi + for _dir in $_dirs; do + if [ -x "$dracutsysrootdir""$_dir"/plymouth-populate-initrd ]; then + echo "$_dir" + return + fi + done +} + +# called by dracut +check() { + [[ "$mount_needs" ]] && return 1 + [[ $(pkglib_dir) ]] || return 1 + + require_binaries plymouthd plymouth plymouth-set-default-theme +} + +# called by dracut +depends() { + echo drm +} + +# called by dracut +install() { + PKGLIBDIR=$(pkglib_dir) + if grep -q nash "$dracutsysrootdir""${PKGLIBDIR}"/plymouth-populate-initrd \ + || [ ! -x "$dracutsysrootdir""${PKGLIBDIR}"/plymouth-populate-initrd ]; then + # shellcheck disable=SC1090 + . "$moddir"/plymouth-populate-initrd.sh + else + PLYMOUTH_POPULATE_SOURCE_FUNCTIONS="$dracutfunctions" \ + "$dracutsysrootdir""${PKGLIBDIR}"/plymouth-populate-initrd -t "$initdir" + fi + + inst_hook emergency 50 "$moddir"/plymouth-emergency.sh + + inst_multiple readlink + + inst_multiple plymouthd plymouth plymouth-set-default-theme + + if ! dracut_module_included "systemd"; then + inst_hook pre-trigger 10 "$moddir"/plymouth-pretrigger.sh + inst_hook pre-pivot 90 "$moddir"/plymouth-newroot.sh + fi +} diff --git a/modules.d/50plymouth/plymouth-emergency.sh b/modules.d/50plymouth/plymouth-emergency.sh new file mode 100755 index 0000000..cf220b2 --- /dev/null +++ b/modules.d/50plymouth/plymouth-emergency.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +plymouth --hide-splash 2> /dev/null || : diff --git a/modules.d/50plymouth/plymouth-newroot.sh b/modules.d/50plymouth/plymouth-newroot.sh new file mode 100755 index 0000000..944f2dc --- /dev/null +++ b/modules.d/50plymouth/plymouth-newroot.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +if type plymouth > /dev/null 2>&1 && [ -z "$DRACUT_SYSTEMD" ]; then + plymouth --newroot="$NEWROOT" +fi diff --git a/modules.d/50plymouth/plymouth-populate-initrd.sh b/modules.d/50plymouth/plymouth-populate-initrd.sh new file mode 100755 index 0000000..7e3afdd --- /dev/null +++ b/modules.d/50plymouth/plymouth-populate-initrd.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +PLYMOUTH_LOGO_FILE="/usr/share/pixmaps/system-logo-white.png" +PLYMOUTH_THEME=$(plymouth-set-default-theme) + +inst_multiple plymouthd plymouth + +test -e "${PLYMOUTH_LOGO_FILE}" && inst_simple "${PLYMOUTH_LOGO_FILE}" + +# shellcheck disable=SC2174 +mkdir -m 0755 -p "${initdir}/usr/share/plymouth" + +inst_libdir_file "plymouth/text.so" "plymouth/details.so" + +if [[ $hostonly ]]; then + inst_multiple \ + "/usr/share/plymouth/themes/details/details.plymouth" \ + "/usr/share/plymouth/themes/text/text.plymouth" + + if [[ -d $dracutsysrootdir/usr/share/plymouth/themes/${PLYMOUTH_THEME} ]]; then + for x in "/usr/share/plymouth/themes/${PLYMOUTH_THEME}"/*; do + [[ -f "$dracutsysrootdir$x" ]] || break + inst "$x" + done + fi + + if [[ -L $dracutsysrootdir/usr/share/plymouth/themes/default.plymouth ]]; then + inst /usr/share/plymouth/themes/default.plymouth + # Install plugin for this theme + PLYMOUTH_PLUGIN=$(grep "^ModuleName=" "$dracutsysrootdir"/usr/share/plymouth/themes/default.plymouth | while read -r _ b _ || [ -n "$b" ]; do echo "$b"; done) + inst_libdir_file "plymouth/${PLYMOUTH_PLUGIN}.so" + fi +else + for x in "$dracutsysrootdir"/usr/share/plymouth/themes/{text,details}/*; do + [[ -f $x ]] || continue + THEME_DIR=$(dirname "${x#"$dracutsysrootdir"}") + # shellcheck disable=SC2174 + mkdir -m 0755 -p "${initdir}/$THEME_DIR" + inst_multiple "${x#"$dracutsysrootdir"}" + done + ( + cd "${initdir}"/usr/share/plymouth/themes || exit + ln -s text/text.plymouth default.plymouth 2>&1 + ) +fi diff --git a/modules.d/50plymouth/plymouth-pretrigger.sh b/modules.d/50plymouth/plymouth-pretrigger.sh new file mode 100755 index 0000000..3d11999 --- /dev/null +++ b/modules.d/50plymouth/plymouth-pretrigger.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +if type plymouthd > /dev/null 2>&1 && [ -z "$DRACUT_SYSTEMD" ]; then + if getargbool 1 plymouth.enable && getargbool 1 rd.plymouth -d -n rd_NO_PLYMOUTH; then + # first trigger graphics subsystem + udevadm trigger --action=add --attr-match=class=0x030000 > /dev/null 2>&1 + # first trigger graphics and tty subsystem + udevadm trigger --action=add \ + --subsystem-match=graphics \ + --subsystem-match=drm \ + --subsystem-match=tty \ + --subsystem-match=acpi \ + > /dev/null 2>&1 + + udevadm settle --timeout=180 2>&1 | vinfo + + info "Starting plymouth daemon" + mkdir -m 0755 /run/plymouth + read -r consoledev rest < /sys/class/tty/console/active + consoledev=${consoledev:-tty0} + [ -x /lib/udev/console_init -a -e "/dev/$consoledev" ] && /lib/udev/console_init "/dev/$consoledev" + plymouthd --attach-to-session --pid-file /run/plymouth/pid + plymouth --show-splash 2>&1 | vinfo + # reset tty after plymouth messed with it + [ -x /lib/udev/console_init -a -e "/dev/$consoledev" ] && /lib/udev/console_init "/dev/$consoledev" + fi +fi diff --git a/modules.d/62bluetooth/module-setup.sh b/modules.d/62bluetooth/module-setup.sh new file mode 100755 index 0000000..8bef927 --- /dev/null +++ b/modules.d/62bluetooth/module-setup.sh @@ -0,0 +1,93 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + # If the binary(s) requirements are not fulfilled the module can't be installed + require_any_binary /usr/lib/bluetooth/bluetoothd /usr/libexec/bluetooth/bluetoothd || return 1 + + if [[ $hostonly ]]; then + # Warn user if bluetooth kernel module is loaded + # and if Peripheral (0x500) is found of minor class: + # * Keyboard (0x40) + # * Keyboard/pointing (0xC0) + # and if Appearance is set to the value defined for keyboard (0x03C1) + [ -d "/sys/class/bluetooth" ] && grep -qiE -e 'Class=0x[0-9a-f]{3}5[4c]0' -e 'Appearance=0x03c1' /var/lib/bluetooth/*/*/info 2> /dev/null \ + && dwarn "If you need to use bluetooth, please include it explicitly." + fi + + return 255 +} + +# Module dependency requirements. +depends() { + # This module has external dependencies on the systemd and dbus modules. + echo systemd dbus + # Return 0 to include the dependent modules in the initramfs. + return 0 +} + +installkernel() { + instmods bluetooth btrtl btintel btbcm bnep ath3k btusb rfcomm hidp + inst_multiple -o \ + /lib/firmware/ar3k/AthrBT* \ + /lib/firmware/ar3k/ramps* \ + /lib/firmware/ath3k-1.fw* \ + /lib/firmware/BCM2033-MD.hex* \ + /lib/firmware/bfubase.frm* \ + /lib/firmware/BT3CPCC.bin* \ + /lib/firmware/brcm/*.hcd* \ + /lib/firmware/mediatek/mt7622pr2h.bin* \ + /lib/firmware/qca/nvm* \ + /lib/firmware/qca/crnv* \ + /lib/firmware/qca/rampatch* \ + /lib/firmware/qca/crbtfw* \ + /lib/firmware/rtl_bt/* \ + /lib/firmware/intel/ibt* \ + /lib/firmware/ti-connectivity/TIInit_* \ + /lib/firmware/nokia/bcmfw.bin* \ + /lib/firmware/nokia/ti1273.bin* +} + +# Install the required file(s) for the module in the initramfs. +install() { + # shellcheck disable=SC2064 + trap "$(shopt -p globstar)" RETURN + shopt -q -s globstar + local -a var_lib_files + + inst_multiple -o \ + "$dbussystem"/bluetooth.conf \ + "$dbussystemservices"/org.bluez.service \ + "${systemdsystemunitdir}/bluetooth.target" \ + "${systemdsystemunitdir}/bluetooth.service" \ + bluetoothctl + + inst_multiple -o \ + /usr/libexec/bluetooth/bluetoothd \ + /usr/lib/bluetooth/bluetoothd + + if [[ $hostonly ]]; then + var_lib_files=("$dracutsysrootdir"/var/lib/bluetooth/**) + + inst_multiple -o \ + /etc/bluetooth/main.conf \ + "$dbussystemconfdir"/bluetooth.conf \ + "$systemdsystemconfdir"/bluetooth.service \ + "$systemdsystemconfdir/bluetooth.service.d/*.conf" \ + "${var_lib_files[@]#"$dracutsysrootdir"}" + fi + + inst_rules 69-btattach-bcm.rules 60-persistent-input.rules + + # shellcheck disable=SC1004 + sed -i -e \ + '/^\[Unit\]/aDefaultDependencies=no\ + Conflicts=shutdown.target\ + Before=shutdown.target\ + After=dbus.service' \ + "${initdir}/${systemdsystemunitdir}/bluetooth.service" + + $SYSTEMCTL -q --root "$initdir" enable bluetooth.service +} diff --git a/modules.d/80cms/cms-write-ifcfg.sh b/modules.d/80cms/cms-write-ifcfg.sh new file mode 100755 index 0000000..ecfd53e --- /dev/null +++ b/modules.d/80cms/cms-write-ifcfg.sh @@ -0,0 +1,105 @@ +#!/bin/bash + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +OLD_UMASK=$(umask) +umask 0022 +mkdir -p /run/initramfs/state/etc/sysconfig/network-scripts +umask "$OLD_UMASK" + +function cms_write_config() { + . /tmp/cms.conf + SUBCHANNELS="$(echo "$SUBCHANNELS" | sed 'y/ABCDEF/abcdef/')" + OLDIFS=$IFS + IFS=, + read -ra subch_array <<< "indexzero,$SUBCHANNELS" + IFS=$OLDIFS + devbusid=${subch_array[1]} + if [ "$NETTYPE" = "ctc" ]; then + driver="ctcm" + else + driver=$NETTYPE + fi + + DEVICE=$(cd "/sys/devices/${driver}/$devbusid/net/" && set -- * && [ "$1" != "*" ] && echo "$1") + + read -r uuid < /proc/sys/kernel/random/uuid + + IFCFGFILE=/run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-$DEVICE + + strglobin "$IPADDR" '*:*:*' && ipv6=1 + + # to please NetworkManager on startup in loader before loader reconfigures net + cat > /etc/sysconfig/network << EOF +HOSTNAME=$HOSTNAME +EOF + echo "$HOSTNAME" > /etc/hostname + if [ "$ipv6" ]; then + echo "NETWORKING_IPV6=yes" >> /etc/sysconfig/network + else + echo "NETWORKING=yes" >> /etc/sysconfig/network + fi + + cat > "$IFCFGFILE" << EOF +DEVICE=$DEVICE +UUID=$uuid +ONBOOT=yes +BOOTPROTO=static +MTU=$MTU +SUBCHANNELS=$SUBCHANNELS +EOF + if [ "$ipv6" ]; then + cat >> "$IFCFGFILE" << EOF +IPV6INIT=yes +IPV6_AUTOCONF=no +IPV6ADDR=$IPADDR/$NETMASK +IPV6_DEFAULTGW=$GATEWAY +EOF + else + cat >> "$IFCFGFILE" << EOF +IPADDR=$IPADDR +NETMASK=$NETMASK +BROADCAST=$BROADCAST +GATEWAY=$GATEWAY +EOF + fi + if [ "$ipv6" ]; then + # shellcheck disable=SC2153 + IFS="," read -r DNS1 DNS2 _ <<< "$DNS" + else + IFS=":" read -r DNS1 DNS2 _ <<< "$DNS" + fi + # real DNS config for NetworkManager to generate /etc/resolv.conf + [[ $DNS1 ]] && echo "DNS1=$DNS1" >> "$IFCFGFILE" + [[ $DNS2 ]] && echo "DNS2=$DNS2" >> "$IFCFGFILE" + # just to please loader's readNetInfo && writeEnabledNetInfo + # which eats DNS1,DNS2,... and generates it themselves based on DNS + if [[ $ipv6 ]]; then + [[ $DNS ]] && echo "DNS=\"$DNS\"" >> "$IFCFGFILE" + else + [[ $DNS ]] && echo "DNS=\"${DNS/:/,}\"" >> "$IFCFGFILE" + fi + # colons in SEARCHDNS already replaced with spaces above for /etc/resolv.conf + [[ $SEARCHDNS ]] && echo "DOMAIN=\"$SEARCHDNS\"" >> "$IFCFGFILE" + [[ $NETTYPE ]] && echo "NETTYPE=$NETTYPE" >> "$IFCFGFILE" + [[ $PEERID ]] && echo "PEERID=$PEERID" >> "$IFCFGFILE" + [[ $PORTNAME ]] && echo "PORTNAME=$PORTNAME" >> "$IFCFGFILE" + [[ $CTCPROT ]] && echo "CTCPROT=$CTCPROT" >> "$IFCFGFILE" + [[ $MACADDR ]] && echo "MACADDR=$MACADDR" >> "$IFCFGFILE" + optstr="" + for option in LAYER2 PORTNO; do + [ -z "${!option}" ] && continue + [ -n "$optstr" ] && optstr=${optstr}" " + optstr=${optstr}$(echo ${option} | sed 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/')"="${!option} + done + # write single quotes since network.py removes double quotes but we need quotes + echo "OPTIONS='$optstr'" >> "$IFCFGFILE" + unset option + unset optstr + unset DNS1 + unset DNS2 + echo "files /etc/sysconfig/network-scripts" >> /run/initramfs/rwtab + echo "files /var/lib/dhclient" >> /run/initramfs/rwtab +} + +[ -f /tmp/cms.conf ] && cms_write_config diff --git a/modules.d/80cms/cmsifup.sh b/modules.d/80cms/cmsifup.sh new file mode 100755 index 0000000..285e20d --- /dev/null +++ b/modules.d/80cms/cmsifup.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +DEVICE=$1 + +. /tmp/cms.conf + +strglobin "$IPADDR" '*:*:*' && ipv6=1 + +if [ "$ipv6" ] && ! str_starts "$IPADDR" "["; then + IPADDR="[$IPADDR]" +fi + +if [ "$ipv6" ] && ! str_starts "$GATEWAY" "["; then + GATEWAY="[$GATEWAY]" +fi + +if [ "$ipv6" ]; then + # shellcheck disable=SC2153 + IFS="," read -r DNS1 DNS2 _ <<< "$DNS" +else + IFS=":" read -r DNS1 DNS2 _ <<< "$DNS" +fi + +{ + echo "ip=$IPADDR::$GATEWAY:$NETMASK:$HOSTNAME:$DEVICE:none:$MTU:$MACADDR" + for i in $DNS1 $DNS2; do + echo "nameserver=$i" + done +} > /etc/cmdline.d/80-cms.conf + +[ -e "/tmp/net.ifaces" ] && read -r IFACES < /tmp/net.ifaces +IFACES="$IFACES $DEVICE" +echo "$IFACES" >> /tmp/net.ifaces + +if [ -x /usr/libexec/nm-initrd-generator ] || [ -x /usr/lib/nm-initrd-generator ]; then + type nm_generate_connections > /dev/null 2>&1 || . /lib/nm-lib.sh + nm_generate_connections + nm_reload_connections +else + exec ifup "$DEVICE" +fi diff --git a/modules.d/80cms/cmssetup.sh b/modules.d/80cms/cmssetup.sh new file mode 100755 index 0000000..68e4563 --- /dev/null +++ b/modules.d/80cms/cmssetup.sh @@ -0,0 +1,221 @@ +#!/bin/bash + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +function sysecho() { + file="$1" + shift + local i=1 + while [ $i -le 10 ]; do + if [ ! -f "$file" ]; then + sleep 1 + i=$((i + 1)) + else + break + fi + done + local status + read -r status < "$file" + if [[ $status != "$*" ]]; then + [ -f "$file" ] && echo "$*" > "$file" + fi +} + +function dasd_settle() { + local dasd_status=/sys/bus/ccw/devices/$1/status + if [ ! -f "$dasd_status" ]; then + return 1 + fi + local i=1 + while [ $i -le 60 ]; do + local status + read -r status < "$dasd_status" + case $status in + online | unformatted) + return 0 + ;; + *) + sleep 0.1 + i=$((i + 1)) + ;; + esac + done + return 1 +} + +function dasd_settle_all() { + for dasdccw in $(while read -r line || [ -n "$line" ]; do echo "${line%%(*}"; done < /proc/dasd/devices); do + if ! dasd_settle "$dasdccw"; then + echo $"Could not access DASD $dasdccw in time" + return 1 + fi + done + return 0 +} + +# prints a canonocalized device bus ID for a given devno of any format +function canonicalize_devno() { + case ${#1} in + 3) echo "0.0.0${1}" ;; + 4) echo "0.0.${1}" ;; + *) echo "${1}" ;; + esac + return 0 +} + +# read file from CMS and write it to /tmp +function readcmsfile() { # $1=dasdport $2=filename + local dev + local numcpus + local devname + local ret=0 + if [ $# -ne 2 ]; then return; fi + # precondition: udevd created dasda block device node + if ! dasd_cio_free -d "$1"; then + echo $"DASD $1 could not be cleared from device blacklist" + return 1 + fi + + modprobe dasd_mod dasd="$CMSDASD" + modprobe dasd_eckd_mod + udevadm settle + + # precondition: dasd_eckd_mod driver incl. dependencies loaded, + # dasd_mod must be loaded without setting any DASD online + dev=$(canonicalize_devno "$1") + numcpus=$( + while read -r line || [ -n "$line" ]; do + if strstr "$line" "# processors"; then + echo "${line##*:}" + break + fi + done < /proc/cpuinfo + ) + + if [ "${numcpus}" -eq 1 ]; then + echo 1 > /sys/bus/ccw/devices/"$dev"/online + else + if ! sysecho /sys/bus/ccw/devices/"$dev"/online 1; then + echo $"DASD $dev could not be set online" + return 1 + fi + udevadm settle + if ! dasd_settle "$dev"; then + echo $"Could not access DASD $dev in time" + return 1 + fi + fi + + udevadm settle + + devname=$( + cd /sys/bus/ccw/devices/"$dev"/block || exit + set -- * + [ -b /dev/"$1" ] && echo "$1" + ) + devname=${devname:-dasda} + + [[ -d /mnt ]] || mkdir -p /mnt + if cmsfs-fuse --to=UTF-8 -a /dev/"$devname" /mnt; then + cat /mnt/"$2" > /run/initramfs/"$2" + umount /mnt || umount -l /mnt + udevadm settle + else + echo $"Could not read conf file $2 on CMS DASD $1." + ret=1 + fi + + if ! sysecho /sys/bus/ccw/devices/"$dev"/online 0; then + echo $"DASD $dev could not be set offline again" + #return 1 + fi + udevadm settle + + # unbind all dasds to unload the dasd modules for a clean start + ( + cd /sys/bus/ccw/drivers/dasd-eckd || exit + for i in *.*; do echo "$i" > unbind; done + ) + udevadm settle + modprobe -r dasd_eckd_mod + udevadm settle + modprobe -r dasd_diag_mod + udevadm settle + modprobe -r dasd_mod + udevadm settle + return $ret +} + +processcmsfile() { + source /tmp/cms.conf + SUBCHANNELS="$(echo "$SUBCHANNELS" | sed 'y/ABCDEF/abcdef/')" + + if [[ $NETTYPE ]]; then + ( + echo -n "$NETTYPE","$SUBCHANNELS" + [[ $PORTNAME ]] && echo -n ",portname=$PORTNAME" + [[ $LAYER2 ]] && echo -n ",layer2=$LAYER2" + [[ $NETTYPE == "ctc" ]] && [[ $CTCPROT ]] && echo -n ",protocol=$CTCPROT" + echo + ) >> /etc/ccw.conf + + OLDIFS=$IFS + IFS=, + read -r -a subch_array <<< "indexzero,$SUBCHANNELS" + IFS=$OLDIFS + devbusid=${subch_array[1]} + if [ "$NETTYPE" = "ctc" ]; then + driver="ctcm" + else + driver=$NETTYPE + fi + + # shellcheck disable=SC2016 + printf 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="%s", KERNELS=="%s", ENV{INTERFACE}=="?*", RUN+="/sbin/initqueue --onetime --unique --name cmsifup-$name /sbin/cmsifup $name"\n' "$driver" "$devbusid" > /etc/udev/rules.d/99-cms.rules + # remove the default net rules + rm -f -- /etc/udev/rules.d/91-default-net.rules + # shellcheck disable=SC2016 + [[ -f /etc/udev/rules.d/90-net.rules ]] \ + || printf 'SUBSYSTEM=="net", ACTION=="online", RUN+="/sbin/initqueue --onetime --env netif=$name source_hook initqueue/online"\n' >> /etc/udev/rules.d/99-cms.rules + udevadm control --reload + znet_cio_free + fi + + if [[ $DASD ]] && [[ $DASD != "none" ]]; then + echo "$DASD" | normalize_dasd_arg > /etc/dasd.conf + echo "options dasd_mod dasd=$DASD" > /etc/modprobe.d/dasd_mod.conf + dasd_cio_free + fi + + unset _do_zfcp + for i in ${!FCP_*}; do + echo "${!i}" | while read -r port rest || [ -n "$port" ]; do + case $port in + *.*.*) ;; + + *.*) + port="0.$port" + ;; + *) + port="0.0.$port" + ;; + esac + echo "$port" "$rest" >> /etc/zfcp.conf + done + _do_zfcp=1 + done + [[ $_do_zfcp ]] && zfcp_cio_free + unset _do_zfcp +} + +[[ $CMSDASD ]] || CMSDASD=$(getarg "CMSDASD=") +[[ $CMSCONFFILE ]] || CMSCONFFILE=$(getarg "CMSCONFFILE=") + +# Parse configuration +if [ -n "$CMSDASD" -a -n "$CMSCONFFILE" ]; then + if readcmsfile "$CMSDASD" "$CMSCONFFILE"; then + ln -s /run/initramfs/"$CMSCONFFILE" /tmp/"$CMSCONFFILE" + ln -s /run/initramfs/"$CMSCONFFILE" /tmp/cms.conf + processcmsfile + fi +fi diff --git a/modules.d/80cms/module-setup.sh b/modules.d/80cms/module-setup.sh new file mode 100755 index 0000000..2b280e0 --- /dev/null +++ b/modules.d/80cms/module-setup.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +# called by dracut +check() { + arch=${DRACUT_ARCH:-$(uname -m)} + [ "$arch" = "s390" -o "$arch" = "s390x" ] || return 1 + return 255 +} + +# called by dracut +depends() { + arch=${DRACUT_ARCH:-$(uname -m)} + [ "$arch" = "s390" -o "$arch" = "s390x" ] || return 1 + echo znet zfcp dasd dasd_mod bash + return 0 +} + +# called by dracut +installkernel() { + instmods zfcp +} + +# called by dracut +install() { + inst_hook pre-trigger 30 "$moddir/cmssetup.sh" + inst_hook pre-pivot 95 "$moddir/cms-write-ifcfg.sh" + inst_script "$moddir/cmsifup.sh" /sbin/cmsifup + # shellcheck disable=SC2046 + inst_multiple /etc/cmsfs-fuse/filetypes.conf /etc/udev/rules.d/99-fuse.rules /etc/fuse.conf \ + cmsfs-fuse fusermount bash insmod rmmod cat normalize_dasd_arg sed \ + $(rpm -ql s390utils-base) awk getopt + + inst_libdir_file "gconv/*" + #inst /usr/lib/locale/locale-archive + dracut_need_initqueue +} diff --git a/modules.d/80lvmmerge/README.md b/modules.d/80lvmmerge/README.md new file mode 100644 index 0000000..5e3e05f --- /dev/null +++ b/modules.d/80lvmmerge/README.md @@ -0,0 +1,61 @@ +# lvmmerge - dracut module + +## Preparation +- ensure that the lvm thin pool is big enough +- backup any (most likely /boot and /boot/efi) device with: +``` +# mkdir /restoredev +# dev=<device>; umount $dev; dd if="$dev" of=/restoredev/$(systemd-escape -p "$dev"); mount $dev +``` +- backup the MBR +``` +# dev=<device>; dd if="$dev" of=/restoredev/$(systemd-escape -p "$dev") bs=446 count=1 +# ls -l /dev/disk/by-path/virtio-pci-0000\:00\:07.0 +lrwxrwxrwx. 1 root root 9 Jul 24 04:27 /dev/disk/by-path/virtio-pci-0000:00:07.0 -> ../../vda +``` +- backup some partitions +``` +# dev=/dev/disk/by-path/virtio-pci-0000:00:07.0 +# dd if="$dev" of=/restoredev/$(systemd-escape -p "$dev") bs=446 count=1 +# umount /boot/efi +# dev=/dev/disk/by-partuuid/687177a8-86b3-4e37-a328-91d20db9563c +# dd if="$dev" of=/restoredev/$(systemd-escape -p "$dev") +# umount /boot +# dev=/dev/disk/by-partuuid/4fdf99e9-4f28-4207-a26f-c76546824eaf +# dd if="$dev" of=/restoredev/$(systemd-escape -p "$dev") +``` +Final /restoredev +``` +# ls -al /restoredev/ +total 1253380 +drwx------. 2 root root 250 Jul 24 04:38 . +dr-xr-xr-x. 18 root root 242 Jul 24 04:32 .. +-rw-------. 1 root root 209715200 Jul 24 04:34 dev-disk-by\x2dpartuuid-4fdf99e9\x2d4f28\x2d4207\x2da26f\x2dc76546824eaf +-rw-------. 1 root root 1073741824 Jul 24 04:34 dev-disk-by\x2dpartuuid-687177a8\x2d86b3\x2d4e37\x2da328\x2d91d20db9563c +-rw-------. 1 root root 446 Jul 24 04:38 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:07.0 +``` +- make a thin snapshot +``` +# lvm lvcreate -pr -s rhel/root --name reset +``` + +- mark the snapshot with a tag +``` +# lvm lvchange --addtag reset rhel/reset +``` + +- remove /restoredev +``` +# rm -fr /restoredev +``` + +## Operation + +If a boot entry with ```rd.lvm.mergetags=<tag>``` is selected and there are LVs with ```<tag>``` +dracut will +- make a copy of the snapshot +- merge it back to the original +- rename the copy back to the name of the snapshot +- if /restordev appears in the root, then it will restore the images + found in that directory. This can be used to restore /boot and /boot/efi and the + MBR of the boot device diff --git a/modules.d/80lvmmerge/lvmmerge.sh b/modules.d/80lvmmerge/lvmmerge.sh new file mode 100755 index 0000000..b8dbfa8 --- /dev/null +++ b/modules.d/80lvmmerge/lvmmerge.sh @@ -0,0 +1,95 @@ +#!/bin/bash + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +do_merge() { + sed -i -e 's/\(^[[:space:]]*\)locking_type[[:space:]]*=[[:space:]]*[[:digit:]]/\1locking_type = 1/' \ + /etc/lvm/lvm.conf + + systemctl --no-block stop sysroot.mount + swapoff -a + umount -R /sysroot + + for tag in $(getargs rd.lvm.mergetags); do + lvm vgs --noheadings -o vg_name \ + | while read -r vg || [[ -n $vg ]]; do + unset LVS + declare -a LVS + lvs=$(lvm lvs --noheadings -o lv_name "$vg") + for lv in $lvs; do + lvm lvchange -an "$vg/$lv" + + tags=$(trim "$(lvm lvs --noheadings -o lv_tags "$vg/$lv")") + strstr ",${tags}," ",${tag}," || continue + + if ! lvm lvs --noheadings -o lv_name "${vg}/${lv}_dracutsnap" &> /dev/null; then + info "Creating backup ${lv}_dracutsnap of ${vg}/${lv}" + lvm lvcreate -pr -s "${vg}/${lv}" --name "${lv}_dracutsnap" + fi + lvm lvchange --addtag "$tag" "${vg}/${lv}_dracutsnap" + + info "Merging back ${vg}/${lv} to the original LV" + lvm lvconvert --merge "${vg}/${lv}" + + LVS+=("$lv") + done + + systemctl --no-block stop sysroot.mount + udevadm settle + + for ((i = 0; i < 100; i++)); do + lvm vgchange -an "$vg" && break + sleep 0.5 + done + + udevadm settle + lvm vgchange -ay "$vg" + udevadm settle + for lv in "${LVS[@]}"; do + info "Renaming ${lv}_dracutsnap backup to ${vg}/${lv}" + lvm lvrename "$vg" "${lv}_dracutsnap" "${lv}" + done + udevadm settle + done + done + + systemctl --no-block reset-failed systemd-fsck-root + systemctl --no-block start systemd-fsck-root + systemctl --no-block reset-failed sysroot.mount + systemctl --no-block start sysroot.mount + + for ((i = 0; i < 100; i++)); do + [[ -d /sysroot/dev ]] && break + sleep 0.5 + systemctl --no-block start sysroot.mount + done + + if [[ -d /sysroot/restoredev ]]; then + ( + if cd /sysroot/restoredev; then + # restore devices and partitions + for i in *; do + target=$(systemd-escape -pu "$i") + if ! [[ -b $target ]]; then + warn "Not restoring $target, as the device does not exist" + continue + fi + + # Just in case + umount "$target" &> /dev/null + + info "Restoring $target" + dd if="$i" of="$target" |& vinfo + done + fi + ) + mount -o remount,rw /sysroot + rm -fr /sysroot/restoredev + fi + info "Rebooting" + reboot +} + +if getarg rd.lvm.mergetags; then + do_merge +fi diff --git a/modules.d/80lvmmerge/module-setup.sh b/modules.d/80lvmmerge/module-setup.sh new file mode 100755 index 0000000..c3be931 --- /dev/null +++ b/modules.d/80lvmmerge/module-setup.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +# called by dracut +check() { + # No point trying to support lvm if the binaries are missing + require_binaries lvm dd swapoff || return 1 + + return 255 +} + +# called by dracut +depends() { + echo lvm dracut-systemd systemd bash + return 0 +} + +installkernel() { + hostonly="" instmods dm-snapshot +} + +# called by dracut +install() { + inst_multiple dd swapoff + inst_hook cleanup 01 "$moddir/lvmmerge.sh" +} diff --git a/modules.d/80lvmthinpool-monitor/module-setup.sh b/modules.d/80lvmthinpool-monitor/module-setup.sh new file mode 100755 index 0000000..ca015bd --- /dev/null +++ b/modules.d/80lvmthinpool-monitor/module-setup.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +# called by dracut +check() { + # No point trying to support lvm if the binaries are missing + require_binaries lvm sort tr awk || return 1 + + return 255 +} + +# called by dracut +depends() { + echo lvm + return 0 +} + +# called by dracut +install() { + inst_multiple sort tr awk + inst_script "$moddir/start-thinpool-monitor.sh" "/bin/start-thinpool-monitor" + + inst "$moddir/start-thinpool-monitor.service" "$systemdsystemunitdir/start-thinpool-monitor.service" + $SYSTEMCTL -q --root "$initdir" add-wants initrd.target start-thinpool-monitor.service +} diff --git a/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.service b/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.service new file mode 100644 index 0000000..97f5f1f --- /dev/null +++ b/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.service @@ -0,0 +1,14 @@ +[Unit] +Description=Lvm thinpool monitor service +Before=initrd.target +After=initrd-fs.target +Conflicts=shutdown.target emergency.target + +[Service] +Type=forking +ExecStart=/bin/start-thinpool-monitor +PIDFile=/run/thinpool-moni.pid +StandardInput=null +StandardOutput=journal+console +StandardError=journal+console +KillSignal=SIGHUP diff --git a/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh b/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh new file mode 100755 index 0000000..10f4a4b --- /dev/null +++ b/modules.d/80lvmthinpool-monitor/start-thinpool-monitor.sh @@ -0,0 +1,47 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +LVS=$(getargs rd.lvm.lv -d rd_LVM_LV=) + +is_lvm2_thinp_device() { + _device_path=$1 + _lvm2_thin_device=$(lvm lvs -S 'lv_layout=sparse && lv_layout=thin' \ + --nosuffix --noheadings -o vg_name,lv_name "$_device_path" 2> /dev/null) + + [ -n "$_lvm2_thin_device" ] && return $? +} + +for LV in $LVS; do + if is_lvm2_thinp_device "/dev/$LV"; then + THIN_POOLS="$(lvm lvs -S 'lv_layout=sparse && lv_layout=thin' \ + --nosuffix --noheadings -o vg_name,pool_lv "$LV" \ + | awk '{printf("%s/%s",$1,$2);}') $THIN_POOLS" + fi +done + +THIN_POOLS=$(echo "$THIN_POOLS" | tr ' ' '\n' | sort -u | tr '\n' ' ') + +if [ -n "$THIN_POOLS" ]; then + if [ -e "/etc/lvm/lvm.conf" ]; then + # Use 'monitoring=0' to override the value in lvm.conf, in case + # dmeventd monitoring been started after the calling. + CONFIG="activation {monitoring=0}" + else + CONFIG="activation {monitoring=0 thin_pool_autoextend_threshold=70 thin_pool_autoextend_percent=20}" + fi + + # Activate the thinpool in case the thinpool is in inactive state. + # Otherwise lvextend will fail. + for THIN_POOL in $THIN_POOLS; do + lvm lvchange -ay "$THIN_POOL" --config "$CONFIG" + done + + while true; do + for THIN_POOL in $THIN_POOLS; do + lvm lvextend --use-policies --config "$CONFIG" "$THIN_POOL" + done + sleep 5 + done & + echo $! > /run/thinpool-moni.pid +fi diff --git a/modules.d/80test-makeroot/finished-false.sh b/modules.d/80test-makeroot/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/modules.d/80test-makeroot/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/modules.d/80test-makeroot/module-setup.sh b/modules.d/80test-makeroot/module-setup.sh new file mode 100755 index 0000000..eb6fb74 --- /dev/null +++ b/modules.d/80test-makeroot/module-setup.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +check() { + # Only include the module if another module requires it + return 255 +} + +depends() { + echo "dash rootfs-block kernel-modules qemu" +} + +installkernel() { + instmods piix ide-gd_mod ata_piix ext4 sd_mod +} + +install() { + inst_multiple poweroff cp umount sync dd + inst_hook initqueue/finished 01 "$moddir/finished-false.sh" +} diff --git a/modules.d/80test-root/module-setup.sh b/modules.d/80test-root/module-setup.sh new file mode 100755 index 0000000..24605c5 --- /dev/null +++ b/modules.d/80test-root/module-setup.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +check() { + # Only include the module if another module requires it + return 255 +} + +depends() { + echo "debug" +} + +install() { + inst_simple /etc/os-release + + inst_multiple mkdir ln dd stty mount poweroff umount setsid sync + + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_binary "${dracutbasedir}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst_multiple -o plymouth +} diff --git a/modules.d/80test/hard-off.sh b/modules.d/80test/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/modules.d/80test/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/modules.d/80test/module-setup.sh b/modules.d/80test/module-setup.sh new file mode 100755 index 0000000..96041a9 --- /dev/null +++ b/modules.d/80test/module-setup.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +check() { + # Only include the module if another module requires it + return 255 +} + +depends() { + echo "debug" +} + +install() { + inst poweroff + inst_hook shutdown-emergency 000 "$moddir/hard-off.sh" + inst_hook emergency 000 "$moddir/hard-off.sh" +} diff --git a/modules.d/81cio_ignore/module-setup.sh b/modules.d/81cio_ignore/module-setup.sh new file mode 100755 index 0000000..a54fcb9 --- /dev/null +++ b/modules.d/81cio_ignore/module-setup.sh @@ -0,0 +1,41 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +# called by dracut +check() { + # do not add this module by default + local arch=${DRACUT_ARCH:-$(uname -m)} + [ "$arch" = "s390" -o "$arch" = "s390x" ] || return 1 + return 0 +} + +cmdline() { + local cio_accept + + if [ -e /boot/zipl/active_devices.txt ]; then + while read -r dev _; do + [ "$dev" = "#" -o "$dev" = "" ] && continue + if [ -z "$cio_accept" ]; then + cio_accept="$dev" + else + cio_accept="${cio_accept},${dev}" + fi + done < /boot/zipl/active_devices.txt + fi + if [ -n "$cio_accept" ]; then + echo "rd.cio_accept=${cio_accept}" + fi +} + +# called by dracut +install() { + if [[ $hostonly_cmdline == "yes" ]]; then + local _cio_accept + _cio_accept=$(cmdline) + [[ $_cio_accept ]] && printf "%s\n" "$_cio_accept" >> "${initdir}/etc/cmdline.d/01cio_accept.conf" + fi + + inst_hook cmdline 20 "$moddir/parse-cio_accept.sh" + inst_multiple cio_ignore +} diff --git a/modules.d/81cio_ignore/parse-cio_accept.sh b/modules.d/81cio_ignore/parse-cio_accept.sh new file mode 100755 index 0000000..6cb682a --- /dev/null +++ b/modules.d/81cio_ignore/parse-cio_accept.sh @@ -0,0 +1,23 @@ +#!/bin/sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +CIO_IGNORE=$(getarg cio_ignore) +CIO_ACCEPT=$(getarg rd.cio_accept) + +if [ -z "$CIO_IGNORE" ]; then + info "cio_ignored disabled on commandline" + return +fi +if [ -n "$CIO_ACCEPT" ]; then + OLDIFS="$IFS" + IFS=, + # shellcheck disable=SC2086 + set -- $CIO_ACCEPT + while [ "$#" -gt 0 ]; do + info "Enabling device $1" + cio_ignore --remove "$1" + shift + done + IFS="$OLDIFS" +fi diff --git a/modules.d/90btrfs/80-btrfs.rules b/modules.d/90btrfs/80-btrfs.rules new file mode 100644 index 0000000..a2c1727 --- /dev/null +++ b/modules.d/90btrfs/80-btrfs.rules @@ -0,0 +1,8 @@ +SUBSYSTEM!="block", GOTO="btrfs_end" +ACTION!="add|change", GOTO="btrfs_end" +ENV{ID_FS_TYPE}!="btrfs", GOTO="btrfs_end" +RUN+="/sbin/btrfs device scan $env{DEVNAME}" + +RUN+="/sbin/initqueue --finished --unique --name btrfs_finished /sbin/btrfs_finished" + +LABEL="btrfs_end" diff --git a/modules.d/90btrfs/btrfs_device_ready.sh b/modules.d/90btrfs/btrfs_device_ready.sh new file mode 100755 index 0000000..93d0758 --- /dev/null +++ b/modules.d/90btrfs/btrfs_device_ready.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +btrfs_check_complete() { + local _rootinfo _dev + _dev="${1:-/dev/root}" + [ -e "$_dev" ] || return 0 + _rootinfo=$(udevadm info --query=property "--name=$_dev" 2> /dev/null) + if strstr "$_rootinfo" "ID_FS_TYPE=btrfs"; then + info "Checking, if btrfs device complete" + btrfs device ready "$_dev" > /dev/null 2>&1 + return $? + fi + return 0 +} + +btrfs_check_complete "$1" diff --git a/modules.d/90btrfs/btrfs_finished.sh b/modules.d/90btrfs/btrfs_finished.sh new file mode 100755 index 0000000..4606f8a --- /dev/null +++ b/modules.d/90btrfs/btrfs_finished.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +btrfs_check_complete() { + local _rootinfo _dev + _dev="${1:-/dev/root}" + [ -e "$_dev" ] || return 0 + _rootinfo=$(udevadm info --query=property "--name=$_dev" 2> /dev/null) + if strstr "$_rootinfo" "ID_FS_TYPE=btrfs"; then + info "Checking, if btrfs device complete" + unset __btrfs_mount + mount -o ro "$_dev" /tmp > /dev/null 2>&1 + __btrfs_mount=$? + [ $__btrfs_mount -eq 0 ] && umount "$_dev" > /dev/null 2>&1 + return $__btrfs_mount + fi + return 0 +} + +btrfs_check_complete "$1" diff --git a/modules.d/90btrfs/btrfs_timeout.sh b/modules.d/90btrfs/btrfs_timeout.sh new file mode 100755 index 0000000..326231b --- /dev/null +++ b/modules.d/90btrfs/btrfs_timeout.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +info "Scanning for all btrfs devices" +/sbin/btrfs device scan > /dev/null 2>&1 diff --git a/modules.d/90btrfs/module-setup.sh b/modules.d/90btrfs/module-setup.sh new file mode 100755 index 0000000..5d88133 --- /dev/null +++ b/modules.d/90btrfs/module-setup.sh @@ -0,0 +1,60 @@ +#!/bin/bash + +# called by dracut +check() { + # if we don't have btrfs installed on the host system, + # no point in trying to support it in the initramfs. + require_binaries btrfs || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for fs in "${host_fs_types[@]}"; do + [[ $fs == "btrfs" ]] && return 0 + done + return 255 + } + + return 0 +} + +# called by dracut +depends() { + echo udev-rules + return 0 +} + +# called by dracut +cmdline() { + # Hack for slow machines + # see https://github.com/dracutdevs/dracut/issues/658 + printf " rd.driver.pre=btrfs" +} + +# called by dracut +installkernel() { + instmods btrfs + printf "%s\n" "$(cmdline)" > "${initdir}/etc/cmdline.d/00-btrfs.conf" +} + +# called by dracut +install() { + if ! inst_rules 64-btrfs.rules; then + inst_rules "$moddir/80-btrfs.rules" + case "$(btrfs --help)" in + *device\ ready*) + inst_script "$moddir/btrfs_device_ready.sh" /sbin/btrfs_finished + ;; + *) + inst_script "$moddir/btrfs_finished.sh" /sbin/btrfs_finished + ;; + esac + else + inst_rules 64-btrfs-dm.rules + fi + + if ! dracut_module_included "systemd"; then + inst_hook initqueue/timeout 10 "$moddir/btrfs_timeout.sh" + fi + + inst_multiple -o btrfsck btrfs-zero-log + inst "$(command -v btrfs)" /sbin/btrfs +} diff --git a/modules.d/90crypt/crypt-cleanup.sh b/modules.d/90crypt/crypt-cleanup.sh new file mode 100755 index 0000000..94fa724 --- /dev/null +++ b/modules.d/90crypt/crypt-cleanup.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +# close everything which is not busy +rm -f -- /etc/udev/rules.d/70-luks.rules > /dev/null 2>&1 + +if ! getarg rd.luks.uuid -d rd_LUKS_UUID > /dev/null 2>&1 && getargbool 1 rd.luks -d -n rd_NO_LUKS > /dev/null 2>&1; then + while true; do + local do_break="y" + for i in /dev/mapper/luks-*; do + cryptsetup luksClose "$i" > /dev/null 2>&1 && do_break=n + done + [ "$do_break" = "y" ] && break + done +fi diff --git a/modules.d/90crypt/crypt-lib.sh b/modules.d/90crypt/crypt-lib.sh new file mode 100755 index 0000000..f3ba20d --- /dev/null +++ b/modules.d/90crypt/crypt-lib.sh @@ -0,0 +1,278 @@ +#!/bin/sh + +command -v getarg > /dev/null || . /lib/dracut-lib.sh + +# check if the crypttab contains an entry for a LUKS UUID +crypttab_contains() { + local luks="$1" + local dev="$2" + local l d rest + if [ -f /etc/crypttab ]; then + while read -r l d rest || [ -n "$l" ]; do + strstr "${l##luks-}" "${luks##luks-}" && return 0 + strstr "$d" "${luks##luks-}" && return 0 + if [ -n "$dev" ]; then + for _dev in $(devnames "$d"); do + [ "$dev" -ef "$_dev" ] && return 0 + done + fi + if [ -e /etc/block_uuid.map ]; then + # search for line starting with $d + _line=$(sed -n "\,^$d .*$,{p}" /etc/block_uuid.map) + [ -z "$_line" ] && continue + # get second column with uuid + _uuid="$(echo "$_line" | sed 's,^.* \(.*$\),\1,')" + strstr "$_uuid" "${luks##luks-}" && return 0 + fi + done < /etc/crypttab + fi + return 1 +} + +# ask_for_password +# +# Wraps around plymouth ask-for-password and adds fallback to tty password ask +# if plymouth is not present. +# +# --cmd command +# Command to execute. Required. +# --prompt prompt +# Password prompt. Note that function already adds ':' at the end. +# Recommended. +# --tries n +# How many times repeat command on its failure. Default is 3. +# --ply-[cmd|prompt|tries] +# Command/prompt/tries specific for plymouth password ask only. +# --tty-[cmd|prompt|tries] +# Command/prompt/tries specific for tty password ask only. +# --tty-echo-off +# Turn off input echo before tty command is executed and turn on after. +# It's useful when password is read from stdin. +ask_for_password() { + local ply_cmd + local ply_prompt + local ply_tries=3 + local tty_cmd + local tty_prompt + local tty_tries=3 + local ret + + while [ $# -gt 0 ]; do + case "$1" in + --cmd) + ply_cmd="$2" + tty_cmd="$2" + shift + ;; + --ply-cmd) + ply_cmd="$2" + shift + ;; + --tty-cmd) + tty_cmd="$2" + shift + ;; + --prompt) + ply_prompt="$2" + tty_prompt="$2" + shift + ;; + --ply-prompt) + ply_prompt="$2" + shift + ;; + --tty-prompt) + tty_prompt="$2" + shift + ;; + --tries) + ply_tries="$2" + tty_tries="$2" + shift + ;; + --ply-tries) + ply_tries="$2" + shift + ;; + --tty-tries) + tty_tries="$2" + shift + ;; + --tty-echo-off) tty_echo_off=yes ;; + esac + shift + done + + { + flock -s 9 + # Prompt for password with plymouth, if installed and running. + if type plymouth > /dev/null 2>&1 && plymouth --ping 2> /dev/null; then + plymouth ask-for-password \ + --prompt "$ply_prompt" --number-of-tries="$ply_tries" \ + --command="$ply_cmd" + ret=$? + else + if [ "$tty_echo_off" = yes ]; then + stty_orig="$(stty -g)" + stty -echo + fi + + local i=1 + while [ $i -le "$tty_tries" ]; do + [ -n "$tty_prompt" ] \ + && printf "%s" "$tty_prompt [$i/$tty_tries]:" >&2 + eval "$tty_cmd" && ret=0 && break + ret=$? + i=$((i + 1)) + [ -n "$tty_prompt" ] && printf '\n' >&2 + done + + [ "$tty_echo_off" = yes ] && stty "$stty_orig" + fi + } 9> /.console_lock + + [ $ret -ne 0 ] && echo "Wrong password" >&2 + return $ret +} + +# Try to mount specified device (by path, by UUID or by label) and check +# the path with 'test'. +# +# example: +# test_dev -f LABEL="nice label" /some/file1 +test_dev() { + local test_op="$1" + local dev="$2" + local f="$3" + local ret=1 + local mount_point + + mount_point=$(mkuniqdir /mnt testdev) + [ -n "$dev" -a -n "$*" ] || return 1 + [ -d "$mount_point" ] || die 'Mount point does not exist!' + + if mount -r "$dev" "$mount_point" > /dev/null 2>&1; then + test "$test_op" "${mount_point}/${f}" + ret=$? + umount "$mount_point" + fi + + rmdir "$mount_point" + + return $ret +} + +# match_dev devpattern dev +# +# Returns true if 'dev' matches 'devpattern'. Both 'devpattern' and 'dev' are +# expanded to kernel names and then compared. If name of 'dev' is on list of +# names of devices matching 'devpattern', the test is positive. 'dev' and +# 'devpattern' may be anything which function 'devnames' recognizes. +# +# If 'devpattern' is empty or '*' then function just returns true. +# +# Example: +# match_dev UUID=123 /dev/dm-1 +# Returns true if /dev/dm-1 UUID starts with "123". +match_dev() { + [ -z "$1" -o "$1" = '*' ] && return 0 + local devlist + local dev + + devlist="$(devnames "$1")" || return 255 + dev="$(devnames "$2")" || return 255 + + strstr " +$devlist +" " +$dev +" +} + +# getkey keysfile for_dev +# +# Reads file <keysfile> produced by probe-keydev and looks for first line to +# which device <for_dev> matches. The successful result is printed in format +# "<keydev>:<keypath>". When nothing found, just false is returned. +# +# Example: +# getkey /tmp/luks.keys /dev/sdb1 +# May print: +# /dev/sdc1:/keys/some.key +getkey() { + local keys_file="$1" + local for_dev="$2" + local luks_dev + local key_dev + local key_path + + [ -z "$keys_file" -o -z "$for_dev" ] && die 'getkey: wrong usage!' + [ -f "$keys_file" ] || return 1 + + while IFS=: read -r luks_dev key_dev key_path _ || [ -n "$luks_dev" ]; do + if match_dev "$luks_dev" "$for_dev"; then + echo "${key_dev}:${key_path}" + return 0 + fi + done < "$keys_file" + + return 1 +} + +# readkey keypath keydev device +# +# Mounts <keydev>, reads key from file <keypath>, optionally processes it (e.g. +# if encrypted with GPG) and prints to standard output which is supposed to be +# read by cryptsetup. <device> is just passed to helper function for +# informational purpose. +readkey() { + local keypath="$1" + local keydev="$2" + local device="$3" + + # No mounting needed if the keyfile resides inside the initrd + if [ "/" = "$keydev" ]; then + local mntp=/ + else + # This creates a unique single mountpoint for *, or several for explicitly + # given LUKS devices. It accomplishes unlocking multiple LUKS devices with + # a single password entry. + local mntp + mntp="/mnt/$(str_replace "keydev-$keydev-$keypath" '/' '-')" + + if [ ! -d "$mntp" ]; then + mkdir -p "$mntp" + mount -r "$keydev" "$mntp" || die 'Mounting rem. dev. failed!' + fi + fi + + case "${keypath##*.}" in + gpg) + if [ -f /lib/dracut-crypt-gpg-lib.sh ]; then + . /lib/dracut-crypt-gpg-lib.sh + gpg_decrypt "$mntp" "$keypath" "$keydev" "$device" + else + die "No GPG support to decrypt '$keypath' on '$keydev'." + fi + ;; + img) + if [ -f /lib/dracut-crypt-loop-lib.sh ]; then + . /lib/dracut-crypt-loop-lib.sh + loop_decrypt "$mntp" "$keypath" "$keydev" "$device" + printf "%s\n" "umount \"$mntp\"; rmdir \"$mntp\";" > "${hookdir}/cleanup/crypt-loop-cleanup-99-${mntp##*/}".sh + return 0 + else + die "No loop file support to decrypt '$keypath' on '$keydev'." + fi + ;; + *) cat "$mntp/$keypath" ;; + esac + + # No unmounting if the keyfile resides inside the initrd + if [ "/" != "$keydev" ]; then + # General unmounting mechanism, modules doing custom cleanup should return earlier + # and install a pre-pivot cleanup hook + umount "$mntp" + rmdir "$mntp" + fi +} diff --git a/modules.d/90crypt/crypt-run-generator.sh b/modules.d/90crypt/crypt-run-generator.sh new file mode 100755 index 0000000..3e78e6d --- /dev/null +++ b/modules.d/90crypt/crypt-run-generator.sh @@ -0,0 +1,31 @@ +#!/bin/sh + +. /lib/dracut-lib.sh +type crypttab_contains > /dev/null 2>&1 || . /lib/dracut-crypt-lib.sh + +dev=$1 +luks=$2 + +crypttab_contains "$luks" "$dev" && exit 0 + +allowdiscards="-" + +# parse for allow-discards +if [ -n "$DRACUT_SYSTEMD" ] || strstr "$(cryptsetup --help)" "allow-discards"; then + if discarduuids=$(getargs "rd.luks.allow-discards"); then + discarduuids=$(str_replace "$discarduuids" 'luks-' '') + if strstr " $discarduuids " " ${luks##luks-}"; then + allowdiscards="discard" + fi + elif getargbool 0 rd.luks.allow-discards; then + allowdiscards="discard" + fi +fi + +echo "$luks $dev - timeout=0,$allowdiscards" >> /etc/crypttab + +if command -v systemctl > /dev/null; then + systemctl daemon-reload + systemctl start cryptsetup.target +fi +exit 0 diff --git a/modules.d/90crypt/cryptroot-ask.sh b/modules.d/90crypt/cryptroot-ask.sh new file mode 100755 index 0000000..b1f8df8 --- /dev/null +++ b/modules.d/90crypt/cryptroot-ask.sh @@ -0,0 +1,207 @@ +#!/bin/sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin +NEWROOT=${NEWROOT:-"/sysroot"} + +# do not ask, if we already have root +[ -f "$NEWROOT"/proc ] && exit 0 + +. /lib/dracut-lib.sh + +mkdir -p -m 0700 /run/cryptsetup + +# if device name is /dev/dm-X, convert to /dev/mapper/name +if [ "${1##/dev/dm-}" != "$1" ]; then + device="/dev/mapper/$(dmsetup info -c --noheadings -o name "$1")" +else + device="$1" +fi + +# default luksname - luks-UUID +luksname=$2 + +# is_keysource - ask for passphrase even if a rd.luks.key argument is set +is_keysource=${3:-0} + +# number of tries +numtries=${4:-10} + +# TODO: improve to support what cmdline does +if [ -f /etc/crypttab ] && getargbool 1 rd.luks.crypttab -d -n rd_NO_CRYPTTAB; then + while read -r name dev luksfile luksoptions || [ -n "$name" ]; do + # ignore blank lines and comments + if [ -z "$name" -o "${name#\#}" != "$name" ]; then + continue + fi + + # PARTUUID used in crypttab + if [ "${dev%%=*}" = "PARTUUID" ]; then + if [ "luks-${dev##PARTUUID=}" = "$luksname" ]; then + luksname="$name" + break + fi + + # UUID used in crypttab + elif [ "${dev%%=*}" = "UUID" ]; then + if [ "luks-${dev##UUID=}" = "$luksname" ]; then + luksname="$name" + break + fi + + # ID used in crypttab + elif [ "${dev%%=*}" = "ID" ]; then + if [ "luks-${dev##ID=}" = "$luksname" ]; then + luksname="$name" + break + fi + + # path used in crypttab + else + cdev=$(readlink -f "$dev") + mdev=$(readlink -f "$device") + if [ "$cdev" = "$mdev" ]; then + luksname="$name" + break + fi + fi + done < /etc/crypttab + unset name dev +fi + +# check if destination already exists +[ -b /dev/mapper/"$luksname" ] && exit 0 + +# we already asked for this device +asked_file=/tmp/cryptroot-asked-$luksname +[ -f "$asked_file" ] && exit 0 + +# load dm_crypt if it is not already loaded +[ -d /sys/module/dm_crypt ] || modprobe dm_crypt + +. /lib/dracut-crypt-lib.sh + +# +# Open LUKS device +# + +info "luksOpen $device $luksname $luksfile $luksoptions" + +OLD_IFS="$IFS" +IFS=, +# shellcheck disable=SC2086 +set -- $luksoptions +IFS="$OLD_IFS" + +while [ $# -gt 0 ]; do + case $1 in + noauto) + # skip this + exit 0 + ;; + swap) + # skip this + exit 0 + ;; + tmp) + # skip this + exit 0 + ;; + allow-discards) + allowdiscards="--allow-discards" + ;; + header=*) + cryptsetupopts="${cryptsetupopts} --${1}" + ;; + esac + shift +done + +# parse for allow-discards +if strstr "$(cryptsetup --help)" "allow-discards"; then + if discarduuids=$(getargs "rd.luks.allow-discards"); then + discarduuids=$(str_replace "$discarduuids" 'luks-' '') + if strstr " $discarduuids " " ${luksdev##luks-}"; then + allowdiscards="--allow-discards" + fi + elif getargbool 0 rd.luks.allow-discards; then + allowdiscards="--allow-discards" + fi +fi + +if strstr "$(cryptsetup --help)" "allow-discards"; then + cryptsetupopts="$cryptsetupopts $allowdiscards" +fi + +unset allowdiscards + +# fallback to passphrase +ask_passphrase=1 + +if [ -n "$luksfile" -a "$luksfile" != "none" -a -e "$luksfile" ]; then + # shellcheck disable=SC2086 + if readkey "$luksfile" / "$device" \ + | cryptsetup -d - $cryptsetupopts luksOpen "$device" "$luksname"; then + ask_passphrase=0 + fi +elif [ "$is_keysource" -ne 0 ]; then + info "Asking for passphrase because $device is a keysource." +else + while [ -n "$(getarg rd.luks.key)" ]; do + if tmp=$(getkey /tmp/luks.keys "$device"); then + keydev="${tmp%%:*}" + keypath="${tmp#*:}" + else + if [ "$numtries" -eq 0 ]; then + warn "No key found for $device. Fallback to passphrase mode." + break + fi + sleep 1 + info "No key found for $device. Will try $numtries time(s) more later." + initqueue --unique --onetime --settled \ + --name cryptroot-ask-"$luksname" \ + "$(command -v cryptroot-ask)" "$device" "$luksname" "$is_keysource" "$((numtries - 1))" + exit 0 + fi + unset tmp + + info "Using '$keypath' on '$keydev'" + # shellcheck disable=SC2086 + readkey "$keypath" "$keydev" "$device" \ + | cryptsetup -d - $cryptsetupopts luksOpen "$device" "$luksname" \ + && ask_passphrase=0 + unset keypath keydev + break + done +fi + +if [ $ask_passphrase -ne 0 ]; then + luks_open="$(command -v cryptsetup) $cryptsetupopts luksOpen" + _timeout=$(getargs "rd.luks.timeout") + _timeout=${_timeout:-0} + ask_for_password --ply-tries 5 \ + --ply-cmd "$luks_open -T1 $device $luksname" \ + --ply-prompt "Password ($device)" \ + --tty-tries 1 \ + --tty-cmd "$luks_open -T5 -t $_timeout $device $luksname" + unset luks_open + unset _timeout +fi + +if [ "$is_keysource" -ne 0 -a "${luksname##luks-}" != "$luksname" ]; then + luks_close="$(command -v cryptsetup) close" + { + printf -- '[ -e /dev/mapper/%s ] && ' "$luksname" + printf -- '%s "%s"\n' "$luks_close" "$luksname" + } >> "$hookdir/cleanup/31-crypt-keysource.sh" + unset luks_close +fi + +unset device luksname luksfile + +# mark device as asked +: >> "$asked_file" + +need_shutdown +udevsettle + +exit 0 diff --git a/modules.d/90crypt/module-setup.sh b/modules.d/90crypt/module-setup.sh new file mode 100755 index 0000000..d5ac45b --- /dev/null +++ b/modules.d/90crypt/module-setup.sh @@ -0,0 +1,186 @@ +#!/bin/bash + +# called by dracut +check() { + local fs + # if cryptsetup is not installed, then we cannot support encrypted devices. + require_any_binary "$systemdutildir"/systemd-cryptsetup cryptsetup || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for fs in "${host_fs_types[@]}"; do + [[ $fs == "crypto_LUKS" ]] && return 0 + done + return 255 + } + + return 0 +} + +# called by dracut +depends() { + local deps + deps="dm rootfs-block" + if [[ $hostonly && -f "$dracutsysrootdir"/etc/crypttab ]]; then + if grep -q -e "fido2-device=" -e "fido2-cid=" "$dracutsysrootdir"/etc/crypttab; then + deps+=" fido2" + fi + if grep -q "pkcs11-uri" "$dracutsysrootdir"/etc/crypttab; then + deps+=" pkcs11" + fi + if grep -q "tpm2-device=" "$dracutsysrootdir"/etc/crypttab; then + deps+=" tpm2-tss" + fi + fi + echo "$deps" + return 0 +} + +# called by dracut +installkernel() { + hostonly="" instmods drbg + instmods dm_crypt + + # in case some of the crypto modules moved from compiled in + # to module based, try to install those modules + # best guess + if [[ $hostonly ]] || [[ $mount_needs ]]; then + # dmsetup returns s.th. like + # cryptvol: 0 2064384 crypt aes-xts-plain64 :64:logon:cryptsetup:.... + dmsetup table | while read -r name _ _ is_crypt cipher _; do + [[ $is_crypt == "crypt" ]] || continue + # get the device name + name=/dev/$(dmsetup info -c --noheadings -o blkdevname "${name%:}") + # check if the device exists as a key in our host_fs_types (even with null string) + # shellcheck disable=SC2030 # this is a shellcheck bug + if [[ ${host_fs_types[$name]+_} ]]; then + # split the cipher aes-xts-plain64 in pieces + IFS='-:' read -ra mods <<< "$cipher" + # try to load the cipher part with "crypto-" prepended + # in non-hostonly mode + hostonly='' instmods "${mods[@]/#/crypto-}" "crypto-$cipher" + fi + done + else + instmods "=crypto" + fi + return 0 +} + +# called by dracut +cmdline() { + local dev UUID + # shellcheck disable=SC2031 + for dev in "${!host_fs_types[@]}"; do + [[ ${host_fs_types[$dev]} != "crypto_LUKS" ]] && continue + + UUID=$( + blkid -u crypto -o export "$dev" \ + | while read -r line || [ -n "$line" ]; do + [[ ${line#UUID} == "$line" ]] && continue + printf "%s" "${line#UUID=}" + break + done + ) + [[ ${UUID} ]] || continue + printf "%s" " rd.luks.uuid=luks-${UUID}" + done +} + +# called by dracut +install() { + + if [[ $hostonly_cmdline == "yes" ]]; then + local _cryptconf + _cryptconf=$(cmdline) + [[ $_cryptconf ]] && printf "%s\n" "$_cryptconf" >> "${initdir}/etc/cmdline.d/90crypt.conf" + fi + + inst_hook cmdline 30 "$moddir/parse-crypt.sh" + if ! dracut_module_included "systemd"; then + inst_multiple cryptsetup rmdir readlink umount + inst_script "$moddir"/cryptroot-ask.sh /sbin/cryptroot-ask + inst_script "$moddir"/probe-keydev.sh /sbin/probe-keydev + inst_hook cmdline 10 "$moddir/parse-keydev.sh" + inst_hook cleanup 30 "$moddir/crypt-cleanup.sh" + fi + + if [[ $hostonly ]] && [[ -f $dracutsysrootdir/etc/crypttab ]]; then + # filter /etc/crypttab for the devices we need + while read -r _mapper _dev _luksfile _luksoptions || [ -n "$_mapper" ]; do + [[ $_mapper == \#* ]] && continue + [[ $_dev ]] || continue + + [[ $_dev == PARTUUID=* ]] \ + && _dev="/dev/disk/by-partuuid/${_dev#PARTUUID=}" + + [[ $_dev == UUID=* ]] \ + && _dev="/dev/disk/by-uuid/${_dev#UUID=}" + + [[ $_dev == ID=* ]] \ + && _dev="/dev/disk/by-id/${_dev#ID=}" + + echo "$_dev $(blkid "$_dev" -s UUID -o value)" >> "${initdir}/etc/block_uuid.map" + + # loop through the options to check for the force option + luksoptions=${_luksoptions} + OLD_IFS="${IFS}" + IFS=, + # shellcheck disable=SC2086 + set -- ${luksoptions} + IFS="${OLD_IFS}" + + forceentry="" + while [ $# -gt 0 ]; do + case $1 in + force) + forceentry="yes" + break + ;; + esac + shift + done + + # include the entry regardless + if [ "${forceentry}" = "yes" ]; then + echo "$_mapper $_dev $_luksfile $_luksoptions" + else + # shellcheck disable=SC2031 + for _hdev in "${!host_fs_types[@]}"; do + [[ ${host_fs_types[$_hdev]} == "crypto_LUKS" ]] || continue + if [[ $_hdev -ef $_dev ]] || [[ /dev/block/$_hdev -ef $_dev ]]; then + echo "$_mapper $_dev $_luksfile $_luksoptions" + break + fi + done + fi + done < "$dracutsysrootdir"/etc/crypttab > "$initdir"/etc/crypttab + mark_hostonly /etc/crypttab + fi + + inst_simple "$moddir/crypt-lib.sh" "/lib/dracut-crypt-lib.sh" + inst_script "$moddir/crypt-run-generator.sh" "/sbin/crypt-run-generator" + + if dracut_module_included "systemd"; then + # the cryptsetup targets are already pulled in by 00systemd, but not + # the enablement symlinks + inst_multiple -o \ + "$tmpfilesdir"/cryptsetup.conf \ + "$systemdutildir"/system-generators/systemd-cryptsetup-generator \ + "$systemdutildir"/systemd-cryptsetup \ + "$systemdsystemunitdir"/systemd-ask-password-console.path \ + "$systemdsystemunitdir"/systemd-ask-password-console.service \ + "$systemdsystemunitdir"/cryptsetup.target \ + "$systemdsystemunitdir"/sysinit.target.wants/cryptsetup.target \ + "$systemdsystemunitdir"/remote-cryptsetup.target \ + "$systemdsystemunitdir"/initrd-root-device.target.wants/remote-cryptsetup.target \ + systemd-ask-password systemd-tty-ask-password-agent + fi + + # Install required libraries. + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file \ + {"tls/$_arch/",tls/,"$_arch/",}"/ossl-modules/fips.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"/ossl-modules/legacy.so" + + dracut_need_initqueue +} diff --git a/modules.d/90crypt/parse-crypt.sh b/modules.d/90crypt/parse-crypt.sh new file mode 100755 index 0000000..e46e347 --- /dev/null +++ b/modules.d/90crypt/parse-crypt.sh @@ -0,0 +1,197 @@ +#!/bin/sh + +type crypttab_contains > /dev/null 2>&1 || . /lib/dracut-crypt-lib.sh + +_cryptgetargsname() { + debug_off + local _o _found _key + unset _o + unset _found + _key="$1" + set -- + for _o in $(getargs rd.luks.name); do + if [ "${_o%=*}" = "${_key%=}" ]; then + [ -n "${_o%=*}" ] && set -- "$@" "${_o#*=}" + _found=1 + fi + done + if [ -n "$_found" ]; then + [ $# -gt 0 ] && printf '%s' "$*" + return 0 + fi + return 1 +} + +if ! getargbool 1 rd.luks -d -n rd_NO_LUKS; then + info "rd.luks=0: removing cryptoluks activation" + rm -f -- /etc/udev/rules.d/70-luks.rules +else + { + echo 'SUBSYSTEM!="block", GOTO="luks_end"' + echo 'ACTION!="add|change", GOTO="luks_end"' + } > /etc/udev/rules.d/70-luks.rules.new + + PARTUUID=$(getargs rd.luks.partuuid -d rd_LUKS_PARTUUID) + SERIAL=$(getargs rd.luks.serial -d rd_LUKS_SERIAL) + LUKS=$(getargs rd.luks.uuid -d rd_LUKS_UUID) + tout=$(getarg rd.luks.key.tout) + + if [ -e /etc/crypttab ]; then + while read -r _ _dev _ || [ -n "$_dev" ]; do + set_systemd_timeout_for_dev "$_dev" + done < /etc/crypttab + fi + + if [ -n "$PARTUUID" ]; then + for uuid in $PARTUUID; do + + is_keysource=0 + _uuid=$uuid + uuid=${uuid#keysource:} + [ "$uuid" != "$_uuid" ] && is_keysource=1 + unset _uuid + + uuid=${uuid##luks-} + if luksname=$(_cryptgetargsname "$uuid="); then + luksname="${luksname#"$uuid"=}" + else + luksname="luks-$uuid" + fi + + if [ -z "$DRACUT_SYSTEMD" ]; then + { + printf -- 'ENV{ID_PART_ENTRY_UUID}=="*%s*", ' "$uuid" + printf -- 'RUN+="%s --settled --unique --onetime ' "$(command -v initqueue)" + printf -- '--name cryptroot-ask-%%k %s ' "$(command -v cryptroot-ask)" + # shellcheck disable=SC2016 + printf -- '$env{DEVNAME} %s %s %s"\n' "$luksname" "$is_keysource" "$tout" + } >> /etc/udev/rules.d/70-luks.rules.new + else + luksname=$(dev_unit_name "$luksname") + # shellcheck disable=SC1003 + luksname="$(str_replace "$luksname" '\' '\\')" + + if ! crypttab_contains "$uuid"; then + { + printf -- 'ENV{ID_PART_ENTRY_UUID}=="*%s*", ' "$uuid" + printf -- 'RUN+="%s --settled --unique --onetime ' "$(command -v initqueue)" + printf -- '--name systemd-cryptsetup-%%k %s start ' "$(command -v systemctl)" + printf -- 'systemd-cryptsetup@%s.service"\n' "$luksname" + } >> /etc/udev/rules.d/70-luks.rules.new + fi + fi + done + + elif [ -n "$SERIAL" ]; then + for serialid in $SERIAL; do + + is_keysource=0 + _serialid=$serialid + serialid=${serialid#keysource:} + [ "$serialid" != "$_serialid" ] && is_keysource=1 + unset _serialid + + serialid=${serialid##luks-} + if luksname=$(_cryptgetargsname "$serialid="); then + luksname="${luksname#"$serialid"=}" + else + luksname="luks-$serialid" + fi + + if [ -z "$DRACUT_SYSTEMD" ]; then + { + printf -- 'ENV{ID_SERIAL_SHORT}=="*%s*", ' "$serialid" + printf -- 'RUN+="%s --settled --unique --onetime ' "$(command -v initqueue)" + printf -- '--name cryptroot-ask-%%k %s ' "$(command -v cryptroot-ask)" + # shellcheck disable=SC2016 + printf -- '$env{DEVNAME} %s %s %s"\n' "$luksname" "$is_keysource" "$tout" + } >> /etc/udev/rules.d/70-luks.rules.new + else + luksname=$(dev_unit_name "$luksname") + # shellcheck disable=SC1003 + luksname="$(str_replace "$luksname" '\' '\\')" + + if ! crypttab_contains "$serialid"; then + { + printf -- 'ENV{ID_SERIAL_SHORT}=="*%s*", ' "$serialid" + printf -- 'RUN+="%s --settled --unique --onetime ' "$(command -v initqueue)" + printf -- '--name systemd-cryptsetup-%%k %s start ' "$(command -v systemctl)" + printf -- 'systemd-cryptsetup@%s.service"\n' "$luksname" + } >> /etc/udev/rules.d/70-luks.rules.new + fi + fi + done + + elif [ -n "$LUKS" ]; then + for luksid in $LUKS; do + + is_keysource=0 + _luksid=$luksid + luksid=${luksid#keysource:} + [ "$luksid" != "$_luksid" ] && is_keysource=1 + unset _luksid + + luksid=${luksid##luks-} + if luksname=$(_cryptgetargsname "$luksid="); then + luksname="${luksname#"$luksid"=}" + else + luksname="luks-$luksid" + fi + + if [ -z "$DRACUT_SYSTEMD" ]; then + { + printf -- 'ENV{ID_FS_TYPE}=="crypto_LUKS", ' + printf -- 'ENV{ID_FS_UUID}=="*%s*", ' "$luksid" + printf -- 'RUN+="%s --settled --unique --onetime ' "$(command -v initqueue)" + printf -- '--name cryptroot-ask-%%k %s ' "$(command -v cryptroot-ask)" + # shellcheck disable=SC2016 + printf -- '$env{DEVNAME} %s %s %s"\n' "$luksname" "$is_keysource" "$tout" + } >> /etc/udev/rules.d/70-luks.rules.new + else + luksname=$(dev_unit_name "$luksname") + # shellcheck disable=SC1003 + luksname="$(str_replace "$luksname" '\' '\\')" + + if ! crypttab_contains "$luksid"; then + { + printf -- 'ENV{ID_FS_TYPE}=="crypto_LUKS", ' + printf -- 'ENV{ID_FS_UUID}=="*%s*", ' "$luksid" + printf -- 'RUN+="%s --settled --unique --onetime ' "$(command -v initqueue)" + printf -- '--name systemd-cryptsetup-%%k %s start ' "$(command -v systemctl)" + printf -- 'systemd-cryptsetup@%s.service"\n' "$luksname" + } >> /etc/udev/rules.d/70-luks.rules.new + fi + fi + + if [ $is_keysource -eq 0 ]; then + uuid=$luksid + while [ "$uuid" != "${uuid#*-}" ]; do uuid=${uuid%%-*}${uuid#*-}; done + printf -- '[ -e /dev/disk/by-id/dm-uuid-CRYPT-LUKS?-*%s*-* ] || exit 1\n' "$uuid" \ + >> "$hookdir/initqueue/finished/90-crypt.sh" + { + printf -- '[ -e /dev/disk/by-uuid/*%s* ] || ' "$luksid" + printf -- 'warn "crypto LUKS UUID "%s" not found"\n' "$luksid" + } >> "$hookdir/emergency/90-crypt.sh" + fi + done + elif getargbool 0 rd.auto; then + if [ -z "$DRACUT_SYSTEMD" ]; then + { + printf -- 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="%s ' "$(command -v initqueue)" + printf -- '--unique --settled --onetime --name cryptroot-ask-%%k ' + # shellcheck disable=SC2016 + printf -- '%s $env{DEVNAME} luks-$env{ID_FS_UUID} 0 %s"\n' "$(command -v cryptroot-ask)" "$tout" + } >> /etc/udev/rules.d/70-luks.rules.new + else + { + printf -- 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="%s ' "$(command -v initqueue)" + printf -- '--unique --settled --onetime --name crypt-run-generator-%%k ' + # shellcheck disable=SC2016 + printf -- '%s $env{DEVNAME} luks-$env{ID_FS_UUID}"\n' "$(command -v crypt-run-generator)" + } >> /etc/udev/rules.d/70-luks.rules.new + fi + fi + + echo 'LABEL="luks_end"' >> /etc/udev/rules.d/70-luks.rules.new + mv /etc/udev/rules.d/70-luks.rules.new /etc/udev/rules.d/70-luks.rules +fi diff --git a/modules.d/90crypt/parse-keydev.sh b/modules.d/90crypt/parse-keydev.sh new file mode 100755 index 0000000..467d892 --- /dev/null +++ b/modules.d/90crypt/parse-keydev.sh @@ -0,0 +1,44 @@ +#!/bin/sh + +if getargbool 1 rd.luks -n rd_NO_LUKS \ + && [ -n "$(getarg rd.luks.key)" ]; then + exec 7> /etc/udev/rules.d/65-luks-keydev.rules + echo 'SUBSYSTEM!="block", GOTO="luks_keydev_end"' >&7 + echo 'ACTION!="add|change", GOTO="luks_keydev_end"' >&7 + + for arg in $(getargs rd.luks.key); do + unset keypath keydev luksdev + splitsep : "$arg" keypath keydev luksdev + + info "rd.luks.key: keypath='$keypath' keydev='$keydev' luksdev='$luksdev'" + + if [ -z "$keypath" ]; then + warn 'keypath required!' + continue + fi + + # A keydev of '/' is treated as the initrd itself + if [ "/" = "$keydev" ]; then + [ -z "$luksdev" ] && luksdev='*' + echo "$luksdev:$keydev:$keypath" >> /tmp/luks.keys + continue + elif [ -n "$keydev" ]; then + udevmatch "$keydev" >&7 || { + warn 'keydev incorrect!' + continue + } + printf ', ' >&7 + fi + + { + printf -- 'RUN+="%s --unique --onetime ' "$(command -v initqueue)" + printf -- '--name probe-keydev-%%k ' + printf -- '%s /dev/%%k %s %s"\n' \ + "$(command -v probe-keydev)" "${keypath}" "${luksdev}" + } >&7 + done + unset arg keypath keydev luksdev + + echo 'LABEL="luks_keydev_end"' >&7 + exec 7>&- +fi diff --git a/modules.d/90crypt/probe-keydev.sh b/modules.d/90crypt/probe-keydev.sh new file mode 100755 index 0000000..e5a3f36 --- /dev/null +++ b/modules.d/90crypt/probe-keydev.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +. /lib/dracut-crypt-lib.sh + +real_keydev="$1" +keypath="$2" +luksdev="$3" + +[ -z "$real_keydev" -o -z "$keypath" ] && die 'probe-keydev: wrong usage!' +[ -z "$luksdev" ] && luksdev='*' + +info "Probing $real_keydev for $keypath..." +test_dev -f "$real_keydev" "$keypath" || exit 1 + +info "Found $keypath on $real_keydev" +echo "$luksdev:$real_keydev:$keypath" >> /tmp/luks.keys diff --git a/modules.d/90dm/11-dm.rules b/modules.d/90dm/11-dm.rules new file mode 100644 index 0000000..89941c4 --- /dev/null +++ b/modules.d/90dm/11-dm.rules @@ -0,0 +1,5 @@ +SUBSYSTEM!="block", GOTO="dm_end" +KERNEL!="dm-[0-9]*", GOTO="dm_end" +ACTION!="add|change", GOTO="dm_end" +OPTIONS+="db_persist" +LABEL="dm_end" diff --git a/modules.d/90dm/59-persistent-storage-dm.rules b/modules.d/90dm/59-persistent-storage-dm.rules new file mode 100644 index 0000000..3e0b8f6 --- /dev/null +++ b/modules.d/90dm/59-persistent-storage-dm.rules @@ -0,0 +1,15 @@ +SUBSYSTEM!="block", GOTO="dm_end" +ACTION!="add|change", GOTO="dm_end" +# Also don't process disks that are slated to be a multipath device +ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="dm_end" + +KERNEL!="dm-[0-9]*", GOTO="dm_end" +ACTION=="add", GOTO="dm_end" +IMPORT{program}="/sbin/dmsetup info -c --nameprefixes --unquoted --rows --noheadings -o name,uuid,suspended,readonly,major,minor,open,tables_loaded,names_using_dev -j%M -m%m" +ENV{DM_NAME}!="?*", GOTO="dm_end" +ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", GOTO="dm_end" +ENV{DM_UUID}=="CRYPT-TEMP-?*", GOTO="dm_end" +ENV{DM_UUID}!="?*", ENV{DM_NAME}=="temporary-cryptsetup-?*", GOTO="dm_end" +IMPORT{builtin}="blkid" + +LABEL="dm_end" diff --git a/modules.d/90dm/dm-pre-udev.sh b/modules.d/90dm/dm-pre-udev.sh new file mode 100755 index 0000000..ba8d962 --- /dev/null +++ b/modules.d/90dm/dm-pre-udev.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +strstr "$(cat /proc/misc)" device-mapper || modprobe dm_mod +modprobe dm_mirror 2> /dev/null diff --git a/modules.d/90dm/dm-shutdown.sh b/modules.d/90dm/dm-shutdown.sh new file mode 100755 index 0000000..bd7134a --- /dev/null +++ b/modules.d/90dm/dm-shutdown.sh @@ -0,0 +1,53 @@ +#!/bin/sh + +_remove_dm() { + local dev="$1" + local s + local devname + + for s in /sys/block/"${dev}"/holders/dm-*; do + [ -e "${s}" ] || continue + _remove_dm "${s##*/}" + done + # multipath devices might have MD devices on top, + # which are removed after this script. So do not + # remove those to avoid spurious errors + case $(cat /sys/block/"${dev}"/dm/uuid) in + mpath-*) + return 0 + ;; + *) + read -r devname < /sys/block/"${dev}"/dm/name + dmsetup -v --noudevsync remove "$devname" || return $? + ;; + esac + return 0 +} + +_do_dm_shutdown() { + local ret=0 + local final="$1" + local dev + + info "Disassembling device-mapper devices" + for dev in /sys/block/dm-*; do + [ -e "${dev}" ] || continue + if [ "x$final" != "x" ]; then + _remove_dm "${dev##*/}" || ret=$? + else + _remove_dm "${dev##*/}" > /dev/null 2>&1 || ret=$? + fi + done + if [ "x$final" != "x" ]; then + info "dmsetup ls --tree" + dmsetup ls --tree 2>&1 | vinfo + fi + return $ret +} + +if command -v dmsetup > /dev/null \ + && [ "x$(dmsetup status)" != "xNo devices found" ]; then + _do_dm_shutdown "$1" +else + : +fi diff --git a/modules.d/90dm/module-setup.sh b/modules.d/90dm/module-setup.sh new file mode 100755 index 0000000..0c4cba3 --- /dev/null +++ b/modules.d/90dm/module-setup.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +# called by dracut +check() { + require_binaries dmsetup || return 1 + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + instmods '=drivers/md' dm_mod dm-cache dm-cache-mq dm-cache-cleaner +} + +# called by dracut +install() { + modinfo -k "$kernel" dm_mod > /dev/null 2>&1 \ + && inst_hook pre-udev 30 "$moddir/dm-pre-udev.sh" + + inst_multiple dmsetup + + inst_rules 10-dm.rules 13-dm-disk.rules 95-dm-notify.rules + # Gentoo ebuild for LVM2 prior to 2.02.63-r1 doesn't install above rules + # files, but provides the one below: + inst_rules 64-device-mapper.rules + # debian udev rules + inst_rules 60-persistent-storage-dm.rules 55-dm.rules + + inst_rules "$moddir/11-dm.rules" + + inst_rules "$moddir/59-persistent-storage-dm.rules" + + inst_hook shutdown 25 "$moddir/dm-shutdown.sh" +} diff --git a/modules.d/90dmraid/61-dmraid-imsm.rules b/modules.d/90dmraid/61-dmraid-imsm.rules new file mode 100644 index 0000000..8a6b215 --- /dev/null +++ b/modules.d/90dmraid/61-dmraid-imsm.rules @@ -0,0 +1,28 @@ +# This file causes block devices with RAID (dmraid) signatures to +# automatically cause dmraid_scan to be run. +# See udev(8) for syntax + +SUBSYSTEM!="block", GOTO="dm_end" +ACTION!="add|change", GOTO="dm_end" +# Also don't process disks that are slated to be a multipath device +ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="dm_end" + +ENV{ID_FS_TYPE}=="linux_raid_member", GOTO="dm_end" + +ENV{ID_FS_TYPE}!="*_raid_member", GOTO="dm_end" + +ENV{ID_FS_TYPE}=="isw_raid_member", ENV{rd_NO_MDIMSM}!="?*", GOTO="dm_end" +ENV{ID_FS_TYPE}=="ddf_raid_member", ENV{rd_NO_MDDDF}!="?*", GOTO="dm_end" + +ENV{rd_NO_DM}=="?*", GOTO="dm_end" + +OPTIONS:="nowatch" + +ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", GOTO="dm_end" + +PROGRAM=="/bin/sh -c 'for i in $sys/$devpath/holders/dm-[0-9]*; do [ -e $$i ] && exit 0; done; exit 1;' ", \ + GOTO="dm_end" + +RUN+="/sbin/initqueue --onetime --unique --settled /sbin/dmraid_scan $env{DEVNAME}" + +LABEL="dm_end" diff --git a/modules.d/90dmraid/dmraid.sh b/modules.d/90dmraid/dmraid.sh new file mode 100755 index 0000000..b517320 --- /dev/null +++ b/modules.d/90dmraid/dmraid.sh @@ -0,0 +1,46 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +devenc=$(str_replace "$1" '/' '\2f') + +[ -e /tmp/dmraid."$devenc" ] && exit 0 + +: > /tmp/dmraid."$devenc" + +DM_RAIDS=$(getargs rd.dm.uuid -d rd_DM_UUID=) + +if [ -n "$DM_RAIDS" ] || getargbool 0 rd.auto; then + # run dmraid if udev has settled + info "Scanning for dmraid devices $DM_RAIDS" + SETS=$(dmraid -c -s) + + if [ "$SETS" = "no raid disks" -o "$SETS" = "no raid sets" ]; then + return + fi + + info "Found dmraid sets:" + echo "$SETS" | vinfo + + if [ -n "$DM_RAIDS" ]; then + # only activate specified DM RAIDS + for r in $DM_RAIDS; do + for s in $SETS; do + if [ "${s##"$r"}" != "$s" ]; then + info "Activating $s" + dmraid -ay -i -p --rm_partitions "$s" 2>&1 | vinfo + fi + done + done + else + # scan and activate all DM RAIDS + for s in $SETS; do + info "Activating $s" + dmraid -ay -i -p --rm_partitions "$s" 2>&1 | vinfo + [ -e "/dev/mapper/$s" ] && kpartx -a "/dev/mapper/$s" 2>&1 | vinfo + udevsettle + done + fi + + need_shutdown +fi diff --git a/modules.d/90dmraid/module-setup.sh b/modules.d/90dmraid/module-setup.sh new file mode 100755 index 0000000..482ae96 --- /dev/null +++ b/modules.d/90dmraid/module-setup.sh @@ -0,0 +1,87 @@ +#!/bin/bash + +# called by dracut +check() { + local holder + local dev + + # if we don't have dmraid installed on the host system, no point + # in trying to support it in the initramfs. + require_binaries dmraid || return 1 + require_binaries kpartx || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for dev in "${!host_fs_types[@]}"; do + [[ ${host_fs_types[$dev]} != *_raid_member ]] && continue + + DEVPATH=$(get_devpath_block "$dev") + + for holder in "$DEVPATH"/holders/*; do + [[ -e $holder ]] || continue + [[ -e "$holder/dm" ]] && return 0 + break + done + + done + return 255 + } + + return 0 +} + +# called by dracut +depends() { + echo dm rootfs-block + return 0 +} + +# called by dracut +cmdline() { + local dev + local -A _activated + + for dev in "${!host_fs_types[@]}"; do + local holder DEVPATH DM_NAME + [[ ${host_fs_types[$dev]} != *_raid_member ]] && continue + + DEVPATH=$(get_devpath_block "$dev") + + for holder in "$DEVPATH"/holders/*; do + [[ -e $holder ]] || continue + dev="/dev/${holder##*/}" + DM_NAME="$(dmsetup info -c --noheadings -o name "$dev" 2> /dev/null)" + [[ ${DM_NAME} ]] && break + done + + [[ ${DM_NAME} ]] || continue + + if ! [[ ${_activated[${DM_NAME}]} ]]; then + printf "%s" " rd.dm.uuid=${DM_NAME}" + _activated["${DM_NAME}"]=1 + fi + done +} + +# called by dracut +install() { + local _raidconf + + if [[ $hostonly_cmdline == "yes" ]]; then + _raidconf=$(cmdline) + [[ $_raidconf ]] && printf "%s\n" "$_raidconf" >> "${initdir}/etc/cmdline.d/90dmraid.conf" + fi + + inst_multiple dmraid + inst_multiple -o kpartx + inst "$(command -v partx)" /sbin/partx + + inst "$moddir/dmraid.sh" /sbin/dmraid_scan + + inst_rules 66-kpartx.rules 67-kpartx-compat.rules + + inst_libdir_file "libdmraid-events*.so*" + + inst_rules "$moddir/61-dmraid-imsm.rules" + #inst "$moddir/dmraid-cleanup.sh" /sbin/dmraid-cleanup + inst_hook pre-trigger 30 "$moddir/parse-dm.sh" +} diff --git a/modules.d/90dmraid/parse-dm.sh b/modules.d/90dmraid/parse-dm.sh new file mode 100755 index 0000000..d7a6b69 --- /dev/null +++ b/modules.d/90dmraid/parse-dm.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +# nodmraid for anaconda / rc.sysinit compatibility +if ! getargbool 1 rd.dm -d -n rd_NO_DM || getarg "rd.dm=0" -d nodmraid; then + info "rd.dm=0: removing DM RAID activation" + udevproperty rd_NO_DM=1 +fi + +if ! command -v mdadm > /dev/null \ + || ! getargbool 1 rd.md.imsm -d -n rd_NO_MDIMSM -n noiswmd \ + || ! getargbool 1 rd.md -d -n rd_NO_MD; then + info "rd.md.imsm=0: no MD RAID for imsm/isw raids" + udevproperty rd_NO_MDIMSM=1 +fi + +if ! command -v mdadm > /dev/null \ + || ! getargbool 1 rd.md.ddf -n rd_NO_MDDDF -n noddfmd \ + || ! getargbool 1 rd.md -d -n rd_NO_MD; then + info "rd.md.ddf=0: no MD RAID for SNIA ddf raids" + udevproperty rd_NO_MDDDF=1 +fi + +DM_RAIDS=$(getargs rd.dm.uuid -d rd_DM_UUID=) + +if [ -z "$DM_RAIDS" ] && ! getargbool 0 rd.auto; then + udevproperty rd_NO_DM=1 +fi diff --git a/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh b/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh new file mode 100755 index 0000000..8372b50 --- /dev/null +++ b/modules.d/90dmsquash-live-autooverlay/create-overlay-genrules.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +case "$root" in + live:/dev/*) + printf 'SYMLINK=="%s", RUN+="/sbin/initqueue --settled --onetime --unique /sbin/create-overlay %s"\n' \ + "${root#live:/dev/}" "${root#live:}" >> /etc/udev/rules.d/95-create-overlay.rules + wait_for_dev -n "${root#live:}" + ;; +esac diff --git a/modules.d/90dmsquash-live-autooverlay/create-overlay.sh b/modules.d/90dmsquash-live-autooverlay/create-overlay.sh new file mode 100755 index 0000000..10e8ea5 --- /dev/null +++ b/modules.d/90dmsquash-live-autooverlay/create-overlay.sh @@ -0,0 +1,119 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if getargbool 0 rd.live.debug -n -y rdlivedebug; then + exec > /tmp/create-overlay.$$.out + exec 2>> /tmp/create-overlay.$$.out + set -x +fi + +gatherData() { + overlay=$(getarg rd.live.overlay) + if [ -z "$overlay" ]; then + info "Skipping overlay creation: kernel command line parameter 'rd.live.overlay' is not set" + exit 0 + fi + # shellcheck disable=SC2086 + if ! str_starts ${overlay} LABEL=; then + die "Overlay creation failed: the partition must be set by LABEL in the 'rd.live.overlay' kernel parameter" + fi + + overlayLabel=${overlay#LABEL=} + # shellcheck disable=SC2086 + if [ -b /dev/disk/by-label/${overlayLabel} ]; then + info "Skipping overlay creation: overlay already exists" + exit 0 + fi + + filesystem=$(getarg rd.live.overlay.cowfs) + [ -z "$filesystem" ] && filesystem="ext4" + if [ "$filesystem" != "ext4" ] && [ "$filesystem" != "xfs" ] && [ "$filesystem" != "btrfs" ]; then + die "Overlay creation failed: only ext4, xfs, and btrfs are supported in the 'rd.live.overlay.cowfs' kernel parameter" + fi + + live_dir=$(getarg rd.live.dir) + [ -z "$live_dir" ] && live_dir="LiveOS" + + [ -z "$1" ] && exit 1 + rootDevice=$1 + + # The kernel command line's 'root=' parameter was parsed into the $root variable by the dmsquash-live module. + # $root contains the path to a symlink within /dev/disk/by-label, which points to a partition. + # This script needs that partition's parent block device. + # shellcheck disable=SC2046 + # shellcheck disable=SC2086 + rootDeviceAbsolutePath=$(readlink -f ${rootDevice}) + rootDeviceSysfsPath=/sys/class/block/${rootDeviceAbsolutePath##*/} + if [ -f "${rootDeviceSysfsPath}/partition" ]; then + # shellcheck disable=SC2086 + read -r partition < ${rootDeviceSysfsPath}/partition + else + partition=0 + fi + # shellcheck disable=SC2086 + read -r readonly < ${rootDeviceSysfsPath}/ro + # shellcheck disable=SC2086 + if [ "$partition" != "1" ] || [ "$readonly" != "0" ]; then + info "Skipping overlay creation: unpartitioned or read-only media detected" + exit 0 + fi + # shellcheck disable=SC2046 + # shellcheck disable=SC2086 + fullDriveSysfsPath=$(readlink -f ${rootDeviceSysfsPath}/..) + blockDevice=/dev/${fullDriveSysfsPath##*/} + currentPartitionCount=$(grep --count -E "${blockDevice#/dev/}[0-9]+" /proc/partitions) + + # shellcheck disable=SC2086 + freeSpaceStart=$(parted --script ${blockDevice} unit % print free \ + | awk -v x=${currentPartitionCount} '$1 == x {getline; print $1}') + if [ -z "$freeSpaceStart" ]; then + info "Skipping overlay creation: there is no free space after the last partition" + exit 0 + fi + partitionStart=$((${freeSpaceStart%.*} + 1)) + if [ $partitionStart -eq 100 ]; then + info "Skipping overlay creation: there is not enough free space after the last partition" + exit 0 + fi + + overlayPartition=${blockDevice}$((currentPartitionCount + 1)) + + label=$(blkid --match-tag LABEL --output value "$rootDevice") + uuid=$(blkid --match-tag UUID --output value "$rootDevice") + if [ -z "$label" ] || [ -z "$uuid" ]; then + die "Overlay creation failed: failed to look up root device label and UUID" + fi +} + +createPartition() { + # shellcheck disable=SC2086 + parted --script --align optimal ${blockDevice} mkpart primary ${partitionStart}% 100% +} + +createFilesystem() { + # shellcheck disable=SC2086 + mkfs.${filesystem} -L ${overlayLabel} ${overlayPartition} + + baseDir=/run/initramfs/create-overlayfs + mkdir -p ${baseDir} + # shellcheck disable=SC2086 + mount -t ${filesystem} ${overlayPartition} ${baseDir} + + mkdir -p ${baseDir}/${live_dir}/ovlwork + # shellcheck disable=SC2086 + mkdir ${baseDir}/${live_dir}/overlay-${label}-${uuid} + + umount ${baseDir} + rm -r ${baseDir} +} + +main() { + gatherData "$1" + createPartition + udevsettle + createFilesystem + udevsettle +} + +main "$1" diff --git a/modules.d/90dmsquash-live-autooverlay/module-setup.sh b/modules.d/90dmsquash-live-autooverlay/module-setup.sh new file mode 100755 index 0000000..a97ca5a --- /dev/null +++ b/modules.d/90dmsquash-live-autooverlay/module-setup.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +check() { + # including a module dedicated to live environments in a host-only initrd doesn't make sense + [[ $hostonly ]] && return 1 + return 255 +} + +depends() { + echo dmsquash-live + return 0 +} + +installkernel() { + instmods btrfs ext4 xfs +} + +install() { + inst_multiple awk blkid cat grep mkdir mount parted readlink rmdir tr umount + inst_multiple -o mkfs.btrfs mkfs.ext4 mkfs.xfs + inst_hook pre-udev 25 "$moddir/create-overlay-genrules.sh" + inst_script "$moddir/create-overlay.sh" "/sbin/create-overlay" + dracut_need_initqueue +} diff --git a/modules.d/90dmsquash-live-ntfs/module-setup.sh b/modules.d/90dmsquash-live-ntfs/module-setup.sh new file mode 100755 index 0000000..7aa5802 --- /dev/null +++ b/modules.d/90dmsquash-live-ntfs/module-setup.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +check() { + require_binaries ntfs-3g || return 1 + return 255 +} + +depends() { + echo dmsquash-live + return 0 +} + +install() { + inst_multiple fusermount mount.fuse ntfs-3g + inst_script "$moddir/mount-ntfs-3g.sh" "/sbin/mount-ntfs-3g" + dracut_need_initqueue +} + +installkernel() { + hostonly='' instmods fuse +} diff --git a/modules.d/90dmsquash-live-ntfs/mount-ntfs-3g.sh b/modules.d/90dmsquash-live-ntfs/mount-ntfs-3g.sh new file mode 100755 index 0000000..289205c --- /dev/null +++ b/modules.d/90dmsquash-live-ntfs/mount-ntfs-3g.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +type vwarn > /dev/null 2>&1 || . /lib/dracut-lib.sh + +# Symlinking /usr/bin/ntfs-3g as /sbin/mount.ntfs seems to boot +# at the first glance, but ends with lots and lots of squashfs +# errors, because systemd attempts to kill the ntfs-3g process?! +# See https://systemd.io/ROOT_STORAGE_DAEMONS/ +if [ -x "/usr/bin/ntfs-3g" ]; then + ( + ln -s /usr/bin/ntfs-3g /run/@ntfs-3g + (sleep 1 && rm /run/@ntfs-3g) & + # shellcheck disable=SC2123 + PATH=/run + exec @ntfs-3g "$@" + ) | vwarn +else + die "Failed to mount block device of live image: Missing NTFS support" + exit 1 +fi diff --git a/modules.d/90dmsquash-live/apply-live-updates.sh b/modules.d/90dmsquash-live/apply-live-updates.sh new file mode 100755 index 0000000..a5a5a39 --- /dev/null +++ b/modules.d/90dmsquash-live/apply-live-updates.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +if [ -h /dev/root ] && [ -d /run/initramfs/live/updates -o -d /updates ]; then + info "Applying updates to live image..." + mount -o bind /run "$NEWROOT"/run + # avoid overwriting symlinks (e.g. /lib -> /usr/lib) with directories + for d in /updates /run/initramfs/live/updates; do + [ -d "$d" ] || continue + ( + cd "$d" || return 0 + find . -depth -type d -exec mkdir -p "$NEWROOT/{}" \; + find . -depth \! -type d -exec cp -a "{}" "$NEWROOT/{}" \; + ) + done + umount "$NEWROOT"/run +fi +# release resources on iso-scan boots with rd.live.ram +if [ -d /run/initramfs/isoscan ] \ + && [ -f /run/initramfs/squashed.img -o -f /run/initramfs/rootfs.img ]; then + umount --detach-loop /run/initramfs/live + umount /run/initramfs/isoscan +fi diff --git a/modules.d/90dmsquash-live/checkisomd5@.service b/modules.d/90dmsquash-live/checkisomd5@.service new file mode 100644 index 0000000..c4ca10f --- /dev/null +++ b/modules.d/90dmsquash-live/checkisomd5@.service @@ -0,0 +1,14 @@ +[Unit] +Description=Media check on %f +DefaultDependencies=no +Before=shutdown.target + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart=/bin/checkisomd5 --verbose %f +StandardInput=tty-force +StandardOutput=inherit +StandardError=inherit +TimeoutSec=0 +SuccessExitStatus=2 diff --git a/modules.d/90dmsquash-live/dmsquash-generator.sh b/modules.d/90dmsquash-live/dmsquash-generator.sh new file mode 100755 index 0000000..8e3dfe8 --- /dev/null +++ b/modules.d/90dmsquash-live/dmsquash-generator.sh @@ -0,0 +1,80 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +[ -z "$root" ] && root=$(getarg root=) + +# support legacy syntax of passing liveimg and then just the base root +if getargbool 0 rd.live.image -d -y liveimg; then + liveroot="live:$root" +fi + +if [ "${root%%:*}" = "live" ]; then + liveroot=$root +fi + +[ "${liveroot%%:*}" = "live" ] || exit 0 + +case "$liveroot" in + live:LABEL=* | LABEL=* | live:UUID=* | UUID=* | live:PARTUUID=* | PARTUUID=* | live:PARTLABEL=* | PARTLABEL=*) + root="live:$(label_uuid_to_dev "${root#live:}")" + rootok=1 + ;; + live:CDLABEL=* | CDLABEL=*) + root="${root#live:}" + root="$(echo "$root" | sed 's,/,\\x2f,g;s, ,\\x20,g')" + root="live:/dev/disk/by-label/${root#CDLABEL=}" + rootok=1 + ;; + live:/*.[Ii][Ss][Oo] | /*.[Ii][Ss][Oo]) + root="${root#live:}" + root="liveiso:${root}" + rootok=1 + ;; + live:/dev/*) + rootok=1 + ;; + live:/*.[Ii][Mm][Gg] | /*.[Ii][Mm][Gg]) + [ -f "${root#live:}" ] && rootok=1 + ;; +esac + +[ "$rootok" != "1" ] && exit 0 + +GENERATOR_DIR="$2" +[ -z "$GENERATOR_DIR" ] && exit 1 +[ -d "$GENERATOR_DIR" ] || mkdir -p "$GENERATOR_DIR" + +getargbool 0 rd.live.overlay.readonly -d -y readonly_overlay && readonly_overlay="--readonly" || readonly_overlay="" +getargbool 0 rd.live.overlay.overlayfs && overlayfs="yes" +[ -e /xor_overlayfs ] && xor_overlayfs="yes" +[ -e /xor_readonly ] && xor_readonly="--readonly" +ROOTFLAGS="$(getarg rootflags)" +{ + echo "[Unit]" + echo "Before=initrd-root-fs.target" + echo "[Mount]" + echo "Where=/sysroot" + if [ "$overlayfs$xor_overlayfs" = "yes" ]; then + echo "What=LiveOS_rootfs" + if [ "$readonly_overlay$xor_readonly" = "--readonly" ]; then + ovlfs=lowerdir=/run/overlayfs-r:/run/rootfsbase + else + ovlfs=lowerdir=/run/rootfsbase + fi + echo "Options=${ROOTFLAGS},${ovlfs},upperdir=/run/overlayfs,workdir=/run/ovlwork" + echo "Type=overlay" + _dev=LiveOS_rootfs + else + echo "What=/dev/mapper/live-rw" + [ -n "$ROOTFLAGS" ] && echo "Options=${ROOTFLAGS}" + _dev='dev-mapper-live\x2drw' + fi +} > "$GENERATOR_DIR"/sysroot.mount + +mkdir -p "$GENERATOR_DIR/$_dev.device.d" +{ + echo "[Unit]" + echo "JobTimeoutSec=3000" + echo "JobRunningTimeoutSec=3000" +} > "$GENERATOR_DIR/$_dev.device.d/timeout.conf" diff --git a/modules.d/90dmsquash-live/dmsquash-live-genrules.sh b/modules.d/90dmsquash-live/dmsquash-live-genrules.sh new file mode 100755 index 0000000..8c7cad8 --- /dev/null +++ b/modules.d/90dmsquash-live/dmsquash-live-genrules.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +case "$root" in + live:/dev/*) + { + printf 'KERNEL=="%s", RUN+="/sbin/initqueue --settled --onetime --unique /sbin/dmsquash-live-root %s"\n' \ + "${root#live:/dev/}" "${root#live:}" + printf 'SYMLINK=="%s", RUN+="/sbin/initqueue --settled --onetime --unique /sbin/dmsquash-live-root %s"\n' \ + "${root#live:/dev/}" "${root#live:}" + } >> /etc/udev/rules.d/99-live-squash.rules + wait_for_dev -n "${root#live:}" + ;; + live:*) + if [ -f "${root#live:}" ]; then + /sbin/initqueue --settled --onetime --unique /sbin/dmsquash-live-root "${root#live:}" + fi + ;; +esac diff --git a/modules.d/90dmsquash-live/dmsquash-live-root.sh b/modules.d/90dmsquash-live/dmsquash-live-root.sh new file mode 100755 index 0000000..e808339 --- /dev/null +++ b/modules.d/90dmsquash-live/dmsquash-live-root.sh @@ -0,0 +1,432 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +type det_fs > /dev/null 2>&1 || . /lib/fs-lib.sh + +command -v unpack_archive > /dev/null || . /lib/img-lib.sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +if getargbool 0 rd.live.debug -n -y rdlivedebug; then + exec > /tmp/liveroot.$$.out + exec 2>> /tmp/liveroot.$$.out + set -x +fi + +[ -z "$1" ] && exit 1 +livedev="$1" + +# parse various live image specific options that make sense to be +# specified as their own things +live_dir=$(getarg rd.live.dir -d live_dir) +[ -z "$live_dir" ] && live_dir="LiveOS" +squash_image=$(getarg rd.live.squashimg) +[ -z "$squash_image" ] && squash_image="squashfs.img" + +getargbool 0 rd.live.ram -d -y live_ram && live_ram="yes" +getargbool 0 rd.live.overlay.reset -d -y reset_overlay && reset_overlay="yes" +getargbool 0 rd.live.overlay.readonly -d -y readonly_overlay && readonly_overlay="--readonly" || readonly_overlay="" +overlay=$(getarg rd.live.overlay -d overlay) +getargbool 0 rd.writable.fsimg -d -y writable_fsimg && writable_fsimg="yes" +overlay_size=$(getarg rd.live.overlay.size=) +[ -z "$overlay_size" ] && overlay_size=32768 + +getargbool 0 rd.live.overlay.thin && thin_snapshot="yes" +getargbool 0 rd.live.overlay.overlayfs && overlayfs="yes" + +# Take a path to a disk label and return the parent disk if it is a partition +# Otherwise returns the original path +get_check_dev() { + local _udevinfo + dev_path="$(udevadm info -q path --name "$1")" + _udevinfo="$(udevadm info -q property --path "${dev_path}")" + strstr "$_udevinfo" "DEVTYPE=partition" || { + echo "$1" + return + } + parent="${dev_path%/*}" + _udevinfo="$(udevadm info -q property --path "${parent}")" + strstr "$_udevinfo" "DEVTYPE=disk" || { + echo "$1" + return + } + strstr "$_udevinfo" "ID_FS_TYPE=iso9660" || { + echo "$1" + return + } + + # Return the name of the parent disk device + echo "$_udevinfo" | grep "DEVNAME=" | sed 's/DEVNAME=//' +} + +# Find the right device to run check on +check_dev=$(get_check_dev "$livedev") +# CD/DVD media check +[ -b "$check_dev" ] && fs=$(det_fs "$check_dev") +if [ "$fs" = "iso9660" -o "$fs" = "udf" ]; then + check="yes" +fi +getarg rd.live.check -d check || check="" +if [ -n "$check" ]; then + type plymouth > /dev/null 2>&1 && plymouth --hide-splash + if [ -n "$DRACUT_SYSTEMD" ]; then + p=$(dev_unit_name "$check_dev") + systemctl start checkisomd5@"${p}".service + else + checkisomd5 --verbose "$check_dev" + fi + if [ $? -eq 1 ]; then + die "CD check failed!" + exit 1 + fi + type plymouth > /dev/null 2>&1 && plymouth --show-splash +fi + +ln -s "$livedev" /run/initramfs/livedev + +# determine filesystem type for a filesystem image +det_img_fs() { + udevadm settle >&2 + blkid -s TYPE -u noraid -o value "$1" +} + +load_fstype squashfs +CMDLINE=$(getcmdline) +for arg in $CMDLINE; do + case $arg in + ro | rw) liverw=$arg ;; + esac +done + +# mount the backing of the live image first +mkdir -m 0755 -p /run/initramfs/live +if [ -f "$livedev" ]; then + # no mount needed - we've already got the LiveOS image in initramfs + # check filesystem type and handle accordingly + fstype=$(det_img_fs "$livedev") + case $fstype in + squashfs) SQUASHED=$livedev ;; + auto) die "cannot mount live image (unknown filesystem type)" ;; + *) FSIMG=$livedev ;; + esac + [ -e /sys/fs/"$fstype" ] || modprobe "$fstype" +else + livedev_fstype=$(det_fs "$livedev") + if [ "$livedev_fstype" = "squashfs" ]; then + # no mount needed - we've already got the LiveOS image in $livedev + SQUASHED=$livedev + elif [ "$livedev_fstype" != "ntfs" ]; then + if ! mount -n -t "$livedev_fstype" -o "${liverw:-ro}" "$livedev" /run/initramfs/live; then + die "Failed to mount block device of live image" + exit 1 + fi + else + [ -x "/sbin/mount-ntfs-3g" ] && /sbin/mount-ntfs-3g -o "${liverw:-ro}" "$livedev" /run/initramfs/live + fi +fi + +# overlay setup helper function +do_live_overlay() { + # create a sparse file for the overlay + # overlay: if non-ram overlay searching is desired, do it, + # otherwise, create traditional overlay in ram + + l=$(blkid -s LABEL -o value "$livedev") || l="" + u=$(blkid -s UUID -o value "$livedev") || u="" + + if [ -z "$overlay" ]; then + pathspec="/${live_dir}/overlay-$l-$u" + elif strstr "$overlay" ":"; then + # pathspec specified, extract + pathspec=${overlay##*:} + fi + + if [ -z "$pathspec" -o "$pathspec" = "auto" ]; then + pathspec="/${live_dir}/overlay-$l-$u" + fi + devspec=${overlay%%:*} + + # need to know where to look for the overlay + if [ -z "$setup" -a -n "$devspec" -a -n "$pathspec" -a -n "$overlay" ]; then + mkdir -m 0755 -p /run/initramfs/overlayfs + if ismounted "$devspec"; then + devmnt=$(findmnt -e -v -n -o 'TARGET' --source "$devspec") + # We need $devspec writable for overlay storage + mount -o remount,rw "$devspec" + mount --bind "$devmnt" /run/initramfs/overlayfs + else + mount -n -t auto "$devspec" /run/initramfs/overlayfs || : + fi + if [ -f /run/initramfs/overlayfs$pathspec -a -w /run/initramfs/overlayfs$pathspec ]; then + OVERLAY_LOOPDEV=$(losetup -f --show ${readonly_overlay:+-r} /run/initramfs/overlayfs$pathspec) + over=$OVERLAY_LOOPDEV + umount -l /run/initramfs/overlayfs || : + oltype=$(det_img_fs "$OVERLAY_LOOPDEV") + if [ -z "$oltype" ] || [ "$oltype" = DM_snapshot_cow ]; then + if [ -n "$reset_overlay" ]; then + info "Resetting the Device-mapper overlay." + dd if=/dev/zero of="$OVERLAY_LOOPDEV" bs=64k count=1 conv=fsync 2> /dev/null + fi + if [ -n "$overlayfs" ]; then + unset -v overlayfs + [ -n "$DRACUT_SYSTEMD" ] && reloadsysrootmountunit=":>/xor_overlayfs;" + fi + setup="yes" + else + mount -n -t "$oltype" ${readonly_overlay:+-r} "$OVERLAY_LOOPDEV" /run/initramfs/overlayfs + if [ -d /run/initramfs/overlayfs/overlayfs ] \ + && [ -d /run/initramfs/overlayfs/ovlwork ]; then + ln -s /run/initramfs/overlayfs/overlayfs /run/overlayfs${readonly_overlay:+-r} + ln -s /run/initramfs/overlayfs/ovlwork /run/ovlwork${readonly_overlay:+-r} + if [ -z "$overlayfs" ] && [ -n "$DRACUT_SYSTEMD" ]; then + reloadsysrootmountunit=":>/xor_overlayfs;" + fi + overlayfs="required" + setup="yes" + fi + fi + elif [ -d /run/initramfs/overlayfs$pathspec ] \ + && [ -d /run/initramfs/overlayfs$pathspec/../ovlwork ]; then + ln -s /run/initramfs/overlayfs$pathspec /run/overlayfs${readonly_overlay:+-r} + ln -s /run/initramfs/overlayfs$pathspec/../ovlwork /run/ovlwork${readonly_overlay:+-r} + if [ -z "$overlayfs" ] && [ -n "$DRACUT_SYSTEMD" ]; then + reloadsysrootmountunit=":>/xor_overlayfs;" + fi + overlayfs="required" + setup="yes" + fi + fi + if [ -n "$overlayfs" ]; then + if ! load_fstype overlay; then + if [ "$overlayfs" = required ]; then + die "OverlayFS is required but not available." + exit 1 + fi + [ -n "$DRACUT_SYSTEMD" ] && reloadsysrootmountunit=":>/xor_overlayfs;" + m='OverlayFS is not available; using temporary Device-mapper overlay.' + info "$m" + unset -v overlayfs setup + fi + fi + + if [ -z "$setup" -o -n "$readonly_overlay" ]; then + if [ -n "$setup" ]; then + warn "Using temporary overlay." + elif [ -n "$devspec" -a -n "$pathspec" ]; then + [ -z "$m" ] \ + && m=' Unable to find a persistent overlay; using a temporary one.' + m="$m"' + All root filesystem changes will be lost on shutdown. + Press [Enter] to continue.' + printf "\n\n\n\n%s\n\n\n" "${m}" > /dev/kmsg + if [ -n "$DRACUT_SYSTEMD" ]; then + if type plymouth > /dev/null 2>&1 && plymouth --ping; then + if getargbool 0 rhgb || getargbool 0 splash; then + m='>>> +>>> +>>> + + +'"$m" + m="${m%n.*}"'n. + + +<<< +<<< +<<<' + plymouth display-message --text="${m}" + else + plymouth ask-question --prompt="${m}" --command=true + fi + else + m=">>>$(printf '%s' "$m" | tr -d '\n') <<<" + systemd-ask-password --timeout=0 "${m}" + fi + else + type plymouth > /dev/null 2>&1 && plymouth --ping && plymouth --quit + printf '\n\n%s' "$m" + read -r _ + fi + fi + if [ -n "$overlayfs" ]; then + if [ -n "$readonly_overlay" ] && ! [ -h /run/overlayfs-r ]; then + info "No persistent overlay found." + unset -v readonly_overlay + [ -n "$DRACUT_SYSTEMD" ] && reloadsysrootmountunit="${reloadsysrootmountunit}:>/xor_readonly;" + fi + else + dd if=/dev/null of=/overlay bs=1024 count=1 seek=$((overlay_size * 1024)) 2> /dev/null + if [ -n "$setup" -a -n "$readonly_overlay" ]; then + RO_OVERLAY_LOOPDEV=$(losetup -f --show /overlay) + over=$RO_OVERLAY_LOOPDEV + else + OVERLAY_LOOPDEV=$(losetup -f --show /overlay) + over=$OVERLAY_LOOPDEV + fi + fi + fi + + # set up the snapshot + if [ -z "$overlayfs" ]; then + if [ -n "$readonly_overlay" ] && [ -n "$OVERLAY_LOOPDEV" ]; then + echo 0 "$sz" snapshot "$BASE_LOOPDEV" "$OVERLAY_LOOPDEV" P 8 | dmsetup create --readonly live-ro + base="/dev/mapper/live-ro" + else + base=$BASE_LOOPDEV + fi + fi + + if [ -n "$thin_snapshot" ]; then + modprobe dm_thin_pool + mkdir -m 0755 -p /run/initramfs/thin-overlay + + # In block units (512b) + thin_data_sz=$((overlay_size * 1024 * 1024 / 512)) + thin_meta_sz=$((thin_data_sz / 10)) + + # It is important to have the backing file on a tmpfs + # this is needed to let the loopdevice support TRIM + dd if=/dev/null of=/run/initramfs/thin-overlay/meta bs=1b count=1 seek=$((thin_meta_sz)) 2> /dev/null + dd if=/dev/null of=/run/initramfs/thin-overlay/data bs=1b count=1 seek=$((thin_data_sz)) 2> /dev/null + + THIN_META_LOOPDEV=$(losetup --show -f /run/initramfs/thin-overlay/meta) + THIN_DATA_LOOPDEV=$(losetup --show -f /run/initramfs/thin-overlay/data) + + echo 0 $thin_data_sz thin-pool "$THIN_META_LOOPDEV" "$THIN_DATA_LOOPDEV" 1024 1024 | dmsetup create live-overlay-pool + dmsetup message /dev/mapper/live-overlay-pool 0 "create_thin 0" + + # Create a snapshot of the base image + echo 0 "$sz" thin /dev/mapper/live-overlay-pool 0 "$base" | dmsetup create live-rw + elif [ -z "$overlayfs" ]; then + echo 0 "$sz" snapshot "$base" "$over" PO 8 | dmsetup create live-rw + fi + + # Create a device for the ro base of overlaid file systems. + if [ -z "$overlayfs" ]; then + echo 0 "$sz" linear "$BASE_LOOPDEV" 0 | dmsetup create --readonly live-base + fi + ln -s "$BASE_LOOPDEV" /dev/live-base +} +# end do_live_overlay() + +# we might have an embedded fs image on squashfs (compressed live) +if [ -e /run/initramfs/live/${live_dir}/${squash_image} ]; then + SQUASHED="/run/initramfs/live/${live_dir}/${squash_image}" +fi +if [ -e "$SQUASHED" ]; then + if [ -n "$live_ram" ]; then + imgsize=$(($(stat -c %s -- $SQUASHED) / (1024 * 1024))) + check_live_ram $imgsize + echo 'Copying live image to RAM...' > /dev/kmsg + echo ' (this may take a minute)' > /dev/kmsg + dd if=$SQUASHED of=/run/initramfs/squashed.img bs=512 2> /dev/null + echo 'Done copying live image to RAM.' > /dev/kmsg + SQUASHED="/run/initramfs/squashed.img" + fi + + SQUASHED_LOOPDEV=$(losetup -f) + losetup -r "$SQUASHED_LOOPDEV" $SQUASHED + mkdir -m 0755 -p /run/initramfs/squashfs + mount -n -t squashfs -o ro "$SQUASHED_LOOPDEV" /run/initramfs/squashfs + + if [ -d /run/initramfs/squashfs/LiveOS ]; then + if [ -f /run/initramfs/squashfs/LiveOS/rootfs.img ]; then + FSIMG="/run/initramfs/squashfs/LiveOS/rootfs.img" + elif [ -f /run/initramfs/squashfs/LiveOS/ext3fs.img ]; then + FSIMG="/run/initramfs/squashfs/LiveOS/ext3fs.img" + fi + elif [ -d /run/initramfs/squashfs/proc ]; then + FSIMG=$SQUASHED + if [ -z "$overlayfs" ] && [ -n "$DRACUT_SYSTEMD" ]; then + reloadsysrootmountunit=":>/xor_overlayfs;" + fi + overlayfs="required" + else + die "Failed to find a root filesystem in $SQUASHED." + exit 1 + fi +else + # we might have an embedded fs image to use as rootfs (uncompressed live) + if [ -e /run/initramfs/live/${live_dir}/rootfs.img ]; then + FSIMG="/run/initramfs/live/${live_dir}/rootfs.img" + elif [ -e /run/initramfs/live/${live_dir}/ext3fs.img ]; then + FSIMG="/run/initramfs/live/${live_dir}/ext3fs.img" + fi + if [ -n "$live_ram" ]; then + echo 'Copying live image to RAM...' > /dev/kmsg + echo ' (this may take a minute or so)' > /dev/kmsg + dd if=$FSIMG of=/run/initramfs/rootfs.img bs=512 2> /dev/null + echo 'Done copying live image to RAM.' > /dev/kmsg + FSIMG='/run/initramfs/rootfs.img' + fi +fi + +if [ -n "$FSIMG" ]; then + if [ -n "$writable_fsimg" ]; then + # mount the provided filesystem read/write + echo "Unpacking live filesystem (may take some time)" > /dev/kmsg + mkdir -m 0755 -p /run/initramfs/fsimg/ + if [ -n "$SQUASHED" ]; then + cp -v $FSIMG /run/initramfs/fsimg/rootfs.img + else + unpack_archive $FSIMG /run/initramfs/fsimg/ + fi + FSIMG=/run/initramfs/fsimg/rootfs.img + fi + # For writable DM images... + readonly_base=1 + if [ -z "$SQUASHED" -a -n "$live_ram" -a -z "$overlayfs" ] \ + || [ -n "$writable_fsimg" ] \ + || [ "$overlay" = none -o "$overlay" = None -o "$overlay" = NONE ]; then + if [ -z "$readonly_overlay" ]; then + unset readonly_base + setup=rw + else + setup=yes + fi + fi + if [ "$FSIMG" = "$SQUASHED" ]; then + BASE_LOOPDEV=$SQUASHED_LOOPDEV + else + BASE_LOOPDEV=$(losetup -f --show ${readonly_base:+-r} $FSIMG) + sz=$(blockdev --getsz "$BASE_LOOPDEV") + fi + if [ "$setup" = rw ]; then + echo 0 "$sz" linear "$BASE_LOOPDEV" 0 | dmsetup create live-rw + else + # Add a DM snapshot or OverlayFS for writes. + do_live_overlay + fi +fi + +if [ -n "$reloadsysrootmountunit" ]; then + eval "$reloadsysrootmountunit" + systemctl daemon-reload +fi + +ROOTFLAGS="$(getarg rootflags)" + +if [ "$overlayfs" = required ]; then + echo "rd.live.overlay.overlayfs=1" > /etc/cmdline.d/dmsquash-need-overlay.conf +fi + +if [ -n "$overlayfs" ]; then + if [ -n "$FSIMG" ]; then + mkdir -m 0755 -p /run/rootfsbase + mount -r $FSIMG /run/rootfsbase + else + ln -sf /run/initramfs/live /run/rootfsbase + fi +else + if [ -z "$DRACUT_SYSTEMD" ]; then + [ -n "$ROOTFLAGS" ] && ROOTFLAGS="-o $ROOTFLAGS" + printf 'mount %s /dev/mapper/live-rw %s\n' "$ROOTFLAGS" "$NEWROOT" > "$hookdir"/mount/01-$$-live.sh + fi +fi +[ -e "$SQUASHED" ] && umount -l /run/initramfs/squashfs + +ln -s null /dev/root + +need_shutdown + +exit 0 diff --git a/modules.d/90dmsquash-live/dmsquash-liveiso-genrules.sh b/modules.d/90dmsquash-live/dmsquash-liveiso-genrules.sh new file mode 100755 index 0000000..a5810f7 --- /dev/null +++ b/modules.d/90dmsquash-live/dmsquash-liveiso-genrules.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ "${root%%:*}" = "liveiso" ]; then + { + # shellcheck disable=SC2016 + printf 'KERNEL=="loop-control", RUN+="/sbin/initqueue --settled --onetime --unique /sbin/dmsquash-live-root `/sbin/losetup -f --show %s`"\n' \ + "${root#liveiso:}" + } >> /etc/udev/rules.d/99-liveiso-mount.rules +fi diff --git a/modules.d/90dmsquash-live/iso-scan.sh b/modules.d/90dmsquash-live/iso-scan.sh new file mode 100755 index 0000000..fa06b33 --- /dev/null +++ b/modules.d/90dmsquash-live/iso-scan.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +isofile=$1 + +[ -z "$isofile" ] && exit 1 + +ismounted "/run/initramfs/isoscan" && exit 0 + +mkdir -p "/run/initramfs/isoscan" + +do_iso_scan() { + local _name + local dev + for dev in /dev/disk/by-uuid/*; do + _name=$(dev_unit_name "$dev") + [ -e /tmp/isoscan-"${_name}" ] && continue + : > /tmp/isoscan-"${_name}" + mount -t auto -o ro "$dev" "/run/initramfs/isoscan" || continue + if [ -f "/run/initramfs/isoscan/$isofile" ]; then + losetup -f "/run/initramfs/isoscan/$isofile" + udevadm trigger --action=add > /dev/null 2>&1 + ln -s "$dev" /run/initramfs/isoscandev + rm -f -- "$job" + exit 0 + else + umount "/run/initramfs/isoscan" + fi + done +} + +do_iso_scan + +rmdir "/run/initramfs/isoscan" +exit 1 diff --git a/modules.d/90dmsquash-live/module-setup.sh b/modules.d/90dmsquash-live/module-setup.sh new file mode 100755 index 0000000..b905e3d --- /dev/null +++ b/modules.d/90dmsquash-live/module-setup.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +# called by dracut +check() { + # a live host-only image doesn't really make a lot of sense + [[ $hostonly ]] && return 1 + return 255 +} + +# called by dracut +depends() { + # if dmsetup is not installed, then we cannot support fedora/red hat + # style live images + echo dm rootfs-block img-lib overlayfs + return 0 +} + +# called by dracut +installkernel() { + instmods squashfs loop iso9660 +} + +# called by dracut +install() { + inst_multiple umount dmsetup blkid dd losetup blockdev find rmdir grep + inst_multiple -o checkisomd5 + inst_hook cmdline 30 "$moddir/parse-dmsquash-live.sh" + inst_hook cmdline 31 "$moddir/parse-iso-scan.sh" + inst_hook pre-udev 30 "$moddir/dmsquash-live-genrules.sh" + inst_hook pre-udev 30 "$moddir/dmsquash-liveiso-genrules.sh" + inst_hook pre-pivot 20 "$moddir/apply-live-updates.sh" + inst_script "$moddir/dmsquash-live-root.sh" "/sbin/dmsquash-live-root" + inst_script "$moddir/iso-scan.sh" "/sbin/iso-scan" + if dracut_module_included "systemd-initrd"; then + inst_script "$moddir/dmsquash-generator.sh" "$systemdutildir"/system-generators/dracut-dmsquash-generator + inst_simple "$moddir/checkisomd5@.service" "/etc/systemd/system/checkisomd5@.service" + fi + dracut_need_initqueue +} diff --git a/modules.d/90dmsquash-live/parse-dmsquash-live.sh b/modules.d/90dmsquash-live/parse-dmsquash-live.sh new file mode 100755 index 0000000..de910b3 --- /dev/null +++ b/modules.d/90dmsquash-live/parse-dmsquash-live.sh @@ -0,0 +1,57 @@ +#!/bin/sh +# live images are specified with +# root=live:backingdev + +[ -z "$root" ] && root=$(getarg root=) + +# support legacy syntax of passing liveimg and then just the base root +if getargbool 0 rd.live.image -d -y liveimg; then + liveroot="live:$root" +fi + +if [ "${root%%:*}" = "live" ]; then + liveroot=$root +fi + +[ "${liveroot%%:*}" = "live" ] || return 1 + +modprobe -q loop + +case "$liveroot" in + live:LABEL=* | LABEL=* | live:UUID=* | UUID=* | live:PARTUUID=* | PARTUUID=* | live:PARTLABEL=* | PARTLABEL=*) + root="live:$(label_uuid_to_dev "${root#live:}")" + rootok=1 + ;; + live:CDLABEL=* | CDLABEL=*) + root="${root#live:}" + root="$(echo "$root" | sed 's,/,\\x2f,g;s, ,\\x20,g')" + root="live:/dev/disk/by-label/${root#CDLABEL=}" + rootok=1 + ;; + live:/*.[Ii][Ss][Oo] | /*.[Ii][Ss][Oo]) + root="${root#live:}" + root="liveiso:${root}" + rootok=1 + ;; + live:/dev/*) + root="live:${root#live:}" + rootok=1 + ;; + live:/*.[Ii][Mm][Gg] | /*.[Ii][Mm][Gg]) + [ -f "${root#live:}" ] && rootok=1 + ;; + live:nfs*) + rootok=1 + ;; +esac + +[ "$rootok" = "1" ] || return 1 + +info "root was $liveroot, is now $root" + +# make sure that init doesn't complain +[ -z "$root" ] && root="live" + +wait_for_dev -n /dev/root + +return 0 diff --git a/modules.d/90dmsquash-live/parse-iso-scan.sh b/modules.d/90dmsquash-live/parse-iso-scan.sh new file mode 100755 index 0000000..1dd2d37 --- /dev/null +++ b/modules.d/90dmsquash-live/parse-iso-scan.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# live images are specified with +# root=live:backingdev + +isofile=$(getarg iso-scan/filename) + +if [ -n "$isofile" ]; then + /sbin/initqueue --settled --unique /sbin/iso-scan "$isofile" +fi diff --git a/modules.d/90kernel-modules-extra/module-setup.sh b/modules.d/90kernel-modules-extra/module-setup.sh new file mode 100755 index 0000000..85e2e0a --- /dev/null +++ b/modules.d/90kernel-modules-extra/module-setup.sh @@ -0,0 +1,186 @@ +#!/bin/bash + +# called by dracut +# +# Parses depmod configuration and calls instmods for out-of-tree kernel +# modules found. Specifically, kernel modules inside directories that +# come from the following places are included (if these kernel modules +# are present in modules.dep): +# - "search" configuration option; +# - "override" configuration option (matching an exact file name constructed +# by concatenating the provided directory and the kernel module name); +# - "external" configuration option (if "external" is a part of "search" +# configuration). +# (See depmod.d(5) for details.) +# +# This module has the following variables available for configuration: +# - "depmod_modules_dep" - Path to the modules.dep file +# ("$srcmods/modules.dep" by default); +# - "depmod_module_dir" - Directory containing kernel modules ("$srcmods" +# by default); +# - "depmod_configs" - array of depmod configuration paths to parse +# (as supplied to depmod -C, ("/run/depmod.d/" +# "/etc/depmod.d/" "/lib/depmod.d/") by default). +installkernel() { + : "${depmod_modules_dep:=$srcmods/modules.dep}" + : "${depmod_module_dir:=$srcmods}" + + [[ -f ${depmod_modules_dep} ]] || return 0 + + # Message printers with custom prefix + local mod_name="kernel-modules-extra" + prinfo() { dinfo " ${mod_name}: $*"; } + prdebug() { ddebug " ${mod_name}: $*"; } + + # Escape a string for usage as a part of extended regular expression. + # $1 - string to escape + re_escape() { + printf "%s" "$1" | sed 's/\([.+?^$\/\\|()\[]\|\]\)/\\\0/' + } + + local cfg + local cfgs=() + local search_list="" + local overrides=() + local external_dirs=() + local e f + + ## Gathering and sorting configuration file list + + [ -n "${depmod_configs[*]-}" ] \ + || depmod_configs=(/run/depmod.d /etc/depmod.d /lib/depmod.d) + + for cfg in "${depmod_configs[@]}"; do + [ -e "$cfg" ] || { + prdebug "configuration source \"$cfg\" does not exist" + continue + } + + # '/' is used as a separator between configuration name and + # configuration path + if [ -d "$cfg" ]; then + for f in "$cfg/"*.conf; do + [[ -e $f && ! -d $f ]] || { + prdebug "configuration source" \ + "\"$cfg\" is ignored" \ + "(directory or doesn't exist)" + continue + } + cfgs+=("${f##*/}/$f") + done + else + cfgs+=("${cfg##*/}/$cfg") + fi + done + + if ((${#cfgs[@]} > 0)); then + mapfile -t cfgs < <(printf '%s\n' "${cfgs[@]}" | LANG=C sort -u -k1,1 -t '/' | cut -f 2- -d '/') + fi + + ## Parse configurations + + for cfg in "${cfgs[@]}"; do + prdebug "parsing configuration file \"$cfg\"" + + local k v mod kverpat path + while read -r k v; do + case "$k" in + search) + search_list="$search_list $v" + prdebug "$cfg: added \"$v\" to the list of" \ + "search directories" + ;; + override) # module_name kver_pattern dir + read -r mod kverpat path <<< "$v" + + if [[ ! $mod || ! $kverpat || ! $path ]]; then + prinfo "$cfg: ignoring incorrect" \ + "override option: \"$k $v\"" + continue + fi + + if [[ '*' == "$kverpat" ]] \ + || [[ $kernel =~ $kverpat ]]; then + overrides+=("${path}/${mod}") + + prdebug "$cfg: added override" \ + "\"${path}/${mod}\"" + else + prdebug "$cfg: override \"$v\" is" \ + "ignored since \"$kverpat\"" \ + "doesn't match \"$kernel\"" + fi + ;; + external) # kverpat dir + read -r kverpat path <<< "$v" + + if [[ ! $kverpat || ! $path ]]; then + prinfo "$cfg: ignoring incorrect" \ + "external option: \"$k $v\"" + continue + fi + + if [[ '*' == "$kverpat" ]] \ + || [[ $kernel =~ $kverpat ]]; then + external_dirs+=("$path") + + prdebug "$cfg: added external" \ + "directory \"$path\"" + else + prdebug "$cfg: external directory" \ + "\"$path\" is ignored since" \ + "\"$kverpat\" doesn't match " \ + "\"$kernel\"" + fi + ;; + '#'* | '') # comments and empty strings + ;; + include | make_map_files) # ignored by depmod + ;; + *) + prinfo "$cfg: unknown depmod configuration" \ + "option \"$k $v\"" + ;; + esac + done < "$cfg" + done + + # "updates built-in" is the default search list + : "${search_list:=updates}" + + ## Build a list of regular expressions for grepping modules.dep + + local pathlist=() + for f in "${overrides[@]}"; do + pathlist+=("^$(re_escape "$f")") + done + + for f in $(printf "%s" "$search_list"); do + # Ignoring builtin modules + [[ $f == "built-in" ]] && continue + + if [[ $f == "external" ]]; then + for e in "${external_dirs[@]}"; do + pathlist+=("$(re_escape "${e%/}")/[^:]+") + done + fi + + pathlist+=("$(re_escape "${f%/}")/[^:]+") + done + + ## Filter modules.dep, canonicalise the resulting filenames and supply + ## them to instmods. + + ((${#pathlist[@]} > 0)) || return 0 + + printf "^%s\.ko(\.gz|\.bz2|\.xz|\.zst)?:\n" "${pathlist[@]}" \ + | (LANG=C grep -E -o -f - -- "$depmod_modules_dep" || exit 0) \ + | tr -d ':' \ + | ( + cd "$depmod_module_dir" || exit + xargs -r realpath -se -- + ) \ + | instmods || return 1 + + return 0 +} diff --git a/modules.d/90kernel-modules/insmodpost.sh b/modules.d/90kernel-modules/insmodpost.sh new file mode 100755 index 0000000..a7ab05b --- /dev/null +++ b/modules.d/90kernel-modules/insmodpost.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +. /lib/dracut-lib.sh + +for modlist in $(getargs rd.driver.post -d rdinsmodpost=); do + ( + IFS=, + for m in $modlist; do + modprobe "$m" + done + ) +done diff --git a/modules.d/90kernel-modules/module-setup.sh b/modules.d/90kernel-modules/module-setup.sh new file mode 100755 index 0000000..e217512 --- /dev/null +++ b/modules.d/90kernel-modules/module-setup.sh @@ -0,0 +1,154 @@ +#!/bin/bash + +# called by dracut +installkernel() { + local _blockfuncs='ahci_platform_get_resources|ata_scsi_ioctl|scsi_add_host|blk_cleanup_queue|register_mtd_blktrans|scsi_esp_register|register_virtio_device|usb_stor_disconnect|mmc_add_host|sdhci_add_host|scsi_add_host_with_dma|blk_mq_alloc_disk|blk_mq_alloc_request|blk_mq_destroy_queue|blk_cleanup_disk' + local -A _hostonly_drvs + + record_block_dev_drv() { + + for _mod in $(get_dev_module /dev/block/"$1"); do + _hostonly_drvs["$_mod"]="$_mod" + done + + for _mod in $(get_blockdev_drv_through_sys "/sys/dev/block/$1"); do + _hostonly_drvs["$_mod"]="$_mod" + done + + ((${#_hostonly_drvs[@]} > 0)) && return 0 + return 1 + } + + install_block_modules_strict() { + hostonly='' instmods "${_hostonly_drvs[@]}" + } + + install_block_modules() { + instmods \ + scsi_dh_rdac scsi_dh_emc scsi_dh_alua \ + =drivers/usb/storage \ + =ide nvme vmd \ + virtio_blk virtio_scsi \ + =drivers/ufs + + dracut_instmods -o -s "${_blockfuncs}" "=drivers" + } + + if [[ -z $drivers ]]; then + hostonly='' instmods \ + hid_generic unix + + hostonly=$(optional_hostonly) instmods \ + ehci-hcd ehci-pci ehci-platform \ + ohci-hcd ohci-pci \ + uhci-hcd \ + usbhid \ + xhci-hcd xhci-pci xhci-plat-hcd \ + "=drivers/hid" \ + "=drivers/tty/serial" \ + "=drivers/input/serio" \ + "=drivers/input/keyboard" \ + "=drivers/pci/host" \ + "=drivers/pci/controller" \ + "=drivers/pinctrl" \ + "=drivers/usb/typec" \ + "=drivers/watchdog" + + instmods \ + yenta_socket spi_pxa2xx_platform \ + atkbd i8042 firewire-ohci pcmcia hv-vmbus \ + virtio virtio_ring virtio_pci pci_hyperv \ + "=drivers/pcmcia" + + if [[ ${DRACUT_ARCH:-$(uname -m)} == arm* || ${DRACUT_ARCH:-$(uname -m)} == aarch64 || ${DRACUT_ARCH:-$(uname -m)} == riscv* ]]; then + # arm/aarch64 specific modules + _blockfuncs+='|dw_mc_probe|dw_mci_pltfm_register|nvme_init_ctrl' + instmods \ + "=drivers/clk" \ + "=drivers/devfreq" \ + "=drivers/dma" \ + "=drivers/extcon" \ + "=drivers/gpio" \ + "=drivers/hwmon" \ + "=drivers/hwspinlock" \ + "=drivers/interconnect" \ + "=drivers/i2c/busses" \ + "=drivers/mailbox" \ + "=drivers/memory" \ + "=drivers/mfd" \ + "=drivers/mmc/core" \ + "=drivers/mmc/host" \ + "=drivers/nvmem" \ + "=drivers/phy" \ + "=drivers/power" \ + "=drivers/regulator" \ + "=drivers/reset" \ + "=drivers/rpmsg" \ + "=drivers/rtc" \ + "=drivers/soc" \ + "=drivers/spi" \ + "=drivers/usb/chipidea" \ + "=drivers/usb/dwc2" \ + "=drivers/usb/dwc3" \ + "=drivers/usb/host" \ + "=drivers/usb/isp1760" \ + "=drivers/usb/misc" \ + "=drivers/usb/musb" \ + "=drivers/usb/phy" \ + "=drivers/scsi/hisi_sas" + fi + + awk -F: '/^\// {print $1}' "$srcmods/modules.dep" 2> /dev/null | instmods + + # if not on hostonly mode, or there are hostonly block device + # install block drivers + if ! [[ $hostonly ]] \ + || for_each_host_dev_and_slaves_all record_block_dev_drv; then + hostonly='' instmods sg sr_mod sd_mod scsi_dh ata_piix + + if [[ $hostonly_mode == "strict" ]]; then + install_block_modules_strict + else + install_block_modules + fi + fi + + # if not on hostonly mode, install all known filesystems, + # if the required list is not set via the filesystems variable + if ! [[ $hostonly ]]; then + if [[ -z $filesystems ]]; then + dracut_instmods -o -P ".*/(kernel/fs/nfs|kernel/fs/nfsd|kernel/fs/lockd)/.*" '=fs' + fi + elif [[ "${host_fs_types[*]}" ]]; then + hostonly='' instmods "${host_fs_types[@]}" + fi + + arch=${DRACUT_ARCH:-$(uname -m)} + + # We don't want to play catch up with hash and encryption algorithms. + # To be safe, just use the hammer and include all crypto. + [[ $arch == x86_64 ]] && arch=x86 + [[ $arch == s390x ]] && arch=s390 + [[ $arch == aarch64 ]] && arch=arm64 + hostonly='' instmods "=crypto" + instmods "=arch/$arch/crypto" "=drivers/crypto" + fi + + inst_multiple -o "$depmodd/*.conf" + if [[ $hostonly ]]; then + inst_multiple -H -o "$depmodconfdir/*.conf" + fi + : +} + +# called by dracut +install() { + [[ -d /lib/modprobe.d ]] && inst_multiple -o "/lib/modprobe.d/*.conf" + [[ -d /usr/lib/modprobe.d ]] && inst_multiple -o "/usr/lib/modprobe.d/*.conf" + [[ $hostonly ]] && inst_multiple -H -o /etc/modprobe.d/*.conf /etc/modprobe.conf + if ! dracut_module_included "systemd"; then + inst_hook cmdline 01 "$moddir/parse-kernel.sh" + fi + inst_simple "$moddir/insmodpost.sh" /sbin/insmodpost.sh + inst_multiple -o sysctl +} diff --git a/modules.d/90kernel-modules/parse-kernel.sh b/modules.d/90kernel-modules/parse-kernel.sh new file mode 100755 index 0000000..d14f912 --- /dev/null +++ b/modules.d/90kernel-modules/parse-kernel.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +_modprobe_d=/etc/modprobe.d +if [ -d /usr/lib/modprobe.d ]; then + _modprobe_d=/usr/lib/modprobe.d +elif [ -d /lib/modprobe.d ]; then + _modprobe_d=/lib/modprobe.d +elif [ ! -d $_modprobe_d ]; then + mkdir -p $_modprobe_d +fi + +for i in $(getargs rd.driver.pre -d rdloaddriver=); do + ( + IFS=, + for p in $i; do + modprobe "$p" 2>&1 | vinfo + done + ) +done + +[ -d /etc/modprobe.d ] || mkdir -p /etc/modprobe.d + +for i in $(getargs rd.driver.blacklist -d rdblacklist=); do + ( + IFS=, + for p in $i; do + echo "blacklist $p" >> $_modprobe_d/initramfsblacklist.conf + done + ) +done + +for p in $(getargs rd.driver.post -d rdinsmodpost=); do + echo "blacklist $p" >> $_modprobe_d/initramfsblacklist.conf + _do_insmodpost=1 +done + +[ -n "$_do_insmodpost" ] && initqueue --settled --unique --onetime insmodpost.sh +unset _do_insmodpost _modprobe_d diff --git a/modules.d/90kernel-network-modules/module-setup.sh b/modules.d/90kernel-network-modules/module-setup.sh new file mode 100755 index 0000000..49823ef --- /dev/null +++ b/modules.d/90kernel-network-modules/module-setup.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + # Include wired net drivers, excluding wireless + local _arch=${DRACUT_ARCH:-$(uname -m)} + local _net_symbols='eth_type_trans|register_virtio_device|usbnet_open' + local _unwanted_drivers='/(wireless|isdn|uwb|net/ethernet|net/phy|net/team)/' + local _net_drivers + + if [[ $_arch == "s390" ]] || [[ $_arch == "s390x" ]]; then + dracut_instmods -o -P ".*${_unwanted_drivers}.*" -s "$_net_symbols" "=drivers/s390/net" + fi + + if [[ $hostonly_mode == 'strict' ]] && [[ -n ${hostonly_nics+x} ]]; then + for _nic in $hostonly_nics; do + mapfile -t _net_drivers < <(get_dev_module /sys/class/net/"$_nic") + if ((${#_net_drivers[@]} == 0)); then + derror "--hostonly-nics contains invalid NIC '$_nic'" + continue + fi + hostonly="" instmods "${_net_drivers[@]}" + done + return 0 + fi + + dracut_instmods -o -P ".*${_unwanted_drivers}.*" -s "$_net_symbols" "=drivers/net" + #instmods() will take care of hostonly + instmods \ + '=drivers/net/mdio' \ + '=drivers/net/phy' \ + '=drivers/net/team' \ + '=drivers/net/ethernet' \ + ecb arc4 bridge stp llc ipv6 bonding 8021q ipvlan macvlan af_packet virtio_net xennet +} + +# called by dracut +install() { + return 0 +} diff --git a/modules.d/90livenet/fetch-liveupdate.sh b/modules.d/90livenet/fetch-liveupdate.sh new file mode 100755 index 0000000..3ff2a9c --- /dev/null +++ b/modules.d/90livenet/fetch-liveupdate.sh @@ -0,0 +1,31 @@ +#!/bin/sh +# fetch-liveupdate - fetch an update image for dmsquash-live media. +# this gets called by the "initqueue/online" hook for each network interface +# that comes online. + +# no updates requested? we're not needed. +[ -e /tmp/liveupdates.info ] || return 0 + +command -v getarg > /dev/null || . /lib/dracut-lib.sh +command -v fetch_url > /dev/null || . /lib/url-lib.sh +command -v unpack_img > /dev/null || . /lib/img-lib.sh + +read -r url < /tmp/liveupdates.info + +info "fetching live updates from $url" + +if ! fetch_url "$url" /tmp/updates.img; then + warn "failed to fetch update image!" + warn "url: $url" + return 1 +fi + +if ! unpack_img /tmp/updates.img /updates.tmp.$$; then + warn "failed to unpack update image!" + warn "url: $url" + return 1 +fi + +copytree /updates.tmp.$$ /updates + +mv /tmp/liveupdates.info /tmp/liveupdates.done diff --git a/modules.d/90livenet/livenet-generator.sh b/modules.d/90livenet/livenet-generator.sh new file mode 100755 index 0000000..3e9226b --- /dev/null +++ b/modules.d/90livenet/livenet-generator.sh @@ -0,0 +1,84 @@ +#!/bin/bash + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +[ -z "$root" ] && root=$(getarg root=) + +# support legacy syntax of passing liveimg and then just the base root +if getargbool 0 rd.live.image -d -y liveimg; then + liveroot="live:$root" +fi + +if [ "${root%%:*}" = "live" ]; then + liveroot=$root +fi + +[ "${liveroot%%:*}" = "live" ] || exit 0 + +case "$liveroot" in + live:nfs://* | nfs://*) + root="${root#live:}" + rootok=1 + ;; + live:http://* | http://*) + root="${root#live:}" + rootok=1 + ;; + live:https://* | https://*) + root="${root#live:}" + rootok=1 + ;; + live:ftp://* | ftp://*) + root="${root#live:}" + rootok=1 + ;; + live:torrent://* | torrent://*) + root="${root#live:}" + rootok=1 + ;; + live:tftp://* | tftp://*) + root="${root#live:}" + rootok=1 + ;; +esac + +[ "$rootok" != "1" ] && exit 0 + +GENERATOR_DIR="$2" +[ -z "$GENERATOR_DIR" ] && exit 1 + +[ -d "$GENERATOR_DIR" ] || mkdir -p "$GENERATOR_DIR" + +getargbool 0 rd.live.overlay.readonly -d -y readonly_overlay && readonly_overlay="--readonly" || readonly_overlay="" +getargbool 0 rd.live.overlay.overlayfs && overlayfs="yes" +[ -e /xor_overlayfs ] && xor_overlayfs="yes" +[ -e /xor_readonly ] && xor_readonly="--readonly" +ROOTFLAGS="$(getarg rootflags)" +{ + echo "[Unit]" + echo "Before=initrd-root-fs.target" + echo "[Mount]" + echo "Where=/sysroot" + if [ "$overlayfs$xor_overlayfs" = "yes" ]; then + echo "What=LiveOS_rootfs" + if [ "$readonly_overlay$xor_readonly" = "--readonly" ]; then + ovlfs=lowerdir=/run/overlayfs-r:/run/rootfsbase + else + ovlfs=lowerdir=/run/rootfsbase + fi + echo "Options=${ROOTFLAGS},${ovlfs},upperdir=/run/overlayfs,workdir=/run/ovlwork" + echo "Type=overlay" + _dev=LiveOS_rootfs + else + echo "What=/dev/mapper/live-rw" + [ -n "$ROOTFLAGS" ] && echo "Options=${ROOTFLAGS}" + _dev=$'dev-mapper-live\\x2drw' + fi +} > "$GENERATOR_DIR"/sysroot.mount + +mkdir -p "$GENERATOR_DIR/$_dev.device.d" +{ + echo "[Unit]" + echo "JobTimeoutSec=3000" + echo "JobRunningTimeoutSec=3000" +} > "$GENERATOR_DIR/$_dev.device.d/timeout.conf" diff --git a/modules.d/90livenet/livenetroot.sh b/modules.d/90livenet/livenetroot.sh new file mode 100755 index 0000000..66dd41b --- /dev/null +++ b/modules.d/90livenet/livenetroot.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# livenetroot - fetch a live image from the network and run it + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +. /lib/url-lib.sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin +RETRIES=${RETRIES:-100} +SLEEP=${SLEEP:-5} + +[ -e /tmp/livenet.downloaded ] && exit 0 + +# args get passed from 40network/netroot +netroot="$2" +liveurl="${netroot#livenet:}" +info "fetching $liveurl" + +if getargbool 0 'rd.writable.fsimg'; then + + imgsize=$(($(curl -sIL "$liveurl" | sed -n 's/Content-Length: *\([[:digit:]]*\).*/\1/p') / (1024 * 1024))) + + check_live_ram $imgsize +fi + +imgfile= +#retry until the imgfile is populated with data or the max retries +i=1 +while [ "$i" -le "$RETRIES" ]; do + imgfile=$(fetch_url "$liveurl") + + # shellcheck disable=SC2181 + if [ $? != 0 ]; then + warn "failed to download live image: error $?" + imgfile= + fi + + if [ -n "$imgfile" -a -s "$imgfile" ]; then + break + else + if [ $i -ge "$RETRIES" ]; then + warn "failed to download live image after $i attempts." + exit 1 + fi + + sleep "$SLEEP" + fi + + i=$((i + 1)) +done > /tmp/livenet.downloaded + +# TODO: couldn't dmsquash-live-root handle this? +if [ "${imgfile##*.}" = "iso" ]; then + root=$(losetup -f) + losetup "$root" "$imgfile" +else + root=$imgfile +fi + +exec /sbin/dmsquash-live-root "$root" diff --git a/modules.d/90livenet/module-setup.sh b/modules.d/90livenet/module-setup.sh new file mode 100755 index 0000000..db0def5 --- /dev/null +++ b/modules.d/90livenet/module-setup.sh @@ -0,0 +1,24 @@ +#!/bin/bash +# module-setup.sh for livenet + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + echo network url-lib dmsquash-live img-lib bash + return 0 +} + +# called by dracut +install() { + inst_hook cmdline 29 "$moddir/parse-livenet.sh" + inst_hook initqueue/online 95 "$moddir/fetch-liveupdate.sh" + inst_script "$moddir/livenetroot.sh" "/sbin/livenetroot" + if dracut_module_included "systemd-initrd"; then + inst_script "$moddir/livenet-generator.sh" "$systemdutildir"/system-generators/dracut-livenet-generator + fi + dracut_need_initqueue +} diff --git a/modules.d/90livenet/parse-livenet.sh b/modules.d/90livenet/parse-livenet.sh new file mode 100755 index 0000000..a1d14a8 --- /dev/null +++ b/modules.d/90livenet/parse-livenet.sh @@ -0,0 +1,33 @@ +#!/bin/sh +# live net images - just like live images, but specified like: +# root=live:[url-to-backing-file] + +[ -z "$root" ] && root=$(getarg root=) +. /lib/url-lib.sh + +# live updates +updates=$(getarg live.updates=) +if [ -n "$updates" ]; then + # make sure network comes up even if we're doing a local live device + if [ -z "$netroot" ]; then + echo > /tmp/net.ifaces + fi + echo "$updates" > /tmp/liveupdates.info + echo '[ -e /tmp/liveupdates.done ]' > "$hookdir"/initqueue/finished/liveupdates.sh +fi + +str_starts "$root" "live:" && liveurl="$root" +str_starts "$liveurl" "live:" || return +liveurl="${liveurl#live:}" + +# setting netroot to "livenet:..." makes "livenetroot" get run after ifup +if get_url_handler "$liveurl" > /dev/null; then + info "livenet: root image at $liveurl" + netroot="livenet:$liveurl" + root="livenet" # quiet complaints from init + # shellcheck disable=SC2034 + rootok=1 + wait_for_dev -n /dev/root +else + info "livenet: no url handler for $liveurl" +fi diff --git a/modules.d/90lvm/64-lvm.rules b/modules.d/90lvm/64-lvm.rules new file mode 100644 index 0000000..1ad4911 --- /dev/null +++ b/modules.d/90lvm/64-lvm.rules @@ -0,0 +1,29 @@ +# hacky rules to try to activate lvm when we get new block devs... +# +# Copyright 2008, Red Hat, Inc. +# Jeremy Katz <katzj@redhat.com> + + +SUBSYSTEM!="block", GOTO="lvm_end" +ACTION!="add|change", GOTO="lvm_end" + +# If the md device is active (indicated by array_state), then set the flag +# LVM_MD_PV_ACTIVATED=1 indicating that the md device for the PV is ready +# to be used. The lvm udev rule running in root will check that this flag +# is set before it will process the md device (it wants to avoid +# processing an md device that exists but is not yet ready to be used.) +KERNEL=="md[0-9]*", ACTION=="change", ENV{ID_FS_TYPE}=="LVM2_member", ENV{LVM_MD_PV_ACTIVATED}!="1", TEST=="md/array_state", ENV{LVM_MD_PV_ACTIVATED}="1" + +# Also don't process disks that are slated to be a multipath device +ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="lvm_end" +KERNEL=="dm-[0-9]*", ACTION=="add", GOTO="lvm_end" +ENV{ID_FS_TYPE}!="LVM?_member", GOTO="lvm_end" + +PROGRAM=="/bin/sh -c 'for i in $sys/$devpath/holders/dm-[0-9]*; do [ -e $$i ] && exit 0; done; exit 1;' ", \ + GOTO="lvm_end" + +RUN+="/sbin/initqueue --settled --onetime --unique /sbin/lvm_scan" +RUN+="/sbin/initqueue --timeout --name 51-lvm_scan --onetime --unique /sbin/lvm_scan --activationmode degraded" +RUN+="/bin/sh -c '>/tmp/.lvm_scan-%k;'" + +LABEL="lvm_end" diff --git a/modules.d/90lvm/lvm_scan.sh b/modules.d/90lvm/lvm_scan.sh new file mode 100755 index 0000000..980e449 --- /dev/null +++ b/modules.d/90lvm/lvm_scan.sh @@ -0,0 +1,176 @@ +#!/bin/sh + +# run lvm scan if udev has settled + +extraargs="$*" +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +VGS=$(getargs rd.lvm.vg -d rd_LVM_VG=) +LVS=$(getargs rd.lvm.lv -d rd_LVM_LV=) + +# shellcheck disable=SC2174 +[ -d /etc/lvm ] || mkdir -m 0755 -p /etc/lvm +[ -d /run/lvm ] || mkdir -m 0755 -p /run/lvm +# build a list of devices to scan +lvmdevs=$( + for f in /tmp/.lvm_scan-*; do + [ -e "$f" ] || continue + printf '%s' "${f##/tmp/.lvm_scan-} " + done +) + +check_lvm_ver() { + maj=$1 + min=$2 + ver=$3 + # --poll is supported since 2.2.57 + [ "$4" -lt "$maj" ] && return 1 + [ "$4" -gt "$maj" ] && return 0 + [ "$5" -lt "$min" ] && return 1 + [ "$5" -gt "$min" ] && return 0 + [ "$6" -ge "$ver" ] && return 0 + return 1 +} + +no_lvm_conf_filter() { + if [ ! -e /etc/lvm/lvm.conf ]; then + return 0 + fi + + if [ -e /run/lvm/initrd_no_filter ]; then + return 0 + fi + + if [ -e /run/lvm/initrd_filter ]; then + return 1 + fi + + if [ -e /run/lvm/initrd_global_filter ]; then + return 1 + fi + + # Save lvm config results in /run to avoid running + # lvm config commands for every PV that's scanned. + + filter=$(lvm config devices/filter 2> /dev/null | grep "$filter=") + if [ -n "$filter" ]; then + printf '%s\n' "$filter" > /run/lvm/initrd_filter + return 1 + fi + + global_filter=$(lvm config devices/global_filter 2> /dev/null | grep "$global_filter=") + if [ -n "$global_filter" ]; then + printf '%s\n' "$global_filter" > /run/lvm/initrd_global_filter + return 1 + fi + + # /etc/lvm/lvm.conf exists with no filter setting + true > /run/lvm/initrd_no_filter + return 0 +} + +# If no lvm.conf exists, create a basic one with a global section. +if [ ! -e /etc/lvm/lvm.conf ]; then + { + echo 'global {' + echo '}' + } > /etc/lvm/lvm.conf + lvmwritten=1 +fi + +# Save the original lvm.conf before appending a filter setting. +if [ ! -e /etc/lvm/lvm.conf.orig ]; then + cp /etc/lvm/lvm.conf /etc/lvm/lvm.conf.orig +fi + +# If the original lvm.conf does not contain a filter setting, +# then generate a filter and append it to the original lvm.conf. +# The filter is generated from the list PVs that have been seen +# so far (each has been processed by the lvm udev rule.) +if no_lvm_conf_filter; then + { + echo 'devices {' + printf ' filter = [ ' + for dev in $lvmdevs; do + printf '"a|^/dev/%s$|", ' "$dev" + done + echo '"r/.*/" ]' + echo '}' + } > /etc/lvm/lvm.conf.filter + lvmfilter=1 + cat /etc/lvm/lvm.conf.orig /etc/lvm/lvm.conf.filter > /etc/lvm/lvm.conf +fi + +# hopefully this output format will never change, e.g.: +# LVM version: 2.02.53(1) (2009-09-25) +OLDIFS=$IFS +IFS=. +# shellcheck disable=SC2046 +set -- $(lvm version 2> /dev/null) +IFS=$OLDIFS +maj=${1##*:} +min=$2 +sub=${3%% *} +sub=${sub%%\(*} + +# For lvchange and vgchange use --sysinit which: +# disables polling (--poll n) +# ignores monitoring (--ignoremonitoring) +# ignores locking failures (--ignorelockingfailure) +# disables hints (--nohints) +# +# For lvs and vgscan: +# disable locking (--nolocking) +# disable hints (--nohints) + +activate_args="--sysinit $extraargs" +unset extraargs + +export LVM_SUPPRESS_LOCKING_FAILURE_MESSAGES=1 + +scan_args="--nolocking" + +check_lvm_ver 2 3 14 "$maj" "$min" "$sub" \ + && scan_args="$scan_args --nohints" + +if [ -n "$LVS" ]; then + info "Scanning devices $lvmdevs for LVM logical volumes $LVS" + # shellcheck disable=SC2086 + LVSLIST=$(lvm lvs $scan_args --noheading -o lv_full_name,segtype $LVS) + info "$LVSLIST" + + # Only attempt to activate an LV if it appears in the lvs output. + for LV in $LVS; do + if strstr "$LVSLIST" "$LV"; then + # This lvchange is expected to fail if all PVs used by + # the LV are not yet present. Premature/failed lvchange + # could be avoided by reporting if an LV is complete + # from the lvs command above and skipping this lvchange + # if the LV is not lised as complete. + # shellcheck disable=SC2086 + lvm lvchange --yes -K -ay $activate_args "$LV" 2>&1 | vinfo + fi + done +fi + +if [ -z "$LVS" ] || [ -n "$VGS" ]; then + info "Scanning devices $lvmdevs for LVM volume groups $VGS" + # shellcheck disable=SC2086 + lvm vgscan $scan_args 2>&1 | vinfo + # shellcheck disable=SC2086 + lvm vgchange -ay $activate_args $VGS 2>&1 | vinfo +fi + +if [ "$lvmwritten" ]; then + rm -f -- /etc/lvm/lvm.conf +elif [ "$lvmfilter" ]; then + # revert filter that was appended to existing lvm.conf + cp /etc/lvm/lvm.conf.orig /etc/lvm/lvm.conf + rm -f -- /etc/lvm/lvm.conf.filter +fi +unset lvmwritten +unset lvmfilter + +udevadm settle + +need_shutdown diff --git a/modules.d/90lvm/module-setup.sh b/modules.d/90lvm/module-setup.sh new file mode 100755 index 0000000..7ba4c69 --- /dev/null +++ b/modules.d/90lvm/module-setup.sh @@ -0,0 +1,117 @@ +#!/bin/bash + +# called by dracut +check() { + # No point trying to support lvm if the binaries are missing + require_binaries lvm grep || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for fs in "${host_fs_types[@]}"; do + [[ $fs == LVM*_member ]] && return 0 + done + return 255 + } + + return 0 +} + +# called by dracut +depends() { + # We depend on dm_mod being loaded + echo rootfs-block dm + return 0 +} + +# called by dracut +cmdline() { + local _activated + declare -A _activated + + for dev in "${!host_fs_types[@]}"; do + [[ -e /sys/block/${dev#/dev/}/dm/name ]] || continue + [[ -e /sys/block/${dev#/dev/}/dm/uuid ]] || continue + uuid=$(< "/sys/block/${dev#/dev/}/dm/uuid") + [[ ${uuid#LVM-} == "$uuid" ]] && continue + dev=$(< "/sys/block/${dev#/dev/}/dm/name") + eval "$(dmsetup splitname --nameprefixes --noheadings --rows "$dev" 2> /dev/null)" + [[ ${DM_VG_NAME} ]] && [[ ${DM_LV_NAME} ]] || return 1 + if ! [[ ${_activated[DM_VG_NAME / DM_LV_NAME]} ]]; then + printf " rd.lvm.lv=%s " "${DM_VG_NAME}/${DM_LV_NAME} " + _activated["${DM_VG_NAME}/${DM_LV_NAME}"]=1 + fi + done +} + +installkernel() { + hostonly='' dracut_instmods -o -P ".*/(bcache/|md-cluster).*" "=drivers/md" +} + +# called by dracut +install() { + inst_multiple lvm grep + + if [[ $hostonly_cmdline == "yes" ]]; then + local _lvmconf + _lvmconf=$(cmdline) + [[ $_lvmconf ]] && printf "%s\n" "$_lvmconf" >> "${initdir}/etc/cmdline.d/90lvm.conf" + fi + + inst_rules "$moddir/64-lvm.rules" + + if [[ $hostonly ]] || [[ $lvmconf == "yes" ]]; then + if [[ -f $dracutsysrootdir/etc/lvm/lvm.conf ]]; then + inst_simple -H /etc/lvm/lvm.conf + fi + + export LVM_SUPPRESS_FD_WARNINGS=1 + # Also install any files needed for LVM system id support. + if [[ -f $dracutsysrootdir/etc/lvm/lvmlocal.conf ]]; then + inst_simple -H /etc/lvm/lvmlocal.conf + fi + eval "$(lvm dumpconfig global/system_id_source &> /dev/null)" + if [ "$system_id_source" == "file" ]; then + eval "$(lvm dumpconfig global/system_id_file)" + if [ -f "$system_id_file" ]; then + inst_simple -H "$system_id_file" + fi + fi + unset LVM_SUPPRESS_FD_WARNINGS + fi + + inst_rules 11-dm-lvm.rules + + # Gentoo ebuild for LVM2 prior to 2.02.63-r1 doesn't install above rules + # files, but provides the one below: + inst_rules 64-device-mapper.rules + # debian udev rules + inst_rules 56-lvm.rules 60-persistent-storage-lvm.rules + + inst_script "$moddir/lvm_scan.sh" /sbin/lvm_scan + inst_hook cmdline 30 "$moddir/parse-lvm.sh" + + if [[ $hostonly ]] && find_binary lvs &> /dev/null; then + for dev in "${!host_fs_types[@]}"; do + [[ -e /sys/block/${dev#/dev/}/dm/name ]] || continue + dev=$(< "/sys/block/${dev#/dev/}/dm/name") + eval "$(dmsetup splitname --nameprefixes --noheadings --rows "$dev" 2> /dev/null)" + # shellcheck disable=SC2015 + [[ ${DM_VG_NAME} ]] && [[ ${DM_LV_NAME} ]] || continue + case "$(lvs --noheadings -o segtype "${DM_VG_NAME}" 2> /dev/null)" in + *thin* | *cache* | *era*) + inst_multiple -o thin_dump thin_restore thin_check thin_repair \ + cache_dump cache_restore cache_check cache_repair \ + era_check era_dump era_invalidate era_restore + break + ;; + esac + done + fi + + if ! [[ $hostonly ]]; then + inst_multiple -o thin_dump thin_restore thin_check thin_repair \ + cache_dump cache_restore cache_check cache_repair \ + era_check era_dump era_invalidate era_restore + fi + + dracut_need_initqueue +} diff --git a/modules.d/90lvm/parse-lvm.sh b/modules.d/90lvm/parse-lvm.sh new file mode 100755 index 0000000..d774882 --- /dev/null +++ b/modules.d/90lvm/parse-lvm.sh @@ -0,0 +1,17 @@ +#!/bin/sh + +if [ -e /etc/lvm/lvm.conf ] && ! getargbool 1 rd.lvm.conf -d -n rd_NO_LVMCONF; then + rm -f -- /etc/lvm/lvm.conf +fi + +LV_DEVS="$(getargs rd.lvm.vg -d rd_LVM_VG=) $(getargs rd.lvm.lv -d rd_LVM_LV=)" + +if ! getargbool 1 rd.lvm -d -n rd_NO_LVM \ + || { [ -z "$LV_DEVS" ] && ! getargbool 0 rd.auto; }; then + info "rd.lvm=0: removing LVM activation" + rm -f -- /etc/udev/rules.d/64-lvm*.rules +else + for dev in $LV_DEVS; do + wait_for_dev -n "/dev/$dev" + done +fi diff --git a/modules.d/90mdraid/59-persistent-storage-md.rules b/modules.d/90mdraid/59-persistent-storage-md.rules new file mode 100644 index 0000000..0d745cc --- /dev/null +++ b/modules.d/90mdraid/59-persistent-storage-md.rules @@ -0,0 +1,24 @@ +SUBSYSTEM!="block", GOTO="md_end" +ACTION!="add|change", GOTO="md_end" +# Also don't process disks that are slated to be a multipath device +ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="md_end" + +KERNEL!="md[0-9]*|md_d[0-9]*|md/*", KERNEL!="md*", GOTO="md_end" + +# partitions have no md/{array_state,metadata_version} +ENV{DEVTYPE}=="partition", GOTO="md_ignore_state" + +# container devices have a metadata version of e.g. 'external:ddf' and +# never leave state 'inactive' +ATTR{md/metadata_version}=="external:[A-Za-z]*", ATTR{md/array_state}=="inactive", GOTO="md_ignore_state" +TEST!="md/array_state", GOTO="md_end" +ATTR{md/array_state}=="|clear|inactive", GOTO="md_end" + +LABEL="md_ignore_state" + +IMPORT{program}="/sbin/mdadm --detail --export $tempnode" +IMPORT{builtin}="blkid" +OPTIONS+="link_priority=100" +OPTIONS+="watch" +OPTIONS+="db_persist" +LABEL="md_end" diff --git a/modules.d/90mdraid/65-md-incremental-imsm.rules b/modules.d/90mdraid/65-md-incremental-imsm.rules new file mode 100644 index 0000000..6697f15 --- /dev/null +++ b/modules.d/90mdraid/65-md-incremental-imsm.rules @@ -0,0 +1,44 @@ +# This file causes block devices with Linux RAID (mdadm) signatures to +# automatically cause mdadm to be run. +# See udev(8) for syntax + +ACTION!="add|change", GOTO="md_end" +SUBSYSTEM!="block", GOTO="md_end" +ENV{rd_NO_MD}=="?*", GOTO="md_end" +KERNEL=="md*", ENV{ID_FS_TYPE}!="linux_raid_member", GOTO="md_end" +KERNEL=="md*", ACTION!="change", GOTO="md_end" + +# Also don't process disks that are slated to be a multipath device +ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="md_end" + +ENV{ID_FS_TYPE}=="ddf_raid_member|isw_raid_member|linux_raid_member", GOTO="md_try" +GOTO="md_end" + +LABEL="md_try" +ENV{ID_FS_TYPE}=="isw_raid_member", ENV{rd_NO_MDIMSM}=="?*", GOTO="md_end" +ENV{ID_FS_TYPE}=="ddf_raid_member", ENV{rd_NO_MDDDF}=="?*", GOTO="md_end" + +# already done ? +PROGRAM="/bin/sh -c 'for i in $sys/$devpath/holders/md[0-9_]*; do [ -e $$i ] && exit 0; done; exit 1;' ", \ + GOTO="md_end" + +# for native arrays - array's uuid has to be specified +# for containers - container's uuid has to be specified +# TODO : how to get embedded array's uuid having container's component ? +# +# UUID CHECK + +ENV{DEVTYPE}!="partition", \ + RUN+="/sbin/partx -d --nr 1-1024 $env{DEVNAME}" + +RUN+="/sbin/initqueue --timeout --name 50-mdraid_start --onetime --unique /sbin/mdraid_start" + +# +# Incrementally build the md array; this will automatically assemble +# any eventual containers as well (imsm, ddf) +# +LABEL="md_incremental" + +RUN+="/sbin/mdadm -I $env{DEVNAME}" + +LABEL="md_end" diff --git a/modules.d/90mdraid/md-shutdown.sh b/modules.d/90mdraid/md-shutdown.sh new file mode 100755 index 0000000..ca768a9 --- /dev/null +++ b/modules.d/90mdraid/md-shutdown.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +_do_md_shutdown() { + local ret + local final="$1" + info "Waiting for mdraid devices to be clean." + mdadm -vv --wait-clean --scan | vinfo + ret=$? + info "Disassembling mdraid devices." + mdadm -vv --stop --scan | vinfo + ret=$((ret + $?)) + if [ "x$final" != "x" ]; then + info "/proc/mdstat:" + vinfo < /proc/mdstat + fi + return $ret +} + +if command -v mdadm > /dev/null; then + _do_md_shutdown "$1" +else + : +fi diff --git a/modules.d/90mdraid/mdmon-pre-shutdown.sh b/modules.d/90mdraid/mdmon-pre-shutdown.sh new file mode 100755 index 0000000..a5cd850 --- /dev/null +++ b/modules.d/90mdraid/mdmon-pre-shutdown.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +_do_mdmon_takeover() { + local ret + mdmon --takeover --all + ret=$? + [ $ret -eq 0 ] && info "Taking over mdmon processes." + return $ret +} + +if command -v mdmon > /dev/null; then + _do_mdmon_takeover "$1" +fi diff --git a/modules.d/90mdraid/mdmon-pre-udev.sh b/modules.d/90mdraid/mdmon-pre-udev.sh new file mode 100755 index 0000000..b15cca8 --- /dev/null +++ b/modules.d/90mdraid/mdmon-pre-udev.sh @@ -0,0 +1,4 @@ +#!/bin/sh +# save state dir for mdmon/mdadm for the real root +[ -d /run/mdadm ] || mkdir -m 0755 -p /run/mdadm +# backward compat link diff --git a/modules.d/90mdraid/mdraid-cleanup.sh b/modules.d/90mdraid/mdraid-cleanup.sh new file mode 100755 index 0000000..ce50733 --- /dev/null +++ b/modules.d/90mdraid/mdraid-cleanup.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +containers="" +for md in /dev/md[0-9_]*; do + [ -b "$md" ] || continue + udevinfo="$(udevadm info --query=property --name="$md")" + strstr "$udevinfo" "DEVTYPE=partition" && continue + if strstr "$udevinfo" "MD_LEVEL=container"; then + containers="$containers $md" + continue + fi + mdadm -S "$md" > /dev/null 2>&1 +done + +for md in $containers; do + mdadm -S "$md" > /dev/null 2>&1 +done + +unset containers udevinfo diff --git a/modules.d/90mdraid/mdraid-needshutdown.sh b/modules.d/90mdraid/mdraid-needshutdown.sh new file mode 100755 index 0000000..f248c4b --- /dev/null +++ b/modules.d/90mdraid/mdraid-needshutdown.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +for md in /dev/md[0-9_]*; do + [ -b "$md" ] || continue + need_shutdown + break +done diff --git a/modules.d/90mdraid/mdraid-waitclean.sh b/modules.d/90mdraid/mdraid-waitclean.sh new file mode 100755 index 0000000..9317962 --- /dev/null +++ b/modules.d/90mdraid/mdraid-waitclean.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +if getargbool 0 rd.md.waitclean; then + type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + containers="" + for md in /dev/md[0-9_]*; do + [ -b "$md" ] || continue + udevinfo="$(udevadm info --query=property --name="$md")" + strstr "$udevinfo" "DEVTYPE=partition" && continue + if strstr "$udevinfo" "MD_LEVEL=container"; then + containers="$containers $md" + continue + fi + info "Waiting for $md to become clean" + mdadm -W "$md" > /dev/null 2>&1 + done + + for md in $containers; do + info "Waiting for $md to become clean" + mdadm -W "$md" > /dev/null 2>&1 + done + + unset containers udevinfo +fi diff --git a/modules.d/90mdraid/mdraid_start.sh b/modules.d/90mdraid/mdraid_start.sh new file mode 100755 index 0000000..d8c5de2 --- /dev/null +++ b/modules.d/90mdraid/mdraid_start.sh @@ -0,0 +1,70 @@ +#!/bin/sh + +type getargs > /dev/null 2>&1 || . /lib/dracut-lib.sh + +_md_start() { + local _udevinfo + local _path_s + local _path_d + local _md="$1" + + _udevinfo="$(udevadm info --query=property --name="${_md}")" + strstr "$_udevinfo" "MD_LEVEL=container" && return 0 + strstr "$_udevinfo" "DEVTYPE=partition" && return 0 + + _path_s="/sys/$(udevadm info -q path -n "${_md}")/md/array_state" + [ ! -r "$_path_s" ] && return 0 + + # inactive ? + [ "$(cat "$_path_s")" != "inactive" ] && return 0 + + mdadm -R "${_md}" 2>&1 | vinfo + + # still inactive ? + [ "$(cat "$_path_s")" = "inactive" ] && return 0 + + _path_d="${_path_s%/*}/degraded" + [ ! -r "$_path_d" ] && return 0 + : > "$hookdir"/initqueue/work +} + +_md_force_run() { + local _md + local _UUID + local _MD_UUID + + _MD_UUID=$(getargs rd.md.uuid -d rd_MD_UUID=) + [ -n "$_MD_UUID" ] || getargbool 0 rd.auto || return + + if [ -n "$_MD_UUID" ]; then + _MD_UUID=$(str_replace "$_MD_UUID" "-" "") + _MD_UUID=$(str_replace "$_MD_UUID" ":" "") + + for _md in /dev/md[0-9_]*; do + [ -b "$_md" ] || continue + _UUID=$( + /sbin/mdadm -D --export "$_md" \ + | while read -r line || [ -n "$line" ]; do + str_starts "$line" "MD_UUID=" || continue + printf "%s" "${line#MD_UUID=}" + done + ) + + [ -z "$_UUID" ] && continue + _UUID=$(str_replace "$_UUID" ":" "") + + # check if we should handle this device + strstr "$_MD_UUID" "$_UUID" || continue + + _md_start "${_md}" + done + else + # try to force-run anything not running yet + for _md in /dev/md[0-9_]*; do + [ -b "$_md" ] || continue + _md_start "${_md}" + done + fi +} + +_md_force_run diff --git a/modules.d/90mdraid/module-setup.sh b/modules.d/90mdraid/module-setup.sh new file mode 100755 index 0000000..6179a98 --- /dev/null +++ b/modules.d/90mdraid/module-setup.sh @@ -0,0 +1,139 @@ +#!/bin/bash + +# called by dracut +check() { + local dev holder + + # No mdadm? No mdraid support. + require_binaries mdadm expr || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for dev in "${!host_fs_types[@]}"; do + [[ ${host_fs_types[$dev]} != *_raid_member ]] && continue + + DEVPATH=$(get_devpath_block "$dev") + + for holder in "$DEVPATH"/holders/*; do + [[ -e $holder ]] || continue + [[ -e "$holder/md" ]] && return 0 + break + done + + done + return 255 + } + + return 0 +} + +# called by dracut +depends() { + echo rootfs-block + return 0 +} + +# called by dracut +installkernel() { + instmods '=drivers/md' +} + +# called by dracut +cmdline() { + local _activated dev line UUID + declare -A _activated + + for dev in "${!host_fs_types[@]}"; do + [[ ${host_fs_types[$dev]} != *_raid_member ]] && continue + + UUID=$( + /sbin/mdadm --examine --export "$dev" \ + | while read -r line || [[ "$line" ]]; do + [[ ${line#MD_UUID=} == "$line" ]] && continue + printf "%s" "${line#MD_UUID=} " + done + ) + + [[ -z $UUID ]] && continue + + if ! [[ ${_activated[${UUID}]} ]]; then + printf "%s" " rd.md.uuid=${UUID}" + _activated["${UUID}"]=1 + fi + + done +} + +# called by dracut +install() { + local rule rule_path + inst_multiple cat expr + inst_multiple -o mdmon + inst "$(command -v partx)" /sbin/partx + inst "$(command -v mdadm)" /sbin/mdadm + + if [[ $hostonly_cmdline == "yes" ]]; then + local _raidconf + _raidconf=$(cmdline) + [[ $_raidconf ]] && printf "%s\n" "$_raidconf" >> "${initdir}/etc/cmdline.d/90mdraid.conf" + fi + + # <mdadm-3.3 udev rule + inst_rules 64-md-raid.rules + # >=mdadm-3.3 udev rules + inst_rules 63-md-raid-arrays.rules 64-md-raid-assembly.rules + # remove incremental assembly from stock rules, so they don't shadow + # 65-md-inc*.rules and its fine-grained controls, or cause other problems + # when we explicitly don't want certain components to be incrementally + # assembled + for rule in 64-md-raid.rules 64-md-raid-assembly.rules; do + rule_path="${initdir}${udevdir}/rules.d/${rule}" + # shellcheck disable=SC2016 + [ -f "${rule_path}" ] && sed -i -r \ + -e '/(RUN|IMPORT\{program\})\+?="[[:alpha:]/]*mdadm[[:blank:]]+(--incremental|-I)[[:blank:]]+(--export )?(\$env\{DEVNAME\}|\$tempnode|\$devnode)/d' \ + "${rule_path}" + done + + inst_rules "$moddir/65-md-incremental-imsm.rules" + + inst_rules "$moddir/59-persistent-storage-md.rules" + + if [[ $hostonly ]] || [[ $mdadmconf == "yes" ]]; then + if [[ -f $dracutsysrootdir/etc/mdadm.conf ]]; then + inst -H /etc/mdadm.conf + else + [[ -f $dracutsysrootdir/etc/mdadm/mdadm.conf ]] && inst -H /etc/mdadm/mdadm.conf /etc/mdadm.conf + fi + if [[ -d $dracutsysrootdir/etc/mdadm.conf.d ]]; then + local f + inst_dir /etc/mdadm.conf.d + for f in /etc/mdadm.conf.d/*.conf; do + [[ -f "$dracutsysrootdir$f" ]] || continue + inst -H "$f" + done + fi + fi + + inst_hook pre-udev 30 "$moddir/mdmon-pre-udev.sh" + inst_hook pre-trigger 30 "$moddir/parse-md.sh" + inst_hook pre-mount 10 "$moddir/mdraid-waitclean.sh" + inst_hook cleanup 99 "$moddir/mdraid-needshutdown.sh" + inst_hook shutdown 30 "$moddir/md-shutdown.sh" + inst_script "$moddir/mdraid-cleanup.sh" /sbin/mdraid-cleanup + inst_script "$moddir/mdraid_start.sh" /sbin/mdraid_start + if dracut_module_included "systemd"; then + if [[ -e $dracutsysrootdir$systemdsystemunitdir/mdmon@.service ]]; then + inst_simple "$systemdsystemunitdir"/mdmon@.service + fi + if [[ -e $dracutsysrootdir$systemdsystemunitdir/mdadm-last-resort@.service ]]; then + inst_simple "$systemdsystemunitdir"/mdadm-last-resort@.service + fi + if [[ -e $dracutsysrootdir$systemdsystemunitdir/mdadm-last-resort@.timer ]]; then + inst_simple "$systemdsystemunitdir"/mdadm-last-resort@.timer + fi + if [[ -e $dracutsysrootdir$systemdsystemunitdir/mdadm-grow-continue@.service ]]; then + inst_simple "$systemdsystemunitdir"/mdadm-grow-continue@.service + fi + fi + inst_hook pre-shutdown 30 "$moddir/mdmon-pre-shutdown.sh" + dracut_need_initqueue +} diff --git a/modules.d/90mdraid/parse-md.sh b/modules.d/90mdraid/parse-md.sh new file mode 100755 index 0000000..4d3a6b2 --- /dev/null +++ b/modules.d/90mdraid/parse-md.sh @@ -0,0 +1,64 @@ +#!/bin/sh +# we really need to use `expr substr` with dash +# shellcheck disable=SC2003 disable=SC2308 + +MD_UUID=$(getargs rd.md.uuid -d rd_MD_UUID=) +# normalize the uuid +MD_UUID=$(str_replace "$MD_UUID" "-" "") +MD_UUID=$(str_replace "$MD_UUID" ":" "") + +if { [ -z "$MD_UUID" ] && ! getargbool 0 rd.auto; } || ! getargbool 1 rd.md -d -n rd_NO_MD; then + info "rd.md=0: removing MD RAID activation" + udevproperty rd_NO_MD=1 +else + # rewrite the md rules to only process the specified raid array + if [ -n "$MD_UUID" ]; then + for f in /etc/udev/rules.d/65-md-incremental*.rules; do + [ -e "$f" ] || continue + while read -r line || [ -n "$line" ]; do + if [ "${line%%UUID CHECK}" != "$line" ]; then + for uuid in $MD_UUID; do + printf 'ENV{ID_FS_UUID}=="%s", GOTO="md_uuid_ok"\n' "$(expr substr "$uuid" 1 8)-$(expr substr "$uuid" 9 4)-$(expr substr "$uuid" 13 4)-$(expr substr "$uuid" 17 4)-$(expr substr "$uuid" 21 12)" + done + # shellcheck disable=SC2016 + printf 'IMPORT{program}="/sbin/mdadm --examine --export $tempnode"\n' + for uuid in $MD_UUID; do + printf 'ENV{MD_UUID}=="%s", GOTO="md_uuid_ok"\n' "$(expr substr "$uuid" 1 8):$(expr substr "$uuid" 9 8):$(expr substr "$uuid" 17 8):$(expr substr "$uuid" 25 8)" + done + printf 'GOTO="md_end"\n' + printf 'LABEL="md_uuid_ok"\n' + else + echo "$line" + fi + done < "${f}" > "${f}.new" + mv "${f}.new" "$f" + done + for uuid in $MD_UUID; do + uuid="$(expr substr "$uuid" 1 8):$(expr substr "$uuid" 9 8):$(expr substr "$uuid" 17 8):$(expr substr "$uuid" 25 8)" + wait_for_dev "/dev/disk/by-id/md-uuid-${uuid}" + done + fi +fi + +if [ -e /etc/mdadm.conf ] && getargbool 1 rd.md.conf -d -n rd_NO_MDADMCONF; then + udevproperty rd_MDADMCONF=1 + rm -f -- "$hookdir"/pre-pivot/*mdraid-cleanup.sh +fi + +if ! getargbool 1 rd.md.conf -d -n rd_NO_MDADMCONF; then + rm -f -- /etc/mdadm/mdadm.conf /etc/mdadm.conf + ln -s "$(command -v mdraid-cleanup)" "$hookdir"/pre-pivot/31-mdraid-cleanup.sh 2> /dev/null +fi + +# noiswmd nodmraid for anaconda / rc.sysinit compatibility +# note nodmraid really means nobiosraid, so we don't want MDIMSM then either +if ! getargbool 1 rd.md.imsm -d -n rd_NO_MDIMSM -n noiswmd -n nodmraid; then + info "no MD RAID for imsm/isw raids" + udevproperty rd_NO_MDIMSM=1 +fi + +# same thing with ddf containers +if ! getargbool 1 rd.md.ddf -n rd_NO_MDDDF -n noddfmd -n nodmraid; then + info "no MD RAID for SNIA ddf raids" + udevproperty rd_NO_MDDDF=1 +fi diff --git a/modules.d/90multipath/module-setup.sh b/modules.d/90multipath/module-setup.sh new file mode 100755 index 0000000..9c3e629 --- /dev/null +++ b/modules.d/90multipath/module-setup.sh @@ -0,0 +1,154 @@ +#!/bin/bash + +is_mpath() { + local _dev=$1 + [ -e /sys/dev/block/"$_dev"/dm/uuid ] || return 1 + [[ $(cat /sys/dev/block/"$_dev"/dm/uuid) =~ mpath- ]] && return 0 + return 1 +} + +majmin_to_mpath_dev() { + local _dev + for i in /dev/mapper/*; do + [[ $i == /dev/mapper/control ]] && continue + _dev=$(get_maj_min "$i") + if [ "$_dev" = "$1" ]; then + echo "$i" + return + fi + done +} + +# called by dracut +check() { + [[ $hostonly ]] || [[ $mount_needs ]] && { + for_each_host_dev_and_slaves is_mpath || return 255 + } + + # if there's no multipath binary, no go. + require_binaries multipath || return 1 + require_binaries kpartx || return 1 + + return 0 +} + +# called by dracut +depends() { + echo rootfs-block + echo dm + return 0 +} + +# called by dracut +cmdline() { + for m in scsi_dh_alua scsi_dh_emc scsi_dh_rdac dm_multipath; do + if grep -m 1 -q "$m" /proc/modules; then + printf 'rd.driver.pre=%s ' "$m" + fi + done +} + +# called by dracut +installkernel() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + local _funcs='scsi_register_device_handler|dm_dirty_log_type_register|dm_register_path_selector|dm_register_target' + + if [ "$_arch" = "s390" -o "$_arch" = "s390x" ]; then + _s390drivers="=drivers/s390/scsi" + fi + + hostonly='' dracut_instmods -o -s "$_funcs" "=drivers/scsi" "=drivers/md" ${_s390drivers:+"$_s390drivers"} +} + +mpathconf_installed() { + command -v mpathconf &> /dev/null +} + +# called by dracut +install() { + local -A _allow + local config_dir + + add_hostonly_mpath_conf() { + if is_mpath "$1"; then + local _dev + + _dev=$(majmin_to_mpath_dev "$1") + [ -z "$_dev" ] && return + _allow["$_dev"]="$_dev" + fi + } + + local k v + while read -r k v; do + if [[ $k == "config_dir" ]]; then + v="${v#\"}" + config_dir="${v%\"}" + break + fi + done < <(multipath -t 2> /dev/null) + [[ -d $config_dir ]] || config_dir=/etc/multipath/conf.d + + inst_multiple \ + pkill \ + kpartx \ + dmsetup \ + multipath \ + multipathd + + inst_multiple -o \ + mpath_wait \ + mpathconf \ + mpathpersist \ + xdrgetprio \ + xdrgetuid \ + /etc/xdrdevices.conf \ + /etc/multipath.conf \ + /etc/multipath/* \ + "$config_dir"/* \ + "$tmpfilesdir/multipath.conf" + + mpathconf_installed \ + && [[ $hostonly ]] && [[ $hostonly_mode == "strict" ]] && { + for_each_host_dev_and_slaves_all add_hostonly_mpath_conf + if ((${#_allow[@]} > 0)); then + local -a _args + local _dev + for _dev in "${_allow[@]}"; do + _args+=("--allow" "$_dev") + done + mpathconf "${_args[@]}" --outfile "${initdir}"/etc/multipath.conf + fi + } + + inst "$(command -v partx)" /sbin/partx + + inst_libdir_file "libmultipath*" "multipath/*" + inst_libdir_file 'libgcc_s.so*' + + if [[ $hostonly_cmdline ]]; then + local _conf + _conf=$(cmdline) + [[ $_conf ]] && echo "$_conf" >> "${initdir}/etc/cmdline.d/90multipath.conf" + fi + + if dracut_module_included "systemd"; then + if mpathconf_installed; then + inst_simple "${moddir}/multipathd-configure.service" "${systemdsystemunitdir}/multipathd-configure.service" + $SYSTEMCTL -q --root "$initdir" enable multipathd-configure.service + fi + inst_simple "${moddir}/multipathd.service" "${systemdsystemunitdir}/multipathd.service" + $SYSTEMCTL -q --root "$initdir" enable multipathd.service + else + inst_hook pre-trigger 02 "$moddir/multipathd.sh" + inst_hook cleanup 02 "$moddir/multipathd-stop.sh" + fi + + inst_hook cleanup 80 "$moddir/multipathd-needshutdown.sh" + inst_hook shutdown 20 "$moddir/multipath-shutdown.sh" + + inst_rules 40-multipath.rules 56-multipath.rules \ + 62-multipath.rules 65-multipath.rules \ + 66-kpartx.rules 67-kpartx-compat.rules \ + 11-dm-mpath.rules 11-dm-parts.rules +} diff --git a/modules.d/90multipath/multipath-shutdown.sh b/modules.d/90multipath/multipath-shutdown.sh new file mode 100755 index 0000000..220da8f --- /dev/null +++ b/modules.d/90multipath/multipath-shutdown.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +for i in $(multipath -l -v1); do + if ! dmsetup table "$i" | sed -n '/.*queue_if_no_path.*/q1'; then + dmsetup message "$i" 0 fail_if_no_path + fi +done diff --git a/modules.d/90multipath/multipathd-configure.service b/modules.d/90multipath/multipathd-configure.service new file mode 100644 index 0000000..a2baec7 --- /dev/null +++ b/modules.d/90multipath/multipathd-configure.service @@ -0,0 +1,21 @@ +[Unit] +Description=Device-Mapper Multipath Default Configuration +Before=iscsi.service iscsid.service lvm2-activation-early.service +Wants=systemd-udev-trigger.service systemd-udev-settle.service local-fs-pre.target +After=systemd-udev-trigger.service systemd-udev-settle.service +Before=local-fs-pre.target multipathd.service +DefaultDependencies=no +Conflicts=shutdown.target + +ConditionKernelCommandLine=rd.multipath=default +ConditionPathExists=!/etc/multipath.conf + +[Service] +Type=oneshot +RemainAfterExit=yes +# mpathconf requires /etc/multipath to already exist +ExecStartPre=-/usr/bin/mkdir -p /etc/multipath +ExecStart=/usr/sbin/mpathconf --enable + +[Install] +WantedBy=sysinit.target diff --git a/modules.d/90multipath/multipathd-needshutdown.sh b/modules.d/90multipath/multipathd-needshutdown.sh new file mode 100755 index 0000000..6dc68bb --- /dev/null +++ b/modules.d/90multipath/multipathd-needshutdown.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +type need_shutdown > /dev/null 2>&1 || . /lib/dracut-lib.sh + +for i in $(multipath -l -v1); do + if dmsetup table "$i" | sed -n '/.*queue_if_no_path.*/q1'; then + need_shutdown + break + fi +done diff --git a/modules.d/90multipath/multipathd-stop.sh b/modules.d/90multipath/multipathd-stop.sh new file mode 100755 index 0000000..05181b4 --- /dev/null +++ b/modules.d/90multipath/multipathd-stop.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +type pidof > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if [ -e /etc/multipath.conf ]; then + pkill multipathd > /dev/null 2>&1 + + if pidof multipathd > /dev/null 2>&1; then + sleep 0.2 + fi + + if pidof multipathd > /dev/null 2>&1; then + pkill -9 multipathd > /dev/null 2>&1 + fi +fi diff --git a/modules.d/90multipath/multipathd.service b/modules.d/90multipath/multipathd.service new file mode 100644 index 0000000..1680cdf --- /dev/null +++ b/modules.d/90multipath/multipathd.service @@ -0,0 +1,27 @@ +[Unit] +Description=Device-Mapper Multipath Device Controller +Before=lvm2-activation-early.service +Before=local-fs-pre.target blk-availability.service shutdown.target +Wants=systemd-udevd-kernel.socket +After=systemd-udevd-kernel.socket +After=multipathd.socket systemd-remount-fs.service +Before=initrd-cleanup.service +DefaultDependencies=no +Conflicts=shutdown.target +Conflicts=initrd-cleanup.service +ConditionKernelCommandLine=!nompath +ConditionKernelCommandLine=!rd.multipath=0 +ConditionKernelCommandLine=!rd_NO_MULTIPATH +ConditionKernelCommandLine=!multipath=off +ConditionVirtualization=!container + +[Service] +Type=notify +NotifyAccess=main +ExecStartPre=-/sbin/modprobe dm-multipath +ExecStart=/sbin/multipathd -d -s +ExecReload=/sbin/multipathd reconfigure +TasksMax=infinity + +[Install] +WantedBy=sysinit.target diff --git a/modules.d/90multipath/multipathd.sh b/modules.d/90multipath/multipathd.sh new file mode 100755 index 0000000..1e26c1d --- /dev/null +++ b/modules.d/90multipath/multipathd.sh @@ -0,0 +1,17 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if [ "$(getarg rd.multipath)" = "default" ] && [ ! -e /etc/multipath.conf ]; then + # mpathconf requires /etc/multipath to already exist + mkdir -p /etc/multipath + mpathconf --enable +fi + +if getargbool 1 rd.multipath -d -n rd_NO_MULTIPATH && [ -e /etc/multipath.conf ]; then + modprobe dm-multipath + multipathd -B || multipathd + need_shutdown +else + rm -- /etc/udev/rules.d/??-multipath.rules 2> /dev/null +fi diff --git a/modules.d/90nvdimm/module-setup.sh b/modules.d/90nvdimm/module-setup.sh new file mode 100755 index 0000000..8d33610 --- /dev/null +++ b/modules.d/90nvdimm/module-setup.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +# called by dracut +check() { + if [[ ! $hostonly ]]; then + return 0 + fi + [[ $DRACUT_KERNEL_MODALIASES && -f $DRACUT_KERNEL_MODALIASES ]] \ + && grep -q libnvdimm "$DRACUT_KERNEL_MODALIASES" && return 0 + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + # Directories to search for NVDIMM "providers" (firmware drivers) + # These modules call "nvdimm_bus_register()". + #instmods() will take care of hostonly + dracut_instmods -o -s nvdimm_bus_register \ + '=drivers/nvdimm' \ + '=drivers/acpi' \ + '=arch/powerpc' +} + +# called by dracut +install() { + inst_multiple -o ndctl /etc/ndctl/keys/tpm.handle "/etc/ndctl/keys/*.blob" +} diff --git a/modules.d/90overlayfs/module-setup.sh b/modules.d/90overlayfs/module-setup.sh new file mode 100755 index 0000000..893e2dc --- /dev/null +++ b/modules.d/90overlayfs/module-setup.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +check() { + [[ $hostonly ]] && return 1 + return 255 +} + +depends() { + echo base +} + +installkernel() { + instmods overlay +} + +install() { + inst_hook mount 01 "$moddir/mount-overlayfs.sh" + inst_hook pre-mount 01 "$moddir/prepare-overlayfs.sh" +} diff --git a/modules.d/90overlayfs/mount-overlayfs.sh b/modules.d/90overlayfs/mount-overlayfs.sh new file mode 100755 index 0000000..e1d23fb --- /dev/null +++ b/modules.d/90overlayfs/mount-overlayfs.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +getargbool 0 rd.live.overlay.overlayfs && overlayfs="yes" +getargbool 0 rd.live.overlay.readonly -d -y readonly_overlay && readonly_overlay="--readonly" || readonly_overlay="" + +ROOTFLAGS="$(getarg rootflags)" + +if [ -n "$overlayfs" ]; then + if [ -n "$readonly_overlay" ] && [ -h /run/overlayfs-r ]; then + ovlfs=lowerdir=/run/overlayfs-r:/run/rootfsbase + else + ovlfs=lowerdir=/run/rootfsbase + fi + + if ! strstr "$(cat /proc/mounts)" LiveOS_rootfs; then + mount -t overlay LiveOS_rootfs -o "$ROOTFLAGS,$ovlfs",upperdir=/run/overlayfs,workdir=/run/ovlwork "$NEWROOT" + fi +fi diff --git a/modules.d/90overlayfs/prepare-overlayfs.sh b/modules.d/90overlayfs/prepare-overlayfs.sh new file mode 100755 index 0000000..87bcc19 --- /dev/null +++ b/modules.d/90overlayfs/prepare-overlayfs.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +getargbool 0 rd.live.overlay.overlayfs && overlayfs="yes" +getargbool 0 rd.live.overlay.reset -d -y reset_overlay && reset_overlay="yes" + +if [ -n "$overlayfs" ]; then + if ! [ -e /run/rootfsbase ]; then + mkdir -m 0755 -p /run/rootfsbase + mount --bind "$NEWROOT" /run/rootfsbase + fi + + mkdir -m 0755 -p /run/overlayfs + mkdir -m 0755 -p /run/ovlwork + if [ -n "$reset_overlay" ] && [ -h /run/overlayfs ]; then + ovlfsdir=$(readlink /run/overlayfs) + info "Resetting the OverlayFS overlay directory." + rm -r -- "${ovlfsdir:?}"/* "${ovlfsdir:?}"/.* > /dev/null 2>&1 + fi +fi diff --git a/modules.d/90ppcmac/load-thermal.sh b/modules.d/90ppcmac/load-thermal.sh new file mode 100755 index 0000000..72f2581 --- /dev/null +++ b/modules.d/90ppcmac/load-thermal.sh @@ -0,0 +1,30 @@ +#!/bin/sh +# +# This hook attempts to load the appropriate thermal modules +# for PowerPC Macs depending on the specific machine you have. + +[ -r /proc/cpuinfo ] || exit 0 + +load_windfarm() { + local pm_model + pm_model="$(sed -n '/model/p' /proc/cpuinfo)" + pm_model="${pm_model##*: }" + + # load quietly and respect the blacklist + # this way if the modules are for some reason missing, it will + # still exit successfully and not affect the boot process + case "$pm_model" in + PowerMac3,6) modprobe -b -q therm_windtunnel ;; + PowerMac7,2 | PowerMac7,3) modprobe -b -q windfarm_pm72 ;; + PowerMac8,1 | PowerMac8,2) modprobe -b -q windfarm_pm81 ;; + PowerMac9,1) modprobe -b -q windfarm_pm91 ;; + PowerMac11,2) modprobe -b -q windfarm_pm112 ;; + PowerMac12,1) modprobe -b -q windfarm_pm121 ;; + RackMac3,1) modprobe -b -q windfarm_rm31 ;; + *) ;; + esac + + return 0 +} + +load_windfarm diff --git a/modules.d/90ppcmac/module-setup.sh b/modules.d/90ppcmac/module-setup.sh new file mode 100755 index 0000000..83f54de --- /dev/null +++ b/modules.d/90ppcmac/module-setup.sh @@ -0,0 +1,83 @@ +#!/bin/bash +# +# This module attempts to properly deal with thermal behavior on PowerPC +# based Mac systems, by installing the model-appropriate (when hostonly) +# or all (when not) fan control/thermal kernel modules and loading them +# in a hook. +# +# While this is not strictly necessary for all kernels, particularly +# modular kernels will not autoload those drivers, even once the full +# system is up, which results in the fans spinning up to 100%; this is +# particularly annoying on live systems, where the system takes a while +# to load, so it's best to load the drivers early in initramfs stage. +# +# The behavior of this is inspired by the thermal hook in Debian's +# initramfs-tools, but written for dracut specifically and updated +# for modern kernels (2012+). + +# called by dracut +check() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + # only for PowerPC Macs + [[ $_arch == ppc* && $_arch != ppc64le ]] || return 1 + return 0 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + pmac_model() { + local pm_model + pm_model="$(grep model /proc/cpuinfo)" + echo "${pm_model##*: }" + } + + # only PowerMac3,6 has a module, special case + if [[ ${DRACUT_ARCH:-$(uname -m)} != ppc64* ]]; then + if ! [[ $hostonly ]] || [[ "$(pmac_model)" == "PowerMac3,6" ]]; then + instmods therm_windtunnel + fi + return 0 + fi + + windfarm_modules() { + if ! [[ $hostonly ]]; then + # include all drivers when not hostonly + instmods \ + windfarm_pm72 windfarm_pm81 windfarm_pm91 windfarm_pm112 \ + windfarm_pm121 windfarm_rm31 + else + # guess model specific module, then install the rest + case "$(pmac_model)" in + PowerMac7,2 | PowerMac7,3) instmods windfarm_pm72 ;; + PowerMac8,1 | PowerMac8,2) instmods windfarm_pm81 ;; + PowerMac9,1) instmods windfarm_pm91 ;; + PowerMac11,2) instmods windfarm_pm112 ;; + PowerMac12,1) instmods windfarm_pm121 ;; + RackMac3,1) instmods windfarm_rm31 ;; + # no match, so skip installation of the rest + *) return 1 ;; + esac + fi + return 0 + } + + # hostonly and didn't match a model; skip installing other modules + windfarm_modules || return 0 + # these are all required by the assorted windfarm_pm* + instmods \ + windfarm_core windfarm_cpufreq_clamp windfarm_pid \ + windfarm_smu_controls windfarm_smu_sat windfarm_smu_sensors \ + windfarm_fcu_controls windfarm_ad7417_sensor windfarm_max6690_sensor \ + windfarm_lm75_sensor windfarm_lm87_sensor +} + +# called by dracut +install() { + # this will attempt to load the appropriate modules + inst_hook pre-udev 99 "$moddir/load-thermal.sh" +} diff --git a/modules.d/90qemu-net/module-setup.sh b/modules.d/90qemu-net/module-setup.sh new file mode 100755 index 0000000..0fa49aa --- /dev/null +++ b/modules.d/90qemu-net/module-setup.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +# called by dracut +check() { + if [[ $hostonly ]]; then + return 255 + fi + + if [[ $mount_needs ]]; then + is_qemu_virtualized && return 0 + return 255 + fi + + return 0 +} + +# called by dracut +installkernel() { + # qemu specific modules + hostonly=$(optional_hostonly) instmods virtio_net e1000 8139cp pcnet32 e100 ne2k_pci +} diff --git a/modules.d/90qemu/module-setup.sh b/modules.d/90qemu/module-setup.sh new file mode 100755 index 0000000..d11f377 --- /dev/null +++ b/modules.d/90qemu/module-setup.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# called by dracut +check() { + if [[ $hostonly ]] || [[ $mount_needs ]]; then + is_qemu_virtualized && return 0 + return 255 + fi + + return 0 +} + +# called by dracut +installkernel() { + # qemu specific modules + hostonly='' instmods \ + ata_piix ata_generic pata_acpi cdrom sr_mod ahci \ + virtio_blk virtio virtio_ring virtio_pci \ + virtio_scsi virtio_console virtio_rng virtio_mem \ + spapr-vscsi \ + qemu_fw_cfg \ + efi_secret +} diff --git a/modules.d/91crypt-gpg/README b/modules.d/91crypt-gpg/README new file mode 100644 index 0000000..be6df55 --- /dev/null +++ b/modules.d/91crypt-gpg/README @@ -0,0 +1,50 @@ +# Directions for changing a system from password-based gpg keyfile +# to smartcard-based gpg keyfile + +# Be sure that you meet the following requirements: +# 1. GnuPG >= 2.1 installed with +# * Smartcard support enabled (scdaemon must be built) +# * Direct CCID access built into scdaemon +# 2. A password-based gpg keyfile ${KEYFILE} (e.g. "keyfile.gpg"): +# That is, a file containing the slot key for LUKS, which +# has been encrypted symmetrically with GnuPG using +# a password. +# 3. Your public OpenPGP identity ${RECIPIENT} (e.g. "3A696356") +# 4. An OpenPGP smartcard holding the decryption key associated +# with your public identity +# 5. A CCID smartcard reader + +# Notes: Requirement 4. and 5. can of course be one device, e.g. +# a USB token with an integrated OpenPGP smartcard + +# Make a backup of your keyfile (assuming it lies on the boot partition) +$ cp /boot/${KEYFILE} /safe/place/keyfile.bak.gpg + +# Change your keyfile from purely password-based to both +# password-based and key-based (you can then decrypt the keyfile +# with either method). As an example aes256 is chosen, the cipher +# is not important to this guide, but do note that your kernel +# must support it at boot time (be it built into the kernel image +# or loaded as a module from the initramfs). +$ cat /safe/place/keyfile.bak.gpg | gpg -d | gpg --encrypt --recipient ${RECIPIENT} --cipher-algo aes256 --armor -c > /safe/place/keyfile_sc.gpg + +# Verify that you can decrypt your new keyfile both with the password +# and your smartcard. +# (with smartcard inserted, you should be prompted for your PIN, unless +# you already did so and have not yet timed out) +$ gpg -d /safe/place/keyfile_sc.gpg +# (with smartcard disconnected, you should be prompted for your password) +$ gpg -d /safe/place/keyfile_sc.gpg + +# After verification, replace your old keyfile with your new one +$ su -c 'cp /safe/place/keyfile_sc.gpg /boot/${KEYFILE}' + +# Export your public key to where crypt-gpg can find it +$ gpg --armor --export-options export-minimal --export ${RECIPIENT} > /safe/place/crypt-public-key.gpg +$ su -c 'cp /safe/place/crypt-public-key.gpg /etc/dracut.conf.d/crypt-public-key.gpg' + +# Rebuild your initramfs as usual +# When booting with any of the requirements not met, crypt-gpg will default to password-based keyfile unlocking. +# If all requirements are met and smartcard support is not disabled by setting the kernel option "rd.luks.smartcard=0" +# crypt-gpg will try find and use a connected OpenPGP smartcard by prompting you for the PIN and then +# unlocking the gpg keyfile with the smartcard. diff --git a/modules.d/91crypt-gpg/crypt-gpg-lib.sh b/modules.d/91crypt-gpg/crypt-gpg-lib.sh new file mode 100755 index 0000000..538419f --- /dev/null +++ b/modules.d/91crypt-gpg/crypt-gpg-lib.sh @@ -0,0 +1,68 @@ +#!/bin/sh + +command -v ask_for_password > /dev/null || . /lib/dracut-crypt-lib.sh + +# gpg_decrypt mnt_point keypath keydev device +# +# Decrypts symmetrically encrypted (password or OpenPGP smartcard) key to standard output. +# +# mnt_point - mount point where <keydev> is already mounted +# keypath - GPG encrypted key path relative to <mnt_point> +# keydev - device on which key resides; only to display in prompt +# device - device to be opened by cryptsetup; only to display in prompt +gpg_decrypt() { + local mntp="$1" + local keypath="$2" + local keydev="$3" + local device="$4" + + local gpghome=/tmp/gnupg + local opts="--homedir $gpghome --no-mdc-warning --skip-verify --quiet" + opts="$opts --logger-file /dev/null --batch --no-tty --passphrase-fd 0" + + mkdir -m 0700 -p "$gpghome" + + # Setup GnuPG home and gpg-agent for usage of OpenPGP smartcard. + # This requires GnuPG >= 2.1, as it uses the new ,,pinentry-mode´´ + # feature, which - when set to ,,loopback´´ - allows us to pipe + # the smartcard's pin to GnuPG (instead of using a normal pinentry + # program needed with GnuPG < 2.1), making for uncomplicated + # integration with the existing codebase. + local useSmartcard="0" + local gpgMajorVersion + local gpgMinorVersion + local cmd + gpgMajorVersion="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* ([0-9]*).*|\1|p')" + gpgMinorVersion="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* [0-9]*\.([0-9]*).*|\1|p')" + + if [ "${gpgMajorVersion}" -ge 2 ] && [ "${gpgMinorVersion}" -ge 1 ] \ + && [ -f /root/crypt-public-key.gpg ] && getargbool 1 rd.luks.smartcard; then + useSmartcard="1" + echo "allow-loopback-pinentry" >> "$gpghome/gpg-agent.conf" + GNUPGHOME="$gpghome" gpg-agent --quiet --daemon + GNUPGHOME="$gpghome" gpg --quiet --no-tty --import < /root/crypt-public-key.gpg + local smartcardSerialNumber + smartcardSerialNumber="$(GNUPGHOME=$gpghome gpg --no-tty --card-status \ + | sed -n -r -e 's|Serial number.*: ([0-9]*)|\1|p' | tr -d '\n')" + if [ -n "${smartcardSerialNumber}" ]; then + inputPrompt="PIN (OpenPGP card ${smartcardSerialNumber})" + fi + GNUPGHOME="$gpghome" gpg-connect-agent 1> /dev/null learn /bye + opts="$opts --pinentry-mode=loopback" + cmd="GNUPGHOME=$gpghome gpg --card-status --no-tty > /dev/null 2>&1; gpg $opts --decrypt $mntp/$keypath" + else + cmd="gpg $opts --decrypt $mntp/$keypath" + fi + + ask_for_password \ + --cmd "$cmd" \ + --prompt "${inputPrompt:-Password ($keypath on $keydev for $device)}" \ + --tries 3 --tty-echo-off + + # Clean up the smartcard gpg-agent + if [ "${useSmartcard}" = "1" ]; then + GNUPGHOME="$gpghome" gpg-connect-agent 1> /dev/null killagent /bye + fi + + rm -rf -- "$gpghome" +} diff --git a/modules.d/91crypt-gpg/module-setup.sh b/modules.d/91crypt-gpg/module-setup.sh new file mode 100755 index 0000000..501869a --- /dev/null +++ b/modules.d/91crypt-gpg/module-setup.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +# GPG support is optional +# called by dracut +check() { + require_binaries gpg tr || return 1 + + if sc_requested; then + if ! sc_supported; then + dwarning "crypt-gpg: GnuPG >= 2.1 with scdaemon and libusb required for ccid smartcard support" + return 1 + fi + return 0 + fi + + return 255 +} + +# called by dracut +depends() { + echo crypt +} + +# called by dracut +install() { + inst_multiple gpg tr + inst "$moddir/crypt-gpg-lib.sh" "/lib/dracut-crypt-gpg-lib.sh" + + if sc_requested; then + inst_multiple gpg-agent + inst_multiple gpg-connect-agent + inst_multiple -o /usr/libexec/scdaemon /usr/lib/gnupg/scdaemon + cp "$dracutsysrootdir$(sc_public_key)" "${initdir}/root/" + fi +} + +sc_public_key() { + echo -n "/etc/dracut.conf.d/crypt-public-key.gpg" +} + +# CCID Smartcard support requires GnuPG >= 2.1 with scdaemon and libusb +sc_supported() { + local gpgMajor + local gpgMinor + local scdaemon + gpgMajor="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* ([0-9]*).*|\1|p')" + gpgMinor="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* [0-9]*\.([0-9]*).*|\1|p')" + + if [[ -x "$dracutsysrootdir"/usr/libexec/scdaemon ]]; then + scdaemon=/usr/libexec/scdaemon + elif [[ -x "$dracutsysrootdir"/usr/lib/gnupg/scdaemon ]]; then + scdaemon=/usr/lib/gnupg/scdaemon + else + return 1 + fi + + if [[ ${gpgMajor} -gt 2 || ${gpgMajor} -eq 2 && ${gpgMinor} -ge 1 ]] \ + && require_binaries gpg-agent \ + && require_binaries gpg-connect-agent \ + && ($DRACUT_LDD "${dracutsysrootdir}${scdaemon}" | grep libusb > /dev/null); then + return 0 + else + return 1 + fi +} + +sc_requested() { + if [ -f "$dracutsysrootdir$(sc_public_key)" ]; then + return 0 + else + return 1 + fi +} diff --git a/modules.d/91crypt-loop/crypt-loop-lib.sh b/modules.d/91crypt-loop/crypt-loop-lib.sh new file mode 100755 index 0000000..7db82e2 --- /dev/null +++ b/modules.d/91crypt-loop/crypt-loop-lib.sh @@ -0,0 +1,40 @@ +#!/bin/sh + +command -v ask_for_password > /dev/null || . /lib/dracut-crypt-lib.sh + +# loop_decrypt mnt_point keypath keydev device +# +# Decrypts symmetrically encrypted key to standard output. +# +# mnt_point - mount point where <keydev> is already mounted +# keypath - LUKS encrypted loop file path relative to <mnt_point> +# keydev - device on which key resides; only to display in prompt +# device - device to be opened by cryptsetup; only to display in prompt +loop_decrypt() { + local mntp="$1" + local keypath="$2" + local keydev="$3" + local device="$4" + local key + + key="/dev/mapper/$(str_replace "loop-$keydev-$mntp-$keypath" '/' '-')" + + if [ ! -b "$key" ]; then + local loopdev + local opts + loopdev=$(losetup -f "${mntp}/${keypath}" --show) + opts="-d - luksOpen $loopdev ${key##*/}" + + ask_for_password \ + --cmd "cryptsetup $opts" \ + --prompt "Password ($keypath on $keydev for $device)" \ + --tty-echo-off + + [ -b "$key" ] || die "Failed to unlock $keypath on $keydev for $device." + + printf "%s\n" "cryptsetup luksClose \"$key\"" > "${hookdir}/cleanup/crypt-loop-cleanup-10-${key##*/}.sh" + printf "%s\n" "losetup -d \"$loopdev\"" > "${hookdir}/cleanup/crypt-loop-cleanup-20-${loopdev##*/}.sh" + fi + + cat "$key" +} diff --git a/modules.d/91crypt-loop/module-setup.sh b/modules.d/91crypt-loop/module-setup.sh new file mode 100755 index 0000000..ff0d501 --- /dev/null +++ b/modules.d/91crypt-loop/module-setup.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +# called by dracut +check() { + require_binaries losetup || return 1 + + return 255 +} + +# called by dracut +depends() { + echo crypt +} + +# called by dracut +installkernel() { + hostonly='' instmods loop +} + +# called by dracut +install() { + inst_multiple losetup + inst "$moddir/crypt-loop-lib.sh" "/lib/dracut-crypt-loop-lib.sh" + dracut_need_initqueue +} diff --git a/modules.d/91fido2/module-setup.sh b/modules.d/91fido2/module-setup.sh new file mode 100755 index 0000000..def7a0f --- /dev/null +++ b/modules.d/91fido2/module-setup.sh @@ -0,0 +1,30 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + # Return 255 to only include the module, if another module requires it. + return 255 +} + +# Module dependency requirements. +depends() { + # This module has external dependency on other module(s). + echo systemd-udevd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + # Install required libraries. + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file \ + {"tls/$_arch/",tls/,"$_arch/",}"libfido2.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libz.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libcryptsetup.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"/cryptsetup/libcryptsetup-token-systemd-fido2.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"libcbor.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libhidapi-hidraw.so.*" +} diff --git a/modules.d/91pcsc/module-setup.sh b/modules.d/91pcsc/module-setup.sh new file mode 100755 index 0000000..6f8b2c8 --- /dev/null +++ b/modules.d/91pcsc/module-setup.sh @@ -0,0 +1,62 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries pcscd || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd-udevd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + inst_simple "$moddir/pcscd.service" "${systemdsystemunitdir}"/pcscd.service + inst_simple "$moddir/pcscd.socket" "${systemdsystemunitdir}"/pcscd.socket + + inst_multiple -o \ + pcscd + + # Enable systemd type unit(s) + for i in \ + pcscd.service \ + pcscd.socket; do + $SYSTEMCTL -q --root "$initdir" enable "$i" + done + + # Install library file(s) + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file \ + {"tls/$_arch/",tls/,"$_arch/",}"libopensc.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libsmm-local.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"opensc-pkcs11.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"onepin-opensc-pkcs11.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"pkcs11/opensc-pkcs11.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"pkcs11/onepin-opensc-pkcs11.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist" \ + {"tls/$_arch/",tls/,"$_arch/",}"pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"pcsc/drivers/serial/libccidtwin.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"libpcsclite.so.*" + + # Install the hosts local user configurations if enabled. + if [[ $hostonly ]]; then + inst_multiple -H -o \ + /etc/opensc.conf \ + "/etc/reader.conf.d/*" + fi + +} diff --git a/modules.d/91pcsc/pcscd.service b/modules.d/91pcsc/pcscd.service new file mode 100644 index 0000000..639decd --- /dev/null +++ b/modules.d/91pcsc/pcscd.service @@ -0,0 +1,13 @@ +[Unit] +DefaultDependencies=no +Description=PC/SC Smart Card Daemon (Dracut) +Documentation=man:pcscd(8) +Requires=pcscd.socket + +[Service] +ExecStart=/usr/sbin/pcscd --foreground --auto-exit +ExecReload=/usr/sbin/pcscd --hotplug + +[Install] +Also=pcscd.socket +WantedBy=cryptsetup-pre.target diff --git a/modules.d/91pcsc/pcscd.socket b/modules.d/91pcsc/pcscd.socket new file mode 100644 index 0000000..b20dd5a --- /dev/null +++ b/modules.d/91pcsc/pcscd.socket @@ -0,0 +1,11 @@ +[Unit] +DefaultDependencies=no +Description=PC/SC Smart Card Daemon Activation Socket (Dracut) +Documentation=man:pcscd(8) + +[Socket] +ListenStream=/run/pcscd/pcscd.comm +SocketMode=0666 + +[Install] +WantedBy=cryptsetup-pre.target sockets.target diff --git a/modules.d/91pkcs11/module-setup.sh b/modules.d/91pkcs11/module-setup.sh new file mode 100755 index 0000000..5675efb --- /dev/null +++ b/modules.d/91pkcs11/module-setup.sh @@ -0,0 +1,35 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd-udevd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + # Install library file(s) + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file \ + {"tls/$_arch/",tls/,"$_arch/",}"libtasn1.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libffi.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libp11-kit.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libcryptsetup.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"/cryptsetup/libcryptsetup-token-systemd-pkcs11.so*" + +} diff --git a/modules.d/91tpm2-tss/module-setup.sh b/modules.d/91tpm2-tss/module-setup.sh new file mode 100755 index 0000000..e145c41 --- /dev/null +++ b/modules.d/91tpm2-tss/module-setup.sh @@ -0,0 +1,59 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# Prerequisite check(s) for module. +check() { + + # If the binary(s) requirements are not fulfilled the module can't be installed. + require_binaries tpm2 || return 1 + + # Return 255 to only include the module, if another module requires it. + return 255 + +} + +# Module dependency requirements. +depends() { + + # This module has external dependency on other module(s). + echo systemd-sysusers systemd-udevd + # Return 0 to include the dependent module(s) in the initramfs. + return 0 + +} + +# Install kernel module(s). +installkernel() { + instmods '=drivers/char/tpm' +} + +# Install the required file(s) and directories for the module in the initramfs. +install() { + + inst_multiple -o \ + "$sysusers"/tpm2-tss.conf \ + "$tmpfilesdir"/tpm2-tss-fapi.conf \ + "$udevrulesdir"/60-tpm-udev.rules \ + tpm2_pcrread tpm2_pcrextend tpm2_createprimary tpm2_createpolicy \ + tpm2_create tpm2_load tpm2_unseal tpm2 + + # Install library file(s) + _arch=${DRACUT_ARCH:-$(uname -m)} + inst_libdir_file \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-esys.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-fapi.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-mu.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-rc.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-sys.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tcti-cmd.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tcti-device.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tcti-mssim.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tcti-swtpm.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tctildr.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libcryptsetup.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"/cryptsetup/libcryptsetup-token-systemd-tpm2.so" \ + {"tls/$_arch/",tls/,"$_arch/",}"libcurl.so.*" \ + {"tls/$_arch/",tls/,"$_arch/",}"libjson-c.so.*" + +} diff --git a/modules.d/91zipl/install_zipl_cmdline.sh b/modules.d/91zipl/install_zipl_cmdline.sh new file mode 100755 index 0000000..9332d31 --- /dev/null +++ b/modules.d/91zipl/install_zipl_cmdline.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +DEV="$1" +MNT=/boot/zipl + +if [ -z "$DEV" ]; then + echo "No IPL device given" + : > /tmp/install.zipl.cmdline-done + exit 1 +fi + +[ -d ${MNT} ] || mkdir -p ${MNT} + +if ! mount -o ro "${DEV}" ${MNT}; then + echo "Failed to mount ${MNT}" + : > /tmp/install.zipl.cmdline-done + exit 1 +fi + +if [ -f ${MNT}/dracut-cmdline.conf ]; then + cp ${MNT}/dracut-cmdline.conf /etc/cmdline.d/99zipl.conf +fi + +if [ -f ${MNT}/active_devices.txt ]; then + while read -r dev _ || [[ $dev ]]; do + [ "$dev" = "#" -o "$dev" = "" ] && continue + cio_ignore -r "$dev" + done < ${MNT}/active_devices.txt +fi + +umount ${MNT} + +if [ -f /etc/cmdline.d/99zipl.conf ]; then + systemctl restart dracut-cmdline.service + systemctl restart systemd-udev-trigger.service +fi +: > /tmp/install.zipl.cmdline-done + +exit 0 diff --git a/modules.d/91zipl/module-setup.sh b/modules.d/91zipl/module-setup.sh new file mode 100755 index 0000000..cb21454 --- /dev/null +++ b/modules.d/91zipl/module-setup.sh @@ -0,0 +1,67 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +get_boot_zipl_dev() { + local _boot_zipl + _boot_zipl=$(sed -n -e '/^[[:space:]]*#/d' -e 's/\(.*\)\w*\/boot\/zipl.*/\1/p' "$dracutsysrootdir"/etc/fstab) + printf "%s" "$(trim "$_boot_zipl")" +} + +# called by dracut +check() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + # Only for systems on s390 using indirect booting via userland grub + [ "$_arch" = "s390" -o "$_arch" = "s390x" ] || return 1 + # /boot/zipl contains a first stage kernel used to launch grub in initrd + [ -d /boot/zipl ] || return 1 + return 0 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + local _boot_zipl + + _boot_zipl=$(get_boot_zipl_dev) + if [ -n "$_boot_zipl" ]; then + eval "$(blkid -s TYPE -o udev "${_boot_zipl}")" + if [ -n "$ID_FS_TYPE" ]; then + case "$ID_FS_TYPE" in + ext?) + ID_FS_TYPE=ext4 + ;; + esac + instmods ${ID_FS_TYPE} + fi + fi +} + +# called by dracut +cmdline() { + local _boot_zipl + + _boot_zipl=$(get_boot_zipl_dev) + if [ -n "$_boot_zipl" ]; then + printf "%s" " rd.zipl=${_boot_zipl}" + fi +} + +# called by dracut +install() { + inst_multiple mount umount + + inst_hook cmdline 91 "$moddir/parse-zipl.sh" + inst_script "${moddir}/install_zipl_cmdline.sh" /sbin/install_zipl_cmdline.sh + if [[ $hostonly_cmdline == "yes" ]]; then + local _zipl + _zipl=$(cmdline) + + [[ $_zipl ]] && printf "%s\n" "$_zipl" > "${initdir}/etc/cmdline.d/91zipl.conf" + fi + dracut_need_initqueue +} diff --git a/modules.d/91zipl/parse-zipl.sh b/modules.d/91zipl/parse-zipl.sh new file mode 100755 index 0000000..d95a1dd --- /dev/null +++ b/modules.d/91zipl/parse-zipl.sh @@ -0,0 +1,51 @@ +#!/bin/sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +zipl_arg=$(getarg rd.zipl) + +if [ -n "$zipl_arg" ]; then + case "$zipl_arg" in + LABEL=*) + zipl_env="ENV{ID_FS_LABEL}" + zipl_val=${zipl_arg#LABEL=} + zipl_arg="$(label_uuid_to_dev "${zipl_val}")" + ;; + UUID=*) + zipl_env="ENV{ID_FS_UUID}" + zipl_val=${zipl_arg#UUID=} + zipl_arg="$(label_uuid_to_dev "${zipl_val}")" + ;; + PARTLABEL=*) + zipl_env="ENV{ID_FS_PARTLABEL}" + zipl_val=${zipl_arg#PARTLABEL=} + zipl_arg="$(label_uuid_to_dev "${zipl_val}")" + ;; + PARTUUID=*) + zipl_env="ENV{ID_FS_PARTUUID}" + zipl_val=${zipl_arg#PARTUUID=} + zipl_arg="$(label_uuid_to_dev "${zipl_val}")" + ;; + /dev/mapper/*) + zipl_env="ENV{DM_NAME}" + zipl_val=${zipl_arg#/dev/mapper/} + ;; + /dev/disk/by-*) + zipl_env="SYMLINK" + zipl_val=${zipl_arg#/dev/} + ;; + /dev/*) + zipl_env="KERNEL" + zipl_val=${zipl_arg} + ;; + esac + if [ "$zipl_env" ]; then + { + printf 'ACTION=="add|change", SUBSYSTEM=="block", %s=="%s", ENV{SYSTEMD_READY}!="0", RUN+="/sbin/initqueue --settled --onetime --unique --name install_zipl_cmdline /sbin/install_zipl_cmdline.sh %s"\n' \ + ${zipl_env} "${zipl_val}" "${zipl_arg}" + echo "[ -f /tmp/install.zipl.cmdline-done ]" > "$hookdir"/initqueue/finished/wait-zipl-conf.sh + } >> /etc/udev/rules.d/99zipl-conf.rules + cat /etc/udev/rules.d/99zipl-conf.rules + fi + wait_for_dev -n "$zipl_arg" +fi diff --git a/modules.d/95cifs/cifs-lib.sh b/modules.d/95cifs/cifs-lib.sh new file mode 100755 index 0000000..b996b41 --- /dev/null +++ b/modules.d/95cifs/cifs-lib.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +# cifs_to_var CIFSROOT +# use CIFSROOT to set $server, $path, and $options. +# CIFSROOT is something like: cifs://[<username>[:<password>]]@<host>/<path> +# NETIF is used to get information from DHCP options, if needed. + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +cifs_to_var() { + local cifsuser + local cifspass + # Check required arguments + server=${1##cifs://} + cifsuser=${server%@*} + cifspass=${cifsuser#*:} + if [ "$cifspass" != "$cifsuser" ]; then + cifsuser=${cifsuser%:*} + else + cifspass=$(getarg cifspass) + fi + if [ "$cifsuser" != "$server" ]; then + server="${server#*@}" + else + cifsuser=$(getarg cifsuser) + fi + + # shellcheck disable=SC2034 + path=${server#*/} + # shellcheck disable=SC2034 + server=${server%/*} + + if [ ! "$cifsuser" -o ! "$cifspass" ]; then + die "For CIFS support you need to specify a cifsuser and cifspass either in the cifsuser and cifspass commandline parameters or in the root= CIFS URL." + fi + # shellcheck disable=SC2034 + options="user=$cifsuser,pass=$cifspass,$(getarg rootflags=)" +} diff --git a/modules.d/95cifs/cifsroot.sh b/modules.d/95cifs/cifsroot.sh new file mode 100755 index 0000000..83539d4 --- /dev/null +++ b/modules.d/95cifs/cifsroot.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +. /lib/cifs-lib.sh + +[ "$#" = 3 ] || exit 1 + +# root is in the form root=cifs://user:pass@[server]/[folder] either from +# cmdline or dhcp root-path +#netif="$1" +root="$2" +NEWROOT="$3" + +cifs_to_var "$root" + +mount.cifs "//$server/$path" "$NEWROOT" -o "$options" && { [ -e /dev/root ] || ln -s null /dev/root; } + +# inject new exit_if_exists +# shellcheck disable=SC2016 +echo 'settle_exit_if_exists="--exit-if-exists=/dev/root"; rm -f -- "$job"' > "$hookdir"/initqueue/cifs.sh +# force udevsettle to break +: > "$hookdir"/initqueue/work diff --git a/modules.d/95cifs/module-setup.sh b/modules.d/95cifs/module-setup.sh new file mode 100755 index 0000000..6abc475 --- /dev/null +++ b/modules.d/95cifs/module-setup.sh @@ -0,0 +1,58 @@ +#!/bin/bash + +# called by dracut +check() { + # If our prerequisites are not met, fail anyways. + require_binaries mount.cifs || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for fs in "${host_fs_types[@]}"; do + [[ $fs == "cifs" ]] && return 0 + done + return 255 + } + + return 0 +} + +# called by dracut +depends() { + # We depend on network modules being loaded + echo network +} + +# called by dracut +installkernel() { + instmods cifs ipv6 + # hash algos + instmods md4 md5 sha256 sha512 + # ciphers + instmods aes arc4 des ecb gcm aead2 + # macs + instmods hmac cmac ccm +} + +# called by dracut +install() { + local _nsslibs + inst_multiple -o mount.cifs + inst_multiple -o /etc/services /etc/nsswitch.conf /etc/protocols + inst_multiple -o /usr/etc/services /usr/etc/nsswitch.conf /usr/etc/protocols + + inst_libdir_file 'libcap-ng.so*' + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + inst_hook cmdline 90 "$moddir/parse-cifsroot.sh" + inst "$moddir/cifsroot.sh" "/sbin/cifsroot" + inst "$moddir/cifs-lib.sh" "/lib/cifs-lib.sh" + dracut_need_initqueue +} diff --git a/modules.d/95cifs/parse-cifsroot.sh b/modules.d/95cifs/parse-cifsroot.sh new file mode 100755 index 0000000..b88bef4 --- /dev/null +++ b/modules.d/95cifs/parse-cifsroot.sh @@ -0,0 +1,51 @@ +#!/bin/sh +# +# root=cifs://[user:pass@]<server>/<folder> +# +# This syntax can come from DHCP root-path as well. +# +# If a username or password are not specified as part of the root, then they +# will be pulled from cifsuser and cifspass on the kernel command line, +# respectively. +# + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +. /lib/cifs-lib.sh + +# This script is sourced, so root should be set. But let's be paranoid +[ -z "$root" ] && root=$(getarg root=) + +if [ -z "$netroot" ]; then + for netroot in $(getargs netroot=); do + [ "${netroot%%:*}" = "cifs" ] && break + done + [ "${netroot%%:*}" = "cifs" ] || unset netroot +fi + +# Root takes precedence over netroot +if [ "${root%%:*}" = "cifs" ]; then + if [ -n "$netroot" ]; then + warn "root takes precedence over netroot. Ignoring netroot" + fi + netroot=$root + unset root +fi + +# If it's not cifs we don't continue +[ "${netroot%%:*}" = "cifs" ] || return + +# Check required arguments +cifs_to_var "$netroot" + +# If we don't have a server, we need dhcp +if [ -z "$server" ]; then + # shellcheck disable=SC2034 + DHCPORSERVER="1" +fi + +# Done, all good! +# shellcheck disable=SC2034 +rootok=1 + +# shellcheck disable=SC2016 +echo '[ -e $NEWROOT/proc ]' > "$hookdir"/initqueue/finished/cifsroot.sh diff --git a/modules.d/95dasd/module-setup.sh b/modules.d/95dasd/module-setup.sh new file mode 100755 index 0000000..180da14 --- /dev/null +++ b/modules.d/95dasd/module-setup.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +# called by dracut +check() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + [ "$_arch" = "s390" -o "$_arch" = "s390x" ] || return 1 + require_binaries normalize_dasd_arg || return 1 + return 0 +} + +# called by dracut +depends() { + echo "dasd_mod" + return 0 +} + +# called by dracut +install() { + inst_hook cmdline 30 "$moddir/parse-dasd.sh" + inst_multiple dasdinfo dasdconf.sh normalize_dasd_arg + conf=/etc/dasd.conf + if [[ $hostonly && -f $conf ]]; then + inst -H $conf + fi + inst_rules 56-dasd.rules + inst_rules 59-dasd.rules +} diff --git a/modules.d/95dasd/parse-dasd.sh b/modules.d/95dasd/parse-dasd.sh new file mode 100755 index 0000000..cda3970 --- /dev/null +++ b/modules.d/95dasd/parse-dasd.sh @@ -0,0 +1,11 @@ +#!/bin/sh +for dasd_arg in $(getargs rd.dasd= -d rd_DASD= DASD=); do + ( + local OLDIFS="$IFS" + IFS="," + # shellcheck disable=SC2086 + set -- $dasd_arg + IFS="$OLDIFS" + echo "$@" | normalize_dasd_arg >> /etc/dasd.conf + ) +done diff --git a/modules.d/95dasd_mod/module-setup.sh b/modules.d/95dasd_mod/module-setup.sh new file mode 100755 index 0000000..c59dd3a --- /dev/null +++ b/modules.d/95dasd_mod/module-setup.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +# called by dracut +check() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + [ "$_arch" = "s390" -o "$_arch" = "s390x" ] || return 1 + require_binaries grep sed seq + + return 0 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + instmods dasd_mod dasd_eckd_mod dasd_fba_mod dasd_diag_mod +} + +# called by dracut +install() { + inst_hook cmdline 31 "$moddir/parse-dasd-mod.sh" + inst_multiple grep sed seq + inst_multiple -o dasd_cio_free +} diff --git a/modules.d/95dasd_mod/parse-dasd-mod.sh b/modules.d/95dasd_mod/parse-dasd-mod.sh new file mode 100755 index 0000000..2b86d45 --- /dev/null +++ b/modules.d/95dasd_mod/parse-dasd-mod.sh @@ -0,0 +1,18 @@ +#!/bin/sh +mod_args="" + +for dasd_arg in $(getargs rd.dasd= -d rd_DASD= DASD=); do + mod_args="$mod_args,$dasd_arg" +done + +mod_args="${mod_args#*,}" + +if [ -x /sbin/dasd_cio_free -a -n "$mod_args" ]; then + [ -d /etc/modprobe.d ] || mkdir -m 0755 -p /etc/modprobe.d + echo "options dasd_mod dasd=$mod_args" >> /etc/modprobe.d/dasd_mod.conf +fi + +unset dasd_arg +if [ -x /sbin/dasd_cio_free ]; then + dasd_cio_free +fi diff --git a/modules.d/95dasd_rules/module-setup.sh b/modules.d/95dasd_rules/module-setup.sh new file mode 100755 index 0000000..06c57a4 --- /dev/null +++ b/modules.d/95dasd_rules/module-setup.sh @@ -0,0 +1,65 @@ +#!/bin/bash + +# called by dracut +cmdline() { + is_dasd() { + local _dev=$1 + local _devpath + _devpath=$( + cd -P /sys/dev/block/"$_dev" || exit + echo "$PWD" + ) + + [ "${_devpath#*/dasd}" == "$_devpath" ] && return 1 + _ccw="${_devpath%%/block/*}" + echo "rd.dasd=${_ccw##*/}" + return 0 + } + [[ $hostonly ]] || [[ $mount_needs ]] && { + for_each_host_dev_and_slaves_all is_dasd || return 255 + } | sort | uniq +} + +# called by dracut +check() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + local found=0 + local bdev + [ "$_arch" = "s390" -o "$_arch" = "s390x" ] || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for bdev in /sys/block/*; do + case "${bdev##*/}" in + dasd*) + found=$((found + 1)) + break + ;; + esac + done + [ $found -eq 0 ] && return 255 + } + return 0 +} + +# called by dracut +depends() { + echo 'dasd_mod' bash + return 0 +} + +# called by dracut +install() { + inst_hook cmdline 30 "$moddir/parse-dasd.sh" + if [[ $hostonly_cmdline == "yes" ]]; then + local _dasd + _dasd=$(cmdline) + [[ $_dasd ]] && printf "%s\n" "$_dasd" >> "${initdir}/etc/cmdline.d/95dasd.conf" + fi + if [[ $hostonly ]]; then + inst_rules_wildcard "51-dasd-*.rules" + inst_rules_wildcard "41-dasd-*.rules" + mark_hostonly /etc/udev/rules.d/51-dasd-*.rules + mark_hostonly /etc/udev/rules.d/41-dasd-*.rules + fi + inst_rules 59-dasd.rules +} diff --git a/modules.d/95dasd_rules/parse-dasd.sh b/modules.d/95dasd_rules/parse-dasd.sh new file mode 100755 index 0000000..4454aec --- /dev/null +++ b/modules.d/95dasd_rules/parse-dasd.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +allow_device() { + local ccw=$1 + + if [ -x /sbin/cio_ignore ] && cio_ignore -i "$ccw" > /dev/null; then + cio_ignore -r "$ccw" + fi +} + +if [[ -f /sys/firmware/ipl/ipl_type ]] && [[ $(< /sys/firmware/ipl/ipl_type) == "ccw" ]]; then + allow_device "$(< /sys/firmware/ipl/device)" +fi + +for dasd_arg in $(getargs root=) $(getargs resume=); do + [[ $dasd_arg =~ /dev/disk/by-path/ccw-* ]] || continue + + ccw_dev="${dasd_arg##*/ccw-}" + allow_device "${ccw_dev%%-*}" +done + +for dasd_arg in $(getargs rd.dasd=); do + IFS=',' read -r -a devs <<< "$dasd_arg" + declare -p devs + for dev in "${devs[@]}"; do + case "$dev" in + autodetect | probeonly) ;; + + *-*) + IFS="-" read -r start end _ <<< "${dev%(ro)}" + prefix=${start%.*} + start=${start##*.} + for rdev in $(seq $((16#$start)) $((16#$end))); do + allow_device "$(printf "%s.%04x" "$prefix" "$rdev")" + done + ;; + *) + IFS="." read -r sid ssid chan _ <<< "${dev%(ro)}" + allow_device "$(printf "%01x.%01x.%04x" $((16#$sid)) $((16#$ssid)) $((16#$chan)))" + ;; + esac + done +done diff --git a/modules.d/95dcssblk/module-setup.sh b/modules.d/95dcssblk/module-setup.sh new file mode 100755 index 0000000..67af4ad --- /dev/null +++ b/modules.d/95dcssblk/module-setup.sh @@ -0,0 +1,34 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +# called by dracut +check() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + [[ $_arch == "s390" ]] || [[ $_arch == "s390x" ]] || return 1 + return 0 +} + +# called by dracut +installkernel() { + if [[ $hostonly ]]; then + for dev in /sys/devices/dcssblk/*/block/dcssblk*; do + [[ -e $dev ]] || continue + hostonly='' instmods dcssblk + return $? + done + else + hostonly='' instmods dcssblk + fi +} + +# called by dracut +install() { + inst_hook cmdline 30 "$moddir/parse-dcssblk.sh" + # If there is a config file which contains avail (best only of root device) + # disks to activate add it and use it during boot -> then we do not need + # a kernel param anymore + #if [[ $hostonly ]]; then + # inst /etc/dcssblk.conf + #fi +} diff --git a/modules.d/95dcssblk/parse-dcssblk.sh b/modules.d/95dcssblk/parse-dcssblk.sh new file mode 100755 index 0000000..980160a --- /dev/null +++ b/modules.d/95dcssblk/parse-dcssblk.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +if dcssblk_arg=$(getarg rd.dcssblk=); then + info "Loading dcssblk segments=$dcssblk_arg" + modprobe dcssblk segments="$dcssblk_arg" +fi diff --git a/modules.d/95debug/module-setup.sh b/modules.d/95debug/module-setup.sh new file mode 100755 index 0000000..3124f1a --- /dev/null +++ b/modules.d/95debug/module-setup.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# called by dracut +check() { + # do not add this module by default + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_multiple -o ls ps grep more cat rm strace free showmount df du lsblk \ + ping netstat rpcinfo vi scp ping6 ssh find chroot \ + tcpdump cp dd less hostname mkdir systemd-analyze \ + fsck fsck.ext2 fsck.ext4 fsck.ext3 fsck.ext4dev fsck.f2fs fsck.vfat e2fsck + + grep '^tcpdump:' "$dracutsysrootdir"/etc/passwd 2> /dev/null >> "$initdir/etc/passwd" +} diff --git a/modules.d/95fcoe-uefi/module-setup.sh b/modules.d/95fcoe-uefi/module-setup.sh new file mode 100755 index 0000000..9dc1e73 --- /dev/null +++ b/modules.d/95fcoe-uefi/module-setup.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +# called by dracut +check() { + is_fcoe() { + block_is_fcoe "$1" || return 1 + } + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for_each_host_dev_and_slaves is_fcoe || return 255 + [ -d /sys/firmware/efi ] || return 255 + } + + require_binaries dcbtool fipvlan lldpad ip readlink || return 1 + return 0 +} + +# called by dracut +depends() { + echo fcoe uefi-lib bash + return 0 +} + +# called by dracut +install() { + inst_hook cmdline 20 "$moddir/parse-uefifcoe.sh" +} diff --git a/modules.d/95fcoe-uefi/parse-uefifcoe.sh b/modules.d/95fcoe-uefi/parse-uefifcoe.sh new file mode 100755 index 0000000..e120dec --- /dev/null +++ b/modules.d/95fcoe-uefi/parse-uefifcoe.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +command -v getarg > /dev/null || . /lib/dracut-lib.sh +command -v get_fcoe_boot_mac > /dev/null || . /lib/uefi-lib.sh +command -v set_ifname > /dev/null || . /lib/net-lib.sh + +print_fcoe_uefi_conf() { + local mac dev vlan + mac=$(get_fcoe_boot_mac "$1") + [ -z "$mac" ] && return 1 + dev=$(set_ifname fcoe "$mac") + vlan=$(get_fcoe_boot_vlan "$1") + if [ "$vlan" -ne "0" ]; then + case "$vlan" in + [0-9]*) + printf "%s\n" "vlan=$dev.$vlan:$dev" + dev="$dev.$vlan" + ;; + *) + printf "%s\n" "vlan=$vlan:$dev" + dev="$vlan" + ;; + esac + fi + # fcoe=eth0:nodcb + printf "fcoe=%s\n" "$dev:nodcb" + return 0 +} + +for i in /sys/firmware/efi/efivars/FcoeBootDevice-*; do + [ -e "$i" ] || continue + print_fcoe_uefi_conf "$i" > /etc/cmdline.d/40-fcoe-uefi.conf && break +done diff --git a/modules.d/95fcoe/cleanup-fcoe.sh b/modules.d/95fcoe/cleanup-fcoe.sh new file mode 100755 index 0000000..210fb94 --- /dev/null +++ b/modules.d/95fcoe/cleanup-fcoe.sh @@ -0,0 +1,15 @@ +#!/bin/sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +if [ -e /var/run/lldpad.pid ]; then + lldpad -k + # with systemd version 230, this is not necessary anymore + # systemd commit cacf980ed44a28e276a6cc7f8fc41f991e2ab354 + if [ -z "$DRACUT_SYSTEMD" ]; then + # shellcheck disable=SC2174 + mkdir -m 0755 -p /run/initramfs/state/dev/shm + cp /dev/shm/lldpad.state /run/initramfs/state/dev/shm/ > /dev/null 2>&1 + echo "files /dev/shm/lldpad.state" >> /run/initramfs/rwtab + fi +fi diff --git a/modules.d/95fcoe/fcoe-edd.sh b/modules.d/95fcoe/fcoe-edd.sh new file mode 100755 index 0000000..17f8a7c --- /dev/null +++ b/modules.d/95fcoe/fcoe-edd.sh @@ -0,0 +1,54 @@ +#!/bin/sh + +dcb="$1" + +_modprobe_r_edd="0" + +check_edd() { + local cnt=0 + + [ -d /sys/firmware/edd ] && return 0 + + _modprobe_r_edd="1" + modprobe edd || return $? + + while [ $cnt -lt 600 ]; do + [ -d /sys/firmware/edd ] && return 0 + cnt=$((cnt + 1)) + sleep 0.1 + done + return 1 +} + +check_edd || exit 1 + +for disk in /sys/firmware/edd/int13_*; do + [ -d "$disk" ] || continue + if [ -e "${disk}/pci_dev/driver" ]; then + driver=$(readlink "${disk}/pci_dev/driver") + driver=${driver##*/} + fi + # i40e uses dev_port 1 for a virtual fcoe function + if [ "${driver}" = "i40e" ]; then + dev_port=1 + fi + for nic in "${disk}"/pci_dev/net/*; do + [ -d "$nic" ] || continue + if [ -n "${dev_port}" -a -e "${nic}/dev_port" ]; then + if [ "$(cat "${nic}"/dev_port)" -ne "${dev_port}" ]; then + continue + fi + fi + if [ -e "${nic}"/address ]; then + fcoe_interface=${nic##*/} + if ! [ -e "/tmp/.fcoe-$fcoe_interface" ]; then + /sbin/fcoe-up "$fcoe_interface" "$dcb" + : > "/tmp/.fcoe-$fcoe_interface" + fi + fi + done +done + +[ "$_modprobe_r_edd" = "1" ] && modprobe -r edd + +unset _modprobe_r_edd diff --git a/modules.d/95fcoe/fcoe-up.sh b/modules.d/95fcoe/fcoe-up.sh new file mode 100755 index 0000000..0828f03 --- /dev/null +++ b/modules.d/95fcoe/fcoe-up.sh @@ -0,0 +1,106 @@ +#!/bin/sh +# +# We get called like this: +# fcoe-up <network-device> <dcb|nodcb> <fabric|vn2vn> +# +# Note currently only nodcb is supported, the dcb option is reserved for +# future use. + +PATH=/usr/sbin:/usr/bin:/sbin:/bin +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +type ip_to_var > /dev/null 2>&1 || . /lib/net-lib.sh + +# Huh? Missing arguments ?? +[ -z "$1" -o -z "$2" ] && exit 1 + +netif=$1 +dcb=$2 +mode=$3 +vlan="yes" + +read -r iflink < /sys/class/net/"$netif"/iflink +read -r ifindex < /sys/class/net/"$netif"/ifindex +if [ "$iflink" != "$ifindex" ]; then + # Skip VLAN devices + exit 0 +fi + +ip link set dev "$netif" up +linkup "$netif" + +# Some fcoemon implementations expect --syslog=true +syslogopt="--syslog" +if fcoemon -h | grep syslog | grep -q yes; then + syslogopt="$syslogopt=yes" +fi + +netdriver=$(readlink -f /sys/class/net/"$netif"/device/driver) +netdriver=${netdriver##*/} + +write_fcoemon_cfg() { + [ -f /etc/fcoe/cfg-"$netif" ] && return + echo FCOE_ENABLE=\"yes\" > /etc/fcoe/cfg-"$netif" + if [ "$dcb" = "dcb" ]; then + echo DCB_REQUIRED=\"yes\" >> /etc/fcoe/cfg-"$netif" + else + echo DCB_REQUIRED=\"no\" >> /etc/fcoe/cfg-"$netif" + fi + if [ "$vlan" = "yes" ]; then + echo AUTO_VLAN=\"yes\" >> /etc/fcoe/cfg-"$netif" + else + echo AUTO_VLAN=\"no\" >> /etc/fcoe/cfg-"$netif" + fi + if [ "$mode" = "vn2vn" ]; then + echo MODE=\"vn2vn\" >> /etc/fcoe/cfg-"$netif" + else + echo MODE=\"fabric\" >> /etc/fcoe/cfg-"$netif" + fi +} + +if [ "$netdriver" = "bnx2x" ]; then + # If driver is bnx2x, do not use /sys/module/fcoe/parameters/create but fipvlan + modprobe 8021q + udevadm settle --timeout=30 + # Sleep for 13 s to allow dcb negotiation + sleep 13 + fipvlan "$netif" -c -s + need_shutdown + exit +fi +if [ "$dcb" = "dcb" ]; then + # wait for lldpad to be ready + i=0 + while [ $i -lt 60 ]; do + lldptool -p && break + info "Waiting for lldpad to be ready" + sleep 1 + i=$((i + 1)) + done + + while [ $i -lt 60 ]; do + dcbtool sc "$netif" dcb on && break + info "Retrying to turn dcb on" + sleep 1 + i=$((i + 1)) + done + + while [ $i -lt 60 ]; do + dcbtool sc "$netif" pfc e:1 a:1 w:1 && break + info "Retrying to turn dcb on" + sleep 1 + i=$((i + 1)) + done + + while [ $i -lt 60 ]; do + dcbtool sc "$netif" app:fcoe e:1 a:1 w:1 && break + info "Retrying to turn fcoe on" + sleep 1 + i=$((i + 1)) + done + + sleep 1 +fi +write_fcoemon_cfg +fcoemon $syslogopt + +need_shutdown diff --git a/modules.d/95fcoe/lldpad.sh b/modules.d/95fcoe/lldpad.sh new file mode 100755 index 0000000..f992ae2 --- /dev/null +++ b/modules.d/95fcoe/lldpad.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +if ! getargbool 1 rd.fcoe -d -n rd.nofcoe; then + info "rd.fcoe=0: skipping lldpad activation" + return 0 +fi + +# Note lldpad will stay running after switchroot, the system initscripts +# are to kill it and start a new lldpad to take over. Data is transferred +# between the 2 using a shm segment +lldpad -d +# wait for lldpad to be ready +i=0 +while [ $i -lt 60 ]; do + lldptool -p && break + info "Waiting for lldpad to be ready" + sleep 1 + i=$((i + 1)) +done diff --git a/modules.d/95fcoe/module-setup.sh b/modules.d/95fcoe/module-setup.sh new file mode 100755 index 0000000..3de85c2 --- /dev/null +++ b/modules.d/95fcoe/module-setup.sh @@ -0,0 +1,122 @@ +#!/bin/bash + +# called by dracut +check() { + is_fcoe() { + block_is_fcoe "$1" || return 1 + } + + [[ $hostonly ]] || [[ $mount_needs ]] && { + for_each_host_dev_and_slaves is_fcoe || return 255 + } + + require_binaries dcbtool fipvlan lldpad ip readlink fcoemon fcoeadm tr || return 1 + return 0 +} + +# called by dracut +depends() { + echo network rootfs-block + return 0 +} + +# called by dracut +installkernel() { + instmods fcoe libfcoe 8021q edd bnx2fc +} + +get_vlan_parent() { + local link=$1 + + [ -d "$link" ] || return + read -r iflink < "$link"/iflink + for if in /sys/class/net/*; do + read -r idx < "$if"/ifindex + if [ "$idx" -eq "$iflink" ]; then + echo "${if##*/}" + fi + done +} + +# called by dracut +cmdline() { + { + for c in /sys/bus/fcoe/devices/ctlr_*; do + [ -L "$c" ] || continue + read -r enabled < "$c"/enabled + read -r mode < "$c"/mode + [ "$enabled" -eq 0 ] && continue + if [ "$mode" = "VN2VN" ]; then + mode="vn2vn" + else + mode="fabric" + fi + d=$( + cd -P "$c" || exit + echo "$PWD" + ) + i=${d%/*} + ifname=${i##*/} + read -r mac < "${i}"/address + s=$(dcbtool gc "${i##*/}" dcb 2> /dev/null | sed -n 's/^DCB State:\t*\(.*\)/\1/p') + if [ -z "$s" ]; then + p=$(get_vlan_parent "${i}") + if [ "$p" ]; then + s=$(dcbtool gc "${p}" dcb 2> /dev/null | sed -n 's/^DCB State:\t*\(.*\)/\1/p') + ifname=${p##*/} + fi + fi + if [ "$s" = "on" ]; then + dcb="dcb" + else + dcb="nodcb" + fi + + # Some Combined Network Adapters(CNAs) implement DCB in firmware. + # Do not run software-based DCB or LLDP on CNAs that implement DCB. + # If the network interface provides hardware DCB/DCBX capabilities, + # DCB_REQUIRED in "/etc/fcoe/cfg-xxx" is expected to set to "no". + # + # Force "nodcb" if there's any DCB_REQUIRED="no"(child or vlan parent). + if grep -q '^[[:blank:]]*DCB_REQUIRED="no"' /etc/fcoe/cfg-"${i##*/}" &> /dev/null; then + dcb="nodcb" + fi + + if [ "$p" ]; then + if grep -q '^[[:blank:]]*DCB_REQUIRED="no"' /etc/fcoe/cfg-"${p}" &> /dev/null; then + dcb="nodcb" + fi + fi + + echo "ifname=${ifname}:${mac}" + echo "fcoe=${ifname}:${dcb}:${mode}" + done + } | sort | uniq +} + +# called by dracut +install() { + inst_multiple ip dcbtool fipvlan lldpad readlink lldptool fcoemon fcoeadm tr + if [[ -e $dracutsysrootdir/etc/hba.conf ]]; then + inst_libdir_file 'libhbalinux.so*' + inst_simple "/etc/hba.conf" + fi + + mkdir -m 0755 -p "$initdir/var/lib/lldpad" + mkdir -m 0755 -p "$initdir/etc/fcoe" + + if [[ $hostonly_cmdline == "yes" ]]; then + local _fcoeconf + _fcoeconf=$(cmdline) + [[ $_fcoeconf ]] && printf "%s\n" "$_fcoeconf" >> "${initdir}/etc/cmdline.d/95fcoe.conf" + fi + inst_multiple "/etc/fcoe/cfg-*" + + inst "$moddir/fcoe-up.sh" "/sbin/fcoe-up" + inst "$moddir/fcoe-edd.sh" "/sbin/fcoe-edd" + inst_hook pre-trigger 03 "$moddir/lldpad.sh" + inst_hook cmdline 99 "$moddir/parse-fcoe.sh" + inst_hook cleanup 90 "$moddir/cleanup-fcoe.sh" + inst_hook shutdown 40 "$moddir/stop-fcoe.sh" + dracut_need_initqueue +} diff --git a/modules.d/95fcoe/parse-fcoe.sh b/modules.d/95fcoe/parse-fcoe.sh new file mode 100755 index 0000000..bde6b62 --- /dev/null +++ b/modules.d/95fcoe/parse-fcoe.sh @@ -0,0 +1,106 @@ +#!/bin/sh +# +# Supported formats: +# fcoe=<networkdevice>:<dcb|nodcb>:<fabric|vn2vn> +# fcoe=<macaddress>:<dcb|nodcb>:<fabric|vn2vn> +# +# Note currently only nodcb is supported, the dcb option is reserved for +# future use. +# +# Note letters in the macaddress must be lowercase! +# +# Examples: +# fcoe=eth0:nodcb:vn2vn +# fcoe=4a:3f:4c:04:f8:d7:nodcb:fabric + +if [ -z "$fcoe" ] && ! getarg fcoe=; then + # If it's not set we don't continue + return 0 +fi + +if ! getargbool 1 rd.fcoe -d -n rd.nofcoe; then + info "rd.fcoe=0: skipping fcoe" + return 0 +fi + +if ! [ -e /sys/bus/fcoe/ctlr_create ] && ! modprobe -b -a fcoe && ! modprobe -b -a libfcoe; then + die "FCoE requested but kernel/initrd does not support FCoE" +fi + +initqueue --onetime modprobe -b -q bnx2fc + +parse_fcoe_opts() { + local fcoe_interface + local fcoe_dcb + local fcoe_mode + local fcoe_mac + local OLDIFS="$IFS" + local IFS=: + # shellcheck disable=SC2086 + # shellcheck disable=SC2048 + set -- $* + IFS="$OLDIFS" + + case $# in + 2) + fcoe_interface=$1 + fcoe_dcb=$2 + fcoe_mode="fabric" + unset fcoe_mac + ;; + 3) + fcoe_interface=$1 + fcoe_dcb=$2 + fcoe_mode=$3 + unset fcoe_mac + ;; + 7) + fcoe_mac=$(echo "$1:$2:$3:$4:$5:$6" | tr "[:upper:]" "[:lower:]") + fcoe_dcb=$7 + fcoe_mode="fabric" + unset fcoe_interface + ;; + 8) + fcoe_mac=$(echo "$1:$2:$3:$4:$5:$6" | tr "[:upper:]" "[:lower:]") + fcoe_dcb=$7 + fcoe_mode=$8 + unset fcoe_interface + ;; + *) + warn "Invalid arguments for fcoe=$fcoe" + return 1 + ;; + esac + + if [ "$fcoe_dcb" != "nodcb" -a "$fcoe_dcb" != "dcb" ]; then + warn "Invalid FCoE DCB option: $fcoe_dcb" + fi + + if [ "$fcoe_interface" = "edd" ]; then + /sbin/initqueue --settled --unique /sbin/fcoe-edd "$fcoe_dcb" + return 0 + fi + + if [ -z "$fcoe_interface" -a -z "$fcoe_mac" ]; then + warn "fcoe: Neither interface nor MAC specified for fcoe=$fcoe" + return 1 + fi + + { + if [ -n "$fcoe_mac" ]; then + # shellcheck disable=SC2016 + printf 'ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="%s", RUN+="/sbin/initqueue --onetime --unique --name fcoe-up-$name /sbin/fcoe-up $name %s %s"\n' "$fcoe_mac" "$fcoe_dcb" "$fcoe_mode" + # shellcheck disable=SC2016 + printf 'ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="%s", RUN+="/sbin/initqueue --onetime --timeout --unique --name fcoe-timeout-$name /sbin/fcoe-up $name %s %s"\n' "$fcoe_mac" "$fcoe_dcb" "$fcoe_mode" + else + # shellcheck disable=SC2016 + printf 'ACTION=="add", SUBSYSTEM=="net", NAME=="%s", RUN+="/sbin/initqueue --onetime --unique --name fcoe-up-$name /sbin/fcoe-up $name %s %s"\n' "$fcoe_interface" "$fcoe_dcb" "$fcoe_mode" + # shellcheck disable=SC2016 + printf 'ACTION=="add", SUBSYSTEM=="net", NAME=="%s", RUN+="/sbin/initqueue --onetime --timeout --unique --name fcoe-timeout-$name /sbin/fcoe-up $name %s %s"\n' "$fcoe_interface" "$fcoe_dcb" "$fcoe_mode" + fi + } >> /etc/udev/rules.d/92-fcoe.rules +} + +for fcoe in $fcoe $(getargs fcoe=); do + parse_fcoe_opts "$fcoe" +done diff --git a/modules.d/95fcoe/stop-fcoe.sh b/modules.d/95fcoe/stop-fcoe.sh new file mode 100755 index 0000000..a89cbbc --- /dev/null +++ b/modules.d/95fcoe/stop-fcoe.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +for f in /sys/bus/fcoe/devices/ctlr_*; do + [ -e "$f" ] || continue + echo 0 > "$f"/enabled +done diff --git a/modules.d/95fstab-sys/module-setup.sh b/modules.d/95fstab-sys/module-setup.sh new file mode 100755 index 0000000..e58f0d8 --- /dev/null +++ b/modules.d/95fstab-sys/module-setup.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# called by dracut +check() { + [[ -f $dracutsysrootdir/etc/fstab.sys ]] || [[ -n $add_fstab || -n $fstab_lines ]] +} + +# called by dracut +depends() { + echo fs-lib +} + +# called by dracut +install() { + [[ -f $dracutsysrootdir/etc/fstab.sys ]] && inst_simple /etc/fstab.sys + inst_hook pre-pivot 00 "$moddir/mount-sys.sh" +} diff --git a/modules.d/95fstab-sys/mount-sys.sh b/modules.d/95fstab-sys/mount-sys.sh new file mode 100755 index 0000000..bb4bcdb --- /dev/null +++ b/modules.d/95fstab-sys/mount-sys.sh @@ -0,0 +1,39 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +type det_fs > /dev/null 2>&1 || . /lib/fs-lib.sh + +fstab_mount() { + local _dev _mp _fs _opts _pass + test -e "$1" || return 1 + info "Mounting from $1" + while read -r _dev _mp _fs _opts _ _pass _ || [ -n "$_dev" ]; do + [ -z "${_dev%%#*}" ] && continue # Skip comment lines + ismounted "$_mp" && continue # Skip mounted filesystem + if [ "$_pass" -gt 0 ] && ! strstr "$_opts" _netdev; then + fsck_single "$_dev" "$_fs" "$_opts" + fi + _fs=$(det_fs "$_dev" "$_fs") + info "Mounting $_dev" + if [ -d "$NEWROOT/$_mp" ]; then + mount -v -t "$_fs" -o "$_opts" "$_dev" "$NEWROOT/$_mp" 2>&1 | vinfo + else + [ -d "$_mp" ] || mkdir -p "$_mp" + mount -v -t "$_fs" -o "$_opts" "$_dev" "$_mp" 2>&1 | vinfo + fi + done < "$1" + return 0 +} + +# systemd will mount and run fsck from /etc/fstab and we don't want to +# run into a race condition. +if [ -z "$DRACUT_SYSTEMD" ]; then + [ -f /etc/fstab ] && fstab_mount /etc/fstab +fi + +# prefer $NEWROOT/etc/fstab.sys over local /etc/fstab.sys +if [ -f "$NEWROOT"/etc/fstab.sys ]; then + fstab_mount "$NEWROOT"/etc/fstab.sys +elif [ -f /etc/fstab.sys ]; then + fstab_mount /etc/fstab.sys +fi diff --git a/modules.d/95iscsi/cleanup-iscsi.sh b/modules.d/95iscsi/cleanup-iscsi.sh new file mode 100755 index 0000000..8338503 --- /dev/null +++ b/modules.d/95iscsi/cleanup-iscsi.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +if [ -z "${DRACUT_SYSTEMD}" ] && { [ -e /sys/module/bnx2i ] || [ -e /sys/module/qedi ]; }; then + killproc iscsiuio +fi diff --git a/modules.d/95iscsi/iscsiroot.sh b/modules.d/95iscsi/iscsiroot.sh new file mode 100755 index 0000000..b6af7f4 --- /dev/null +++ b/modules.d/95iscsi/iscsiroot.sh @@ -0,0 +1,322 @@ +#!/bin/sh +# +# This implementation is incomplete: Discovery mode is not implemented and +# the argument handling doesn't follow currently agreed formats. This is mainly +# because rfc4173 does not say anything about iscsi_initiator but open-iscsi's +# iscsistart needs this. +# + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +type parse_iscsi_root > /dev/null 2>&1 || . /lib/net-lib.sh +type write_fs_tab > /dev/null 2>&1 || . /lib/fs-lib.sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +# Huh? Empty $1? +[ -z "$1" ] && exit 1 + +# Huh? Empty $2? +[ -z "$2" ] && exit 1 + +# Huh? Empty $3? This isn't really necessary, since NEWROOT isn't +# used here. But let's be consistent +[ -z "$3" ] && exit 1 + +# root is in the form root=iscsi:[<servername>]:[<protocol>]:[<port>]:[<LUN>]:<targetname> +netif="$1" +iroot="$2" + +# If it's not iscsi we don't continue +[ "${iroot%%:*}" = "iscsi" ] || exit 1 + +iroot=${iroot#iscsi} +iroot=${iroot#:} + +# XXX modprobe crc32c should go in the cmdline parser, but I haven't yet +# figured out a way how to check whether this is built-in or not +modprobe crc32c 2> /dev/null + +# start iscsiuio if needed +if [ -z "${DRACUT_SYSTEMD}" ] \ + && { [ -e /sys/module/bnx2i ] || [ -e /sys/module/qedi ]; } \ + && ! [ -e /tmp/iscsiuio-started ]; then + iscsiuio + : > /tmp/iscsiuio-started +fi + +handle_firmware() { + local ifaces retry _res + + # Depending on the 'ql4xdisablesysfsboot' qla4xxx + # will be autostarting sessions without presenting + # them via the firmware interface. + # In these cases 'iscsiadm -m fw' will fail, but + # the iSCSI sessions will still be present. + if ! iscsiadm -m fw; then + warn "iscsiadm: Could not get list of targets from firmware." + else + ifaces=$( + set -- /sys/firmware/ibft/ethernet* + echo $# + ) + read -r retry < /tmp/session-retry + + if [ "$retry" -lt "$ifaces" ]; then + retry=$((retry + 1)) + echo $retry > /tmp/session-retry + return 1 + else + rm /tmp/session-retry + fi + + # check to see if we have the new iscsiadm command, + # that supports the "no-wait" (-W) flag. If so, use it. + iscsiadm -m fw -l -W 2> /dev/null + _res=$? + if [ $_res -eq 7 ]; then + # ISCSI_ERR_INVALID (7) => "-W" not supported + info "iscsiadm does not support no-wait firmware logins" + iscsiadm -m fw -l + _res=$? + fi + if [ $_res -ne 0 ]; then + warn "iscsiadm: Log-in to iscsi target failed" + else + need_shutdown + fi + fi + [ -d /sys/class/iscsi_session ] || return 1 + echo 'started' > "/tmp/iscsistarted-iscsi:" + echo 'started' > "/tmp/iscsistarted-firmware" + + return 0 +} + +handle_netroot() { + local iscsi_initiator iscsi_target_name iscsi_target_ip iscsi_target_port + local iscsi_target_group iscsirw iscsi_lun + local iscsi_username iscsi_password + local iscsi_in_username iscsi_in_password + local iscsi_iface_name iscsi_netdev_name + local iscsi_param param + local p found + local login_retry_max_seen= + + # override conf settings by command line options + arg=$(getarg rd.iscsi.initiator -d iscsi_initiator=) + [ -n "$arg" ] && iscsi_initiator=$arg + arg=$(getarg rd.iscsi.target.group -d iscsi_target_group=) + [ -n "$arg" ] && iscsi_target_group=$arg + arg=$(getarg rd.iscsi.username -d iscsi_username=) + [ -n "$arg" ] && iscsi_username=$arg + arg=$(getarg rd.iscsi.password -d iscsi_password) + [ -n "$arg" ] && iscsi_password=$arg + arg=$(getarg rd.iscsi.in.username -d iscsi_in_username=) + [ -n "$arg" ] && iscsi_in_username=$arg + arg=$(getarg rd.iscsi.in.password -d iscsi_in_password=) + [ -n "$arg" ] && iscsi_in_password=$arg + for p in $(getargs rd.iscsi.param -d iscsi_param); do + [ "${p%=*}" = node.session.initial_login_retry_max ] \ + && login_retry_max_seen=yes + iscsi_param="$iscsi_param $p" + done + + # this sets iscsi_target_name and possibly overwrites most + # parameters read from the command line above + parse_iscsi_root "$1" || return 1 + + # Bail out early, if there is no route to the destination + if is_ip "$iscsi_target_ip" && [ "$netif" != "timeout" ] && ! all_ifaces_setup && getargbool 1 rd.iscsi.testroute; then + ip route get "$iscsi_target_ip" > /dev/null 2>&1 || return 0 + fi + + #limit iscsistart login retries + if [ "$login_retry_max_seen" != yes ]; then + retries=$(getargnum 3 0 10000 rd.iscsi.login_retry_max) + if [ "$retries" -gt 0 ]; then + iscsi_param="${iscsi_param% } node.session.initial_login_retry_max=$retries" + fi + fi + + # XXX is this needed? + getarg ro && iscsirw=ro + getarg rw && iscsirw=rw + fsopts=${fsopts:+$fsopts,}${iscsirw} + + if [ -z "$iscsi_initiator" ] && [ -f /sys/firmware/ibft/initiator/initiator-name ] && ! [ -f /tmp/iscsi_set_initiator ]; then + iscsi_initiator=$(while read -r line || [ -n "$line" ]; do echo "$line"; done < /sys/firmware/ibft/initiator/initiator-name) + echo "InitiatorName=$iscsi_initiator" > /run/initiatorname.iscsi + rm -f /etc/iscsi/initiatorname.iscsi + mkdir -p /etc/iscsi + ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi + : > /tmp/iscsi_set_initiator + if [ -n "$DRACUT_SYSTEMD" ]; then + systemctl try-restart iscsid + # FIXME: iscsid is not yet ready, when the service is :-/ + sleep 1 + fi + fi + + if [ -z "$iscsi_initiator" ]; then + [ -f /run/initiatorname.iscsi ] && . /run/initiatorname.iscsi + [ -f /etc/initiatorname.iscsi ] && . /etc/initiatorname.iscsi + [ -f /etc/iscsi/initiatorname.iscsi ] && . /etc/iscsi/initiatorname.iscsi + iscsi_initiator=$InitiatorName + fi + + if [ -z "$iscsi_initiator" ]; then + iscsi_initiator=$(iscsi-iname) + echo "InitiatorName=$iscsi_initiator" > /run/initiatorname.iscsi + rm -f /etc/iscsi/initiatorname.iscsi + mkdir -p /etc/iscsi + ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi + : > /tmp/iscsi_set_initiator + if [ -n "$DRACUT_SYSTEMD" ]; then + systemctl try-restart iscsid + # FIXME: iscsid is not yet ready, when the service is :-/ + sleep 1 + fi + fi + + if [ -z "$iscsi_target_port" ]; then + iscsi_target_port=3260 + fi + + if [ -z "$iscsi_target_group" ]; then + iscsi_target_group=1 + fi + + if [ -z "$iscsi_lun" ]; then + iscsi_lun=0 + fi + + echo "InitiatorName=$iscsi_initiator" > /run/initiatorname.iscsi + ln -fs /run/initiatorname.iscsi /dev/.initiatorname.iscsi + if ! [ -e /etc/iscsi/initiatorname.iscsi ]; then + mkdir -p /etc/iscsi + ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi + if [ -n "$DRACUT_SYSTEMD" ]; then + systemctl try-restart iscsid + # FIXME: iscsid is not yet ready, when the service is :-/ + sleep 1 + fi + fi + + if [ -z "$DRACUT_SYSTEMD" ]; then + iscsid + sleep 2 + fi + + # FIXME $iscsi_protocol?? + + if [ "$root" = "dhcp" ] || [ "$netroot" = "dhcp" ]; then + # if root is not specified try to mount the whole iSCSI LUN + printf 'SYMLINK=="disk/by-path/*-iscsi-*-%s", SYMLINK+="root"\n' "$iscsi_lun" >> /etc/udev/rules.d/99-iscsi-root.rules + udevadm control --reload + write_fs_tab /dev/root + wait_for_dev -n /dev/root + + # install mount script + [ -z "$DRACUT_SYSTEMD" ] \ + && echo "iscsi_lun=$iscsi_lun . /bin/mount-lun.sh " > "$hookdir"/mount/01-$$-iscsi.sh + fi + + if strglobin "$iscsi_target_ip" '*:*:*' && ! strglobin "$iscsi_target_ip" '['; then + iscsi_target_ip="[$iscsi_target_ip]" + fi + targets=$(iscsiadm -m discovery -t st -p "$iscsi_target_ip":${iscsi_target_port:+$iscsi_target_port} | { + while read -r _ target _ || [ -n "$target" ]; do + echo "$target" + done + }) + [ -z "$targets" ] && warn "Target discovery to $iscsi_target_ip:${iscsi_target_port:+$iscsi_target_port} failed with status $?" && return 1 + + found= + for target in $targets; do + if [ "$target" = "$iscsi_target_name" ]; then + if [ -n "$iscsi_iface_name" ]; then + iscsiadm -m iface -I "$iscsi_iface_name" --op=new + EXTRA=" ${iscsi_netdev_name:+--name=iface.net_ifacename --value=$iscsi_netdev_name} " + EXTRA="$EXTRA ${iscsi_initiator:+--name=iface.initiatorname --value=$iscsi_initiator} " + fi + [ -n "$iscsi_param" ] && for param in $iscsi_param; do EXTRA="$EXTRA --name=${param%=*} --value=${param#*=}"; done + + CMD="iscsiadm -m node -T $target \ + ${iscsi_iface_name:+-I $iscsi_iface_name} \ + -p $iscsi_target_ip${iscsi_target_port:+:$iscsi_target_port}" + __op="--op=update \ + --name=node.startup --value=onboot \ + ${iscsi_username:+ --name=node.session.auth.username --value=$iscsi_username} \ + ${iscsi_password:+ --name=node.session.auth.password --value=$iscsi_password} \ + ${iscsi_in_username:+--name=node.session.auth.username_in --value=$iscsi_in_username} \ + ${iscsi_in_password:+--name=node.session.auth.password_in --value=$iscsi_in_password} \ + $EXTRA" + # shellcheck disable=SC2086 + $CMD $__op + if [ "$netif" != "timeout" ]; then + $CMD --login + fi + found=yes + break + fi + done + + if [ "$netif" = "timeout" ]; then + iscsiadm -m node -L onboot || : + elif [ "$found" != yes ]; then + warn "iSCSI target \"$iscsi_target_name\" not found on portal $iscsi_target_ip:$iscsi_target_port" + return 1 + fi + : > "$hookdir"/initqueue/work + + netroot_enc=$(str_replace "$1" '/' '\2f') + echo 'started' > "/tmp/iscsistarted-iscsi:${netroot_enc}" + return 0 +} + +ret=0 + +if [ "$netif" != "timeout" ] && getargbool 0 rd.iscsi.waitnet; then + all_ifaces_setup || exit 0 +fi + +if [ "$netif" = "timeout" ] && all_ifaces_setup; then + # s.th. went wrong and the timeout script hits + # restart + systemctl restart iscsid + # damn iscsid is not ready after unit says it's ready + sleep 2 +fi + +if getargbool 0 rd.iscsi.firmware -d -y iscsi_firmware; then + if [ "$netif" = "timeout" ] || [ "$netif" = "online" ] || [ "$netif" = "dummy" ]; then + [ -f /tmp/session-retry ] || echo 1 > /tmp/session-retry + handle_firmware + ret=$? + fi +fi + +if ! [ "$netif" = "online" ]; then + # loop over all netroot parameter + if nroot=$(getarg netroot) && [ "$nroot" != "dhcp" ]; then + for nroot in $(getargs netroot); do + [ "${nroot%%:*}" = "iscsi" ] || continue + nroot="${nroot##iscsi:}" + if [ -n "$nroot" ]; then + handle_netroot "$nroot" + ret=$((ret + $?)) + fi + done + else + if [ -n "$iroot" ]; then + handle_netroot "$iroot" + ret=$? + fi + fi +fi + +need_shutdown + +# now we have a root filesystem somewhere in /dev/sd* +# let the normal block handler handle root= +exit $ret diff --git a/modules.d/95iscsi/module-setup.sh b/modules.d/95iscsi/module-setup.sh new file mode 100755 index 0000000..2bea2fc --- /dev/null +++ b/modules.d/95iscsi/module-setup.sh @@ -0,0 +1,294 @@ +#!/bin/bash + +# called by dracut +check() { + # If our prerequisites are not met, fail anyways. + require_binaries iscsi-iname iscsiadm iscsid || return 1 + require_kernel_modules iscsi_tcp || return 1 + + # If hostonly was requested, fail the check if we are not actually + # booting from root. + [[ $hostonly ]] || [[ $mount_needs ]] && { + pushd . > /dev/null + for_each_host_dev_and_slaves block_is_iscsi + local _is_iscsi=$? + popd > /dev/null || exit + [[ $_is_iscsi == 0 ]] || return 255 + } + return 0 +} + +get_ibft_mod() { + local ibft_mac=$1 + local iface_mac iface_mod + # Return the iSCSI offload module for a given MAC address + for iface_desc in $(iscsiadm -m iface | cut -f 2 -d ' '); do + iface_mod=${iface_desc%%,*} + iface_mac=${iface_desc#*,} + iface_mac=${iface_mac%%,*} + if [ "$ibft_mac" = "$iface_mac" ]; then + echo "$iface_mod" + return 0 + fi + done +} + +install_ibft() { + # When iBFT / iscsi_boot is detected: + # - Use 'ip=ibft' to set up iBFT network interface + # Note: bnx2i is using a different MAC address of iSCSI offloading + # so the 'ip=ibft' parameter must not be set + # - specify firmware booting cmdline parameter + + for d in /sys/firmware/*; do + if [ -d "${d}"/ethernet0 ]; then + read -r ibft_mac < "${d}"/ethernet0/mac + ibft_mod=$(get_ibft_mod "$ibft_mac") + fi + if [ -z "$ibft_mod" ] && [ -d "${d}"/ethernet1 ]; then + read -r ibft_mac < "${d}"/ethernet1/mac + ibft_mod=$(get_ibft_mod "$ibft_mac") + fi + if [ -d "${d}"/initiator ]; then + if [ "${d##*/}" = "ibft" ] && [ "$ibft_mod" != "bnx2i" ]; then + echo -n "rd.iscsi.ibft=1 " + fi + echo -n "rd.iscsi.firmware=1 " + fi + done +} + +install_iscsiroot() { + local devpath=$1 + local scsi_path iscsi_lun session c d conn host flash + local iscsi_session iscsi_address iscsi_port iscsi_targetname + + scsi_path=${devpath%%/block*} + [ "$scsi_path" = "$devpath" ] && return 1 + iscsi_lun=${scsi_path##*:} + [ "$iscsi_lun" = "$scsi_path" ] && return 1 + session=${devpath%%/target*} + [ "$session" = "$devpath" ] && return 1 + iscsi_session=${session##*/} + [ "$iscsi_session" = "$session" ] && return 1 + host=${session%%/session*} + [ "$host" = "$session" ] && return 1 + iscsi_host=${host##*/} + + for flash in "${host}"/flashnode_sess-*; do + [ -f "$flash" ] || continue + [ ! -e "$flash/is_boot_target" ] && continue + read -r is_boot < "$flash"/is_boot_target + if [ "$is_boot" -eq 1 ]; then + # qla4xxx flashnode session; skip iBFT discovery + read -r iscsi_initiator < /sys/class/iscsi_host/"${iscsi_host}"/initiatorname + echo "rd.iscsi.initiator=${iscsi_initiator}" + return + fi + done + + for d in "${session}"/*; do + case $d in + *connection*) + c=${d##*/} + conn=${d}/iscsi_connection/${c} + if [ -d "${conn}" ]; then + read -r iscsi_address < "${conn}"/persistent_address + read -r iscsi_port < "${conn}"/persistent_port + fi + ;; + *session) + if [ -d "${d}"/"${iscsi_session}" ]; then + read -r iscsi_initiator < "${d}"/"${iscsi_session}"/initiatorname + read -r iscsi_targetname < "${d}"/"${iscsi_session}"/targetname + fi + ;; + esac + done + + [ -z "$iscsi_address" ] && return + ip_params_for_remote_addr "$iscsi_address" + + if [ -n "$iscsi_address" -a -n "$iscsi_targetname" ]; then + if [ -n "$iscsi_port" -a "$iscsi_port" -eq 3260 ]; then + iscsi_port= + fi + if [ -n "$iscsi_lun" -a "$iscsi_lun" -eq 0 ]; then + iscsi_lun= + fi + # In IPv6 case rd.iscsi.initatior= must pass address in [] brackets + case "$iscsi_address" in + *:*) + iscsi_address="[$iscsi_address]" + ;; + esac + # Must be two separate lines, so that "sort | uniq" commands later + # can sort out rd.iscsi.initiator= duplicates + echo "rd.iscsi.initiator=${iscsi_initiator}" + echo "netroot=iscsi:${iscsi_address}::${iscsi_port}:${iscsi_lun}:${iscsi_targetname}" + echo "rd.neednet=1" + fi + return 0 +} + +install_softiscsi() { + [ -d /sys/firmware/ibft ] && return 0 + + is_softiscsi() { + local _dev=$1 + local iscsi_dev + + [[ -L "/sys/dev/block/$_dev" ]] || return + iscsi_dev=$( + cd -P /sys/dev/block/"$_dev" || exit + echo "$PWD" + ) + install_iscsiroot "$iscsi_dev" + } + + for_each_host_dev_and_slaves_all is_softiscsi || return 255 + return 0 +} + +# called by dracut +depends() { + echo network rootfs-block +} + +# called by dracut +installkernel() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + local _funcs='iscsi_register_transport' + + instmods bnx2i qla4xxx cxgb3i cxgb4i be2iscsi qedi + hostonly="" instmods iscsi_tcp iscsi_ibft crc32c iscsi_boot_sysfs 8021q + + if [ "$_arch" = "s390" -o "$_arch" = "s390x" ]; then + _s390drivers="=drivers/s390/scsi" + fi + + dracut_instmods -o -s ${_funcs} =drivers/scsi ${_s390drivers:+"$_s390drivers"} +} + +# called by dracut +cmdline() { + local _iscsiconf + _iscsiconf=$(install_ibft) + { + if [ "$_iscsiconf" ]; then + echo "${_iscsiconf}" + else + install_softiscsi + fi + } | sort | uniq +} + +# called by dracut +install() { + inst_multiple -o iscsiuio + inst_libdir_file 'libgcc_s.so*' + inst_multiple umount iscsi-iname iscsiadm iscsid + inst_binary sort + + inst_multiple -o \ + "$systemdsystemunitdir"/iscsid.socket \ + "$systemdsystemunitdir"/iscsid.service \ + "$systemdsystemunitdir"/iscsiuio.service \ + "$systemdsystemunitdir"/iscsiuio.socket \ + "$systemdsystemunitdir"/sockets.target.wants/iscsid.socket \ + "$systemdsystemunitdir"/sockets.target.wants/iscsiuio.socket + + if [[ $hostonly ]]; then + local -a _filenames + + inst_dir /etc/iscsi + mapfile -t -d '' _filenames < <(find /etc/iscsi -type f -print0) + inst_multiple "${_filenames[@]}" + else + inst_simple /etc/iscsi/iscsid.conf + fi + + # Detect iBFT and perform mandatory steps + if [[ $hostonly_cmdline == "yes" ]]; then + local _iscsiconf + _iscsiconf=$(cmdline) + [[ $_iscsiconf ]] && printf "%s\n" "$_iscsiconf" >> "${initdir}/etc/cmdline.d/95iscsi.conf" + fi + + inst_hook cmdline 90 "$moddir/parse-iscsiroot.sh" + inst_hook cleanup 90 "$moddir/cleanup-iscsi.sh" + inst "$moddir/iscsiroot.sh" "/sbin/iscsiroot" + + if ! dracut_module_included "systemd"; then + inst "$moddir/mount-lun.sh" "/bin/mount-lun.sh" + else + inst_multiple -o \ + "$systemdsystemunitdir"/iscsi.service \ + "$systemdsystemunitdir"/iscsi-init.service \ + "$systemdsystemunitdir"/iscsid.service \ + "$systemdsystemunitdir"/iscsid.socket \ + "$systemdsystemunitdir"/iscsiuio.service \ + "$systemdsystemunitdir"/iscsiuio.socket \ + iscsiadm iscsid + + for i in \ + iscsid.socket \ + iscsiuio.socket; do + $SYSTEMCTL -q --root "$initdir" enable "$i" + done + + mkdir -p "${initdir}/$systemdsystemunitdir/iscsid.service.d" + { + echo "[Unit]" + echo "DefaultDependencies=no" + echo "Conflicts=shutdown.target" + echo "Before=shutdown.target" + } > "${initdir}/$systemdsystemunitdir/iscsid.service.d/dracut.conf" + + mkdir -p "${initdir}/$systemdsystemunitdir/iscsid.socket.d" + { + echo "[Unit]" + echo "DefaultDependencies=no" + echo "Conflicts=shutdown.target" + echo "Before=shutdown.target sockets.target" + } > "${initdir}/$systemdsystemunitdir/iscsid.socket.d/dracut.conf" + + mkdir -p "${initdir}/$systemdsystemunitdir/iscsiuio.service.d" + { + echo "[Unit]" + echo "DefaultDependencies=no" + echo "Conflicts=shutdown.target" + echo "Before=shutdown.target" + } > "${initdir}/$systemdsystemunitdir/iscsiuio.service.d/dracut.conf" + + mkdir -p "${initdir}/$systemdsystemunitdir/iscsiuio.socket.d" + { + echo "[Unit]" + echo "DefaultDependencies=no" + echo "Conflicts=shutdown.target" + echo "Before=shutdown.target sockets.target" + } > "${initdir}/$systemdsystemunitdir/iscsiuio.socket.d/dracut.conf" + + # Fedora 34 iscsid requires iscsi-shutdown.service + # which would terminate all iSCSI connections on switch root + cat > "${initdir}/$systemdsystemunitdir/iscsi-shutdown.service" << EOF +[Unit] +Description=Dummy iscsi-shutdown.service for the initrd +Documentation=man:iscsid(8) man:iscsiadm(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-remount-fs.service network.target iscsid.service iscsiuio.service +Before=remote-fs-pre.target + +[Service] +Type=oneshot +RemainAfterExit=false +ExecStart=-/usr/bin/true +EOF + fi + inst_dir /var/lib/iscsi + mkdir -p "${initdir}/var/lib/iscsi/nodes" + # Fedora 34 iscsid wants a non-empty /var/lib/iscsi/nodes directory + : > "${initdir}/var/lib/iscsi/nodes/.dracut" + dracut_need_initqueue +} diff --git a/modules.d/95iscsi/mount-lun.sh b/modules.d/95iscsi/mount-lun.sh new file mode 100755 index 0000000..c186984 --- /dev/null +++ b/modules.d/95iscsi/mount-lun.sh @@ -0,0 +1,15 @@ +#!/bin/sh +if [ -z "$iscsi_lun" ]; then + iscsi_lun=0 +fi +NEWROOT=${NEWROOT:-/sysroot} + +for disk in /dev/disk/by-path/*-iscsi-*-"$iscsi_lun"; do + if mount -t "${fstype:-auto}" -o "$rflags" "$disk" "$NEWROOT"; then + if [ ! -d "$NEWROOT"/proc ]; then + umount "$disk" + continue + fi + break + fi +done diff --git a/modules.d/95iscsi/parse-iscsiroot.sh b/modules.d/95iscsi/parse-iscsiroot.sh new file mode 100755 index 0000000..7574711 --- /dev/null +++ b/modules.d/95iscsi/parse-iscsiroot.sh @@ -0,0 +1,156 @@ +#!/bin/sh +# +# Preferred format: +# root=iscsi:[<servername>]:[<protocol>]:[<port>]:[<LUN>]:<targetname> +# [root=*] netroot=iscsi:[<servername>]:[<protocol>]:[<port>]:[<LUN>]:<targetname> +# +# Legacy formats: +# [net]root=[iscsi] iscsiroot=[<servername>]:[<protocol>]:[<port>]:[<LUN>]:<targetname> +# [net]root=[iscsi] iscsi_firmware +# +# root= takes precedence over netroot= if root=iscsi[...] +# + +# This script is sourced, so root should be set. But let's be paranoid +[ -z "$root" ] && root=$(getarg root=) +if [ -z "$netroot" ]; then + for nroot in $(getargs netroot=); do + [ "${nroot%%:*}" = "iscsi" ] && break + done + if [ "${nroot%%:*}" = "iscsi" ]; then + netroot="$nroot" + else + for nroot in $(getargs netroot=); do + [ "${nroot%%:*}" = "dhcp" ] && break + done + netroot="$nroot" + fi +fi +[ -z "$iscsiroot" ] && iscsiroot=$(getarg iscsiroot=) +[ -z "$iscsi_firmware" ] && getargbool 0 rd.iscsi.firmware -y iscsi_firmware && iscsi_firmware="1" + +[ -n "$iscsiroot" ] && [ -n "$iscsi_firmware" ] && die "Mixing iscsiroot and iscsi_firmware is dangerous" + +type write_fs_tab > /dev/null 2>&1 || . /lib/fs-lib.sh + +# Root takes precedence over netroot +if [ "${root%%:*}" = "iscsi" ]; then + if [ -n "$netroot" ]; then + echo "Warning: root takes precedence over netroot. Ignoring netroot" + fi + netroot=$root + # if root is not specified try to mount the whole iSCSI LUN + printf 'ENV{DEVTYPE}!="partition", SYMLINK=="disk/by-path/*-iscsi-*-*", SYMLINK+="root"\n' >> /etc/udev/rules.d/99-iscsi-root.rules + [ -n "$DRACUT_SYSTEMD" ] && systemctl is-active systemd-udevd && udevadm control --reload-rules + root=/dev/root + + write_fs_tab /dev/root +fi + +# If it's not empty or iscsi we don't continue +for nroot in $(getargs netroot); do + [ "${nroot%%:*}" = "iscsi" ] || continue + netroot="$nroot" + break +done + +# Root takes precedence over netroot +if [ "${root}" = "/dev/root" ] && getarg "netroot=dhcp"; then + # if root is not specified try to mount the whole iSCSI LUN + printf 'ENV{DEVTYPE}!="partition", SYMLINK=="disk/by-path/*-iscsi-*-*", SYMLINK+="root"\n' >> /etc/udev/rules.d/99-iscsi-root.rules + [ -n "$DRACUT_SYSTEMD" ] && systemctl is-active systemd-udevd && udevadm control --reload-rules +fi + +if [ -n "$iscsiroot" ]; then + [ -z "$netroot" ] && netroot=$root + + # @deprecated + echo "Warning: Argument iscsiroot is deprecated and might be removed in a future" + echo "release. See 'man dracut.kernel' for more information." + + # Accept iscsiroot argument? + [ -z "$netroot" ] || [ "$netroot" = "iscsi" ] \ + || die "Argument iscsiroot only accepted for empty root= or [net]root=iscsi" + + # Override root with iscsiroot content? + [ -z "$netroot" ] || [ "$netroot" = "iscsi" ] && netroot=iscsi:$iscsiroot +fi + +# iscsi_firmware does not need argument checking +if [ -n "$iscsi_firmware" ]; then + if [ "$root" != "dhcp" ] && [ "$netroot" != "dhcp" ]; then + [ -z "$netroot" ] && netroot=iscsi: + fi + modprobe -b -q iscsi_boot_sysfs 2> /dev/null + modprobe -b -q iscsi_ibft + # if no ip= is given, but firmware + echo "${DRACUT_SYSTEMD+systemctl is-active initrd-root-device.target || }[ -f '/tmp/iscsistarted-firmware' ]" > "$hookdir"/initqueue/finished/iscsi_started.sh + initqueue --unique --online /sbin/iscsiroot online "iscsi:" "$NEWROOT" + initqueue --unique --onetime --timeout /sbin/iscsiroot timeout "iscsi:" "$NEWROOT" + initqueue --unique --onetime --settled /sbin/iscsiroot online "iscsi:" "'$NEWROOT'" +fi + +# ISCSI actually supported? +if ! [ -e /sys/module/iscsi_tcp ]; then + modprobe -b -q iscsi_tcp || die "iscsiroot requested but kernel/initrd does not support iscsi" +fi + +modprobe --all -b -q qla4xxx cxgb3i cxgb4i bnx2i be2iscsi + +if [ -n "$netroot" ] && [ "$root" != "/dev/root" ] && [ "$root" != "dhcp" ]; then + if ! getargbool 1 rd.neednet > /dev/null || ! getarg "ip="; then + initqueue --unique --onetime --settled /sbin/iscsiroot dummy "'$netroot'" "'$NEWROOT'" + fi +fi + +if arg=$(getarg rd.iscsi.initiator -d iscsi_initiator=) && [ -n "$arg" ] && ! [ -f /run/initiatorname.iscsi ]; then + iscsi_initiator=$arg + echo "InitiatorName=$iscsi_initiator" > /run/initiatorname.iscsi + ln -fs /run/initiatorname.iscsi /dev/.initiatorname.iscsi + rm -f /etc/iscsi/initiatorname.iscsi + mkdir -p /etc/iscsi + ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi + if [ -n "$DRACUT_SYSTEMD" ]; then + systemctl try-restart iscsid + # FIXME: iscsid is not yet ready, when the service is :-/ + sleep 1 + fi +fi + +# If not given on the cmdline and initiator-name available via iBFT +if [ -z "$iscsi_initiator" ] && [ -f /sys/firmware/ibft/initiator/initiator-name ] && ! [ -f /tmp/iscsi_set_initiator ]; then + iscsi_initiator=$(while read -r line || [ -n "$line" ]; do echo "$line"; done < /sys/firmware/ibft/initiator/initiator-name) + if [ -n "$iscsi_initiator" ]; then + echo "InitiatorName=$iscsi_initiator" > /run/initiatorname.iscsi + rm -f /etc/iscsi/initiatorname.iscsi + mkdir -p /etc/iscsi + ln -fs /run/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi + : > /tmp/iscsi_set_initiator + if [ -n "$DRACUT_SYSTEMD" ]; then + systemctl try-restart iscsid + # FIXME: iscsid is not yet ready, when the service is :-/ + sleep 1 + fi + fi +fi + +if [ -z "$netroot" ] || ! [ "${netroot%%:*}" = "iscsi" ]; then + return 1 +fi + +initqueue --unique --onetime --timeout /sbin/iscsiroot timeout "$netroot" "$NEWROOT" + +for nroot in $(getargs netroot); do + [ "${nroot%%:*}" = "iscsi" ] || continue + type parse_iscsi_root > /dev/null 2>&1 || . /lib/net-lib.sh + parse_iscsi_root "$nroot" || return 1 + netroot_enc=$(str_replace "$nroot" '/' '\2f') + echo "${DRACUT_SYSTEMD+systemctl is-active initrd-root-device.target || }[ -f '/tmp/iscsistarted-$netroot_enc' ]" > "$hookdir"/initqueue/finished/iscsi_started.sh +done + +# Done, all good! +# shellcheck disable=SC2034 +rootok=1 + +# Shut up init error check +[ -z "$root" ] && root="iscsi" diff --git a/modules.d/95lunmask/fc_transport_scan_lun.sh b/modules.d/95lunmask/fc_transport_scan_lun.sh new file mode 100755 index 0000000..d14d2ca --- /dev/null +++ b/modules.d/95lunmask/fc_transport_scan_lun.sh @@ -0,0 +1,26 @@ +#!/bin/sh +# +# fc_transport_lun_scan +# +# Selectively enable individual LUNs behind an FC remote port +# +# ACTION=="add", SUBSYSTEM=="fc_transport", ATTR{port_name}=="wwpn", \ +# PROGRAM="fc_transport_lun_scan lun" +# + +[ -z "$DEVPATH" ] && exit 1 + +if [ -n "$1" ]; then + LUN=$1 +else + LUN=- +fi +ID=${DEVPATH##*/rport-} +HOST=${ID%%:*} +CHANNEL=${ID%%-*} +CHANNEL=${CHANNEL#*:} +if [ -f /sys"$DEVPATH"/scsi_target_id ]; then + read -r TARGET < /sys"$DEVPATH"/scsi_target_id +fi +[ -z "$TARGET" ] && exit 1 +echo "$CHANNEL" "$TARGET" $LUN > /sys/class/scsi_host/host"$HOST"/scan diff --git a/modules.d/95lunmask/module-setup.sh b/modules.d/95lunmask/module-setup.sh new file mode 100755 index 0000000..cf6e3d7 --- /dev/null +++ b/modules.d/95lunmask/module-setup.sh @@ -0,0 +1,73 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +# called by dracut +cmdline() { + get_lunmask() { + local _dev=$1 + local _devpath _sdev _lun _rport _end_device _classdev _wwpn _sas_address + _devpath=$( + cd -P /sys/dev/block/"$_dev" || exit + echo "$PWD" + ) + + [ "${_devpath#*/sd}" == "$_devpath" ] && return 1 + _sdev="${_devpath%%/block/*}" + _lun="${_sdev##*:}" + # Check for FibreChannel + _rport="${_devpath##*/rport-}" + if [ "$_rport" != "$_devpath" ]; then + _rport="${_rport%%/*}" + _classdev="/sys/class/fc_remote_ports/rport-${_rport}" + [ -d "$_classdev" ] || return 1 + read -r _wwpn < "${_classdev}"/port_name + echo "rd.lunmask=fc,${_wwpn},${_lun}" + return 0 + fi + # Check for SAS + _end_device="${_devpath##*/end_device-}" + if [ "$_end_device" != "$_devpath" ]; then + _end_device="${_end_device%%/*}" + _classdev="/sys/class/sas_device/end_device-${_end_device}" + [ -e "$_classdev" ] || return 1 + read -r _sas_address < "${_classdev}"/sas_address + echo "rd.lunmask=sas,${_sas_address},${_lun}" + return 0 + fi + return 1 + } + [[ $hostonly ]] || [[ $mount_needs ]] && { + for_each_host_dev_and_slaves_all get_lunmask + } | sort | uniq +} + +# called by dracut +check() { + [[ $hostonly ]] || [[ $mount_needs ]] && { + [ -w /sys/module/scsi_mod/parameters/scan ] || return 255 + read -r scan_type < /sys/module/scsi_mod/parameters/scan + [ "$scan_type" = "manual" ] && return 0 + return 255 + } + return 0 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_script "$moddir/fc_transport_scan_lun.sh" /usr/lib/udev/fc_transport_scan_lun.sh + inst_script "$moddir/sas_transport_scan_lun.sh" /usr/lib/udev/sas_transport_scan_lun.sh + inst_hook cmdline 30 "$moddir/parse-lunmask.sh" + if [[ $hostonly_cmdline == "yes" ]]; then + local _lunmask + + for _lunmask in $(cmdline); do + printf "%s\n" "$_lunmask" >> "${initdir}/etc/cmdline.d/95lunmask.conf" + done + fi +} diff --git a/modules.d/95lunmask/parse-lunmask.sh b/modules.d/95lunmask/parse-lunmask.sh new file mode 100755 index 0000000..5e05e5b --- /dev/null +++ b/modules.d/95lunmask/parse-lunmask.sh @@ -0,0 +1,40 @@ +#!/bin/sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +create_udev_rule() { + local transport="$1" + local tgtid="$2" + local lun="$3" + local _rule=/etc/udev/rules.d/51-"${transport}"-lunmask-"${tgtid}".rules + + [ -e "${_rule}" ] && return 0 + + if [ ! -f "$_rule" ]; then + if [ "$transport" = "fc" ]; then + cat > "$_rule" << EOF +ACTION=="add", SUBSYSTEM=="fc_remote_ports", ATTR{port_name}=="$tgtid", PROGRAM="fc_transport_scan_lun.sh $lun" +EOF + elif [ "$transport" = "sas" ]; then + cat > "$_rule" << EOF +ACTION=="add", SUBSYSTEM=="sas_device", ATTR{sas_address}=="$tgtid", PROGRAM="sas_transport_scan_lun.sh $lun" +EOF + fi + fi +} + +for lunmask_arg in $(getargs rd.lunmask); do + ( + local OLDIFS="$IFS" + local IFS="," + # shellcheck disable=SC2086 + set $lunmask_arg + IFS="$OLDIFS" + if [ -d /sys/module/scsi_mod ]; then + printf "manual" > /sys/module/scsi_mod/parameters/scan + elif [ ! -f /etc/modprobe.d/95lunmask.conf ]; then + echo "options scsi_mod scan=manual" > /etc/modprobe.d/95lunmask.conf + fi + create_udev_rule "$1" "$2" "$3" + ) +done diff --git a/modules.d/95lunmask/sas_transport_scan_lun.sh b/modules.d/95lunmask/sas_transport_scan_lun.sh new file mode 100755 index 0000000..1d1fc47 --- /dev/null +++ b/modules.d/95lunmask/sas_transport_scan_lun.sh @@ -0,0 +1,26 @@ +#!/bin/sh +# +# sas_transport_lun_scan +# +# Selectively enable individual LUNs behind a SAS end device +# +# ACTION=="add", SUBSYSTEM=="sas_transport", ATTR{sas_address}=="sas_addr", \ +# PROGRAM="sas_transport_lun_scan lun" +# + +[ -z "$DEVPATH" ] && exit 1 + +if [ -n "$1" ]; then + LUN=$1 +else + LUN=- +fi +ID=${DEVPATH##*/end_device-} +HOST=${ID%%:*} +CHANNEL=${ID%%-*} +CHANNEL=${CHANNEL#*:} +if [ -f /sys"$DEVPATH"/scsi_target_id ]; then + read -r TARGET < /sys"$DEVPATH"/scsi_target_id +fi +[ -z "$TARGET" ] && exit 1 +echo 0 "$TARGET" $LUN > /sys/class/scsi_host/host"$HOST"/scan diff --git a/modules.d/95nbd/module-setup.sh b/modules.d/95nbd/module-setup.sh new file mode 100755 index 0000000..aa3570a --- /dev/null +++ b/modules.d/95nbd/module-setup.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +# called by dracut +check() { + local _rootdev + + # if an nbd device is not somewhere in the chain of devices root is + # mounted on, fail the hostonly check. + [[ $hostonly ]] || [[ $mount_needs ]] && { + _rootdev=$(find_root_block_device) + [[ -b /dev/block/$_rootdev ]] || return 1 + check_block_and_slaves block_is_nbd "$_rootdev" || return 255 + } + require_binaries nbd-client || return 1 + + return 0 +} + +# called by dracut +depends() { + # We depend on network modules being loaded + echo network rootfs-block +} + +# called by dracut +installkernel() { + instmods nbd +} + +# called by dracut +install() { + inst nbd-client + inst_hook cmdline 90 "$moddir/parse-nbdroot.sh" + inst_script "$moddir/nbdroot.sh" "/sbin/nbdroot" + if dracut_module_included "systemd-initrd"; then + inst_script "$moddir/nbd-generator.sh" "$systemdutildir"/system-generators/dracut-nbd-generator + fi + dracut_need_initqueue +} diff --git a/modules.d/95nbd/nbd-generator.sh b/modules.d/95nbd/nbd-generator.sh new file mode 100755 index 0000000..38603bf --- /dev/null +++ b/modules.d/95nbd/nbd-generator.sh @@ -0,0 +1,64 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +[ -z "$root" ] && root=$(getarg root=) + +[ "${root%%:*}" = "nbd" ] || exit 0 + +GENERATOR_DIR="$2" +[ -z "$GENERATOR_DIR" ] && exit 1 + +[ -d "$GENERATOR_DIR" ] || mkdir -p "$GENERATOR_DIR" + +ROOTFLAGS="$(getarg rootflags)" + +nroot=${root#nbd:} +nbdserver=${nroot%%:*} +if [ "${nbdserver%"${nbdserver#?}"}" = "[" ]; then + nbdserver=${nroot#[} + nbdserver=${nbdserver%%]:*}\] + nroot=${nroot#*]:} +else + nroot=${nroot#*:} +fi +nbdport=${nroot%%:*} +nroot=${nroot#*:} +nbdfstype=${nroot%%:*} +nroot=${nroot#*:} +nbdflags=${nroot%%:*} + +if [ "$nbdflags" = "$nbdfstype" ]; then + unset nbdflags +fi +if [ "$nbdfstype" = "$nbdport" ]; then + unset nbdfstype +fi + +[ -n "$nbdflags" ] && ROOTFLAGS="$nbdflags" + +if getarg "ro"; then + if [ -n "$ROOTFLAGS" ]; then + ROOTFLAGS="$ROOTFLAGS,ro" + else + ROOTFLAGS="ro" + fi +fi + +if [ -n "$nbdfstype" ]; then + ROOTFSTYPE="$nbdfstype" +else + ROOTFSTYPE=$(getarg rootfstype=) || unset ROOTFSTYPE +fi + +{ + echo "[Unit]" + echo "Before=initrd-root-fs.target" + echo "[Mount]" + echo "Where=/sysroot" + echo "What=/dev/root" + [ -n "$ROOTFSTYPE" ] && echo "Type=${ROOTFSTYPE}" + [ -n "$ROOTFLAGS" ] && echo "Options=${ROOTFLAGS}" +} > "$GENERATOR_DIR"/sysroot.mount + +exit 0 diff --git a/modules.d/95nbd/nbdroot.sh b/modules.d/95nbd/nbdroot.sh new file mode 100755 index 0000000..b1a8030 --- /dev/null +++ b/modules.d/95nbd/nbdroot.sh @@ -0,0 +1,137 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +# Huh? Empty $1? +[ -z "$1" ] && exit 1 + +# Huh? Empty $2? +[ -z "$2" ] && exit 1 + +# Huh? Empty $3? +[ -z "$3" ] && exit 1 + +# root is in the form root=nbd:srv:port[:fstype[:rootflags[:nbdopts]]] +# shellcheck disable=SC2034 +netif="$1" +nroot="$2" +NEWROOT="$3" + +# If it's not nbd we don't continue +[ "${nroot%%:*}" = "nbd" ] || return + +nroot=${nroot#nbd:} +nbdserver=${nroot%%:*} +if [ "${nbdserver%"${nbdserver#?}"}" = "[" ]; then + nbdserver=${nroot#[} + nbdserver=${nbdserver%%]:*} + nroot=${nroot#*]:} +else + nroot=${nroot#*:} +fi +nbdport=${nroot%%:*} +nroot=${nroot#*:} +nbdfstype=${nroot%%:*} +nroot=${nroot#*:} +nbdflags=${nroot%%:*} +nbdopts=${nroot#*:} + +if [ "$nbdopts" = "$nbdflags" ]; then + unset nbdopts +fi +if [ "$nbdflags" = "$nbdfstype" ]; then + unset nbdflags +fi +if [ "$nbdfstype" = "$nbdport" ]; then + unset nbdfstype +fi +if [ -z "$nbdfstype" ]; then + nbdfstype=auto +fi + +# look through the NBD options and pull out the ones that need to +# go before the host etc. Append a ',' so we know we terminate the loop +nbdopts=${nbdopts}, +while [ -n "$nbdopts" ]; do + f=${nbdopts%%,*} + nbdopts=${nbdopts#*,} + if [ -z "$f" ]; then + break + fi + if [ -z "${f%bs=*}" -o -z "${f%timeout=*}" ]; then + preopts="$preopts $f" + continue + fi + opts="$opts $f" +done + +# look through the flags and see if any are overridden by the command line +nbdflags=${nbdflags}, +while [ -n "$nbdflags" ]; do + f=${nbdflags%%,*} + nbdflags=${nbdflags#*,} + if [ -z "$f" ]; then + break + fi + if [ "$f" = "ro" -o "$f" = "rw" ]; then + nbdrw=$f + continue + fi + fsopts=${fsopts:+$fsopts,}$f +done + +getarg ro && nbdrw=ro +getarg rw && nbdrw=rw +fsopts=${fsopts:+$fsopts,}${nbdrw} + +# XXX better way to wait for the device to be made? +i=0 +while [ ! -b /dev/nbd0 ]; do + [ $i -ge 20 ] && exit 1 + udevadm settle --exit-if-exists=/dev/nbd0 + i=$((i + 1)) +done + +# If we didn't get a root= on the command line, then we need to +# add the udev rules for mounting the nbd0 device +if [ "$root" = "block:/dev/root" -o "$root" = "dhcp" ]; then + printf 'KERNEL=="nbd0", ENV{DEVTYPE}!="partition", ENV{ID_FS_TYPE}=="?*", SYMLINK+="root"\n' > /etc/udev/rules.d/99-nbd-root.rules + udevadm control --reload + wait_for_dev -n /dev/root + + if [ -z "$DRACUT_SYSTEMD" ]; then + type write_fs_tab > /dev/null 2>&1 || . /lib/fs-lib.sh + + write_fs_tab /dev/root "$nbdfstype" "$fsopts" + + printf '/bin/mount %s\n' \ + "$NEWROOT" \ + > "$hookdir"/mount/01-$$-nbd.sh + else + mkdir -p /run/systemd/system/sysroot.mount.d + cat << EOF > /run/systemd/system/sysroot.mount.d/dhcp.conf +[Mount] +Where=/sysroot +What=/dev/root +Type=$nbdfstype +Options=$fsopts +EOF + systemctl --no-block daemon-reload + fi + # if we're on systemd, use the nbd-generator script + # to create the /sysroot mount. +fi + +if ! [ "$nbdport" -gt 0 ] 2> /dev/null; then + nbdport="-name $nbdport" +fi + +if ! nbd-client -check /dev/nbd0 > /dev/null; then + # shellcheck disable=SC2086 + nbd-client -p -systemd-mark "$nbdserver" $nbdport /dev/nbd0 $opts || exit 1 +fi + +need_shutdown +exit 0 diff --git a/modules.d/95nbd/parse-nbdroot.sh b/modules.d/95nbd/parse-nbdroot.sh new file mode 100755 index 0000000..1c3f0a0 --- /dev/null +++ b/modules.d/95nbd/parse-nbdroot.sh @@ -0,0 +1,64 @@ +#!/bin/sh +# +# Preferred format: +# root=nbd:srv:port/exportname[:fstype[:rootflags[:nbdopts]]] +# [root=*] netroot=nbd:srv:port/exportname[:fstype[:rootflags[:nbdopts]]] +# +# nbdopts is a comma separated list of options to give to nbd-client +# +# root= takes precedence over netroot= if root=nbd[...] +# + +# This script is sourced, so root should be set. But let's be paranoid +[ -z "$root" ] && root=$(getarg root=) + +if [ -z "$netroot" ]; then + for netroot in $(getargs netroot=); do + [ "${netroot%%:*}" = "nbd" ] && break + done + [ "${netroot%%:*}" = "nbd" ] || unset netroot +fi + +# Root takes precedence over netroot +if [ "${root%%:*}" = "nbd" ]; then + if [ -n "$netroot" ]; then + warn "root takes precedence over netroot. Ignoring netroot" + + fi + netroot=$root + unset root +fi + +# If it's not nbd we don't continue +[ "${netroot%%:*}" = "nbd" ] || return + +# Check required arguments +nroot=${netroot#nbd:} +server=${nroot%%:*} +if [ "${server%"${server#?}"}" = "[" ]; then + server=${nroot#[} + server=${server%%]:*}\] + nroot=${nroot#*]:} +else + nroot=${nroot#*:} +fi +port=${nroot%%:*} +unset nroot + +[ -z "$server" ] && die "Argument server for nbdroot is missing" +[ -z "$port" ] && die "Argument port for nbdroot is missing" + +# NBD actually supported? +incol2 /proc/devices nbd || modprobe nbd || die "nbdroot requested but kernel/initrd does not support nbd" + +# Done, all good! +# shellcheck disable=SC2034 +rootok=1 + +# Shut up init error check +if [ -z "$root" ]; then + root=block:/dev/root + # the device is created and waited for in ./nbdroot.sh +fi + +echo 'nbd-client -check /dev/nbd0 > /dev/null 2>&1' > "$hookdir"/initqueue/finished/nbdroot.sh diff --git a/modules.d/95nfs/module-setup.sh b/modules.d/95nfs/module-setup.sh new file mode 100755 index 0000000..16bafe3 --- /dev/null +++ b/modules.d/95nfs/module-setup.sh @@ -0,0 +1,138 @@ +#!/bin/bash + +# return value: +# 'nfs4': Only nfs4 founded +# 'nfs': nfs with version < 4 founded +# '': No nfs founded +get_nfs_type() { + local _nfs _nfs4 + + for fs in "${host_fs_types[@]}"; do + [[ $fs == "nfs" ]] && _nfs=1 + [[ $fs == "nfs3" ]] && _nfs=1 + [[ $fs == "nfs4" ]] && _nfs4=1 + done + + [[ "$_nfs" ]] && echo "nfs" && return + [[ "$_nfs4" ]] && echo "nfs4" && return +} + +# called by dracut +check() { + # If our prerequisites are not met, fail anyways. + require_any_binary rpcbind portmap || return 1 + require_binaries rpc.statd mount.nfs mount.nfs4 umount sed chmod chown || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + [[ "$(get_nfs_type)" ]] && return 0 + return 255 + } + return 0 +} + +# called by dracut +depends() { + # We depend on network modules being loaded + echo network +} + +# called by dracut +installkernel() { + hostonly=$(optional_hostonly) instmods '=net/sunrpc' '=fs/nfs' ipv6 nfs_acl nfs_layout_nfsv41_files +} + +cmdline() { + local nfs_device + local nfs_options + local nfs_root + local nfs_address + local lookup + + ### nfsroot= ### + nfs_device=$(findmnt -t nfs4 -n -o SOURCE /) + if [ -n "$nfs_device" ]; then + nfs_root="root=nfs4:$nfs_device" + else + nfs_device=$(findmnt -t nfs -n -o SOURCE /) + [ -z "$nfs_device" ] && return + nfs_root="root=nfs:$nfs_device" + fi + nfs_options=$(findmnt -t nfs4,nfs -n -o OPTIONS /) + [ -n "$nfs_options" ] && nfs_root="$nfs_root:$nfs_options" + echo "$nfs_root" + + ### ip= ### + if [[ $nfs_device =~ [0-9]*\.[0-9]*\.[0-9]*.[0-9]* ]] || [[ $nfs_device =~ \[[^]]*\] ]]; then + nfs_address="${nfs_device%%:*}" + else + lookup=$(host "${nfs_device%%:*}" | grep " address " | head -n1) + nfs_address=${lookup##* } + fi + + [[ $nfs_address ]] || return + ip_params_for_remote_addr "$nfs_address" +} + +# called by dracut +install() { + local _nsslibs + inst_multiple -o rpc.idmapd mount.nfs mount.nfs4 umount sed /etc/netconfig chmod chown "$tmpfilesdir/rpcbind.conf" + inst_multiple -o /etc/idmapd.conf + inst_multiple -o /etc/services /etc/nsswitch.conf /etc/rpc /etc/protocols + inst_multiple -o /usr/etc/services /usr/etc/nsswitch.conf /usr/etc/rpc /usr/etc/protocols + + if [[ $hostonly_cmdline == "yes" ]]; then + local _netconf + _netconf="$(cmdline)" + [[ $_netconf ]] && printf "%s\n" "$_netconf" >> "${initdir}/etc/cmdline.d/95nfs.conf" + fi + + if [[ -f $dracutsysrootdir/lib/modprobe.d/nfs.conf ]]; then + inst_multiple /lib/modprobe.d/nfs.conf + else + [[ -d $initdir/etc/modprobe.d ]] || mkdir -p "$initdir"/etc/modprobe.d + echo "alias nfs4 nfs" > "$initdir"/etc/modprobe.d/nfs.conf + fi + + inst_libdir_file 'libnfsidmap_nsswitch.so*' 'libnfsidmap/*.so' 'libnfsidmap*.so*' + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + inst_hook cmdline 90 "$moddir/parse-nfsroot.sh" + inst_hook pre-udev 99 "$moddir/nfs-start-rpc.sh" + inst_hook cleanup 99 "$moddir/nfsroot-cleanup.sh" + inst "$moddir/nfsroot.sh" "/sbin/nfsroot" + + # For strict hostonly, only install rpcbind for NFS < 4 + if [[ $hostonly_mode != "strict" ]] || [[ "$(get_nfs_type)" != "nfs4" ]]; then + inst_multiple -o portmap rpcbind rpc.statd + fi + + inst "$moddir/nfs-lib.sh" "/lib/nfs-lib.sh" + mkdir -m 0755 -p "$initdir/var/lib/nfs" + mkdir -m 0755 -p "$initdir/var/lib/nfs/rpc_pipefs" + mkdir -m 0770 -p "$initdir/var/lib/rpcbind" + [ -d "/var/lib/nfs/statd/sm" ] && mkdir -m 0755 -p "$initdir/var/lib/nfs/statd/sm" + [ -d "/var/lib/nfs/sm" ] && mkdir -m 0755 -p "$initdir/var/lib/nfs/sm" + + # Rather than copy the passwd file in, just set a user for rpcbind + # We'll save the state and restart the daemon from the root anyway + grep -E '^nfsnobody:|^rpc:|^rpcuser:' "$dracutsysrootdir"/etc/passwd >> "$initdir/etc/passwd" + grep -E '^nogroup:|^rpc:|^nobody:' "$dracutsysrootdir"/etc/group >> "$initdir/etc/group" + + # rpc user needs to be able to write to this directory to save the warmstart + # file + chmod 770 "$initdir/var/lib/rpcbind" + grep -q '^rpc:' "$dracutsysrootdir"/etc/passwd \ + && grep -q '^rpc:' "$dracutsysrootdir"/etc/group + + dracut_need_initqueue +} diff --git a/modules.d/95nfs/nfs-lib.sh b/modules.d/95nfs/nfs-lib.sh new file mode 100755 index 0000000..f000671 --- /dev/null +++ b/modules.d/95nfs/nfs-lib.sh @@ -0,0 +1,157 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +. /lib/net-lib.sh + +# TODO: make these things not pollute the calling namespace + +# nfs_to_var NFSROOT [NETIF] +# use NFSROOT to set $nfs, $server, $path, and $options. +# NFSROOT is something like: nfs[4]:<server>:/<path>[:<options>|,<options>] +# NETIF is used to get information from DHCP options, if needed. +nfs_to_var() { + # Unfortunately, there's multiple styles of nfs "URL" in use, so we need + # extra functions to parse them into $nfs, $server, $path, and $options. + # FIXME: local netif=${2:-$netif}? + case "$1" in + nfs://*) rfc2224_nfs_to_var "$1" ;; + nfs:*[*) anaconda_nfsv6_to_var "$1" ;; + nfs:*:*:/*) anaconda_nfs_to_var "$1" ;; + *) nfsroot_to_var "$1" ;; + esac + # if anything's missing, try to fill it in from DHCP options + if [ -z "$server" ] || [ -z "$path" ]; then nfsroot_from_dhcp "$2"; fi + # if there's a "%s" in the path, replace it with the hostname/IP + if strstr "$path" "%s"; then + local node="" + read -r node < /proc/sys/kernel/hostname + [ "$node" = "(none)" ] && node=$(get_ip "$2") + path=${path%%%s*}$node${path#*%s} # replace only the first %s + fi +} + +# root=nfs:[<server-ip>:]<root-dir>[:<nfs-options>] +# root=nfs4:[<server-ip>:]<root-dir>[:<nfs-options>] +nfsroot_to_var() { + # strip nfs[4]: + local arg="$*:" + nfs="${arg%%:*}" + arg="${arg##"$nfs":}" + + # check if we have a server + if strstr "$arg" ':/'; then + server="${arg%%:/*}" + arg="/${arg##*:/}" + fi + + path="${arg%%:*}" + + # rest are options + options="${arg##"$path"}" + # strip leading ":" + options="${options##:}" + # strip ":" + options="${options%%:}" + + # Does it really start with '/'? + [ -n "${path%%/*}" ] && path="error" + + #Fix kernel legacy style separating path and options with ',' + if [ "$path" != "${path#*,}" ]; then + options=${path#*,} + path=${path%%,*} + fi +} + +# RFC2224: nfs://<server>[:<port>]/<path> +rfc2224_nfs_to_var() { + nfs="nfs" + server="${1#nfs://}" + path="/${server#*/}" + server="${server%%/*}" + server="${server%%:}" # anaconda compat (nfs://<server>:/<path>) + local port="${server##*:}" + [ "$port" != "$server" ] && options="port=$port" +} + +# Anaconda-style path with options: nfs:<options>:<server>:/<path> +# (without mount options, anaconda is the same as dracut) +anaconda_nfs_to_var() { + nfs="nfs" + options="${1#nfs:}" + server="${options#*:}" + server="${server%:/*}" + options="${options%%:*}" + path="/${1##*:/}" +} + +# IPv6 nfs path will be treated separately +anaconda_nfsv6_to_var() { + nfs="nfs" + path="$1" + options="${path#*:/}" + path="/${options%%:*}" + server="${1#*nfs:}" + if str_starts "$server" '['; then + server="${server%:/*}" + options="${options#*:*}" + else + server="${server%:/*}" + options="${server%%:*}" + server="${server#*:}" + fi +} + +# nfsroot_from_dhcp NETIF +# fill in missing server/path from DHCP options. +nfsroot_from_dhcp() { + local f + for f in /tmp/net.$1.override /tmp/dhclient.$1.dhcpopts; do + # shellcheck disable=SC1090 + [ -f "$f" ] && . "$f" + done + [ -n "$new_root_path" ] && nfsroot_to_var "$nfs:$new_root_path" + [ -z "$path" ] && [ "$(getarg root=)" = "/dev/nfs" ] && path=/tftpboot/%s + [ -z "$server" ] && server=$srv + [ -z "$server" ] && server=$new_next_server + [ -z "$server" ] && server=$new_dhcp_server_identifier + [ -z "$server" ] && server=${new_root_path%%:*} +} + +# Look through $options, fix "rw"/"ro", move "lock"/"nolock" to $nfslock +munge_nfs_options() { + local f="" flags="" nfsrw="ro" OLDIFS="$IFS" + IFS=, + for f in $options; do + case $f in + ro | rw) nfsrw=$f ;; + lock | nolock) nfslock=$f ;; + *) flags=${flags:+$flags,}$f ;; + esac + done + IFS="$OLDIFS" + + # Override rw/ro if set on cmdline + getarg ro > /dev/null && nfsrw=ro + getarg rw > /dev/null && nfsrw=rw + + options=$nfsrw${flags:+,$flags} +} + +# mount_nfs NFSROOT MNTDIR [NETIF] +mount_nfs() { + local nfsroot="$1" mntdir="$2" netif="$3" + local nfs="" server="" path="" options="" + nfs_to_var "$nfsroot" "$netif" + munge_nfs_options + if [ "$nfs" = "nfs4" ]; then + options=$options${nfslock:+,$nfslock} + else + # NFSv{2,3} doesn't support using locks as it requires a helper to + # transfer the rpcbind state to the new root + [ "$nfslock" = "lock" ] \ + && warn "Locks unsupported on NFSv{2,3}, using nolock" 1>&2 + options=$options,nolock + fi + mount -t "$nfs" -o"$options" "$server:$path" "$mntdir" +} diff --git a/modules.d/95nfs/nfs-start-rpc.sh b/modules.d/95nfs/nfs-start-rpc.sh new file mode 100755 index 0000000..52f6a4d --- /dev/null +++ b/modules.d/95nfs/nfs-start-rpc.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +if load_fstype sunrpc rpc_pipefs; then + [ ! -d /var/lib/nfs/rpc_pipefs/nfs ] \ + && mount -t rpc_pipefs rpc_pipefs /var/lib/nfs/rpc_pipefs + + # Start rpcbind or rpcbind + # FIXME occasionally saw 'rpcbind: fork failed: No such device' -- why? + command -v portmap > /dev/null && [ -z "$(pidof portmap)" ] && portmap + if command -v rpcbind > /dev/null && [ -z "$(pidof rpcbind)" ]; then + mkdir -p /run/rpcbind + chown rpc:rpc /run/rpcbind + rpcbind + fi + + # Start rpc.statd as mount won't let us use locks on a NFSv4 + # filesystem without talking to it. NFSv4 does locks internally, + # rpc.lockd isn't needed + command -v rpc.statd > /dev/null && [ -z "$(pidof rpc.statd)" ] && rpc.statd + command -v rpc.idmapd > /dev/null && [ -z "$(pidof rpc.idmapd)" ] && rpc.idmapd +else + warn 'Kernel module "sunrpc" not in the initramfs, or support for filesystem "rpc_pipefs" missing!' +fi diff --git a/modules.d/95nfs/nfsroot-cleanup.sh b/modules.d/95nfs/nfsroot-cleanup.sh new file mode 100755 index 0000000..d99519b --- /dev/null +++ b/modules.d/95nfs/nfsroot-cleanup.sh @@ -0,0 +1,29 @@ +#!/bin/sh + +type incol2 > /dev/null 2>&1 || . /lib/dracut-lib.sh + +[ -f /tmp/nfs.rpc_pipefs_path ] && read -r rpcpipefspath < /tmp/nfs.rpc_pipefs_path +[ -z "$rpcpipefspath" ] && rpcpipefspath=var/lib/nfs/rpc_pipefs + +pid=$(pidof rpc.statd) +[ -n "$pid" ] && kill "$pid" + +pid=$(pidof rpc.idmapd) +[ -n "$pid" ] && kill "$pid" + +pid=$(pidof rpcbind) +[ -n "$pid" ] && kill "$pid" + +if incol2 /proc/mounts /var/lib/nfs/rpc_pipefs; then + # try to create the destination directory + [ -d "$NEWROOT"/$rpcpipefspath ] \ + || mkdir -m 0755 -p "$NEWROOT"/$rpcpipefspath 2> /dev/null + + if [ -d "$NEWROOT"/$rpcpipefspath ]; then + # mount --move does not seem to work??? + mount --bind /var/lib/nfs/rpc_pipefs "$NEWROOT"/$rpcpipefspath + umount /var/lib/nfs/rpc_pipefs 2> /dev/null + else + umount /var/lib/nfs/rpc_pipefs 2> /dev/null + fi +fi diff --git a/modules.d/95nfs/nfsroot.sh b/modules.d/95nfs/nfsroot.sh new file mode 100755 index 0000000..794e0d8 --- /dev/null +++ b/modules.d/95nfs/nfsroot.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +. /lib/nfs-lib.sh + +[ "$#" = 3 ] || exit 1 + +# root is in the form root=nfs[4]:[server:]path[:options], either from +# cmdline or dhcp root-path +netif="$1" +root="$2" +NEWROOT="$3" + +nfs_to_var "$root" "$netif" +[ -z "$server" ] && die "Required parameter 'server' is missing" + +mount_nfs "$root" "$NEWROOT" "$netif" && { + [ -e /dev/root ] || ln -s null /dev/root + [ -e /dev/nfs ] || ln -s null /dev/nfs +} + +[ -f "$NEWROOT"/etc/fstab ] && cat "$NEWROOT"/etc/fstab > /dev/null + +# inject new exit_if_exists +# shellcheck disable=SC2016 +echo 'settle_exit_if_exists="--exit-if-exists=/dev/root"; rm -- "$job"' > "$hookdir"/initqueue/nfs.sh +# force udevsettle to break +: > "$hookdir"/initqueue/work + +need_shutdown diff --git a/modules.d/95nfs/parse-nfsroot.sh b/modules.d/95nfs/parse-nfsroot.sh new file mode 100755 index 0000000..0c8dbbb --- /dev/null +++ b/modules.d/95nfs/parse-nfsroot.sh @@ -0,0 +1,128 @@ +#!/bin/sh +# +# Preferred format: +# root=nfs[4]:[server:]path[:options] +# +# This syntax can come from DHCP root-path as well. +# +# Legacy format: +# root=/dev/nfs nfsroot=[server:]path[,options] +# +# In Legacy root=/dev/nfs mode, if the 'nfsroot' parameter is not given +# on the command line or is empty, the dhcp root-path is used as +# [server:]path[:options] or the default "/tftpboot/%s" will be used. +# +# If server is unspecified it will be pulled from one of the following +# sources, in order: +# static ip= option on kernel command line +# DHCP next-server option +# DHCP server-id option +# DHCP root-path option +# +# NFSv4 is only used if explicitly requested with nfs4: prefix, otherwise +# NFSv3 is used. +# + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +. /lib/nfs-lib.sh + +# This script is sourced, so root should be set. But let's be paranoid +[ -z "$root" ] && root=$(getarg root=) +[ -z "$nfsroot" ] && nfsroot=$(getarg nfsroot=) + +[ -n "$netroot" ] && oldnetroot="$netroot" + +# netroot= cmdline argument must be ignored, but must be used if +# we're inside netroot to parse dhcp root-path +if [ -n "$netroot" ]; then + for n in $(getargs netroot=); do + [ "$n" = "$netroot" ] && break + done + if [ "$n" = "$netroot" ]; then + #warn "Ignoring netroot argument for NFS" + netroot=$root + fi +else + netroot=$root +fi + +# LEGACY: nfsroot= is valid only if root=/dev/nfs +if [ -n "$nfsroot" ]; then + # @deprecated + warn "Argument nfsroot is deprecated and might be removed in a future release. See 'man dracut.kernel' for more information." + if [ "$(getarg root=)" != "/dev/nfs" ]; then + die "Argument nfsroot only accepted for legacy root=/dev/nfs" + fi + netroot=nfs:$nfsroot +fi + +case "$netroot" in + /dev/nfs) netroot=nfs ;; + /dev/*) + if [ -n "$oldnetroot" ]; then + netroot="$oldnetroot" + else + unset netroot + fi + return + ;; + # LEGACY: root=<server-ip>:/<path + [0-9]*:/* | [0-9]*\.[0-9]*\.[0-9]*[!:] | /*) + netroot=nfs:$netroot + ;; +esac + +# Continue if nfs +case "${netroot%%:*}" in + nfs | nfs4 | /dev/nfs) ;; + *) + if [ -n "$oldnetroot" ]; then + netroot="$oldnetroot" + else + unset netroot + fi + return + ;; +esac + +# Check required arguments + +if nfsdomain=$(getarg rd.nfs.domain -d rd_NFS_DOMAIN); then + if [ -f /etc/idmapd.conf ]; then + sed -i -e \ + "s/^[[:space:]#]*Domain[[:space:]]*=.*/Domain = $nfsdomain/g" \ + /etc/idmapd.conf + fi + # and even again after the sed, in case it was not yet specified + echo "Domain = $nfsdomain" >> /etc/idmapd.conf +fi + +nfsroot_to_var "$netroot" +[ "$path" = "error" ] && die "Argument nfsroot must contain a valid path!" + +# Set fstype, might help somewhere +fstype=${nfs#/dev/} + +# Rewrite root so we don't have to parse this ugliness later on again +netroot="$fstype:$server:$path:$options" + +# If we don't have a server, we need dhcp +if [ -z "$server" ]; then + # shellcheck disable=SC2034 + DHCPORSERVER="1" +fi + +# Done, all good! +# shellcheck disable=SC2034 +rootok=1 + +# Shut up init error check or make sure that block parser won't get +# confused by having /dev/nfs[4] +root="$fstype" + +# shellcheck disable=SC2016 +echo '[ -e $NEWROOT/proc ]' > "$hookdir"/initqueue/finished/nfsroot.sh + +mkdir -p /var/lib/rpcbind +chown rpc:rpc /var/lib/rpcbind +chmod 770 /var/lib/rpcbind diff --git a/modules.d/95nvmf/95-nvmf-initqueue.rules b/modules.d/95nvmf/95-nvmf-initqueue.rules new file mode 100644 index 0000000..d26d7b0 --- /dev/null +++ b/modules.d/95nvmf/95-nvmf-initqueue.rules @@ -0,0 +1,10 @@ +# +# nvmf-initqueue.rules +# +# D-Bus doesn't run in the initrd, which means that we cannot use our +# usual trick of starting custom systemd services. +# So use a rule to create initqueue entries instead. + +ACTION=="change", SUBSYSTEM=="fc", ENV{FC_EVENT}=="nvmediscovery", \ + ENV{NVMEFC_HOST_TRADDR}=="*", ENV{NVMEFC_TRADDR}=="*", \ + RUN+="/sbin/initqueue --onetime --unique --name nvmf-connect-$env{NVMEFC_TRADDR}-$env{NVMEFC_HOST_TRADDR} /usr/sbin/nvme connect-all --transport=fc --traddr=$env{NVMEFC_TRADDR} --host-traddr=$env{NVMEFC_HOST_TRADDR}" diff --git a/modules.d/95nvmf/module-setup.sh b/modules.d/95nvmf/module-setup.sh new file mode 100755 index 0000000..a8f3034 --- /dev/null +++ b/modules.d/95nvmf/module-setup.sh @@ -0,0 +1,148 @@ +#!/bin/bash + +# called by dracut +check() { + require_binaries nvme jq || return 1 + [ -f /etc/nvme/hostnqn ] || return 255 + [ -f /etc/nvme/hostid ] || return 255 + + is_nvmf() { + local _dev=$1 + local trtype + + [[ -L "/sys/dev/block/$_dev" ]] || return 0 + cd -P "/sys/dev/block/$_dev" || return 0 + if [ -f partition ]; then + cd .. + fi + for d in device/nvme*; do + [ -L "$d" ] || continue + if readlink "$d" | grep -q nvme-fabrics; then + read -r trtype < "$d"/transport + break + fi + done + [[ $trtype == "fc" ]] || [[ $trtype == "tcp" ]] || [[ $trtype == "rdma" ]] + } + + has_nbft() { + local f found= + for f in /sys/firmware/acpi/tables/NBFT*; do + [ -f "$f" ] || continue + found=1 + break + done + [[ $found ]] + } + + [[ $hostonly ]] || [[ $mount_needs ]] && { + pushd . > /dev/null + for_each_host_dev_and_slaves is_nvmf + local _is_nvmf=$? + popd > /dev/null || exit + [[ $_is_nvmf == 0 ]] || return 255 + if [ ! -f /sys/class/fc/fc_udev_device/nvme_discovery ] \ + && [ ! -f /etc/nvme/discovery.conf ] \ + && [ ! -f /etc/nvme/config.json ] && ! has_nbft; then + echo "No discovery arguments present" + return 255 + fi + } + return 0 +} + +# called by dracut +depends() { + echo bash rootfs-block network + return 0 +} + +# called by dracut +installkernel() { + instmods nvme_fc lpfc qla2xxx + hostonly="" instmods nvme_tcp nvme_fabrics 8021q +} + +# called by dracut +cmdline() { + local _hostnqn + local _hostid + + gen_nvmf_cmdline() { + local _dev=$1 + local trtype + local traddr + local host_traddr + local trsvcid + local _address + local -a _address_parts + + [[ -L "/sys/dev/block/$_dev" ]] || return 0 + cd -P "/sys/dev/block/$_dev" || return 0 + if [ -f partition ]; then + cd .. + fi + for d in device/nvme*; do + [ -L "$d" ] || continue + if readlink "$d" | grep -q nvme-fabrics; then + read -r trtype < "$d"/transport + break + fi + done + + [ -z "$trtype" ] && return 0 + nvme list-subsys "${PWD##*/}" | while read -r _ _ trtype _address _; do + [[ -z $trtype || $trtype != "${trtype#NQN}" ]] && continue + unset traddr + unset host_traddr + unset trsvcid + mapfile -t -d ',' _address_parts < <(printf "%s" "$_address") + for i in "${_address_parts[@]}"; do + [[ $i =~ ^traddr= ]] && traddr="${i#traddr=}" + [[ $i =~ ^host_traddr= ]] && host_traddr="${i#host_traddr=}" + [[ $i =~ ^trsvcid= ]] && trsvcid="${i#trsvcid=}" + done + [[ -z $traddr && -z $host_traddr && -z $trsvcid ]] && continue + echo -n " rd.nvmf.discover=$trtype,$traddr,$host_traddr,$trsvcid" + done + } + + if [ -f /etc/nvme/hostnqn ]; then + read -r _hostnqn < /etc/nvme/hostnqn + echo -n " rd.nvmf.hostnqn=${_hostnqn}" + fi + if [ -f /etc/nvme/hostid ]; then + read -r _hostid < /etc/nvme/hostid + echo -n " rd.nvmf.hostid=${_hostid}" + fi + + [[ $hostonly ]] || [[ $mount_needs ]] && { + pushd . > /dev/null + for_each_host_dev_and_slaves gen_nvmf_cmdline + popd > /dev/null || exit + } +} + +# called by dracut +install() { + if [[ $hostonly_cmdline == "yes" ]]; then + local _nvmf_args + _nvmf_args=$(cmdline) + [[ "$_nvmf_args" ]] && printf "%s" "$_nvmf_args" >> "${initdir}/etc/cmdline.d/95nvmf-args.conf" + fi + inst_simple "/etc/nvme/hostnqn" + inst_simple "/etc/nvme/hostid" + + inst_multiple ip sed + + inst_script "${moddir}/nvmf-autoconnect.sh" /sbin/nvmf-autoconnect.sh + inst_script "${moddir}/nbftroot.sh" /sbin/nbftroot + + inst_multiple nvme jq + inst_hook cmdline 92 "$moddir/parse-nvmf-boot-connections.sh" + inst_simple "/etc/nvme/discovery.conf" + inst_simple "/etc/nvme/config.json" + inst_rules /usr/lib/udev/rules.d/71-nvmf-iopolicy-netapp.rules + inst_rules "$moddir/95-nvmf-initqueue.rules" + dracut_need_initqueue +} diff --git a/modules.d/95nvmf/nbftroot.sh b/modules.d/95nvmf/nbftroot.sh new file mode 100755 index 0000000..0f33499 --- /dev/null +++ b/modules.d/95nvmf/nbftroot.sh @@ -0,0 +1,5 @@ +#! /bin/sh +# This script is called from /sbin/netroot + +/sbin/nvmf-autoconnect.sh online +exit 0 diff --git a/modules.d/95nvmf/nvmf-autoconnect.sh b/modules.d/95nvmf/nvmf-autoconnect.sh new file mode 100755 index 0000000..35ee948 --- /dev/null +++ b/modules.d/95nvmf/nvmf-autoconnect.sh @@ -0,0 +1,54 @@ +#!/bin/sh +# Argument $1 is "settled", "online", or "timeout", indicating +# the queue from which the script is called. +# In the "timeout" case, try everything. +# Otherwise, try options according to the priorities below. + +[ "$RD_DEBUG" != yes ] || set -x + +if [ "$1" = timeout ]; then + [ ! -f /sys/class/fc/fc_udev_device/nvme_discovery ] \ + || echo add > /sys/class/fc/fc_udev_device/nvme_discovery + /usr/sbin/nvme connect-all + exit 0 +fi + +NVMF_HOSTNQN_OK= +[ ! -f "/etc/nvme/hostnqn" ] || [ ! -f "/etc/nvme/hostid" ] || NVMF_HOSTNQN_OK=1 + +# Only nvme-cli 2.5 or newer supports the options --nbft and --no-nbft +# for the connect-all command. +# Make sure we don't use unsupported options with earlier versions. +NBFT_SUPPORTED= +# shellcheck disable=SC2016 +/usr/sbin/nvme connect-all --help 2>&1 | sed -n '/[[:space:]]--nbft[[:space:]]/q1;$q0' \ + || NBFT_SUPPORTED=1 + +if [ -e /tmp/nvmf-fc-auto ] && [ "$NVMF_HOSTNQN_OK" ] \ + && [ -f /sys/class/fc/fc_udev_device/nvme_discovery ]; then + # prio 1: cmdline override "rd.nvmf.discovery=fc,auto" + echo add > /sys/class/fc/fc_udev_device/nvme_discovery + exit 0 +fi +if [ "$NBFT_SUPPORTED" ] && [ -e /tmp/valid_nbft_entry_found ]; then + # prio 2: NBFT + /usr/sbin/nvme connect-all --nbft + exit 0 +fi +if [ -f /etc/nvme/discovery.conf ] || [ -f /etc/nvme/config.json ] \ + && [ "$NVMF_HOSTNQN_OK" ]; then + # prio 3: configuration from initrd and/or kernel command line + # We can get here even if "rd.nvmf.nonbft" was given, thus use --no-nbft + if [ "$NBFT_SUPPORTED" ]; then + /usr/sbin/nvme connect-all --no-nbft + else + /usr/sbin/nvme connect-all + fi + exit 0 +fi +if [ "$NVMF_HOSTNQN_OK" ] \ + && [ -f /sys/class/fc/fc_udev_device/nvme_discovery ]; then + # prio 4: no discovery entries, try NVMeoFC autoconnect + echo add > /sys/class/fc/fc_udev_device/nvme_discovery +fi +exit 0 diff --git a/modules.d/95nvmf/parse-nvmf-boot-connections.sh b/modules.d/95nvmf/parse-nvmf-boot-connections.sh new file mode 100755 index 0000000..6601837 --- /dev/null +++ b/modules.d/95nvmf/parse-nvmf-boot-connections.sh @@ -0,0 +1,326 @@ +#!/bin/sh +# +# Supported formats: +# rd.nvmf.hostnqn=<hostnqn> +# rd.nvmf.hostid=<hostid> +# rd.nvmf.discover=<transport>,<traddr>,<host-traddr>,<trsvcid> +# +# Examples: +# rd.nvmf.hostnqn=nqn.2014-08.org.nvmexpress:uuid:37303738-3034-584d-5137-333230423843 +# rd.nvmf.discover=rdma,192.168.1.3,,4420 +# rd.nvmf.discover=tcp,192.168.1.3,,4420 +# rd.nvmf.discover=tcp,192.168.1.3 +# rd.nvmf.discover=fc,nn-0x200400a098d85236:pn-0x201400a098d85236,nn-0x200000109b7db455:pn-0x100000109b7db455 +# rd.nvmf.discover=fc,auto +# +# Note: FC does autodiscovery, so typically there is no need to +# specify any discover parameters for FC. +# + +command -v getarg > /dev/null || . /lib/dracut-lib.sh +command -v is_ip > /dev/null || . /lib/net-lib.sh + +## Sample NBFT output from nvme show-nbft -H -s -d -o json +# [ +# { +# "filename":"/sys/firmware/acpi/tables/NBFT", +# "host":{ +# "nqn":"nqn.2014-08.org.nvmexpress:uuid:d6f07002-7eb5-4841-a185-400e296afae4", +# "id":"111919da-21ea-cc4e-bafe-216d8372dd31", +# "host_id_configured":0, +# "host_nqn_configured":0, +# "primary_admin_host_flag":"not indicated" +# }, +# "subsystem":[ +# { +# "index":1, +# "num_hfis":1, +# "hfis":[ +# 1 +# ], +# "transport":"tcp", +# "transport_address":"192.168.100.216", +# "transport_svcid":"4420", +# "subsys_port_id":0, +# "nsid":1, +# "nid_type":"uuid", +# "nid":"424d1c8a-8ef9-4681-b2fc-8c343bd8fa69", +# "subsys_nqn":"timberland-01", +# "controller_id":0, +# "asqsz":0, +# "pdu_header_digest_required":0, +# "data_digest_required":0 +# } +# ], +# "hfi":[ +# { +# "index":1, +# "transport":"tcp", +# "pcidev":"0:0:2.0", +# "mac_addr":"52:54:00:4f:97:e9", +# "vlan":0, +# "ip_origin":63, +# "ipaddr":"192.168.100.217", +# "subnet_mask_prefix":24, +# "gateway_ipaddr":"0.0.0.0", +# "route_metric":0, +# "primary_dns_ipaddr":"0.0.0.0", +# "secondary_dns_ipaddr":"0.0.0.0", +# "dhcp_server_ipaddr":"", +# "this_hfi_is_default_route":1 +# } +# ], +# "discovery":[ +# ] +# } +# ] +# +# If the IP address is derived from DHCP, it sets the field +# "hfi.dhcp_server_ipaddr" to a non-emtpy value. +# +# + +nbft_run_jq() { + local st + local opts="-e" + + while [ $# -gt 0 ]; do + case $1 in + -*) + opts="$opts $1" + ;; + *) + break + ;; + esac + shift + done + # Not quoting is intentional here. We won't get glob expressions passed. + # shellcheck disable=SC2086 + jq $opts "$1" << EOF +$2 +EOF + st=$? + if [ $st -ne 0 ]; then + warn "NBFT: jq error while processing \"$1\"" + return $st + else + return 0 + fi +} + +nbft_check_empty_address() { + # suppress meaningless or empty IP addresses + # "null" is returned by jq if no match found for expression + case $1 in + null | "::" | "0.0.0.0") ;; + *) + echo "$1" + ;; + esac +} + +nbft_parse_hfi() { + # false positive of shellcheck - no expansion in variable assignments + # shellcheck disable=2086 + local hfi_json=$1 + local mac iface ipaddr prefix vlan gateway dns1 dns2 hostname adrfam dhcp + + mac=$(nbft_run_jq -r .mac_addr "$hfi_json") || return 1 + iface=$(set_ifname nbft "$mac") + + vlan=$(nbft_run_jq .vlan "$hfi_json") || vlan=0 + # treat VLAN zero as "no vlan" + [ "$vlan" -ne 0 ] || vlan= + + [ ! -e /tmp/net."${iface}${vlan:+.$vlan}".has_ibft_config ] || return 0 + + dhcp=$(nbft_run_jq -r .dhcp_server_ipaddr "$hfi_json") + # We need to check $? here as the above is an assignment + # shellcheck disable=2181 + if [ $? -eq 0 ] && [ "$dhcp" ] && [ "$dhcp" != null ]; then + case $dhcp in + *:*) + echo ip="$iface${vlan:+.$vlan}:dhcp6" + ;; + *.*.*.*) + echo ip="$iface${vlan:+.$vlan}:dhcp" + ;; + *) + warn "Invalid value for dhcp_server_ipaddr: $dhcp" + return 1 + ;; + esac + else + ipaddr=$(nbft_run_jq -r .ipaddr "$hfi_json") || return 1 + + case $ipaddr in + *.*.*.*) + adrfam=ipv4 + ;; + *:*) + adrfam=ipv6 + ;; + *) + warn "invalid address: $ipaddr" + return 1 + ;; + esac + prefix=$(nbft_run_jq -r .subnet_mask_prefix "$hfi_json") + # Need to check $? here as he above is an assignment + # shellcheck disable=2181 + if [ $? -ne 0 ] && [ "$adrfam" = ipv6 ]; then + prefix=128 + fi + # Use brackets for IPv6 + if [ "$adrfam" = ipv6 ]; then + ipaddr="[$ipaddr]" + fi + + gateway=$(nbft_check_empty_address \ + "$(nbft_run_jq -r .gateway_ipaddr "$hfi_json")") + dns1=$(nbft_check_empty_address \ + "$(nbft_run_jq -r .primary_dns_ipaddr "$hfi_json")") + dns2=$(nbft_check_empty_address \ + "$(nbft_run_jq -r .secondary_dns_ipaddr "$hfi_json")") + hostname=$(nbft_run_jq -r .host_name "$hfi_json" 2> /dev/null) || hostname= + + echo "ip=$ipaddr::$gateway:$prefix:$hostname:$iface${vlan:+.$vlan}:none${dns1:+:$dns1}${dns2:+:$dns2}" + fi + + if [ "$vlan" ]; then + echo "vlan=$iface.$vlan:$iface" + echo "$mac" > "/tmp/net.$iface.$vlan.has_ibft_config" + else + echo "$mac" > "/tmp/net.$iface.has_ibft_config" + fi + : > /tmp/valid_nbft_entry_found +} + +nbft_parse() { + local nbft_json n_nbft all_hfi_json n_hfi + local j=0 i + + nbft_json=$(nvme nbft show -H -o json) || return 0 + n_nbft=$(nbft_run_jq ". | length" "$nbft_json") || return 0 + + while [ "$j" -lt "$n_nbft" ]; do + all_hfi_json=$(nbft_run_jq ".[$j].hfi" "$nbft_json") || continue + n_hfi=$(nbft_run_jq ". | length" "$all_hfi_json") || continue + i=0 + + while [ "$i" -lt "$n_hfi" ]; do + nbft_parse_hfi "$(nbft_run_jq ".[$i]" "$all_hfi_json")" + i=$((i + 1)) + done + j=$((j + 1)) + done >> /etc/cmdline.d/40-nbft.conf +} + +if getargbool 0 rd.nonvmf; then + warn "rd.nonvmf=0: skipping nvmf" + return 0 +fi + +if getargbool 0 rd.nvmf.nostatic; then + rm -f /etc/cmdline.d/95nvmf-args.conf + rm -f /etc/nvme/discovery.conf /etc/nvme/config.json +fi + +if ! getargbool 0 rd.nvmf.nonbft; then + for _x in /sys/firmware/acpi/tables/NBFT*; do + if [ -f "$_x" ]; then + nbft_parse + break + fi + done +fi + +initqueue --onetime modprobe --all -b -q nvme_tcp nvme_core nvme_fabrics + +parse_nvmf_discover() { + traddr="none" + trtype="none" + hosttraddr="none" + trsvcid=4420 + OLDIFS="$IFS" + IFS=, + # shellcheck disable=SC2086 + set -- $1 + IFS="$OLDIFS" + + case $# in + 2) + [ -n "$1" ] && trtype=$1 + [ -n "$2" ] && traddr=$2 + ;; + 3) + [ -n "$1" ] && trtype=$1 + [ -n "$2" ] && traddr=$2 + [ -n "$3" ] && hosttraddr=$3 + ;; + 4) + [ -n "$1" ] && trtype=$1 + [ -n "$2" ] && traddr=$2 + [ -n "$3" ] && hosttraddr=$3 + [ -n "$4" ] && trsvcid=$4 + ;; + *) + warn "Invalid arguments for rd.nvmf.discover=$1" + return 0 + ;; + esac + if [ "$traddr" = "none" ]; then + warn "traddr is mandatory for $trtype" + return 0 + fi + if [ "$trtype" = "tcp" ]; then + : > /tmp/nvmf_needs_network + elif [ "$trtype" = "fc" ]; then + if [ "$traddr" = "auto" ]; then + rm -f /etc/nvme/discovery.conf /etc/nvme/config.json + return 1 + fi + if [ "$hosttraddr" = "none" ]; then + warn "host traddr is mandatory for fc" + return 0 + fi + elif [ "$trtype" != "rdma" ]; then + warn "unsupported transport $trtype" + return 0 + fi + if [ "$trtype" = "fc" ]; then + echo "--transport=$trtype --traddr=$traddr --host-traddr=$hosttraddr" >> /etc/nvme/discovery.conf + else + echo "--transport=$trtype --traddr=$traddr --host-traddr=$hosttraddr --trsvcid=$trsvcid" >> /etc/nvme/discovery.conf + fi + return 0 +} + +nvmf_hostnqn=$(getarg rd.nvmf.hostnqn -d nvmf.hostnqn=) +if [ -n "$nvmf_hostnqn" ]; then + echo "$nvmf_hostnqn" > /etc/nvme/hostnqn +fi +nvmf_hostid=$(getarg rd.nvmf.hostid -d nvmf.hostid=) +if [ -n "$nvmf_hostid" ]; then + echo "$nvmf_hostid" > /etc/nvme/hostid +fi + +rm -f /tmp/nvmf-fc-auto +for d in $(getargs rd.nvmf.discover -d nvmf.discover=); do + parse_nvmf_discover "$d" || { + : > /tmp/nvmf-fc-auto + break + } +done + +if [ -e /tmp/nvmf_needs_network ] || [ -e /tmp/valid_nbft_entry_found ]; then + echo "rd.neednet=1" > /etc/cmdline.d/nvmf-neednet.conf + # netroot is a global variable that is present in all "sourced" scripts + # shellcheck disable=SC2034 + netroot=nbft + rm -f /tmp/nvmf_needs_network +fi + +/sbin/initqueue --settled --onetime --name nvmf-connect-settled /sbin/nvmf-autoconnect.sh settled +/sbin/initqueue --timeout --onetime --name nvmf-connect-timeout /sbin/nvmf-autoconnect.sh timeout diff --git a/modules.d/95qeth_rules/module-setup.sh b/modules.d/95qeth_rules/module-setup.sh new file mode 100755 index 0000000..a84ac15 --- /dev/null +++ b/modules.d/95qeth_rules/module-setup.sh @@ -0,0 +1,58 @@ +#!/bin/bash + +# called by dracut +check() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + local _online=0 + [ "$_arch" = "s390" -o "$_arch" = "s390x" ] || return 1 + dracut_module_included network || return 1 + + [[ $hostonly ]] && { + for i in /sys/devices/qeth/*/online; do + [ ! -f "$i" ] && continue + read -r _online < "$i" + [ "$_online" -eq 1 ] && return 0 + done + } + return 255 +} + +# called by dracut +installkernel() { + instmods qeth +} + +# called by dracut +install() { + ccwid() { + qeth_path=$(readlink -e -q "$1"/device) + basename "$qeth_path" + } + + inst_rules_qeth() { + for rule in /etc/udev/rules.d/{4,5}1-qeth-${1}.rules; do + # prefer chzdev generated 41- rules + if [ -f "$rule" ]; then + inst_rules "$rule" + break + fi + done + } + + has_carrier() { + carrier=0 + # not readable in qeth interfaces + # that have just been assembled, ignore + # read error and assume no carrier + read -r carrier 2> /dev/null < "$1/carrier" + [ "$carrier" -eq 1 ] && return 0 + return 1 + } + + for dev in /sys/class/net/*; do + has_carrier "$dev" || continue + id=$(ccwid "$dev") + [ -n "$id" ] && inst_rules_qeth "$id" + done + +} diff --git a/modules.d/95resume/module-setup.sh b/modules.d/95resume/module-setup.sh new file mode 100755 index 0000000..d255103 --- /dev/null +++ b/modules.d/95resume/module-setup.sh @@ -0,0 +1,68 @@ +#!/bin/bash + +# called by dracut +check() { + swap_on_netdevice() { + local _dev + for _dev in "${swap_devs[@]}"; do + block_is_netdevice "$(get_maj_min "$_dev")" && return 0 + done + return 1 + } + + # Only support resume if hibernation is currently on + # and no swap is mounted on a net device + [[ $hostonly ]] || [[ $mount_needs ]] && { + swap_on_netdevice || [[ -f /sys/power/resume && "$(< /sys/power/resume)" == "0:0" ]] || grep -rq '^\|[[:space:]]resume=' /proc/cmdline /etc/cmdline /etc/cmdline.d /etc/kernel/cmdline /usr/lib/kernel/cmdline 2> /dev/null && return 255 + } + + return 0 +} + +# called by dracut +cmdline() { + local _resume + + for dev in "${!host_fs_types[@]}"; do + [[ ${host_fs_types[$dev]} =~ ^(swap|swsuspend|swsupend)$ ]] || continue + _resume=$(shorten_persistent_dev "$(get_persistent_dev "$dev")") + [[ -n ${_resume} ]] && printf " resume=%s" "${_resume}" + done +} + +# called by dracut +install() { + local _bin + local _resumeconf + + if [[ $hostonly_cmdline == "yes" ]]; then + _resumeconf=$(cmdline) + [[ $_resumeconf ]] && printf "%s\n" "$_resumeconf" >> "${initdir}/etc/cmdline.d/95resume.conf" + fi + + # if systemd is included and has the hibernate-resume tool, use it and nothing else + if dracut_module_included "systemd" && [[ -x $dracutsysrootdir$systemdutildir/systemd-hibernate-resume ]]; then + inst_multiple -o \ + "$systemdutildir"/system-generators/systemd-hibernate-resume-generator \ + "$systemdsystemunitdir"/systemd-hibernate-resume@.service \ + "$systemdutildir"/systemd-hibernate-resume + return 0 + fi + + # Optional uswsusp support + for _bin in /usr/sbin/resume /usr/lib/suspend/resume /usr/lib64/suspend/resume /usr/lib/uswsusp/resume /usr/lib64/uswsusp/resume; do + [[ -x $dracutsysrootdir${_bin} ]] && { + inst "${_bin}" /usr/sbin/resume + [[ $hostonly ]] && [[ -f $dracutsysrootdir/etc/suspend.conf ]] && inst -H /etc/suspend.conf + break + } + done + + if ! dracut_module_included "systemd"; then + inst_hook cmdline 10 "$moddir/parse-resume.sh" + else + inst_script "$moddir/parse-resume.sh" /lib/dracut/parse-resume.sh + fi + + inst_script "$moddir/resume.sh" /lib/dracut/resume.sh +} diff --git a/modules.d/95resume/parse-resume.sh b/modules.d/95resume/parse-resume.sh new file mode 100755 index 0000000..75a905d --- /dev/null +++ b/modules.d/95resume/parse-resume.sh @@ -0,0 +1,81 @@ +#!/bin/sh + +if resume=$(getarg resume=) && ! getarg noresume; then + export resume + echo "$resume" > /.resume +else + unset resume +fi + +resume="$(label_uuid_to_dev "$resume")" + +if splash=$(getarg splash=); then + export splash +else + unset splash +fi + +case "$splash" in + quiet) + a_splash="-P splash=y" + ;; + *) + a_splash="-P splash=n" + ;; +esac + +if ! getarg noresume; then + if [ -n "$resume" ]; then + wait_for_dev /dev/resume + + { + printf "KERNEL==\"%s\", ACTION==\"add|change\", SYMLINK+=\"resume\"\n" \ + "${resume#/dev/}" + printf "SYMLINK==\"%s\", ACTION==\"add|change\", SYMLINK+=\"resume\"\n" \ + "${resume#/dev/}" + } >> /etc/udev/rules.d/99-resume-link.rules + + { + if [ -x /usr/sbin/resume ]; then + printf -- 'KERNEL=="%s", ' "${resume#/dev/}" + printf -- '%s' 'ACTION=="add|change", ENV{ID_FS_TYPE}=="suspend|swsuspend|swsupend",' + printf -- " RUN+=\"/sbin/initqueue --finished --unique --name 00resume /usr/sbin/resume %s \'%s\'\"\n" \ + "$a_splash" "$resume" + printf -- 'SYMLINK=="%s", ' "${resume#/dev/}" + printf -- '%s' 'ACTION=="add|change", ENV{ID_FS_TYPE}=="suspend|swsuspend|swsupend",' + printf -- " RUN+=\"/sbin/initqueue --finished --unique --name 00resume /usr/sbin/resume %s \'%s\'\"\n" \ + "$a_splash" "$resume" + fi + + printf -- 'KERNEL=="%s", ' "${resume#/dev/}" + printf -- '%s' 'ACTION=="add|change", ENV{ID_FS_TYPE}=="suspend|swsuspend|swsupend",' + printf -- '%s\n' ' RUN+="/sbin/initqueue --finished --unique --name 00resume echo %M:%m > /sys/power/resume"' + + printf -- 'SYMLINK=="%s", ' "${resume#/dev/}" + printf -- '%s' 'ACTION=="add|change", ENV{ID_FS_TYPE}=="suspend|swsuspend|swsupend",' + printf -- '%s\n' ' RUN+="/sbin/initqueue --finished --unique --name 00resume echo %M:%m > /sys/power/resume"' + } >> /etc/udev/rules.d/99-resume.rules + + # shellcheck disable=SC2016 + printf '[ -e "%s" ] && { ln -fs "%s" /dev/resume 2> /dev/null; rm -f -- "$job" "%s/initqueue/timeout/resume.sh"; }\n' \ + "$resume" "$resume" "$hookdir" >> "$hookdir"/initqueue/settled/resume.sh + + { + printf -- "%s" 'warn "Cancelling resume operation. Device not found.";' + # shellcheck disable=SC2016 + printf -- ' cancel_wait_for_dev /dev/resume; rm -f -- "$job" "%s/initqueue/settled/resume.sh";\n' "$hookdir" + } >> "$hookdir"/initqueue/timeout/resume.sh + + mv /lib/dracut/resume.sh /lib/dracut/hooks/pre-mount/10-resume.sh + else + { + if [ -x /usr/sbin/resume ]; then + printf -- '%s' 'SUBSYSTEM=="block", ACTION=="add|change", ENV{ID_FS_TYPE}=="suspend|swsuspend|swsupend",' + # shellcheck disable=SC2016 + printf -- ' RUN+="/sbin/initqueue --finished --unique --name 00resume /usr/sbin/resume %s $tempnode"\n' "$a_splash" + fi + printf -- '%s' 'SUBSYSTEM=="block", ACTION=="add|change", ENV{ID_FS_TYPE}=="suspend|swsuspend|swsupend",' + printf -- '%s\n' ' RUN+="/sbin/initqueue --finished --unique --name 00resume echo %M:%m > /sys/power/resume"' + } >> /etc/udev/rules.d/99-resume.rules + fi +fi diff --git a/modules.d/95resume/resume.sh b/modules.d/95resume/resume.sh new file mode 100755 index 0000000..c808880 --- /dev/null +++ b/modules.d/95resume/resume.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +[ -s /.resume -a -b "$resume" ] && { + # First try user level resume; it offers splash etc + case "$splash" in + quiet) + a_splash="-P splash=y" + ;; + *) + a_splash="-P splash=n" + ;; + esac + [ -x "$(command -v resume)" ] && command resume "$a_splash" "$resume" + + (readlink -fn "$resume" > /sys/power/resume) > /.resume +} diff --git a/modules.d/95rootfs-block/block-genrules.sh b/modules.d/95rootfs-block/block-genrules.sh new file mode 100755 index 0000000..d5df0ee --- /dev/null +++ b/modules.d/95rootfs-block/block-genrules.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +if [ "${root%%:*}" = "block" ]; then + { + printf 'KERNEL=="%s", SYMLINK+="root"\n' \ + "${root#block:/dev/}" + printf 'SYMLINK=="%s", SYMLINK+="root"\n' \ + "${root#block:/dev/}" + } >> /etc/udev/rules.d/99-root.rules + + # shellcheck disable=SC2016 + printf '[ -e "%s" ] && { ln -s "%s" /dev/root 2>/dev/null; rm "$job"; }\n' \ + "${root#block:}" "${root#block:}" > "$hookdir"/initqueue/settled/blocksymlink.sh + + wait_for_dev "${root#block:}" +fi diff --git a/modules.d/95rootfs-block/module-setup.sh b/modules.d/95rootfs-block/module-setup.sh new file mode 100755 index 0000000..396fb11 --- /dev/null +++ b/modules.d/95rootfs-block/module-setup.sh @@ -0,0 +1,92 @@ +#!/bin/bash + +# called by dracut +check() { + return 0 +} + +# called by dracut +depends() { + echo base fs-lib +} + +cmdline_journal() { + if [[ $hostonly ]]; then + for dev in "${!host_fs_types[@]}"; do + [[ ${host_fs_types[$dev]} == "reiserfs" ]] || [[ ${host_fs_types[$dev]} == "xfs" ]] || continue + rootopts=$(find_dev_fsopts "$dev") + if [[ ${host_fs_types[$dev]} == "reiserfs" ]]; then + journaldev=$(fs_get_option "$rootopts" "jdev") + elif [[ ${host_fs_types[$dev]} == "xfs" ]]; then + journaldev=$(fs_get_option "$rootopts" "logdev") + fi + + if [ -n "$journaldev" ]; then + printf " root.journaldev=%s" "$journaldev" + fi + done + fi + return 0 +} + +cmdline_rootfs() { + local _block + _block=$(find_root_block_device) + local _dev=/dev/block/$_block + local _fstype _flags _subvol + + # "--no-hostonly-default-device" can result in empty root_devs + if [ "${#root_devs[@]}" -eq 0 ]; then + return + fi + + if [ -n "$_block" -a -b "$_dev" ]; then + printf " root=%s" "$(shorten_persistent_dev "$(get_persistent_dev "$_dev")")" + fi + _fstype="$(find_mp_fstype /)" + if [[ ${_fstype} == "zfs" ]]; then + local _root_ds + _root_ds="$(findmnt -n -o SOURCE /)" + printf " root=zfs:%s" "${_root_ds// /+}" + fi + _flags="$(find_mp_fsopts /)" + if [ -n "$_fstype" ]; then + printf " rootfstype=%s" "$_fstype" + fi + if [[ $use_fstab != yes ]] && [[ $_fstype == btrfs ]]; then + _subvol=$(findmnt -e -v -n -o FSROOT --target /) \ + && _subvol=${_subvol#/} + _flags="$_flags${_subvol:+,subvol=$_subvol}" + fi + if [ -n "$_flags" ]; then + printf " rootflags=%s" "$_flags" + fi +} + +# called by dracut +cmdline() { + cmdline_rootfs + cmdline_journal +} + +# called by dracut +install() { + if [[ $hostonly_cmdline == "yes" ]]; then + local _journaldev + _journaldev=$(cmdline_journal) + [[ $_journaldev ]] && printf "%s\n" "$_journaldev" >> "${initdir}/etc/cmdline.d/95root-journaldev.conf" + local _rootdev + _rootdev=$(cmdline_rootfs) + [[ $_rootdev ]] && printf "%s\n" "$_rootdev" >> "${initdir}/etc/cmdline.d/95root-dev.conf" + fi + + inst_multiple umount + inst_multiple tr + if ! dracut_module_included "systemd"; then + inst_hook cmdline 95 "$moddir/parse-block.sh" + inst_hook pre-udev 30 "$moddir/block-genrules.sh" + inst_hook mount 99 "$moddir/mount-root.sh" + fi + + inst_hook initqueue/timeout 99 "$moddir/rootfallback.sh" +} diff --git a/modules.d/95rootfs-block/mount-root.sh b/modules.d/95rootfs-block/mount-root.sh new file mode 100755 index 0000000..c488b11 --- /dev/null +++ b/modules.d/95rootfs-block/mount-root.sh @@ -0,0 +1,135 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh +type det_fs > /dev/null 2>&1 || . /lib/fs-lib.sh + +mount_root() { + local _rflags_ro + # sanity - determine/fix fstype + rootfs=$(det_fs "${root#block:}" "$fstype") + + journaldev=$(getarg "root.journaldev=") + if [ -n "$journaldev" ]; then + case "$rootfs" in + xfs) + rflags="${rflags:+${rflags},}logdev=$journaldev" + ;; + reiserfs) + fsckoptions="-j $journaldev $fsckoptions" + rflags="${rflags:+${rflags},}jdev=$journaldev" + ;; + *) ;; + esac + fi + + _rflags_ro="$rflags,ro" + _rflags_ro="${_rflags_ro##,}" + + while ! mount -t "${rootfs}" -o "$_rflags_ro" "${root#block:}" "$NEWROOT"; do + warn "Failed to mount -t ${rootfs} -o $_rflags_ro ${root#block:} $NEWROOT" + fsck_ask_err + done + + READONLY= + fsckoptions= + if [ -f "$NEWROOT"/etc/sysconfig/readonly-root ]; then + # shellcheck disable=SC1090 + . "$NEWROOT"/etc/sysconfig/readonly-root + fi + + if getargbool 0 "readonlyroot=" -y readonlyroot; then + READONLY=yes + fi + + if getarg noreadonlyroot; then + READONLY=no + fi + + if [ -f "$NEWROOT"/fastboot ] || getargbool 0 fastboot; then + fastboot=yes + fi + + if ! getargbool 0 rd.skipfsck; then + if [ -f "$NEWROOT"/fsckoptions ]; then + read -r fsckoptions < "$NEWROOT"/fsckoptions + fi + + if [ -f "$NEWROOT"/forcefsck ] || getargbool 0 forcefsck; then + fsckoptions="-f $fsckoptions" + elif [ -f "$NEWROOT"/.autofsck ]; then + # shellcheck disable=SC1090 + [ -f "$NEWROOT"/etc/sysconfig/autofsck ] \ + && . "$NEWROOT"/etc/sysconfig/autofsck + if [ "$AUTOFSCK_DEF_CHECK" = "yes" ]; then + AUTOFSCK_OPT="$AUTOFSCK_OPT -f" + fi + if [ -n "$AUTOFSCK_SINGLEUSER" ]; then + warn "*** Warning -- the system did not shut down cleanly. " + warn "*** Dropping you to a shell; the system will continue" + warn "*** when you leave the shell." + emergency_shell + fi + fsckoptions="$AUTOFSCK_OPT $fsckoptions" + fi + fi + + rootopts= + if getargbool 1 rd.fstab -d -n rd_NO_FSTAB \ + && ! getarg rootflags > /dev/null \ + && [ -f "$NEWROOT/etc/fstab" ] \ + && ! [ -L "$NEWROOT/etc/fstab" ]; then + # if $NEWROOT/etc/fstab contains special mount options for + # the root filesystem, + # remount it with the proper options + rootopts="defaults" + while read -r dev mp fs opts _ fsck || [ -n "$dev" ]; do + # skip comments + [ "${dev%%#*}" != "$dev" ] && continue + + if [ "$mp" = "/" ]; then + # sanity - determine/fix fstype + rootfs=$(det_fs "${root#block:}" "$fs") + rootopts=$opts + rootfsck=$fsck + break + fi + done < "$NEWROOT/etc/fstab" + fi + + # we want rootflags (rflags) to take precedence so prepend rootopts to + # them + rflags="${rootopts},${rflags}" + rflags="${rflags#,}" + rflags="${rflags%,}" + + # backslashes are treated as escape character in fstab + # esc_root=$(echo ${root#block:} | sed 's,\\,\\\\,g') + # printf '%s %s %s %s 1 1 \n' "$esc_root" "$NEWROOT" "$rootfs" "$rflags" >/etc/fstab + + if fsck_able "$rootfs" \ + && [ "$rootfsck" != "0" -a -z "$fastboot" -a "$READONLY" != "yes" ] \ + && ! strstr "${rflags}" _netdev \ + && ! getargbool 0 rd.skipfsck; then + umount "$NEWROOT" + fsck_single "${root#block:}" "$rootfs" "$rflags" "$fsckoptions" + fi + + echo "${root#block:} $NEWROOT $rootfs ${rflags:-defaults} 0 ${rootfsck:-0}" >> /etc/fstab + + if ! ismounted "$NEWROOT"; then + info "Mounting ${root#block:} with -o ${rflags}" + mount "$NEWROOT" 2>&1 | vinfo + elif ! are_lists_eq , "$rflags" "$_rflags_ro" defaults; then + info "Remounting ${root#block:} with -o ${rflags}" + mount -o remount "$NEWROOT" 2>&1 | vinfo + fi + + if ! getargbool 0 rd.skipfsck; then + [ -f "$NEWROOT"/forcefsck ] && rm -f -- "$NEWROOT"/forcefsck 2> /dev/null + [ -f "$NEWROOT"/.autofsck ] && rm -f -- "$NEWROOT"/.autofsck 2> /dev/null + fi +} + +if [ -n "$root" -a -z "${root%%block:*}" ]; then + mount_root +fi diff --git a/modules.d/95rootfs-block/parse-block.sh b/modules.d/95rootfs-block/parse-block.sh new file mode 100755 index 0000000..9c4357e --- /dev/null +++ b/modules.d/95rootfs-block/parse-block.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +case "${root#block:}" in + LABEL=* | UUID=* | PARTUUID=* | PARTLABEL=*) + root="block:$(label_uuid_to_dev "$root")" + rootok=1 + ;; + /dev/*) + root="block:${root#block:}" + # shellcheck disable=SC2034 + rootok=1 + ;; +esac + +[ "${root%%:*}" = "block" ] && wait_for_dev "${root#block:}" diff --git a/modules.d/95rootfs-block/rootfallback.sh b/modules.d/95rootfs-block/rootfallback.sh new file mode 100755 index 0000000..ce4ee85 --- /dev/null +++ b/modules.d/95rootfs-block/rootfallback.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +for root in $(getargs rootfallback=); do + root=$(label_uuid_to_dev "$root") + + if ! [ -b "$root" ]; then + warn "Could not find rootfallback $root" + continue + fi + + if mount "$root" /sysroot; then + info "Mounted rootfallback $root" + exit 0 + else + warn "Failed to mount rootfallback $root" + exit 1 + fi +done + +[ -e "$job" ] && rm -f "$job" diff --git a/modules.d/95ssh-client/module-setup.sh b/modules.d/95ssh-client/module-setup.sh new file mode 100755 index 0000000..75fc94f --- /dev/null +++ b/modules.d/95ssh-client/module-setup.sh @@ -0,0 +1,80 @@ +#!/bin/bash + +# fixme: assume user is root + +# called by dracut +check() { + [[ $mount_needs ]] && return 1 + + # If our prerequisites are not met, fail. + require_binaries ssh scp || return 1 + + if [[ $sshkey ]]; then + [[ ! -f $dracutsysrootdir$sshkey ]] && { + derror "ssh key: $sshkey is not found!" + return 1 + } + fi + + return 255 +} + +# called by dracut +depends() { + # We depend on network modules being loaded + echo network +} + +inst_sshenv() { + if [[ -d $dracutsysrootdir/root/.ssh ]]; then + inst_dir /root/.ssh + chmod 700 "${initdir}"/root/.ssh + fi + + # Copy over ssh key and knowhosts if needed + [[ $sshkey ]] && { + inst_simple "$sshkey" + [[ -f $dracutsysrootdir/root/.ssh/known_hosts ]] && inst_simple /root/.ssh/known_hosts + [[ -f $dracutsysrootdir/etc/ssh/ssh_known_hosts ]] && inst_simple /etc/ssh/ssh_known_hosts + } + + # Copy over root and system-wide ssh configs. + [[ -f $dracutsysrootdir/root/.ssh/config ]] && inst_simple /root/.ssh/config + if [[ -f $dracutsysrootdir/etc/ssh/ssh_config ]]; then + inst_simple /etc/ssh/ssh_config + sed -i -e 's/\(^[[:space:]]*\)ProxyCommand/\1# ProxyCommand/' "${initdir}"/etc/ssh/ssh_config + while read -r key val || [ -n "$key" ]; do + if [[ $key == "GlobalKnownHostsFile" ]]; then + inst_simple "$val" + # Copy customized UserKnowHostsFile + elif [[ $key == "UserKnownHostsFile" ]]; then + # Make sure that ~/foo will be copied as /root/foo in kdump's initramfs + # shellcheck disable=SC2088 + if str_starts "$val" "~/"; then + val="/root/${val#"~/"}" + fi + inst_simple "$val" + fi + done < "$dracutsysrootdir"/etc/ssh/ssh_config + fi + + return 0 +} + +# called by dracut +install() { + local _nsslibs + + inst_multiple ssh scp + inst_sshenv + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e 's/#.*//; s/^[^:]*://; s/\[[^]]*\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' +} diff --git a/modules.d/95terminfo/module-setup.sh b/modules.d/95terminfo/module-setup.sh new file mode 100755 index 0000000..8cecaf3 --- /dev/null +++ b/modules.d/95terminfo/module-setup.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# called by dracut +install() { + local _terminfodir + # terminfo bits make things work better if you fall into interactive mode + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [[ -f $dracutsysrootdir${_terminfodir}/l/linux ]] && break + done + + if [[ -d $dracutsysrootdir${_terminfodir} ]]; then + for i in "l/linux" "v/vt100" "v/vt102" "v/vt220"; do + inst_dir "$_terminfodir/${i%/*}" + $DRACUT_CP -L -t "${initdir}/${_terminfodir}/${i%/*}" "$dracutsysrootdir$_terminfodir/$i" + done + fi +} diff --git a/modules.d/95udev-rules/59-persistent-storage.rules b/modules.d/95udev-rules/59-persistent-storage.rules new file mode 100644 index 0000000..b076937 --- /dev/null +++ b/modules.d/95udev-rules/59-persistent-storage.rules @@ -0,0 +1,9 @@ +SUBSYSTEM!="block", GOTO="ps_end" +ACTION!="add|change", GOTO="ps_end" +# Also don't process disks that are slated to be a multipath device +ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="ps_end" + +KERNEL=="cciss[0-9]*", IMPORT{builtin}="blkid" +KERNEL=="nbd[0-9]*", IMPORT{builtin}="blkid" + +LABEL="ps_end" diff --git a/modules.d/95udev-rules/61-persistent-storage.rules b/modules.d/95udev-rules/61-persistent-storage.rules new file mode 100644 index 0000000..053b65c --- /dev/null +++ b/modules.d/95udev-rules/61-persistent-storage.rules @@ -0,0 +1,22 @@ +SUBSYSTEM!="block", GOTO="pss_end" +ACTION!="add|change", GOTO="pss_end" +# Also don't process disks that are slated to be a multipath device +ENV{DM_MULTIPATH_DEVICE_PATH}=="1", GOTO="pss_end" + +ACTION=="change", KERNEL=="dm-[0-9]*", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}!="1", GOTO="do_pss" +KERNEL=="cciss[0-9]*", GOTO="do_pss" +KERNEL=="nbd[0-9]*", GOTO="do_pss" +KERNEL=="md[0-9]*|md_d[0-9]*|md/*", GOTO="do_pss" + +GOTO="pss_end" + +LABEL="do_pss" +# by-path (parent device path) +ENV{DEVTYPE}=="disk", ENV{ID_PATH}=="", DEVPATH!="*/virtual/*", IMPORT{builtin}="path_id" +ENV{DEVTYPE}=="disk", ENV{ID_PATH}=="?*", SYMLINK+="disk/by-path/$env{ID_PATH}" +ENV{DEVTYPE}=="partition", ENV{ID_PATH}=="?*", SYMLINK+="disk/by-path/$env{ID_PATH}-part%n" + +# by-label/by-uuid links (filesystem metadata) +ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{ID_FS_UUID_ENC}=="?*", SYMLINK+="disk/by-uuid/$env{ID_FS_UUID_ENC}" +ENV{ID_FS_USAGE}=="filesystem|other", ENV{ID_FS_LABEL_ENC}=="?*", SYMLINK+="disk/by-label/$env{ID_FS_LABEL_ENC}" +LABEL="pss_end" diff --git a/modules.d/95udev-rules/module-setup.sh b/modules.d/95udev-rules/module-setup.sh new file mode 100755 index 0000000..3ca12ee --- /dev/null +++ b/modules.d/95udev-rules/module-setup.sh @@ -0,0 +1,83 @@ +#!/bin/bash + +# called by dracut +install() { + local _i + + # Fixme: would be nice if we didn't have to guess, which rules to grab.... + # ultimately, /lib/initramfs/rules.d or somesuch which includes links/copies + # of the rules we want so that we just copy those in would be best + inst_multiple udevadm cat uname blkid + inst_dir /etc/udev + inst_multiple -o /etc/udev/udev.conf + + [[ -d ${initdir}/$systemdutildir ]] || mkdir -p "${initdir}/$systemdutildir" + for _i in "${systemdutildir}"/systemd-udevd "${udevdir}"/udevd /sbin/udevd; do + [[ -x $dracutsysrootdir$_i ]] || continue + inst "$_i" + + if ! [[ -f ${initdir}${systemdutildir}/systemd-udevd ]]; then + ln -fs "$_i" "${initdir}${systemdutildir}"/systemd-udevd + fi + break + done + if ! [[ -e ${initdir}${systemdutildir}/systemd-udevd ]]; then + derror "Cannot find [systemd-]udevd binary!" + exit 1 + fi + + inst_rules \ + 50-udev-default.rules \ + 55-scsi-sg3_id.rules \ + 58-scsi-sg3_symlink.rules \ + 59-scsi-sg3_utils.rules \ + 60-block.rules \ + 60-cdrom_id.rules \ + 60-pcmcia.rules \ + 60-persistent-storage.rules \ + 64-btrfs.rules \ + 70-uaccess.rules \ + 71-seat.rules \ + 73-seat-late.rules \ + 75-net-description.rules \ + 80-drivers.rules 95-udev-late.rules \ + 80-net-name-slot.rules 80-net-setup-link.rules \ + "$moddir/59-persistent-storage.rules" \ + "$moddir/61-persistent-storage.rules" + + # legacy persistent network device name rules + [[ $hostonly ]] && inst_rules 70-persistent-net.rules + + { + for i in cdrom tape dialout floppy; do + if ! grep -q "^$i:" "$initdir"/etc/group 2> /dev/null; then + if ! grep "^$i:" "$dracutsysrootdir"/etc/group 2> /dev/null; then + case $i in + cdrom) echo "$i:x:11:" ;; + dialout) echo "$i:x:18:" ;; + floppy) echo "$i:x:19:" ;; + tape) echo "$i:x:33:" ;; + esac + fi + fi + done + } >> "$initdir/etc/group" + + inst_multiple -o \ + "${udevdir}"/ata_id \ + "${udevdir}"/cdrom_id \ + "${udevdir}"/create_floppy_devices \ + "${udevdir}"/fw_unit_symlinks.sh \ + "${udevdir}"/hid2hci \ + "${udevdir}"/path_id \ + "${udevdir}"/input_id \ + "${udevdir}"/scsi_id \ + "${udevdir}"/usb_id \ + "${udevdir}"/pcmcia-socket-startup \ + "${udevdir}"/pcmcia-check-broken-cis + + inst_multiple -o /etc/pcmcia/config.opts + + inst_libdir_file "libnss_files*" + +} diff --git a/modules.d/95virtfs/module-setup.sh b/modules.d/95virtfs/module-setup.sh new file mode 100755 index 0000000..8026002 --- /dev/null +++ b/modules.d/95virtfs/module-setup.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +# called by dracut +check() { + [[ $hostonly ]] || [[ $mount_needs ]] && { + for fs in "${host_fs_types[@]}"; do + [[ $fs == "9p" ]] && return 0 + done + return 255 + } + + is_qemu_virtualized && return 0 + + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + instmods 9p 9pnet_virtio virtio_pci +} + +# called by dracut +install() { + inst_hook cmdline 95 "$moddir/parse-virtfs.sh" + inst_hook mount 99 "$moddir/mount-virtfs.sh" +} diff --git a/modules.d/95virtfs/mount-virtfs.sh b/modules.d/95virtfs/mount-virtfs.sh new file mode 100755 index 0000000..e52c752 --- /dev/null +++ b/modules.d/95virtfs/mount-virtfs.sh @@ -0,0 +1,74 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +filter_rootopts() { + rootopts=$1 + # strip ro and rw options + local OLDIFS="$IFS" + IFS=, + # shellcheck disable=SC2086 + set -- $rootopts + IFS="$OLDIFS" + local v + while [ $# -gt 0 ]; do + case $1 in + rw | ro) ;; + defaults) ;; + *) + v="$v,${1}" + ;; + esac + shift + done + rootopts=${v#,} + echo "$rootopts" +} + +mount_root() { + rootfs="9p" + rflags="trans=virtio,version=9p2000.L" + + modprobe 9pnet_virtio + + mount -t ${rootfs} -o "$rflags",ro "${root#virtfs:}" "$NEWROOT" + + rootopts= + if getargbool 1 rd.fstab -n rd_NO_FSTAB \ + && ! getarg rootflags \ + && [ -f "$NEWROOT/etc/fstab" ] \ + && ! [ -L "$NEWROOT/etc/fstab" ]; then + # if $NEWROOT/etc/fstab contains special mount options for + # the root filesystem, + # remount it with the proper options + rootopts="defaults" + while read -r dev mp _ opts rest || [ -n "$dev" ]; do + # skip comments + [ "${dev%%#*}" != "$dev" ] && continue + + if [ "$mp" = "/" ]; then + rootopts=$opts + break + fi + done < "$NEWROOT/etc/fstab" + + rootopts=$(filter_rootopts "$rootopts") + fi + + # we want rootflags (rflags) to take precedence so prepend rootopts to + # them; rflags is guaranteed to not be empty + rflags="${rootopts:+${rootopts},}${rflags}" + + umount "$NEWROOT" + + info "Remounting ${root#virtfs:} with -o ${rflags}" + mount -t ${rootfs} -o "$rflags" "${root#virtfs:}" "$NEWROOT" 2>&1 | vinfo + + [ -f "$NEWROOT"/forcefsck ] && rm -f -- "$NEWROOT"/forcefsck 2> /dev/null + [ -f "$NEWROOT"/.autofsck ] && rm -f -- "$NEWROOT"/.autofsck 2> /dev/null +} + +if [ -n "$root" -a -z "${root%%virtfs:*}" ]; then + mount_root +fi +: diff --git a/modules.d/95virtfs/parse-virtfs.sh b/modules.d/95virtfs/parse-virtfs.sh new file mode 100755 index 0000000..9f67123 --- /dev/null +++ b/modules.d/95virtfs/parse-virtfs.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +if [ "${root%%:*}" = "virtfs" ]; then + modprobe 9pnet_virtio + + # shellcheck disable=SC2034 + rootok=1 +fi diff --git a/modules.d/95virtiofs/module-setup.sh b/modules.d/95virtiofs/module-setup.sh new file mode 100755 index 0000000..176482b --- /dev/null +++ b/modules.d/95virtiofs/module-setup.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +# called by dracut +check() { + [[ $hostonly ]] || [[ $mount_needs ]] && { + is_qemu_virtualized && return 0 + + for fs in "${host_fs_types[@]}"; do + [[ $fs == "virtiofs" ]] && return 0 + done + return 255 + } + + return 0 +} + +# called by dracut +depends() { + echo base +} + +# called by dracut +installkernel() { + instmods virtiofs virtio_pci +} + +# called by dracut +install() { + inst_hook cmdline 95 "$moddir/parse-virtiofs.sh" + inst_hook pre-mount 99 "$moddir/mount-virtiofs.sh" +} diff --git a/modules.d/95virtiofs/mount-virtiofs.sh b/modules.d/95virtiofs/mount-virtiofs.sh new file mode 100755 index 0000000..3d73884 --- /dev/null +++ b/modules.d/95virtiofs/mount-virtiofs.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +type ismounted > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if [ "${fstype}" = "virtiofs" -o "${root%%:*}" = "virtiofs" ]; then + if ! load_fstype virtiofs; then + die "virtiofs is required but not available." + fi + + mount -t virtiofs -o "$rflags" "${root#virtiofs:}" "$NEWROOT" 2>&1 | vinfo + if ! ismounted "$NEWROOT"; then + die "virtiofs: failed to mount root fs" + fi + + info "virtiofs: root fs mounted (options: '${rflags}')" + + [ -f "$NEWROOT"/forcefsck ] && rm -f -- "$NEWROOT"/forcefsck 2> /dev/null + [ -f "$NEWROOT"/.autofsck ] && rm -f -- "$NEWROOT"/.autofsck 2> /dev/null +fi +: diff --git a/modules.d/95virtiofs/parse-virtiofs.sh b/modules.d/95virtiofs/parse-virtiofs.sh new file mode 100755 index 0000000..760e413 --- /dev/null +++ b/modules.d/95virtiofs/parse-virtiofs.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# Accepted formats: +# rootfstype=virtiofs root=<tag> +# root=virtiofs:<tag> + +if [ "${fstype}" = "virtiofs" -o "${root%%:*}" = "virtiofs" ]; then + # shellcheck disable=SC2034 + rootok=1 +fi diff --git a/modules.d/95zfcp/module-setup.sh b/modules.d/95zfcp/module-setup.sh new file mode 100755 index 0000000..e1f3aa3 --- /dev/null +++ b/modules.d/95zfcp/module-setup.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +# called by dracut +check() { + arch=${DRACUT_ARCH:-$(uname -m)} + [ "$arch" = "s390" -o "$arch" = "s390x" ] || return 1 + + require_binaries zfcp_cio_free grep sed seq || return 1 + + return 0 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + instmods zfcp +} + +# called by dracut +install() { + inst_hook cmdline 30 "$moddir/parse-zfcp.sh" + inst_multiple zfcp_cio_free grep sed seq + + inst_script /sbin/zfcpconf.sh + inst_rules 56-zfcp.rules + + if [[ $hostonly ]]; then + inst_simple -H /etc/zfcp.conf + fi +} diff --git a/modules.d/95zfcp/parse-zfcp.sh b/modules.d/95zfcp/parse-zfcp.sh new file mode 100755 index 0000000..495aa67 --- /dev/null +++ b/modules.d/95zfcp/parse-zfcp.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +getargbool 1 rd.zfcp.conf -d -n rd_NO_ZFCPCONF || rm /etc/zfcp.conf + +for zfcp_arg in $(getargs rd.zfcp -d 'rd_ZFCP='); do + echo "$zfcp_arg" | grep '^0\.[0-9a-fA-F]\.[0-9a-fA-F]\{4\}\(,0x[0-9a-fA-F]\{16\},0x[0-9a-fA-F]\{16\}\)\?$' > /dev/null + test $? -ne 0 && die "For argument 'rd.zfcp=$zfcp_arg'\nSorry, invalid format." + ( + IFS="," + # shellcheck disable=SC2086 + set $zfcp_arg + echo "$@" >> /etc/zfcp.conf + ) +done + +zfcp_cio_free diff --git a/modules.d/95zfcp_rules/module-setup.sh b/modules.d/95zfcp_rules/module-setup.sh new file mode 100755 index 0000000..dfa7951 --- /dev/null +++ b/modules.d/95zfcp_rules/module-setup.sh @@ -0,0 +1,80 @@ +#!/bin/bash + +# called by dracut +cmdline() { + is_zfcp() { + local _dev=$1 + local _devpath + _devpath=$( + cd -P /sys/dev/block/"$_dev" || exit + echo "$PWD" + ) + local _sdev _scsiid _hostno _lun _wwpn _ccw _port_type + local _allow_lun_scan _is_npiv + + read -r _allow_lun_scan < /sys/module/zfcp/parameters/allow_lun_scan + [ "${_devpath#*/sd}" == "$_devpath" ] && return 1 + _sdev="${_devpath%%/block/*}" + [ -e "${_sdev}"/fcp_lun ] || return 1 + _scsiid="${_sdev##*/}" + _hostno="${_scsiid%%:*}" + [ -d /sys/class/fc_host/host"${_hostno}" ] || return 1 + read -r _port_type < /sys/class/fc_host/host"${_hostno}"/port_type + case "$_port_type" in + NPIV*) + _is_npiv=1 + ;; + esac + read -r _ccw < "${_sdev}"/hba_id + if [ "$_is_npiv" ] && [ "$_allow_lun_scan" = "Y" ]; then + echo "rd.zfcp=${_ccw}" + else + read -r _lun < "${_sdev}"/fcp_lun + read -r _wwpn < "${_sdev}"/wwpn + echo "rd.zfcp=${_ccw},${_wwpn},${_lun}" + fi + return 0 + } + [[ $hostonly ]] || [[ $mount_needs ]] && { + for_each_host_dev_and_slaves_all is_zfcp + } | sort | uniq +} + +# called by dracut +check() { + local _arch=${DRACUT_ARCH:-$(uname -m)} + local _ccw + [ "$_arch" = "s390" -o "$_arch" = "s390x" ] || return 1 + + [[ $hostonly ]] || [[ $mount_needs ]] && { + found=0 + for _ccw in /sys/bus/ccw/devices/*/host*; do + [ -d "$_ccw" ] || continue + found=$((found + 1)) + done + [ $found -eq 0 ] && return 255 + } + return 0 +} + +# called by dracut +depends() { + echo bash + return 0 +} + +# called by dracut +install() { + inst_hook cmdline 30 "$moddir/parse-zfcp.sh" + if [[ $hostonly_cmdline == "yes" ]]; then + local _zfcp + + for _zfcp in $(cmdline); do + printf "%s\n" "$_zfcp" >> "${initdir}/etc/cmdline.d/94zfcp.conf" + done + fi + if [[ $hostonly ]]; then + inst_rules_wildcard "51-zfcp-*.rules" + inst_rules_wildcard "41-zfcp-*.rules" + fi +} diff --git a/modules.d/95zfcp_rules/parse-zfcp.sh b/modules.d/95zfcp_rules/parse-zfcp.sh new file mode 100755 index 0000000..5e7d909 --- /dev/null +++ b/modules.d/95zfcp_rules/parse-zfcp.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +create_udev_rule() { + local ccw=$1 + local wwpn=$2 + local lun=$3 + local _rule=/etc/udev/rules.d/51-zfcp-${ccw}.rules + local _cu_type _dev_type + + if [ -x /sbin/cio_ignore ] && cio_ignore -i "$ccw" > /dev/null; then + cio_ignore -r "$ccw" + fi + + if [ -e /sys/bus/ccw/devices/"${ccw}" ]; then + read -r _cu_type < /sys/bus/ccw/devices/"${ccw}"/cutype + read -r _dev_type < /sys/bus/ccw/devices/"${ccw}"/devtype + fi + if [ "$_cu_type" != "1731/03" ]; then + return 0 + fi + if [ "$_dev_type" != "1732/03" ] && [ "$_dev_type" != "1732/04" ]; then + return 0 + fi + + [ -z "$wwpn" ] || [ -z "$lun" ] && return + m=$(sed -n "/.*${wwpn}.*${lun}.*/p" "$_rule") + if [ -z "$m" ]; then + cat >> "$_rule" << EOF +ACTION=="add", KERNEL=="rport-*", ATTR{port_name}=="$wwpn", SUBSYSTEMS=="ccw", KERNELS=="$ccw", ATTR{[ccw/$ccw]$wwpn/unit_add}="$lun" +EOF + fi +} + +if [[ -f /sys/firmware/ipl/ipl_type ]] \ + && [[ $(< /sys/firmware/ipl/ipl_type) == "fcp" ]]; then + ( + read -r _wwpn < /sys/firmware/ipl/wwpn + read -r _lun < /sys/firmware/ipl/lun + read -r _ccw < /sys/firmware/ipl/device + + create_udev_rule "$_ccw" "$_wwpn" "$_lun" + ) +fi + +for zfcp_arg in $(getargs rd.zfcp); do + ( + OLDIFS="$IFS" + IFS="," + # shellcheck disable=SC2086 + set $zfcp_arg + IFS="$OLDIFS" + create_udev_rule "$1" "$2" "$3" + ) +done + +for zfcp_arg in $(getargs root=) $(getargs resume=); do + ( + case $zfcp_arg in + /dev/disk/by-path/ccw-*) + ccw_arg=${zfcp_arg##*/} + ;; + esac + if [ -n "$ccw_arg" ]; then + OLDIFS="$IFS" + IFS="-" + set -- "$ccw_arg" + IFS="$OLDIFS" + _wwpn=${4%:*} + _lun=${4#*:} + create_udev_rule "$2" "$wwpn" "$lun" + fi + ) +done diff --git a/modules.d/95znet/module-setup.sh b/modules.d/95znet/module-setup.sh new file mode 100755 index 0000000..df37c66 --- /dev/null +++ b/modules.d/95znet/module-setup.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +# called by dracut +check() { + arch=${DRACUT_ARCH:-$(uname -m)} + [ "$arch" = "s390" -o "$arch" = "s390x" ] || return 1 + + require_binaries znet_cio_free grep sed seq readlink || return 1 + + return 0 +} + +# called by dracut +depends() { + echo bash + return 0 +} + +# called by dracut +installkernel() { + instmods ctcm lcs qeth qeth_l2 qeth_l3 +} + +# called by dracut +install() { + inst_hook cmdline 30 "$moddir/parse-ccw.sh" + inst_rules 81-ccw.rules + inst_multiple znet_cio_free grep sed seq readlink /lib/udev/ccw_init +} diff --git a/modules.d/95znet/parse-ccw.sh b/modules.d/95znet/parse-ccw.sh new file mode 100755 index 0000000..d895360 --- /dev/null +++ b/modules.d/95znet/parse-ccw.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +for ccw_arg in $(getargs rd.ccw -d 'rd_CCW=') $(getargs rd.znet -d 'rd_ZNET='); do + echo "$ccw_arg" >> /etc/ccw.conf +done + +for ifname in $(getargs rd.znet_ifname); do + IFS=: read -r ifname_if ifname_subchannels _rest <<< "$ifname" + if [ -z "$ifname_if" ] || [ -z "$ifname_subchannels" ] || [ -n "$_rest" ]; then + warn "Invalid arguments for rd.znet_ifname=" + else + { + ifname_subchannels=${ifname_subchannels//,/|} + + echo 'ACTION!="add|change", GOTO="ccw_ifname_end"' + echo 'ATTR{type}!="1", GOTO="ccw_ifname_end"' + echo 'SUBSYSTEM!="net", GOTO="ccw_ifname_end"' + echo "SUBSYSTEMS==\"ccwgroup\", KERNELS==\"$ifname_subchannels\", DRIVERS==\"?*\" NAME=\"$ifname_if\"" + echo 'LABEL="ccw_ifname_end"' + + } > /etc/udev/rules.d/81-ccw-ifname.rules + fi +done + +znet_cio_free diff --git a/modules.d/96securityfs/module-setup.sh b/modules.d/96securityfs/module-setup.sh new file mode 100755 index 0000000..1181b71 --- /dev/null +++ b/modules.d/96securityfs/module-setup.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_hook cmdline 60 "$moddir/securityfs.sh" +} diff --git a/modules.d/96securityfs/securityfs.sh b/modules.d/96securityfs/securityfs.sh new file mode 100755 index 0000000..2493c1d --- /dev/null +++ b/modules.d/96securityfs/securityfs.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +SECURITYFSDIR="/sys/kernel/security" +export SECURITYFSDIR + +if ! findmnt "${SECURITYFSDIR}" > /dev/null 2>&1; then + mount -t securityfs -o nosuid,noexec,nodev securityfs ${SECURITYFSDIR} > /dev/null 2>&1 +fi diff --git a/modules.d/97biosdevname/module-setup.sh b/modules.d/97biosdevname/module-setup.sh new file mode 100755 index 0000000..c10200d --- /dev/null +++ b/modules.d/97biosdevname/module-setup.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +# called by dracut +check() { + [[ "$mount_needs" ]] && return 1 + require_binaries biosdevname || return 1 + return 0 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_multiple biosdevname + inst_rules 71-biosdevname.rules +} diff --git a/modules.d/97biosdevname/parse-biosdevname.sh b/modules.d/97biosdevname/parse-biosdevname.sh new file mode 100755 index 0000000..452873f --- /dev/null +++ b/modules.d/97biosdevname/parse-biosdevname.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +if ! getargbool 1 biosdevname; then + info "biosdevname=0: removing biosdevname network renaming" + udevproperty UDEV_BIOSDEVNAME= + rm -f -- /etc/udev/rules.d/71-biosdevname.rules +else + info "biosdevname=1: activating biosdevname network renaming" + udevproperty UDEV_BIOSDEVNAME=1 +fi diff --git a/modules.d/97masterkey/README b/modules.d/97masterkey/README new file mode 100644 index 0000000..524ccfc --- /dev/null +++ b/modules.d/97masterkey/README @@ -0,0 +1,68 @@ +# Directions for creating the kernel master key that will be used for +# encrypting/decrypting other keys. + +# A trusted key is a TPM random number, which is only ever exposed to +# userspace as an encrypted datablob. A trusted key can be sealed to a +# set of PCR values. For more details on trusted keys, refer to the +# kernel keys-trusted-encrypted.txt documentation. +$ keyctl add trusted kmk-trusted "new 32" @u +801713097 + +# For those systems which don't have a TPM, but want to experiment with +# encrypted keys, create a user key of 32 random bytes. Unlike +# trusted/encrypted keys, user type key data is visible to userspace. +$ keyctl add user kmk-user "`dd if=/dev/urandom bs=1 count=32 2>/dev/null`" @u +144468621 + +# Save the kernel master key (trusted type): +$ su -c 'keyctl pipe `keyctl search @u trusted kmk-trusted` > /etc/keys/kmk-trusted.blob' + +# or (user type): +$ su -c 'keyctl pipe `keyctl search @u user kmk-user` > /etc/keys/kmk-user.blob' + +# A useful feature of trusted keys is that it is possible to prevent their +# unsealing at later time by providing the parameter 'pcrlock=<pcrnum>' when +# loading it, which causes the PCR #<pcrnum> to be extended with a random value. +# Actually, the <pcrnum> variable is set to '11' to let users experiment with +# this feature by using a register that is never extended during the boot, +# making the re-sealing not necessary. In the future, the kernel master key will +# be sealed to the PCR #14 which is extended, according to the TrustedGRUB +# documentation[1], to the measure of the kernel and the initial ramdisk. + +# The kernel master key path name and type can be set in one of the following +# ways (specified in the order in which variables are overwritten): + +1) use default values: +-------------------------------------------------------------------------- +MULTIKERNELMODE="NO" +MASTERKEYTYPE="trusted" +MASTERKEY="/etc/keys/kmk-${MASTERKEYTYPE}.blob" +-------------------------------------------------------------------------- + +2) create the configuration file '/etc/sysconfig/masterkey' to override the +value of one or all variables; + +3) specify these parameters in the kernel command line: +- masterkey=</kernel/master/key/path>, to override the MASTERKEY variable; +- masterkeytype=<kernel-master-key-type>, to override the MASTERKEYTYPE variable. + +# The variable MULTIKERNELMODE has been introduced to support multi boot +# configurations, where a trusted/user key is tied to a specific kernel and +# initial ramdisk. In this case, setting MULTIKERNELMODE to 'YES' will cause the +# kernel version to be added to the default masterkey path name, so that the +# MASTERKEY variable should not be overridden each time a different kernel is +# chosen. The default value of MASTERKEY will be equal to: +-------------------------------------------------------------------------- +MASTERKEY="/etc/keys/kmk-${MASTERKEYTYPE}-$(uname -r).blob" +-------------------------------------------------------------------------- + +# The masterkey path name also depends on the value of MASTERKEYTYPE, as reported +# in the default values for defined variables. For example, if only MASTERKEYTYPE +# is overridden by setting it to 'user' in the configuration file or from the +# kernel command line, the value of MASTERKEY will be: +-------------------------------------------------------------------------- +MASTERKEY="/etc/keys/kmk-user.blob" +-------------------------------------------------------------------------- + + +[1] https://projects.sirrix.com/trac/trustedgrub/ diff --git a/modules.d/97masterkey/masterkey.sh b/modules.d/97masterkey/masterkey.sh new file mode 100755 index 0000000..6dd6a4d --- /dev/null +++ b/modules.d/97masterkey/masterkey.sh @@ -0,0 +1,69 @@ +#!/bin/sh + +# Licensed under the GPLv2 +# +# Copyright (C) 2011 Politecnico di Torino, Italy +# TORSEC group -- http://security.polito.it +# Roberto Sassu <roberto.sassu@polito.it> + +MASTERKEYSCONFIG="${NEWROOT}/etc/sysconfig/masterkey" +MULTIKERNELMODE="NO" +PCRLOCKNUM=11 + +load_masterkey() { + # read the configuration from the config file + # shellcheck disable=SC1090 + [ -f "${MASTERKEYSCONFIG}" ] \ + && . "${MASTERKEYSCONFIG}" + + # override the kernel master key path name from the 'masterkey=' parameter + # in the kernel command line + MASTERKEYARG=$(getarg masterkey=) && MASTERKEY=${MASTERKEYARG} + + # override the kernel master key type from the 'masterkeytype=' parameter + # in the kernel command line + MASTERKEYTYPEARG=$(getarg masterkeytype=) && MASTERKEYTYPE=${MASTERKEYTYPEARG} + + # set default values + [ -z "${MASTERKEYTYPE}" ] \ + && MASTERKEYTYPE="trusted" + + if [ -z "${MASTERKEY}" ]; then + # append the kernel version to the default masterkey path name + # if MULTIKERNELMODE is set to YES + if [ "${MULTIKERNELMODE}" = "YES" ]; then + MASTERKEY="/etc/keys/kmk-${MASTERKEYTYPE}-$(uname -r).blob" + else + MASTERKEY="/etc/keys/kmk-${MASTERKEYTYPE}.blob" + fi + fi + + # set the kernel master key path name + MASTERKEYPATH="${NEWROOT}${MASTERKEY}" + + # check for kernel master key's existence + if [ ! -f "${MASTERKEYPATH}" ]; then + if [ "${RD_DEBUG}" = "yes" ]; then + info "masterkey: kernel master key file not found: ${MASTERKEYPATH}" + fi + return 1 + fi + + # read the kernel master key blob + read -r KEYBLOB < "${MASTERKEYPATH}" + + # add the 'load' prefix if the key type is 'trusted' + [ "${MASTERKEYTYPE}" = "trusted" ] \ + && KEYBLOB="load ${KEYBLOB} pcrlock=${PCRLOCKNUM}" + + # load the kernel master key + info "Loading the kernel master key" + keyctl add "${MASTERKEYTYPE}" "kmk-${MASTERKEYTYPE}" "${KEYBLOB}" @u > /dev/null || { + info "masterkey: failed to load the kernel master key: kmk-${MASTERKEYTYPE}" + return 1 + } + + return 0 +} + +load_masterkey diff --git a/modules.d/97masterkey/module-setup.sh b/modules.d/97masterkey/module-setup.sh new file mode 100755 index 0000000..49b006e --- /dev/null +++ b/modules.d/97masterkey/module-setup.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +# called by dracut +check() { + [[ $hostonly ]] && { + require_binaries keyctl uname || return 1 + } + + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +installkernel() { + instmods trusted encrypted +} + +# called by dracut +install() { + inst_multiple keyctl uname + inst_hook pre-pivot 60 "$moddir/masterkey.sh" +} diff --git a/modules.d/98dracut-systemd/dracut-cmdline-ask.service b/modules.d/98dracut-systemd/dracut-cmdline-ask.service new file mode 100644 index 0000000..c9458b7 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-cmdline-ask.service @@ -0,0 +1,32 @@ +# This file is part of dracut. + +[Unit] +Description=dracut ask for additional cmdline parameters +Documentation=man:dracut.bootup(7) +DefaultDependencies=no +Before=dracut-cmdline.service +Wants=systemd-journald.socket +After=systemd-journald.socket +Wants=systemd-vconsole-setup.service +After=systemd-vconsole-setup.service + +ConditionPathExists=/usr/lib/initrd-release +ConditionKernelCommandLine=|rd.cmdline=ask +ConditionPathExistsGlob=|/etc/cmdline.d/*.conf +Conflicts=shutdown.target emergency.target + +[Service] +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +Type=oneshot +ExecStart=-/bin/dracut-cmdline-ask +StandardInput=tty +StandardOutput=inherit +StandardError=inherit +RemainAfterExit=yes +KillMode=process +IgnoreSIGPIPE=no + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-cmdline-ask.sh b/modules.d/98dracut-systemd/dracut-cmdline-ask.sh new file mode 100755 index 0000000..13c4f20 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-cmdline-ask.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +getarg "rd.cmdline=ask" || exit 0 + +sleep 0.5 +echo +sleep 0.5 +echo +sleep 0.5 +echo +echo +echo +echo +echo "Enter additional kernel command line parameter (end with ctrl-d or .)" +while read -r -p "> " ${BASH:+-e} line || [ -n "$line" ]; do + [ "$line" = "." ] && break + [ -n "$line" ] && printf -- "%s\n" "$line" >> /etc/cmdline.d/99-cmdline-ask.conf +done + +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-cmdline.service b/modules.d/98dracut-systemd/dracut-cmdline.service new file mode 100644 index 0000000..ed71d58 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-cmdline.service @@ -0,0 +1,30 @@ +# This file is part of dracut. + +[Unit] +Description=dracut cmdline hook +Documentation=man:dracut-cmdline.service(8) man:dracut.bootup(7) +DefaultDependencies=no +Before=dracut-pre-udev.service +After=systemd-journald.socket +Wants=systemd-journald.socket +ConditionPathExists=/usr/lib/initrd-release +ConditionPathExistsGlob=|/etc/cmdline.d/*.conf +ConditionDirectoryNotEmpty=|/lib/dracut/hooks/cmdline +ConditionKernelCommandLine=|rd.break=cmdline +ConditionKernelCommandLine=|resume +ConditionKernelCommandLine=|noresume +Conflicts=shutdown.target emergency.target + +[Service] +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +Type=oneshot +ExecStart=-/bin/dracut-cmdline +StandardInput=null +StandardError=journal+console +KillMode=process +RemainAfterExit=yes + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-cmdline.service.8.asc b/modules.d/98dracut-systemd/dracut-cmdline.service.8.asc new file mode 100644 index 0000000..859448e --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-cmdline.service.8.asc @@ -0,0 +1,26 @@ +DRACUT-CMDLINE.SERVICE(8) +========================= +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-cmdline.service - runs the dracut hooks to parse the kernel command line + +SYNOPSIS +-------- +dracut-cmdline.service + +DESCRIPTION +----------- +This service runs all the dracut hooks to parse the kernel command line in +the initramfs. + +AUTHORS +------- +Harald Hoyer + +SEE ALSO +-------- +*dracut.bootup*(7) *dracut*(8) diff --git a/modules.d/98dracut-systemd/dracut-cmdline.sh b/modules.d/98dracut-systemd/dracut-cmdline.sh new file mode 100755 index 0000000..646fead --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-cmdline.sh @@ -0,0 +1,75 @@ +#!/bin/sh + +if [ -f /dracut-state.sh ]; then + . /dracut-state.sh 2> /dev/null +fi +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +[ -f /usr/lib/initrd-release ] && . /usr/lib/initrd-release +[ -n "$VERSION" ] && info "dracut-$VERSION" + +if ! getargbool 1 'rd.hostonly'; then + [ -f /etc/cmdline.d/99-cmdline-ask.conf ] && mv /etc/cmdline.d/99-cmdline-ask.conf /tmp/99-cmdline-ask.conf + remove_hostonly_files + systemctl --no-block daemon-reload + [ -f /tmp/99-cmdline-ask.conf ] && mv /tmp/99-cmdline-ask.conf /etc/cmdline.d/99-cmdline-ask.conf +fi + +info "Using kernel command line parameters:" "$(getcmdline)" + +getargbool 0 rd.udev.log-priority=info -d rd.udev.info -d -n -y rdudevinfo && echo 'udev_log="info"' >> /etc/udev/udev.conf +getargbool 0 rd.udev.log-priority=debug -d rd.udev.debug -d -n -y rdudevdebug && echo 'udev_log="debug"' >> /etc/udev/udev.conf + +source_conf /etc/conf.d + +# Get the "root=" parameter from the kernel command line, but differentiate +# between the case where it was set to the empty string and the case where it +# wasn't specified at all. +if ! root="$(getarg root=)"; then + root_unset='UNSET' +fi + +rflags="$(getarg rootflags=)" +getargbool 0 ro && rflags="${rflags},ro" +getargbool 0 rw && rflags="${rflags},rw" +rflags="${rflags#,}" + +fstype="$(getarg rootfstype=)" +if [ -z "$fstype" ]; then + fstype="auto" +fi + +export root +export rflags +export fstype + +make_trace_mem "hook cmdline" '1+:mem' '1+:iomem' '3+:slab' +# run scriptlets to parse the command line +getarg 'rd.break=cmdline' -d 'rdbreak=cmdline' && emergency_shell -n cmdline "Break before cmdline" +source_hook cmdline + +[ -f /lib/dracut/parse-resume.sh ] && . /lib/dracut/parse-resume.sh + +case "${root#block:}${root_unset}" in + LABEL=* | UUID=* | PARTUUID=* | PARTLABEL=*) + root="block:$(label_uuid_to_dev "${root#block:}")" + rootok=1 + ;; + /dev/*) + root="block:${root#block:}" + rootok=1 + ;; + UNSET | gpt-auto | tmpfs) + # systemd's gpt-auto-generator/fstab-generator handles this case. + rootok=1 + ;; +esac + +[ -z "${root}${root_unset}" ] && die "Empty root= argument" +[ -z "$rootok" ] && die "Don't know how to handle 'root=$root'" + +export root rflags fstype netroot NEWROOT + +export -p > /dracut-state.sh + +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-emergency.service b/modules.d/98dracut-systemd/dracut-emergency.service new file mode 100644 index 0000000..eb3e67f --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-emergency.service @@ -0,0 +1,28 @@ +# This file is part of dracut. + +[Unit] +Description=Dracut Emergency Shell +Documentation=man:dracut.bootup(7) +DefaultDependencies=no +After=systemd-vconsole-setup.service +Wants=systemd-vconsole-setup.service +Conflicts=shutdown.target emergency.target + +[Service] +Environment=HOME=/ +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +WorkingDirectory=/ +ExecStart=-/bin/dracut-emergency +ExecStopPost=-/bin/rm -f -- /.console_lock +Type=oneshot +StandardInput=tty-force +StandardOutput=inherit +StandardError=inherit +KillMode=process +IgnoreSIGPIPE=no +TasksMax=infinity + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-emergency.sh b/modules.d/98dracut-systemd/dracut-emergency.sh new file mode 100755 index 0000000..c6637a5 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-emergency.sh @@ -0,0 +1,59 @@ +#!/bin/sh + +export DRACUT_SYSTEMD=1 +if [ -f /dracut-state.sh ]; then + . /dracut-state.sh 2> /dev/null +fi +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +source_conf /etc/conf.d + +type plymouth > /dev/null 2>&1 && plymouth quit + +export _rdshell_name="dracut" action="Boot" hook="emergency" +_emergency_action=$(getarg rd.emergency) + +if getargbool 1 rd.shell -d -y rdshell || getarg rd.break -d rdbreak; then + FSTXT="/run/dracut/fsck/fsck_help_$fstype.txt" + RDSOSREPORT="$(rdsosreport)" + source_hook "$hook" + while read -r _tty rest; do + ( + echo + echo "$RDSOSREPORT" + echo + echo + echo 'Entering emergency mode. Exit the shell to continue.' + echo 'Type "journalctl" to view system logs.' + echo 'You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot' + echo 'after mounting them and attach it to a bug report.' + echo + echo + [ -f "$FSTXT" ] && cat "$FSTXT" + ) > /dev/"$_tty" + done < /proc/consoles + [ -f /etc/profile ] && . /etc/profile + [ -z "$PS1" ] && export PS1="$_name:\${PWD}# " + exec sulogin -e +else + export hook="shutdown-emergency" + warn "$action has failed. To debug this issue add \"rd.shell rd.debug\" to the kernel command line." + source_hook "$hook" + [ -z "$_emergency_action" ] && _emergency_action=halt +fi + +/bin/rm -f -- /.console_lock + +case "$_emergency_action" in + reboot) + reboot || exit 1 + ;; + poweroff) + poweroff || exit 1 + ;; + halt) + halt || exit 1 + ;; +esac + +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-initqueue.service b/modules.d/98dracut-systemd/dracut-initqueue.service new file mode 100644 index 0000000..4cd32eb --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-initqueue.service @@ -0,0 +1,28 @@ +# This file is part of dracut. + +[Unit] +Description=dracut initqueue hook +Documentation=man:dracut-initqueue.service(8) man:dracut.bootup(7) +DefaultDependencies=no +Before=remote-fs-pre.target +Wants=remote-fs-pre.target +After=systemd-udev-trigger.service +Wants=systemd-udev-trigger.service +ConditionPathExists=/usr/lib/initrd-release +ConditionPathExists=|/lib/dracut/need-initqueue +ConditionKernelCommandLine=|rd.break=initqueue +Conflicts=shutdown.target emergency.target + +[Service] +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +Type=oneshot +ExecStart=-/bin/dracut-initqueue +StandardInput=null +StandardError=journal+console +KillMode=process +RemainAfterExit=yes + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-initqueue.service.8.asc b/modules.d/98dracut-systemd/dracut-initqueue.service.8.asc new file mode 100644 index 0000000..66f2d33 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-initqueue.service.8.asc @@ -0,0 +1,25 @@ +DRACUT-INITQUEUE.SERVICE(8) +=========================== +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-initqueue.service - runs the dracut main loop to find the real root + +SYNOPSIS +-------- +dracut-initqueue.service + +DESCRIPTION +----------- +This service runs all the main loop of dracut in the initramfs to find the real root. + +AUTHORS +------- +Harald Hoyer + +SEE ALSO +-------- +*dracut.bootup*(7) *dracut*(8) diff --git a/modules.d/98dracut-systemd/dracut-initqueue.sh b/modules.d/98dracut-systemd/dracut-initqueue.sh new file mode 100755 index 0000000..ce919ce --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-initqueue.sh @@ -0,0 +1,95 @@ +#!/bin/sh + +export DRACUT_SYSTEMD=1 +if [ -f /dracut-state.sh ]; then + . /dracut-state.sh 2> /dev/null +fi +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +source_conf /etc/conf.d + +make_trace_mem "hook initqueue" '1:shortmem' '2+:mem' '3+:slab' +getarg 'rd.break=initqueue' -d 'rdbreak=initqueue' && emergency_shell -n initqueue "Break before initqueue" + +RDRETRY=$(getarg rd.retry -d 'rd_retry=') +RDRETRY=${RDRETRY:-180} +RDRETRY=$((RDRETRY * 2)) +export RDRETRY + +main_loop=0 +export main_loop + +while :; do + + check_finished && break + + udevadm settle --exit-if-exists="$hookdir"/initqueue/work + + check_finished && break + + if [ -f "$hookdir"/initqueue/work ]; then + rm -f -- "$hookdir/initqueue/work" + fi + + for job in "$hookdir"/initqueue/*.sh; do + [ -e "$job" ] || break + # shellcheck disable=SC2097 disable=SC1090 disable=SC2098 + job=$job . "$job" + check_finished && break 2 + done + + udevadm settle --timeout=0 > /dev/null 2>&1 || continue + + for job in "$hookdir"/initqueue/settled/*.sh; do + [ -e "$job" ] || break + # shellcheck disable=SC2097 disable=SC1090 disable=SC2098 + job=$job . "$job" + check_finished && break 2 + done + + udevadm settle --timeout=0 > /dev/null 2>&1 || continue + + # no more udev jobs and queues empty. + sleep 0.5 + + for i in /run/systemd/ask-password/ask.*; do + [ -e "$i" ] && continue 2 + done + + if [ $main_loop -gt $((2 * RDRETRY / 3)) ]; then + warn "dracut-initqueue: timeout, still waiting for following initqueue hooks:" + for _f in "$hookdir"/initqueue/finished/*.sh; do + warn "$_f: \"$(cat "$_f")\"" + done + if [ "$(ls -A "$hookdir"/initqueue/finished)" ]; then + warn "dracut-initqueue: starting timeout scripts" + for job in "$hookdir"/initqueue/timeout/*.sh; do + [ -e "$job" ] || break + # shellcheck disable=SC2097 disable=SC1090 disable=SC2098 + job=$job . "$job" + udevadm settle --timeout=0 > /dev/null 2>&1 || main_loop=0 + [ -f "$hookdir"/initqueue/work ] && main_loop=0 + [ $main_loop -eq 0 ] && break + done + fi + fi + + main_loop=$((main_loop + 1)) + if [ $main_loop -gt $RDRETRY ]; then + if ! [ -f /sysroot/etc/fstab ] || ! [ -e /sysroot/sbin/init ]; then + emergency_shell "Could not boot." + fi + warn "Not all disks have been found." + warn "You might want to regenerate your initramfs." + break + fi +done + +unset job +unset queuetriggered +unset main_loop +unset RDRETRY + +export -p > /dracut-state.sh + +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-mount.service b/modules.d/98dracut-systemd/dracut-mount.service new file mode 100644 index 0000000..27fff82 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-mount.service @@ -0,0 +1,26 @@ +# This file is part of dracut. + +[Unit] +Description=dracut mount hook +Documentation=man:dracut-mount.service(8) man:dracut.bootup(7) +After=initrd-root-fs.target initrd-parse-etc.service +After=dracut-initqueue.service dracut-pre-mount.service +ConditionPathExists=/usr/lib/initrd-release +ConditionDirectoryNotEmpty=|/lib/dracut/hooks/mount +ConditionKernelCommandLine=|rd.break=mount +DefaultDependencies=no +Conflicts=shutdown.target emergency.target + +[Service] +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +Type=oneshot +ExecStart=-/bin/dracut-mount +StandardInput=null +StandardError=journal+console +KillMode=process +RemainAfterExit=yes + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-mount.service.8.asc b/modules.d/98dracut-systemd/dracut-mount.service.8.asc new file mode 100644 index 0000000..969123f --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-mount.service.8.asc @@ -0,0 +1,25 @@ +DRACUT-MOUNT.SERVICE(8) +======================= +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-mount.service - runs the dracut hooks after /sysroot is mounted + +SYNOPSIS +-------- +dracut-mount.service + +DESCRIPTION +----------- +This service runs all dracut hooks after the real root is mounted on /sysroot. + +AUTHORS +------- +Harald Hoyer + +SEE ALSO +-------- +*dracut.bootup*(7) *dracut*(8) diff --git a/modules.d/98dracut-systemd/dracut-mount.sh b/modules.d/98dracut-systemd/dracut-mount.sh new file mode 100755 index 0000000..7892941 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-mount.sh @@ -0,0 +1,38 @@ +#!/bin/sh +export DRACUT_SYSTEMD=1 +if [ -f /dracut-state.sh ]; then + . /dracut-state.sh 2> /dev/null +fi +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +source_conf /etc/conf.d + +make_trace_mem "hook mount" '1:shortmem' '2+:mem' '3+:slab' + +getarg 'rd.break=mount' -d 'rdbreak=mount' && emergency_shell -n mount "Break before mount" +# mount scripts actually try to mount the root filesystem, and may +# be sourced any number of times. As soon as one succeeds, no more are sourced. +i=0 +while :; do + if ismounted "$NEWROOT"; then + usable_root "$NEWROOT" && break + umount "$NEWROOT" + fi + for f in "$hookdir"/mount/*.sh; do + # shellcheck disable=SC1090 + [ -f "$f" ] && . "$f" + if ismounted "$NEWROOT"; then + usable_root "$NEWROOT" && break + warn "$NEWROOT has no proper rootfs layout, ignoring and removing offending mount hook" + umount "$NEWROOT" + rm -f -- "$f" + fi + done + + i=$((i + 1)) + [ $i -gt 20 ] && emergency_shell "Can't mount root filesystem" +done + +export -p > /dracut-state.sh + +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-pre-mount.service b/modules.d/98dracut-systemd/dracut-pre-mount.service new file mode 100644 index 0000000..351370b --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-mount.service @@ -0,0 +1,26 @@ +# This file is part of dracut. + +[Unit] +Description=dracut pre-mount hook +Documentation=man:dracut-pre-mount.service(8) man:dracut.bootup(7) +DefaultDependencies=no +Before=initrd-root-fs.target sysroot.mount systemd-fsck-root.service +After=dracut-initqueue.service cryptsetup.target +ConditionPathExists=/usr/lib/initrd-release +ConditionDirectoryNotEmpty=|/lib/dracut/hooks/pre-mount +ConditionKernelCommandLine=|rd.break=pre-mount +Conflicts=shutdown.target emergency.target + +[Service] +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +Type=oneshot +ExecStart=-/bin/dracut-pre-mount +StandardInput=null +StandardError=journal+console +KillMode=process +RemainAfterExit=yes + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-pre-mount.service.8.asc b/modules.d/98dracut-systemd/dracut-pre-mount.service.8.asc new file mode 100644 index 0000000..9aa671a --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-mount.service.8.asc @@ -0,0 +1,25 @@ +DRACUT-PRE-MOUNT.SERVICE(8) +=========================== +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-pre-mount.service - runs the dracut hooks before /sysroot is mounted + +SYNOPSIS +-------- +dracut-pre-mount.service + +DESCRIPTION +----------- +This service runs all dracut hooks before the real root is mounted on /sysroot. + +AUTHORS +------- +Harald Hoyer + +SEE ALSO +-------- +*dracut.bootup*(7) *dracut*(8) diff --git a/modules.d/98dracut-systemd/dracut-pre-mount.sh b/modules.d/98dracut-systemd/dracut-pre-mount.sh new file mode 100755 index 0000000..ee51605 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-mount.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +export DRACUT_SYSTEMD=1 +if [ -f /dracut-state.sh ]; then + . /dracut-state.sh 2> /dev/null +fi +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +source_conf /etc/conf.d + +make_trace_mem "hook pre-mount" '1:shortmem' '2+:mem' '3+:slab' +# pre pivot scripts are sourced just before we doing cleanup and switch over +# to the new root. +getarg 'rd.break=pre-mount' 'rdbreak=pre-mount' && emergency_shell -n pre-mount "Break before pre-mount" +source_hook pre-mount + +export -p > /dracut-state.sh + +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-pre-pivot.service b/modules.d/98dracut-systemd/dracut-pre-pivot.service new file mode 100644 index 0000000..04a3705 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-pivot.service @@ -0,0 +1,35 @@ +# This file is part of dracut. + +[Unit] +Description=dracut pre-pivot and cleanup hook +Documentation=man:dracut-pre-pivot.service(8) man:dracut.bootup(7) +DefaultDependencies=no +After=initrd.target initrd-parse-etc.service sysroot.mount +After=dracut-initqueue.service dracut-pre-mount.service dracut-mount.service +Before=initrd-cleanup.service +Wants=remote-fs.target +After=remote-fs.target +ConditionPathExists=/usr/lib/initrd-release +ConditionDirectoryNotEmpty=|/lib/dracut/hooks/pre-pivot +ConditionDirectoryNotEmpty=|/lib/dracut/hooks/cleanup +ConditionKernelCommandLine=|rd.break=pre-pivot +ConditionKernelCommandLine=|rd.break=cleanup +ConditionKernelCommandLine=|rd.break +ConditionPathExists=|/dev/root +ConditionPathExists=|/dev/nfs +Conflicts=shutdown.target emergency.target + +[Service] +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +Type=oneshot +ExecStart=-/bin/dracut-pre-pivot +StandardInput=null +StandardError=journal+console +KillMode=process +RemainAfterExit=yes +KeyringMode=shared + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-pre-pivot.service.8.asc b/modules.d/98dracut-systemd/dracut-pre-pivot.service.8.asc new file mode 100644 index 0000000..df500ac --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-pivot.service.8.asc @@ -0,0 +1,25 @@ +DRACUT-PRE-PIVOT.SERVICE(8) +=========================== +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-pre-pivot.service - runs the dracut hooks before switching root + +SYNOPSIS +-------- +dracut-pre-pivot.service + +DESCRIPTION +----------- +This service runs all dracut hooks before the system switched to the real root. + +AUTHORS +------- +Harald Hoyer + +SEE ALSO +-------- +*dracut.bootup*(7) *dracut*(8) diff --git a/modules.d/98dracut-systemd/dracut-pre-pivot.sh b/modules.d/98dracut-systemd/dracut-pre-pivot.sh new file mode 100755 index 0000000..8bf2325 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-pivot.sh @@ -0,0 +1,29 @@ +#!/bin/sh + +export DRACUT_SYSTEMD=1 +if [ -f /dracut-state.sh ]; then + . /dracut-state.sh 2> /dev/null +fi +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +source_conf /etc/conf.d + +make_trace_mem "hook pre-pivot" '1:shortmem' '2+:mem' '3+:slab' +# pre pivot scripts are sourced just before we doing cleanup and switch over +# to the new root. +getarg 'rd.break=pre-pivot' 'rdbreak=pre-pivot' && emergency_shell -n pre-pivot "Break before pre-pivot" +source_hook pre-pivot + +# pre pivot cleanup scripts are sourced just before we switch over to the new root. +getarg 'rd.break=cleanup' 'rdbreak=cleanup' && emergency_shell -n cleanup "Break before cleanup" +source_hook cleanup + +_bv=$(getarg rd.break -d rdbreak) && [ -z "$_bv" ] \ + && emergency_shell -n switch_root "Break before switch_root" +unset _bv + +# remove helper symlink +[ -h /dev/root ] && rm -f -- /dev/root +[ -h /dev/nfs ] && rm -f -- /dev/nfs + +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-pre-trigger.service b/modules.d/98dracut-systemd/dracut-pre-trigger.service new file mode 100644 index 0000000..374cd3a --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-trigger.service @@ -0,0 +1,27 @@ +# This file is part of dracut. + +[Unit] +Description=dracut pre-trigger hook +Documentation=man:dracut-pre-trigger.service(8) man:dracut.bootup(7) +DefaultDependencies=no +Before=systemd-udev-trigger.service dracut-initqueue.service +After=dracut-pre-udev.service systemd-udevd.service systemd-tmpfiles-setup-dev.service +Wants=dracut-pre-udev.service systemd-udevd.service +ConditionPathExists=/usr/lib/initrd-release +ConditionDirectoryNotEmpty=|/lib/dracut/hooks/pre-trigger +ConditionKernelCommandLine=|rd.break=pre-trigger +Conflicts=shutdown.target emergency.target + +[Service] +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +Type=oneshot +ExecStart=-/bin/dracut-pre-trigger +StandardInput=null +StandardError=journal+console +KillMode=process +RemainAfterExit=yes + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-pre-trigger.service.8.asc b/modules.d/98dracut-systemd/dracut-pre-trigger.service.8.asc new file mode 100644 index 0000000..5b0cc7f --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-trigger.service.8.asc @@ -0,0 +1,25 @@ +DRACUT-PRE-TRIGGER.SERVICE(8) +============================= +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-pre-trigger.service - runs the dracut hooks before udevd is triggered + +SYNOPSIS +-------- +dracut-pre-trigger.service + +DESCRIPTION +----------- +This service runs all dracut hooks before udevd is triggered in the initramfs. + +AUTHORS +------- +Harald Hoyer + +SEE ALSO +-------- +*dracut.bootup*(7) *dracut*(8) diff --git a/modules.d/98dracut-systemd/dracut-pre-trigger.sh b/modules.d/98dracut-systemd/dracut-pre-trigger.sh new file mode 100755 index 0000000..dd0215e --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-trigger.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +export DRACUT_SYSTEMD=1 +if [ -f /dracut-state.sh ]; then + . /dracut-state.sh 2> /dev/null +fi +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +source_conf /etc/conf.d + +make_trace_mem "hook pre-trigger" '1:shortmem' '2+:mem' '3+:slab' + +source_hook pre-trigger + +getarg 'rd.break=pre-trigger' 'rdbreak=pre-trigger' && emergency_shell -n pre-trigger "Break before pre-trigger" + +udevadm control --reload > /dev/null 2>&1 || : + +export -p > /dracut-state.sh + +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-pre-udev.service b/modules.d/98dracut-systemd/dracut-pre-udev.service new file mode 100644 index 0000000..a61e9d4 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-udev.service @@ -0,0 +1,31 @@ +# This file is part of dracut. + +[Unit] +Description=dracut pre-udev hook +Documentation=man:dracut-pre-udev.service(8) man:dracut.bootup(7) +DefaultDependencies=no +Before=systemd-udevd.service dracut-pre-trigger.service +After=dracut-cmdline.service +Wants=dracut-cmdline.service +ConditionPathExists=/usr/lib/initrd-release +ConditionDirectoryNotEmpty=|/lib/dracut/hooks/pre-udev +ConditionKernelCommandLine=|rd.break=pre-udev +ConditionKernelCommandLine=|rd.driver.blacklist +ConditionKernelCommandLine=|rd.driver.pre +ConditionKernelCommandLine=|rd.driver.post +ConditionPathExistsGlob=|/etc/cmdline.d/*.conf +Conflicts=shutdown.target emergency.target + +[Service] +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +Type=oneshot +ExecStart=-/bin/dracut-pre-udev +StandardInput=null +StandardError=journal+console +KillMode=process +RemainAfterExit=yes + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/dracut-pre-udev.service.8.asc b/modules.d/98dracut-systemd/dracut-pre-udev.service.8.asc new file mode 100644 index 0000000..c91c8e2 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-udev.service.8.asc @@ -0,0 +1,25 @@ +DRACUT-PRE-UDEV.SERVICE(8) +========================== +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-pre-udev.service - runs the dracut hooks before udevd is started + +SYNOPSIS +-------- +dracut-pre-udev.service + +DESCRIPTION +----------- +This service runs all dracut hooks before udevd is started in the initramfs. + +AUTHORS +------- +Harald Hoyer + +SEE ALSO +-------- +*dracut.bootup*(7) *dracut*(8) diff --git a/modules.d/98dracut-systemd/dracut-pre-udev.sh b/modules.d/98dracut-systemd/dracut-pre-udev.sh new file mode 100755 index 0000000..feab32c --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-pre-udev.sh @@ -0,0 +1,55 @@ +#!/bin/sh +export DRACUT_SYSTEMD=1 +if [ -f /dracut-state.sh ]; then + . /dracut-state.sh 2> /dev/null +fi +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +source_conf /etc/conf.d + +make_trace_mem "hook pre-udev" '1:shortmem' '2+:mem' '3+:slab' +# pre pivot scripts are sourced just before we doing cleanup and switch over +# to the new root. +getarg 'rd.break=pre-udev' 'rdbreak=pre-udev' && emergency_shell -n pre-udev "Break before pre-udev" +source_hook pre-udev + +_modprobe_d=/etc/modprobe.d +if [ -d /usr/lib/modprobe.d ]; then + _modprobe_d=/usr/lib/modprobe.d +elif [ -d /lib/modprobe.d ]; then + _modprobe_d=/lib/modprobe.d +elif [ ! -d $_modprobe_d ]; then + mkdir -p $_modprobe_d +fi + +for i in $(getargs rd.driver.pre -d rdloaddriver=); do + ( + IFS=, + for p in $i; do + modprobe "$p" 2>&1 | vinfo + done + ) +done + +[ -d /etc/modprobe.d ] || mkdir -p /etc/modprobe.d + +for i in $(getargs rd.driver.blacklist -d rdblacklist=); do + ( + IFS=, + for p in $i; do + echo "blacklist $p" >> $_modprobe_d/initramfsblacklist.conf + done + ) +done + +for p in $(getargs rd.driver.post -d rdinsmodpost=); do + echo "blacklist $p" >> $_modprobe_d/initramfsblacklist.conf + _do_insmodpost=1 +done + +[ -n "$_do_insmodpost" ] && initqueue --settled --unique --onetime insmodpost.sh +unset _do_insmodpost _modprobe_d +unset i + +export -p > /dracut-state.sh +exit 0 diff --git a/modules.d/98dracut-systemd/dracut-shutdown-onfailure.service b/modules.d/98dracut-systemd/dracut-shutdown-onfailure.service new file mode 100644 index 0000000..0570535 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-shutdown-onfailure.service @@ -0,0 +1,11 @@ +# This file is part of dracut. + +[Unit] +Description=Service executing upon dracut-shutdown failure to perform cleanup +Documentation=man:dracut-shutdown.service(8) +DefaultDependencies=no + +[Service] +Type=oneshot +ExecStart=-/bin/rm /run/initramfs/shutdown +StandardError=null diff --git a/modules.d/98dracut-systemd/dracut-shutdown.service b/modules.d/98dracut-systemd/dracut-shutdown.service new file mode 100644 index 0000000..b2b704a --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-shutdown.service @@ -0,0 +1,15 @@ +# This file is part of dracut. + +[Unit] +Description=Restore /run/initramfs on shutdown +Documentation=man:dracut-shutdown.service(8) +After=local-fs.target boot.mount boot.automount +Wants=local-fs.target +ConditionPathExists=!/run/initramfs/bin/sh +OnFailure=dracut-shutdown-onfailure.service + +[Service] +RemainAfterExit=yes +Type=oneshot +ExecStart=/bin/true +ExecStop=/usr/lib/dracut/dracut-initramfs-restore diff --git a/modules.d/98dracut-systemd/dracut-shutdown.service.8.asc b/modules.d/98dracut-systemd/dracut-shutdown.service.8.asc new file mode 100644 index 0000000..21ec88c --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-shutdown.service.8.asc @@ -0,0 +1,53 @@ +DRACUT-SHUTDOWN.SERVICE(8) +=========================== +:doctype: manpage +:man source: dracut +:man manual: dracut + +NAME +---- +dracut-shutdown.service - unpack the initramfs to /run/initramfs + +SYNOPSIS +-------- +dracut-shutdown.service + +DESCRIPTION +----------- +This service unpacks the initramfs image to /run/initramfs. +systemd pivots into /run/initramfs at shutdown, so the root filesystem +can be safely unmounted. + +The following steps are executed during a shutdown: + +* systemd switches to the shutdown.target +* systemd starts /lib/systemd/system/shutdown.target.wants/dracut-shutdown.service +* dracut-shutdown.service executes /usr/lib/dracut/dracut-initramfs-restore which unpacks the initramfs to /run/initramfs +* systemd finishes shutdown.target +* systemd kills all processes +* systemd tries to unmount everything and mounts the remaining read-only +* systemd checks, if there is a /run/initramfs/shutdown executable +* if yes, it does a pivot_root to /run/initramfs and executes ./shutdown. The old root is then mounted on /oldroot. /usr/lib/dracut/modules.d/99shutdown/shutdown.sh is the shutdown executable. +* shutdown will try to umount every /oldroot mount and calls the various shutdown hooks from the dracut modules + +This ensures, that all devices are disassembled and unmounted cleanly. + +To debug the shutdown process, you can get a shell in the shutdown procedure +by injecting "rd.break=pre-shutdown rd.shell" or "rd.break=shutdown rd.shell". +---- +# mkdir -p /run/initramfs/etc/cmdline.d +# echo "rd.break=pre-shutdown rd.shell" > /run/initramfs/etc/cmdline.d/debug.conf +# touch /run/initramfs/.need_shutdown +---- + +In case the unpack of the initramfs fails, dracut-shutdown-onfailure.service +executes to make sure switch root doesn't happen, since it would result in +switching to an incomplete initramfs. + +AUTHORS +------- +Harald Hoyer + +SEE ALSO +-------- +*dracut*(8) diff --git a/modules.d/98dracut-systemd/dracut-tmpfiles.conf b/modules.d/98dracut-systemd/dracut-tmpfiles.conf new file mode 100644 index 0000000..3c21ce8 --- /dev/null +++ b/modules.d/98dracut-systemd/dracut-tmpfiles.conf @@ -0,0 +1,3 @@ +d /run/initramfs 0755 root root - +d /run/initramfs/log 0755 root root - +L /var/log - - - - ../run/initramfs/log diff --git a/modules.d/98dracut-systemd/emergency.service b/modules.d/98dracut-systemd/emergency.service new file mode 100644 index 0000000..27c69e1 --- /dev/null +++ b/modules.d/98dracut-systemd/emergency.service @@ -0,0 +1,29 @@ +# This file is part of dracut. + +[Unit] +Description=Emergency Shell +Documentation=man:dracut.bootup(7) +DefaultDependencies=no +After=systemd-vconsole-setup.service +Wants=systemd-vconsole-setup.service +Conflicts=shutdown.target +Before=shutdown.target + +[Service] +Environment=HOME=/ +Environment=DRACUT_SYSTEMD=1 +Environment=NEWROOT=/sysroot +WorkingDirectory=/ +ExecStart=/bin/dracut-emergency +ExecStopPost=-/usr/bin/systemctl --fail --no-block default +Type=idle +StandardInput=tty-force +StandardOutput=inherit +StandardError=inherit +KillMode=process +IgnoreSIGPIPE=no +TasksMax=infinity + +# Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash +# terminates cleanly. +KillSignal=SIGHUP diff --git a/modules.d/98dracut-systemd/module-setup.sh b/modules.d/98dracut-systemd/module-setup.sh new file mode 100755 index 0000000..3195377 --- /dev/null +++ b/modules.d/98dracut-systemd/module-setup.sh @@ -0,0 +1,58 @@ +#!/bin/bash + +# called by dracut +check() { + [[ $mount_needs ]] && return 1 + + return 0 +} + +# called by dracut +depends() { + echo "systemd-initrd" + return 0 +} + +installkernel() { + return 0 +} + +# called by dracut +install() { + inst_script "$moddir/dracut-emergency.sh" /bin/dracut-emergency + inst_simple "$moddir/emergency.service" "${systemdsystemunitdir}"/emergency.service + inst_simple "$moddir/dracut-emergency.service" "${systemdsystemunitdir}"/dracut-emergency.service + inst_simple "$moddir/emergency.service" "${systemdsystemunitdir}"/rescue.service + + ln_r "${systemdsystemunitdir}/initrd.target" "${systemdsystemunitdir}/default.target" + + inst_script "$moddir/dracut-cmdline.sh" /bin/dracut-cmdline + inst_script "$moddir/dracut-cmdline-ask.sh" /bin/dracut-cmdline-ask + inst_script "$moddir/dracut-pre-udev.sh" /bin/dracut-pre-udev + inst_script "$moddir/dracut-pre-trigger.sh" /bin/dracut-pre-trigger + inst_script "$moddir/dracut-initqueue.sh" /bin/dracut-initqueue + inst_script "$moddir/dracut-pre-mount.sh" /bin/dracut-pre-mount + inst_script "$moddir/dracut-mount.sh" /bin/dracut-mount + inst_script "$moddir/dracut-pre-pivot.sh" /bin/dracut-pre-pivot + + inst_script "$moddir/rootfs-generator.sh" "$systemdutildir"/system-generators/dracut-rootfs-generator + + inst_hook cmdline 00 "$moddir/parse-root.sh" + + for i in \ + dracut-cmdline.service \ + dracut-cmdline-ask.service \ + dracut-initqueue.service \ + dracut-mount.service \ + dracut-pre-mount.service \ + dracut-pre-pivot.service \ + dracut-pre-trigger.service \ + dracut-pre-udev.service; do + inst_simple "$moddir/${i}" "$systemdsystemunitdir/${i}" + $SYSTEMCTL -q --root "$initdir" add-wants initrd.target "$i" + done + + inst_simple "$moddir/dracut-tmpfiles.conf" "$tmpfilesdir/dracut-tmpfiles.conf" + + inst_multiple sulogin +} diff --git a/modules.d/98dracut-systemd/parse-root.sh b/modules.d/98dracut-systemd/parse-root.sh new file mode 100755 index 0000000..90f145a --- /dev/null +++ b/modules.d/98dracut-systemd/parse-root.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +root=$(getarg root=) +case "${root#block:}" in + LABEL=* | UUID=* | PARTUUID=* | PARTLABEL=*) + root="block:$(label_uuid_to_dev "$root")" + rootok=1 + ;; + /dev/nfs | /dev/root) # ignore legacy + ;; + /dev/*) + root="block:${root}" + rootok=1 + ;; +esac + +if [ "$rootok" = "1" ]; then + root_dev="${root#block:}" + root_name="$(str_replace "$root_dev" '/' '\x2f')" + if ! [ -e "$hookdir/initqueue/finished/devexists-${root_name}.sh" ]; then + + # If a LUKS device needs unlocking via systemd in the initrd, assume + # it's for the root device. In that case, don't block on it if it's + # after remote-fs-pre.target since the initqueue is ordered before it so + # it will never actually show up (think Tang-pinned rootfs). + cat > "$hookdir/initqueue/finished/devexists-${root_name}.sh" << EOF +if ! grep -q After=remote-fs-pre.target /run/systemd/generator/systemd-cryptsetup@*.service 2>/dev/null; then + [ -e "$root_dev" ] +fi +EOF + { + printf '[ -e "%s" ] || ' "$root_dev" + printf 'warn "\"%s\" does not exist"\n' "$root_dev" + } >> "$hookdir/emergency/80-${root_name}.sh" + fi +fi diff --git a/modules.d/98dracut-systemd/rootfs-generator.sh b/modules.d/98dracut-systemd/rootfs-generator.sh new file mode 100755 index 0000000..cef3f49 --- /dev/null +++ b/modules.d/98dracut-systemd/rootfs-generator.sh @@ -0,0 +1,95 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +generator_wait_for_dev() { + local _name + local _timeout + + _name=$(dev_unit_name "$1") + _timeout=$(getarg rd.timeout) + _timeout=${_timeout:-0} + + if ! [ -L "$GENERATOR_DIR"/initrd.target.wants/"${_name}".device ]; then + [ -d "$GENERATOR_DIR"/initrd.target.wants ] || mkdir -p "$GENERATOR_DIR"/initrd.target.wants + ln -s ../"${_name}".device "$GENERATOR_DIR"/initrd.target.wants/"${_name}".device + fi + + if ! [ -f "$GENERATOR_DIR"/"${_name}".device.d/timeout.conf ]; then + mkdir -p "$GENERATOR_DIR"/"${_name}".device.d + { + echo "[Unit]" + echo "JobTimeoutSec=$_timeout" + echo "JobRunningTimeoutSec=$_timeout" + } > "$GENERATOR_DIR"/"${_name}".device.d/timeout.conf + fi +} + +generator_mount_rootfs() { + local _type="$2" + local _flags="$3" + local _name + + [ -z "$1" ] && return 0 + + _name=$(dev_unit_name "$1") + if ! [ -f "$GENERATOR_DIR"/sysroot.mount ]; then + { + echo "[Unit]" + echo "Before=initrd-root-fs.target" + echo "Requires=systemd-fsck@${_name}.service" + echo "After=systemd-fsck@${_name}.service" + echo "[Mount]" + echo "Where=/sysroot" + echo "What=$1" + echo "Options=${_flags}" + echo "Type=${_type}" + } > "$GENERATOR_DIR"/sysroot.mount + fi + if ! [ -L "$GENERATOR_DIR"/initrd-root-fs.target.requires/sysroot.mount ]; then + [ -d "$GENERATOR_DIR"/initrd-root-fs.target.requires ] || mkdir -p "$GENERATOR_DIR"/initrd-root-fs.target.requires + ln -s ../sysroot.mount "$GENERATOR_DIR"/initrd-root-fs.target.requires/sysroot.mount + fi +} + +generator_fsck_after_pre_mount() { + local _name + + [ -z "$1" ] && return 0 + + _name=$(dev_unit_name "$1") + [ -d "$GENERATOR_DIR"/systemd-fsck@"${_name}".service.d ] || mkdir -p "$GENERATOR_DIR"/systemd-fsck@"${_name}".service.d + if ! [ -f "$GENERATOR_DIR"/systemd-fsck@"${_name}".service.d/after-pre-mount.conf ]; then + { + echo "[Unit]" + echo "After=dracut-pre-mount.service" + } > "$GENERATOR_DIR"/systemd-fsck@"${_name}".service.d/after-pre-mount.conf + fi + +} + +root=$(getarg root=) +case "${root#block:}" in + LABEL=* | UUID=* | PARTUUID=* | PARTLABEL=*) + root="block:$(label_uuid_to_dev "$root")" + rootok=1 + ;; + /dev/nfs) # ignore legacy /dev/nfs + ;; + /dev/*) + root="block:${root}" + rootok=1 + ;; +esac + +if [ "$rootok" = "1" ]; then + GENERATOR_DIR="$1" + [ -z "$GENERATOR_DIR" ] && exit 1 + [ -d "$GENERATOR_DIR" ] || mkdir -p "$GENERATOR_DIR" + + generator_wait_for_dev "${root#block:}" + generator_fsck_after_pre_mount "${root#block:}" + strstr "$(cat /proc/cmdline)" 'root=' || generator_mount_rootfs "${root#block:}" "$(getarg rootfstype=)" "$(getarg rootflags=)" +fi + +exit 0 diff --git a/modules.d/98ecryptfs/README b/modules.d/98ecryptfs/README new file mode 100644 index 0000000..f741c54 --- /dev/null +++ b/modules.d/98ecryptfs/README @@ -0,0 +1,50 @@ +# Directions for creating the encrypted key that will be used to mount an +# eCryptfs filesystem + +# Create the eCryptfs key (encrypted key type) +# +# The encrypted key type supports two formats: the 'default' format allows +# to generate a random symmetric key of the length specified, the 'ecryptfs' +# format generates an authentication token for the eCryptfs filesystem, +# which contains a randomly generated key. Two requirements for the latter +# format is that the key description must contain exactly 16 hexadecimal +# characters and that the encrypted key length must be equal to 64. +$ keyctl add encrypted 1000100010001000 "new ecryptfs trusted:kmk-trusted 64" @u +782117972 + +# Save the encrypted key +$ su -c 'keyctl pipe `keyctl search @u encrypted 1000100010001000` > /etc/keys/ecryptfs-trusted.blob' + +# The eCryptfs key path name can be set in one of the following ways (specified in +# the order in which the variable is overwritten): + +1) use the default value: +-------------------------------------------------------------------------- +ECRYPTFSKEY="/etc/keys/ecryptfs-trusted.blob" +-------------------------------------------------------------------------- + +2) create the configuration file '/etc/sysconfig/ecryptfs' and set the ECRYPTFSKEY +variable; + +3) specify the eCryptfs key path name in the 'ecryptfskey=' parameter of the kernel command +line. + +# The configuration file '/etc/sysconfig/ecryptfs' is also used to specify +# more options for mounting the eCryptfs filesystem: + +ECRYPTFSSRCDIR: existent directory in the lower root filesystem; +ECRYPTFSDSTDIR: mount point directory for the eCryptfs filesystem (the directory must be + created in the root filesystem before rebooting the platform); +ECRYPTFS_EXTRA_MOUNT_OPTS: extra mount options for the eCryptfs filesystem (the 'ecryptfs_sig' + option is automatically added by the dracut script). + +# Example of the configuration file: +----------- '/etc/sysconfig/ecryptfs' (with default values) ----------- +ECRYPTFS_KEY="/etc/keys/ecryptfs-trusted.blob" +ECRYPTFSSRCDIR="/secret" +ECRYPTFSDSTDIR="${ECRYPTFSSRCDIR}" +ECRYPTFS_EXTRA_MOUNT_OPTS="" +----------------------------------------------------------------------- + +# If the variable ECRYPTFSDSTDIR is not specified in the configuration file, +# its value will be equal to that of ECRYPTFSSRCDIR. diff --git a/modules.d/98ecryptfs/ecryptfs-mount.sh b/modules.d/98ecryptfs/ecryptfs-mount.sh new file mode 100755 index 0000000..0c1e228 --- /dev/null +++ b/modules.d/98ecryptfs/ecryptfs-mount.sh @@ -0,0 +1,95 @@ +#!/bin/sh + +# Licensed under the GPLv2 +# +# Copyright (C) 2011 Politecnico di Torino, Italy +# TORSEC group -- http://security.polito.it +# Roberto Sassu <roberto.sassu@polito.it> + +ECRYPTFSCONFIG="${NEWROOT}/etc/sysconfig/ecryptfs" +ECRYPTFSKEYTYPE="encrypted" +ECRYPTFSKEYDESC="1000100010001000" +ECRYPTFSKEYID="" +ECRYPTFSSRCDIR="/secret" +ECRYPTFS_EXTRA_MOUNT_OPTS="" + +load_ecryptfs_key() { + # override the eCryptfs key path name from the 'ecryptfskey=' parameter in the kernel + # command line + if ECRYPTFSKEYARG=$(getarg ecryptfskey=); then + ECRYPTFSKEY=${ECRYPTFSKEYARG} + fi + + # set the default value + [ -z "${ECRYPTFSKEY}" ] \ + && ECRYPTFSKEY="/etc/keys/ecryptfs-trusted.blob" + + # set the eCryptfs key path name + ECRYPTFSKEYPATH="${NEWROOT}${ECRYPTFSKEY}" + + # check for eCryptfs encrypted key's existence + if [ ! -f "${ECRYPTFSKEYPATH}" ]; then + if [ "${RD_DEBUG}" = "yes" ]; then + info "eCryptfs: key file not found: ${ECRYPTFSKEYPATH}" + fi + return 1 + fi + + # read the eCryptfs encrypted key blob + read -r KEYBLOB < "${ECRYPTFSKEYPATH}" + + # load the eCryptfs encrypted key blob + if ! ECRYPTFSKEYID=$(keyctl add ${ECRYPTFSKEYTYPE} ${ECRYPTFSKEYDESC} "load ${KEYBLOB}" @u); then + info "eCryptfs: failed to load the eCryptfs key: ${ECRYPTFSKEYDESC}" + return 1 + fi + + return 0 +} + +unload_ecryptfs_key() { + # unlink the eCryptfs encrypted key + keyctl unlink "${ECRYPTFSKEYID}" @u || { + info "eCryptfs: failed to unlink the eCryptfs key: ${ECRYPTFSKEYDESC}" + return 1 + } + + return 0 +} + +mount_ecryptfs() { + # read the configuration from the config file + # shellcheck disable=SC1090 + [ -f "${ECRYPTFSCONFIG}" ] \ + && . "${ECRYPTFSCONFIG}" + + # load the eCryptfs encrypted key + load_ecryptfs_key || return 1 + + # set the default value for ECRYPTFSDSTDIR + [ -z "${ECRYPTFSDSTDIR}" ] \ + && ECRYPTFSDSTDIR=${ECRYPTFSSRCDIR} + + # set the eCryptfs filesystem mount point + ECRYPTFSSRCMNT="${NEWROOT}${ECRYPTFSSRCDIR}" + ECRYPTFSDSTMNT="${NEWROOT}${ECRYPTFSDSTDIR}" + + # build the mount options variable + ECRYPTFS_MOUNT_OPTS="ecryptfs_sig=${ECRYPTFSKEYDESC}" + [ -n "${ECRYPTFS_EXTRA_MOUNT_OPTS}" ] \ + && ECRYPTFS_MOUNT_OPTS="${ECRYPTFS_MOUNT_OPTS},${ECRYPTFS_EXTRA_MOUNT_OPTS}" + + # mount the eCryptfs filesystem + info "Mounting the configured eCryptfs filesystem" + mount -i -t ecryptfs -o${ECRYPTFS_MOUNT_OPTS} "${ECRYPTFSSRCMNT}" "${ECRYPTFSDSTMNT}" > /dev/null || { + info "eCryptfs: mount of the eCryptfs filesystem failed" + return 1 + } + + # unload the eCryptfs encrypted key + unload_ecryptfs_key || return 1 + + return 0 +} + +mount_ecryptfs diff --git a/modules.d/98ecryptfs/module-setup.sh b/modules.d/98ecryptfs/module-setup.sh new file mode 100755 index 0000000..9328b51 --- /dev/null +++ b/modules.d/98ecryptfs/module-setup.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + echo masterkey + return 0 +} + +# called by dracut +installkernel() { + instmods ecryptfs +} + +# called by dracut +install() { + inst_hook pre-pivot 63 "$moddir/ecryptfs-mount.sh" +} diff --git a/modules.d/98integrity/README b/modules.d/98integrity/README new file mode 100644 index 0000000..b16c6b6 --- /dev/null +++ b/modules.d/98integrity/README @@ -0,0 +1,68 @@ +# Directions for creating the encrypted key that will be used to initialize +# the EVM software. + +# Create the EVM key (encrypted key type) +# +# The encrypted key is a random number encrypted/decrypted using the +# kernel master key. The encrypted key is only exposed to userspace +# as an encrypted datablob. +$ keyctl add encrypted evm-key "new trusted:kmk-trusted 32" @u +782117972 + +# Save the encrypted key +$ su -c 'keyctl pipe `keyctl search @u encrypted evm-key` > /etc/keys/evm-trusted.blob' + +# The EVM key path name can be set in one of the following ways (specified in +# the order in which the variable is overwritten): + +1) use the default value: +-------------------------------------------------------------------------- +EVMKEY="/etc/keys/evm-trusted.blob" +-------------------------------------------------------------------------- + +2) create the configuration file '/etc/sysconfig/evm' and set the EVMKEY variable; + +3) specify the EVM key path name in the 'evmkey=' parameter of the kernel command +line. + + +# Directions for loading a custom IMA policy. + +# Write the policy following the instructions provided in the file +# 'Documentation/ABI/testing/ima_policy' of the kernel documentation. + +# Save the policy in a file. + +# Create the configuration file '/etc/sysconfig/ima' to override the path name of +# the IMA custom policy. +------------- '/etc/sysconfig/ima' (with the default value) ------------- +IMAPOLICY="/etc/sysconfig/ima-policy" +------------------------------------------------------------------------- + + +# Information on loading distro, third party or local keys on the trusted IMA keyring + +# Loading distro, third party or local keys on the trusted IMA keyring requires +# creating a local certificate authority(local-CA), installing the local-CA's +# public key on the system-keyring and signing the certificates with the local-CA +# key. +# +# Many directions for creating a mini certificate authority exist on the web +# (eg. openssl, yubikey). (Reminder: safely storing the private key offline is +# really important, especially in the case of the local-CA's private key.) The +# local-CA's public key can be loaded onto the system keyring either by building +# the key into the kernel or, on Fedora, storing it in the UEFI/Mok keyring. (As +# of writing, the patches for loading the UEFI/Mok keys on the system-keyring +# have not been upstreamed.) +# +# To view the system keyring: keyctl show %keyring:.system_keyring +# +# Most on-line directions for signing certificates requires creating a Certificate +# Signing Request (CSR). Creating such a request requires access to the private +# key, which would not be available when signing distro or 3rd party certificates. +# Openssl provides the "-ss_cert" option for directly signing certificates. + +# 98integrity/ima-keys-load.sh script loads the signed certificates stored +# in the $IMAKEYSDIR onto the trusted IMA keyring. The default $IMAKEYSDIR +# directory is /etc/keys/ima, but can be specified in the /etc/sysconfig/ima +# policy. diff --git a/modules.d/98integrity/evm-enable.sh b/modules.d/98integrity/evm-enable.sh new file mode 100755 index 0000000..fbae5f3 --- /dev/null +++ b/modules.d/98integrity/evm-enable.sh @@ -0,0 +1,169 @@ +#!/bin/sh + +# Licensed under the GPLv2 +# +# Copyright (C) 2011 Politecnico di Torino, Italy +# TORSEC group -- http://security.polito.it +# Roberto Sassu <roberto.sassu@polito.it> + +EVMSECFILE="${SECURITYFSDIR}/evm" +EVMCONFIG="${NEWROOT}/etc/sysconfig/evm" +EVMKEYDESC="evm-key" +EVMKEYTYPE="encrypted" +EVMKEYID="" +EVM_ACTIVATION_BITS=0 + +# The following variables can be set in /etc/sysconfig/evm: +# EVMKEY: path to the symmetric key; defaults to /etc/keys/evm-trusted.blob +# EVMKEYDESC: Description of the symmetric key; default is 'evm-key' +# EVMKEYTYPE: Type of the symmetric key; default is 'encrypted' +# EVMX509: path to x509 cert; default is /etc/keys/x509_evm.der +# EVM_ACTIVATION_BITS: additional EVM activation bits, such as +# EVM_SETUP_COMPLETE; default is 0 +# EVMKEYSDIR: Directory with more x509 certs; default is /etc/keys/evm/ + +load_evm_key() { + # read the configuration from the config file + # shellcheck disable=SC1090 + [ -f "${EVMCONFIG}" ] \ + && . "${EVMCONFIG}" + + # override the EVM key path name from the 'evmkey=' parameter in the kernel + # command line + if EVMKEYARG=$(getarg evmkey=); then + EVMKEY=${EVMKEYARG} + fi + + # set the default value + [ -z "${EVMKEY}" ] \ + && EVMKEY="/etc/keys/evm-trusted.blob" + + # set the EVM key path name + EVMKEYPATH="${NEWROOT}${EVMKEY}" + + # check for EVM encrypted key's existence + if [ ! -f "${EVMKEYPATH}" ]; then + if [ "${RD_DEBUG}" = "yes" ]; then + info "integrity: EVM encrypted key file not found: ${EVMKEYPATH}" + fi + return 1 + fi + + # read the EVM encrypted key blob + read -r KEYBLOB < "${EVMKEYPATH}" + + # load the EVM encrypted key + if ! EVMKEYID=$(keyctl add ${EVMKEYTYPE} ${EVMKEYDESC} "load ${KEYBLOB}" @u); then + info "integrity: failed to load the EVM encrypted key: ${EVMKEYDESC}" + return 1 + fi + return 0 +} + +load_evm_x509() { + info "Load EVM IMA X509" + + # override the EVM key path name from the 'evmx509=' parameter in + # the kernel command line + if EVMX509ARG=$(getarg evmx509=); then + EVMX509=${EVMX509ARG} + fi + + # set the default value + [ -z "${EVMX509}" ] \ + && EVMX509="/etc/keys/x509_evm.der" + + # set the EVM public key path name + EVMX509PATH="${NEWROOT}${EVMX509}" + + # check for EVM public key's existence + if [ ! -f "${EVMX509PATH}" ]; then + EVMX509PATH="" + fi + + local evm_pubid line + if line=$(keyctl describe %keyring:.evm); then + # the kernel already setup a trusted .evm keyring so use that one + evm_pubid=${line%%:*} + else + # look for an existing regular keyring + evm_pubid=$(keyctl search @u keyring _evm) + if [ -z "${evm_pubid}" ]; then + # create a new regular _evm keyring + evm_pubid=$(keyctl newring _evm @u) + fi + fi + + if [ -z "${EVMKEYSDIR}" ]; then + EVMKEYSDIR="/etc/keys/evm" + fi + # load the default EVM public key onto the EVM keyring along + # with all the other ones in $EVMKEYSDIR + local key_imported=1 + for PUBKEY in ${EVMX509PATH} "${NEWROOT}${EVMKEYSDIR}"/*; do + if [ ! -f "${PUBKEY}" ]; then + if [ "${RD_DEBUG}" = "yes" ]; then + info "integrity: EVM x509 cert file not found: ${PUBKEY}" + fi + continue + fi + if ! evmctl import "${PUBKEY}" "${evm_pubid}"; then + info "integrity: failed to load the EVM X509 cert ${PUBKEY}" + return 1 + fi + key_imported=0 + done + + if [ "${RD_DEBUG}" = "yes" ]; then + keyctl show @u + fi + + return ${key_imported} +} + +unload_evm_key() { + # unlink the EVM encrypted key + keyctl unlink "${EVMKEYID}" @u || { + info "integrity: failed to unlink the EVM encrypted key: ${EVMKEYDESC}" + return 1 + } + + return 0 +} + +enable_evm() { + # check kernel support for EVM + if [ ! -e "${EVMSECFILE}" ]; then + if [ "${RD_DEBUG}" = "yes" ]; then + info "integrity: EVM kernel support is disabled" + fi + return 0 + fi + + local evm_configured=0 + local EVM_INIT_HMAC=1 EVM_INIT_X509=2 + + # try to load the EVM encrypted key + load_evm_key && evm_configured=${EVM_INIT_HMAC} + + # try to load the EVM public key + load_evm_x509 && evm_configured=$((evm_configured | EVM_INIT_X509)) + + # only enable EVM if a key or x509 certificate could be loaded + if [ $evm_configured -eq 0 ]; then + return 1 + fi + + # initialize EVM + info "Enabling EVM" + echo $((evm_configured | EVM_ACTIVATION_BITS)) > "${EVMSECFILE}" + + if [ "$((evm_configured & EVM_INIT_HMAC))" -ne 0 ]; then + # unload the EVM encrypted key + unload_evm_key || return 1 + fi + + return 0 +} + +enable_evm diff --git a/modules.d/98integrity/ima-keys-load.sh b/modules.d/98integrity/ima-keys-load.sh new file mode 100755 index 0000000..2374550 --- /dev/null +++ b/modules.d/98integrity/ima-keys-load.sh @@ -0,0 +1,60 @@ +#!/bin/sh + +SECURITYFSDIR="/sys/kernel/security" +IMASECDIR="${SECURITYFSDIR}/ima" +IMACONFIG="${NEWROOT}/etc/sysconfig/ima" + +load_x509_keys() { + KEYRING_ID=$1 + + # override the default configuration + if [ -f "${IMACONFIG}" ]; then + # shellcheck disable=SC1090 + . "${IMACONFIG}" + fi + + if [ -z "${IMAKEYSDIR}" ]; then + IMAKEYSDIR="/etc/keys/ima" + fi + + for PUBKEY in "${NEWROOT}${IMAKEYSDIR}"/*; do + # check for public key's existence + if [ ! -f "${PUBKEY}" ]; then + if [ "${RD_DEBUG}" = "yes" ]; then + info "integrity: IMA x509 cert file not found: ${PUBKEY}" + fi + continue + fi + + if ! evmctl import "${PUBKEY}" "${KEYRING_ID}"; then + info "integrity: IMA x509 cert not loaded on keyring: ${PUBKEY}" + fi + done + + if [ "${RD_DEBUG}" = "yes" ]; then + keyctl show "${KEYRING_ID}" + fi + return 0 +} + +# check kernel support for IMA +if [ ! -e "${IMASECDIR}" ]; then + if [ "${RD_DEBUG}" = "yes" ]; then + info "integrity: IMA kernel support is disabled" + fi + return 0 +fi + +# get the IMA keyring id + +if line=$(keyctl describe %keyring:.ima); then + _ima_id=${line%%:*} +else + _ima_id=$(keyctl search @u keyring _ima) + if [ -z "${_ima_id}" ]; then + _ima_id=$(keyctl newring _ima @u) + fi +fi + +# load the IMA public key(s) +load_x509_keys "${_ima_id}" diff --git a/modules.d/98integrity/ima-policy-load.sh b/modules.d/98integrity/ima-policy-load.sh new file mode 100755 index 0000000..a1fbb4d --- /dev/null +++ b/modules.d/98integrity/ima-policy-load.sh @@ -0,0 +1,40 @@ +#!/bin/sh + +# Licensed under the GPLv2 +# +# Copyright (C) 2011 Politecnico di Torino, Italy +# TORSEC group -- http://security.polito.it +# Roberto Sassu <roberto.sassu@polito.it> + +IMASECDIR="${SECURITYFSDIR}/ima" +IMACONFIG="${NEWROOT}/etc/sysconfig/ima" +IMAPOLICY="/etc/sysconfig/ima-policy" + +load_ima_policy() { + # check kernel support for IMA + if [ ! -e "${IMASECDIR}" ]; then + if [ "${RD_DEBUG}" = "yes" ]; then + info "integrity: IMA kernel support is disabled" + fi + return 0 + fi + + # override the default configuration + # shellcheck disable=SC1090 + [ -f "${IMACONFIG}" ] \ + && . "${IMACONFIG}" + + # set the IMA policy path name + IMAPOLICYPATH="${NEWROOT}${IMAPOLICY}" + + # check the existence of the IMA policy file + [ -f "${IMAPOLICYPATH}" ] && { + info "Loading the provided IMA custom policy" + printf '%s' "${IMAPOLICYPATH}" > "${IMASECDIR}"/policy \ + || cat "${IMAPOLICYPATH}" > "${IMASECDIR}"/policy + } + + return 0 +} + +load_ima_policy diff --git a/modules.d/98integrity/module-setup.sh b/modules.d/98integrity/module-setup.sh new file mode 100755 index 0000000..fb2badf --- /dev/null +++ b/modules.d/98integrity/module-setup.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + echo masterkey securityfs + return 0 +} + +# called by dracut +install() { + dracut_install evmctl keyctl + inst_hook pre-pivot 61 "$moddir/evm-enable.sh" + inst_hook pre-pivot 61 "$moddir/ima-keys-load.sh" + inst_hook pre-pivot 62 "$moddir/ima-policy-load.sh" +} diff --git a/modules.d/98pollcdrom/module-setup.sh b/modules.d/98pollcdrom/module-setup.sh new file mode 100755 index 0000000..9684181 --- /dev/null +++ b/modules.d/98pollcdrom/module-setup.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_hook initqueue/settled 99 "$moddir/pollcdrom.sh" +} diff --git a/modules.d/98pollcdrom/pollcdrom.sh b/modules.d/98pollcdrom/pollcdrom.sh new file mode 100755 index 0000000..85305a7 --- /dev/null +++ b/modules.d/98pollcdrom/pollcdrom.sh @@ -0,0 +1,21 @@ +#!/bin/sh +# +# Licensed under the GPLv2 +# +# Copyright 2008-2012, Red Hat, Inc. +# Harald Hoyer <harald@redhat.com> + +if [ ! -e /sys/module/block/parameters/events_dfl_poll_msecs ]; then + # if the kernel does not support autopolling + # then we have to do a + # dirty hack for some cdrom drives, + # which report no medium for quiet + # some time. + for cdrom in /sys/block/sr*; do + [ -e "$cdrom" ] || continue + # skip, if cdrom medium was already found + strstr "$(udevadm info --query=property --path="${cdrom##/sys}")" \ + ID_CDROM_MEDIA && continue + echo change > "$cdrom/uevent" + done +fi diff --git a/modules.d/98selinux/module-setup.sh b/modules.d/98selinux/module-setup.sh new file mode 100755 index 0000000..3574b12 --- /dev/null +++ b/modules.d/98selinux/module-setup.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_hook pre-pivot 50 "$moddir/selinux-loadpolicy.sh" + inst_multiple setenforce chroot +} diff --git a/modules.d/98selinux/selinux-loadpolicy.sh b/modules.d/98selinux/selinux-loadpolicy.sh new file mode 100755 index 0000000..0235b8e --- /dev/null +++ b/modules.d/98selinux/selinux-loadpolicy.sh @@ -0,0 +1,70 @@ +#!/bin/sh + +# FIXME: load selinux policy. this should really be done after we switchroot + +rd_load_policy() { + # If SELinux is disabled exit now + getarg "selinux=0" > /dev/null && return 0 + + SELINUX="enforcing" + # shellcheck disable=SC1090 + [ -e "$NEWROOT/etc/selinux/config" ] && . "$NEWROOT/etc/selinux/config" + + # Check whether SELinux is in permissive mode + permissive=0 + + if getarg "enforcing=0" > /dev/null || [ "$SELINUX" = "permissive" ]; then + permissive=1 + fi + + # Attempt to load SELinux Policy + if [ -x "$NEWROOT/usr/sbin/load_policy" -o -x "$NEWROOT/sbin/load_policy" ]; then + local ret=0 + local out + info "Loading SELinux policy" + mount -o bind /sys "$NEWROOT"/sys + # load_policy does mount /proc and /sys/fs/selinux in + # libselinux,selinux_init_load_policy() + if [ -x "$NEWROOT/sbin/load_policy" ]; then + out=$(LANG=C chroot "$NEWROOT" /sbin/load_policy -i 2>&1) + ret=$? + info "$out" + else + out=$(LANG=C chroot "$NEWROOT" /usr/sbin/load_policy -i 2>&1) + ret=$? + info "$out" + fi + umount "$NEWROOT"/sys/fs/selinux + umount "$NEWROOT"/sys + + if [ "$SELINUX" = "disabled" ]; then + return 0 + fi + + if [ $ret -eq 0 -o $ret -eq 2 ]; then + # If machine requires a relabel, force to permissive mode + [ -e "$NEWROOT"/.autorelabel ] && LANG=C /usr/sbin/setenforce 0 + mount --rbind /dev "$NEWROOT/dev" + LANG=C chroot "$NEWROOT" /sbin/restorecon -R /dev + umount -R "$NEWROOT/dev" + return 0 + fi + + warn "Initial SELinux policy load failed." + if [ $ret -eq 3 -o $permissive -eq 0 ]; then + warn "Machine in enforcing mode." + warn "Not continuing" + emergency_shell -n selinux + exit 1 + fi + return 0 + elif [ $permissive -eq 0 -a "$SELINUX" != "disabled" ]; then + warn "Machine in enforcing mode and cannot execute load_policy." + warn "To disable selinux, add selinux=0 to the kernel command line." + warn "Not continuing" + emergency_shell -n selinux + exit 1 + fi +} + +rd_load_policy diff --git a/modules.d/98syslog/README b/modules.d/98syslog/README new file mode 100644 index 0000000..9eb5ade --- /dev/null +++ b/modules.d/98syslog/README @@ -0,0 +1,24 @@ +Syslog support for dracut + +This module provides syslog functionality in the initrd. +This is especially interesting when complex configuration being +used to provide access to the device the rootfs resides on. + +When this module is installed into the ramfs it is triggered by +the udev event from the nic being setup (online). + +Then if syslog is configured it is started and will forward all +kernel messages to the given syslog server. + +The syslog implementation is detected automatically by finding the +appropriate binary with the following order: +rsyslogd +syslogd +syslog-ng +Then if detected the syslog.conf is generated and syslog is started. + +Bootparameters: +syslogserver=ip Where to syslog to +sysloglevel=level What level has to be logged +syslogtype=rsyslog|syslog|syslogng + Don't auto detect syslog but set it diff --git a/modules.d/98syslog/module-setup.sh b/modules.d/98syslog/module-setup.sh new file mode 100755 index 0000000..2909a56 --- /dev/null +++ b/modules.d/98syslog/module-setup.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +# called by dracut +check() { + # do not add this module by default + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + local _installs + if find_binary rsyslogd > /dev/null; then + _installs="rsyslogd" + inst_libdir_file rsyslog/lmnet.so rsyslog/imklog.so rsyslog/imuxsock.so rsyslog/imjournal.so + elif find_binary syslogd > /dev/null; then + _installs="syslogd" + elif find_binary syslog-ng > /dev/null; then + _installs="syslog-ng" + else + derror "Could not find any syslog binary although the syslogmodule" \ + "is selected to be installed. Please check." + fi + if [ -n "$_installs" ]; then + inst_multiple cat $_installs + inst_hook cmdline 90 "$moddir/parse-syslog-opts.sh" + inst_hook cleanup 99 "$moddir/syslog-cleanup.sh" + inst_hook initqueue/online 70 "$moddir/rsyslogd-start.sh" + inst_simple "$moddir/rsyslogd-stop.sh" /sbin/rsyslogd-stop + mkdir -m 0755 -p "${initdir}"/etc/templates + inst_simple "${moddir}/rsyslog.conf" /etc/templates/rsyslog.conf + fi + dracut_need_initqueue +} diff --git a/modules.d/98syslog/parse-syslog-opts.sh b/modules.d/98syslog/parse-syslog-opts.sh new file mode 100755 index 0000000..ccefd9d --- /dev/null +++ b/modules.d/98syslog/parse-syslog-opts.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +# Parses the syslog commandline options +# +#Bootparameters: +#syslogserver=ip Where to syslog to +#sysloglevel=level What level has to be logged +#syslogtype=rsyslog|syslog|syslogng +# Don't auto detect syslog but set it +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +detect_syslog() { + syslogtype="" + if [ -e /sbin/rsyslogd ]; then + syslogtype="rsyslogd" + elif [ -e /sbin/syslogd ]; then + syslogtype="syslogd" + elif [ -e /sbin/syslog-ng ]; then + syslogtype="syslog-ng" + else + warn "Could not find any syslog binary although the syslogmodule is selected to be installed. Please check." + fi + echo "$syslogtype" + [ -n "$syslogtype" ] +} + +syslogserver=$(getarg syslog.server -d syslog) +syslogfilters=$(getargs syslog.filter -d filter) +syslogtype=$(getarg syslog.type -d syslogtype) + +[ -n "$syslogserver" ] && echo "$syslogserver" > /tmp/syslog.server +[ -n "$syslogfilters" ] && echo "$syslogfilters" > /tmp/syslog.filters +if [ -n "$syslogtype" ]; then + echo "$syslogtype" > /tmp/syslog.type +else + syslogtype=$(detect_syslog) + echo "$syslogtype" > /tmp/syslog.type +fi diff --git a/modules.d/98syslog/rsyslog.conf b/modules.d/98syslog/rsyslog.conf new file mode 100644 index 0000000..218072b --- /dev/null +++ b/modules.d/98syslog/rsyslog.conf @@ -0,0 +1,31 @@ +#rsyslog v3 config file + +# if you experience problems, check +# http://www.rsyslog.com/troubleshoot for assistance + +#### MODULES #### + +$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command) +$ModLoad imklog.so # provides kernel logging support (previously done by rklogd) +#$ModLoad immark.so # provides --MARK-- message capability + +# Provides UDP syslog reception +#$ModLoad imudp.so +#$UDPServerRun 514 + +# Provides TCP syslog reception +#$ModLoad imtcp.so +#$InputTCPServerRun 514 + + +#### GLOBAL DIRECTIVES #### + +# Use default timestamp format +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# File syncing capability is disabled by default. This feature is usually not required, +# not useful and an extreme performance hit +#$ActionFileEnableSync on + + +#### RULES #### diff --git a/modules.d/98syslog/rsyslogd-start.sh b/modules.d/98syslog/rsyslogd-start.sh new file mode 100755 index 0000000..d404e51 --- /dev/null +++ b/modules.d/98syslog/rsyslogd-start.sh @@ -0,0 +1,47 @@ +#!/bin/sh + +# Triggered by initqueue/online and starts rsyslogd with bootparameters + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +# prevent starting again if already running +if [ -f /var/run/syslogd.pid ]; then + read -r pid < /var/run/syslogd.pid + kill -0 "$pid" && exit 0 +fi + +rsyslog_config() { + local server="$1" + shift + local syslog_template="$1" + shift + local filters="$*" + local filter= + + cat "$syslog_template" + + ( + # disable shell expansion / globbing + # since filters contain such characters + set -f + for filter in $filters; do + echo "${filter} @${server}" + done + ) + #echo "*.* /tmp/syslog" +} + +[ -f /tmp/syslog.type ] && read -r type < /tmp/syslog.type +[ -f /tmp/syslog.server ] && read -r server < /tmp/syslog.server +[ -f /tmp/syslog.filters ] && read -r filters < /tmp/syslog.filters +[ -z "$filters" ] && filters="kern.*" +[ -f /tmp/syslog.conf ] && read -r conf < /tmp/syslog.conf +[ -z "$conf" ] && conf="/etc/rsyslog.conf" && echo "$conf" > /tmp/syslog.conf + +if [ "$type" = "rsyslogd" ]; then + template=/etc/templates/rsyslog.conf + if [ -n "$server" ]; then + rsyslog_config "$server" "$template" "$filters" > $conf + rsyslogd -c3 + fi +fi diff --git a/modules.d/98syslog/rsyslogd-stop.sh b/modules.d/98syslog/rsyslogd-stop.sh new file mode 100755 index 0000000..3fc2a5f --- /dev/null +++ b/modules.d/98syslog/rsyslogd-stop.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +# Kills rsyslogd + +if [ -f /var/run/syslogd.pid ]; then + read -r pid < /var/run/syslogd.pid + kill "$pid" + kill -0 "$pid" && kill -9 "$pid" +else + warn "rsyslogd-stop: Could not find a pid for rsyslogd. Won't kill it." +fi diff --git a/modules.d/98syslog/syslog-cleanup.sh b/modules.d/98syslog/syslog-cleanup.sh new file mode 100755 index 0000000..2d08d8a --- /dev/null +++ b/modules.d/98syslog/syslog-cleanup.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +# Just cleans up a previously started syslogd + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +if [ -f /tmp/syslog.server ]; then + read -r syslogtype < /tmp/syslog.type + if command -v "${syslogtype}-stop" > /dev/null; then + "${syslogtype}"-stop + else + warn "syslog-cleanup: Could not find script to stop syslog of type \"$syslogtype\". Syslog will not be stopped." + fi +fi diff --git a/modules.d/98usrmount/module-setup.sh b/modules.d/98usrmount/module-setup.sh new file mode 100755 index 0000000..bc88deb --- /dev/null +++ b/modules.d/98usrmount/module-setup.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +# called by dracut +check() { + [[ $mount_needs ]] && return 1 + return 0 +} + +# called by dracut +depends() { + echo 'fs-lib' +} + +# called by dracut +install() { + if ! dracut_module_included "systemd"; then + inst_hook pre-pivot 50 "$moddir/mount-usr.sh" + fi + : +} diff --git a/modules.d/98usrmount/mount-usr.sh b/modules.d/98usrmount/mount-usr.sh new file mode 100755 index 0000000..0a3eb32 --- /dev/null +++ b/modules.d/98usrmount/mount-usr.sh @@ -0,0 +1,110 @@ +#!/bin/sh + +type info > /dev/null 2>&1 || . /lib/dracut-lib.sh +type fsck_single > /dev/null 2>&1 || . /lib/fs-lib.sh + +filtersubvol() { + local _oldifs + _oldifs="$IFS" + local IFS="," + # shellcheck disable=SC2086 + set -- $1 + IFS="$_oldifs" + while [ $# -gt 0 ]; do + case $1 in + 'subvol='*) : ;; + *) printf '%s' "${1}," ;; + esac + shift + done +} + +fsck_usr() { + local _dev="$1" + local _fs="$2" + local _fsopts="$3" + local _fsckoptions + + if [ -f "$NEWROOT"/fsckoptions ]; then + read -r _fsckoptions < "$NEWROOT"/fsckoptions + fi + + if [ -f "$NEWROOT"/forcefsck ] || getargbool 0 forcefsck; then + _fsckoptions="-f $_fsckoptions" + elif [ -f "$NEWROOT"/.autofsck ]; then + # shellcheck disable=SC1090 + [ -f "$NEWROOT"/etc/sysconfig/autofsck ] && . "$NEWROOT"/etc/sysconfig/autofsck + if [ "$AUTOFSCK_DEF_CHECK" = "yes" ]; then + AUTOFSCK_OPT="$AUTOFSCK_OPT -f" + fi + if [ -n "$AUTOFSCK_SINGLEUSER" ]; then + warn "*** Warning -- the system did not shut down cleanly. " + warn "*** Dropping you to a shell; the system will continue" + warn "*** when you leave the shell." + emergency_shell + fi + _fsckoptions="$AUTOFSCK_OPT $_fsckoptions" + fi + + fsck_single "$_dev" "$_fs" "$_fsopts" "$_fsckoptions" +} + +mount_usr() { + local _dev _mp _fs _opts _ _usr_found _ _freq _passno + # check, if we have to mount the /usr filesystem + while read -r _dev _mp _fs _opts _freq _passno || [ -n "$_dev" ]; do + [ "${_dev%%#*}" != "$_dev" ] && continue + if [ "$_mp" = "/usr" ]; then + case "$_dev" in + LABEL=* | UUID=* | PARTUUID=* | PARTLABEL=*) + _dev="$(label_uuid_to_dev "$_dev")" + ;; + *) ;; + esac + + if strstr "$_opts" "subvol=" \ + && [ "${root#block:}" -ef "$_dev" ] \ + && [ -n "$rflags" ]; then + # for btrfs subvolumes we have to mount /usr with the same rflags + rflags=$(filtersubvol "$rflags") + rflags=${rflags%%,} + _opts="${_opts:+${_opts},}${rflags}" + elif getargbool 0 ro; then + # if "ro" is specified, we want /usr to be mounted read-only + _opts="${_opts:+${_opts},}ro" + elif getargbool 0 rw; then + # if "rw" is specified, we want /usr to be mounted read-write + _opts="${_opts:+${_opts},}rw" + fi + echo "$_dev ${NEWROOT}${_mp} $_fs ${_opts} $_freq $_passno" + _usr_found="1" + break + fi + done < "$NEWROOT/etc/fstab" >> /etc/fstab + + if [ "$_usr_found" != "" ]; then + # we have to mount /usr + _fsck_ret=0 + if ! getargbool 0 rd.skipfsck; then + if [ "0" != "${_passno:-0}" ]; then + fsck_usr "$_dev" "$_fs" "$_opts" + _fsck_ret=$? + [ $_fsck_ret -ne 255 ] && echo $_fsck_ret > /run/initramfs/usr-fsck + fi + fi + + info "Mounting /usr with -o $_opts" + mount "$NEWROOT/usr" 2>&1 | vinfo + + if ! ismounted "$NEWROOT/usr"; then + warn "Mounting /usr to $NEWROOT/usr failed" + warn "*** Dropping you to a shell; the system will continue" + warn "*** when you leave the shell." + emergency_shell + fi + fi +} + +if [ -f "$NEWROOT/etc/fstab" ]; then + mount_usr +fi diff --git a/modules.d/99base/dracut-dev-lib.sh b/modules.d/99base/dracut-dev-lib.sh new file mode 100755 index 0000000..5779508 --- /dev/null +++ b/modules.d/99base/dracut-dev-lib.sh @@ -0,0 +1,139 @@ +#!/bin/sh + +# replaces all occurrences of 'search' in 'str' with 'replacement' +# +# str_replace str search replacement +# +# example: +# str_replace ' one two three ' ' ' '_' +str_replace() { + local in="$1" + local s="$2" + local r="$3" + local out='' + + while [ "${in##*"$s"*}" != "$in" ]; do + chop="${in%%"$s"*}" + out="${out}${chop}$r" + in="${in#*"$s"}" + done + printf -- '%s' "${out}${in}" +} + +# get a systemd-compatible unit name from a path +# (mimics unit_name_from_path_instance()) +dev_unit_name() { + local dev="$1" + + if command -v systemd-escape > /dev/null; then + systemd-escape -p -- "$dev" + return $? + fi + + if [ "$dev" = "/" -o -z "$dev" ]; then + printf -- "-" + return 0 + fi + + dev="${1%%/}" + dev="${dev##/}" + # shellcheck disable=SC1003 + dev="$(str_replace "$dev" '\' '\x5c')" + dev="$(str_replace "$dev" '-' '\x2d')" + if [ "${dev##.}" != "$dev" ]; then + dev="\x2e${dev##.}" + fi + dev="$(str_replace "$dev" '/' '-')" + + printf -- "%s" "$dev" +} + +# set_systemd_timeout_for_dev [-n] <dev> [<timeout>] +# Set 'rd.timeout' as the systemd timeout for <dev> +set_systemd_timeout_for_dev() { + local _name + local _needreload + local _noreload + local _timeout + + [ -z "$DRACUT_SYSTEMD" ] && return 0 + + if [ "$1" = "-n" ]; then + _noreload=1 + shift + fi + + if [ -n "$2" ]; then + _timeout="$2" + else + _timeout=$(getarg rd.timeout) + fi + + _timeout=${_timeout:-0} + + _name=$(dev_unit_name "$1") + if ! [ -L "${PREFIX}/etc/systemd/system/initrd.target.wants/${_name}.device" ]; then + [ -d "${PREFIX}"/etc/systemd/system/initrd.target.wants ] || mkdir -p "${PREFIX}"/etc/systemd/system/initrd.target.wants + ln -s ../"${_name}".device "${PREFIX}/etc/systemd/system/initrd.target.wants/${_name}.device" + type mark_hostonly > /dev/null 2>&1 && mark_hostonly /etc/systemd/system/initrd.target.wants/"${_name}".device + _needreload=1 + fi + + if ! [ -f "${PREFIX}/etc/systemd/system/${_name}.device.d/timeout.conf" ]; then + mkdir -p "${PREFIX}/etc/systemd/system/${_name}.device.d" + { + echo "[Unit]" + echo "JobTimeoutSec=$_timeout" + echo "JobRunningTimeoutSec=$_timeout" + } > "${PREFIX}/etc/systemd/system/${_name}.device.d/timeout.conf" + type mark_hostonly > /dev/null 2>&1 && mark_hostonly /etc/systemd/system/"${_name}".device.d/timeout.conf + _needreload=1 + fi + + if [ -z "$PREFIX" ] && [ "$_needreload" = 1 ] && [ -z "$_noreload" ]; then + /sbin/initqueue --onetime --unique --name daemon-reload systemctl daemon-reload + fi +} + +# wait_for_dev <dev> [<timeout>] +# +# Installs a initqueue-finished script, +# which will cause the main loop only to exit, +# if the device <dev> is recognized by the system. +wait_for_dev() { + local _name + local _noreload + + if [ "$1" = "-n" ]; then + _noreload=-n + shift + fi + + _name="$(str_replace "$1" '/' '\x2f')" + + type mark_hostonly > /dev/null 2>&1 && mark_hostonly "$hookdir/initqueue/finished/devexists-${_name}.sh" + + [ -e "${PREFIX}$hookdir/initqueue/finished/devexists-${_name}.sh" ] && return 0 + + printf '[ -e "%s" ]\n' "$1" \ + >> "${PREFIX}$hookdir/initqueue/finished/devexists-${_name}.sh" + { + printf '[ -e "%s" ] || ' "$1" + printf 'warn "\"%s\" does not exist"\n' "$1" + } >> "${PREFIX}$hookdir/emergency/80-${_name}.sh" + + set_systemd_timeout_for_dev $_noreload "$@" +} + +cancel_wait_for_dev() { + local _name + _name="$(str_replace "$1" '/' '\x2f')" + rm -f -- "$hookdir/initqueue/finished/devexists-${_name}.sh" + rm -f -- "$hookdir/emergency/80-${_name}.sh" + if [ -n "$DRACUT_SYSTEMD" ]; then + _name=$(dev_unit_name "$1") + rm -f -- "${PREFIX}/etc/systemd/system/initrd.target.wants/${_name}.device" + rm -f -- "${PREFIX}/etc/systemd/system/${_name}.device.d/timeout.conf" + /sbin/initqueue --onetime --unique --name daemon-reload systemctl daemon-reload + fi +} diff --git a/modules.d/99base/dracut-lib.sh b/modules.d/99base/dracut-lib.sh new file mode 100755 index 0000000..39609d8 --- /dev/null +++ b/modules.d/99base/dracut-lib.sh @@ -0,0 +1,1178 @@ +#!/bin/sh + +type wait_for_dev > /dev/null 2>&1 || . /lib/dracut-dev-lib.sh + +export DRACUT_SYSTEMD +export NEWROOT +if [ -n "$NEWROOT" ]; then + [ -d "$NEWROOT" ] || mkdir -p -m 0755 "$NEWROOT" +fi + +# shellcheck disable=SC2153 +if [ -z "$PREFIX" ]; then + if ! [ -d /run/initramfs ]; then + mkdir -p -m 0755 /run/initramfs/log + ln -sfn /run/initramfs/log /var/log + fi + + [ -d /run/lock ] || mkdir -p -m 0755 /run/lock + [ -d /run/log ] || mkdir -p -m 0755 /run/log +fi + +debug_off() { + set +x +} + +debug_on() { + [ "$RD_DEBUG" = "yes" ] && set -x +} + +# returns OK if $1 contains literal string $2 (and isn't empty) +strstr() { + [ "${1##*"$2"*}" != "$1" ] +} + +# returns OK if $1 matches (completely) glob pattern $2 +# An empty $1 will not be considered matched, even if $2 is * which technically +# matches; as it would match anything, it's not an interesting case. +strglob() { + # shellcheck disable=SC2295 + [ -n "$1" -a -z "${1##$2}" ] +} + +# returns OK if $1 contains (anywhere) a match of glob pattern $2 +# An empty $1 will not be considered matched, even if $2 is * which technically +# matches; as it would match anything, it's not an interesting case. +strglobin() { + # shellcheck disable=SC2295 + [ -n "$1" -a -z "${1##*$2*}" ] +} + +# returns OK if $1 contains literal string $2 at the beginning, and isn't empty +str_starts() { + [ "${1#"$2"*}" != "$1" ] +} + +# returns OK if $1 contains literal string $2 at the end, and isn't empty +str_ends() { + [ "${1%*"$2"}" != "$1" ] +} + +trim() { + local var="$*" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + printf "%s" "$var" +} + +if [ -z "$DRACUT_SYSTEMD" ]; then + + warn() { + check_quiet + echo "<28>dracut Warning: $*" > /dev/kmsg + echo "dracut Warning: $*" >&2 + } + + info() { + check_quiet + echo "<30>dracut: $*" > /dev/kmsg + if [ "$DRACUT_QUIET" != "yes" ]; then + echo "dracut: $*" >&2 + fi + } + +else + + warn() { + echo "Warning: $*" >&2 + } + + info() { + echo "$*" + } + +fi + +vwarn() { + while read -r line || [ -n "$line" ]; do + warn "$line" + done +} + +vinfo() { + while read -r line || [ -n "$line" ]; do + info "$line" + done +} + +killall_proc_mountpoint() { + local _pid + local _killed=0 + for _pid in /proc/*; do + _pid=${_pid##/proc/} + case $_pid in + *[!0-9]*) continue ;; + esac + [ -e "/proc/$_pid/exe" ] || continue + [ -e "/proc/$_pid/root" ] || continue + if strstr "$(ls -l -- "/proc/$_pid" "/proc/$_pid/fd" 2> /dev/null)" "$1"; then + kill -9 "$_pid" + _killed=1 + fi + done + return $_killed +} + +getcmdline() { + local _line + local _i + local CMDLINE_ETC_D + local CMDLINE_ETC + local CMDLINE_PROC + unset _line + + if [ -e /etc/cmdline ]; then + while read -r _line || [ -n "$_line" ]; do + CMDLINE_ETC="$CMDLINE_ETC $_line" + done < /etc/cmdline + fi + for _i in /etc/cmdline.d/*.conf; do + [ -e "$_i" ] || continue + while read -r _line || [ -n "$_line" ]; do + CMDLINE_ETC_D="$CMDLINE_ETC_D $_line" + done < "$_i" + done + if [ -e /proc/cmdline ]; then + while read -r _line || [ -n "$_line" ]; do + CMDLINE_PROC="$CMDLINE_PROC $_line" + done < /proc/cmdline + fi + CMDLINE="$CMDLINE_ETC_D $CMDLINE_ETC $CMDLINE_PROC" + printf "%s" "$CMDLINE" +} + +getarg() { + debug_off + local _deprecated _newoption + CMDLINE=$(getcmdline) + export CMDLINE + while [ $# -gt 0 ]; do + case $1 in + -d) + _deprecated=1 + shift + ;; + -y) + if dracut-getarg "$2" > /dev/null; then + if [ "$_deprecated" = "1" ]; then + if [ -n "$_newoption" ]; then + warn "Kernel command line option '$2' is deprecated, use '$_newoption' instead." + else + warn "Option '$2' is deprecated." + fi + fi + echo 1 + debug_on + return 0 + fi + _deprecated=0 + shift 2 + ;; + -n) + if dracut-getarg "$2" > /dev/null; then + echo 0 + if [ "$_deprecated" = "1" ]; then + if [ -n "$_newoption" ]; then + warn "Kernel command line option '$2' is deprecated, use '$_newoption=0' instead." + else + warn "Option '$2' is deprecated." + fi + fi + debug_on + return 1 + fi + _deprecated=0 + shift 2 + ;; + *) + if [ -z "$_newoption" ]; then + _newoption="$1" + fi + if dracut-getarg "$1"; then + if [ "$_deprecated" = "1" ]; then + if [ -n "$_newoption" ]; then + warn "Kernel command line option '$1' is deprecated, use '$_newoption' instead." + else + warn "Option '$1' is deprecated." + fi + fi + debug_on + return 0 + fi + _deprecated=0 + shift + ;; + esac + done + debug_on + return 1 +} + +# getargbool <defaultval> <args...> +# False if "getarg <args...>" returns "0", "no", or "off". +# True if getarg returns any other non-empty string. +# If not found, assumes <defaultval> - usually 0 for false, 1 for true. +# example: getargbool 0 rd.info +# true: rd.info, rd.info=1, rd.info=xxx +# false: rd.info=0, rd.info=off, rd.info not present (default val is 0) +getargbool() { + local _b + unset _b + local _default + _default="$1" + shift + _b=$(getarg "$@") || _b=${_b:-"$_default"} + if [ -n "$_b" ]; then + [ "$_b" = "0" ] && return 1 + [ "$_b" = "no" ] && return 1 + [ "$_b" = "off" ] && return 1 + fi + return 0 +} + +isdigit() { + case "$1" in + *[!0-9]* | "") return 1 ;; + esac + + return 0 +} + +# getargnum <defaultval> <minval> <maxval> <arg> +# Will echo the arg if it's in range [minval - maxval]. +# If it's not set or it's not valid, will set it <defaultval>. +# Note all values are required to be >= 0 here. +# <defaultval> should be with [minval -maxval]. +getargnum() { + local _b + unset _b + local _default _min _max + _default="$1" + shift + _min="$1" + shift + _max="$1" + shift + _b=$(getarg "$1") || _b=${_b:-"$_default"} + if [ -n "$_b" ]; then + isdigit "$_b" && _b=$((_b)) \ + && [ $_b -ge "$_min" ] && [ $_b -le "$_max" ] && echo $_b && return + fi + echo "$_default" +} + +getargs() { + debug_off + CMDLINE=$(getcmdline) + export CMDLINE + local _val _i _gfound _deprecated + unset _val + unset _gfound + _newoption="$1" + for _i in "$@"; do + if [ "$_i" = "-d" ]; then + _deprecated=1 + continue + fi + + if _val="$(dracut-getargs "$_i")"; then + if [ "$_deprecated" = "1" ]; then + if [ -n "$_newoption" ]; then + warn "Option '$_i' is deprecated, use '$_newoption' instead." + else + warn "Option $_i is deprecated!" + fi + fi + if [ -n "$_val" ]; then + printf '%s\n' "$_val" + fi + _gfound=1 + fi + _deprecated=0 + done + if [ -n "$_gfound" ]; then + debug_on + return 0 + fi + debug_on + return 1 +} + +# Prints value of given option. If option is a flag and it's present, +# it just returns 0. Otherwise 1 is returned. +# $1 = options separated by commas +# $2 = option we are interested in +# +# Example: +# $1 = cipher=aes-cbc-essiv:sha256,hash=sha256,verify +# $2 = hash +# Output: +# sha256 +getoptcomma() { + local line=",$1," + local opt="$2" + local tmp + + case "${line}" in + *,${opt}=*,*) + tmp="${line#*,"${opt}"=}" + echo "${tmp%%,*}" + return 0 + ;; + *,${opt},*) return 0 ;; + esac + return 1 +} + +# Splits given string 'str' with separator 'sep' into variables 'var1', 'var2', +# 'varN'. If number of fields is less than number of variables, remaining are +# not set. If number of fields is greater than number of variables, the last +# variable takes remaining fields. In short - it acts similarly to 'read'. +# +# splitsep sep str var1 var2 varN +# +# example: +# splitsep ':' 'foo:bar:baz' v1 v2 +# in result: +# v1='foo', v2='bar:baz' +# +# TODO: ':' inside fields. +splitsep() { + debug_off + local sep="$1" + local str="$2" + shift 2 + local tmp + + while [ -n "$str" -a "$#" -gt 1 ]; do + tmp="${str%%"$sep"*}" + eval "$1='${tmp}'" + str="${str#"$tmp"}" + str="${str#"$sep"}" + shift + done + [ -n "$str" -a -n "$1" ] && eval "$1='$str'" + debug_on + return 0 +} + +setdebug() { + [ -f /usr/lib/initrd-release ] || return + if [ -z "$RD_DEBUG" ]; then + if [ -e /proc/cmdline ]; then + RD_DEBUG=no + if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then + RD_DEBUG=yes + [ -n "$BASH" ] \ + && export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]-}): ' + fi + fi + export RD_DEBUG + fi + debug_on +} + +setdebug + +source_all() { + local f + local _dir + _dir=$1 + shift + [ "$_dir" ] && [ -d "/$_dir" ] || return + for f in "/$_dir"/*.sh; do + if [ -e "$f" ]; then + # shellcheck disable=SC1090 + # shellcheck disable=SC2240 + . "$f" "$@" + fi + done +} + +hookdir=/lib/dracut/hooks +export hookdir + +source_hook() { + local _dir + _dir=$1 + shift + source_all "/lib/dracut/hooks/$_dir" "$@" +} + +check_finished() { + local f rc=0 + for f in "$hookdir"/initqueue/finished/*.sh; do + [ "$f" = "$hookdir/initqueue/finished/*.sh" ] && return 0 + # shellcheck disable=SC1090 + if [ -e "$f" ] && (. "$f"); then + rm -f "$f" + else + rc=1 + fi + done + return $rc +} + +source_conf() { + local f + [ "$1" ] && [ -d "/$1" ] || return + # shellcheck disable=SC1090 + for f in "/$1"/*.conf; do [ -e "$f" ] && . "$f"; done +} + +die() { + { + echo "<24>dracut: FATAL: $*" + echo "<24>dracut: Refusing to continue" + } > /dev/kmsg + + { + echo "warn dracut: FATAL: \"$*\"" + echo "warn dracut: Refusing to continue" + } >> $hookdir/emergency/01-die.sh + [ -d /run/initramfs ] || mkdir -p -- /run/initramfs + + : > /run/initramfs/.die + + if getargbool 0 "rd.shell"; then + emergency_shell + else + source_hook "shutdown-emergency" + fi + + if [ -n "$DRACUT_SYSTEMD" ]; then + systemctl --no-block --force halt + fi + + exit 1 +} + +check_quiet() { + if [ -z "$DRACUT_QUIET" ]; then + DRACUT_QUIET="yes" + getargbool 0 rd.info -d -y rdinfo && DRACUT_QUIET="no" + getargbool 0 rd.debug -d -y rdinitdebug && DRACUT_QUIET="no" + getarg quiet || DRACUT_QUIET="yes" + a=$(getarg loglevel=) + [ -n "$a" ] && [ "$a" -ge 28 ] && DRACUT_QUIET="yes" + export DRACUT_QUIET + fi +} + +check_occurances() { + # Count the number of times the character $ch occurs in $str + # Return 0 if the count matches the expected number, 1 otherwise + local str="$1" + local ch="$2" + local expected="$3" + local count=0 + + while [ "${str#*"$ch"}" != "${str}" ]; do + str="${str#*"$ch"}" + count=$((count + 1)) + done + + [ $count -eq "$expected" ] +} + +incol2() { + debug_off + local check + local file="$1" + local str="$2" + + [ -z "$file" ] && return 1 + [ -z "$str" ] && return 1 + + while read -r _ check _ || [ -n "$check" ]; do + if [ "$check" = "$str" ]; then + debug_on + return 0 + fi + done < "$file" + debug_on + return 1 +} + +udevsettle() { + # shellcheck disable=SC2086 + udevadm settle --exit-if-exists=$hookdir/initqueue/work $settle_exit_if_exists +} + +udevproperty() { + for i in "$@"; do + udevadm control --property="$i" + done +} + +find_mount() { + local dev wanted_dev + wanted_dev="$(readlink -e -q "$1")" + while read -r dev _ || [ -n "$dev" ]; do + [ "$dev" = "$wanted_dev" ] && echo "$dev" && return 0 + done < /proc/mounts + return 1 +} + +# usage: ismounted <mountpoint> +# usage: ismounted /dev/<device> +if command -v findmnt > /dev/null; then + ismounted() { + findmnt "$1" > /dev/null 2>&1 + } +else + ismounted() { + if [ -b "$1" ]; then + find_mount "$1" > /dev/null && return 0 + return 1 + fi + + while read -r _ m _ || [ -n "$m" ]; do + [ "$m" = "$1" ] && return 0 + done < /proc/mounts + return 1 + } +fi + +# Create udev rule match for a device with its device name, or the udev property +# ID_FS_UUID or ID_FS_LABEL +# +# example: +# udevmatch LABEL=boot +# prints: +# ENV{ID_FS_LABEL}="boot" +# +# TODO: symlinks +udevmatch() { + case "$1" in + UUID=????????-????-????-????-???????????? | LABEL=* | PARTLABEL=* | PARTUUID=????????-????-????-????-????????????) + printf 'ENV{ID_FS_%s}=="%s"' "${1%%=*}" "${1#*=}" + ;; + UUID=*) + printf 'ENV{ID_FS_UUID}=="%s*"' "${1#*=}" + ;; + PARTUUID=*) + printf 'ENV{ID_FS_PARTUUID}=="%s*"' "${1#*=}" + ;; + /dev/?*) printf -- 'KERNEL=="%s"' "${1#/dev/}" ;; + *) return 255 ;; + esac +} + +label_uuid_to_dev() { + local _dev + _dev="${1#block:}" + case "$_dev" in + LABEL=*) + echo "/dev/disk/by-label/$(echo "${_dev#LABEL=}" | sed 's,/,\\x2f,g;s, ,\\x20,g')" + ;; + PARTLABEL=*) + echo "/dev/disk/by-partlabel/$(echo "${_dev#PARTLABEL=}" | sed 's,/,\\x2f,g;s, ,\\x20,g')" + ;; + UUID=*) + echo "/dev/disk/by-uuid/${_dev#UUID=}" + ;; + PARTUUID=*) + echo "/dev/disk/by-partuuid/${_dev#PARTUUID=}" + ;; + *) + echo "$_dev" + ;; + esac +} + +# Prints unique path for potential file inside specified directory. It consists +# of specified directory, prefix and number at the end which is incremented +# until non-existing file is found. +# +# funiq dir prefix +# +# example: +# # ls /mnt +# cdrom0 cdrom1 +# +# # funiq /mnt cdrom +# /mnt/cdrom2 +funiq() { + local dir="$1" + local prefix="$2" + local i=0 + + [ -d "${dir}" ] || return 1 + + while [ -e "${dir}/${prefix}$i" ]; do + i=$((i + 1)) || return 1 + done + + echo "${dir}/${prefix}$i" +} + +# Creates unique directory and prints its path. It's using funiq to generate +# path. +# +# mkuniqdir subdir new_dir_name +mkuniqdir() { + local dir="$1" + local prefix="$2" + local retdir + local retdir_new + + [ -d "${dir}" ] || mkdir -m 0755 -p "${dir}" || return 1 + + retdir=$(funiq "${dir}" "${prefix}") || return 1 + until mkdir -m 0755 "${retdir}" 2> /dev/null; do + retdir_new=$(funiq "${dir}" "${prefix}") || return 1 + [ "$retdir_new" = "$retdir" ] && return 1 + retdir="$retdir_new" + done + + echo "${retdir}" +} + +# Copy the contents of SRC into DEST, merging the contents of existing +# directories (kinda like rsync, or cpio -p). +# Creates DEST if it doesn't exist. Overwrites files with the same names. +# +# copytree SRC DEST +copytree() { + local src="$1" dest="$2" + [ -d "$src" ] || return 1 + mkdir -p "$dest" || return 1 + dest=$(readlink -e -q "$dest") || return 1 + ( + cd "$src" || exit 1 + cp -af . -t "$dest" + ) +} + +# Evaluates command for UUIDs either given as arguments for this function or all +# listed in /dev/disk/by-uuid. UUIDs doesn't have to be fully specified. If +# beginning is given it is expanded to all matching UUIDs. To pass full UUID to +# your command use '$___' as a place holder. Remember to escape '$'! +# +# foreach_uuid_until [ -p prefix ] command UUIDs +# +# prefix - string to put just before $___ +# command - command to be evaluated +# UUIDs - list of UUIDs separated by space +# +# The function returns after *first successful evaluation* of the given command +# with status 0. If evaluation fails for every UUID function returns with +# status 1. +# +# Example: +# foreach_uuid_until "mount -U \$___ /mnt; echo OK; umount /mnt" \ +# "01234 f512 a235567f-12a3-c123-a1b1-01234567abcb" +foreach_uuid_until() ( + cd /dev/disk/by-uuid || return 1 + + [ "$1" = -p ] && local prefix="$2" && shift 2 + local cmd="$1" + shift + local uuids_list="$*" + local uuid + local full_uuid + local ___ + + [ -n "${cmd}" ] || return 1 + + for uuid in ${uuids_list:-*}; do + for full_uuid in "${uuid}"*; do + [ -e "${full_uuid}" ] || continue + # shellcheck disable=SC2034 + ___="${prefix}${full_uuid}" + eval "${cmd}" && return 0 + done + done + + return 1 +) + +# Get kernel name for given device. Device may be the name too (then the same +# is returned), a symlink (full path), UUID (prefixed with "UUID=") or label +# (prefixed with "LABEL="). If just a beginning of the UUID is specified or +# even an empty, function prints all device names which UUIDs match - every in +# single line. +# +# NOTICE: The name starts with "/dev/". +# +# Example: +# devnames UUID=123 +# May print: +# /dev/dm-1 +# /dev/sdb1 +# /dev/sdf3 +devnames() { + local dev="$1" + local d + local names + + case "$dev" in + UUID=*) + # shellcheck disable=SC2016 + dev="$(foreach_uuid_until '! blkid -U $___' "${dev#UUID=}")" \ + && return 255 + [ -z "$dev" ] && return 255 + ;; + LABEL=*) dev="$(blkid -L "${dev#LABEL=}")" || return 255 ;; + /dev/?*) ;; + *) return 255 ;; + esac + + for d in $dev; do + names="$names +$(readlink -e -q "$d")" || return 255 + done + + echo "${names# +}" +} + +usable_root() { + local _i + + [ -d "$1" ] || return 1 + + for _i in "$1"/usr/lib*/ld-*.so "$1"/lib*/ld-*.so; do + [ -e "$_i" ] && return 0 + done + + for _i in proc sys dev; do + [ -e "$1"/$_i ] || return 1 + done + + return 0 +} + +inst_hook() { + local _hookname _unique _name _job _exe + while [ $# -gt 0 ]; do + case "$1" in + --hook) + _hookname="/$2" + shift + ;; + --unique) + _unique="yes" + ;; + --name) + _name="$2" + shift + ;; + *) + break + ;; + esac + shift + done + + if [ -z "$_unique" ]; then + _job="${_name}$$" + else + _job="${_name:-$1}" + _job=${_job##*/} + fi + + _exe=$1 + shift + + [ -x "$_exe" ] || _exe=$(command -v "$_exe") + + if [ -n "$onetime" ]; then + { + # shellcheck disable=SC2016 + echo '[ -e "$_job" ] && rm -f -- "$_job"' + echo "$_exe $*" + } > "/tmp/$$-${_job}.sh" + else + echo "$_exe $*" > "/tmp/$$-${_job}.sh" + fi + + mv -f "/tmp/$$-${_job}.sh" "$hookdir/${_hookname}/${_job}.sh" +} + +# inst_mount_hook <mountpoint> <prio> <name> <script> +# +# Install a mount hook with priority <prio>, +# which executes <script> as soon as <mountpoint> is mounted. +inst_mount_hook() { + local _prio="$2" _jobname="$3" _script="$4" + local _hookname + _hookname="mount-$(str_replace "$1" '/' '\\x2f')" + [ -d "$hookdir/${_hookname}" ] || mkdir -p "$hookdir/${_hookname}" + inst_hook --hook "$_hookname" --unique --name "${_prio}-${_jobname}" "$_script" +} + +# wait_for_mount <mountpoint> +# +# Installs a initqueue-finished script, +# which will cause the main loop only to exit, +# if <mountpoint> is mounted. +wait_for_mount() { + local _name + _name="$(str_replace "$1" '/' '\\x2f')" + printf '. /lib/dracut-lib.sh\nismounted "%s"\n' "$1" \ + >> "$hookdir/initqueue/finished/ismounted-${_name}.sh" + { + printf 'ismounted "%s" || ' "$1" + printf 'warn "\"%s\" is not mounted"\n' "$1" + } >> "$hookdir/emergency/90-${_name}.sh" +} + +killproc() { + debug_off + local _exe + _exe="$(command -v "$1")" + local _sig="$2" + local _i + [ -x "$_exe" ] || return 1 + for _i in /proc/[0-9]*; do + [ "$_i" = "/proc/1" ] && continue + if [ -e "$_i"/_exe ] && [ "$_i/_exe" -ef "$_exe" ]; then + kill "$_sig" "${_i##*/}" + fi + done + debug_on +} + +need_shutdown() { + : > /run/initramfs/.need_shutdown +} + +wait_for_loginit() { + [ "$RD_DEBUG" = "yes" ] || return + [ -e /run/initramfs/loginit.pipe ] || return + debug_off + echo "DRACUT_LOG_END" + exec 0<> /dev/console 1<> /dev/console 2<> /dev/console + # wait for loginit + i=0 + while [ $i -lt 10 ]; do + if [ ! -e /run/initramfs/loginit.pipe ]; then + j=$(jobs) + [ -z "$j" ] && break + [ -z "${j##*Running*}" ] || break + fi + sleep 0.1 + i=$((i + 1)) + done + + if [ $i -eq 10 ]; then + kill %1 > /dev/null 2>&1 + kill "$(while read -r line || [ -n "$line" ]; do echo "$line"; done < /run/initramfs/loginit.pid)" + fi + + setdebug + rm -f -- /run/initramfs/loginit.pipe /run/initramfs/loginit.pid +} + +# pidof version for root +if ! command -v pidof > /dev/null 2> /dev/null; then + pidof() { + debug_off + local _cmd + local _exe + local _rl + local _ret=1 + local i + _cmd="$1" + if [ -z "$_cmd" ]; then + debug_on + return 1 + fi + _exe=$(command -v "$1") + for i in /proc/*/exe; do + [ -e "$i" ] || continue + if [ -n "$_exe" ]; then + [ "$i" -ef "$_exe" ] || continue + else + _rl=$(readlink -f "$i") + [ "${_rl%/"$_cmd"}" != "$_rl" ] || continue + fi + i=${i%/exe} + echo "${i##/proc/}" + _ret=0 + done + debug_on + return $_ret + } +fi + +_emergency_shell() { + local _name="$1" + if [ -n "$DRACUT_SYSTEMD" ]; then + : > /.console_lock + echo "PS1=\"$_name:\\\${PWD}# \"" > /etc/profile + systemctl start dracut-emergency.service + rm -f -- /etc/profile + rm -f -- /.console_lock + else + debug_off + source_hook "$hook" + echo + /sbin/rdsosreport + echo 'You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot' + echo 'after mounting them and attach it to a bug report.' + if ! RD_DEBUG='' getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then + echo + echo 'To get more debug information in the report,' + echo 'reboot with "rd.debug" added to the kernel command line.' + fi + echo + echo 'Dropping to debug shell.' + echo + export PS1="$_name:\${PWD}# " + [ -e /.profile ] || : > /.profile + + _ctty="$(RD_DEBUG='' getarg rd.ctty=)" && _ctty="/dev/${_ctty##*/}" + if [ -z "$_ctty" ]; then + _ctty=console + while [ -f /sys/class/tty/$_ctty/active ]; do + read -r _ctty < /sys/class/tty/$_ctty/active + _ctty=${_ctty##* } # last one in the list + done + _ctty=/dev/$_ctty + fi + [ -c "$_ctty" ] || _ctty=/dev/tty1 + case "$(/usr/bin/setsid --help 2>&1)" in *--ctty*) CTTY="--ctty" ;; esac + setsid $CTTY /bin/sh -i -l 0<> $_ctty 1<> $_ctty 2<> $_ctty + fi +} + +emergency_shell() { + local _ctty + set +e + local _rdshell_name="dracut" action="Boot" hook="emergency" + local _emergency_action + + if [ "$1" = "-n" ]; then + _rdshell_name=$2 + shift 2 + elif [ "$1" = "--shutdown" ]; then + _rdshell_name=$2 + action="Shutdown" + hook="shutdown-emergency" + shift 2 + fi + + echo + echo + warn "$*" + echo + + _emergency_action=$(getarg rd.emergency) + [ -z "$_emergency_action" ] \ + && [ -e /run/initramfs/.die ] \ + && _emergency_action=halt + + if getargbool 1 rd.shell -d -y rdshell || getarg rd.break -d rdbreak; then + _emergency_shell "$_rdshell_name" + else + source_hook "$hook" + warn "$action has failed. To debug this issue add \"rd.shell rd.debug\" to the kernel command line." + [ -z "$_emergency_action" ] && _emergency_action=halt + fi + + case "$_emergency_action" in + reboot) + reboot || exit 1 + ;; + poweroff) + poweroff || exit 1 + ;; + halt) + halt || exit 1 + ;; + esac +} + +# Retain the values of these variables but ensure that they are unexported +# This is a POSIX-compliant equivalent of bash's "export -n" +export_n() { + local var + local val + for var in "$@"; do + eval val=\$$var + unset $var + [ -n "$val" ] && eval "$var=\"$val\"" + done +} + +# returns OK if list1 contains all elements of list2, i.e. checks if list2 is a +# sublist of list1. An order and a duplication doesn't matter. +# +# $1 = separator +# $2 = list1 +# $3 = list2 +# $4 = ignore values, separated by $1 +listlist() { + local _sep="$1" + local _list="${_sep}${2}${_sep}" + local _sublist="$3" + [ -n "$4" ] && local _iglist="${_sep}${4}${_sep}" + local IFS="$_sep" + local _v + + [ "$_list" = "$_sublist" ] && return 0 + + for _v in $_sublist; do + if [ -n "$_v" ] && ! ([ -n "$_iglist" ] && strstr "$_iglist" "$_v"); then + strstr "$_list" "$_v" || return 1 + fi + done + + return 0 +} + +# returns OK if both lists contain the same values. An order and a duplication +# doesn't matter. +# +# $1 = separator +# $2 = list1 +# $3 = list2 +# $4 = ignore values, separated by $1 +are_lists_eq() { + listlist "$1" "$2" "$3" "$4" && listlist "$1" "$3" "$2" "$4" +} + +setmemdebug() { + if [ -z "$DEBUG_MEM_LEVEL" ]; then + DEBUG_MEM_LEVEL=$(getargnum 0 0 5 rd.memdebug) + export DEBUG_MEM_LEVEL + fi +} + +setmemdebug + +# parameters: func log_level prefix msg [trace_level:trace]... +make_trace_mem() { + local log_level prefix msg msg_printed + local trace trace_level trace_in_higher_levels insert_trace + + msg=$1 + shift + + prefix='[debug_mem]' + log_level=$DEBUG_MEM_LEVEL + + if [ -z "$log_level" ] || [ "$log_level" -le 0 ]; then + return + fi + + # FIXME? useless echo? + # shellcheck disable=SC2116 + msg=$(echo "$msg") + + msg_printed=0 + while [ $# -gt 0 ]; do + trace=${1%%:*} + trace_level=${trace%%+} + [ "$trace" != "$trace_level" ] && trace_in_higher_levels="yes" + trace=${1##*:} + + if [ -z "$trace_level" ]; then + trace_level=0 + fi + + insert_trace=0 + if [ -n "$trace_in_higher_levels" ]; then + if [ "$log_level" -ge "$trace_level" ]; then + insert_trace=1 + fi + else + if [ "$log_level" -eq "$trace_level" ]; then + insert_trace=1 + fi + fi + + if [ $insert_trace -eq 1 ]; then + if [ $msg_printed -eq 0 ]; then + echo "$prefix $msg" + msg_printed=1 + fi + show_memstats "$trace" + fi + shift + done +} + +# parameters: type +show_memstats() { + case $1 in + shortmem) + while read -r line || [ -n "$line" ]; do + str_starts "$line" "MemFree" \ + || str_starts "$line" "Cached" \ + || str_starts "$line" "Slab" \ + || continue + echo "$line" + done < /proc/meminfo + ;; + mem) + cat /proc/meminfo + ;; + slab) + cat /proc/slabinfo + ;; + iomem) + cat /proc/iomem + ;; + esac +} + +remove_hostonly_files() { + rm -fr /etc/cmdline /etc/cmdline.d/*.conf "$hookdir/initqueue/finished" + if [ -f /lib/dracut/hostonly-files ]; then + while read -r line || [ -n "$line" ]; do + [ -e "$line" ] || [ -h "$line" ] || continue + rm -f "$line" + done < /lib/dracut/hostonly-files + fi +} + +# parameter: kernel_module [filesystem_name] +# returns OK if kernel_module is loaded +# modprobe fails if /lib/modules is not available (--no-kernel use case) +load_fstype() { + local - fs _fs="${2:-$1}" + set +x + while read -r d fs || [ "$d" ]; do + [ "${fs:-$d}" = "$_fs" ] && return 0 + done < /proc/filesystems + modprobe "$1" +} + +# parameter: size of live image +# calls emergency shell if ram size is too small for the image +check_live_ram() { + minmem=$(getarg rd.minmem) + minmem=${minmem:-1024} + imgsize=$1 + memsize=$(($(sed -n 's/MemTotal: *\([[:digit:]]*\).*/\1/p' /proc/meminfo) / 1024)) + + if [ -z "$imgsize" ]; then + warn "Image size could not be determined" + return 0 + fi + + if [ $((memsize - imgsize)) -lt "$minmem" ]; then + sed -i "N;/and attach it to a bug report./s/echo$/echo\n\ + echo \n\ + echo 'Warning!!!'\n\ + echo 'The memory size of your system is too small for this live image.'\n\ + echo 'Expect killed processes due to out of memory conditions.'\n\ + echo \n/" /usr/bin/dracut-emergency + + emergency_shell + fi +} diff --git a/modules.d/99base/init.sh b/modules.d/99base/init.sh new file mode 100755 index 0000000..285059e --- /dev/null +++ b/modules.d/99base/init.sh @@ -0,0 +1,399 @@ +#!/bin/sh +# +# Licensed under the GPLv2 +# +# Copyright 2008-2010, Red Hat, Inc. +# Harald Hoyer <harald@redhat.com> +# Jeremy Katz <katzj@redhat.com> + +export -p > /tmp/export.orig + +NEWROOT="/sysroot" +[ -d $NEWROOT ] || mkdir -p -m 0755 $NEWROOT + +OLDPATH=$PATH +PATH=/usr/sbin:/usr/bin:/sbin:/bin +export PATH + +# mount some important things +if [ ! -d /proc/self ]; then + if ! mount -t proc -o nosuid,noexec,nodev proc /proc > /dev/null; then + echo "Cannot mount proc on /proc! Compile the kernel with CONFIG_PROC_FS!" + exit 1 + fi +fi + +if [ ! -d /sys/kernel ]; then + if ! mount -t sysfs -o nosuid,noexec,nodev sysfs /sys > /dev/null; then + echo "Cannot mount sysfs on /sys! Compile the kernel with CONFIG_SYSFS!" + exit 1 + fi +fi + +RD_DEBUG="" +. /lib/dracut-lib.sh + +setdebug + +if ! ismounted /dev; then + mount -t devtmpfs -o mode=0755,noexec,nosuid,strictatime devtmpfs /dev > /dev/null +fi + +if ! ismounted /dev; then + echo "Cannot mount devtmpfs on /dev! Compile the kernel with CONFIG_DEVTMPFS!" + exit 1 +fi + +# prepare the /dev directory +[ ! -h /dev/fd ] && ln -s /proc/self/fd /dev/fd > /dev/null 2>&1 +[ ! -h /dev/stdin ] && ln -s /proc/self/fd/0 /dev/stdin > /dev/null 2>&1 +[ ! -h /dev/stdout ] && ln -s /proc/self/fd/1 /dev/stdout > /dev/null 2>&1 +[ ! -h /dev/stderr ] && ln -s /proc/self/fd/2 /dev/stderr > /dev/null 2>&1 + +if ! ismounted /dev/pts; then + mkdir -m 0755 -p /dev/pts + mount -t devpts -o gid=5,mode=620,noexec,nosuid devpts /dev/pts > /dev/null +fi + +if ! ismounted /dev/shm; then + mkdir -m 0755 -p /dev/shm + mount -t tmpfs -o mode=1777,noexec,nosuid,nodev,strictatime tmpfs /dev/shm > /dev/null +fi + +if ! ismounted /run; then + mkdir -m 0755 -p /newrun + if ! str_starts "$(readlink -f /bin/sh)" "/run/"; then + mount -t tmpfs -o mode=0755,noexec,nosuid,nodev,strictatime tmpfs /newrun > /dev/null + else + # the initramfs binaries are located in /run, so don't mount it with noexec + mount -t tmpfs -o mode=0755,nosuid,nodev,strictatime tmpfs /newrun > /dev/null + fi + cp -a /run/* /newrun > /dev/null 2>&1 + mount --move /newrun /run + rm -fr -- /newrun +fi + +if command -v kmod > /dev/null 2> /dev/null; then + kmod static-nodes --format=tmpfiles 2> /dev/null \ + | while read -r type file mode _ _ _ majmin || [ -n "$type" ]; do + type=${type%\!} + case $type in + d) + mkdir -m "$mode" -p "$file" + ;; + c) + mknod -m "$mode" "$file" "$type" "${majmin%:*}" "${majmin#*:}" + ;; + esac + done +fi + +trap "emergency_shell Signal caught!" 0 + +export UDEVRULESD=/run/udev/rules.d +[ -d /run/udev ] || mkdir -p -m 0755 /run/udev +[ -d "$UDEVRULESD" ] || mkdir -p -m 0755 "$UDEVRULESD" + +if [ "$RD_DEBUG" = "yes" ]; then + mkfifo /run/initramfs/loginit.pipe + loginit "$DRACUT_QUIET" < /run/initramfs/loginit.pipe > /dev/console 2>&1 & + exec > /run/initramfs/loginit.pipe 2>&1 +else + exec 0<> /dev/console 1<> /dev/console 2<> /dev/console +fi + +[ -f /usr/lib/initrd-release ] && . /usr/lib/initrd-release +[ -n "$VERSION_ID" ] && info "$NAME-$VERSION_ID" + +source_conf /etc/conf.d + +if getarg "rd.cmdline=ask"; then + echo "Enter additional kernel command line parameter (end with ctrl-d or .)" + while read -r -p "> " ${BASH:+-e} line || [ -n "$line" ]; do + [ "$line" = "." ] && break + echo "$line" >> /etc/cmdline.d/99-cmdline-ask.conf + done +fi + +if ! getargbool 1 'rd.hostonly'; then + [ -f /etc/cmdline.d/99-cmdline-ask.conf ] && mv /etc/cmdline.d/99-cmdline-ask.conf /tmp/99-cmdline-ask.conf + remove_hostonly_files + [ -f /tmp/99-cmdline-ask.conf ] && mv /tmp/99-cmdline-ask.conf /etc/cmdline.d/99-cmdline-ask.conf +fi + +# run scriptlets to parse the command line +make_trace_mem "hook cmdline" '1+:mem' '1+:iomem' '3+:slab' +getarg 'rd.break=cmdline' -d 'rdbreak=cmdline' && emergency_shell -n cmdline "Break before cmdline" +source_hook cmdline + +[ -z "$root" ] && die "No or empty root= argument" +[ -z "$rootok" ] && die "Don't know how to handle 'root=$root'" + +export root rflags fstype netroot NEWROOT + +# pre-udev scripts run before udev starts, and are run only once. +make_trace_mem "hook pre-udev" '1:shortmem' '2+:mem' '3+:slab' +getarg 'rd.break=pre-udev' -d 'rdbreak=pre-udev' && emergency_shell -n pre-udev "Break before pre-udev" +source_hook pre-udev + +UDEV_LOG=err +getargbool 0 rd.udev.info -d -y rdudevinfo && UDEV_LOG=info +getargbool 0 rd.udev.debug -d -y rdudevdebug && UDEV_LOG=debug + +# start up udev and trigger cold plugs +UDEV_LOG=$UDEV_LOG "$systemdutildir"/systemd-udevd --daemon --resolve-names=never + +UDEV_QUEUE_EMPTY="udevadm settle --timeout=0" + +udevproperty "hookdir=$hookdir" + +make_trace_mem "hook pre-trigger" '1:shortmem' '2+:mem' '3+:slab' +getarg 'rd.break=pre-trigger' -d 'rdbreak=pre-trigger' && emergency_shell -n pre-trigger "Break before pre-trigger" +source_hook pre-trigger + +udevadm control --reload > /dev/null 2>&1 || : +# then the rest +udevadm trigger --type=subsystems --action=add > /dev/null 2>&1 +udevadm trigger --type=devices --action=add > /dev/null 2>&1 + +make_trace_mem "hook initqueue" '1:shortmem' '2+:mem' '3+:slab' +getarg 'rd.break=initqueue' -d 'rdbreak=initqueue' && emergency_shell -n initqueue "Break before initqueue" + +RDRETRY=$(getarg rd.retry -d 'rd_retry=') +RDRETRY=${RDRETRY:-180} +RDRETRY=$((RDRETRY * 2)) +export RDRETRY +main_loop=0 +export main_loop +while :; do + + check_finished && break + + udevsettle + + check_finished && break + + if [ -f "$hookdir"/initqueue/work ]; then + rm -f -- "$hookdir"/initqueue/work + fi + + for job in "$hookdir"/initqueue/*.sh; do + [ -e "$job" ] || break + # shellcheck disable=SC2097 disable=SC1090 disable=SC2098 + job=$job . "$job" + check_finished && break 2 + done + + $UDEV_QUEUE_EMPTY > /dev/null 2>&1 || continue + + for job in "$hookdir"/initqueue/settled/*.sh; do + [ -e "$job" ] || break + # shellcheck disable=SC2097 disable=SC1090 disable=SC2098 + job=$job . "$job" + check_finished && break 2 + done + + $UDEV_QUEUE_EMPTY > /dev/null 2>&1 || continue + + # no more udev jobs and queues empty. + sleep 0.5 + + if [ $main_loop -gt $((2 * RDRETRY / 3)) ]; then + for job in "$hookdir"/initqueue/timeout/*.sh; do + [ -e "$job" ] || break + # shellcheck disable=SC2097 disable=SC1090 disable=SC2098 + job=$job . "$job" + udevadm settle --timeout=0 > /dev/null 2>&1 || main_loop=0 + [ -f "$hookdir"/initqueue/work ] && main_loop=0 + done + fi + + main_loop=$((main_loop + 1)) + [ $main_loop -gt $RDRETRY ] \ + && { + flock -s 9 + emergency_shell "Could not boot." + } 9> /.console_lock +done +unset job +unset queuetriggered +unset main_loop +unset RDRETRY + +# pre-mount happens before we try to mount the root filesystem, +# and happens once. +make_trace_mem "hook pre-mount" '1:shortmem' '2+:mem' '3+:slab' +getarg 'rd.break=pre-mount' -d 'rdbreak=pre-mount' && emergency_shell -n pre-mount "Break before pre-mount" +source_hook pre-mount + +getarg 'rd.break=mount' -d 'rdbreak=mount' && emergency_shell -n mount "Break before mount" +# mount scripts actually try to mount the root filesystem, and may +# be sourced any number of times. As soon as one succeeds, no more are sourced. +_i_mount=0 +while :; do + if ismounted "$NEWROOT"; then + usable_root "$NEWROOT" && break + umount "$NEWROOT" + fi + for f in "$hookdir"/mount/*.sh; do + # shellcheck disable=SC1090 + [ -f "$f" ] && . "$f" + if ismounted "$NEWROOT"; then + usable_root "$NEWROOT" && break + warn "$NEWROOT has no proper rootfs layout, ignoring and removing offending mount hook" + umount "$NEWROOT" + rm -f -- "$f" + fi + done + + _i_mount=$((_i_mount + 1)) + [ $_i_mount -gt 20 ] \ + && { + flock -s 9 + emergency_shell "Can't mount root filesystem" + } 9> /.console_lock +done + +{ + printf "Mounted root filesystem " + while read -r dev mp _ || [ -n "$dev" ]; do [ "$mp" = "$NEWROOT" ] && echo "$dev"; done < /proc/mounts +} | vinfo + +# pre pivot scripts are sourced just before we doing cleanup and switch over +# to the new root. +make_trace_mem "hook pre-pivot" '1:shortmem' '2+:mem' '3+:slab' +getarg 'rd.break=pre-pivot' -d 'rdbreak=pre-pivot' && emergency_shell -n pre-pivot "Break before pre-pivot" +source_hook pre-pivot + +make_trace_mem "hook cleanup" '1:shortmem' '2+:mem' '3+:slab' +# pre pivot cleanup scripts are sourced just before we switch over to the new root. +getarg 'rd.break=cleanup' -d 'rdbreak=cleanup' && emergency_shell -n cleanup "Break before cleanup" +source_hook cleanup + +# By the time we get here, the root filesystem should be mounted. +# Try to find init. +for i in "$(getarg real_init=)" "$(getarg init=)" $(getargs rd.distroinit=) /sbin/init; do + [ -n "$i" ] || continue + + __p="${NEWROOT}/${i}" + if [ -h "$__p" ]; then + # relative links need to be left alone, + # while absolute links need to be resolved and prefixed. + __pt=$(readlink "$__p") + [ "${__pt#/}" = "$__pt" ] || __p="${NEWROOT}/$__pt" + fi + if [ -x "$__p" ]; then + INIT="$i" + break + fi +done + +[ "$INIT" ] || { + echo "Cannot find init!" + echo "Please check to make sure you passed a valid root filesystem!" + emergency_shell +} + +udevadm control --exit +udevadm info --cleanup-db + +debug_off # Turn off debugging for this section + +CAPSH=$(command -v capsh) +SWITCH_ROOT=$(command -v switch_root) + +# unexport some vars +export_n root rflags fstype netroot NEWROOT +unset CMDLINE + +# Clean up the environment +for i in $(export -p); do + i=${i#declare -x} + i=${i#export} + strstr "$i" "=" || continue + i=${i%%=*} + [ -z "$i" ] && continue + case $i in + root | PATH | HOME | TERM | PS4 | RD_*) + : + ;; + *) + unset "$i" + ;; + esac +done +. /tmp/export.orig 2> /dev/null || : +rm -f -- /tmp/export.orig + +initargs="" +read -r CLINE < /proc/cmdline +if getarg init= > /dev/null; then + ignoreargs="console BOOT_IMAGE" + # only pass arguments after init= to the init + CLINE=${CLINE#*init=} + # shellcheck disable=SC2086 + set -- $CLINE + shift # clear out the rest of the "init=" arg + for x in "$@"; do + for s in $ignoreargs; do + [ "${x%%=*}" = "$s" ] && continue 2 + done + initargs="$initargs $x" + done + unset CLINE +else + debug_off # Turn off debugging for this section + # shellcheck disable=SC2086 + set -- $CLINE + for x in "$@"; do + case "$x" in + [0-9] | s | S | single | emergency | auto) + initargs="$initargs $x" + ;; + esac + done +fi +debug_on + +if ! [ -d "$NEWROOT"/run ]; then + NEWRUN=/dev/.initramfs + mkdir -m 0755 -p "$NEWRUN" + mount --rbind /run/initramfs "$NEWRUN" +fi + +wait_for_loginit + +# remove helper symlink +[ -h /dev/root ] && rm -f -- /dev/root + +bv=$(getarg rd.break -d rdbreak) && [ -z "$bv" ] \ + && emergency_shell -n switch_root "Break before switch_root" +unset bv +info "Switching root" + +unset PS4 + +PATH=$OLDPATH +export PATH + +if [ -f /etc/capsdrop ]; then + . /etc/capsdrop + info "Calling $INIT with capabilities $CAPS_INIT_DROP dropped." + unset RD_DEBUG + exec "$CAPSH" --drop="$CAPS_INIT_DROP" -- \ + -c "exec \"$SWITCH_ROOT\" \"$NEWROOT\" \"$INIT\" $initargs" \ + || { + warn "Command:" + warn capsh --drop="$CAPS_INIT_DROP" -- -c exec "$SWITCH_ROOT" "$NEWROOT" "$INIT" "$initargs" + warn "failed." + emergency_shell + } +else + unset RD_DEBUG + # shellcheck disable=SC2086 + exec "$SWITCH_ROOT" "$NEWROOT" "$INIT" $initargs || { + warn "Something went very badly wrong in the initramfs. Please " + warn "file a bug against dracut." + emergency_shell + } +fi diff --git a/modules.d/99base/initqueue.sh b/modules.d/99base/initqueue.sh new file mode 100755 index 0000000..2c49079 --- /dev/null +++ b/modules.d/99base/initqueue.sh @@ -0,0 +1,72 @@ +#!/bin/sh +# +# Licensed under the GPLv2+ +# +# Copyright 2008-2010, Red Hat, Inc. +# Harald Hoyer <harald@redhat.com> + +PATH=/usr/sbin:/usr/bin:/sbin:/bin + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +while [ $# -gt 0 ]; do + case "$1" in + --onetime) + onetime="yes" + ;; + --online) + qname="/online" + ;; + --settled) + qname="/settled" + ;; + --finished) + qname="/finished" + ;; + --timeout) + qname="/timeout" + ;; + --unique) + unique="yes" + ;; + --name) + name="$2" + shift + ;; + --env) + env="$2" + shift + ;; + *) + break + ;; + esac + shift +done + +if [ -z "$unique" ]; then + job="${name}$$" +else + job="${name:-$1}" + job=${job##*/} +fi + +exe=$1 +shift + +[ -x "$exe" ] || exe=$(command -v "$exe") +if [ -z "$exe" ]; then + echo "Invalid command" + exit 1 +fi + +{ + # shellcheck disable=SC2016 + [ -n "$onetime" ] && echo '[ -e "$job" ] && rm -f -- "$job"' + [ -n "$env" ] && echo "$env" + echo "$exe" "$@" +} > "/tmp/$$-${job}.sh" + +mv -f "/tmp/$$-${job}.sh" "$hookdir/initqueue${qname}/${job}.sh" +[ -z "$qname" ] && : >> "$hookdir"/initqueue/work +exit 0 diff --git a/modules.d/99base/loginit.sh b/modules.d/99base/loginit.sh new file mode 100755 index 0000000..cdb305b --- /dev/null +++ b/modules.d/99base/loginit.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +# turn off debugging +set +x + +QUIET=$1 + +printf "%s" "$$" > /run/initramfs/loginit.pid + +# shellcheck disable=SC2015 +[ -e /dev/kmsg ] && exec 5> /dev/kmsg || exec 5> /dev/null +exec 6> /run/initramfs/init.log + +while read -r line || [ -n "$line" ]; do + if [ "$line" = "DRACUT_LOG_END" ]; then + rm -f -- /run/initramfs/loginit.pipe + exit 0 + fi + echo "<31>dracut: $line" >&5 + # if "quiet" is specified we output to /dev/console + [ -n "$QUIET" ] || echo "dracut: $line" + echo "$line" >&6 +done diff --git a/modules.d/99base/module-setup.sh b/modules.d/99base/module-setup.sh new file mode 100755 index 0000000..54b0deb --- /dev/null +++ b/modules.d/99base/module-setup.sh @@ -0,0 +1,146 @@ +#!/bin/bash + +# called by dracut +check() { + return 0 +} + +# called by dracut +depends() { + echo udev-rules + return 0 +} + +# called by dracut +install() { + inst_multiple mount mknod mkdir sleep chown \ + sed ls flock cp mv dmesg rm ln rmmod mkfifo umount readlink setsid \ + modprobe chmod tr + + inst_multiple -o findmnt less kmod + + inst_binary "${dracutbasedir}/dracut-util" "/usr/bin/dracut-util" + + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + if [ ! -e "${initdir}/bin/sh" ]; then + inst_multiple bash + (ln -s bash "${initdir}/bin/sh" || :) + fi + + # add common users in /etc/passwd, it will be used by nfs/ssh currently + # use password for hostonly images to facilitate secure sulogin in emergency console + [[ $hostonly ]] && pwshadow='x' + grep '^root:' "$initdir/etc/passwd" > /dev/null 2>&1 || echo "root:$pwshadow:0:0::/root:/bin/sh" >> "$initdir/etc/passwd" + grep '^nobody:' "$dracutsysrootdir"/etc/passwd >> "$initdir/etc/passwd" + + [[ $hostonly ]] && grep '^root:' "$dracutsysrootdir"/etc/shadow >> "$initdir/etc/shadow" + + # install our scripts and hooks + inst_script "$moddir/init.sh" "/init" + inst_script "$moddir/initqueue.sh" "/sbin/initqueue" + inst_script "$moddir/loginit.sh" "/sbin/loginit" + inst_script "$moddir/rdsosreport.sh" "/sbin/rdsosreport" + + [ -e "${initdir}/lib" ] || mkdir -m 0755 -p "${initdir}"/lib + mkdir -m 0755 -p "${initdir}"/lib/dracut + mkdir -m 0755 -p "${initdir}"/lib/dracut/hooks + + mkdir -p "${initdir}"/tmp + + inst_simple "$moddir/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "$moddir/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + mkdir -p "${initdir}"/var + + if ! dracut_module_included "systemd"; then + inst_multiple switch_root || dfatal "Failed to install switch_root" + inst_hook cmdline 10 "$moddir/parse-root-opts.sh" + fi + + if [[ $realinitpath ]]; then + for i in $realinitpath; do + echo "rd.distroinit=$i" + done > "${initdir}/etc/cmdline.d/distroinit.conf" + fi + + ln -fs /proc/self/mounts "$initdir/etc/mtab" + if [[ $ro_mnt == yes ]]; then + echo ro >> "${initdir}/etc/cmdline.d/base.conf" + fi + + [ -e "${initdir}/usr/lib" ] || mkdir -m 0755 -p "${initdir}"/usr/lib + + local VERSION="" + local PRETTY_NAME="" + # Derive an os-release file from the host, if it exists + if [[ -e $dracutsysrootdir/etc/os-release ]]; then + # shellcheck disable=SC1090 + . "$dracutsysrootdir"/etc/os-release + grep -hE -ve '^VERSION=' -ve '^PRETTY_NAME' "$dracutsysrootdir"/etc/os-release > "${initdir}"/usr/lib/initrd-release + [[ -n ${VERSION} ]] && VERSION+=" " + [[ -n ${PRETTY_NAME} ]] && PRETTY_NAME+=" " + else + # Fall back to synthesizing one, since dracut is presently used + # on non-systemd systems as well. + { + echo "NAME=dracut" + echo "ID=dracut" + echo "VERSION_ID=\"$DRACUT_VERSION\"" + echo 'ANSI_COLOR="0;34"' + } > "${initdir}"/usr/lib/initrd-release + fi + VERSION+="dracut-$DRACUT_VERSION" + PRETTY_NAME+="dracut-$DRACUT_VERSION (Initramfs)" + { + echo "VERSION=\"$VERSION\"" + echo "PRETTY_NAME=\"$PRETTY_NAME\"" + # This addition is relatively new, intended to allow software + # to easily detect the dracut version if need be without + # having it mixed in with the real underlying OS version. + echo "DRACUT_VERSION=\"${DRACUT_VERSION}\"" + } >> "$initdir"/usr/lib/initrd-release + echo "dracut-$DRACUT_VERSION" > "$initdir/lib/dracut/dracut-$DRACUT_VERSION" + ln -sf ../usr/lib/initrd-release "$initdir"/etc/initrd-release + ln -sf initrd-release "$initdir"/usr/lib/os-release + ln -sf initrd-release "$initdir"/etc/os-release + + ## save host_devs which we need bring up + if [[ $hostonly_cmdline == "yes" ]]; then + if [[ -n ${host_devs[*]} ]]; then + dracut_need_initqueue + fi + if [[ -f $initdir/lib/dracut/need-initqueue ]] || ! dracut_module_included "systemd"; then + ( + if dracut_module_included "systemd"; then + export DRACUT_SYSTEMD=1 + fi + export PREFIX="$initdir" + export hookdir=/lib/dracut/hooks + + # shellcheck source=dracut-dev-lib.sh + . "$moddir/dracut-dev-lib.sh" + + for _dev in "${host_devs[@]}"; do + for _dev2 in "${root_devs[@]}"; do + [[ $_dev == "$_dev2" ]] && continue 2 + done + + # We only actually wait for real devs - swap is only needed + # for resume and udev rules generated when parsing resume= + # argument take care of the waiting for us + for _dev2 in "${swap_devs[@]}"; do + [[ $_dev == "$_dev2" ]] && continue 2 + done + + _pdev=$(get_persistent_dev "$_dev") + + case "$_pdev" in + /dev/?*) wait_for_dev "$_pdev" 0 ;; + *) ;; + esac + done + ) + fi + fi +} diff --git a/modules.d/99base/parse-root-opts.sh b/modules.d/99base/parse-root-opts.sh new file mode 100755 index 0000000..9525249 --- /dev/null +++ b/modules.d/99base/parse-root-opts.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +# shellcheck disable=SC2034 +root=$(getarg root=) + +rflags="$(getarg rootflags=)" +getargbool 0 ro && rflags="${rflags},ro" +getargbool 0 rw && rflags="${rflags},rw" +rflags="${rflags#,}" + +fstype="$(getarg rootfstype=)" +if [ -z "$fstype" ]; then + fstype="auto" +fi diff --git a/modules.d/99base/rdsosreport.sh b/modules.d/99base/rdsosreport.sh new file mode 100755 index 0000000..dadf30b --- /dev/null +++ b/modules.d/99base/rdsosreport.sh @@ -0,0 +1,61 @@ +#!/bin/sh + +echo 'Generating "/run/initramfs/rdsosreport.txt"' + +[ -d /run/initramfs ] || mkdir -p /run/initramfs + +exec > /run/initramfs/rdsosreport.txt 2>&1 + +PWFILTER='s/\(ftp:\/\/.*\):.*@/\1:*******@/g;s/\(cifs:\/\/.*\):.*@/\1:*******@/g;s/cifspass=[^ ]*/cifspass=*******/g;s/iscsi:.*@/iscsi:******@/g;s/rd.iscsi.password=[^ ]*/rd.iscsi.password=******/g;s/rd.iscsi.in.password=[^ ]*/rd.iscsi.in.password=******/g' +set -x +cat /lib/dracut/dracut-* + +echo "/proc/cmdline" +sed -e "$PWFILTER" /proc/cmdline + +if [ -f /etc/cmdline ]; then + echo "/etc/cmdline" + sed -e "$PWFILTER" /etc/cmdline +fi + +for _i in /etc/cmdline.d/*.conf; do + [ -f "$_i" ] || break + echo "$_i" + sed -e "$PWFILTER" "$_i" +done + +cat /proc/self/mountinfo +cat /proc/mounts + +blkid +blkid -o udev + +ls -l /dev/disk/by* + +for _i in /etc/conf.d/*.conf; do + [ -f "$_i" ] || break + echo "$_i" + sed -e "$PWFILTER" "$_i" +done + +if command -v lvm > /dev/null 2> /dev/null; then + lvm pvdisplay + lvm vgdisplay + lvm lvdisplay +fi + +command -v dmsetup > /dev/null 2> /dev/null && dmsetup ls --tree + +cat /proc/mdstat + +command -v ip > /dev/null 2> /dev/null && ip addr + +if command -v journalctl > /dev/null 2> /dev/null; then + journalctl -ab --no-pager -o short-monotonic | sed -e "$PWFILTER" +else + dmesg | sed -e "$PWFILTER" + if [ -f /run/initramfs/init.log ]; then + echo "/run/initramfs/init.log" + sed -e "$PWFILTER" /run/initramfs/init.log + fi +fi diff --git a/modules.d/99fs-lib/fs-lib.sh b/modules.d/99fs-lib/fs-lib.sh new file mode 100755 index 0000000..c4640fa --- /dev/null +++ b/modules.d/99fs-lib/fs-lib.sh @@ -0,0 +1,262 @@ +#!/bin/sh + +type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh + +fsck_ask_reboot() { + info "note - fsck suggests reboot, if you" + info "leave shell, booting will continue normally" + emergency_shell -n "(reboot ?)" +} + +fsck_ask_err() { + warn "*** An error occurred during the file system check." + warn "*** Dropping you to a shell; the system will try" + warn "*** to mount the filesystem(s), when you leave the shell." + emergency_shell -n "(Repair filesystem)" +} + +# inherits: _ret _drv _out +fsck_tail() { + [ "$_ret" -gt 0 ] && warn "$_drv returned with $_ret" + if [ "$_ret" -ge 4 ]; then + [ -n "$_out" ] && echo "$_out" | vwarn + fsck_ask_err + else + [ -n "$_out" ] && echo "$_out" | vinfo + [ "$_ret" -ge 2 ] && fsck_ask_reboot + fi +} + +# note: this function sets _drv of the caller +fsck_able() { + case "$1" in + xfs) + # { + # type xfs_db && + # type xfs_repair && + # type xfs_check && + # type mount && + # type umount + # } >/dev/null 2>&1 && + # _drv="_drv=none fsck_drv_xfs" && + # return 0 + return 1 + ;; + ext?) + type e2fsck > /dev/null 2>&1 \ + && _drv="fsck_drv_com e2fsck" \ + && return 0 + ;; + f2fs) + type fsck.f2fs > /dev/null 2>&1 \ + && _drv="fsck_drv_com fsck.f2fs" \ + && return 0 + ;; + jfs) + type jfs_fsck > /dev/null 2>&1 \ + && _drv="fsck_drv_com jfs_fsck" \ + && return 0 + ;; + reiserfs) + type reiserfsck > /dev/null 2>&1 \ + && _drv="fsck_drv_com reiserfsck" \ + && return 0 + ;; + btrfs) + # type btrfsck >/dev/null 2>&1 && + # _drv="_drv=none fsck_drv_btrfs" && + # return 0 + return 1 + ;; + nfs*) + # nfs can be a nop, returning success + _drv=":" \ + && return 0 + ;; + *) + type fsck > /dev/null 2>&1 \ + && _drv="fsck_drv_std fsck" \ + && return 0 + ;; + esac + + return 1 +} + +# note: all drivers inherit: _drv _fop _dev + +fsck_drv_xfs() { + # xfs fsck is not necessary... Either it mounts or not + return 0 +} + +fsck_drv_btrfs() { + # btrfs fsck is not necessary... Either it mounts or not + return 0 +} + +# common code for checkers that follow usual subset of options and return codes +fsck_drv_com() { + local _drv="$1" + local _ret + local _out + + if ! strglobin "$_fop" "-[ynap]"; then + _fop="-a${_fop:+ "$_fop"}" + fi + + info "issuing $_drv $_fop $_dev" + # we enforce non-interactive run, so $() is fine + # shellcheck disable=SC2086 + _out=$($_drv $_fop "$_dev") + _ret=$? + fsck_tail + + return $_ret +} + +# code for generic fsck, if the filesystem checked is "unknown" to us +fsck_drv_std() { + local _ret + local _out + unset _out + + info "issuing fsck $_fop $_dev" + # note, we don't enforce -a here, thus fsck is being run (in theory) + # interactively; otherwise some tool might complain about lack of terminal + # (and using -a might not be safe) + # shellcheck disable=SC2086 + fsck $_fop "$_dev" > /dev/console 2>&1 + _ret=$? + fsck_tail + + return $_ret +} + +# checks single filesystem, relying on specific "driver"; we don't rely on +# automatic checking based on fstab, so empty one is passed; +# takes 4 arguments - device, filesystem, filesystem options, additional fsck options; +# first 2 arguments are mandatory (fs may be auto or "") +# returns 255 if filesystem wasn't checked at all (e.g. due to lack of +# necessary tools or insufficient options) +fsck_single() { + local FSTAB_FILE=/etc/fstab.empty + local _dev="$1" + local _fs="${2:-auto}" + local _fop="$4" + local _drv + + [ $# -lt 2 ] && return 255 + _dev=$(readlink -f "$(label_uuid_to_dev "$_dev")") + [ -e "$_dev" ] || return 255 + _fs=$(det_fs "$_dev" "$_fs") + fsck_able "$_fs" || return 255 + + info "Checking $_fs: $_dev" + export FSTAB_FILE + eval "$_drv" + return $? +} + +# takes list of filesystems to check in parallel; we don't rely on automatic +# checking based on fstab, so empty one is passed +fsck_batch() { + local FSTAB_FILE=/etc/fstab.empty + local _drv=fsck + local _dev + local _ret + local _out + + [ $# -eq 0 ] || ! type fsck > /dev/null 2>&1 && return 255 + + info "Checking filesystems (fsck -M -T -a):" + for _dev in "$@"; do + info " $_dev" + done + + export FSTAB_FILE + _out="$(fsck -M -T "$@" -- -a)" + _ret=$? + + fsck_tail + + return $_ret +} + +# verify supplied filesystem type: +# if user provided the fs and we couldn't find it, assume user is right +# if we found the fs, assume we're right +det_fs() { + local _dev="$1" + local _orig="${2:-auto}" + local _fs + + _fs=$(udevadm info --query=property --name="$_dev" \ + | while read -r line || [ -n "$line" ]; do + if str_starts "$line" "ID_FS_TYPE="; then + echo "${line#ID_FS_TYPE=}" + break + fi + done) + _fs=${_fs:-auto} + + if [ "$_fs" = "auto" ]; then + _fs="$_orig" + fi + echo "$_fs" +} + +write_fs_tab() { + local _o + local _rw + local _root + local _rootfstype + local _rootflags + local _fspassno + + _fspassno="0" + _root="$1" + _rootfstype="$2" + _rootflags="$3" + [ -z "$_rootfstype" ] && _rootfstype=$(getarg rootfstype=) + [ -z "$_rootflags" ] && _rootflags=$(getarg rootflags=) + + [ -z "$_rootfstype" ] && _rootfstype="auto" + + if [ -z "$_rootflags" ]; then + _rootflags="ro,x-initrd.mount" + else + _rootflags="ro,$_rootflags,x-initrd.mount" + fi + + _rw=0 + + CMDLINE=$(getcmdline) + for _o in $CMDLINE; do + case $_o in + rw) + _rw=1 + ;; + ro) + _rw=0 + ;; + esac + done + if [ "$_rw" = "1" ]; then + _rootflags="$_rootflags,rw" + if ! getargbool 0 rd.skipfsck; then + _fspassno="1" + fi + fi + + if grep -q "$_root /sysroot" /etc/fstab; then + echo "$_root /sysroot $_rootfstype $_rootflags $_fspassno 0" >> /etc/fstab + else + return + fi + + if type systemctl > /dev/null 2> /dev/null; then + systemctl daemon-reload + systemctl --no-block start initrd-root-fs.target + fi +} diff --git a/modules.d/99fs-lib/module-setup.sh b/modules.d/99fs-lib/module-setup.sh new file mode 100755 index 0000000..2b81b0c --- /dev/null +++ b/modules.d/99fs-lib/module-setup.sh @@ -0,0 +1,89 @@ +#!/bin/bash + +# called by dracut +check() { + return 0 +} + +# called by dracut +depends() { + return 0 +} + +echo_fs_helper() { + local fs=$2 + case "$fs" in + xfs) + echo -n " xfs_db xfs_repair xfs_check xfs_metadump " + ;; + ext?) + echo -n " e2fsck " + ;; + jfs) + echo -n " jfs_fsck " + ;; + reiserfs) + echo -n " reiserfsck " + ;; + btrfs) + echo -n " btrfsck " + ;; + esac + + echo -n " fsck.$fs " + return 0 +} + +include_fs_helper_modules() { + local fs=$2 + case "$fs" in + xfs | btrfs | ext4 | ext3) + instmods crc32c + ;; + f2fs) + instmods crc32 + ;; + esac +} + +# called by dracut +installkernel() { + # xfs/btrfs/ext4 need crc32c, f2fs needs crc32 + if [[ $hostonly ]]; then + for_each_host_dev_fs include_fs_helper_modules + : + else + instmods crc32c crc32 + fi +} + +# called by dracut +install() { + local _helpers + + inst "$moddir/fs-lib.sh" "/lib/fs-lib.sh" + : > "${initdir}"/etc/fstab.empty + + [[ $nofscks == "yes" ]] && return + + if [[ $fscks == "${fscks#*[^ ]*}" ]]; then + _helpers=( + /sbin/fsck* /usr/sbin/fsck* + xfs_db xfs_check xfs_repair xfs_metadump + e2fsck jfs_fsck reiserfsck btrfsck + ) + if [[ $hostonly ]]; then + read -r -a _helpers < <(for_each_host_dev_fs echo_fs_helper) + fi + else + read -r -a _helpers <<< "$fscks" + fi + + _helpers+=(umount mount) + + if [[ ${_helpers[*]} == *e2fsck* ]] && [[ -e $dracutsysrootdir/etc/e2fsck.conf ]]; then + inst_simple /etc/e2fsck.conf + fi + + inst_multiple -o "${_helpers[@]}" fsck +} diff --git a/modules.d/99img-lib/img-lib.sh b/modules.d/99img-lib/img-lib.sh new file mode 100755 index 0000000..4700832 --- /dev/null +++ b/modules.d/99img-lib/img-lib.sh @@ -0,0 +1,108 @@ +#!/bin/sh +# img-lib.sh: utilities for dealing with archives and filesystem images. +# +# TODO: identify/unpack rpm, deb, maybe others? + +# super-simple "file" that only identifies archives. +# works with stdin if $1 is not set. +det_archive() { + # NOTE: internal echo -e works in ash and bash, but not dash + local bz xz gz zs + local headerblock + bz="BZh" + # shellcheck disable=SC3037 + xz="$(/bin/echo -e '\xfd7zXZ')" + # shellcheck disable=SC3037 + gz="$(/bin/echo -e '\x1f\x8b')" + # shellcheck disable=SC3037 + zs="$(/bin/echo -e '\x28\xB5\x2F\xFD')" + headerblock="$(dd ${1:+if=$1} bs=262 count=1 2> /dev/null | tr -d '\0')" + case "$headerblock" in + $xz*) echo "xz" ;; + $gz*) echo "gzip" ;; + $bz*) echo "bzip2" ;; + $zs*) echo "zstd" ;; + 07070*) echo "cpio" ;; + *ustar) echo "tar" ;; + esac +} + +# determine filesystem type for a filesystem image +det_fs_img() { + local dev + dev=$(losetup --find --show "$1") rv="" + det_fs "$dev" + rv=$? + losetup -d "$dev" + return $rv +} + +# unpack_archive ARCHIVE OUTDIR +# unpack a (possibly compressed) cpio/tar archive +unpack_archive() { + local img="$1" outdir="$2" archiver="" decompr="" + local ft + ft="$(det_archive "$img")" + case "$ft" in + xz | gzip | bzip2 | zstd) decompr="$ft -dc" ;; + cpio | tar) decompr="cat" ;; + *) return 1 ;; + esac + ft="$($decompr "$img" | det_archive)" + case "$ft" in + cpio) archiver="cpio -iumd" ;; + tar) archiver="tar -xf -" ;; + *) return 2 ;; + esac + mkdir -p "$outdir" + ( + cd "$outdir" || exit + $decompr | $archiver 2> /dev/null + ) < "$img" +} + +# unpack_fs FSIMAGE OUTDIR +# unpack a filesystem image +unpack_fs() { + local img="$1" outdir="$2" + local mnt + mnt="$(mkuniqdir /tmp unpack_fs.)" + mount -o loop "$img" "$mnt" || { + rmdir "$mnt" + return 1 + } + mkdir -p "$outdir" + outdir="$( + cd "$outdir" || exit + pwd + )" + copytree "$mnt" "$outdir" + umount "$mnt" + rmdir "$mnt" +} + +# unpack an image file - compressed/uncompressed cpio/tar, filesystem, whatever +# unpack_img IMAGEFILE OUTDIR +unpack_img() { + local img="$1" outdir="$2" + [ -r "$img" ] || { + warn "can't read img!" + return 1 + } + [ -n "$outdir" ] || { + warn "unpack_img: no output dir given" + return 1 + } + + if [ "$(det_archive "$img")" ]; then + unpack_archive "$@" || { + warn "can't unpack archive file!" + return 1 + } + else + unpack_fs "$@" || { + warn "can't unpack filesystem image!" + return 1 + } + fi +} diff --git a/modules.d/99img-lib/module-setup.sh b/modules.d/99img-lib/module-setup.sh new file mode 100755 index 0000000..4f57b37 --- /dev/null +++ b/modules.d/99img-lib/module-setup.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# module-setup for img-lib + +# called by dracut +check() { + require_binaries tar gzip dd echo tr || return 1 + return 255 +} + +# called by dracut +depends() { + return 0 +} + +# called by dracut +install() { + inst_multiple tar gzip dd echo tr rmdir + # TODO: make this conditional on a cmdline flag / config option + inst_multiple -o cpio xz bzip2 zstd + inst_simple "$moddir/img-lib.sh" "/lib/img-lib.sh" +} diff --git a/modules.d/99memstrack/memstrack-report.sh b/modules.d/99memstrack/memstrack-report.sh new file mode 100755 index 0000000..0ee7f2f --- /dev/null +++ b/modules.d/99memstrack/memstrack-report.sh @@ -0,0 +1,17 @@ +#!/bin/sh +. /lib/dracut-lib.sh + +if ! [ "$DEBUG_MEM_LEVEL" -ge 4 ]; then + return 0 +fi + +if command -v systemctl > /dev/null; then + systemctl stop memstrack.service +else + pkill --signal INT '[m]emstrack' + while pgrep -c '[m]emstrack' > /dev/null; do + sleep 1 + done +fi + +cat /.memstrack diff --git a/modules.d/99memstrack/memstrack-start.sh b/modules.d/99memstrack/memstrack-start.sh new file mode 100755 index 0000000..45f65c2 --- /dev/null +++ b/modules.d/99memstrack/memstrack-start.sh @@ -0,0 +1,65 @@ +#!/bin/sh +# Mount kernel debug fs so debug tools can work. +# memdebug=4 and memdebug=5 requires debug fs to be mounted. +# And there is no need to umount it. + +type getargnum > /dev/null 2>&1 || . /lib/dracut-lib.sh + +# "sys/kernel/tracing" has the priority if exists. +get_trace_base() { + # trace access through debugfs would be obsolete if "/sys/kernel/tracing" is available. + if [ -d "/sys/kernel/tracing" ]; then + echo "/sys/kernel" + else + echo "/sys/kernel/debug" + fi +} + +is_debugfs_ready() { + [ -f "$(get_trace_base)/tracing/trace" ] +} + +prepare_debugfs() { + trace_base=$(get_trace_base) + # old debugfs interface case. + if ! [ -d "$trace_base/tracing" ]; then + mount none -t debugfs "$trace_base" + # new tracefs interface case. + elif ! [ -f "$trace_base/tracing/trace" ]; then + mount none -t tracefs "$trace_base/tracing" + fi + + if ! [ -f "$trace_base/tracing/trace" ]; then + echo "WARN: failed to mount debugfs" + return 1 + fi +} + +if ! is_debugfs_ready; then + prepare_debugfs +fi + +if [ -n "$DEBUG_MEM_LEVEL" ]; then + if [ "$DEBUG_MEM_LEVEL" -ge 5 ]; then + echo "memstrack - will report kernel module memory usage summary and top allocation stack" + nohup memstrack --report module_summary,module_top --notui --throttle 80 -o /.memstrack > /dev/null & + elif [ "$DEBUG_MEM_LEVEL" -ge 4 ]; then + echo "memstrack - will report memory usage summary" + nohup memstrack --report module_summary --notui --throttle 80 -o /.memstrack > /dev/null & + else + exit 0 + fi +fi + +PID=$! +RET=$? + +if [ $RET -ne 0 ]; then + echo "Failed to start memstrack, exit status: $RET" + exit $RET +fi + +echo $PID > /run/memstrack.pid + +# Wait a second for memstrack to setup everything, avoid missing any event +sleep 1 diff --git a/modules.d/99memstrack/memstrack.service b/modules.d/99memstrack/memstrack.service new file mode 100644 index 0000000..3717c73 --- /dev/null +++ b/modules.d/99memstrack/memstrack.service @@ -0,0 +1,15 @@ +[Unit] +Description=Memstrack Anylazing Service +DefaultDependencies=no +Before=dracut-cmdline.service systemd-udevd.service local-fs-pre.target +IgnoreOnIsolate=true +ConditionKernelCommandLine=|rd.memdebug=4 +ConditionKernelCommandLine=|rd.memdebug=5 + +[Service] +Type=forking +ExecStart=/bin/memstrack-start +PIDFile=/run/memstrack.pid +StandardInput=null +StandardOutput=journal+console +StandardError=journal+console diff --git a/modules.d/99memstrack/module-setup.sh b/modules.d/99memstrack/module-setup.sh new file mode 100755 index 0000000..27563eb --- /dev/null +++ b/modules.d/99memstrack/module-setup.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +check() { + if ! require_binaries pgrep pkill memstrack; then + dinfo "memstrack is not available" + dinfo "If you need to use rd.memdebug>=4, please install memstrack and procps-ng" + return 1 + fi + + return 0 +} + +depends() { + echo systemd + return 0 +} + +install() { + inst_multiple pgrep pkill nohup + inst "/bin/memstrack" "/bin/memstrack" + + inst "$moddir/memstrack-start.sh" "/bin/memstrack-start" + inst_hook cleanup 99 "$moddir/memstrack-report.sh" + + inst "$moddir/memstrack.service" "$systemdsystemunitdir/memstrack.service" + + $SYSTEMCTL -q --root "$initdir" add-wants initrd.target memstrack.service +} diff --git a/modules.d/99shutdown/module-setup.sh b/modules.d/99shutdown/module-setup.sh new file mode 100755 index 0000000..2b99902 --- /dev/null +++ b/modules.d/99shutdown/module-setup.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +# called by dracut +check() { + return 0 +} + +# called by dracut +depends() { + echo base + return 0 +} + +# called by dracut +install() { + local _d + inst_multiple umount poweroff reboot halt losetup stat sleep timeout + inst_multiple -o kexec + inst "$moddir/shutdown.sh" "$prefix/shutdown" + [ -e "${initdir}/lib" ] || mkdir -m 0755 -p "${initdir}"/lib + mkdir -m 0755 -p "${initdir}"/lib/dracut + mkdir -m 0755 -p "${initdir}"/lib/dracut/hooks + for _d in $hookdirs shutdown shutdown-emergency; do + mkdir -m 0755 -p "${initdir}"/lib/dracut/hooks/"$_d" + done +} diff --git a/modules.d/99shutdown/shutdown.sh b/modules.d/99shutdown/shutdown.sh new file mode 100755 index 0000000..d611d44 --- /dev/null +++ b/modules.d/99shutdown/shutdown.sh @@ -0,0 +1,176 @@ +#!/bin/sh +# +# Licensed under the GPLv2 +# +# Copyright 2011, Red Hat, Inc. +# Harald Hoyer <harald@redhat.com> +ACTION="$1" + +# Before trying to use /dev/console, verify that it exists, +# and that it can actually be used. When console=null is used, +# echo will fail. We do the check in a subshell, because otherwise +# the process will be killed when when running as PID 1. +# shellcheck disable=SC2217 +[ -w /dev/console ] \ + && (echo < /dev/console > /dev/null 2> /dev/null) \ + && exec < /dev/console >> /dev/console 2>> /dev/console + +export TERM=linux +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +. /lib/dracut-lib.sh + +if [ "$(stat -c '%T' -f /)" = "tmpfs" ]; then + mount -o remount,rw / +fi + +mkdir -p /oldsys +for i in sys proc run dev; do + mkdir -p /oldsys/$i + mount --move /oldroot/$i /oldsys/$i +done + +# if "kexec" was installed after creating the initramfs, we try to copy it from the real root +# libz normally is pulled in via kmod/modprobe and udevadm +if [ "$ACTION" = "kexec" ] && ! command -v kexec > /dev/null 2>&1; then + for p in /usr/sbin /usr/bin /sbin /bin; do + cp -a /oldroot/${p}/kexec $p > /dev/null 2>&1 && break + done + hash kexec +fi + +trap "emergency_shell --shutdown shutdown Signal caught!" 0 +getarg 'rd.break=pre-shutdown' && emergency_shell --shutdown pre-shutdown "Break before pre-shutdown" + +source_hook pre-shutdown + +warn "Killing all remaining processes" + +killall_proc_mountpoint /oldroot || sleep 0.2 + +# Timeout for umount calls. The value can be set to 0 to wait forever. +_umount_timeout=$(getarg rd.shutdown.timeout.umount) +_umount_timeout=${_umount_timeout:-90s} +_timed_out_umounts="" + +umount_a() { + local _verbose="n" + if [ "$1" = "-v" ]; then + _verbose="y" + shift + exec 7>&2 + else + exec 7> /dev/null + fi + + local _did_umount="n" + while read -r _ mp _ || [ -n "$mp" ]; do + strstr "$mp" oldroot || continue + strstr "$_timed_out_umounts" " $mp " && continue + + # Unmount the file system. The operation uses a timeout to avoid waiting + # indefinitely if this is e.g. a stuck NFS mount. The command is + # invoked in a subshell to silence also the "Killed" message that might + # be produced by the shell. + ( + set +m + timeout --signal=KILL "$_umount_timeout" umount "$mp" + ) 2>&7 + local ret=$? + if [ $ret -eq 0 ]; then + _did_umount="y" + warn "Unmounted $mp." + elif [ $ret -eq 137 ]; then + _timed_out_umounts="$_timed_out_umounts $mp " + warn "Unmounting $mp timed out." + elif [ "$_verbose" = "y" ]; then + warn "Unmounting $mp failed with status $ret." + fi + done < /proc/mounts + + losetup -D 2>&7 + + exec 7>&- + [ "$_did_umount" = "y" ] && return 0 + return 1 +} + +_cnt=0 +while [ $_cnt -le 40 ]; do + umount_a || break + _cnt=$((_cnt + 1)) +done + +[ $_cnt -ge 40 ] && umount_a -v + +if strstr "$(cat /proc/mounts)" "/oldroot"; then + warn "Cannot umount /oldroot" + for _pid in /proc/*; do + _pid=${_pid##/proc/} + case $_pid in + *[!0-9]*) continue ;; + esac + [ "$_pid" -eq $$ ] && continue + + [ -e "/proc/$_pid/exe" ] || continue + [ -e "/proc/$_pid/root" ] || continue + + if strstr "$(ls -l /proc/"$_pid" /proc/"$_pid"/fd 2> /dev/null)" "oldroot"; then + warn "Blocking umount of /oldroot [$_pid] $(cat /proc/"$_pid"/cmdline)" + else + warn "Still running [$_pid] $(cat /proc/"$_pid"/cmdline)" + fi + + # shellcheck disable=SC2012 + ls -l "/proc/$_pid/exe" 2>&1 | vwarn + # shellcheck disable=SC2012 + ls -l "/proc/$_pid/fd" 2>&1 | vwarn + done +fi + +_check_shutdown() { + local __f + local __s=0 + for __f in "$hookdir"/shutdown/*.sh; do + [ -e "$__f" ] || continue + # shellcheck disable=SC1090 disable=SC2240 + if (final="$1" . "$__f" "$1"); then + rm -f -- "$__f" + else + __s=1 + fi + done + return $__s +} + +_cnt=0 +while [ $_cnt -le 40 ]; do + _check_shutdown && break + _cnt=$((_cnt + 1)) +done +[ $_cnt -ge 40 ] && _check_shutdown final + +if type plymouth > /dev/null 2>&1; then + plymouth --hide-splash +elif [ -x /oldroot/bin/plymouth ]; then + /oldroot/bin/plymouth --hide-splash +fi + +getarg 'rd.break=shutdown' && emergency_shell --shutdown shutdown "Break before shutdown" + +case "$ACTION" in + reboot | poweroff | halt) + $ACTION -f -n + warn "$ACTION failed!" + ;; + kexec) + kexec -e + warn "$ACTION failed!" + reboot -f -n + ;; + *) + warn "Shutdown called with argument '$ACTION'. Rebooting!" + reboot -f -n + ;; +esac + +emergency_shell --shutdown shutdown diff --git a/modules.d/99squash/init-squash.sh b/modules.d/99squash/init-squash.sh new file mode 100755 index 0000000..59769f6 --- /dev/null +++ b/modules.d/99squash/init-squash.sh @@ -0,0 +1,34 @@ +#!/bin/sh +PATH=/bin:/sbin + +[ -e /proc/self/mounts ] \ + || (mkdir -p /proc && mount -t proc -o nosuid,noexec,nodev proc /proc) + +grep -q '^sysfs /sys sysfs' /proc/self/mounts \ + || (mkdir -p /sys && mount -t sysfs -o nosuid,noexec,nodev sysfs /sys) + +grep -q '^devtmpfs /dev devtmpfs' /proc/self/mounts \ + || (mkdir -p /dev && mount -t devtmpfs -o mode=755,noexec,nosuid,strictatime devtmpfs /dev) + +grep -q '^tmpfs /run tmpfs' /proc/self/mounts \ + || (mkdir -p /run && mount -t tmpfs -o mode=755,noexec,nosuid,strictatime tmpfs /run) + +# Load required modules +modprobe loop +modprobe squashfs +modprobe overlay + +# Mount the squash image +mount -t ramfs ramfs /squash +mkdir -p /squash/root /squash/overlay/upper /squash/overlay/work +mount -t squashfs -o ro,loop /squash-root.img /squash/root + +# Setup new root overlay +mkdir /newroot +mount -t overlay overlay -o lowerdir=/squash/root,upperdir=/squash/overlay/upper,workdir=/squash/overlay/work/ /newroot/ + +# Move all mount points to new root to prepare chroot +mount --move /squash /newroot/squash + +# Jump to new root and clean setup files +SYSTEMD_IN_INITRD=lenient exec switch_root /newroot /init diff --git a/modules.d/99squash/module-setup.sh b/modules.d/99squash/module-setup.sh new file mode 100755 index 0000000..dc2e0a2 --- /dev/null +++ b/modules.d/99squash/module-setup.sh @@ -0,0 +1,68 @@ +#!/bin/bash + +check() { + require_binaries mksquashfs unsquashfs || return 1 + require_kernel_modules squashfs loop overlay || return 1 + + return 255 +} + +depends() { + echo "systemd-initrd" + return 0 +} + +installpost() { + local _busybox + _busybox=$(find_binary busybox) + + # Move everything under $initdir except $squash_dir + # itself into squash image + for i in "$initdir"/*; do + [[ $squash_dir == "$i"/* ]] || mv "$i" "$squash_dir"/ + done + + # Create mount points for squash loader + mkdir -p "$initdir"/squash/ + mkdir -p "$squash_dir"/squash/ + + # Copy dracut spec files out side of the squash image + # so dracut rebuild and lsinitrd can work + for file in "$squash_dir"/usr/lib/dracut/*; do + [[ -f $file ]] || continue + DRACUT_RESOLVE_DEPS=1 dracutsysrootdir="$squash_dir" inst "${file#"$squash_dir"}" + done + + # Install required modules and binaries for the squash image init script. + if [[ $_busybox ]]; then + inst "$_busybox" /usr/bin/busybox + for _i in sh echo mount modprobe mkdir switch_root grep umount; do + ln_r /usr/bin/busybox /usr/bin/$_i + done + else + DRACUT_RESOLVE_DEPS=1 inst_multiple sh mount modprobe mkdir switch_root grep umount + + # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so + inst_libdir_file -o "libgcc_s.so*" + + # FIPS workaround for Fedora/RHEL: libcrypto needs libssl when FIPS is enabled + [[ $DRACUT_FIPS_MODE ]] && inst_libdir_file -o "libssl.so*" + fi + + hostonly="" instmods "loop" "squashfs" "overlay" + dracut_kernel_post + + # Install squash image init script. + ln_r /usr/bin /bin + ln_r /usr/sbin /sbin + inst_simple "$moddir"/init-squash.sh /init + + # make sure that library links are correct and up to date for squash loader + build_ld_cache +} + +install() { + if [[ $DRACUT_SQUASH_POST_INST ]]; then + installpost + fi +} diff --git a/modules.d/99uefi-lib/module-setup.sh b/modules.d/99uefi-lib/module-setup.sh new file mode 100755 index 0000000..6deeee8 --- /dev/null +++ b/modules.d/99uefi-lib/module-setup.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# called by dracut +check() { + return 255 +} + +# called by dracut +depends() { + echo bash + return 0 +} + +# called by dracut +install() { + inst_simple "$moddir/uefi-lib.sh" "/lib/uefi-lib.sh" +} diff --git a/modules.d/99uefi-lib/uefi-lib.sh b/modules.d/99uefi-lib/uefi-lib.sh new file mode 100755 index 0000000..06004ee --- /dev/null +++ b/modules.d/99uefi-lib/uefi-lib.sh @@ -0,0 +1,162 @@ +#!/bin/bash +# +# Copyright 2013 Red Hat, Inc. All rights reserved. +# Copyright 2013 Harald Hoyer <harald@redhat.com> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +getbyte() { + local IFS= LC_CTYPE=C res c=0 + read -r -n 1 -d '' c + res=$? + # the single quote in the argument of the printf + # yields the numeric value of $c (ASCII since LC_CTYPE=C) + [[ -n $c ]] && c=$(printf '%u' "'$c") || c=0 + printf "%s" "$c" + return $res +} + +getword() { + local b1=0 b2=0 val=0 + b1=$(getbyte) + b2=$(getbyte) + ((val = b2 * 256 + b1)) + echo "$val" + return 0 +} + +# E.g. Acpi(PNP0A08,0x0)/Pci(0x3,0x0)/Pci(0x0,0x0)/MAC(90E2BA265ED4,0x0)/Vlan(172)/Fibre(0x4EA06104A0CC0050,0x0) +uefi_device_path() { + data=${1:-/sys/firmware/efi/efivars/FcoeBootDevice-a0ebca23-5f9c-447a-a268-22b6c158c2ac} + [ -f "$data" ] || return 1 + + local IFS= LC_CTYPE=C res tt len type hextype first + first=1 + { + getword > /dev/null + getword > /dev/null + while :; do + type=$(getbyte) || return 1 + subtype=$(getbyte) || return 1 + len=$(getword) || return 1 + hextype=$(printf "%02x%02x" "$type" "$subtype") + if [[ $first == 1 ]]; then + first=0 + elif [[ $hextype != "7fff" ]]; then + printf "/" + fi + case $hextype in + 0101) + # PCI + tt=$(getword) + printf "PCI(0x%x,0x%x)" $((tt / 256)) $((tt & 255)) + ;; + 0201) + # ACPI + printf "Acpi(0x%x,0x%x)" $(($(getword) + $(getword) * 65536)) $(($(getword) + $(getword) * 65536)) + ;; + 0303) + # FIBRE + getword &> /dev/null + getword &> /dev/null + printf "Fibre(0x%x%x%x%x%x%x%x%x,0x%x)" \ + "$(getbyte)" "$(getbyte)" "$(getbyte)" "$(getbyte)" \ + "$(getbyte)" "$(getbyte)" "$(getbyte)" "$(getbyte)" \ + "$(($(getword) + $(getword) * 65536 + 4294967296 * ($(getword) + $(getword) * 65536)))" + ;; + 030b) + # MAC + printf "MAC(%02x%02x%02x%02x%02x%02x," "$(getbyte)" "$(getbyte)" "$(getbyte)" "$(getbyte)" "$(getbyte)" "$(getbyte)" + for ((i = 0; i < 26; i++)); do tt=$(getbyte) || return 1; done + printf "0x%x)" "$(getbyte)" + ;; + 0314) + # VLAN + printf "VLAN(%d)" "$(getword)" + ;; + 7fff) + # END + printf "\n" + return 0 + ;; + *) + #printf "Unknown(Type:0x%02x SubType:0x%02x len=%d)\n" "$type" "$subtype" "$len" >&2 + for ((i = 0; i < len - 4; i++)); do tt=$(getbyte); done + ;; + esac + done + } < "$data" +} + +get_fcoe_boot_mac() { + data=${1:-/sys/firmware/efi/efivars/FcoeBootDevice-a0ebca23-5f9c-447a-a268-22b6c158c2ac} + [ -f "$data" ] || return 1 + local IFS= LC_CTYPE=C tt len type hextype + { + getword > /dev/null + getword > /dev/null + while :; do + type=$(getbyte) || return 1 + subtype=$(getbyte) || return 1 + len=$(getword) || return 1 + hextype=$(printf "%02x%02x" "$type" "$subtype") + case $hextype in + 030b) + # MAC + printf "%02x:%02x:%02x:%02x:%02x:%02x" "$(getbyte)" "$(getbyte)" "$(getbyte)" "$(getbyte)" "$(getbyte)" "$(getbyte)" + for ((i = 0; i < 27; i++)); do tt=$(getbyte) || return 1; done + ;; + 7fff) + # END + return 0 + ;; + *) + #printf "Unknown(Type:0x%02x SubType:0x%02x len=%d)\n" "$type" "$subtype" "$len" >&2 + for ((i = 0; i < len - 4; i++)); do tt=$(getbyte); done + ;; + esac + done + } < "$data" +} + +get_fcoe_boot_vlan() { + data=${1:-/sys/firmware/efi/efivars/FcoeBootDevice-a0ebca23-5f9c-447a-a268-22b6c158c2ac} + [ -f "$data" ] || return 1 + local IFS= LC_CTYPE=C tt len type hextype + { + getword > /dev/null + getword > /dev/null + while :; do + type=$(getbyte) || return 1 + subtype=$(getbyte) || return 1 + len=$(getword) || return 1 + hextype=$(printf "%02x%02x" "$type" "$subtype") + case $hextype in + 0314) + # VLAN + printf "%d" "$(getword)" + ;; + 7fff) + # END + return 0 + ;; + *) + #printf "Unknown(Type:0x%02x SubType:0x%02x len=%d)\n" "$type" "$subtype" "$len" >&2 + for ((i = 0; i < len; i++)); do tt=$(getbyte); done + ;; + esac + done + } < "$data" +} diff --git a/shell-completion/bash/dracut b/shell-completion/bash/dracut new file mode 100644 index 0000000..e8a8691 --- /dev/null +++ b/shell-completion/bash/dracut @@ -0,0 +1,124 @@ +#!/bin/bash +# Copyright 2013 Red Hat, Inc. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +__contains_word() { + local word="$1" + shift + for w in "$@"; do [[ $w == "$word" ]] && return 0; done + return 1 +} + +_dracut() { + local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD - 1]} + local -A OPTS=( + [STANDALONE]='-f -v -q -l -H -h -M -N -p + --ro-mnt --force --kernel-only --no-kernel --strip --nostrip + --hardlink --nohardlink --noprefix --mdadmconf --nomdadmconf + --lvmconf --nolvmconf --debug --profile --verbose --quiet + --local --hostonly --no-hostonly --fstab --help --bzip2 --lzma + --xz --zstd --no-compress --gzip --list-modules --show-modules --keep + --printsize --regenerate-all --noimageifnotneeded --early-microcode + --no-early-microcode --print-cmdline --reproducible --uefi + --enhanced-cpio --rebuild --aggressive-strip --hostonly-cmdline + --no-hostonly-cmdline --no-hostonly-default-device --nofscks + --hostonly-i18n --no-hostonly-i18n --lzo --lz4 --no-reproducible + --no-uefi --no-machineid --version --parallel + ' + [ARG]='-a -m -o -d -I -k -c -L -r -i + --kver --add --force-add --add-drivers --force-drivers + --omit-drivers --modules --omit --drivers --filesystems --install + --fwdir --libdirs --fscks --add-fstab --mount --device + --kmoddir --conf --confdir --tmpdir --stdlog --compress --prefix + --kernel-cmdline --sshkey --persistent-policy --install-optional + --loginstall --uefi-stub --kernel-image --squash-compressor + --sysroot --hostonly-mode --hostonly-nics --include --logfile + --uefi-splash-image --sbat + ' + ) + + # shellcheck disable=SC2086 + if __contains_word "$prev" ${OPTS[ARG]}; then + case $prev in + --kmoddir | -k | --fwdir | --confdir | --tmpdir | -r | --sysroot) + comps=$(compgen -d -- "$cur") + compopt -o filenames + ;; + -c | --conf | --sshkey | --add-fstab | --add-device | -I | \ + --install | --install-optional | --uefi-splash-image) + comps=$(compgen -f -- "$cur") + compopt -o filenames + ;; + -a | -m | -o | --add | --modules | --omit) + comps=$(dracut --list-modules 2> /dev/null) + ;; + --persistent-policy) + comps=$( + cd /dev/disk/ || return 0 + printf -- "%s " * + ) + ;; + --kver) + comps=$( + cd /lib/modules || return 0 + echo [0-9]* + ) + ;; + --hostonly-mode) + comps="sloppy strict" + ;; + --hostonly-nics) + comps=$( + cd /sys/class/net/ || return 0 + printf -- "%s " * + ) + ;; + *) + return 0 + ;; + esac + # shellcheck disable=SC2207 + # shellcheck disable=SC2016 + COMPREPLY=($(compgen -W '$comps' -- "$cur")) + return 0 + fi + + if [[ $cur == -* ]]; then + # shellcheck disable=SC2207 + # shellcheck disable=SC2016 + COMPREPLY=($(compgen -W '${OPTS[*]}' -- "$cur")) + return 0 + fi + + local args + _count_args + if [[ $args -eq 1 ]]; then + _filedir + return 0 + elif [[ $args -eq 2 ]]; then + # shellcheck disable=SC2034 + comps=$( + cd /lib/modules || return 0 + echo [0-9]* + ) + # shellcheck disable=SC2207 + # shellcheck disable=SC2016 + COMPREPLY=($(compgen -W '$comps' -- "$cur")) + return 0 + fi +} + +complete -F _dracut dracut diff --git a/shell-completion/bash/lsinitrd b/shell-completion/bash/lsinitrd new file mode 100644 index 0000000..da7e7ad --- /dev/null +++ b/shell-completion/bash/lsinitrd @@ -0,0 +1,71 @@ +#!/bin/bash +# Copyright 2013 Red Hat, Inc. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +__contains_word() { + local word="$1" + shift + for w in "$@"; do [[ $w == "$word" ]] && return 0; done + return 1 +} + +_lsinitrd() { + local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD - 1]} + local -A OPTS=( + [STANDALONE]='-s --size -h --help --unpack --unpackearly -v --verbose' + [ARG]='-f --file -k --kver' + ) + + # shellcheck disable=SC2086 + if __contains_word "$prev" ${OPTS[ARG]}; then + case $prev in + --file | -f) + comps=$(compgen -f -- "$cur") + compopt -o filenames + ;; + --kver | -k) + comps=$( + cd /lib/modules || return 1 + echo [0-9]* + ) + ;; + *) + return 0 + ;; + esac + # shellcheck disable=SC2207 + # shellcheck disable=SC2016 + COMPREPLY=($(compgen -W '$comps' -- "$cur")) + return 0 + fi + + if [[ $cur == -* ]]; then + # shellcheck disable=SC2207 + # shellcheck disable=SC2016 + COMPREPLY=($(compgen -W '${OPTS[*]}' -- "$cur")) + return 0 + fi + + # shellcheck disable=SC2034 + comps=$(compgen -f -- "$cur") + compopt -o filenames + # shellcheck disable=SC2207 + # shellcheck disable=SC2016 + COMPREPLY=($(compgen -W '$comps' -- "$cur")) + return 0 +} + +complete -F _lsinitrd lsinitrd diff --git a/src/dracut-cpio/Cargo.lock b/src/dracut-cpio/Cargo.lock new file mode 100644 index 0000000..75dca6f --- /dev/null +++ b/src/dracut-cpio/Cargo.lock @@ -0,0 +1,12 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +[[package]] +name = "crosvm" +version = "0.1.0" + +[[package]] +name = "dracut-cpio" +version = "0.1.0" +dependencies = [ + "crosvm", +] diff --git a/src/dracut-cpio/Cargo.toml b/src/dracut-cpio/Cargo.toml new file mode 100644 index 0000000..28cfb15 --- /dev/null +++ b/src/dracut-cpio/Cargo.toml @@ -0,0 +1,11 @@ +[package] +name = "dracut-cpio" +description = "cpio archive generator for Dracut" +authors = ["David Disseldorp"] +license = "GPL-2.0" +version = "0.1.0" +edition = "2018" + +[dependencies] +crosvm = { path = "third_party/crosvm" } +# please avoid adding any more dependencies diff --git a/src/dracut-cpio/src/main.rs b/src/dracut-cpio/src/main.rs new file mode 100644 index 0000000..c3bfe90 --- /dev/null +++ b/src/dracut-cpio/src/main.rs @@ -0,0 +1,1813 @@ +// SPDX-License-Identifier: GPL-2.0 +// Copyright (C) 2021 SUSE LLC + +use std::convert::TryInto; +use std::env; +use std::ffi::OsStr; +use std::fs; +use std::io; +use std::io::prelude::*; +use std::os::unix::ffi::OsStrExt; +use std::os::unix::fs::FileTypeExt; +use std::os::unix::fs::MetadataExt as UnixMetadataExt; +use std::path::{Path, PathBuf}; + +use crosvm::argument::{self, Argument}; + +macro_rules! NEWC_HDR_FMT { + () => { + concat!( + "{magic}{ino:08X}{mode:08X}{uid:08X}{gid:08X}{nlink:08X}", + "{mtime:08X}{filesize:08X}{major:08X}{minor:08X}{rmajor:08X}", + "{rminor:08X}{namesize:08X}{chksum:08X}" + ) + }; +} + +// Don't print debug messages on release builds... +#[cfg(debug_assertions)] +macro_rules! dout { + ($($l:tt)*) => { println!($($l)*); } +} +#[cfg(not(debug_assertions))] +macro_rules! dout { + ($($l:tt)*) => {}; +} + +const NEWC_HDR_LEN: u64 = 110; +const PATH_MAX: u64 = 4096; + +struct HardlinkPath { + infile: PathBuf, + outfile: PathBuf, +} + +struct HardlinkState { + names: Vec<HardlinkPath>, + source_ino: u64, + mapped_ino: u32, + nlink: u32, + seen: u32, +} + +struct DevState { + dev: u64, + hls: Vec<HardlinkState>, +} + +struct ArchiveProperties { + // first inode number to use. @ArchiveState.ino increments from this. + initial_ino: u32, + // if non-zero, then align file data segments to this offset by injecting + // extra zeros after the filename string terminator. + data_align: u32, + // When injecting extra zeros into the filename field for data alignment, + // ensure that it doesn't exceed this size. The linux kernel will ignore + // files where namesize is larger than PATH_MAX, hence the need for this. + namesize_max: u32, + // if the archive is being appended to the end of an existing file, then + // @initial_data_off is used when calculating @data_align alignment. + initial_data_off: u64, + // delimiter character for the stdin file list + list_separator: u8, + // mtime, uid and gid to use for archived inodes, instead of the value + // reported by stat. + fixed_mtime: Option<u32>, + fixed_uid: Option<u32>, + fixed_gid: Option<u32>, + // When archiving a subset of hardlinks, nlink values in the archive can + // represent the subset (renumber_nlink=true) or the original source file + // nlink values (renumber_nlink=false), where the latter matches GNU cpio. + renumber_nlink: bool, + // If OUTPUT file exists, then zero-truncate it instead of appending. The + // default append behaviour chains archives back-to-back, i.e. multiple + // archives will be separated by a TRAILER and 512-byte padding. + // See Linux's Documentation/driver-api/early-userspace/buffer-format.rst + // for details on how chained initramfs archives are handled. + truncate_existing: bool, +} + +impl ArchiveProperties { + pub fn default() -> ArchiveProperties { + ArchiveProperties { + initial_ino: 0, // match GNU cpio numbering + data_align: 0, + namesize_max: PATH_MAX as u32, + initial_data_off: 0, + list_separator: b'\n', + fixed_mtime: None, + fixed_uid: None, + fixed_gid: None, + renumber_nlink: false, + truncate_existing: false, + } + } +} + +struct ArchiveState { + // 2d dev + inode vector serves two purposes: + // - dev index provides reproducible major,minor values + // - inode@dev provides hardlink state tracking + ids: Vec<DevState>, + // offset from the start of this archive + off: u64, + // next mapped inode number, used instead of source file inode numbers to + // ensure reproducibility. XXX: should track inode per mapped dev? + ino: u32, +} + +impl ArchiveState { + pub fn new(ino_start: u32) -> ArchiveState { + ArchiveState { + ids: Vec::new(), + off: 0, + ino: ino_start, + } + } + + // lookup or create DevState for @dev. Return @major/@minor based on index + pub fn dev_seen(&mut self, dev: u64) -> Option<(u32, u32)> { + let index: u64 = match self.ids.iter().position(|i| i.dev == dev) { + Some(idx) => idx.try_into().ok()?, + None => { + self.ids.push(DevState { + dev: dev, + hls: Vec::new(), + }); + (self.ids.len() - 1).try_into().ok()? + } + }; + + let major: u32 = (index >> 32).try_into().unwrap(); + let minor: u32 = (index & u64::from(u32::MAX)).try_into().unwrap(); + Some((major, minor)) + } + + // Check whether we've already seen this hardlink's dev/inode combination. + // If already seen, fill the existing mapped_ino. + // Return true if this entry has been deferred (seen != nlinks) + pub fn hardlink_seen<W: Write + Seek>( + &mut self, + props: &ArchiveProperties, + mut writer: W, + major: u32, + minor: u32, + md: fs::Metadata, + inpath: &Path, + outpath: &Path, + mapped_ino: &mut Option<u32>, + mapped_nlink: &mut Option<u32>, + ) -> std::io::Result<bool> { + assert!(md.nlink() > 1); + let index = u64::from(major) << 32 | u64::from(minor); + // reverse index->major/minor conversion that was just done + let devstate: &mut DevState = &mut self.ids[index as usize]; + let (_index, hl) = match devstate + .hls + .iter_mut() + .enumerate() + .find(|(_, hl)| hl.source_ino == md.ino()) + { + Some(hl) => hl, + None => { + devstate.hls.push(HardlinkState { + names: vec![HardlinkPath { + infile: inpath.to_path_buf(), + outfile: outpath.to_path_buf(), + }], + source_ino: md.ino(), + mapped_ino: self.ino, + nlink: md.nlink().try_into().unwrap(), // pre-checked + seen: 1, + }); + self.ino += 1; // ino is reserved for all subsequent links + return Ok(true); + } + }; + + if (*hl).names.iter().any(|n| n.infile == inpath) { + println!( + "duplicate hardlink path {} for {}", + inpath.display(), + md.ino() + ); + // GNU cpio doesn't swallow duplicates + } + + // hl.nlink may not match md.nlink if we've come here via + // archive_flush_unseen_hardlinks() . + + (*hl).seen += 1; + if (*hl).seen > (*hl).nlink { + // GNU cpio powers through if a hardlink is listed multiple times, + // exceeding nlink. + println!("hardlink seen {} exceeds nlink {}", (*hl).seen, (*hl).nlink); + } + + if (*hl).seen < (*hl).nlink { + (*hl).names.push(HardlinkPath { + infile: inpath.to_path_buf(), + outfile: outpath.to_path_buf(), + }); + return Ok(true); + } + + // a new HardlinkPath entry isn't added, as return path handles cpio + // outpath header *and* data segment. + + for path in (*hl).names.iter().rev() { + dout!("writing hardlink {}", path.outfile.display()); + // length already PATH_MAX validated + let fname = path.outfile.as_os_str().as_bytes(); + + write!( + writer, + NEWC_HDR_FMT!(), + magic = "070701", + ino = (*hl).mapped_ino, + mode = md.mode(), + uid = match props.fixed_uid { + Some(u) => u, + None => md.uid(), + }, + gid = match props.fixed_gid { + Some(g) => g, + None => md.gid(), + }, + nlink = match props.renumber_nlink { + true => (*hl).nlink, + false => md.nlink().try_into().unwrap(), + }, + mtime = match props.fixed_mtime { + Some(t) => t, + None => md.mtime().try_into().unwrap(), + }, + filesize = 0, + major = major, + minor = major, + rmajor = 0, + rminor = 0, + namesize = fname.len() + 1, + chksum = 0 + )?; + self.off += NEWC_HDR_LEN; + writer.write_all(fname)?; + self.off += fname.len() as u64; + // +1 as padding starts after fname nulterm + let seeklen = 1 + archive_padlen(self.off + 1, 4); + { + let z = vec![0u8; seeklen.try_into().unwrap()]; + writer.write_all(&z)?; + } + self.off += seeklen; + } + *mapped_ino = Some((*hl).mapped_ino); + // cpio nlink may be different to stat nlink if only a subset of links + // are archived. + if props.renumber_nlink { + *mapped_nlink = Some((*hl).nlink); + } + + // GNU cpio: if a name is given multiple times, exceeding nlink, then + // subsequent names continue to be packed (with a repeat data segment), + // using the same mapped inode. + dout!("resetting hl at index {}", index); + hl.seen = 0; + hl.names.clear(); + + return Ok(false); + } +} + +fn archive_path<W: Seek + Write>( + state: &mut ArchiveState, + props: &ArchiveProperties, + path: &Path, + mut writer: W, +) -> std::io::Result<()> { + let inpath = path; + let mut outpath = path.clone(); + let mut datalen: u32 = 0; + let mut rmajor: u32 = 0; + let mut rminor: u32 = 0; + let mut hardlink_ino: Option<u32> = None; + let mut hardlink_nlink: Option<u32> = None; + let mut symlink_tgt = PathBuf::new(); + let mut data_align_seek: u32 = 0; + + outpath = match outpath.strip_prefix("./") { + Ok(p) => { + if p.as_os_str().as_bytes().len() == 0 { + outpath // retain './' and '.' paths + } else { + p + } + } + Err(_) => outpath, + }; + let fname = outpath.as_os_str().as_bytes(); + if fname.len() + 1 >= PATH_MAX.try_into().unwrap() { + return Err(io::Error::new(io::ErrorKind::InvalidInput, "path too long")); + } + + let md = match fs::symlink_metadata(inpath) { + Ok(m) => m, + Err(e) => { + println!("failed to get metadata for {}: {}", inpath.display(), e); + return Err(e); + } + }; + dout!("archiving {} with mode {:o}", outpath.display(), md.mode()); + + let (major, minor) = match state.dev_seen(md.dev()) { + Some((maj, min)) => (maj, min), + None => return Err(io::Error::new(io::ErrorKind::Other, "failed to map dev")), + }; + + if md.nlink() > u32::MAX as u64 { + return Err(io::Error::new( + io::ErrorKind::InvalidInput, + "nlink too large", + )); + } + + let mtime: u32 = match props.fixed_mtime { + Some(t) => t, + None => { + // check for 2106 epoch overflow + if md.mtime() > i64::from(u32::MAX) { + return Err(io::Error::new( + io::ErrorKind::InvalidInput, + "mtime too large for cpio", + )); + } + md.mtime().try_into().unwrap() + } + }; + + let ftype = md.file_type(); + if ftype.is_symlink() { + symlink_tgt = fs::read_link(inpath)?; + datalen = { + let d: usize = symlink_tgt.as_os_str().as_bytes().len(); + if d >= PATH_MAX.try_into().unwrap() { + return Err(io::Error::new( + io::ErrorKind::InvalidInput, + "symlink path too long", + )); + } + d.try_into().unwrap() + }; + // no zero terminator for symlink target path + } + + // Linux kernel uses 32-bit dev_t, encoded as mmmM MMmm. glibc uses 64-bit + // MMMM Mmmm mmmM MMmm, which is compatible with the former. + if ftype.is_block_device() || ftype.is_char_device() { + let rd = md.rdev(); + rmajor = (((rd >> 32) & 0xfffff000) | ((rd >> 8) & 0x00000fff)) as u32; + rminor = (((rd >> 12) & 0xffffff00) | (rd & 0x000000ff)) as u32; + } + + if ftype.is_file() { + datalen = { + if md.len() > u64::from(u32::MAX) { + return Err(io::Error::new( + io::ErrorKind::InvalidInput, + "file too large for newc", + )); + } + md.len().try_into().unwrap() + }; + + if md.nlink() > 1 { + // follow GNU cpio's behaviour of attaching hardlink data only to + // the last entry in the archive. + let deferred = state.hardlink_seen( + &props, + &mut writer, + major, + minor, + md.clone(), + &inpath, + outpath, + &mut hardlink_ino, + &mut hardlink_nlink, + )?; + if deferred { + dout!("deferring hardlink {} data portion", outpath.display()); + return Ok(()); + } + } + + if props.data_align > 0 && datalen > props.data_align { + // XXX we're "bending" the newc spec a bit here to inject zeros + // after fname to provide data segment alignment. These zeros are + // accounted for in the namesize, but some applications may only + // expect a single zero-terminator (and 4 byte alignment). GNU cpio + // and Linux initramfs handle this fine as long as PATH_MAX isn't + // exceeded. + data_align_seek = { + let len: u64 = archive_padlen( + props.initial_data_off + state.off + NEWC_HDR_LEN + fname.len() as u64 + 1, + u64::from(props.data_align), + ); + let padded_namesize = len + fname.len() as u64 + 1; + if padded_namesize > u64::from(props.namesize_max) { + dout!( + "{} misaligned. Required padding {} exceeds namesize maximum {}.", + outpath.display(), + len, + props.namesize_max + ); + 0 + } else { + len.try_into().unwrap() + } + }; + } + } + + write!( + writer, + NEWC_HDR_FMT!(), + magic = "070701", + ino = match hardlink_ino { + Some(i) => i, + None => { + let i = state.ino; + state.ino += 1; + i + } + }, + mode = md.mode(), + uid = match props.fixed_uid { + Some(u) => u, + None => md.uid(), + }, + gid = match props.fixed_gid { + Some(g) => g, + None => md.gid(), + }, + nlink = match hardlink_nlink { + Some(n) => n, + None => md.nlink().try_into().unwrap(), + }, + mtime = mtime, + filesize = datalen, + major = major, + minor = major, + rmajor = rmajor, + rminor = rminor, + namesize = fname.len() + 1 + data_align_seek as usize, + chksum = 0 + )?; + state.off += NEWC_HDR_LEN; + + writer.write_all(fname)?; + state.off += fname.len() as u64; + + let mut seek_len: i64 = 1; // fname nulterm + if data_align_seek > 0 { + seek_len += data_align_seek as i64; + assert_eq!(archive_padlen(state.off + seek_len as u64, 4), 0); + } else { + let padding_len = archive_padlen(state.off + seek_len as u64, 4); + seek_len += padding_len as i64; + } + { + let z = vec![0u8; seek_len.try_into().unwrap()]; + writer.write_all(&z)?; + } + state.off += seek_len as u64; + + // io::copy() can reflink: https://github.com/rust-lang/rust/pull/75272 \o/ + if datalen > 0 { + if ftype.is_file() { + let mut reader = io::BufReader::new(fs::File::open(inpath)?); + let copied = io::copy(&mut reader, &mut writer)?; + if copied != u64::from(datalen) { + return Err(io::Error::new( + io::ErrorKind::UnexpectedEof, + "copy returned unexpected length", + )); + } + } else if ftype.is_symlink() { + writer.write_all(symlink_tgt.as_os_str().as_bytes())?; + } + state.off += u64::from(datalen); + let dpad_len: usize = archive_padlen(state.off, 4).try_into().unwrap(); + write!(writer, "{pad:.padlen$}", padlen = dpad_len, pad = "\0\0\0")?; + state.off += dpad_len as u64; + } + + Ok(()) +} + +fn archive_padlen(off: u64, alignment: u64) -> u64 { + (alignment - (off & (alignment - 1))) % alignment +} + +// this fn is inefficient, but optimizing for hardlinks isn't high priority +fn archive_flush_unseen_hardlinks<W: Write + Seek>( + state: &mut ArchiveState, + props: &ArchiveProperties, + mut writer: W, +) -> std::io::Result<()> { + let mut deferred_inpaths: Vec<PathBuf> = Vec::new(); + for id in state.ids.iter_mut() { + for hl in id.hls.iter_mut() { + if hl.seen == 0 || hl.seen == hl.nlink { + dout!("HardlinkState complete with seen {}", hl.seen); + continue; + } + dout!( + "pending HardlinkState with seen {} != nlinks {}", + hl.seen, + hl.nlink + ); + + while hl.names.len() > 0 { + let path = hl.names.pop().unwrap(); + deferred_inpaths.push(path.infile); + } + // ensure that data segment gets added on archive_path recall + hl.nlink = hl.seen; + hl.seen = 0; + // existing allocated inode should be used + } + } + + if deferred_inpaths.len() > 0 { + // rotate-right to match gnu ordering + deferred_inpaths.rotate_right(1); + + // .reverse() to match gnu ordering + for p in deferred_inpaths.iter().rev() { + archive_path(state, props, p.as_path(), &mut writer)?; + } + } + + Ok(()) +} + +fn archive_trailer<W: Write>(mut writer: W, cur_off: u64) -> std::io::Result<u64> { + let fname = "TRAILER!!!"; + let fname_len = fname.len() + 1; + + write!( + writer, + NEWC_HDR_FMT!(), + magic = "070701", + ino = 0, + mode = 0, + uid = 0, + gid = 0, + nlink = 1, + mtime = 0, + filesize = 0, + major = 0, + minor = 0, + rmajor = 0, + rminor = 0, + namesize = fname_len, + chksum = 0 + )?; + let mut off: u64 = cur_off + NEWC_HDR_LEN; + + let padding_len = archive_padlen(off + fname_len as u64, 4); + write!( + writer, + "{}\0{pad:.padlen$}", + fname, + padlen = padding_len as usize, + pad = "\0\0\0" + )?; + off += fname_len as u64 + padding_len as u64; + + Ok(off) +} + +fn archive_loop<R: BufRead, W: Seek + Write>( + mut reader: R, + mut writer: W, + props: &ArchiveProperties, +) -> std::io::Result<u64> { + if props.data_align > 0 && (props.initial_data_off + u64::from(props.data_align)) % 4 != 0 { + // must satisfy both data_align and cpio 4-byte padding alignment + return Err(io::Error::new( + io::ErrorKind::InvalidInput, + "data alignment must be a multiple of 4", + )); + } + + let mut state = ArchiveState::new(props.initial_ino); + loop { + let mut linebuf: Vec<u8> = Vec::new(); + let mut r = reader.by_ref().take(PATH_MAX); + match r.read_until(props.list_separator, &mut linebuf) { + Ok(l) => { + if l == 0 { + break; // EOF + } + if l >= PATH_MAX.try_into().unwrap() { + return Err(io::Error::new(io::ErrorKind::InvalidInput, "path too long")); + } + } + Err(e) => { + println!("read_until() failed: {}", e); + return Err(e); + } + }; + + // trim separator. len > 0 already checked. + let last_byte = linebuf.last().unwrap(); + if *last_byte == props.list_separator { + linebuf.pop().unwrap(); + if linebuf.len() == 0 { + continue; + } + } else { + println!( + "\'{:0x}\' ending not separator \'{:0x}\' terminated", + last_byte, props.list_separator + ); + } + + let linestr = OsStr::from_bytes(linebuf.as_slice()); + let path = Path::new(linestr); + archive_path(&mut state, props, path, &mut writer)?; + } + archive_flush_unseen_hardlinks(&mut state, props, &mut writer)?; + state.off = archive_trailer(&mut writer, state.off)?; + + // GNU cpio pads the end of an archive out to blocklen with zeros + let block_padlen = archive_padlen(state.off, 512); + if block_padlen > 0 { + let z = vec![0u8; block_padlen.try_into().unwrap()]; + writer.write_all(&z)?; + state.off += block_padlen; + } + writer.flush()?; + + Ok(state.off) +} + +fn params_usage(params: &[Argument]) { + argument::print_help("dracut-cpio", "OUTPUT", params); + println!("\nExample: find fs-tree/ | dracut-cpio archive.cpio\n"); +} + +fn params_process(props: &mut ArchiveProperties) -> argument::Result<PathBuf> { + let params = &[ + Argument::positional("OUTPUT", "Write cpio archive to this file path."), + Argument::value( + "data-align", + "ALIGNMENT", + "Attempt to pad archive to achieve ALIGNMENT for file data.", + ), + Argument::short_flag( + '0', + "null", + "Expect null delimeters in stdin filename list instead of newline.", + ), + Argument::value( + "mtime", + "EPOCH", + "Use EPOCH for archived mtime instead of filesystem reported values.", + ), + Argument::value( + "owner", + "UID:GID", + "Use UID and GID instead of filesystem reported owner values.", + ), + Argument::flag( + "truncate-existing", + "Truncate and overwrite any existing OUTPUT file, instead of appending.", + ), + Argument::short_flag('h', "help", "Print help message."), + ]; + + let mut positional_args = 0; + let args = env::args().skip(1); // skip binary name + let match_res = argument::set_arguments(args, params, |name, value| { + match name { + "" => positional_args += 1, + "data-align" => { + let v: u32 = value + .unwrap() + .parse() + .map_err(|_| argument::Error::InvalidValue { + value: value.unwrap().to_owned(), + expected: String::from("data-align must be an integer"), + })?; + if v > props.namesize_max { + println!( + concat!( + "Requested data-align {} larger than namesize maximum {}.", + " This will likely result in misalignment." + ), + v, props.namesize_max + ); + } + props.data_align = v; + } + "null" => props.list_separator = b'\0', + "mtime" => { + let v: u32 = value + .unwrap() + .parse() + .map_err(|_| argument::Error::InvalidValue { + value: value.unwrap().to_owned(), + expected: String::from("mtime must be an integer"), + })?; + props.fixed_mtime = Some(v); + } + "owner" => { + let ugv_parsed: argument::Result<Vec<u32>> = value + .unwrap() + .split(':') + .map(|id| { + id.parse().map_err(|_| argument::Error::InvalidValue { + value: id.to_owned(), + expected: String::from("uid/gid must be an integer"), + }) + }) + .collect(); + + let ugv_parsed = ugv_parsed?; + if ugv_parsed.len() != 2 { + return Err(argument::Error::InvalidValue { + value: value.unwrap().to_owned(), + expected: String::from("owner must be UID:GID"), + }); + } + props.fixed_uid = Some(ugv_parsed[0]); + props.fixed_gid = Some(ugv_parsed[1]); + } + "truncate-existing" => props.truncate_existing = true, + "help" => return Err(argument::Error::PrintHelp), + _ => unreachable!(), + }; + Ok(()) + }); + + match match_res { + Ok(_) => { + if positional_args != 1 { + params_usage(params); + return Err(argument::Error::ExpectedArgument( + "one OUTPUT parameter required".to_string(), + )); + } + } + Err(e) => { + params_usage(params); + return Err(e); + } + } + + let last_arg = env::args_os().last().unwrap(); + Ok(PathBuf::from(&last_arg)) +} + +fn main() -> std::io::Result<()> { + let mut props = ArchiveProperties::default(); + let output_path = match params_process(&mut props) { + Ok(p) => p, + Err(argument::Error::PrintHelp) => return Ok(()), + Err(e) => return Err(io::Error::new(io::ErrorKind::InvalidInput, e.to_string())), + }; + + let mut f = fs::OpenOptions::new() + .read(false) + .write(true) + .create(true) + .truncate(props.truncate_existing) + .open(&output_path)?; + if !props.truncate_existing { + props.initial_data_off = f.seek(io::SeekFrom::End(0))?; + } + let mut writer = io::BufWriter::new(f); + + let stdin = std::io::stdin(); + let mut reader = io::BufReader::new(stdin); + + let _wrote = archive_loop(&mut reader, &mut writer, &props)?; + + if props.initial_data_off > 0 { + dout!( + "appended {} bytes to archive {} at offset {}", + _wrote, + output_path.display(), + props.initial_data_off + ); + } else { + dout!( + "wrote {} bytes to archive {}", + _wrote, + output_path.display() + ); + } + + Ok(()) +} + +// tests change working directory, so need to be run with: +// cargo test -- --test-threads=1 --nocapture +#[cfg(test)] +mod tests { + use super::*; + use std::cmp; + use std::os::unix::fs as unixfs; + use std::path::PathBuf; + use std::process::{Command, Stdio}; + + struct TempWorkDir { + prev_dir: PathBuf, + parent_tmp_dir: PathBuf, + cleanup_files: Vec<PathBuf>, + cleanup_dirs: Vec<PathBuf>, + ignore_cleanup: bool, // useful for debugging + } + + impl TempWorkDir { + // create a temporary directory under CWD and cd into it. + // The directory will be cleaned up when twd goes out of scope. + pub fn new() -> TempWorkDir { + let mut buf = [0u8; 16]; + let mut s = String::from("cpio-selftest-"); + fs::File::open("/dev/urandom") + .unwrap() + .read_exact(&mut buf) + .unwrap(); + for i in &buf { + s.push_str(&format!("{:02x}", i).to_string()); + } + let mut twd = TempWorkDir { + prev_dir: env::current_dir().unwrap(), + parent_tmp_dir: { + let mut t = env::current_dir().unwrap().clone(); + t.push(s); + println!("parent_tmp_dir: {}", t.display()); + t + }, + cleanup_files: Vec::new(), + cleanup_dirs: Vec::new(), + ignore_cleanup: false, + }; + fs::create_dir(&twd.parent_tmp_dir).unwrap(); + twd.cleanup_dirs.push(twd.parent_tmp_dir.clone()); + env::set_current_dir(&twd.parent_tmp_dir).unwrap(); + + twd + } + + pub fn create_tmp_file(&mut self, name: &str, len_bytes: u64) { + let mut bytes = len_bytes; + let f = fs::File::create(name).unwrap(); + self.cleanup_files.push(PathBuf::from(name)); + let mut writer = io::BufWriter::new(f); + let mut buf = [0u8; 512]; + + for (i, elem) in buf.iter_mut().enumerate() { + *elem = !(i & 0xFF) as u8; + } + + while bytes > 0 { + let this_len = cmp::min(buf.len(), bytes.try_into().unwrap()); + writer.write_all(&buf[0..this_len]).unwrap(); + bytes -= this_len as u64; + } + + writer.flush().unwrap(); + } + + pub fn create_tmp_dir(&mut self, name: &str) { + fs::create_dir(name).unwrap(); + self.cleanup_dirs.push(PathBuf::from(name)); + } + + // execute coreutils mknod NAME TYPE [MAJOR MINOR] + pub fn create_tmp_mknod(&mut self, name: &str, typ: char, + maj_min: Option<(u32, u32)>) { + let t = typ.to_string(); + let proc = match maj_min { + Some(maj_min) => { + let (maj, min) = maj_min; + Command::new("mknod") + .args(&[name, &t, &maj.to_string(), &min.to_string()]) + .spawn() + }, + None => Command::new("mknod").args(&[name, &t]).spawn() + }; + let status = proc.expect("mknod failed to start").wait().unwrap(); + assert!(status.success()); + + self.cleanup_files.push(PathBuf::from(name)); + } + } + + impl Drop for TempWorkDir { + fn drop(&mut self) { + for f in self.cleanup_files.iter().rev() { + if self.ignore_cleanup { + println!("ignoring cleanup of file {}", f.display()); + continue; + } + println!("cleaning up test file at {}", f.display()); + match fs::remove_file(f) { + Err(e) => println!("file removal failed {}", e), + Ok(_) => {} + }; + } + for f in self.cleanup_dirs.iter().rev() { + if self.ignore_cleanup { + println!("ignoring cleanup of dir {}", f.display()); + continue; + } + println!("cleaning up test dir at {}", f.display()); + match fs::remove_dir(f) { + Err(e) => println!("dir removal failed {}", e), + Ok(_) => {} + }; + } + println!("returning cwd to {}", self.prev_dir.display()); + env::set_current_dir(self.prev_dir.as_path()).unwrap(); + } + } + + fn gnu_cpio_create(stdinput: &[u8], out: &str) { + let mut proc = Command::new("cpio") + .args(&["--quiet", "-o", "-H", "newc", "--reproducible", "-F", out]) + .stdin(Stdio::piped()) + .spawn() + .expect("GNU cpio failed to start"); + { + let mut stdin = proc.stdin.take().unwrap(); + stdin.write_all(stdinput).expect("Failed to write to stdin"); + } + + let status = proc.wait().unwrap(); + assert!(status.success()); + } + + #[test] + fn test_archive_empty_file() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 0); + + gnu_cpio_create("file.txt\n".as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + // use dracut-cpio to archive file.txt + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new("file.txt\n".as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert_eq!(wrote, 512); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_small_file() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 33); + + gnu_cpio_create("file.txt\n".as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new("file.txt\n".as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 2 + 33); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_prefixed_path() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 0); + + gnu_cpio_create("./file.txt\n".as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new("./file.txt\n".as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert_eq!(wrote, 512); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_absolute_path() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 0); + + let canon_path = fs::canonicalize("file.txt").unwrap(); + let mut canon_file_list = canon_path.into_os_string(); + canon_file_list.push("\n"); + + gnu_cpio_create(canon_file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(canon_file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert_eq!(wrote, 512); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_dir() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_dir("dir"); + + gnu_cpio_create("dir\n".as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new("dir\n".as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert_eq!(wrote, 512); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_dir_file() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_dir("dir"); + twd.create_tmp_file("dir/file.txt", 512 * 32); + let file_list: &str = "dir\n\ndir/file.txt\n"; // double separator + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 3 + 512 * 32); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_dot_path() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_dir("dir"); + twd.create_tmp_file("dir/file.txt", 512 * 32); + let file_list: &str = ".\ndir\ndir/file.txt\n"; + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 4 + 512 * 32); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_dot_slash_path() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_dir("dir"); + twd.create_tmp_file("dir/file.txt", 512 * 32); + let file_list: &str = "./\ndir\ndir/file.txt\n"; + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 4 + 512 * 32); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_symlink() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 0); + unixfs::symlink("file.txt", "symlink.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("symlink.txt")); + + gnu_cpio_create("file.txt\nsymlink.txt\n".as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new("file.txt\nsymlink.txt\n".as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert_eq!(wrote, 512); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_fifo() { + let mut twd = TempWorkDir::new(); + + twd.create_tmp_mknod("fifo", 'p', None); + + gnu_cpio_create("fifo\n".as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new("fifo\n".as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert_eq!(wrote, 512); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_char() { + let mut twd = TempWorkDir::new(); + + gnu_cpio_create("/dev/zero\n".as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new("/dev/zero\n".as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert_eq!(wrote, 512); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_data_align() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_dir("dir"); + twd.create_tmp_file("dir/file.txt", 1024 * 1024); // 1M + + twd.create_tmp_dir("extractor"); + let f = fs::File::create("extractor/dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new("dir\ndir/file.txt\n".as_bytes()); + // 4k cpio data segment alignment injects zeros after filename nullterm + let wrote = archive_loop( + &mut reader, + &mut writer, + &ArchiveProperties { + data_align: 4096, + ..ArchiveProperties::default() + }, + ) + .unwrap(); + twd.cleanup_files + .push(PathBuf::from("extractor/dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 3 + 1024 * 1024); + + // check 4k data segment alignment + let mut proc = Command::new("diff") + .args(&["dir/file.txt", "-"]) + .stdin(Stdio::piped()) + .spawn() + .expect("diff failed to start"); + { + let f = fs::File::open("extractor/dracut.cpio").unwrap(); + let mut reader = io::BufReader::new(f); + reader.seek(io::SeekFrom::Start(4096)).unwrap(); + let mut take = reader.take(1024 * 1024 as u64); + let mut stdin = proc.stdin.take().unwrap(); + let copied = io::copy(&mut take, &mut stdin).unwrap(); + assert_eq!(copied, 1024 * 1024); + } + let status = proc.wait().unwrap(); + assert!(status.success()); + + // confirm that GNU cpio can extract fname-zeroed paths + let status = Command::new("cpio") + .current_dir("extractor") + .args(&["--quiet", "-i", "-H", "newc", "-F", "dracut.cpio"]) + .status() + .expect("GNU cpio failed to start"); + assert!(status.success()); + twd.cleanup_files + .push(PathBuf::from("extractor/dir/file.txt")); + twd.cleanup_dirs.push(PathBuf::from("extractor/dir")); + + let status = Command::new("diff") + .args(&["dir/file.txt", "extractor/dir/file.txt"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_data_align_off() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_dir("dir1"); + twd.create_tmp_dir("dir2"); + twd.create_tmp_dir("dir3"); + twd.create_tmp_file("dir1/file.txt", 514 * 1024); + + twd.create_tmp_dir("extractor"); + let data_before_cpio = [5u8; 16384 + 4]; + let f = fs::File::create("extractor/dracut.cpio").unwrap(); + twd.cleanup_files + .push(PathBuf::from("extractor/dracut.cpio")); + let mut writer = io::BufWriter::new(f); + writer.write_all(&data_before_cpio).unwrap(); + let mut reader = io::BufReader::new("dir1\ndir2\ndir3\ndir1/file.txt\n".as_bytes()); + let wrote = archive_loop( + &mut reader, + &mut writer, + &ArchiveProperties { + data_align: 4096, + initial_data_off: data_before_cpio.len() as u64, + ..ArchiveProperties::default() + }, + ) + .unwrap(); + assert!(wrote > NEWC_HDR_LEN * 5 + 514 * 1024); + + let mut proc = Command::new("diff") + .args(&["dir1/file.txt", "-"]) + .stdin(Stdio::piped()) + .spawn() + .expect("diff failed to start"); + { + let f = fs::File::open("extractor/dracut.cpio").unwrap(); + let mut reader = io::BufReader::new(f); + reader.seek(io::SeekFrom::Start(16384 + 4096)).unwrap(); + let mut take = reader.take(514 * 1024 as u64); + let mut stdin = proc.stdin.take().unwrap(); + let copied = io::copy(&mut take, &mut stdin).unwrap(); + assert_eq!(copied, 514 * 1024); + } + let status = proc.wait().unwrap(); + assert!(status.success()); + } + + #[test] + fn test_archive_data_align_off_bad() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 514 * 1024); + + let data_before_cpio = [5u8; 16384 + 3]; + let f = fs::File::create("dracut.cpio").unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + let mut writer = io::BufWriter::new(f); + writer.write_all(&data_before_cpio).unwrap(); + let mut reader = io::BufReader::new("file.txt\n".as_bytes()); + let res = archive_loop( + &mut reader, + &mut writer, + &ArchiveProperties { + data_align: 4096, + initial_data_off: data_before_cpio.len() as u64, + ..ArchiveProperties::default() + }, + ); + assert!(res.is_err()); + assert_eq!(io::ErrorKind::InvalidInput, res.unwrap_err().kind()); + } + + #[test] + fn test_archive_hardlinks_order() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 512 * 4); + fs::hard_link("file.txt", "link1.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link1.txt")); + fs::hard_link("file.txt", "link2.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link2.txt")); + twd.create_tmp_file("another.txt", 512 * 4); + let file_list: &str = "file.txt\nanother.txt\nlink1.txt\nlink2.txt\n"; + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 5 + 512 * 8); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_hardlinks_empty() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 0); + fs::hard_link("file.txt", "link1.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link1.txt")); + fs::hard_link("file.txt", "link2.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link2.txt")); + twd.create_tmp_file("another.txt", 512 * 4); + let file_list: &str = "file.txt\nanother.txt\nlink1.txt\nlink2.txt\n"; + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 5 + 512 * 4); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_hardlinks_missing() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 512 * 4); + fs::hard_link("file.txt", "link1.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link1.txt")); + fs::hard_link("file.txt", "link2.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link2.txt")); + fs::hard_link("file.txt", "link3.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link3.txt")); + twd.create_tmp_file("another.txt", 512 * 4); + // link2 missing from the archive, throwing off deferrals + let file_list: &str = "file.txt\nanother.txt\nlink1.txt\nlink3.txt\n"; + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 5 + 512 * 8); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_hardlinks_multi() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 512 * 4); + fs::hard_link("file.txt", "link1.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link1.txt")); + fs::hard_link("file.txt", "link2.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("link2.txt")); + twd.create_tmp_file("another.txt", 512 * 4); + fs::hard_link("another.txt", "anotherlink.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("anotherlink.txt")); + // link2 missing from the archive, throwing off deferrals + let file_list: &str = "file.txt\nanother.txt\nlink1.txt\nanotherlink.txt\n"; + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 5 + 512 * 8); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_duplicates() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 512 * 4); + twd.create_tmp_file("another.txt", 512 * 4); + // file.txt is listed twice + let file_list: &str = "file.txt\nanother.txt\nfile.txt\n"; + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 4 + 512 * 12); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_hardlink_duplicates() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file.txt", 512 * 4); + fs::hard_link("file.txt", "ln1.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("ln1.txt")); + fs::hard_link("file.txt", "ln2.txt").unwrap(); + twd.cleanup_files.push(PathBuf::from("ln2.txt")); + twd.create_tmp_file("f2.txt", 512 * 4); + // ln1 listed twice + let file_list: &str = "file.txt\nf2.txt\nln1.txt\nln1.txt\nln1.txt\n"; + + gnu_cpio_create(file_list.as_bytes(), "gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 4 + 512 * 8); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_list_separator() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file1", 33); + twd.create_tmp_file("file2", 55); + let file_list_nulldelim: &str = "file1\0file2\0"; + + let mut proc = Command::new("cpio") + .args(&[ + "--quiet", + "-o", + "-H", + "newc", + "--reproducible", + "-F", + "gnu.cpio", + "--null", + ]) + .stdin(Stdio::piped()) + .spawn() + .expect("GNU cpio failed to start"); + { + let mut stdin = proc.stdin.take().unwrap(); + stdin + .write_all(file_list_nulldelim.as_bytes()) + .expect("Failed to write to stdin"); + } + + let status = proc.wait().unwrap(); + assert!(status.success()); + twd.cleanup_files.push(PathBuf::from("gnu.cpio")); + + let f = fs::File::create("dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list_nulldelim.as_bytes()); + let wrote = archive_loop( + &mut reader, + &mut writer, + &ArchiveProperties { + list_separator: b'\0', + ..ArchiveProperties::default() + }, + ) + .unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 3 + 33 + 55); + + let status = Command::new("diff") + .args(&["gnu.cpio", "dracut.cpio"]) + .status() + .expect("diff failed to start"); + assert!(status.success()); + } + + #[test] + fn test_archive_fixed_mtime() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file1", 33); + twd.create_tmp_file("file2", 55); + let file_list: &str = "file1\nfile2\n"; + + twd.create_tmp_dir("extractor"); + let f = fs::File::create("extractor/dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop( + &mut reader, + &mut writer, + &ArchiveProperties { + fixed_mtime: Some(0), + ..ArchiveProperties::default() + }, + ) + .unwrap(); + twd.cleanup_files + .push(PathBuf::from("extractor/dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 3 + 33 + 55); + + let status = Command::new("cpio") + .current_dir("extractor") + .args(&[ + "--quiet", + "-i", + "--preserve-modification-time", + "-H", + "newc", + "-F", + "dracut.cpio", + ]) + .status() + .expect("GNU cpio failed to start"); + assert!(status.success()); + twd.cleanup_files.push(PathBuf::from("extractor/file1")); + twd.cleanup_files.push(PathBuf::from("extractor/file2")); + + let md = fs::symlink_metadata("extractor/file1").unwrap(); + assert_eq!(md.mtime(), 0); + let md = fs::symlink_metadata("extractor/file2").unwrap(); + assert_eq!(md.mtime(), 0); + } + + #[test] + fn test_archive_stat_mtime() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file1", 33); + twd.create_tmp_file("file2", 55); + let file_list: &str = "file1\nfile2\n"; + + twd.create_tmp_dir("extractor"); + let f = fs::File::create("extractor/dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + assert_eq!(ArchiveProperties::default().fixed_mtime, None); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files + .push(PathBuf::from("extractor/dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 3 + 33 + 55); + + let status = Command::new("cpio") + .current_dir("extractor") + .args(&[ + "--quiet", + "-i", + "--preserve-modification-time", + "-H", + "newc", + "-F", + "dracut.cpio", + ]) + .status() + .expect("GNU cpio failed to start"); + assert!(status.success()); + twd.cleanup_files.push(PathBuf::from("extractor/file1")); + twd.cleanup_files.push(PathBuf::from("extractor/file2")); + + let src_md = fs::symlink_metadata("file1").unwrap(); + let ex_md = fs::symlink_metadata("extractor/file1").unwrap(); + assert_eq!(src_md.mtime(), ex_md.mtime()); + let src_md = fs::symlink_metadata("file2").unwrap(); + let ex_md = fs::symlink_metadata("extractor/file2").unwrap(); + assert_eq!(src_md.mtime(), ex_md.mtime()); + } + + #[test] + fn test_archive_fixed_owner() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file1", 33); + twd.create_tmp_file("file2", 55); + let file_list: &str = "file1\nfile2\n"; + + let md = fs::symlink_metadata("file1").unwrap(); + // ideally we should check the process euid, but this will do... + if md.uid() != 0 { + println!("SKIPPED: this test requires root"); + return; + } + + twd.create_tmp_dir("extractor"); + let f = fs::File::create("extractor/dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop( + &mut reader, + &mut writer, + &ArchiveProperties { + fixed_uid: Some(65534), + fixed_gid: Some(65534), + ..ArchiveProperties::default() + }, + ) + .unwrap(); + twd.cleanup_files + .push(PathBuf::from("extractor/dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 3 + 33 + 55); + + let status = Command::new("cpio") + .current_dir("extractor") + .args(&["--quiet", "-i", "-H", "newc", "-F", "dracut.cpio"]) + .status() + .expect("GNU cpio failed to start"); + assert!(status.success()); + twd.cleanup_files.push(PathBuf::from("extractor/file1")); + twd.cleanup_files.push(PathBuf::from("extractor/file2")); + + let md = fs::symlink_metadata("extractor/file1").unwrap(); + assert_eq!(md.uid(), 65534); + assert_eq!(md.gid(), 65534); + let md = fs::symlink_metadata("extractor/file2").unwrap(); + assert_eq!(md.uid(), 65534); + assert_eq!(md.gid(), 65534); + } + + #[test] + fn test_archive_stat_owner() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file1", 33); + twd.create_tmp_file("file2", 55); + let file_list: &str = "file1\nfile2\n"; + + twd.create_tmp_dir("extractor"); + let f = fs::File::create("extractor/dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + assert_eq!(ArchiveProperties::default().fixed_uid, None); + assert_eq!(ArchiveProperties::default().fixed_gid, None); + let wrote = archive_loop(&mut reader, &mut writer, &ArchiveProperties::default()).unwrap(); + twd.cleanup_files + .push(PathBuf::from("extractor/dracut.cpio")); + assert!(wrote > NEWC_HDR_LEN * 3 + 33 + 55); + + let status = Command::new("cpio") + .current_dir("extractor") + .args(&["--quiet", "-i", "-H", "newc", "-F", "dracut.cpio"]) + .status() + .expect("GNU cpio failed to start"); + assert!(status.success()); + twd.cleanup_files.push(PathBuf::from("extractor/file1")); + twd.cleanup_files.push(PathBuf::from("extractor/file2")); + + let src_md = fs::symlink_metadata("file1").unwrap(); + let ex_md = fs::symlink_metadata("extractor/file1").unwrap(); + assert_eq!(src_md.uid(), ex_md.uid()); + assert_eq!(src_md.gid(), ex_md.gid()); + let src_md = fs::symlink_metadata("file2").unwrap(); + let ex_md = fs::symlink_metadata("extractor/file2").unwrap(); + assert_eq!(src_md.uid(), ex_md.uid()); + assert_eq!(src_md.gid(), ex_md.gid()); + } + + #[test] + fn test_archive_dev_maj_min() { + let mut twd = TempWorkDir::new(); + twd.create_tmp_file("file1", 0); + + let md = fs::symlink_metadata("file1").unwrap(); + if md.uid() != 0 { + println!("SKIPPED: this test requires root"); + return; + } + + twd.create_tmp_mknod("bdev1", 'b', Some((0x01, 0x01))); + twd.create_tmp_mknod("bdev2", 'b', Some((0x02, 0x100))); + twd.create_tmp_mknod("bdev3", 'b', Some((0x03, 0x1000))); + twd.create_tmp_mknod("bdev4", 'b', Some((0x04, 0x10000))); + twd.create_tmp_mknod("bdev5", 'b', Some((0x100, 0x05))); + twd.create_tmp_mknod("bdev6", 'b', Some((0x100, 0x06))); + let file_list: &str = "file1\nbdev1\nbdev2\nbdev3\nbdev4\nbdev5\nbdev6\n"; + + // create GNU cpio archive + twd.create_tmp_dir("gnucpio_xtr"); + gnu_cpio_create(file_list.as_bytes(), "gnucpio_xtr/gnu.cpio"); + twd.cleanup_files.push(PathBuf::from("gnucpio_xtr/gnu.cpio")); + + // create Dracut cpio archive + twd.create_tmp_dir("dracut_xtr"); + let f = fs::File::create("dracut_xtr/dracut.cpio").unwrap(); + let mut writer = io::BufWriter::new(f); + let mut reader = io::BufReader::new(file_list.as_bytes()); + let wrote = archive_loop( + &mut reader, + &mut writer, + &ArchiveProperties::default() + ) + .unwrap(); + twd.cleanup_files.push(PathBuf::from("dracut_xtr/dracut.cpio")); + + let file_list_count = file_list.split_terminator('\n').count() as u64; + assert!(wrote >= NEWC_HDR_LEN * file_list_count + + (file_list.len() as u64)); + + let status = Command::new("cpio") + .current_dir("gnucpio_xtr") + .args(&["--quiet", "-i", "-H", "newc", "-F", "gnu.cpio"]) + .status() + .expect("GNU cpio failed to start"); + assert!(status.success()); + for s in file_list.split_terminator('\n') { + let p = PathBuf::from("gnucpio_xtr/".to_owned() + s); + twd.cleanup_files.push(p); + } + + let status = Command::new("cpio") + .current_dir("dracut_xtr") + .args(&["--quiet", "-i", "-H", "newc", "-F", "dracut.cpio"]) + .status() + .expect("GNU cpio failed to start"); + assert!(status.success()); + for s in file_list.split_terminator('\n') { + let dp = PathBuf::from("dracut_xtr/".to_owned() + s); + twd.cleanup_files.push(dp); + } + + // diff extracted major/minor between dracut and GNU cpio created archives + for s in file_list.split_terminator('\n') { + let gmd = fs::symlink_metadata("gnucpio_xtr/".to_owned() + s).unwrap(); + let dmd = fs::symlink_metadata("dracut_xtr/".to_owned() + s).unwrap(); + print!("{}: cpio extracted dev_t gnu: {:#x}, dracut: {:#x}\n", + s, gmd.rdev(), dmd.rdev()); + assert!(gmd.rdev() == dmd.rdev()); + } + } +} diff --git a/src/dracut-cpio/third_party/crosvm/Cargo.toml b/src/dracut-cpio/third_party/crosvm/Cargo.toml new file mode 100644 index 0000000..a56ff2d --- /dev/null +++ b/src/dracut-cpio/third_party/crosvm/Cargo.toml @@ -0,0 +1,8 @@ +[package] +name = "crosvm" +version = "0.1.0" +authors = ["The Chromium OS Authors"] +edition = "2018" + +[lib] +path = "crosvm.rs" diff --git a/src/dracut-cpio/third_party/crosvm/LICENSE b/src/dracut-cpio/third_party/crosvm/LICENSE new file mode 100644 index 0000000..8bafca3 --- /dev/null +++ b/src/dracut-cpio/third_party/crosvm/LICENSE @@ -0,0 +1,27 @@ +// Copyright 2017 The Chromium OS Authors. All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/src/dracut-cpio/third_party/crosvm/argument.rs b/src/dracut-cpio/third_party/crosvm/argument.rs new file mode 100644 index 0000000..a2dbbbd --- /dev/null +++ b/src/dracut-cpio/third_party/crosvm/argument.rs @@ -0,0 +1,549 @@ +// Copyright 2017 The Chromium OS Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +//! Handles argument parsing. +//! +//! # Example +//! +//! ``` +//! # use crosvm::argument::{Argument, Error, print_help, set_arguments}; +//! # let args: std::slice::Iter<String> = [].iter(); +//! let arguments = &[ +//! Argument::positional("FILES", "files to operate on"), +//! Argument::short_value('p', "program", "PROGRAM", "Program to apply to each file"), +//! Argument::short_value('c', "cpus", "N", "Number of CPUs to use. (default: 1)"), +//! Argument::flag("unmount", "Unmount the root"), +//! Argument::short_flag('h', "help", "Print help message."), +//! ]; +//! +//! let match_res = set_arguments(args, arguments, |name, value| { +//! match name { +//! "" => println!("positional arg! {}", value.unwrap()), +//! "program" => println!("gonna use program {}", value.unwrap()), +//! "cpus" => { +//! let v: u32 = value.unwrap().parse().map_err(|_| { +//! Error::InvalidValue { +//! value: value.unwrap().to_owned(), +//! expected: String::from("this value for `cpus` needs to be integer"), +//! } +//! })?; +//! } +//! "unmount" => println!("gonna unmount"), +//! "help" => return Err(Error::PrintHelp), +//! _ => unreachable!(), +//! } +//! unreachable!(); +//! }); +//! +//! match match_res { +//! Ok(_) => println!("running with settings"), +//! Err(Error::PrintHelp) => print_help("best_program", "FILES", arguments), +//! Err(e) => println!("{}", e), +//! } +//! ``` + +use std::fmt::{self, Display}; +use std::result; + +/// An error with argument parsing. +#[derive(Debug)] +pub enum Error { + /// There was a syntax error with the argument. + Syntax(String), + /// The argument's name is unused. + UnknownArgument(String), + /// The argument was required. + ExpectedArgument(String), + /// The argument's given value is invalid. + InvalidValue { value: String, expected: String }, + /// The argument was already given and none more are expected. + TooManyArguments(String), + /// The argument expects a value. + ExpectedValue(String), + /// The argument does not expect a value. + UnexpectedValue(String), + /// The help information was requested + PrintHelp, +} + +impl Display for Error { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + use self::Error::*; + + match self { + Syntax(s) => write!(f, "syntax error: {}", s), + UnknownArgument(s) => write!(f, "unknown argument: {}", s), + ExpectedArgument(s) => write!(f, "expected argument: {}", s), + InvalidValue { value, expected } => { + write!(f, "invalid value {:?}: {}", value, expected) + } + TooManyArguments(s) => write!(f, "too many arguments: {}", s), + ExpectedValue(s) => write!(f, "expected parameter value: {}", s), + UnexpectedValue(s) => write!(f, "unexpected parameter value: {}", s), + PrintHelp => write!(f, "help was requested"), + } + } +} + +/// Result of a argument parsing. +pub type Result<T> = result::Result<T, Error>; + +#[derive(Debug, PartialEq)] +pub enum ArgumentValueMode { + /// Specifies that an argument requires a value and that an error should be generated if + /// no value is provided during parsing. + Required, + + /// Specifies that an argument does not allow a value and that an error should be returned + /// if a value is provided during parsing. + Disallowed, + + /// Specifies that an argument may have a value during parsing but is not required to. + Optional, +} + +/// Information about an argument expected from the command line. +/// +/// # Examples +/// +/// To indicate a flag style argument: +/// +/// ``` +/// # use crosvm::argument::Argument; +/// Argument::short_flag('f', "flag", "enable awesome mode"); +/// ``` +/// +/// To indicate a parameter style argument that expects a value: +/// +/// ``` +/// # use crosvm::argument::Argument; +/// // "VALUE" and "NETMASK" are placeholder values displayed in the help message for these +/// // arguments. +/// Argument::short_value('v', "val", "VALUE", "how much do you value this usage information"); +/// Argument::value("netmask", "NETMASK", "hides your netface"); +/// ``` +/// +/// To indicate an argument with no short version: +/// +/// ``` +/// # use crosvm::argument::Argument; +/// Argument::flag("verbose", "this option is hard to type quickly"); +/// ``` +/// +/// To indicate a positional argument: +/// +/// ``` +/// # use crosvm::argument::Argument; +/// Argument::positional("VALUES", "these are positional arguments"); +/// ``` +pub struct Argument { + /// The name of the value to display in the usage information. + pub value: Option<&'static str>, + /// Specifies how values should be handled for this this argument. + pub value_mode: ArgumentValueMode, + /// Optional single character shortened argument name. + pub short: Option<char>, + /// The long name of this argument. + pub long: &'static str, + /// Helpful usage information for this argument to display to the user. + pub help: &'static str, +} + +impl Argument { + pub fn positional(value: &'static str, help: &'static str) -> Argument { + Argument { + value: Some(value), + value_mode: ArgumentValueMode::Required, + short: None, + long: "", + help, + } + } + + pub fn value(long: &'static str, value: &'static str, help: &'static str) -> Argument { + Argument { + value: Some(value), + value_mode: ArgumentValueMode::Required, + short: None, + long, + help, + } + } + + pub fn short_value( + short: char, + long: &'static str, + value: &'static str, + help: &'static str, + ) -> Argument { + Argument { + value: Some(value), + value_mode: ArgumentValueMode::Required, + short: Some(short), + long, + help, + } + } + + pub fn flag(long: &'static str, help: &'static str) -> Argument { + Argument { + value: None, + value_mode: ArgumentValueMode::Disallowed, + short: None, + long, + help, + } + } + + pub fn short_flag(short: char, long: &'static str, help: &'static str) -> Argument { + Argument { + value: None, + value_mode: ArgumentValueMode::Disallowed, + short: Some(short), + long, + help, + } + } + + pub fn flag_or_value(long: &'static str, value: &'static str, help: &'static str) -> Argument { + Argument { + value: Some(value), + value_mode: ArgumentValueMode::Optional, + short: None, + long, + help, + } + } +} + +fn parse_arguments<I, R, F>(args: I, mut f: F) -> Result<()> +where + I: Iterator<Item = R>, + R: AsRef<str>, + F: FnMut(&str, Option<&str>) -> Result<()>, +{ + enum State { + // Initial state at the start and after finishing a single argument/value. + Top, + // The remaining arguments are all positional. + Positional, + // The next string is the value for the argument `name`. + Value { name: String }, + } + let mut s = State::Top; + for arg in args { + let arg = arg.as_ref(); + loop { + let mut arg_consumed = true; + s = match s { + State::Top => { + if arg == "--" { + State::Positional + } else if arg.starts_with("--") { + let param = arg.trim_start_matches('-'); + if param.contains('=') { + let mut iter = param.splitn(2, '='); + let name = iter.next().unwrap(); + let value = iter.next().unwrap(); + if name.is_empty() { + return Err(Error::Syntax( + "expected parameter name before `=`".to_owned(), + )); + } + if value.is_empty() { + return Err(Error::Syntax( + "expected parameter value after `=`".to_owned(), + )); + } + f(name, Some(value))?; + State::Top + } else { + State::Value { + name: param.to_owned(), + } + } + } else if arg.starts_with('-') { + if arg.len() == 1 { + return Err(Error::Syntax( + "expected argument short name after `-`".to_owned(), + )); + } + let name = &arg[1..2]; + let value = if arg.len() > 2 { Some(&arg[2..]) } else { None }; + if let Err(e) = f(name, value) { + if let Error::ExpectedValue(_) = e { + State::Value { + name: name.to_owned(), + } + } else { + return Err(e); + } + } else { + State::Top + } + } else { + f("", Some(&arg))?; + State::Positional + } + } + State::Positional => { + f("", Some(&arg))?; + State::Positional + } + State::Value { name } => { + if arg.starts_with('-') { + arg_consumed = false; + f(&name, None)?; + } else if let Err(e) = f(&name, Some(&arg)) { + arg_consumed = false; + f(&name, None).map_err(|_| e)?; + } + State::Top + } + }; + + if arg_consumed { + break; + } + } + } + + // If we ran out of arguments while parsing the last parameter, which may be either a + // value parameter or a flag, try to parse it as a flag. This will produce "missing value" + // error if the parameter is in fact a value parameter, which is the desired outcome. + match s { + State::Value { name } => f(&name, None), + _ => Ok(()), + } +} + +/// Parses the given `args` against the list of know arguments `arg_list` and calls `f` with each +/// present argument and value if required. +/// +/// This function guarantees that only valid long argument names from `arg_list` are sent to the +/// callback `f`. It is also guaranteed that if an arg requires a value (i.e. +/// `arg.value.is_some()`), the value will be `Some` in the callbacks arguments. If the callback +/// returns `Err`, this function will end parsing and return that `Err`. +/// +/// See the [module level](index.html) example for a usage example. +pub fn set_arguments<I, R, F>(args: I, arg_list: &[Argument], mut f: F) -> Result<()> +where + I: Iterator<Item = R>, + R: AsRef<str>, + F: FnMut(&str, Option<&str>) -> Result<()>, +{ + parse_arguments(args, |name, value| { + let mut matches = None; + for arg in arg_list { + if let Some(short) = arg.short { + if name.len() == 1 && name.starts_with(short) { + if value.is_some() != arg.value.is_some() { + return Err(Error::ExpectedValue(short.to_string())); + } + matches = Some(arg.long); + } + } + if matches.is_none() && arg.long == name { + if value.is_none() && arg.value_mode == ArgumentValueMode::Required { + return Err(Error::ExpectedValue(arg.long.to_owned())); + } + if value.is_some() && arg.value_mode == ArgumentValueMode::Disallowed { + return Err(Error::UnexpectedValue(arg.long.to_owned())); + } + matches = Some(arg.long); + } + } + match matches { + Some(long) => f(long, value), + None => Err(Error::UnknownArgument(name.to_owned())), + } + }) +} + +/// Prints command line usage information to stdout. +/// +/// Usage information is printed according to the help fields in `args` with a leading usage line. +/// The usage line is of the format "`program_name` \[ARGUMENTS\] `required_arg`". +pub fn print_help(program_name: &str, required_arg: &str, args: &[Argument]) { + println!( + "Usage: {} {}{}\n", + program_name, + if args.is_empty() { "" } else { "[ARGUMENTS] " }, + required_arg + ); + if args.is_empty() { + return; + } + println!("Argument{}:", if args.len() > 1 { "s" } else { "" }); + for arg in args { + match arg.short { + Some(s) => print!(" -{}, ", s), + None => print!(" "), + } + if arg.long.is_empty() { + print!(" "); + } else { + print!("--"); + } + print!("{:<12}", arg.long); + if let Some(v) = arg.value { + if arg.long.is_empty() { + print!(" "); + } else { + print!("="); + } + print!("{:<10}", v); + } else { + print!("{:<11}", ""); + } + println!("{}", arg.help); + } +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn request_help() { + let arguments = [Argument::short_flag('h', "help", "Print help message.")]; + + let match_res = set_arguments(["-h"].iter(), &arguments[..], |name, _| { + match name { + "help" => return Err(Error::PrintHelp), + _ => unreachable!(), + }; + }); + match match_res { + Err(Error::PrintHelp) => {} + _ => unreachable!(), + } + } + + #[test] + fn mixed_args() { + let arguments = [ + Argument::positional("FILES", "files to operate on"), + Argument::short_value('p', "program", "PROGRAM", "Program to apply to each file"), + Argument::short_value('c', "cpus", "N", "Number of CPUs to use. (default: 1)"), + Argument::flag("unmount", "Unmount the root"), + Argument::short_flag('h', "help", "Print help message."), + ]; + + let mut unmount = false; + let match_res = set_arguments( + ["--cpus", "3", "--program", "hello", "--unmount", "file"].iter(), + &arguments[..], + |name, value| { + match name { + "" => assert_eq!(value.unwrap(), "file"), + "program" => assert_eq!(value.unwrap(), "hello"), + "cpus" => { + let c: u32 = value.unwrap().parse().map_err(|_| Error::InvalidValue { + value: value.unwrap().to_owned(), + expected: String::from("this value for `cpus` needs to be integer"), + })?; + assert_eq!(c, 3); + } + "unmount" => unmount = true, + "help" => return Err(Error::PrintHelp), + _ => unreachable!(), + }; + Ok(()) + }, + ); + assert!(match_res.is_ok()); + assert!(unmount); + } + + #[test] + fn name_value_pair() { + let arguments = [Argument::short_value( + 'c', + "cpus", + "N", + "Number of CPUs to use. (default: 1)", + )]; + let match_res = set_arguments( + ["-c", "5", "--cpus", "5", "-c5", "--cpus=5"].iter(), + &arguments[..], + |name, value| { + assert_eq!(name, "cpus"); + assert_eq!(value, Some("5")); + Ok(()) + }, + ); + assert!(match_res.is_ok()); + let not_match_res = set_arguments( + ["-c", "5", "--cpus"].iter(), + &arguments[..], + |name, value| { + assert_eq!(name, "cpus"); + assert_eq!(value, Some("5")); + Ok(()) + }, + ); + assert!(not_match_res.is_err()); + } + + #[test] + fn flag_or_value() { + let run_case = |args| -> Option<String> { + let arguments = [ + Argument::positional("FILES", "files to operate on"), + Argument::flag_or_value("gpu", "[2D|3D]", "Enable or configure gpu"), + Argument::flag("foo", "Enable foo."), + Argument::value("bar", "stuff", "Configure bar."), + ]; + + let mut gpu_value: Option<String> = None; + let match_res = + set_arguments(args, &arguments[..], |name: &str, value: Option<&str>| { + match name { + "" => assert_eq!(value.unwrap(), "file1"), + "foo" => assert!(value.is_none()), + "bar" => assert_eq!(value.unwrap(), "stuff"), + "gpu" => match value { + Some(v) => match v { + "2D" | "3D" => { + gpu_value = Some(v.to_string()); + } + _ => { + return Err(Error::InvalidValue { + value: v.to_string(), + expected: String::from("2D or 3D"), + }) + } + }, + None => { + gpu_value = None; + } + }, + _ => unreachable!(), + }; + Ok(()) + }); + + assert!(match_res.is_ok()); + gpu_value + }; + + // Used as flag and followed by positional + assert_eq!(run_case(["--gpu", "file1"].iter()), None); + // Used as flag and followed by flag + assert_eq!(run_case(["--gpu", "--foo", "file1",].iter()), None); + // Used as flag and followed by value + assert_eq!(run_case(["--gpu", "--bar=stuff", "file1"].iter()), None); + + // Used as value and followed by positional + assert_eq!(run_case(["--gpu=2D", "file1"].iter()).unwrap(), "2D"); + // Used as value and followed by flag + assert_eq!(run_case(["--gpu=2D", "--foo"].iter()).unwrap(), "2D"); + // Used as value and followed by value + assert_eq!( + run_case(["--gpu=2D", "--bar=stuff", "file1"].iter()).unwrap(), + "2D" + ); + } +} diff --git a/src/dracut-cpio/third_party/crosvm/crosvm.rs b/src/dracut-cpio/third_party/crosvm/crosvm.rs new file mode 100644 index 0000000..ddccbfe --- /dev/null +++ b/src/dracut-cpio/third_party/crosvm/crosvm.rs @@ -0,0 +1,2 @@ +// ensure that existing crosvm::argument imports work without modification... +pub mod argument; diff --git a/src/install/Makefile b/src/install/Makefile new file mode 100644 index 0000000..5332f25 --- /dev/null +++ b/src/install/Makefile @@ -0,0 +1,7 @@ +all: + $(MAKE) -C .. + +clean: + $(MAKE) -C .. clean + +.PHONY: all clean diff --git a/src/install/dracut-install.c b/src/install/dracut-install.c new file mode 100644 index 0000000..485143a --- /dev/null +++ b/src/install/dracut-install.c @@ -0,0 +1,2281 @@ +/* dracut-install.c -- install files and executables + + Copyright (C) 2012 Harald Hoyer + Copyright (C) 2012 Red Hat, Inc. All rights reserved. + + This program is free software: you can redistribute it and/or modify + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with this program; If not, see <http://www.gnu.org/licenses/>. +*/ + +#define PROGRAM_VERSION_STRING "2" + +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif +#include <ctype.h> +#include <errno.h> +#include <fcntl.h> +#include <getopt.h> +#include <glob.h> +#include <libgen.h> +#include <limits.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <unistd.h> +#include <sys/ioctl.h> +#include <libkmod.h> +#include <fts.h> +#include <regex.h> +#include <sys/utsname.h> + +#include "log.h" +#include "hashmap.h" +#include "util.h" +#include "strv.h" + +#define _asprintf(strp, fmt, ...) \ + do { \ + if (dracut_asprintf(strp, fmt, __VA_ARGS__) < 0) { \ + log_error("Out of memory\n"); \ + exit(EXIT_FAILURE); \ + } \ + } while (0) + +static bool arg_hmac = false; +static bool arg_createdir = false; +static int arg_loglevel = -1; +static bool arg_optional = false; +static bool arg_silent = false; +static bool arg_all = false; +static bool arg_module = false; +static bool arg_modalias = false; +static bool arg_resolvelazy = false; +static bool arg_resolvedeps = false; +static bool arg_hostonly = false; +static bool no_xattr = false; +static char *destrootdir = NULL; +static char *sysrootdir = NULL; +static size_t sysrootdirlen = 0; +static char *kerneldir = NULL; +static size_t kerneldirlen = 0; +static char **firmwaredirs = NULL; +static char **pathdirs; +static char *ldd = NULL; +static char *logdir = NULL; +static char *logfile = NULL; +FILE *logfile_f = NULL; +static Hashmap *items = NULL; +static Hashmap *items_failed = NULL; +static Hashmap *modules_loaded = NULL; +static Hashmap *modules_suppliers = NULL; +static Hashmap *processed_suppliers = NULL; +static regex_t mod_filter_path; +static regex_t mod_filter_nopath; +static regex_t mod_filter_symbol; +static regex_t mod_filter_nosymbol; +static regex_t mod_filter_noname; +static bool arg_mod_filter_path = false; +static bool arg_mod_filter_nopath = false; +static bool arg_mod_filter_symbol = false; +static bool arg_mod_filter_nosymbol = false; +static bool arg_mod_filter_noname = false; + +static int dracut_install(const char *src, const char *dst, bool isdir, bool resolvedeps, bool hashdst); +static int install_dependent_modules(struct kmod_ctx *ctx, struct kmod_list *modlist, Hashmap *suppliers_paths); + +static void item_free(char *i) +{ + assert(i); + free(i); +} + +static inline void kmod_module_unrefp(struct kmod_module **p) +{ + if (*p) + kmod_module_unref(*p); +} + +#define _cleanup_kmod_module_unref_ _cleanup_(kmod_module_unrefp) + +static inline void kmod_module_unref_listp(struct kmod_list **p) +{ + if (*p) + kmod_module_unref_list(*p); +} + +#define _cleanup_kmod_module_unref_list_ _cleanup_(kmod_module_unref_listp) + +static inline void kmod_module_info_free_listp(struct kmod_list **p) +{ + if (*p) + kmod_module_info_free_list(*p); +} + +#define _cleanup_kmod_module_info_free_list_ _cleanup_(kmod_module_info_free_listp) + +static inline void kmod_unrefp(struct kmod_ctx **p) +{ + kmod_unref(*p); +} + +#define _cleanup_kmod_unref_ _cleanup_(kmod_unrefp) + +static inline void kmod_module_dependency_symbols_free_listp(struct kmod_list **p) +{ + if (*p) + kmod_module_dependency_symbols_free_list(*p); +} + +#define _cleanup_kmod_module_dependency_symbols_free_list_ _cleanup_(kmod_module_dependency_symbols_free_listp) + +static inline void fts_closep(FTS **p) +{ + if (*p) + fts_close(*p); +} + +#define _cleanup_fts_close_ _cleanup_(fts_closep) + +#define _cleanup_globfree_ _cleanup_(globfree) + +static inline void destroy_hashmap(Hashmap **hashmap) +{ + void *i = NULL; + + while ((i = hashmap_steal_first(*hashmap))) + item_free(i); + + hashmap_free(*hashmap); +} + +#define _cleanup_destroy_hashmap_ _cleanup_(destroy_hashmap) + +static size_t dir_len(char const *file) +{ + size_t length; + + if (!file) + return 0; + + /* Strip the basename and any redundant slashes before it. */ + for (length = strlen(file) - 1; 0 < length; length--) + if (file[length] == '/' && file[length - 1] != '/') + break; + return length; +} + +static char *convert_abs_rel(const char *from, const char *target) +{ + /* we use the 4*MAXPATHLEN, which should not overrun */ + char buf[MAXPATHLEN * 4]; + _cleanup_free_ char *realtarget = NULL, *realfrom = NULL, *from_dir_p = NULL; + _cleanup_free_ char *target_dir_p = NULL; + size_t level = 0, fromlevel = 0, targetlevel = 0; + int l; + size_t i, rl, dirlen; + + dirlen = dir_len(from); + from_dir_p = strndup(from, dirlen); + if (!from_dir_p) + return strdup(from + strlen(destrootdir)); + if (realpath(from_dir_p, buf) == NULL) { + log_warning("convert_abs_rel(): from '%s' directory has no realpath: %m", from); + return strdup(from + strlen(destrootdir)); + } + /* dir_len() skips double /'s e.g. //lib64, so we can't skip just one + * character - need to skip all leading /'s */ + for (i = dirlen + 1; from[i] == '/'; ++i) + ; + _asprintf(&realfrom, "%s/%s", buf, from + i); + + dirlen = dir_len(target); + target_dir_p = strndup(target, dirlen); + if (!target_dir_p) + return strdup(from + strlen(destrootdir)); + if (realpath(target_dir_p, buf) == NULL) { + log_warning("convert_abs_rel(): target '%s' directory has no realpath: %m", target); + return strdup(from + strlen(destrootdir)); + } + + for (i = dirlen + 1; target[i] == '/'; ++i) + ; + _asprintf(&realtarget, "%s/%s", buf, target + i); + + /* now calculate the relative path from <from> to <target> and + store it in <buf> + */ + rl = 0; + + /* count the pathname elements of realtarget */ + for (targetlevel = 0, i = 0; realtarget[i]; i++) + if (realtarget[i] == '/') + targetlevel++; + + /* count the pathname elements of realfrom */ + for (fromlevel = 0, i = 0; realfrom[i]; i++) + if (realfrom[i] == '/') + fromlevel++; + + /* count the pathname elements, which are common for both paths */ + for (level = 0, i = 0; realtarget[i] && (realtarget[i] == realfrom[i]); i++) + if (realtarget[i] == '/') + level++; + + /* add "../" to the buf path, until the common pathname is + reached */ + for (i = level; i < targetlevel; i++) { + if (i != level) + buf[rl++] = '/'; + buf[rl++] = '.'; + buf[rl++] = '.'; + } + + /* set l to the next uncommon pathname element in realfrom */ + for (l = 1, i = 1; i < level; i++) + for (l++; realfrom[l] && realfrom[l] != '/'; l++) ; + /* skip next '/' */ + l++; + + /* append the uncommon rest of realfrom to the buf path */ + for (i = level; i <= fromlevel; i++) { + if (rl) + buf[rl++] = '/'; + while (realfrom[l] && realfrom[l] != '/') + buf[rl++] = realfrom[l++]; + l++; + } + + buf[rl] = 0; + return strdup(buf); +} + +static int ln_r(const char *src, const char *dst) +{ + int ret; + _cleanup_free_ const char *points_to = convert_abs_rel(src, dst); + + log_info("ln -s '%s' '%s'", points_to, dst); + ret = symlink(points_to, dst); + + if (ret != 0) { + log_error("ERROR: ln -s '%s' '%s': %m", points_to, dst); + return 1; + } + + return 0; +} + +/* Perform the O(1) btrfs clone operation, if possible. + Upon success, return 0. Otherwise, return -1 and set errno. */ +static inline int clone_file(int dest_fd, int src_fd) +{ +#undef BTRFS_IOCTL_MAGIC +#define BTRFS_IOCTL_MAGIC 0x94 +#undef BTRFS_IOC_CLONE +#define BTRFS_IOC_CLONE _IOW (BTRFS_IOCTL_MAGIC, 9, int) + return ioctl(dest_fd, BTRFS_IOC_CLONE, src_fd); +} + +static bool use_clone = true; + +static int cp(const char *src, const char *dst) +{ + int pid; + int ret = 0; + + if (use_clone) { + struct stat sb; + _cleanup_close_ int dest_desc = -1, source_desc = -1; + + if (lstat(src, &sb) != 0) + goto normal_copy; + + if (S_ISLNK(sb.st_mode)) + goto normal_copy; + + source_desc = open(src, O_RDONLY | O_CLOEXEC); + if (source_desc < 0) + goto normal_copy; + + dest_desc = + open(dst, O_WRONLY | O_CREAT | O_EXCL | O_CLOEXEC, + (sb.st_mode) & (S_ISUID | S_ISGID | S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO)); + + if (dest_desc < 0) { + goto normal_copy; + } + + ret = clone_file(dest_desc, source_desc); + + if (ret == 0) { + struct timeval tv[2]; + if (fchown(dest_desc, sb.st_uid, sb.st_gid) != 0) + if (fchown(dest_desc, (uid_t) - 1, sb.st_gid) != 0) { + if (geteuid() == 0) + log_error("Failed to chown %s: %m", dst); + else + log_info("Failed to chown %s: %m", dst); + } + + tv[0].tv_sec = sb.st_atime; + tv[0].tv_usec = 0; + tv[1].tv_sec = sb.st_mtime; + tv[1].tv_usec = 0; + futimes(dest_desc, tv); + return ret; + } + close(dest_desc); + dest_desc = -1; + /* clone did not work, remove the file */ + unlink(dst); + /* do not try clone again */ + use_clone = false; + } + +normal_copy: + pid = fork(); + const char *preservation = (geteuid() == 0 + && no_xattr == false) ? "--preserve=mode,xattr,timestamps,ownership" : "--preserve=mode,timestamps,ownership"; + if (pid == 0) { + execlp("cp", "cp", "--reflink=auto", "--sparse=auto", preservation, "-fL", src, dst, NULL); + _exit(errno == ENOENT ? 127 : 126); + } + + while (waitpid(pid, &ret, 0) == -1) { + if (errno != EINTR) { + log_error("ERROR: waitpid() failed: %m"); + return 1; + } + } + ret = WIFSIGNALED(ret) ? 128 + WTERMSIG(ret) : WEXITSTATUS(ret); + if (ret != 0) + log_error("ERROR: 'cp --reflink=auto --sparse=auto %s -fL %s %s' failed with %d", preservation, src, dst, ret); + log_debug("cp ret = %d", ret); + return ret; +} + +static int library_install(const char *src, const char *lib) +{ + _cleanup_free_ char *p = NULL; + _cleanup_free_ char *pdir = NULL, *ppdir = NULL, *pppdir = NULL, *clib = NULL; + char *q, *clibdir; + int r, ret = 0; + + r = dracut_install(lib, lib, false, false, true); + if (r != 0) + log_error("ERROR: failed to install '%s' for '%s'", lib, src); + else + log_debug("Lib install: '%s'", lib); + ret += r; + + /* also install lib.so for lib.so.* files */ + q = strstr(lib, ".so."); + if (q) { + p = strndup(lib, q - lib + 3); + + /* ignore errors for base lib symlink */ + if (dracut_install(p, p, false, false, true) == 0) + log_debug("Lib install: '%s'", p); + + free(p); + } + + /* Also try to install the same library from one directory above + * or from one directory above glibc-hwcaps. + This fixes the case, where only the HWCAP lib would be installed + # ldconfig -p|grep -F libc.so + libc.so.6 (libc6,64bit, hwcap: 0x0000001000000000, OS ABI: Linux 2.6.32) => /lib64/power6/libc.so.6 + libc.so.6 (libc6,64bit, hwcap: 0x0000000000000200, OS ABI: Linux 2.6.32) => /lib64/power6x/libc.so.6 + libc.so.6 (libc6,64bit, OS ABI: Linux 2.6.32) => /lib64/libc.so.6 + */ + + p = strdup(lib); + + pdir = dirname_malloc(p); + if (!pdir) + return ret; + + ppdir = dirname_malloc(pdir); + /* only one parent directory, not HWCAP library */ + if (!ppdir || streq(ppdir, "/")) + return ret; + + pppdir = dirname_malloc(ppdir); + if (!pppdir) + return ret; + + clibdir = streq(basename(ppdir), "glibc-hwcaps") ? pppdir : ppdir; + clib = strjoin(clibdir, "/", basename(p), NULL); + if (dracut_install(clib, clib, false, false, true) == 0) + log_debug("Lib install: '%s'", clib); + /* also install lib.so for lib.so.* files */ + q = strstr(clib, ".so."); + if (q) { + q[3] = '\0'; + + /* ignore errors for base lib symlink */ + if (dracut_install(clib, clib, false, false, true) == 0) + log_debug("Lib install: '%s'", p); + } + + return ret; +} + +static char *get_real_file(const char *src, bool fullyresolve) +{ + struct stat sb; + ssize_t linksz; + char linktarget[PATH_MAX + 1]; + _cleanup_free_ char *fullsrcpath_a = NULL; + const char *fullsrcpath; + _cleanup_free_ char *abspath = NULL; + + if (sysrootdirlen) { + if (strncmp(src, sysrootdir, sysrootdirlen) == 0) { + fullsrcpath = src; + } else { + _asprintf(&fullsrcpath_a, "%s/%s", + (sysrootdirlen ? sysrootdir : ""), + (src[0] == '/' ? src + 1 : src)); + fullsrcpath = fullsrcpath_a; + } + } else { + fullsrcpath = src; + } + + log_debug("get_real_file('%s')", fullsrcpath); + + if (lstat(fullsrcpath, &sb) < 0) + return NULL; + + switch (sb.st_mode & S_IFMT) { + case S_IFDIR: + case S_IFREG: + return strdup(fullsrcpath); + case S_IFLNK: + break; + default: + return NULL; + } + + linksz = readlink(fullsrcpath, linktarget, sizeof(linktarget)); + if (linksz < 0) + return NULL; + linktarget[linksz] = '\0'; + + log_debug("get_real_file: readlink('%s') returns '%s'", fullsrcpath, linktarget); + + if (streq(fullsrcpath, linktarget)) { + log_error("ERROR: '%s' is pointing to itself", fullsrcpath); + return NULL; + } + + if (linktarget[0] == '/') { + _asprintf(&abspath, "%s%s", (sysrootdirlen ? sysrootdir : ""), linktarget); + } else { + _asprintf(&abspath, "%.*s/%s", (int)dir_len(fullsrcpath), fullsrcpath, linktarget); + } + + if (fullyresolve) { + struct stat st; + if (lstat(abspath, &st) < 0) { + if (errno != ENOENT) { + return NULL; + } + } + if (S_ISLNK(st.st_mode)) { + return get_real_file(abspath, fullyresolve); + } + } + + log_debug("get_real_file('%s') => '%s'", src, abspath); + return TAKE_PTR(abspath); +} + +static int resolve_deps(const char *src) +{ + int ret = 0, err; + + _cleanup_free_ char *buf = NULL; + size_t linesize = LINE_MAX + 1; + _cleanup_free_ char *fullsrcpath = NULL; + + fullsrcpath = get_real_file(src, true); + log_debug("resolve_deps('%s') -> get_real_file('%s', true) = '%s'", src, src, fullsrcpath); + if (!fullsrcpath) + return 0; + + buf = malloc(linesize); + if (buf == NULL) + return -errno; + + if (strstr(src, ".so") == NULL) { + _cleanup_close_ int fd = -1; + fd = open(fullsrcpath, O_RDONLY | O_CLOEXEC); + if (fd < 0) + return -errno; + + ret = read(fd, buf, linesize - 1); + if (ret == -1) + return -errno; + + buf[ret] = '\0'; + if (buf[0] == '#' && buf[1] == '!') { + /* we have a shebang */ + char *p, *q; + for (p = &buf[2]; *p && isspace(*p); p++) ; + for (q = p; *q && (!isspace(*q)); q++) ; + *q = '\0'; + log_debug("Script install: '%s'", p); + ret = dracut_install(p, p, false, true, false); + if (ret != 0) + log_error("ERROR: failed to install '%s'", p); + return ret; + } + } + + int fds[2]; + FILE *fptr; + if (pipe2(fds, O_CLOEXEC) == -1 || (fptr = fdopen(fds[0], "r")) == NULL) { + log_error("ERROR: pipe stream initialization for '%s' failed: %m", ldd); + exit(EXIT_FAILURE); + } + + log_debug("%s %s", ldd, fullsrcpath); + pid_t ldd_pid; + if ((ldd_pid = fork()) == 0) { + dup2(fds[1], 1); + dup2(fds[1], 2); + putenv("LC_ALL=C"); + execlp(ldd, ldd, fullsrcpath, (char *)NULL); + _exit(errno == ENOENT ? 127 : 126); + } + close(fds[1]); + + ret = 0; + + while (getline(&buf, &linesize, fptr) >= 0) { + char *p; + + log_debug("ldd: '%s'", buf); + + if (strstr(buf, "you do not have execution permission")) { + log_error("%s", buf); + ret += 1; + break; + } + + /* errors from cross-compiler-ldd */ + if (strstr(buf, "unable to find sysroot")) { + log_error("%s", buf); + ret += 1; + break; + } + + /* musl ldd */ + if (strstr(buf, "Not a valid dynamic program")) + break; + + /* glibc */ + if (strstr(buf, "cannot execute binary file")) + continue; + + if (strstr(buf, "not a dynamic executable")) + break; + + if (strstr(buf, "loader cannot load itself")) + break; + + if (strstr(buf, "not regular file")) + break; + + if (strstr(buf, "cannot read header")) + break; + + if (strstr(buf, "cannot be preloaded")) + break; + + if (strstr(buf, destrootdir)) + break; + + p = buf; + if (strchr(p, '$')) { + /* take ldd variable expansion into account */ + p = strstr(p, "=>"); + if (!p) + p = buf; + } + p = strchr(p, '/'); + + if (p) { + char *q; + + for (q = p; *q && *q != ' ' && *q != '\n'; q++) ; + *q = '\0'; + + ret += library_install(src, p); + + } + } + + fclose(fptr); + while (waitpid(ldd_pid, &err, 0) == -1) { + if (errno != EINTR) { + log_error("ERROR: waitpid() failed: %m"); + return 1; + } + } + err = WIFSIGNALED(err) ? 128 + WTERMSIG(err) : WEXITSTATUS(err); + /* ldd has error conditions we largely don't care about ("not a dynamic executable", &c.): + only error out on hard errors (ENOENT, ENOEXEC, signals) */ + if (err >= 126) { + log_error("ERROR: '%s %s' failed with %d", ldd, fullsrcpath, err); + return err; + } else + return ret; +} + +/* Install ".<filename>.hmac" file for FIPS self-checks */ +static int hmac_install(const char *src, const char *dst, const char *hmacpath) +{ + _cleanup_free_ char *srchmacname = NULL; + _cleanup_free_ char *dsthmacname = NULL; + + size_t dlen = dir_len(src); + + if (endswith(src, ".hmac")) + return 0; + + if (!hmacpath) { + hmac_install(src, dst, "/lib/fipscheck"); + hmac_install(src, dst, "/lib64/fipscheck"); + hmac_install(src, dst, "/lib/hmaccalc"); + hmac_install(src, dst, "/lib64/hmaccalc"); + } + + if (hmacpath) { + _asprintf(&srchmacname, "%s/%s.hmac", hmacpath, &src[dlen + 1]); + _asprintf(&dsthmacname, "%s/%s.hmac", hmacpath, &src[dlen + 1]); + } else { + _asprintf(&srchmacname, "%.*s/.%s.hmac", (int)dlen, src, &src[dlen + 1]); + _asprintf(&dsthmacname, "%.*s/.%s.hmac", (int)dir_len(dst), dst, &src[dlen + 1]); + } + log_debug("hmac cp '%s' '%s'", srchmacname, dsthmacname); + dracut_install(srchmacname, dsthmacname, false, false, true); + return 0; +} + +void mark_hostonly(const char *path) +{ + _cleanup_free_ char *fulldstpath = NULL; + _cleanup_fclose_ FILE *f = NULL; + + _asprintf(&fulldstpath, "%s/lib/dracut/hostonly-files", destrootdir); + + f = fopen(fulldstpath, "a"); + + if (f == NULL) { + log_error("Could not open '%s' for writing.", fulldstpath); + return; + } + + fprintf(f, "%s\n", path); +} + +void dracut_log_cp(const char *path) +{ + int ret; + ret = fprintf(logfile_f, "%s\n", path); + if (ret < 0) + log_error("Could not append '%s' to logfile '%s': %m", path, logfile); +} + +static bool check_hashmap(Hashmap *hm, const char *item) +{ + char *existing; + existing = hashmap_get(hm, item); + if (existing) { + if (strcmp(existing, item) == 0) { + return true; + } + } + return false; +} + +static int dracut_mkdir(const char *src) +{ + _cleanup_free_ char *parent = NULL; + char *path; + struct stat sb; + + parent = strdup(src); + if (!parent) + return 1; + + path = parent[0] == '/' ? parent + 1 : parent; + while (path) { + path = strstr(path, "/"); + if (path) + *path = '\0'; + + if (stat(parent, &sb) == 0) { + if (!S_ISDIR(sb.st_mode)) { + log_error("%s exists but is not a directory!", parent); + return 1; + } + } else if (errno != ENOENT) { + log_error("ERROR: stat '%s': %m", parent); + return 1; + } else { + if (mkdir(parent, 0755) < 0) { + log_error("ERROR: mkdir '%s': %m", parent); + return 1; + } + } + + if (path) { + *path = '/'; + path++; + } + } + + return 0; +} + +static int dracut_install(const char *orig_src, const char *orig_dst, bool isdir, bool resolvedeps, bool hashdst) +{ + struct stat sb; + _cleanup_free_ char *fullsrcpath = NULL; + _cleanup_free_ char *fulldstpath = NULL; + _cleanup_free_ char *fulldstdir = NULL; + int ret; + bool src_islink = false; + bool src_isdir = false; + mode_t src_mode = 0; + bool dst_exists = true; + char *i = NULL; + const char *src, *dst; + + if (sysrootdirlen) { + if (strncmp(orig_src, sysrootdir, sysrootdirlen) == 0) { + src = orig_src + sysrootdirlen; + fullsrcpath = strdup(orig_src); + } else { + src = orig_src; + _asprintf(&fullsrcpath, "%s%s", sysrootdir, src); + } + if (strncmp(orig_dst, sysrootdir, sysrootdirlen) == 0) + dst = orig_dst + sysrootdirlen; + else + dst = orig_dst; + } else { + src = orig_src; + fullsrcpath = strdup(src); + dst = orig_dst; + } + + log_debug("dracut_install('%s', '%s', %d, %d, %d)", src, dst, isdir, resolvedeps, hashdst); + + if (check_hashmap(items_failed, src)) { + log_debug("hash hit items_failed for '%s'", src); + return 1; + } + + if (hashdst && check_hashmap(items, dst)) { + log_debug("hash hit items for '%s'", dst); + return 0; + } + + if (lstat(fullsrcpath, &sb) < 0) { + if (!isdir) { + i = strdup(src); + hashmap_put(items_failed, i, i); + /* src does not exist */ + return 1; + } + } else { + src_islink = S_ISLNK(sb.st_mode); + src_isdir = S_ISDIR(sb.st_mode); + src_mode = sb.st_mode; + } + + _asprintf(&fulldstpath, "%s/%s", destrootdir, (dst[0] == '/' ? (dst + 1) : dst)); + + ret = stat(fulldstpath, &sb); + if (ret != 0) { + dst_exists = false; + if (errno != ENOENT) { + log_error("ERROR: stat '%s': %m", fulldstpath); + return 1; + } + } + + if (ret == 0) { + if (resolvedeps && S_ISREG(sb.st_mode) && (sb.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))) { + log_debug("'%s' already exists, but checking for any deps", fulldstpath); + ret = resolve_deps(fulldstpath + sysrootdirlen); + } else + log_debug("'%s' already exists", fulldstpath); + + /* dst does already exist */ + } else { + + /* check destination directory */ + fulldstdir = strndup(fulldstpath, dir_len(fulldstpath)); + if (!fulldstdir) { + log_error("Out of memory!"); + return 1; + } + + ret = access(fulldstdir, F_OK); + + if (ret < 0) { + _cleanup_free_ char *dname = NULL; + + if (errno != ENOENT) { + log_error("ERROR: stat '%s': %m", fulldstdir); + return 1; + } + /* create destination directory */ + log_debug("dest dir '%s' does not exist", fulldstdir); + + dname = strndup(dst, dir_len(dst)); + if (!dname) + return 1; + ret = dracut_install(dname, dname, true, false, true); + + if (ret != 0) { + log_error("ERROR: failed to create directory '%s'", fulldstdir); + return 1; + } + } + + if (src_isdir) { + if (dst_exists) { + if (S_ISDIR(sb.st_mode)) { + log_debug("dest dir '%s' already exists", fulldstpath); + return 0; + } + log_error("dest dir '%s' already exists but is not a directory", fulldstpath); + return 1; + } + + log_info("mkdir '%s'", fulldstpath); + ret = dracut_mkdir(fulldstpath); + if (ret == 0) { + i = strdup(dst); + if (!i) + return -ENOMEM; + + hashmap_put(items, i, i); + } + return ret; + } + + /* ready to install src */ + + if (src_islink) { + _cleanup_free_ char *abspath = NULL; + + abspath = get_real_file(src, false); + + if (abspath == NULL) + return 1; + + if (dracut_install(abspath, abspath, false, resolvedeps, hashdst)) { + log_debug("'%s' install error", abspath); + return 1; + } + + if (faccessat(AT_FDCWD, abspath, F_OK, AT_SYMLINK_NOFOLLOW) != 0) { + log_debug("lstat '%s': %m", abspath); + return 1; + } + + if (faccessat(AT_FDCWD, fulldstpath, F_OK, AT_SYMLINK_NOFOLLOW) != 0) { + _cleanup_free_ char *absdestpath = NULL; + + _asprintf(&absdestpath, "%s/%s", destrootdir, + (abspath[0] == '/' ? (abspath + 1) : abspath) + sysrootdirlen); + + ln_r(absdestpath, fulldstpath); + } + + if (arg_hmac) { + /* copy .hmac files also */ + hmac_install(src, dst, NULL); + } + + return 0; + } + + if (src_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) { + if (resolvedeps) + ret += resolve_deps(fullsrcpath + sysrootdirlen); + if (arg_hmac) { + /* copy .hmac files also */ + hmac_install(src, dst, NULL); + } + } + + log_debug("dracut_install ret = %d", ret); + + if (arg_hostonly && !arg_module) + mark_hostonly(dst); + + if (isdir) { + log_info("mkdir '%s'", fulldstpath); + ret += dracut_mkdir(fulldstpath); + } else { + log_info("cp '%s' '%s'", fullsrcpath, fulldstpath); + ret += cp(fullsrcpath, fulldstpath); + } + } + + if (ret == 0) { + i = strdup(dst); + if (!i) + return -ENOMEM; + + hashmap_put(items, i, i); + + if (logfile_f) + dracut_log_cp(src); + } + + log_debug("dracut_install ret = %d", ret); + + return ret; +} + +static void usage(int status) +{ + /* */ + printf("Usage: %s -D DESTROOTDIR [-r SYSROOTDIR] [OPTION]... -a SOURCE...\n" + "or: %s -D DESTROOTDIR [-r SYSROOTDIR] [OPTION]... SOURCE DEST\n" + "or: %s -D DESTROOTDIR [-r SYSROOTDIR] [OPTION]... -m KERNELMODULE [KERNELMODULE …]\n" + "\n" + "Install SOURCE (from rootfs or SYSROOTDIR) to DEST in DESTROOTDIR with all needed dependencies.\n" + "\n" + " KERNELMODULE can have the format:\n" + " <absolute path> with a leading /\n" + " =<kernel subdir>[/<kernel subdir>…] like '=drivers/hid'\n" + " <module name>\n" + "\n" + " -D --destrootdir Install all files to DESTROOTDIR as the root\n" + " -r --sysrootdir Install all files from SYSROOTDIR\n" + " -a --all Install all SOURCE arguments to DESTROOTDIR\n" + " -o --optional If SOURCE does not exist, do not fail\n" + " -d --dir SOURCE is a directory\n" + " -l --ldd Also install shebang executables and libraries\n" + " -L --logdir <DIR> Log files, which were installed from the host to <DIR>\n" + " -R --resolvelazy Only install shebang executables and libraries\n" + " for all SOURCE files\n" + " -H --hostonly Mark all SOURCE files as hostonly\n\n" + " -f --fips Also install all '.SOURCE.hmac' files\n" + "\n" + " --module,-m Install kernel modules, instead of files\n" + " --kerneldir Specify the kernel module directory\n" + " (default: /lib/modules/$(uname -r))\n" + " --firmwaredirs Specify the firmware directory search path with : separation\n" + " (default: $DRACUT_FIRMWARE_PATH, otherwise kernel-compatible\n" + " $(</sys/module/firmware_class/parameters/path),\n" + " /lib/firmware/updates/$(uname -r), /lib/firmware/updates\n" + " /lib/firmware/$(uname -r), /lib/firmware)\n" + " --silent Don't display error messages for kernel module install\n" + " --modalias Only generate module list from /sys/devices modalias list\n" + " -o --optional If kernel module does not exist, do not fail\n" + " -p --mod-filter-path Filter kernel modules by path regexp\n" + " -P --mod-filter-nopath Exclude kernel modules by path regexp\n" + " -s --mod-filter-symbol Filter kernel modules by symbol regexp\n" + " -S --mod-filter-nosymbol Exclude kernel modules by symbol regexp\n" + " -N --mod-filter-noname Exclude kernel modules by name regexp\n" + "\n" + " -v --verbose Show more output\n" + " --debug Show debug output\n" + " --version Show package version\n" + " -h --help Show this help\n" + "\n", program_invocation_short_name, program_invocation_short_name, program_invocation_short_name); + exit(status); +} + +static int parse_argv(int argc, char *argv[]) +{ + int c; + + enum { + ARG_VERSION = 0x100, + ARG_SILENT, + ARG_MODALIAS, + ARG_KERNELDIR, + ARG_FIRMWAREDIRS, + ARG_DEBUG + }; + + static struct option const options[] = { + {"help", no_argument, NULL, 'h'}, + {"version", no_argument, NULL, ARG_VERSION}, + {"dir", no_argument, NULL, 'd'}, + {"debug", no_argument, NULL, ARG_DEBUG}, + {"verbose", no_argument, NULL, 'v'}, + {"ldd", no_argument, NULL, 'l'}, + {"resolvelazy", no_argument, NULL, 'R'}, + {"optional", no_argument, NULL, 'o'}, + {"hostonly", no_argument, NULL, 'H'}, + {"all", no_argument, NULL, 'a'}, + {"module", no_argument, NULL, 'm'}, + {"fips", no_argument, NULL, 'f'}, + {"destrootdir", required_argument, NULL, 'D'}, + {"sysrootdir", required_argument, NULL, 'r'}, + {"logdir", required_argument, NULL, 'L'}, + {"mod-filter-path", required_argument, NULL, 'p'}, + {"mod-filter-nopath", required_argument, NULL, 'P'}, + {"mod-filter-symbol", required_argument, NULL, 's'}, + {"mod-filter-nosymbol", required_argument, NULL, 'S'}, + {"mod-filter-noname", required_argument, NULL, 'N'}, + {"modalias", no_argument, NULL, ARG_MODALIAS}, + {"silent", no_argument, NULL, ARG_SILENT}, + {"kerneldir", required_argument, NULL, ARG_KERNELDIR}, + {"firmwaredirs", required_argument, NULL, ARG_FIRMWAREDIRS}, + {NULL, 0, NULL, 0} + }; + + while ((c = getopt_long(argc, argv, "madfhlL:oD:Hr:Rp:P:s:S:N:v", options, NULL)) != -1) { + switch (c) { + case ARG_VERSION: + puts(PROGRAM_VERSION_STRING); + return 0; + case 'd': + arg_createdir = true; + break; + case ARG_DEBUG: + arg_loglevel = LOG_DEBUG; + break; + case ARG_SILENT: + arg_silent = true; + break; + case ARG_MODALIAS: + arg_modalias = true; + return 1; + break; + case 'v': + arg_loglevel = LOG_INFO; + break; + case 'o': + arg_optional = true; + break; + case 'l': + arg_resolvedeps = true; + break; + case 'R': + arg_resolvelazy = true; + break; + case 'a': + arg_all = true; + break; + case 'm': + arg_module = true; + break; + case 'D': + destrootdir = optarg; + break; + case 'r': + sysrootdir = optarg; + sysrootdirlen = strlen(sysrootdir); + break; + case 'p': + if (regcomp(&mod_filter_path, optarg, REG_NOSUB | REG_EXTENDED) != 0) { + log_error("Module path filter %s is not a regular expression", optarg); + exit(EXIT_FAILURE); + } + arg_mod_filter_path = true; + break; + case 'P': + if (regcomp(&mod_filter_nopath, optarg, REG_NOSUB | REG_EXTENDED) != 0) { + log_error("Module path filter %s is not a regular expression", optarg); + exit(EXIT_FAILURE); + } + arg_mod_filter_nopath = true; + break; + case 's': + if (regcomp(&mod_filter_symbol, optarg, REG_NOSUB | REG_EXTENDED) != 0) { + log_error("Module symbol filter %s is not a regular expression", optarg); + exit(EXIT_FAILURE); + } + arg_mod_filter_symbol = true; + break; + case 'S': + if (regcomp(&mod_filter_nosymbol, optarg, REG_NOSUB | REG_EXTENDED) != 0) { + log_error("Module symbol filter %s is not a regular expression", optarg); + exit(EXIT_FAILURE); + } + arg_mod_filter_nosymbol = true; + break; + case 'N': + if (regcomp(&mod_filter_noname, optarg, REG_NOSUB | REG_EXTENDED) != 0) { + log_error("Module symbol filter %s is not a regular expression", optarg); + exit(EXIT_FAILURE); + } + arg_mod_filter_noname = true; + break; + case 'L': + logdir = optarg; + break; + case ARG_KERNELDIR: + kerneldir = optarg; + break; + case ARG_FIRMWAREDIRS: + firmwaredirs = strv_split(optarg, ":"); + break; + case 'f': + arg_hmac = true; + break; + case 'H': + arg_hostonly = true; + break; + case 'h': + usage(EXIT_SUCCESS); + break; + default: + usage(EXIT_FAILURE); + } + } + + if (arg_loglevel >= 0) { + log_set_max_level(arg_loglevel); + } + + struct utsname buf = {0}; + if (!kerneldir) { + uname(&buf); + _asprintf(&kerneldir, "/lib/modules/%s", buf.release); + } + + if (arg_modalias) { + return 1; + } + + if (arg_module) { + if (!firmwaredirs) { + char *path = getenv("DRACUT_FIRMWARE_PATH"); + + if (path) { + log_debug("DRACUT_FIRMWARE_PATH=%s", path); + firmwaredirs = strv_split(path, ":"); + } else { + if (!*buf.release) + uname(&buf); + + char fw_path_para[PATH_MAX + 1] = ""; + int path = open("/sys/module/firmware_class/parameters/path", O_RDONLY | O_CLOEXEC); + if (path != -1) { + ssize_t rd = read(path, fw_path_para, PATH_MAX); + if (rd != -1) + fw_path_para[rd - 1] = '\0'; + close(path); + } + char uk[22 + sizeof(buf.release)], fk[14 + sizeof(buf.release)]; + sprintf(uk, "/lib/firmware/updates/%s", buf.release); + sprintf(fk, "/lib/firmware/%s", buf.release); + firmwaredirs = strv_new(STRV_IFNOTNULL(*fw_path_para ? fw_path_para : NULL), + uk, + "/lib/firmware/updates", + fk, + "/lib/firmware", + NULL); + } + } + } + + if (!optind || optind == argc) { + if (!arg_optional) { + log_error("No SOURCE argument given"); + usage(EXIT_FAILURE); + } else { + exit(EXIT_SUCCESS); + } + } + + return 1; +} + +static int resolve_lazy(int argc, char **argv) +{ + int i; + size_t destrootdirlen = strlen(destrootdir); + int ret = 0; + char *item; + for (i = 0; i < argc; i++) { + const char *src = argv[i]; + char *p = argv[i]; + + log_debug("resolve_deps('%s')", src); + + if (strstr(src, destrootdir)) { + p = &argv[i][destrootdirlen]; + } + + if (check_hashmap(items, p)) { + continue; + } + + item = strdup(p); + hashmap_put(items, item, item); + + ret += resolve_deps(src); + } + return ret; +} + +static char **find_binary(const char *src) +{ + char **ret = NULL; + char **q; + char *newsrc = NULL; + + STRV_FOREACH(q, pathdirs) { + char *fullsrcpath; + + _asprintf(&newsrc, "%s/%s", *q, src); + + fullsrcpath = get_real_file(newsrc, false); + if (!fullsrcpath) { + log_debug("get_real_file(%s) not found", newsrc); + free(newsrc); + newsrc = NULL; + continue; + } + + if (faccessat(AT_FDCWD, fullsrcpath, F_OK, AT_SYMLINK_NOFOLLOW) != 0) { + log_debug("lstat(%s) != 0", fullsrcpath); + free(newsrc); + newsrc = NULL; + free(fullsrcpath); + fullsrcpath = NULL; + continue; + } + + strv_push(&ret, newsrc); + + free(fullsrcpath); + fullsrcpath = NULL; + }; + + if (ret) { + STRV_FOREACH(q, ret) { + log_debug("find_binary(%s) == %s", src, *q); + } + } + + return ret; +} + +static int install_one(const char *src, const char *dst) +{ + int r = EXIT_SUCCESS; + int ret = 0; + + if (strchr(src, '/') == NULL) { + char **p = find_binary(src); + if (p) { + char **q = NULL; + STRV_FOREACH(q, p) { + char *newsrc = *q; + log_debug("dracut_install '%s' '%s'", newsrc, dst); + ret = dracut_install(newsrc, dst, arg_createdir, arg_resolvedeps, true); + if (ret == 0) { + log_debug("dracut_install '%s' '%s' OK", newsrc, dst); + } + } + strv_free(p); + } else { + ret = -1; + } + } else { + ret = dracut_install(src, dst, arg_createdir, arg_resolvedeps, true); + } + + if ((ret != 0) && (!arg_optional)) { + log_error("ERROR: installing '%s' to '%s'", src, dst); + r = EXIT_FAILURE; + } + + return r; +} + +static int install_all(int argc, char **argv) +{ + int r = EXIT_SUCCESS; + int i; + for (i = 0; i < argc; i++) { + int ret = 0; + log_debug("Handle '%s'", argv[i]); + + if (strchr(argv[i], '/') == NULL) { + char **p = find_binary(argv[i]); + if (p) { + char **q = NULL; + STRV_FOREACH(q, p) { + char *newsrc = *q; + log_debug("dracut_install '%s'", newsrc); + ret = dracut_install(newsrc, newsrc, arg_createdir, arg_resolvedeps, true); + if (ret == 0) { + log_debug("dracut_install '%s' OK", newsrc); + } + } + strv_free(p); + } else { + ret = -1; + } + + } else { + if (strchr(argv[i], '*') == NULL) { + ret = dracut_install(argv[i], argv[i], arg_createdir, arg_resolvedeps, true); + } else { + _cleanup_free_ char *realsrc = NULL; + _cleanup_globfree_ glob_t globbuf; + + _asprintf(&realsrc, "%s%s", sysrootdir ? sysrootdir : "", argv[i]); + + ret = glob(realsrc, 0, NULL, &globbuf); + if (ret == 0) { + size_t j; + + for (j = 0; j < globbuf.gl_pathc; j++) { + ret |= dracut_install(globbuf.gl_pathv[j] + sysrootdirlen, + globbuf.gl_pathv[j] + sysrootdirlen, + arg_createdir, arg_resolvedeps, true); + } + } + } + } + + if ((ret != 0) && (!arg_optional)) { + log_error("ERROR: installing '%s'", argv[i]); + r = EXIT_FAILURE; + } + } + return r; +} + +static int install_firmware_fullpath(const char *fwpath) +{ + const char *fw = fwpath; + _cleanup_free_ char *fwpath_compressed = NULL; + int ret; + if (access(fwpath, F_OK) != 0) { + _asprintf(&fwpath_compressed, "%s.zst", fwpath); + if (access(fwpath_compressed, F_OK) != 0) { + strcpy(fwpath_compressed + strlen(fwpath) + 1, "xz"); + if (access(fwpath_compressed, F_OK) != 0) { + log_debug("stat(%s) != 0", fwpath); + return 1; + } + } + fw = fwpath_compressed; + } + ret = dracut_install(fw, fw, false, false, true); + if (ret == 0) { + log_debug("dracut_install '%s' OK", fwpath); + } + return ret; +} + +static int install_firmware(struct kmod_module *mod) +{ + struct kmod_list *l = NULL; + _cleanup_kmod_module_info_free_list_ struct kmod_list *list = NULL; + int ret; + char **q; + + ret = kmod_module_get_info(mod, &list); + if (ret < 0) { + log_error("could not get modinfo from '%s': %s\n", kmod_module_get_name(mod), strerror(-ret)); + return ret; + } + kmod_list_foreach(l, list) { + const char *key = kmod_module_info_get_key(l); + const char *value = NULL; + bool found_this = false; + + if (!streq("firmware", key)) + continue; + + value = kmod_module_info_get_value(l); + log_debug("Firmware %s", value); + ret = -1; + STRV_FOREACH(q, firmwaredirs) { + _cleanup_free_ char *fwpath = NULL; + + _asprintf(&fwpath, "%s/%s", *q, value); + + if (strpbrk(value, "*?[") != NULL + && access(fwpath, F_OK) != 0) { + size_t i; + _cleanup_globfree_ glob_t globbuf; + + glob(fwpath, 0, NULL, &globbuf); + for (i = 0; i < globbuf.gl_pathc; i++) { + ret = install_firmware_fullpath(globbuf.gl_pathv[i]); + if (ret == 0) + found_this = true; + } + } else { + ret = install_firmware_fullpath(fwpath); + if (ret == 0) + found_this = true; + } + } + if (!found_this) { + /* firmware path was not found in any firmwaredirs */ + log_info("Missing firmware %s for kernel module %s", + value, kmod_module_get_name(mod)); + } + } + return 0; +} + +static bool check_module_symbols(struct kmod_module *mod) +{ + struct kmod_list *itr = NULL; + _cleanup_kmod_module_dependency_symbols_free_list_ struct kmod_list *deplist = NULL; + + if (!arg_mod_filter_symbol && !arg_mod_filter_nosymbol) + return true; + + if (kmod_module_get_dependency_symbols(mod, &deplist) < 0) { + log_debug("kmod_module_get_dependency_symbols failed"); + if (arg_mod_filter_symbol) + return false; + return true; + } + + if (arg_mod_filter_nosymbol) { + kmod_list_foreach(itr, deplist) { + const char *symbol = kmod_module_symbol_get_symbol(itr); + // log_debug("Checking symbol %s", symbol); + if (regexec(&mod_filter_nosymbol, symbol, 0, NULL, 0) == 0) { + log_debug("Module %s: symbol %s matched exclusion filter", kmod_module_get_name(mod), + symbol); + return false; + } + } + } + + if (arg_mod_filter_symbol) { + kmod_list_foreach(itr, deplist) { + const char *symbol = kmod_module_dependency_symbol_get_symbol(itr); + // log_debug("Checking symbol %s", symbol); + if (regexec(&mod_filter_symbol, symbol, 0, NULL, 0) == 0) { + log_debug("Module %s: symbol %s matched inclusion filter", kmod_module_get_name(mod), + symbol); + return true; + } + } + return false; + } + + return true; +} + +static bool check_module_path(const char *path) +{ + if (arg_mod_filter_nopath && (regexec(&mod_filter_nopath, path, 0, NULL, 0) == 0)) { + log_debug("Path %s matched exclusion filter", path); + return false; + } + + if (arg_mod_filter_path && (regexec(&mod_filter_path, path, 0, NULL, 0) != 0)) { + log_debug("Path %s matched inclusion filter", path); + return false; + } + return true; +} + +static int find_kmod_module_from_sysfs_node(struct kmod_ctx *ctx, const char *sysfs_node, int sysfs_node_len, + struct kmod_list **modules) +{ + char modalias_path[PATH_MAX]; + if (snprintf(modalias_path, sizeof(modalias_path), "%.*s/modalias", sysfs_node_len, + sysfs_node) >= sizeof(modalias_path)) + return -1; + + _cleanup_close_ int modalias_file = -1; + if ((modalias_file = open(modalias_path, O_RDONLY | O_CLOEXEC)) == -1) + return 0; + + char alias[page_size()]; + ssize_t len = read(modalias_file, alias, sizeof(alias)); + alias[len - 1] = '\0'; + + return kmod_module_new_from_lookup(ctx, alias, modules); +} + +static int find_modules_from_sysfs_node(struct kmod_ctx *ctx, const char *sysfs_node, Hashmap *modules) +{ + _cleanup_kmod_module_unref_list_ struct kmod_list *list = NULL; + struct kmod_list *l = NULL; + + if (find_kmod_module_from_sysfs_node(ctx, sysfs_node, strlen(sysfs_node), &list) >= 0) { + kmod_list_foreach(l, list) { + struct kmod_module *mod = kmod_module_get_module(l); + char *module = strdup(kmod_module_get_name(mod)); + kmod_module_unref(mod); + + if (hashmap_put(modules, module, module) < 0) + free(module); + } + } + + return 0; +} + +static void find_suppliers_for_sys_node(struct kmod_ctx *ctx, Hashmap *suppliers, const char *node_path_raw, + size_t node_path_len) +{ + char node_path[PATH_MAX]; + char real_path[PATH_MAX]; + + memcpy(node_path, node_path_raw, node_path_len); + node_path[node_path_len] = '\0'; + + DIR *d; + struct dirent *dir; + while (realpath(node_path, real_path) != NULL && strcmp(real_path, "/sys/devices")) { + d = opendir(node_path); + if (d) { + size_t real_path_len = strlen(real_path); + while ((dir = readdir(d)) != NULL) { + if (strstr(dir->d_name, "supplier:platform") != NULL) { + if (snprintf(real_path + real_path_len, sizeof(real_path) - real_path_len, "/%s/supplier", + dir->d_name) < sizeof(real_path) - real_path_len) { + char *real_supplier_path = realpath(real_path, NULL); + if (real_supplier_path != NULL) + if (hashmap_put(suppliers, real_supplier_path, real_supplier_path) < 0) + free(real_supplier_path); + } + } + } + closedir(d); + } + strncat(node_path, "/..", 3); // Also find suppliers of parents + } +} + +static void find_suppliers(struct kmod_ctx *ctx) +{ + _cleanup_fts_close_ FTS *fts; + char *paths[] = { "/sys/devices/platform", NULL }; + fts = fts_open(paths, FTS_NOSTAT | FTS_PHYSICAL, NULL); + + for (FTSENT *ftsent = fts_read(fts); ftsent != NULL; ftsent = fts_read(fts)) { + if (strcmp(ftsent->fts_name, "modalias") == 0) { + _cleanup_kmod_module_unref_list_ struct kmod_list *list = NULL; + struct kmod_list *l; + + if (find_kmod_module_from_sysfs_node(ctx, ftsent->fts_parent->fts_path, ftsent->fts_parent->fts_pathlen, &list) < 0) + continue; + + kmod_list_foreach(l, list) { + _cleanup_kmod_module_unref_ struct kmod_module *mod = kmod_module_get_module(l); + const char *name = kmod_module_get_name(mod); + Hashmap *suppliers = hashmap_get(modules_suppliers, name); + if (suppliers == NULL) { + suppliers = hashmap_new(string_hash_func, string_compare_func); + hashmap_put(modules_suppliers, strdup(name), suppliers); + } + + find_suppliers_for_sys_node(ctx, suppliers, ftsent->fts_parent->fts_path, ftsent->fts_parent->fts_pathlen); + } + } + } +} + +static Hashmap *find_suppliers_paths_for_module(const char *module) +{ + return hashmap_get(modules_suppliers, module); +} + +static int install_dependent_module(struct kmod_ctx *ctx, struct kmod_module *mod, Hashmap *suppliers_paths, int *err) +{ + const char *path = NULL; + const char *name = NULL; + + path = kmod_module_get_path(mod); + + if (path == NULL) + return 0; + + if (check_hashmap(items_failed, path)) + return -1; + + if (check_hashmap(items, &path[kerneldirlen])) { + return 0; + } + + name = kmod_module_get_name(mod); + + if (arg_mod_filter_noname && (regexec(&mod_filter_noname, name, 0, NULL, 0) == 0)) { + return 0; + } + + *err = dracut_install(path, &path[kerneldirlen], false, false, true); + if (*err == 0) { + _cleanup_kmod_module_unref_list_ struct kmod_list *modlist = NULL; + _cleanup_kmod_module_unref_list_ struct kmod_list *modpre = NULL; + _cleanup_kmod_module_unref_list_ struct kmod_list *modpost = NULL; + log_debug("dracut_install '%s' '%s' OK", path, &path[kerneldirlen]); + install_firmware(mod); + modlist = kmod_module_get_dependencies(mod); + *err = install_dependent_modules(ctx, modlist, suppliers_paths); + if (*err == 0) { + *err = kmod_module_get_softdeps(mod, &modpre, &modpost); + if (*err == 0) { + int r; + *err = install_dependent_modules(ctx, modpre, NULL); + r = install_dependent_modules(ctx, modpost, NULL); + *err = *err ? : r; + } + } + } else { + log_error("dracut_install '%s' '%s' ERROR", path, &path[kerneldirlen]); + } + + return 0; +} + +static int install_dependent_modules(struct kmod_ctx *ctx, struct kmod_list *modlist, Hashmap *suppliers_paths) +{ + struct kmod_list *itr = NULL; + int ret = 0; + + kmod_list_foreach(itr, modlist) { + _cleanup_kmod_module_unref_ struct kmod_module *mod = NULL; + mod = kmod_module_get_module(itr); + if (install_dependent_module(ctx, mod, find_suppliers_paths_for_module(kmod_module_get_name(mod)), &ret)) + return -1; + } + + const char *supplier_path; + Iterator i; + HASHMAP_FOREACH(supplier_path, suppliers_paths, i) { + if (check_hashmap(processed_suppliers, supplier_path)) + continue; + + char *path = strdup(supplier_path); + hashmap_put(processed_suppliers, path, path); + + _cleanup_destroy_hashmap_ Hashmap *modules = hashmap_new(string_hash_func, string_compare_func); + find_modules_from_sysfs_node(ctx, supplier_path, modules); + + _cleanup_destroy_hashmap_ Hashmap *suppliers = hashmap_new(string_hash_func, string_compare_func); + find_suppliers_for_sys_node(ctx, suppliers, supplier_path, strlen(supplier_path)); + + if (!hashmap_isempty(modules)) { // Supplier is a module + const char *module; + Iterator j; + HASHMAP_FOREACH(module, modules, j) { + _cleanup_kmod_module_unref_ struct kmod_module *mod = NULL; + if (!kmod_module_new_from_name(ctx, module, &mod)) { + if (install_dependent_module(ctx, mod, suppliers, &ret)) + return -1; + } + } + } else { // Supplier is builtin + install_dependent_modules(ctx, NULL, suppliers); + } + } + + return ret; +} + +static int install_module(struct kmod_ctx *ctx, struct kmod_module *mod) +{ + int ret = 0; + _cleanup_kmod_module_unref_list_ struct kmod_list *modlist = NULL; + _cleanup_kmod_module_unref_list_ struct kmod_list *modpre = NULL; + _cleanup_kmod_module_unref_list_ struct kmod_list *modpost = NULL; + const char *path = NULL; + const char *name = NULL; + + name = kmod_module_get_name(mod); + + path = kmod_module_get_path(mod); + if (!path) { + log_debug("dracut_install '%s' is a builtin kernel module", name); + return 0; + } + + if (arg_mod_filter_noname && (regexec(&mod_filter_noname, name, 0, NULL, 0) == 0)) { + log_debug("dracut_install '%s' is excluded", name); + return 0; + } + + if (arg_hostonly && !check_hashmap(modules_loaded, name)) { + log_debug("dracut_install '%s' not hostonly", name); + return 0; + } + + if (check_hashmap(items_failed, path)) + return -1; + + if (check_hashmap(items, path)) + return 0; + + if (!check_module_path(path) || !check_module_symbols(mod)) { + log_debug("No symbol or path match for '%s'", path); + return 1; + } + + log_debug("dracut_install '%s' '%s'", path, &path[kerneldirlen]); + + ret = dracut_install(path, &path[kerneldirlen], false, false, true); + if (ret == 0) { + log_debug("dracut_install '%s' OK", kmod_module_get_name(mod)); + } else if (!arg_optional) { + if (!arg_silent) + log_error("dracut_install '%s' ERROR", kmod_module_get_name(mod)); + return ret; + } + install_firmware(mod); + + Hashmap *suppliers = find_suppliers_paths_for_module(name); + modlist = kmod_module_get_dependencies(mod); + ret = install_dependent_modules(ctx, modlist, suppliers); + + if (ret == 0) { + ret = kmod_module_get_softdeps(mod, &modpre, &modpost); + if (ret == 0) { + int r; + ret = install_dependent_modules(ctx, modpre, NULL); + r = install_dependent_modules(ctx, modpost, NULL); + ret = ret ? : r; + } + } + + return ret; +} + +static int modalias_list(struct kmod_ctx *ctx) +{ + int err; + struct kmod_list *loaded_list = NULL; + struct kmod_list *l = NULL; + struct kmod_list *itr = NULL; + _cleanup_fts_close_ FTS *fts = NULL; + + { + char *paths[] = { "/sys/devices", NULL }; + fts = fts_open(paths, FTS_NOCHDIR | FTS_NOSTAT, NULL); + } + for (FTSENT *ftsent = fts_read(fts); ftsent != NULL; ftsent = fts_read(fts)) { + _cleanup_fclose_ FILE *f = NULL; + _cleanup_kmod_module_unref_list_ struct kmod_list *list = NULL; + + int err; + + char alias[2048] = {0}; + size_t len; + + if (strncmp("modalias", ftsent->fts_name, 8) != 0) + continue; + if (!(f = fopen(ftsent->fts_accpath, "r"))) + continue; + + if (!fgets(alias, sizeof(alias), f)) + continue; + + len = strlen(alias); + + if (len == 0) + continue; + + if (alias[len - 1] == '\n') + alias[len - 1] = 0; + + err = kmod_module_new_from_lookup(ctx, alias, &list); + if (err < 0) + continue; + + kmod_list_foreach(l, list) { + struct kmod_module *mod = kmod_module_get_module(l); + char *name = strdup(kmod_module_get_name(mod)); + kmod_module_unref(mod); + hashmap_put(modules_loaded, name, name); + } + } + + err = kmod_module_new_from_loaded(ctx, &loaded_list); + if (err < 0) { + errno = err; + log_error("Could not get list of loaded modules: %m. Switching to non-hostonly mode."); + arg_hostonly = false; + } else { + kmod_list_foreach(itr, loaded_list) { + _cleanup_kmod_module_unref_list_ struct kmod_list *modlist = NULL; + + struct kmod_module *mod = kmod_module_get_module(itr); + char *name = strdup(kmod_module_get_name(mod)); + hashmap_put(modules_loaded, name, name); + kmod_module_unref(mod); + + /* also put the modules from the new kernel in the hashmap, + * which resolve the name as an alias, in case a kernel module is + * renamed. + */ + err = kmod_module_new_from_lookup(ctx, name, &modlist); + if (err < 0) + continue; + if (!modlist) + continue; + kmod_list_foreach(l, modlist) { + mod = kmod_module_get_module(l); + char *name = strdup(kmod_module_get_name(mod)); + hashmap_put(modules_loaded, name, name); + kmod_module_unref(mod); + } + } + kmod_module_unref_list(loaded_list); + } + return 0; +} + +static int install_modules(int argc, char **argv) +{ + _cleanup_kmod_unref_ struct kmod_ctx *ctx = NULL; + struct kmod_list *itr = NULL; + + struct kmod_module *mod = NULL, *mod_o = NULL; + + const char *abskpath = NULL; + char *p; + int i; + int modinst = 0; + + ctx = kmod_new(kerneldir, NULL); + abskpath = kmod_get_dirname(ctx); + + p = strstr(abskpath, "/lib/modules/"); + if (p != NULL) + kerneldirlen = p - abskpath; + + modules_suppliers = hashmap_new(string_hash_func, string_compare_func); + find_suppliers(ctx); + + if (arg_hostonly) { + char *modalias_file; + modalias_file = getenv("DRACUT_KERNEL_MODALIASES"); + + if (modalias_file == NULL) { + modalias_list(ctx); + } else { + _cleanup_fclose_ FILE *f = NULL; + if ((f = fopen(modalias_file, "r"))) { + char name[2048]; + + while (!feof(f)) { + size_t len; + char *dupname = NULL; + + if (!(fgets(name, sizeof(name), f))) + continue; + len = strlen(name); + + if (len == 0) + continue; + + if (name[len - 1] == '\n') + name[len - 1] = 0; + + log_debug("Adding module '%s' to hostonly module list", name); + dupname = strdup(name); + hashmap_put(modules_loaded, dupname, dupname); + } + } + } + + } + + for (i = 0; i < argc; i++) { + int r = 0; + int ret = -1; + log_debug("Handle module '%s'", argv[i]); + + if (argv[i][0] == '/') { + _cleanup_kmod_module_unref_list_ struct kmod_list *modlist = NULL; + _cleanup_free_ const char *modname = NULL; + + r = kmod_module_new_from_path(ctx, argv[i], &mod_o); + if (r < 0) { + log_debug("Failed to lookup modules path '%s': %m", argv[i]); + if (!arg_optional) + return -ENOENT; + continue; + } + /* Check, if we have to load another module with that name instead */ + modname = strdup(kmod_module_get_name(mod_o)); + + if (!modname) { + if (!arg_optional) { + if (!arg_silent) + log_error("Failed to get name for module '%s'", argv[i]); + return -ENOENT; + } + log_info("Failed to get name for module '%s'", argv[i]); + continue; + } + + r = kmod_module_new_from_lookup(ctx, modname, &modlist); + kmod_module_unref(mod_o); + mod_o = NULL; + + if (r < 0) { + if (!arg_optional) { + if (!arg_silent) + log_error("3 Failed to lookup alias '%s': %d", modname, r); + return -ENOENT; + } + log_info("3 Failed to lookup alias '%s': %d", modname, r); + continue; + } + if (!modlist) { + if (!arg_optional) { + if (!arg_silent) + log_error("Failed to find module '%s' %s", modname, argv[i]); + return -ENOENT; + } + log_info("Failed to find module '%s' %s", modname, argv[i]); + continue; + } + kmod_list_foreach(itr, modlist) { + mod = kmod_module_get_module(itr); + r = install_module(ctx, mod); + kmod_module_unref(mod); + if ((r < 0) && !arg_optional) { + if (!arg_silent) + log_error("ERROR: installing module '%s'", modname); + return -ENOENT; + }; + ret = (ret == 0 ? 0 : r); + modinst = 1; + } + } else if (argv[i][0] == '=') { + _cleanup_free_ char *path1 = NULL, *path2 = NULL, *path3 = NULL; + _cleanup_fts_close_ FTS *fts = NULL; + + log_debug("Handling =%s", &argv[i][1]); + /* FIXME and add more paths */ + _asprintf(&path2, "%s/kernel/%s", kerneldir, &argv[i][1]); + _asprintf(&path1, "%s/extra/%s", kerneldir, &argv[i][1]); + _asprintf(&path3, "%s/updates/%s", kerneldir, &argv[i][1]); + + { + char *paths[] = { path1, path2, path3, NULL }; + fts = fts_open(paths, FTS_COMFOLLOW | FTS_NOCHDIR | FTS_NOSTAT | FTS_LOGICAL, NULL); + } + + for (FTSENT *ftsent = fts_read(fts); ftsent != NULL; ftsent = fts_read(fts)) { + _cleanup_kmod_module_unref_list_ struct kmod_list *modlist = NULL; + _cleanup_free_ const char *modname = NULL; + + if ((ftsent->fts_info == FTS_D) && !check_module_path(ftsent->fts_accpath)) { + fts_set(fts, ftsent, FTS_SKIP); + log_debug("Skipping %s", ftsent->fts_accpath); + continue; + } + if ((ftsent->fts_info != FTS_F) && (ftsent->fts_info != FTS_SL)) { + log_debug("Ignoring %s", ftsent->fts_accpath); + continue; + } + log_debug("Handling %s", ftsent->fts_accpath); + r = kmod_module_new_from_path(ctx, ftsent->fts_accpath, &mod_o); + if (r < 0) { + log_debug("Failed to lookup modules path '%s': %m", ftsent->fts_accpath); + if (!arg_optional) { + return -ENOENT; + } + continue; + } + + /* Check, if we have to load another module with that name instead */ + modname = strdup(kmod_module_get_name(mod_o)); + + if (!modname) { + log_error("Failed to get name for module '%s'", ftsent->fts_accpath); + if (!arg_optional) { + return -ENOENT; + } + continue; + } + r = kmod_module_new_from_lookup(ctx, modname, &modlist); + kmod_module_unref(mod_o); + mod_o = NULL; + + if (r < 0) { + log_error("Failed to lookup alias '%s': %m", modname); + if (!arg_optional) { + return -ENOENT; + } + continue; + } + + if (!modlist) { + log_error("Failed to find module '%s' %s", modname, ftsent->fts_accpath); + if (!arg_optional) { + return -ENOENT; + } + continue; + } + kmod_list_foreach(itr, modlist) { + mod = kmod_module_get_module(itr); + r = install_module(ctx, mod); + kmod_module_unref(mod); + if ((r < 0) && !arg_optional) { + if (!arg_silent) + log_error("ERROR: installing module '%s'", modname); + return -ENOENT; + }; + ret = (ret == 0 ? 0 : r); + modinst = 1; + } + } + if (errno) { + log_error("FTS ERROR: %m"); + } + } else { + _cleanup_kmod_module_unref_list_ struct kmod_list *modlist = NULL; + char *modname = argv[i]; + + if (endswith(modname, ".ko")) { + int len = strlen(modname); + modname[len - 3] = 0; + } + if (endswith(modname, ".ko.xz") || endswith(modname, ".ko.gz")) { + int len = strlen(modname); + modname[len - 6] = 0; + } + if (endswith(modname, ".ko.zst")) { + int len = strlen(modname); + modname[len - 7] = 0; + } + r = kmod_module_new_from_lookup(ctx, modname, &modlist); + if (r < 0) { + if (!arg_optional) { + if (!arg_silent) + log_error("Failed to lookup alias '%s': %m", modname); + return -ENOENT; + } + log_info("Failed to lookup alias '%s': %m", modname); + continue; + } + if (!modlist) { + if (!arg_optional) { + if (!arg_silent) + log_error("Failed to find module '%s'", modname); + return -ENOENT; + } + log_info("Failed to find module '%s'", modname); + continue; + } + kmod_list_foreach(itr, modlist) { + mod = kmod_module_get_module(itr); + r = install_module(ctx, mod); + kmod_module_unref(mod); + if ((r < 0) && !arg_optional) { + if (!arg_silent) + log_error("ERROR: installing '%s'", argv[i]); + return -ENOENT; + }; + ret = (ret == 0 ? 0 : r); + modinst = 1; + } + } + + if ((modinst != 0) && (ret != 0) && (!arg_optional)) { + if (!arg_silent) + log_error("ERROR: installing '%s'", argv[i]); + return EXIT_FAILURE; + } + } + + return EXIT_SUCCESS; +} + +int main(int argc, char **argv) +{ + int r; + char *i; + char *path = NULL; + char *env_no_xattr = NULL; + + log_set_target(LOG_TARGET_CONSOLE); + log_parse_environment(); + log_open(); + + r = parse_argv(argc, argv); + if (r <= 0) + return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; + + modules_loaded = hashmap_new(string_hash_func, string_compare_func); + if (arg_modalias) { + Iterator i; + char *name; + _cleanup_kmod_unref_ struct kmod_ctx *ctx = NULL; + ctx = kmod_new(kerneldir, NULL); + + modalias_list(ctx); + HASHMAP_FOREACH(name, modules_loaded, i) { + printf("%s\n", name); + } + exit(0); + } + + log_debug("Program arguments:"); + for (r = 0; r < argc; r++) + log_debug("%s", argv[r]); + + path = getenv("DRACUT_INSTALL_PATH"); + if (path == NULL) + path = getenv("PATH"); + + if (path == NULL) { + log_error("PATH is not set"); + exit(EXIT_FAILURE); + } + + log_debug("PATH=%s", path); + + ldd = getenv("DRACUT_LDD"); + if (ldd == NULL) + ldd = "ldd"; + log_debug("LDD=%s", ldd); + + env_no_xattr = getenv("DRACUT_NO_XATTR"); + if (env_no_xattr != NULL) + no_xattr = true; + + pathdirs = strv_split(path, ":"); + + umask(0022); + + if (destrootdir == NULL || strlen(destrootdir) == 0) { + destrootdir = getenv("DESTROOTDIR"); + if (destrootdir == NULL || strlen(destrootdir) == 0) { + log_error("Environment DESTROOTDIR or argument -D is not set!"); + usage(EXIT_FAILURE); + } + } + + if (strcmp(destrootdir, "/") == 0) { + log_error("Environment DESTROOTDIR or argument -D is set to '/'!"); + usage(EXIT_FAILURE); + } + + i = destrootdir; + if (!(destrootdir = realpath(i, NULL))) { + log_error("Environment DESTROOTDIR or argument -D is set to '%s': %m", i); + r = EXIT_FAILURE; + goto finish2; + } + + items = hashmap_new(string_hash_func, string_compare_func); + items_failed = hashmap_new(string_hash_func, string_compare_func); + processed_suppliers = hashmap_new(string_hash_func, string_compare_func); + + if (!items || !items_failed || !processed_suppliers || !modules_loaded) { + log_error("Out of memory"); + r = EXIT_FAILURE; + goto finish1; + } + + if (logdir) { + _asprintf(&logfile, "%s/%d.log", logdir, getpid()); + + logfile_f = fopen(logfile, "a"); + if (logfile_f == NULL) { + log_error("Could not open %s for logging: %m", logfile); + r = EXIT_FAILURE; + goto finish1; + } + } + + r = EXIT_SUCCESS; + + if (((optind + 1) < argc) && (strcmp(argv[optind + 1], destrootdir) == 0)) { + /* ugly hack for compat mode "inst src $destrootdir" */ + if ((optind + 2) == argc) { + argc--; + } else { + /* ugly hack for compat mode "inst src $destrootdir dst" */ + if ((optind + 3) == argc) { + argc--; + argv[optind + 1] = argv[optind + 2]; + } + } + } + + if (arg_module) { + r = install_modules(argc - optind, &argv[optind]); + } else if (arg_resolvelazy) { + r = resolve_lazy(argc - optind, &argv[optind]); + } else if (arg_all || (argc - optind > 2) || ((argc - optind) == 1)) { + r = install_all(argc - optind, &argv[optind]); + } else { + /* simple "inst src dst" */ + r = install_one(argv[optind], argv[optind + 1]); + } + + if (arg_optional) + r = EXIT_SUCCESS; + +finish1: + free(destrootdir); +finish2: + if (logfile_f) + fclose(logfile_f); + + while ((i = hashmap_steal_first(modules_loaded))) + item_free(i); + + while ((i = hashmap_steal_first(items))) + item_free(i); + + while ((i = hashmap_steal_first(items_failed))) + item_free(i); + + Hashmap *h; + while ((h = hashmap_steal_first(modules_suppliers))) { + while ((i = hashmap_steal_first(h))) { + item_free(i); + } + hashmap_free(h); + } + + while ((i = hashmap_steal_first(processed_suppliers))) + item_free(i); + + hashmap_free(items); + hashmap_free(items_failed); + hashmap_free(modules_loaded); + hashmap_free(modules_suppliers); + hashmap_free(processed_suppliers); + + strv_free(firmwaredirs); + strv_free(pathdirs); + return r; +} diff --git a/src/install/hashmap.c b/src/install/hashmap.c new file mode 100644 index 0000000..ff0f681 --- /dev/null +++ b/src/install/hashmap.c @@ -0,0 +1,658 @@ +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <assert.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> + +#include "util.h" +#include "hashmap.h" +#include "macro.h" + +#define NBUCKETS 127 + +struct hashmap_entry { + const void *key; + void *value; + struct hashmap_entry *bucket_next, *bucket_previous; + struct hashmap_entry *iterate_next, *iterate_previous; +}; + +struct Hashmap { + hash_func_t hash_func; + compare_func_t compare_func; + + struct hashmap_entry *iterate_list_head, *iterate_list_tail; + unsigned int n_entries; +}; + +#define BY_HASH(h) ((struct hashmap_entry**) ((uint8_t*) (h) + ALIGN(sizeof(Hashmap)))) + +unsigned int string_hash_func(const void *p) +{ + unsigned int hash = 5381; + const signed char *c; + + /* DJB's hash function */ + + for (c = p; *c; c++) + hash = (hash << 5) + hash + (unsigned int)*c; + + return hash; +} + +int string_compare_func(const void *a, const void *b) +{ + return strcmp(a, b); +} + +unsigned int trivial_hash_func(const void *p) +{ + return PTR_TO_UINT(p); +} + +int trivial_compare_func(const void *a, const void *b) +{ + return a < b ? -1 : (a > b ? 1 : 0); +} + +Hashmap *hashmap_new(hash_func_t hash_func, compare_func_t compare_func) +{ + Hashmap *h; + size_t size; + + size = ALIGN(sizeof(Hashmap)) + NBUCKETS * sizeof(struct hashmap_entry *); + + h = malloc0(size); + + if (!h) + return NULL; + + h->hash_func = hash_func ? hash_func : trivial_hash_func; + h->compare_func = compare_func ? compare_func : trivial_compare_func; + + h->n_entries = 0; + h->iterate_list_head = h->iterate_list_tail = NULL; + + return h; +} + +int hashmap_ensure_allocated(Hashmap **h, hash_func_t hash_func, compare_func_t compare_func) +{ + assert(h); + + if (*h) + return 0; + + if (!(*h = hashmap_new(hash_func, compare_func))) + return -ENOMEM; + + return 0; +} + +static void link_entry(Hashmap *h, struct hashmap_entry *e, unsigned int hash) +{ + assert(h); + assert(e); + + /* Insert into hash table */ + e->bucket_next = BY_HASH(h)[hash]; + e->bucket_previous = NULL; + if (BY_HASH(h)[hash]) + BY_HASH(h)[hash]->bucket_previous = e; + BY_HASH(h)[hash] = e; + + /* Insert into iteration list */ + e->iterate_previous = h->iterate_list_tail; + e->iterate_next = NULL; + if (h->iterate_list_tail) { + assert(h->iterate_list_head); + h->iterate_list_tail->iterate_next = e; + } else { + assert(!h->iterate_list_head); + h->iterate_list_head = e; + } + h->iterate_list_tail = e; + + h->n_entries++; + assert(h->n_entries >= 1); +} + +static void unlink_entry(Hashmap *h, struct hashmap_entry *e, unsigned int hash) +{ + assert(h); + assert(e); + + /* Remove from iteration list */ + if (e->iterate_next) + e->iterate_next->iterate_previous = e->iterate_previous; + else + h->iterate_list_tail = e->iterate_previous; + + if (e->iterate_previous) + e->iterate_previous->iterate_next = e->iterate_next; + else + h->iterate_list_head = e->iterate_next; + + /* Remove from hash table bucket list */ + if (e->bucket_next) + e->bucket_next->bucket_previous = e->bucket_previous; + + if (e->bucket_previous) + e->bucket_previous->bucket_next = e->bucket_next; + else + BY_HASH(h)[hash] = e->bucket_next; + + assert(h->n_entries >= 1); + h->n_entries--; +} + +static void remove_entry(Hashmap *h, struct hashmap_entry **ep) +{ + struct hashmap_entry *e = *ep; + unsigned int hash; + + assert(h); + assert(e); + + hash = h->hash_func(e->key) % NBUCKETS; + + unlink_entry(h, e, hash); + + free(e); + *ep = NULL; +} + +void hashmap_free(Hashmap *h) +{ + + if (!h) + return; + + hashmap_clear(h); + + free(h); +} + +void hashmap_free_free(Hashmap *h) +{ + void *p; + + while ((p = hashmap_steal_first(h))) + free(p); + + hashmap_free(h); +} + +void hashmap_clear(Hashmap *h) +{ + if (!h) + return; + + while (h->iterate_list_head) { + struct hashmap_entry *e = h->iterate_list_head; + remove_entry(h, &e); + } +} + +static struct hashmap_entry *hash_scan(Hashmap *h, unsigned int hash, const void *key) +{ + struct hashmap_entry *e; + assert(h); + assert(hash < NBUCKETS); + + for (e = BY_HASH(h)[hash]; e; e = e->bucket_next) + if (h->compare_func(e->key, key) == 0) + return e; + + return NULL; +} + +int hashmap_put(Hashmap *h, const void *key, void *value) +{ + struct hashmap_entry *e; + unsigned int hash; + + assert(h); + + hash = h->hash_func(key) % NBUCKETS; + + if ((e = hash_scan(h, hash, key))) { + + if (e->value == value) + return 0; + + return -EEXIST; + } + + e = new(struct hashmap_entry, 1); + + if (!e) + return -ENOMEM; + + e->key = key; + e->value = value; + + link_entry(h, e, hash); + + return 1; +} + +int hashmap_replace(Hashmap *h, const void *key, void *value) +{ + struct hashmap_entry *e; + unsigned int hash; + + assert(h); + + hash = h->hash_func(key) % NBUCKETS; + + if ((e = hash_scan(h, hash, key))) { + e->key = key; + e->value = value; + return 0; + } + + return hashmap_put(h, key, value); +} + +void *hashmap_get(Hashmap *h, const void *key) +{ + unsigned int hash; + struct hashmap_entry *e; + + if (!h) + return NULL; + + hash = h->hash_func(key) % NBUCKETS; + + if (!(e = hash_scan(h, hash, key))) + return NULL; + + return e->value; +} + +void *hashmap_remove(Hashmap *h, const void *key) +{ + struct hashmap_entry *e; + unsigned int hash; + void *data; + + if (!h) + return NULL; + + hash = h->hash_func(key) % NBUCKETS; + + if (!(e = hash_scan(h, hash, key))) + return NULL; + + data = e->value; + remove_entry(h, &e); + + return data; +} + +int hashmap_remove_and_put(Hashmap *h, const void *old_key, const void *new_key, void *value) +{ + struct hashmap_entry *e; + unsigned int old_hash, new_hash; + + if (!h) + return -ENOENT; + + old_hash = h->hash_func(old_key) % NBUCKETS; + if (!(e = hash_scan(h, old_hash, old_key))) + return -ENOENT; + + new_hash = h->hash_func(new_key) % NBUCKETS; + if (hash_scan(h, new_hash, new_key)) + return -EEXIST; + + unlink_entry(h, e, old_hash); + + e->key = new_key; + e->value = value; + + link_entry(h, e, new_hash); + + return 0; +} + +int hashmap_remove_and_replace(Hashmap *h, const void *old_key, const void *new_key, void *value) +{ + struct hashmap_entry *e, *k; + unsigned int old_hash, new_hash; + + if (!h) + return -ENOENT; + + old_hash = h->hash_func(old_key) % NBUCKETS; + if (!(e = hash_scan(h, old_hash, old_key))) + return -ENOENT; + + new_hash = h->hash_func(new_key) % NBUCKETS; + + if ((k = hash_scan(h, new_hash, new_key))) + if (e != k) + remove_entry(h, &k); + + unlink_entry(h, e, old_hash); + + e->key = new_key; + e->value = value; + + link_entry(h, e, new_hash); + + return 0; +} + +void *hashmap_remove_value(Hashmap *h, const void *key, void *value) +{ + struct hashmap_entry *e; + unsigned int hash; + + if (!h) + return NULL; + + hash = h->hash_func(key) % NBUCKETS; + + if (!(e = hash_scan(h, hash, key))) + return NULL; + + if (e->value != value) + return NULL; + + remove_entry(h, &e); + + return value; +} + +void *hashmap_iterate(Hashmap *h, Iterator *i, const void **key) +{ + struct hashmap_entry *e; + + assert(i); + + if (!h) + goto at_end; + + if (*i == ITERATOR_LAST) + goto at_end; + + if (*i == ITERATOR_FIRST && !h->iterate_list_head) + goto at_end; + + e = *i == ITERATOR_FIRST ? h->iterate_list_head : (struct hashmap_entry *)*i; + + if (e->iterate_next) + *i = (Iterator) e->iterate_next; + else + *i = ITERATOR_LAST; + + if (key) + *key = e->key; + + return e->value; + +at_end: + *i = ITERATOR_LAST; + + if (key) + *key = NULL; + + return NULL; +} + +void *hashmap_iterate_backwards(Hashmap *h, Iterator *i, const void **key) +{ + struct hashmap_entry *e; + + assert(i); + + if (!h) + goto at_beginning; + + if (*i == ITERATOR_FIRST) + goto at_beginning; + + if (*i == ITERATOR_LAST && !h->iterate_list_tail) + goto at_beginning; + + e = *i == ITERATOR_LAST ? h->iterate_list_tail : (struct hashmap_entry *)*i; + + if (e->iterate_previous) + *i = (Iterator) e->iterate_previous; + else + *i = ITERATOR_FIRST; + + if (key) + *key = e->key; + + return e->value; + +at_beginning: + *i = ITERATOR_FIRST; + + if (key) + *key = NULL; + + return NULL; +} + +void *hashmap_iterate_skip(Hashmap *h, const void *key, Iterator *i) +{ + unsigned int hash; + struct hashmap_entry *e; + + if (!h) + return NULL; + + hash = h->hash_func(key) % NBUCKETS; + + if (!(e = hash_scan(h, hash, key))) + return NULL; + + *i = (Iterator) e; + + return e->value; +} + +void *hashmap_first(Hashmap *h) +{ + + if (!h) + return NULL; + + if (!h->iterate_list_head) + return NULL; + + return h->iterate_list_head->value; +} + +void *hashmap_first_key(Hashmap *h) +{ + + if (!h) + return NULL; + + if (!h->iterate_list_head) + return NULL; + + return (void *)h->iterate_list_head->key; +} + +void *hashmap_last(Hashmap *h) +{ + + if (!h) + return NULL; + + if (!h->iterate_list_tail) + return NULL; + + return h->iterate_list_tail->value; +} + +void *hashmap_steal_first(Hashmap *h) +{ + struct hashmap_entry *e; + void *data; + + if (!h) + return NULL; + + if (!h->iterate_list_head) + return NULL; + + e = h->iterate_list_head; + data = e->value; + remove_entry(h, &e); + + return data; +} + +void *hashmap_steal_first_key(Hashmap *h) +{ + struct hashmap_entry *e; + void *key; + + if (!h) + return NULL; + + if (!h->iterate_list_head) + return NULL; + + e = h->iterate_list_head; + key = (void *)e->key; + remove_entry(h, &e); + + return key; +} + +unsigned int hashmap_size(Hashmap *h) +{ + + if (!h) + return 0; + + return h->n_entries; +} + +bool hashmap_isempty(Hashmap *h) +{ + + if (!h) + return true; + + return h->n_entries == 0; +} + +int hashmap_merge(Hashmap *h, Hashmap *other) +{ + struct hashmap_entry *e; + + assert(h); + + if (!other) + return 0; + + for (e = other->iterate_list_head; e; e = e->iterate_next) { + int r; + + if ((r = hashmap_put(h, e->key, e->value)) < 0) + if (r != -EEXIST) + return r; + } + + return 0; +} + +void hashmap_move(Hashmap *h, Hashmap *other) +{ + struct hashmap_entry *e, *n; + + assert(h); + + /* The same as hashmap_merge(), but every new item from other + * is moved to h. This function is guaranteed to succeed. */ + + if (!other) + return; + + for (e = other->iterate_list_head; e; e = n) { + unsigned int h_hash, other_hash; + + n = e->iterate_next; + + h_hash = h->hash_func(e->key) % NBUCKETS; + + if (hash_scan(h, h_hash, e->key)) + continue; + + other_hash = other->hash_func(e->key) % NBUCKETS; + + unlink_entry(other, e, other_hash); + link_entry(h, e, h_hash); + } +} + +int hashmap_move_one(Hashmap *h, Hashmap *other, const void *key) +{ + unsigned int h_hash, other_hash; + struct hashmap_entry *e; + + if (!other) + return 0; + + assert(h); + + h_hash = h->hash_func(key) % NBUCKETS; + if (hash_scan(h, h_hash, key)) + return -EEXIST; + + other_hash = other->hash_func(key) % NBUCKETS; + if (!(e = hash_scan(other, other_hash, key))) + return -ENOENT; + + unlink_entry(other, e, other_hash); + link_entry(h, e, h_hash); + + return 0; +} + +char **hashmap_get_strv(Hashmap *h) +{ + char **sv; + Iterator it; + char *item; + int n; + + sv = new(char *, h->n_entries + 1); + if (!sv) + return NULL; + + n = 0; + HASHMAP_FOREACH(item, h, it) { + sv[n++] = item; + } + sv[n] = NULL; + + return sv; +} diff --git a/src/install/hashmap.h b/src/install/hashmap.h new file mode 100644 index 0000000..2537c49 --- /dev/null +++ b/src/install/hashmap.h @@ -0,0 +1,88 @@ +#ifndef foohashmaphfoo +#define foohashmaphfoo + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <stdbool.h> + +/* Pretty straightforward hash table implementation. As a minor + * optimization a NULL hashmap object will be treated as empty hashmap + * for all read operations. That way it is not necessary to + * instantiate an object for each Hashmap use. */ + +typedef struct Hashmap Hashmap; +typedef struct _IteratorStruct _IteratorStruct; +typedef _IteratorStruct *Iterator; + +#define ITERATOR_FIRST ((Iterator) 0) +#define ITERATOR_LAST ((Iterator) -1) + +typedef unsigned int (*hash_func_t)(const void *p); +typedef int (*compare_func_t)(const void *a, const void *b); + +unsigned int string_hash_func(const void *p); +int string_compare_func(const void *a, const void *b); + +unsigned int trivial_hash_func(const void *p); +int trivial_compare_func(const void *a, const void *b); + +Hashmap *hashmap_new(hash_func_t hash_func, compare_func_t compare_func); +void hashmap_free(Hashmap *h); +void hashmap_free_free(Hashmap *h); +int hashmap_ensure_allocated(Hashmap **h, hash_func_t hash_func, compare_func_t compare_func); + +int hashmap_put(Hashmap *h, const void *key, void *value); +int hashmap_replace(Hashmap *h, const void *key, void *value); +void *hashmap_get(Hashmap *h, const void *key); +void *hashmap_remove(Hashmap *h, const void *key); +void *hashmap_remove_value(Hashmap *h, const void *key, void *value); +int hashmap_remove_and_put(Hashmap *h, const void *old_key, const void *new_key, void *value); +int hashmap_remove_and_replace(Hashmap *h, const void *old_key, const void *new_key, void *value); + +int hashmap_merge(Hashmap *h, Hashmap *other); +void hashmap_move(Hashmap *h, Hashmap *other); +int hashmap_move_one(Hashmap *h, Hashmap *other, const void *key); + +unsigned int hashmap_size(Hashmap *h); +bool hashmap_isempty(Hashmap *h); + +void *hashmap_iterate(Hashmap *h, Iterator *i, const void **key); +void *hashmap_iterate_backwards(Hashmap *h, Iterator *i, const void **key); +void *hashmap_iterate_skip(Hashmap *h, const void *key, Iterator *i); + +void hashmap_clear(Hashmap *h); +void *hashmap_steal_first(Hashmap *h); +void *hashmap_steal_first_key(Hashmap *h); +void *hashmap_first(Hashmap *h); +void *hashmap_first_key(Hashmap *h); +void *hashmap_last(Hashmap *h); + +char **hashmap_get_strv(Hashmap *h); + +#define HASHMAP_FOREACH(e, h, i) \ + for ((i) = ITERATOR_FIRST, (e) = hashmap_iterate((h), &(i), NULL); (e); (e) = hashmap_iterate((h), &(i), NULL)) + +#define HASHMAP_FOREACH_KEY(e, k, h, i) \ + for ((i) = ITERATOR_FIRST, (e) = hashmap_iterate((h), &(i), (const void**) &(k)); (e); (e) = hashmap_iterate((h), &(i), (const void**) &(k))) + +#define HASHMAP_FOREACH_BACKWARDS(e, h, i) \ + for ((i) = ITERATOR_LAST, (e) = hashmap_iterate_backwards((h), &(i), NULL); (e); (e) = hashmap_iterate_backwards((h), &(i), NULL)) + +#endif diff --git a/src/install/log.c b/src/install/log.c new file mode 100644 index 0000000..f5ba54e --- /dev/null +++ b/src/install/log.c @@ -0,0 +1,303 @@ +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <stdarg.h> +#include <stdio.h> +#include <errno.h> +#include <unistd.h> +#include <fcntl.h> +#include <sys/socket.h> +#include <sys/un.h> +#include <stddef.h> + +#include "log.h" +#include "util.h" +#include "macro.h" + +#define SNDBUF_SIZE (8*1024*1024) + +static LogTarget log_target = LOG_TARGET_CONSOLE; +static int log_max_level = LOG_WARNING; +static int log_facility = LOG_DAEMON; + +static int console_fd = STDERR_FILENO; + +static bool show_location = false; + +/* Akin to glibc's __abort_msg; which is private and we hence cannot + * use here. */ +static char *log_abort_msg = NULL; + +void log_close_console(void) +{ + + if (console_fd < 0) + return; + + if (getpid() == 1) { + if (console_fd >= 3) + close_nointr_nofail(console_fd); + + console_fd = -1; + } +} + +static int log_open_console(void) +{ + + if (console_fd >= 0) + return 0; + + if (getpid() == 1) { + + console_fd = open_terminal("/dev/console", O_WRONLY | O_NOCTTY | O_CLOEXEC); + if (console_fd < 0) { + log_error("Failed to open /dev/console for logging: %s", strerror(-console_fd)); + return console_fd; + } + + log_debug("Successfully opened /dev/console for logging."); + } else + console_fd = STDERR_FILENO; + + return 0; +} + +int log_open(void) +{ + return log_open_console(); +} + +void log_close(void) +{ + log_close_console(); +} + +void log_set_max_level(int level) +{ + assert((level & LOG_PRIMASK) == level); + + log_max_level = level; +} + +void log_set_facility(int facility) +{ + log_facility = facility; +} + +static int write_to_console(int level, const char *file, unsigned int line, const char *func, const char *buffer) +{ + struct iovec iovec[5]; + unsigned int n = 0; + + // might be useful going ahead + UNUSED(level); + + if (console_fd < 0) + return 0; + + zero(iovec); + + IOVEC_SET_STRING(iovec[n++], "dracut-install: "); + + if (show_location) { + char location[LINE_MAX] = {0}; + if (snprintf(location, sizeof(location), "(%s:%s:%u) ", file, func, line) <= 0) + return -errno; + IOVEC_SET_STRING(iovec[n++], location); + } + + IOVEC_SET_STRING(iovec[n++], buffer); + IOVEC_SET_STRING(iovec[n++], "\n"); + + if (writev(console_fd, iovec, n) < 0) + return -errno; + + return 1; +} + +static int log_dispatch(int level, const char *file, unsigned int line, const char *func, char *buffer) +{ + + int r = 0; + + if (log_target == LOG_TARGET_NULL) + return 0; + + /* Patch in LOG_DAEMON facility if necessary */ + if ((level & LOG_FACMASK) == 0) + level = log_facility | LOG_PRI(level); + + do { + char *e; + int k = 0; + + buffer += strspn(buffer, NEWLINE); + + if (buffer[0] == 0) + break; + + if ((e = strpbrk(buffer, NEWLINE))) + *(e++) = 0; + + k = write_to_console(level, file, line, func, buffer); + if (k < 0) + return k; + buffer = e; + } while (buffer); + + return r; +} + +int log_metav(int level, const char *file, unsigned int line, const char *func, const char *format, va_list ap) +{ + char buffer[LINE_MAX] = {0}; + int saved_errno, r; + + if (_likely_(LOG_PRI(level) > log_max_level)) + return 0; + + saved_errno = errno; + + r = vsnprintf(buffer, sizeof(buffer), format, ap); + if (r <= 0) { + goto end; + } + + char_array_0(buffer); + + r = log_dispatch(level, file, line, func, buffer); + +end: + errno = saved_errno; + return r; +} + +int log_meta(int level, const char *file, unsigned int line, const char *func, const char *format, ...) +{ + + int r; + va_list ap; + + va_start(ap, format); + r = log_metav(level, file, line, func, format, ap); + va_end(ap); + + return r; +} + +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wformat-nonliteral" +_noreturn_ static void log_assert(const char *text, const char *file, unsigned int line, const char *func, + const char *format) +{ + static char buffer[LINE_MAX]; + + if (snprintf(buffer, sizeof(buffer), format, text, file, line, func) > 0) { + char_array_0(buffer); + log_abort_msg = buffer; + log_dispatch(LOG_CRIT, file, line, func, buffer); + } + + abort(); +} + +#pragma GCC diagnostic pop + +_noreturn_ void log_assert_failed(const char *text, const char *file, unsigned int line, const char *func) +{ + log_assert(text, file, line, func, "Assertion '%s' failed at %s:%u, function %s(). Aborting."); +} + +_noreturn_ void log_assert_failed_unreachable(const char *text, const char *file, unsigned int line, const char *func) +{ + log_assert(text, file, line, func, "Code should not be reached '%s' at %s:%u, function %s(). Aborting."); +} + +void log_set_target(LogTarget target) +{ + assert(target >= 0); + assert(target < _LOG_TARGET_MAX); + + log_target = target; +} + +int log_set_target_from_string(const char *e) +{ + LogTarget t; + + t = log_target_from_string(e); + if (t < 0) + return -EINVAL; + + log_set_target(t); + return 0; +} + +int log_set_max_level_from_string(const char *e) +{ + int t; + + t = log_level_from_string(e); + if (t < 0) + return t; + + log_set_max_level(t); + return 0; +} + +void log_parse_environment(void) +{ + const char *e; + + if ((e = getenv("DRACUT_INSTALL_LOG_TARGET"))) { + if (log_set_target_from_string(e) < 0) + log_warning("Failed to parse log target %s. Ignoring.", e); + } else if ((e = getenv("DRACUT_LOG_TARGET"))) { + if (log_set_target_from_string(e) < 0) + log_warning("Failed to parse log target %s. Ignoring.", e); + } + + if ((e = getenv("DRACUT_INSTALL_LOG_LEVEL"))) { + if (log_set_max_level_from_string(e) < 0) + log_warning("Failed to parse log level %s. Ignoring.", e); + } else if ((e = getenv("DRACUT_LOG_LEVEL"))) { + if (log_set_max_level_from_string(e) < 0) + log_warning("Failed to parse log level %s. Ignoring.", e); + } +} + +LogTarget log_get_target(void) +{ + return log_target; +} + +int log_get_max_level(void) +{ + return log_max_level; +} + +static const char *const log_target_table[] = { + [LOG_TARGET_CONSOLE] = "console", + [LOG_TARGET_AUTO] = "auto", + [LOG_TARGET_SAFE] = "safe", + [LOG_TARGET_NULL] = "null" +}; + +DEFINE_STRING_TABLE_LOOKUP(log_target, LogTarget); diff --git a/src/install/log.h b/src/install/log.h new file mode 100644 index 0000000..08536f3 --- /dev/null +++ b/src/install/log.h @@ -0,0 +1,98 @@ +#ifndef foologhfoo +#define foologhfoo + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <syslog.h> +#include <stdbool.h> +#include <stdarg.h> + +#include "macro.h" + +typedef enum LogTarget { + LOG_TARGET_CONSOLE, + LOG_TARGET_KMSG, + LOG_TARGET_JOURNAL, + LOG_TARGET_JOURNAL_OR_KMSG, + LOG_TARGET_SYSLOG, + LOG_TARGET_SYSLOG_OR_KMSG, + LOG_TARGET_AUTO, /* console if stderr is tty, JOURNAL_OR_KMSG otherwise */ + LOG_TARGET_SAFE, /* console if stderr is tty, KMSG otherwise */ + LOG_TARGET_NULL, + _LOG_TARGET_MAX, + _LOG_TARGET_INVALID = -1 +} LogTarget; + +void log_set_target(LogTarget target); +void log_set_max_level(int level); +void log_set_facility(int facility); + +int log_set_target_from_string(const char *e); +int log_set_max_level_from_string(const char *e); + +void log_show_color(bool b); +void log_show_location(bool b); + +int log_show_color_from_string(const char *e); +int log_show_location_from_string(const char *e); + +LogTarget log_get_target(void); +int log_get_max_level(void); + +int log_open(void); +void log_close(void); +void log_forget_fds(void); + +void log_close_syslog(void); +void log_close_journal(void); +void log_close_kmsg(void); +void log_close_console(void); + +void log_parse_environment(void); + +int log_meta(int level, const char *file, unsigned int line, const char *func, + const char *format, ...) _printf_attr_(5, 6); + +int log_metav(int level, const char *file, unsigned int line, const char *func, const char *format, va_list ap); + +_noreturn_ void log_assert_failed(const char *text, const char *file, unsigned int line, const char *func); +_noreturn_ void log_assert_failed_unreachable(const char *text, const char *file, unsigned int line, const char *func); + +/* This modifies the buffer passed! */ +int log_dump_internal(int level, const char *file, int line, const char *func, char *buffer); + +#define log_full(level, ...) log_meta(level, __FILE__, __LINE__, __func__, __VA_ARGS__) + +#define log_debug(...) log_meta(LOG_DEBUG, __FILE__, __LINE__, __func__, __VA_ARGS__) +#define log_info(...) log_meta(LOG_INFO, __FILE__, __LINE__, __func__, __VA_ARGS__) +#define log_notice(...) log_meta(LOG_NOTICE, __FILE__, __LINE__, __func__, __VA_ARGS__) +#define log_warning(...) log_meta(LOG_WARNING, __FILE__, __LINE__, __func__, __VA_ARGS__) +#define log_error(...) log_meta(LOG_ERR, __FILE__, __LINE__, __func__, __VA_ARGS__) + +/* This modifies the buffer passed! */ +#define log_dump(level, buffer) log_dump_internal(level, __FILE__, __LINE__, __func__, buffer) + +const char *log_target_to_string(LogTarget target); +LogTarget log_target_from_string(const char *s); + +const char *log_level_to_string(int i); +int log_level_from_string(const char *s); + +#endif diff --git a/src/install/macro.h b/src/install/macro.h new file mode 100644 index 0000000..cc426c9 --- /dev/null +++ b/src/install/macro.h @@ -0,0 +1,299 @@ +#pragma once + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <assert.h> +#include <sys/param.h> +#include <sys/types.h> +#include <sys/uio.h> +#include <inttypes.h> + +#define _printf_attr_(a,b) __attribute__ ((format (printf, a, b))) +#define _sentinel_ __attribute__ ((sentinel)) +#define _noreturn_ __attribute__((noreturn)) +#define _unused_ __attribute__ ((unused)) +#define _destructor_ __attribute__ ((destructor)) +#define _pure_ __attribute__ ((pure)) +#define _const_ __attribute__ ((const)) +#define _deprecated_ __attribute__ ((deprecated)) +#define _packed_ __attribute__ ((packed)) +#define _malloc_ __attribute__ ((malloc)) +#define _weak_ __attribute__ ((weak)) +#define _likely_(x) (__builtin_expect(!!(x),1)) +#define _unlikely_(x) (__builtin_expect(!!(x),0)) +#define _public_ __attribute__ ((visibility("default"))) +#define _hidden_ __attribute__ ((visibility("hidden"))) +#define _weakref_(x) __attribute__((weakref(#x))) +#define _introspect_(x) __attribute__((section("introspect." x))) +#define _alignas_(x) __attribute__((aligned(__alignof(x)))) +#define _cleanup_(x) __attribute__((cleanup(x))) + +/* automake test harness */ +#define EXIT_TEST_SKIP 77 + +#define XSTRINGIFY(x) #x +#define STRINGIFY(x) XSTRINGIFY(x) + +/* Rounds up */ + +#define ALIGN4(l) (((l) + 3) & ~3) +#define ALIGN8(l) (((l) + 7) & ~7) + +#if __SIZEOF_POINTER__ == 8 +#define ALIGN(l) ALIGN8(l) +#elif __SIZEOF_POINTER__ == 4 +#define ALIGN(l) ALIGN4(l) +#else +#error "Wut? Pointers are neither 4 nor 8 bytes long?" +#endif + +#define ALIGN_PTR(p) ((void*) ALIGN((unsigned long) p)) +#define ALIGN4_PTR(p) ((void*) ALIGN4((unsigned long) p)) +#define ALIGN8_PTR(p) ((void*) ALIGN8((unsigned long) p)) + +static inline size_t ALIGN_TO(size_t l, size_t ali) +{ + return ((l + ali - 1) & ~(ali - 1)); +} + +#define ALIGN_TO_PTR(p, ali) ((void*) ALIGN_TO((unsigned long) p)) + +#define ELEMENTSOF(x) (sizeof(x)/sizeof((x)[0])) + +/* + * container_of - cast a member of a structure out to the containing structure + * @ptr: the pointer to the member. + * @type: the type of the container struct this is embedded in. + * @member: the name of the member within the struct. + * + */ +#define container_of(ptr, type, member) \ + __extension__ ({ \ + const typeof( ((type *)0)->member ) *__mptr = (ptr); \ + (type *)( (char *)__mptr - offsetof(type,member) ); \ + }) + +#undef MAX +#define MAX(a,b) \ + __extension__ ({ \ + typeof(a) _a = (a); \ + typeof(b) _b = (b); \ + _a > _b ? _a : _b; \ + }) + +#define MAX3(x,y,z) \ + __extension__ ({ \ + typeof(x) _c = MAX(x,y); \ + MAX(_c, z); \ + }) + +#undef MIN +#define MIN(a,b) \ + __extension__ ({ \ + typeof(a) _a = (a); \ + typeof(b) _b = (b); \ + _a < _b ? _a : _b; \ + }) + +#ifndef CLAMP +#define CLAMP(x, low, high) \ + __extension__ ({ \ + typeof(x) _x = (x); \ + typeof(low) _low = (low); \ + typeof(high) _high = (high); \ + ((_x > _high) ? _high : ((_x < _low) ? _low : _x)); \ + }) +#endif + +#define assert_se(expr) \ + do { \ + if (_unlikely_(!(expr))) \ + log_assert_failed(#expr, __FILE__, __LINE__, __PRETTY_FUNCTION__); \ + } while (false) \ + +/* We override the glibc assert() here. */ +#undef assert +#ifdef NDEBUG +#define assert(expr) do {} while(false) +#else +#define assert(expr) assert_se(expr) +#endif + +#define assert_not_reached(t) \ + do { \ + log_assert_failed_unreachable(t, __FILE__, __LINE__, __PRETTY_FUNCTION__); \ + } while (false) + +#if defined(static_assert) +#define assert_cc(expr) \ + do { \ + static_assert(expr, #expr); \ + } while (false) +#else +#define assert_cc(expr) \ + do { \ + switch (0) { \ + case 0: \ + case !!(expr): \ + ; \ + } \ + } while (false) +#endif + +#define PTR_TO_UINT(p) ((unsigned int) ((uintptr_t) (p))) +#define UINT_TO_PTR(u) ((void*) ((uintptr_t) (u))) + +#define PTR_TO_UINT32(p) ((uint32_t) ((uintptr_t) (p))) +#define UINT32_TO_PTR(u) ((void*) ((uintptr_t) (u))) + +#define PTR_TO_ULONG(p) ((unsigned long) ((uintptr_t) (p))) +#define ULONG_TO_PTR(u) ((void*) ((uintptr_t) (u))) + +#define PTR_TO_INT(p) ((int) ((intptr_t) (p))) +#define INT_TO_PTR(u) ((void*) ((intptr_t) (u))) + +#define TO_INT32(p) ((int32_t) ((intptr_t) (p))) +#define INT32_TO_PTR(u) ((void*) ((intptr_t) (u))) + +#define PTR_TO_LONG(p) ((long) ((intptr_t) (p))) +#define LONG_TO_PTR(u) ((void*) ((intptr_t) (u))) + +#define memzero(x,l) (memset((x), 0, (l))) +#define zero(x) (memzero(&(x), sizeof(x))) + +#define CHAR_TO_STR(x) ((char[2]) { x, 0 }) + +#define char_array_0(x) x[sizeof(x)-1] = 0; + +#define IOVEC_SET_STRING(i, s) \ + do { \ + struct iovec *_i = &(i); \ + char *_s = (char *)(s); \ + _i->iov_base = _s; \ + _i->iov_len = strlen(_s); \ + } while(false) + +static inline size_t IOVEC_TOTAL_SIZE(const struct iovec *i, unsigned int n) +{ + unsigned int j; + size_t r = 0; + + for (j = 0; j < n; j++) + r += i[j].iov_len; + + return r; +} + +static inline size_t IOVEC_INCREMENT(struct iovec *i, unsigned int n, size_t k) +{ + unsigned int j; + + for (j = 0; j < n; j++) { + size_t sub; + + if (_unlikely_(k == 0)) + break; + + sub = MIN(i[j].iov_len, k); + i[j].iov_len -= sub; + i[j].iov_base = (uint8_t *) i[j].iov_base + sub; + k -= sub; + } + + return k; +} + +#define VA_FORMAT_ADVANCE(format, ap) \ +do { \ + int _argtypes[128]; \ + size_t _i, _k; \ + _k = parse_printf_format((format), ELEMENTSOF(_argtypes), _argtypes); \ + assert(_k < ELEMENTSOF(_argtypes)); \ + for (_i = 0; _i < _k; _i++) { \ + if (_argtypes[_i] & PA_FLAG_PTR) { \ + (void) va_arg(ap, void*); \ + continue; \ + } \ + \ + switch (_argtypes[_i]) { \ + case PA_INT: \ + case PA_INT|PA_FLAG_SHORT: \ + case PA_CHAR: \ + (void) va_arg(ap, int); \ + break; \ + case PA_INT|PA_FLAG_LONG: \ + (void) va_arg(ap, long int); \ + break; \ + case PA_INT|PA_FLAG_LONG_LONG: \ + (void) va_arg(ap, long long int); \ + break; \ + case PA_WCHAR: \ + (void) va_arg(ap, wchar_t); \ + break; \ + case PA_WSTRING: \ + case PA_STRING: \ + case PA_POINTER: \ + (void) va_arg(ap, void*); \ + break; \ + case PA_FLOAT: \ + case PA_DOUBLE: \ + (void) va_arg(ap, double); \ + break; \ + case PA_DOUBLE|PA_FLAG_LONG_DOUBLE: \ + (void) va_arg(ap, long double); \ + break; \ + default: \ + assert_not_reached("Unknown format string argument."); \ + } \ + } \ +} while(false) + +/* Because statfs.t_type can be int on some architectures, we have to cast + * the const magic to the type, otherwise the compiler warns about + * signed/unsigned comparison, because the magic can be 32 bit unsigned. + */ +#define F_TYPE_CMP(a, b) (a == (typeof(a)) b) + +/* Returns the number of chars needed to format variables of the + * specified type as a decimal string. Adds in extra space for a + * negative '-' prefix. */ + +#define DECIMAL_STR_MAX(type) \ + (1+(sizeof(type) <= 1 ? 3 : \ + sizeof(type) <= 2 ? 5 : \ + sizeof(type) <= 4 ? 10 : \ + sizeof(type) <= 8 ? 20 : sizeof(int[-2*(sizeof(type) > 8)]))) + +/* + * Takes inspiration from Rust's Option::take() method: reads and returns a pointer. + * But at the same time resets it to NULL. + * See: https://doc.rust-lang.org/std/option/enum.Option.html#method.take + */ +#define TAKE_PTR(ptr) \ + ({ \ + typeof(ptr) _ptr_ = (ptr); \ + (ptr) = NULL; \ + _ptr_; \ + }) + +/* Use to suppress unused variable/function arg warning */ +#define UNUSED(var) ((void)var) + +#include "log.h" diff --git a/src/install/strv.c b/src/install/strv.c new file mode 100644 index 0000000..02b0507 --- /dev/null +++ b/src/install/strv.c @@ -0,0 +1,616 @@ +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <assert.h> +#include <stdlib.h> +#include <stdarg.h> +#include <string.h> +#include <errno.h> + +#include "util.h" +#include "strv.h" + +char *strv_find(char **l, const char *name) +{ + char **i; + + assert(name); + + STRV_FOREACH(i, l) { + if (streq(*i, name)) + return *i; + } + + return NULL; +} + +char *strv_find_prefix(char **l, const char *name) +{ + char **i; + + assert(name); + + STRV_FOREACH(i, l) { + if (startswith(*i, name)) + return *i; + } + + return NULL; +} + +void strv_free(char **l) +{ + char **k; + + if (!l) + return; + + for (k = l; *k; k++) + free(*k); + + free(l); +} + +char **strv_copy(char *const *l) +{ + char **r, **k; + + k = r = new(char *, strv_length(l) + 1); + if (!r) + return NULL; + + if (l) + for (; *l; k++, l++) { + *k = strdup(*l); + if (!*k) { + strv_free(r); + return NULL; + } + } + + *k = NULL; + return r; +} + +unsigned int strv_length(char *const *l) +{ + unsigned int n = 0; + + if (!l) + return 0; + + for (; *l; l++) + n++; + + return n; +} + +char **strv_new_ap(const char *x, va_list ap) +{ + const char *s; + char **a; + unsigned int n = 0, i = 0; + va_list aq; + + /* As a special trick we ignore all listed strings that equal + * (const char*) -1. This is supposed to be used with the + * STRV_IFNOTNULL() macro to include possibly NULL strings in + * the string list. */ + + if (x) { + n = x == (const char *)-1 ? 0 : 1; + + va_copy(aq, ap); + while ((s = va_arg(aq, const char *))) { + if (s == (const char *)-1) + continue; + + n++; + } + + va_end(aq); + } + + a = new(char *, n + 1); + if (!a) + return NULL; + + if (x) { + if (x != (const char *)-1) { + a[i] = strdup(x); + if (!a[i]) + goto fail; + i++; + } + + while ((s = va_arg(ap, const char *))) { + + if (s == (const char *)-1) + continue; + + a[i] = strdup(s); + if (!a[i]) + goto fail; + + i++; + } + } + + a[i] = NULL; + + return a; + +fail: + strv_free(a); + return NULL; +} + +char **strv_new(const char *x, ...) +{ + char **r; + va_list ap; + + va_start(ap, x); + r = strv_new_ap(x, ap); + va_end(ap); + + return r; +} + +char **strv_merge(char **a, char **b) +{ + char **r, **k; + + if (!a) + return strv_copy(b); + + if (!b) + return strv_copy(a); + + r = new(char *, strv_length(a) + strv_length(b) + 1); + if (!r) + return NULL; + + for (k = r; *a; k++, a++) { + *k = strdup(*a); + if (!*k) + goto fail; + } + + for (; *b; k++, b++) { + *k = strdup(*b); + if (!*k) + goto fail; + } + + *k = NULL; + return r; + +fail: + strv_free(r); + return NULL; +} + +char **strv_merge_concat(char **a, char **b, const char *suffix) +{ + char **r, **k; + + /* Like strv_merge(), but appends suffix to all strings in b, before adding */ + + if (!b) + return strv_copy(a); + + r = new(char *, strv_length(a) + strv_length(b) + 1); + if (!r) + return NULL; + + k = r; + if (a) + for (; *a; k++, a++) { + *k = strdup(*a); + if (!*k) + goto fail; + } + + for (; *b; k++, b++) { + *k = strappend(*b, suffix); + if (!*k) + goto fail; + } + + *k = NULL; + return r; + +fail: + strv_free(r); + return NULL; + +} + +char **strv_split(const char *s, const char *separator) +{ + char *state; + char *w; + size_t l; + unsigned int n, i; + char **r; + + assert(s); + + n = 0; + FOREACH_WORD_SEPARATOR(w, l, s, separator, state) { + n++; + } + + r = new(char *, n + 1); + if (!r) + return NULL; + + i = 0; + FOREACH_WORD_SEPARATOR(w, l, s, separator, state) { + r[i] = strndup(w, l); + if (!r[i]) { + strv_free(r); + return NULL; + } + + i++; + } + + r[i] = NULL; + return r; +} + +char **strv_split_quoted(const char *s) +{ + char *state; + char *w; + size_t l; + unsigned int n, i; + char **r; + + assert(s); + + n = 0; + FOREACH_WORD_QUOTED(w, l, s, state) { + n++; + } + + r = new(char *, n + 1); + if (!r) + return NULL; + + i = 0; + FOREACH_WORD_QUOTED(w, l, s, state) { + r[i] = cunescape_length(w, l); + if (!r[i]) { + strv_free(r); + return NULL; + } + i++; + } + + r[i] = NULL; + return r; +} + +char **strv_split_newlines(const char *s) +{ + char **l; + unsigned int n; + + assert(s); + + /* Special version of strv_split() that splits on newlines and + * suppresses an empty string at the end */ + + l = strv_split(s, NEWLINE); + if (!l) + return NULL; + + n = strv_length(l); + if (n == 0) + return l; + + if (isempty(l[n - 1])) { + free(l[n - 1]); + l[n - 1] = NULL; + } + + return l; +} + +char *strv_join(char **l, const char *separator) +{ + char *r, *e; + char **s; + size_t n, k; + + if (!separator) + separator = " "; + + k = strlen(separator); + + n = 0; + STRV_FOREACH(s, l) { + if (n != 0) + n += k; + n += strlen(*s); + } + + r = new(char, n + 1); + if (!r) + return NULL; + + e = r; + STRV_FOREACH(s, l) { + if (e != r) + e = stpcpy(e, separator); + + e = stpcpy(e, *s); + } + + *e = 0; + + return r; +} + +char **strv_append(char **l, const char *s) +{ + char **r, **k; + + if (!l) + return strv_new(s, NULL); + + if (!s) + return strv_copy(l); + + r = new(char *, strv_length(l) + 2); + if (!r) + return NULL; + + for (k = r; *l; k++, l++) { + *k = strdup(*l); + if (!*k) + goto fail; + } + + k[0] = strdup(s); + if (!k[0]) + goto fail; + + k[1] = NULL; + return r; + +fail: + strv_free(r); + return NULL; +} + +int strv_push(char ***l, char *value) +{ + char **c; + unsigned int n; + + if (!value) + return 0; + + n = strv_length(*l); + c = realloc(*l, sizeof(char *) * (n + 2)); + if (!c) + return -ENOMEM; + + c[n] = value; + c[n + 1] = NULL; + + *l = c; + return 0; +} + +int strv_extend(char ***l, const char *value) +{ + char *v; + int r; + + if (!value) + return 0; + + v = strdup(value); + if (!v) + return -ENOMEM; + + r = strv_push(l, v); + if (r < 0) + free(v); + + return r; +} + +char **strv_uniq(char **l) +{ + char **i; + + /* Drops duplicate entries. The first identical string will be + * kept, the others dropped */ + + STRV_FOREACH(i, l) { + strv_remove(i + 1, *i); + } + return l; +} + +char **strv_remove(char **l, const char *s) +{ + char **f, **t; + + if (!l) + return NULL; + + assert(s); + + /* Drops every occurrence of s in the string list, edits + * in-place. */ + + for (f = t = l; *f; f++) { + + if (streq(*f, s)) { + free(*f); + continue; + } + + *(t++) = *f; + } + + *t = NULL; + return l; +} + +char **strv_remove_prefix(char **l, const char *s) +{ + char **f, **t; + + if (!l) + return NULL; + + assert(s); + + /* Drops every occurrence of a string prefixed with s in the + * string list, edits in-place. */ + + for (f = t = l; *f; f++) { + + if (startswith(*f, s)) { + free(*f); + continue; + } + + *(t++) = *f; + } + + *t = NULL; + return l; +} + +char **strv_parse_nulstr(const char *s, size_t l) +{ + const char *p; + unsigned int c = 0, i = 0; + char **v; + + assert(s || l == 0); + + if (l == 0) + return new0(char *, 1); + + for (p = s; p < s + l; p++) + if (*p == 0) + c++; + + if (s[l - 1] != 0) + c++; + + v = new0(char *, c + 1); + if (!v) + return NULL; + + p = s; + while (p < s + l) { + const char *e; + + e = memchr(p, 0, s + l - p); + + v[i] = strndup(p, e ? e - p : s + l - p); + if (!v[i]) { + strv_free(v); + return NULL; + } + + i++; + + if (!e) + break; + + p = e + 1; + } + + assert(i == c); + + return v; +} + +char **strv_split_nulstr(const char *s) +{ + const char *i; + char **r = NULL; + + NULSTR_FOREACH(i, s) { + if (strv_extend(&r, i) < 0) { + strv_free(r); + return NULL; + } + } + + if (!r) + return strv_new(NULL, NULL); + + return r; +} + +bool strv_overlap(char **a, char **b) +{ + char **i, **j; + + STRV_FOREACH(i, a) { + STRV_FOREACH(j, b) { + if (streq(*i, *j)) + return true; + } + } + + return false; +} + +static int str_compare(const void *_a, const void *_b) +{ + const char **a = (const char **)_a, **b = (const char **)_b; + + return strcmp(*a, *b); +} + +char **strv_sort(char **l) +{ + + if (strv_isempty(l)) + return l; + + qsort(l, strv_length(l), sizeof(char *), str_compare); + return l; +} + +void strv_print(char **l) +{ + char **s; + + if (!l) + return; + + STRV_FOREACH(s, l) { + puts(*s); + } +} diff --git a/src/install/strv.h b/src/install/strv.h new file mode 100644 index 0000000..cf99f5d --- /dev/null +++ b/src/install/strv.h @@ -0,0 +1,118 @@ +#pragma once + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <stdarg.h> +#include <stdbool.h> + +#include "util.h" + +char *strv_find(char **l, const char *name) _pure_; +char *strv_find_prefix(char **l, const char *name) _pure_; + +void strv_free(char **l); +DEFINE_TRIVIAL_CLEANUP_FUNC(char **, strv_free); +#define _cleanup_strv_free_ _cleanup_(strv_freep) + +char **strv_copy(char *const *l); +unsigned int strv_length(char *const *l) _pure_; + +char **strv_merge(char **a, char **b); +char **strv_merge_concat(char **a, char **b, const char *suffix); +char **strv_append(char **l, const char *s); +int strv_extend(char ***l, const char *value); +int strv_push(char ***l, char *value); + +char **strv_remove(char **l, const char *s); +char **strv_remove_prefix(char **l, const char *s); +char **strv_uniq(char **l); + +#define strv_contains(l, s) (!!strv_find((l), (s))) + +char **strv_new(const char *x, ...) _sentinel_; +char **strv_new_ap(const char *x, va_list ap); + +static inline const char *STRV_IFNOTNULL(const char *x) +{ + return x ? x : (const char *)-1; +} + +static inline bool strv_isempty(char *const *l) +{ + return !l || !*l; +} + +char **strv_split(const char *s, const char *separator); +char **strv_split_quoted(const char *s); +char **strv_split_newlines(const char *s); + +char *strv_join(char **l, const char *separator); + +char **strv_parse_nulstr(const char *s, size_t l); +char **strv_split_nulstr(const char *s); + +bool strv_overlap(char **a, char **b) _pure_; + +#define STRV_FOREACH(s, l) \ + for ((s) = (l); (s) && *(s); (s)++) + +#define STRV_FOREACH_BACKWARDS(s, l) \ + STRV_FOREACH(s, l) \ + ; \ + for ((s)--; (l) && ((s) >= (l)); (s)--) + +#define STRV_FOREACH_PAIR(x, y, l) \ + for ((x) = (l), (y) = (x+1); (x) && *(x) && *(y); (x) += 2, (y) = (x + 1)) + +char **strv_sort(char **l); +void strv_print(char **l); + +#define STRV_MAKE(...) ((char**) ((const char*[]) { __VA_ARGS__, NULL })) + +#define STRV_MAKE_EMPTY ((char*[1]) { NULL }) + +#define strv_from_stdarg_alloca(first) \ + ({ \ + char **_l; \ + \ + if (!first) \ + _l = (char**) &first; \ + else { \ + unsigned int _n; \ + va_list _ap; \ + \ + _n = 1; \ + va_start(_ap, first); \ + while (va_arg(_ap, char*)) \ + _n++; \ + va_end(_ap); \ + \ + _l = newa(char*, _n+1); \ + _l[_n = 0] = (char*) first; \ + va_start(_ap, first); \ + for (;;) { \ + _l[++_n] = va_arg(_ap, char*); \ + if (!_l[_n]) \ + break; \ + } \ + va_end(_ap); \ + } \ + _l; \ + }) diff --git a/src/install/util.c b/src/install/util.c new file mode 100644 index 0000000..5f32f64 --- /dev/null +++ b/src/install/util.c @@ -0,0 +1,574 @@ +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#define _GNU_SOURCE + +#include <string.h> +#include <unistd.h> +#include <errno.h> +#include <fcntl.h> +#include <sys/types.h> +#include <sys/syscall.h> +#include <libgen.h> + +#include "util.h" + +#define gettid() ((pid_t) syscall(SYS_gettid)) + +size_t page_size(void) +{ + static __thread size_t pgsz = 0; + long r; + + if (_likely_(pgsz > 0)) + return pgsz; + + assert_se((r = sysconf(_SC_PAGESIZE)) > 0); + + pgsz = (size_t)r; + + return pgsz; +} + +bool endswith(const char *s, const char *postfix) +{ + size_t sl, pl; + + assert(s); + assert(postfix); + + sl = strlen(s); + pl = strlen(postfix); + + if (pl == 0) + return true; + + if (sl < pl) + return false; + + return memcmp(s + sl - pl, postfix, pl) == 0; +} + +int close_nointr(int fd) +{ + assert(fd >= 0); + + for (;;) { + int r; + + r = close(fd); + if (r >= 0) + return r; + + if (errno != EINTR) + return -errno; + } +} + +void close_nointr_nofail(int fd) +{ + int saved_errno = errno; + + /* like close_nointr() but cannot fail, and guarantees errno + * is unchanged */ + + assert_se(close_nointr(fd) == 0); + + errno = saved_errno; +} + +int open_terminal(const char *name, int mode) +{ + int fd, r; + unsigned int c = 0; + + /* + * If a TTY is in the process of being closed opening it might + * cause EIO. This is horribly awful, but unlikely to be + * changed in the kernel. Hence we work around this problem by + * retrying a couple of times. + * + * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245 + */ + + for (;;) { + if ((fd = open(name, mode)) >= 0) + break; + + if (errno != EIO) + return -errno; + + if (c >= 20) + return -errno; + + usleep(50 * USEC_PER_MSEC); + c++; + } + + if (fd < 0) + return -errno; + + if ((r = isatty(fd)) < 0) { + close_nointr_nofail(fd); + return -errno; + } + + if (!r) { + close_nointr_nofail(fd); + return -ENOTTY; + } + + return fd; +} + +bool streq_ptr(const char *a, const char *b) +{ + + /* Like streq(), but tries to make sense of NULL pointers */ + + if (a && b) + return streq(a, b); + + if (!a && !b) + return true; + + return false; +} + +bool is_main_thread(void) +{ + static __thread int cached = 0; + + if (_unlikely_(cached == 0)) + cached = getpid() == gettid()? 1 : -1; + + return cached > 0; +} + +int safe_atou(const char *s, unsigned int *ret_u) +{ + char *x = NULL; + unsigned long l; + + assert(s); + assert(ret_u); + + errno = 0; + l = strtoul(s, &x, 0); + + if (!x || *x || errno) + return errno ? -errno : -EINVAL; + + if ((unsigned long)(unsigned int)l != l) + return -ERANGE; + + *ret_u = (unsigned int)l; + return 0; +} + +static const char *const log_level_table[] = { + [LOG_EMERG] = "emerg", + [LOG_ALERT] = "alert", + [LOG_CRIT] = "crit", + [LOG_ERR] = "err", + [LOG_WARNING] = "warning", + [LOG_NOTICE] = "notice", + [LOG_INFO] = "info", + [LOG_DEBUG] = "debug" +}; + +DEFINE_STRING_TABLE_LOOKUP(log_level, int); + +char *strnappend(const char *s, const char *suffix, size_t b) +{ + size_t a; + char *r; + + if (!s && !suffix) + return strdup(""); + + if (!s) + return strndup(suffix, b); + + if (!suffix) + return strdup(s); + + assert(s); + assert(suffix); + + a = strlen(s); + if (b > ((size_t)-1) - a) + return NULL; + + r = new(char, a + b + 1); + if (!r) + return NULL; + + memcpy(r, s, a); + memcpy(r + a, suffix, b); + r[a + b] = 0; + + return r; +} + +char *strappend(const char *s, const char *suffix) +{ + return strnappend(s, suffix, suffix ? strlen(suffix) : 0); +} + +char *strjoin(const char *x, ...) +{ + va_list ap; + size_t l; + char *r; + + va_start(ap, x); + + if (x) { + l = strlen(x); + + for (;;) { + const char *t; + size_t n; + + t = va_arg(ap, const char *); + if (!t) + break; + + n = strlen(t); + if (n > ((size_t)-1) - l) { + va_end(ap); + return NULL; + } + + l += n; + } + } else + l = 0; + + va_end(ap); + + r = new(char, l + 1); + if (!r) + return NULL; + + if (x) { + char *p; + + p = stpcpy(r, x); + + va_start(ap, x); + + for (;;) { + const char *t; + + t = va_arg(ap, const char *); + if (!t) + break; + + p = stpcpy(p, t); + } + + va_end(ap); + } else + r[0] = 0; + + return r; +} + +char *cunescape_length_with_prefix(const char *s, size_t length, const char *prefix) +{ + char *r, *t; + const char *f; + size_t pl; + + assert(s); + + /* Undoes C style string escaping, and optionally prefixes it. */ + + pl = prefix ? strlen(prefix) : 0; + + r = new(char, pl + length + 1); + if (!r) + return r; + + if (prefix) + memcpy(r, prefix, pl); + + for (f = s, t = r + pl; f < s + length; f++) { + + if (*f != '\\') { + *(t++) = *f; + continue; + } + + f++; + + switch (*f) { + + case 'a': + *(t++) = '\a'; + break; + case 'b': + *(t++) = '\b'; + break; + case 'f': + *(t++) = '\f'; + break; + case 'n': + *(t++) = '\n'; + break; + case 'r': + *(t++) = '\r'; + break; + case 't': + *(t++) = '\t'; + break; + case 'v': + *(t++) = '\v'; + break; + case '\\': + *(t++) = '\\'; + break; + case '"': + *(t++) = '"'; + break; + case '\'': + *(t++) = '\''; + break; + + case 's': + /* This is an extension of the XDG syntax files */ + *(t++) = ' '; + break; + + case 'x': { + /* hexadecimal encoding */ + int a, b; + + a = unhexchar(f[1]); + b = unhexchar(f[2]); + + if (a < 0 || b < 0) { + /* Invalid escape code, let's take it literal then */ + *(t++) = '\\'; + *(t++) = 'x'; + } else { + *(t++) = (char)((a << 4) | b); + f += 2; + } + + break; + } + + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': { + /* octal encoding */ + int a, b, c; + + a = unoctchar(f[0]); + b = unoctchar(f[1]); + c = unoctchar(f[2]); + + if (a < 0 || b < 0 || c < 0) { + /* Invalid escape code, let's take it literal then */ + *(t++) = '\\'; + *(t++) = f[0]; + } else { + *(t++) = (char)((a << 6) | (b << 3) | c); + f += 2; + } + + break; + } + + case 0: + /* premature end of string. */ + *(t++) = '\\'; + goto finish; + + default: + /* Invalid escape code, let's take it literal then */ + *(t++) = '\\'; + *(t++) = *f; + break; + } + } + +finish: + *t = 0; + return r; +} + +char *cunescape_length(const char *s, size_t length) +{ + return cunescape_length_with_prefix(s, length, NULL); +} + +/* Split a string into words, but consider strings enclosed in '' and + * "" as words even if they include spaces. */ +char *split_quoted(const char *c, size_t *l, char **state) +{ + const char *current, *e; + bool escaped = false; + + assert(c); + assert(l); + assert(state); + + current = *state ? *state : c; + + current += strspn(current, WHITESPACE); + + if (*current == 0) + return NULL; + + else if (*current == '\'') { + current++; + + for (e = current; *e; e++) { + if (escaped) + escaped = false; + else if (*e == '\\') + escaped = true; + else if (*e == '\'') + break; + } + + *l = e - current; + *state = (char *)(*e == 0 ? e : e + 1); + + } else if (*current == '\"') { + current++; + + for (e = current; *e; e++) { + if (escaped) + escaped = false; + else if (*e == '\\') + escaped = true; + else if (*e == '\"') + break; + } + + *l = e - current; + *state = (char *)(*e == 0 ? e : e + 1); + + } else { + for (e = current; *e; e++) { + if (escaped) + escaped = false; + else if (*e == '\\') + escaped = true; + else if (strchr(WHITESPACE, *e)) + break; + } + *l = e - current; + *state = (char *)e; + } + + return (char *)current; +} + +/* Split a string into words. */ +char *split(const char *c, size_t *l, const char *separator, char **state) +{ + char *current; + + current = *state ? *state : (char *)c; + + if (!*current || *c == 0) + return NULL; + + current += strspn(current, separator); + *l = strcspn(current, separator); + *state = current + *l; + + return (char *)current; +} + +int unhexchar(char c) +{ + + if (c >= '0' && c <= '9') + return c - '0'; + + if (c >= 'a' && c <= 'f') + return c - 'a' + 10; + + if (c >= 'A' && c <= 'F') + return c - 'A' + 10; + + return -1; +} + +int unoctchar(char c) +{ + + if (c >= '0' && c <= '7') + return c - '0'; + + return -1; +} + +int dracut_asprintf(char **restrict strp, const char *restrict fmt, ...) +{ + int ret = -1; + va_list args; + + if (!strp || !fmt) { + return ret; + } + + va_start(args, fmt); + ret = vasprintf(strp, fmt, args); + if (ret < 0) { + *strp = NULL; + } + va_end(args); + + return ret; +} + +char *dirname_malloc(const char *path) +{ + char *d, *dir, *dir2; + + assert(path); + + d = strdup(path); + if (!d) + return NULL; + + dir = dirname(d); + assert(dir); + + if (dir == d) + return d; + + dir2 = strdup(dir); + free(d); + + return dir2; +} diff --git a/src/install/util.h b/src/install/util.h new file mode 100644 index 0000000..f022f15 --- /dev/null +++ b/src/install/util.h @@ -0,0 +1,609 @@ +#ifndef fooutilhfoo +#define fooutilhfoo + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#define _GNU_SOURCE + +#include <inttypes.h> +#include <time.h> +#include <sys/time.h> +#include <stdarg.h> +#include <stdbool.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <signal.h> +#include <sched.h> +#include <limits.h> +#include <sys/stat.h> +#include <dirent.h> +#include <sys/resource.h> + +#include "macro.h" + +typedef uint64_t usec_t; +typedef uint64_t nsec_t; + +typedef struct dual_timestamp { + usec_t realtime; + usec_t monotonic; +} dual_timestamp; + +#define MSEC_PER_SEC 1000ULL +#define USEC_PER_SEC 1000000ULL +#define USEC_PER_MSEC 1000ULL +#define NSEC_PER_SEC 1000000000ULL +#define NSEC_PER_MSEC 1000000ULL +#define NSEC_PER_USEC 1000ULL + +#define USEC_PER_MINUTE (60ULL*USEC_PER_SEC) +#define NSEC_PER_MINUTE (60ULL*NSEC_PER_SEC) +#define USEC_PER_HOUR (60ULL*USEC_PER_MINUTE) +#define NSEC_PER_HOUR (60ULL*NSEC_PER_MINUTE) +#define USEC_PER_DAY (24ULL*USEC_PER_HOUR) +#define NSEC_PER_DAY (24ULL*NSEC_PER_HOUR) +#define USEC_PER_WEEK (7ULL*USEC_PER_DAY) +#define NSEC_PER_WEEK (7ULL*NSEC_PER_DAY) +#define USEC_PER_MONTH (2629800ULL*USEC_PER_SEC) +#define NSEC_PER_MONTH (2629800ULL*NSEC_PER_SEC) +#define USEC_PER_YEAR (31557600ULL*USEC_PER_SEC) +#define NSEC_PER_YEAR (31557600ULL*NSEC_PER_SEC) + +/* What is interpreted as whitespace? */ +#define WHITESPACE " \t\n\r" +#define NEWLINE "\n\r" +#define QUOTES "\"\'" +#define COMMENTS "#;\n" + +#define FORMAT_TIMESTAMP_MAX 64 +#define FORMAT_TIMESTAMP_PRETTY_MAX 256 +#define FORMAT_TIMESPAN_MAX 64 +#define FORMAT_BYTES_MAX 8 + +#define ANSI_HIGHLIGHT_ON "\x1B[1;39m" +#define ANSI_HIGHLIGHT_RED_ON "\x1B[1;31m" +#define ANSI_HIGHLIGHT_GREEN_ON "\x1B[1;32m" +#define ANSI_HIGHLIGHT_YELLOW_ON "\x1B[1;33m" +#define ANSI_HIGHLIGHT_OFF "\x1B[0m" + +usec_t now(clockid_t clock); + +dual_timestamp *dual_timestamp_get(dual_timestamp *ts); +dual_timestamp *dual_timestamp_from_realtime(dual_timestamp *ts, usec_t u); + +#define dual_timestamp_is_set(ts) ((ts)->realtime > 0) + +usec_t timespec_load(const struct timespec *ts); +struct timespec *timespec_store(struct timespec *ts, usec_t u); + +usec_t timeval_load(const struct timeval *tv); +struct timeval *timeval_store(struct timeval *tv, usec_t u); + +size_t page_size(void); +#define PAGE_ALIGN(l) ALIGN_TO((l), page_size()) + +#define streq(a,b) (strcmp((a),(b)) == 0) +#define strneq(a, b, n) (strncmp((a), (b), (n)) == 0) + +bool streq_ptr(const char *a, const char *b); + +#define new(t, n) ((t*) malloc(sizeof(t)*(n))) + +#define new0(t, n) ((t*) calloc((n), sizeof(t))) + +#define newa(t, n) ((t*) alloca(sizeof(t)*(n))) + +#define newdup(t, p, n) ((t*) memdup(p, sizeof(t)*(n))) + +#define malloc0(n) (calloc((n), 1)) + +static inline const char *yes_no(bool b) +{ + return b ? "yes" : "no"; +} + +static inline const char *strempty(const char *s) +{ + return s ? s : ""; +} + +static inline const char *strnull(const char *s) +{ + return s ? s : "(null)"; +} + +static inline const char *strna(const char *s) +{ + return s ? s : "n/a"; +} + +static inline bool isempty(const char *p) +{ + return !p || !p[0]; +} + +static inline const char *startswith(const char *s, const char *prefix) +{ + if (strncmp(s, prefix, strlen(prefix)) == 0) + return s + strlen(prefix); + return NULL; +} + +bool endswith(const char *s, const char *postfix); + +bool startswith_no_case(const char *s, const char *prefix); + +bool first_word(const char *s, const char *word); + +int close_nointr(int fd); +void close_nointr_nofail(int fd); +void close_many(const int fds[], unsigned int n_fd); + +int parse_boolean(const char *v); +int parse_usec(const char *t, usec_t *usec); +int parse_nsec(const char *t, nsec_t *nsec); +int parse_bytes(const char *t, off_t *bytes); +int parse_pid(const char *s, pid_t *ret_pid); +int parse_uid(const char *s, uid_t *ret_uid); +#define parse_gid(s, ret_uid) parse_uid(s, ret_uid) + +int safe_atou(const char *s, unsigned int *ret_u); +int safe_atoi(const char *s, int *ret_i); + +int safe_atollu(const char *s, unsigned long long *ret_u); +int safe_atolli(const char *s, long long int *ret_i); + +#if LONG_MAX == INT_MAX +static inline int safe_atolu(const char *s, unsigned long *ret_u) +{ + assert_cc(sizeof(unsigned long) == sizeof(unsigned int)); + return safe_atou(s, (unsigned int *)ret_u); +} + +static inline int safe_atoli(const char *s, long int *ret_u) +{ + assert_cc(sizeof(long int) == sizeof(int)); + return safe_atoi(s, (int *)ret_u); +} +#else +static inline int safe_atolu(const char *s, unsigned long *ret_u) +{ + assert_cc(sizeof(unsigned long) == sizeof(unsigned long long)); + return safe_atollu(s, (unsigned long long *)ret_u); +} + +static inline int safe_atoli(const char *s, long int *ret_u) +{ + assert_cc(sizeof(long int) == sizeof(long long int)); + return safe_atolli(s, (long long int *)ret_u); +} +#endif + +static inline int safe_atou32(const char *s, uint32_t *ret_u) +{ + assert_cc(sizeof(uint32_t) == sizeof(unsigned int)); + return safe_atou(s, (unsigned int *)ret_u); +} + +static inline int safe_atoi32(const char *s, int32_t *ret_i) +{ + assert_cc(sizeof(int32_t) == sizeof(int)); + return safe_atoi(s, (int *)ret_i); +} + +static inline int safe_atou64(const char *s, uint64_t *ret_u) +{ + assert_cc(sizeof(uint64_t) == sizeof(unsigned long long)); + return safe_atollu(s, (unsigned long long *)ret_u); +} + +static inline int safe_atoi64(const char *s, int64_t *ret_i) +{ + assert_cc(sizeof(int64_t) == sizeof(long long int)); + return safe_atolli(s, (long long int *)ret_i); +} + +char *split(const char *c, size_t *l, const char *separator, char **state); +char *split_quoted(const char *c, size_t *l, char **state); + +#define FOREACH_WORD(word, length, s, state) \ + for ((state) = NULL, (word) = split((s), &(length), WHITESPACE, &(state)); (word); (word) = split((s), &(length), WHITESPACE, &(state))) + +#define FOREACH_WORD_SEPARATOR(word, length, s, separator, state) \ + for ((state) = NULL, (word) = split((s), &(length), (separator), &(state)); (word); (word) = split((s), &(length), (separator), &(state))) + +#define FOREACH_WORD_QUOTED(word, length, s, state) \ + for ((state) = NULL, (word) = split_quoted((s), &(length), &(state)); (word); (word) = split_quoted((s), &(length), &(state))) + +pid_t get_parent_of_pid(pid_t pid, pid_t *ppid); +int get_starttime_of_pid(pid_t pid, unsigned long long *st); + +int write_one_line_file(const char *fn, const char *line); +int write_one_line_file_atomic(const char *fn, const char *line); +int read_one_line_file(const char *fn, char **line); +int read_full_file(const char *fn, char **contents, size_t *size); + +int parse_env_file(const char *fname, const char *separator, ...) _sentinel_; +int load_env_file(const char *fname, char ***l); +int write_env_file(const char *fname, char **l); + +char *strappend(const char *s, const char *suffix); +char *strnappend(const char *s, const char *suffix, size_t length); + +char *replace_env(const char *format, char **env); +char **replace_env_argv(char **argv, char **env); + +int readlink_malloc(const char *p, char **r); +int readlink_and_make_absolute(const char *p, char **r); +int readlink_and_canonicalize(const char *p, char **r); + +int reset_all_signal_handlers(void); + +char *strstrip(char *s); +char *delete_chars(char *s, const char *bad); +char *truncate_nl(char *s); + +char *file_in_same_dir(const char *path, const char *filename); + +int rmdir_parents(const char *path, const char *stop); + +int get_process_comm(pid_t pid, char **name); +int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char **line); +int get_process_exe(pid_t pid, char **name); +int get_process_uid(pid_t pid, uid_t *uid); + +char hexchar(int x); +int unhexchar(char c); +char octchar(int x); +int unoctchar(char c); +char decchar(int x); +int undecchar(char c); + +char *cescape(const char *s); +char *cunescape(const char *s); +char *cunescape_length(const char *s, size_t length); + +char *xescape(const char *s, const char *bad); + +char *bus_path_escape(const char *s); +char *bus_path_unescape(const char *s); + +char *ascii_strlower(char *path); + +bool dirent_is_file(const struct dirent *de); +bool dirent_is_file_with_suffix(const struct dirent *de, const char *suffix); + +bool ignore_file(const char *filename); + +bool chars_intersect(const char *a, const char *b); + +char *format_timestamp(char *buf, size_t l, usec_t t); +char *format_timestamp_pretty(char *buf, size_t l, usec_t t); +char *format_timespan(char *buf, size_t l, usec_t t); + +int make_stdio(int fd); +int make_null_stdio(void); + +unsigned long long random_ull(void); + +#define __DEFINE_STRING_TABLE_LOOKUP(name,type,scope) \ + scope const char *name##_to_string(type i) { \ + if (i < 0 || i >= (type) ELEMENTSOF(name##_table)) \ + return NULL; \ + return name##_table[i]; \ + } \ + scope type name##_from_string(const char *s) { \ + type i; \ + unsigned int u = 0; \ + assert(s); \ + for (i = 0; i < (type)ELEMENTSOF(name##_table); i++) \ + if (name##_table[i] && \ + streq(name##_table[i], s)) \ + return i; \ + if (safe_atou(s, &u) >= 0 && \ + u < ELEMENTSOF(name##_table)) \ + return (type) u; \ + return (type) -1; \ + } \ + struct __useless_struct_to_allow_trailing_semicolon__ + +#define DEFINE_STRING_TABLE_LOOKUP(name,type) __DEFINE_STRING_TABLE_LOOKUP(name,type,) +#define DEFINE_PRIVATE_STRING_TABLE_LOOKUP(name,type) __DEFINE_STRING_TABLE_LOOKUP(name,type,static) + +int fd_nonblock(int fd, bool nonblock); +int fd_cloexec(int fd, bool cloexec); + +int close_all_fds(const int except[], unsigned int n_except); + +bool fstype_is_network(const char *fstype); + +int chvt(int vt); + +int read_one_char(FILE *f, char *ret, usec_t timeout, bool *need_nl); +int ask(char *ret, const char *replies, const char *text, ...); + +int reset_terminal_fd(int fd, bool switch_to_text); +int reset_terminal(const char *name); + +int open_terminal(const char *name, int mode); +int acquire_terminal(const char *name, bool fail, bool force, bool ignore_tiocstty_eperm); +int release_terminal(void); + +int flush_fd(int fd); + +int ignore_signals(int sig, ...); +int default_signals(int sig, ...); +int sigaction_many(const struct sigaction *sa, ...); + +int close_pipe(int p[]); +int fopen_temporary(const char *path, FILE **_f, char **_temp_path); + +ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll); +ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll); + +bool is_device_path(const char *path); + +int dir_is_empty(const char *path); + +void rename_process(const char name[8]); + +void sigset_add_many(sigset_t *ss, ...); + +char *gethostname_malloc(void); +bool hostname_is_set(void); +char *getlogname_malloc(void); + +int getttyname_malloc(int fd, char **r); +int getttyname_harder(int fd, char **r); + +int get_ctty_devnr(pid_t pid, dev_t *d); +int get_ctty(pid_t, dev_t *_devnr, char **r); + +int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid); +int fchmod_and_fchown(int fd, mode_t mode, uid_t uid, gid_t gid); + +int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev); +int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky); + +int pipe_eof(int fd); + +cpu_set_t *cpu_set_malloc(unsigned int *ncpus); + +void status_vprintf(const char *status, bool ellipse, const char *format, va_list ap); +void status_printf(const char *status, bool ellipse, const char *format, ...); +void status_welcome(void); + +int fd_columns(int fd); +unsigned int columns(void); + +int fd_lines(int fd); +unsigned int lines(void); + +int running_in_chroot(void); + +char *ellipsize(const char *s, size_t length, unsigned int percent); +char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned int percent); + +int touch(const char *path); + +char *unquote(const char *s, const char *quotes); +char *normalize_env_assignment(const char *s); + +int wait_for_terminate(pid_t pid, siginfo_t *status); +int wait_for_terminate_and_warn(const char *name, pid_t pid); + +_noreturn_ void freeze(void); + +bool null_or_empty(struct stat *st); +int null_or_empty_path(const char *fn); + +DIR *xopendirat(int dirfd, const char *name, int flags); + +void dual_timestamp_serialize(FILE *f, const char *name, dual_timestamp *t); +void dual_timestamp_deserialize(const char *value, dual_timestamp *t); + +char *fstab_node_to_udev_node(const char *p); + +bool tty_is_vc(const char *tty); +bool tty_is_vc_resolve(const char *tty); +bool tty_is_console(const char *tty); +int vtnr_from_tty(const char *tty); +const char *default_term_for_tty(const char *tty); + +void execute_directory(const char *directory, DIR *_d, char *argv[]); + +int kill_and_sigcont(pid_t pid, int sig); + +bool nulstr_contains(const char *nulstr, const char *needle); + +bool plymouth_running(void); + +void parse_syslog_priority(char **p, int *priority); +void skip_syslog_pid(char **buf); +void skip_syslog_date(char **buf); + +bool hostname_is_valid(const char *s); +char *hostname_cleanup(char *s); + +char *strshorten(char *s, size_t l); + +int terminal_vhangup_fd(int fd); +int terminal_vhangup(const char *name); + +int vt_disallocate(const char *name); + +int copy_file(const char *from, const char *to); +int symlink_or_copy(const char *from, const char *to); +int symlink_or_copy_atomic(const char *from, const char *to); + +int fchmod_umask(int fd, mode_t mode); + +bool display_is_local(const char *display); +int socket_from_display(const char *display, char **path); + +int get_user_creds(const char **username, uid_t *uid, gid_t *gid, const char **home); +int get_group_creds(const char **groupname, gid_t *gid); + +int in_group(const char *name); + +int glob_exists(const char *path); + +int dirent_ensure_type(DIR *d, struct dirent *de); + +int in_search_path(const char *path, char **search); +int get_files_in_directory(const char *path, char ***list); + +char *join(const char *x, ...) _sentinel_; + +bool is_main_thread(void); + +bool in_charset(const char *s, const char *charset); + +int block_get_whole_disk(dev_t d, dev_t *ret); + +int file_is_priv_sticky(const char *p); + +int strdup_or_null(const char *a, char **b); + +#define NULSTR_FOREACH(i, l) \ + for ((i) = (l); (i) && *(i); (i) = strchr((i), 0)+1) + +#define NULSTR_FOREACH_PAIR(i, j, l) \ + for ((i) = (l), (j) = strchr((i), 0)+1; (i) && *(i); (i) = strchr((j), 0)+1, (j) = *(i) ? strchr((i), 0)+1 : (i)) + +const char *ioprio_class_to_string(int i); +int ioprio_class_from_string(const char *s); + +const char *sigchld_code_to_string(int i); +int sigchld_code_from_string(const char *s); + +const char *log_facility_unshifted_to_string(int i); +int log_facility_unshifted_from_string(const char *s); + +const char *log_level_to_string(int i); +int log_level_from_string(const char *s); + +const char *sched_policy_to_string(int i); +int sched_policy_from_string(const char *s); + +const char *rlimit_to_string(int i); +int rlimit_from_string(const char *s); + +const char *ip_tos_to_string(int i); +int ip_tos_from_string(const char *s); + +const char *signal_to_string(int i); +int signal_from_string(const char *s); + +int signal_from_string_try_harder(const char *s); + +extern int saved_argc; +extern char **saved_argv; + +bool kexec_loaded(void); + +int prot_from_flags(int flags); + +char *format_bytes(char *buf, size_t l, off_t t); + +int fd_wait_for_event(int fd, int event, usec_t timeout); + +void *memdup(const void *p, size_t l); + +int is_kernel_thread(pid_t pid); + +static inline void freep(void *p) +{ + free(*(void **)p); +} + +static inline void fclosep(FILE **f) +{ + if (*f) + fclose(*f); +} + +static inline void pclosep(FILE **f) +{ + if (*f) + pclose(*f); +} + +static inline void closep(int *fd) +{ + if (*fd >= 0) + close_nointr_nofail(*fd); +} + +static inline void closedirp(DIR **d) +{ + if (*d) + closedir(*d); +} + +static inline void umaskp(mode_t *u) +{ + umask(*u); +} + +#define _cleanup_free_ _cleanup_(freep) +#define _cleanup_fclose_ _cleanup_(fclosep) +#define _cleanup_pclose_ _cleanup_(pclosep) +#define _cleanup_close_ _cleanup_(closep) +#define _cleanup_closedir_ _cleanup_(closedirp) +#define _cleanup_umask_ _cleanup_(umaskp) +#define _cleanup_globfree_ _cleanup_(globfree) + +int fd_inc_sndbuf(int fd, size_t n); +int fd_inc_rcvbuf(int fd, size_t n); + +int fork_agent(pid_t *pid, const int except[], unsigned int n_except, const char *path, ...); + +int setrlimit_closest(int resource, const struct rlimit *rlim); + +int getenv_for_pid(pid_t pid, const char *field, char **_value); + +int can_sleep(const char *type); + +bool is_valid_documentation_url(const char *url); + +bool in_initrd(void); + +void warn_melody(void); + +char *strjoin(const char *x, ...) _sentinel_; + +#define DEFINE_TRIVIAL_CLEANUP_FUNC(type, func) \ + static inline void func##p(type *p) { \ + if (*p) \ + func(*p); \ + } \ + struct __useless_struct_to_allow_trailing_semicolon__ + +char *split_quoted(const char *c, size_t *l, char **state); +char *cunescape_length(const char *s, size_t length); +int unhexchar(char c) _const_; +int unoctchar(char c) _const_; + +int dracut_asprintf(char **restrict strp, const char *restrict fmt, ...); +char *dirname_malloc(const char *path); + +#endif diff --git a/src/logtee/logtee.c b/src/logtee/logtee.c new file mode 100644 index 0000000..55520db --- /dev/null +++ b/src/logtee/logtee.c @@ -0,0 +1,71 @@ +#define _GNU_SOURCE +#include <fcntl.h> +#include <poll.h> +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <errno.h> +#include <limits.h> + +#define BUFLEN 4096 + +int main(int argc, char *argv[]) +{ + int fd; + int len, slen; + int ret; + int timeout; + char *timeout_env; + struct pollfd fds[] = { { + .fd = STDIN_FILENO, + .events = POLLIN | POLLERR, + } + }; + + timeout_env = getenv("LOGTEE_TIMEOUT_MS"); + if (timeout_env) + timeout = atoi(timeout_env); + else + timeout = -1; + + if (argc != 2) { + fprintf(stderr, "Usage: %s <file>\n", argv[0]); + exit(EXIT_FAILURE); + } + + fd = open(argv[1], O_WRONLY | O_CREAT | O_TRUNC | O_NONBLOCK, 0644); + if (fd == -1) { + perror("open"); + exit(EXIT_FAILURE); + } + + fprintf(stderr, "Logging to %s: ", argv[1]); + + slen = 0; + + do { + ret = poll(fds, sizeof(fds) / sizeof(fds[0]), timeout); + if (ret == 0) { + fprintf(stderr, "Timed out after %d milliseconds of no output.\n", timeout); + exit(EXIT_FAILURE); + } + len = splice(STDIN_FILENO, NULL, fd, NULL, BUFLEN, SPLICE_F_MOVE | SPLICE_F_NONBLOCK); + + if (len < 0) { + if (errno == EAGAIN) + continue; + perror("tee"); + exit(EXIT_FAILURE); + } else if (len == 0) + break; + slen += len; + if ((slen / BUFLEN) > 0) { + fprintf(stderr, "."); + } + slen = slen % BUFLEN; + + } while (1); + close(fd); + fprintf(stderr, "\n"); + exit(EXIT_SUCCESS); +} diff --git a/src/skipcpio/skipcpio.c b/src/skipcpio/skipcpio.c new file mode 100644 index 0000000..f66c186 --- /dev/null +++ b/src/skipcpio/skipcpio.c @@ -0,0 +1,207 @@ +/* skipcpio.c + + Copyright (C) 2012 Harald Hoyer + Copyright (C) 2012 Red Hat, Inc. All rights reserved. + + This program is free software: you can redistribute it and/or modify + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with this program; If not, see <http://www.gnu.org/licenses/>. +*/ + +#define PROGRAM_VERSION_STRING "1" + +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif + +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#define CPIO_MAGIC "070701" +#define CPIO_MAGIC_LEN (sizeof(CPIO_MAGIC) - 1) + +#define CPIO_END "TRAILER!!!" +#define CPIO_ENDLEN (sizeof(CPIO_END) - 1) + +#define CPIO_ALIGNMENT 4 + +#define ALIGN_UP(n, a) (((n) + (a) - 1) & (~((a) - 1))) + +#define pr_err(fmt, ...) \ + fprintf(stderr, "ERROR: %s:%d:%s(): " fmt, __FILE__, __LINE__, \ + __func__, ##__VA_ARGS__) + +struct cpio_header { + char c_magic[CPIO_MAGIC_LEN]; + char c_ino[8]; + char c_mode[8]; + char c_uid[8]; + char c_gid[8]; + char c_nlink[8]; + char c_mtime[8]; + char c_filesize[8]; + char c_dev_maj[8]; + char c_dev_min[8]; + char c_rdev_maj[8]; + char c_rdev_min[8]; + char c_namesize[8]; + char c_chksum[8]; +} __attribute__((packed)); + +struct buf_struct { + struct cpio_header h; + char filename[CPIO_ENDLEN]; +} __attribute__((packed)); + +union buf_union { + struct buf_struct cpio; + char copy_buffer[2048]; +}; + +static union buf_union buf; + +int main(int argc, char **argv) +{ + size_t s; + long pos = 0; + FILE *f = NULL; + char *fname = NULL; + int ret = EXIT_FAILURE; + unsigned long filesize; + unsigned long filename_length; + + if (argc != 2) { + fprintf(stderr, "Usage: %s <file>\n", argv[0]); + goto end; + } + + fname = argv[1]; + f = fopen(fname, "r"); + if (f == NULL) { + pr_err("Cannot open file '%s'\n", fname); + goto end; + } + + if ((fread(&buf.cpio, sizeof(buf.cpio), 1, f) != 1) || + ferror(f)) { + pr_err("Read error from file '%s'\n", fname); + goto end; + } + + if (fseek(f, 0, SEEK_SET)) { + pr_err("fseek error on file '%s'\n", fname); + goto end; + } + + /* check, if this is a cpio archive */ + if (memcmp(buf.cpio.h.c_magic, CPIO_MAGIC, CPIO_MAGIC_LEN)) { + goto cat_rest; + } + + do { + // zero string, spilling into next unused field, to use strtol + buf.cpio.h.c_chksum[0] = 0; + filename_length = strtoul(buf.cpio.h.c_namesize, NULL, 16); + pos = ALIGN_UP(pos + sizeof(struct cpio_header) + filename_length, CPIO_ALIGNMENT); + + // zero string, spilling into next unused field, to use strtol + buf.cpio.h.c_dev_maj[0] = 0; + filesize = strtoul(buf.cpio.h.c_filesize, NULL, 16); + pos = ALIGN_UP(pos + filesize, CPIO_ALIGNMENT); + + if (filename_length == (CPIO_ENDLEN + 1) + && strncmp(buf.cpio.filename, CPIO_END, CPIO_ENDLEN) == 0) { + if (fseek(f, pos, SEEK_SET)) { + pr_err("fseek\n"); + goto end; + } + break; + } + + if (fseek(f, pos, SEEK_SET)) { + pr_err("fseek\n"); + goto end; + } + + if ((fread(&buf.cpio, sizeof(buf.cpio), 1, f) != 1) || + ferror(f)) { + pr_err("fread\n"); + goto end; + } + + if (memcmp(buf.cpio.h.c_magic, CPIO_MAGIC, CPIO_MAGIC_LEN)) { + pr_err("Corrupt CPIO archive!\n"); + goto end; + } + } while (!feof(f)); + + if (feof(f)) { + /* CPIO_END not found, just cat the whole file */ + if (fseek(f, 0, SEEK_SET)) { + pr_err("fseek\n"); + goto end; + } + } else { + /* skip zeros */ + do { + size_t i; + + s = fread(buf.copy_buffer, 1, sizeof(buf.copy_buffer) - 1, f); + if (ferror(f)) { + pr_err("fread\n"); + goto end; + } + + for (i = 0; (i < s) && (buf.copy_buffer[i] == 0); i++) ; + + if (buf.copy_buffer[i]) { + pos += i; + + if (fseek(f, pos, SEEK_SET)) { + pr_err("fseek\n"); + goto end; + } + break; + } + + pos += s; + } while (!feof(f)); + } + +cat_rest: + /* cat out the rest */ + while (!feof(f)) { + s = fread(buf.copy_buffer, 1, sizeof(buf.copy_buffer), f); + if (ferror(f)) { + pr_err("fread\n"); + goto end; + } + + errno = 0; + if (fwrite(buf.copy_buffer, 1, s, stdout) != s) { + if (errno != EPIPE) + pr_err("fwrite\n"); + goto end; + } + } + + ret = EXIT_SUCCESS; + +end: + if (f) { + fclose(f); + } + + return ret; +} diff --git a/src/util/CMakeLists.txt b/src/util/CMakeLists.txt new file mode 100644 index 0000000..ab380d2 --- /dev/null +++ b/src/util/CMakeLists.txt @@ -0,0 +1,6 @@ +cmake_minimum_required(VERSION 3.17) +project(dracut-util C) + +set(CMAKE_C_STANDARD 99) + +add_executable(dracut-util util.c) diff --git a/src/util/util.c b/src/util/util.c new file mode 100644 index 0000000..b3498df --- /dev/null +++ b/src/util/util.c @@ -0,0 +1,306 @@ +// SPDX-License-Identifier: GPL-2.0 + +// Parts are copied from the linux kernel + +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <stdbool.h> + +// CODE FROM LINUX KERNEL START + +#define _U 0x01 /* upper */ +#define _L 0x02 /* lower */ +#define _D 0x04 /* digit */ +#define _C 0x08 /* cntrl */ +#define _P 0x10 /* punct */ +#define _S 0x20 /* white space (space/lf/tab) */ +#define _X 0x40 /* hex digit */ +#define _SP 0x80 /* hard space (0x20) */ + +const unsigned char _ctype[] = { + _C, _C, _C, _C, _C, _C, _C, _C, /* 0-7 */ + _C, _C | _S, _C | _S, _C | _S, _C | _S, _C | _S, _C, _C, /* 8-15 */ + _C, _C, _C, _C, _C, _C, _C, _C, /* 16-23 */ + _C, _C, _C, _C, _C, _C, _C, _C, /* 24-31 */ + _S | _SP, _P, _P, _P, _P, _P, _P, _P, /* 32-39 */ + _P, _P, _P, _P, _P, _P, _P, _P, /* 40-47 */ + _D, _D, _D, _D, _D, _D, _D, _D, /* 48-55 */ + _D, _D, _P, _P, _P, _P, _P, _P, /* 56-63 */ + _P, _U | _X, _U | _X, _U | _X, _U | _X, _U | _X, _U | _X, _U, /* 64-71 */ + _U, _U, _U, _U, _U, _U, _U, _U, /* 72-79 */ + _U, _U, _U, _U, _U, _U, _U, _U, /* 80-87 */ + _U, _U, _U, _P, _P, _P, _P, _P, /* 88-95 */ + _P, _L | _X, _L | _X, _L | _X, _L | _X, _L | _X, _L | _X, _L, /* 96-103 */ + _L, _L, _L, _L, _L, _L, _L, _L, /* 104-111 */ + _L, _L, _L, _L, _L, _L, _L, _L, /* 112-119 */ + _L, _L, _L, _P, _P, _P, _P, _C, /* 120-127 */ + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 128-143 */ + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 144-159 */ + _S | _SP, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, /* 160-175 */ + _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, _P, /* 176-191 */ + _U, _U, _U, _U, _U, _U, _U, _U, _U, _U, _U, _U, _U, _U, _U, _U, /* 192-207 */ + _U, _U, _U, _U, _U, _U, _U, _P, _U, _U, _U, _U, _U, _U, _U, _L, /* 208-223 */ + _L, _L, _L, _L, _L, _L, _L, _L, _L, _L, _L, _L, _L, _L, _L, _L, /* 224-239 */ + _L, _L, _L, _L, _L, _L, _L, _P, _L, _L, _L, _L, _L, _L, _L, _L /* 240-255 */ +}; + +#define __ismask(x) (_ctype[(int)(unsigned char)(x)]) + +#define kernel_isspace(c) ((__ismask(c)&(_S)) != 0) + +static char *skip_spaces(const char *str) +{ + while (kernel_isspace(*str)) + ++str; + return (char *)str; +} + +/* + * Parse a string to get a param value pair. + * You can use " around spaces, but can't escape ". + * Hyphens and underscores equivalent in parameter names. + */ +static char *next_arg(char *args, char **param, char **val) +{ + unsigned int i, equals = 0; + int in_quote = 0, quoted = 0; + char *next; + + if (*args == '"') { + args++; + in_quote = 1; + quoted = 1; + } + + for (i = 0; args[i]; i++) { + if (kernel_isspace(args[i]) && !in_quote) + break; + if (equals == 0) { + if (args[i] == '=') + equals = i; + } + if (args[i] == '"') + in_quote = !in_quote; + } + + *param = args; + if (!equals) + *val = NULL; + else { + args[equals] = '\0'; + *val = args + equals + 1; + + /* Don't include quotes in value. */ + if (**val == '"') { + (*val)++; + if (args[i - 1] == '"') + args[i - 1] = '\0'; + } + } + if (quoted && args[i - 1] == '"') + args[i - 1] = '\0'; + + if (args[i]) { + args[i] = '\0'; + next = args + i + 1; + } else + next = args + i; + + /* Chew up trailing spaces. */ + return skip_spaces(next); +} + +// CODE FROM LINUX KERNEL STOP + +enum EXEC_MODE { + UNDEFINED, + GETARG, + GETARGS, +}; + +static void usage(enum EXEC_MODE enumExecMode, int ret, char *msg) +{ + switch (enumExecMode) { + case UNDEFINED: + fprintf(stderr, "ERROR: 'dracut-util' has to be called via a symlink to the tool name.\n"); + break; + case GETARG: + fprintf(stderr, "ERROR: %s\nUsage: dracut-getarg <KEY>[=[<VALUE>]]\n", msg); + break; + case GETARGS: + fprintf(stderr, "ERROR: %s\nUsage: dracut-getargs <KEY>[=]\n", msg); + break; + } + exit(ret); +} + +#define ARGV0_GETARG "dracut-getarg" +#define ARGV0_GETARGS "dracut-getargs" + +static enum EXEC_MODE get_mode(const char *argv_0) +{ + struct _mode_table { + enum EXEC_MODE mode; + const char *arg; + size_t arg_len; + const char *s_arg; + } modeTable[] = { + {GETARG, ARGV0_GETARG, sizeof(ARGV0_GETARG), "/" ARGV0_GETARG}, + {GETARGS, ARGV0_GETARGS, sizeof(ARGV0_GETARGS), "/" ARGV0_GETARGS}, + {UNDEFINED, NULL, 0, NULL} + }; + int i; + + size_t argv_0_len = strlen(argv_0); + + if (!argv_0_len) + return UNDEFINED; + + for (i = 0; modeTable[i].mode != UNDEFINED; i++) { + if (argv_0_len == (modeTable[i].arg_len - 1)) { + if (strncmp(argv_0, modeTable[i].arg, argv_0_len) == 0) { + return modeTable[i].mode; + } + } + + if (modeTable[i].arg_len > argv_0_len) + continue; + + if (strncmp(argv_0 + argv_0_len - modeTable[i].arg_len, modeTable[i].s_arg, modeTable[i].arg_len) == 0) + return modeTable[i].mode; + } + return UNDEFINED; +} + +static int getarg(int argc, char **argv) +{ + char *search_key; + char *search_value; + char *end_value = NULL; + bool bool_value = false; + char *cmdline = NULL; + + char *p = getenv("CMDLINE"); + if (p == NULL) { + usage(GETARG, EXIT_FAILURE, "CMDLINE env not set"); + } + cmdline = strdup(p); + + if (argc != 2) { + usage(GETARG, EXIT_FAILURE, "Number of arguments invalid"); + } + + search_key = argv[1]; + + search_value = strchr(argv[1], '='); + if (search_value != NULL) { + *search_value = 0; + search_value++; + if (*search_value == 0) + search_value = NULL; + } + + if (strlen(search_key) == 0) + usage(GETARG, EXIT_FAILURE, "search key undefined"); + + do { + char *key = NULL, *value = NULL; + cmdline = next_arg(cmdline, &key, &value); + if (strcmp(key, search_key) == 0) { + if (value) { + end_value = value; + bool_value = -1; + } else { + end_value = NULL; + bool_value = true; + } + } + } while (cmdline[0]); + + if (search_value) { + if (end_value && strcmp(end_value, search_value) == 0) { + return EXIT_SUCCESS; + } + return EXIT_FAILURE; + } + + if (end_value) { + // includes "=0" + puts(end_value); + return EXIT_SUCCESS; + } + + if (bool_value) { + return EXIT_SUCCESS; + } + + return EXIT_FAILURE; +} + +static int getargs(int argc, char **argv) +{ + char *search_key; + char *search_value; + bool found_value = false; + char *cmdline = NULL; + + char *p = getenv("CMDLINE"); + if (p == NULL) { + usage(GETARGS, EXIT_FAILURE, "CMDLINE env not set"); + } + cmdline = strdup(p); + + if (argc != 2) { + usage(GETARGS, EXIT_FAILURE, "Number of arguments invalid"); + } + + search_key = argv[1]; + + search_value = strchr(argv[1], '='); + if (search_value != NULL) { + *search_value = 0; + search_value++; + if (*search_value == 0) + search_value = NULL; + } + + if (strlen(search_key) == 0) + usage(GETARGS, EXIT_FAILURE, "search key undefined"); + + do { + char *key = NULL, *value = NULL; + cmdline = next_arg(cmdline, &key, &value); + if (strcmp(key, search_key) == 0) { + if (search_value) { + if (strcmp(value, search_value) == 0) { + printf("%s\n", value); + found_value = true; + } + } else { + if (value) { + printf("%s\n", value); + } else { + puts(key); + } + found_value = true; + } + } + } while (cmdline[0]); + return found_value ? EXIT_SUCCESS : EXIT_FAILURE; +} + +int main(int argc, char **argv) +{ + switch (get_mode(argv[0])) { + case UNDEFINED: + usage(UNDEFINED, EXIT_FAILURE, NULL); + break; + case GETARG: + return getarg(argc, argv); + case GETARGS: + return getargs(argc, argv); + } + + return EXIT_FAILURE; +} diff --git a/test/Makefile b/test/Makefile new file mode 100644 index 0000000..dfaa450 --- /dev/null +++ b/test/Makefile @@ -0,0 +1,23 @@ +.PHONY: all check clean $(wildcard TEST-??-*) + +$(wildcard TEST-??-*): + @[ "$(shell id -u)" = 0 ] || { echo "'check' must be run as root! Please use 'sudo'."; exit 1; } + @{ \ + [ -d $@ ] || exit 0; \ + [ -f $@/Makefile ] || exit 0; \ + if [ -n "$$TESTS" ]; then t=$${$@##TEST-}; t=$${t%%-*}; [ "$${TESTS#*$$t*}" != "$$TESTS" ] || exit 0; fi; \ + if [ -n "$$SKIP" ]; then t=$${$@##TEST-}; t=$${t%%-*}; [ "$${SKIP#*$$t*}" != "$$SKIP" ] && exit 0; fi; \ + $(MAKE) -C $@ all ; \ + } + +check: $(wildcard TEST-??-*) + +clean: + @for i in TEST-[0-9]*; do \ + [ -d $$i ] || continue ; \ + [ -f $$i/Makefile ] || continue ; \ + $(MAKE) -C $$i clean ; \ + done + +all: + diff --git a/test/Makefile.testdir b/test/Makefile.testdir new file mode 100644 index 0000000..e3b31b1 --- /dev/null +++ b/test/Makefile.testdir @@ -0,0 +1,10 @@ +.PHONY: all setup clean run + +all: + @V=$(V) testdir="$(realpath ../)" ./test.sh --all +setup: + @testdir="$(realpath ../)" ./test.sh --setup +clean: + @testdir="$(realpath ../)" ./test.sh --clean +run: + @testdir="$(realpath ../)" ./test.sh --run diff --git a/test/TEST-01-BASIC/Makefile b/test/TEST-01-BASIC/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-01-BASIC/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-01-BASIC/create-root.sh b/test/TEST-01-BASIC/create-root.sh new file mode 100755 index 0000000..633b11f --- /dev/null +++ b/test/TEST-01-BASIC/create-root.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex + +mkfs.ext4 -L ' rdinit=/bin/sh' /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-01-BASIC/test-init.sh b/test/TEST-01-BASIC/test-init.sh new file mode 100755 index 0000000..108e626 --- /dev/null +++ b/test/TEST-01-BASIC/test-init.sh @@ -0,0 +1,24 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-01-BASIC/test.sh b/test/TEST-01-BASIC/test.sh new file mode 100755 index 0000000..b3a8656 --- /dev/null +++ b/test/TEST-01-BASIC/test.sh @@ -0,0 +1,71 @@ +#!/bin/bash +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on a ext4 filesystem" + +# Uncomment this to debug failures +# DEBUGFAIL="rd.shell rd.break" + +test_run() { + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.img root + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -device i6300esb -watchdog-action poweroff \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot \"root=LABEL= rdinit=/bin/sh\" rw systemd.log_level=debug systemd.log_target=console rd.retry=3 rd.debug console=ttyS0,115200n81 rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + test_marker_check || return 1 +} + +test_setup() { + # Create what will eventually be our root filesystem onto an overlay + "$DRACUT" -l --keep --tmpdir "$TESTDIR" \ + -m "test-root" \ + -i ./test-init.sh /sbin/init \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" \ + --no-hostonly --no-hostonly-cmdline --nomdadmconf --nohardlink \ + -f "$TESTDIR"/initramfs.root "$KVERSION" || return 1 + mkdir -p "$TESTDIR"/overlay/source && mv "$TESTDIR"/dracut.*/initramfs/* "$TESTDIR"/overlay/source && rm -rf "$TESTDIR"/dracut.* + + # second, install the files needed to make the root filesystem + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "test-makeroot" \ + -I "mkfs.ext4" \ + -i ./create-root.sh /lib/dracut/hooks/initqueue/01-create-root.sh \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.img root 80 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -- "$TESTDIR"/marker.img + + # make sure --omit-drivers does not filter out drivers using regexp to test for an earlier regression (assuming there is no one letter linux kernel module needed to run the test) + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -a "test watchdog" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod i6300esb ib700wdt" \ + --omit-drivers 'a b c d e f g h i j k l m n o p q r s t u v w x y z' \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-02-SYSTEMD/Makefile b/test/TEST-02-SYSTEMD/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-02-SYSTEMD/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-02-SYSTEMD/create-root.sh b/test/TEST-02-SYSTEMD/create-root.sh new file mode 100755 index 0000000..c1fbe76 --- /dev/null +++ b/test/TEST-02-SYSTEMD/create-root.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +set -e + +udevadm settle +mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-02-SYSTEMD/systemd-analyze.sh b/test/TEST-02-SYSTEMD/systemd-analyze.sh new file mode 100755 index 0000000..55f8728 --- /dev/null +++ b/test/TEST-02-SYSTEMD/systemd-analyze.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +for i in \ + sysinit.target \ + basic.target \ + initrd-fs.target \ + initrd.target \ + initrd-switch-root.target \ + emergency.target \ + shutdown.target; do + if ! systemd-analyze verify "$i"; then + warn "systemd-analyze verify $i failed" + poweroff + fi +done diff --git a/test/TEST-02-SYSTEMD/test-init.sh b/test/TEST-02-SYSTEMD/test-init.sh new file mode 100755 index 0000000..108e626 --- /dev/null +++ b/test/TEST-02-SYSTEMD/test-init.sh @@ -0,0 +1,24 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-02-SYSTEMD/test.sh b/test/TEST-02-SYSTEMD/test.sh new file mode 100755 index 0000000..40d1b3e --- /dev/null +++ b/test/TEST-02-SYSTEMD/test.sh @@ -0,0 +1,76 @@ +#!/bin/bash +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on a ext4 filesystem" + +test_check() { + command -v systemctl &> /dev/null +} + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell=1 rd.break=pre-mount" +test_run() { + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.img root + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=LABEL=dracut rw loglevel=77 systemd.log_level=debug systemd.log_target=console rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 init=/sbin/init rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + test_marker_check || return 1 +} + +test_setup() { + # Create what will eventually be our root filesystem onto an overlay + "$DRACUT" -l --keep --tmpdir "$TESTDIR" \ + -m "test-root" \ + -i ./test-init.sh /sbin/init \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" \ + --no-hostonly --no-hostonly-cmdline --nomdadmconf --nohardlink \ + -f "$TESTDIR"/initramfs.root "$KVERSION" || return 1 + mkdir -p "$TESTDIR"/overlay/source && mv "$TESTDIR"/dracut.*/initramfs/* "$TESTDIR"/overlay/source && rm -rf "$TESTDIR"/dracut.* + + # second, install the files needed to make the root filesystem + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "test-makeroot" \ + -I "mkfs.ext4" \ + -i ./create-root.sh /lib/dracut/hooks/initqueue/01-create-root.sh \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.img root 80 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -- "$TESTDIR"/marker.img + + # systemd-analyze.sh calls man indirectly + # make the man command succeed always + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -a "test systemd" \ + -o "network kernel-network-modules" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + -i ./systemd-analyze.sh /lib/dracut/hooks/pre-pivot/00-systemd-analyze.sh \ + -i "/bin/true" "/usr/bin/man" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-03-USR-MOUNT/Makefile b/test/TEST-03-USR-MOUNT/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-03-USR-MOUNT/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-03-USR-MOUNT/create-root.sh b/test/TEST-03-USR-MOUNT/create-root.sh new file mode 100755 index 0000000..411fa99 --- /dev/null +++ b/test/TEST-03-USR-MOUNT/create-root.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +set -e + +udevadm settle +modprobe btrfs || : +mkfs.btrfs -L dracut /dev/disk/by-id/ata-disk_root +mkfs.btrfs -L dracutusr /dev/disk/by-id/ata-disk_usr +btrfs device scan /dev/disk/by-id/ata-disk_root +btrfs device scan /dev/disk/by-id/ata-disk_usr +mkdir -p /root +mount -t btrfs /dev/disk/by-id/ata-disk_root /root +[ -d /root/usr ] || mkdir -p /root/usr +mount -t btrfs /dev/disk/by-id/ata-disk_usr /root/usr +btrfs subvolume create /root/usr/usr +umount /root/usr +mount -t btrfs -o subvol=usr /dev/disk/by-id/ata-disk_usr /root/usr +cp -a -t /root /source/* +mkdir -p /root/run +btrfs filesystem sync /root/usr +btrfs filesystem sync /root +umount /root/usr +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-03-USR-MOUNT/fstab b/test/TEST-03-USR-MOUNT/fstab new file mode 100644 index 0000000..feac57a --- /dev/null +++ b/test/TEST-03-USR-MOUNT/fstab @@ -0,0 +1,2 @@ +/dev/disk/by-id/ata-disk_root / btrfs defaults 0 0 +/dev/disk/by-id/ata-disk_usr /usr btrfs subvol=usr,ro 0 0 diff --git a/test/TEST-03-USR-MOUNT/test-init.sh b/test/TEST-03-USR-MOUNT/test-init.sh new file mode 100755 index 0000000..108e626 --- /dev/null +++ b/test/TEST-03-USR-MOUNT/test-init.sh @@ -0,0 +1,24 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-03-USR-MOUNT/test.sh b/test/TEST-03-USR-MOUNT/test.sh new file mode 100755 index 0000000..69ffda3 --- /dev/null +++ b/test/TEST-03-USR-MOUNT/test.sh @@ -0,0 +1,96 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on a btrfs filesystem with /usr subvolume" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell rd.break" + +client_run() { + local test_name="$1" + shift + local client_opts="$*" + + echo "CLIENT TEST START: $test_name" + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.btrfs root + qemu_add_drive_args disk_index disk_args "$TESTDIR"/usr.btrfs usr + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -device i6300esb -watchdog-action poweroff \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=LABEL=dracut $client_opts loglevel=7 rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + if ! test_marker_check; then + echo "CLIENT TEST END: $test_name [FAILED]" + return 1 + fi + echo "CLIENT TEST END: $test_name [OK]" +} + +test_run() { + client_run "no option specified" || return 1 + client_run "readonly root" "ro" || return 1 + client_run "writeable root" "rw" || return 1 +} + +test_setup() { + # Create what will eventually be our root filesystem onto an overlay + "$DRACUT" -l --keep --tmpdir "$TESTDIR" \ + -m "test-root" \ + -i ./test-init.sh /sbin/init \ + -i ./fstab /etc/fstab \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" \ + --no-hostonly --no-hostonly-cmdline --nomdadmconf --nohardlink \ + -f "$TESTDIR"/initramfs.root "$KVERSION" || return 1 + mkdir -p "$TESTDIR"/overlay/source && mv "$TESTDIR"/dracut.*/initramfs/* "$TESTDIR"/overlay/source && rm -rf "$TESTDIR"/dracut.* + + # second, install the files needed to make the root filesystem + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "test-makeroot" \ + -I "mkfs.btrfs" \ + -i ./create-root.sh /lib/dracut/hooks/initqueue/01-create-root.sh \ + --nomdadmconf \ + --nohardlink \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + # Create the blank file to use as a root filesystem + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.btrfs root 160 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/usr.btrfs usr 160 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=btrfs quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + + if ! test_marker_check dracut-root-block-created; then + echo "Could not create root filesystem" + return 1 + fi + + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -a "test watchdog" \ + -o "network kernel-network-modules" \ + -d "piix ide-gd_mod ata_piix btrfs sd_mod i6300esb ib700wdt" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-04-FULL-SYSTEMD/Makefile b/test/TEST-04-FULL-SYSTEMD/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-04-FULL-SYSTEMD/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-04-FULL-SYSTEMD/create-root.sh b/test/TEST-04-FULL-SYSTEMD/create-root.sh new file mode 100755 index 0000000..411fa99 --- /dev/null +++ b/test/TEST-04-FULL-SYSTEMD/create-root.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +set -e + +udevadm settle +modprobe btrfs || : +mkfs.btrfs -L dracut /dev/disk/by-id/ata-disk_root +mkfs.btrfs -L dracutusr /dev/disk/by-id/ata-disk_usr +btrfs device scan /dev/disk/by-id/ata-disk_root +btrfs device scan /dev/disk/by-id/ata-disk_usr +mkdir -p /root +mount -t btrfs /dev/disk/by-id/ata-disk_root /root +[ -d /root/usr ] || mkdir -p /root/usr +mount -t btrfs /dev/disk/by-id/ata-disk_usr /root/usr +btrfs subvolume create /root/usr/usr +umount /root/usr +mount -t btrfs -o subvol=usr /dev/disk/by-id/ata-disk_usr /root/usr +cp -a -t /root /source/* +mkdir -p /root/run +btrfs filesystem sync /root/usr +btrfs filesystem sync /root +umount /root/usr +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-04-FULL-SYSTEMD/fstab b/test/TEST-04-FULL-SYSTEMD/fstab new file mode 100644 index 0000000..feac57a --- /dev/null +++ b/test/TEST-04-FULL-SYSTEMD/fstab @@ -0,0 +1,2 @@ +/dev/disk/by-id/ata-disk_root / btrfs defaults 0 0 +/dev/disk/by-id/ata-disk_usr /usr btrfs subvol=usr,ro 0 0 diff --git a/test/TEST-04-FULL-SYSTEMD/test-init.sh b/test/TEST-04-FULL-SYSTEMD/test-init.sh new file mode 100755 index 0000000..b7261b5 --- /dev/null +++ b/test/TEST-04-FULL-SYSTEMD/test-init.sh @@ -0,0 +1,41 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +systemctl --failed --no-legend --no-pager > /failed + +if ! ismounted /usr; then + echo "**************************FAILED**************************" + echo "/usr not mounted!!" + cat /proc/mounts + echo "**************************FAILED**************************" +else + if [ -s /failed ]; then + echo "**************************FAILED**************************" + cat /failed + echo "**************************FAILED**************************" + + else + echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + echo "All OK" + fi +fi + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +systemctl --no-block poweroff +exit 0 diff --git a/test/TEST-04-FULL-SYSTEMD/test.sh b/test/TEST-04-FULL-SYSTEMD/test.sh new file mode 100755 index 0000000..160104f --- /dev/null +++ b/test/TEST-04-FULL-SYSTEMD/test.sh @@ -0,0 +1,163 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="Full systemd serialization/deserialization test with /usr mount" + +test_check() { + command -v systemctl &> /dev/null +} + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell rd.break" +#DEBUGOUT="quiet systemd.log_level=debug systemd.log_target=console loglevel=77 rd.info rd.debug" +DEBUGOUT="loglevel=0 " +client_run() { + local test_name="$1" + shift + local client_opts="$*" + + echo "CLIENT TEST START: $test_name" + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.btrfs root + qemu_add_drive_args disk_index disk_args "$TESTDIR"/usr.btrfs usr + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "systemd.unit=testsuite.target systemd.mask=systemd-firstboot panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=LABEL=dracut $client_opts rd.retry=3 console=ttyS0,115200n81 selinux=0 $DEBUGOUT rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + if ! test_marker_check; then + echo "CLIENT TEST END: $test_name [FAILED]" + return 1 + fi + echo "CLIENT TEST END: $test_name [OK]" + +} + +test_run() { + client_run "no option specified" || return 1 + client_run "readonly root" "ro" || return 1 + client_run "writeable root" "rw" || return 1 + return 0 +} + +test_setup() { + # shellcheck disable=SC2064 + trap "$(shopt -p globstar)" RETURN + shopt -q -s globstar + + # Create what will eventually be our root filesystem onto an overlay + "$DRACUT" -l --keep --tmpdir "$TESTDIR" \ + -m "test-root dbus" \ + -I "ldconfig" \ + -i ./test-init.sh /sbin/test-init \ + -i ./fstab /etc/fstab \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" \ + --no-hostonly --no-hostonly-cmdline --nomdadmconf --nohardlink \ + -f "$TESTDIR"/initramfs.root "$KVERSION" || return 1 + + mkdir -p "$TESTDIR"/overlay/source && cp -a "$TESTDIR"/dracut.*/initramfs/* "$TESTDIR"/overlay/source && rm -rf "$TESTDIR"/dracut.* && export initdir=$TESTDIR/overlay/source + + if type -P rpm &> /dev/null; then + rpm -ql systemd | xargs -r "$PKGLIBDIR"/dracut-install ${initdir:+-D "$initdir"} -o -a -l + elif type -P dpkg &> /dev/null; then + dpkg -L systemd | xargs -r "$PKGLIBDIR"/dracut-install ${initdir:+-D "$initdir"} -o -a -l + elif type -P pacman &> /dev/null; then + pacman -Q -l systemd | while read -r _ a; do printf -- "%s\0" "$a"; done | xargs -0 -r "$PKGLIBDIR"/dracut-install ${initdir:+-D "$initdir"} -o -a -l + else + echo "Can't install systemd base" + return 1 + fi + + # softlink mtab + ln -fs /proc/self/mounts "$initdir"/etc/mtab + + # install any Execs from the service files + grep -Eho '^Exec[^ ]*=[^ ]+' "$initdir"{,/usr}/lib/systemd/system/*.service \ + | while read -r i || [ -n "$i" ]; do + i=${i##Exec*=} + i=${i##-} + "$PKGLIBDIR"/dracut-install ${initdir:+-D "$initdir"} -o -a -l "$i" + done + + # setup the testsuite target + mkdir -p "$initdir"/etc/systemd/system + cat > "$initdir"/etc/systemd/system/testsuite.target << EOF +[Unit] +Description=Testsuite target +Requires=basic.target +After=basic.target +Conflicts=rescue.target +AllowIsolate=yes +EOF + + # setup the testsuite service + cat > "$initdir"/etc/systemd/system/testsuite.service << EOF +[Unit] +Description=Testsuite service +After=basic.target + +[Service] +ExecStart=/sbin/test-init +Type=oneshot +StandardInput=tty +StandardOutput=tty +EOF + + mkdir -p "$initdir"/etc/systemd/system/testsuite.target.wants + ln -fs ../testsuite.service "$initdir"/etc/systemd/system/testsuite.target.wants/testsuite.service + + # second, install the files needed to make the root filesystem + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "test-makeroot bash btrfs" \ + -I "mkfs.btrfs" \ + -i ./create-root.sh /lib/dracut/hooks/initqueue/01-create-root.sh \ + --nomdadmconf \ + --nohardlink \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay/* + + # Create the blank file to use as a root filesystem + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.btrfs root 160 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/usr.btrfs usr 160 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw rootfstype=btrfs quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + + if ! test_marker_check dracut-root-block-created; then + echo "Could not create root filesystem" + return 1 + fi + + [ -e /etc/machine-id ] && EXTRA_MACHINE="/etc/machine-id" + [ -e /etc/machine-info ] && EXTRA_MACHINE+=" /etc/machine-info" + + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -a "test systemd i18n qemu" \ + ${EXTRA_MACHINE:+-I "$EXTRA_MACHINE"} \ + -o "network plymouth lvm mdraid resume crypt caps dm terminfo usrmount kernel-network-modules rngd" \ + -d "piix ide-gd_mod ata_piix btrfs sd_mod i6300esb ib700wdt" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 + + rm -rf -- "$TESTDIR"/overlay +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-10-RAID/Makefile b/test/TEST-10-RAID/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-10-RAID/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-10-RAID/create-root.sh b/test/TEST-10-RAID/create-root.sh new file mode 100755 index 0000000..05dec0f --- /dev/null +++ b/test/TEST-10-RAID/create-root.sh @@ -0,0 +1,47 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle +set -ex +mdadm --create /dev/md0 --run --auto=yes --level=5 --raid-devices=3 /dev/disk/by-id/ata-disk_raid[123] +# wait for the array to finish initializing, otherwise this sometimes fails +# randomly. +mdadm -W /dev/md0 || : +printf test > keyfile +cryptsetup -q luksFormat /dev/md0 /keyfile +echo "The passphrase is test" +cryptsetup luksOpen /dev/md0 dracut_crypt_test < /keyfile +lvm pvcreate -ff -y /dev/mapper/dracut_crypt_test +lvm vgcreate dracut /dev/mapper/dracut_crypt_test +lvm lvcreate -l 100%FREE -n root dracut +lvm vgchange -ay +mkfs.ext4 -L root /dev/dracut/root +mkdir -p /sysroot +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +mkdir -p /sysroot/run +umount /sysroot +lvm lvchange -a n /dev/dracut/root +udevadm settle +cryptsetup luksClose /dev/mapper/dracut_crypt_test +udevadm settle +mdadm -W /dev/md0 || : +udevadm settle +mdadm --detail --export /dev/md0 | grep -F MD_UUID > /tmp/mduuid +. /tmp/mduuid +udevadm settle +eval "$(udevadm info --query=property --name=/dev/md0 | while read -r line || [ -n "$line" ]; do [ "$line" != "${line#*ID_FS_UUID*}" ] && echo "$line"; done)" +{ + echo "dracut-root-block-created" + echo MD_UUID="$MD_UUID" + echo "ID_FS_UUID=$ID_FS_UUID" +} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-10-RAID/cryptroot-ask.sh b/test/TEST-10-RAID/cryptroot-ask.sh new file mode 100755 index 0000000..7e956b3 --- /dev/null +++ b/test/TEST-10-RAID/cryptroot-ask.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +[ -b "/dev/mapper/$2" ] && exit 0 +printf test > /keyfile +/sbin/cryptsetup luksOpen "$1" "$2" < /keyfile diff --git a/test/TEST-10-RAID/finished-false.sh b/test/TEST-10-RAID/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-10-RAID/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-10-RAID/hard-off.sh b/test/TEST-10-RAID/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-10-RAID/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-10-RAID/test-init.sh b/test/TEST-10-RAID/test-init.sh new file mode 100755 index 0000000..108e626 --- /dev/null +++ b/test/TEST-10-RAID/test-init.sh @@ -0,0 +1,24 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-10-RAID/test.sh b/test/TEST-10-RAID/test.sh new file mode 100755 index 0000000..15cbf56 --- /dev/null +++ b/test/TEST-10-RAID/test.sh @@ -0,0 +1,124 @@ +#!/bin/bash +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on an encrypted LVM PV on a RAID-5" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell rd.udev.log-priority=debug loglevel=70 systemd.log_target=kmsg" +#DEBUGFAIL="rd.break rd.shell rd.debug debug" +test_run() { + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-1.img raid1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-2.img raid2 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-3.img raid3 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=/dev/dracut/root rd.auto rw rd.retry=10 console=ttyS0,115200n81 selinux=0 rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + test_marker_check || return 1 +} + +test_setup() { + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc var/run tmp + mkdir -p root usr/bin usr/lib usr/lib64 usr/sbin + ) + inst_multiple sh df free ls shutdown poweroff stty cat ps ln \ + mount dmesg mkdir cp dd sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst_simple /etc/os-release + inst ./test-init.sh /sbin/init + inst_multiple grep + inst_multiple -o /lib/systemd/systemd-shutdown + find_binary plymouth > /dev/null && inst_multiple plymouth + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount dd sync grep + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash crypt lvm mdraid kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + # Create the blank files to use as a root filesystem + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-1.img raid1 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-2.img raid2 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-3.img raid3 40 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/cannotreach rw rootfstype=ext4 console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + eval "$(grep -F -a -m 1 ID_FS_UUID "$TESTDIR"/marker.img)" + + ( + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown dd + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + inst ./cryptroot-ask.sh /sbin/cryptroot-ask + mkdir -p "$initdir"/etc + echo "testluks UUID=$ID_FS_UUID /etc/key" > "$initdir"/etc/crypttab + #echo "luks-$ID_FS_UUID /dev/md0 none" > $initdir/etc/crypttab + echo -n "test" > "$initdir"/etc/key + ) + + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth network kernel-network-modules" \ + -a "debug" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-11-LVM/Makefile b/test/TEST-11-LVM/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-11-LVM/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-11-LVM/create-root.sh b/test/TEST-11-LVM/create-root.sh new file mode 100755 index 0000000..015bfe7 --- /dev/null +++ b/test/TEST-11-LVM/create-root.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex +for dev in /dev/disk/by-id/ata-disk_disk[123]; do + lvm pvcreate -ff -y "$dev" +done + +lvm vgcreate dracut /dev/disk/by-id/ata-disk_disk[123] +lvm lvcreate -l 100%FREE -n root dracut +lvm vgchange -ay +mkfs.ext4 /dev/dracut/root +mkdir -p /sysroot +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +lvm lvchange -a n /dev/dracut/root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-11-LVM/finished-false.sh b/test/TEST-11-LVM/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-11-LVM/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-11-LVM/hard-off.sh b/test/TEST-11-LVM/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-11-LVM/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-11-LVM/test-init.sh b/test/TEST-11-LVM/test-init.sh new file mode 100755 index 0000000..108e626 --- /dev/null +++ b/test/TEST-11-LVM/test-init.sh @@ -0,0 +1,24 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-11-LVM/test.sh b/test/TEST-11-LVM/test.sh new file mode 100755 index 0000000..2782810 --- /dev/null +++ b/test/TEST-11-LVM/test.sh @@ -0,0 +1,117 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on LVM PV" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.break rd.shell" + +test_run() { + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-1.img disk1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-2.img disk2 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-3.img disk3 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=/dev/dracut/root rw rd.auto=1 quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + test_marker_check || return 1 +} + +test_setup() { + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc var/run tmp + mkdir -p root usr/bin usr/lib usr/lib64 usr/sbin + ) + inst_multiple sh df free ls shutdown poweroff stty cat ps ln \ + mount dmesg mkdir cp dd sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst_multiple grep + inst_simple /etc/os-release + inst ./test-init.sh /sbin/init + find_binary plymouth > /dev/null && inst_multiple plymouth + cp -a /etc/ld.so.conf* "$initdir"/etc + mkdir -p "$initdir"/run + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount dd sync + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash lvm mdraid kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + # Create the blank files to use as a root filesystem + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-1.img disk1 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-2.img disk2 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-3.img disk3 40 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + + ( + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown dd + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + ) + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth network kernel-network-modules" \ + -a "debug" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-12-RAID-DEG/Makefile b/test/TEST-12-RAID-DEG/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-12-RAID-DEG/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-12-RAID-DEG/create-root.sh b/test/TEST-12-RAID-DEG/create-root.sh new file mode 100755 index 0000000..05dec0f --- /dev/null +++ b/test/TEST-12-RAID-DEG/create-root.sh @@ -0,0 +1,47 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle +set -ex +mdadm --create /dev/md0 --run --auto=yes --level=5 --raid-devices=3 /dev/disk/by-id/ata-disk_raid[123] +# wait for the array to finish initializing, otherwise this sometimes fails +# randomly. +mdadm -W /dev/md0 || : +printf test > keyfile +cryptsetup -q luksFormat /dev/md0 /keyfile +echo "The passphrase is test" +cryptsetup luksOpen /dev/md0 dracut_crypt_test < /keyfile +lvm pvcreate -ff -y /dev/mapper/dracut_crypt_test +lvm vgcreate dracut /dev/mapper/dracut_crypt_test +lvm lvcreate -l 100%FREE -n root dracut +lvm vgchange -ay +mkfs.ext4 -L root /dev/dracut/root +mkdir -p /sysroot +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +mkdir -p /sysroot/run +umount /sysroot +lvm lvchange -a n /dev/dracut/root +udevadm settle +cryptsetup luksClose /dev/mapper/dracut_crypt_test +udevadm settle +mdadm -W /dev/md0 || : +udevadm settle +mdadm --detail --export /dev/md0 | grep -F MD_UUID > /tmp/mduuid +. /tmp/mduuid +udevadm settle +eval "$(udevadm info --query=property --name=/dev/md0 | while read -r line || [ -n "$line" ]; do [ "$line" != "${line#*ID_FS_UUID*}" ] && echo "$line"; done)" +{ + echo "dracut-root-block-created" + echo MD_UUID="$MD_UUID" + echo "ID_FS_UUID=$ID_FS_UUID" +} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-12-RAID-DEG/cryptroot-ask.sh b/test/TEST-12-RAID-DEG/cryptroot-ask.sh new file mode 100755 index 0000000..a6b7ac7 --- /dev/null +++ b/test/TEST-12-RAID-DEG/cryptroot-ask.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +[ -b /dev/mapper/"$2" ] && exit 0 +printf test > /keyfile +/sbin/cryptsetup luksOpen "$1" "$2" < /keyfile diff --git a/test/TEST-12-RAID-DEG/finished-false.sh b/test/TEST-12-RAID-DEG/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-12-RAID-DEG/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-12-RAID-DEG/hard-off.sh b/test/TEST-12-RAID-DEG/hard-off.sh new file mode 100755 index 0000000..8179d57 --- /dev/null +++ b/test/TEST-12-RAID-DEG/hard-off.sh @@ -0,0 +1,4 @@ +#!/bin/sh +sleep 5 +getargbool 0 rd.shell || poweroff -f +! getargbool 0 rd.break && getargbool 0 failme && poweroff -f diff --git a/test/TEST-12-RAID-DEG/test-init.sh b/test/TEST-12-RAID-DEG/test-init.sh new file mode 100755 index 0000000..a5360ef --- /dev/null +++ b/test/TEST-12-RAID-DEG/test-init.sh @@ -0,0 +1,27 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +if [ -d /run/initramfs/etc ]; then + echo " rd.debug=0 " >> /run/initramfs/etc/cmdline +fi +poweroff -f diff --git a/test/TEST-12-RAID-DEG/test.sh b/test/TEST-12-RAID-DEG/test.sh new file mode 100755 index 0000000..da5177b --- /dev/null +++ b/test/TEST-12-RAID-DEG/test.sh @@ -0,0 +1,160 @@ +#!/bin/bash +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on an encrypted LVM PV on a degraded RAID-5" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell rd.break rd.debug" +#DEBUGFAIL="rd.shell rd.break=pre-mount udev.log-priority=debug" +#DEBUGFAIL="rd.shell rd.udev.log-priority=debug loglevel=70 systemd.log_target=kmsg" +#DEBUGFAIL="rd.shell loglevel=70 systemd.log_target=kmsg" + +client_run() { + echo "CLIENT TEST START: $*" + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + # degrade the RAID + # qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-1.img raid1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-2.img raid2 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-3.img raid3 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot $* systemd.log_target=kmsg root=LABEL=root rw rd.retry=10 rd.info console=ttyS0,115200n81 log_buf_len=2M selinux=0 rd.shell=0 $DEBUGFAIL " \ + -initrd "$TESTDIR"/initramfs.testing + + if ! test_marker_check; then + echo "CLIENT TEST END: $* [FAIL]" + return 1 + fi + + echo "CLIENT TEST END: $* [OK]" + return 0 +} + +test_run() { + read -r LUKS_UUID < "$TESTDIR"/luksuuid + read -r MD_UUID < "$TESTDIR"/mduuid + + client_run failme && return 1 + client_run rd.auto || return 1 + + client_run rd.luks.uuid="$LUKS_UUID" rd.md.uuid="$MD_UUID" rd.md.conf=0 rd.lvm.vg=dracut || return 1 + + client_run rd.luks.uuid="$LUKS_UUID" rd.md.uuid=failme rd.md.conf=0 rd.lvm.vg=dracut failme && return 1 + + client_run rd.luks.uuid="$LUKS_UUID" rd.md.uuid="$MD_UUID" rd.lvm=0 failme && return 1 + client_run rd.luks.uuid="$LUKS_UUID" rd.md.uuid="$MD_UUID" rd.lvm=0 rd.auto=1 failme && return 1 + client_run rd.luks.uuid="$LUKS_UUID" rd.md.uuid="$MD_UUID" rd.lvm.vg=failme failme && return 1 + client_run rd.luks.uuid="$LUKS_UUID" rd.md.uuid="$MD_UUID" rd.lvm.vg=dracut || return 1 + client_run rd.luks.uuid="$LUKS_UUID" rd.md.uuid="$MD_UUID" rd.lvm.lv=dracut/failme failme && return 1 + client_run rd.luks.uuid="$LUKS_UUID" rd.md.uuid="$MD_UUID" rd.lvm.lv=dracut/root || return 1 + + return 0 +} + +test_setup() { + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc var/run tmp + mkdir -p root usr/bin usr/lib usr/lib64 usr/sbin + ) + inst_multiple sh df free ls shutdown poweroff stty cat ps ln \ + mount dmesg mkdir cp dd sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst_multiple grep + inst_simple /etc/os-release + inst ./test-init.sh /sbin/init + find_binary plymouth > /dev/null && inst_multiple plymouth + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount dd grep sync + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash crypt lvm mdraid kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + # Create the blank files to use as a root filesystem + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-1.img raid1 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-2.img raid2 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-3.img raid3 40 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + + test_marker_check dracut-root-block-created || return 1 + eval "$(grep -F --binary-files=text -m 1 MD_UUID "$TESTDIR"/marker.img)" + eval "$(grep -F -a -m 1 ID_FS_UUID "$TESTDIR"/marker.img)" + echo "$ID_FS_UUID" > "$TESTDIR"/luksuuid + eval "$(grep -F --binary-files=text -m 1 MD_UUID "$TESTDIR"/marker.img)" + echo "$MD_UUID" > "$TESTDIR"/mduuid + + ( + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown dd + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + inst ./cryptroot-ask.sh /sbin/cryptroot-ask + mkdir -p "$initdir"/etc + echo "ARRAY /dev/md0 level=raid5 num-devices=3 UUID=$MD_UUID" > "$initdir"/etc/mdadm.conf + echo "luks-$ID_FS_UUID UUID=$ID_FS_UUID /etc/key" > "$initdir"/etc/crypttab + echo -n test > "$initdir"/etc/key + chmod 0600 "$initdir"/etc/key + ) + + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth network kernel-network-modules" \ + -a "debug" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-13-ENC-RAID-LVM/Makefile b/test/TEST-13-ENC-RAID-LVM/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-13-ENC-RAID-LVM/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-13-ENC-RAID-LVM/create-root.sh b/test/TEST-13-ENC-RAID-LVM/create-root.sh new file mode 100755 index 0000000..b681e6b --- /dev/null +++ b/test/TEST-13-ENC-RAID-LVM/create-root.sh @@ -0,0 +1,50 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +set -x +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex +printf test > keyfile +cryptsetup -q luksFormat /dev/disk/by-id/ata-disk_disk1 /keyfile +cryptsetup -q luksFormat /dev/disk/by-id/ata-disk_disk2 /keyfile +cryptsetup -q luksFormat /dev/disk/by-id/ata-disk_disk3 /keyfile +cryptsetup luksOpen /dev/disk/by-id/ata-disk_disk1 dracut_disk1 < /keyfile +cryptsetup luksOpen /dev/disk/by-id/ata-disk_disk2 dracut_disk2 < /keyfile +cryptsetup luksOpen /dev/disk/by-id/ata-disk_disk3 dracut_disk3 < /keyfile +mdadm --create /dev/md0 --run --auto=yes --level=5 --raid-devices=3 /dev/mapper/dracut_disk1 /dev/mapper/dracut_disk2 /dev/mapper/dracut_disk3 +# wait for the array to finish initializing, otherwise this sometimes fails +# randomly. +mdadm -W /dev/md0 +lvm pvcreate -ff -y /dev/md0 +lvm vgcreate dracut /dev/md0 + +lvm lvcreate -l 100%FREE -n root dracut +lvm vgchange -ay +mkfs.ext4 /dev/dracut/root +mkdir -p /sysroot +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +lvm lvchange -a n /dev/dracut/root +mdadm -W /dev/md0 || : +mdadm --stop /dev/md0 +cryptsetup luksClose /dev/mapper/dracut_disk1 +cryptsetup luksClose /dev/mapper/dracut_disk2 +cryptsetup luksClose /dev/mapper/dracut_disk3 + +{ + echo "dracut-root-block-created" + for i in /dev/disk/by-id/ata-disk_disk[123]; do + udevadm info --query=property --name="$i" | grep -F 'ID_FS_UUID=' + done +} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-13-ENC-RAID-LVM/cryptroot-ask.sh b/test/TEST-13-ENC-RAID-LVM/cryptroot-ask.sh new file mode 100755 index 0000000..a6b7ac7 --- /dev/null +++ b/test/TEST-13-ENC-RAID-LVM/cryptroot-ask.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +[ -b /dev/mapper/"$2" ] && exit 0 +printf test > /keyfile +/sbin/cryptsetup luksOpen "$1" "$2" < /keyfile diff --git a/test/TEST-13-ENC-RAID-LVM/finished-false.sh b/test/TEST-13-ENC-RAID-LVM/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-13-ENC-RAID-LVM/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-13-ENC-RAID-LVM/hard-off.sh b/test/TEST-13-ENC-RAID-LVM/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-13-ENC-RAID-LVM/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-13-ENC-RAID-LVM/test-init.sh b/test/TEST-13-ENC-RAID-LVM/test-init.sh new file mode 100755 index 0000000..a5360ef --- /dev/null +++ b/test/TEST-13-ENC-RAID-LVM/test-init.sh @@ -0,0 +1,27 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +if [ -d /run/initramfs/etc ]; then + echo " rd.debug=0 " >> /run/initramfs/etc/cmdline +fi +poweroff -f diff --git a/test/TEST-13-ENC-RAID-LVM/test.sh b/test/TEST-13-ENC-RAID-LVM/test.sh new file mode 100755 index 0000000..fe79223 --- /dev/null +++ b/test/TEST-13-ENC-RAID-LVM/test.sh @@ -0,0 +1,158 @@ +#!/bin/bash +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on LVM on encrypted partitions of a RAID-5" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell rd.break" # udev.log-priority=debug +#DEBUGFAIL="rd.shell rd.udev.log-priority=debug loglevel=70 systemd.log_target=kmsg systemd.log_target=debug" +#DEBUGFAIL="rd.shell loglevel=70 systemd.log_target=kmsg systemd.log_target=debug" + +test_run() { + LUKSARGS=$(cat "$TESTDIR"/luks.txt) + + echo "CLIENT TEST START: $LUKSARGS" + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-1.img disk1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-2.img disk2 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-3.img disk3 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=/dev/dracut/root rw rd.auto rd.retry=20 console=ttyS0,115200n81 selinux=0 rd.debug rootwait $LUKSARGS rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing + test_marker_check || return 1 + echo "CLIENT TEST END: [OK]" + + test_marker_reset + + echo "CLIENT TEST START: Any LUKS" + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=/dev/dracut/root rw quiet rd.auto rd.retry=20 rd.info console=ttyS0,115200n81 selinux=0 rd.debug $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing + test_marker_check || return 1 + echo "CLIENT TEST END: [OK]" + + test_marker_reset + + echo "CLIENT TEST START: Wrong LUKS UUID" + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=/dev/dracut/root rw quiet rd.auto rd.retry=10 rd.info console=ttyS0,115200n81 selinux=0 rd.debug $DEBUGFAIL rd.luks.uuid=failme" \ + -initrd "$TESTDIR"/initramfs.testing + test_marker_check && return 1 + echo "CLIENT TEST END: [OK]" + + return 0 +} + +test_setup() { + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc var/run tmp + mkdir -p root usr/bin usr/lib usr/lib64 usr/sbin + ) + inst_multiple sh df free ls shutdown poweroff stty cat ps ln \ + mount dmesg mkdir cp dd + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst_multiple grep + inst_simple /etc/os-release + inst ./test-init.sh /sbin/init + find_binary plymouth > /dev/null && inst_multiple plymouth + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount grep dd sync + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash crypt lvm mdraid kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + # Create the blank files to use as a root filesystem + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-1.img disk1 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-2.img disk2 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-3.img disk3 40 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + cryptoUUIDS=$(grep -F --binary-files=text -m 3 ID_FS_UUID "$TESTDIR"/marker.img) + for uuid in $cryptoUUIDS; do + eval "$uuid" + printf ' rd.luks.uuid=luks-%s ' "$ID_FS_UUID" + done > "$TESTDIR"/luks.txt + + ( + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown dd + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + inst ./cryptroot-ask.sh /sbin/cryptroot-ask + mkdir -p "$initdir"/etc + i=1 + for uuid in $cryptoUUIDS; do + eval "$uuid" + printf 'luks-%s /dev/disk/by-id/ata-disk_disk%s /etc/key timeout=0\n' "$ID_FS_UUID" $i + ((i += 1)) + done > "$initdir"/etc/crypttab + echo -n test > "$initdir"/etc/key + chmod 0600 "$initdir"/etc/key + ) + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth network kernel-network-modules" \ + -a "debug" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-14-IMSM/Makefile b/test/TEST-14-IMSM/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-14-IMSM/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-14-IMSM/create-root.sh b/test/TEST-14-IMSM/create-root.sh new file mode 100755 index 0000000..97d29d9 --- /dev/null +++ b/test/TEST-14-IMSM/create-root.sh @@ -0,0 +1,78 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 61-dmraid-imsm.rules 64-md-raid.rules 65-md-incremental-imsm.rules 65-md-incremental.rules 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + rm -f -- "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf + +udevadm control --reload +udevadm settle + +# dmraid does not want symlinks in --disk "..." +echo y | dmraid -f isw -C Test0 --type 1 --disk "$(realpath /dev/disk/by-id/ata-disk_disk1) $(realpath /dev/disk/by-id/ata-disk_disk2)" +udevadm settle + +SETS=$(dmraid -c -s) +# scan and activate all DM RAIDS +for s in $SETS; do + dmraid -ay -i -p --rm_partitions "$s" + [ -e "/dev/mapper/$s" ] && kpartx -a -p p "/dev/mapper/$s" +done + +udevadm settle +sleep 1 +udevadm settle + +sfdisk -g /dev/mapper/isw*Test0 +sfdisk --no-reread /dev/mapper/isw*Test0 << EOF +,4M +,28M +,28M +,28M +EOF + +set -x + +udevadm settle +dmraid -a n +udevadm settle + +SETS=$(dmraid -c -s -i) +# scan and activate all DM RAIDS +for s in $SETS; do + dmraid -ay -i -p --rm_partitions "$s" + [ -e "/dev/mapper/$s" ] && kpartx -a -p p "/dev/mapper/$s" +done + +udevadm settle + +mdadm --create /dev/md0 --run --auto=yes --level=5 --raid-devices=3 \ + /dev/mapper/isw*p*[234] +# wait for the array to finish initializing, otherwise this sometimes fails +# randomly. +mdadm -W /dev/md0 +set -e +lvm pvcreate -ff -y /dev/md0 +lvm vgcreate dracut /dev/md0 +lvm lvcreate -l 100%FREE -n root dracut +lvm vgchange -ay +mkfs.ext4 -L root /dev/dracut/root +mkdir -p /sysroot +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +lvm lvchange -a n /dev/dracut/root +udevadm settle +mdadm --detail --export /dev/md0 | grep -F MD_UUID > /tmp/mduuid +. /tmp/mduuid +echo "MD_UUID=$MD_UUID" +{ + echo "dracut-root-block-created" + echo MD_UUID="$MD_UUID" +} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +mdadm --wait-clean /dev/md0 +sync +poweroff -f diff --git a/test/TEST-14-IMSM/cryptroot-ask.sh b/test/TEST-14-IMSM/cryptroot-ask.sh new file mode 100755 index 0000000..a6b7ac7 --- /dev/null +++ b/test/TEST-14-IMSM/cryptroot-ask.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +[ -b /dev/mapper/"$2" ] && exit 0 +printf test > /keyfile +/sbin/cryptsetup luksOpen "$1" "$2" < /keyfile diff --git a/test/TEST-14-IMSM/hard-off.sh b/test/TEST-14-IMSM/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-14-IMSM/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-14-IMSM/test-init.sh b/test/TEST-14-IMSM/test-init.sh new file mode 100755 index 0000000..a5360ef --- /dev/null +++ b/test/TEST-14-IMSM/test-init.sh @@ -0,0 +1,27 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +if [ -d /run/initramfs/etc ]; then + echo " rd.debug=0 " >> /run/initramfs/etc/cmdline +fi +poweroff -f diff --git a/test/TEST-14-IMSM/test.sh b/test/TEST-14-IMSM/test.sh new file mode 100755 index 0000000..06959cd --- /dev/null +++ b/test/TEST-14-IMSM/test.sh @@ -0,0 +1,148 @@ +#!/bin/bash +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on LVM PV on a isw dmraid" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell" +#DEBUGFAIL="$DEBUGFAIL udev.log-priority=debug" + +client_run() { + echo "CLIENT TEST START: $*" + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-1.img disk1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-2.img disk2 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot $* root=LABEL=root rw debug rd.retry=5 rd.debug console=ttyS0,115200n81 selinux=0 rd.info rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + if ! test_marker_check; then + echo "CLIENT TEST END: $* [FAIL]" + return 1 + fi + + echo "CLIENT TEST END: $* [OK]" + return 0 +} + +test_run() { + read -r MD_UUID < "$TESTDIR"/mduuid + if [[ -z $MD_UUID ]]; then + echo "Setup failed" + return 1 + fi + + client_run rd.auto rd.md.imsm=0 || return 1 + client_run rd.md.uuid="$MD_UUID" rd.dm=0 || return 1 + # This test succeeds, because the mirror parts are found without + # assembling the mirror itself, which is what we want + client_run rd.md.uuid="$MD_UUID" rd.md=0 rd.md.imsm failme && return 1 + client_run rd.md.uuid="$MD_UUID" rd.md=0 failme && return 1 + # the following test hangs on newer md + client_run rd.md.uuid="$MD_UUID" rd.dm=0 rd.md.imsm rd.md.conf=0 || return 1 + return 0 +} + +test_setup() { + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc var/run tmp + mkdir -p root usr/bin usr/lib usr/lib64 usr/sbin + ) + inst_multiple sh df free ls shutdown poweroff stty cat ps ln \ + mount dmesg mkdir cp dd sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + inst_simple /etc/os-release + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst_multiple grep + inst ./test-init.sh /sbin/init + find_binary plymouth > /dev/null && inst_multiple plymouth + cp -a /etc/ld.so.conf* "$initdir"/etc + mkdir -p "$initdir"/run + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount grep dd sync realpath + inst_hook initqueue 01 ./create-root.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash lvm mdraid dmraid kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod dm-multipath dm-crypt dm-round-robin faulty linear multipath raid0 raid10 raid1 raid456" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + # Create the blank files to use as a root filesystem + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-1.img disk1 100 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-2.img disk2 100 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + eval "$(grep -F --binary-files=text -m 1 MD_UUID "$TESTDIR"/marker.img)" + + if [[ -z $MD_UUID ]]; then + echo "Setup failed" + return 1 + fi + + echo "$MD_UUID" > "$TESTDIR"/mduuid + ( + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + ) + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth network kernel-network-modules" \ + -a "debug" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-15-BTRFSRAID/Makefile b/test/TEST-15-BTRFSRAID/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-15-BTRFSRAID/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-15-BTRFSRAID/create-root.sh b/test/TEST-15-BTRFSRAID/create-root.sh new file mode 100755 index 0000000..075deac --- /dev/null +++ b/test/TEST-15-BTRFSRAID/create-root.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +modprobe btrfs || : +udevadm control --reload +udevadm settle + +set -e + +mkfs.btrfs -draid10 -mraid10 -L root /dev/disk/by-id/ata-disk_raid[1234] +udevadm settle + +btrfs device scan +udevadm settle + +mkdir -p /sysroot +mount -t btrfs /dev/disk/by-id/ata-disk_raid4 /sysroot +cp -a -t /sysroot /source/* +umount /sysroot + +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-15-BTRFSRAID/finished-false.sh b/test/TEST-15-BTRFSRAID/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-15-BTRFSRAID/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-15-BTRFSRAID/hard-off.sh b/test/TEST-15-BTRFSRAID/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-15-BTRFSRAID/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-15-BTRFSRAID/test-init.sh b/test/TEST-15-BTRFSRAID/test-init.sh new file mode 100755 index 0000000..068e8f3 --- /dev/null +++ b/test/TEST-15-BTRFSRAID/test-init.sh @@ -0,0 +1,25 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / + +poweroff -f diff --git a/test/TEST-15-BTRFSRAID/test.sh b/test/TEST-15-BTRFSRAID/test.sh new file mode 100755 index 0000000..068146e --- /dev/null +++ b/test/TEST-15-BTRFSRAID/test.sh @@ -0,0 +1,123 @@ +#!/bin/bash +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on multiple device btrfs" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell" +test_run() { + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-1.img raid1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-2.img raid2 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-3.img raid3 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-4.img raid4 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=LABEL=root rw rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing + test_marker_check || return 1 +} + +test_setup() { + # Create the blank file to use as a root filesystem + DISKIMAGE=$TESTDIR/TEST-15-BTRFSRAID-root.img + rm -f -- "$DISKIMAGE" + dd if=/dev/zero of="$DISKIMAGE" bs=1M count=1024 + + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc var/run tmp + mkdir -p root usr/bin usr/lib usr/lib64 usr/sbin + ) + inst_multiple sh df free ls shutdown poweroff stty cat ps ln \ + mount dmesg mkdir cp sync dd + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst_multiple grep + inst ./test-init.sh /sbin/init + inst_simple /etc/os-release + find_binary plymouth > /dev/null && inst_multiple plymouth + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.btrfs poweroff cp umount dd sync + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash btrfs rootfs-block kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix btrfs sd_mod" \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + + rm -rf -- "$TESTDIR"/overlay + + # Create the blank files to use as a root filesystem + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-1.img raid1 150 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-2.img raid2 150 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-3.img raid3 150 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid-4.img raid4 150 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + + test_marker_check dracut-root-block-created || return 1 + + ( + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + ) + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth network kernel-network-modules" \ + -a "debug" \ + -d "piix ide-gd_mod ata_piix btrfs sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-16-DMSQUASH/Makefile b/test/TEST-16-DMSQUASH/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-16-DMSQUASH/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-16-DMSQUASH/create-root.sh b/test/TEST-16-DMSQUASH/create-root.sh new file mode 100755 index 0000000..f17b22f --- /dev/null +++ b/test/TEST-16-DMSQUASH/create-root.sh @@ -0,0 +1,41 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +set -e + +udevadm settle + +# create a single partition using 50% of the capacity of the image file created by test_setup() in test.sh +sfdisk /dev/disk/by-id/ata-disk_root << EOF +2048,161792 +EOF + +udevadm settle + +mkfs.ext4 -q -L dracut /dev/disk/by-id/ata-disk_root-part1 +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root-part1 /root +mkdir -p /root/run /root/testdir +cp -a -t /root /source/* +echo "Creating squashfs" +mksquashfs /source /root/testdir/rootfs.img -quiet + +# Copy rootfs.img to the NTFS drive if exists +if [ -e "/dev/disk/by-id/ata-disk_root_ntfs" ]; then + mkfs.ntfs -F -L dracut_ntfs /dev/disk/by-id/ata-disk_root_ntfs + mkdir -p /root_ntfs + mount -t ntfs3 /dev/disk/by-id/ata-disk_root_ntfs /root_ntfs + mkdir -p /root_ntfs/run /root_ntfs/testdir + cp /root/testdir/rootfs.img /root_ntfs/testdir/rootfs.img +fi + +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-16-DMSQUASH/test-init.sh b/test/TEST-16-DMSQUASH/test-init.sh new file mode 100755 index 0000000..959fa25 --- /dev/null +++ b/test/TEST-16-DMSQUASH/test-init.sh @@ -0,0 +1,31 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +if grep -qF ' rd.live.overlay=LABEL=persist ' /proc/cmdline; then + # Writing to a file in the root filesystem lets test_run() verify that the autooverlay module successfully created + # and formatted the overlay partition and that the dmsquash-live module used it when setting up the rootfs overlay. + echo "dracut-autooverlay-success" > /overlay-marker +fi + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / + +poweroff -f diff --git a/test/TEST-16-DMSQUASH/test.sh b/test/TEST-16-DMSQUASH/test.sh new file mode 100755 index 0000000..3fecc92 --- /dev/null +++ b/test/TEST-16-DMSQUASH/test.sh @@ -0,0 +1,155 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="live root on a squash filesystem" + +# Uncomment these to debug failures +#DEBUGFAIL="rd.shell rd.debug rd.live.debug loglevel=7" + +test_run() { + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.img root + + # NTFS drive + if modprobe --dry-run ntfs3 &> /dev/null && command -v mkfs.ntfs &> /dev/null; then + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root_ntfs.img root_ntfs + fi + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -boot order=d \ + -append "rd.live.overlay.overlayfs=1 root=live:/dev/disk/by-label/dracut console=ttyS0,115200n81 quiet selinux=0 rd.info rd.shell=0 panic=1 oops=panic softlockup_panic=1 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing + + test_marker_check || return 1 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -boot order=d \ + -append "rd.live.image rd.live.overlay.overlayfs=1 root=LABEL=dracut console=ttyS0,115200n81 quiet selinux=0 rd.info rd.shell=0 panic=1 oops=panic softlockup_panic=1 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing + + test_marker_check || return 1 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -boot order=d \ + -append "rd.live.image rd.live.overlay.overlayfs=1 rd.live.dir=testdir root=LABEL=dracut console=ttyS0,115200n81 quiet selinux=0 rd.info rd.shell=0 panic=1 oops=panic softlockup_panic=1 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing + + test_marker_check || return 1 + + # Run the NTFS test only if mkfs.ntfs is available + if modprobe --dry-run ntfs3 &> /dev/null && command -v mkfs.ntfs &> /dev/null; then + dd if=/dev/zero of="$TESTDIR"/marker.img bs=1MiB count=1 + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -boot order=d \ + -append "rd.live.image rd.live.overlay.overlayfs=1 rd.live.dir=testdir root=LABEL=dracut_ntfs console=ttyS0,115200n81 quiet selinux=0 rd.info rd.shell=0 panic=1 oops=panic softlockup_panic=1 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing + + test_marker_check || return 1 + fi + + test_marker_reset + rootPartitions=$(sfdisk -d "$TESTDIR"/root.img | grep -c 'root\.img[0-9]') + [ "$rootPartitions" -eq 1 ] || return 1 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -boot order=d \ + -append "rd.live.image rd.live.overlay.overlayfs=1 rd.live.overlay=LABEL=persist rd.live.dir=testdir root=LABEL=dracut console=ttyS0,115200n81 quiet selinux=0 rd.info rd.shell=0 panic=1 oops=panic softlockup_panic=1 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing-autooverlay + + rootPartitions=$(sfdisk -d "$TESTDIR"/root.img | grep -c 'root\.img[0-9]') + [ "$rootPartitions" -eq 2 ] || return 1 + + ( + # Ensure that this test works when run with the `V=1` parameter, which runs the script with `set -o pipefail`. + set +o pipefail + + # Verify that the string "dracut-autooverlay-success" occurs in the second partition in the image file. + dd if="$TESTDIR"/root.img bs=1MiB skip=80 status=none \ + | grep -U --binary-files=binary -F -m 1 -q dracut-autooverlay-success + ) || return 1 +} + +test_setup() { + # Create what will eventually be our root filesystem onto an overlay + "$DRACUT" -l --keep --tmpdir "$TESTDIR" \ + -m "test-root" \ + -i ./test-init.sh /sbin/init \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" \ + --no-hostonly --no-hostonly-cmdline --nomdadmconf --nohardlink \ + -f "$TESTDIR"/initramfs.root "$KVERSION" || return 1 + mkdir -p "$TESTDIR"/overlay/source && mv "$TESTDIR"/dracut.*/initramfs/* "$TESTDIR"/overlay/source && rm -rf "$TESTDIR"/dracut.* + + # second, install the files needed to make the root filesystem + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + --modules "test-makeroot" \ + --install "sfdisk mkfs.ext4 mkfs.ntfs mksquashfs" \ + --drivers "ntfs3" \ + --include ./create-root.sh /lib/dracut/hooks/initqueue/01-create-root.sh \ + --no-hostonly --no-hostonly-cmdline --no-early-microcode --nofscks --nomdadmconf --nohardlink --nostrip \ + --force "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + # Create the blank file to use as a root filesystem + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.img root 160 + + # NTFS drive + if modprobe --dry-run ntfs3 &> /dev/null && command -v mkfs.ntfs &> /dev/null; then + dd if=/dev/zero of="$TESTDIR"/root_ntfs.img bs=1MiB count=160 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/root_ntfs.img root_ntfs + fi + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + + if ! test_marker_check dracut-root-block-created; then + echo "Could not create root filesystem" + return 1 + fi + + # mount NTFS with ntfs3 driver inside the generated initramfs + cat > /tmp/ntfs3.rules << 'EOF' +SUBSYSTEM=="block", ENV{ID_FS_TYPE}=="ntfs", ENV{ID_FS_TYPE}="ntfs3" +EOF + + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + --modules "test dash dmsquash-live qemu" \ + --omit "rngd" \ + --drivers "ext4 ntfs3 sd_mod" \ + --install "mkfs.ext4" \ + --include /tmp/ntfs3.rules /lib/udev/rules.d/ntfs3.rules \ + --no-hostonly --no-hostonly-cmdline \ + --force "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 + + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + --modules "test dmsquash-live-autooverlay qemu" \ + --omit "rngd" \ + --drivers "ext4 sd_mod" \ + --install "mkfs.ext4" \ + --no-hostonly --no-hostonly-cmdline \ + --force "$TESTDIR"/initramfs.testing-autooverlay "$KVERSION" || return 1 + + rm -rf -- "$TESTDIR"/overlay +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-17-LVM-THIN/Makefile b/test/TEST-17-LVM-THIN/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-17-LVM-THIN/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-17-LVM-THIN/create-root.sh b/test/TEST-17-LVM-THIN/create-root.sh new file mode 100755 index 0000000..2547d1c --- /dev/null +++ b/test/TEST-17-LVM-THIN/create-root.sh @@ -0,0 +1,34 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex +for dev in /dev/disk/by-id/ata-disk_disk[123]; do + lvm pvcreate -ff -y "$dev" +done + +lvm vgcreate dracut /dev/disk/by-id/ata-disk_disk[123] +lvm lvcreate --ignoremonitoring -l 100%FREE -T dracut/mythinpool +lvm lvcreate --ignoremonitoring -V100M -T dracut/mythinpool -n root +lvm vgchange --ignoremonitoring -ay +mkfs.ext4 /dev/dracut/root +mkdir -p /sysroot +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +lvm lvchange -a n /dev/dracut/root + +if ! dmsetup status | grep -q out_of_data_space; then + echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +fi + +sync +poweroff -f diff --git a/test/TEST-17-LVM-THIN/finished-false.sh b/test/TEST-17-LVM-THIN/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-17-LVM-THIN/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-17-LVM-THIN/hard-off.sh b/test/TEST-17-LVM-THIN/hard-off.sh new file mode 100755 index 0000000..f4d19dc --- /dev/null +++ b/test/TEST-17-LVM-THIN/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getarg failme && poweroff -f diff --git a/test/TEST-17-LVM-THIN/test-init.sh b/test/TEST-17-LVM-THIN/test-init.sh new file mode 100755 index 0000000..108e626 --- /dev/null +++ b/test/TEST-17-LVM-THIN/test-init.sh @@ -0,0 +1,24 @@ +#!/bin/sh +: > /dev/watchdog + +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +[ -f /etc/mtab ] || ln -sfn /proc/mounts /etc/mtab +[ -f /etc/fstab ] || ln -sfn /proc/mounts /etc/fstab +stty sane +echo "made it to the rootfs!" +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi +echo "Powering down." +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-17-LVM-THIN/test.sh b/test/TEST-17-LVM-THIN/test.sh new file mode 100755 index 0000000..5010e48 --- /dev/null +++ b/test/TEST-17-LVM-THIN/test.sh @@ -0,0 +1,115 @@ +#!/bin/bash +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on LVM PV with thin pool" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.break rd.shell" + +test_run() { + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-1.img disk1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-2.img disk2 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-3.img disk3 + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=/dev/dracut/root rw rd.auto=1 quiet rd.retry=3 rd.info console=ttyS0,115200n81 selinux=0 rd.debug rd.shell=0 $DEBUGFAIL" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + test_marker_check || return 1 +} + +test_setup() { + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc var/run tmp + mkdir -p root usr/bin usr/lib usr/lib64 usr/sbin + ) + inst_multiple sh df free ls shutdown poweroff stty cat ps ln \ + mount dmesg mkdir cp dd sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst_multiple grep + inst_simple /etc/os-release + inst ./test-init.sh /sbin/init + find_binary plymouth > /dev/null && inst_multiple plymouth + cp -a /etc/ld.so.conf* "$initdir"/etc + mkdir -p "$initdir"/run + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount grep dmsetup dd sync + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash lvm mdraid kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + # Create the blank files to use as a root filesystem + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-1.img disk1 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-2.img disk2 40 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/disk-3.img disk3 40 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + + ( + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + ) + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth network kernel-network-modules" \ + -a "debug" -I lvs \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-18-UEFI/Makefile b/test/TEST-18-UEFI/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-18-UEFI/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-18-UEFI/test-init.sh b/test/TEST-18-UEFI/test-init.sh new file mode 100755 index 0000000..03966d2 --- /dev/null +++ b/test/TEST-18-UEFI/test-init.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin + +[ -e /proc/self/mounts ] \ + || (mkdir -p /proc && mount -t proc -o nosuid,noexec,nodev proc /proc) + +grep -q '^sysfs /sys sysfs' /proc/self/mounts \ + || (mkdir -p /sys && mount -t sysfs -o nosuid,noexec,nodev sysfs /sys) + +grep -q '^devtmpfs /dev devtmpfs' /proc/self/mounts \ + || (mkdir -p /dev && mount -t devtmpfs -o mode=755,noexec,nosuid,strictatime devtmpfs /dev) + +grep -q '^tmpfs /run tmpfs' /proc/self/mounts \ + || (mkdir -p /run && mount -t tmpfs -o mode=755,noexec,nosuid,strictatime tmpfs /run) + +: > /dev/watchdog + +exec > /dev/console 2>&1 + +echo "made it to the rootfs! Powering down." +echo "dracut-root-block-success" | dd oflag=direct,dsync of=/dev/sdb +poweroff -f diff --git a/test/TEST-18-UEFI/test.sh b/test/TEST-18-UEFI/test.sh new file mode 100755 index 0000000..4191fed --- /dev/null +++ b/test/TEST-18-UEFI/test.sh @@ -0,0 +1,92 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="UEFI boot" + +# Linux kernel requirements +# CONFIG_BLK_DEV_INITRD for initramfs +# CONFIG_EFI_HANDOVER_PROTOCOL for ovmf (Open Virtual Machine Firmware) +# CONFIG_SATA_AHCI for ahci.ko +# CONFIG_BLK_DEV_SD for sd_mod.ko +# CONFIG_SQUASHFS_ZLIB for squashfs.ko + +ovmf_code() { + for path in \ + "/usr/share/OVMF/OVMF_CODE.fd" \ + "/usr/share/edk2/x64/OVMF_CODE.fd" \ + "/usr/share/edk2-ovmf/OVMF_CODE.fd" \ + "/usr/share/qemu/ovmf-x86_64-4m.bin"; do + [[ -s $path ]] && echo -n "$path" && return + done +} + +test_check() { + [[ -n "$(ovmf_code)" ]] +} + +KVERSION="${KVERSION-$(uname -r)}" + +test_marker_reset() { + dd if=/dev/zero of="$TESTDIR"/marker.img bs=1MiB count=1 +} + +test_marker_check() { + grep -U --binary-files=binary -F -m 1 -q dracut-root-block-success -- "$TESTDIR"/marker.img + return $? +} + +test_dracut() { + TEST_DRACUT_ARGS+=" --local --no-hostonly --no-early-microcode --add test --kver $KVERSION" + + # shellcheck disable=SC2162 + IFS=' ' read -a TEST_DRACUT_ARGS_ARRAY <<< "$TEST_DRACUT_ARGS" + + "$DRACUT" "$@" \ + --kernel-cmdline "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot selinux=0 console=ttyS0,115200n81 $DEBUGFAIL" \ + "${TEST_DRACUT_ARGS_ARRAY[@]}" || return 1 +} + +test_run() { + declare -a disk_args=() + declare -i disk_index=1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + qemu_add_drive_args disk_index disk_args "$TESTDIR"/squashfs.img root + + test_marker_reset + "$testdir"/run-qemu "${disk_args[@]}" -net none \ + -drive file=fat:rw:"$TESTDIR"/ESP,format=vvfat,label=EFI \ + -global driver=cfi.pflash01,property=secure,value=on \ + -drive if=pflash,format=raw,unit=0,file="$(ovmf_code)",readonly=on + test_marker_check || return 1 +} + +test_setup() { + # Create what will eventually be our root filesystem + "$DRACUT" --local --no-hostonly --no-early-microcode --nofscks \ + --tmpdir "$TESTDIR" --keep --modules "test-root" --include ./test-init.sh /sbin/init \ + "$TESTDIR"/tmp-initramfs.root "$KVERSION" || return 1 + + mkdir -p "$TESTDIR"/dracut.*/initramfs/proc + mksquashfs "$TESTDIR"/dracut.*/initramfs/ "$TESTDIR"/squashfs.img -quiet -no-progress + + mkdir -p "$TESTDIR"/ESP/EFI/BOOT + + if [ -f "/usr/lib/gummiboot/linuxx64.efi.stub" ]; then + TEST_DRACUT_ARGS+=" --uefi-stub /usr/lib/gummiboot/linuxx64.efi.stub " + fi + + mkdir -p "$TESTDIR"/ESP/EFI/BOOT + test_dracut \ + --modules 'rootfs-block test' \ + --kernel-cmdline 'root=/dev/sdc ro rd.skipfsck rootfstype=squashfs' \ + --drivers 'ahci sd_mod squashfs' \ + --uefi \ + "$TESTDIR"/ESP/EFI/BOOT/BOOTX64.efi +} + +test_cleanup() { + return 0 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-20-NFS/Makefile b/test/TEST-20-NFS/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-20-NFS/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-20-NFS/client-init.sh b/test/TEST-20-NFS/client-init.sh new file mode 100755 index 0000000..061a2b1 --- /dev/null +++ b/test/TEST-20-NFS/client-init.sh @@ -0,0 +1,49 @@ +#!/bin/sh +: > /dev/watchdog +. /lib/dracut-lib.sh +. /lib/url-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +stty sane +if getargbool 0 rd.shell; then + [ -c /dev/watchdog ] && printf 'V' > /dev/watchdog + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi + +echo "made it to the rootfs! Powering down." + +while read -r dev _ fstype opts rest || [ -n "$dev" ]; do + [ "$fstype" != "nfs" -a "$fstype" != "nfs4" ] && continue + echo "nfs-OK $dev $fstype $opts" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + break +done < /proc/mounts + +if [ "$fstype" = "nfs" -o "$fstype" = "nfs4" ]; then + + serverip=${dev%:*} + path=${dev#*:} + echo serverip="${serverip}" + echo path="${path}" + echo /proc/mounts status + cat /proc/mounts + + echo test:nfs_fetch_url nfs::"${serverip}":"${path}"/root/fetchfile + if nfs_fetch_url nfs::"${serverip}":"${path}"/root/fetchfile /run/nfsfetch.out; then + echo nfsfetch-OK + echo "nfsfetch-OK" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker2 + fi +else + echo nfsfetch-BYPASS fstype="${fstype}" + echo "nfsfetch-OK" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker2 +fi + +: > /dev/watchdog + +sync +poweroff -f diff --git a/test/TEST-20-NFS/client.link b/test/TEST-20-NFS/client.link new file mode 100644 index 0000000..b992bfd --- /dev/null +++ b/test/TEST-20-NFS/client.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=keep kernel database onboard slot path +MACAddressPolicy=keep diff --git a/test/TEST-20-NFS/create-root.sh b/test/TEST-20-NFS/create-root.sh new file mode 100755 index 0000000..8060b00 --- /dev/null +++ b/test/TEST-20-NFS/create-root.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex + +mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-20-NFS/dhcpd.conf b/test/TEST-20-NFS/dhcpd.conf new file mode 100644 index 0000000..02fcc4d --- /dev/null +++ b/test/TEST-20-NFS/dhcpd.conf @@ -0,0 +1,177 @@ +ddns-update-style none; + +use-host-decl-names true; + +subnet 192.168.50.0 netmask 255.255.255.0 { +option subnet-mask 255.255.255.0; +option routers 192.168.50.1; +next-server 192.168.50.1; +server-identifier 192.168.50.1; +option domain-name-servers 192.168.50.1; +option domain-search "example.com"; +option domain-name "other.com"; + +# MAC numbering scheme: +# NFSv3: last octet starts at 0x00 and works up + + group { + # NFSv3 root=dhcp or root={/dev/,}nfs, use server-id + option root-path "/nfs/client"; + + host nfs3-1 { + hardware ethernet 52:54:00:12:34:00; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv3 root=dhcp or root={/dev/,}nfs, use given IP + option root-path "192.168.50.2:/nfs/client"; + + host nfs3-2 { + hardware ethernet 52:54:00:12:34:01; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv3 root=dhcp, use protocol from root-path + option root-path "nfs:192.168.50.3:/nfs/client"; + + host nfs3-3 { + hardware ethernet 52:54:00:12:34:02; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv3 root=dhcp, use protocol, options from root-path + option root-path "nfs:192.168.50.3:/nfs/client:wsize=4096"; + + host nfs3-4 { + hardware ethernet 52:54:00:12:34:03; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv3 root=dhcp, nfsroot=/path and nfsroot=IP:/path testing + + host nfs3-5 { + hardware ethernet 52:54:00:12:34:04; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv3 root=dhcp, use path, comma-separated options + option root-path "/nfs/client,wsize=4096"; + + host nfs3-6 { + hardware ethernet 52:54:00:12:34:05; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv3 root=dhcp, use IP, path, comma-separated options + option root-path "192.168.50.2:/nfs/client,wsize=4096"; + + host nfs3-7 { + hardware ethernet 52:54:00:12:34:06; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv3 root=dhcp, use proto, IP, path, comma-separated options + option root-path "nfs:192.168.50.3:/nfs/client,wsize=4096"; + + host nfs3-8 { + hardware ethernet 52:54:00:12:34:07; + fixed-address 192.168.50.101; + } + } + + # MAC numbering scheme: + # NFSv4: last octet starts at 0x80 and works up + + group { + # NFSv4 root={/dev/,}nfs4, use server-id + option root-path "/client"; + + host nfs4-1 { + hardware ethernet 52:54:00:12:34:80; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv4 root={/dev/,}nfs4, use given IP + option root-path "192.168.50.2:/client"; + + host nfs4-2 { + hardware ethernet 52:54:00:12:34:81; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv4 root=dhcp, use profocol from root-path + option root-path "nfs4:192.168.50.3:/client"; + + host nfs4-3 { + hardware ethernet 52:54:00:12:34:82; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv4 root=dhcp, use profocol, options from root-path + option root-path "nfs4:192.168.50.3:/client:wsize=4096"; + + host nfs4-4 { + hardware ethernet 52:54:00:12:34:83; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv3 root=nfs4, nfsroot=/path and nfsroot=IP:/path testing + host nfs4-5 { + hardware ethernet 52:54:00:12:34:84; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv4 root={/dev/,}nfs4, use server-id, comma-separated opts + option root-path "/client,wsize=4096"; + + host nfs4-6 { + hardware ethernet 52:54:00:12:34:85; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv4 root={/dev/,}nfs4, use given IP, comma-separated opts + option root-path "192.168.50.2:/client,wsize=4096"; + + host nfs4-7 { + hardware ethernet 52:54:00:12:34:86; + fixed-address 192.168.50.101; + } + } + + group { + # NFSv4 root=dhcp, use comma-separated opts + option root-path "nfs4:192.168.50.3:/client,wsize=4096"; + + host nfs4-8 { + hardware ethernet 52:54:00:12:34:87; + fixed-address 192.168.50.101; + } + } + +} diff --git a/test/TEST-20-NFS/exports b/test/TEST-20-NFS/exports new file mode 100644 index 0000000..95619e7 --- /dev/null +++ b/test/TEST-20-NFS/exports @@ -0,0 +1,5 @@ +/nfs 192.168.50.0/24(ro,fsid=0,insecure,no_subtree_check,no_root_squash) +/nfs/client 192.168.50.0/24(ro,insecure,no_subtree_check,no_root_squash) +/nfs/nfs3-5 192.168.50.0/24(ro,insecure,no_subtree_check,no_root_squash,nohide) +/nfs/ip/192.168.50.101 192.168.50.0/24(ro,insecure,no_subtree_check,no_root_squash,nohide) +/nfs/tftpboot/nfs4-5 192.168.50.0/24(ro,insecure,no_subtree_check,no_root_squash,nohide) diff --git a/test/TEST-20-NFS/finished-false.sh b/test/TEST-20-NFS/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-20-NFS/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-20-NFS/hard-off.sh b/test/TEST-20-NFS/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-20-NFS/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-20-NFS/hosts b/test/TEST-20-NFS/hosts new file mode 100644 index 0000000..36be908 --- /dev/null +++ b/test/TEST-20-NFS/hosts @@ -0,0 +1,5 @@ +127.0.0.1 localhost +192.168.50.1 server +192.168.50.2 server-ip +192.168.50.3 server-proto-ip +192.168.50.101 workstation2 diff --git a/test/TEST-20-NFS/server-init.sh b/test/TEST-20-NFS/server-init.sh new file mode 100755 index 0000000..0c06eea --- /dev/null +++ b/test/TEST-20-NFS/server-init.sh @@ -0,0 +1,109 @@ +#!/bin/bash +exec < /dev/console > /dev/console 2>&1 +set -x +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +export TERM=linux +export PS1='nfstest-server:\w\$ ' +: > /dev/watchdog +stty sane +echo "made it to the rootfs!" +echo server > /proc/sys/kernel/hostname + +wait_for_if_link() { + local cnt=0 + local li + while [ $cnt -lt 600 ]; do + li=$(ip -o link show dev "$1" 2> /dev/null) + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_if_up() { + local cnt=0 + local li + while [ $cnt -lt 200 ]; do + li=$(ip -o link show up dev "$1") + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_route_ok() { + local cnt=0 + while [ $cnt -lt 200 ]; do + li=$(ip route show) + [ -n "$li" ] && [ -z "${li##*"$1"*}" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +linkup() { + wait_for_if_link "$1" 2> /dev/null && ip link set "$1" up 2> /dev/null && wait_for_if_up "$1" 2> /dev/null +} + +wait_for_if_link enx525400123456 + +ip addr add 127.0.0.1/8 dev lo +ip link set lo up +ip addr add 192.168.50.1/24 dev enx525400123456 +ip addr add 192.168.50.2/24 dev enx525400123456 +ip addr add 192.168.50.3/24 dev enx525400123456 +linkup enx525400123456 + +: > /dev/watchdog +modprobe af_packet +: > /dev/watchdog +mkdir /nfs/nfs3-5 +mount --bind /nfs/client /nfs/nfs3-5 +: > /dev/watchdog +mkdir -p /nfs/ip/192.168.50.101 +mount --bind /nfs/client /nfs/ip/192.168.50.101 +: > /dev/watchdog +mkdir -p /nfs/tftpboot/nfs4-5 +mount --bind /nfs/client /nfs/tftpboot/nfs4-5 +: > /dev/watchdog +modprobe sunrpc +: > /dev/watchdog +mount -t rpc_pipefs sunrpc /var/lib/nfs/rpc_pipefs +: > /dev/watchdog +[ -x /sbin/portmap ] && portmap +: > /dev/watchdog +mkdir -p /run/rpcbind +[ -x /sbin/rpcbind ] && rpcbind +: > /dev/watchdog +modprobe nfsd +: > /dev/watchdog +mount -t nfsd nfsd /proc/fs/nfsd +: > /dev/watchdog +exportfs -r +: > /dev/watchdog +rpc.nfsd +: > /dev/watchdog +rpc.mountd +: > /dev/watchdog +command -v rpc.idmapd > /dev/null && [ -z "$(pidof rpc.idmapd)" ] && rpc.idmapd +: > /dev/watchdog +exportfs -r +: > /dev/watchdog +mkdir -p /var/lib/dhcpd +: > /var/lib/dhcpd/dhcpd.leases +: > /dev/watchdog +chmod 777 /var/lib/dhcpd/dhcpd.leases +: > /dev/watchdog +rm -f /var/run/dhcpd.pid +dhcpd -d -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases & +exportfs -s +echo "Serving NFS mounts" +while :; do + [ -n "$(jobs -rp)" ] && : > /dev/watchdog + sleep 10 +done +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-20-NFS/server.link b/test/TEST-20-NFS/server.link new file mode 100644 index 0000000..1d21856 --- /dev/null +++ b/test/TEST-20-NFS/server.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=mac +MACAddressPolicy=keep diff --git a/test/TEST-20-NFS/test.sh b/test/TEST-20-NFS/test.sh new file mode 100755 index 0000000..b7cca75 --- /dev/null +++ b/test/TEST-20-NFS/test.sh @@ -0,0 +1,434 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on NFS with $USE_NETWORK" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.debug loglevel=7 rd.break=initqueue rd.shell" +SERVER_DEBUG="rd.debug loglevel=7" +#SERIAL="unix:/tmp/server.sock" + +run_server() { + # Start server first + echo "NFS TEST SETUP: Starting DHCP/NFS server" + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img root 0 1 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -net socket,listen=127.0.0.1:12320 \ + -net nic,macaddr=52:54:00:12:34:56,model=e1000 \ + -serial "${SERIAL:-"file:$TESTDIR/server.log"}" \ + -device i6300esb -watchdog-action poweroff \ + -append "panic=1 oops=panic softlockup_panic=1 root=LABEL=dracut rootfstype=ext4 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \ + -initrd "$TESTDIR"/initramfs.server \ + -pidfile "$TESTDIR"/server.pid -daemonize || return 1 + chmod 644 "$TESTDIR"/server.pid || return 1 + + # Cleanup the terminal if we have one + tty -s && stty sane + + if ! [[ $SERIAL ]]; then + while ! grep -q Serving "$TESTDIR"/server.log; do + echo "Waiting for the server to startup" + sleep 1 + done + else + echo Sleeping 10 seconds to give the server a head start + sleep 10 + fi +} + +client_test() { + local test_name="$1" + local mac=$2 + local cmdline="$3" + local server="$4" + local check_opt="$5" + local nfsinfo opts found expected + + echo "CLIENT TEST START: $test_name" + + # Need this so kvm-qemu will boot (needs non-/dev/zero local disk) + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker2.img marker2 1 + cmdline="$cmdline rd.net.timeout.dhcp=30" + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -net nic,macaddr="$mac",model=e1000 \ + -net socket,connect=127.0.0.1:12320 \ + -device i6300esb -watchdog-action poweroff \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.retry=10 quiet ro console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.testing + + # shellcheck disable=SC2181 + if [[ $? -ne 0 ]] || ! test_marker_check nfs-OK; then + echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]" + return 1 + fi + + # nfsinfo=( server:/path nfs{,4} options ) + read -r -a nfsinfo < <(awk '{print $2, $3, $4; exit}' "$TESTDIR"/marker.img) + + if [[ ${nfsinfo[0]%%:*} != "$server" ]]; then + echo "CLIENT TEST INFO: got server: ${nfsinfo[0]%%:*}" + echo "CLIENT TEST INFO: expected server: $server" + echo "CLIENT TEST END: $test_name [FAILED - WRONG SERVER]" + return 1 + fi + + found=0 + expected=1 + if [[ ${check_opt:0:1} == '-' ]]; then + expected=0 + check_opt=${check_opt:1} + fi + + opts=${nfsinfo[2]}, + while [[ $opts ]]; do + if [[ ${opts%%,*} == "$check_opt" ]]; then + found=1 + break + fi + opts=${opts#*,} + done + + if [[ $found -ne $expected ]]; then + echo "CLIENT TEST INFO: got options: ${nfsinfo[2]%%:*}" + if [[ $expected -eq 0 ]]; then + echo "CLIENT TEST INFO: did not expect: $check_opt" + echo "CLIENT TEST END: $test_name [FAILED - UNEXPECTED OPTION]" + else + echo "CLIENT TEST INFO: missing: $check_opt" + echo "CLIENT TEST END: $test_name [FAILED - MISSING OPTION]" + fi + return 1 + fi + + if ! test_marker_check nfsfetch-OK marker2.img; then + echo "CLIENT TEST END: $test_name [FAILED - NFS FETCH FAILED]" + return 1 + fi + + echo "CLIENT TEST END: $test_name [OK]" + return 0 +} + +test_nfsv3() { + # MAC numbering scheme: + # NFSv3: last octet starts at 0x00 and works up + # NFSv4: last octet starts at 0x80 and works up + + client_test "NFSv3 root=dhcp DHCP path only" 52:54:00:12:34:00 \ + "root=dhcp" 192.168.50.1 -wsize=4096 || return 1 + + client_test "NFSv3 Legacy root=/dev/nfs nfsroot=IP:path" 52:54:00:12:34:01 \ + "root=/dev/nfs nfsroot=192.168.50.1:/nfs/client" 192.168.50.1 -wsize=4096 || return 1 + + client_test "NFSv3 Legacy root=/dev/nfs DHCP path only" 52:54:00:12:34:00 \ + "root=/dev/nfs" 192.168.50.1 -wsize=4096 || return 1 + + client_test "NFSv3 Legacy root=/dev/nfs DHCP IP:path" 52:54:00:12:34:01 \ + "root=/dev/nfs" 192.168.50.2 -wsize=4096 || return 1 + + client_test "NFSv3 root=dhcp DHCP IP:path" 52:54:00:12:34:01 \ + "root=dhcp" 192.168.50.2 -wsize=4096 || return 1 + + client_test "NFSv3 root=dhcp DHCP proto:IP:path" 52:54:00:12:34:02 \ + "root=dhcp" 192.168.50.3 -wsize=4096 || return 1 + + client_test "NFSv3 root=dhcp DHCP proto:IP:path:options" 52:54:00:12:34:03 \ + "root=dhcp" 192.168.50.3 wsize=4096 || return 1 + + client_test "NFSv3 root=nfs:..." 52:54:00:12:34:04 \ + "root=nfs:192.168.50.1:/nfs/client" 192.168.50.1 -wsize=4096 || return 1 + + client_test "NFSv3 Bridge root=nfs:..." 52:54:00:12:34:04 \ + "root=nfs:192.168.50.1:/nfs/client bridge net.ifnames=0" 192.168.50.1 -wsize=4096 || return 1 + + client_test "NFSv3 Legacy root=IP:path" 52:54:00:12:34:04 \ + "root=192.168.50.1:/nfs/client" 192.168.50.1 -wsize=4096 || return 1 + + # This test must fail: nfsroot= requires root=/dev/nfs + client_test "NFSv3 Invalid root=dhcp nfsroot=/nfs/client" 52:54:00:12:34:04 \ + "root=dhcp nfsroot=/nfs/client failme" 192.168.50.1 -wsize=4096 && return 1 + + client_test "NFSv3 root=dhcp DHCP path,options" 52:54:00:12:34:05 \ + "root=dhcp" 192.168.50.1 wsize=4096 || return 1 + + client_test "NFSv3 Bridge Customized root=dhcp DHCP path,options" 52:54:00:12:34:05 \ + "root=dhcp bridge=foobr0:enp0s1" 192.168.50.1 wsize=4096 || return 1 + + client_test "NFSv3 root=dhcp DHCP IP:path,options" 52:54:00:12:34:06 \ + "root=dhcp" 192.168.50.2 wsize=4096 || return 1 + + client_test "NFSv3 root=dhcp DHCP proto:IP:path,options" 52:54:00:12:34:07 \ + "root=dhcp" 192.168.50.3 wsize=4096 || return 1 + + client_test "NFSv3 Overlayfs root=nfs:..." 52:54:00:12:34:04 \ + "root=nfs:192.168.50.1:/nfs/client rd.live.overlay.overlayfs=1" \ + 192.168.50.1 -wsize=4096 || return 1 + + client_test "NFSv3 Live Overlayfs root=nfs:..." 52:54:00:12:34:04 \ + "root=nfs:192.168.50.1:/nfs/client rd.live.image rd.live.overlay.overlayfs=1" \ + 192.168.50.1 -wsize=4096 || return 1 + + return 0 +} + +test_nfsv4() { + # There is a mandatory 90 second recovery when starting the NFSv4 + # server, so put these later in the list to avoid a pause when doing + # switch_root + + client_test "NFSv4 root=dhcp DHCP proto:IP:path" 52:54:00:12:34:82 \ + "root=dhcp" 192.168.50.3 -wsize=4096 || return 1 + + client_test "NFSv4 root=dhcp DHCP proto:IP:path:options" 52:54:00:12:34:83 \ + "root=dhcp" 192.168.50.3 wsize=4096 || return 1 + + client_test "NFSv4 root=nfs4:..." 52:54:00:12:34:84 \ + "root=nfs4:192.168.50.1:/client" 192.168.50.1 -wsize=4096 || return 1 + + client_test "NFSv4 root=dhcp DHCP proto:IP:path,options" 52:54:00:12:34:87 \ + "root=dhcp" 192.168.50.3 wsize=4096 || return 1 + + return 0 +} + +test_run() { + if [[ -s server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi + + if ! run_server; then + echo "Failed to start server" 1>&2 + return 1 + fi + + test_nfsv3 \ + && test_nfsv4 + + ret=$? + + if [[ -s $TESTDIR/server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi + + return $ret +} + +test_setup() { + export kernel=$KVERSION + export srcmods="/lib/modules/$kernel/" + # Detect lib paths + + rm -rf -- "$TESTDIR"/overlay + ( + mkdir -p "$TESTDIR"/server/overlay/source + # shellcheck disable=SC2030 + export initdir=$TESTDIR/server/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + + ( + cd "$initdir" || exit + mkdir -p dev sys proc run etc var/run tmp var/lib/{dhcpd,rpcbind} + mkdir -p var/lib/nfs/{v4recovery,rpc_pipefs} + chmod 777 var/lib/rpcbind var/lib/nfs + ) + + inst_multiple sh ls shutdown poweroff stty cat ps ln ip \ + dmesg mkdir cp ping exportfs \ + modprobe rpc.nfsd rpc.mountd showmount tcpdump \ + sleep mount chmod rm + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + if [ -f "${_terminfodir}"/l/linux ]; then + inst_multiple -o "${_terminfodir}"/l/linux + break + fi + done + type -P portmap > /dev/null && inst_multiple portmap + type -P rpcbind > /dev/null && inst_multiple rpcbind + + [ -f /etc/netconfig ] && inst_multiple /etc/netconfig + type -P dhcpd > /dev/null && inst_multiple dhcpd + instmods nfsd sunrpc ipv6 lockd af_packet + inst ./server-init.sh /sbin/init + inst_simple /etc/os-release + inst ./hosts /etc/hosts + inst ./exports /etc/exports + inst ./dhcpd.conf /etc/dhcpd.conf + inst_multiple -o {,/usr}/etc/nsswitch.conf {,/usr}/etc/rpc \ + {,/usr}/etc/protocols {,/usr}/etc/services + inst_multiple -o rpc.idmapd /etc/idmapd.conf + + inst_libdir_file 'libnfsidmap_nsswitch.so*' + inst_libdir_file 'libnfsidmap/*.so*' + inst_libdir_file 'libnfsidmap*.so*' + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + inst /etc/passwd /etc/passwd + inst /etc/group /etc/group + + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + dracut_kernel_post + ) + + # Make client root inside server root + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/server/overlay/source/nfs/client + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + + ( + cd "$initdir" || exit + mkdir -p dev sys proc etc run root usr var/lib/nfs/rpc_pipefs + echo "TEST FETCH FILE" > root/fetchfile + ) + + inst_multiple sh shutdown poweroff stty cat ps ln ip dd \ + mount dmesg mkdir cp ping grep setsid ls vi less cat sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + if [ -f "${_terminfodir}"/l/linux ]; then + inst_multiple -o "${_terminfodir}"/l/linux + break + fi + done + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/45url-lib/url-lib.sh" "/lib/url-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/40network/net-lib.sh" "/lib/net-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/95nfs/nfs-lib.sh" "/lib/nfs-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst ./client-init.sh /sbin/init + inst_simple /etc/os-release + inst_multiple -o {,/usr}/etc/nsswitch.conf + inst /etc/passwd /etc/passwd + inst /etc/group /etc/group + + inst_libdir_file 'libnfsidmap_nsswitch.so*' + inst_libdir_file 'libnfsidmap/*.so*' + inst_libdir_file 'libnfsidmap*.so*' + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/server/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount sync dd + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/server/overlay / \ + -m "bash rootfs-block kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/server + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img root 80 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + + # Make an overlay with needed tools for the test harness + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir="$TESTDIR"/overlay + mkdir -p "$TESTDIR"/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + inst_simple ./client.link /etc/systemd/network/01-client.link + ) + + # Make client's dracut image + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth" \ + -a "dmsquash-live debug watchdog ${USE_NETWORK}" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 + + ( + # shellcheck disable=SC2031 + export initdir="$TESTDIR"/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + rm "$initdir"/etc/systemd/network/01-client.link + inst_simple ./server.link /etc/systemd/network/01-server.link + inst_hook pre-mount 99 ./wait-if-server.sh + ) + # Make server's dracut image + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash rootfs-block debug kernel-modules watchdog qemu network network-legacy" \ + -d "af_packet piix ide-gd_mod ata_piix ext4 sd_mod e1000 i6300esb" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.server "$KVERSION" || return 1 + + rm -rf -- "$TESTDIR"/overlay +} + +test_cleanup() { + if [[ -s $TESTDIR/server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-20-NFS/wait-if-server.sh b/test/TEST-20-NFS/wait-if-server.sh new file mode 100755 index 0000000..8ae21f8 --- /dev/null +++ b/test/TEST-20-NFS/wait-if-server.sh @@ -0,0 +1,3 @@ +#!/bin/sh +. /lib/net-lib.sh +wait_for_if_link enx525400123456 diff --git a/test/TEST-30-ISCSI/Makefile b/test/TEST-30-ISCSI/Makefile new file mode 100644 index 0000000..88db701 --- /dev/null +++ b/test/TEST-30-ISCSI/Makefile @@ -0,0 +1,7 @@ +-include ../Makefile.testdir + +ibft.table: Makefile ibft.pl + perl ibft.pl \ + --initiator iqn=iqn.1994-05.com.redhat:633114aacf2 \ + --nic ip=192.168.50.101,prefix=24,gw=192.168.50.1,dns1=192.168.50.1,dhcp=192.168.50.1,mac=52:54:00:12:34:00,pci=00:03.0 \ + --target nic=0,ip=192.168.50.1,port=3260,lun=1,name=iqn.2009-06.dracut:target0 >$@ diff --git a/test/TEST-30-ISCSI/client-init.sh b/test/TEST-30-ISCSI/client-init.sh new file mode 100755 index 0000000..46a5e3f --- /dev/null +++ b/test/TEST-30-ISCSI/client-init.sh @@ -0,0 +1,24 @@ +#!/bin/sh +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +stty sane +echo "made it to the rootfs! Powering down." +while read -r dev _ fstype opts rest || [ -n "$dev" ]; do + [ "$fstype" != "ext4" ] && continue + echo "iscsi-OK $dev $fstype $opts" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + break +done < /proc/mounts + +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi + +sync +poweroff -f diff --git a/test/TEST-30-ISCSI/client.link b/test/TEST-30-ISCSI/client.link new file mode 100644 index 0000000..b992bfd --- /dev/null +++ b/test/TEST-30-ISCSI/client.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=keep kernel database onboard slot path +MACAddressPolicy=keep diff --git a/test/TEST-30-ISCSI/create-client-root.sh b/test/TEST-30-ISCSI/create-client-root.sh new file mode 100755 index 0000000..267c93a --- /dev/null +++ b/test/TEST-30-ISCSI/create-client-root.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex + +mkfs.ext4 -j -L singleroot -F /dev/disk/by-id/ata-disk_singleroot +mkdir -p /sysroot +mount -t ext4 /dev/disk/by-id/ata-disk_singleroot /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +mdadm --create /dev/md0 --run --auto=yes --level=stripe --raid-devices=2 /dev/disk/by-id/ata-disk_raid0-1 /dev/disk/by-id/ata-disk_raid0-2 +mdadm -W /dev/md0 || : +lvm pvcreate -ff -y /dev/md0 +lvm vgcreate dracut /dev/md0 +lvm lvcreate -l 100%FREE -n root dracut +lvm vgchange -ay +mkfs.ext4 -j -L sysroot /dev/dracut/root +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +lvm lvchange -a n /dev/dracut/root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-30-ISCSI/create-server-root.sh b/test/TEST-30-ISCSI/create-server-root.sh new file mode 100755 index 0000000..2dbc2da --- /dev/null +++ b/test/TEST-30-ISCSI/create-server-root.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-30-ISCSI/dhcpd.conf b/test/TEST-30-ISCSI/dhcpd.conf new file mode 100644 index 0000000..fd306ea --- /dev/null +++ b/test/TEST-30-ISCSI/dhcpd.conf @@ -0,0 +1,48 @@ +ddns-update-style none; + +use-host-decl-names true; + +subnet 192.168.50.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option routers 192.168.50.1; + next-server 192.168.50.1; + server-identifier 192.168.50.1; + option domain-name-servers 192.168.50.1; + option domain-search "example.com"; + option domain-name "other.com"; + + # MAC numbering scheme: + # NFSv3: last octet starts at 0x00 and works up + + group { + option root-path "iscsi:192.168.50.1:::1:iqn.2009-06.dracut:target0"; + + host iscsi-1 { + hardware ethernet 52:54:00:12:34:00; + fixed-address 192.168.50.101; + } + } +} + +subnet 192.168.51.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option routers 192.168.51.1; + next-server 192.168.51.1; + server-identifier 192.168.51.1; + option domain-name-servers 192.168.51.1; + option domain-search "example.com"; + option domain-name "other.com"; + + # MAC numbering scheme: + # NFSv3: last octet starts at 0x00 and works up + + group { + #option root-path "iscsi:192.168.51.1:::1:iqn.2009-06.dracut:target1"; + + host iscsi-2 { + hardware ethernet 52:54:00:12:34:01; + fixed-address 192.168.51.101; + } + + } +} diff --git a/test/TEST-30-ISCSI/hosts b/test/TEST-30-ISCSI/hosts new file mode 100644 index 0000000..f8c18b6 --- /dev/null +++ b/test/TEST-30-ISCSI/hosts @@ -0,0 +1,8 @@ +127.0.0.1 localhost +192.168.50.1 server +192.168.50.2 server-ip +192.168.50.3 server-proto-ip +192.168.50.100 workstation1 +192.168.50.101 workstation2 +192.168.50.102 workstation3 +192.168.50.103 workstation4 diff --git a/test/TEST-30-ISCSI/ibft.pl b/test/TEST-30-ISCSI/ibft.pl new file mode 100644 index 0000000..c612951 --- /dev/null +++ b/test/TEST-30-ISCSI/ibft.pl @@ -0,0 +1,458 @@ +#!/usr/bin/perl +# SPDX-License-Identifier: GPL-2.0+ +# +# iBFT ACPI table generator +# $ perldoc ibft.pl if you'd like to read the manual, poor you: + +=head1 NAME + +ibft.pl - Generate iBFT ACPI table + +=head1 SYNOPSIS + +ibft.pl +[--oemid <oemid>] +[--tableid <tableid> +[--initiator isns=<ip>,slp=<ip>,radius1=<ip>,radius2=<ip>,iqn=<iqn>] +[--nic ip=<ip>[,prefix=<prefix>][,gw=<ip>][,dns1=<ip>][,dns2=<ip>][,dhcp=<ip>][,vlan=<id>][,mac=<mac>][,pci=<pci>][,hostname=<hostname>] ...] +[--target ip=<ip>[,port=<port>][,lun=<lun>][,name=<iqn> ...] + +=head1 DESCRIPTION + +B<ibft.pl> creates an image of iBFT ACPI table similar to what a real network +boot firmware would do. This is mainly useful for testing. + +=head1 OPTIONS + +=over 4 + +=item B<< --oemid <oemid> >> + +Create a table with a particular OEM ID, limited to 6 characters. +It generally doesn't matter. + +Defaults to I<DRACUT>. + +=item B<< --tableid <tableid> >> + +Create a table with a particular OEM Table ID. + +Defaults to I<TEST>, but any four-letter word would do. Any. + +=item B<< --initiator >> + +Configure the Initiator Structure. +Following parameters are supported: + +=over 4 + +=item B<< isns=<ip> >> + +iSNS server address. + +=item B<< slp=<ip> >> + +SLP server address. + +=item B<< radius1=<ip> >>, B<< radius2=<ip> >> + +Primary and secondary Radius server addresses. + +=item B<< iqn=<iqn> >> + +Override the IQN, which defaults to I<iqn.2009-06.dracut:initiator0>. + +=back + +=item B<< --nic >> + +Configure a NIC Structure. This option can be used up multiple times. + +Following parameters are supported: + +=over 4 + +=item B<< ip=<ip> >> + +Set the IP address. Both I<AF_INET> and I<AF_INET6> families are supported. +This parameter is mandatory. + +=item B<< prefix=<prefix> >> + +Set the IP address prefix. You generally also want to set this in order to +get a sensible iBFT. + +=item B<< gw=<ip> >> + +Set the gateway IP address. + +=item B<< dns1=<ip> >>, B<< dns2=<ip> >> + +Set the domain service server addresses. + +=item B<< dhcp=<ip> >> + +Specify the address of the DHCP server in case dynamic configuration is used. + +=item B<< vlan=<id> >> + +The VLAN Id. Duh. + +=item B<< mac=<mac> >> + +Specify the ethernet hardware address, in form of six colon-delimited +hexadecimal octets. + +=item B<< pci=<pci> >> + +Specify the ethernet hardware's PCI bus location, in form of +B<< <bus> >>:B<< <device> >>.B<< <function> >> where the numbers are in +hexadecimal. + +=item B<< hostname=<hostname> >> + +The host name. Defaults to B<client>. + +=back + +=item B<< --target >> + +Configure a Target Structure. This option can be used multiple times. + +Following parameters are supported: + +=over 4 + +=item B<< ip=<ip> >> + +The iSCSI target IP address. + +=item B<< port=<port> >> + +The iSCSI TCP port, in case the default of I<3260> is not good enough for +you. + +=item B<< lun=<1> >> + +The LUN number. Defaults to I<1> no less. + +=item B<< name=<iqn> >> + +The iSCSI volume name. Defaults to I<iqn.2009-06.dracut:target0> for the first +target, I<iqn.2009-06.dracut:target1> for the second one. + +=back + +=back + +=cut + +use strict; +use warnings; + +sub ip4 { + shift =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/ + or die 'not an INET address'; + return (map { 0x00 } 0..9), 0xff, 0xff, $1, $2, $3, $4; +} + +sub ip6 +{ + my ($beg, $end) = map { [ map { /^([0-9a-fA-F]{0,2}?)([0-9a-fA-F]{1,2})$/ + ? (hex $1, hex $2) + : die "'$_' not valid in a INET6 address" + } split /:/ ] } split /::/, shift; + + $beg ||= []; + $end ||= []; + + my $fill = 16 - scalar @$beg + scalar@$end; + die 'INET6 address too long' if $fill < 0; + + @$beg, (map { 0 } 1..$fill), @$end; +} + +sub ip +{ + my @val; + @val = eval { @val = ip6 ($_[0]) }; + @val = eval { @val = ip4 ($_[0]) } unless @val; + die "Saatana: $_[0] is not an INET or INET6 address" unless @val; + + return pack 'C16', @val; +} + +sub mac +{ + return pack 'C8', map { hex $_ } split /:/, shift; +} + +sub pci +{ + shift =~ /^([0-9a-fA-F]{1,2}?):([0-9a-fA-F]{1,2})\.([0-9a-fA-F]+)$/ + or die 'Not a PCI address'; + return (hex $1) << 8 | (hex $2) << 3 | (hex $3); +} + +sub lun +{ + return pack 'C8', 0, shift, 0, 0, 0, 0, 0, 0; +} + +# signature, length, revision, checksum, oem_id, oem_table_id, reserved +sub pack_table_hdr { pack 'a4 V C C a6 a8 a24 x![C8]', @_ } + +# id, version, length, index, flags +# extensions, initiator_off, nic0_off, tgt0_off, nic1_off, tgt1_off, ext* +sub pack_control { pack 'C C S C C S S S S S S S* x![C8]', @_ } + +# id, version, length, index, flags +# isns_adr, slp_adr, radius1_adr, radius2_adr, iqn_len, iqn_off +sub pack_initiator { pack 'C C S C C a16 a16 a16 a16 SS x![C8]', @_ } + +# id, version, length, index, flags +# adr, prefix, origin, gw, dns1, dns2, dhcp, vlan_id, mac, pci_bdf, hostname_len, hostname_off +sub pack_nic { $_[5] ? pack 'C C S C C a16 C C a16 a16 a16 a16 S a6 S SS x![C8]', @_ : '' } + +# id, version, length, index, flags +# tgt_adr, tgt_port, tgt_lun, chap_type, nic_id, tgt_len, tgt_off, +# chap_name_len, chap_name_off, chap_secret_len, chap_secret_off +# rchap_name_len, rchap_name_off, rchap_secret_len, rchap_secret_off +sub pack_tgt { $_[5] ? pack 'C C S C C a16 S a8 C C SS SS SS SS SS x![C8]', @_ : '' }; + +# str +sub pack_str { pack 'Z*', @_ } + +# Initialize some defaults +my @table_hdr = ('iBFT', 0000, 1, 0000, 'DRACUT', 'TEST', ''); +my @control = (1, 1, 18, 0, 0, 0000, 0000, 0000, 0000, 0000, 0000); +my @initiator = (2, 1, 74, 0, 0x03, '', '', '', '', (0000, 0000)); +my @nics; +my @tgts; +my $iqn = 'iqn.2009-06.dracut:initiator0'; +my @hostnames; +my @tgt_names; + +while (@ARGV) { + my $arg = shift @ARGV; + die "Saatana: $arg is missing an argument" unless @ARGV; + + if ($arg eq '--oemid') { + $table_hdr[4] = shift @ARGV; + } elsif ($arg eq '--tableid') { + $table_hdr[5] = shift @ARGV; + } elsif ($arg eq '--initiator') { + my %val = split /[,=]/, shift @ARGV; + $initiator[5] = ip (delete $val{isns}) if exists $val{isns}; + $initiator[6] = ip (delete $val{slp}) if exists $val{slp}; + $initiator[7] = ip (delete $val{radius1}) if exists $val{radius1}; + $initiator[8] = ip (delete $val{radius2}) if exists $val{radius2}; + $iqn = delete $val{iqn} if exists $val{iqn}; + die "Saatana: Extra arguments to --initiator: ".join (', ', %val) if %val; + } elsif ($arg eq '--nic') { + my @nic = (3, 1, 102, 0, 0x03, + undef, 0, 0x01, '', '', '', '', 0, '', 0, (0000, 0000)); + push @nics, \@nic; + + my %val = split /[,=]/, shift @ARGV; + die 'Saatana: --nic needs an ip' unless exists $val{ip}; + $nic[3] = $#nics; + $nic[5] = ip (delete $val{ip}); + $nic[6] = delete $val{prefix} if exists $val{prefix}; + $nic[7] = 0x03 if exists $val{dhcp}; + $nic[8] = ip (delete $val{gw}) if exists $val{gw}; + $nic[9] = ip (delete $val{dns1}) if exists $val{dns1}; + $nic[10] = ip (delete $val{dns2}) if exists $val{dns2}; + $nic[11] = ip (delete $val{dhcp}) if exists $val{dhcp}; + $nic[12] = delete $val{vlan} if exists $val{vlan}; + $nic[13] = mac (delete $val{mac}) if exists $val{mac}; + $nic[14] = pci (delete $val{pci}) if exists $val{pci}; + $hostnames[$#nics] = exists $val{hostname} ? delete $val{hostname} : 'client'; + $hostnames[$#nics] = pack_str $hostnames[$#nics]; + die "Saatana: Extra arguments to --nic: ".join (', ', %val) if %val; + + # Allocate an control expansion entry + if ($#nics > 1) { + $control[2] += 2; + push @control, (0x4444); + } + } elsif ($arg eq '--target') { + my @tgt = (4, 1, 54, 0, 0x03, + undef, 3260, lun (1), 0, 0, + (0000, 0000), + (0000, 0000), + (0000, 0000), + (0000, 0000), + (0000, 0000)); + push @tgts, \@tgt; + + my %val = split /[,=]/, shift @ARGV; + die 'Saatana: --target needs an ip' unless exists $val{ip}; + $tgt[3] = $#tgts; + $tgt[5] = ip (delete $val{ip}) if exists $val{ip}; + $tgt[6] = delete $val{port} if exists $val{port}; + $tgt[7] = lun (delete $val{lun}) if exists $val{lun}; + $tgt[9] = delete $val{nic} if exists $val{nic}; + $tgt_names[$#tgts] = exists $val{name} ? delete $val{name} + : 'iqn.2009-06.dracut:target'.$#tgts; + $tgt_names[$#tgts] = pack_str $tgt_names[$#tgts]; + die "Saatana: Extra arguments to --target: ".join (', ', %val) if %val; + + # Allocate an control expansion entry if necessary + if ($#tgts > 1) { + $control[2] += 2; + push @control, (0x1111); + } + } else { + die "Saatana: Unknown argument: $arg"; + } +} + +# Pass 1 +my $table_hdr = pack_table_hdr @table_hdr; +my $control = pack_control @control; +my $initiator = pack_initiator @initiator; +my @packed_nics = map { pack_nic @$_ } @nics; +my @packed_tgts = map { pack_tgt @$_ } @tgts; +$iqn = pack_str $iqn; + + +# Resolve the offsets +my $len = 0; +$len += length $table_hdr; +$len += length $control; +$control[6] = $len; +$len += length $initiator; + +for my $i (0..$#packed_nics) { + if ($i == 0) { + # NIC 0 + $control[7] = $len; + } elsif ($i == 1) { + # NIC 1 + $control[9] = $len; + } else { + # Expansion + $control[11 + $i - 2] = $len; + } + $len += length $packed_nics[$i]; +} + +for my $i (0..$#packed_tgts) { + if ($i == 0) { + # Target 0 + $control[8] = $len; + } elsif ($i == 1) { + # Target 1 + $control[10] = $len; + } else { + # Expansion + $control[11 + scalar @packed_nics - 2 + $i - 2] = $len; + } + $len += length $packed_tgts[$i]; +} + +$initiator[9] = -1 + length $iqn; +$initiator[10] = $len; +$len += length $iqn; + +for my $i (0..$#hostnames) { + $nics[$i]->[15] = -1 + length $hostnames[$i]; + $nics[$i]->[16] = $len; + $len += length $hostnames[$i]; +} + +for my $i (0..$#tgt_names) { + $tgts[$i]->[10] = -1 + length $tgt_names[$i]; + $tgts[$i]->[11] = $len; + $len += length $tgt_names[$i]; +} + +@table_hdr[1] = $len; + +# Pass 2, with the offsets resolved +$table_hdr = pack_table_hdr @table_hdr; +$control = pack_control @control; +$initiator = pack_initiator @initiator; +@packed_nics = map { pack_nic @$_ } @nics; +@packed_tgts = map { pack_tgt @$_ } @tgts; + +# Pass 3, calculate checksum +my $cksum = 0xff; +$cksum += ord $_ foreach split //, join '', $table_hdr, $control, $initiator, + @packed_nics, @packed_tgts, $iqn, @hostnames, @tgt_names; +$cksum = ~$cksum & 0xff; +$table_hdr[3] = $cksum; +$table_hdr = pack_table_hdr @table_hdr; + +# Puke stuff out +print $table_hdr; +print $control; +print $initiator; +print @packed_nics; +print @packed_tgts; +print $iqn; +print @hostnames; +print @tgt_names; + +=head1 EXAMPLES + +=over + +=item B<< perl ibft.pl --oemid FENSYS --tableid iPXE --nic ip=192.168.50.101,prefix=24,gw=192.168.50.1,dns1=192.168.50.1,dhcp=192.168.50.1,vlan=0,mac=52:54:00:12:34:00,pci=00:02.0,hostname=iscsi-1 --target ip=192.168.50.1 >ibft.img >> + +Generate an iBFT image with a single NIC while pretending we're iPXE for +no good reason. + +=item B<<perl ibft.pl --initiator iqn=iqn.1994-05.com.redhat:633114aacf2 --nic ip=192.168.50.101,prefix=24,gw=192.168.50.1,dns1=192.168.50.1,dhcp=192.168.50.1,mac=52:54:00:12:34:00,pci=00:03.0 --nic ip=192.168.51.101,prefix=24,gw=192.168.51.1,dns1=192.168.51.1,dhcp=192.168.51.1,mac=52:54:00:12:34:01,pci=00:04.0 --target ip=192.168.50.1,port=3260,lun=1,name=iqn.2009-06.dracut:target0 --target ip=192.168.51.1,port=3260,lun=2,name=iqn.2009-06.dracut:target1 >ibft.img >> + +Generate an iBFT image for two NICs while being slightly more expressive +than necessary. + +=item B<qemy-system-x86_64 -acpitable file=ibft.img> + +Use the image with QEMU. + +=back + +=head1 BUGS + +No support for CHAP secrets. + +=head1 SEE ALSO + +=over 4 + +=item L<qemu(1)>, + +=item L<iSCSI Boot Firmware Table (iBFT)|ftp://ftp.software.ibm.com/systems/support/bladecenter/iscsi_boot_firmware_table_v1.03.pdf>, + +=item L<NL_PREFIX_ORIGIN Enumeration|https://docs.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_prefix_origin> + +=back + +=head1 COPYRIGHT + +Copyright (C) 2019 Lubomir Rintel + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see <http://www.gnu.org/licenses/>. + +=head1 AUTHOR + +Lubomir Rintel C<lkundrak@v3.sk> + +=cut + +# Forgive me. +# This would have been much easier with FORTH. diff --git a/test/TEST-30-ISCSI/ibft.table b/test/TEST-30-ISCSI/ibft.table Binary files differnew file mode 100644 index 0000000..0837940 --- /dev/null +++ b/test/TEST-30-ISCSI/ibft.table diff --git a/test/TEST-30-ISCSI/server-init.sh b/test/TEST-30-ISCSI/server-init.sh new file mode 100755 index 0000000..a1c3b7e --- /dev/null +++ b/test/TEST-30-ISCSI/server-init.sh @@ -0,0 +1,88 @@ +#!/bin/sh +exec < /dev/console > /dev/console 2>&1 +set -x +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +export TERM=linux +export PS1='server:\w\$ ' +stty sane +echo "made it to the rootfs!" +echo server > /proc/sys/kernel/hostname + +wait_for_if_link() { + local cnt=0 + local li + while [ $cnt -lt 600 ]; do + li=$(ip -o link show dev "$1" 2> /dev/null) + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_if_up() { + local cnt=0 + local li + while [ $cnt -lt 200 ]; do + li=$(ip -o link show up dev "$1") + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_route_ok() { + local cnt=0 + while [ $cnt -lt 200 ]; do + li=$(ip route show) + [ -n "$li" ] && [ -z "${li##*"$1"*}" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +linkup() { + wait_for_if_link "$1" 2> /dev/null && ip link set "$1" up 2> /dev/null && wait_for_if_up "$1" 2> /dev/null +} + +wait_for_if_link enx525400123456 +wait_for_if_link enx525400123457 + +ip addr add 127.0.0.1/8 dev lo +ip link set lo up + +ip addr add 192.168.50.1/24 dev enx525400123456 +linkup enx525400123456 + +ip addr add 192.168.51.1/24 dev enx525400123457 +linkup enx525400123457 + +modprobe af_packet + +: > /var/lib/dhcpd/dhcpd.leases +chmod 777 /var/lib/dhcpd/dhcpd.leases +dhcpd -d -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases & + +tgtd +tgtadm --lld iscsi --mode target --op new --tid 1 --targetname iqn.2009-06.dracut:target0 +tgtadm --lld iscsi --mode target --op new --tid 2 --targetname iqn.2009-06.dracut:target1 +tgtadm --lld iscsi --mode target --op new --tid 3 --targetname iqn.2009-06.dracut:target2 +tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 1 -b /dev/disk/by-id/ata-disk_singleroot +tgtadm --lld iscsi --mode logicalunit --op new --tid 2 --lun 2 -b /dev/disk/by-id/ata-disk_raid0-1 +tgtadm --lld iscsi --mode logicalunit --op new --tid 3 --lun 3 -b /dev/disk/by-id/ata-disk_raid0-2 +tgtadm --lld iscsi --mode target --op bind --tid 1 -I 192.168.50.101 +tgtadm --lld iscsi --mode target --op bind --tid 2 -I 192.168.51.101 +tgtadm --lld iscsi --mode target --op bind --tid 3 -I 192.168.50.101 + +# Wait forever for the VM to die +echo "Serving iSCSI" +while pidof tgtd > /dev/null; do + : > /dev/watchdog + dmesg -c + sleep 1 +done +dmesg -c +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-30-ISCSI/server.link b/test/TEST-30-ISCSI/server.link new file mode 100644 index 0000000..1d21856 --- /dev/null +++ b/test/TEST-30-ISCSI/server.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=mac +MACAddressPolicy=keep diff --git a/test/TEST-30-ISCSI/test.sh b/test/TEST-30-ISCSI/test.sh new file mode 100755 index 0000000..ac9f096 --- /dev/null +++ b/test/TEST-30-ISCSI/test.sh @@ -0,0 +1,240 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem over iSCSI with $USE_NETWORK" + +#DEBUGFAIL="rd.shell rd.break rd.debug loglevel=7 " +#SERVER_DEBUG="rd.debug loglevel=7" +#SERIAL="tcp:127.0.0.1:9999" + +run_server() { + # Start server first + echo "iSCSI TEST SETUP: Starting DHCP/iSCSI server" + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img serverroot 0 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/singleroot.img singleroot + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid0-1.img raid0-1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid0-2.img raid0-2 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -serial "${SERIAL:-"file:$TESTDIR/server.log"}" \ + -net nic,macaddr=52:54:00:12:34:56,model=e1000 \ + -net nic,macaddr=52:54:00:12:34:57,model=e1000 \ + -net socket,listen=127.0.0.1:12330 \ + -append "panic=1 oops=panic softlockup_panic=1 quiet root=/dev/disk/by-id/ata-disk_serverroot rootfstype=ext4 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \ + -initrd "$TESTDIR"/initramfs.server \ + -pidfile "$TESTDIR"/server.pid -daemonize || return 1 + chmod 644 "$TESTDIR"/server.pid || return 1 + + # Cleanup the terminal if we have one + tty -s && stty sane + + if ! [[ $SERIAL ]]; then + while :; do + grep Serving "$TESTDIR"/server.log && break + echo "Waiting for the server to startup" + tail "$TESTDIR"/server.log + sleep 1 + done + else + echo Sleeping 10 seconds to give the server a head start + sleep 10 + fi + +} + +run_client() { + local test_name=$1 + shift + echo "CLIENT TEST START: $test_name" + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -net nic,macaddr=52:54:00:12:34:00,model=e1000 \ + -net nic,macaddr=52:54:00:12:34:01,model=e1000 \ + -net socket,connect=127.0.0.1:12330 \ + -acpitable file=ibft.table \ + -append "$*" \ + -initrd "$TESTDIR"/initramfs.testing + + # shellcheck disable=SC2181 + if [[ $? -ne 0 ]] || ! test_marker_check iscsi-OK; then + echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]" + return 1 + fi + + echo "CLIENT TEST END: $test_name [OK]" + return 0 +} + +do_test_run() { + initiator=$(iscsi-iname) + + run_client "root=dhcp" \ + "root=/dev/root netroot=dhcp ip=enp0s1:dhcp" \ + "rd.iscsi.initiator=$initiator" \ + || return 1 + + run_client "netroot=iscsi target0" \ + "root=LABEL=singleroot netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target0" \ + "ip=192.168.50.101::192.168.50.1:255.255.255.0:iscsi-1:enp0s1:off" \ + "rd.iscsi.initiator=$initiator" \ + || return 1 + + run_client "netroot=iscsi target1 target2" \ + "root=LABEL=sysroot" \ + "ip=dhcp" \ + "netroot=iscsi:192.168.51.1::::iqn.2009-06.dracut:target1" \ + "netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target2" \ + "rd.iscsi.initiator=$initiator" \ + || return 1 + + run_client "root=ibft" \ + "root=LABEL=singleroot" \ + "rd.iscsi.ibft=1" \ + "rd.iscsi.firmware=1" \ + || return 1 + + echo "All tests passed [OK]" + return 0 +} + +test_run() { + if ! run_server; then + echo "Failed to start server" 1>&2 + return 1 + fi + do_test_run + ret=$? + if [[ -s $TESTDIR/server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi + return $ret +} + +test_check() { + if ! command -v tgtd &> /dev/null || ! command -v tgtadm &> /dev/null; then + echo "Need tgtd and tgtadm from scsi-target-utils" + return 1 + fi +} + +test_setup() { + # Create what will eventually be the client root filesystem onto an overlay + "$DRACUT" -l --keep --tmpdir "$TESTDIR" \ + -m "test-root" \ + -i ./client-init.sh /sbin/init \ + -I "ip ping grep setsid" \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" \ + --no-hostonly --no-hostonly-cmdline --nohardlink \ + -f "$TESTDIR"/initramfs.root "$KVERSION" || return 1 + mkdir -p "$TESTDIR"/overlay/source && mv "$TESTDIR"/dracut.*/initramfs/* "$TESTDIR"/overlay/source && rm -rf "$TESTDIR"/dracut.* + + mkdir -p -- "$TESTDIR"/overlay/source/var/lib/nfs/rpc_pipefs + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "test-makeroot crypt lvm mdraid" \ + -I "mkfs.ext4 setsid blockdev" \ + -i ./create-client-root.sh /lib/dracut/hooks/initqueue/01-create-client-root.sh \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/singleroot.img singleroot 200 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid0-1.img raid0-1 100 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid0-2.img raid0-2 100 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -- "$TESTDIR"/marker.img + + # Create what will eventually be the server root filesystem onto an overlay + "$DRACUT" -l --keep --tmpdir "$TESTDIR" \ + -m "test-root network network-legacy" \ + -d "iscsi_tcp crc32c ipv6" \ + -i ./server-init.sh /sbin/init \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" \ + -i "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" \ + -I "modprobe chmod ip ping tcpdump setsid pidof tgtd tgtadm /etc/passwd" \ + --install-optional "/etc/netconfig dhcpd /etc/group /etc/nsswitch.conf /etc/rpc /etc/protocols /etc/services /usr/etc/nsswitch.conf /usr/etc/rpc /usr/etc/protocols /usr/etc/services" \ + -i "./hosts" "/etc/hosts" \ + -i "./dhcpd.conf" "/etc/dhcpd.conf" \ + --no-hostonly --no-hostonly-cmdline --nohardlink \ + -f "$TESTDIR"/initramfs.root "$KVERSION" || return 1 + mkdir -p "$TESTDIR"/overlay/source && mv "$TESTDIR"/dracut.*/initramfs/* "$TESTDIR"/overlay/source && rm -rf "$TESTDIR"/dracut.* + + mkdir -p "$TESTDIR"/overlay/source/var/lib/dhcpd + + # second, install the files needed to make the root filesystem + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "test-makeroot" \ + -I "mkfs.ext4" \ + -i ./create-server-root.sh /lib/dracut/hooks/initqueue/01-create-server-root.sh \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img root 240 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -- "$TESTDIR"/marker.img + + # Make server's dracut image + "$DRACUT" -l \ + -a "dash rootfs-block test kernel-modules network network-legacy" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod e1000 drbg" \ + -i "./server.link" "/etc/systemd/network/01-server.link" \ + -i ./wait-if-server.sh /lib/dracut/hooks/pre-mount/99-wait-if-server.sh \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.server "$KVERSION" || return 1 + + # Make client's dracut image + test_dracut \ + --add "$USE_NETWORK" \ + --include "./client.link" "/etc/systemd/network/01-client.link" \ + --kernel-cmdline "rw rd.auto rd.retry=50" \ + "$TESTDIR"/initramfs.testing +} + +test_cleanup() { + if [[ -s $TESTDIR/server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-30-ISCSI/wait-if-server.sh b/test/TEST-30-ISCSI/wait-if-server.sh new file mode 100755 index 0000000..b53e41f --- /dev/null +++ b/test/TEST-30-ISCSI/wait-if-server.sh @@ -0,0 +1,4 @@ +#!/bin/sh +. /lib/net-lib.sh +wait_for_if_link enx525400123456 +wait_for_if_link enx525400123457 diff --git a/test/TEST-35-ISCSI-MULTI/Makefile b/test/TEST-35-ISCSI-MULTI/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-35-ISCSI-MULTI/client-init.sh b/test/TEST-35-ISCSI-MULTI/client-init.sh new file mode 100755 index 0000000..46a5e3f --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/client-init.sh @@ -0,0 +1,24 @@ +#!/bin/sh +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +stty sane +echo "made it to the rootfs! Powering down." +while read -r dev _ fstype opts rest || [ -n "$dev" ]; do + [ "$fstype" != "ext4" ] && continue + echo "iscsi-OK $dev $fstype $opts" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + break +done < /proc/mounts + +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi + +sync +poweroff -f diff --git a/test/TEST-35-ISCSI-MULTI/client.link b/test/TEST-35-ISCSI-MULTI/client.link new file mode 100644 index 0000000..b992bfd --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/client.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=keep kernel database onboard slot path +MACAddressPolicy=keep diff --git a/test/TEST-35-ISCSI-MULTI/create-client-root.sh b/test/TEST-35-ISCSI-MULTI/create-client-root.sh new file mode 100755 index 0000000..267c93a --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/create-client-root.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex + +mkfs.ext4 -j -L singleroot -F /dev/disk/by-id/ata-disk_singleroot +mkdir -p /sysroot +mount -t ext4 /dev/disk/by-id/ata-disk_singleroot /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +mdadm --create /dev/md0 --run --auto=yes --level=stripe --raid-devices=2 /dev/disk/by-id/ata-disk_raid0-1 /dev/disk/by-id/ata-disk_raid0-2 +mdadm -W /dev/md0 || : +lvm pvcreate -ff -y /dev/md0 +lvm vgcreate dracut /dev/md0 +lvm lvcreate -l 100%FREE -n root dracut +lvm vgchange -ay +mkfs.ext4 -j -L sysroot /dev/dracut/root +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +lvm lvchange -a n /dev/dracut/root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-35-ISCSI-MULTI/create-server-root.sh b/test/TEST-35-ISCSI-MULTI/create-server-root.sh new file mode 100755 index 0000000..2dbc2da --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/create-server-root.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-35-ISCSI-MULTI/dhcpd.conf b/test/TEST-35-ISCSI-MULTI/dhcpd.conf new file mode 100644 index 0000000..fd306ea --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/dhcpd.conf @@ -0,0 +1,48 @@ +ddns-update-style none; + +use-host-decl-names true; + +subnet 192.168.50.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option routers 192.168.50.1; + next-server 192.168.50.1; + server-identifier 192.168.50.1; + option domain-name-servers 192.168.50.1; + option domain-search "example.com"; + option domain-name "other.com"; + + # MAC numbering scheme: + # NFSv3: last octet starts at 0x00 and works up + + group { + option root-path "iscsi:192.168.50.1:::1:iqn.2009-06.dracut:target0"; + + host iscsi-1 { + hardware ethernet 52:54:00:12:34:00; + fixed-address 192.168.50.101; + } + } +} + +subnet 192.168.51.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option routers 192.168.51.1; + next-server 192.168.51.1; + server-identifier 192.168.51.1; + option domain-name-servers 192.168.51.1; + option domain-search "example.com"; + option domain-name "other.com"; + + # MAC numbering scheme: + # NFSv3: last octet starts at 0x00 and works up + + group { + #option root-path "iscsi:192.168.51.1:::1:iqn.2009-06.dracut:target1"; + + host iscsi-2 { + hardware ethernet 52:54:00:12:34:01; + fixed-address 192.168.51.101; + } + + } +} diff --git a/test/TEST-35-ISCSI-MULTI/finished-false.sh b/test/TEST-35-ISCSI-MULTI/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-35-ISCSI-MULTI/hard-off.sh b/test/TEST-35-ISCSI-MULTI/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-35-ISCSI-MULTI/hosts b/test/TEST-35-ISCSI-MULTI/hosts new file mode 100644 index 0000000..f8c18b6 --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/hosts @@ -0,0 +1,8 @@ +127.0.0.1 localhost +192.168.50.1 server +192.168.50.2 server-ip +192.168.50.3 server-proto-ip +192.168.50.100 workstation1 +192.168.50.101 workstation2 +192.168.50.102 workstation3 +192.168.50.103 workstation4 diff --git a/test/TEST-35-ISCSI-MULTI/server-init.sh b/test/TEST-35-ISCSI-MULTI/server-init.sh new file mode 100755 index 0000000..a1c3b7e --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/server-init.sh @@ -0,0 +1,88 @@ +#!/bin/sh +exec < /dev/console > /dev/console 2>&1 +set -x +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +export TERM=linux +export PS1='server:\w\$ ' +stty sane +echo "made it to the rootfs!" +echo server > /proc/sys/kernel/hostname + +wait_for_if_link() { + local cnt=0 + local li + while [ $cnt -lt 600 ]; do + li=$(ip -o link show dev "$1" 2> /dev/null) + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_if_up() { + local cnt=0 + local li + while [ $cnt -lt 200 ]; do + li=$(ip -o link show up dev "$1") + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_route_ok() { + local cnt=0 + while [ $cnt -lt 200 ]; do + li=$(ip route show) + [ -n "$li" ] && [ -z "${li##*"$1"*}" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +linkup() { + wait_for_if_link "$1" 2> /dev/null && ip link set "$1" up 2> /dev/null && wait_for_if_up "$1" 2> /dev/null +} + +wait_for_if_link enx525400123456 +wait_for_if_link enx525400123457 + +ip addr add 127.0.0.1/8 dev lo +ip link set lo up + +ip addr add 192.168.50.1/24 dev enx525400123456 +linkup enx525400123456 + +ip addr add 192.168.51.1/24 dev enx525400123457 +linkup enx525400123457 + +modprobe af_packet + +: > /var/lib/dhcpd/dhcpd.leases +chmod 777 /var/lib/dhcpd/dhcpd.leases +dhcpd -d -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases & + +tgtd +tgtadm --lld iscsi --mode target --op new --tid 1 --targetname iqn.2009-06.dracut:target0 +tgtadm --lld iscsi --mode target --op new --tid 2 --targetname iqn.2009-06.dracut:target1 +tgtadm --lld iscsi --mode target --op new --tid 3 --targetname iqn.2009-06.dracut:target2 +tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 1 -b /dev/disk/by-id/ata-disk_singleroot +tgtadm --lld iscsi --mode logicalunit --op new --tid 2 --lun 2 -b /dev/disk/by-id/ata-disk_raid0-1 +tgtadm --lld iscsi --mode logicalunit --op new --tid 3 --lun 3 -b /dev/disk/by-id/ata-disk_raid0-2 +tgtadm --lld iscsi --mode target --op bind --tid 1 -I 192.168.50.101 +tgtadm --lld iscsi --mode target --op bind --tid 2 -I 192.168.51.101 +tgtadm --lld iscsi --mode target --op bind --tid 3 -I 192.168.50.101 + +# Wait forever for the VM to die +echo "Serving iSCSI" +while pidof tgtd > /dev/null; do + : > /dev/watchdog + dmesg -c + sleep 1 +done +dmesg -c +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-35-ISCSI-MULTI/server.link b/test/TEST-35-ISCSI-MULTI/server.link new file mode 100644 index 0000000..1d21856 --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/server.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=mac +MACAddressPolicy=keep diff --git a/test/TEST-35-ISCSI-MULTI/test.sh b/test/TEST-35-ISCSI-MULTI/test.sh new file mode 100755 index 0000000..3e649a8 --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/test.sh @@ -0,0 +1,345 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem over multiple iSCSI with $USE_NETWORK" + +#DEBUGFAIL="rd.shell rd.break rd.debug loglevel=7 " +#SERVER_DEBUG="rd.debug loglevel=7" +#SERIAL="tcp:127.0.0.1:9999" + +run_server() { + # Start server first + echo "iSCSI TEST SETUP: Starting DHCP/iSCSI server" + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img serverroot 0 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/singleroot.img singleroot + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid0-1.img raid0-1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid0-2.img raid0-2 + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -serial "${SERIAL:-"file:$TESTDIR/server.log"}" \ + -net nic,macaddr=52:54:00:12:34:56,model=e1000 \ + -net nic,macaddr=52:54:00:12:34:57,model=e1000 \ + -net socket,listen=127.0.0.1:12331 \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=/dev/disk/by-id/ata-disk_serverroot rootfstype=ext4 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \ + -initrd "$TESTDIR"/initramfs.server \ + -pidfile "$TESTDIR"/server.pid -daemonize || return 1 + chmod 644 "$TESTDIR"/server.pid || return 1 + + # Cleanup the terminal if we have one + tty -s && stty sane + + if ! [[ $SERIAL ]]; then + while :; do + grep Serving "$TESTDIR"/server.log && break + echo "Waiting for the server to startup" + tail "$TESTDIR"/server.log + sleep 1 + done + else + echo Sleeping 10 seconds to give the server a head start + sleep 10 + fi +} + +run_client() { + local test_name=$1 + shift + echo "CLIENT TEST START: $test_name" + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -net nic,macaddr=52:54:00:12:34:00,model=e1000 \ + -net nic,macaddr=52:54:00:12:34:01,model=e1000 \ + -net socket,connect=127.0.0.1:12331 \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot rw rd.auto rd.retry=50 console=ttyS0,115200n81 selinux=0 rd.debug=0 rd.shell=0 $DEBUGFAIL $*" \ + -initrd "$TESTDIR"/initramfs.testing + if ! test_marker_check iscsi-OK; then + echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]" + return 1 + fi + + echo "CLIENT TEST END: $test_name [OK]" + return 0 +} + +do_test_run() { + initiator=$(iscsi-iname) + run_client "netroot=iscsi target1 target2" \ + "root=LABEL=sysroot" \ + "ip=192.168.50.101:::255.255.255.0::enp0s1:off" \ + "ip=192.168.51.101:::255.255.255.0::enp0s2:off" \ + "netroot=iscsi:192.168.51.1::::iqn.2009-06.dracut:target1" \ + "netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target2" \ + "rd.iscsi.initiator=$initiator" \ + || return 1 + + run_client "netroot=iscsi target1 target2 rd.iscsi.waitnet=0" \ + "root=LABEL=sysroot" \ + "ip=192.168.50.101:::255.255.255.0::enp0s1:off" \ + "ip=192.168.51.101:::255.255.255.0::enp0s2:off" \ + "netroot=iscsi:192.168.51.1::::iqn.2009-06.dracut:target1" \ + "netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target2" \ + "rd.iscsi.firmware" \ + "rd.iscsi.initiator=$initiator" \ + "rd.iscsi.waitnet=0" \ + || return 1 + + run_client "netroot=iscsi target1 target2 rd.iscsi.waitnet=0 rd.iscsi.testroute=0" \ + "root=LABEL=sysroot" \ + "ip=192.168.50.101:::255.255.255.0::enp0s1:off" \ + "ip=192.168.51.101:::255.255.255.0::enp0s2:off" \ + "netroot=iscsi:192.168.51.1::::iqn.2009-06.dracut:target1" \ + "netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target2" \ + "rd.iscsi.firmware" \ + "rd.iscsi.initiator=$initiator" \ + "rd.iscsi.waitnet=0 rd.iscsi.testroute=0" \ + || return 1 + + run_client "netroot=iscsi target1 target2 rd.iscsi.waitnet=0 rd.iscsi.testroute=0 default GW" \ + "root=LABEL=sysroot" \ + "ip=192.168.50.101::192.168.50.1:255.255.255.0::enp0s1:off" \ + "ip=192.168.51.101::192.168.51.1:255.255.255.0::enp0s2:off" \ + "netroot=iscsi:192.168.51.1::::iqn.2009-06.dracut:target1" \ + "netroot=iscsi:192.168.50.1::::iqn.2009-06.dracut:target2" \ + "rd.iscsi.firmware" \ + "rd.iscsi.initiator=$initiator" \ + "rd.iscsi.waitnet=0 rd.iscsi.testroute=0" \ + || return 1 + + echo "All tests passed [OK]" + return 0 +} + +test_run() { + if ! run_server; then + echo "Failed to start server" 1>&2 + return 1 + fi + do_test_run + ret=$? + if [[ -s $TESTDIR/server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi + return $ret +} + +test_check() { + if ! command -v tgtd &> /dev/null || ! command -v tgtadm &> /dev/null; then + echo "Need tgtd and tgtadm from scsi-target-utils" + return 1 + fi +} + +test_setup() { + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + rm -rf -- "$TESTDIR"/overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc var/run tmp + mkdir -p root usr/bin usr/lib usr/lib64 usr/sbin + mkdir -p -- var/lib/nfs/rpc_pipefs + ) + inst_multiple sh shutdown poweroff stty cat ps ln ip \ + mount dmesg mkdir cp ping grep setsid dd sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + inst_simple /etc/os-release + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst ./client-init.sh /sbin/init + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount setsid dd sync blockdev + inst_hook initqueue 01 ./create-client-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "dash crypt lvm mdraid kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/singleroot.img singleroot 200 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid0-1.img raid0-1 100 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/raid0-2.img raid0-2 100 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -- "$TESTDIR"/marker.img + + # shellcheck disable=SC2031 + export kernel=$KVERSION + rm -rf -- "$TESTDIR"/overlay + ( + mkdir -p "$TESTDIR"/overlay/source + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p dev sys proc etc var/run tmp var/lib/dhcpd /etc/iscsi + ) + inst /etc/passwd /etc/passwd + inst_multiple sh ls shutdown poweroff stty cat ps ln ip \ + dmesg mkdir cp ping modprobe tcpdump setsid \ + sleep mount chmod pidof + inst_multiple tgtd tgtadm + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + instmods iscsi_tcp crc32c ipv6 af_packet + [ -f /etc/netconfig ] && inst_multiple /etc/netconfig + type -P dhcpd > /dev/null && inst_multiple dhcpd + inst ./server-init.sh /sbin/init + inst ./hosts /etc/hosts + inst ./dhcpd.conf /etc/dhcpd.conf + inst_multiple -o {,/usr}/etc/nsswitch.conf {,/usr}/etc/rpc \ + {,/usr}/etc/protocols {,/usr}/etc/services \ + /etc/group /etc/os-release + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + dracut_kernel_post + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount sync dd + inst_hook initqueue 01 ./create-server-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "dash rootfs-block kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img root 60 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -- "$TESTDIR"/marker.img + + # Make an overlay with needed tools for the test harness + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + inst_simple ./client.link /etc/systemd/network/01-client.link + ) + # Make client's dracut image + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth dmraid nfs" \ + -a "debug ${USE_NETWORK}" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 + + ( + # shellcheck disable=SC2031 + export initdir="$TESTDIR"/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + rm "$initdir"/etc/systemd/network/01-client.link + inst_simple ./server.link /etc/systemd/network/01-server.link + inst_hook pre-mount 99 ./wait-if-server.sh + ) + # Make server's dracut image + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -a "dash rootfs-block debug kernel-modules network network-legacy" \ + -d "af_packet piix ide-gd_mod ata_piix ext4 sd_mod e1000 drbg" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.server "$KVERSION" || return 1 + + rm -rf -- "$TESTDIR"/overlay +} + +test_cleanup() { + if [[ -s $TESTDIR/server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-35-ISCSI-MULTI/wait-if-server.sh b/test/TEST-35-ISCSI-MULTI/wait-if-server.sh new file mode 100755 index 0000000..b53e41f --- /dev/null +++ b/test/TEST-35-ISCSI-MULTI/wait-if-server.sh @@ -0,0 +1,4 @@ +#!/bin/sh +. /lib/net-lib.sh +wait_for_if_link enx525400123456 +wait_for_if_link enx525400123457 diff --git a/test/TEST-40-NBD/Makefile b/test/TEST-40-NBD/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-40-NBD/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-40-NBD/client-init.sh b/test/TEST-40-NBD/client-init.sh new file mode 100755 index 0000000..c5c57a2 --- /dev/null +++ b/test/TEST-40-NBD/client-init.sh @@ -0,0 +1,29 @@ +#!/bin/sh +: > /dev/watchdog +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +while read -r dev fs fstype opts rest || [ -n "$dev" ]; do + [ "$dev" = "rootfs" ] && continue + [ "$fs" != "/" ] && continue + echo "nbd-OK $fstype $opts" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + echo "nbd-OK $fstype $opts" + break +done < /proc/mounts +export TERM=linux +export PS1='nbdclient-test:\w\$ ' +stty sane +echo "made it to the rootfs! Powering down." + +if getargbool 0 rd.shell; then + strstr "$(setsid --help)" "control" && CTTY="-c" + setsid $CTTY sh -i +fi + +mount -n -o remount,ro / + +sync +poweroff -f diff --git a/test/TEST-40-NBD/client.link b/test/TEST-40-NBD/client.link new file mode 100644 index 0000000..b992bfd --- /dev/null +++ b/test/TEST-40-NBD/client.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=keep kernel database onboard slot path +MACAddressPolicy=keep diff --git a/test/TEST-40-NBD/create-client-root.sh b/test/TEST-40-NBD/create-client-root.sh new file mode 100755 index 0000000..a214f38 --- /dev/null +++ b/test/TEST-40-NBD/create-client-root.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +set -e + +udevadm settle +mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +{ + echo "dracut-root-block-created" + echo "ID_FS_UUID=$ID_FS_UUID" +} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +poweroff -f diff --git a/test/TEST-40-NBD/create-encrypted-root.sh b/test/TEST-40-NBD/create-encrypted-root.sh new file mode 100755 index 0000000..0ea90e3 --- /dev/null +++ b/test/TEST-40-NBD/create-encrypted-root.sh @@ -0,0 +1,41 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex + +printf test > keyfile +cryptsetup -q luksFormat /dev/disk/by-id/ata-disk_root /keyfile +echo "The passphrase is test" +cryptsetup luksOpen /dev/disk/by-id/ata-disk_root dracut_crypt_test < /keyfile +lvm pvcreate -ff -y /dev/mapper/dracut_crypt_test +lvm vgcreate dracut /dev/mapper/dracut_crypt_test +lvm lvcreate -l 100%FREE -n root dracut +lvm vgchange -ay +udevadm settle +mkfs.ext4 -L dracut -j /dev/dracut/root +mkdir -p /sysroot +mount -t ext4 /dev/dracut/root /sysroot +cp -a -t /sysroot /source/* +umount /sysroot +sleep 1 +lvm lvchange -a n /dev/dracut/root +udevadm settle +cryptsetup luksClose /dev/mapper/dracut_crypt_test +udevadm settle +sleep 1 +eval "$(udevadm info --query=property --name=/dev/disk/by-id/ata-disk_root | while read -r line || [ -n "$line" ]; do [ "$line" != "${line#*ID_FS_UUID*}" ] && echo "$line"; done)" +{ + echo "dracut-root-block-created" + echo "ID_FS_UUID=$ID_FS_UUID" +} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-40-NBD/create-server-root.sh b/test/TEST-40-NBD/create-server-root.sh new file mode 100755 index 0000000..de4d670 --- /dev/null +++ b/test/TEST-40-NBD/create-server-root.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle +set -e + +udevadm settle +mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +{ + echo "dracut-root-block-created" + echo "ID_FS_UUID=$ID_FS_UUID" +} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-40-NBD/cryptroot-ask.sh b/test/TEST-40-NBD/cryptroot-ask.sh new file mode 100755 index 0000000..a6b7ac7 --- /dev/null +++ b/test/TEST-40-NBD/cryptroot-ask.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +[ -b /dev/mapper/"$2" ] && exit 0 +printf test > /keyfile +/sbin/cryptsetup luksOpen "$1" "$2" < /keyfile diff --git a/test/TEST-40-NBD/dhcpd.conf b/test/TEST-40-NBD/dhcpd.conf new file mode 100644 index 0000000..08461f9 --- /dev/null +++ b/test/TEST-40-NBD/dhcpd.conf @@ -0,0 +1,66 @@ +ddns-update-style none; + +use-host-decl-names true; + +subnet 192.168.50.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option routers 192.168.50.1; + next-server 192.168.50.1; + server-identifier 192.168.50.1; + option domain-name-servers 192.168.50.1; + option domain-search "example.com"; + option domain-name "other.com"; + + group { + host nbd-1 { + hardware ethernet 52:54:00:12:34:00; + fixed-address 192.168.50.101; + } + } + + group { + host nbd-2 { + option root-path "nbd:192.168.50.1:raw"; + + hardware ethernet 52:54:00:12:34:01; + fixed-address 192.168.50.101; + } + } + + group { + host nbd-3 { + option root-path "nbd:192.168.50.1:raw:ext2"; + + hardware ethernet 52:54:00:12:34:02; + fixed-address 192.168.50.101; + } + } + + group { + host nbd-4 { + option root-path "nbd:192.168.50.1:raw::errors=panic"; + + hardware ethernet 52:54:00:12:34:03; + fixed-address 192.168.50.101; + } + } + + group { + host nbd-5 { + option root-path "nbd:192.168.50.1:raw:ext2:errors=panic"; + + hardware ethernet 52:54:00:12:34:04; + fixed-address 192.168.50.101; + } + } + + group { + host nbd-6 { + # Use the encrypted image + option root-path "nbd:192.168.50.1:encrypted:ext2:errors=panic"; + + hardware ethernet 52:54:00:12:34:05; + fixed-address 192.168.50.101; + } + } +} diff --git a/test/TEST-40-NBD/finished-false.sh b/test/TEST-40-NBD/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-40-NBD/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-40-NBD/hard-off.sh b/test/TEST-40-NBD/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-40-NBD/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-40-NBD/hosts b/test/TEST-40-NBD/hosts new file mode 100644 index 0000000..f8c18b6 --- /dev/null +++ b/test/TEST-40-NBD/hosts @@ -0,0 +1,8 @@ +127.0.0.1 localhost +192.168.50.1 server +192.168.50.2 server-ip +192.168.50.3 server-proto-ip +192.168.50.100 workstation1 +192.168.50.101 workstation2 +192.168.50.102 workstation3 +192.168.50.103 workstation4 diff --git a/test/TEST-40-NBD/server-init.sh b/test/TEST-40-NBD/server-init.sh new file mode 100755 index 0000000..bc52b2e --- /dev/null +++ b/test/TEST-40-NBD/server-init.sh @@ -0,0 +1,68 @@ +#!/bin/sh +exec < /dev/console > /dev/console 2>&1 +set -x +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +export TERM=linux +export PS1='nbdtest-server:\w\$ ' +stty sane +echo "made it to the rootfs!" +echo server > /proc/sys/kernel/hostname + +wait_for_if_link() { + local cnt=0 + local li + while [ $cnt -lt 600 ]; do + li=$(ip -o link show dev "$1" 2> /dev/null) + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_if_up() { + local cnt=0 + local li + while [ $cnt -lt 200 ]; do + li=$(ip -o link show up dev "$1") + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_route_ok() { + local cnt=0 + while [ $cnt -lt 200 ]; do + li=$(ip route show) + [ -n "$li" ] && [ -z "${li##*"$1"*}" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +linkup() { + wait_for_if_link "$1" 2> /dev/null && ip link set "$1" up 2> /dev/null && wait_for_if_up "$1" 2> /dev/null +} + +ip addr add 127.0.0.1/8 dev lo +ip link set lo up + +wait_for_if_link enx525400123456 +ip addr add 192.168.50.1/24 dev enx525400123456 +linkup enx525400123456 + +modprobe af_packet +nbd-server +: > /var/lib/dhcpd/dhcpd.leases +chmod 777 /var/lib/dhcpd/dhcpd.leases +dhcpd -d -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases & +echo "Serving NBD disks" +while pidof nbd-server && pidof dhcpd; do + echo > /dev/watchdog + sleep 1 +done +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-40-NBD/server.link b/test/TEST-40-NBD/server.link new file mode 100644 index 0000000..1d21856 --- /dev/null +++ b/test/TEST-40-NBD/server.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=mac +MACAddressPolicy=keep diff --git a/test/TEST-40-NBD/test.sh b/test/TEST-40-NBD/test.sh new file mode 100755 index 0000000..7fd1efc --- /dev/null +++ b/test/TEST-40-NBD/test.sh @@ -0,0 +1,507 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on NBD with $USE_NETWORK" + +# Uncomment this to debug failures +# DEBUGFAIL="rd.debug systemd.log_target=console loglevel=7" +#DEBUGFAIL="rd.shell rd.break rd.debug systemd.log_target=console loglevel=7 systemd.log_level=debug" +#SERIAL="tcp:127.0.0.1:9999" + +test_check() { + if ! type -p nbd-server &> /dev/null; then + echo "Test needs nbd-server... Skipping" + return 1 + fi + + if ! modinfo -k "$KVERSION" nbd &> /dev/null; then + echo "Kernel module nbd does not exist" + return 1 + fi + + return 0 +} + +run_server() { + # Start server first + echo "NBD TEST SETUP: Starting DHCP/NBD server" + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/unencrypted.img unencrypted + qemu_add_drive_args disk_index disk_args "$TESTDIR"/encrypted.img encrypted + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img serverroot + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -serial "${SERIAL:-"file:$TESTDIR/server.log"}" \ + -net nic,macaddr=52:54:00:12:34:56,model=e1000 \ + -net socket,listen=127.0.0.1:12340 \ + -append "panic=1 oops=panic softlockup_panic=1 rd.luks=0 systemd.crash_reboot quiet root=/dev/disk/by-id/ata-disk_serverroot rootfstype=ext4 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \ + -initrd "$TESTDIR"/initramfs.server \ + -pidfile "$TESTDIR"/server.pid -daemonize || return 1 + chmod 644 "$TESTDIR"/server.pid || return 1 + + # Cleanup the terminal if we have one + tty -s && stty sane + + if ! [[ $SERIAL ]]; then + echo "Waiting for the server to startup" + while :; do + grep Serving "$TESTDIR"/server.log && break + tail "$TESTDIR"/server.log + sleep 1 + done + else + echo Sleeping 10 seconds to give the server a head start + sleep 10 + fi +} + +client_test() { + local test_name="$1" + local mac=$2 + local cmdline="$3" + local fstype=$4 + local fsopt=$5 + local found opts nbdinfo + + [[ $fstype ]] || fstype=ext4 + [[ $fsopt ]] || fsopt="ro" + + echo "CLIENT TEST START: $test_name" + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -net nic,macaddr="$mac",model=e1000 \ + -net socket,connect=127.0.0.1:12340 \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.auto rd.info rd.retry=10 ro console=ttyS0,115200n81 selinux=0 " \ + -initrd "$TESTDIR"/initramfs.testing + + # shellcheck disable=SC2181 + if [[ $? -ne 0 ]] || ! test_marker_check nbd-OK "$TESTDIR"/marker.img; then + echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]" + return 1 + fi + + # nbdinfo=( fstype fsoptions ) + read -r -a nbdinfo < <(awk '{print $2, $3; exit}' "$TESTDIR"/marker.img) + + if [[ ${nbdinfo[0]} != "$fstype" ]]; then + echo "CLIENT TEST END: $test_name [FAILED - WRONG FS TYPE] \"${nbdinfo[0]}\" != \"$fstype\"" + return 1 + fi + + opts=${nbdinfo[1]}, + while [[ $opts ]]; do + if [[ ${opts%%,*} == "$fsopt" ]]; then + found=1 + break + fi + opts=${opts#*,} + done + + if [[ ! $found ]]; then + echo "CLIENT TEST END: $test_name [FAILED - BAD FS OPTS] \"${nbdinfo[1]}\" != \"$fsopt\"" + return 1 + fi + + echo "CLIENT TEST END: $test_name [OK]" +} + +test_run() { + if ! run_server; then + echo "Failed to start server" 1>&2 + return 1 + fi + client_run + kill_server +} + +client_run() { + # The default is ext4,errors=continue so use that to determine + # if our options were parsed and used + client_test "NBD root=nbd:IP:port" 52:54:00:12:34:00 \ + "root=nbd:192.168.50.1:raw rd.luks=0" || return 1 + + client_test "NBD root=nbd:IP:port::fsopts" 52:54:00:12:34:00 \ + "root=nbd:192.168.50.1:raw::errors=panic rd.luks=0" \ + ext4 errors=panic || return 1 + + client_test "NBD root=nbd:IP:port:fstype" 52:54:00:12:34:00 \ + "root=nbd:192.168.50.1:raw:ext4 rd.luks=0" ext4 || return 1 + + client_test "NBD root=nbd:IP:port:fstype:fsopts" 52:54:00:12:34:00 \ + "root=nbd:192.168.50.1:raw:ext4:errors=panic rd.luks=0" \ + ext4 errors=panic || return 1 + + # DHCP root-path parsing + + client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port" 52:54:00:12:34:01 \ + "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" || return 1 + + client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port:fstype" \ + 52:54:00:12:34:02 "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" ext2 || return 1 + + client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port::fsopts" \ + 52:54:00:12:34:03 "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" ext4 errors=panic || return 1 + + client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port:fstype:fsopts" \ + 52:54:00:12:34:04 "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" ext2 errors=panic || return 1 + + # netroot handling + + client_test "NBD netroot=nbd:IP:port" 52:54:00:12:34:00 \ + "root=LABEL=dracut netroot=nbd:192.168.50.1:raw ip=dhcp rd.luks=0" || return 1 + + client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port:fstype:fsopts" \ + 52:54:00:12:34:04 "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" ext2 errors=panic || return 1 + + # Encrypted root handling via LVM/LUKS over NBD + + # shellcheck disable=SC1090 + . "$TESTDIR"/luks.uuid + + client_test "NBD root=LABEL=dracut netroot=nbd:IP:port" \ + 52:54:00:12:34:00 \ + "root=LABEL=dracut rd.luks.uuid=$ID_FS_UUID rd.lv.vg=dracut ip=dhcp netroot=nbd:192.168.50.1:encrypted" || return 1 + + # XXX This should be ext4,errors=panic but that doesn't currently + # XXX work when you have a real root= line in addition to netroot= + # XXX How we should work here needs clarification + # client_test "NBD root=LABEL=dracut netroot=dhcp (w/ fstype and opts)" \ + # 52:54:00:12:34:05 \ + # "root=LABEL=dracut rd.luks.uuid=$ID_FS_UUID rd.lv.vg=dracut netroot=dhcp" || return 1 + + if [[ -s server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi + +} + +make_encrypted_root() { + rm -fr "$TESTDIR"/overlay + kernel=$KVERSION + # Create what will eventually be our root filesystem onto an overlay + ( + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + mkdir -p "$initdir" + ( + cd "$initdir" || exit + mkdir -p dev sys proc etc run var/run tmp + ) + + inst_multiple sh df free ls shutdown poweroff stty cat ps ln ip \ + mount dmesg mkdir cp ping dd sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst ./client-init.sh /sbin/init + inst_simple /etc/os-release + find_binary plymouth > /dev/null && inst_multiple plymouth + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + ( + cd "$initdir" || exit + mkdir -p dev sys proc etc tmp var run root + ln -s ../run var/run + ) + inst_multiple mkfs.ext4 poweroff cp umount dd sync + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + inst_hook initqueue 01 ./create-encrypted-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "dash crypt lvm mdraid kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/encrypted.img root 120 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/fakeroot rw quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + grep -F -a -m 1 ID_FS_UUID "$TESTDIR"/marker.img > "$TESTDIR"/luks.uuid +} + +make_client_root() { + rm -fr "$TESTDIR"/overlay + kernel=$KVERSION + ( + mkdir -p "$TESTDIR"/overlay/source + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + mkdir -p "$initdir" + ( + cd "$initdir" || exit + mkdir -p dev sys proc etc run var/run tmp + ) + inst_multiple sh ls shutdown poweroff stty cat ps ln ip \ + dmesg mkdir cp ping dd mount sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst ./client-init.sh /sbin/init + inst_simple /etc/os-release + inst_multiple -o {,/usr}/etc/nsswitch.conf + inst /etc/passwd /etc/passwd + inst /etc/group /etc/group + for i in /usr/lib*/libnss_files* /lib*/libnss_files*; do + [ -e "$i" ] || continue + inst "$i" + done + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount sync dd + inst_hook initqueue 01 ./create-client-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "dash rootfs-block kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/unencrypted.img root 120 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -fr "$TESTDIR"/overlay +} + +make_server_root() { + rm -fr "$TESTDIR"/overlay + # shellcheck disable=SC2031 + export kernel=$KVERSION + ( + mkdir -p "$TESTDIR"/overlay/source + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + mkdir -p "$initdir" + ( + cd "$initdir" || exit + mkdir -p run dev sys proc etc var var/lib/dhcpd tmp etc/nbd-server + ln -s ../run var/run + ) + cat > "$initdir/etc/nbd-server/config" << EOF +[generic] +[raw] +exportname = /dev/disk/by-id/ata-disk_unencrypted +port = 2000 +bs = 4096 +[encrypted] +exportname = /dev/disk/by-id/ata-disk_encrypted +port = 2001 +bs = 4096 +EOF + inst_multiple sh ls shutdown poweroff stty cat ps ln ip \ + dmesg mkdir cp ping grep \ + sleep nbd-server chmod modprobe vi pidof + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f ${_terminfodir}/l/linux ] && break + done + inst_multiple -o ${_terminfodir}/l/linux + instmods nfsd sunrpc ipv6 lockd af_packet 8021q ipvlan macvlan + type -P dhcpd > /dev/null && inst_multiple dhcpd + inst ./server-init.sh /sbin/init + inst_simple /etc/os-release + inst ./hosts /etc/hosts + inst ./dhcpd.conf /etc/dhcpd.conf + inst_multiple -o {,/usr}/etc/nsswitch.conf + inst /etc/passwd /etc/passwd + inst /etc/group /etc/group + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + dracut_kernel_post + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount sync dd sync + inst_hook initqueue 01 ./create-server-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "dash rootfs-block kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img root 120 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -fr "$TESTDIR"/overlay +} + +test_setup() { + make_encrypted_root || return 1 + make_client_root || return 1 + make_server_root || return 1 + + rm -fr "$TESTDIR"/overlay + # Make the test image + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown dd + inst_hook shutdown-emergency 000 ./hard-off.sh + inst ./cryptroot-ask.sh /sbin/cryptroot-ask + + # inst ./debug-shell.service /lib/systemd/system/debug-shell.service + # mkdir -p "${initdir}/lib/systemd/system/sysinit.target.wants" + # ln -fs ../debug-shell.service "${initdir}/lib/systemd/system/sysinit.target.wants/debug-shell.service" + + # shellcheck disable=SC1090 + . "$TESTDIR"/luks.uuid + mkdir -p "$initdir"/etc + echo "luks-$ID_FS_UUID /dev/nbd0 /etc/key" > "$initdir"/etc/crypttab + echo -n test > "$initdir"/etc/key + inst_simple ./client.link /etc/systemd/network/01-client.link + ) + + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "plymouth iscsi nfs" \ + -a "debug watchdog ${USE_NETWORK}" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 + + ( + # shellcheck disable=SC2031 + export initdir="$TESTDIR"/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + rm "$initdir"/etc/systemd/network/01-client.link + inst_simple ./server.link /etc/systemd/network/01-server.link + inst_hook pre-mount 99 ./wait-if-server.sh + ) + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -a "rootfs-block debug kernel-modules network network-legacy" \ + -d "af_packet piix ide-gd_mod ata_piix ext4 sd_mod e1000 drbg" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.server "$KVERSION" || return 1 + + rm -rf -- "$TESTDIR"/overlay +} + +kill_server() { + if [[ -s $TESTDIR/server.pid ]]; then + kill -TERM "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi +} + +test_cleanup() { + kill_server +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-40-NBD/wait-if-server.sh b/test/TEST-40-NBD/wait-if-server.sh new file mode 100755 index 0000000..8ae21f8 --- /dev/null +++ b/test/TEST-40-NBD/wait-if-server.sh @@ -0,0 +1,3 @@ +#!/bin/sh +. /lib/net-lib.sh +wait_for_if_link enx525400123456 diff --git a/test/TEST-50-MULTINIC/Makefile b/test/TEST-50-MULTINIC/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-50-MULTINIC/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-50-MULTINIC/client-init.sh b/test/TEST-50-MULTINIC/client-init.sh new file mode 100755 index 0000000..4c51e27 --- /dev/null +++ b/test/TEST-50-MULTINIC/client-init.sh @@ -0,0 +1,40 @@ +#!/bin/sh +. /lib/dracut-lib.sh + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +command -v plymouth > /dev/null 2>&1 && plymouth --quit +exec > /dev/console 2>&1 + +export TERM=linux +export PS1='initramfs-test:\w\$ ' +stty sane +echo "made it to the rootfs! Powering down." + +set -x + +for i in /sys/class/net/*; do + # booting with network-manager module + state=/run/NetworkManager/devices/$(cat "$i"/ifindex) + grep -q connection-uuid= "$state" 2> /dev/null || continue + i=${i##*/} + [ "$i" = lo ] && continue + ip link show "$i" | grep -q master && continue + IFACES="${IFACES}${i} " +done + +for i in /run/initramfs/net.*.did-setup; do + # booting with network-legacy module + [ -f "$i" ] || continue + strglobin "$i" ":*:*:*:*:" && continue + i=${i%.did-setup} + IFACES="${IFACES}${i##*/net.} " +done +{ + echo "OK" + echo "$IFACES" +} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker + +getargbool 0 rd.shell && sh -i + +sync +poweroff -f diff --git a/test/TEST-50-MULTINIC/client.link b/test/TEST-50-MULTINIC/client.link new file mode 100644 index 0000000..b992bfd --- /dev/null +++ b/test/TEST-50-MULTINIC/client.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=keep kernel database onboard slot path +MACAddressPolicy=keep diff --git a/test/TEST-50-MULTINIC/create-root.sh b/test/TEST-50-MULTINIC/create-root.sh new file mode 100755 index 0000000..8060b00 --- /dev/null +++ b/test/TEST-50-MULTINIC/create-root.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle + +set -ex + +mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-50-MULTINIC/dhcpd.conf b/test/TEST-50-MULTINIC/dhcpd.conf new file mode 100644 index 0000000..be8dee7 --- /dev/null +++ b/test/TEST-50-MULTINIC/dhcpd.conf @@ -0,0 +1,36 @@ +ddns-update-style none; + +use-host-decl-names true; + +subnet 192.168.50.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option routers 192.168.50.1; + next-server 192.168.50.1; + server-identifier 192.168.50.1; + option domain-name-servers 192.168.50.1; + option domain-search "example.com"; + option domain-name "other.com"; + + group { + host client-if1 { + hardware ethernet 52:54:00:12:34:00; + fixed-address 192.168.50.100; + } + } + + group { + host client-if2 { + hardware ethernet 52:54:00:12:34:01; + fixed-address 192.168.50.101; + } + } + + group { + option root-path "nfs:192.168.50.1:/nfs/client"; + + host client-if3 { + hardware ethernet 52:54:00:12:34:02; + fixed-address 192.168.50.102; + } + } +} diff --git a/test/TEST-50-MULTINIC/exports b/test/TEST-50-MULTINIC/exports new file mode 100644 index 0000000..ff5f29b --- /dev/null +++ b/test/TEST-50-MULTINIC/exports @@ -0,0 +1 @@ +/nfs/client 192.168.50.0/24(rw,insecure,no_subtree_check,no_root_squash) diff --git a/test/TEST-50-MULTINIC/finished-false.sh b/test/TEST-50-MULTINIC/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-50-MULTINIC/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-50-MULTINIC/hard-off.sh b/test/TEST-50-MULTINIC/hard-off.sh new file mode 100755 index 0000000..01acb19 --- /dev/null +++ b/test/TEST-50-MULTINIC/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getargbool 0 rd.shell || poweroff -f +getargbool 0 failme && poweroff -f diff --git a/test/TEST-50-MULTINIC/hosts b/test/TEST-50-MULTINIC/hosts new file mode 100644 index 0000000..d02a4e9 --- /dev/null +++ b/test/TEST-50-MULTINIC/hosts @@ -0,0 +1,5 @@ +127.0.0.1 localhost +192.168.50.1 server +192.168.50.100 client-if1 +192.168.50.101 client-if2 +192.168.50.102 client-if3 diff --git a/test/TEST-50-MULTINIC/server-init.sh b/test/TEST-50-MULTINIC/server-init.sh new file mode 100755 index 0000000..997b1d1 --- /dev/null +++ b/test/TEST-50-MULTINIC/server-init.sh @@ -0,0 +1,98 @@ +#!/bin/bash +exec < /dev/console > /dev/console 2>&1 +set -x +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +export TERM=linux +export PS1='nfstest-server:\w\$ ' +: > /dev/watchdog +stty sane +echo "made it to the rootfs!" +echo server > /proc/sys/kernel/hostname + +wait_for_if_link() { + local cnt=0 + local li + while [ $cnt -lt 600 ]; do + li=$(ip -o link show dev "$1" 2> /dev/null) + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_if_up() { + local cnt=0 + local li + while [ $cnt -lt 200 ]; do + li=$(ip -o link show up dev "$1") + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_route_ok() { + local cnt=0 + while [ $cnt -lt 200 ]; do + li=$(ip route show) + [ -n "$li" ] && [ -z "${li##*"$1"*}" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +linkup() { + wait_for_if_link "$1" 2> /dev/null && ip link set "$1" up 2> /dev/null && wait_for_if_up "$1" 2> /dev/null +} + +wait_for_if_link enx525401123456 + +ip addr add 127.0.0.1/8 dev lo +ip link set lo up +ip addr add 192.168.50.1/24 dev enx525401123456 +linkup enx525401123456 + +: > /dev/watchdog +modprobe af_packet +: > /dev/watchdog +modprobe sunrpc +: > /dev/watchdog +mount -t rpc_pipefs sunrpc /var/lib/nfs/rpc_pipefs +: > /dev/watchdog +[ -x /sbin/portmap ] && portmap +: > /dev/watchdog +mkdir -p /run/rpcbind +[ -x /sbin/rpcbind ] && rpcbind +: > /dev/watchdog +modprobe nfsd +: > /dev/watchdog +mount -t nfsd nfsd /proc/fs/nfsd +: > /dev/watchdog +exportfs -r +: > /dev/watchdog +rpc.nfsd +: > /dev/watchdog +rpc.mountd +: > /dev/watchdog +command -v rpc.idmapd > /dev/null && [ -z "$(pidof rpc.idmapd)" ] && rpc.idmapd +: > /dev/watchdog +exportfs -r +: > /dev/watchdog +mkdir -p /var/lib/dhcpd +: > /var/lib/dhcpd/dhcpd.leases +: > /dev/watchdog +chmod 777 /var/lib/dhcpd/dhcpd.leases +: > /dev/watchdog +rm -f /var/run/dhcpd.pid +dhcpd -d -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases & +exportfs -s +echo "Serving NFS mounts" +while :; do + [ -n "$(jobs -rp)" ] && : > /dev/watchdog + sleep 10 +done +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-50-MULTINIC/server.link b/test/TEST-50-MULTINIC/server.link new file mode 100644 index 0000000..1d21856 --- /dev/null +++ b/test/TEST-50-MULTINIC/server.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=mac +MACAddressPolicy=keep diff --git a/test/TEST-50-MULTINIC/test.sh b/test/TEST-50-MULTINIC/test.sh new file mode 100755 index 0000000..4f81235 --- /dev/null +++ b/test/TEST-50-MULTINIC/test.sh @@ -0,0 +1,376 @@ +#!/bin/bash + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on NFS with multiple nics with $USE_NETWORK" + +# Uncomment this to debug failures +#DEBUGFAIL="loglevel=7 rd.shell rd.break" +#SERIAL="tcp:127.0.0.1:9999" + +run_server() { + # Start server first + echo "MULTINIC TEST SETUP: Starting DHCP/NFS server" + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img root + + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -net socket,listen=127.0.0.1:12350 \ + -net nic,macaddr=52:54:01:12:34:56,model=e1000 \ + -serial "${SERIAL:-"file:$TESTDIR/server.log"}" \ + -device i6300esb -watchdog-action poweroff \ + -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot root=LABEL=dracut rootfstype=ext4 rw console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.server \ + -pidfile "$TESTDIR"/server.pid -daemonize || return 1 + + chmod 644 -- "$TESTDIR"/server.pid || return 1 + + # Cleanup the terminal if we have one + tty -s && stty sane + + if ! [[ $SERIAL ]]; then + while :; do + grep Serving "$TESTDIR"/server.log && break + echo "Waiting for the server to startup" + tail "$TESTDIR"/server.log + sleep 1 + done + else + echo Sleeping 10 seconds to give the server a head start + sleep 10 + fi +} + +client_test() { + local test_name="$1" + local mac1="$2" + local mac2="$3" + local mac3="$4" + local cmdline="$5" + local check="$6" + + echo "CLIENT TEST START: $test_name" + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker + cmdline="$cmdline rd.net.timeout.dhcp=30" + + # Invoke KVM and/or QEMU to actually create the target filesystem. + test_marker_reset + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -net socket,connect=127.0.0.1:12350 \ + -net nic,macaddr=52:54:00:12:34:"$mac1",model=e1000 \ + -net nic,macaddr=52:54:00:12:34:"$mac2",model=e1000 \ + -net nic,macaddr=52:54:00:12:34:"$mac3",model=e1000 \ + -netdev hubport,id=n1,hubid=1 \ + -netdev hubport,id=n2,hubid=2 \ + -device e1000,netdev=n1,mac=52:54:00:12:34:98 \ + -device e1000,netdev=n2,mac=52:54:00:12:34:99 \ + -device i6300esb -watchdog-action poweroff \ + -append "quiet panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.retry=5 ro console=ttyS0,115200n81 selinux=0 init=/sbin/init rd.debug systemd.log_target=console" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + { + read -r OK + read -r IFACES + } < "$TESTDIR"/marker.img + + if [[ $OK != "OK" ]]; then + echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]" + return 1 + fi + + for i in $check; do + if [[ " $IFACES " != *\ $i\ * ]]; then + echo "$i not in '$IFACES'" + echo "CLIENT TEST END: $test_name [FAILED - BAD IF]" + return 1 + fi + done + + for i in $IFACES; do + if [[ " $check " != *\ $i\ * ]]; then + echo "$i in '$IFACES', but should not be" + echo "CLIENT TEST END: $test_name [FAILED - BAD IF]" + return 1 + fi + done + + echo "CLIENT TEST END: $test_name [OK]" + return 0 +} + +test_run() { + if ! run_server; then + echo "Failed to start server" 1>&2 + return 1 + fi + test_client + ret=$? + kill_server + return $ret +} + +test_client() { + # Mac Numbering Scheme + # ...:00-02 receive IP addresses all others don't + # ...:02 receives a dhcp root-path + + # PXE Style BOOTIF= + client_test "MULTINIC root=nfs BOOTIF=" \ + 00 01 02 \ + "root=nfs:192.168.50.1:/nfs/client BOOTIF=52-54-00-12-34-00" \ + "enp0s1" || return 1 + + client_test "MULTINIC root=nfs BOOTIF= ip=enp0s3:dhcp" \ + 00 01 02 \ + "root=nfs:192.168.50.1:/nfs/client BOOTIF=52-54-00-12-34-00 ip=enp0s2:dhcp" \ + "enp0s1 enp0s2" || return 1 + + # PXE Style BOOTIF= with dhcp root-path + client_test "MULTINIC root=dhcp BOOTIF=" \ + 00 01 02 \ + "root=dhcp BOOTIF=52-54-00-12-34-02" \ + "enp0s3" || return 1 + + # Multinic case, where only one nic works + client_test "MULTINIC root=nfs ip=dhcp" \ + FF 00 FE \ + "root=nfs:192.168.50.1:/nfs/client ip=dhcp" \ + "enp0s2" || return 1 + + # Require two interfaces + client_test "MULTINIC root=nfs ip=enp0s2:dhcp ip=enp0s3:dhcp bootdev=enp0s2" \ + 00 01 02 \ + "root=nfs:192.168.50.1:/nfs/client ip=enp0s2:dhcp ip=enp0s3:dhcp bootdev=enp0s2" \ + "enp0s2 enp0s3" || return 1 + + # Require three interfaces with dhcp root-path + client_test "MULTINIC root=dhcp ip=enp0s1:dhcp ip=enp0s2:dhcp ip=enp0s3:dhcp bootdev=enp0s3" \ + 00 01 02 \ + "root=dhcp ip=enp0s1:dhcp ip=enp0s2:dhcp ip=enp0s3:dhcp bootdev=enp0s3" \ + "enp0s1 enp0s2 enp0s3" || return 1 + + client_test "MULTINIC bonding" \ + 00 01 02 \ + "root=nfs:192.168.50.1:/nfs/client ip=bond0:dhcp bond=bond0:enp0s1,enp0s2,enp0s3:mode=balance-rr" \ + "bond0" || return 1 + + # bridge, where only one interface is actually connected + client_test "MULTINIC bridging" \ + 00 01 02 \ + "root=nfs:192.168.50.1:/nfs/client ip=bridge0:dhcp::52:54:00:12:34:00 bridge=bridge0:enp0s1,enp0s5,enp0s6" \ + "bridge0" || return 1 + return 0 +} + +test_setup() { + export kernel=$KVERSION + export srcmods="/lib/modules/$kernel/" + rm -rf -- "$TESTDIR"/overlay + ( + mkdir -p "$TESTDIR"/overlay/source + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + + ( + cd "$initdir" || exit + mkdir -p dev sys proc run etc var/run tmp var/lib/{dhcpd,rpcbind} + mkdir -p var/lib/nfs/{v4recovery,rpc_pipefs} + chmod 777 var/lib/rpcbind var/lib/nfs + ) + + inst_multiple sh ls shutdown poweroff stty cat ps ln ip \ + dmesg mkdir cp ping exportfs \ + modprobe rpc.nfsd rpc.mountd showmount tcpdump \ + sleep mount chmod rm + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + if [ -f "${_terminfodir}"/l/linux ]; then + inst_multiple -o "${_terminfodir}"/l/linux + break + fi + done + type -P portmap > /dev/null && inst_multiple portmap + type -P rpcbind > /dev/null && inst_multiple rpcbind + [ -f /etc/netconfig ] && inst_multiple /etc/netconfig + type -P dhcpd > /dev/null && inst_multiple dhcpd + instmods nfsd sunrpc ipv6 lockd af_packet + inst ./server-init.sh /sbin/init + inst_simple /etc/os-release + inst ./hosts /etc/hosts + inst ./exports /etc/exports + inst ./dhcpd.conf /etc/dhcpd.conf + inst_multiple -o {,/usr}/etc/nsswitch.conf {,/usr}/etc/rpc \ + {,/usr}/etc/protocols {,/usr}/etc/services + inst_multiple -o rpc.idmapd /etc/idmapd.conf + + inst_libdir_file 'libnfsidmap_nsswitch.so*' + inst_libdir_file 'libnfsidmap/*.so*' + inst_libdir_file 'libnfsidmap*.so*' + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + inst /etc/passwd /etc/passwd + inst /etc/group /etc/group + + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + dracut_kernel_post + ) + + # Make client root inside server root + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay/source/nfs/client + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + + ( + cd "$initdir" || exit + mkdir -p dev sys proc etc run root usr var/lib/nfs/rpc_pipefs + ) + + inst_multiple sh shutdown poweroff stty cat ps ln ip dd \ + mount dmesg mkdir cp ping grep setsid ls vi less cat sync + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + if [ -f "${_terminfodir}"/l/linux ]; then + inst_multiple -o "${_terminfodir}"/l/linux + break + fi + done + + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh" + inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh" + inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util" + ln -s dracut-util "${initdir}/usr/bin/dracut-getarg" + ln -s dracut-util "${initdir}/usr/bin/dracut-getargs" + + inst ./client-init.sh /sbin/init + inst_simple /etc/os-release + inst_multiple -o {,/usr}/etc/nsswitch.conf + inst /etc/passwd /etc/passwd + inst /etc/group /etc/group + + inst_libdir_file 'libnfsidmap_nsswitch.so*' + inst_libdir_file 'libnfsidmap/*.so*' + inst_libdir_file 'libnfsidmap*.so*' + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + cp -a /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount sync dd + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash rootfs-block kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + rm -rf -- "$TESTDIR"/overlay + + declare -a disk_args=() + # shellcheck disable=SC2034 + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img root 120 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + + # Make an overlay with needed tools for the test harness + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir="$TESTDIR"/overlay + mkdir -p "$TESTDIR"/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown + inst_hook shutdown-emergency 000 ./hard-off.sh + inst_hook emergency 000 ./hard-off.sh + inst_simple ./client.link /etc/systemd/network/01-client.link + + inst_binary awk + inst_hook pre-pivot 85 "$PKGLIBDIR/modules.d/45ifcfg/write-ifcfg.sh" + ) + # Make client's dracut image + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -o "ifcfg plymouth" \ + -a "debug watchdog ${USE_NETWORK}" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 + + ( + # shellcheck disable=SC2031 + export initdir="$TESTDIR"/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + rm "$initdir"/etc/systemd/network/01-client.link + inst_simple ./server.link /etc/systemd/network/01-server.link + inst_hook pre-mount 99 ./wait-if-server.sh + ) + # Make server's dracut image + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash rootfs-block debug kernel-modules watchdog qemu network network-legacy" \ + -d "af_packet piix ide-gd_mod ata_piix ext4 sd_mod nfsv2 nfsv3 nfsv4 nfs_acl nfs_layout_nfsv41_files nfsd e1000 i6300esb ib700wdt" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.server "$KVERSION" || return 1 + +} + +kill_server() { + if [[ -s "$TESTDIR"/server.pid ]]; then + kill -TERM -- "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi +} + +test_cleanup() { + kill_server +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-50-MULTINIC/wait-if-server.sh b/test/TEST-50-MULTINIC/wait-if-server.sh new file mode 100755 index 0000000..cea7259 --- /dev/null +++ b/test/TEST-50-MULTINIC/wait-if-server.sh @@ -0,0 +1,3 @@ +#!/bin/sh +. /lib/net-lib.sh +wait_for_if_link enx525401123456 diff --git a/test/TEST-60-BONDBRIDGEVLAN/Makefile b/test/TEST-60-BONDBRIDGEVLAN/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-60-BONDBRIDGEVLAN/client-init.sh b/test/TEST-60-BONDBRIDGEVLAN/client-init.sh new file mode 100755 index 0000000..b1d1db4 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/client-init.sh @@ -0,0 +1,64 @@ +#!/bin/sh +exec > /dev/console 2>&1 +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +strstr() { [ "${1#*"$2"*}" != "$1" ]; } +CMDLINE=$(while read -r line; do echo "$line"; done < /proc/cmdline) +export TERM=linux +export PS1='initramfs-test:\w\$ ' +stty sane +echo "made it to the rootfs! Powering down." + +testnum=$(grep -Eo "rd.dracut.test.num=[^[:space:]]+" /proc/cmdline | sed -nr 's/.*=(.*)/\1/p') +netmodule=$(grep -Eo "rd.dracut.test.net-module=[^[:space:]]+" /proc/cmdline | sed -nr 's/.*=(.*)/\1/p') + +( + echo OK + + ip -o -4 address show scope global | while read -r _ if rest; do echo "$if"; done | sort + + case "$testnum" in + 1) + ping -c 2 192.168.50.1 > /dev/null + echo PING1=$? + ping -c 2 192.168.54.1 > /dev/null + echo PING2=$? + ping -c 2 192.168.55.1 > /dev/null + echo PING3=$? + ping -c 2 192.168.56.1 > /dev/null + echo PING4=$? + ping -c 2 192.168.57.1 > /dev/null + echo PING5=$? + ;; + 2) + ping -c 2 192.168.51.1 > /dev/null + echo PING1=$? + ip link show net3 | grep "master bond0" > /dev/null + echo NET3=$? + ip link show net4 | grep "master bond0" > /dev/null + echo NET4=$? + ;; + 3) + ping -c 2 192.168.51.1 > /dev/null + echo PING1=$? + ip link show net1 | grep "master br0" > /dev/null + echo NET1=$? + ip link show net5 | grep "master br0" > /dev/null + echo NET5=$? + + ;; + esac + + case "$netmodule" in + network-legacy) + for i in /run/initramfs/state/etc/sysconfig/network-scripts/ifcfg-*; do + basename "$i" + grep -v 'UUID=' "$i" + done + ;; + esac + + echo EOF +) | dd oflag=direct,dsync of=/dev/sda + +strstr "$CMDLINE" "rd.shell" && sh -i +poweroff -f diff --git a/test/TEST-60-BONDBRIDGEVLAN/client.link b/test/TEST-60-BONDBRIDGEVLAN/client.link new file mode 100644 index 0000000..b992bfd --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/client.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=keep kernel database onboard slot path +MACAddressPolicy=keep diff --git a/test/TEST-60-BONDBRIDGEVLAN/create-root.sh b/test/TEST-60-BONDBRIDGEVLAN/create-root.sh new file mode 100755 index 0000000..fe7b515 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/create-root.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +trap 'poweroff -f' EXIT + +# don't let udev and this script step on eachother's toes +for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do + : > "/etc/udev/rules.d/$x" +done +rm -f -- /etc/lvm/lvm.conf +udevadm control --reload +udevadm settle +set -e + +mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root +mkdir -p /root +mount -t ext4 /dev/disk/by-id/ata-disk_root /root +cp -a -t /root /source/* +mkdir -p /root/run +umount /root +echo "dracut-root-block-created" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker +sync +poweroff -f diff --git a/test/TEST-60-BONDBRIDGEVLAN/dhcpd.conf b/test/TEST-60-BONDBRIDGEVLAN/dhcpd.conf new file mode 100644 index 0000000..e26bd60 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/dhcpd.conf @@ -0,0 +1,27 @@ +ddns-update-style none; + +use-host-decl-names true; + +subnet 192.168.50.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option routers 192.168.50.1; + next-server 192.168.50.1; + server-identifier 192.168.50.1; + option domain-name-servers 192.168.50.1; + option domain-search "example.com"; + option domain-name "other.com"; + option root-path "nfs:192.168.50.1:/nfs/client"; + range 192.168.50.10 192.168.50.100; +} + +subnet 192.168.51.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option routers 192.168.51.1; + next-server 192.168.51.1; + server-identifier 192.168.51.1; + option domain-name-servers 192.168.51.1; + option domain-search "example.com"; + option domain-name "other.com"; + option root-path "nfs:192.168.51.1:/nfs/client"; + range 192.168.51.10 192.168.51.100; +} diff --git a/test/TEST-60-BONDBRIDGEVLAN/exports b/test/TEST-60-BONDBRIDGEVLAN/exports new file mode 100644 index 0000000..9c07923 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/exports @@ -0,0 +1 @@ +/nfs/client 192.168.50.0/24(rw,insecure,no_subtree_check,no_root_squash) 192.168.51.0/24(rw,insecure,no_subtree_check,no_root_squash) diff --git a/test/TEST-60-BONDBRIDGEVLAN/finished-false.sh b/test/TEST-60-BONDBRIDGEVLAN/finished-false.sh new file mode 100755 index 0000000..ecdbef9 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/finished-false.sh @@ -0,0 +1,2 @@ +#!/bin/sh +exit 1 diff --git a/test/TEST-60-BONDBRIDGEVLAN/hard-off.sh b/test/TEST-60-BONDBRIDGEVLAN/hard-off.sh new file mode 100755 index 0000000..12c3d5a --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/hard-off.sh @@ -0,0 +1,3 @@ +#!/bin/sh +getarg rd.shell || poweroff -f +getarg failme && poweroff -f diff --git a/test/TEST-60-BONDBRIDGEVLAN/hosts b/test/TEST-60-BONDBRIDGEVLAN/hosts new file mode 100644 index 0000000..d02a4e9 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/hosts @@ -0,0 +1,5 @@ +127.0.0.1 localhost +192.168.50.1 server +192.168.50.100 client-if1 +192.168.50.101 client-if2 +192.168.50.102 client-if3 diff --git a/test/TEST-60-BONDBRIDGEVLAN/server-init.sh b/test/TEST-60-BONDBRIDGEVLAN/server-init.sh new file mode 100755 index 0000000..3b0f55e --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/server-init.sh @@ -0,0 +1,140 @@ +#!/bin/sh +exec < /dev/console > /dev/console 2>&1 +set -x +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +export TERM=linux +export PS1='nfstest-server:\w\$ ' +stty sane +echo "made it to the rootfs!" +echo server > /proc/sys/kernel/hostname + +wait_for_if_link() { + local cnt=0 + local li + + while [ $cnt -lt 600 ]; do + ip link show + + li=$(ip -o link show dev "$1" 2> /dev/null) + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_if_up() { + local cnt=0 + local li + while [ $cnt -lt 200 ]; do + li=$(ip -o link show up dev "$1") + [ -n "$li" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +wait_for_route_ok() { + local cnt=0 + while [ $cnt -lt 200 ]; do + li=$(ip route show) + [ -n "$li" ] && [ -z "${li##*"$1"*}" ] && return 0 + sleep 0.1 + cnt=$((cnt + 1)) + done + return 1 +} + +linkup() { + wait_for_if_link "$1" 2> /dev/null && ip link set "$1" up 2> /dev/null && wait_for_if_up "$1" 2> /dev/null +} + +udevadm settle + +ip link show + +wait_for_if_link enx525401123456 +wait_for_if_link enx525401123457 +wait_for_if_link enx525401123458 +wait_for_if_link enx525401123459 + +ip link set dev enx525401123456 name net1 +ip link set dev enx525401123457 name net2 +ip link set dev enx525401123458 name net3 +ip link set dev enx525401123459 name net4 + +modprobe --all -b -q 8021q bonding +: > /dev/watchdog + +ip addr add 127.0.0.1/8 dev lo +linkup lo + +ip addr add 192.168.50.1/24 dev net1 +linkup net1 +: > /dev/watchdog + +ip link add dev net2.1 link net2 type vlan id 1 +ip link add dev net2.2 link net2 type vlan id 2 +ip link add dev net2.3 link net2 type vlan id 3 +ip link add dev net2.4 link net2 type vlan id 4 +ip addr add 192.168.54.1/24 dev net2.1 +ip addr add 192.168.55.1/24 dev net2.2 +ip addr add 192.168.56.1/24 dev net2.3 +ip addr add 192.168.57.1/24 dev net2.4 +linkup net2 +ip link set dev net2.1 up +ip link set dev net2.2 up +ip link set dev net2.3 up +ip link set dev net2.4 up + +ip link add bond0 type bond +ip link set net3 master bond0 +ip link set net4 master bond0 +ip link set net3 up +ip link set net4 up +ip link set bond0 up +ip addr add 192.168.51.1/24 dev bond0 + +: > /dev/watchdog +modprobe af_packet +: > /dev/watchdog +modprobe sunrpc +: > /dev/watchdog +mount -t rpc_pipefs sunrpc /var/lib/nfs/rpc_pipefs +: > /dev/watchdog +[ -x /sbin/portmap ] && portmap +: > /dev/watchdog +mkdir -p /run/rpcbind +[ -x /sbin/rpcbind ] && rpcbind +: > /dev/watchdog +modprobe nfsd +: > /dev/watchdog +mount -t nfsd nfsd /proc/fs/nfsd +: > /dev/watchdog +exportfs -r +: > /dev/watchdog +rpc.nfsd +: > /dev/watchdog +rpc.mountd +: > /dev/watchdog +command -v rpc.idmapd > /dev/null && [ -z "$(pidof rpc.idmapd)" ] && rpc.idmapd -S +: > /dev/watchdog +exportfs -r +: > /dev/watchdog +: > /var/lib/dhcpd/dhcpd.leases +: > /dev/watchdog +chmod 777 /var/lib/dhcpd/dhcpd.leases +: > /dev/watchdog +dhcpd -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases net1 bond0 +#echo -n 'V' : > /dev/watchdog +#sh -i +#tcpdump -i net1 +# Wait forever for the VM to die +echo "Serving" +while :; do + sleep 10 + : > /dev/watchdog +done +mount -n -o remount,ro / +poweroff -f diff --git a/test/TEST-60-BONDBRIDGEVLAN/server.link b/test/TEST-60-BONDBRIDGEVLAN/server.link new file mode 100644 index 0000000..1d21856 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/server.link @@ -0,0 +1,6 @@ +[Match] +OriginalName=* + +[Link] +NamePolicy=mac +MACAddressPolicy=keep diff --git a/test/TEST-60-BONDBRIDGEVLAN/test.sh b/test/TEST-60-BONDBRIDGEVLAN/test.sh new file mode 100755 index 0000000..5110ddb --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/test.sh @@ -0,0 +1,404 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="root filesystem on NFS with bridging/bonding/vlan with $USE_NETWORK" + +# Uncomment this to debug failures +#DEBUGFAIL="rd.shell rd.break" +#SERIAL="tcp:127.0.0.1:9999" + +# Network topology: +# +# .---------------------. .---------------. +# | SERVER-VM | | CLIENT-VM | +# | | | | +# | (DHCP) net1 <------------> net1 | +# | | | | +# | net2 <------------> net2 | +# | vlan 1 <-| | | | +# | vlan 2 <-| | | | +# | vlan 3 <-| | | | +# | vlan 4 <-. | | | +# | | | | +# | / net3 <------------> net3 | +# | bond0 | | | | +# | (DHCP) \ net4 <------------> net4 | +# | | | | +# | | X-----> net5 | +# .---------------------. .---------------. + +run_server() { + # Start server first + echo "MULTINIC TEST SETUP: Starting DHCP/NFS server" + + "$testdir"/run-qemu \ + -netdev socket,id=n0,listen=127.0.0.1:12370 \ + -netdev socket,id=n1,listen=127.0.0.1:12371 \ + -netdev socket,id=n2,listen=127.0.0.1:12372 \ + -netdev socket,id=n3,listen=127.0.0.1:12373 \ + -device virtio-net-pci,netdev=n0,mac=52:54:01:12:34:56 \ + -device virtio-net-pci,netdev=n1,mac=52:54:01:12:34:57 \ + -device virtio-net-pci,netdev=n2,mac=52:54:01:12:34:58 \ + -device virtio-net-pci,netdev=n3,mac=52:54:01:12:34:59 \ + -hda "$TESTDIR"/server.ext4 \ + -serial "${SERIAL:-"file:$TESTDIR/server.log"}" \ + -device i6300esb -watchdog-action poweroff \ + -append "panic=1 oops=panic softlockup_panic=1 loglevel=7 root=LABEL=dracut rootfstype=ext4 rw console=ttyS0,115200n81 selinux=0 rd.debug" \ + -initrd "$TESTDIR"/initramfs.server \ + -pidfile "$TESTDIR"/server.pid -daemonize || return 1 + chmod 644 -- "$TESTDIR"/server.pid || return 1 + + # Cleanup the terminal if we have one + tty -s && stty sane + + if ! [[ $SERIAL ]]; then + echo "Waiting for the server to startup" + while :; do + grep Serving "$TESTDIR"/server.log && break + tail "$TESTDIR"/server.log + sleep 1 + done + else + echo Sleeping 10 seconds to give the server a head start + sleep 10 + fi +} + +client_test() { + local test_name="$1" + local cmdline="$2" + local check="$3" + local CONF + + echo "CLIENT TEST START: $test_name" + + # Need this so kvm-qemu will boot (needs non-/dev/zero local disk) + if ! dd if=/dev/zero of="$TESTDIR"/client.img bs=1M count=1; then + echo "Unable to make client sda image" 1>&2 + return 1 + fi + + "$testdir"/run-qemu \ + -netdev socket,connect=127.0.0.1:12370,id=n1 -device virtio-net-pci,mac=52:54:00:12:34:01,netdev=n1 \ + -netdev socket,connect=127.0.0.1:12371,id=n2 -device virtio-net-pci,mac=52:54:00:12:34:02,netdev=n2 \ + -netdev socket,connect=127.0.0.1:12372,id=n3 -device virtio-net-pci,mac=52:54:00:12:34:03,netdev=n3 \ + -netdev socket,connect=127.0.0.1:12373,id=n4 -device virtio-net-pci,mac=52:54:00:12:34:04,netdev=n4 \ + -netdev hubport,id=n5,hubid=1 -device virtio-net-pci,mac=52:54:00:12:34:05,netdev=n5 \ + -hda "$TESTDIR"/client.img \ + -device i6300esb -watchdog-action poweroff \ + -append " + panic=1 oops=panic softlockup_panic=1 + ifname=net1:52:54:00:12:34:01 + ifname=net2:52:54:00:12:34:02 + ifname=net3:52:54:00:12:34:03 + ifname=net4:52:54:00:12:34:04 + ifname=net5:52:54:00:12:34:05 + $cmdline rd.net.timeout.dhcp=30 systemd.crash_reboot + $DEBUGFAIL rd.retry=5 rw console=ttyS0,115200n81 selinux=0 init=/sbin/init" \ + -initrd "$TESTDIR"/initramfs.testing || return 1 + + { + read -r OK _ + if [[ $OK != "OK" ]]; then + echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]" + return 1 + fi + + while read -r line; do + [[ $line == END ]] && break + CONF+="$line " + done + } < "$TESTDIR"/client.img || return 1 + + if [[ $check != "$CONF" ]]; then + echo "Expected: '$check'" + echo + echo + echo "Got: '$CONF'" + echo "CLIENT TEST END: $test_name [FAILED - BAD CONF]" + return 1 + fi + + echo "CLIENT TEST END: $test_name [OK]" + return 0 +} + +test_run() { + if ! run_server; then + echo "Failed to start server" 1>&2 + return 1 + fi + test_client || { + kill_server + return 1 + } +} + +test_client() { + + ### TEST 1: VLANs + if [ "$USE_NETWORK" = network-legacy ]; then + NETCONF='ifcfg-net1 # Generated by dracut initrd NAME="net1" HWADDR="52:54:00:12:34:01" DEVICE="net1" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp TYPE=Ethernet ifcfg-net2.0004 # Generated by dracut initrd NAME="net2.0004" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.57.104" PREFIX="24" GATEWAY="192.168.57.1" TYPE=Vlan DEVICE="net2.0004" VLAN=yes PHYSDEV="net2" ifcfg-net2.3 # Generated by dracut initrd NAME="net2.3" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.56.103" PREFIX="24" GATEWAY="192.168.56.1" TYPE=Vlan DEVICE="net2.3" VLAN=yes PHYSDEV="net2" ifcfg-vlan0001 # Generated by dracut initrd NAME="vlan0001" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.54.101" PREFIX="24" GATEWAY="192.168.54.1" TYPE=Vlan DEVICE="vlan0001" VLAN=yes PHYSDEV="net2" ifcfg-vlan2 # Generated by dracut initrd NAME="vlan2" ONBOOT=yes NETBOOT=yes BOOTPROTO=none IPADDR="192.168.55.102" PREFIX="24" GATEWAY="192.168.55.1" TYPE=Vlan DEVICE="vlan2" VLAN=yes PHYSDEV="net2" ' + fi + + client_test "VLANs" \ + " +rd.dracut.test.num=1 +rd.dracut.test.net-module=$USE_NETWORK +vlan=vlan0001:net2 +vlan=vlan2:net2 +vlan=net2.3:net2 +vlan=net2.0004:net2 +ip=net1:dhcp +ip=192.168.54.101::192.168.54.1:24:test:vlan0001:none +ip=192.168.55.102::192.168.55.1:24:test:vlan2:none +ip=192.168.56.103::192.168.56.1:24:test:net2.3:none +ip=192.168.57.104::192.168.57.1:24:test:net2.0004:none +rd.neednet=1 +root=nfs:192.168.50.1:/nfs/client +bootdev=net1 +" \ + "net1 net2.0004 net2.3 vlan0001 vlan2 PING1=0 PING2=0 PING3=0 PING4=0 PING5=0 ${NETCONF}EOF " \ + || return 1 + + ### TEST 2: bond + if [ "$USE_NETWORK" = network-legacy ]; then + NETCONF='ifcfg-bond0 # Generated by dracut initrd NAME="bond0" DEVICE="bond0" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp BONDING_OPTS="miimon=100" NAME="bond0" TYPE=Bond ifcfg-net3 # Generated by dracut initrd NAME="net3" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond0" DEVICE="net3" ifcfg-net4 # Generated by dracut initrd NAME="net4" TYPE=Ethernet ONBOOT=yes NETBOOT=yes SLAVE=yes MASTER="bond0" DEVICE="net4" ' + fi + client_test "Bond" \ + " +rd.dracut.test.num=2 +rd.dracut.test.net-module=$USE_NETWORK +bond=bond0:net3,net4:miimon=100 +ip=bond0:dhcp +rd.neednet=1 +root=nfs:192.168.51.1:/nfs/client +bootdev=bond0 +" \ + "bond0 PING1=0 NET3=0 NET4=0 ${NETCONF}EOF " \ + || return 1 + + ### TEST 3: bridge + if [ "$USE_NETWORK" = network-legacy ]; then + NETCONF='ifcfg-br0 # Generated by dracut initrd NAME="br0" DEVICE="br0" ONBOOT=yes NETBOOT=yes IPV6INIT=yes BOOTPROTO=dhcp TYPE=Bridge NAME="br0" ifcfg-net1 # Generated by dracut initrd NAME="net1" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br0" HWADDR="52:54:00:12:34:01" DEVICE="net1" ifcfg-net5 # Generated by dracut initrd NAME="net5" TYPE=Ethernet ONBOOT=yes NETBOOT=yes BRIDGE="br0" HWADDR="52:54:00:12:34:05" DEVICE="net5" ' + fi + client_test "Bridge" \ + " +rd.dracut.test.num=3 +rd.dracut.test.net-module=$USE_NETWORK +bridge=br0:net1,net5 +ip=br0:dhcp +rd.neednet=1 +root=nfs:192.168.50.1:/nfs/client +bootdev=br0 +" \ + "br0 PING1=0 NET1=0 NET5=0 ${NETCONF}EOF " \ + || return 1 + + kill_server + return 0 +} + +test_setup() { + kernel=$KVERSION + rm -rf -- "$TESTDIR"/overlay + ( + mkdir -p "$TESTDIR"/overlay/source + # shellcheck disable=SC2030 + export initdir=$TESTDIR/overlay/source + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc run etc var/run tmp var/lib/{dhcpd,rpcbind} + mkdir -p -- var/lib/nfs/{v4recovery,rpc_pipefs} + chmod 777 -- var/lib/rpcbind var/lib/nfs + ) + + for _f in modules.builtin.bin modules.builtin; do + [[ -f $srcmods/$_f ]] && break + done || { + dfatal "No modules.builtin.bin and modules.builtin found!" + return 1 + } + + for _f in modules.builtin.bin modules.builtin modules.order; do + [[ -f $srcmods/$_f ]] && inst_simple "$srcmods/$_f" "/lib/modules/$kernel/$_f" + done + + inst_multiple sh ls shutdown poweroff stty cat ps ln ip \ + dmesg mkdir cp ping exportfs \ + modprobe rpc.nfsd rpc.mountd showmount tcpdump \ + /etc/services sleep mount chmod + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [ -f "${_terminfodir}"/l/linux ] && break + done + inst_multiple -o "${_terminfodir}"/l/linux + type -P portmap > /dev/null && inst_multiple portmap + type -P rpcbind > /dev/null && inst_multiple rpcbind + [ -f /etc/netconfig ] && inst_multiple /etc/netconfig + type -P dhcpd > /dev/null && inst_multiple dhcpd + instmods nfsd sunrpc ipv6 lockd af_packet 8021q bonding + inst_simple /etc/os-release + inst ./server-init.sh /sbin/init + inst ./hosts /etc/hosts + inst ./exports /etc/exports + inst ./dhcpd.conf /etc/dhcpd.conf + inst_multiple -o {,/usr}/etc/nsswitch.conf {,/usr}/etc/rpc {,/usr}/etc/protocols + + inst_multiple -o rpc.idmapd /etc/idmapd.conf + + inst_libdir_file 'libnfsidmap_nsswitch.so*' + inst_libdir_file 'libnfsidmap/*.so*' + inst_libdir_file 'libnfsidmap*.so*' + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + inst /etc/passwd /etc/passwd + inst /etc/group /etc/group + + cp -a -- /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + dracut_kernel_post + ) + + # Make client root inside server root + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay/source/nfs/client + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sh shutdown poweroff stty cat ps ln ip \ + mount dmesg mkdir cp ping grep ls sort dd sed basename + for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do + [[ -f ${_terminfodir}/l/linux ]] && break + done + inst_multiple -o "${_terminfodir}"/l/linux + inst_simple /etc/os-release + inst ./client-init.sh /sbin/init + ( + cd "$initdir" || exit + mkdir -p -- dev sys proc etc run + mkdir -p -- var/lib/nfs/rpc_pipefs + ) + inst_multiple -o {,/usr}/etc/nsswitch.conf {,/usr}/etc/rpc {,/usr}/etc/protocols + inst /etc/passwd /etc/passwd + inst /etc/group /etc/group + + inst_multiple -o rpc.idmapd /etc/idmapd.conf + inst_libdir_file 'libnfsidmap_nsswitch.so*' + inst_libdir_file 'libnfsidmap/*.so*' + inst_libdir_file 'libnfsidmap*.so*' + + _nsslibs=$( + cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \ + | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \ + | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|' + ) + _nsslibs=${_nsslibs#|} + _nsslibs=${_nsslibs%|} + + inst_libdir_file -n "$_nsslibs" 'libnss_*.so*' + + cp -a -- /etc/ld.so.conf* "$initdir"/etc + ldconfig -r "$initdir" + ) + + # second, install the files needed to make the root filesystem + ( + # shellcheck disable=SC2030 + # shellcheck disable=SC2031 + export initdir=$TESTDIR/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple sfdisk mkfs.ext4 poweroff cp umount sync dd + inst_hook initqueue 01 ./create-root.sh + inst_hook initqueue/finished 01 ./finished-false.sh + ) + + # create an initramfs that will create the target root filesystem. + # We do it this way so that we do not risk trashing the host mdraid + # devices, volume groups, encrypted partitions, etc. + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + -m "bash rootfs-block kernel-modules qemu" \ + -d "piix ide-gd_mod ata_piix ext4 sd_mod" \ + --nomdadmconf \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1 + + declare -a disk_args=() + declare -i disk_index=0 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1 + qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.ext4 root 120 + + # Invoke KVM and/or QEMU to actually create the target filesystem. + "$testdir"/run-qemu \ + "${disk_args[@]}" \ + -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \ + -initrd "$TESTDIR"/initramfs.makeroot || return 1 + test_marker_check dracut-root-block-created || return 1 + rm -- "$TESTDIR"/marker.img + rm -fr "$TESTDIR"/overlay + + # Make an overlay with needed tools for the test harness + ( + # shellcheck disable=SC2031 + # shellcheck disable=SC2030 + export initdir="$TESTDIR"/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + inst_multiple poweroff shutdown + inst_hook emergency 000 ./hard-off.sh + inst_simple ./client.link /etc/systemd/network/01-client.link + ) + # Make client's dracut image + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + --no-early-microcode \ + -o "plymouth" \ + -a "debug ${USE_NETWORK}" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1 + + ( + # shellcheck disable=SC2031 + export initdir="$TESTDIR"/overlay + # shellcheck disable=SC1090 + . "$PKGLIBDIR"/dracut-init.sh + rm "$initdir"/etc/systemd/network/01-client.link + inst_simple ./server.link /etc/systemd/network/01-server.link + inst_hook pre-mount 99 ./wait-if-server.sh + ) + # Make server's dracut image + "$DRACUT" -l -i "$TESTDIR"/overlay / \ + --no-early-microcode \ + -m "rootfs-block debug kernel-modules watchdog qemu network network-legacy" \ + -d "ipvlan macvlan af_packet piix ide-gd_mod ata_piix ext4 sd_mod nfsv2 nfsv3 nfsv4 nfs_acl nfs_layout_nfsv41_files nfsd virtio-net i6300esb ib700wdt" \ + --no-hostonly-cmdline -N \ + -f "$TESTDIR"/initramfs.server "$KVERSION" || return 1 +} + +kill_server() { + if [[ -s "$TESTDIR"/server.pid ]]; then + kill -TERM -- "$(cat "$TESTDIR"/server.pid)" + rm -f -- "$TESTDIR"/server.pid + fi +} + +test_cleanup() { + kill_server +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-60-BONDBRIDGEVLAN/wait-if-server.sh b/test/TEST-60-BONDBRIDGEVLAN/wait-if-server.sh new file mode 100755 index 0000000..7cdb941 --- /dev/null +++ b/test/TEST-60-BONDBRIDGEVLAN/wait-if-server.sh @@ -0,0 +1,6 @@ +#!/bin/sh +. /lib/net-lib.sh +wait_for_if_link enx525401123456 +wait_for_if_link enx525401123457 +wait_for_if_link enx525401123458 +wait_for_if_link enx525401123459 diff --git a/test/TEST-62-SKIPCPIO/Makefile b/test/TEST-62-SKIPCPIO/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-62-SKIPCPIO/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-62-SKIPCPIO/test.sh b/test/TEST-62-SKIPCPIO/test.sh new file mode 100755 index 0000000..2311da3 --- /dev/null +++ b/test/TEST-62-SKIPCPIO/test.sh @@ -0,0 +1,80 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="test skipcpio" + +test_check() { + cpio dd truncate find sort diff &> /dev/null +} + +skipcpio_simple() { + mkdir -p "$CPIO_TESTDIR/skipcpio_simple/first_archive" + pushd "$CPIO_TESTDIR/skipcpio_simple/first_archive" + + for ((i = 0; i < 3; i++)); do + echo "first archive file $i" >> ./"$i" + done + find . -print0 | sort -z \ + | cpio -o --null -H newc --file "$CPIO_TESTDIR/skipcpio_simple.cpio" + popd + + mkdir -p "$CPIO_TESTDIR/skipcpio_simple/second_archive" + pushd "$CPIO_TESTDIR/skipcpio_simple/second_archive" + + for ((i = 10; i < 13; i++)); do + echo "second archive file $i" >> ./"$i" + done + + find . -print0 | sort -z \ + | cpio -o --null -H newc >> "$CPIO_TESTDIR/skipcpio_simple.cpio" + popd + + cpio -i --list < "$CPIO_TESTDIR/skipcpio_simple.cpio" \ + > "$CPIO_TESTDIR/skipcpio_simple.list" + cat << EOF | diff - "$CPIO_TESTDIR/skipcpio_simple.list" +. +0 +1 +2 +EOF + + if [ "$PKGLIBDIR" = "$basedir" ]; then + skipcpio_path="${PKGLIBDIR}/src/skipcpio" + else + skipcpio_path="${PKGLIBDIR}" + fi + "$skipcpio_path"/skipcpio "$CPIO_TESTDIR/skipcpio_simple.cpio" \ + | cpio -i --list > "$CPIO_TESTDIR/skipcpio_simple.list" + cat << EOF | diff - "$CPIO_TESTDIR/skipcpio_simple.list" +. +10 +11 +12 +EOF +} + +test_run() { + set -x + set -e + + skipcpio_simple + + return 0 +} + +test_setup() { + CPIO_TESTDIR=$(mktemp --directory -p "$TESTDIR" cpio-test.XXXXXXXXXX) \ + || return 1 + export CPIO_TESTDIR + return 0 +} + +test_cleanup() { + [ -d "$CPIO_TESTDIR" ] && rm -rf "$CPIO_TESTDIR" + return 0 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-63-DRACUT-CPIO/Makefile b/test/TEST-63-DRACUT-CPIO/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-63-DRACUT-CPIO/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-63-DRACUT-CPIO/test.sh b/test/TEST-63-DRACUT-CPIO/test.sh new file mode 100755 index 0000000..f9dff10 --- /dev/null +++ b/test/TEST-63-DRACUT-CPIO/test.sh @@ -0,0 +1,85 @@ +#!/bin/bash +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="kernel cpio extraction tests for dracut-cpio" +# see dracut-cpio source for unit tests + +test_check() { + if ! [[ -x "$PKGLIBDIR/dracut-cpio" ]]; then + echo "Test needs dracut-cpio... Skipping" + return 1 + fi +} + +test_dracut_cpio() { + local tdir="${CPIO_TESTDIR}/${1}" + shift + # --enhanced-cpio tells dracut to use dracut-cpio instead of GNU cpio + local dracut_cpio_params=("--enhanced-cpio" "$@") + + mkdir -p "$tdir" + + # VM script to print sentinel on boot + # write to kmsg so that sysrq messages don't race with console output + cat > "$tdir/init.sh" << EOF +echo "Image with ${dracut_cpio_params[*]} booted successfully" > /dev/kmsg +echo 1 > /proc/sys/kernel/sysrq +echo o > /proc/sysrq-trigger +sleep 20 +EOF + + "$DRACUT" -l --drivers "" \ + "${dracut_cpio_params[@]}" \ + --modules "bash base" \ + --include "$tdir/init.sh" /lib/dracut/hooks/emergency/00-init.sh \ + --no-hostonly --no-hostonly-cmdline \ + "$tdir/initramfs" \ + || return 1 + + "$testdir"/run-qemu \ + -device i6300esb -watchdog-action poweroff \ + -daemonize -pidfile "$tdir/vm.pid" \ + -serial "file:$tdir/console.out" \ + -append "panic=1 oops=panic softlockup_panic=1 loglevel=7 console=ttyS0 rd.shell=1" \ + -initrd "$tdir/initramfs" || return 1 + + timeout=120 + while [[ -f $tdir/vm.pid ]] \ + && ps -p "$(head -n1 "$tdir/vm.pid")" > /dev/null; do + echo "$timeout - awaiting VM shutdown" + sleep 1 + [[ $((timeout--)) -le 0 ]] && return 1 + done + + cat "$tdir/console.out" + grep -q "Image with ${dracut_cpio_params[*]} booted successfully" \ + "$tdir/console.out" +} + +test_run() { + set -x + + # dracut-cpio is typically used with compression and strip disabled, to + # increase the chance of (reflink) extent sharing. + test_dracut_cpio "simple" "--no-compress" "--nostrip" || return 1 + # dracut-cpio should still work fine with compression and stripping enabled + test_dracut_cpio "compress" "--gzip" "--nostrip" || return 1 + test_dracut_cpio "strip" "--gzip" "--strip" || return 1 +} + +test_setup() { + CPIO_TESTDIR=$(mktemp --directory -p "$TESTDIR" cpio-test.XXXXXXXXXX) \ + || return 1 + export CPIO_TESTDIR + return 0 +} + +test_cleanup() { + [ -d "$CPIO_TESTDIR" ] && rm -rf "$CPIO_TESTDIR" + return 0 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/TEST-98-GETARG/Makefile b/test/TEST-98-GETARG/Makefile new file mode 100644 index 0000000..2dcab81 --- /dev/null +++ b/test/TEST-98-GETARG/Makefile @@ -0,0 +1 @@ +-include ../Makefile.testdir diff --git a/test/TEST-98-GETARG/test.sh b/test/TEST-98-GETARG/test.sh new file mode 100755 index 0000000..8f628a2 --- /dev/null +++ b/test/TEST-98-GETARG/test.sh @@ -0,0 +1,159 @@ +#!/bin/bash + +# This file is part of dracut. +# SPDX-License-Identifier: GPL-2.0-or-later + +# shellcheck disable=SC2034 +TEST_DESCRIPTION="dracut getarg command" + +test_check() { + if ! [[ -x "$PKGLIBDIR/dracut-util" ]]; then + echo "Test needs dracut-util... Skipping" + return 1 + fi +} + +test_setup() { + ln -sfnr "$PKGLIBDIR"/dracut-util "$TESTDIR"/dracut-getarg + ln -sfnr "$PKGLIBDIR"/dracut-util "$TESTDIR"/dracut-getargs + ln -sfnr "$PKGLIBDIR"/modules.d/99base/dracut-lib.sh "$TESTDIR"/dracut-lib.sh + ln -sfnr "$PKGLIBDIR"/modules.d/99base/dracut-dev-lib.sh "$TESTDIR"/dracut-dev-lib.sh + return 0 +} + +test_run() { + set -x + ( + cd "$TESTDIR" || exit 1 + export CMDLINE='key1=0 key2=val key2=val2 key3=" val 3 " " key 4 ="val4 "key 5=val 5" "key 6=""val 6" key7="foo"bar" baz="end " key8 = val 8 " +"key 9"="val 9"' + + ret=0 + + unset TEST + declare -A TEST + TEST=( + ["key1"]="0" + ["key2"]="val2" + ["key3"]=" val 3 " + [" key 4 "]="val4" + ["key 5"]="val 5" + ["key 6"]='"val 6' + ["key7"]='foo"bar" baz="end' + [" key8 "]=" val 8 " + ['key 9"']="val 9" + ) + for key in "${!TEST[@]}"; do + if ! val=$(./dracut-getarg "${key}="); then + echo "'$key' == '${TEST[$key]}', but not found" >&2 + ret=$((ret + 1)) + else + if [[ $val != "${TEST[$key]}" ]]; then + echo "'$key' != '${TEST[$key]}' but '$val'" >&2 + ret=$((ret + 1)) + fi + fi + done + + declare -a INVALIDKEYS + + INVALIDKEYS=("key" "4" "5" "6" "key8" "9" '"' "baz") + for key in "${INVALIDKEYS[@]}"; do + val=$(./dracut-getarg "$key") + # shellcheck disable=SC2181 + if (($? == 0)); then + echo "key '$key' should not be found" + ret=$((ret + 1)) + fi + # must have no output + [[ $val ]] && ret=$((ret + 1)) + done + + RESULT=("val" "val2") + readarray -t args < <(./dracut-getargs "key2=") + ((${#RESULT[@]} == ${#args[@]})) || ret=$((ret + 1)) + for ((i = 0; i < ${#RESULT[@]}; i++)); do + [[ ${args[$i]} == "${RESULT[$i]}" ]] || ret=$((ret + 1)) + done + + val=$(./dracut-getarg "key1") || ret=$((ret + 1)) + [[ $val == "0" ]] || ret=$((ret + 1)) + + val=$(./dracut-getarg "key2=val") && ret=$((ret + 1)) + # must have no output + [[ $val ]] && ret=$((ret + 1)) + val=$(./dracut-getarg "key2=val2") || ret=$((ret + 1)) + # must have no output + [[ $val ]] && ret=$((ret + 1)) + + export PATH=".:$PATH" + + . dracut-dev-lib.sh + . dracut-lib.sh + + debug_off() { + : + } + + debug_on() { + : + } + + getcmdline() { + echo "rdbreak=cmdline rd.lvm rd.auto=0 rd.auto rd.retry=10" + } + RDRETRY=$(getarg rd.retry -d 'rd_retry=') + [[ $RDRETRY == "10" ]] || ret=$((ret + 1)) + getarg rd.break=cmdline -d rdbreak=cmdline || ret=$((ret + 1)) + getargbool 1 rd.lvm -d -n rd_NO_LVM || ret=$((ret + 1)) + getargbool 0 rd.auto || ret=$((ret + 1)) + + getcmdline() { + echo "rd.break=cmdlined rd.lvm=0 rd.auto rd.auto=1 rd.auto=0" + } + getarg rd.break=cmdline -d rdbreak=cmdline && ret=$((ret + 1)) + getargbool 1 rd.lvm -d -n rd_NO_LVM && ret=$((ret + 1)) + getargbool 0 rd.auto && ret=$((ret + 1)) + + getcmdline() { + echo "ip=a ip=b ip=dhcp6" + } + getargs "ip=dhcp6" &> /dev/null || ret=$((ret + 1)) + readarray -t args < <(getargs "ip=") + RESULT=("a" "b" "dhcp6") + ((${#RESULT[@]} || ${#args[@]})) || ret=$((ret + 1)) + for ((i = 0; i < ${#RESULT[@]}; i++)); do + [[ ${args[$i]} == "${RESULT[$i]}" ]] || ret=$((ret + 1)) + done + + getcmdline() { + echo "bridge bridge=val" + } + readarray -t args < <(getargs bridge=) + RESULT=("bridge" "val") + ((${#RESULT[@]} == ${#args[@]})) || ret=$((ret + 1)) + for ((i = 0; i < ${#RESULT[@]}; i++)); do + [[ ${args[$i]} == "${RESULT[$i]}" ]] || ret=$((ret + 1)) + done + + getcmdline() { + echo "rd.break rd.md.uuid=bf96e457:230c9ad4:1f3e59d6:745cf942 rd.md.uuid=bf96e457:230c9ad4:1f3e59d6:745cf943 rd.shell" + } + readarray -t args < <(getargs rd.md.uuid -d rd_MD_UUID=) + RESULT=("bf96e457:230c9ad4:1f3e59d6:745cf942" "bf96e457:230c9ad4:1f3e59d6:745cf943") + ((${#RESULT[@]} == ${#args[@]})) || ret=$((ret + 1)) + for ((i = 0; i < ${#RESULT[@]}; i++)); do + [[ ${args[$i]} == "${RESULT[$i]}" ]] || ret=$((ret + 1)) + done + + return $ret + ) +} + +test_cleanup() { + rm -fr -- "$TESTDIR"/*.rpm + return 0 +} + +# shellcheck disable=SC1090 +. "$testdir"/test-functions diff --git a/test/container/Dockerfile-Arch b/test/container/Dockerfile-Arch new file mode 100644 index 0000000..f05ce8f --- /dev/null +++ b/test/container/Dockerfile-Arch @@ -0,0 +1,17 @@ +FROM docker.io/archlinux + +MAINTAINER https://github.com/dracutdevs/dracut + +# Install needed packages for the dracut CI container +RUN pacman --noconfirm -Syu \ + linux dash strace dhclient asciidoc cpio pigz squashfs-tools \ + qemu btrfs-progs mdadm dmraid nfs-utils nfsidmap lvm2 nbd \ + dhcp networkmanager multipath-tools vi tcpdump open-iscsi connman \ + git shfmt shellcheck astyle which base-devel glibc parted ntfs-3g && yes | pacman -Scc + +RUN useradd -m build +RUN su build -c 'cd && git clone https://aur.archlinux.org/perl-config-general.git && cd perl-config-general && makepkg -s --noconfirm' +RUN pacman -U --noconfirm ~build/perl-config-general/*.pkg.tar.* +RUN su build -c 'cd && git clone https://aur.archlinux.org/tgt.git && cd tgt && makepkg -s --noconfirm' +RUN pacman -U --noconfirm ~build/tgt/*.pkg.tar.* +RUN rm -fr ~build diff --git a/test/container/Dockerfile-Debian b/test/container/Dockerfile-Debian new file mode 100644 index 0000000..9ba3a1f --- /dev/null +++ b/test/container/Dockerfile-Debian @@ -0,0 +1,67 @@ +FROM docker.io/debian:latest + +MAINTAINER https://github.com/dracutdevs/dracut + +# Install needed packages for the dracut CI container +# Install dracut as a linux-initramfs-tool provider so that the default initramfs-tool package does not get installed +# Uninstall initramfs-tools-core as a workaround for https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994492 +RUN apt-get update -y -qq && apt-get upgrade -y -qq && apt-get install -y -qq --no-install-recommends dracut && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y -qq --no-install-recommends -o Dpkg::Use-Pty=0 \ + asciidoc \ + astyle \ + btrfs-progs \ + busybox-static \ + bzip2 \ + ca-certificates \ + console-setup \ + cpio \ + cryptsetup \ + curl \ + dash \ + debhelper \ + debhelper-compat \ + dmraid \ + docbook \ + docbook-xml \ + docbook-xsl \ + fdisk \ + g++ \ + gawk \ + git \ + iputils-arping \ + iputils-ping \ + isc-dhcp-client \ + isc-dhcp-server \ + kmod \ + less \ + libdmraid-dev \ + libkmod-dev \ + linux-image-generic \ + lvm2 \ + make \ + mdadm \ + multipath-tools \ + nbd-client \ + nbd-server \ + network-manager \ + nfs-kernel-server \ + ntfs-3g \ + open-iscsi \ + ovmf \ + parted \ + pigz \ + pkg-config \ + procps \ + qemu-system-x86 \ + quilt \ + shellcheck \ + squashfs-tools \ + strace \ + sudo \ + systemd-boot-efi \ + tcpdump \ + tgt \ + thin-provisioning-tools \ + vim \ + wget \ + && apt-get clean && dpkg -P --force-depends dracut dracut-core initramfs-tools-core diff --git a/test/container/Dockerfile-Fedora-latest b/test/container/Dockerfile-Fedora-latest new file mode 100644 index 0000000..2ce3975 --- /dev/null +++ b/test/container/Dockerfile-Fedora-latest @@ -0,0 +1,71 @@ +FROM registry.fedoraproject.org/fedora:latest + +MAINTAINER https://github.com/dracutdevs/dracut + +# Install needed packages for the dracut CI container +RUN dnf -y install --setopt=install_weak_deps=False \ + asciidoc \ + bash-completion \ + biosdevname \ + bluez \ + btrfs-progs \ + busybox \ + bzip2 \ + cifs-utils \ + cryptsetup \ + dash \ + dbus-daemon \ + device-mapper-multipath \ + dhcp-client \ + dhcp-server \ + dmraid \ + e2fsprogs \ + f2fs-tools \ + fcoe-utils \ + fuse3 \ + gcc \ + git \ + iproute \ + iputils \ + iscsi-initiator-utils \ + kbd \ + kernel \ + kmod-devel \ + libkcapi-hmaccalc \ + libselinux-utils \ + lvm2 \ + lzop \ + make \ + mdadm \ + memstrack \ + mksh \ + nbd \ + ndctl \ + NetworkManager \ + nfs-utils \ + ntfs-3g \ + ntfsprogs \ + nvme-cli \ + parted \ + pcsc-lite \ + pigz \ + qemu-system-x86-core \ + rng-tools \ + rpm-build \ + sbsigntools \ + scsi-target-utils \ + ShellCheck \ + shfmt \ + squashfs-tools \ + strace \ + sudo \ + systemd-boot-unsigned \ + systemd-networkd \ + systemd-resolved \ + tar \ + tcpdump \ + tpm2-tools \ + wget \ + which \ + xz \ + && dnf -y remove dracut --noautoremove && dnf -y update && dnf clean all diff --git a/test/container/Dockerfile-Gentoo b/test/container/Dockerfile-Gentoo new file mode 100644 index 0000000..f2bb555 --- /dev/null +++ b/test/container/Dockerfile-Gentoo @@ -0,0 +1,57 @@ +ARG TAG=musl +FROM docker.io/gentoo/portage:latest as portage + +# uefi stub in a separate builder +FROM docker.io/gentoo/stage3 as efistub +COPY --from=portage /var/db/repos/gentoo /var/db/repos/gentoo + +# systemd-boot +RUN echo 'sys-apps/systemd-utils boot' > /etc/portage/package.use/systemd-utils && \ + emerge -qv sys-apps/systemd-utils + +# kernel and its dependencies in a separate builder +FROM docker.io/gentoo/stage3:$TAG as kernel +COPY --from=portage /var/db/repos/gentoo /var/db/repos/gentoo +# disable initramfs generation, only need the kernel image itself +RUN echo 'sys-kernel/gentoo-kernel-bin -initramfs' > /etc/portage/package.use/kernel +RUN emerge -qv sys-kernel/gentoo-kernel-bin + +FROM docker.io/gentoo/stage3:$TAG +COPY --from=portage /var/db/repos/gentoo /var/db/repos/gentoo +COPY --from=kernel /boot /boot +COPY --from=kernel /lib/modules /lib/modules +COPY --from=efistub /usr/lib/systemd/boot/efi /usr/lib/systemd/boot/efi +ARG TAG + +MAINTAINER https://github.com/dracutdevs/dracut + +# required by sys-fs/dmraid +RUN echo 'sys-fs/lvm2 lvm thin' > /etc/portage/package.use/lvm2 + +# workaround for https://bugs.gentoo.org/734022 whereby Gentoo does not support NFS4 with musl +RUN if [[ "$TAG" == 'musl' ]]; then echo 'net-fs/nfs-utils -nfsv4' > /etc/portage/package.use/nfs-utils ; fi + +# workaround for packages do not compile on musl +# https://bugs.gentoo.org/713490 for tgt +# https://bugs.gentoo.org/908587 for open-iscsi +RUN if [[ "$TAG" != 'musl' ]]; then emerge -qv sys-block/tgt sys-block/open-iscsi ; fi + +# Install needed packages for the dracut CI container +RUN emerge -qv \ + app-arch/cpio \ + app-emulation/qemu \ + app-shells/dash \ + net-fs/nfs-utils \ + net-misc/dhcp \ + sys-apps/busybox \ + sys-block/nbd \ + sys-block/parted \ + sys-fs/btrfs-progs \ + sys-fs/cryptsetup \ + sys-fs/dmraid \ + sys-fs/lvm2 \ + sys-fs/mdadm \ + sys-fs/multipath-tools \ + sys-fs/ntfs3g \ + sys-fs/squashfs-tools \ + && rm -rf /var/cache/* /usr/share/doc/* /usr/share/man/* diff --git a/test/container/Dockerfile-OpenSuse-latest b/test/container/Dockerfile-OpenSuse-latest new file mode 100644 index 0000000..3e7cefc --- /dev/null +++ b/test/container/Dockerfile-OpenSuse-latest @@ -0,0 +1,13 @@ +FROM registry.opensuse.org/opensuse/tumbleweed-dnf:latest + +MAINTAINER https://github.com/dracutdevs/dracut + +# Install needed packages for the dracut CI container +RUN dnf -y install --setopt=install_weak_deps=False \ + dash asciidoc mdadm lvm2 dmraid cryptsetup nfs-utils nbd dhcp-server \ + strace libkmod-devel gcc bzip2 xz tar wget rpm-build make git bash-completion \ + sudo kernel dhcp-client qemu-kvm /usr/bin/qemu-system-$(uname -m) e2fsprogs \ + tcpdump iproute iputils kbd NetworkManager btrfsprogs tgt dbus-broker \ + iscsiuio open-iscsi which ShellCheck shfmt procps pigz parted squashfs ntfsprogs \ + multipath-tools util-linux-systemd systemd-boot \ + && dnf -y remove dracut && dnf -y update && dnf clean all diff --git a/test/container/Dockerfile-Ubuntu b/test/container/Dockerfile-Ubuntu new file mode 100644 index 0000000..0fb7f20 --- /dev/null +++ b/test/container/Dockerfile-Ubuntu @@ -0,0 +1,63 @@ +FROM docker.io/ubuntu:latest + +MAINTAINER https://github.com/dracutdevs/dracut + +# Install needed packages for the dracut CI container +# The Linux kernel is only readable by root. See https://launchpad.net/bugs/759725 +RUN apt-get update -y -qq && apt-get upgrade -y -qq && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y -qq --no-install-recommends -o Dpkg::Use-Pty=0 \ + asciidoc \ + astyle \ + btrfs-progs \ + busybox-static \ + bzip2 \ + ca-certificates \ + console-setup \ + cpio \ + cryptsetup \ + curl \ + dmraid \ + docbook \ + docbook-xml \ + docbook-xsl \ + fdisk \ + g++ \ + gawk \ + git \ + iputils-arping \ + iputils-ping \ + isc-dhcp-client \ + isc-dhcp-server \ + kmod \ + less \ + libdmraid-dev \ + libkmod-dev \ + linux-image-generic \ + lvm2 \ + make \ + mdadm \ + multipath-tools \ + nbd-client \ + nbd-server \ + network-manager \ + nfs-kernel-server \ + ntfs-3g \ + open-iscsi \ + ovmf \ + parted \ + pigz \ + pkg-config \ + procps \ + qemu-kvm \ + shellcheck \ + squashfs-tools \ + strace \ + sudo \ + systemd \ + tcpdump \ + tgt \ + thin-provisioning-tools \ + vim \ + wget \ + && apt-get clean \ + && chmod a+r /boot/vmlinu* diff --git a/test/run-qemu b/test/run-qemu new file mode 100755 index 0000000..41d458a --- /dev/null +++ b/test/run-qemu @@ -0,0 +1,74 @@ +#!/bin/bash +# Check which virtualization technology to use +# We prefer kvm, kqemu, userspace in that order. + +export PATH=/usr/sbin:/usr/bin:/sbin:/bin +ARCH="${ARCH-$(uname -m)}" +QEMU_CPU="${QEMU_CPU:-max}" + +[[ -x /usr/bin/qemu ]] && BIN=/usr/bin/qemu && ARGS=(-cpu "$QEMU_CPU") +(lsmod | grep -q '^kqemu ') && BIN=/usr/bin/qemu && ARGS=(-kernel-kqemu -cpu host) +[[ -z ${NO_KVM-} && -c /dev/kvm && -x /usr/bin/kvm ]] && BIN=/usr/bin/kvm && ARGS=(-cpu host) +[[ -z ${NO_KVM-} && -c /dev/kvm && -x /usr/bin/qemu-kvm ]] && BIN=/usr/bin/qemu-kvm && ARGS=(-cpu host) +[[ -z ${NO_KVM-} && -c /dev/kvm && -x /usr/libexec/qemu-kvm ]] && BIN=/usr/libexec/qemu-kvm && ARGS=(-cpu host) +[[ -x "/usr/bin/qemu-system-${ARCH}" ]] && BIN="/usr/bin/qemu-system-${ARCH}" && ARGS=(-cpu "$QEMU_CPU") +[[ -z ${NO_KVM-} && -c /dev/kvm && -x "/usr/bin/qemu-system-${ARCH}" ]] && BIN="/usr/bin/qemu-system-${ARCH}" && ARGS=(-enable-kvm -cpu host) + +[[ $BIN ]] || { + echo "Could not find a working KVM or QEMU to test with!" >&2 + echo "Please install kvm or qemu." >&2 + exit 1 +} + +case "$ARCH" in + aarch64 | arm64) + ARGS+=(-M "virt,gic-version=max") + ;; + amd64 | i?86 | x86_64) + ARGS+=(-M q35) + ;; + arm | armhf | armv7l) + ARGS+=(-M virt) + ;; + ppc64el | ppc64le) + ARGS+=(-M "cap-ccf-assist=off,cap-cfpc=broken,cap-ibs=broken,cap-sbbc=broken") + ;; +esac + +# Provide rng device sourcing the hosts /dev/urandom and other standard parameters +ARGS+=(-smp 2 -m 1024 -nodefaults -vga none -display none -no-reboot -device virtio-rng-pci) + +if ! [[ $* == *-daemonize* ]] && ! [[ $* == *-daemonize* ]]; then + ARGS+=(-serial stdio) +fi + +KVERSION=${KVERSION-$(uname -r)} + +VMLINUZ="/lib/modules/${KVERSION}/vmlinuz" +if ! [ -f "$VMLINUZ" ]; then + VMLINUZ="/lib/modules/${KVERSION}/vmlinux" +fi + +if ! [ -f "$VMLINUZ" ]; then + [[ -f /etc/machine-id ]] && read -r MACHINE_ID < /etc/machine-id + + if [[ $MACHINE_ID ]] && { [[ -d /boot/${MACHINE_ID} ]] || [[ -L /boot/${MACHINE_ID} ]]; }; then + VMLINUZ="/boot/${MACHINE_ID}/$KVERSION/linux" + elif [ -f "/boot/vmlinuz-${KVERSION}" ]; then + VMLINUZ="/boot/vmlinuz-${KVERSION}" + elif [ -f "/boot/vmlinux-${KVERSION}" ]; then + VMLINUZ="/boot/vmlinux-${KVERSION}" + else + echo "Could not find a Linux kernel version $KVERSION to test with!" >&2 + echo "Please install linux." >&2 + exit 1 + fi +fi + +# only set -kernel if -initrd is specified +if [[ $* == *-initrd* ]]; then + ARGS+=(-kernel "$VMLINUZ") +fi + +echo "${0##*/}: $BIN ${ARGS[*]@Q} ${*@Q}" +exec "$BIN" "${ARGS[@]}" "$@" diff --git a/test/test-functions b/test/test-functions new file mode 100644 index 0000000..f76d930 --- /dev/null +++ b/test/test-functions @@ -0,0 +1,206 @@ +#!/bin/bash +PATH=/usr/sbin:/usr/bin:/sbin:/bin +export PATH + +# shellcheck disable=SC1090 +[[ -e .testdir${TEST_RUN_ID:+-$TEST_RUN_ID} ]] && . .testdir${TEST_RUN_ID:+-$TEST_RUN_ID} +if [[ -z $TESTDIR ]] || [[ ! -d $TESTDIR ]]; then + TESTDIR=$(mktemp -d -p "/var/tmp" -t dracut-test.XXXXXX) +fi +echo "TESTDIR=\"$TESTDIR\"" > .testdir${TEST_RUN_ID:+-$TEST_RUN_ID} +export TESTDIR + +KVERSION=${KVERSION-$(uname -r)} + +[ -z "$USE_NETWORK" ] && USE_NETWORK="network-legacy" + +if [[ -z $basedir ]]; then basedir="$(realpath ../..)"; fi + +DRACUT=${DRACUT-${basedir}/dracut.sh} +PKGLIBDIR=${PKGLIBDIR-$basedir} + +test_dracut() { + TEST_DRACUT_ARGS+=" --local --no-hostonly --no-early-microcode --add test --kver $KVERSION" + + # shellcheck disable=SC2162 + IFS=' ' read -a TEST_DRACUT_ARGS_ARRAY <<< "$TEST_DRACUT_ARGS" + + "$DRACUT" "$@" \ + --kernel-cmdline "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot selinux=0 console=ttyS0,115200n81 $DEBUGFAIL" \ + "${TEST_DRACUT_ARGS_ARRAY[@]}" || return 1 +} + +command -v test_check &> /dev/null || test_check() { + : +} + +command -v test_cleanup &> /dev/null || test_cleanup() { + : +} + +# terminal sequence to set color to a 'success' color (currently: green) +function SETCOLOR_SUCCESS() { echo -en '\033[0;32m'; } +# terminal sequence to set color to a 'failure' color (currently: red) +function SETCOLOR_FAILURE() { echo -en '\033[0;31m'; } +# terminal sequence to set color to a 'warning' color (currently: yellow) +function SETCOLOR_WARNING() { echo -en '\033[0;33m'; } +# terminal sequence to reset to the default color. +function SETCOLOR_NORMAL() { echo -en '\033[0;39m'; } + +COLOR_SUCCESS='\033[0;32m' +COLOR_FAILURE='\033[0;31m' +COLOR_WARNING='\033[0;33m' +COLOR_NORMAL='\033[0;39m' + +check_root() { + if ((EUID != 0)); then + SETCOLOR_FAILURE + echo "Tests must be run as root! Please use 'sudo'." + SETCOLOR_NORMAL + exit 1 + fi +} + +# generate qemu arguments for named raw disks +# +# qemu_add_drive_args <index> <args> <filename> <id-name> [<bootindex>] +# +# index: name of the index variable (set to 0 at start) +# args: name of the argument array variable (set to () at start) +# filename: filename of the raw disk image +# id-name: name of the disk in /dev/disk/by-id -> /dev/disk/by-id/ata-disk_$name +# size: optional file size in MiB (0 implies size is not set) +# bootindex: optional bootindex number +# +# to be used later with `qemu … "${args[@]}" …` +# The <index> variable will be incremented each time the function is called. +# +# can't be easier than this :-/ +# +# # EXAMPLES +# ``` +# declare -a disk_args=() +# declare -i disk_index=0 +# qemu_add_drive_args disk_index disk_args "$TESTDIR"/root.ext3 root 0 1 +# qemu_add_drive_args disk_index disk_args "$TESTDIR"/client.img client +# qemu_add_drive_args disk_index disk_args "$TESTDIR"/iscsidisk2.img iscsidisk2 +# qemu_add_drive_args disk_index disk_args "$TESTDIR"/iscsidisk3.img iscsidisk3 +# qemu "${disk_args[@]}" +# ``` +qemu_add_drive_args() { + local index=${!1} + local file=$3 + local name=${4:-$index} + local size=${5:-0} + local bootindex=$6 + + if [ "${size}" -ne 0 ]; then + dd if=/dev/zero of="${file}" bs=1MiB count="${size}" + fi + + eval "${2}"'+=(' \ + -drive "if=none,format=raw,file=${file},id=drive-sata${index}" \ + -device "ide-hd,bus=ide.${index},drive=drive-sata${index},id=sata${index},${bootindex:+bootindex=$bootindex,}model=disk,serial=${name}" \ + ')' + + # shellcheck disable=SC2219 + let "${1}++" +} + +test_marker_reset() { + dd if=/dev/zero of="$TESTDIR"/marker.img bs=1MiB count=1 +} + +test_marker_check() { + local marker=${1:-dracut-root-block-success} + local file=${2:-marker.img} + + grep -U --binary-files=binary -F -m 1 -q "$marker" "$TESTDIR/$file" + return $? +} + +while (($# > 0)); do + case $1 in + --run) + check_root + echo "TEST RUN: $TEST_DESCRIPTION" + test_check && test_run + exit $? + ;; + --setup) + check_root + echo "TEST SETUP: $TEST_DESCRIPTION" + test_check && test_setup + exit $? + ;; + --clean) + echo "TEST CLEANUP: $TEST_DESCRIPTION" + test_cleanup + rm -fr -- "$TESTDIR" + rm -f -- .testdir${TEST_RUN_ID:+-$TEST_RUN_ID} + exit $? + ;; + --all) + check_root + if ! test_check 2 &> test${TEST_RUN_ID:+-$TEST_RUN_ID}.log; then + echo -e "TEST: $TEST_DESCRIPTION " "$COLOR_WARNING" "[SKIPPED]" "$COLOR_NORMAL" + exit 0 + else + echo -e "TEST: $TEST_DESCRIPTION " "$COLOR_SUCCESS" "[STARTED]" "$COLOR_NORMAL" + fi + if [[ $V == "1" ]]; then + set -o pipefail + ( + test_setup && test_run + ret=$? + test_cleanup + if ((ret != 0)) && [[ -f "$TESTDIR"/server.log ]]; then + mv "$TESTDIR"/server.log ./server${TEST_RUN_ID:+-$TEST_RUN_ID}.log + fi + rm -fr -- "$TESTDIR" + rm -f -- .testdir${TEST_RUN_ID:+-$TEST_RUN_ID} + exit $ret + ) < /dev/null 2>&1 | tee "test${TEST_RUN_ID:+-$TEST_RUN_ID}.log" + elif [[ $V == "2" ]]; then + set -o pipefail + ( + test_setup && test_run + ret=$? + test_cleanup + if ((ret != 0)) && [[ -f "$TESTDIR"/server.log ]]; then + mv "$TESTDIR"/server.log ./server${TEST_RUN_ID:+-$TEST_RUN_ID}.log + fi + rm -fr -- "$TESTDIR" + rm -f -- .testdir${TEST_RUN_ID:+-$TEST_RUN_ID} + exit $ret + ) < /dev/null 2>&1 | "$basedir/logtee" "test${TEST_RUN_ID:+-$TEST_RUN_ID}.log" + else + ( + test_setup && test_run + ret=$? + test_cleanup + rm -fr -- "$TESTDIR" + rm -f -- .testdir${TEST_RUN_ID:+-$TEST_RUN_ID} + exit $ret + ) < /dev/null > test${TEST_RUN_ID:+-$TEST_RUN_ID}.log 2>&1 + fi + ret=$? + set +o pipefail + if [ $ret -eq 0 ]; then + rm -- test${TEST_RUN_ID:+-$TEST_RUN_ID}.log + echo -e "TEST: $TEST_DESCRIPTION " "$COLOR_SUCCESS" "[OK]" "$COLOR_NORMAL" + else + echo -e "TEST: $TEST_DESCRIPTION " "$COLOR_FAILURE" "[FAILED]" "$COLOR_NORMAL" + if [ "$V" == "2" ]; then + tail -c 1048576 "$(pwd)/server${TEST_RUN_ID:+-$TEST_RUN_ID}.log" "$(pwd)/test${TEST_RUN_ID:+-$TEST_RUN_ID}.log" + echo -e "TEST: $TEST_DESCRIPTION " "$COLOR_FAILURE" "[FAILED]" "$COLOR_NORMAL" + else + echo "see $(pwd)/test${TEST_RUN_ID:+-$TEST_RUN_ID}.log" + fi + fi + exit $ret + ;; + *) break ;; + esac + shift +done diff --git a/tools/profile.py b/tools/profile.py new file mode 100644 index 0000000..7f98a13 --- /dev/null +++ b/tools/profile.py @@ -0,0 +1,59 @@ +# +# parse the output of "dracut --profile" and produce profiling information +# +# Copyright 2011 Harald Hoyer <harald@redhat.com> +# Copyright 2011 Red Hat, Inc. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +import sys +import operator +import re +loglines = sys.stdin + +logpats = r'[+]+[ \t]+([^ \t]+)[ \t]+([^ \t:]+):[ ]+.*' + +logpat = re.compile(logpats) + +groups = (logpat.match(line) for line in loglines) +tuples = (g.groups() for g in groups if g) + +def gen_times(t): + oldx=None + for x in t: + fx=float(x[0]) + if oldx: + #print fx - float(oldx[0]), x[0], x[1], oldx[0], oldx[1] + if ((fx - float(oldx[0])) > 0): + yield (fx - float(oldx[0]), oldx[1]) + + oldx = x + +colnames = ('time','line') + +log = (dict(zip(colnames,t)) for t in gen_times(tuples)) + +if __name__ == '__main__': + e={} + for x in log: + if not x['line'] in e: + e[x['line']] = x['time'] + else: + e[x['line']] += x['time'] + + sorted_x = sorted(e.iteritems(), key=operator.itemgetter(1), reverse=True) + for x in sorted_x: + print x[0], x[1] + diff --git a/tools/release.sh b/tools/release.sh new file mode 100755 index 0000000..b6f7826 --- /dev/null +++ b/tools/release.sh @@ -0,0 +1,56 @@ +#!/bin/bash + +# CONTRIBUTORS +make CONTRIBUTORS > _CONTRIBUTORS +if [ ! -s _CONTRIBUTORS ]; then + # no CONTRIBUTORS means no need to make a release + # exit without populating new_version + exit 0 +fi + +if [ -z "$1" ]; then + LAST_VERSION=$(git describe --abbrev=0 --tags --always 2> /dev/null) + NEW_VERSION=$(echo "$LAST_VERSION" | awk '{print ++$1}') + if [ "$NEW_VERSION" -lt 100 ]; then + NEW_VERSION="0$NEW_VERSION" + fi +else + NEW_VERSION="$1" +fi + +printf "#### Contributors\n\n" > CONTRIBUTORS.md +cat _CONTRIBUTORS >> CONTRIBUTORS.md + +# Update AUTHORS +make AUTHORS + +# Update NEWS.md +cargo install clog-cli +head -2 NEWS.md > NEWS_header.md +tail +2 NEWS.md > NEWS_body.md +printf "dracut-%s\n==========\n" "$NEW_VERSION" > NEWS_header_new.md +cat CONTRIBUTORS.md NEWS_body.md > NEWS_body_with_conttributors.md + +# clog will always output both the new release and old release information together +clog -F --infile NEWS_body_with_conttributors.md -r https://github.com/dracutdevs/dracut | sed '1,2d' > NEWS_body_full.md + +# Use diff to separate new release information and remove repeated empty lines +diff NEWS_body_with_conttributors.md NEWS_body_full.md | grep -e ^\>\ | sed s/^\>\ // | cat -s > NEWS_body_new.md +cat NEWS_header.md NEWS_header_new.md NEWS_body_new.md NEWS_body_with_conttributors.md > NEWS.md + +# message for https://github.com/dracutdevs/dracut/releases/tag +cat -s NEWS_body_new.md CONTRIBUTORS.md > release.md + +# dracut-version.sh +printf "#!/bin/sh\n# shellcheck disable=SC2034\nDRACUT_VERSION=%s\n" "$NEW_VERSION" > dracut-version.sh + +# Check in AUTHORS and NEWS.md +git config user.name "Dracut Release Bot" +git config user.email "<>" +git commit -m "docs: update NEWS.md and AUTHORS" NEWS.md AUTHORS dracut-version.sh +git push origin master +git tag "$NEW_VERSION" -m "$NEW_VERSION" +git push --tags + +# export new version to Github Action +echo "new_version=${NEW_VERSION,,}" >> "${GITHUB_ENV}" diff --git a/tools/test-github.sh b/tools/test-github.sh new file mode 100755 index 0000000..4fed092 --- /dev/null +++ b/tools/test-github.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +set -ex + +[[ -d ${0%/*} ]] && cd "${0%/*}"/../ + +RUN_ID="$1" +TESTS=$2 + +./configure + +NCPU=$(getconf _NPROCESSORS_ONLN) + +if ! [[ $TESTS ]]; then + # GitHub workflows fetch a clone of the dracut repository which doesn't + # contain git tags, thus "breaking" the RPM build in certain situations + # i.e.: + # DRACUT_MAIN_VERSION in Makefile is defined as an output of `git describe`, + # which in full git clone returns a tag with a numeric version. However, + # without tags it returns SHA of the last commit, which later propagates into + # `Provides:` attribute of the built RPM and can break dependency tree when + # installed + [[ -d .git ]] && git fetch --tags && git describe --tags + make -j "$NCPU" all syncheck rpm logtee +else + make -j "$NCPU" enable_documentation=no all logtee + + cd test + + # shellcheck disable=SC2012 + time LOGTEE_TIMEOUT_MS=590000 make \ + enable_documentation=no \ + KVERSION="$( + cd /lib/modules + ls -1 | tail -1 + )" \ + QEMU_CPU="IvyBridge-v2" \ + DRACUT_NO_XATTR=1 \ + TEST_RUN_ID="$RUN_ID" \ + ${TESTS:+TESTS="$TESTS"} \ + -k V=1 \ + check +fi |
