15 files changed, 795 insertions, 0 deletions

diff --git a/test/TEST-40-NBD/Makefile b/test/TEST-40-NBD/Makefile
new file mode 100644
index 0000000..2dcab81
--- /dev/null
+++ b/test/TEST-40-NBD/Makefile
@@ -0,0 +1 @@
+-include ../Makefile.testdir
diff --git a/test/TEST-40-NBD/client-init.sh b/test/TEST-40-NBD/client-init.sh
new file mode 100755
index 0000000..c5c57a2
--- /dev/null
+++ b/test/TEST-40-NBD/client-init.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+: > /dev/watchdog
+. /lib/dracut-lib.sh
+
+export PATH=/usr/sbin:/usr/bin:/sbin:/bin
+command -v plymouth > /dev/null 2>&1 && plymouth --quit
+exec > /dev/console 2>&1
+
+while read -r dev fs fstype opts rest || [ -n "$dev" ]; do
+    [ "$dev" = "rootfs" ] && continue
+    [ "$fs" != "/" ] && continue
+    echo "nbd-OK $fstype $opts" | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker
+    echo "nbd-OK $fstype $opts"
+    break
+done < /proc/mounts
+export TERM=linux
+export PS1='nbdclient-test:\w\$ '
+stty sane
+echo "made it to the rootfs! Powering down."
+
+if getargbool 0 rd.shell; then
+    strstr "$(setsid --help)" "control" && CTTY="-c"
+    setsid $CTTY sh -i
+fi
+
+mount -n -o remount,ro /
+
+sync
+poweroff -f
diff --git a/test/TEST-40-NBD/client.link b/test/TEST-40-NBD/client.link
new file mode 100644
index 0000000..b992bfd
--- /dev/null
+++ b/test/TEST-40-NBD/client.link
@@ -0,0 +1,6 @@
+[Match]
+OriginalName=*
+
+[Link]
+NamePolicy=keep kernel database onboard slot path
+MACAddressPolicy=keep
diff --git a/test/TEST-40-NBD/create-client-root.sh b/test/TEST-40-NBD/create-client-root.sh
new file mode 100755
index 0000000..a214f38
--- /dev/null
+++ b/test/TEST-40-NBD/create-client-root.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+trap 'poweroff -f' EXIT
+
+# don't let udev and this script step on eachother's toes
+for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do
+    : > "/etc/udev/rules.d/$x"
+done
+rm -f -- /etc/lvm/lvm.conf
+udevadm control --reload
+set -e
+
+udevadm settle
+mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root
+mkdir -p /root
+mount -t ext4 /dev/disk/by-id/ata-disk_root /root
+cp -a -t /root /source/*
+mkdir -p /root/run
+umount /root
+{
+    echo "dracut-root-block-created"
+    echo "ID_FS_UUID=$ID_FS_UUID"
+} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker
+poweroff -f
diff --git a/test/TEST-40-NBD/create-encrypted-root.sh b/test/TEST-40-NBD/create-encrypted-root.sh
new file mode 100755
index 0000000..0ea90e3
--- /dev/null
+++ b/test/TEST-40-NBD/create-encrypted-root.sh
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+trap 'poweroff -f' EXIT
+
+# don't let udev and this script step on eachother's toes
+for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do
+    : > "/etc/udev/rules.d/$x"
+done
+rm -f -- /etc/lvm/lvm.conf
+udevadm control --reload
+udevadm settle
+
+set -ex
+
+printf test > keyfile
+cryptsetup -q luksFormat /dev/disk/by-id/ata-disk_root /keyfile
+echo "The passphrase is test"
+cryptsetup luksOpen /dev/disk/by-id/ata-disk_root dracut_crypt_test < /keyfile
+lvm pvcreate -ff -y /dev/mapper/dracut_crypt_test
+lvm vgcreate dracut /dev/mapper/dracut_crypt_test
+lvm lvcreate -l 100%FREE -n root dracut
+lvm vgchange -ay
+udevadm settle
+mkfs.ext4 -L dracut -j /dev/dracut/root
+mkdir -p /sysroot
+mount -t ext4 /dev/dracut/root /sysroot
+cp -a -t /sysroot /source/*
+umount /sysroot
+sleep 1
+lvm lvchange -a n /dev/dracut/root
+udevadm settle
+cryptsetup luksClose /dev/mapper/dracut_crypt_test
+udevadm settle
+sleep 1
+eval "$(udevadm info --query=property --name=/dev/disk/by-id/ata-disk_root | while read -r line || [ -n "$line" ]; do [ "$line" != "${line#*ID_FS_UUID*}" ] && echo "$line"; done)"
+{
+    echo "dracut-root-block-created"
+    echo "ID_FS_UUID=$ID_FS_UUID"
+} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker
+sync
+poweroff -f
diff --git a/test/TEST-40-NBD/create-server-root.sh b/test/TEST-40-NBD/create-server-root.sh
new file mode 100755
index 0000000..de4d670
--- /dev/null
+++ b/test/TEST-40-NBD/create-server-root.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+trap 'poweroff -f' EXIT
+
+# don't let udev and this script step on eachother's toes
+for x in 64-lvm.rules 70-mdadm.rules 99-mount-rules; do
+    : > "/etc/udev/rules.d/$x"
+done
+rm -f -- /etc/lvm/lvm.conf
+udevadm control --reload
+udevadm settle
+set -e
+
+udevadm settle
+mkfs.ext4 -L dracut /dev/disk/by-id/ata-disk_root
+mkdir -p /root
+mount -t ext4 /dev/disk/by-id/ata-disk_root /root
+cp -a -t /root /source/*
+mkdir -p /root/run
+umount /root
+{
+    echo "dracut-root-block-created"
+    echo "ID_FS_UUID=$ID_FS_UUID"
+} | dd oflag=direct,dsync of=/dev/disk/by-id/ata-disk_marker
+sync
+poweroff -f
diff --git a/test/TEST-40-NBD/cryptroot-ask.sh b/test/TEST-40-NBD/cryptroot-ask.sh
new file mode 100755
index 0000000..a6b7ac7
--- /dev/null
+++ b/test/TEST-40-NBD/cryptroot-ask.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+[ -b /dev/mapper/"$2" ] && exit 0
+printf test > /keyfile
+/sbin/cryptsetup luksOpen "$1" "$2" < /keyfile
diff --git a/test/TEST-40-NBD/dhcpd.conf b/test/TEST-40-NBD/dhcpd.conf
new file mode 100644
index 0000000..08461f9
--- /dev/null
+++ b/test/TEST-40-NBD/dhcpd.conf
@@ -0,0 +1,66 @@
+ddns-update-style none;
+
+use-host-decl-names true;
+
+subnet 192.168.50.0 netmask 255.255.255.0 {
+	option subnet-mask      255.255.255.0;
+	option routers          192.168.50.1;
+	next-server             192.168.50.1;
+	server-identifier       192.168.50.1;
+	option domain-name-servers 192.168.50.1;
+	option domain-search "example.com";
+	option domain-name "other.com";
+
+	group {
+		host nbd-1 {
+			hardware ethernet 52:54:00:12:34:00;
+			fixed-address 192.168.50.101;
+		}
+	}
+
+	group {
+		host nbd-2 {
+			option root-path "nbd:192.168.50.1:raw";
+
+			hardware ethernet 52:54:00:12:34:01;
+			fixed-address 192.168.50.101;
+		}
+	}
+
+	group {
+		host nbd-3 {
+			option root-path "nbd:192.168.50.1:raw:ext2";
+
+			hardware ethernet 52:54:00:12:34:02;
+			fixed-address 192.168.50.101;
+		}
+	}
+
+	group {
+		host nbd-4 {
+			option root-path "nbd:192.168.50.1:raw::errors=panic";
+
+			hardware ethernet 52:54:00:12:34:03;
+			fixed-address 192.168.50.101;
+		}
+	}
+
+	group {
+		host nbd-5 {
+			option root-path "nbd:192.168.50.1:raw:ext2:errors=panic";
+
+			hardware ethernet 52:54:00:12:34:04;
+			fixed-address 192.168.50.101;
+		}
+	}
+
+	group {
+		host nbd-6 {
+			# Use the encrypted image
+			option root-path "nbd:192.168.50.1:encrypted:ext2:errors=panic";
+
+			hardware ethernet 52:54:00:12:34:05;
+			fixed-address 192.168.50.101;
+		}
+	}
+}
diff --git a/test/TEST-40-NBD/finished-false.sh b/test/TEST-40-NBD/finished-false.sh
new file mode 100755
index 0000000..ecdbef9
--- /dev/null
+++ b/test/TEST-40-NBD/finished-false.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+exit 1
diff --git a/test/TEST-40-NBD/hard-off.sh b/test/TEST-40-NBD/hard-off.sh
new file mode 100755
index 0000000..01acb19
--- /dev/null
+++ b/test/TEST-40-NBD/hard-off.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+getargbool 0 rd.shell || poweroff -f
+getargbool 0 failme && poweroff -f
diff --git a/test/TEST-40-NBD/hosts b/test/TEST-40-NBD/hosts
new file mode 100644
index 0000000..f8c18b6
--- /dev/null
+++ b/test/TEST-40-NBD/hosts
@@ -0,0 +1,8 @@
+127.0.0.1	localhost
+192.168.50.1	server
+192.168.50.2	server-ip
+192.168.50.3	server-proto-ip
+192.168.50.100	workstation1
+192.168.50.101	workstation2
+192.168.50.102	workstation3
+192.168.50.103	workstation4
diff --git a/test/TEST-40-NBD/server-init.sh b/test/TEST-40-NBD/server-init.sh
new file mode 100755
index 0000000..bc52b2e
--- /dev/null
+++ b/test/TEST-40-NBD/server-init.sh
@@ -0,0 +1,68 @@
+#!/bin/sh
+exec < /dev/console > /dev/console 2>&1
+set -x
+export PATH=/usr/sbin:/usr/bin:/sbin:/bin
+export TERM=linux
+export PS1='nbdtest-server:\w\$ '
+stty sane
+echo "made it to the rootfs!"
+echo server > /proc/sys/kernel/hostname
+
+wait_for_if_link() {
+    local cnt=0
+    local li
+    while [ $cnt -lt 600 ]; do
+        li=$(ip -o link show dev "$1" 2> /dev/null)
+        [ -n "$li" ] && return 0
+        sleep 0.1
+        cnt=$((cnt + 1))
+    done
+    return 1
+}
+
+wait_for_if_up() {
+    local cnt=0
+    local li
+    while [ $cnt -lt 200 ]; do
+        li=$(ip -o link show up dev "$1")
+        [ -n "$li" ] && return 0
+        sleep 0.1
+        cnt=$((cnt + 1))
+    done
+    return 1
+}
+
+wait_for_route_ok() {
+    local cnt=0
+    while [ $cnt -lt 200 ]; do
+        li=$(ip route show)
+        [ -n "$li" ] && [ -z "${li##*"$1"*}" ] && return 0
+        sleep 0.1
+        cnt=$((cnt + 1))
+    done
+    return 1
+}
+
+linkup() {
+    wait_for_if_link "$1" 2> /dev/null && ip link set "$1" up 2> /dev/null && wait_for_if_up "$1" 2> /dev/null
+}
+
+ip addr add 127.0.0.1/8 dev lo
+ip link set lo up
+
+wait_for_if_link enx525400123456
+ip addr add 192.168.50.1/24 dev enx525400123456
+linkup enx525400123456
+
+modprobe af_packet
+nbd-server
+: > /var/lib/dhcpd/dhcpd.leases
+chmod 777 /var/lib/dhcpd/dhcpd.leases
+dhcpd -d -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases &
+echo "Serving NBD disks"
+while pidof nbd-server && pidof dhcpd; do
+    echo > /dev/watchdog
+    sleep 1
+done
+mount -n -o remount,ro /
+poweroff -f
diff --git a/test/TEST-40-NBD/server.link b/test/TEST-40-NBD/server.link
new file mode 100644
index 0000000..1d21856
--- /dev/null
+++ b/test/TEST-40-NBD/server.link
@@ -0,0 +1,6 @@
+[Match]
+OriginalName=*
+
+[Link]
+NamePolicy=mac
+MACAddressPolicy=keep
diff --git a/test/TEST-40-NBD/test.sh b/test/TEST-40-NBD/test.sh
new file mode 100755
index 0000000..7fd1efc
--- /dev/null
+++ b/test/TEST-40-NBD/test.sh
@@ -0,0 +1,507 @@
+#!/bin/bash
+
+# shellcheck disable=SC2034
+TEST_DESCRIPTION="root filesystem on NBD with $USE_NETWORK"
+
+# Uncomment this to debug failures
+# DEBUGFAIL="rd.debug systemd.log_target=console loglevel=7"
+#DEBUGFAIL="rd.shell rd.break rd.debug systemd.log_target=console loglevel=7 systemd.log_level=debug"
+#SERIAL="tcp:127.0.0.1:9999"
+
+test_check() {
+    if ! type -p nbd-server &> /dev/null; then
+        echo "Test needs nbd-server... Skipping"
+        return 1
+    fi
+
+    if ! modinfo -k "$KVERSION" nbd &> /dev/null; then
+        echo "Kernel module nbd does not exist"
+        return 1
+    fi
+
+    return 0
+}
+
+run_server() {
+    # Start server first
+    echo "NBD TEST SETUP: Starting DHCP/NBD server"
+
+    declare -a disk_args=()
+    # shellcheck disable=SC2034
+    declare -i disk_index=0
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/unencrypted.img unencrypted
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/encrypted.img encrypted
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img serverroot
+
+    "$testdir"/run-qemu \
+        "${disk_args[@]}" \
+        -serial "${SERIAL:-"file:$TESTDIR/server.log"}" \
+        -net nic,macaddr=52:54:00:12:34:56,model=e1000 \
+        -net socket,listen=127.0.0.1:12340 \
+        -append "panic=1 oops=panic softlockup_panic=1 rd.luks=0 systemd.crash_reboot quiet root=/dev/disk/by-id/ata-disk_serverroot rootfstype=ext4 rw console=ttyS0,115200n81 selinux=0 $SERVER_DEBUG" \
+        -initrd "$TESTDIR"/initramfs.server \
+        -pidfile "$TESTDIR"/server.pid -daemonize || return 1
+    chmod 644 "$TESTDIR"/server.pid || return 1
+
+    # Cleanup the terminal if we have one
+    tty -s && stty sane
+
+    if ! [[ $SERIAL ]]; then
+        echo "Waiting for the server to startup"
+        while :; do
+            grep Serving "$TESTDIR"/server.log && break
+            tail "$TESTDIR"/server.log
+            sleep 1
+        done
+    else
+        echo Sleeping 10 seconds to give the server a head start
+        sleep 10
+    fi
+}
+
+client_test() {
+    local test_name="$1"
+    local mac=$2
+    local cmdline="$3"
+    local fstype=$4
+    local fsopt=$5
+    local found opts nbdinfo
+
+    [[ $fstype ]] || fstype=ext4
+    [[ $fsopt ]] || fsopt="ro"
+
+    echo "CLIENT TEST START: $test_name"
+
+    declare -a disk_args=()
+    declare -i disk_index=0
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker
+
+    test_marker_reset
+    "$testdir"/run-qemu \
+        "${disk_args[@]}" \
+        -net nic,macaddr="$mac",model=e1000 \
+        -net socket,connect=127.0.0.1:12340 \
+        -append "panic=1 oops=panic softlockup_panic=1 systemd.crash_reboot rd.shell=0 $cmdline $DEBUGFAIL rd.auto rd.info rd.retry=10 ro console=ttyS0,115200n81  selinux=0  " \
+        -initrd "$TESTDIR"/initramfs.testing
+
+    # shellcheck disable=SC2181
+    if [[ $? -ne 0 ]] || ! test_marker_check nbd-OK "$TESTDIR"/marker.img; then
+        echo "CLIENT TEST END: $test_name [FAILED - BAD EXIT]"
+        return 1
+    fi
+
+    # nbdinfo=( fstype fsoptions )
+    read -r -a nbdinfo < <(awk '{print $2, $3; exit}' "$TESTDIR"/marker.img)
+
+    if [[ ${nbdinfo[0]} != "$fstype" ]]; then
+        echo "CLIENT TEST END: $test_name [FAILED - WRONG FS TYPE] \"${nbdinfo[0]}\" != \"$fstype\""
+        return 1
+    fi
+
+    opts=${nbdinfo[1]},
+    while [[ $opts ]]; do
+        if [[ ${opts%%,*} == "$fsopt" ]]; then
+            found=1
+            break
+        fi
+        opts=${opts#*,}
+    done
+
+    if [[ ! $found ]]; then
+        echo "CLIENT TEST END: $test_name [FAILED - BAD FS OPTS] \"${nbdinfo[1]}\" != \"$fsopt\""
+        return 1
+    fi
+
+    echo "CLIENT TEST END: $test_name [OK]"
+}
+
+test_run() {
+    if ! run_server; then
+        echo "Failed to start server" 1>&2
+        return 1
+    fi
+    client_run
+    kill_server
+}
+
+client_run() {
+    # The default is ext4,errors=continue so use that to determine
+    # if our options were parsed and used
+    client_test "NBD root=nbd:IP:port" 52:54:00:12:34:00 \
+        "root=nbd:192.168.50.1:raw rd.luks=0" || return 1
+
+    client_test "NBD root=nbd:IP:port::fsopts" 52:54:00:12:34:00 \
+        "root=nbd:192.168.50.1:raw::errors=panic rd.luks=0" \
+        ext4 errors=panic || return 1
+
+    client_test "NBD root=nbd:IP:port:fstype" 52:54:00:12:34:00 \
+        "root=nbd:192.168.50.1:raw:ext4 rd.luks=0" ext4 || return 1
+
+    client_test "NBD root=nbd:IP:port:fstype:fsopts" 52:54:00:12:34:00 \
+        "root=nbd:192.168.50.1:raw:ext4:errors=panic rd.luks=0" \
+        ext4 errors=panic || return 1
+
+    # DHCP root-path parsing
+
+    client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port" 52:54:00:12:34:01 \
+        "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" || return 1
+
+    client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port:fstype" \
+        52:54:00:12:34:02 "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" ext2 || return 1
+
+    client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port::fsopts" \
+        52:54:00:12:34:03 "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" ext4 errors=panic || return 1
+
+    client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port:fstype:fsopts" \
+        52:54:00:12:34:04 "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" ext2 errors=panic || return 1
+
+    # netroot handling
+
+    client_test "NBD netroot=nbd:IP:port" 52:54:00:12:34:00 \
+        "root=LABEL=dracut netroot=nbd:192.168.50.1:raw ip=dhcp rd.luks=0" || return 1
+
+    client_test "NBD root=/dev/root netroot=dhcp DHCP root-path nbd:srv:port:fstype:fsopts" \
+        52:54:00:12:34:04 "root=/dev/root netroot=dhcp ip=dhcp rd.luks=0" ext2 errors=panic || return 1
+
+    # Encrypted root handling via LVM/LUKS over NBD
+
+    # shellcheck disable=SC1090
+    . "$TESTDIR"/luks.uuid
+
+    client_test "NBD root=LABEL=dracut netroot=nbd:IP:port" \
+        52:54:00:12:34:00 \
+        "root=LABEL=dracut rd.luks.uuid=$ID_FS_UUID rd.lv.vg=dracut ip=dhcp netroot=nbd:192.168.50.1:encrypted" || return 1
+
+    # XXX This should be ext4,errors=panic but that doesn't currently
+    # XXX work when you have a real root= line in addition to netroot=
+    # XXX How we should work here needs clarification
+    #    client_test "NBD root=LABEL=dracut netroot=dhcp (w/ fstype and opts)" \
+    #                52:54:00:12:34:05 \
+    #                "root=LABEL=dracut rd.luks.uuid=$ID_FS_UUID rd.lv.vg=dracut netroot=dhcp" || return 1
+
+    if [[ -s server.pid ]]; then
+        kill -TERM "$(cat "$TESTDIR"/server.pid)"
+        rm -f -- "$TESTDIR"/server.pid
+    fi
+
+}
+
+make_encrypted_root() {
+    rm -fr "$TESTDIR"/overlay
+    kernel=$KVERSION
+    # Create what will eventually be our root filesystem onto an overlay
+    (
+        # shellcheck disable=SC2030
+        export initdir=$TESTDIR/overlay/source
+        # shellcheck disable=SC1090
+        . "$PKGLIBDIR"/dracut-init.sh
+        mkdir -p "$initdir"
+        (
+            cd "$initdir" || exit
+            mkdir -p dev sys proc etc run var/run tmp
+        )
+
+        inst_multiple sh df free ls shutdown poweroff stty cat ps ln ip \
+            mount dmesg mkdir cp ping dd sync
+        for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do
+            [ -f ${_terminfodir}/l/linux ] && break
+        done
+        inst_multiple -o ${_terminfodir}/l/linux
+
+        inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh"
+        inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh"
+        inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util"
+        ln -s dracut-util "${initdir}/usr/bin/dracut-getarg"
+        ln -s dracut-util "${initdir}/usr/bin/dracut-getargs"
+
+        inst ./client-init.sh /sbin/init
+        inst_simple /etc/os-release
+        find_binary plymouth > /dev/null && inst_multiple plymouth
+        cp -a /etc/ld.so.conf* "$initdir"/etc
+        ldconfig -r "$initdir"
+    )
+
+    # second, install the files needed to make the root filesystem
+    (
+        # shellcheck disable=SC2030
+        # shellcheck disable=SC2031
+        export initdir=$TESTDIR/overlay
+        # shellcheck disable=SC1090
+        . "$PKGLIBDIR"/dracut-init.sh
+        (
+            cd "$initdir" || exit
+            mkdir -p dev sys proc etc tmp var run root
+            ln -s ../run var/run
+        )
+        inst_multiple mkfs.ext4 poweroff cp umount dd sync
+        inst_hook shutdown-emergency 000 ./hard-off.sh
+        inst_hook emergency 000 ./hard-off.sh
+        inst_hook initqueue 01 ./create-encrypted-root.sh
+        inst_hook initqueue/finished 01 ./finished-false.sh
+    )
+
+    # create an initramfs that will create the target root filesystem.
+    # We do it this way so that we do not risk trashing the host mdraid
+    # devices, volume groups, encrypted partitions, etc.
+    "$DRACUT" -l -i "$TESTDIR"/overlay / \
+        -m "dash crypt lvm mdraid kernel-modules qemu" \
+        -d "piix ide-gd_mod ata_piix ext4 sd_mod" \
+        --no-hostonly-cmdline -N \
+        -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1
+    rm -rf -- "$TESTDIR"/overlay
+
+    declare -a disk_args=()
+    # shellcheck disable=SC2034
+    declare -i disk_index=0
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/encrypted.img root 120
+
+    # Invoke KVM and/or QEMU to actually create the target filesystem.
+    "$testdir"/run-qemu \
+        "${disk_args[@]}" \
+        -append "root=/dev/fakeroot rw quiet console=ttyS0,115200n81 selinux=0" \
+        -initrd "$TESTDIR"/initramfs.makeroot || return 1
+    test_marker_check dracut-root-block-created || return 1
+    grep -F -a -m 1 ID_FS_UUID "$TESTDIR"/marker.img > "$TESTDIR"/luks.uuid
+}
+
+make_client_root() {
+    rm -fr "$TESTDIR"/overlay
+    kernel=$KVERSION
+    (
+        mkdir -p "$TESTDIR"/overlay/source
+        # shellcheck disable=SC2030
+        # shellcheck disable=SC2031
+        export initdir=$TESTDIR/overlay/source
+        # shellcheck disable=SC1090
+        . "$PKGLIBDIR"/dracut-init.sh
+        mkdir -p "$initdir"
+        (
+            cd "$initdir" || exit
+            mkdir -p dev sys proc etc run var/run tmp
+        )
+        inst_multiple sh ls shutdown poweroff stty cat ps ln ip \
+            dmesg mkdir cp ping dd mount sync
+        for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do
+            [ -f ${_terminfodir}/l/linux ] && break
+        done
+        inst_multiple -o ${_terminfodir}/l/linux
+
+        inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-lib.sh" "/lib/dracut-lib.sh"
+        inst_simple "${PKGLIBDIR}/modules.d/99base/dracut-dev-lib.sh" "/lib/dracut-dev-lib.sh"
+        inst_binary "${PKGLIBDIR}/dracut-util" "/usr/bin/dracut-util"
+        ln -s dracut-util "${initdir}/usr/bin/dracut-getarg"
+        ln -s dracut-util "${initdir}/usr/bin/dracut-getargs"
+
+        inst ./client-init.sh /sbin/init
+        inst_simple /etc/os-release
+        inst_multiple -o {,/usr}/etc/nsswitch.conf
+        inst /etc/passwd /etc/passwd
+        inst /etc/group /etc/group
+        for i in /usr/lib*/libnss_files* /lib*/libnss_files*; do
+            [ -e "$i" ] || continue
+            inst "$i"
+        done
+        cp -a /etc/ld.so.conf* "$initdir"/etc
+        ldconfig -r "$initdir"
+    )
+
+    # second, install the files needed to make the root filesystem
+    (
+        # shellcheck disable=SC2030
+        # shellcheck disable=SC2031
+        export initdir=$TESTDIR/overlay
+        # shellcheck disable=SC1090
+        . "$PKGLIBDIR"/dracut-init.sh
+        inst_multiple sfdisk mkfs.ext4 poweroff cp umount sync dd
+        inst_hook initqueue 01 ./create-client-root.sh
+        inst_hook initqueue/finished 01 ./finished-false.sh
+    )
+
+    # create an initramfs that will create the target root filesystem.
+    # We do it this way so that we do not risk trashing the host mdraid
+    # devices, volume groups, encrypted partitions, etc.
+    "$DRACUT" -l -i "$TESTDIR"/overlay / \
+        -m "dash rootfs-block kernel-modules qemu" \
+        -d "piix ide-gd_mod ata_piix ext4 sd_mod" \
+        --nomdadmconf \
+        --no-hostonly-cmdline -N \
+        -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1
+
+    declare -a disk_args=()
+    # shellcheck disable=SC2034
+    declare -i disk_index=0
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/unencrypted.img root 120
+
+    # Invoke KVM and/or QEMU to actually create the target filesystem.
+    "$testdir"/run-qemu \
+        "${disk_args[@]}" \
+        -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \
+        -initrd "$TESTDIR"/initramfs.makeroot || return 1
+    test_marker_check dracut-root-block-created || return 1
+    rm -fr "$TESTDIR"/overlay
+}
+
+make_server_root() {
+    rm -fr "$TESTDIR"/overlay
+    # shellcheck disable=SC2031
+    export kernel=$KVERSION
+    (
+        mkdir -p "$TESTDIR"/overlay/source
+        # shellcheck disable=SC2030
+        # shellcheck disable=SC2031
+        export initdir=$TESTDIR/overlay/source
+        # shellcheck disable=SC1090
+        . "$PKGLIBDIR"/dracut-init.sh
+        mkdir -p "$initdir"
+        (
+            cd "$initdir" || exit
+            mkdir -p run dev sys proc etc var var/lib/dhcpd tmp etc/nbd-server
+            ln -s ../run var/run
+        )
+        cat > "$initdir/etc/nbd-server/config" << EOF
+[generic]
+[raw]
+exportname = /dev/disk/by-id/ata-disk_unencrypted
+port = 2000
+bs = 4096
+[encrypted]
+exportname = /dev/disk/by-id/ata-disk_encrypted
+port = 2001
+bs = 4096
+EOF
+        inst_multiple sh ls shutdown poweroff stty cat ps ln ip \
+            dmesg mkdir cp ping grep \
+            sleep nbd-server chmod modprobe vi pidof
+        for _terminfodir in /lib/terminfo /etc/terminfo /usr/share/terminfo; do
+            [ -f ${_terminfodir}/l/linux ] && break
+        done
+        inst_multiple -o ${_terminfodir}/l/linux
+        instmods nfsd sunrpc ipv6 lockd af_packet 8021q ipvlan macvlan
+        type -P dhcpd > /dev/null && inst_multiple dhcpd
+        inst ./server-init.sh /sbin/init
+        inst_simple /etc/os-release
+        inst ./hosts /etc/hosts
+        inst ./dhcpd.conf /etc/dhcpd.conf
+        inst_multiple -o {,/usr}/etc/nsswitch.conf
+        inst /etc/passwd /etc/passwd
+        inst /etc/group /etc/group
+        _nsslibs=$(
+            cat "$dracutsysrootdir"/{,usr/}etc/nsswitch.conf 2> /dev/null \
+                | sed -e '/^#/d' -e 's/^.*://' -e 's/\[NOTFOUND=return\]//' \
+                | tr -s '[:space:]' '\n' | sort -u | tr -s '[:space:]' '|'
+        )
+        _nsslibs=${_nsslibs#|}
+        _nsslibs=${_nsslibs%|}
+
+        inst_libdir_file -n "$_nsslibs" 'libnss_*.so*'
+
+        cp -a /etc/ld.so.conf* "$initdir"/etc
+        ldconfig -r "$initdir"
+        dracut_kernel_post
+    )
+
+    # second, install the files needed to make the root filesystem
+    (
+        # shellcheck disable=SC2030
+        # shellcheck disable=SC2031
+        export initdir=$TESTDIR/overlay
+        # shellcheck disable=SC1090
+        . "$PKGLIBDIR"/dracut-init.sh
+        inst_multiple sfdisk mkfs.ext4 poweroff cp umount sync dd sync
+        inst_hook initqueue 01 ./create-server-root.sh
+        inst_hook initqueue/finished 01 ./finished-false.sh
+    )
+
+    # create an initramfs that will create the target root filesystem.
+    # We do it this way so that we do not risk trashing the host mdraid
+    # devices, volume groups, encrypted partitions, etc.
+    "$DRACUT" -l -i "$TESTDIR"/overlay / \
+        -m "dash rootfs-block kernel-modules qemu" \
+        -d "piix ide-gd_mod ata_piix ext4 sd_mod" \
+        --nomdadmconf \
+        --no-hostonly-cmdline -N \
+        -f "$TESTDIR"/initramfs.makeroot "$KVERSION" || return 1
+
+    declare -a disk_args=()
+    # shellcheck disable=SC2034
+    declare -i disk_index=0
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/marker.img marker 1
+    qemu_add_drive_args disk_index disk_args "$TESTDIR"/server.img root 120
+
+    # Invoke KVM and/or QEMU to actually create the target filesystem.
+    "$testdir"/run-qemu \
+        "${disk_args[@]}" \
+        -append "root=/dev/dracut/root rw rootfstype=ext4 quiet console=ttyS0,115200n81 selinux=0" \
+        -initrd "$TESTDIR"/initramfs.makeroot || return 1
+    test_marker_check dracut-root-block-created || return 1
+    rm -fr "$TESTDIR"/overlay
+}
+
+test_setup() {
+    make_encrypted_root || return 1
+    make_client_root || return 1
+    make_server_root || return 1
+
+    rm -fr "$TESTDIR"/overlay
+    # Make the test image
+    (
+        # shellcheck disable=SC2031
+        # shellcheck disable=SC2030
+        export initdir=$TESTDIR/overlay
+        # shellcheck disable=SC1090
+        . "$PKGLIBDIR"/dracut-init.sh
+        inst_multiple poweroff shutdown dd
+        inst_hook shutdown-emergency 000 ./hard-off.sh
+        inst ./cryptroot-ask.sh /sbin/cryptroot-ask
+
+        #        inst ./debug-shell.service /lib/systemd/system/debug-shell.service
+        #        mkdir -p "${initdir}/lib/systemd/system/sysinit.target.wants"
+        #        ln -fs ../debug-shell.service "${initdir}/lib/systemd/system/sysinit.target.wants/debug-shell.service"
+
+        # shellcheck disable=SC1090
+        . "$TESTDIR"/luks.uuid
+        mkdir -p "$initdir"/etc
+        echo "luks-$ID_FS_UUID /dev/nbd0 /etc/key" > "$initdir"/etc/crypttab
+        echo -n test > "$initdir"/etc/key
+        inst_simple ./client.link /etc/systemd/network/01-client.link
+    )
+
+    "$DRACUT" -l -i "$TESTDIR"/overlay / \
+        -o "plymouth iscsi nfs" \
+        -a "debug watchdog ${USE_NETWORK}" \
+        --no-hostonly-cmdline -N \
+        -f "$TESTDIR"/initramfs.testing "$KVERSION" || return 1
+
+    (
+        # shellcheck disable=SC2031
+        export initdir="$TESTDIR"/overlay
+        # shellcheck disable=SC1090
+        . "$PKGLIBDIR"/dracut-init.sh
+        rm "$initdir"/etc/systemd/network/01-client.link
+        inst_simple ./server.link /etc/systemd/network/01-server.link
+        inst_hook pre-mount 99 ./wait-if-server.sh
+    )
+    "$DRACUT" -l -i "$TESTDIR"/overlay / \
+        -a "rootfs-block debug kernel-modules network network-legacy" \
+        -d "af_packet piix ide-gd_mod ata_piix ext4 sd_mod e1000 drbg" \
+        --no-hostonly-cmdline -N \
+        -f "$TESTDIR"/initramfs.server "$KVERSION" || return 1
+
+    rm -rf -- "$TESTDIR"/overlay
+}
+
+kill_server() {
+    if [[ -s $TESTDIR/server.pid ]]; then
+        kill -TERM "$(cat "$TESTDIR"/server.pid)"
+        rm -f -- "$TESTDIR"/server.pid
+    fi
+}
+
+test_cleanup() {
+    kill_server
+}
+
+# shellcheck disable=SC1090
+. "$testdir"/test-functions
diff --git a/test/TEST-40-NBD/wait-if-server.sh b/test/TEST-40-NBD/wait-if-server.sh
new file mode 100755
index 0000000..8ae21f8
--- /dev/null
+++ b/test/TEST-40-NBD/wait-if-server.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+. /lib/net-lib.sh
+wait_for_if_link enx525400123456