Also install umount binary, make it possible to cleanup squash overlay
mounts. This is useful for other tools reusing the dracut initramfs built
with squash module enabled.
Signed-off-by: Kairui Song <kasong@redhat.com>
Upcoming versions of EVM will not require the ALLOW_METADATA_WRITES anymore,
therefore we remove it from the script and require it to be set in the EVM
config file variable EVM_ACTIVATION_BITS for those versions that need it.
Patch 9 in this patch set deprecates the EVM_ALLOW_METADATA_WRITES flag:
https://lore.kernel.org/linux-integrity/20210514152753.982958-1-roberto.sassu@huawei.com/
Suggested-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
It is possible that user setup some early mount in the rootfs even
earlier, so just be more robust and cover that case too.
Signed-off-by: Kairui Song <kasong@redhat.com>
```
dracut-dev-lib.sh: line 92: str_replace: command not found
dracut-dev-lib.sh: line 98: /var/tmp/dracut.sabKZg/initramfs/initqueue/finished/devexists-.sh: No such file or directory
dracut-dev-lib.sh: line 83: /var/tmp/dracut.sabKZg/initramfs/emergency/80-.sh: No such file or directory
```
Add OpenSuse and Arch Linux to limited tests.
Only run the full tests against the latest stable Fedora version
to reduce the workload.
Also remove the `hung_task_panic=1` on the kernel command line, as qemu
tends to be really slow in non-kvm mode.
Fixes: 8e84fa726 ("fix(url-lib): shellcheck for modules.d/45url-lib")
Behaviour introduced by that commit made the following to be run:
curl "--globoff --location --retry 3 --fail --show-error" http://192.168.1.173:8000/test.ks
instead of:
curl --globoff --location --retry 3 --fail --show-error http://192.168.1.173:8000/test.ks
This broke downloading kickstart file in anaconda-dracut.
Gummiboot was merged into systemd and official became systemd-boot in 2015 ( 6 years ago )
and no longer was being maintained as Gummiboot from that point.
It's safe to say distribution should have migrated to sd-boot by now so let's deprecate
it.
The ldd output can contain the variable $LIB, which is a documented feature of
ldd. In a previous commit [0], dracut-install received support for this
variable, but that was later reverted [1] due to issues [2][3] on Gentoo ARM64.
The part before '=>' does not necessarily refer to an existing file (e.g. due
to the usage of $LIB) and thus [1] could be seen as a regression to anyone
that uses this ldd feature. This PR combines both cases together and whenever
it find a '$' character (i.e. a variable) on the left side of the '=>' symbol,
it uses the right hand path (and thus uses evaluation done by ldd), otherwise
falls back to the behavior set by [1].
Reproducer that was presented to me:
$ grep "ibz.so" /etc/ld.so.preload || cat << EOF >> /etc/ld.so.preload
/\$LIB/libz.so.1.2.11
EOF
$ mkdir -p /var/tmp/dracut.xitk6p/initramfs
$ strace /usr/lib/dracut/dracut-install -D /var/tmp/dracut.xitk6p/initramfs -l /bin/bash 2>&1|grep ibz
$ rm -rf /var/tmp/dracut.xitk6p/
[0] 45404a2
[1] 6d886bb
[2] #471
[3] https://bugs.gentoo.org/667752
Kairui Song