Since Bash 4.4, command substitutions containing null bytes produce a
warning of the form
/usr/sbin/dracut: line 1958: warning: command substitution: ignored null byte in input
Remove the trailing null byte from the UEFI kernel command line file
before printing it to suppress this warning.
Previously with squash module, some binaries will be reinstalled, but
stripping happens before that so new installed binaries is not stripped.
So adjust the squash and strip order, ensure new installed binaries are
stripped just the same way with the old binaries.
Also split squash into two stage to make the split easier, move the
squash temp dir into initdir so stripping will cover that too,
and print more usefule message.
Signed-off-by: Kairui Song <kasong@redhat.com>
on line 1086 it's used to check for the uefi_stub:
"${systemdutildir}/boot/efi/linux${EFI_MACHINE_TYPE_NAME}.efi.stub"
so it needs to be defined before that
The EFI executables produced by dracut --uefi must be placed in the
subdirectory /EFI/Linux of the EFI system partition (ESP) according to
the Boot Loader Specification, see
https://systemd.io/BOOT_LOADER_SPECIFICATION#logic
This is done correctly for the mount points /boot and /boot/efi, but for
the mount point /efi, the files are placed in /efi/Linux instead of the
correct /efi/EFI/Linux. This commit fixes the directory so that the EFI
executables are picked up correctly by conforming boot loaders.
Apart from complying to the specification, the change is also in line
with the commit message of 5c57209ba5
("dracut.sh: add default path for --uefi") which introduced this feature
as well as the documentation in dracut.8.asc.
systemctl need to be accessible on switch-root, but we unmount the
squash image on switch-root, so it will fail. systemctl depends on a lot
of libraries, squash them can save more RAM. So allow modules
(eg. kdump) to tell dracut that switch-root will be intercepted,
then we don't need to take care of that.
Signed-off-by: Kairui Song <kasong@redhat.com>
If required target is a symbol link, create the link then following the
link. If it's a directory, create new directory, else just move it.
Signed-off-by: Kairui Song <kasong@redhat.com>
systemd binary and udevadm are not needed to be outside the squash
image. Some binaries are kept outside because they are required before
mounting the image, or after umounting the image (when switching root),
or they may block umounting the image. But we are using lazy umounting,
so actually nothing will block the umount.
Keep more binaries outside the squash image won't hurt but cost extra
memories, the idea of squash image is to save memory usage.
So, there is no reason to keep udevadm outside, that should be a debug
left over. For systemd binary, it's running when switch root happens,
But we have lazy umounted the image and overlay, once systemd process
exec the new systemd in new root, everything will be cleared by kernel.
Also tidy up the comment make it less confussing.
Signed-off-by: Kairui Song <kasong@redhat.com>
Previous in commit 7047294, dracut will include the loaded kernel module
list in initramfs, so other tools could check if the loaded kernel
module is changed and rebuild the host only initramfs in case some
module required to boot the machine is missing due to host only install.
It's better to use modalias list generated by dracut-install, that
list includes the device modalias list combined with current loaded
kernel module list. In this way, if any kernel module is yet to be
loaded when the initramfs is built, or got unloaded by accident the
module list will not change. This make the list more stable over
initramfs builds.
Signed-off-by: Kairui Song <kasong@redhat.com>
In commit [9d1b81c dracut.sh: improve udevdir and systemdutildir
fallback logic] , it checked a common binary `collect' to location
udevdir.
But upstream systemd drop binary `collect' since systemd v240
[a168792c2d]
So check binary `ata_id' to instead.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Let the caller pass in the module path instead of try to find the module
path everytime. This helps optimize the overall runtime.
Test results (3 rounds) on Fedora 30 in KVM VM with 8 CPUs, 2G memory, HDD:
$ time ./dracut.sh --local --quiet --hostonly --hostonly-cmdline --hostonly-i18n --hostonly-mode 'strict' -o 'plymouth dash resume ifcfg' --mount '/dev/mapper/fedora-root /sysroot xfs defaults' --no-hostonly-default-device -f initramfs.img
Before the commit:
real 0m11.782s | real 0m11.505s | real 0m11.958s
user 0m9.169s | user 0m9.218s | user 0m9.327s
sys 0m10.839s | sys 0m10.829s | sys 0m10.925s
After this commit:
real 0m9.866s | real 0m9.580s | real 0m9.638s
user 0m9.048s | user 0m9.142s | user 0m9.120s
sys 0m7.411s | sys 0m7.775s | sys 0m7.745s
Test result of building a ordinary image:
$ time ./dracut.sh --local --quiet -f initramfs.img
Before the commit:
real 0m34.697s | real 0m34.371s | real 0m35.122s
user 0m27.608s | user 0m27.524s | user 0m27.705s
sys 0m22.341s | sys 0m22.032s | sys 0m22.246s
After the commit:
real 0m31.914s | real 0m31.006 | real 0m31.289ss
user 0m27.315s | user 0m27.324 | user 0m27.290ss
sys 0m19.051s | sys 0m18.916 | sys 0m19.022ss
This will have an ~2s speed up.
Signed-off-by: Kairui Song <kasong@redhat.com>
When building squash image, squash module forgot to install the new
shutdown.sh, and the shutdown hooks are always skipped on ordinary
shutdown if squash module is enabled.
The new shutdown.sh will remount the squash image and then everything
will just work, but currently re-mounting the squash image on shutdown
may have selinux problem and make the system hang, and there is no
easy way to fix it.
So skip fixing the shutdown.sh not being install problem, instead
just drop the new shutdown.sh, and unsquash the image on ordinary
shutdown, which is safer and should always work.
Signed-off-by: Kairui Song <kasong@redhat.com>
With all files stored in ramfs, and most of them are not compressed,
the initramfs will take up a lot of memory. Besides, if the file number
is large, each file will waste some memory due to page fragmetation.
This is due to ramfs' design, at least one page will be allocated for
one file however small the file is. On machine with large page size,
this will become worse and waste too many memory.
One approach to reducing the memory usage is to reduce the number of
files that got directly loaded into the root ramfs, and compress files
by put most files will into a read-only squash image and keep a minimum
set of executable and libraries outside as the loader for the squash
image. After the squash image is mounted, the real 'init' will be
executed and then everything behaves as usual.
This patch will introduce a '99squash' module which will never be
included by default. User can force add it, and if it is included,
dracut will perform some extra steps before creating the final image:
For now, "/etc" and "/usr" will be moved into the squashfs image.
"/init" will be renamed to "/init.stock" and replaced by "/init.squash".
Files and folders need to be accessible before mounting the image will
be still avaliable at their original place. And due to squashfs is
readonly, an overlayfs layer will be created on top of squashfs mount
point, as many dracut module require readwrite access to "/etc" and
"/usr", "init.squash" will ultimately call "/init.stock".
An extra systemd service will be installed. This service will umount all
squashfs related mount points right before switch-root to release
resources properly. This service will not actually do anything if
switch-root is not used.
This is very helpful when mem resource is very limited, like Kdump.
According to my tests, this squash module can help save about 35MB of
memory with 64K page size, or about 15MB with 4K page size on an
ordinary kdump capture routine. This module could also help reduce
memory usage for normal boot up process.
Won't change any behavior if squash module is not enabled.
Signed-off-by: Kairui Song <kasong@redhat.com>
A hostonly image will not include every possibly required kernel module,
so if any hardware or configuration changed, the image may fail to boot.
One way to know if there are any hardware change or configuration change
that will require an image rebuild or not is to check the loaded kernel
module list. If the loaded kernel module list differs from last build
time, then the image may require to be rebuilt.
This commit will let dracut record the loaded kernel module list when
the image is being built, so other tools or services can compare this
list with currently loaded kernel modules to decide if dracut should be
called to rebuild the image.
To retrieve the loaded kernel modules list when an image is built, use
lsinitrd command:
lsinitrd $image -f */lib/dracut/loaded-kernel-modules.txt
Check for a common binary in systemdutildir. This resolves an issue on
split-usr systems, where it is common to have both /lib/systemd[/system]
and /usr/lib/systemd[/user] present.
Check for systemd-udevd specifically, since some distros (Gentoo) allow
udev to be installed without the rest of the systemd stack.
Similar logic is applied to udevdir simply for consistency.
Add a new option --hostonly-mode which accept an <mode> parameter, so we have a tri-state hostonly mode:
* generic: by passing "--no-hostonly" or not passing anything.
"--hostonly-mode" has no effect in such case.
* sloppy: by passing "--hostonly --hostonly-mode sloppy". This
is also the default mode when only "--hostonly" is given.
* strict: by passing "--hostonly --hostonly-mode strict".
Sloppy mode is the original hostonly mode, the new introduced strict
mode will allow modules to ignore more drivers or do some extra job to
save memory and disk space, while making the image less portable.
Also introduced a helper function "optional_hostonly" to make it
easier for modules to leverage new hostonly mode.
To force install modules only in sloppy hostonly mode, use the form:
hostonly="$(optional_hostonly)" instmods <modules>
Signed-off-by: Kairui Song <kasong@redhat.com>
When dracut silently produces a broken initramfs, then the system will
likely not boot and this can be very problematic. Typical use case is
after the kernel has been updated.
It appears that dracut is not protected against the BASH_ENV variable,
causing various scripts called by dracut to possibly fail or provide
wrong output (e.g. "ldd" is one of these).
Having a broken output for "ldd" makes the generated initramfs be not
usable, typically because vital binaries will be missing (e.g.
"awk", "udevadm", ...).
Note: because the shebang line cannot contain more than one argument,
the '--norc' option had to be removed. IMHO, it was useless anyway.
Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
It's possible for e.g. `kernel` to be installed as an RPM BuildRequires or equivalent,
and there's no reason to sync, and *definitely* no reason to fsfreeze.
Another case where this happens is rpm-ostree, which performs its own sync/fsfreeze
globally. See e.g. 8642ef5ab3
We initially enabled it for Haswell TSX bug (mga#16657)
Now there is also Meltdown and Spectre security issues,
and more microcode issues will most likely show up...
So the sane default for 'early_microcode' to have it enabled,
as theese changes must be done early in boot process to take
effect as intended.
Update documentation accordingly.
Reference: https://bugs.mageia.org/show_bug.cgi?id=16657
Signed-off-by: Thomas Backlund <tmb@mageia.org>
Signed-off-by: Neal Gompa <ngompa13@gmail.com>
When the system boots with EFI, then initrd image is stored
on EFI System Partition. Thus dracut always warn about the
failure to invoke fsfreeze on the partition.
This prevents to run fsfreeze on ESP and suppress the warning.
- dracut replaced every instance of "-i" in the cmdline,
even if it was part of a kernel image name, e.g. "vmlinuz-i"
- Fixes boo#908452
Signed-off-by: Fabian Vogt <fvogt@suse.com>
Adjusted to not support "dracut -ifoo bar", as this breaks expected
upstream behavior.
Currently in Fedora/RedHat dracut installs its fedora.conf.example
as the default config file, in which sysloglvl is set 5. This leads
to maxloglvl=5 in dracut calls, making unnecessary lsinitrd calls
during initramfs builds by kdump.
This patch disables lsinitrd logging when --quiet option is given,
which is controlled by maxloglvl only before. This will speed up
dracut image building as the following if --quiet is used in kdump:
1) Before this patch
$ kdumpctl stop; touch /etc/kdump.conf; time kdumpctl start
kexec: unloaded kdump kernel
Stopping kdump: [OK]
Detected change(s) in the following file(s):
/etc/kdump.conf
Rebuilding /boot/initramfs-4.13.0-0.rc1.git4.1.fc27.x86_64kdump.img
kexec: loaded kdump kernel
Starting kdump: [OK]
real 0m26.824s
user 0m9.958s
sys 0m15.106s
2) After this patch
$ kdumpctl stop; touch /etc/kdump.conf; time kdumpctl start
kexec: unloaded kdump kernel
Stopping kdump: [OK]
Detected change(s) in the following file(s):
/etc/kdump.conf
Rebuilding /boot/initramfs-4.13.0-0.rc1.git4.1.fc27.x86_64kdump.img
kexec: loaded kdump kernel
Starting kdump: [OK]
real 0m20.420s
user 0m8.385s
sys 0m10.468s
Signed-off-by: Ziyue Yang <ziyang@redhat.com>
In case of "--no-hostonly-default-device", we do not need
the root device, thus add this check.
Also fixed the stale "root_dev" export.
Signed-off-by: Xunlei Pang <xlpang@redhat.com>
Kdump doesn't need default host devices like root, swap, fstab, etc,
we only care about the dump target which can be added via "--mount"
or "--add-device". We met several issues that kdump kernel failed
due to one of those host devices added by dracut, additionally, the
needless devices(e.g. LVM) consume some appreciable amount of memory
which is more likely to cause OOM under memory-limited kdump.
So this patch introduced "--no-hostonly-default-device" to avoid
adding those default devices as host_devs.
Signed-off-by: Xunlei Pang <xlpang@redhat.com>
If we trigger crash just after creating initramfs, sometimes it is
observed that initramfs is not written to disk causing the subsequent
boot to fail. A sync should resolve this.
Signed-off-by: Ankit Kumar <ankit@linux.vnet.ibm.com>
Kairui Song