Commit Graph

2957 Commits (c30070c8f503fc373268912890df2456da3de1fd)

Author SHA1 Message Date
Lubomir Rintel 1c4a51c39c network: fix an error message 2018-09-21 11:32:01 +02:00
Lubomir Rintel 0aa2e5f728 iscsi: start iscsid even w/o systemd 2018-09-21 11:32:01 +02:00
Lubomir Rintel 5e615f4eb4 iscsi: do not install all of /etc/iscsi unless hostonly
/etc/iscsi/initiatorname.iscsi would leak the host initiator name (that
is host configuration) to the initramfs. Perhaps other files too.
2018-09-21 11:32:01 +02:00
Lubomir Rintel 9e82732dd4 iscsi: do not replace the configuration in the host system
ln: failed to create symbolic link '/usr/lib/systemd/system/sockets.target.wants/iscsid.socket': Permission denied
  ln: failed to create symbolic link '/usr/lib/systemd/system/sockets.target.wants/iscsiuio.socket': Permission denied

No way. Just ensure the links are there in the initramfs image. In fact,
that is already the case for iscsiuio.socket. Add iscsid.socket too.
2018-09-21 11:32:01 +02:00
Lubomir Rintel 0454dc247a network: configure NetworkManager to use dhclient
If the network module obtained a lease using dhclient, NetworkManager
must be configured to use it too, otherwise it would obtain a different
lease (and could potentially break a connection to the network volume).
2018-09-21 10:40:55 +02:00
Kairui Song 095e1f37c4 Add support for building a squashed initramfs
With all files stored in ramfs, and most of them are not compressed,
the initramfs will take up a lot of memory. Besides, if the file number
is large, each file will waste some memory due to page fragmetation.
This is due to ramfs' design, at least one page will be allocated for
one file however small the file is. On machine with large page size,
this will become worse and waste too many memory.

One approach to reducing the memory usage is to reduce the number of
files that got directly loaded into the root ramfs, and compress files
by put most files will into a read-only squash image and keep a minimum
set of executable and libraries outside as the loader for the squash
image. After the squash image is mounted, the real 'init' will be
executed and then everything behaves as usual.

This patch will introduce a '99squash' module which will never be
included by default. User can force add it, and if it is included,
dracut will perform some extra steps before creating the final image:

For now, "/etc" and "/usr" will be moved into the squashfs image.
"/init" will be renamed to "/init.stock" and replaced by "/init.squash".
Files and folders need to be accessible before mounting the image will
be still avaliable at their original place. And due to squashfs is
readonly, an overlayfs layer will be created on top of squashfs mount
point, as many dracut module require readwrite access to "/etc" and
"/usr", "init.squash" will ultimately call "/init.stock".

An extra systemd service will be installed. This service will umount all
squashfs related mount points right before switch-root to release
resources properly. This service will not actually do anything if
switch-root is not used.

This is very helpful when mem resource is very limited, like Kdump.
According to my tests, this squash module can help save about 35MB of
memory with 64K page size, or about 15MB with 4K page size on an
ordinary kdump capture routine. This module could also help reduce
memory usage for normal boot up process.

Won't change any behavior if squash module is not enabled.

Signed-off-by: Kairui Song <kasong@redhat.com>
2018-09-21 10:32:04 +02:00
Alexander Tsoy f4334e9bdf base/dracut-lib.sh: use "command -v" in pidof()
"type -P" doesn't work in dash
2018-09-10 09:45:50 +02:00
Alexander Tsoy b3480d31b0 Prevent environment leaking into initrd-release
On my system the following initrd-release is generated:
...
VERSION="4 dracut-048 dracut-048"
...

VERSION is not defined in /etc/os-release, so the variable is
concatenated with its previous value:

* "4" comes from the kernel build system since dracut is called from the
  kernel install hook ("4" is a major kernel version);
* first "dracut-048" comes from the "systemd-initrd" module;
* second "dracut-048" comes from the "base" module.
2018-09-10 09:42:36 +02:00
Frederick Grose 8dd7bb48fc dmsquash-live/apply-live-updates: Test proper file link.
Update flag link to /dev/root as required by commit
789668deb3.
2018-09-06 11:46:24 +02:00
Frederick Grose 44d1688164 dmsquash-live-root: Manage absent overlayfs module better.
die when required; systemctl reload otherwise.
2018-09-06 11:46:24 +02:00
Frederick Grose a7d8fc280c dmsquash-live: Avoid grep and sed in this module.
strstr and variable string manipulations suffice.
2018-09-06 11:46:24 +02:00
Daniel Molkentin e9a84e0a21 98dracut-systemd: Start systemd-vconsole-setup before dracut-cmdline-ask
This is what happened before this patch (edited for brevity):

  dracut-cmdline-ask.service in modules.d/98dracut-systemd, which invokes
  dracut-cmdline-ask.sh. This script and systemd-vconsole-setup are
  started in parallel for the same console (tty1).

  Then dracut-cmdline-ask quits immediately without doing anything (unless
  rd.cmdline=ask is given). As this is a bash script and it gets tty as
  stdin as specified in its *.service, this triggers the hangup of tty1 at
  its exit.

  Meanwhile systemd-vconsole-setup continues and tries some ioctls after
  that, but they fail because of the hung up tty1.

The usual culprit for starting systemd-vconsole-setup early on is
plymouth-start.service, even if plymouth.enable=0 is set.

A popular (and annoying) symptom of this as reported by users was
the inability use their configured keyboard layout in plymouth when
unlocking their crypted block devices.

Reference: boo#1055834
2018-09-05 13:20:36 +02:00
Tony Asleson ae9bc0d72f stratis: Add additional binaries
Include all binaries that could be called by the daemon.

Signed-off-by: Tony Asleson <tasleson@redhat.com>
2018-08-24 08:46:13 +02:00
Kairui Song 09ba1b289f kernel-modules: add nfit
To support pmem devices, nfit module is required
2018-08-21 13:03:36 +02:00
Kairui Song 9f3c31cd8d 99base: enable initqueue if extra devices are added
When extra devices are added, initqueue should be enabled to make sure
those devices are present, so following services and routines could
use those devices.

See PR #442 for more detail.
2018-08-21 13:03:20 +02:00
Frederick Grose eb18a1fe29 dmsquash-live, livenet: Simplify OverlayFS read-only overlay setup.
Use multiple lower layer directories in a single OverlayFS mount with
  a transient overlay directory.
Tolerate a command line with rd.live.overlay.readonly and NO persistent
  overlay by reconfiguring the OverlayFS mount options.
Use more compatible shell syntax for testing symlinks, and use printf
  instead of echo -e.
2018-08-21 10:52:34 +02:00
Frederick Grose 789668deb3 dmsquash-live: Support a flattened squashfs.img
A simplified root filesystem structure may be provided for OverlayFS
overlays by squashing the root filesystem directly instead of squashing
an embedded image file at /LiveOS/rootfs.img.  Detect and configure
such a squashed root filesystem for live booting.

For OverlayFS boots, avoid the read-only Device-mapper linear device
  at /dev/mapper/live-base.
Create a consistent device link at /dev/live-base for the read-only
  base loop device for all overlayed live root filesystems.
Consistently provide a link at /dev/root for wait_for_dev.

Update documentation.
2018-08-21 10:52:34 +02:00
Frederick Grose e791d753be livenet: Enable OverlayFS overlay in sysroot.mount generator.
Adjust sysroot.mount configuration for rd.live.overlay.overlayfs option.
Use link at /dev/root as a consistent flag for wait_for_dev.
Adjust documentation.
2018-08-20 10:08:43 +02:00
Harald Hoyer ee18dd2b88 ifcfg/write-ifcfg.sh: aggregate resolv.conf
The old code used /tmp/net.$netif.resolv.conf with $netif being randomly
chosen.

As it is not known which nameserver have which priority, just sort them
and deduplicate.
2018-08-17 15:52:36 +02:00
Harald Hoyer bb75d16521 kernel-network-modules: add vlan kernel modules 2018-08-14 14:07:12 +02:00
Harald Hoyer ab94a204e0 load modules earlier for iscsi via dhcp root-path 2018-08-14 11:03:11 +02:00
Harald Hoyer 26aea0299a multipath-shutdown: fix shell syntax
seems like a misplaced $()
2018-08-13 16:30:25 +02:00
Harald Hoyer 6f0500ed4a iscsi: remove $() where it does not fit
also simplify iscsiadm command to one call
2018-08-13 16:30:25 +02:00
Harald Hoyer 746135dd1e mdraid: better handling of various UUID formats 2018-08-13 16:30:25 +02:00
Nicolas Chauvet a0c915b1e4 Add gpio and pinctrl drivers for arm*/aarch64
This is needed since few gpio/pinctrl can be built as modules and are
useful on early boot.

One example is jetson-tx1 where sata and external mmc can work only
after loading pinctrl-max77620 and gpio-max77620 modules.

Having theses kind of drivers bundled into the initramfs will also
avoid some deferred probes.

V2: add pinctrl for all arches

Signed-off-by: Nicolas Chauvet <kwizart@gmail.com>
2018-08-06 09:46:08 +02:00
Harald Hoyer 99df3d22be mdraid/parse-md.sh: also accept rd.md.uuid with ":"
convert rd.md.uuid=32ef2172:f056:6fa7:66a8:2f7fc8b1798
to udev rules in the correct UUID format 32ef2172-f056-6fa7-66a8-2f7fcf8b1798
2018-08-02 16:32:41 +02:00
Hannes Reinecke a0eadcdc64 00warpclock: Set correct timezone
Add module for setting correct timezone.

References: bnc#830060

For now, this module will not be included automatically due to different
expectations (see e.g.  https://bugzilla.redhat.com/show_bug.cgi?id=981617)

Signed-off-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Daniel Molkentin <daniel.molkentin@suse.com>
2018-07-24 07:08:11 +02:00
Harald Hoyer 1caaeaae1e modules.d/95fcoe/cleanup-fcoe.sh: chmod +x 2018-07-12 15:19:17 +02:00
Harald Hoyer f265cb67dc mdraid: fix case if rd.md.uuid is in ID_FS_UUID format
if rd.md.uuid is in ID_FS_UUID format with dashes
e40a0234-7e52-5f10-f267-658d8ec463fa
convert it for the /dev/disk/by-id/md-uuid-${uuid} format
e40a0234:7e525f10:f267658d:8ec463fa
2018-07-06 09:25:03 +02:00
Harald Hoyer f98d3066d9 rdsosreport.sh: best effort to strip out passwords
Modified version of:
https://github.com/dracutdevs/dracut/pull/96

Thanks to Zhiguo Deng <bjzgdeng@linux.vnet.ibm.com>
2018-07-05 14:49:23 +02:00
Kairui Song 35e86ac117 Merge 90-multipath-hostonly and 90-multipath
This commit basically reverts 5ce7cc73

90-multipath-hostonly module was added in 5ce7cc73, because if hostonly
mode is enabled, multipath module will always hardcode wwids which
causes problems when the initramfs is cloned to another system with same
hardware.

Now with tri-state hostonly mode, the two modules could be merged and only
hardcode wwids when "strict" hostonly mode is enabled.
2018-07-05 13:17:19 +02:00
Harald Hoyer efecf0a95e network: iface_has_carrier(): fixed logic 2018-07-05 09:37:10 +02:00
Hiroaki Mizuguchi c574c3f565 ifup.sh: don't wait linkup when set static ip explicitly
iface_has_carrier is skipped when set $dev. Fail curl fetch for root=live:<url>.
2018-07-05 09:37:01 +02:00
Daniel Molkentin 61ac90fefa 95qeth_rules: Add new module to copy qeth rules
Only pick rules for interfaces which have a carrier in the running
system. Those interfaces will be assembled by udev to allow booting
from those devices (i.e. iSCSI).

Reference: FATE#323440
2018-07-05 09:15:08 +02:00
Kairui Song 432647c278 90kernel-modules: Don't install extra modules when hostonly mode is set to strict 2018-07-05 09:14:02 +02:00
Harald Hoyer 6ccb58a5b6 iscsi: s/rd.iscsilogin.retries/rd.iscsi.login_retry_max 2018-07-05 09:02:55 +02:00
Harald Hoyer 7d0848957c iscsi: do discovery for every network change 2018-07-04 13:05:56 +02:00
Daniel Molkentin 6b7ffedf0d Fix syncheck complaints 2018-07-04 13:05:56 +02:00
Daniel Molkentin b31f3fe0d1 95iscsi: Replace iscsistart with iscsid
This allows to setup multiple paths to targets, which is
required for iscsi multipath.
2018-07-04 13:05:56 +02:00
Nicolas Porcel c1688560ad Add timeout option to crypt module 2018-07-04 09:16:50 +02:00
Sullivan (CTR), Austin e0ec6f10d4 Fixed issue #420 2018-07-02 12:42:32 +02:00
Adam Williamson ba26c59523 Include virtio DRM drivers in hostonly initramfs
The code in 50drm which tries to include all DRM drivers for
hardware attached to the system did not look for virtio devices.
So if the system is a VM using the 'virtio' graphics adapter,
the 'virtio-gpu' module which should be included is not. This
extends the code to also look for virtio devices.

https://bugzilla.redhat.com/show_bug.cgi?id=1593028

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2018-07-02 11:56:15 +02:00
Ondrej Mosnacek cec0d04112 fips: only install FIPS-compliant crypto modules
Since the kernel doesn't allow using any non-FIPS-compliant crypto
algorithms, it doesn't make sense to install them. Even if they are
installed, tcrypt will not test them anyway.

Tested on Fedora 28 x86_64 by booting with fips=1 (with hand-patched
module-setup.sh).
2018-07-02 11:42:04 +02:00
Ondrej Mosnacek f4d34357c0 fips: cleanup FIPS crypto module list
This patch cleans up the default list of kernel modules in the 01fips
dracut module. All the algorithms that are tested in tcrypt are listed
by their algorithm name so that all the generic implementations and
drivers are picked up automatically based on the module alias.

This drops several unneeded modules and even a bogus one (rot13 -- this
one was obviously copy-pasted from tcrypt.c where it was listed as an
easter egg :).

The patch adds also some algorithms that weren't included in the
original set. It turns out in FIPS mode we only need those algorithms
that are marked as FIPS-allowed in testmgr.c (failure to find a non-FIPS
algorithm is ignored). The non-FIPS algorithms are further removed in a
subsequent patch.
2018-07-02 11:42:04 +02:00
Ondrej Mosnacek eed91294f8 fips: add crypto_user module for new hmaccalc
In Fedora 28+, hmaccalc (sha512hmac) is provided by libkcapi-hmaccalc,
which needs the crypto_user module for its functionality.
2018-07-02 11:42:04 +02:00
Hui Wang a73ba9a8ef dracut: scan and install external kernel modules
since kmod-25 keyword "external" was implemented in order to avoid
additional actions(like weak-modules) when kernel was updated, which
makes it more simple while kernels' kabi were compatible.

but if move some special modules such as megaraid_sas, mpt3sas and
so on, to a external path like /opt/modules, these modules will not
be install to initramfs by default, which make the initramfs can't
be used to boot for disk detection failure.

according to kmod's document, you must specify a absolute path with
"external" keyword, so scan the lines in modules.dep that begin with
"/" and install them, to make sure necessary modules in external path
can be installed to initramfs too.

Signed-off-by: Hui Wang <john.wanghui@huawei.com>
2018-07-02 11:40:42 +02:00
Ondrej Mosnacek bca1967c90 fips: Drop obsolete dependencies
Explicitly require libkcapi-hmaccalc and stop installing NSS/prelink
dependencies that are no longer needed.
2018-06-14 13:07:07 +02:00
Daniel Molkentin d00cfc2a7b Remove obsolete prelinking functionality 2018-06-14 12:58:59 +02:00
Ondrej Mosnacek e0758c8168 fips: Drop the 02fips-aesni module
The main 01fips module should always load all optimized/driver modules
of all relevant crypto algorithms (based on their aliases), so we can
drop this useless module.
2018-06-14 12:56:51 +02:00
B. Wilson 1b72c97cc5 crypt: Implement cmdline rd.luks.partuuid
Commit bf5c53a implements support for mounting LUKS devices with
detached headers; however, it assumes that the LUKS device sits on an
unpartitioned disk.

Mirroring the `rd.luks.serial` option, this commit implements the
`rd.luks.partuuid` cmdline option, supporting headless LUKS devices on
drive partitions.
2018-06-13 10:59:28 +02:00
Ondrej Mosnacek 935dd5746a fips: add sha3_generic and sm3_generic modules
SHA-3 and SM3 have been added to the tcrypt module recently, so without
them the 'modprobe tcrypt' step causes a kernel panic.
2018-06-07 17:18:29 +02:00
Pingfan Liu 67354eebbc 40network: introduce ip=either6 option
In kdump, if dump-target is ssh on ipv6, we need to sync until ipv6 addr
is ready. Currently ip=auto6/dhcp6 provides such function. But in 1st kernel,
it is hard to know whether the ipv6 addr is got by dhcpv6 or SLAAC.
E.g ifcfg-eth* contains DHCPV6C=yes direction, but there is no dhcpv6
server in the network, and then after the system is up, the user
echo 1 > /proc/sys/net/ipv6/conf/eth0/autoconf && accept_ra by manual
to obtain a ipv6 addr. Or vice.
So this patch suggests to make dhcpv6 as auto6 fallback

Signed-off-by: Pingfan Liu <piliu@redhat.com>
2018-05-29 10:07:19 +02:00
Harald Hoyer df6bb5e959 shutdown: sleep a little, if a process was killed
If a process (maybe plymouth) was still pinning /oldroot, then shutdown
would
- kill -9 $pid
- umount_a
- umount_a
in a very short timeframe. A small sleep hopefully lets the scheduler free
up /oldroot in the mean time.
2018-05-15 13:37:53 +02:00
Harald Hoyer b2a024991f 80lvmmerge/README.md: remove executable bits 2018-05-07 10:40:32 +02:00
Daniel Molkentin c9b5165daa 10i18n: Fix possible infinite recursion 2018-05-03 15:15:16 +02:00
Hendrik Brueckner 3c8a69677b crypt: correct s390 arch to include arch-specific crypto modules
Convert the s390x into s390 to also include s390-specific crypto
modules, for example, aes_s390 into the initramfs.

Signed-off-by: Hendrik Brueckner <brueckner@linux.ibm.com>
2018-04-26 13:34:53 +02:00
Tony Asleson c4f8329cc2 Initial Stratis support
Ref. https://github.com/stratis-storage

Signed-off-by: Tony Asleson <tasleson@redhat.com>
2018-04-26 13:28:36 +02:00
tpgxyz 654484b82b fix zstd magic header 2018-04-19 06:31:23 +02:00
Marcos Mello ccaf52901f fs-lib: install crc32 in no-hostonly
It is needed by f2fs.
2018-04-17 12:02:00 +02:00
Marcos Mello 384eeedd2d fs-lib: install crc32c for ext4
EXT4 filesystems created with metadata_csum (enabled by default in mke2fs 1.44+) or ea_inode need crc32c.

https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=d0b9e0a6aa7d6805338a43b4e372623352d8df09
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/tree/fs/ext4/super.c?h=v4.15.15#n3491
2018-04-09 08:19:51 +02:00
Marcos Mello 65cfabf7a6 fs-lib: remove redundancy 2018-04-09 08:19:51 +02:00
Enno Boland 2b5192c18d make failing installation of drm modules nonfatal 2018-04-01 16:02:24 +02:00
Alexander Tsoy fe6c7e0f06 plymouth: fix detection of plymouth directory
Some distros have both /usr/lib/plymouth and /usr/libexec/plymouth
directorirs, so we should check the existance of plymouth-populate-initrd
script.

Fixes: 421b46f8ae
2018-03-23 11:31:43 +01:00
Daniel Molkentin d23f32dd4b 90kernel-modules: Include Intel Volume Management Device support
Reference: bsc#1079924
2018-03-16 15:37:25 +01:00
Harald Hoyer f8e0c7cc62 kernel-modules: add mmc/core for arm 2018-03-05 09:56:25 +01:00
Lukas Nykryn 3aa37cafde all: fix issues found by shellcheck
Error: SHELLCHECK_WARNING:
/usr/lib/dracut/dracut-init.sh:939:20: error: Argument to implicit -n is always true due to literal strings. [SC2157]
  937|   dracut_kernel_post() {
  938|       for _f in modules.builtin.bin modules.builtin modules.order; do
  939|->         [[ $srcmods/$_f ]] && inst_simple "$srcmods/$_f" "/lib/modules/$kernel/$_f"
  940|       done
  941|

Error: SHELLCHECK_WARNING:
/usr/lib/dracut/modules.d/98syslog/parse-syslog-opts.sh:18:12: error: This expression is constant. Did you forget a $ somewhere? [SC2078]
   16|       elif [ -e /sbin/syslogd ]; then
   17|           syslogtype="syslogd"
   18|->     elif [ /sbin/syslog-ng ]; then
   19|           syslogtype="syslog-ng"
   20|       else

Error: SHELLCHECK_WARNING:
/usr/lib/dracut/modules.d/90crypt/crypt-lib.sh:15:29: error: Since you double quoted this, it will not word split, and the loop will only run once. [SC2066]
   13|               strstr "$d" "${luks##luks-}" && return 0
   14|               if [ -n "$dev" ]; then
   15|->                 for _dev in "$(devnames $d)"; do
   16|                       [ "$dev" -ef "$_dev" ] && return 0
   17|                   done
2018-03-02 13:41:43 +01:00
Daniel Molkentin 48723f28aa 90kernel-modules: Ensure PCI host modules are included
The includes modules like the Intel Volume Management Device driver,
which is required to boot from disk on some systems.

Reference: boo#1079924
2018-03-01 12:51:49 +01:00
Harald Hoyer 1779aee72c dm:dm-shutdown.sh: silence all disassembly until the last try 2018-02-19 09:05:01 +01:00
Ignaz Forster 94f61235d7 Avoid executing emergency hooks twice 2018-02-08 16:30:05 +01:00
Alexander Tsoy 643be55570 crypt: actually put block_uuid.map into initramfs
Also change path to /etc/block_uuid.map.

Fixes: c3b6970394
2018-02-02 11:40:29 +01:00
Pawel Wieczorkiewicz f0094476fd 40network: Fix race condition when wait for networks
If no network related params are specific, but rd.neednet=1 is set,
the default initqueue action is to wait until one of the network
interfaces is marked as setup properly.

This also help with initqueue's race condition when the network interface
shows up late

References: bnc#866771

Signed-off-by: Hannes Reinecke <hare@suse.de>
2018-01-30 10:18:37 +01:00
Daniel Molkentin ed2cc8c9b9 90plymouth: logo file is optional and may not exist 2018-01-30 10:14:22 +01:00
Daniel Molkentin 421b46f8ae 50plymouth: improve distro compatibility
The existence of dpkg-achitecture is not indicative of a debian
installation. It may well be installed on systems of people who
package for both distros. The previous code path did not take
that into account.

We now traverse all known plymouth directories, locking on the first
valid one, and try to work with it.

At the same time, we do not include the module if the plymouth directory
could not be found.
2018-01-30 10:14:22 +01:00
Matthew Thode c88c3215e8 support kernels with built-in modules
Don't fail if modprobe fails to load a module, the kernel could have it
statically compiled in.

Signed-off-by: Matthew Thode <mthode@mthode.org>
2018-01-30 09:19:16 +01:00
Matthias Gerstner f48fb6f4ce 98integrity: support X.509-only EVM configuration
Previously if no symmetric key was configured for EVM, then the
initialization process was aborted. It can be a valid use case, however,
to only use EVM digital signatures. In this case only X.509 certificates
need to be loaded.

With this change EVM initialization will continue if any of the
symmetric or X.509 keys could be loaded.
2018-01-25 12:15:36 +01:00
Matthias Gerstner cb02ff635c 98integrity: support loading x509 into the trusted/builtin .evm keyring
This implements logic analogous to the one already implemented in
ima-keys-load.sh, only for the .evm/_evm keyrings.

If the kernel was built with CONFIG_IMA_TRUSTED_KEYRING then the kernel
initially creates and configures .ima and .evm keyrings. These keyrings
only accept x509 certificates that have been signed by a local CA which
belongs to the kernel builtin trusted keyring.

Thus if such a keyring is already present then additional evm keys
should be loaded into them. If this is not the case then the _evm
keyring needs to be created in userspace and keys will be loaded into
it instead.

Before this change dracut always created the _evm keyring and loaded
keys into it without considering an existing .evm keyring. In case of
CONFIG_IMA_TRUSTED_KEYRING being enabled, the _evm keyring will not be
used by the kernel, however, and EVM digital signatures will not work as
expected.
2018-01-25 12:15:36 +01:00
Matthias Gerstner a1c1be4f3e 98integrity: fix inconsistent whitespace 2018-01-25 12:15:36 +01:00
Harald Hoyer dfbd8f74fd
Merge pull request #317 from dracut-mailing-devs/20171212142718.11451-1-carlo@caione.org
drm: Look for DRM drivers in the staging directory
2018-01-18 10:24:41 +01:00
Hannes Reinecke 9d651355a1 Use udev rules to create dmraid /dev/mapper/ devices
https://bugzilla.opensuse.org/show_bug.cgi?id=905746
2018-01-17 17:51:42 +01:00
Hannes Reinecke d842d5cf9e 90multipath: load dm_multipath module during startup
As the 'multipath' program will be triggered directly from
udev events it will be called before the multipath service
unit has started up. Which means we cannot rely on the
service unit to load the module for us, but we rather
have to do it early before udev is started.

References: bsc#986734

Signed-off-by: Hannes Reinecke <hare@suse.com>
2018-01-16 16:30:53 +01:00
Hannes Reinecke 637fb76291 0056-81cio_ignore-handle-cio_ignore-commandline
81cio_ignore: handle cio_ignore commandline

References: bnc#874902

Incorporates following on-top patches/fixes:
----------------------------
Subject: 81cio_ignore: skip module if cio_ignore is not active

When cio_ignore is not active we should skip the entire module
during boot; otherwise it'll lead to adverse effects.

References: bnc#882685
----------------------------
Subject: 81cio_ignore: rewrite module

Rewrite cio_ignore module to rely on the dracut commandline
parameter 'rd.cio_accept', which takes a comma-separated list
of CCW IDs. Each of those IDs are being removed from the
list of devices from cio_ignore.

The default values for rd.cio_accept are taken from
/boot/zipl/active_devices.txt.

References: bnc#882685
-----------------------------
Subject: More empty cmdline fixes

This fixes up some more modules which might print out empty
commandline files.
-----------------------------
Subject: Mark scripts as executable

All scripts need to be marked as executable, otherwise dracut
won't be running them.

References: bnc#887010

Signed-off-by: Thomas Renninger <trenn@suse.de>
2018-01-12 15:35:24 +01:00
Harald Hoyer 8b4b7dc5b2 iscsi: remove last iscsid code snippet 2018-01-12 13:45:20 +01:00
Harald Hoyer 28a68f1f3c iSCSI: no more iscsid
According to Cathy Zhou <Cathy.Zhou@Oracle.COM>:

"iscsistart is not designed to be working together with iscsid. When an
interface gets the dhcp offer successfully, the iscsiroot script is run
which starts the iscsistart service to establish the iSCSI session. With
the existence of iscsid, the iscsistart service's attempt to setup its
own mgmt ipc fails. Instead, the request to login to the iscsi target
is handled by the mgmt ipc of iscsid. After iscsistart finishes its
login attempt, it eventually sends a stop_event_loop request to stop
the mgmt process. As the result, it terminates iscsid."

So, iscsid is kicked out again.

Additionally iscsistart-flocked is used to make sure iscsistart is not
run in parallel.
2018-01-12 10:38:20 +01:00
Harald Hoyer 8e7d0856d0
Merge pull request #351 from danimo/91zipl
Add 91zipl, which adds support for indirect booting on s390.
2018-01-12 09:34:08 +01:00
Harald Hoyer 6ccb77e19a dracut-systemd/dracut-pre-udev.service: also run for /etc/cmdline
Fixes #117
2018-01-12 09:32:45 +01:00
Harald Hoyer 47f83419a7
Merge pull request #353 from lnykryn/ntfs_3
90dmsquash-live: we don't have find_binary inside initramdisk
2018-01-11 15:33:45 +01:00
Lukas Nykryn c42c387cca 90dmsquash-live: we don't have find_binary inside initramdisk 2018-01-11 13:31:43 +01:00
Harald Hoyer b8b341a07f
Merge pull request #352 from lnykryn/ntfs
90dmsquash-live-ntfs: fix depends()
2018-01-11 13:18:14 +01:00
Lukas Nykryn f3e09bf1cb 90dmsquash-live-ntfs: fix depends()
Dependencies should not include module number.
2018-01-11 13:16:17 +01:00
Harald Hoyer 3a6a8d5c83
Merge pull request #346 from danimo/95dcssblk
95dcssblk: Add new module for DCSS block devices
2018-01-11 12:34:40 +01:00
Harald Hoyer 0f6d93eb9d crypt: escape backslashes for systemd unit names b/c udev/initqueue/bash
otherwise
luks\x2d25e41d19\x2d1580\x2d4e7c\x2d8875\x2d134045008f33
turns to
luksx2d25e41d19x2d1580x2d4e7cx2d8875x2d134045008f33
2018-01-11 11:42:22 +01:00
Thomas Blume 8bae047a4e 91zipl: Update active_devices.txt from /boot/zipl device
References: bsc#939101

Signed-off-by: Thomas Blume <thomas.blume@suse.com>
2018-01-11 11:12:39 +01:00
Hannes Reinecke d118e9d940 91zipl: Install script as executable
initqueue will only work with executable scripts, so we need to
mark it as such.

Signed-off-by: Hannes Reinecke <hare@suse.de>
2018-01-11 11:12:39 +01:00
Hannes Reinecke 403f2c3e1d 91zipl: Translate 'ext2/3' into ext4
91zipl tries to read the filesystem for the /boot/zipl device.
On SLE12, however, the ext2 and ext3 filesystems are handled
by the ext4 module.
And due to bug#886839 no error is registered and booting fails.
So implement a band-aid to translate it into ext4.

Signed-off-by: Hannes Reinecke <hare@suse.de>
2018-01-11 11:12:39 +01:00
Hannes Reinecke 73f89bbadb 91zipl: Store commandline correctly
The 'rd.zipl' command was only printed and never stored in the
initramfs itself.

Signed-off-by: Hannes Reinecke <hare@suse.de>
2018-01-11 11:12:39 +01:00
Hannes Reinecke ea7ffef13e 91zipl: Add new module to update s390x configuration
Add new module to update the dracut commandline values
during booting with the values found in the file
dracut-cmdline.conf on the device specified by
rd.zipl.

Signed-off-by: Hannes Reinecke <hare@suse.de>

Contrary to the original patch, this one has been modified
to check for /boot/zipl, the location of the first stage kernel
in indirect boot, in order not to install on systems
booting directly via zipl.

Signed-off-by: Daniel Molkentin <daniel.molkentin@suse.com>
2018-01-11 11:12:39 +01:00
Thomas Renninger d43cccf588 95dcssblk: Add new module for DCSS block devices
Add s390 dcssblk driver and introduce rd.dcssblk= to pass mounts
that should get activated at initrd stage.

References: FATE#308263

Signed-off-by: Hannes Reinecke <hare@suse.de>
2018-01-10 13:18:24 +01:00
Harald Hoyer ba2cfcab1e
Merge pull request #338 from danimo/fshelp
dracut-emergency: optionally print fs help
2018-01-08 15:05:28 +01:00
Mark Fasheh 1f8a7ae799 dracut-emergency: optionally print fs help
Allow filesystem modules to install a fs-specific text file with
instructions on what to do when mount fails. This is printed when we go into
an emergency shell.

Signed-off-by: Mark Fasheh <mfasheh@suse.de>
2018-01-08 14:14:05 +01:00
Harald Hoyer d300160e70 Revert "mdraid: call mdadm with "--wait-clean" instead of "-W""
This reverts commit bc4ce61efc.

Read wrong man page section. Got confused by
https://github.com/dracutdevs/dracut/issues/342
2018-01-05 11:02:12 +01:00