When a forced shutdown is issued through sending a burst of Ctrl-Alt-Del
keys, systemd sends SIGTERM to all processes. This ends up killing
dracut-initramfs-restore as well, preventing the script from detecting
that the unpack of the initramfs is incomplete, which later causes a
crash to happen when "shutdown" tries to execute from the unpacked
initramfs.
This fix makes sure dracut-initramfs-restore remains alive to detect
the unpack failed (because cpio was killed by systemd too).
Refs:
* https://bugzilla.redhat.com/show_bug.cgi?id=2023665
There appears to be an issue with newer QEMU versions (spotted with Arch
Linux and C9S containers) which causes the respective GH Action to hang
when booting a QEMU VM in combination with the `-cpu max` parameter.
During (a particularly painful) debugging session I once managed to get
some output from such "frozen" machine (using `earlycon` and
`earlyprintk` kernel cmdline options), and in that particular case the
VM died with a trap caused by an invalid opcode.
I couldn't reproduce this locally, only in GH Actions environment with
Arch Linux and C9S containers. Also, so far I haven't found out which
specific CPUID flag causes this, but using the `IvyBridge-v2` feature
set seems to mitigate the issue.
Like the dwc/chipidea controllers the isp1760 can act in either
host or gadget mode so it ends up in it's own directory. Add this
driver into the initrd as it's part of some arm platforms and
is needed to be able to boot off USB storage.
Fixes issue #1619
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
The network-manager module also writes logs to the console, so that it's easier
to debug network-related boot issues. If systemd can't open the console, the
service fails and network doesn't get configured.
Add a check to disable tty output when the console is not present or not
usable.
https://github.com/coreos/fedora-coreos-tracker/issues/943
When systemd is compiled with ASAN library to troubleshoot memory issues
within systemd code, the libasan library expects to have /proc be
available as soon as systemd starts, which isn't the case currently,
causing an assertion to fail, systemd to crash and kernel to panic:
==1==AddressSanitizer CHECK failed: ../../../../libsanitizer/sanitizer_common/sanitizer_procmaps_common.cc:75 "((data_.proc_self_maps.len)) > ((0))" (0x0, 0x0)
<empty stack>
X.XXXXXXX Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100
[...]
We need to pull in Type-C USB drivers as they can provide a number of
differnet bits of functionality in early boot including input, display
(altmode DP) and storage so we need to have them available to ensure
functionality attached to those buses/interfaces are available in early
boot.
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
This removes the 'ExecStop=' field from `multipathd.service`.
Sometimes CI runs do encounter a failure related to this
service in initrd, which seems to be stemming from a socket
I/O race between the client and the server on shutdown.
It looks like the client (`multipathd shutdown`) can lose the race,
hit an I/O error, and cause the whole unit to fail (even if the server
managed to shutdown properly already).
Notably, the upstream unit does not have such stop command
as the daemon can already perform a graceful exit through
its signal handler.
As such, this commit partially re-aligns the two units,
trying to sidestep any of the existing races.
Refs:
* https://github.com/coreos/fedora-coreos-tracker/issues/803
* https://github.com/opensvc/multipath-tools/blob/0.8.7/multipathd/multipathd.service
Fix how ifname for a given local_address is found.
Fix logic to detect presence of ifname and route.
Signed-off-by: Charles Rose <charles.rose@dell.com>
Currently $_dev is always overridden with the value returned by
label_uuid_to_dev(). This results in an empty value if $_dev is a
device path. Fix this by calling label_uuid_to_dev() conditionally.
Bug: https://bugs.gentoo.org/807971
Fixes: d3532978de
On hostonly mode, the platform driver is not copied blindless. There
should be a way to detect the real hardware driver, which probes a block
device.
/sys/dev/block/major:minor is a symbol link, which points to the real
device, recording the hardware stack. And those info can help to
identify the associated drivers for the hardware stack.
Signed-off-by: Pingfan Liu <piliu@redhat.com>
---
v2 -> v3:
address shellcheck in dracut-functions.sh
v1 -> v2:
remove local variable _extra_mod
shorten subject
There are some workarounds in dracut.sh for FIPS/libpthread covering
some hidden lib dependency issues. These workarounds didn't take effect
for the squash loader since the squash loader is installed
independently. So apply these workarounds again.
Also skip the lib detection code, since these extra installed libs
are small, and squash loader contents are dropped after switch root,
won't be an issue to be always installed. And this makes the code
cleaner.
Signed-off-by: Kairui Song <kasong@redhat.com>
When NetworkManager is running as systemd service, it's not enough to write
connection files; the module should also tell NetworkManager to reload the
connections from disk so that any new connection can be auto-activated.
https://bugzilla.redhat.com/show_bug.cgi?id=1975929
Sice commit 22d6863ef1 ("fix(network-manager): cope with distributions not
using `libexec`") nm-initrd-generator can be installed in either /usr/libexec
or /usr/lib. Change other modules to check for the binary in both locations.
NetworkManager leaves state files behind in "/run/NetworkManager/devices".
These files are in keyfile format (glib's GKeyFile API [1]).
From the statefile, the dracut module writes a .dhcpopts file. And other users
want to parse that file, for example anaconda ([2]). To be fair,
anaconda seems to parse a different file, so I am a bit confused who
uses this file how. In any case, it seems somebody might be tempted to
execute this as a script.
We need to write the .dhcpopts file in a format that is defined and easy
to handle from a shell script. As already previously, this format is
a bash script that sets certain variables. That means, to load the file,
the user could execute it as bash script. But this is dangerous, as the
file contains potentially untrusted data from the network.
Optimally, users still don't trust the .dhcpopts file to be safe for
executing! It would be better if users too try to parse the file
instead of executing it. That is not trivial however because in face
of special characters, as we use bash's `printf '%q'` to escape the values
and parsing bash escaping is not trivial.
Anyway, make sure we properly quote and handle the content so that also
executing is safe. In the best case, there are no special characters
that require escaping, and naive parsing can be done with `sed`.
Otherwise, executing is now also supposed to be safe.
In this case we parse DHCP options from the state file. They are themselves
backslash escaped UTF-8 strings (C escape sequences), which then are stored
via keyfile API. The properly parse them, we would first need to load the file
with GKeyFile (which undoes one level of backslash escaping) and then
use g_str_compress() (to undo the second level). We mimic that with
shell.
[1] b3411d6780/dracut/fetch-kickstart-net.sh (L30)
[2] https://developer.gnome.org/glib/stable/glib-Key-value-file-parser.html
Signed-off-by: Thomas Haller <thaller@redhat.com>
Add support for loading EVM x509 certs from a directory that the user can
specify with the EVMKEYSDIR variable in the evm config file. By default
the additional certs are loaded from /etc/keys/evm.
Support for multiple EVM keys allows the usage in a system of files with
signed metadata from multiple parties.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com>
We want word splitting to occur so that the arguments are passed
separately, and we don't end up passing an empty string if no arguments
are specified.
Bug: https://bugs.gentoo.org/803548
Fixes: 2fabaaa62d
This tailing '/' will result in following error:
dracut-install: ERROR: installing '/etc/ld.so.conf.d/'
dracut: FAILED: /usr/lib/dracut/dracut-install -D /var/tmp/dracut.kEFQLs/initramfs -d /etc/ld.so.conf.d/
Signed-off-by: Kairui Song <kasong@redhat.com>
Since version 1.32, NetworkManager launches a tiny external helper to determine
the hostname via reverse DNS resolution through glibc's nss-dns. Include the
binary.
systemd-vconsole-setup.service may fail if the user specifies a missing keymap,
see [1,2,3], or font. This is unfortunate, but the system should not refuse
boot. It is better to continue, possible without the desired font or keymap.
All other systemd services that depend on systemd-vconsole-setup.service do so
without a hard Requires=.
(In particular, systemd-vconsole-setup internally will try to do as much setup
as possible, and will load the font even if it cannot load the keymap and vice
versa.)
[1] https://fedoraproject.org/wiki/Common_F34_bugs#kbd-legacy-media
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1955162
[3] https://bugzilla.redhat.com/show_bug.cgi?id=1955793
Thomas Blume