set link up usually include two steps, ip link set <dev> up and
wait_for_if_up <dev>. Now do these two steps in one function linkup.
Later patch will add other code into it.
Signed-off-by: Dave Young <dyoung@redhat.com>
V2: merge patch 2/2
fix active-backup mode by adding slaves one by one
sync with the latest teamd
improve the comments
wait for team ports to come up
install /etc/libnl/classid too
This patch adds the initial support for team device [1].
A new cmdline team= is introduced for it.
Note, currently we don't support stacked devices
on/under team, it is tricky and can be added on request.
1. http://www.libteam.org/
Cc: Harald Hoyer <harald@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Cc: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: Cong Wang <amwang@redhat.com>
Starting with commit 24a38bc1cb dracut
uses udev builtins but still depends on >=udev-166 in dracut.spec. This
patch makes dracut work with older udev again.
All credits go to Alexander Tsoy <alexander@tsoy.me>; see
https://bugs.gentoo.org/show_bug.cgi?id=437700
This bug was reported as http://bugzilla.redhat.com/873220#c2
As the /etc/modprobe.d isn't created in the boot process
nor bundled within the initramfs, the initramfsblacklist.conf
cannot be created.
Instead, the /usr/lib/modprobe.d directory is available and using it
will restore the blacklist behavior.
Kdump module will need the drm and kms kernel modules so user can see the
emergency shell at least.
Fix this by split 50plymouth module to 50drm and 50plymouth. Moving the
installkernel part to 50drm so user can use drm directly without adding
extra plymouth utils.
Signed-off-by: Dave Young <dyoung@redhat.com>
Tested-by: Chao Wang <chaowang@redhat.com>
1) strstr " $discarduuids " did not remove the optional
'luks-' prefix from the argument as the documentation says.
2) The lookup seems backwards. $luksdev ($luks in the other code copy)
is the full uuid and thus one should check whether the user-supplied
argument (short form) is contained therein, not the other way around.
Before this commit, the only way to trigger allow-discards was to
specify the full uuid without the 'luks-' prefix.
Commit a0be1ed removes some lines from do_static() and do_ipv6auto().
When $hostname is empty, do_static() and do_ipv6auto() will return 1
and fails to run setup_net at the last of ifup.sh
Signed-off-by: WANG Chao <chaowang@redhat.com>
If the user defines FONT in /etc/vconsole.conf as the same font
defined in DEFAULT_FONT, when creating her initd she will get a
message similar to this one:
gzip: /var/tmp/initramfs.wzl9Qt/usr/share/consolefonts/LatArCyrHeb-16.psfu
already exists; do you wish to overwrite (y or n)?
Signed-off-by: Canek Peláez <canek@ciencias.unam.mx>
cttyhack was removed and ctty is supported by default, so no need to
check it in ssh-client module any more.
Signed-off-by: Dave Young <dyoung@redhat.com>
No automatic assembly is done anymore by default. You will have to
specify exactly what devices to assemble
("rd.md.uuid=" "rd.luks.uuid" ...)
or use "rd.auto=1" or "rd.auto" on the kernel command line.
For big servers with thousands of disks we don't want to assemble
everything by default (error prone, slow).
"inst busybox" no longer seems to work when busybox is at
/sbin/busybox. Reproduced on Fedora 18 (dracut-023-39.git20120910).
Use type -P to find the full path to busybox to solve this problem.
ismounted handles both find-by-dev and find-by-mnt, but there's two issues:
1. for find-by-dev, it use readlink to get the canonical dev name, but
lvm is different with other devices, the canonical name for lvm devices
are symlinks like /dev/mapper/vg-lv00
2. for nfs mounting, just use [ -b $dev ] is not enough, it need being handled
seperately.
Per Karel Zak's suggestion, findmnt util is suitable for this purpose, it
handles these cases well, so just use findmnt instead of implement all the
logic by ourselves. Thanks, Karel.
Signed-off-by: Dave Young <dyoung@redhat.com>
kdump module also need to convert dev name to udev symlinks.
So better to move function get_persistent_dev() to dracut-functions.sh
Also in this patch improvement and fix the original function:
a) use udevadm info --query=name to get the kernel name.
This will fix the issue caused by passing symbolic link of a device.
b) fix a bug to compare $_tmp instead of $i with $_dev. Really sorry,
should have tested more carefully.
Signed-off-by: Dave Young <dyoung@redhat.com>
/run will get mounted at $NEWROOT/run after switch_root, but it's not
there yet. bind-mount it in place so updates for /run actually land in
/run.
(also: remove a redundant check for existing directories. mkdir -p
doesn't do anything if the directory already exists.)
When emergency_shell() happens, it does 'setsid --help' to figure out if
the setsid binary supports the '-c' flag (to set the controlling tty).
This output shows up in the logs (and on-screen if you're using
rd.debug), which keeps confusing people looking for other problems.
Using "case" instead of "strstr" lets us avoid this.
It looks like ip=ibft has been busted since
25aa3c5 network: refactor stuff from netroot/parse-ip-opts to net-lib
which moved ibft parsing code out to the ibft_to_cmdline function.
The use of ifname_mac was partially replaced by a local mac, but not
completely, causing ibft_to_cmdline to abort without generating network
configuration options.
Signed-off-by: Chris Leech <cleech@redhat.com>
Name based connects fail because of the quotes around the $nbdport.
For name based connects, the -N option also gets included. For
instance nbd-client 192.168.0.1 '-N ltsp' /dev/nbd0.
I believe the quotes are not necessary for actual port numbers.
Currently anaconda provides rd.md=0 on kernel's command line as a boot
time optimization if root is not on md device. But this leads to kdump
failure. We copy the command line from first kernel and if dump target
is on md device, it fails as we never try to assemble md devices as
rd.md=0.
We have already set rd.md.uuid though in /etc/cmdlind.d/ dir providing
dracut the info about what md devices to assemble. So this patch overrides
rd.md settings if rd.md.uuid is provided.
This is a stop gap measure to get kdump working on software raid
devices. Harald seems to have bigger cleanup plans for rd.md. Once
that happens, this patch will not be needed and things should
automatically be fixed.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
splitsep() would drop escapes from its inputs. For example:
splitsep ':' 'first:middle:\e\s\c\a\p\e\d' a b c
gave a='first', b='middle', c='escaped'. Even worse:
splitsep ':' '\e\s\c\a\p\e\d:middle:last' a b c
gave a='escaped', b='escaped', c='escaped:middle:last'.
This fixes the quoting so both calls return the values you'd expect
(e.g. 'first', 'middle', '\e\s\c\a\p\e\d').
To properly perform verification in FIPS mode,
we need to install fipscheck and libssl explicitly.
(cryptsetup seems to be the first user of this verification in ramdisk...)
Signed-off-by: Milan Broz <mbroz@redhat.com>
For lvm, multipath, iscsi modules they do not care about the filesystem,
Also there could be devcie in host_devs but it does not get formated.
For these kind of modules, use for_each_host_dev_and_slaves will be better than use
for_each_host_dev_fs, here add a new function to iterate the host_devs and
their slave devices.
In original for_each_host_dev_fs, it will call check_block_and_slaves which
will return once helper function return 0, but this is not enough for kdump
iscsi setup. For kdump iscsi case, it need setup each slave devices so that
the iscsi target can be properly setuped in initramfs.
Thus, this patch also add new functions check_block_and_slaves_all and
for_each_host_dev_and_slaves_all.
Signed-off-by: Dave Young <dyoung@redhat.com>
Tested-by: WANG Chao <chaowang@redhat.com>
each dev in host_devs[] should be waited in initqueue to make sure they
are oneline before initqueue finish.
Add a new wait_host_devs.sh in base module to make this a generic thing.
Because all the devs in fstab lines are also added to host_devs, so no need
do same wait in fstab-sys module anymore.
[v2->v3]: do not add slave devices to host_devs
wait for persistent dev name in initramfs
Signed-off-by: Dave Young <dyoung@redhat.com>
If users had switched to systemd-183+ but have not completed
the usrmove, then the variable ${systemdutildir} will likely
refer to /usr/lib/systemd NOT /lib/systemd and thus the
systemd-udevd daemon may not be found.
So let's try a little harder and add another hard coded path
and if we don't find it, then bail out hard.
otherwise sha512hmac will error out with:
sha512hmac -c /sysroot/boot/.vmlinuz-2.6.32-220.el6.x86_64.hmac
Error opening "/boot/vmlinuz-2.6.32-220.el6.x86_64": No such file or directory.
Kdump dracut hooks need to enter emergency shell, currently it directly call
"sh -i -l", with recent dracut this does not work anymore without proper ctty.
It will be convinient to seperate a standalone function _emergency_shell for
dracut modules to call.
Due to bug in module-setup.sh in the i18n module includes from the main
keymap are not working and not added to the initrd image.
Only one quotation per line is removed. Needs to remove all.
find_mount is really the same thing as ismounted with two additions:
1) uses "readlink" so "ismounted /dev/disk/by-label/LABEL" works
2) returns the mountpoint of the device
And ismounted is now just "find_mount $dev >/dev/null".
xfs and reiserfs (among other) supports storing journal data to a
separate device. Unfortunately, XFS requires this information to boot
properly (reiserfs can embed the information in its metadata but you
might want to override it).
Frederic Crozat <fcrozat@suse.com>
xfs and reiserfs (among other) supports storing journal data to a
separate device. Unfortunately, XFS requires this information to boot
properly (reiserfs can embed the information in its metadata but you
might want to override it).
Attached patch ensure host information are stored in initramfs and also
allows to give data over kernel commandline.
--
Frederic Crozat <fcrozat@suse.com>
SUSE
>From a7c592b9bb7de0d7874ae51d02944a7eee2ec75b Mon Sep 17 00:00:00 2001
From: Frederic Crozat <fcrozat@suse.com>
Date: Tue, 24 Jul 2012 18:52:17 +0200
Subject: [PATCH] Add support for separate journal on reiserfs and xfs
rflags is no longer guaranteed to be non empty. / is mounted according
to rootflags parameter but forced ro at first. Later it is remounted
according to /etc/fstab + rootflags parameter and "ro"/"rw". If
parameters are still the same as for first mount, / isn't remounted.
Conflicts:
modules.d/95rootfs-block/mount-root.sh
modules.d/99base/parse-root-opts.sh
A multipath partition's uuid will be presented like:
# cat /sys/dev/block/$_dev/dm/uuid
part1-mpath-360060e801047103004f2c4b300000008
So in this case, change the match regexp from '^mpath-' to 'mpath-'.
Signed-off-by: Chao Wang <chaowang@redhat.com>
Combining $keydev and $keypath should result in a unique, re-usable keydev
mountpoint. mkuniqdir doesn't seem to have any an advantage here and lacks
reusability. Is there ever a use case where these are true:
* there are more than one rd.luks.key=$keypath:$keydev
* one is actually different from the other
If dracut is build only with fips/fips-aesni (no crypto module),
FIPS mode fails because of missing GCM modules.
Just add proper modules to list (kernel have both maker as FIPS compliant already).
Signed-off-by: Milan Broz <mbroz@redhat.com>
install nfs modprobe config file
For nfs4, in case nfs.ko is not loaded mount.nfs4 will try to load
nfs4.ko instead of nfs.ko. Fedora nfs-utils creates a lib/modprobe.d/nfs.conf
in which there's below alias:
alias nfs4 nfs
Dracut also need this file to auto load nfs kernel module.
Tested booting to a fedora 17 nfsroot share.
Signed-off-by: Dave Young <dyoung@redhat.com>
All custom units, which should appear in the system later on should be
installed in /etc/systemd. They should have a guard like:
ConditionPathExists=/etc/initrd-release
So, we can later query via systemctl:
$ systemctl status dracut-initqueue.service
dracut-initqueue.service - Dracut initqueue hook
Loaded: loaded (/run/systemd/system/dracut-initqueue.service; enabled-runtime)
Active: inactive (dead) since Tue, 10 Jul 2012 16:01:22 +0200; 1min 37s ago
start condition failed at Tue, 10 Jul 2012 16:01:23 +0200; 1min 36s ago
Main PID: 173 (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/dracut-initqueue.service
Jul 10 16:01:22 lenovo dracut-initqueue[173]: Checking, if btrfs device complete
Jul 10 16:01:22 lenovo dracut-initqueue[173]: Remounting /dev/disk/by-uuid/ade13292-d23f-45be-b732-fa9a391a56b0 with -o compress=lzo,ssd,rw
Jul 10 16:01:22 lenovo dracut-initqueue[173]: Mounted root filesystem /dev/sda3
The latest plymouth no longer relies on dracut to provide functions
needed to install binaries/libs so the check for a variable name
no longer works and the old, built-in script is used instead thus
breaking the new drm and framebuffer plymouth module installation.
dhclient initqueue hook fix
setup_net is scheduled in initqueue, sometimes it does not get chance to run
So the default route will not be set properly
Add a check in initqueue/finished to resolve this issue.
Signed-off-by: Dave Young <dyoung@redhat.com>
02caps: do not create /bin/sh link
caps.sh use !/bin/bash explictly, so no need to ln -sf bash /bin/sh
OTOH, 00dash will create the symlink /bin/sh, 99base will create it if
there's no /bin/sh symlink. It looks bad to creat /bin/sh in other modules.
If a script want to use bash as command interpreter it should use !/bin/bash
or !/bin/sh in case dash is not installed.
Signed-off-by: Dave Young <dyoung@redhat.com>
We do not support renaming in the kernel namespace anymore (as udev does
that not anymore). So, if a user wants to use ifname, he has to rename
to a custom namespace. "eth[0-9]+" is not allowed anymore.
The patch, acfab373 - Handle upper case MAC addresses in ifname
option,takes care of only the MAC conversion to lower case in the
interface name. But the same has to be taken care for BOOTIF also.
This patch takes care of changing the BOOTIF to lower case.
Note that sed has been used in the patch instead of tr, as it is not
compulsion to install tr by dracut in the initramfs and may not be
available always.
Signed-off-by: Srinivasa T N (seenutn@linux.vnet.ibm.com)
>From 2ec9c91adbf808dbad9bdd2057d9df55a62b711f Mon Sep 17 00:00:00 2001
From: Srinivasa T N <seenutn@linux.vnet.ibm.com>
Date: Wed, 27 Jun 2012 11:20:13 +0530
Subject: [PATCH] Fixed BOOTIF for converting mac addr to lowercase
This patch adds support of vlan tagged bonding, for example,
bond0.2. In case of regression, I also tested bond0 and eth0.2,
all work fine.
Cc: Harald Hoyer <harald@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
"brd +" is not valid for ipv6. This causes the 'ip addr add' command to
fail with the message "Broadcast can be set only for IPv4 addresses".
So: don't use "brd +" for ipv6.
Don't try to be smarter than the admin configuring the machine.
Does also conflict with other methods trying to setup the interfaces,
like cmsifup.sh from the cms module.
A bridge device with only one underlying ethernet device is almost
useless, for sure we want to support a bridge with multiple
underlying devices.
This patch adds the support by extending <ethname> in the original
bridge= cmdline to a comma-separated list of ethernet interfaces.
Cc: Harald Hoyer <harald@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Depending on how the dasd_mod module was loaded, our device could have
already been marked as online or offline. We need to make the sysecho
sensitive to this and not fail if the attribute we're trying to set has
already been set.
Anaconda used arguments of the form:
ip=<ip> gateway=<gw> netmask=<nm>
for static IP configuration. So if we get a value for "ip" that's an IP
address, look for gateway= and netmask= and related args to fill in the
ip config vars.
wait_for_loginit ends the log; this is unhelpful if you're using
emergency_shell to do debugging.
Just leave loginit running. It doesn't hurt anything.
copytree() recursively copies the contents of SRC into DEST.
If DEST doesn't exist it is created; if it exists the contents of SRC
get merged into it (duplicate files are overwritten).
rd.neednet could be removed, as we can check /tmp/net.ifaces.
After this patch, kdump can bring up the NIC without
rd.neednet.
Cc: Harald Hoyer <harald@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
ifenslave is an old tool, and could be dropped,
we can use the /sys interface.
Cc: Harald Hoyer <harald@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Relax the rules for kdump, we don't specify netroot in kdump.
Cc: Harald Hoyer <harald@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
This patch adds basic vlan support in network module.
The cmdline syntax for vlan is:
vlan=<vlanname>:<phydevice>
for an example:
vlan=eth0.2:eth0
or
vlan=vlan2:eth0
See also patch 2/8.
Cc: Harald Hoyer <harald@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
In some cases (at least in mine) mount(8) is in /usr/bin/mount and
not in /bin/mount as dmsquash-live-root.sh expects. PATH is set to
/usr/bin:/usr/sbin:/sbin:/bin in that script anyway.
The legacy argument is DASD=, and the new arguments should be the same
as the arguments for populating dasd.conf. If multiple arguments are
passed we can stack them by inserting a ',' between them.
This is obviously wrong, ifenslave instead of brctl is needed for bonding.
Cc: Harald Hoyer <harald@redhat.com>
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
dracut allows passing --mount option which mounts the specified devices.
But it does not wait for these devices to show up and mounting will fail
if devices do not show up by the time "mount" was called.
I am writing some patches to support kdump on iscsi target and I noticed
that one of the initqueue script was not called as we found the root
device and broke out of main loop.
There are two possible enancements to this patch.
- Introduce a time limited wait (rd.timeout something along the lines of
rd.retry). That will allow kdump to try to dump to a backup target if
primary targets fails to come up.
- Wait for UUID= and LABEL= to show up too. Right now kdump converts
UUID= and LABEL= to respective devices and passes /dev/* to dracut
--mount option. So I am not introducing the wait for UUID= or LABEL=
in this patch.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
This patch adds check of kernel module existance and
propagate errors to upper callers.
In case of break other callers of instmods(), this patch
adds an option '-c' to it, only when "-c" is specified
we fail, otherwise, errors are ignored.
Reported-by: Dave Young <dyoung@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Cc: Harald Hoyer <harald@redhat.com>
do not require shutdown.target and final.target
After switch-root isolate to the default target. This will load the
default target in the real root after systemd deserializes.
If you unset CMDLINE to make _getcmdline re-read /etc/cmdline and
/etc/cmdline.d/*, CMDLINE_ETC and CMDLINE_ETC_D would keep their
contents.
This is a serious problem if you have (e.g.) "ip=eth0:dhcp" in
/etc/cmdline.d/net.conf, because getargs ip= will return
"ip=eth0:dhcp ip=eth0:dhcp" and then parse-ip-opts.sh will die() because
you have two configurations for eth0.
If you're using a static network config, you'll want to keep your
nameservers around when NM starts. Write DNS1 (and DNS2, DNS3, etc..)
into the ifcfg file.
Thanks to Mark Hamzy <hamzy@us.ibm.com>
and Will Woods <wwoods@redhat.com> for the patch.
Basically, s390 is the only place I've ever seen TERM=dumb, and it's too
dumb to handle '\r', so --progress-bar produces waaaaay too much output.
The normal progress meter only prints something once per second, so
that's reasonable on terminals where '\r' doesn't work.
See also: https://bugzilla.redhat.com/show_bug.cgi?id=814713
Every time url-lib gets imported we end up making the list of handlers
longer with redundant entries. That's silly - we shouldn't add items
that already exist.
Note that this means you'll have to manipulate the handler list yourself
if you want to change the position/priority of existing handlers.
Sometimes some hook script will need to be before the cleanup hook scripts
For example dhclient killing, nfs cleanup, etc. must not happen before kdump
because it will use their fuctionalities.
So here introduce a new hook pre-pivot-cleanup, all cleanup scripts will go there.
that means pre-pivot hook is splited to two hooks pre-pivot and pre-pivot-cleanup
Signed-off-by: Dave Young <dyoung@redhat.com>
Qemu/KVM provides virtfs, a paravirtualised filesystem that is
implemented by running the Plan 9 folder sharing protocol over
virtio.
Make booting with root=virtfs:foobar use the virtfs filesystem
with mount tag 'foobar' as root filesystem, to allow booting
virtual machines off virtfs.
Note that this only handles 9p over virtio (i.e. virtfs), and
doesn't attempt to handle mounting 9p filesystems over TCP/IP,
for example.
Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Currently dracut uses lvm.conf as found in the system and modifies only
global/locking_type setting. As there's a new feature introduced - the lvmetad
daemon, dracut should disable its use as well by setting "global/use_lvmetad=0"
(patch attached).
Otherwise, there's a warning message issued:
dracut: WARNING: Failed to connect to lvmetad: No such file or directory.
Falling back to internal scanning.
@@ -, +, @@
modules.d/90lvm/lvm_scan.sh | 2 ++
modules.d/90lvm/module-setup.sh | 1 +
2 files changed, 3 insertions(+), 0 deletions(-)
Another solution could be searching in directories found at
/etc/ld.so.conf.d/*.conf or adding a new parameter. Here is a patch
which adds a new --libdirs parameter, and also a new inst_libdir_file
function which will try to expand metacharacters on each lib
directory:
inst_libdir_file "libdevmapper-event-lvm*.so"
Mounting, unmounting and then mounting a disk partition takes some
time.
On embedded systems such as OLPC XO where we disable fsck and fstab
reading, the root options are not going to change throughout the
mount_root() function, so remounting is time consuming and without
change.
Detect and optimize for this case so that the filesystem is only
mounted once.
According to its comment in dracut-lib.sh:
splitsep ":" "one:all:the:rest" one two
should set two="all:the:rest". But there's no check to see if the
current field is the last field, so it just gets "all".
For NetworkManager to properly take over a NFS-root system, we need to
have the interface name(s) in /tmp/net.ifaces and save the dhclient
lease. This lets the ifcfg module do its magic.
save_netinfo should properly write out /tmp/net.ifaces when needed, and
copies the dhclient files into place.
This makes sure the network is active and ready to use during the
initqueue/online hook.
It also makes it so you can run setup_net repeatedly without causing
error messages.
also fixup the logic what and when to mount.
first initramfs/etc/fstab is mounted
$NEWROOT/etc/fstab.sys takes precendence over initramfs/etc/fstab.sys
"export -n" is a bash extension, not part of POSIX, and is hence
incompatible with the busybox shell.
This was breaking boot when the busybox module was used.
Reimplement the scope change in a few lines of standard shell code.
wait_for_loginit does set +x (to turn off debugging temporarily), but
sometimes it would return before turning it back on. Move the set +x
line to fix that, then use 'setdebug' to make sure we don't turn it back
on unless it was needed.
live.updates allows you to specify the URL for an "updates image" that
should be applied to the live runtime before switch_root.
The URL can be anything supported by url-lib (http, https, ftp, possibly
nfs) and the image can be anything supported by img-lib (xz/gzip
compressed cpio/tar, uncompressed cpio/tar, filesystem image, etc.)
For curl_fetch_url (http/https/ftp):
- use --progress-bar (the output is less messy)
- print the URL we're fetching so the user know's what's happening
For curl and nfs:
- don't echo the filename if it was provided by the user
The "online" hook runs whenever a network interface comes online (that
is, once it's actually up and configured).
The initqueue --env argument is used to set "$netif" to the name of the
newly-online network interface.
Add new functions: all_ifaces_up, get_netroot_ip, ip_is_local, ifdown,
setup_net, set_ifname, ibft_to_cmdline
Use them in netroot.sh and parse-ip-opts.sh.
There's also a couple little unrelated cleanups.
Since cp won't copy a directory over a symlink, any updates that were
supposed to go into e.g. /lib would get dropped if you had /updates/lib
as an actual directory, but the target system had /lib->/usr/lib.
As described in https://bugzilla.redhat.com/show_bug.cgi?id=541410#c2,
if you want NetworkManager to take over an interface that you're using
for NFS root (or other network root device), you need to:
a) set UUID=<uuid> in ifcfg-<iface>, and
b) save the lease file as /var/lib/dhclient-<uuid>-<iface>.lease
This patch should make write-ifcfg handle both these things.
In kernel_only mode, we don't want to write /etc/cmdline.d
Correctly return the check functions, so we have a valid return of
for_each_host_dev_fs().
mdraid and dmraid functions had wrong checkings for the filesystem
type.
Due to the way the main loop runs to detect partions, the same one
might be included twice (albeit via different symlinks.
This code simply prevents the same combo being activated twice.
A better fix might simply be to not include duplicate (after
resolving symlinks) entries in the host_fs_types variable.
If you do "fetch_url $url/.somefile", fetch_url would return failure,
because "$outdir/*" wouldn't match the file.
Use ls -A (which busybox ls supports) to actually find possible dotfiles
in the created output dir.
Signed-off-by: Will Woods <wwoods@redhat.com>
commit 38164332e1 try to
disallow ssh-client install for without proper options.
But ssh-client will fail installation with --sshkey for
publickey mode
Fix it by refusing to install only when both --ctty and --sshkey
are not added in options.
Signed-off-by: Dave Young <dyoung@redhat.com>
Manually setuping nic through udev is not always done when
we want network access. Here add a function wait_for_route_ok to
wait and make sure the network is accesible
[v1 -> v2]:
Harald: don't use bash syntax
Add check for [ -n "$li" ] because `ip route show` will show nothing probably
Signed-off-by: Dave Young <dyoung@redhat.com>
img-lib handles identifying and unpacking archives (uncompressed or
compressed) and filesystem images.
Currently tar and gzip are required; cpio and xz are optional, and bzip2
is supported but unused.
Signed-off-by: Will Woods <wwoods@redhat.com>
This adds nfs_fetch_url to allow fetching arbitrary files from NFS.
This means that livenet can now run using an NFS-mounted live image,
which reduces memory usage by a lot.
Signed-off-by: Will Woods <wwoods@redhat.com>
This makes the livenetroot module use url-lib for fetching its root
image/filesystem. There's also some minor tweaks for POSIX compliance.
Signed-off-by: Will Woods <wwoods@redhat.com>
url-lib adds some functions for dealing with URLs (mostly for fetching
files, for the moment).
It uses curl to handle http/https/ftp URLs, but it can be extended by other
modules at runtime by using the "add_url_handler" function.
Signed-off-by: Will Woods <wwoods@redhat.com>
nfs-lib.sh contains a bunch of functions used to parse NFS "url"s of
various types, pull nfs information out of dhcp info, and actually
perform nfs mounts sanely.
Signed-off-by: Will Woods <wwoods@redhat.com>
net-lib.sh is a library of useful functions for network stuff.
More things may get added/moved here in the future.
Signed-off-by: Will Woods <wwoods@redhat.com>
if you add realinitpath="<path1> <path2>" to dracut.conf, then it will
be written to $initdir/etc/cmdline.d/distroinit.conf with
"rd.distroinit=<path1> rd.distroinit=<path2>" and evaluated by
99base/init, when it searches for init.
Current dracut network only will be setup when netroot is used. But there are
some cases we need network even without netroot. For example kdump will need
copy vmcore to remote machine via scp or nfs mount. OTOH, if we use dracut as
a recovery system the network is helpful even root is not a network device.
This implementation is based on the manually bring up method. Here add a kernel
cmdline argument rd.neednet. If rd.neednet is set dracut will bring up network
with ifup $INTERFACE -m. If netroot is used we still keep original behavior.
Signed-off-by: Dave Young <dyoung@redhat.com>
fstab-sys will mount nonroot nfs as well, so we need to split the necessary
code from nfsroot to start rpc daemon as hook script.
Signed-off-by: Dave Young <dyoung@redhat.com>
If /etc/fstab.sys does not exist installing fstab-sys module will fail.
Fix this by checking use_fstab and fstab_lines as well
Signed-off-by: Dave Young <dyoung@redhat.com>
For kdump we need scp vmcore to remote machine, the nic to be used is
not limited to netroot one. we need a feature for manually bringing up
network interface. Also it is useful for emergency shell with
ssh-client for recovery or test purpose
I implement this by adding one argument to ifup script, user can use
`/sbin/ifup eth0 -m` to bring up eth0, note ifup will regard it a
manual operation for the nic specified in 1st argument if there's
the 2nd argument.
If same nic is used for netroot the 2nd argument will be ignored,
in this case we will leave netroot bring up it automatically to
avoid side effect. And in this case hooks such as kdump will need to
execute after netroot mounted.
`ifup eth0 -m` will create /tmp/net.eth0.manualup stamp file,
later dhclient-script can check this and pass $2 to netroot,
then netroot script will bring eth0 up
Thanks for comments and suggestions from David Dillow.
Signed-off-by: Dave Young <dyoung@redhat.com>
First, $host_fs_types is an array.
Second, use strstr to match btrfs type.
Cc: Harald Hoyer <harald@redhat.com>
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
The line "source_all netroot" was trying to source netroot hooks from
/netroot, which doesn't exist, so netroot hooks were never executed.
Signed-off-by: Will Woods <wwoods@redhat.com>
When booting with nfsroot, dracut doesn't necessarily set the initial
hostname correctly.
According to dhcp-options(5), the name may or may not be qualified with
the local domain. It goes on to say "it is preferable to use the
domain-name option to specify the domain name".
So dhclient-script needs to be able to handle the cases: a) where
host-name is fully qualified and domain name is also specified; b)
where hostname is fully qualified and the domain is not separately
specified; c) where host-name is "short" and domain-name is also
specified; and d) do its best where host-name is short but domain-name
is not specified.
The dhclient-script in initramfs does not handle case "c", apparently
the preferred situation properly, setting hostname to "short".
https://bugzilla.redhat.com/show_bug.cgi?id=756347
This rewrites a portion of the module to support xz, as well as allow
an easier expansion should future compression methods for kernel
modules ever materialize.
Add ssh client module which support ssh key mode and interactive mode.
with --sshkey option you can provide the ssh key to be installed
>why not call it "ssh" module?
ssh-client is better, maybe future there will be ssh-server come in.
In debian these are also two different packages.
Usage:
1. sshkey mode:
transfer your public key to remote machine with ssh-copy-id or do it mannaully
example of options:
./dracut -l -H -a ssh-client --sshkey /root/.ssh/id_rsa i.img
2. interactive mode:
need use --ctty option, ie.:
./dracut -l -H -a ssh-client --ctty i.img
[v2 changes]:
per wangcong: add patch description about module name
add help line in usage()
remove useless comment
Signed-off-by: Dave Young <dyoung@redhat.com>
Option --ctty will optionally add setsid binary to dracut's image.
During runtime, if rd.ctty is set and is a character device,
emergency shells will be spawned with job control.
in case no ctty was provided, shell was spawned without caring about
/dev/console. Also, the ctty is more opportunistic. If the image was
generated with --ctty, we will fallback to /dev/tty1 if rc.ctty is
invalid or missing. Otherwise we spawn standard shell on /dev/console
[dyoung@redhat.com: Rebased to usrmove branch]
Signed-off-by: Michal Soltys <soltys@ziu.info>
Signed-off-by: Dave Young <dyoung@redhat.com>
ssh module will need root user in /etc/passwd, so add root and nobody
to /etc/passwd in 99base instead of nfs module
Signed-off-by: Dave Young <dyoung@redhat.com>
While the documentation states that ifname MAC addresses must be
lower case, we silently accept upper case ones and fail later on
when udev doesn't rename the device.
Instead of adding sanity checking on the MAC address just convert
it to lower case and remove the requirement completely.
fstab-sys now also handles device passed by dracut argument "--mount"
The "--mount" mount point is possible not exist in $NEWROOT. Thus mount it
in initramfs if mount point is not exist in real rootfs
It is useful to know that loop device that the live image's / is mounted
from. Make a /run/initramfs/live-baseloop symlink that points to it.
Edited-By: harald@redhat.com: changed /dev/live-baseloop
to /run/initramfs/live-baseloop
Like -H, we need to poll every module to check if it is needed
to mount a specific device in '--mount'.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
When the initqueue cannot be processed, it might be about an invalid
root device (in which case a separate message produced via
wait_for_dev() should be displayed anyway), but it could also
be for any other reason (e.g. /dev/resume not existing).
Therefore, it is best to use a more generic error message.
Also a minor tab->space conversion in the near vacinity of
the real change.
This commit allows the waiting for a device to be cancelled.
When the resume partition does not exist, it becomes quite hard
to work out what to do (you have to either create the
/dev/resume symlink manually, or remove the 'finished' job
that is waiting for it). Additionally dracut incorrectly
displays a message about not being able to find the root
device, which is bogus and misleading.
This commit should just bail on the whole resume thing
if the device cannot be found and proceed with a normal boot.
This should fix initial initrd generation during install.
If the modules are not desired to be used, the nokmsboot kernel
command line should disable them.
--add-fstab [FILE] Add file to the initramfs fstab
--mount "[DEV] [MP] [FSTYPE] [FSOPTS]"
Mount device [DEV] on mountpoint [MP] with filesystem
[FSTYPE] and options [FSOPTS] in the initramfs
inst_mount_hook <mountpoint> <prio> <name> <script>
Install a mount hook with priority <prio>,
which executes <script> as soon as <mountpoint> is mounted.
add_mount_point <dev> <mountpoint> <filesystem> <fsopts>
Mount <dev> on <mountpoint> with <filesystem> and <fsopts>
and call any mount hooks, as soon, as it is mounted
Unlike "ifconfig", the "ip" command does not set a broadcast address
unless explicitly requested.
add "brd +" to make "ip" calculate the broadcast address on the fly
To start bnx2fc, we need to run fipvlan only and not dcbtool. DCBX is run
automatically in the hardware, but VLAN discovery needs to be started by
fipvlan.
https://bugzilla.redhat.com/show_bug.cgi?id=736094
The dm module, which lvm and dmraid depend on, installed dmraid
shared libs. The lvm module installed udev rules, which were
already installed by the dm module.
Cleaned up those issues.
The kernel's primary console device is determined by the last "console="
argument on the kernel command line. This setting should be respected by
dracut-generated initial RAM disks.
Steps to Reproduce:
(Easiest using a KVM VM, virt-manager and "virsh console")
1. Boot with a kernel command line ending in
console=tty0 console=ttyS0,115200
2. Observe both tty0 and ttyS0.
The output of init scripts is sent to ttyS0, as the final "console="
argument determines the primary console device as per
Documentation/serial-console.txt in the kernel sources.
https://bugzilla.redhat.com/show_bug.cgi?id=752073
The Xen module is unnecessary and it has been for a while.
Most Xen systems will not be using the module, even now, because
xen-detect is not installed by default on most Xen systems, and
dracut uses xen-detect to decide whether to include the module.
It also has some problems:
1) it does not try loading xen_platform_pci;
2) it loads modules unnecessarily; modules.alias is where all Xen support
should reside. Assuming xenbus_probe_frontend and xen_platform_pci
are loaded so that Xen devices are probed, other modules are picked up
automatically thanks to aliases such as
alias xen:vbd xen_blkfront
3) Even not-so-recent kernels (say 2.6.32) require the xen_platform_pci
and xenbus_probe_frontend modules even for non-paravirtualized guests.
60xen/module-setup.sh picks the module only for PV guests.
So, just require xenbus_probe_frontend to be builtin, and also
xen_platform_pci for fully-virtualized guests, and remove the module.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
- in 10i18n - do stty -iutf8 on non-utf8 consoles, for consistency with
iutf8 on utf8 ones
- vim modeline in xml file
Signed-off-by: Michal Soltys <soltys@ziu.info>
This is from the following thread:
http://thread.gmane.org/gmane.linux.raid/35753/focus=35795
Additional tests + more specific info.
Signed-off-by: Michal Soltys <soltys@ziu.info>
[harald@redhat.com: usable_root(): relaxed check for root]
The "read" shell builtin consumes backslashes, which is a problem if
your root device is something like "LABEL=Fedora\x2016".
Using "read -r" tells the shell to leave backslashes alone.
This patch replaces:
- {var}>... redirections with functionally identical eval construct +
explicit FDs
- ^^ and ,, case modifiers with temporary shopt
This allows us to lower minimum required bash version
to at least 3.1 (with current code).
Signed-off-by: Michal Soltys <soltys@ziu.info>
in dracut.conf:
fscks="<tools>"
nofscks="yes"
and similary on command line:
--fscks [LIST] (in addition to conf's, if defined there)
--nofscks
Signed-off-by: Michal Soltys <soltys@ziu.info>
Filtering modules requires enough work that instmods() in the
next pipeline stage was rarely busy. Parallelize the two
filters which do the most work. Also fix a filename-vs-contents
mistake in net_module_filter.
--
John Reiser, jreiser@BitWagon.com
>From f4533a2ceca52c443ddebec01eeaa35d51c39c1b Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Tue, 13 Sep 2011 17:41:43 -0700
Subject: [PATCH 1/3] Parallelize block_module_filter
ID_FS_TYPE can be much more than just ddf/imsm/linux raid member, so
do the proper checks.
This reverts certain changes from:
cf5891424e
Signed-off-by: Michal Soltys <soltys@ziu.info>
Whitespace removal in:
out="${out}${chop# }$r"
will damage certain strings, for example the following call:
str_replace ' aax aaxaa' x y
would return 'aayaayaa' instead of ' aay aayaa'.
Signed-off-by: Michal Soltys <soltys@ziu.info>
Reworked the flow of the rules file a bit, removed redundant tests, also
should be easier to follow. It's much shorter now as well, a bit more
similar to 90lvm script - both revolve around same concepts after all.
There's no reason to treat conf-assembled arrays differently from
incremental ones. Once we hit timeout in init's udev loop, we can use
common script (mdraid_start.sh) to try force inactive arrays
into degraded mode.
md-finished.sh was kind-of out of place - it didn't really wait for any
particular device(s) to show up, just watched if onetime mdadm scripts
are still in place. Furthermore, after moving mdraid_start to --timeout
initqueue, it didn't really have too much to watch at all, besides
mdadm_auto (and that served no purpose, as we do wait for concrete
devices).
Either way, with stock 64-md fixes, current version of 65-md*.rules does
the following:
- limits assembly to certain uuids, if specified
- watch for no ddf/imsm
- if mdadm.conf => setup onetime -As script, without forced --run option
- if !mdadm.conf => incrementally assemble
- for both cases, setup timeout script, run-forcing arrays as a last resort
Signed-off-by: Michal Soltys <soltys@ziu.info>
1) mdadm -As --auto=yes --run 2>&1 | vinfo (removed)
Currently such auto assembly will not complete or force-run partially
assembled arrays. It might assemble "concurrent" separate array and
force-run it, if possible (though the chances of suddenly showing
missing components in this scenario - a script run after udev timeout -
are pretty thin). See [1] for details. Also see #3 below.
2) mdadm -Is --run 2>&1 (removed)
This will only force-run native arrays - arrays in containers will not
be affected. See [1] for details. Also see #3 below.
3) mdadm -R run loop (implicitly handles #1 & #2)
This loop does everywthing that #1 & #2 are expected to do. Thus, the
above invocations are simply redundant and this is the most safe and
flexible option.
Also, it shouldn't be necessary to go under md/ directory, as those are
just symlinks to /dev/md[0-9]*.
Certain checks were changed to strict ones (array state, degraded state)
instead of relying on env tricks.
'cat' was added explicitly to installed programs (it has been used
implicitly in shutdown script either way)
4) mdmon bug
See [1] for details as well. In short - force-run arrays in containers
will not have mdmon started, so we do that manually.
5) stop/run queue magic
Also removed. mdadm -R will only cause change events to the array
itself, and they should not be an issue.
[1] http://article.gmane.org/gmane.linux.raid/35133
Signed-off-by: Michal Soltys <soltys@ziu.info>
Stop both arrays (first pass) and containers (second pass).
Loop only over /dev/md[0-9]*
Call cleanup script only once, make sure it's after crypt cleanup.
Signed-off-by: Michal Soltys <soltys@ziu.info>
Remove whole "start a container logic".
Containers once assembled, always remain in 'inactive' state.
Any attempt to run a container with mdadm -IR is a no-op, and any
attempt with just mdadm -R ends with an error.
Signed-off-by: Michal Soltys <soltys@ziu.info>
Currently shipped mdadm rules incrementally assemble all imsm and native
raids, and do so unconditionally. This causes few issues:
- fine-grained controls in 65-md* are shadowed - for example,
mdadm.conf's presence tests or uuid checks
- 90dmraid might also conflict with 90mdraid, if user prefers the former
to handle containers
- possibly other subtle issues
This patch adjusts the behaviour.
Signed-off-by: Michal Soltys <soltys@ziu.info>
Use bash "[[ string =~ pattern ]]" instead of "egrep -q".
Replace control-dominated serial fondling
for var in $(proc1); do proc2 var; done
with data-dominated parallel pipeline
proc1 | while read var; do proc2 var; done
Together this is a large savings.
[harald@redhat.com: fixed network kernel module filter]
This asks for the luks passphrase if key is not found for defined time (if defined with rd.luks.tout cmd line):
modules.d/90crypt/cryptroot-ask.sh | 21 ++++++++++++++++++---
modules.d/90crypt/parse-crypt.sh | 5 +++--
2 files changed, 21 insertions(+), 5 deletions(-)
If we're about to start a Live image (i.e. if /dev/mapper/live-rw
exists) this script will take any files found in /updates (inside the
initramfs!) and and copy them into $NEWROOT.
This allows for hotfixes to be applied to existing Live images without
rebuilding the entire image.
Signed-off-by: Will Woods <wwoods@redhat.com>
Currently dmsquash-live-root requires that squashfs images be named
"squashfs.img" and all others be "ext3fs.img" or "rootfs.img".
If we've got a live image in initramfs, this patch will make dracut use
losetup and det_fs to determine the actual filesystem type of the image.
Signed-off-by: Will Woods <wwoods@redhat.com>
- use last ro/rw cmdline arg rather than favoring 'rw' over 'ro'
- don't bother with useless RES variable for holding $?
- only do fs check when $livedev is a block device
Signed-off-by: Will Woods <wwoods@redhat.com>
fsck_single() operates directly on the device, so fstab is not
necessary. fs-lib functions make sure fscks don't complain.
Code is only commented out just in case I missed something.
To not pollute dracut-lib.sh, all the fsck related functions were moved
to fs-lib.sh. The functions available are as follows:
- fsck_single
this will detect/verify filesystem, check if it has necessary tools and
check the filesystem respecting additional flags (if any), using
specific "driver" (or falling back to generic one). Currently
available: fsck_drv_{com,xfs,std}. 'com' is used for tools following
typical subset of options/return codes (e.g. ext, jfs), 'std' is used
for "unknown" fs and doesn't assume it can be run non-interactively.
Please see comments around the code for more info.
- fsck_batch
this will check provided list of the devices;
Both of the above functions will fake empty fstab, to make generic fsck
not complain too much (excact devices are always provided on the command
line).
"Known" filesystems currently: ext234, reiser, jfs, xfs
- det_fs
Small bug fixed - as this function is meant to be called in $(), it may
not be verbose.
Current behaviour is:
- if detection is successful, use its result
- if detection is not successful, and filesystem is provided, return
the provided one; otherwise use auto
Previously, '-a' was added for ext[234] filesystems if other
conflicting flag were not present. It's being done automatically
in fsck_drv_com() now (also for jfs and reiser).
The livenet module allows you to use a root arg like:
root=live:http://server.name/path/to/live.img ip=dhcp
The named live image will be downloaded with wget and then set up as the
root device.
It currently supports FTP, HTTP, and HTTPS. dracut will try to install
the CA bundle (/etc/ssl/certs/ca-bundle.crt) into the initramfs so that
SSL certificate checking will work properly.
If an HTTPS URL is given and the site fails the certificate check, the
file will be rejected and the system will not boot into it.
Signed-off-by: Will Woods <wwoods@redhat.com>
if a value of a key on the kernel command line includes wildcards, these
would be expanded.
E.g., if you have "key=/dev/sd*" the value would be substituted with
"/dev/sda /dev/sda1 /dev/sda2" instead of returning "/dev/sd*"
The script that was generated always returned the status of the last test
condition, potentially missing any earlier non-existing devices.
The change assures, that the script returns 0 only if all expected
devices are found.
Signed-off-by: Michal Soltys <soltys@ziu.info>
This module mounts an eCryptfs filesystem from the initial ramdisk using an
encrypted key.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
This module initializes the EVM software and permits to load a custom IMA
policy.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
This module initializes a trusted/user kernel master key that will be used
to decrypt other encrypted keys.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
Mount the securityfs filesystem and make available its location through the
exported variable SECURITYFSDIR.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
Currently in dracut busybox module, we hard-code the list of binaries
available in busybox. Actually we can get this list by running busybox
without any arguments.
Also, if find_binary() finds nothing, we would symlink $initdir/
which is not we expect.
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
As Ray Strode explains, plymouth --has-active-vt may fail if the user
passes console=ttyS0 or something other not corresponding to
console=tty0, because plymouth is outputing to the serial console and
not a VT in this case.
In the initrd, the init script and the sbin/cryptroot-ask script use
flock with different lock files for the console: /.console_lock and
/.console.lock respectively
Use common fsck and det_fs code. Verify filesystem type more
aggressively, which has a chance to be more resistant to
accidental mistakes.
Also, there's no need to generate custom fstab for the sake of fsck
anymore.
Signed-off-by: Michal Soltys <soltys@ziu.info>
This patch mainly adds fsck functionality to fstab-sys, with additional
sanity checks (checking for device existence, verifying fstype via
det_fs).
Signed-off-by: Michal Soltys <soltys@ziu.info>
Both functions will be used by rootfs-block and fstab-sys modules.
Both are based on code present in mount-root.sh, though few changes are
present.
det_fs:
will try to determine filesystem type for supplied device, even if it's
not auto. If fs cannot be detected, or if the detected one differs from
the supplied one - a warning is issued (so user can fix its stuff later)
wrap_fsck:
will call fsck for specific device with optionally additional
fsckoptions. The function returns fsck return value.
Signed-off-by: Michal Soltys <soltys@ziu.info>
dyoung@redhat.com