diff --git a/SOURCES/0190.patch b/SOURCES/0190.patch index 395305c..7e63eb0 100644 --- a/SOURCES/0190.patch +++ b/SOURCES/0190.patch @@ -56,4 +56,3 @@ index baf6dcff..4962316d 100644 if (dracut_install(clib, clib, false, false, true) == 0) log_debug("Lib install: '%s'", clib); /* also install lib.so for lib.so.* files */ - diff --git a/SOURCES/0191.patch b/SOURCES/0191.patch deleted file mode 100644 index 2368589..0000000 --- a/SOURCES/0191.patch +++ /dev/null @@ -1,243 +0,0 @@ -From e2c7b61f97465b26c598d655c8717403c0a73726 Mon Sep 17 00:00:00 2001 -From: Frantisek Sumsal -Date: Sat, 13 Nov 2021 16:35:23 +0100 -Subject: [PATCH] ci: introduce C8S based GHA CI - -Loosely based on the upstream dracut CI to make things simpler. - -rhel-only ---- - .github/workflows/container.yml | 52 +++++++++++++++++++++++++++++ - .github/workflows/integration.yml | 48 +++++++++++++++++++++++++++ - test/container/Dockerfile-CentOS-8-Stream | 54 +++++++++++++++++++++++++++++++ - tools/test-github.sh | 49 ++++++++++++++++++++++++++++ - 4 files changed, 203 insertions(+) - -diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml -new file mode 100644 -index 00000000..0a4c000f ---- /dev/null -+++ b/.github/workflows/container.yml -@@ -0,0 +1,52 @@ -+name: Container -+on: -+ schedule: -+ - cron: '30 11 * * *' -+ push: -+ branches: [ main ] -+ paths: -+ - 'test/container/**' -+ - '.github/workflows/container.yml' -+ pull_request: -+ branches: [ main ] -+ paths: -+ - 'test/container/**' -+ - '.github/workflows/container.yml' -+ -+permissions: -+ packages: write -+ contents: read -+ -+jobs: -+ push_to_registry: -+ name: Build and push containers image to GitHub Packages -+ runs-on: ubuntu-latest -+ concurrency: -+ group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.config.dockerfile }} -+ cancel-in-progress: true -+ strategy: -+ fail-fast: false -+ matrix: -+ config: -+ # Use a prefixed image name to not conflict with the "centos" -+ # image from redhat-plumbers/dracut-rhel9 -+ - { dockerfile: 'Dockerfile-CentOS-8-Stream', tag: 'rhel8_centos:stream8' } -+ steps: -+ - name: Check out the repo -+ uses: actions/checkout@v2 -+ - name: Set up Docker Buildx -+ uses: docker/setup-buildx-action@v1 -+# with: -+# buildkitd-flags: --debug -+ - name: Login to GitHub Container Registry -+ uses: docker/login-action@v1 -+ with: -+ registry: ghcr.io -+ username: ${{ github.repository_owner }} -+ password: ${{ secrets.GITHUB_TOKEN }} -+ - name: Build and Push Container -+ uses: docker/build-push-action@v2 -+ with: -+ file: test/container/${{ matrix.config.dockerfile }} -+ tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.config.tag }} -+ push: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} -diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml -new file mode 100644 -index 00000000..80a856a2 ---- /dev/null -+++ b/.github/workflows/integration.yml -@@ -0,0 +1,48 @@ -+name: Integration Test -+ -+on: -+ pull_request: -+ branches: [ main ] -+ -+jobs: -+ centos-8-stream: -+ runs-on: ubuntu-latest -+ timeout-minutes: 45 -+ concurrency: -+ group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }} -+ cancel-in-progress: true -+ strategy: -+ matrix: -+ container: [ -+ "rhel8_centos:stream8", -+ ] -+ # Disabled tests (due to dropped packages in RHEL/CentOS): -+ # 03, 04, 15: requires btrfs -+ # 14: requires dmraid -+ # 30, 31, 35, 36: requires scsi-target-utils -+ test: [ -+ "01", -+ "02", -+ "10", -+ "11", -+ "12", -+ "13", -+ "17", -+ "20", -+ #"21", needs backport (NFS + NM) -+ "40", -+ #"41", needws backport (NBD + NM) -+ "98", -+ ] -+ fail-fast: false -+ container: -+ image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }} -+ options: "--privileged -v /dev:/dev" -+ steps: -+ - name: "Checkout Repository" -+ uses: actions/checkout@v2 -+ with: -+ fetch-depth: 0 -+ -+ - name: "${{ matrix.container }} TEST-${{ matrix.test }}" -+ run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }} -diff --git a/test/container/Dockerfile-CentOS-8-Stream b/test/container/Dockerfile-CentOS-8-Stream -new file mode 100644 -index 00000000..0eda4a7e ---- /dev/null -+++ b/test/container/Dockerfile-CentOS-8-Stream -@@ -0,0 +1,54 @@ -+FROM quay.io/centos/centos:stream8 -+ -+MAINTAINER https://github.com/dracutdevs/dracut -+ -+ENV container docker -+LABEL RUN="docker run -it --name NAME --privileged --ipc=host --net=host --pid=host -e NAME=NAME -e IMAGE=IMAGE IMAGE" -+ -+RUN echo 'export DRACUT_NO_XATTR=1 KVERSION=$(cd /lib/modules; ls -1 | tail -1)' > /etc/profile.d/dracut-test.sh -+ -+# Install needed packages for the dracut CI container -+RUN dnf -y install epel-release && \ -+ dnf -y install --enablerepo powertools --enablerepo epel --setopt=install_weak_deps=False \ -+ qemu-kvm \ -+ NetworkManager \ -+ asciidoc \ -+ bash-completion \ -+ bzip2 \ -+ cryptsetup \ -+ dash \ -+ dbus-daemon \ -+ dhcp-client \ -+ dhcp-server \ -+ e2fsprogs \ -+ gcc \ -+ git \ -+ iproute \ -+ iputils \ -+ iscsi-initiator-utils \ -+ kbd \ -+ kernel \ -+ kmod-devel \ -+ lvm2 \ -+ make \ -+ mdadm \ -+ nfs-utils \ -+ pigz \ -+ python3-imgcreate \ -+ rpm-build \ -+ strace \ -+ sudo \ -+ tar \ -+ tcpdump \ -+ wget \ -+ which \ -+ xz \ -+ && dnf -y update && dnf clean all -+ -+# CentOS 8 ships only qemu-kvm, but it disables the KVM accel when it's not -+# available -+RUN ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu-kvm && \ -+ ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu-system-$(uname -m) -+ -+# Set default command -+CMD ["/usr/bin/bash"] -diff --git a/tools/test-github.sh b/tools/test-github.sh -new file mode 100755 -index 00000000..eab59dcc ---- /dev/null -+++ b/tools/test-github.sh -@@ -0,0 +1,49 @@ -+#!/bin/bash -+ -+set -ex -+ -+[[ -d ${0%/*} ]] && cd "${0%/*}"/../ -+ -+RUN_ID="$1" -+TESTS=$2 -+ -+./configure -+ -+NCPU=$(getconf _NPROCESSORS_ONLN) -+ -+if ! [[ $TESTS ]]; then -+ # GitHub workflows fetch a clone of the dracut repository which doesn't -+ # contain git tags, thus "breaking" the RPM build in certain situations -+ # i.e.: -+ # DRACUT_MAIN_VERSION in Makefile is defined as an output of `git describe`, -+ # which in full git clone returns a tag with a numeric version. However, -+ # without tags it returns SHA of the last commit, which later propagates into -+ # `Provides:` attribute of the built RPM and can break dependency tree when -+ # installed -+ [[ -d .git ]] && git fetch --tags && git describe --tags -+ make -j "$NCPU" all syncheck rpm logtee -+else -+ if [[ $TESTS == "99" ]]; then -+ [[ -d .git ]] && git fetch --tags && git describe --tags -+ make_docs=yes -+ else -+ make_docs=no -+ fi -+ -+ make -j "$NCPU" enable_documentation=$make_docs all logtee -+ -+ cd test -+ -+ # shellcheck disable=SC2012 -+ time LOGTEE_TIMEOUT_MS=590000 make \ -+ enable_documentation=$make_docs \ -+ KVERSION="$( -+ cd /lib/modules -+ ls -1 | tail -1 -+ )" \ -+ DRACUT_NO_XATTR=1 \ -+ TEST_RUN_ID="$RUN_ID" \ -+ ${TESTS:+TESTS="$TESTS"} \ -+ -k V=1 \ -+ check -+fi - diff --git a/SOURCES/0192.patch b/SOURCES/0192.patch deleted file mode 100644 index d4f31aa..0000000 --- a/SOURCES/0192.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 436135496469ec24be1fc6fbc03a39d2575c8686 Mon Sep 17 00:00:00 2001 -From: Frantisek Sumsal -Date: Sat, 13 Nov 2021 17:55:45 +0100 -Subject: [PATCH] ci: backport TEST-21-NFS-NM - -Loosely cherry-picked from a3f73298f287e75810d6784efa52e80af15da2bd. - -rhel-only ---- - .github/workflows/integration.yml | 3 +-- - test/TEST-20-NFS/test.sh | 14 +++++++++++--- - test/TEST-21-NFS-NM/Makefile | 12 ++++++++++++ - 3 files changed, 24 insertions(+), 5 deletions(-) - -diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml -index 80a856a2..9c7c8486 100644 ---- a/.github/workflows/integration.yml -+++ b/.github/workflows/integration.yml -@@ -29,9 +29,8 @@ jobs: - "13", - "17", - "20", -- #"21", needs backport (NFS + NM) -+ "21", - "40", -- #"41", needws backport (NBD + NM) - "98", - ] - fail-fast: false -diff --git a/test/TEST-20-NFS/test.sh b/test/TEST-20-NFS/test.sh -index 4ad7fd77..320f9c3e 100755 ---- a/test/TEST-20-NFS/test.sh -+++ b/test/TEST-20-NFS/test.sh -@@ -1,5 +1,13 @@ - #!/bin/bash --TEST_DESCRIPTION="root filesystem on NFS" -+if [[ $NM ]]; then -+ USE_NETWORK="network-manager" -+ OMIT_NETWORK="network-legacy" -+else -+ USE_NETWORK="network-legacy" -+ OMIT_NETWORK="network-manager" -+fi -+ -+TEST_DESCRIPTION="root filesystem on NFS with $USE_NETWORK" - - KVERSION=${KVERSION-$(uname -r)} - -@@ -353,8 +361,8 @@ test_setup() { - - # Make client's dracut image - $basedir/dracut.sh -l -i $TESTDIR/overlay / \ -- -o "plymouth dash" \ -- -a "debug watchdog" \ -+ -o "plymouth dash ${OMIT_NETWORK}" \ -+ -a "debug watchdog ${USE_NETWORK}" \ - -d "af_packet piix ide-gd_mod ata_piix sd_mod e1000 nfs sunrpc i6300esb" \ - --no-hostonly-cmdline -N \ - -f $TESTDIR/initramfs.testing $KVERSION || return 1 -diff --git a/test/TEST-21-NFS-NM/Makefile b/test/TEST-21-NFS-NM/Makefile -new file mode 100644 -index 00000000..b19122a1 ---- /dev/null -+++ b/test/TEST-21-NFS-NM/Makefile -@@ -0,0 +1,12 @@ -+.PHONY: all setup clean run -+ -+BASETEST=../TEST-20-NFS -+ -+all: -+ @$(MAKE) NM=1 -s --no-print-directory -C $(BASETEST) all -+setup: -+ @$(MAKE) NM=1 -s --no-print-directory -C $(BASETEST) setup -+clean: -+ @$(MAKE) NM=1 -s --no-print-directory -C $(BASETEST) clean -+run: -+ @$(MAKE) NM=1 -s --no-print-directory -C $(BASETEST) run - diff --git a/SOURCES/0193.patch b/SOURCES/0193.patch deleted file mode 100644 index 7137d69..0000000 --- a/SOURCES/0193.patch +++ /dev/null @@ -1,57 +0,0 @@ -From fd907a1b2b1f087afa2eccfa1686043e4dbb5ff6 Mon Sep 17 00:00:00 2001 -From: q66 -Date: Sat, 25 Jul 2020 17:28:16 +0200 -Subject: [PATCH] dracut.sh: fix early microcode detection logic - -This fixes two issues: - -1) on non-x86 systems in non-hostonly config this would cause - an annoying warning on every initramfs generation -2) on non-x86 systems in hostonly config this would result in - early microcode not getting disabled - -Resolves: rhbz#2022414 ---- - dracut.sh | 23 +++++++++++++++-------- - 1 file changed, 15 insertions(+), 8 deletions(-) - -diff --git a/dracut.sh b/dracut.sh -index e559bb96..952c57c8 100755 ---- a/dracut.sh -+++ b/dracut.sh -@@ -1070,19 +1070,26 @@ fi - - if [[ $early_microcode = yes ]]; then - if [[ $hostonly ]]; then -- [[ $(get_cpu_vendor) == "AMD" ]] \ -- && ! check_kernel_config CONFIG_MICROCODE_AMD \ -- && unset early_microcode -- [[ $(get_cpu_vendor) == "Intel" ]] \ -- && ! check_kernel_config CONFIG_MICROCODE_INTEL \ -- && unset early_microcode -+ if [[ $(get_cpu_vendor) == "AMD" ]]; then -+ check_kernel_config CONFIG_MICROCODE_AMD || unset early_microcode -+ elif [[ $(get_cpu_vendor) == "Intel" ]]; then -+ check_kernel_config CONFIG_MICROCODE_INTEL || unset early_microcode -+ else -+ unset early_microcode -+ fi - else - ! check_kernel_config CONFIG_MICROCODE_AMD \ - && ! check_kernel_config CONFIG_MICROCODE_INTEL \ - && unset early_microcode - fi -- [[ $early_microcode != yes ]] \ -- && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y" -+ # Do not complain on non-x86 architectures as it makes no sense -+ case $(uname -m) in -+ x86_64|i?86) -+ [[ $early_microcode != yes ]] \ -+ && dwarn "Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y" -+ ;; -+ *) ;; -+ esac - fi - - # Need to be able to have non-root users read stuff (rpcbind etc) - diff --git a/SOURCES/0194.patch b/SOURCES/0194.patch deleted file mode 100644 index 563777a..0000000 --- a/SOURCES/0194.patch +++ /dev/null @@ -1,24 +0,0 @@ -From ccd2823f5b75273445c7de36ff306fd23163f955 Mon Sep 17 00:00:00 2001 -From: Masahiro Matsuya -Date: Fri, 11 Jun 2021 10:40:04 +0900 -Subject: [PATCH] fix(url-lib): make pre-pivot hook separetely per nfs mount - -Resolves: rhbz#1967802 ---- - modules.d/45url-lib/url-lib.sh | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/modules.d/45url-lib/url-lib.sh b/modules.d/45url-lib/url-lib.sh -index 08c3ebb4..56d0d683 100755 ---- a/modules.d/45url-lib/url-lib.sh -+++ b/modules.d/45url-lib/url-lib.sh -@@ -143,7 +143,7 @@ nfs_fetch_url() { - local mntdir="$(mkuniqdir /run nfs_mnt)" - mount_nfs "$nfs:$server:$filepath${options:+:$options}" "$mntdir" - # lazy unmount during pre-pivot hook -- inst_hook --hook pre-pivot --name 99url-lib-umount-nfs umount -l -- "$mntdir" -+ inst_hook --hook pre-pivot --name 99url-lib-umount-nfs-"$(basename "$mntdir")" umount -l -- "$mntdir" - fi - - if [ -z "$outloc" ]; then - diff --git a/SOURCES/0195.patch b/SOURCES/0195.patch deleted file mode 100644 index d9e6084..0000000 --- a/SOURCES/0195.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 8a4e5b5988d716259ad5b684dc2814d265007cb5 Mon Sep 17 00:00:00 2001 -From: Peter Levine -Date: Mon, 1 Feb 2021 22:17:06 -0500 -Subject: [PATCH] fix(watchdog): replace return with echo - -(cherry picked from commit c35cbd2e561714207388af69820cee2743dbcbc3) - -Resolves: #1890039 ---- - modules.d/04watchdog/module-setup.sh | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/modules.d/04watchdog/module-setup.sh b/modules.d/04watchdog/module-setup.sh -index 15bcd897..fdc62986 100755 ---- a/modules.d/04watchdog/module-setup.sh -+++ b/modules.d/04watchdog/module-setup.sh -@@ -7,7 +7,8 @@ check() { - - # called by dracut - depends() { -- return "watchdog-modules" -+ echo watchdog-modules -+ return 0 - } - - # called by dracut - diff --git a/SOURCES/0196.patch b/SOURCES/0196.patch deleted file mode 100644 index 481d6f5..0000000 --- a/SOURCES/0196.patch +++ /dev/null @@ -1,68 +0,0 @@ -From c7b21c88d27aace097ce9bc1fc36f4b742858737 Mon Sep 17 00:00:00 2001 -From: Pavel Valena -Date: Mon, 22 Nov 2021 16:40:39 +0100 -Subject: [PATCH] fix(network): add errors and warnings when network interface - does not exist - -End with error, or show a warning when nonexistent device is specified for network setup like -`ip=10.12.8.12::10.12.255.254:255.255.0.0:xk12:eth0:off`. - -I've added the error only for `write-ifcfg.sh`, as I think no such setup should be written. - -Resolves: #1712424 ---- - modules.d/35network-legacy/ifup.sh | 6 +++++- - modules.d/35network-legacy/parse-ip-opts.sh | 5 +++++ - modules.d/45ifcfg/write-ifcfg.sh | 5 +++++ - 3 files changed, 15 insertions(+), 1 deletion(-) - -diff --git a/modules.d/35network-legacy/ifup.sh b/modules.d/35network-legacy/ifup.sh -index bd560379..0e9a6928 100755 ---- a/modules.d/35network-legacy/ifup.sh -+++ b/modules.d/35network-legacy/ifup.sh -@@ -413,7 +413,11 @@ for p in $(getargs ip=); do - - # If this option isn't directed at our interface, skip it - if [ -n "$dev" ]; then -- [ "$dev" != "$netif" ] && continue -+ if [ "$dev" != "$netif" ]; then -+ [ ! -e "/sys/class/net/$dev" ] \ -+ && warn "Network interface '$dev' does not exist!" -+ continue -+ fi - else - iface_is_enslaved "$netif" && continue - fi -diff --git a/modules.d/35network-legacy/parse-ip-opts.sh b/modules.d/35network-legacy/parse-ip-opts.sh -index 10a2d19b..eea0988c 100755 ---- a/modules.d/35network-legacy/parse-ip-opts.sh -+++ b/modules.d/35network-legacy/parse-ip-opts.sh -@@ -96,6 +96,11 @@ for p in $(getargs ip=); do - fi - # IFACES list for later use - IFACES="$IFACES $dev" -+ -+ # Interface should exist -+ if [ ! -e "/sys/class/net/$dev" ]; then -+ warn "Network interface '$dev' does not exist" -+ fi - fi - - # Do we need to check for specific options? -diff --git a/modules.d/45ifcfg/write-ifcfg.sh b/modules.d/45ifcfg/write-ifcfg.sh -index abd111fc..7e767f15 100755 ---- a/modules.d/45ifcfg/write-ifcfg.sh -+++ b/modules.d/45ifcfg/write-ifcfg.sh -@@ -100,6 +100,11 @@ interface_bind() { - local _netif="$1" - local _macaddr="$2" - -+ if [ ! -e "/sys/class/net/$_netif" ]; then -+ derror "Cannot find network interface '$_netif'!" -+ return 1 -+ fi -+ - # see, if we can bind it to some hw parms - if hw_bind "$_netif" "$_macaddr"; then - # only print out DEVICE, if it's user assigned - diff --git a/SOURCES/0197.patch b/SOURCES/0197.patch deleted file mode 100644 index 7781b40..0000000 --- a/SOURCES/0197.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 0a6125bf834c5a1808e4898f46093bc2ab2fed05 Mon Sep 17 00:00:00 2001 -From: Harald Hoyer -Date: Wed, 23 Oct 2019 14:16:56 +0200 -Subject: [PATCH] dracut.sh: add check for invalid configuration files - -Emit a warning about possible misconfigured configuration files, where -the spaces around values are missing for +="" - -Better report a possible source of problems. We can fix annoying false -positives later. - -(cherry picked from commit dfe2247a43d6a216d9af533825c9a103e3b056cd) - -Resolves: #1946245 ---- - dracut.sh | 14 +++++++++++++- - 1 file changed, 13 insertions(+), 1 deletion(-) - -diff --git a/dracut.sh b/dracut.sh -index 952c57c8..702b2f78 100755 ---- a/dracut.sh -+++ b/dracut.sh -@@ -277,6 +277,14 @@ read_arg() { - fi - } - -+check_conf_file() -+{ -+ if grep -H -e '^[^#]*[+]=\("[^ ]\|.*[^ ]"\)' "$@"; then -+ printf '\ndracut: WARNING: +=" ": should have surrounding white spaces!\n' >&2 -+ printf 'dracut: WARNING: This will lead to unwanted side effects! Please fix the configuration file.\n\n' >&2 -+ fi -+} -+ - dropindirs_sort() - { - local suffix=$1; shift -@@ -697,10 +705,14 @@ if [[ ! -d $confdir ]]; then - fi - - # source our config file --[[ -f $conffile ]] && . "$conffile" -+if [[ -f $conffile ]]; then -+ check_conf_file "$conffile" -+ . "$conffile" -+fi - - # source our config dir - for f in $(dropindirs_sort ".conf" "$confdir" "$dracutbasedir/dracut.conf.d"); do -+ check_conf_file "$f" - [[ -e $f ]] && . "$f" - done - - diff --git a/SOURCES/0198.patch b/SOURCES/0198.patch deleted file mode 100644 index 4231fb1..0000000 --- a/SOURCES/0198.patch +++ /dev/null @@ -1,34 +0,0 @@ -From c99f396a5d456520b34c60f43c589ca39a301955 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Wed, 14 Nov 2018 13:19:27 +0100 -Subject: [PATCH] fips: removed false-positive 'FATAL: Module xxx not found' - error message when kernel provides a generic algo for module - -Resolves: rhbz#1996019 ---- - modules.d/01fips/fips.sh | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh -index 03da6861..1d57a889 100755 ---- a/modules.d/01fips/fips.sh -+++ b/modules.d/01fips/fips.sh -@@ -77,7 +77,7 @@ fips_load_crypto() - mv /etc/modprobe.d/fips.conf /etc/modprobe.d/fips.conf.bak - for _module in $FIPSMODULES; do - if [ "$_module" != "tcrypt" ]; then -- if ! modprobe "${_module}"; then -+ if ! modprobe "${_module}" 2>/tmp/fips.modprobe_err; then - # check if kernel provides generic algo - _found=0 - while read _k _s _v || [ -n "$_k" ]; do -@@ -86,7 +86,7 @@ fips_load_crypto() - _found=1 - break - done &2 && return 1 - fi - fi - done - diff --git a/SOURCES/0199.patch b/SOURCES/0199.patch deleted file mode 100644 index 5863d26..0000000 --- a/SOURCES/0199.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 876196e809f4ffac055737921cfe273d8399b6e4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Tue, 16 Nov 2021 11:15:52 +0100 -Subject: [PATCH] fix(shutdown): be robust against forced shutdown - -When a forced shutdown is issued through sending a burst of Ctrl-Alt-Del -keys, systemd sends SIGTERM to all processes. This ends up killing -dracut-initramfs-restore as well, preventing the script from detecting -that the unpack of the initramfs is incomplete, which later causes a -crash to happen when "shutdown" tries to execute from the unpacked -initramfs. - -This fix makes sure dracut-initramfs-restore remains alive to detect -the unpack failed (because cpio was killed by systemd too). - -Resolves: rhbz#2023665 ---- - dracut-initramfs-restore.sh | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/dracut-initramfs-restore.sh b/dracut-initramfs-restore.sh -index 74a952c4..708f98d7 100644 ---- a/dracut-initramfs-restore.sh -+++ b/dracut-initramfs-restore.sh -@@ -6,6 +6,11 @@ set -e - [ -e /run/initramfs/bin/sh ] && exit 0 - [ -e /run/initramfs/.need_shutdown ] || exit 0 - -+# SIGTERM signal is received upon forced shutdown: ignore the signal -+# We want to remain alive to be able to trap unpacking errors to avoid -+# switching root to an incompletely unpacked initramfs -+trap 'echo "Received SIGTERM signal, ignoring!" >&2' TERM -+ - KERNEL_VERSION="$(uname -r)" - - [[ $dracutbasedir ]] || dracutbasedir=/usr/lib/dracut - diff --git a/SOURCES/0200.patch b/SOURCES/0200.patch index 32ea347..299798b 100644 --- a/SOURCES/0200.patch +++ b/SOURCES/0200.patch @@ -1,4 +1,4 @@ -From f5ffe8bc95ee989ef39b7c149d268b5988f952a0 Mon Sep 17 00:00:00 2001 +From a0d8caa8090a78f627f26fcd9b47c4b099cbc1ba Mon Sep 17 00:00:00 2001 From: Jonathan Lebon Date: Thu, 17 Jun 2021 10:47:33 -0400 Subject: [PATCH] fix(fips): handle s390x OSTree systems @@ -29,19 +29,16 @@ See also: https://github.com/openshift/os/pull/546 https://github.com/ibm-s390-linux/s390-tools/issues/78 -Tested-by: Muhammad Adeel - -Resolves: rhbz#2007586 --- - modules.d/01fips/fips.sh | 21 +++++++++++++++++++++ + modules.d/01fips/fips.sh | 22 ++++++++++++++++++++++ modules.d/01fips/module-setup.sh | 2 +- - 2 files changed, 22 insertions(+), 1 deletion(-) + 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh -index 1d57a889..c57fd426 100755 +index 03da686..e01f0a6 100755 --- a/modules.d/01fips/fips.sh +++ b/modules.d/01fips/fips.sh -@@ -114,6 +114,27 @@ do_fips() +@@ -114,6 +114,28 @@ do_fips() else BOOT_IMAGE="$(getarg BOOT_IMAGE)" @@ -54,14 +51,15 @@ index 1d57a889..c57fd426 100755 + BOOT_IMAGE="vmlinuz-${KERNEL}" + elif [ -d /boot/loader/entries ]; then + i=0 ++ # shellcheck disable=SC2012 + for bls in $(ls -d /boot/loader/entries/*.conf | sort -rV); do -+ ((i++)) ++ i=$((i + 1)) + -+ if [ $i -eq ${BOOT_IMAGE:-0} ] && [ -r "$bls" ]; then -+ BOOT_IMAGE="$(grep -e '^linux' "$bls" | grep -o ' .*$')" -+ BOOT_IMAGE=${BOOT_IMAGE:1} -+ break -+ fi ++ if [ "$i" -eq "${BOOT_IMAGE:-0}" ] && [ -r "$bls" ]; then ++ BOOT_IMAGE="$(grep -e '^linux' "$bls" | grep -o ' .*$')" ++ BOOT_IMAGE=${BOOT_IMAGE## } ++ break ++ fi + done + fi + fi @@ -70,7 +68,7 @@ index 1d57a889..c57fd426 100755 BOOT_IMAGE="$(echo "${BOOT_IMAGE}" | sed 's/^(.*)//')" diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh -index 8800a49e..71bea53a 100755 +index f011f15..d5acc15 100755 --- a/modules.d/01fips/module-setup.sh +++ b/modules.d/01fips/module-setup.sh @@ -67,7 +67,7 @@ install() { @@ -82,3 +80,5 @@ index 8800a49e..71bea53a 100755 inst_simple /etc/system-fips [ -c ${initdir}/dev/random ] || mknod ${initdir}/dev/random c 1 8 \ +-- +2.35.0 diff --git a/SPECS/dracut.spec b/SPECS/dracut.spec index 9da2ef9..ba9b6dd 100644 --- a/SPECS/dracut.spec +++ b/SPECS/dracut.spec @@ -5,7 +5,7 @@ # strip the automatically generated dep here and instead co-own the # directory. %global __requires_exclude pkg-config -%define dist_free_release 201.git20220131 +%define dist_free_release 192.git20220131 Name: dracut Version: 049 @@ -218,15 +218,6 @@ Patch187: 0187.patch Patch188: 0188.patch Patch189: 0189.patch Patch190: 0190.patch -Patch191: 0191.patch -Patch192: 0192.patch -Patch193: 0193.patch -Patch194: 0194.patch -Patch195: 0195.patch -Patch196: 0196.patch -Patch197: 0197.patch -Patch198: 0198.patch -Patch199: 0199.patch Patch200: 0200.patch Source1: https://www.gnu.org/licenses/lgpl-2.1.txt @@ -680,16 +671,7 @@ echo '# Since rhel-8.3 dracut moved to use NetworkManager add_dracutmodules+=" network-legacy "' > /etc/dracut.conf.d/50-network-legacy.conf %changelog -* Mon Jan 31 2022 Pavel Valena - 049-201.git20220131 -- ci: introduce C8S based GHA CI -- ci: backport TEST-21-NFS-NM -- dracut.sh: fix early microcode detection logic -- fix(url-lib): make pre-pivot hook separetely per nfs mount -- fix(watchdog): replace return with echo -- fix(network): add errors and warnings when network interface -- dracut.sh: add check for invalid configuration files -- fips: removed false-positive 'FATAL: Module xxx not found' -- fix(shutdown): be robust against forced shutdown +* Wed Feb 16 2022 Pavel Valena - 049-192.git20220131 - fix(fips): handle s390x OSTree systems * Mon Sep 20 2021 Lukas Nykryn - 049-191.git20210920