#!/bin/bash
_DRACUT_KDUMP_NM_TMP_DIR="$DRACUT_TMPDIR/$$-DRACUT_KDUMP_NM"
_save_kdump_netifs() {
unique_netifs[$1]=1
}
_get_kdump_netifs() {
echo -n "${!unique_netifs[@]}"
}
kdump_module_init() {
if ! [[ -d "${initdir}/tmp" ]]; then
mkdir -p "${initdir}/tmp"
fi
mkdir -p "$_DRACUT_KDUMP_NM_TMP_DIR"
. /lib/kdump/kdump-lib.sh
}
check() {
[[ $debug ]] && set -x
#kdumpctl sets this explicitly
if [[ -z $IN_KDUMP ]] || [[ ! -f /etc/kdump.conf ]]; then
return 1
fi
return 0
}
depends() {
local _dep="base shutdown"
kdump_module_init
add_opt_module() {
[[ " $omit_dracutmodules " != *\ $1\ * ]] && _dep="$_dep $1"
}
if is_squash_available; then
add_opt_module squash
else
dwarning "Required modules to build a squashed kdump image is missing!"
fi
if is_wdt_active; then
add_opt_module watchdog
fi
if is_ssh_dump_target; then
_dep="$_dep ssh-client"
fi
if is_lvm2_thinp_dump_target; then
if grep -q lvmthinpool-monitor <<< $(dracut --list-modules); then
add_opt_module lvmthinpool-monitor
else
dwarning "Required lvmthinpool-monitor modules is missing! Please upgrade dracut >= 057."
fi
fi
if [[ "$(uname -m)" == "s390x" ]]; then
_dep="$_dep znet"
fi
if [[ -n "$(ls -A /sys/class/drm 2> /dev/null)" ]] || [[ -d /sys/module/hyperv_fb ]]; then
add_opt_module drm
fi
if is_generic_fence_kdump || is_pcs_fence_kdump; then
_dep="$_dep network"
fi
echo "$_dep"
}
kdump_is_bridge() {
[[ -d /sys/class/net/"$1"/bridge ]]
}
kdump_is_bond() {
[[ -d /sys/class/net/"$1"/bonding ]]
}
kdump_is_team() {
[[ -f /usr/bin/teamnl ]] && teamnl "$1" ports &> /dev/null
}
kdump_is_vlan() {
[[ -f /proc/net/vlan/"$1" ]]
}
# $1: netdev name
source_ifcfg_file() {
local ifcfg_file
dwarning "Network Scripts are deprecated. You are encouraged to set up network by NetworkManager."
ifcfg_file=$(get_ifcfg_filename "$1")
if [[ -f ${ifcfg_file} ]]; then
. "${ifcfg_file}"
else
dwarning "The ifcfg file of $1 is not found!"
fi
}
# $1: repeat times
# $2: string to be repeated
# $3: separator
repeatedly_join_str() {
local _count="$1"
local _str="$2"
local _separator="$3"
local i _res
if [[ $_count -le 0 ]]; then
echo -n ""
return
fi
i=0
_res="$_str"
((_count--))
while [[ $i -lt $_count ]]; do
((i++))
_res="${_res}${_separator}${_str}"
done
echo -n "$_res"
}
# $1: prefix
# $2: ipv6_flag="-6" indicates it's IPv6
# Given a prefix, calculate the netmask (equivalent of "ipcalc -m")
# by concatenating three parts,
# 1) the groups with all bits set 1
# 2) a group with partial bits set to 0
# 3) the groups with all bits set to 0
cal_netmask_by_prefix() {
local _prefix="$1"
local _ipv6_flag="$2" _ipv6
local _bits_per_octet=8
local _count _res _octets_per_group _octets_total _seperator _total_groups
local _max_group_value _max_group_value_repr _bits_per_group _tmp _zero_bits
if [[ $_ipv6_flag == "-6" ]]; then
_ipv6=1
else
_ipv6=0
fi
if [[ $_prefix -lt 0 || $_prefix -gt 128 ]] \
|| ( ((!_ipv6)) && [[ $_prefix -gt 32 ]]); then
derror "Bad prefix:$_prefix for calculating netmask"
exit 1
fi
if ((_ipv6)); then
_octets_per_group=2
_octets_total=16
_seperator=":"
else
_octets_per_group=1
_octets_total=4
_seperator="."
fi
_total_groups=$((_octets_total / _octets_per_group))
_bits_per_group=$((_octets_per_group * _bits_per_octet))
_max_group_value=$(((1 << _bits_per_group) - 1))
if ((_ipv6)); then
_max_group_value_repr=$(printf "%x" $_max_group_value)
else
_max_group_value_repr="$_max_group_value"
fi
_count=$((_prefix / _octets_per_group / _bits_per_octet))
_first_part=$(repeatedly_join_str "$_count" "$_max_group_value_repr" "$_seperator")
_res="$_first_part"
_tmp=$((_octets_total * _bits_per_octet - _prefix))
_zero_bits=$((_tmp % _bits_per_group))
if [[ $_zero_bits -ne 0 ]]; then
_second_part=$((_max_group_value >> _zero_bits << _zero_bits))
if ((_ipv6)); then
_second_part=$(printf "%x" $_second_part)
fi
((_count++))
if [[ -z $_first_part ]]; then
_res="$_second_part"
else
_res="${_first_part}${_seperator}${_second_part}"
fi
fi
_count=$((_total_groups - _count))
if [[ $_count -eq 0 ]]; then
echo -n "$_res"
return
fi
if ((_ipv6)) && [[ $_count -gt 1 ]]; then
# use condensed notion for IPv6
_third_part=":"
else
_third_part=$(repeatedly_join_str "$_count" "0" "$_seperator")
fi
if [[ -z $_res ]] && ((!_ipv6)); then
echo -n "${_third_part}"
else
echo -n "${_res}${_seperator}${_third_part}"
fi
}
kdump_get_mac_addr() {
cat "/sys/class/net/$1/address"
}
#Bonding or team master modifies the mac address
#of its slaves, we should use perm address
kdump_get_perm_addr() {
local addr
addr=$(ethtool -P "$1" | sed -e 's/Permanent address: //')
if [[ -z $addr ]] || [[ $addr == "00:00:00:00:00:00" ]]; then
derror "Can't get the permanent address of $1"
else
echo "$addr"
fi
}
apply_nm_initrd_generator_timeouts() {
local _timeout_conf
_timeout_conf=$_DRACUT_KDUMP_NM_TMP_DIR/timeout_conf
cat << EOF > "$_timeout_conf"
[device-95-kdump]
carrier-wait-timeout=30000
[connection-95-kdump]
ipv4.dhcp-timeout=90
ipv6.dhcp-timeout=90
EOF
inst "$_timeout_conf" "/etc/NetworkManager/conf.d/95-kdump-timeouts.conf"
}
use_ipv4_or_ipv6() {
local _netif=$1 _uuid=$2
if [[ -v "ipv4_usage[$_netif]" ]]; then
nmcli connection modify --temporary "$_uuid" ipv4.may-fail no &> >(ddebug)
fi
if [[ -v "ipv6_usage[$_netif]" ]]; then
nmcli connection modify --temporary "$_uuid" ipv6.may-fail no &> >(ddebug)
fi
if [[ -v "ipv4_usage[$_netif]" ]] && [[ ! -v "ipv6_usage[$_netif]" ]]; then
nmcli connection modify --temporary "$_uuid" ipv6.method disabled &> >(ddebug)
elif [[ ! -v "ipv4_usage[$_netif]" ]] && [[ -v "ipv6_usage[$_netif]" ]]; then
nmcli connection modify --temporary "$_uuid" ipv4.method disabled &> >(ddebug)
fi
}
_clone_nmconnection() {
local _clone_output _name _unique_id
_unique_id=$1
_name=$(nmcli --get-values connection.id connection show "$_unique_id")
if _clone_output=$(nmcli connection clone --temporary uuid "$_unique_id" "$_name"); then
sed -E -n "s/.* \(.*\) cloned as.*\((.*)\)\.$/\1/p" <<< "$_clone_output"
return 0
fi
return 1
}
_match_nmconnection_by_mac() {
local _unique_id _dev _mac _mac_field
_unique_id=$1
_dev=$2
_mac=$(kdump_get_perm_addr "$_dev")
[[ $_mac != 'not set' ]] || return
_mac_field=$(nmcli --get-values connection.type connection show "$_unique_id").mac-address
nmcli connection modify --temporary "$_unique_id" "$_mac_field" "$_mac" &> >(ddebug)
nmcli connection modify --temporary "$_unique_id" "connection.interface-name" "" &> >(ddebug)
}
# Clone and modify NM connection profiles
#
# This function makes use of "nmcli clone" to automatically convert ifcfg-*
# files to Networkmanager .nmconnection connection profiles and also modify the
# properties of .nmconnection if necessary.
clone_and_modify_nmconnection() {
local _dev _cloned_nmconnection_file_path _tmp_nmconnection_file_path _old_uuid _uuid
_dev=$1
_nmconnection_file_path=$2
_old_uuid=$(nmcli --get-values connection.uuid connection show filename "$_nmconnection_file_path")
if ! _uuid=$(_clone_nmconnection "$_old_uuid"); then
derror "Failed to clone $_old_uuid"
exit 1
fi
use_ipv4_or_ipv6 "$_dev" "$_uuid"
nmcli connection modify --temporary uuid "$_uuid" connection.wait-device-timeout 60000 &> >(ddebug)
# For physical NIC i.e. non-user created NIC, ask NM to match a
# connection profile based on MAC address
_match_nmconnection_by_mac "$_uuid" "$_dev"
# If a value contain ":", nmcli by default escape it with "\:" because it
# also uses ":" as the delimiter to separate values. In our case, escaping is not needed.
_cloned_nmconnection_file_path=$(nmcli --escape no --get-values UUID,FILENAME connection show | sed -n "s/^${_uuid}://p")
_tmp_nmconnection_file_path=$_DRACUT_KDUMP_NM_TMP_DIR/$(basename "$_nmconnection_file_path")
cp "$_cloned_nmconnection_file_path" "$_tmp_nmconnection_file_path"
# change uuid back to old value in case it's refered by other connection
# profile e.g. connection.master could be interface name of the master
# device or UUID of the master connection.
sed -i -E "s/(^uuid=).*$/\1${_old_uuid}/g" "$_tmp_nmconnection_file_path"
nmcli connection del "$_uuid" &> >(ddebug)
echo -n "$_tmp_nmconnection_file_path"
}
_install_nmconnection() {
local _src _nmconnection_name _dst
_src=$1
_nmconnection_name=$(basename "$_src")
_dst="/etc/NetworkManager/system-connections/$_nmconnection_name"
inst "$_src" "$_dst"
}
kdump_install_nmconnections() {
local _netif _nm_conn_path _cloned_nm_path
while IFS=: read -r _netif _nm_conn_path; do
[[ -v "unique_netifs[$_netif]" ]] || continue
if _cloned_nm_path=$(clone_and_modify_nmconnection "$_netif" "$_nm_conn_path"); then
_install_nmconnection "$_cloned_nm_path"
else
derror "Failed to install the .nmconnection for $_netif"
exit 1
fi
done <<< "$(nmcli -t -f device,filename connection show --active)"
# Stop dracut 35network-manger to calling nm-initrd-generator.
# Note this line of code can be removed after NetworkManager >= 1.35.2
# gets released.
echo > "${initdir}/usr/libexec/nm-initrd-generator"
}
kdump_install_nm_netif_allowlist() {
local _netif _except_netif _netif_allowlist _netif_allowlist_nm_conf
for _netif in $1; do
_per_mac=$(kdump_get_perm_addr "$_netif")
if [[ "$_per_mac" != 'not set' ]]; then
_except_netif="mac:$_per_mac"
else
_except_netif="interface-name:$_netif"
fi
_netif_allowlist="${_netif_allowlist}except:${_except_netif};"
done
_netif_allowlist_nm_conf=$_DRACUT_KDUMP_NM_TMP_DIR/netif_allowlist_nm_conf
cat << EOF > "$_netif_allowlist_nm_conf"
[device-others]
match-device=${_netif_allowlist}
managed=false
EOF
inst "$_netif_allowlist_nm_conf" "/etc/NetworkManager/conf.d/10-kdump-netif_allowlist.conf"
}
_get_nic_driver() {
ethtool -i "$1" | sed -n -E "s/driver: (.*)/\1/p"
}
_get_hpyerv_physical_driver() {
local _physical_nic
_physical_nic=$(find /sys/class/net/"$1"/ -name 'lower_*' | sed -En "s/\/.*lower_(.*)/\1/p")
[[ -n $_physical_nic ]] || return
_get_nic_driver "$_physical_nic"
}
_get_physical_function_driver() {
local _physfn_dir=/sys/class/net/"$1"/device/physfn
if [[ -e "$_physfn_dir" ]]; then
basename "$(readlink -f "$_physfn_dir"/driver)"
fi
}
kdump_install_nic_driver() {
local _netif _driver _drivers
_drivers=('=drivers/net/phy' '=drivers/net/mdio')
for _netif in $1; do
[[ $_netif == lo ]] && continue
_driver=$(_get_nic_driver "$_netif")
if [[ -z $_driver ]]; then
derror "Failed to get the driver of $_netif"
exit 1
fi
if [[ $_driver == "802.1Q VLAN Support" ]]; then
# ethtool somehow doesn't return the driver name for a VLAN NIC
_driver=8021q
elif [[ $_driver == "team" ]]; then
# install the team mode drivers like team_mode_roundrobin.ko as well
_driver='=drivers/net/team'
elif [[ $_driver == "hv_netvsc" ]]; then
# A Hyper-V VM may have accelerated networking
# https://learn.microsoft.com/en-us/azure/virtual-network/accelerated-networking-overview
# Install the driver of physical NIC as well
_drivers+=("$(_get_hpyerv_physical_driver "$_netif")")
fi
_drivers+=("$_driver")
# For a Single Root I/O Virtualization (SR-IOV) virtual device,
# the driver of physical device needs to be installed as well
_drivers+=("$(_get_physical_function_driver "$_netif")")
done
[[ -n ${_drivers[*]} ]] || return
instmods "${_drivers[@]}"
}
kdump_setup_bridge() {
local _netdev=$1
local _dev
for _dev in "/sys/class/net/$_netdev/brif/"*; do
[[ -e $_dev ]] || continue
_dev=${_dev##*/}
if kdump_is_bond "$_dev"; then
kdump_setup_bond "$_dev" || return 1
elif kdump_is_team "$_dev"; then
kdump_setup_team "$_dev"
elif kdump_is_vlan "$_dev"; then
kdump_setup_vlan "$_dev"
fi
_save_kdump_netifs "$_dev"
done
}
kdump_setup_bond() {
local _netdev="$1"
local _dev
for _dev in $(< "/sys/class/net/$_netdev/bonding/slaves"); do
_save_kdump_netifs "$_dev"
done
}
kdump_setup_team() {
local _netdev=$1
local _dev
for _dev in $(teamnl "$_netdev" ports | awk -F':' '{print $2}'); do
_save_kdump_netifs "$_dev"
done
}
kdump_setup_vlan() {
local _netdev=$1
local _parent_netif
_parent_netif="$(awk '/^Device:/{print $2}' /proc/net/vlan/"$_netdev")"
#Just support vlan over bond and team
if kdump_is_bridge "$_parent_netif"; then
derror "Vlan over bridge is not supported!"
exit 1
elif kdump_is_bond "$_parent_netif"; then
kdump_setup_bond "$_parent_netif" || return 1
elif kdump_is_team "$_parent_netif"; then
kdump_setup_team "$_parent_netif" || return 1
fi
_save_kdump_netifs "$_parent_netif"
}
_find_znet_nmconnection() {
LANG=C grep -s -E -i -l \
"^s390-subchannels=([0-9]\.[0-9]\.[a-f0-9]+;){0,2}" \
"$1"/*.nmconnection | LC_ALL=C sed -e "$2"
}
kdump_setup_ovs() {
local _netdev="$1"
local _dev _phy_if
_phy_if=$(ovs_find_phy_if "$_netdev")
if kdump_is_bridge "$_phy_if"; then
kdump_setup_vlan "$_phy_if"
elif kdump_is_bond "$_phy_if"; then
kdump_setup_bond "$_phy_if" || return 1
elif kdump_is_team "$_phy_if"; then
derror "Ovs bridge over team is not supported!"
exit 1
fi
_save_kdump_netifs "$_phy_if"
}
# setup s390 znet
#
# Note part of code is extracted from ccw_init provided by s390utils
kdump_setup_znet() {
local _config_file _unique_name _NM_conf_dir
local __sed_discard_ignored_files='/\(~\|\.bak\|\.old\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
if [[ "$(uname -m)" != "s390x" ]]; then
return
fi
_NM_conf_dir="/etc/NetworkManager/system-connections"
_config_file=$(_find_znet_nmconnection "$initdir/$_NM_conf_dir" "$__sed_discard_ignored_files")
if [[ -n "$_config_file" ]]; then
ddebug "$_config_file has already contained the znet config"
return
fi
_config_file=$(LANG=C grep -s -E -i -l \
"^[[:space:]]*SUBCHANNELS=['\"]?([0-9]\.[0-9]\.[a-f0-9]+,){0,2}" \
/etc/sysconfig/network-scripts/ifcfg-* \
| LC_ALL=C sed -e "$__sed_discard_ignored_files")
if [[ -z "$_config_file" ]]; then
_config_file=$(_find_znet_nmconnection "$_NM_conf_dir" "$__sed_discard_ignored_files")
fi
if [[ -n "$_config_file" ]]; then
_unique_name=$(cat /proc/sys/kernel/random/uuid)
nmcli connection clone --temporary "$_config_file" "$_unique_name" &> >(ddebug)
nmcli connection modify --temporary "$_unique_name" connection.autoconnect false
inst "/run/NetworkManager/system-connections/${_unique_name}.nmconnection" "${_NM_conf_dir}/${_unique_name}.nmconnection"
nmcli connection del "$_unique_name" &> >(ddebug)
fi
}
kdump_get_remote_ip() {
local _remote _remote_temp
_remote=$(get_remote_host "$1")
if is_hostname "$_remote"; then
_remote_temp=$(getent ahosts "$_remote" | grep -v : | head -n 1)
if [[ -z $_remote_temp ]]; then
_remote_temp=$(getent ahosts "$_remote" | head -n 1)
fi
_remote=$(echo "$_remote_temp" | awk '{print $1}')
fi
echo "$_remote"
}
# Find the physical interface of Open vSwitch (Ovs) bridge
#
# The physical network interface has the same MAC address as the Ovs bridge
ovs_find_phy_if() {
local _mac _dev
_mac=$(kdump_get_mac_addr $1)
for _dev in $(ovs-vsctl list-ifaces $1); do
if [[ $_mac == $(</sys/class/net/$_dev/address) ]]; then
echo -n "$_dev"
return
fi
done
return 1
}
# Tell if a network interface is an Open vSwitch (Ovs) bridge
kdump_is_ovs_bridge() {
[[ $(_get_nic_driver $1) == openvswitch ]]
}
# Collect netifs needed by kdump
# $1: destination host
kdump_collect_netif_usage() {
local _destaddr _srcaddr _route _netdev
_destaddr=$(kdump_get_remote_ip "$1")
if ! _route=$(kdump_get_ip_route "$_destaddr"); then
derror "Bad kdump network destination: $_destaddr"
exit 1
fi
_srcaddr=$(kdump_get_ip_route_field "$_route" "src")
_netdev=$(kdump_get_ip_route_field "$_route" "dev")
if kdump_is_bridge "$_netdev"; then
kdump_setup_bridge "$_netdev"
elif kdump_is_bond "$_netdev"; then
kdump_setup_bond "$_netdev" || return 1
elif kdump_is_team "$_netdev"; then
kdump_setup_team "$_netdev"
elif kdump_is_vlan "$_netdev"; then
kdump_setup_vlan "$_netdev"
elif kdump_is_ovs_bridge "$_netdev"; then
has_ovs_bridge=yes
kdump_setup_ovs "$_netdev"
fi
_save_kdump_netifs "$_netdev"
if [[ ! -f ${initdir}/etc/cmdline.d/50neednet.conf ]]; then
# network-manager module needs this parameter
echo "rd.neednet" >> "${initdir}/etc/cmdline.d/50neednet.conf"
fi
if [[ ! -f ${initdir}/etc/cmdline.d/60kdumpip.conf ]]; then
echo "kdump_remote_ip=$_destaddr" > "${initdir}/etc/cmdline.d/60kdumpip.conf"
fi
if is_ipv6_address "$_srcaddr"; then
ipv6_usage[$_netdev]=1
else
ipv4_usage[$_netdev]=1
fi
}
kdump_install_resolv_conf() {
local _resolv_conf=/etc/resolv.conf _nm_conf_dir=/etc/NetworkManager/conf.d
# Some users may choose to manage /etc/resolve.conf manually [1]
# by setting dns=none or use a symbolic link resolve.conf [2].
# So resolve.conf should be installed to kdump initrd as well. To prevent
# NM frome overwritting the user-configured resolve.conf in kdump initrd,
# also set dns=none for NM.
#
# Note:
# 1. When resolv.conf is managed by systemd-resolved.service, it could also be a
# symbolic link. So exclude this case by teling if systemd-resolved is enabled.
#
# 2. It's harmless to blindly copy /etc/resolve.conf to the initrd because
# by default in initramfs this file will be overwritten by
# NetworkManager. If user manages it via a symbolic link, it's still
# preserved because NM won't touch a symbolic link file.
#
# [1] https://bugzilla.gnome.org/show_bug.cgi?id=690404
# [2] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/manually-configuring-the-etc-resolv-conf-file_configuring-and-managing-networking
systemctl -q is-enabled systemd-resolved 2> /dev/null && return 0
inst "$_resolv_conf"
if NetworkManager --print-config | grep -qs "^dns=none"; then
printf "[main]\ndns=none\n" > "${initdir}/${_nm_conf_dir}"/90-dns-none.conf
fi
}
kdump_install_ovs_deps() {
[[ $has_ovs_bridge == yes ]] || return 0
inst_multiple -o $(rpm -ql NetworkManager-ovs) $(rpm -ql $(rpm -qf /usr/lib/systemd/system/openvswitch.service)) /sbin/sysctl /usr/bin/uuidgen /usr/bin/hostname /usr/bin/touch /usr/bin/expr /usr/bin/id /usr/bin/install /usr/bin/setpriv /usr/bin/nice /usr/bin/df
# 1. Overwrite the copied /etc/sysconfig/openvswitch so
# ovsdb-server.service can run as the default user root.
# /etc/sysconfig/openvswitch by default intructs ovsdb-server.service to
# run as USER=openvswitch, However openvswitch doesn't have the permission
# to write to /tmp in kdump initrd and ovsdb-server.servie will fail
# with the error "ovs-ctl[1190]: ovsdb-server: failed to create temporary
# file (Permission denied)". So run ovsdb-server.service as root instead
#
# 2. Bypass the error "referential integrity violation: Table Port column
# interfaces row" caused by we changing the connection profiles
echo "OPTIONS=\"--ovsdb-server-options='--disable-file-column-diff'\"" >"${initdir}/etc/sysconfig/openvswitch"
KDUMP_DROP_IN_DIR="${initdir}/etc/systemd/system/nm-initrd.service.d"
mkdir -p "$KDUMP_DROP_IN_DIR"
printf "[Unit]\nAfter=openvswitch.service\n" >$KDUMP_DROP_IN_DIR/01-after-ovs.conf
$SYSTEMCTL -q --root "$initdir" enable openvswitch.service
$SYSTEMCTL -q --root "$initdir" add-wants basic.target openvswitch.service
}
# Setup dracut to bring up network interface that enable
# initramfs accessing giving destination
kdump_install_net() {
local _netifs
_netifs=$(_get_kdump_netifs)
if [[ -n "$_netifs" ]]; then
kdump_install_nmconnections
apply_nm_initrd_generator_timeouts
kdump_setup_znet
kdump_install_nm_netif_allowlist "$_netifs"
kdump_install_nic_driver "$_netifs"
kdump_install_resolv_conf
kdump_install_ovs_deps
fi
}
# install etc/kdump/pre.d and /etc/kdump/post.d
kdump_install_pre_post_conf() {
if [[ -d /etc/kdump/pre.d ]]; then
for file in /etc/kdump/pre.d/*; do
if [[ -x $file ]]; then
dracut_install "$file"
elif [[ $file != "/etc/kdump/pre.d/*" ]]; then
echo "$file is not executable"
fi
done
fi
if [[ -d /etc/kdump/post.d ]]; then
for file in /etc/kdump/post.d/*; do
if [[ -x $file ]]; then
dracut_install "$file"
elif [[ $file != "/etc/kdump/post.d/*" ]]; then
echo "$file is not executable"
fi
done
fi
}
default_dump_target_install_conf() {
local _target _fstype
local _mntpoint _save_path
is_user_configured_dump_target && return
_save_path=$(get_bind_mount_source "$(get_save_path)")
_target=$(get_target_from_path "$_save_path")
_mntpoint=$(get_mntpoint_from_target "$_target")
_fstype=$(get_fs_type_from_target "$_target")
if is_fs_type_nfs "$_fstype"; then
kdump_collect_netif_usage "$_target"
_fstype="nfs"
else
_target=$(kdump_get_persistent_dev "$_target")
fi
echo "$_fstype $_target" >> "${initdir}/tmp/$$-kdump.conf"
# don't touch the path under root mount
if [[ $_mntpoint != "/" ]]; then
_save_path=${_save_path##"$_mntpoint"}
fi
#erase the old path line, then insert the parsed path
sed -i "/^path/d" "${initdir}/tmp/$$-kdump.conf"
echo "path $_save_path" >> "${initdir}/tmp/$$-kdump.conf"
}
#install kdump.conf and what user specifies in kdump.conf
kdump_install_conf() {
local _opt _val _pdev
kdump_read_conf > "${initdir}/tmp/$$-kdump.conf"
while read -r _opt _val; do
# remove inline comments after the end of a directive.
case "$_opt" in
raw)
_pdev=$(persistent_policy="by-id" kdump_get_persistent_dev "$_val")
sed -i -e "s#^${_opt}[[:space:]]\+$_val#$_opt $_pdev#" "${initdir}/tmp/$$-kdump.conf"
;;
ext[234] | xfs | btrfs | minix | virtiofs)
_pdev=$(kdump_get_persistent_dev "$_val")
sed -i -e "s#^${_opt}[[:space:]]\+$_val#$_opt $_pdev#" "${initdir}/tmp/$$-kdump.conf"
;;
ssh | nfs)
kdump_collect_netif_usage "$_val"
;;
dracut_args)
if [[ $(get_dracut_args_fstype "$_val") == nfs* ]]; then
kdump_collect_netif_usage "$(get_dracut_args_target "$_val")"
fi
;;
kdump_pre | kdump_post | extra_bins)
# shellcheck disable=SC2086
dracut_install $_val
;;
core_collector)
dracut_install "${_val%%[[:blank:]]*}"
;;
esac
done <<< "$(kdump_read_conf)"
kdump_install_pre_post_conf
default_dump_target_install_conf
kdump_configure_fence_kdump "${initdir}/tmp/$$-kdump.conf"
inst "${initdir}/tmp/$$-kdump.conf" "/etc/kdump.conf"
rm -f "${initdir}/tmp/$$-kdump.conf"
}
# Default sysctl parameters should suffice for kdump kernel.
# Remove custom configurations sysctl.conf & sysctl.d/*
remove_sysctl_conf() {
# As custom configurations like vm.min_free_kbytes can lead
# to OOM issues in kdump kernel, avoid them
rm -f "${initdir}/etc/sysctl.conf"
rm -rf "${initdir}/etc/sysctl.d"
rm -rf "${initdir}/run/sysctl.d"
rm -rf "${initdir}/usr/lib/sysctl.d"
}
kdump_iscsi_get_rec_val() {
local result
# The open-iscsi 742 release changed to using flat files in
# /var/lib/iscsi.
result=$(/sbin/iscsiadm --show -m session -r "$1" | grep "^${2} = ")
result=${result##* = }
echo "$result"
}
kdump_get_iscsi_initiator() {
local _initiator
local initiator_conf="/etc/iscsi/initiatorname.iscsi"
[[ -f $initiator_conf ]] || return 1
while read -r _initiator; do
[[ -z ${_initiator%%#*} ]] && continue # Skip comment lines
case $_initiator in
InitiatorName=*)
initiator=${_initiator#InitiatorName=}
echo "rd.iscsi.initiator=${initiator}"
return 0
;;
*) ;;
esac
done < ${initiator_conf}
return 1
}
# Figure out iBFT session according to session type
is_ibft() {
[[ "$(kdump_iscsi_get_rec_val "$1" "node.discovery_type")" == fw ]]
}
kdump_setup_iscsi_device() {
local path=$1
local tgt_name
local tgt_ipaddr
local username
local password
local userpwd_str
local username_in
local password_in
local userpwd_in_str
local netroot_str
local initiator_str
local netroot_conf="${initdir}/etc/cmdline.d/50iscsi.conf"
local initiator_conf="/etc/iscsi/initiatorname.iscsi"
dinfo "Found iscsi component $1"
# Check once before getting explicit values, so we can bail out early,
# e.g. in case of pure-hardware(all-offload) iscsi.
if ! /sbin/iscsiadm -m session -r "$path" &> /dev/null; then
return 1
fi
if is_ibft "$path"; then
return
fi
# Remove software iscsi cmdline generated by 95iscsi,
# and let kdump regenerate here.
rm -f "${initdir}/etc/cmdline.d/95iscsi.conf"
tgt_name=$(kdump_iscsi_get_rec_val "$path" "node.name")
tgt_ipaddr=$(kdump_iscsi_get_rec_val "$path" "node.conn\[0\].address")
# get and set username and password details
username=$(kdump_iscsi_get_rec_val "$path" "node.session.auth.username")
[[ $username == "<empty>" ]] && username=""
password=$(kdump_iscsi_get_rec_val "$path" "node.session.auth.password")
[[ $password == "<empty>" ]] && password=""
username_in=$(kdump_iscsi_get_rec_val "$path" "node.session.auth.username_in")
[[ -n $username ]] && userpwd_str="$username:$password"
# get and set incoming username and password details
[[ $username_in == "<empty>" ]] && username_in=""
password_in=$(kdump_iscsi_get_rec_val "$path" "node.session.auth.password_in")
[[ $password_in == "<empty>" ]] && password_in=""
[[ -n $username_in ]] && userpwd_in_str=":$username_in:$password_in"
kdump_collect_netif_usage "$tgt_ipaddr"
# prepare netroot= command line
# FIXME: Do we need to parse and set other parameters like protocol, port
# iscsi_iface_name, netdev_name, LUN etc.
if is_ipv6_address "$tgt_ipaddr"; then
tgt_ipaddr="[$tgt_ipaddr]"
fi
netroot_str="netroot=iscsi:${userpwd_str}${userpwd_in_str}@$tgt_ipaddr::::$tgt_name"
[[ -f $netroot_conf ]] || touch "$netroot_conf"
# If netroot target does not exist already, append.
if ! grep -q "$netroot_str" "$netroot_conf"; then
echo "$netroot_str" >> "$netroot_conf"
dinfo "Appended $netroot_str to $netroot_conf"
fi
# Setup initator
if ! initiator_str=$(kdump_get_iscsi_initiator); then
derror "Failed to get initiator name"
return 1
fi
# If initiator details do not exist already, append.
if ! grep -q "$initiator_str" "$netroot_conf"; then
echo "$initiator_str" >> "$netroot_conf"
dinfo "Appended $initiator_str to $netroot_conf"
fi
}
kdump_check_iscsi_targets() {
# If our prerequisites are not met, fail anyways.
type -P iscsistart > /dev/null || return 1
kdump_check_setup_iscsi() {
local _dev
_dev=$1
[[ -L /sys/dev/block/$_dev ]] || return
cd "$(readlink -f "/sys/dev/block/$_dev")" || return 1
until [[ -d sys || -d iscsi_session ]]; do
cd ..
done
[[ -d iscsi_session ]] && kdump_setup_iscsi_device "$PWD"
}
[[ $hostonly ]] || [[ $mount_needs ]] && {
for_each_host_dev_and_slaves_all kdump_check_setup_iscsi
}
}
# hostname -a is deprecated, do it by ourself
get_alias() {
local ips
local entries
local alias_set
ips=$(hostname -I)
for ip in $ips; do
# in /etc/hosts, alias can come at the 2nd column
if entries=$(grep "$ip" /etc/hosts | awk '{ $1=""; print $0 }'); then
alias_set="$alias_set $entries"
fi
done
echo "$alias_set"
}
is_localhost() {
local hostnames
local shortnames
local aliasname
local nodename=$1
hostnames=$(hostname -A)
shortnames=$(hostname -A -s)
aliasname=$(get_alias)
hostnames="$hostnames $shortnames $aliasname"
for name in ${hostnames}; do
if [[ $name == "$nodename" ]]; then
return 0
fi
done
return 1
}
# retrieves fence_kdump nodes from Pacemaker cluster configuration
get_pcs_fence_kdump_nodes() {
local nodes
pcs cluster sync > /dev/null 2>&1 && pcs cluster cib-upgrade > /dev/null 2>&1
# get cluster nodes from cluster cib, get interface and ip address
nodelist=$(pcs cluster cib | xmllint --xpath "/cib/status/node_state/@uname" -)
# nodelist is formed as 'uname="node1" uname="node2" ... uname="nodeX"'
# we need to convert each to node1, node2 ... nodeX in each iteration
for node in ${nodelist}; do
# convert $node from 'uname="nodeX"' to 'nodeX'
eval "$node"
nodename="$uname"
# Skip its own node name
if is_localhost "$nodename"; then
continue
fi
nodes="$nodes $nodename"
done
echo "$nodes"
}
# retrieves fence_kdump args from config file
get_pcs_fence_kdump_args() {
if [[ -f $FENCE_KDUMP_CONFIG_FILE ]]; then
. "$FENCE_KDUMP_CONFIG_FILE"
echo "$FENCE_KDUMP_OPTS"
fi
}
get_generic_fence_kdump_nodes() {
local filtered
local nodes
nodes=$(kdump_get_conf_val "fence_kdump_nodes")
for node in ${nodes}; do
# Skip its own node name
if is_localhost "$node"; then
continue
fi
filtered="$filtered $node"
done
echo "$filtered"
}
# setup fence_kdump in cluster
# setup proper network and install needed files
kdump_configure_fence_kdump() {
local kdump_cfg_file=$1
local nodes
local args
if is_generic_fence_kdump; then
nodes=$(get_generic_fence_kdump_nodes)
elif is_pcs_fence_kdump; then
nodes=$(get_pcs_fence_kdump_nodes)
# set appropriate options in kdump.conf
echo "fence_kdump_nodes $nodes" >> "${kdump_cfg_file}"
args=$(get_pcs_fence_kdump_args)
if [[ -n $args ]]; then
echo "fence_kdump_args $args" >> "${kdump_cfg_file}"
fi
else
# fence_kdump not configured
return 1
fi
# setup network for each node
for node in ${nodes}; do
kdump_collect_netif_usage "$node"
done
dracut_install /etc/hosts
dracut_install /etc/nsswitch.conf
dracut_install "$FENCE_KDUMP_SEND"
}
# Install a random seed used to feed /dev/urandom
# By the time kdump service starts, /dev/uramdom is already fed by systemd
kdump_install_random_seed() {
local poolsize
poolsize=$(< /proc/sys/kernel/random/poolsize)
if [[ ! -d "${initdir}/var/lib/" ]]; then
mkdir -p "${initdir}/var/lib/"
fi
dd if=/dev/urandom of="${initdir}/var/lib/random-seed" \
bs="$poolsize" count=1 2> /dev/null
}
kdump_install_systemd_conf() {
# Kdump turns out to require longer default systemd mount timeout
# than 1st kernel(90s by default), we use default 300s for kdump.
if ! grep -q -r "^[[:space:]]*DefaultTimeoutStartSec=" "${initdir}/etc/systemd/system.conf"*; then
mkdir -p "${initdir}/etc/systemd/system.conf.d"
echo "[Manager]" > "${initdir}/etc/systemd/system.conf.d/kdump.conf"
echo "DefaultTimeoutStartSec=300s" >> "${initdir}/etc/systemd/system.conf.d/kdump.conf"
fi
# Forward logs to console directly, and don't read Kmsg, this avoids
# unneccessary memory consumption and make console output more useful.
# Only do so for non fadump image.
mkdir -p "${initdir}/etc/systemd/journald.conf.d"
echo "[Journal]" > "${initdir}/etc/systemd/journald.conf.d/kdump.conf"
echo "Storage=volatile" >> "${initdir}/etc/systemd/journald.conf.d/kdump.conf"
echo "ReadKMsg=no" >> "${initdir}/etc/systemd/journald.conf.d/kdump.conf"
echo "ForwardToConsole=yes" >> "${initdir}/etc/systemd/journald.conf.d/kdump.conf"
}
remove_cpu_online_rule() {
local file=${initdir}/usr/lib/udev/rules.d/40-redhat.rules
sed -i '/SUBSYSTEM=="cpu"/d' "$file"
}
install() {
declare -A unique_netifs ipv4_usage ipv6_usage
local arch has_ovs_bridge
kdump_module_init
kdump_install_conf
remove_sysctl_conf
# Onlining secondary cpus breaks kdump completely on KVM on Power hosts
# Though we use maxcpus=1 by default but 40-redhat.rules will bring up all
# possible cpus by default. (rhbz1270174 rhbz1266322)
# Thus before we get the kernel fix and the systemd rule fix let's remove
# the cpu online rule in kdump initramfs.
arch=$(uname -m)
if [[ "$arch" = "ppc64le" ]] || [[ "$arch" = "ppc64" ]]; then
remove_cpu_online_rule
fi
if is_ssh_dump_target; then
kdump_install_random_seed
fi
dracut_install -o /etc/adjtime /etc/localtime
inst "$moddir/monitor_dd_progress" "/kdumpscripts/monitor_dd_progress"
chmod +x "${initdir}/kdumpscripts/monitor_dd_progress"
inst "/bin/dd" "/bin/dd"
inst "/bin/tail" "/bin/tail"
inst "/bin/date" "/bin/date"
inst "/bin/sync" "/bin/sync"
inst "/bin/cut" "/bin/cut"
inst "/bin/head" "/bin/head"
inst "/bin/awk" "/bin/awk"
inst "/bin/sed" "/bin/sed"
inst "/bin/stat" "/bin/stat"
inst "/sbin/makedumpfile" "/sbin/makedumpfile"
inst "/sbin/vmcore-dmesg" "/sbin/vmcore-dmesg"
inst "/usr/bin/printf" "/sbin/printf"
inst "/usr/bin/logger" "/sbin/logger"
inst "/usr/bin/chmod" "/sbin/chmod"
inst "/usr/bin/dirname" "/sbin/dirname"
inst "/lib/kdump/kdump-lib-initramfs.sh" "/lib/kdump-lib-initramfs.sh"
inst "/lib/kdump/kdump-logger.sh" "/lib/kdump-logger.sh"
inst "$moddir/kdump.sh" "/usr/bin/kdump.sh"
inst "$moddir/kdump-capture.service" "$systemdsystemunitdir/kdump-capture.service"
systemctl -q --root "$initdir" add-wants initrd.target kdump-capture.service
# Replace existing emergency service and emergency target
cp "$moddir/kdump-emergency.service" "$initdir/$systemdsystemunitdir/emergency.service"
cp "$moddir/kdump-emergency.target" "$initdir/$systemdsystemunitdir/emergency.target"
# Also redirect dracut-emergency to kdump error handler
ln_r "$systemdsystemunitdir/emergency.service" "$systemdsystemunitdir/dracut-emergency.service"
# Disable ostree as we only need the physical root
systemctl -q --root "$initdir" mask ostree-prepare-root.service
# Check for all the devices and if any device is iscsi, bring up iscsi
# target. Ideally all this should be pushed into dracut iscsi module
# at some point of time.
kdump_check_iscsi_targets
kdump_install_systemd_conf
# nfs/ssh dump will need to get host ip in second kernel and need to call 'ip' tool, see get_host_ip for more detail
if is_nfs_dump_target || is_ssh_dump_target; then
inst "ip"
fi
kdump_install_net
# For the lvm type target under kdump, in /etc/lvm/lvm.conf we can
# safely replace "reserved_memory=XXXX"(default value is 8192) with
# "reserved_memory=1024" to lower memory pressure under kdump. We do
# it unconditionally here, if "/etc/lvm/lvm.conf" doesn't exist, it
# actually does nothing.
sed -i -e \
's/\(^[[:space:]]*reserved_memory[[:space:]]*=\)[[:space:]]*[[:digit:]]*/\1 1024/' \
"${initdir}/etc/lvm/lvm.conf" &> /dev/null
# Skip initrd-cleanup.service and initrd-parse-etc.service becasue we don't
# need to switch root. Instead of removing them, we use ConditionPathExists
# to check if /proc/vmcore exists to determine if we are in kdump.
sed -i '/\[Unit\]/a ConditionPathExists=!\/proc\/vmcore' \
"${initdir}/${systemdsystemunitdir}/initrd-cleanup.service" &> /dev/null
sed -i '/\[Unit\]/a ConditionPathExists=!\/proc\/vmcore' \
"${initdir}/${systemdsystemunitdir}/initrd-parse-etc.service" &> /dev/null
# Save more memory by dropping switch root capability
dracut_no_switch_root
}