From 976a5562d8c3008798b50831fc5ebf9f868c5e3d Mon Sep 17 00:00:00 2001 From: Neil Hanlon Date: Wed, 8 May 2024 00:54:19 -0400 Subject: [PATCH] try and make oracle less opaque --- config.sh | 158 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 114 insertions(+), 44 deletions(-) diff --git a/config.sh b/config.sh index 1c1c70d..8b069da 100644 --- a/config.sh +++ b/config.sh @@ -442,58 +442,128 @@ EOF # OCI - Virtio drivers echo 'add_drivers+=" virtio virtio_blk virtio_net virtio_pci virtio_ring virtio_scsi virtio_console "' > /etc/dracut.conf.d/virtio.conf - # OCI - YOLO + # OCI - Dracut for iscsi bypass mkdir -p /usr/lib/dracut/modules.d/95oci - OCIDRACUT="H4sIAGtFHmMAA+2WWW/bOBCA/Vr+illZzQXoluPUhgMURYrmpS02fevuGpJIWYQVUiWpJoHr/15S -crLZZBs3QA8U5QfYosQ5NUNSrRRBTfMAi6xoVXDOcVsT6ePg2YgXNBh8C0LNeDTqrpq7124cpfF4 -nIzT8fhwEEaj+HA8gNE38b6FVqpMAAwE5+ohuW3zvyjtw/UnLMtr4lFZSOrlV00mpS+rR/rYUv84 -StJBlIx10ZNREscD/SRNkwGE3yXjO/zm9R/+EeSUBbJCQ/AOPNANQCYgK1LXniwEbdQUKMOEKU9l -ufT6eUbrqRby8kzSwuNlKYmaQDo1JrQhcjkBJWdHIC9mKUg9TIEoKGlN1FVDZtobGr7NVFFB11nm -3YLikNU1v4A8ozXwVgEtQVUEullM5RKKjGkZQTJ8BTmBkrcMo6Eg5QTeiCxvFxMYJmESxWGYImRc -wYLo8i7gOMDkY8Dauob4eCeCT5/Ah1uN7+mhbmx0+vrs5M93s10kZo67Mp6Hec2L5WTtIB1Oby3n -vIYQBPa76P1+XcDODrwHj4DjCgf+nprYGSDQlFwA69KgDNy93ooERpR5uD8FzDs5w3utv+qEnz6d -HKwdmIHTudE2TdgFZ4qyltwodGk2mZBk3snNO0dfTlh7vc722sQ9bcftInCMmiCqFQyiG+lN2HPC -ipm7J5WYC9LUWUH+VXMC/fsrLp39TgtzRuAe3RQpKr5JcAJnS9o0lC3AveXD930HjnfiR4lDl/7y -XC5uqUkjT7CZdgJ13gSdHbP+FcHebSNOr3VJFYSopGgXfWX1S21ZmgV109c3rYCuwzgxe6oJ+/Ts -xdkpbPR5oyhn15l+leR/kuw13L6BdeFAEgwehd3gn7fP372a+QdusBK9ilSYmniq9RTc1eU0MBKB -HnwI11P9n6x3/ycP3QsXme4E56VeoNr4g9GZt/az9zbLdrac//29p7f3tnn8wb9h2/dfchjdOf/D -OIns+f8j2Jz/+iD/4V8ARUWK5d4+rNCTzRkTojVCmDSEYXl/gjJdqrruJ8zNvOJ8CY0gXqt3NTg6 -0vufjg5T8YXvVkeb+dkv3GKxWCwWi8VisVgsFovFYrFYLBaLxWL5jnwGdMMrBgAoAAA=" - base64 -d <<<"$OCIDRACUT" | tar -xz + cat << OCIMODULESETUP > /usr/lib/dracut/modules.d/95oci/module-setup.sh +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh - OCICLOUDCFG="IyBPQ0kgY2xvdWQtaW5pdCBjb25maWd1cmF0aW9uCmRhdGFzb3VyY2VfbGlzdDogWydPcmFjbGUn -LCAnT3BlblN0YWNrJ10KZGF0YXNvdXJjZToKICBPcGVuU3RhY2s6CiAgICBtZXRhZGF0YV91cmxz -OiBbJ2h0dHA6Ly8xNjkuMjU0LjE2OS4yNTQnXQogICAgdGltZW91dDogMTAKICAgIG1heF93YWl0 -OiAyMAoKIyBzd2FwIGZpbGUKc3dhcDoKICAgZmlsZW5hbWU6IC8uc3dhcGZpbGUKICAgc2l6ZTog -ImF1dG8iCgpjbG91ZF9pbml0X21vZHVsZXM6CiMgT0NJOiBkaXNrX3NldHVwIGlzIGRpc2FibGVk -CiMtIGRpc2tfc2V0dXAKIC0gbWlncmF0b3IKIC0gYm9vdGNtZAogLSB3cml0ZS1maWxlcwojIE9D -STogVGhlIGdyb3dwYXJ0IG1vZHVsZSBpcyBkaXNhYmxlZCBieSBkZWZhdWx0LiBUbyBlbmFibGUg -YXV0b21hdGljIGJvb3Qgdm9sdW1lIHJlc2l6aW5nLCB1bmNvbW1lbnQKIyB0aGUgYmVsb3cgZW50 -cnkgZm9yICctIGdyb3dwYXJ0JyBhbmQgcmVib290LiBBbGwgdGhlIGRlcGVuZGVudCBwYWNrYWdl -cyBmb3IgdGhlIGdyb3dwYXJ0CiMgbW9kdWxlIHRvIHdvcmsgc3VjaCBhcyBjbG91ZC11dGlscy1n -cm93cGFydCBhbmQgZ2Rpc2sgYXJlIGFscmVhZHkgaW5jbHVkZWQgaW4gdGhlIGltYWdlLgojLSBn -cm93cGFydAogLSByZXNpemVmcwojIE9DSTogc2V0X2hvc3RuYW1lLCB1cGRhdGVfaG9zdG5hbWUs -IHVwZGF0ZV9ldGNfaG9zdHMgYXJlIGRpc2FibGVkCiMtIHNldF9ob3N0bmFtZQojLSB1cGRhdGVf -aG9zdG5hbWUKIy0gdXBkYXRlX2V0Y19ob3N0cwogLSByc3lzbG9nCiAtIHVzZXJzLWdyb3Vwcwog -LSBzc2gKCmNsb3VkX2NvbmZpZ19tb2R1bGVzOgogLSBtb3VudHMKIC0gbG9jYWxlCiAtIHNldC1w -YXNzd29yZHMKIyBPQ0k6IHJoX3N1YnNjcmlwdGlvbiBpcyBkaXNhYmxlZAojLSByaF9zdWJzY3Jp -cHRpb24KIC0geXVtLWFkZC1yZXBvCiAtIHBhY2thZ2UtdXBkYXRlLXVwZ3JhZGUtaW5zdGFsbAog -LSB0aW1lem9uZQogLSBudHAKIC0gcHVwcGV0CiAtIGNoZWYKIC0gc2FsdC1taW5pb24KIC0gbWNv -bGxlY3RpdmUKIC0gZGlzYWJsZS1lYzItbWV0YWRhdGEKIC0gcnVuY21kCgpjbG91ZF9maW5hbF9t -b2R1bGVzOgogLSByaWdodHNjYWxlX3VzZXJkYXRhCiAtIHNjcmlwdHMtcGVyLW9uY2UKIC0gc2Ny -aXB0cy1wZXItYm9vdAogLSBzY3JpcHRzLXBlci1pbnN0YW5jZQogLSBzY3JpcHRzLXVzZXIKIC0g -c3NoLWF1dGhrZXktZmluZ2VycHJpbnRzCiAtIGtleXMtdG8tY29uc29sZQogLSBwaG9uZS1ob21l -CiAtIGZpbmFsLW1lc3NhZ2UKIyBPQ0k6IHBvd2VyLXN0YXRlLWNoYW5nZSBpcyBkaXNhYmxlZAoj -LSBwb3dlci1zdGF0ZS1jaGFuZ2UKCg==" +check() { + return 0 +} - base64 -d <<<"$OCICLOUDCFG" >> /etc/cloud/cloud.cfg.d/99_oci.cfg +depends() { + return 0 +} + +install() { + inst_hook pre-udev 88 "$moddir/enable-iscsi-bypass.sh" +} +OCIMODULESETUP + + cat << OCIISCSIBYPASS > /usr/lib/dracut/modules.d/95oci/enable-iscsi-bypass.sh +#!/bin/sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +#Patch iscsiroot to allow bail out if the root disk can already be found +#ref: Orabug: #30312004 + +type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh +INSERT=' +r="${root#block:}" +if getargbool 0 rd.iscsi.bypass && [ -e "$r" ]; then + for nroot in $(getargs netroot); do + [ "${nroot%%:*}" = "iscsi" ] || continue + type parse_iscsi_root >/dev/null 2>&1 || . /lib/net-lib.sh + parse_iscsi_root "$nroot" || return 1 + netroot_enc=$(str_replace "$nroot" "/" "\2f") + done + echo "iscsi: Skipping $netroot_enc..." >&2 + echo "iscsi: Skipping $netroot_enc..." > /dev/kmsg + echo "skipped" > "/tmp/iscsistarted-$netroot_enc" + exit 0 +fi +' + +if getargbool 0 rd.iscsi.bypass && [ -f "/sbin/iscsiroot" ]; then + echo "Enabling ISCSI bypass option" >&2 + echo "Enabling ISCSI bypass option" > /dev/kmsg + echo "$INSERT" | sed -i '/^PATH=.*$/{r /dev/stdin + h}; ${x;/PATH/{x;q0};x;q3}\ "/sbin/iscsiroot" || warn "Failed Enabling ISCSI bypass option" +fi +OCIISCSIBYPASS + + cat << OCICLOUDCONFIG > /etc/cloud/cloud.cfg.d/99_oci.cfg +# OCI cloud-init configuration +datasource_list: ['Oracle', 'OpenStack'] +datasource: + OpenStack: + metadata_urls: ['http://169.254.169.254'] + timeout: 10 + max_wait: 20 + +# swap file +swap: + filename: /.swapfile + size: "auto" + +cloud_init_modules: +# OCI: disk_setup is disabled +#- disk_setup + - migrator + - bootcmd + - write-files +# OCI: The growpart module is disabled by default. To enable automatic boot volume resizing, uncomment +# the below entry for '- growpart' and reboot. All the dependent packages for the growpart +# module to work such as cloud-utils-growpart and gdisk are already included in the image. +#- growpart + - resizefs +# OCI: set_hostname, update_hostname, update_etc_hosts are disabled +#- set_hostname +#- update_hostname +#- update_etc_hosts + - rsyslog + - users-groups + - ssh + +cloud_config_modules: + - mounts + - locale + - set-passwords +# OCI: rh_subscription is disabled +#- rh_subscription + - yum-add-repo + - package-update-upgrade-install + - timezone + - ntp + - puppet + - chef + - salt-minion + - mcollective + - disable-ec2-metadata + - runcmd + +cloud_final_modules: + - rightscale_userdata + - scripts-per-once + - scripts-per-boot + - scripts-per-instance + - scripts-user + - ssh-authkey-fingerprints + - keys-to-console + - phone-home + - final-message +# OCI: power-state-change is disabled +#- power-state-change +OCICLOUDCONFIG + # Remove system.devices because Oracle does things. rm -fv /etc/lvm/devices/system.devices - # Start OCId - systemctl enable ocid # Copyright (C) 2020 Oracle Corp., Inc. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl