diskimage-builder/releasenotes/notes
Julia Kreger 4633da7750 Correct boot path to cover FIPS usage cases
When your booting a Linux system using dracut, i.e. with any
redhat style distribution, dracut's internal code looks to validate
the kernel hmac signature in before proceeding to userspace.

It does this by looking at the /boot/ folder file for the kernel
hmac file.

And it normally does this with the root filesystem. Except if the
kernel is not on the root filesystem and is instead on a /boot
filesystem, this breaks horribly. This is compounded because
DIB enables the operator to restructure the OS image/layout
to fit their needs. In order for this to be navigated, as dracut
is written, we need to pass a "boot=" argument to the kernel.

So now we attempt to purge any prior boot entry in the disk image
content, which is good because any filesystem operations invalidate
it, and then we attempt to identify the boot filesystem, and save a
boot kernel command line parameter so the resulting image can
boot properly if FIPS was enabled in the prior image.

Regex developed with https://sed.js.org utilizing stdin:

VAR="quiet boot=UUID=173c759f-1302-48a3-9d51-a17784c21e03 text"
VAR="quiet boot=PARTUUID=173c759f-1302-48a3-9d51-a17784c21e03"
VAR="quiet boot=PARTUUID=173c759f-1302-48a3-9d51-a17784c21e03 reboot=meow"
VAR="quiet boot=UUID=/dev/sda1 text"
VAR="quiet boot=/dev/sda1"
VAR="quiet boot=/dev/sda1 reboot=meow"
VAR="quiet after_boot=1 reboot=meow boot=/dev/sda1"
VAR="quiet after_boot=1 reboot=meow"

Which resulted in stdout:

VAR="quiet text"
VAR="quiet"
VAR="quiet reboot=meow"
VAR="quiet text"
VAR="quiet"
VAR="quiet reboot=meow"
VAR="quiet after_boot=1 reboot=meow"
VAR="quiet after_boot=1 reboot=meow"

Change-Id: I9034c21e84deda2ba2c0ec0d1d6d6595ed10bed4
2023-03-15 11:25:21 -07:00
..
1.16.0-updates-bad91fc0b36c1755.yaml Add 1.16.0 releasenotes 2016-05-16 11:09:39 +10:00
1.17.0-ef744f36d277dba4.yaml Release notes for 1.17.0 2016-06-07 10:57:10 +10:00
1.18.0-4433d3076627f10d.yaml Release notes for 1.18 2016-06-28 09:20:21 +10:00
1.18.1-ceeb514708dcb731.yaml Add 1.18.1 releasenotes 2016-07-05 22:17:50 +00:00
add-6b94d90caea2895e.yaml Add support for CentOS 8 Stream cloud image 2020-08-10 11:33:38 +02:00
add-aarch64-support-for-rhel-c62a0e02b1ad9033.yaml Add aarch64 support for rhel 2021-03-08 07:00:15 +00:00
add-centos-8-support-4fd28eb04e11ba43.yaml Add CentOS 8 support 2020-02-19 10:44:56 +01:00
Add-DIB-UBUNTU-KERNEL-5f75a809f3ce9bab.yaml Add DIB_UBUNTU_KERNEL to ubuntu-minimal 2019-06-20 10:18:23 -07:00
add-efi-packages-70a19464d31ab8d7.yaml Add efi packages for ironic-agent 2020-02-11 17:26:59 +01:00
add-grub2-efi-x64-modules-for-centos-9-74401ca5ec8201c7.yaml Remove centos 9 and rhel 8 block in grub2 pkg-map 2022-01-17 23:40:24 +01:00
add-modprobe-element-8e3b0287ebb11920.yaml Add new modprobe element 2018-06-28 13:55:53 +02:00
add-openeuler-minimal-element-068dc7d9d94e5098.yaml Introduce openEuler distro 2021-08-04 03:06:55 +00:00
add-version-less-rhel-element-82fac7f2609e16d3.yaml Add version-less RHEL element for RHEL7 and RHEL8 2019-05-29 11:28:53 +03:00
apt-transport-https-e4856cb9e2f8422c.yaml Debuntu: add apt-transport-https 2020-04-02 10:11:35 +11:00
block-device-efi-lvm-c53272600ccd6d18.yaml Add element block-device-efi-lvm 2021-06-01 17:27:28 +12:00
block-device-handling-279cddba8a859718.yaml Add release notes for block device handling. 2016-09-23 09:36:19 +02:00
block-device-lvm-c3b8a214952b4db5.yaml LVM support for dib-block-device 2017-08-24 16:22:56 +10:00
block-device-mkfs-mount-fstab-42d7efe28fc2df04.yaml Refactor: block-device filesystem creation, mount and fstab 2017-05-12 13:52:02 +02:00
block-device-partitioning-237249e7ed2bad26.yaml Refactor: block-device handling (partitioning) 2017-01-24 19:59:10 +00:00
block-device-update-partition-table-eb4ff077f90dfb19.yaml Use kpartx option to update partition mappings 2020-06-09 09:07:55 +02:00
bootloader-commandline-d2db7524f1f9ad28.yaml Only append DIB_BOOTLOADER_DEFAULT_CMDLINE to default grub entry 2018-09-13 09:51:50 +10:00
bootloader-extlinux-cf5ca0a5c9ef4544.yaml bootloader: remove extlinux/syslinux path 2021-05-13 10:33:06 +10:00
bootloader-gpt-d1047f81f3a0631b.yaml GPT partitioning support 2018-02-23 10:04:26 +11:00
bump-ubuntu-release-42469e6868ee162b.yaml Bump Ubuntu release to focal 2021-08-26 23:28:33 -03:00
centos-minimal-8-aca6314862741177.yaml CentOS 8 minimal testing and support 2019-10-08 00:17:14 +02:00
centos-minimal-8-stream-97021a2c92463dde.yaml Add support for CentOS 8 Stream 2020-06-22 10:36:30 +02:00
centos-retired-f17ae9f6f03e57e3.yaml Remove centos and rhel elements 2017-06-28 12:26:24 +10:00
cloud-init-resizefs-growpart-e820b8c7f3adb78b.yaml Disable growpart in cloud-init-disable-resizefs 2020-10-06 14:03:57 +02:00
containerfile-host-networking-0691f3be5c6b11b6.yaml tox jobs: pin to correct nodesets; use host networking for containerfile 2022-12-16 09:52:46 +11:00
containerfile-root-extraction-430148dd669cb3da.yaml containerfile: fix tar extraction 2021-11-10 11:42:49 +11:00
create-945440b17d500bf5.yaml Prepare to drop Python 2 support 2020-05-29 09:44:54 +10:00
dash-p-after-install-58a87549c1c906c3.yaml Move do_extra_package_install to run in install phase 2017-04-10 08:32:47 +10:00
debian-minimal-confilicts-c139ab0c98e5762f.yaml Rename duplicating 10-debian-minimal.bash 2020-09-18 14:52:56 +10:00
debian-security-7279855cf464f88b.yaml Add security mirror override for debian-minimal 2019-10-03 13:49:47 +10:00
debian-security-b4f677a148fdf9c9.yaml Add security suite name override in debian-minimal 2019-10-15 21:20:02 +00:00
deprecate-ironic-agent-element.yaml Deprecates the existing "ironic-agent" element in DIB 2019-10-29 10:00:47 +11:00
dhcp-all-interfaces-add-opt-to-let-NetworkManager-handle-it-f7c7f2d033b7f92d.yaml dhcp-all-interfaces: opt let NetworkManager doit. 2022-01-24 01:45:49 +01:00
dhcp-all-interfaces-debian-issue-2ec7f1a5186f0b16.yaml Revert "Fallback to persistent netifs names with systemd" 2022-04-27 16:29:58 +00:00
dhcp-all-interfaces-networkmanager-b34f2fc8fb1a678f.yaml Handle NetworkManager for dhcp-all-interfaces 2020-08-11 08:12:31 -07:00
dhcp-vlan-interfaces-b34ab224b9431e3a.yaml Add support for vlan interfaces in dhcp-all-interfaces.sh 2020-11-03 10:04:17 -05:00
dib-distribution-mirror-8c241c0d3d4a539a.yaml Remove DIB_[DISTRO]_DISTRIBUTION_MIRROR 2017-07-17 14:47:31 +10:00
dib-init-system_fix_for_debian_jessie-c6f7261ee84dad27.yaml Fix dib-init-system for Debian Jessie and Debian Stretch 2017-03-11 14:04:13 +00:00
dib-init-system-5647bad17a01c602.yaml Introduce manual setting of DIB_INIT_SYSTEM 2019-11-21 12:38:15 +11:00
dib-python-deprecate-8401c35a87559076.yaml Deprecate dib-python; remove from in-tree elements 2020-08-07 10:38:16 +10:00
dib-run-parts-6f67d038aa5a4156.yaml Run dib-run-parts out of /tmp 2017-04-05 13:11:22 +10:00
dib-run-parts-e18cc3a6c2d66c24.yaml Don't provide dib-run-parts 2017-04-05 13:11:20 +10:00
dibv2-omnibus-b30e0c7ecd76db8d.yaml Add 2.0.0 release notes 2017-03-10 14:29:30 +11:00
doc-auto-element-dependency-cb7488c5bb7301a4.yaml Semi-automatic doc generation of element dependency 2017-02-09 09:50:30 +11:00
dpkg-copy-keys-578e16f7fedd823b.yaml Copy apt gpg keys directly into trusted.gpg.d 2020-08-28 15:58:07 +10:00
dracut-network-adaabf90da9f6866.yaml Remove dracut-network element 2017-05-31 08:36:56 +10:00
efi-bios-images-052283eabba98b90.yaml Makes EFI images bootable by bios 2020-08-18 14:41:21 +10:00
efi-bootloader-disk-size-4c1a9f18967104fb.yaml block-device-efi : expand disk size calculation 2019-08-14 15:49:38 +10:00
element-info-entry-point-448bf622be6061a0.yaml Move element-info to a standard entry-point 2016-09-08 15:29:56 +10:00
element-override-ccda78c24ab4a4ff.yaml Making element overriding explicit 2016-09-08 10:58:19 +10:00
element-vars-c6bf2e6795002f01.yaml Add IMAGE_ELEMENT_YAML and get_image_element_array 2016-09-08 11:08:07 +10:00
elrepo-element-85b32f6f496234d7.yaml added elrepo element 2022-09-02 15:09:08 +02:00
ensure-venv-d7c16a2a04fd3b8f.yaml Add ensure-venv element, install glean with it 2020-03-10 11:57:43 +11:00
fedora26-690b9fd9ac3c3d4f.yaml Bump fedora/fedora-minimal DIB_RELEASE 26 2017-08-04 14:18:05 +10:00
fedora32-9dfa4d9d4dcce1ff.yaml Fedora 32 support 2020-08-17 19:40:02 +10:00
fix_rdisc6_loop-32a308a97de99f0f.yaml Break retry loop on success in dhcp-all-interfaces 2019-12-02 15:50:20 +01:00
fix-and-update-opensuse-15.3-c7fee120b51e3621.yaml Fix openSUSE images and bump them to 15.3 2022-01-28 02:18:47 -03:00
fix-grub-boot-kernel-commandline-1f94e49884c517c0.yaml Correct boot path to cover FIPS usage cases 2023-03-15 11:25:21 -07:00
gpt-esp-partition-size-200568cb6fcc8788.yaml Increase size of EFI system partition (again) 2019-05-31 17:10:08 +10:00
grub-timeout-1cdd14a2b1467d89.yaml Set grub timeout default 2016-12-20 11:46:22 +11:00
gzip-env-variable-94e61e0c043f4f1f.yaml Allow configurable gzip binary name 2019-08-30 17:46:20 +02:00
harden-sshd-config-3f84556136014f95.yaml openssh-server: harden sshd config 2019-05-01 11:42:21 -04:00
i386-removed-13fc770dc88e81dc.yaml Futher bootloader cleanups 2022-02-10 15:08:56 +11:00
image-size-padding-24f88d1c4a215221.yaml Support defining the free space in the image 2019-04-29 20:18:43 +10:00
image-size-padding-mb-574104d40fdd2345.yaml Use megabyte granularity for image extra space 2019-05-15 13:38:25 +10:00
improve-ubuntu-minimal-docs-b4c20a37a4daea2f.yaml General improvements to the ubuntu-minimal docs 2022-01-21 19:21:00 -03:00
incorrect-grub-label-5d2000215c0cc73e.yaml Set default label for XFS disks 2018-01-29 15:10:08 +11:00
init-ibft-interfaces-9458d97dfcecc3ae.yaml Add an element to configure iBFT network interfaces 2018-11-20 14:11:11 +01:00
jammy-lvm-addition-53165b39e144544d.yaml changed release check logic in lvm element 2022-09-02 12:37:15 +02:00
journal-console-752b46542ec5595e.yaml journal-to-console: element to send systemd journal to console 2019-07-25 11:24:49 +10:00
logfile-quiet-b18f2de4059eecfd.yaml Turn on quiet mode when logfile specified 2018-10-24 12:40:09 +11:00
lvm-size-unit-c6b790b87d15c53d.yaml Parse block device lvm lvs size attributes 2022-07-06 11:27:42 +12:00
move_tidy_logs_to_main-a8c03427fe1a445c.yaml Unify tidy up logs in lib/img-functions 2017-01-14 09:40:44 +00:00
no-ironic-agent-689e58268e1bf44f.yaml Remove the deprecated ironic-agent element 2021-01-21 14:06:08 +01:00
openssh-server-0f6d065748a2fc18.yaml elements: Add new openssh-server element 2016-11-22 10:07:14 +00:00
opensuse-150-default-c047033b850d41ec.yaml Update test coverage for openSUSE/-minimal to 15.0 2019-05-08 14:59:51 +00:00
opensuse-151-default-67ccfffbc134704d.yaml Update test coverage for openSUSE/-minimal to 15.1 2019-06-13 09:20:40 +02:00
opensuse-423-default-3bc73fff69374cd0.yaml Switch openSUSE to 42.3 by default 2017-07-26 08:56:02 +02:00
opensuse-minimal-45267f5be1112c22.yaml Add opensuse-minimal element 2016-10-05 09:39:29 +01:00
package-install-arch-38bb5a6e61794fa5.yaml package-installs: add list to arch and "not-arch" list 2016-07-01 21:31:59 +02:00
package-installs-when-list-cfc00032271bae75.yaml package-installs: allow when filter to be a list 2020-05-21 14:03:49 +10:00
package-outside-debootstrap-ac93e9ce991819f1.yaml delete the duplicate words in package-outside-debootstrap-ac93e9ce991819f1.yaml 2018-11-13 15:01:42 +08:00
persistent-netifs-fallback-1b861e037dd8a27c.yaml Fallback to persistent netifs names with systemd 2022-02-09 10:17:49 +01:00
pip-and-virtualenv-args-5d3f2512edd7f3a3.yaml pip-and-virtualenv : deprecate source for CentOS 8, new variables 2019-10-03 00:22:18 +00:00
pip-and-virtualenv-platform-removal-52e0d6a22829a3b2.yaml pip-and-virtualenv: drop f31 & tumbleweed, rework suse 15 install 2020-04-23 08:10:26 +10:00
post-root-stage-51da051bcdfbc55f.yaml Add a post-root.d phase 2018-10-19 10:33:56 +02:00
pre-finalise-stage-574ae7886274bcba.yaml Add a pre-finalise.d phase 2018-10-15 12:45:23 +11:00
python-venv-d5b04fcf57e460bf.yaml pip-and-virtualenv: include python3-venv for Debuntu 2019-10-25 16:26:33 +11:00
remove-dib-utils-37f70dfad54900a0.yaml Move dib-run-parts into diskimage-builder 2016-11-04 17:07:37 +11:00
remove-solicit-delay-57a035b91922522a.yaml Remove RA solicit delay 2019-10-11 15:29:32 -07:00
repo-package-20fe407795bffd01.yaml Add DIB_YUM_REPO_PACKAGE as an alternative to DIB_YUM_REPO_CONF 2021-09-13 09:32:53 +12:00
rhel7-element-deprecation-b0c1b57be8cd06ac.yaml Deprecate rhel7 in favor of rhel 2019-05-29 12:07:44 +00:00
rhel-module-selection-e9f6f06ece1fb829.yaml rhel-common: Provide method to select module streams 2020-09-16 08:43:30 -04:00
rhel-registration-4d4fe741321e9345.yaml Move centos python3 installation after RHEL subscription 2020-09-07 11:22:55 +10:00
root-journal-size-618e064d6681699a.yaml Allow specification of filesystem journal size 2019-04-29 17:00:30 +10:00
runtime-ssh-host-keys-7a2fc873cc90d33e.yaml Create runtime-ssh-host-keys element 2016-09-26 12:32:38 -04:00
selinux-permissive-pre-install-ce19461ef17ec972.yaml move selinux-permissive configure to pre-install phase 2018-11-19 13:13:57 +11:00
simple-init-nm-5d19e249c0a4560b.yaml simple-init: default to NetworkManager for CentOS and Fedora 2019-10-07 10:46:57 +00:00
simple-init-nm-delay-f579e05467785219.yaml simple-init: add configurable RA timeout with network-manager 2019-08-20 17:07:17 +10:00
simple-init-nm-f0896124dee92a03.yaml simple-init: allow for NetworkManager support 2018-11-30 10:02:47 +11:00
skip-packages-env-c97e7b4820f9bfda.yaml package-installs: provide for skip from env var 2018-11-30 10:02:47 +11:00
specify-bootstrap-packages-via-env-22f5c6982c09f16a.yaml Permit specification of extra bootstrap packages 2021-08-02 11:57:11 -07:00
squashfs-output-91c1f0dc37474d3c.yaml Add squashfs output image format 2016-12-19 07:21:39 +00:00
start-using-reno-446b3d52a467a273.yaml Add releasenotes 2016-04-21 13:19:53 +10:00
sysfs-ro-b127a6df2d78e57c.yaml Mount /sys RO 2021-07-05 11:45:02 +10:00
sysprep-f3fd036bc1d2c405.yaml Clear /etc/machine-id to avoid duplicate machine-ids 2017-08-06 13:56:58 -04:00
sysprep-fixes-8890b968a8fa7ac1.yaml Ensure machine-id is not included in images 2019-09-20 03:17:50 +00:00
thin-provision-c57db8003acec386.yaml Support LVM thin provisioning 2022-08-24 10:34:42 +12:00
timestamp-43015aa5434e8ddb.yaml Add timestamp output filter 2017-06-16 15:58:50 +10:00
trusty-testing-removal-51160ee59c5477d8.yaml Remove Trusty testing 2020-04-23 10:00:13 +10:00
ubuntu-arbitrary-images-c796f5c6dbd40679.yaml Added release notes for Change 568697 2018-05-29 10:13:37 -07:00
ubuntu-focal-0f54ed4543247b7e.yaml ubuntu-minimal: Add Ubuntu Focal test build 2020-05-21 14:03:54 +10:00
upgrade_openeuler_to_22.03-d67d9bb3c5c97749.yaml Upgrade openEuler to 22.03 LTS 2022-08-01 19:22:35 +08:00
upgrade-pip-before-c-d2443847f9d58c7a.yaml upgrade pip before using -c option 2018-01-19 16:46:59 -06:00
virtualenv-activation-6de5738c9db8241d.yaml Remove virtualenv activation 2020-06-11 16:49:15 +10:00
yum-cache-removal-148c33012515e56e.yaml Remove yum chroot caching 2016-12-20 13:56:46 +11:00
yum-minimal-dnf-63305c349bcccdd4.yaml yum-minimal: use DNF tools on host 2021-08-30 14:14:32 +10:00
yum-minimal-firmware-194846961a6a1cb9.yaml Uninstall linux-firmware and linux-firmware-whence 2019-09-06 15:32:51 +10:00