4633da7750
When your booting a Linux system using dracut, i.e. with any redhat style distribution, dracut's internal code looks to validate the kernel hmac signature in before proceeding to userspace. It does this by looking at the /boot/ folder file for the kernel hmac file. And it normally does this with the root filesystem. Except if the kernel is not on the root filesystem and is instead on a /boot filesystem, this breaks horribly. This is compounded because DIB enables the operator to restructure the OS image/layout to fit their needs. In order for this to be navigated, as dracut is written, we need to pass a "boot=" argument to the kernel. So now we attempt to purge any prior boot entry in the disk image content, which is good because any filesystem operations invalidate it, and then we attempt to identify the boot filesystem, and save a boot kernel command line parameter so the resulting image can boot properly if FIPS was enabled in the prior image. Regex developed with https://sed.js.org utilizing stdin: VAR="quiet boot=UUID=173c759f-1302-48a3-9d51-a17784c21e03 text" VAR="quiet boot=PARTUUID=173c759f-1302-48a3-9d51-a17784c21e03" VAR="quiet boot=PARTUUID=173c759f-1302-48a3-9d51-a17784c21e03 reboot=meow" VAR="quiet boot=UUID=/dev/sda1 text" VAR="quiet boot=/dev/sda1" VAR="quiet boot=/dev/sda1 reboot=meow" VAR="quiet after_boot=1 reboot=meow boot=/dev/sda1" VAR="quiet after_boot=1 reboot=meow" Which resulted in stdout: VAR="quiet text" VAR="quiet" VAR="quiet reboot=meow" VAR="quiet text" VAR="quiet" VAR="quiet reboot=meow" VAR="quiet after_boot=1 reboot=meow" VAR="quiet after_boot=1 reboot=meow" Change-Id: I9034c21e84deda2ba2c0ec0d1d6d6595ed10bed4 |
||
---|---|---|
.. | ||
1.16.0-updates-bad91fc0b36c1755.yaml | ||
1.17.0-ef744f36d277dba4.yaml | ||
1.18.0-4433d3076627f10d.yaml | ||
1.18.1-ceeb514708dcb731.yaml | ||
add-6b94d90caea2895e.yaml | ||
add-aarch64-support-for-rhel-c62a0e02b1ad9033.yaml | ||
add-centos-8-support-4fd28eb04e11ba43.yaml | ||
Add-DIB-UBUNTU-KERNEL-5f75a809f3ce9bab.yaml | ||
add-efi-packages-70a19464d31ab8d7.yaml | ||
add-grub2-efi-x64-modules-for-centos-9-74401ca5ec8201c7.yaml | ||
add-modprobe-element-8e3b0287ebb11920.yaml | ||
add-openeuler-minimal-element-068dc7d9d94e5098.yaml | ||
add-version-less-rhel-element-82fac7f2609e16d3.yaml | ||
apt-transport-https-e4856cb9e2f8422c.yaml | ||
block-device-efi-lvm-c53272600ccd6d18.yaml | ||
block-device-handling-279cddba8a859718.yaml | ||
block-device-lvm-c3b8a214952b4db5.yaml | ||
block-device-mkfs-mount-fstab-42d7efe28fc2df04.yaml | ||
block-device-partitioning-237249e7ed2bad26.yaml | ||
block-device-update-partition-table-eb4ff077f90dfb19.yaml | ||
bootloader-commandline-d2db7524f1f9ad28.yaml | ||
bootloader-extlinux-cf5ca0a5c9ef4544.yaml | ||
bootloader-gpt-d1047f81f3a0631b.yaml | ||
bump-ubuntu-release-42469e6868ee162b.yaml | ||
centos-minimal-8-aca6314862741177.yaml | ||
centos-minimal-8-stream-97021a2c92463dde.yaml | ||
centos-retired-f17ae9f6f03e57e3.yaml | ||
cloud-init-resizefs-growpart-e820b8c7f3adb78b.yaml | ||
containerfile-host-networking-0691f3be5c6b11b6.yaml | ||
containerfile-root-extraction-430148dd669cb3da.yaml | ||
create-945440b17d500bf5.yaml | ||
dash-p-after-install-58a87549c1c906c3.yaml | ||
debian-minimal-confilicts-c139ab0c98e5762f.yaml | ||
debian-security-7279855cf464f88b.yaml | ||
debian-security-b4f677a148fdf9c9.yaml | ||
deprecate-ironic-agent-element.yaml | ||
dhcp-all-interfaces-add-opt-to-let-NetworkManager-handle-it-f7c7f2d033b7f92d.yaml | ||
dhcp-all-interfaces-debian-issue-2ec7f1a5186f0b16.yaml | ||
dhcp-all-interfaces-networkmanager-b34f2fc8fb1a678f.yaml | ||
dhcp-vlan-interfaces-b34ab224b9431e3a.yaml | ||
dib-distribution-mirror-8c241c0d3d4a539a.yaml | ||
dib-init-system_fix_for_debian_jessie-c6f7261ee84dad27.yaml | ||
dib-init-system-5647bad17a01c602.yaml | ||
dib-python-deprecate-8401c35a87559076.yaml | ||
dib-run-parts-6f67d038aa5a4156.yaml | ||
dib-run-parts-e18cc3a6c2d66c24.yaml | ||
dibv2-omnibus-b30e0c7ecd76db8d.yaml | ||
doc-auto-element-dependency-cb7488c5bb7301a4.yaml | ||
dpkg-copy-keys-578e16f7fedd823b.yaml | ||
dracut-network-adaabf90da9f6866.yaml | ||
efi-bios-images-052283eabba98b90.yaml | ||
efi-bootloader-disk-size-4c1a9f18967104fb.yaml | ||
element-info-entry-point-448bf622be6061a0.yaml | ||
element-override-ccda78c24ab4a4ff.yaml | ||
element-vars-c6bf2e6795002f01.yaml | ||
elrepo-element-85b32f6f496234d7.yaml | ||
ensure-venv-d7c16a2a04fd3b8f.yaml | ||
fedora26-690b9fd9ac3c3d4f.yaml | ||
fedora32-9dfa4d9d4dcce1ff.yaml | ||
fix_rdisc6_loop-32a308a97de99f0f.yaml | ||
fix-and-update-opensuse-15.3-c7fee120b51e3621.yaml | ||
fix-grub-boot-kernel-commandline-1f94e49884c517c0.yaml | ||
gpt-esp-partition-size-200568cb6fcc8788.yaml | ||
grub-timeout-1cdd14a2b1467d89.yaml | ||
gzip-env-variable-94e61e0c043f4f1f.yaml | ||
harden-sshd-config-3f84556136014f95.yaml | ||
i386-removed-13fc770dc88e81dc.yaml | ||
image-size-padding-24f88d1c4a215221.yaml | ||
image-size-padding-mb-574104d40fdd2345.yaml | ||
improve-ubuntu-minimal-docs-b4c20a37a4daea2f.yaml | ||
incorrect-grub-label-5d2000215c0cc73e.yaml | ||
init-ibft-interfaces-9458d97dfcecc3ae.yaml | ||
jammy-lvm-addition-53165b39e144544d.yaml | ||
journal-console-752b46542ec5595e.yaml | ||
logfile-quiet-b18f2de4059eecfd.yaml | ||
lvm-size-unit-c6b790b87d15c53d.yaml | ||
move_tidy_logs_to_main-a8c03427fe1a445c.yaml | ||
no-ironic-agent-689e58268e1bf44f.yaml | ||
openssh-server-0f6d065748a2fc18.yaml | ||
opensuse-150-default-c047033b850d41ec.yaml | ||
opensuse-151-default-67ccfffbc134704d.yaml | ||
opensuse-423-default-3bc73fff69374cd0.yaml | ||
opensuse-minimal-45267f5be1112c22.yaml | ||
package-install-arch-38bb5a6e61794fa5.yaml | ||
package-installs-when-list-cfc00032271bae75.yaml | ||
package-outside-debootstrap-ac93e9ce991819f1.yaml | ||
persistent-netifs-fallback-1b861e037dd8a27c.yaml | ||
pip-and-virtualenv-args-5d3f2512edd7f3a3.yaml | ||
pip-and-virtualenv-platform-removal-52e0d6a22829a3b2.yaml | ||
post-root-stage-51da051bcdfbc55f.yaml | ||
pre-finalise-stage-574ae7886274bcba.yaml | ||
python-venv-d5b04fcf57e460bf.yaml | ||
remove-dib-utils-37f70dfad54900a0.yaml | ||
remove-solicit-delay-57a035b91922522a.yaml | ||
repo-package-20fe407795bffd01.yaml | ||
rhel7-element-deprecation-b0c1b57be8cd06ac.yaml | ||
rhel-module-selection-e9f6f06ece1fb829.yaml | ||
rhel-registration-4d4fe741321e9345.yaml | ||
root-journal-size-618e064d6681699a.yaml | ||
runtime-ssh-host-keys-7a2fc873cc90d33e.yaml | ||
selinux-permissive-pre-install-ce19461ef17ec972.yaml | ||
simple-init-nm-5d19e249c0a4560b.yaml | ||
simple-init-nm-delay-f579e05467785219.yaml | ||
simple-init-nm-f0896124dee92a03.yaml | ||
skip-packages-env-c97e7b4820f9bfda.yaml | ||
specify-bootstrap-packages-via-env-22f5c6982c09f16a.yaml | ||
squashfs-output-91c1f0dc37474d3c.yaml | ||
start-using-reno-446b3d52a467a273.yaml | ||
sysfs-ro-b127a6df2d78e57c.yaml | ||
sysprep-f3fd036bc1d2c405.yaml | ||
sysprep-fixes-8890b968a8fa7ac1.yaml | ||
thin-provision-c57db8003acec386.yaml | ||
timestamp-43015aa5434e8ddb.yaml | ||
trusty-testing-removal-51160ee59c5477d8.yaml | ||
ubuntu-arbitrary-images-c796f5c6dbd40679.yaml | ||
ubuntu-focal-0f54ed4543247b7e.yaml | ||
upgrade_openeuler_to_22.03-d67d9bb3c5c97749.yaml | ||
upgrade-pip-before-c-d2443847f9d58c7a.yaml | ||
virtualenv-activation-6de5738c9db8241d.yaml | ||
yum-cache-removal-148c33012515e56e.yaml | ||
yum-minimal-dnf-63305c349bcccdd4.yaml | ||
yum-minimal-firmware-194846961a6a1cb9.yaml |