Hello community,
here is the log from the commit of package ignition-dracut for openSUSE:Factory
checked in at 2020-05-11 13:45:10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ignition-dracut (Old)
and /work/SRC/openSUSE:Factory/.ignition-dracut.new.2738 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ignition-dracut"
Mon May 11 13:45:10 2020 rev:12 rq:802627 version:0.0+git20200504.7ff38d9
Changes:
--------
--- /work/SRC/openSUSE:Factory/ignition-dracut/ignition-dracut.changes
2020-03-27 22:02:09.774962562 +0100
+++
/work/SRC/openSUSE:Factory/.ignition-dracut.new.2738/ignition-dracut.changes
2020-05-11 13:45:22.025630461 +0200
@@ -1,0 +2,18 @@
+Mon May 11 08:52:37 UTC 2020 - ifors...@suse.com
+
+- Update to version 0.0+git20200504.7ff38d9:
+ * 30ignition: drop hard requirement on qemu_fw_cfg [boo#1167289]
+ * 99emergency-timeout: improve readability of Ignition failure message
+ * 99emergency-timeout: also check ignition-fetch.service for failure
+ * coreos-teardown-initramfs-network: don't run when emergency.target
+ * dracut: add logging to systemd generator
+ * coreos-teardown-initramfs-network: also propagate hostname
+ * coreos-teardown-initramfs-network: support coreos.no_persist_ip karg
+ * coreos-teardown-initramfs-network: consider ifcfg files in real root for
RHCOS
+ * coreos-teardown-initramfs-network: also skip local loopback interface
+ * coreos-teardown-initramfs-network: do SELinux relabel on copied files
+ * coreos-teardown-initramfs-network: order ExecStop after other ignition
units
+ * coreos-teardown-initramfs-network: remove After=ignition-files.service
+ * Add ignition-virtio-dump-journal.service
+
+-------------------------------------------------------------------
Old:
----
ignition-dracut-0.0+git20200325.ea3bdc9.tar.xz
New:
----
ignition-dracut-0.0+git20200504.7ff38d9.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ignition-dracut.spec ++++++
--- /var/tmp/diff_new_pack.hf6cFk/_old 2020-05-11 13:45:22.889632294 +0200
+++ /var/tmp/diff_new_pack.hf6cFk/_new 2020-05-11 13:45:22.893632303 +0200
@@ -17,7 +17,7 @@
Name: ignition-dracut
-Version: 0.0+git20200325.ea3bdc9
+Version: 0.0+git20200504.7ff38d9
Release: 0
Summary: Dracut scripts for ignition
License: BSD-2-Clause
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.hf6cFk/_old 2020-05-11 13:45:22.973632473 +0200
+++ /var/tmp/diff_new_pack.hf6cFk/_new 2020-05-11 13:45:22.973632473 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">git://github.com/coreos/ignition-dracut.git</param>
- <param
name="changesrevision">ea3bdc94076326c6c3d62aa7a19b9bd0ae887b3a</param>
+ <param
name="changesrevision">7ff38d9716bf982e3f6495d85c6ce91aab72e88d</param>
</service>
</servicedata>
\ No newline at end of file
++++++ ignition-dracut-0.0+git20200325.ea3bdc9.tar.xz ->
ignition-dracut-0.0+git20200504.7ff38d9.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/30ignition/coreos-teardown-initramfs-network.service
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/30ignition/coreos-teardown-initramfs-network.service
---
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/30ignition/coreos-teardown-initramfs-network.service
2020-03-25 16:43:46.000000000 +0100
+++
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/30ignition/coreos-teardown-initramfs-network.service
2020-05-05 01:11:06.000000000 +0200
@@ -5,7 +5,17 @@
[Unit]
Description=Tear down initramfs networking
DefaultDependencies=false
-After=ignition-files.service
+
+# We want to run the teardown after all other Ignition stages
+# have run because some platforms (like Packet) do remote status
+# reporting for each Ignition stage. Since we are tearing down
+# the networking using an ExecStop we need to make sure we run
+# the ExecStop *after* any other ignition*.service unit's ExecStop.
+# The only other one right now is ignition-mount that has an ExecStop
+# for doing an unmount. Since the ordering for ExecStop is the
+# opposite of ExecStart we need to use `Before=ignition-mount.service`.
+# https://github.com/coreos/fedora-coreos-tracker/issues/440
+Before=ignition-mount.service
Before=ignition-complete.target
# Make sure ExecStop= runs before we switch root
@@ -16,6 +26,13 @@
OnFailure=emergency.target
OnFailureJobMode=isolate
+# If we are already heading towards emergency.target
+# then don't try to stop this unit because it will fail
+# when trying to access files in /sysroot/etc/. The failure
+# is mostly harmless but having the extra error messages
+# leads us away from the original problem.
+IgnoreOnIsolate=true
+
[Service]
Type=oneshot
RemainAfterExit=yes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/30ignition/coreos-teardown-initramfs-network.sh
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/30ignition/coreos-teardown-initramfs-network.sh
---
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/30ignition/coreos-teardown-initramfs-network.sh
2020-03-25 16:43:46.000000000 +0100
+++
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/30ignition/coreos-teardown-initramfs-network.sh
2020-05-05 01:11:06.000000000 +0200
@@ -4,6 +4,34 @@
set -euo pipefail
+# Load dracut libraries. Using getargbool() and getargs() from
+# dracut-lib and ip_to_var() from net-lib
+load_dracut_libs() {
+ # dracut is not friendly to set -eu
+ set +euo pipefail
+ type getargbool &>/dev/null || . /lib/dracut-lib.sh
+ type ip_to_var &>/dev/null || . /lib/net-lib.sh
+ set -euo pipefail
+}
+
+dracut_func() {
+ # dracut is not friendly to set -eu
+ set +euo pipefail
+ "$@"; rc=$?
+ set -euo pipefail
+ return $rc
+}
+
+selinux_relabel() {
+ # If we have access to coreos-relabel then let's use that because
+ # it allows us to set labels on things before switching root
+ # If not, fallback to tmpfiles.
+ if command -v coreos-relabel; then
+ coreos-relabel $1
+ else
+ echo "Z $1 - - -" >> "/run/tmpfiles.d/$(basename $0)-relabel.conf"
+ fi
+}
# Propagate initramfs networking if desired. The policy here is:
#
@@ -16,7 +44,10 @@
#
# See
https://github.com/coreos/fedora-coreos-tracker/issues/394#issuecomment-599721173
propagate_initramfs_networking() {
- if [ -n "$(ls -A /sysroot/etc/NetworkManager/system-connections/)" ]; then
+ # Check the two locations where a user could have provided network
configuration
+ # On FCOS we only support keyfiles, but on RHCOS we support keyfiles and
ifcfg
+ if [ -n "$(ls -A /sysroot/etc/NetworkManager/system-connections/)" -o \
+ -n "$(ls -A /sysroot/etc/sysconfig/network-scripts/)" ]; then
echo "info: networking config is defined in the real root"
echo "info: will not attempt to propagate initramfs networking"
else
@@ -24,12 +55,51 @@
if [ -n "$(ls -A /run/NetworkManager/system-connections/)" ]; then
echo "info: propagating initramfs networking config to the real
root"
cp /run/NetworkManager/system-connections/*
/sysroot/etc/NetworkManager/system-connections/
+ selinux_relabel /etc/NetworkManager/system-connections/
else
echo "info: no initramfs networking information to propagate"
fi
fi
}
+# Propagate the ip= karg hostname if desired. The policy here is:
+#
+# - IF a hostname is specified in static networking ip= kargs
+# - AND no hostname was set via Ignition (realroot `/etc/hostname`)
+# - THEN we make the last hostname specified in an ip= karg apply
+# permanently by writing it into `/etc/hostname`
+#
+# This may no longer be needed when the following bug is fixed:
+# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/419
+propagate_initramfs_hostname() {
+ if [ -e '/sysroot/etc/hostname' ]; then
+ echo "info: hostname is defined in the real root"
+ echo "info: will not attempt to propagate initramfs hostname"
+ return 0
+ fi
+ # Detect if any hostname was provided via static ip= kargs
+ # run in a subshell so we don't pollute our environment
+ hostnamefile=$(mktemp)
+ (
+ last_nonempty_hostname=''
+ # Inspired from ifup.sh from the 40network dracut module. Note that
+ # $hostname from ip_to_var will only be nonempty for static networking.
+ for iparg in $(dracut_func getargs ip=); do
+ dracut_func ip_to_var $iparg
+ [ -n "${hostname:-}" ] && last_nonempty_hostname="$hostname"
+ done
+ echo -n "$last_nonempty_hostname" > $hostnamefile
+ )
+ hostname=$(<$hostnamefile); rm $hostnamefile
+ if [ -n "$hostname" ]; then
+ echo "info: propagating initramfs hostname (${hostname}) to the real
root"
+ echo $hostname > /sysroot/etc/hostname
+ selinux_relabel /etc/hostname
+ else
+ echo "info: no initramfs hostname information to propagate"
+ fi
+}
+
down_interface() {
echo "info: taking down network device: $1"
# On recommendation from the NM team let's try to delete the device
@@ -54,14 +124,21 @@
for f in /sys/class/net/*; do
interface=$(basename "$f")
# The `bonding_masters` entry is not a true interface and thus
- # cannot be taken down.
- if [ "$interface" == "bonding_masters" ]; then continue; fi
+ # cannot be taken down. Also skip local loopback
+ case "$interface" in
+ "lo" | "bonding_masters")
+ continue
+ ;;
+ esac
down_interface $interface
done
fi
}
main() {
+ # Load libraries from dracut
+ load_dracut_libs
+
# Take down all interfaces set up in the initramfs
down_interfaces
@@ -70,8 +147,16 @@
ip route flush table main
ip route flush cache
- # Propagate initramfs networking if needed
- propagate_initramfs_networking
+ # Hopefully our logic is sound enough that this is never needed, but
+ # user's can explicitly disable initramfs network/hostname propagation
+ # with the coreos.no_persist_ip karg.
+ if dracut_func getargbool 0 'coreos.no_persist_ip'; then
+ echo "info: coreos.no_persist_ip karg detected"
+ echo "info: skipping propagating initramfs settings"
+ else
+ propagate_initramfs_hostname
+ propagate_initramfs_networking
+ fi
# Now that the configuration has been propagated (or not)
# clean it up so that no information from outside of the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/30ignition/ignition-generator
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/30ignition/ignition-generator
---
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/30ignition/ignition-generator
2020-03-25 16:43:46.000000000 +0100
+++
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/30ignition/ignition-generator
2020-05-05 01:11:06.000000000 +0200
@@ -4,6 +4,10 @@
set -e
+# Generators don't have logging right now
+# https://github.com/systemd/systemd/issues/15638
+exec 1>/dev/kmsg; exec 2>&1
+
UNIT_DIR="${1:-/tmp}"
cmdline=( $(</proc/cmdline) )
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/30ignition/module-setup.sh
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/30ignition/module-setup.sh
---
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/30ignition/module-setup.sh
2020-03-25 16:43:46.000000000 +0100
+++
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/30ignition/module-setup.sh
2020-05-05 01:11:06.000000000 +0200
@@ -83,26 +83,3 @@
# needed for openstack config drive support
inst_rules 60-cdrom_id.rules
}
-
-has_fw_cfg_module() {
- # this is like check_kernel_config() but it specifically checks for `m` and
- # also checks the OSTree-specific kernel location
- for path in /boot/config-$kernel \
- /usr/lib/modules/$kernel/config \
- /usr/lib/ostree-boot/config-$kernel; do
- if test -f $path; then
- rc=0
- grep -q CONFIG_FW_CFG_SYSFS=m $path || rc=$?
- return $rc
- fi
- done
- return 1
-}
-
-installkernel() {
- # We definitely need this one in the initrd to support Ignition cfgs on
qemu
- # if available
- if has_fw_cfg_module; then
- instmods -c qemu_fw_cfg
- fi
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/99emergency-timeout/ignition-virtio-dump-journal.service
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/99emergency-timeout/ignition-virtio-dump-journal.service
---
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/99emergency-timeout/ignition-virtio-dump-journal.service
1970-01-01 01:00:00.000000000 +0100
+++
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/99emergency-timeout/ignition-virtio-dump-journal.service
2020-05-05 01:11:06.000000000 +0200
@@ -0,0 +1,15 @@
+[Unit]
+Description=Ignition (virtio dump)
+Documentation=https://github.com/coreos/ignition
+ConditionPathExists=/etc/initrd-release
+DefaultDependencies=false
+ConditionVirtualization=|kvm
+ConditionVirtualization=|qemu
+After=basic.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+EnvironmentFile=/run/ignition.env
+ExecStart=/usr/bin/ignition-virtio-dump-journal
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/99emergency-timeout/ignition-virtio-dump-journal.sh
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/99emergency-timeout/ignition-virtio-dump-journal.sh
---
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/99emergency-timeout/ignition-virtio-dump-journal.sh
1970-01-01 01:00:00.000000000 +0100
+++
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/99emergency-timeout/ignition-virtio-dump-journal.sh
2020-05-05 01:11:06.000000000 +0200
@@ -0,0 +1,11 @@
+#!/bin/bash
+set -euo pipefail
+
+port=/dev/virtio-ports/com.coreos.ignition.journal
+if [ -e "${port}" ]; then
+ journalctl -o json > "${port}"
+ # And this signals end of stream
+ echo '{}' > "${port}"
+else
+ echo "Didn't find virtio port ${port}"
+fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/99emergency-timeout/module-setup.sh
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/99emergency-timeout/module-setup.sh
---
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/99emergency-timeout/module-setup.sh
2020-03-25 16:43:46.000000000 +0100
+++
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/99emergency-timeout/module-setup.sh
2020-05-05 01:11:06.000000000 +0200
@@ -2,10 +2,22 @@
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
+install_unit_wants() {
+ local unit="$1"; shift
+ local target="$1"; shift
+ local instantiated="${1:-$unit}"; shift
+ inst_simple "$moddir/$unit" "$systemdsystemunitdir/$unit"
+ mkdir -p "$initdir/$systemdsystemunitdir/$target.wants"
+ ln_r "../$unit" "$systemdsystemunitdir/$target.wants/$instantiated"
+}
+
install() {
inst_multiple \
cut \
date
inst_hook emergency 99 "${moddir}/timeout.sh"
+
+ inst_script "$moddir/ignition-virtio-dump-journal.sh"
"/usr/bin/ignition-virtio-dump-journal"
+ install_unit_wants ignition-virtio-dump-journal.service emergency.target
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/99emergency-timeout/timeout.sh
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/99emergency-timeout/timeout.sh
---
old/ignition-dracut-0.0+git20200325.ea3bdc9/dracut/99emergency-timeout/timeout.sh
2020-03-25 16:43:46.000000000 +0100
+++
new/ignition-dracut-0.0+git20200504.7ff38d9/dracut/99emergency-timeout/timeout.sh
2020-05-05 01:11:06.000000000 +0200
@@ -29,7 +29,7 @@
if [[ -e /.emergency-shell-confirmed ]]; then
return
fi
- ignition_units="ignition-disks.service ignition-files.service
ignition-mount.service"
+ ignition_units="ignition-fetch.service ignition-disks.service
ignition-files.service ignition-mount.service"
if systemctl show $ignition_units | grep -q "^ActiveState=failed$"; then
# Ignition has failed, suppress kernel logs so that Ignition logs stay
# on the screen
@@ -42,13 +42,17 @@
# Print Ignition logs
cat <<EOF
-------------------------------------------------------------------------------
-Ignition has failed. Please ensure your config is valid. Note that only
Ignition spec
-v3.0.0+ configs are accepted.
-A CLI validation tool to check this called ignition-validate can be downloaded
from GitHub:
+Ignition has failed. Please ensure your config is valid. Note that only
+Ignition spec v3.0.0+ configs are accepted.
+
+A CLI validation tool to check this called ignition-validate can be
+downloaded from GitHub:
https://github.com/coreos/ignition/releases
+
Here are the Ignition logs:
EOF
journalctl -t ignition --no-pager --no-hostname -o cat
+ echo
fi
# Regularly prompt with time remaining. This ensures the prompt doesn't
