diff --git a/0001-Order-ignition-disks.service-before-systemd-fsck-roo.patch b/0001-Order-ignition-disks.service-before-systemd-fsck-roo.patch new file mode 100644 index 0000000..59934fb --- /dev/null +++ b/0001-Order-ignition-disks.service-before-systemd-fsck-roo.patch @@ -0,0 +1,38 @@ +From c30af974e1487e4a23d773e2061873afd6dcb8bf Mon Sep 17 00:00:00 2001 +From: Fabian Vogt +Date: Thu, 17 Aug 2023 13:51:24 +0200 +Subject: [PATCH] Order ignition-disks.service before systemd-fsck-root.service + +firstboot-detect.service needs initrd-root-device.target but has to be before +any ignition units, so ignition units can't use +Before=initrd-root-device.target. Use systemd-fsck-root.service instead, which +fits the comment above more anyway. +--- + dracut/30ignition/ignition-disks.service | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/dracut/30ignition/ignition-disks.service b/dracut/30ignition/ignition-disks.service +index 730063f1..2c817408 100644 +--- a/dracut/30ignition/ignition-disks.service ++++ b/dracut/30ignition/ignition-disks.service +@@ -9,7 +9,7 @@ Before=ignition-complete.target + After=ignition-fetch.service + Before=ignition-mount.service + +-# This stage runs between `basic.target` and `initrd-root-device.target`, ++# This stage runs between `basic.target` and `systemd-fsck-root.service`, + # see https://www.freedesktop.org/software/systemd/man/bootup.html + # Make sure to run before the file system checks, as sgdisk will trigger + # udev events, potentially resulting in race conditions due to disappearing +@@ -18,7 +18,7 @@ Before=ignition-mount.service + # Note that CL runs this before `local-fs-pre.target` to allow for configs that + # completely wipe the rootfs. Though we're not there yet. But we still run + # before `sysroot.mount` on principle. +-Before=initrd-root-device.target ++Before=systemd-fsck-root.service + Before=sysroot.mount + + OnFailure=emergency.target +-- +2.41.0 + diff --git a/0001-dracut-Don-t-include-the-ignition-module-by-default.patch b/0001-dracut-Don-t-include-the-ignition-module-by-default.patch new file mode 100644 index 0000000..6abe85b --- /dev/null +++ b/0001-dracut-Don-t-include-the-ignition-module-by-default.patch @@ -0,0 +1,48 @@ +From 7b753b963953392aca6e44a7be9441e01e70ff2d Mon Sep 17 00:00:00 2001 +From: Fabian Vogt +Date: Mon, 21 Aug 2023 14:17:01 +0200 +Subject: [PATCH] dracut: Don't include the ignition module by default + +Currently the module is automatically included in all initrds, hostonly or +generic. Leave it to the distro provided module to pull it in explicitly. +--- + docs/release-notes.md | 4 ++++ + dracut/30ignition/module-setup.sh | 7 +++++++ + 2 files changed, 11 insertions(+) + +diff --git a/docs/release-notes.md b/docs/release-notes.md +index e53bdf8d..65ce77ce 100644 +--- a/docs/release-notes.md ++++ b/docs/release-notes.md +@@ -8,6 +8,10 @@ nav_order: 9 + + ### Breaking changes + ++- The dracut module is not automatically included in initramfs images anymore. ++ Distributions need to explicitly request inclusion, either by ensuring that ++ it is pulled in by another module, for instance the module providing distro ++ integration and customization, or by installing a dracut configuration file. + + ### Features + +diff --git a/dracut/30ignition/module-setup.sh b/dracut/30ignition/module-setup.sh +index ad7e80fd..f431b7dc 100755 +--- a/dracut/30ignition/module-setup.sh ++++ b/dracut/30ignition/module-setup.sh +@@ -2,6 +2,13 @@ + # -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- + # ex: ts=8 sw=4 sts=4 et filetype=sh + ++check() { ++ # Only include this if another module requests it. ++ # In our case it'll be the distro provided module with integration and customizations ++ # (coreos-ignition/ignition-microos/...). ++ return 255 ++} ++ + depends() { + echo qemu systemd url-lib network + } +-- +2.41.0 + diff --git a/0002-allow-multiple-mounts-of-same-device.patch b/0002-allow-multiple-mounts-of-same-device.patch index 6454f7b..46af785 100644 --- a/0002-allow-multiple-mounts-of-same-device.patch +++ b/0002-allow-multiple-mounts-of-same-device.patch @@ -6,78 +6,73 @@ Upstream: Ticket opened [gh#coreos/ignition#890] e.g. to mount several subvolumes from a Btrfs device or bind mounting the device to multiple places, by also adding the path to the key. -Index: ignition-2.15.0/config/v3_1/types/filesystem.go +Index: ignition-2.16.2/config/v3_1/types/filesystem.go =================================================================== ---- ignition-2.15.0.orig/config/v3_1/types/filesystem.go -+++ ignition-2.15.0/config/v3_1/types/filesystem.go -@@ -23,7 +23,10 @@ import ( +--- ignition-2.16.2.orig/config/v3_1/types/filesystem.go ++++ ignition-2.16.2/config/v3_1/types/filesystem.go +@@ -23,6 +23,9 @@ import ( ) func (f Filesystem) Key() string { + if (f.Path != nil) { -+ f.Device += *f.Path ++ return f.Device + *f.Path + } - return f.Device + return f.Device } - func (f Filesystem) IgnoreDuplicates() map[string]struct{} { -Index: ignition-2.15.0/config/v3_2/types/filesystem.go +Index: ignition-2.16.2/config/v3_2/types/filesystem.go =================================================================== ---- ignition-2.15.0.orig/config/v3_2/types/filesystem.go -+++ ignition-2.15.0/config/v3_2/types/filesystem.go -@@ -23,7 +23,10 @@ import ( +--- ignition-2.16.2.orig/config/v3_2/types/filesystem.go ++++ ignition-2.16.2/config/v3_2/types/filesystem.go +@@ -23,6 +23,9 @@ import ( ) func (f Filesystem) Key() string { + if (f.Path != nil) { -+ f.Device += *f.Path ++ return f.Device + *f.Path + } - return f.Device + return f.Device } - func (f Filesystem) IgnoreDuplicates() map[string]struct{} { -Index: ignition-2.15.0/config/v3_3/types/filesystem.go +Index: ignition-2.16.2/config/v3_3/types/filesystem.go =================================================================== ---- ignition-2.15.0.orig/config/v3_3/types/filesystem.go -+++ ignition-2.15.0/config/v3_3/types/filesystem.go -@@ -23,7 +23,10 @@ import ( +--- ignition-2.16.2.orig/config/v3_3/types/filesystem.go ++++ ignition-2.16.2/config/v3_3/types/filesystem.go +@@ -23,6 +23,9 @@ import ( ) func (f Filesystem) Key() string { + if (f.Path != nil) { -+ f.Device += *f.Path ++ return f.Device + *f.Path + } - return f.Device + return f.Device } - func (f Filesystem) IgnoreDuplicates() map[string]struct{} { -Index: ignition-2.15.0/config/v3_4/types/filesystem.go +Index: ignition-2.16.2/config/v3_4/types/filesystem.go =================================================================== ---- ignition-2.15.0.orig/config/v3_4/types/filesystem.go -+++ ignition-2.15.0/config/v3_4/types/filesystem.go -@@ -23,7 +23,10 @@ import ( +--- ignition-2.16.2.orig/config/v3_4/types/filesystem.go ++++ ignition-2.16.2/config/v3_4/types/filesystem.go +@@ -23,6 +23,9 @@ import ( ) func (f Filesystem) Key() string { + if (f.Path != nil) { -+ f.Device += *f.Path ++ return f.Device + *f.Path + } - return f.Device + return f.Device } - func (f Filesystem) IgnoreDuplicates() map[string]struct{} { -Index: ignition-2.15.0/config/v3_5_experimental/types/filesystem.go +Index: ignition-2.16.2/config/v3_5_experimental/types/filesystem.go =================================================================== ---- ignition-2.15.0.orig/config/v3_5_experimental/types/filesystem.go -+++ ignition-2.15.0/config/v3_5_experimental/types/filesystem.go -@@ -23,7 +23,10 @@ import ( +--- ignition-2.16.2.orig/config/v3_5_experimental/types/filesystem.go ++++ ignition-2.16.2/config/v3_5_experimental/types/filesystem.go +@@ -23,6 +23,9 @@ import ( ) func (f Filesystem) Key() string { + if (f.Path != nil) { -+ f.Device += *f.Path ++ return f.Device + *f.Path + } - return f.Device + return f.Device } - func (f Filesystem) IgnoreDuplicates() map[string]struct{} { diff --git a/0003-Move-the-GTP-header-on-resized-disks.patch b/0003-Move-the-GPT-header-on-resized-disks.patch similarity index 92% rename from 0003-Move-the-GTP-header-on-resized-disks.patch rename to 0003-Move-the-GPT-header-on-resized-disks.patch index a762c6e..1e8117c 100644 --- a/0003-Move-the-GTP-header-on-resized-disks.patch +++ b/0003-Move-the-GPT-header-on-resized-disks.patch @@ -1,6 +1,6 @@ From: Ignaz Forster Date: Tue, 22 Aug 2023 16:13:07 +0200 -Subject: [PATCH] Move the GTP header on resized disks +Subject: [PATCH] Move the GPT header on resized disks --- internal/sgdisk/sgdisk.go | 1 + diff --git a/02_ignition_firstboot b/02_ignition_firstboot deleted file mode 100644 index fe18989..0000000 --- a/02_ignition_firstboot +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -exec tail -n +3 $0 -# On read-only systems /boot/writable provides a writeable -# subvolume which also stores the Ignition flag file. -set flagpath="/boot/writable" - -# Determine if this is a first boot and set the variable -# to be used later on the kernel command line. -set ignition_firstboot="" -if ! [ -f "${flagpath}/firstboot_happened" ]; then - # This defaults to DHCP in dracut - set ignition_network_kcmdline='' - - # source in the `ignition.firstboot` file which could override the - # above $ignition_network_kcmdline with static networking config. - # This override feature is primarily used by coreos-installer to - # persist static networking config provided during install to the - # first boot of the machine. - if [ -e "${flagpath}/ignition.firstboot" ]; then - source "${flagpath}/ignition.firstboot" - fi - - set ignition_firstboot="ignition.firstboot dasd_mod.dasd=autodetect $ignition_network_kcmdline" -fi diff --git a/README.SUSE b/README.SUSE index be93d3b..cf5dded 100644 --- a/README.SUSE +++ b/README.SUSE @@ -10,7 +10,7 @@ Changes for openSUSE / SLE: For better usability in addition to Ignition's own mount / umount stage all files systems tagged for being mounted in the initrd ("x-initrd.mount" mount flag) will automatically be mounted / umounted. -* ignition-setup-user.service / ignition-setup-use.sh: +* ignition-setup-user.service / ignition-setup-user.sh: The user configuration can be stored on a device with the label "ignition" (e.g. by attaching a USB flash drive with that name) instead of using the platform specific configuration storage mechanism. @@ -28,27 +28,10 @@ Changes for openSUSE / SLE: SELinux itself, however this is a compile time option, so it can't be used here. * ignition-suse-generator: - Supplements the upstream generator by adding dependencies to - ignition-setup-user.service and ignition-mount-initrd-fstab.service. + Replaces the upstream generator by making use of firstboot.target provided + by combustion and hooking up the services provided by this module. Additionally it will try to autodect the platform if it is not set on the kernel command line. -* 02_ignition_firstboot: - This file has been part of upstream ignition-dracut, but has since then been - moved to a static CoreOS specific configuration - (https://github.com/coreos/coreos-assembler/pull/616); it is now used in a - modified version adapted to SUSE's needs. - This script will automatically set the kernel parameters to trigger an - Ignition run if a flag file does not exist (e.g. on first boot). To trigger - an Ignition run manually just delete the file - "/boot/writable/firstboot_happened". -* ignition-firstboot-complete.service: - This file has been part of upstream ignition-dracut, but has since then been - moved to a static CoreOS specific configuration - (https://github.com/coreos/fedora-coreos-config/pull/1087); it is now used - in a simpified version adapted to SUSE's needs. - Sets the flag file "/boot/writable/firstboot_happened" to indicate a - successful first boot. This flag file is evaluated by the GRUB script - 02_ignition_firstboot from above. * ignition-enable-network.service / ignition-enable-network.sh: Ignition supports detection whether the configuration requires networking to avoid having to boot with networking enabled even when it isn't diff --git a/ignition-firstboot-complete.service b/ignition-firstboot-complete.service deleted file mode 100644 index a5856f6..0000000 --- a/ignition-firstboot-complete.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Mark boot complete -Documentation=https://build.opensuse.org/package/view_file/devel:kubic:ignition/ignition/README.SUSE?expand=1 -ConditionKernelCommandLine=ignition.firstboot - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/usr/bin/mkdir -p /boot/writable -ExecStart=/usr/bin/touch /boot/writable/firstboot_happened - -[Install] -# Part of basic.target so this happens early on in firstboot -WantedBy=basic.target diff --git a/ignition-suse-generator b/ignition-suse-generator index 3cc5789..94f4ede 100644 --- a/ignition-suse-generator +++ b/ignition-suse-generator @@ -4,8 +4,37 @@ set -e -# Call upstream generator -. /usr/lib/systemd/system-generators/ignition-generator +# Generators don't have logging right now +# https://github.com/systemd/systemd/issues/15638 +exec 1>/dev/kmsg; exec 2>&1 + +UNIT_DIR="${1:-/tmp}" + +cmdline=( $( /run/ignition.env + . /run/ignition.env add_requires ignition-mount-initrd-fstab.service ignition-files.service diff --git a/ignition-umount-initrd-fstab.service b/ignition-umount-initrd-fstab.service index a932c5e..8d87ac8 100644 --- a/ignition-umount-initrd-fstab.service +++ b/ignition-umount-initrd-fstab.service @@ -3,6 +3,8 @@ Description=Unmount initrd fstab entries for Ignition DefaultDependencies=false Before=ignition-complete.target After=ignition-files.service +# Make sure not to unmount the real sysroot-*.mount units +Before=initrd-parse-etc.service [Service] Type=oneshot diff --git a/ignition.changes b/ignition.changes index f15dd65..eeda47d 100644 --- a/ignition.changes +++ b/ignition.changes @@ -1,13 +1,32 @@ +------------------------------------------------------------------- +Wed Aug 23 13:47:34 UTC 2023 - Fabian Vogt + +- Omit ignition module in initrds for already configured systems: + * Add 0001-dracut-Don-t-include-the-ignition-module-by-default.patch + * Edit module-setup.sh +- Add explicit dep on combustion in module-setup.sh +- Replace ignition-dracut-grub2 with combustion's firstboot.target: + * Add 0001-Order-ignition-disks.service-before-systemd-fsck-roo.patch + * Edit ignition-suse-generator + * Edit ignition-umount-initrd-fstab.service + * Edit module-setup.sh + * Drop 02_ignition_firstboot + * Drop ignition-firstboot-complete.service + * Adjust README.SUSE +- Edit ignition-umount-initrd-fstab.service to not rely on combustion + units forcing proper order + ------------------------------------------------------------------- Wed Aug 23 13:33:29 UTC 2023 - Ignaz Forster - Fix segmentation fault if filesystem section of Ignition JSON doesn't contain path entry -- Add 0003-Move-the-GTP-header-on-resized-disks.patch to make it +- Add 0003-Move-the-GPT-header-on-resized-disks.patch to make it possible to create partitions on resized disk images - Add dm and crypt modules as dependencies to make it possible to configure a luks device -- Fix patch file metadata +- Fix patch file metadata in 0001-ignore-missing-qemu-blockdev.patch + and 0002-allow-multiple-mounts-of-same-device.patch ------------------------------------------------------------------- Thu Jul 13 20:08:51 UTC 2023 - iforster@suse.com diff --git a/ignition.spec b/ignition.spec index 98c3930..b7a197a 100644 --- a/ignition.spec +++ b/ignition.spec @@ -28,8 +28,6 @@ Source1: ignition-mount-initrd-fstab.service Source2: ignition-umount-initrd-fstab.service Source3: ignition-suse-generator Source4: module-setup.sh -Source5: 02_ignition_firstboot -Source6: ignition-firstboot-complete.service Source7: README.SUSE Source8: ignition-setup-user.sh Source9: ignition-setup-user.service @@ -43,13 +41,17 @@ Source20: ignition-userconfig-timeout.conf Source21: ignition-userconfig-timeout-arm.conf Patch1: 0001-ignore-missing-qemu-blockdev.patch Patch2: 0002-allow-multiple-mounts-of-same-device.patch -Patch3: 0003-Move-the-GTP-header-on-resized-disks.patch +Patch3: 0003-Move-the-GPT-header-on-resized-disks.patch +Patch4: 0001-Order-ignition-disks.service-before-systemd-fsck-roo.patch +# https://github.com/coreos/ignition/pull/1698 +Patch5: 0001-dracut-Don-t-include-the-ignition-module-by-default.patch BuildRequires: dracut BuildRequires: libblkid-devel BuildRequires: systemd-rpm-macros BuildRequires: update-bootloader-rpm-macros BuildRequires: golang(API) >= 1.18 -Requires: %{name}-dracut-grub2 +# combustion provides firstboot.target and ignition-kargs-helper calls combustion +Requires: combustion >= 1.2 Requires: dracut Recommends: %{_sbindir}/groupadd Recommends: %{_sbindir}/sgdisk @@ -64,6 +66,8 @@ Recommends: /sbin/udevadm Suggests: /sbin/mdadm Provides: ignition-dracut = 0.0+git20200722.98ed51d Obsoletes: ignition-dracut < 0.0+git20200722.98ed51d +# Not provided because the mechanism is different +Obsoletes: ignition-dracut-grub2 < %{version}-%{release} %{update_bootloader_requires} %description @@ -75,18 +79,6 @@ On first boot, Ignition reads its configuration from a source of truth (remote URL, network metadata service, hypervisor bridge, etc.) and applies the configuration. -%package dracut-grub2 -Summary: Files to trigger ignition firstboot with grub2 -Group: System/Management -Requires: grub2 -Requires(post): grub2 -Requires(post): sed - -%description dracut-grub2 -GRUB2 configuration which sets ignition.firstboot based on -/boot/writable/firstboot_happened and ignition.firstboot and a matching service -which creates firstboot_happened after the first boot. - %prep %autosetup -p1 @@ -98,8 +90,6 @@ cp %{SOURCE21} dracut/30ignition-microos/ignition-userconfig-timeout.conf %else cp %{SOURCE20} dracut/30ignition-microos/ignition-userconfig-timeout.conf %endif -cp %{SOURCE5} grub/ -cp %{SOURCE6} systemd_suse/ cp %{SOURCE15} systemd_suse/ignition-delete-config.service.d/ cp %{SOURCE7} . cp %{SOURCE12} dracut/30ignition/ignition-kargs-helper.sh @@ -113,8 +103,6 @@ make -o all install DESTDIR=%{buildroot} install -d %{buildroot}%{_sysconfdir}/grub.d install -d %{buildroot}%{_unitdir}/ignition-delete-config.service.d -install -p -m 0755 grub/* %{buildroot}%{_sysconfdir}/grub.d/ -install -p -m 0644 systemd_suse/*.service %{buildroot}%{_prefix}/lib/systemd/system/ install -p -m 0644 systemd_suse/ignition-delete-config.service.d/* %{buildroot}%{_prefix}/lib/systemd/system/ignition-delete-config.service.d install -d %{buildroot}%{_sbindir}/ mv %{buildroot}/usr/libexec/* %{buildroot}/%{_sbindir}/ @@ -125,13 +113,6 @@ rmdir %{buildroot}/usr/libexec %post %{?regenerate_initrd_post} -# Trigger creating the firstboot_happened file (in posttrans) on upgrades. -# This is needed for systems where the first boot happened before -# firstboot_happened got introduced and can be removed in the future. -if [ "$1" -ne 1 ]; then - mkdir -p %{_rundir}/ignition-dracut/ - touch %{_rundir}/ignition-dracut/isupgrade -fi %service_add_post ignition-delete-config.service %preun @@ -142,30 +123,6 @@ fi %posttrans %{?regenerate_initrd_posttrans} -if [ -f %{_rundir}/ignition-dracut/isupgrade ]; then - # Done in posttrans so that read-only-root-fs could create the subvol - mkdir -p /boot/writable - [ -e /boot/writable/firstboot_happened ] || touch /boot/writable/firstboot_happened -fi - -%pre dracut-grub2 -%service_add_pre ignition-firstboot-complete.service - -%post dracut-grub2 -if [ "$1" = 1 ] ; then - sed -i 's/^\(GRUB_CMDLINE_LINUX_DEFAULT="\)\(.*\)/\1\\$ignition_firstboot \2/' %{_sysconfdir}/default/grub - %{?update_bootloader_refresh_post} -fi -%service_add_post ignition-firstboot-complete.service - -%preun dracut-grub2 -%service_del_preun ignition-firstboot-complete.service - -%postun dracut-grub2 -if [ "$1" = 0 ] ; then - sed -i -E '/^GRUB_CMDLINE_LINUX_DEFAULT="/s/(\\\$)?ignition[._][^[:space:]"]+ ?//g' %{_sysconfdir}/default/grub -fi -%service_del_postun_without_restart ignition-firstboot-complete.service %files %license LICENSE @@ -180,10 +137,4 @@ fi %dir %{_unitdir}/ignition-delete-config.service.d %{_unitdir}/ignition-delete-config.service.d/ignition-rmcfg-suse.conf -%files dracut-grub2 -%license LICENSE -%doc README.SUSE -%{_sysconfdir}/grub.d/02_ignition_firstboot -%{_prefix}/lib/systemd/system/ignition-firstboot-complete.service - %changelog diff --git a/module-setup.sh b/module-setup.sh index 4ab867c..53064ec 100644 --- a/module-setup.sh +++ b/module-setup.sh @@ -2,8 +2,16 @@ # -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- # ex: ts=8 sw=4 sts=4 et filetype=sh +check() { + # Omit if building for this already configured system + if [[ $hostonly ]] && [ -e /etc/machine-id ]; then + return 255 + fi + return 0 +} + depends() { - echo ignition dm crypt + echo combustion crypt dm firstboot ignition } install_ignition_unit() {