From 48c85849e66d986d9df0b8ffff80b044223a85ca Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 12 Dec 2023 11:31:05 -0500 Subject: [PATCH 1/3] initramfs: Move our dracut config later Our hostonly setting was conflicting with the default `hostonly=yes` in `01-dist.conf`. --- tier-0/initramfs.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tier-0/initramfs.yaml b/tier-0/initramfs.yaml index 4c591e1a..08127a5b 100644 --- a/tier-0/initramfs.yaml +++ b/tier-0/initramfs.yaml @@ -3,7 +3,7 @@ postprocess: - | #!/usr/bin/env bash mkdir -p /usr/lib/dracut/dracut.conf.d - cat > /usr/lib/dracut/dracut.conf.d/01-bootc-nohostonly.conf << 'EOF' + cat > /usr/lib/dracut/dracut.conf.d/20-bootc-nohostonly.conf << 'EOF' # We want a generic image; hostonly makes no sense as part of a server side build hostonly=no EOF @@ -11,6 +11,6 @@ postprocess: # We want this for systemd-cryptsetup tpm2 locking dracutmodules+=" tpm2-tss " EOF - cat > /usr/lib/dracut/dracut.conf.d/01-centos-bootc-base.conf << 'EOF' + cat > /usr/lib/dracut/dracut.conf.d/20-centos-bootc-base.conf << 'EOF' dracutmodules+=" kernel-modules dracut-systemd systemd-initrd base " EOF From ecbd78af68f4ab7522cea18e2233134600a97f75 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 12 Dec 2023 11:32:49 -0500 Subject: [PATCH 2/3] initramfs: Consolidate and rename drop-initramfs No reason to have the "base" settings in distinct files. --- tier-0/initramfs.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/tier-0/initramfs.yaml b/tier-0/initramfs.yaml index 08127a5b..a0d70223 100644 --- a/tier-0/initramfs.yaml +++ b/tier-0/initramfs.yaml @@ -3,14 +3,12 @@ postprocess: - | #!/usr/bin/env bash mkdir -p /usr/lib/dracut/dracut.conf.d - cat > /usr/lib/dracut/dracut.conf.d/20-bootc-nohostonly.conf << 'EOF' + cat > /usr/lib/dracut/dracut.conf.d/20-bootc-base.conf << 'EOF' # We want a generic image; hostonly makes no sense as part of a server side build hostonly=no + dracutmodules+=" kernel-modules dracut-systemd systemd-initrd base " EOF - cat > /usr/lib/dracut/dracut.conf.d/49-tpm2-tss.conf << 'EOF' + cat > /usr/lib/dracut/dracut.conf.d/49-bootc-tpm2-tss.conf << 'EOF' # We want this for systemd-cryptsetup tpm2 locking dracutmodules+=" tpm2-tss " EOF - cat > /usr/lib/dracut/dracut.conf.d/20-centos-bootc-base.conf << 'EOF' - dracutmodules+=" kernel-modules dracut-systemd systemd-initrd base " - EOF From b943729fb2ddae96565c91735477f7bcd2035099 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 12 Dec 2023 12:33:37 -0500 Subject: [PATCH 3/3] initramfs: Also enable ostree module rpm-ostree does this, but let's do it here too for extra reliability. --- tier-0/initramfs.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tier-0/initramfs.yaml b/tier-0/initramfs.yaml index a0d70223..abd2c70f 100644 --- a/tier-0/initramfs.yaml +++ b/tier-0/initramfs.yaml @@ -6,7 +6,7 @@ postprocess: cat > /usr/lib/dracut/dracut.conf.d/20-bootc-base.conf << 'EOF' # We want a generic image; hostonly makes no sense as part of a server side build hostonly=no - dracutmodules+=" kernel-modules dracut-systemd systemd-initrd base " + dracutmodules+=" kernel-modules dracut-systemd systemd-initrd base ostree " EOF cat > /usr/lib/dracut/dracut.conf.d/49-bootc-tpm2-tss.conf << 'EOF' # We want this for systemd-cryptsetup tpm2 locking