diff --git a/image.yaml b/image.yaml index 653342ddd2..a91ab32025 100644 --- a/image.yaml +++ b/image.yaml @@ -9,9 +9,9 @@ extra-kargs: # https://fedoraproject.org/wiki/Changes/CGroupsV2 - systemd.unified_cgroup_hierarchy=0 -# Kernel arguments to be used on first-boot. -ignition-network-kcmdline: - - 'rd.neednet=1' +# Disable networking by default on firstboot. We can drop this once cosa stops +# defaulting to `ip=dhcp,dhcp6 rd.neednet=1` when it doesn't see this key. +ignition-network-kcmdline: [] # Optional remote by which to prefix the deployed OSTree ref ostree-remote: fedora diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/15coreos-firstboot-network/coreos-copy-firstboot-network.service b/overlay.d/05core/usr/lib/dracut/modules.d/15coreos-firstboot-network/coreos-copy-firstboot-network.service index 2762042128..2fd6151b01 100644 --- a/overlay.d/05core/usr/lib/dracut/modules.d/15coreos-firstboot-network/coreos-copy-firstboot-network.service +++ b/overlay.d/05core/usr/lib/dracut/modules.d/15coreos-firstboot-network/coreos-copy-firstboot-network.service @@ -43,6 +43,10 @@ After=coreos-gpt-setup@dev-disk-by\x2dlabel-root.service # Since we are mounting /boot/, require the device first Requires=dev-disk-by\x2dlabel-boot.device After=dev-disk-by\x2dlabel-boot.device +# Need to run after fetch-offline stage since it may re-run the NM cmdline +# hook which will generate NM configs from the network kargs, but we want to +# have precedence. +After=ignition-fetch-offline.service [Service] Type=oneshot diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service b/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service deleted file mode 100644 index 72ac3c3cf5..0000000000 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service +++ /dev/null @@ -1,45 +0,0 @@ -# This unit will run very early before the dracut-cmdline -# service and detect if we want to request dracut bring up -# networking or not. We do want to request networking if: -# -# - the user is booting the live ISO -# - the user didn't already request networking via rd.neednet -# - the user provided a ignition.config.url karg, implying -# the need for networking -# -# As of recently we skip networking if a config is injected via -# `coreos-installer iso embed` in order to allow automating -# installs on networks without DHCP. -# -# If we do determine we need network and there are no other -# `ip=` kargs then we'll use `ip=dhcp,dhcp6` by default. -# -# The requesting of network will be done by writing relevant -# dracut networking args into /etc/cmdline.d/coreos-live-network-kargs.conf -# so that it gets picked up by the dracut networking scripts later -# on in boot. -# -# This is all done because we want to support a mode where -# the user can boot the live ISO and get to an interactive -# prompt without requiring networking on boot. The user can -# then configure the networking interactively. -# -[Unit] -Description=Request live ISO networking -DefaultDependencies=no -Before=dracut-cmdline.service - -# Make sure we are in the initramfs. We are booted to the live -# ISO and rd.neednet wasn't already passed somewhere else -ConditionPathExists=/usr/lib/initrd-release -ConditionKernelCommandLine=!rd.neednet -ConditionKernelCommandLine=coreos.liveiso -ConditionPathExists=/run/ostree-live - -# We'll assume we need network in the following case (see description from above) -ConditionKernelCommandLine=|ignition.config.url - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/usr/sbin/coreos-liveiso-network-kargs diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh b/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh deleted file mode 100755 index 9049686ad4..0000000000 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/bash - -# For a description of how this is used see coreos-liveiso-network-kargs.service - -# Load the dracut library for getarg -source /usr/lib/dracut-lib.sh - -main() { - - # If we're running this script we already know we need networking - # (determined by conditionals in the systemd unit). - echo 'info: Requesting networking in the initramfs' - echo 'rd.neednet=1' > /etc/cmdline.d/10-coreos-liveiso-network-kargs.conf - - # If there is not already a ip= CLI arg use ip=dhcp,dhcp6 as default. - if ! getarg 'ip' &>/dev/null; then - echo 'info: using ip=dhcp,dhcp6 default networking configuration' - echo 'ip=dhcp,dhcp6' >> /etc/cmdline.d/10-coreos-liveiso-network-kargs.conf - else - echo 'info: using already set karg ip= information' - fi -} - -main diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator b/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator index 90ac7418ce..f61326afc8 100755 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator +++ b/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator @@ -31,7 +31,6 @@ add_requires sysroot.mount initrd-root-fs.target add_requires sysroot-etc.mount initrd-root-fs.target add_requires sysroot-var.mount initrd-root-fs.target -add_requires coreos-liveiso-network-kargs.service initrd.target add_requires coreos-liveiso-reconfigure-nm-wait-online.service initrd.target mkdir -p "${UNIT_DIR}/ostree-prepare-root.service.d" diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh b/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh index d49b0571c9..dcb4cc6b2a 100644 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh +++ b/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh @@ -34,12 +34,6 @@ install() { inst_simple "$moddir/writable.mount" \ "$systemdsystemunitdir/writable.mount" - inst_simple "$moddir/coreos-liveiso-network-kargs.sh" \ - "/usr/sbin/coreos-liveiso-network-kargs" - - inst_simple "$moddir/coreos-liveiso-network-kargs.service" \ - "$systemdsystemunitdir/coreos-liveiso-network-kargs.service" - inst_simple "$moddir/coreos-liveiso-reconfigure-nm-wait-online.service" \ "$systemdsystemunitdir/coreos-liveiso-reconfigure-nm-wait-online.service" } diff --git a/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service b/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service index befc41e790..a3db8673a6 100644 --- a/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service +++ b/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service @@ -4,8 +4,7 @@ [Unit] Description=CoreOS Live ISO virtio success Documentation=https://github.com/coreos/fedora-coreos-config -# Only run on the Live ISO, and only if there's no Ignition config; -# the second bits here invert the conditionals in coreos-liveiso-network-kargs.service. +# Only run on the Live ISO, and only if there's no Ignition config ConditionKernelCommandLine=coreos.liveiso ConditionPathExists=!/config.ign ConditionVirtualization=|kvm