coreos/ignition
1
0
Fork 0
mirror of https://github.com/coreos/ignition.git synced 2026-02-06 09:47:17 +01:00
Code Issues Releases Activity
Files
openstack-support
ignition/dracut/30ignition/module-setup.sh
Madhu Pillai 8e13a8f520 dracut: correctly add pkey_cca kernel module for cex support 
fixes:#2013

Co-authored-by: Timothée Ravier <tim@siosm.fr>
2025-02-13 06:48:49 +01:00

128 lines
4.0 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
check() {
# Only include this if another module requests it.
# In our case it'll be the distro provided module with integration and customizations
# (coreos-ignition/ignition-microos/...).
return 255
}
depends() {
echo qemu systemd url-lib network
}
install_ignition_unit() {
local unit="$1"; shift
local target="${1:-ignition-complete.target}"; shift
local instantiated="${1:-$unit}"; shift
inst_simple "$moddir/$unit" "$systemdsystemunitdir/$unit"
# note we `|| exit 1` here so we error out if e.g. the units are missing
# see https://github.com/coreos/fedora-coreos-config/issues/799
$SYSTEMCTL -q --root="$initdir" add-requires "$target" "$instantiated" || exit 1
}
install() {
inst_multiple \
basename \
lsblk
# Not all features of the configuration may be available on all systems
# (e.g. on embedded systems), so only add applications which are actually
# present
inst_multiple -o \
groupadd \
groupdel \
mkfs.btrfs \
mkfs.ext4 \
mkfs.fat \
mkfs.xfs \
mkswap \
partx \
sgdisk \
useradd \
userdel \
usermod \
wipefs
# Needed for clevis binding; note all binaries related to unlocking are
# included by the Clevis dracut modules.
inst_multiple -o \
clevis-encrypt-sss \
clevis-encrypt-tang \
clevis-encrypt-tpm2 \
clevis-luks-bind \
clevis-luks-common-functions \
clevis-luks-unlock \
pwmake \
tpm2_create \
tpm2_createpolicy
# Required by s390x's z/VM installation.
# Supporting https://github.com/coreos/ignition/pull/865
if [[ ${DRACUT_ARCH:-$(uname -m)} == s390x ]]; then
inst_multiple chccwdev vmur zkey zkey-cryptsetup
inst_simple "$moddir/ignition-cex" "/etc/luks/cex.key"
fi
# Required on system using SELinux.
inst_multiple -o setfiles
inst_script "$moddir/ignition-kargs-helper.sh" \
"/usr/sbin/ignition-kargs-helper"
# Distro packaging is expected to install the ignition binary into the
# module directory.
inst_simple "$moddir/ignition" \
"/usr/bin/ignition"
# Rule to allow udev to discover unformatted encrypted devices
inst_simple "$moddir/99-xx-ignition-systemd-cryptsetup.rules" \
"/usr/lib/udev/rules.d/99-xx-ignition-systemd-cryptsetup.rules"
# disable dictcheck
inst_simple "$moddir/ignition-luks.conf" \
"/etc/security/pwquality.conf.d/ignition-luks.conf"
inst_simple "$moddir/ignition-generator" \
"$systemdutildir/system-generators/ignition-generator"
for x in "complete" "subsequent" "diskful" "diskful-subsequent"; do
inst_simple "$moddir/ignition-$x.target" \
"$systemdsystemunitdir/ignition-$x.target"
done
install_ignition_unit ignition-fetch.service
install_ignition_unit ignition-fetch-offline.service
install_ignition_unit ignition-kargs.service
install_ignition_unit ignition-disks.service
install_ignition_unit ignition-mount.service
install_ignition_unit ignition-files.service
# units only started when we have a boot disk
# path generated by systemd-escape --path /dev/disk/by-label/root
install_ignition_unit ignition-remount-sysroot.service ignition-diskful.target
# needed for openstack config drive support
inst_rules 60-cdrom_id.rules
}
installkernel() {
# required by hyperv platform to read kvp from the kernel
instmods hv_utils
# required by applehv platform to read ignition file through vsock
instmods -c vsock
instmods -c vmw_vsock_virtio_transport_common
instmods -c vmw_vsock_virtio_transport
# required for cex card early initialization
if [[ ${DRACUT_ARCH:-$(uname -m)} == s390x ]]; then
instmods -c zcrypt_cex4
instmods -c pkey_cca
fi
}
View Git Blame Copy Permalink