|
 |
7dd7e2 |
diff --git a/dracut/50rdcore/module-setup.sh b/dracut/50rdcore/module-setup.sh
|
|
|
7dd7e2 |
index c065851..2d689d9 100755
|
|
|
7dd7e2 |
--- a/dracut/50rdcore/module-setup.sh
|
|
|
7dd7e2 |
+++ b/dracut/50rdcore/module-setup.sh
|
|
|
7dd7e2 |
@@ -14,6 +14,48 @@ install() {
|
|
|
7dd7e2 |
inst_multiple gpg-agent
|
|
|
7dd7e2 |
inst_multiple gpg-connect-agent
|
|
|
7dd7e2 |
|
|
|
7dd7e2 |
+ inst_multiple \
|
|
|
7dd7e2 |
+ realpath \
|
|
|
7dd7e2 |
+ basename \
|
|
|
7dd7e2 |
+ blkid \
|
|
|
7dd7e2 |
+ cat \
|
|
|
7dd7e2 |
+ dirname \
|
|
|
7dd7e2 |
+ findmnt \
|
|
|
7dd7e2 |
+ growpart \
|
|
|
7dd7e2 |
+ realpath \
|
|
|
7dd7e2 |
+ resize2fs \
|
|
|
7dd7e2 |
+ tail \
|
|
|
7dd7e2 |
+ tune2fs \
|
|
|
7dd7e2 |
+ touch \
|
|
|
7dd7e2 |
+ xfs_admin \
|
|
|
7dd7e2 |
+ xfs_growfs \
|
|
|
7dd7e2 |
+ wc \
|
|
|
7dd7e2 |
+ lsblk \
|
|
|
7dd7e2 |
+ wipefs
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+ inst_multiple \
|
|
|
7dd7e2 |
+ awk \
|
|
|
7dd7e2 |
+ cat \
|
|
|
7dd7e2 |
+ dd \
|
|
|
7dd7e2 |
+ grep \
|
|
|
7dd7e2 |
+ mktemp \
|
|
|
7dd7e2 |
+ partx \
|
|
|
7dd7e2 |
+ rm \
|
|
|
7dd7e2 |
+ sed \
|
|
|
7dd7e2 |
+ sfdisk \
|
|
|
7dd7e2 |
+ sgdisk \
|
|
|
7dd7e2 |
+ find
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+ inst_multiple -o \
|
|
|
7dd7e2 |
+ clevis-encrypt-sss \
|
|
|
7dd7e2 |
+ clevis-encrypt-tang \
|
|
|
7dd7e2 |
+ clevis-encrypt-tpm2 \
|
|
|
7dd7e2 |
+ clevis-luks-bind \
|
|
|
7dd7e2 |
+ clevis-luks-common-functions \
|
|
|
7dd7e2 |
+ clevis-luks-unlock \
|
|
|
7dd7e2 |
+ pwmake \
|
|
|
7dd7e2 |
+ tpm2_create
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
inst_simple "$moddir/rdcore" "/usr/bin/rdcore"
|
|
|
7dd7e2 |
|
|
|
7dd7e2 |
inst_simple "$moddir/coreos-installer" "/usr/bin/coreos-installer"
|
|
|
7dd7e2 |
@@ -33,19 +75,8 @@ install() {
|
|
|
7dd7e2 |
install_and_enable_unit "coreos-installer-reboot.service" \
|
|
|
7dd7e2 |
"default.target"
|
|
|
7dd7e2 |
|
|
|
7dd7e2 |
-# install_and_enable_unit "coreos-installer-noreboot.service" \
|
|
|
7dd7e2 |
-# "basic.target"
|
|
|
7dd7e2 |
-# inst_simple "$moddir/coreos-installer-reboot.service" \
|
|
|
7dd7e2 |
-# "$systemdsystemunitdir/coreos-installer-reboot.service"
|
|
|
7dd7e2 |
-# inst_simple "$moddir/coreos-installer-noreboot.service" \
|
|
|
7dd7e2 |
-# "$systemdsystemunitdir/coreos-installer-noreboot.service"
|
|
|
7dd7e2 |
-#
|
|
|
7dd7e2 |
-# inst_simple "$moddir/coreos-installer.target" \
|
|
|
7dd7e2 |
-# "$systemdsystemunitdir/coreos-installer.target"
|
|
|
7dd7e2 |
-#
|
|
|
7dd7e2 |
-# inst_simple "$moddir/coreos-installer-pre.target" \
|
|
|
7dd7e2 |
-# "$systemdsystemunitdir/coreos-installer-pre.target"
|
|
|
7dd7e2 |
-#
|
|
|
7dd7e2 |
-# inst_simple "$moddir/coreos-installer-post.target" \
|
|
|
7dd7e2 |
-# "$systemdsystemunitdir/coreos-installer-post.target"
|
|
|
7dd7e2 |
+ install_and_enable_unit "growfs.service" \
|
|
|
7dd7e2 |
+ "default.target"
|
|
|
7dd7e2 |
+ inst_script "$moddir/growfs" \
|
|
|
7dd7e2 |
+ /usr/sbin/growfs
|
|
|
7dd7e2 |
}
|
|
|
7dd7e2 |
diff --git a/scripts/growfs b/scripts/growfs
|
|
|
7dd7e2 |
new file mode 100644
|
|
|
7dd7e2 |
index 0000000..45c495c
|
|
|
7dd7e2 |
--- /dev/null
|
|
|
7dd7e2 |
+++ b/scripts/growfs
|
|
|
7dd7e2 |
@@ -0,0 +1,100 @@
|
|
|
7dd7e2 |
+#!/bin/bash
|
|
|
7dd7e2 |
+set -euo pipefail
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# This script grows the root
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+sleep 5
|
|
|
7dd7e2 |
+udevadm settle
|
|
|
7dd7e2 |
+TYPE=$(lsblk --output FSTYPE /dev/disk/by-label/root | tail -n1)
|
|
|
7dd7e2 |
+echo ${TYPE}
|
|
|
7dd7e2 |
+dev=$(realpath /dev/disk/by-label/root)
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+mount -t ${TYPE} /dev/disk/by-label/root /sysroot
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# We run after the rootfs is mounted at /sysroot
|
|
|
7dd7e2 |
+path=/sysroot
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# The use of tail is to avoid errors from duplicate mounts;
|
|
|
7dd7e2 |
+# this shouldn't happen for us but we're being conservative.
|
|
|
7dd7e2 |
+src=$(findmnt -nvr -o SOURCE "$path" | tail -n1)
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+partition=$(realpath /dev/disk/by-label/root)
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# Go through each blockdev in the hierarchy and verify we know how to grow them
|
|
|
7dd7e2 |
+lsblk -no TYPE "${partition}" | while read dev; do
|
|
|
7dd7e2 |
+ case "${dev}" in
|
|
|
7dd7e2 |
+ part|crypt) ;;
|
|
|
7dd7e2 |
+ *) echo "error: Unsupported blockdev type ${dev}" 1>&2; exit 1 ;;
|
|
|
7dd7e2 |
+ esac
|
|
|
7dd7e2 |
+done
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# Get the filesystem type before extending the partition. This matters
|
|
|
7dd7e2 |
+# because the partition, once extended, might include leftover superblocks
|
|
|
7dd7e2 |
+# from the previous contents of the disk (notably ZFS), causing blkid to
|
|
|
7dd7e2 |
+eval $(blkid -o export "${src}")
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+ROOTFS_TYPE=${TYPE:-}
|
|
|
7dd7e2 |
+case "${ROOTFS_TYPE}" in
|
|
|
7dd7e2 |
+ xfs|ext4|btrfs) ;;
|
|
|
7dd7e2 |
+ *) echo "error: Unsupported filesystem for ${path}: '${ROOTFS_TYPE}'" 1>&2; exit 1 ;;
|
|
|
7dd7e2 |
+esac
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# Now, go through the hierarchy, growing everything. Note we go one device at a
|
|
|
7dd7e2 |
+# time using --nodeps, because ordering is buggy in el8:
|
|
|
7dd7e2 |
+# https://bugzilla.redhat.com/show_bug.cgi?id=1940607
|
|
|
7dd7e2 |
+current_blkdev=${partition}
|
|
|
7dd7e2 |
+while true; do
|
|
|
7dd7e2 |
+ eval "$(lsblk --paths --nodeps --pairs -o NAME,TYPE,PKNAME "${current_blkdev}")"
|
|
|
7dd7e2 |
+ MAJMIN=$(echo $(lsblk -dno MAJ:MIN "${NAME}"))
|
|
|
7dd7e2 |
+ case "${TYPE}" in
|
|
|
7dd7e2 |
+ part)
|
|
|
7dd7e2 |
+ eval $(udevadm info --query property --export "${current_blkdev}" | grep ^DM_ || :)
|
|
|
7dd7e2 |
+ if [ -n "${DM_MPATH:-}" ]; then
|
|
|
7dd7e2 |
+ # Since growpart does not understand device mapper, we have to use sfdisk.
|
|
|
7dd7e2 |
+ echo ", +" | sfdisk --no-reread --no-tell-kernel --force -N "${DM_PART}" "/dev/mapper/${DM_MPATH}"
|
|
|
7dd7e2 |
+ udevadm settle # Wait for udev-triggered kpartx to update mappings
|
|
|
7dd7e2 |
+ else
|
|
|
7dd7e2 |
+ partnum=$(cat "/sys/dev/block/${MAJMIN}/partition")
|
|
|
7dd7e2 |
+ # XXX: ideally this'd be idempotent and we wouldn't `|| :`
|
|
|
7dd7e2 |
+ growpart "${PKNAME}" "${partnum}" || :
|
|
|
7dd7e2 |
+ fi
|
|
|
7dd7e2 |
+ ;;
|
|
|
7dd7e2 |
+ crypt)
|
|
|
7dd7e2 |
+ # XXX: yuck... we need to expose this sanely in clevis
|
|
|
7dd7e2 |
+ (. /usr/bin/clevis-luks-common-functions
|
|
|
7dd7e2 |
+ eval $(udevadm info --query=property --export "${NAME}")
|
|
|
7dd7e2 |
+ # lsblk doesn't print PKNAME of crypt devices with --nodeps
|
|
|
7dd7e2 |
+ PKNAME=/dev/$(ls "/sys/dev/block/${MAJMIN}/slaves")
|
|
|
7dd7e2 |
+ clevis_luks_unlock_device "${PKNAME}" | cryptsetup resize -d- "${DM_NAME}"
|
|
|
7dd7e2 |
+ )
|
|
|
7dd7e2 |
+ ;;
|
|
|
7dd7e2 |
+ # already checked
|
|
|
7dd7e2 |
+ *) echo "unreachable" 1>&2; exit 1 ;;
|
|
|
7dd7e2 |
+ esac
|
|
|
7dd7e2 |
+ holders="/sys/dev/block/${MAJMIN}/holders"
|
|
|
7dd7e2 |
+ [ -d "${holders}" ] || break
|
|
|
7dd7e2 |
+ nholders="$(ls "${holders}" | wc -l)"
|
|
|
7dd7e2 |
+ if [ "${nholders}" -eq 0 ]; then
|
|
|
7dd7e2 |
+ break
|
|
|
7dd7e2 |
+ elif [ "${nholders}" -gt 1 ]; then
|
|
|
7dd7e2 |
+ # this shouldn't happen since we've checked the partition types already
|
|
|
7dd7e2 |
+ echo "error: Unsupported block device with multiple children: ${NAME}" 1>&2
|
|
|
7dd7e2 |
+ exit 1
|
|
|
7dd7e2 |
+ fi
|
|
|
7dd7e2 |
+ current_blkdev=/dev/$(ls "${holders}")
|
|
|
7dd7e2 |
+done
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# Wipe any filesystem signatures from the extended partition that don't
|
|
|
7dd7e2 |
+# correspond to the FS type we detected earlier.
|
|
|
7dd7e2 |
+wipefs -af -t "no${ROOTFS_TYPE}" "${src}"
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# TODO: Add XFS to https://github.com/systemd/systemd/blob/master/src/partition/growfs.c
|
|
|
7dd7e2 |
+# and use it instead.
|
|
|
7dd7e2 |
+case "${ROOTFS_TYPE}" in
|
|
|
7dd7e2 |
+ xfs) xfs_growfs "${path}" ;;
|
|
|
7dd7e2 |
+ ext4) resize2fs "${src}" ;;
|
|
|
7dd7e2 |
+ btrfs) btrfs filesystem resize max ${path} ;;
|
|
|
7dd7e2 |
+esac
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+# this is useful for tests
|
|
|
7dd7e2 |
+touch /run/growfs.stamp
|
|
|
7dd7e2 |
\ No newline at end of file
|
|
|
7dd7e2 |
diff --git a/src/blockdev.rs b/src/blockdev.rs
|
|
|
7dd7e2 |
index f9701b9..2fdd6f0 100644
|
|
|
7dd7e2 |
--- a/src/blockdev.rs
|
|
|
7dd7e2 |
+++ b/src/blockdev.rs
|
|
|
7dd7e2 |
@@ -970,7 +970,7 @@ pub fn udev_settle() -> Result<()> {
|
|
|
7dd7e2 |
// udevd hasn't yet received updates from the kernel, settle will return
|
|
|
7dd7e2 |
// immediately, and lsblk won't pick up partition labels. Try to sleep
|
|
|
7dd7e2 |
// our way out of this.
|
|
|
7dd7e2 |
- sleep(Duration::from_millis(200));
|
|
|
7dd7e2 |
+ sleep(Duration::from_millis(500));
|
|
|
7dd7e2 |
|
|
|
7dd7e2 |
runcmd!("udevadm", "settle")?;
|
|
|
7dd7e2 |
Ok(())
|
|
|
7dd7e2 |
diff --git a/systemd/coreos-installer-reboot.service b/systemd/coreos-installer-reboot.service
|
|
|
7dd7e2 |
index ad79614..f9ba80e 100644
|
|
|
7dd7e2 |
--- a/systemd/coreos-installer-reboot.service
|
|
|
7dd7e2 |
+++ b/systemd/coreos-installer-reboot.service
|
|
|
7dd7e2 |
@@ -1,6 +1,5 @@
|
|
|
7dd7e2 |
[Unit]
|
|
|
7dd7e2 |
Description=Reboot after CoreOS Installer
|
|
|
7dd7e2 |
-#Requires=coreos-installer.target
|
|
|
7dd7e2 |
After=coreos-installer.service
|
|
|
7dd7e2 |
OnFailure=emergency.target
|
|
|
7dd7e2 |
OnFailureJobMode=replace-irreversibly
|
|
|
7dd7e2 |
diff --git a/systemd/coreos-installer.service b/systemd/coreos-installer.service
|
|
|
7dd7e2 |
index 716b783..e8199a9 100644
|
|
|
7dd7e2 |
--- a/systemd/coreos-installer.service
|
|
|
7dd7e2 |
+++ b/systemd/coreos-installer.service
|
|
|
7dd7e2 |
@@ -1,13 +1,5 @@
|
|
|
7dd7e2 |
[Unit]
|
|
|
7dd7e2 |
Description=CoreOS Installer
|
|
|
7dd7e2 |
-#Before=coreos-installer.target
|
|
|
7dd7e2 |
-#After=nm-run.service
|
|
|
7dd7e2 |
-#After=network-online.target
|
|
|
7dd7e2 |
-#Wants=network-online.target
|
|
|
7dd7e2 |
-# Until we retry HTTP requests let's wait here until
|
|
|
7dd7e2 |
-# systemd-resolved comes up if enabled.
|
|
|
7dd7e2 |
-# https://github.com/coreos/coreos-installer/issues/283
|
|
|
7dd7e2 |
-#After=systemd-resolved.service
|
|
|
7dd7e2 |
|
|
|
7dd7e2 |
After=basic.target
|
|
|
7dd7e2 |
# Network is enabled here
|
|
|
7dd7e2 |
diff --git a/systemd/growfs.service b/systemd/growfs.service
|
|
|
7dd7e2 |
new file mode 100644
|
|
|
7dd7e2 |
index 0000000..6d77aaa
|
|
|
7dd7e2 |
--- /dev/null
|
|
|
7dd7e2 |
+++ b/systemd/growfs.service
|
|
|
7dd7e2 |
@@ -0,0 +1,13 @@
|
|
|
7dd7e2 |
+[Unit]
|
|
|
7dd7e2 |
+Description=Grow root filesystem
|
|
|
7dd7e2 |
+DefaultDependencies=false
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+After=coreos-installer.service
|
|
|
7dd7e2 |
+Before=coreos-installer-reboot.service
|
|
|
7dd7e2 |
+Requires=dev-disk-by\x2dlabel-root.device
|
|
|
7dd7e2 |
+After=dev-disk-by\x2dlabel-root.device
|
|
|
7dd7e2 |
+
|
|
|
7dd7e2 |
+[Service]
|
|
|
7dd7e2 |
+Type=oneshot
|
|
|
7dd7e2 |
+ExecStart=/usr/sbin/growfs
|
|
|
7dd7e2 |
+RemainAfterExit=yes
|
|
|
7dd7e2 |
\ No newline at end of file
|