Bug#1020396: systemd-boot: kernel installation/initrd update hooks double the initrd like #970213 since #826045

наб Tue, 20 Sep 2022 19:27:17 -0700

Hi!

Wrong MR; actually 170:
  https://salsa.debian.org/systemd-team/systemd/-/merge_requests/170


And I forgot the patches. Thankfully, I came up with a much better way
of fixing this: since systemd v251 we can just copy the initrd.img-$KVER
to $KERNEL_INSTALL_STAGING_AREA, and 90-loaderentry will install and
verison it properly ‒ we never have to generate a bare "initrd" in the
first place!

Actually attached them this time :)

Transcript of installation with patched system follows.

Best,
наб

-- >8 --
nabijaczleweli@szarotka:/tmp$ kernel-install -v add $(uname -r) 
/boot/vmlinuz-$(uname -r)
Reading /usr/lib/kernel/install.conf…
BOOT_ROOT=/tmp/br set via environment or install.conf
machine-id adc518602b20465e982dd9c8266a32e3 acquired from /etc/machine-id
Entry-token candidates: adc518602b20465e982dd9c8266a32e3 debian Default
/tmp/br/adc518602b20465e982dd9c8266a32e3 not found…
/tmp/br/loader/entries not found…
/tmp/br/debian exists, using BOOT_ROOT=/tmp/br, ENTRY_TOKEN=debian
/tmp/br/debian exists, using layout=bls
Using ENTRY_DIR_ABS=/tmp/br/debian/5.19.0-1-amd64
Plugin files:
/usr/lib/kernel/install.d/50-depmod.install
/usr/lib/kernel/install.d/85-initrd.install
/usr/lib/kernel/install.d/90-loaderentry.install
+mkdir -v -p /tmp/br/debian/5.19.0-1-amd64
mkdir: created directory '/tmp/br/debian/5.19.0-1-amd64'
+/usr/lib/kernel/install.d/50-depmod.install add 5.19.0-1-amd64 
/tmp/br/debian/5.19.0-1-amd64 /boot/vmlinuz-5.19.0-1-amd64
+depmod -a 5.19.0-1-amd64
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.dep.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.dep.bin.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.alias.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.alias.bin.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.softdep.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.symbols.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.symbols.bin.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.builtin.bin.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.builtin.alias.bin.8634.949744.1663726104, 301, 644): Permission denied
depmod: ERROR: openat(/lib/modules/5.19.0-1-amd64, 
modules.devname.8634.949744.1663726104, 301, 644): Permission denied
+/usr/lib/kernel/install.d/85-initrd.install add 5.19.0-1-amd64 
/tmp/br/debian/5.19.0-1-amd64 /boot/vmlinuz-5.19.0-1-amd64
Installing '/boot/initrd.img-5.19.0-1-amd64'
+/usr/lib/kernel/install.d/90-loaderentry.install add 5.19.0-1-amd64 
/tmp/br/debian/5.19.0-1-amd64 /boot/vmlinuz-5.19.0-1-amd64
chown: changing ownership of '/tmp/br/debian/5.19.0-1-amd64/linux': Operation 
not permitted
Installing /tmp/br/debian/5.19.0-1-amd64/initrd.img-5.19.0-1-amd64
chown: changing ownership of 
'/tmp/br/debian/5.19.0-1-amd64/initrd.img-5.19.0-1-amd64': Operation not 
permitted
Creating /tmp/br/loader/entries/debian-5.19.0-1-amd64.conf
nabijaczleweli@szarotka:/tmp$ find br
br
br/loader
br/loader/entries
br/loader/entries/debian-5.19.0-1-amd64.conf
br/debian
br/debian/5.19.0-1-amd64
br/debian/5.19.0-1-amd64/initrd.img-5.19.0-1-amd64
br/debian/5.19.0-1-amd64/linux
nabijaczleweli@szarotka:/tmp$ cat br/loader/entries/debian-5.19.0-1-amd64.conf
title      Debian GNU/Linux bookworm/sid
version    5.19.0-1-amd64
sort-key   debian
options    root=UUID=d9e8441a-1a97-47af-b002-d764ac46121b ro syscall.x32=y 
zfs.zfs_arc_max=2684354560 resume=PARTLABEL=szarotka-root-ng 
resume_offset=481280
linux      /br/debian/5.19.0-1-amd64/linux
initrd     /br/debian/5.19.0-1-amd64/initrd.img-5.19.0-1-amd64

From 1016a4e221d2243f137ee54510cd0a399310f8a7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczlew...@nabijaczleweli.xyz>
Date: Wed, 21 Sep 2022 02:59:16 +0200
Subject: [PATCH 1/2] debian/extra/kernel/postinst.d/systemd-boot: prefix with
 zz-
X-Mutt-PGP: OS

Since we explicitly (though this is hidden by indirection through
85-initrd.install) depend on /boot/initrd.img-$1
existing or not existing, hard-order ourselves at the end

The zz- prefix matches grub
---
 debian/extra/kernel/postinst.d/{systemd-boot => zz-systemd-boot} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename debian/extra/kernel/postinst.d/{systemd-boot => zz-systemd-boot} (100%)

diff --git a/debian/extra/kernel/postinst.d/systemd-boot b/debian/extra/kernel/postinst.d/zz-systemd-boot
similarity index 100%
rename from debian/extra/kernel/postinst.d/systemd-boot
rename to debian/extra/kernel/postinst.d/zz-systemd-boot
-- 
2.30.2

From c61d1d9c111901aab7f70b771624c1400c44795e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczlew...@nabijaczleweli.xyz>
Date: Wed, 21 Sep 2022 03:58:14 +0200
Subject: [PATCH 2/2] debian/extra/kernel-install.d/85-initrd.install: install
 default initrd with versioned basename
X-Mutt-PGP: OS

This fixes #1020396 in a superior way by using
$KERNEL_INSTALL_STAGING_AREA, available since systemd v251:
  https://github.com/systemd/systemd/commit/367165a4069ac0c04882a05a8a80f6afb1e42760

By just copying the file we both simplify our code,
but defer to 90-loaderentry to correctly permission it,
and simply never generate an unversioned initrd in the first place!
---
 debian/extra/kernel-install.d/85-initrd.install | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/debian/extra/kernel-install.d/85-initrd.install b/debian/extra/kernel-install.d/85-initrd.install
index 4f8b10148d..d9d07a87d1 100755
--- a/debian/extra/kernel-install.d/85-initrd.install
+++ b/debian/extra/kernel-install.d/85-initrd.install
@@ -5,13 +5,11 @@ set -eu
 
 COMMAND="$1"
 KERNEL_VERSION="$2"
-BOOT_DIR_ABS="$3"
 
 INITRD_SRC="/boot/initrd.img-$KERNEL_VERSION"
-INITRD_DEST="$BOOT_DIR_ABS/initrd"
 
 if [ "$COMMAND" = remove ]; then
-    exec rm -f "$INITRD_DEST"
+    exit 0
 fi
 
 if [ "$COMMAND" != add ]; then
@@ -26,11 +24,8 @@ if [ "$#" -ge 5 ]; then
 fi
 
 if [ -e "$INITRD_SRC" ]; then
-    [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing '$INITRD_SRC' as '$INITRD_DEST'"
-    install -m 0644 -o root -g root "$INITRD_SRC" "$INITRD_DEST" || {
-        echo "Could not copy '$INITRD_SRC' to '$INITRD_DEST'." >&2
-        exit 1
-    }
+    [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing '$INITRD_SRC'"
+    cp "$INITRD_SRC" "$KERNEL_INSTALL_STAGING_AREA"
 else
     echo "$INITRD_SRC does not exist, not installing an initrd"
 fi
-- 
2.30.2

signature.asc
Description: PGP signature

Bug#1020396: systemd-boot: kernel installation/initrd update hooks double the initrd like #970213 since #826045

Reply via email to