Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(systemd): copy 20-systemd-stub.conf into the initrd #387

Merged
merged 3 commits into from
Dec 11, 2024
Merged

fix(systemd): copy 20-systemd-stub.conf into the initrd #387

merged 3 commits into from
Dec 11, 2024

Conversation

aafeijoo-suse
Copy link
Collaborator

New tmpfiles conf snippet split from systemd.conf (systemd/systemd@408ab98), required for systemd-v257 to persist sd-stub provided PCR signature and public key .

aafeijoo-suse and others added 3 commits December 11, 2024 09:49
@aafeijoo-suse
fix(systemd): copy 20-systemd-stub.conf into the initrd
f1bd2f4 
Required for systemd-v257, see systemd/systemd@408ab98
@aafeijoo-suse
fix(systemd-tmpfiles): copy 20-systemd-stub.conf into the initrd
2d97754 
Some of the tmpfiles to be managed during initrd phase are now
described in a separate tmpfiles.d snippet, see
systemd/systemd@408ab98

Fixes: dracut-ng/dracut-ng#1046
(cherry picked from commit 0df928856150e674ce4cb04c0ceafae71d18d55b)
@aafeijoo-suse
chore(suse): update SUSE maintainers doc
4a31103
tblume
tblume reviewed Dec 11, 2024
View reviewed changes
Copy link
Collaborator

@tblume tblume left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess, I'm lacking some background here, hence could you give some information why you add it to 2 modules?

@aafeijoo-suse
Copy link
Collaborator Author

In our dracut version, the systemd-tmpfiles module (and also other 01systemd-* modules) is not used by default, i.e., there is no other module adding it as a dependency and it's only included in the initrd if the user explicitly adds it on the command line or via conf. So, for us the upstream patch is mostly cosmetic, whereas patching 00systemd is required (see the line above of the line added, both contain "$tmpfilesdir"/systemd.conf, which is the tmpfiles snippet that contained the definitions now defined in 20-systemd-stub.conf, see also systemd/systemd@408ab98#diff-3346590207cf859b0685a4afff72968bf0cd7ee13fb2dc63b10d5e2805c934d9).

That said, the impact is minimal, as it only affects systems using UKIs with .pcrsig and/or .pcrpkey sections.

tblume
tblume approved these changes Dec 11, 2024
View reviewed changes
Copy link
Collaborator

@tblume tblume left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Allright, thanks for the background.

@aafeijoo-suse
Copy link
Collaborator Author

Thank you Thomas!

@aafeijoo-suse aafeijoo-suse merged commit 60f5981 into openSUSE:SUSE/059 Dec 11, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tblume tblume tblume approved these changes

Assignees
No one assigned
Labels
modules systemd systemd-tmpfiles
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aafeijoo-suse @tblume @jozzsi