Some directories necessary for certain dracut modules not mounted while `rpm-ostree initramfs --enable`

[suhancz]

Host system details rpm-ostree status:

Deployments:
  ostree://fedora:fedora/33/x86_64/silverblue
                   Version: 33.20201116.0 (2020-11-16T00:41:59Z)
                BaseCommit: 41c2e243f36ec6c34cb0e154c0bfbbf0a1ca95585718ab54ce27bb58844e1ed9
              GPGSignature: Valid signature by 963A2BEB02009608FE67EA4249FD77499570FF31
           LayeredPackages: ImageMagick ImageMagick-libs LibRaw OpenEXR-libs SDL2 SLOF SuperLU afterburn afterburn-dracut anaconda-dracut annobin ansible ansible-bender
                            ansible-collection-ansible-netcommon ansible-collection-ansible-posix ansible-collection-community-kubernetes ansible-doc ansible-freeipa
                            ansible-freeipa-tests ansible-openstack-modules ansible-role-network-runner ara ara-doc armadillo arpack arptables-services augeas-libs
                            avahi-ui-gtk3 bcache-tools biosdevname blosc boom-boot-grub2 boost-iostreams breeze-icon-theme bridge-utils brotli brotli-devel btrbk
                            btrfs-heatmap btrfs-heatmap-doc btrfs-sxbackup bubblemail busybox busybox-petitboot caca-utils capstone catimg cfitsio chmlib
                            chrome-remote-desktop chromedriver chromium-common cinnamon-desktop cinnamon-translations clevis clevis-dracut clevis-luks clevis-pin-tpm2
                            clevis-systemd cmake-filesystem cockpit-bridge cockpit-ostree cockpit-system compsize copr-selinux corosynclib cpp createrepo_c
                            createrepo_c-libs crudini cyrus-sasl daxctl-libs dbus-x11 dbusmenu-qt5 ddrescue deltarpm device-mapper-multipath device-mapper-multipath-libs
                            dialog dist-git dist-git-selinux distribution-gpg-keys dmlite-puppet-dpm dnf dnf-data dnf-plugins-core dnf-utils docbook-dtds
                            docbook-style-xsl dpkg-devel dracut-config-generic dracut-config-rescue dracut-kiwi-lib dracut-kiwi-live dracut-kiwi-oem-dump
                            dracut-kiwi-oem-repart dracut-kiwi-overlay dracut-live dracut-network dracut-squash dracut-sshd dracut-tools drm-utils dropbear drpm dwz
                            ebtables-services edk2-aarch64 edk2-ovmf efi-srpm-macros esmtp fail2ban-selinux fail2ban-server fail2ban-systemd fakeroot fakeroot-libs
                            fcoe-utils fedora-coreos-config-transpiler fedora-workstation-repositories fftw-libs-double flexiblas flexiblas-netlib flexiblas-netlib64
                            flexiblas-openblas-openmp flexiblas-openblas-openmp64 fmf fmt folks fontawesome-fonts fontawesome-fonts-web fonts-srpm-macros fpc-srpm-macros
                            freeglut freeipmi freexl gc gcc gdal-libs gdb-minimal gdk-pixbuf2-xlib genisoimage geos ghc-srpm-macros git git-core-doc git-daemon
                            glib2-devel glusterfs glusterfs-cli glusterfs-client-xlators glusterfs-fuse gnat-srpm-macros gnome-extensions-app
                            gnome-shell-extension-activities-configurator gnome-shell-extension-appindicator gnome-shell-extension-argos
                            gnome-shell-extension-auto-move-windows gnome-shell-extension-bubblemail gnome-shell-extension-dash-to-dock
                            gnome-shell-extension-desktop-icons gnome-shell-extension-disconnect-wifi gnome-shell-extension-do-not-disturb-button
                            gnome-shell-extension-drive-menu gnome-shell-extension-emoji-selector gnome-shell-extension-freon gnome-shell-extension-gamemode
                            gnome-shell-extension-gpaste gnome-shell-extension-gsconnect gnome-shell-extension-historymanager-prefix-search
                            gnome-shell-extension-ibus-font gnome-shell-extension-material-shell gnome-shell-extension-media-player-indicator
                            gnome-shell-extension-native-window-placement gnome-shell-extension-netspeed gnome-shell-extension-openweather gnome-shell-extension-pidgin
                            gnome-shell-extension-pomodoro gnome-shell-extension-pop-shell gnome-shell-extension-pop-shell-shortcut-overrides
                            gnome-shell-extension-refresh-wifi gnome-shell-extension-remove-bluetooth-icon gnome-shell-extension-screenshot-window-sizer
                            gnome-shell-extension-suspend-button gnome-shell-extension-system-monitor-applet gnome-shell-extension-topicons-plus
                            gnome-shell-extension-unite gnome-shell-extension-user-theme gnome-shell-extension-windowoverlay-icons gnome-shell-extension-windowsNavigator
                            gnome-shell-extension-workspace-indicator gnome-tweaks go-filesystem go-srpm-macros golang-github-boltdb-bolt-devel
                            golang-github-burntsushi-toml-devel golang-github-coreos-systemd-devel golang-github-creack-pty-devel golang-github-godbus-dbus-devel
                            golang-github-google-cmp-devel golang-github-google-renameio-devel golang-github-gorilla-mux-devel golang-github-jessevdk-flags-devel
                            golang-github-juju-ratelimit-devel golang-github-kisielk-gotool-devel golang-github-kr-pretty-devel golang-github-kr-text-devel
                            golang-github-mvo5-goconfigparser-devel golang-github-rogpeppe-internal-devel golang-github-seccomp-libseccomp-devel
                            golang-github-sergi-diff-devel golang-github-snapcore-gettext-devel golang-github-yuin-goldmark-devel golang-honnef-tools-devel
                            golang-mvdan-gofumpt-devel golang-mvdan-xurls-devel golang-x-crypto-devel golang-x-mod-devel golang-x-net-devel golang-x-net-http-devel
                            golang-x-sync-devel golang-x-sys-devel golang-x-text-devel golang-x-tools-devel golang-x-xerrors-devel gom google-chrome-stable
                            google-roboto-slab-fonts gpaste gpaste-libs gpaste-ui gpgmepp gpm gpm-libs graphviz grub-customizer grub2-breeze-theme grub2-efi-x64-cdboot
                            grub2-efi-x64-modules grub2-tools-efi grub2-tools-extra gsl gts guake guile22 hddtemp hdf-libs hdf5 hexedit hivex http-parser ignition
                            igt-gpu-tools ilmbase imlib2 inxi ipmitool ipxe-bootimgs ipxe-roms-qemu irssi iscsi-initiator-utils iscsi-initiator-utils-iscsiuio isl
                            isns-utils-libs jose jq js-jquery json-glib-devel kcm_systemd kde-cli-tools kde-filesystem kde-settings kdesu kernel-srpm-macros kexec-tools
                            keybinder3 kf5-attica kf5-filesystem kf5-kactivities kf5-kactivities-stats kf5-karchive kf5-kauth kf5-kbookmarks kf5-kcmutils kf5-kcodecs
                            kf5-kcompletion kf5-kconfig-core kf5-kconfig-gui kf5-kconfigwidgets kf5-kcoreaddons kf5-kcrash kf5-kdbusaddons kf5-kdeclarative kf5-kdesu
                            kf5-kdoctools kf5-kglobalaccel kf5-kglobalaccel-libs kf5-kguiaddons kf5-ki18n kf5-kiconthemes kf5-kinit kf5-kio-core kf5-kio-core-libs
                            kf5-kio-doc kf5-kio-file-widgets kf5-kio-gui kf5-kio-ntlm kf5-kio-widgets kf5-kio-widgets-libs kf5-kirigami2 kf5-kitemmodels kf5-kitemviews
                            kf5-kjobwidgets kf5-knotifications kf5-kpackage kf5-kpty kf5-kservice kf5-ktextwidgets kf5-kwallet kf5-kwallet-libs kf5-kwidgetsaddons
                            kf5-kwindowsystem kf5-kxmlgui kf5-solid kf5-sonnet-core kf5-sonnet-ui kubernetes-ansible kubernetes-ansible-vagrant lasi lato-fonts libXaw
                            libXcomp libaec libappindicator-gtk3 libblkid-devel libblockdev-btrfs libblockdev-kbd libblockdev-mpath libblockdev-nvdimm libbtrfs
                            libbtrfsutil libburn libcaca libcacard libcomps libconfig libdap libdb-utils libdbusmenu libdbusmenu-gtk3 liberation-fonts libesmtp libestr
                            libfastjson libfdt libffi-devel libgeotiff libgfapi0 libgfortran libgfrpc0 libgfxdr0 libgit2 libglusterd0 libglusterfs0 libgta libguestfs
                            libguestfs-tools-c libguestfs-xfs libhandy libibumad libindicator-gtk3 libiscsi libisoburn libisofs libjose libkcapi-fipscheck libkml
                            libkworkspace5 libldm liblockfile libluksmeta libmount-devel libmpc libnbd libnbd-bash-completion libnbd-devel libnfs liboping libotr libpeas
                            libpmem libpq libpsl-devel libqb libqhull libquadmath librados2 librbd1 librdmacm libreport libreport-gtk libreport-plugin-reportuploader
                            libreport-web libseccomp-devel libselinux-devel libsepol-devel libsodium libsoup-devel libspatialite libssh2 libtar libtomcrypt libtommath
                            liburing libusal libuv libva libvirt-bash-completion libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface
                            libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu
                            libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk
                            libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct
                            libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd
                            libvirt-daemon-driver-storage-scsi libvirt-daemon-driver-storage-sheepdog libvirt-daemon-driver-storage-zfs libvirt-daemon-kvm libvirt-libs
                            libwmf-lite libwsman1 libxml2-devel linuxconsoletools lldpad lm_sensors lm_sensors-libs lsscsi lttng-ust lua-srpm-macros luksmeta lutris lzop
                            m4 mailx make mariadb-connector-c mariadb-connector-c-config mbuffer mc mcstrans mdevctl media-player-info memcached-selinux mesa-libGLU
                            minizip-compat mock mock-core-configs mock-filesystem mod_ssl moreutils mtools nautilus-gsconnect nautilus-python nbd nbd-cli nbd-runner
                            nbd-runner-azblk-handler nbd-runner-gluster-handler nbd-runner-utils nbdfuse nbdkit nbdkit-bash-completion nbdkit-basic-filters
                            nbdkit-basic-plugins nbdkit-cc-plugin nbdkit-cdi-plugin nbdkit-curl-plugin nbdkit-devel nbdkit-example-plugins nbdkit-ext2-filter
                            nbdkit-guestfs-plugin nbdkit-gzip-filter nbdkit-iso-plugin nbdkit-libvirt-plugin nbdkit-linuxdisk-plugin nbdkit-lua-plugin nbdkit-nbd-plugin
                            nbdkit-ocaml-plugin nbdkit-ocaml-plugin-devel nbdkit-perl-plugin nbdkit-python-plugin nbdkit-ruby-plugin nbdkit-server nbdkit-ssh-plugin
                            nbdkit-tar-filter nbdkit-tar-plugin nbdkit-tcl-plugin nbdkit-tmpdisk-plugin nbdkit-torrent-plugin nbdkit-vddk-plugin nbdkit-xz-filter ndctl
                            ndctl-libs nemo nemo-extensions nemo-gsconnect nemo-python neofetch netcdf netcf-libs netpbm netstat-monitor netstat-nat newt nim-srpm-macros
                            nmap-ncat numactl-libs numad nvme-cli nx-libs nxproxy ocaml ocaml-compiler-libs ocaml-libnbd ocaml-libnbd-devel ocaml-runtime
                            ocaml-srpm-macros ogdi oniguruma openal-soft openbios openblas openblas-openmp openblas-openmp64 openblas-srpm-macros openssh-cavs openssl
                            packer parallel pcre-cpp pcre-devel pcre-utf16 pcre-utf32 pcre2-devel perl-Compress-Raw-Bzip2 perl-Compress-Raw-Zlib perl-Cpanel-JSON-XS
                            perl-DynaLoader perl-Error perl-File-Copy perl-File-Find perl-Filter perl-Git perl-IO-Compress perl-IO-Tty perl-IPC-Run perl-JSON-XS
                            perl-Math-BigInt perl-NKF perl-Sys-Syslog perl-TermReadKey perl-Text-Unidecode perl-Thread-Queue perl-Time-Duration perl-Time-HiRes
                            perl-TimeDate perl-Types-Serialiser perl-XML-Dumper perl-XML-Parser perl-XML-XPath perl-common-sense perl-encoding perl-lib perl-open
                            perl-srpm-macros perl-threads perl-threads-shared plasma-systemsettings plasma-workspace-common plymouth-plugin-fade-throbber
                            plymouth-plugin-script plymouth-plugin-space-flares policycoreutils-dbus policycoreutils-devel policycoreutils-gui polkit-qt5 postfix
                            pre-commit profile-cleaner proj proj-datumgrid publicsuffix-list pv python-btrfs-doc python-cookiecutter-doc python-django-bash-completion
                            python-gilt-doc python-git-url-parse-doc python-molecule-doc python-qt5-rpm-macros python-rpm-macros python-sphinx_ansible_theme-doc
                            python-srpm-macros python-systemd-doc python-wheel-wheel python2-psutil python2-rpm-macros python2.7 python3-Bottleneck python3-CommonMark
                            python3-GitPython python3-ansible-inventory-grapher python3-ansible-lint python3-ansible-review python3-ansible-runner python3-anyjson
                            python3-appdirs python3-ara python3-ara-server python3-ara-tests python3-argcomplete python3-arrow python3-asgiref python3-attrs
                            python3-babel python3-bcrypt python3-binaryornot python3-blessed python3-box python3-btrfs python3-cachetools python3-casttube
                            python3-cccolutils python3-cerberus python3-certifi python3-cffi python3-cfgv python3-chromecast python3-click python3-click-completion
                            python3-click-help-colors python3-cliff python3-cmd2 python3-collectd_puppet python3-colorama python3-cookiecutter python3-cryptography
                            python3-cycler python3-daemon python3-dateutil python3-dbus-client-gen python3-dbus-python-client-gen python3-dbus-signature-pyparsing
                            python3-devel python3-dictdiffer python3-distlib python3-django python3-django-cors-headers python3-django-filter python3-django-health-check
                            python3-django-rest-framework python3-dnf python3-dnf-plugins-core python3-docker python3-docutils python3-dotenv 'python3-dotenv+cli'
                            python3-dynaconf python3-enlighten python3-factory-boy python3-faker python3-fasteners python3-file-magic python3-filelock python3-flake8
                            python3-fluidity-sm python3-fmf python3-future python3-gdal python3-gilt python3-git-url-parse python3-gitdb python3-google-auth python3-gpg
                            python3-grokmirror python3-gssapi python3-gstreamer1 python3-hawkey python3-identify python3-ifaddr python3-imagesize python3-iniconfig
                            python3-iniparse python3-into-dbus-python python3-invoke python3-jinja2 python3-jinja2-time python3-jmespath python3-jsonschema
                            python3-justbases python3-justbytes python3-jwt 'python3-jwt+crypto' python3-kickstart python3-kiwisolver python3-koji python3-kubernetes
                            python3-lexicon python3-libcomps python3-libdnf python3-libmodulemd python3-libnbd python3-libreport python3-lockfile python3-lxml
                            python3-markupsafe python3-marshmallow python3-matplotlib python3-matplotlib-data python3-matplotlib-data-fonts python3-matplotlib-tk
                            python3-mccabe python3-mock python3-molecule python3-molecule-docker python3-molecule-podman python3-more-itertools python3-msgpack
                            python3-netaddr python3-network-runner python3-networkx python3-newt python3-nodeenv python3-ntlm-auth python3-numexpr python3-numpy
                            python3-numpy-f2py python3-oauthlib 'python3-oauthlib+signedtoken' python3-openshift python3-ordered-set python3-packaging python3-pandas
                            python3-pandas-datareader python3-paramiko python3-pathspec python3-pbr python3-pluggy python3-ply python3-podman-api python3-poyo
                            python3-prettytable python3-progressbar2 python3-protobuf python3-psutil python3-py python3-pyOpenSSL python3-pyasn1 python3-pyasn1-modules
                            python3-pycodestyle python3-pycparser python3-pydbus python3-pydot python3-pyflakes python3-pygments python3-pygraphviz python3-pynacl
                            python3-pyparsing python3-pyperclip python3-pyqt5-sip python3-pyroute2 python3-pyrsistent python3-pytest python3-pytz python3-pyyaml
                            python3-qt5 python3-qt5-base python3-requests-download python3-requests-gssapi python3-requests-oauthlib python3-requests_ntlm python3-rich
                            python3-rpkg python3-rpm-generators python3-rpm-macros python3-rsa python3-ruamel-yaml python3-ruamel-yaml-clib python3-scipy
                            python3-semantic_version python3-sh python3-shellingham python3-simplejson python3-slugify python3-smmap python3-snowballstemmer
                            python3-sphinx python3-sphinx-notfound-page python3-sphinx-theme-alabaster python3-sphinx_ansible_theme python3-sphinx_rtd_theme
                            python3-sphinxcontrib-applehelp python3-sphinxcontrib-devhelp python3-sphinxcontrib-htmlhelp python3-sphinxcontrib-jsmath
                            python3-sphinxcontrib-qthelp python3-sphinxcontrib-serializinghtml python3-sqlparse python3-stevedore python3-string_utils python3-systemd
                            python3-tables python3-tabulate 'python3-tabulate+widechars' python3-testinfra python3-text-unidecode python3-tkinter python3-toml
                            python3-tree-format python3-typing-extensions python3-tzlocal python3-unbound python3-unidiff python3-utils python3-varlink
                            python3-virtualenv python3-wcwidth python3-websocket-client python3-wheel python3-whitenoise python3-winrm python3-xapps-overrides
                            python3-xlrd python3-xlwt python3-xmltodict python3-zeroconf qemu qemu-audio-alsa qemu-audio-oss qemu-audio-pa qemu-audio-sdl qemu-block-curl
                            qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-char-baum qemu-common
                            qemu-device-display-qxl qemu-device-usb-redirect qemu-device-usb-smartcard qemu-img qemu-kvm qemu-kvm-core qemu-system-aarch64
                            qemu-system-aarch64-core qemu-system-alpha qemu-system-alpha-core qemu-system-arm qemu-system-arm-core qemu-system-avr qemu-system-avr-core
                            qemu-system-cris qemu-system-cris-core qemu-system-lm32 qemu-system-lm32-core qemu-system-m68k qemu-system-m68k-core qemu-system-microblaze
                            qemu-system-microblaze-core qemu-system-mips qemu-system-mips-core qemu-system-moxie qemu-system-moxie-core qemu-system-nios2
                            qemu-system-nios2-core qemu-system-or1k qemu-system-or1k-core qemu-system-ppc qemu-system-ppc-core qemu-system-riscv qemu-system-riscv-core
                            qemu-system-rx qemu-system-rx-core qemu-system-s390x qemu-system-s390x-core qemu-system-sh4 qemu-system-sh4-core qemu-system-sparc
                            qemu-system-sparc-core qemu-system-tricore qemu-system-tricore-core qemu-system-unicore32 qemu-system-unicore32-core qemu-system-x86
                            qemu-system-x86-core qemu-system-xtensa qemu-system-xtensa-core qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-ui-spice-app qemu-user
                            qt5-qtconnectivity qt5-qtgraphicaleffects qt5-qtlocation qt5-qtmultimedia qt5-qtquickcontrols qt5-qtquickcontrols2 qt5-qtsensors
                            qt5-qtserialport qt5-qtspeech qt5-qtspeech-speechd qt5-qtsvg qt5-qttools-common qt5-qttools-libs-designer qt5-qttools-libs-help
                            qt5-qtwebchannel qt5-qtwebkit qt5-qtwebsockets qt5-srpm-macros radvd rb_libtorrent recoll recoll-gssp redhat-rpm-config remmina
                            remmina-gnome-session remmina-plugins-exec remmina-plugins-nx remmina-plugins-rdp remmina-plugins-secret remmina-plugins-st
                            remmina-plugins-vnc remmina-plugins-xdmcp rpkg rpkg-common rpkg-macros rpm-build rpm-git-tag-sort rpm-plugin-systemd-inhibit rpmdevtools
                            rpmlint rsyslog ruby ruby-default-gems ruby-devel ruby-libs rubygem-bigdecimal rubygem-builder rubygem-bundler rubygem-excon rubygem-fog-core
                            rubygem-fog-json rubygem-fog-libvirt rubygem-fog-xml rubygem-formatador rubygem-io-console rubygem-irb rubygem-json rubygem-mime-types
                            rubygem-mime-types-data rubygem-multi_json rubygem-nokogiri rubygem-openssl rubygem-psych rubygem-puppet-lint rubygem-puppet-lint-doc
                            rubygem-racc rubygem-rake rubygem-rdoc rubygem-rspec-core rubygem-rspec-support rubygem-ruby-libvirt rubygems rubypick rust-srpm-macros satyr
                            screenfetch scrub seabios-bin seavgabios-bin secilc selinux-policy-devel sepolicy_analysis setools setools-console setools-console-analyses
                            setools-gui setroubleshoot setroubleshoot-plugins setroubleshoot-server sgabios-bin sgml-common sheepdog slang snap-confine snapd snapd-devel
                            snapd-glib snapd-glib-devel snapd-glib-tests snapd-qt snapd-qt-qml snapd-qt-tests snapd-selinux snappy spice-server sqlite sqlite-devel
                            squashfs-tools sscg sshrc standard-test-roles standard-test-roles-inventory-qemu stratis-cli stratisd supermin syncthing syncthing-cli
                            syncthing-tools syslinux syslinux-extlinux syslinux-extlinux-nonlinux syslinux-nonlinux system-switch-mail system-switch-mail-gui
                            systemd-bootchart systemd-container systemd-devel terraform texlive-base texlive-cm-svn49028 texlive-dvipng texlive-epstopdf-pkg-svn53546
                            texlive-etex-svn37057.0 texlive-graphics-def-svn54522 texlive-hyph-utf8-svn54568 texlive-hyphen-base-svn54763 texlive-knuth-lib-svn35820.0
                            texlive-kpathsea texlive-lib texlive-luatex texlive-plain-svn43076 texlive-tex-ini-files-svn40533 texlive-texlive-scripts
                            texlive-texlive.infra texlive-unicode-data-svn54758 tigervnc-license tigervnc-server-minimal tix tk tpm2-tools twitter-twemoji-fonts udica
                            udisks2-bcache udisks2-btrfs unbound-libs unixODBC uriparser usbguard usbguard-selinux usbredir usermode usermode-gtk userspace-rcu vagrant
                            vagrant-libvirt vim-common vim-filesystem virglrenderer w3m w3m-img watchdog web-assets-filesystem webextension-gsconnect
                            webextension-token-signing wine-systemd wmctrl xapian-core-libs xapps xemacs-filesystem xen-libs xen-licenses xerces-c xmlrpc-c
                            xmlrpc-c-client xorg-x11-server-Xephyr xorg-x11-server-Xvfb xorriso xrdp xrdp-selinux xxhash-libs xz-devel yamllint zerofree zfs-fuse zincati
                            zstd zziplib
                 Initramfs: -f --debug 

● ostree://fedora:fedora/33/x86_64/silverblue
                   Version: 33.20201116.0 (2020-11-16T00:41:59Z)
                BaseCommit: 41c2e243f36ec6c34cb0e154c0bfbbf0a1ca95585718ab54ce27bb58844e1ed9
              GPGSignature: Valid signature by 963A2BEB02009608FE67EA4249FD77499570FF31
           LayeredPackages: ImageMagick ImageMagick-libs LibRaw OpenEXR-libs SDL2 SLOF SuperLU afterburn afterburn-dracut anaconda-dracut annobin ansible ansible-bender
                            ansible-collection-ansible-netcommon ansible-collection-ansible-posix ansible-collection-community-kubernetes ansible-doc ansible-freeipa
                            ansible-freeipa-tests ansible-openstack-modules ansible-role-network-runner ara ara-doc armadillo arpack arptables-services augeas-libs
                            avahi-ui-gtk3 bcache-tools biosdevname blosc boom-boot-grub2 boost-iostreams breeze-icon-theme bridge-utils brotli brotli-devel btrbk
                            btrfs-heatmap btrfs-heatmap-doc btrfs-sxbackup bubblemail busybox busybox-petitboot caca-utils capstone catimg cfitsio chmlib
                            chrome-remote-desktop chromedriver chromium-common cinnamon-desktop cinnamon-translations clevis clevis-dracut clevis-luks clevis-pin-tpm2
                            clevis-systemd cmake-filesystem cockpit-bridge cockpit-ostree cockpit-system compsize copr-selinux corosynclib cpp createrepo_c
                            createrepo_c-libs crudini cyrus-sasl daxctl-libs dbus-x11 dbusmenu-qt5 ddrescue deltarpm device-mapper-multipath device-mapper-multipath-libs
                            dialog dist-git dist-git-selinux distribution-gpg-keys dmlite-puppet-dpm dnf dnf-data dnf-plugins-core dnf-utils docbook-dtds
                            docbook-style-xsl dpkg-devel dracut-config-generic dracut-config-rescue dracut-kiwi-lib dracut-kiwi-live dracut-kiwi-oem-dump
                            dracut-kiwi-oem-repart dracut-kiwi-overlay dracut-live dracut-network dracut-squash dracut-sshd dracut-tools drm-utils dropbear drpm dwz
                            ebtables-services edk2-aarch64 edk2-ovmf efi-srpm-macros esmtp fail2ban-selinux fail2ban-server fail2ban-systemd fakeroot fakeroot-libs
                            fcoe-utils fedora-coreos-config-transpiler fedora-workstation-repositories fftw-libs-double flexiblas flexiblas-netlib flexiblas-netlib64
                            flexiblas-openblas-openmp flexiblas-openblas-openmp64 fmf fmt folks fontawesome-fonts fontawesome-fonts-web fonts-srpm-macros fpc-srpm-macros
                            freeglut freeipmi freexl gc gcc gdal-libs gdb-minimal gdk-pixbuf2-xlib genisoimage geos ghc-srpm-macros git git-core-doc git-daemon
                            glib2-devel glusterfs glusterfs-cli glusterfs-client-xlators glusterfs-fuse gnat-srpm-macros gnome-extensions-app
                            gnome-shell-extension-activities-configurator gnome-shell-extension-appindicator gnome-shell-extension-argos
                            gnome-shell-extension-auto-move-windows gnome-shell-extension-bubblemail gnome-shell-extension-dash-to-dock
                            gnome-shell-extension-desktop-icons gnome-shell-extension-disconnect-wifi gnome-shell-extension-do-not-disturb-button
                            gnome-shell-extension-drive-menu gnome-shell-extension-emoji-selector gnome-shell-extension-freon gnome-shell-extension-gamemode
                            gnome-shell-extension-gpaste gnome-shell-extension-gsconnect gnome-shell-extension-historymanager-prefix-search
                            gnome-shell-extension-ibus-font gnome-shell-extension-material-shell gnome-shell-extension-media-player-indicator
                            gnome-shell-extension-native-window-placement gnome-shell-extension-netspeed gnome-shell-extension-openweather gnome-shell-extension-pidgin
                            gnome-shell-extension-pomodoro gnome-shell-extension-pop-shell gnome-shell-extension-pop-shell-shortcut-overrides
                            gnome-shell-extension-refresh-wifi gnome-shell-extension-remove-bluetooth-icon gnome-shell-extension-screenshot-window-sizer
                            gnome-shell-extension-suspend-button gnome-shell-extension-system-monitor-applet gnome-shell-extension-topicons-plus
                            gnome-shell-extension-unite gnome-shell-extension-user-theme gnome-shell-extension-windowoverlay-icons gnome-shell-extension-windowsNavigator
                            gnome-shell-extension-workspace-indicator gnome-tweaks go-filesystem go-srpm-macros golang-github-boltdb-bolt-devel
                            golang-github-burntsushi-toml-devel golang-github-coreos-systemd-devel golang-github-creack-pty-devel golang-github-godbus-dbus-devel
                            golang-github-google-cmp-devel golang-github-google-renameio-devel golang-github-gorilla-mux-devel golang-github-jessevdk-flags-devel
                            golang-github-juju-ratelimit-devel golang-github-kisielk-gotool-devel golang-github-kr-pretty-devel golang-github-kr-text-devel
                            golang-github-mvo5-goconfigparser-devel golang-github-rogpeppe-internal-devel golang-github-seccomp-libseccomp-devel
                            golang-github-sergi-diff-devel golang-github-snapcore-gettext-devel golang-github-yuin-goldmark-devel golang-honnef-tools-devel
                            golang-mvdan-gofumpt-devel golang-mvdan-xurls-devel golang-x-crypto-devel golang-x-mod-devel golang-x-net-devel golang-x-net-http-devel
                            golang-x-sync-devel golang-x-sys-devel golang-x-text-devel golang-x-tools-devel golang-x-xerrors-devel gom google-chrome-stable
                            google-roboto-slab-fonts gpaste gpaste-libs gpaste-ui gpgmepp gpm gpm-libs graphviz grub-customizer grub2-breeze-theme grub2-efi-x64-cdboot
                            grub2-efi-x64-modules grub2-tools-efi grub2-tools-extra gsl gts guake guile22 hddtemp hdf-libs hdf5 hexedit hivex http-parser ignition
                            igt-gpu-tools ilmbase imlib2 inxi ipmitool ipxe-bootimgs ipxe-roms-qemu irssi iscsi-initiator-utils iscsi-initiator-utils-iscsiuio isl
                            isns-utils-libs jose jq js-jquery json-glib-devel kcm_systemd kde-cli-tools kde-filesystem kde-settings kdesu kernel-srpm-macros kexec-tools
                            keybinder3 kf5-attica kf5-filesystem kf5-kactivities kf5-kactivities-stats kf5-karchive kf5-kauth kf5-kbookmarks kf5-kcmutils kf5-kcodecs
                            kf5-kcompletion kf5-kconfig-core kf5-kconfig-gui kf5-kconfigwidgets kf5-kcoreaddons kf5-kcrash kf5-kdbusaddons kf5-kdeclarative kf5-kdesu
                            kf5-kdoctools kf5-kglobalaccel kf5-kglobalaccel-libs kf5-kguiaddons kf5-ki18n kf5-kiconthemes kf5-kinit kf5-kio-core kf5-kio-core-libs
                            kf5-kio-doc kf5-kio-file-widgets kf5-kio-gui kf5-kio-ntlm kf5-kio-widgets kf5-kio-widgets-libs kf5-kirigami2 kf5-kitemmodels kf5-kitemviews
                            kf5-kjobwidgets kf5-knotifications kf5-kpackage kf5-kpty kf5-kservice kf5-ktextwidgets kf5-kwallet kf5-kwallet-libs kf5-kwidgetsaddons
                            kf5-kwindowsystem kf5-kxmlgui kf5-solid kf5-sonnet-core kf5-sonnet-ui kubernetes-ansible kubernetes-ansible-vagrant lasi lato-fonts libXaw
                            libXcomp libaec libappindicator-gtk3 libblkid-devel libblockdev-btrfs libblockdev-kbd libblockdev-mpath libblockdev-nvdimm libbtrfs
                            libbtrfsutil libburn libcaca libcacard libcomps libconfig libdap libdb-utils libdbusmenu libdbusmenu-gtk3 liberation-fonts libesmtp libestr
                            libfastjson libfdt libffi-devel libgeotiff libgfapi0 libgfortran libgfrpc0 libgfxdr0 libgit2 libglusterd0 libglusterfs0 libgta libguestfs
                            libguestfs-tools-c libguestfs-xfs libhandy libibumad libindicator-gtk3 libiscsi libisoburn libisofs libjose libkcapi-fipscheck libkml
                            libkworkspace5 libldm liblockfile libluksmeta libmount-devel libmpc libnbd libnbd-bash-completion libnbd-devel libnfs liboping libotr libpeas
                            libpmem libpq libpsl-devel libqb libqhull libquadmath librados2 librbd1 librdmacm libreport libreport-gtk libreport-plugin-reportuploader
                            libreport-web libseccomp-devel libselinux-devel libsepol-devel libsodium libsoup-devel libspatialite libssh2 libtar libtomcrypt libtommath
                            liburing libusal libuv libva libvirt-bash-completion libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface
                            libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu
                            libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk
                            libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct
                            libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd
                            libvirt-daemon-driver-storage-scsi libvirt-daemon-driver-storage-sheepdog libvirt-daemon-driver-storage-zfs libvirt-daemon-kvm libvirt-libs
                            libwmf-lite libwsman1 libxml2-devel linuxconsoletools lldpad lm_sensors lm_sensors-libs lsscsi lttng-ust lua-srpm-macros luksmeta lutris lzop
                            m4 mailx make mariadb-connector-c mariadb-connector-c-config mbuffer mc mcstrans mdevctl media-player-info memcached-selinux mesa-libGLU
                            minizip-compat mock mock-core-configs mock-filesystem mod_ssl moreutils mtools nautilus-gsconnect nautilus-python nbd nbd-cli nbd-runner
                            nbd-runner-azblk-handler nbd-runner-gluster-handler nbd-runner-utils nbdfuse nbdkit nbdkit-bash-completion nbdkit-basic-filters
                            nbdkit-basic-plugins nbdkit-cc-plugin nbdkit-cdi-plugin nbdkit-curl-plugin nbdkit-devel nbdkit-example-plugins nbdkit-ext2-filter
                            nbdkit-guestfs-plugin nbdkit-gzip-filter nbdkit-iso-plugin nbdkit-libvirt-plugin nbdkit-linuxdisk-plugin nbdkit-lua-plugin nbdkit-nbd-plugin
                            nbdkit-ocaml-plugin nbdkit-ocaml-plugin-devel nbdkit-perl-plugin nbdkit-python-plugin nbdkit-ruby-plugin nbdkit-server nbdkit-ssh-plugin
                            nbdkit-tar-filter nbdkit-tar-plugin nbdkit-tcl-plugin nbdkit-tmpdisk-plugin nbdkit-torrent-plugin nbdkit-vddk-plugin nbdkit-xz-filter ndctl
                            ndctl-libs nemo nemo-extensions nemo-gsconnect nemo-python neofetch netcdf netcf-libs netpbm netstat-monitor netstat-nat newt nim-srpm-macros
                            nmap-ncat numactl-libs numad nvme-cli nx-libs nxproxy ocaml ocaml-compiler-libs ocaml-libnbd ocaml-libnbd-devel ocaml-runtime
                            ocaml-srpm-macros ogdi oniguruma openal-soft openbios openblas openblas-openmp openblas-openmp64 openblas-srpm-macros openssh-cavs openssl
                            packer parallel pcre-cpp pcre-devel pcre-utf16 pcre-utf32 pcre2-devel perl-Compress-Raw-Bzip2 perl-Compress-Raw-Zlib perl-Cpanel-JSON-XS
                            perl-DynaLoader perl-Error perl-File-Copy perl-File-Find perl-Filter perl-Git perl-IO-Compress perl-IO-Tty perl-IPC-Run perl-JSON-XS
                            perl-Math-BigInt perl-NKF perl-Sys-Syslog perl-TermReadKey perl-Text-Unidecode perl-Thread-Queue perl-Time-Duration perl-Time-HiRes
                            perl-TimeDate perl-Types-Serialiser perl-XML-Dumper perl-XML-Parser perl-XML-XPath perl-common-sense perl-encoding perl-lib perl-open
                            perl-srpm-macros perl-threads perl-threads-shared plasma-systemsettings plasma-workspace-common plymouth-plugin-fade-throbber
                            plymouth-plugin-script plymouth-plugin-space-flares policycoreutils-dbus policycoreutils-devel policycoreutils-gui polkit-qt5 postfix
                            pre-commit profile-cleaner proj proj-datumgrid publicsuffix-list pv python-btrfs-doc python-cookiecutter-doc python-django-bash-completion
                            python-gilt-doc python-git-url-parse-doc python-molecule-doc python-qt5-rpm-macros python-rpm-macros python-sphinx_ansible_theme-doc
                            python-srpm-macros python-systemd-doc python-wheel-wheel python2-psutil python2-rpm-macros python2.7 python3-Bottleneck python3-CommonMark
                            python3-GitPython python3-ansible-inventory-grapher python3-ansible-lint python3-ansible-review python3-ansible-runner python3-anyjson
                            python3-appdirs python3-ara python3-ara-server python3-ara-tests python3-argcomplete python3-arrow python3-asgiref python3-attrs
                            python3-babel python3-bcrypt python3-binaryornot python3-blessed python3-box python3-btrfs python3-cachetools python3-casttube
                            python3-cccolutils python3-cerberus python3-certifi python3-cffi python3-cfgv python3-chromecast python3-click python3-click-completion
                            python3-click-help-colors python3-cliff python3-cmd2 python3-collectd_puppet python3-colorama python3-cookiecutter python3-cryptography
                            python3-cycler python3-daemon python3-dateutil python3-dbus-client-gen python3-dbus-python-client-gen python3-dbus-signature-pyparsing
                            python3-devel python3-dictdiffer python3-distlib python3-django python3-django-cors-headers python3-django-filter python3-django-health-check
                            python3-django-rest-framework python3-dnf python3-dnf-plugins-core python3-docker python3-docutils python3-dotenv 'python3-dotenv+cli'
                            python3-dynaconf python3-enlighten python3-factory-boy python3-faker python3-fasteners python3-file-magic python3-filelock python3-flake8
                            python3-fluidity-sm python3-fmf python3-future python3-gdal python3-gilt python3-git-url-parse python3-gitdb python3-google-auth python3-gpg
                            python3-grokmirror python3-gssapi python3-gstreamer1 python3-hawkey python3-identify python3-ifaddr python3-imagesize python3-iniconfig
                            python3-iniparse python3-into-dbus-python python3-invoke python3-jinja2 python3-jinja2-time python3-jmespath python3-jsonschema
                            python3-justbases python3-justbytes python3-jwt 'python3-jwt+crypto' python3-kickstart python3-kiwisolver python3-koji python3-kubernetes
                            python3-lexicon python3-libcomps python3-libdnf python3-libmodulemd python3-libnbd python3-libreport python3-lockfile python3-lxml
                            python3-markupsafe python3-marshmallow python3-matplotlib python3-matplotlib-data python3-matplotlib-data-fonts python3-matplotlib-tk
                            python3-mccabe python3-mock python3-molecule python3-molecule-docker python3-molecule-podman python3-more-itertools python3-msgpack
                            python3-netaddr python3-network-runner python3-networkx python3-newt python3-nodeenv python3-ntlm-auth python3-numexpr python3-numpy
                            python3-numpy-f2py python3-oauthlib 'python3-oauthlib+signedtoken' python3-openshift python3-ordered-set python3-packaging python3-pandas
                            python3-pandas-datareader python3-paramiko python3-pathspec python3-pbr python3-pluggy python3-ply python3-podman-api python3-poyo
                            python3-prettytable python3-progressbar2 python3-protobuf python3-psutil python3-py python3-pyOpenSSL python3-pyasn1 python3-pyasn1-modules
                            python3-pycodestyle python3-pycparser python3-pydbus python3-pydot python3-pyflakes python3-pygments python3-pygraphviz python3-pynacl
                            python3-pyparsing python3-pyperclip python3-pyqt5-sip python3-pyroute2 python3-pyrsistent python3-pytest python3-pytz python3-pyyaml
                            python3-qt5 python3-qt5-base python3-requests-download python3-requests-gssapi python3-requests-oauthlib python3-requests_ntlm python3-rich
                            python3-rpkg python3-rpm-generators python3-rpm-macros python3-rsa python3-ruamel-yaml python3-ruamel-yaml-clib python3-scipy
                            python3-semantic_version python3-sh python3-shellingham python3-simplejson python3-slugify python3-smmap python3-snowballstemmer
                            python3-sphinx python3-sphinx-notfound-page python3-sphinx-theme-alabaster python3-sphinx_ansible_theme python3-sphinx_rtd_theme
                            python3-sphinxcontrib-applehelp python3-sphinxcontrib-devhelp python3-sphinxcontrib-htmlhelp python3-sphinxcontrib-jsmath
                            python3-sphinxcontrib-qthelp python3-sphinxcontrib-serializinghtml python3-sqlparse python3-stevedore python3-string_utils python3-systemd
                            python3-tables python3-tabulate 'python3-tabulate+widechars' python3-testinfra python3-text-unidecode python3-tkinter python3-toml
                            python3-tree-format python3-typing-extensions python3-tzlocal python3-unbound python3-unidiff python3-utils python3-varlink
                            python3-virtualenv python3-wcwidth python3-websocket-client python3-wheel python3-whitenoise python3-winrm python3-xapps-overrides
                            python3-xlrd python3-xlwt python3-xmltodict python3-zeroconf qemu qemu-audio-alsa qemu-audio-oss qemu-audio-pa qemu-audio-sdl qemu-block-curl
                            qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-char-baum qemu-common
                            qemu-device-display-qxl qemu-device-usb-redirect qemu-device-usb-smartcard qemu-img qemu-kvm qemu-kvm-core qemu-system-aarch64
                            qemu-system-aarch64-core qemu-system-alpha qemu-system-alpha-core qemu-system-arm qemu-system-arm-core qemu-system-avr qemu-system-avr-core
                            qemu-system-cris qemu-system-cris-core qemu-system-lm32 qemu-system-lm32-core qemu-system-m68k qemu-system-m68k-core qemu-system-microblaze
                            qemu-system-microblaze-core qemu-system-mips qemu-system-mips-core qemu-system-moxie qemu-system-moxie-core qemu-system-nios2
                            qemu-system-nios2-core qemu-system-or1k qemu-system-or1k-core qemu-system-ppc qemu-system-ppc-core qemu-system-riscv qemu-system-riscv-core
                            qemu-system-rx qemu-system-rx-core qemu-system-s390x qemu-system-s390x-core qemu-system-sh4 qemu-system-sh4-core qemu-system-sparc
                            qemu-system-sparc-core qemu-system-tricore qemu-system-tricore-core qemu-system-unicore32 qemu-system-unicore32-core qemu-system-x86
                            qemu-system-x86-core qemu-system-xtensa qemu-system-xtensa-core qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-ui-spice-app qemu-user
                            qt5-qtconnectivity qt5-qtgraphicaleffects qt5-qtlocation qt5-qtmultimedia qt5-qtquickcontrols qt5-qtquickcontrols2 qt5-qtsensors
                            qt5-qtserialport qt5-qtspeech qt5-qtspeech-speechd qt5-qtsvg qt5-qttools-common qt5-qttools-libs-designer qt5-qttools-libs-help
                            qt5-qtwebchannel qt5-qtwebkit qt5-qtwebsockets qt5-srpm-macros radvd rb_libtorrent recoll recoll-gssp redhat-rpm-config remmina
                            remmina-gnome-session remmina-plugins-exec remmina-plugins-nx remmina-plugins-rdp remmina-plugins-secret remmina-plugins-st
                            remmina-plugins-vnc remmina-plugins-xdmcp rpkg rpkg-common rpkg-macros rpm-build rpm-git-tag-sort rpm-plugin-systemd-inhibit rpmdevtools
                            rpmlint rsyslog ruby ruby-default-gems ruby-devel ruby-libs rubygem-bigdecimal rubygem-builder rubygem-bundler rubygem-excon rubygem-fog-core
                            rubygem-fog-json rubygem-fog-libvirt rubygem-fog-xml rubygem-formatador rubygem-io-console rubygem-irb rubygem-json rubygem-mime-types
                            rubygem-mime-types-data rubygem-multi_json rubygem-nokogiri rubygem-openssl rubygem-psych rubygem-puppet-lint rubygem-puppet-lint-doc
                            rubygem-racc rubygem-rake rubygem-rdoc rubygem-rspec-core rubygem-rspec-support rubygem-ruby-libvirt rubygems rubypick rust-srpm-macros satyr
                            screenfetch scrub seabios-bin seavgabios-bin secilc selinux-policy-devel sepolicy_analysis setools setools-console setools-console-analyses
                            setools-gui setroubleshoot setroubleshoot-plugins setroubleshoot-server sgabios-bin sgml-common sheepdog slang snap-confine snapd snapd-devel
                            snapd-glib snapd-glib-devel snapd-glib-tests snapd-qt snapd-qt-qml snapd-qt-tests snapd-selinux snappy spice-server sqlite sqlite-devel
                            squashfs-tools sscg sshrc standard-test-roles standard-test-roles-inventory-qemu stratis-cli stratisd supermin syncthing syncthing-cli
                            syncthing-tools syslinux syslinux-extlinux syslinux-extlinux-nonlinux syslinux-nonlinux system-switch-mail system-switch-mail-gui
                            systemd-bootchart systemd-container systemd-devel terraform texlive-base texlive-cm-svn49028 texlive-dvipng texlive-epstopdf-pkg-svn53546
                            texlive-etex-svn37057.0 texlive-graphics-def-svn54522 texlive-hyph-utf8-svn54568 texlive-hyphen-base-svn54763 texlive-knuth-lib-svn35820.0
                            texlive-kpathsea texlive-lib texlive-luatex texlive-plain-svn43076 texlive-tex-ini-files-svn40533 texlive-texlive-scripts
                            texlive-texlive.infra texlive-unicode-data-svn54758 tigervnc-license tigervnc-server-minimal tix tk tpm2-tools twitter-twemoji-fonts udica
                            udisks2-bcache udisks2-btrfs unbound-libs unixODBC uriparser usbguard usbguard-selinux usbredir usermode usermode-gtk userspace-rcu vagrant
                            vagrant-libvirt vim-common vim-filesystem virglrenderer w3m w3m-img watchdog web-assets-filesystem webextension-gsconnect
                            webextension-token-signing wine-systemd wmctrl xapian-core-libs xapps xemacs-filesystem xen-libs xen-licenses xerces-c xmlrpc-c
                            xmlrpc-c-client xorg-x11-server-Xephyr xorg-x11-server-Xvfb xorriso xrdp xrdp-selinux xxhash-libs xz-devel yamllint zerofree zfs-fuse zincati
                            zstd zziplib
                 Initramfs: -f --debug 
                  Unlocked: development

  ostree://fedora:fedora/33/x86_64/silverblue
                   Version: 33.20201116.0 (2020-11-16T00:41:59Z)
                BaseCommit: 41c2e243f36ec6c34cb0e154c0bfbbf0a1ca95585718ab54ce27bb58844e1ed9
              GPGSignature: Valid signature by 963A2BEB02009608FE67EA4249FD77499570FF31
           LayeredPackages: ImageMagick ImageMagick-libs LibRaw OpenEXR-libs SDL2 SLOF SuperLU afterburn afterburn-dracut anaconda-dracut annobin ansible ansible-bender
                            ansible-collection-ansible-netcommon ansible-collection-ansible-posix ansible-collection-community-kubernetes ansible-doc ansible-freeipa
                            ansible-freeipa-tests ansible-openstack-modules ansible-role-network-runner ara ara-doc armadillo arpack arptables-services augeas-libs
                            avahi-ui-gtk3 bcache-tools biosdevname blosc boom-boot-grub2 boost-iostreams breeze-icon-theme bridge-utils brotli brotli-devel btrbk
                            btrfs-heatmap btrfs-heatmap-doc btrfs-sxbackup bubblemail busybox busybox-petitboot caca-utils capstone catimg cfitsio chmlib
                            chrome-remote-desktop chromedriver chromium-common cinnamon-desktop cinnamon-translations clevis clevis-dracut clevis-luks clevis-pin-tpm2
                            clevis-systemd cmake-filesystem cockpit-bridge cockpit-ostree cockpit-system compsize copr-selinux corosynclib cpp createrepo_c
                            createrepo_c-libs crudini cyrus-sasl daxctl-libs dbus-x11 dbusmenu-qt5 ddrescue deltarpm device-mapper-multipath device-mapper-multipath-libs
                            dialog dist-git dist-git-selinux distribution-gpg-keys dmlite-puppet-dpm dnf dnf-data dnf-plugins-core dnf-utils docbook-dtds
                            docbook-style-xsl dpkg-devel dracut-config-generic dracut-config-rescue dracut-kiwi-lib dracut-kiwi-live dracut-kiwi-oem-dump
                            dracut-kiwi-oem-repart dracut-kiwi-overlay dracut-live dracut-network dracut-squash dracut-sshd dracut-tools drm-utils dropbear drpm dwz
                            ebtables-services edk2-aarch64 edk2-ovmf efi-srpm-macros esmtp fail2ban-selinux fail2ban-server fail2ban-systemd fakeroot fakeroot-libs
                            fcoe-utils fedora-coreos-config-transpiler fedora-workstation-repositories fftw-libs-double flexiblas flexiblas-netlib flexiblas-netlib64
                            flexiblas-openblas-openmp flexiblas-openblas-openmp64 fmf fmt folks fontawesome-fonts fontawesome-fonts-web fonts-srpm-macros fpc-srpm-macros
                            freeglut freeipmi freexl gc gcc gdal-libs gdb-minimal gdk-pixbuf2-xlib genisoimage geos ghc-srpm-macros git git-core-doc git-daemon
                            glib2-devel glusterfs glusterfs-cli glusterfs-client-xlators glusterfs-fuse gnat-srpm-macros gnome-extensions-app
                            gnome-shell-extension-activities-configurator gnome-shell-extension-appindicator gnome-shell-extension-argos
                            gnome-shell-extension-auto-move-windows gnome-shell-extension-bubblemail gnome-shell-extension-dash-to-dock
                            gnome-shell-extension-desktop-icons gnome-shell-extension-disconnect-wifi gnome-shell-extension-do-not-disturb-button
                            gnome-shell-extension-drive-menu gnome-shell-extension-emoji-selector gnome-shell-extension-freon gnome-shell-extension-gamemode
                            gnome-shell-extension-gpaste gnome-shell-extension-gsconnect gnome-shell-extension-historymanager-prefix-search
                            gnome-shell-extension-ibus-font gnome-shell-extension-material-shell gnome-shell-extension-media-player-indicator
                            gnome-shell-extension-native-window-placement gnome-shell-extension-netspeed gnome-shell-extension-openweather gnome-shell-extension-pidgin
                            gnome-shell-extension-pomodoro gnome-shell-extension-pop-shell gnome-shell-extension-pop-shell-shortcut-overrides
                            gnome-shell-extension-refresh-wifi gnome-shell-extension-remove-bluetooth-icon gnome-shell-extension-screenshot-window-sizer
                            gnome-shell-extension-suspend-button gnome-shell-extension-system-monitor-applet gnome-shell-extension-topicons-plus
                            gnome-shell-extension-unite gnome-shell-extension-user-theme gnome-shell-extension-windowoverlay-icons gnome-shell-extension-windowsNavigator
                            gnome-shell-extension-workspace-indicator gnome-tweaks go-filesystem go-srpm-macros golang-github-boltdb-bolt-devel
                            golang-github-burntsushi-toml-devel golang-github-coreos-systemd-devel golang-github-creack-pty-devel golang-github-godbus-dbus-devel
                            golang-github-google-cmp-devel golang-github-google-renameio-devel golang-github-gorilla-mux-devel golang-github-jessevdk-flags-devel
                            golang-github-juju-ratelimit-devel golang-github-kisielk-gotool-devel golang-github-kr-pretty-devel golang-github-kr-text-devel
                            golang-github-mvo5-goconfigparser-devel golang-github-rogpeppe-internal-devel golang-github-seccomp-libseccomp-devel
                            golang-github-sergi-diff-devel golang-github-snapcore-gettext-devel golang-github-yuin-goldmark-devel golang-honnef-tools-devel
                            golang-mvdan-gofumpt-devel golang-mvdan-xurls-devel golang-x-crypto-devel golang-x-mod-devel golang-x-net-devel golang-x-net-http-devel
                            golang-x-sync-devel golang-x-sys-devel golang-x-text-devel golang-x-tools-devel golang-x-xerrors-devel gom google-chrome-stable
                            google-roboto-slab-fonts gpaste gpaste-libs gpaste-ui gpgmepp gpm gpm-libs graphviz grub-customizer grub2-breeze-theme grub2-efi-x64-cdboot
                            grub2-efi-x64-modules grub2-tools-efi grub2-tools-extra gsl gts guake guile22 hddtemp hdf-libs hdf5 hexedit hivex http-parser ignition
                            igt-gpu-tools ilmbase imlib2 inxi ipmitool ipxe-bootimgs ipxe-roms-qemu irssi iscsi-initiator-utils iscsi-initiator-utils-iscsiuio isl
                            isns-utils-libs jose jq js-jquery json-glib-devel kcm_systemd kde-cli-tools kde-filesystem kde-settings kdesu kernel-srpm-macros kexec-tools
                            keybinder3 kf5-attica kf5-filesystem kf5-kactivities kf5-kactivities-stats kf5-karchive kf5-kauth kf5-kbookmarks kf5-kcmutils kf5-kcodecs
                            kf5-kcompletion kf5-kconfig-core kf5-kconfig-gui kf5-kconfigwidgets kf5-kcoreaddons kf5-kcrash kf5-kdbusaddons kf5-kdeclarative kf5-kdesu
                            kf5-kdoctools kf5-kglobalaccel kf5-kglobalaccel-libs kf5-kguiaddons kf5-ki18n kf5-kiconthemes kf5-kinit kf5-kio-core kf5-kio-core-libs
                            kf5-kio-doc kf5-kio-file-widgets kf5-kio-gui kf5-kio-ntlm kf5-kio-widgets kf5-kio-widgets-libs kf5-kirigami2 kf5-kitemmodels kf5-kitemviews
                            kf5-kjobwidgets kf5-knotifications kf5-kpackage kf5-kpty kf5-kservice kf5-ktextwidgets kf5-kwallet kf5-kwallet-libs kf5-kwidgetsaddons
                            kf5-kwindowsystem kf5-kxmlgui kf5-solid kf5-sonnet-core kf5-sonnet-ui kubernetes-ansible kubernetes-ansible-vagrant lasi lato-fonts libXaw
                            libXcomp libaec libappindicator-gtk3 libblkid-devel libblockdev-btrfs libblockdev-kbd libblockdev-mpath libblockdev-nvdimm libbtrfs
                            libbtrfsutil libburn libcaca libcacard libcomps libconfig libdap libdb-utils libdbusmenu libdbusmenu-gtk3 liberation-fonts libesmtp libestr
                            libfastjson libfdt libffi-devel libgeotiff libgfapi0 libgfortran libgfrpc0 libgfxdr0 libgit2 libglusterd0 libglusterfs0 libgta libguestfs
                            libguestfs-tools-c libguestfs-xfs libhandy libibumad libindicator-gtk3 libiscsi libisoburn libisofs libjose libkcapi-fipscheck libkml
                            libkworkspace5 libldm liblockfile libluksmeta libmount-devel libmpc libnbd libnbd-bash-completion libnbd-devel libnfs liboping libotr libpeas
                            libpmem libpq libpsl-devel libqb libqhull libquadmath librados2 librbd1 librdmacm libreport libreport-gtk libreport-plugin-reportuploader
                            libreport-web libseccomp-devel libselinux-devel libsepol-devel libsodium libsoup-devel libspatialite libssh2 libtar libtomcrypt libtommath
                            liburing libusal libuv libva libvirt-bash-completion libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface
                            libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu
                            libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk
                            libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct
                            libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd
                            libvirt-daemon-driver-storage-scsi libvirt-daemon-driver-storage-sheepdog libvirt-daemon-driver-storage-zfs libvirt-daemon-kvm libvirt-libs
                            libwmf-lite libwsman1 libxml2-devel linuxconsoletools lldpad lm_sensors lm_sensors-libs lsscsi lttng-ust lua-srpm-macros luksmeta lutris lzop
                            m4 mailx make mariadb-connector-c mariadb-connector-c-config mbuffer mc mcstrans mdevctl media-player-info memcached-selinux mesa-libGLU
                            minizip-compat mock mock-core-configs mock-filesystem mod_ssl moreutils mtools nautilus-gsconnect nautilus-python nbd nbd-cli nbd-runner
                            nbd-runner-azblk-handler nbd-runner-gluster-handler nbd-runner-utils nbdfuse nbdkit nbdkit-bash-completion nbdkit-basic-filters
                            nbdkit-basic-plugins nbdkit-cc-plugin nbdkit-cdi-plugin nbdkit-curl-plugin nbdkit-devel nbdkit-example-plugins nbdkit-ext2-filter
                            nbdkit-guestfs-plugin nbdkit-gzip-filter nbdkit-iso-plugin nbdkit-libvirt-plugin nbdkit-linuxdisk-plugin nbdkit-lua-plugin nbdkit-nbd-plugin
                            nbdkit-ocaml-plugin nbdkit-ocaml-plugin-devel nbdkit-perl-plugin nbdkit-python-plugin nbdkit-ruby-plugin nbdkit-server nbdkit-ssh-plugin
                            nbdkit-tar-filter nbdkit-tar-plugin nbdkit-tcl-plugin nbdkit-tmpdisk-plugin nbdkit-torrent-plugin nbdkit-vddk-plugin nbdkit-xz-filter ndctl
                            ndctl-libs nemo nemo-extensions nemo-gsconnect nemo-python neofetch netcdf netcf-libs netpbm netstat-monitor netstat-nat newt nim-srpm-macros
                            nmap-ncat numactl-libs numad nvme-cli nx-libs nxproxy ocaml ocaml-compiler-libs ocaml-libnbd ocaml-libnbd-devel ocaml-runtime
                            ocaml-srpm-macros ogdi oniguruma openal-soft openbios openblas openblas-openmp openblas-openmp64 openblas-srpm-macros openssh-cavs openssl
                            packer parallel pcre-cpp pcre-devel pcre-utf16 pcre-utf32 pcre2-devel perl-Compress-Raw-Bzip2 perl-Compress-Raw-Zlib perl-Cpanel-JSON-XS
                            perl-DynaLoader perl-Error perl-File-Copy perl-File-Find perl-Filter perl-Git perl-IO-Compress perl-IO-Tty perl-IPC-Run perl-JSON-XS
                            perl-Math-BigInt perl-NKF perl-Sys-Syslog perl-TermReadKey perl-Text-Unidecode perl-Thread-Queue perl-Time-Duration perl-Time-HiRes
                            perl-TimeDate perl-Types-Serialiser perl-XML-Dumper perl-XML-Parser perl-XML-XPath perl-common-sense perl-encoding perl-lib perl-open
                            perl-srpm-macros perl-threads perl-threads-shared plasma-systemsettings plasma-workspace-common plymouth-plugin-fade-throbber
                            plymouth-plugin-script plymouth-plugin-space-flares policycoreutils-dbus policycoreutils-devel policycoreutils-gui polkit-qt5 postfix
                            pre-commit profile-cleaner proj proj-datumgrid publicsuffix-list pv python-btrfs-doc python-cookiecutter-doc python-django-bash-completion
                            python-gilt-doc python-git-url-parse-doc python-molecule-doc python-qt5-rpm-macros python-rpm-macros python-sphinx_ansible_theme-doc
                            python-srpm-macros python-systemd-doc python-wheel-wheel python2-psutil python2-rpm-macros python2.7 python3-Bottleneck python3-CommonMark
                            python3-GitPython python3-ansible-inventory-grapher python3-ansible-lint python3-ansible-review python3-ansible-runner python3-anyjson
                            python3-appdirs python3-ara python3-ara-server python3-ara-tests python3-argcomplete python3-arrow python3-asgiref python3-attrs
                            python3-babel python3-bcrypt python3-binaryornot python3-blessed python3-box python3-btrfs python3-cachetools python3-casttube
                            python3-cccolutils python3-cerberus python3-certifi python3-cffi python3-cfgv python3-chromecast python3-click python3-click-completion
                            python3-click-help-colors python3-cliff python3-cmd2 python3-collectd_puppet python3-colorama python3-cookiecutter python3-cryptography
                            python3-cycler python3-daemon python3-dateutil python3-dbus-client-gen python3-dbus-python-client-gen python3-dbus-signature-pyparsing
                            python3-devel python3-dictdiffer python3-distlib python3-django python3-django-cors-headers python3-django-filter python3-django-health-check
                            python3-django-rest-framework python3-dnf python3-dnf-plugins-core python3-docker python3-docutils python3-dotenv 'python3-dotenv+cli'
                            python3-dynaconf python3-enlighten python3-factory-boy python3-faker python3-fasteners python3-file-magic python3-filelock python3-flake8
                            python3-fluidity-sm python3-fmf python3-future python3-gdal python3-gilt python3-git-url-parse python3-gitdb python3-google-auth python3-gpg
                            python3-grokmirror python3-gssapi python3-gstreamer1 python3-hawkey python3-identify python3-ifaddr python3-imagesize python3-iniconfig
                            python3-iniparse python3-into-dbus-python python3-invoke python3-jinja2 python3-jinja2-time python3-jmespath python3-jsonschema
                            python3-justbases python3-justbytes python3-jwt 'python3-jwt+crypto' python3-kickstart python3-kiwisolver python3-koji python3-kubernetes
                            python3-lexicon python3-libcomps python3-libdnf python3-libmodulemd python3-libnbd python3-libreport python3-lockfile python3-lxml
                            python3-markupsafe python3-marshmallow python3-matplotlib python3-matplotlib-data python3-matplotlib-data-fonts python3-matplotlib-tk
                            python3-mccabe python3-mock python3-molecule python3-molecule-docker python3-molecule-podman python3-more-itertools python3-msgpack
                            python3-netaddr python3-network-runner python3-networkx python3-newt python3-nodeenv python3-ntlm-auth python3-numexpr python3-numpy
                            python3-numpy-f2py python3-oauthlib 'python3-oauthlib+signedtoken' python3-openshift python3-ordered-set python3-packaging python3-pandas
                            python3-pandas-datareader python3-paramiko python3-pathspec python3-pbr python3-pluggy python3-ply python3-podman-api python3-poyo
                            python3-prettytable python3-progressbar2 python3-protobuf python3-psutil python3-py python3-pyOpenSSL python3-pyasn1 python3-pyasn1-modules
                            python3-pycodestyle python3-pycparser python3-pydbus python3-pydot python3-pyflakes python3-pygments python3-pygraphviz python3-pynacl
                            python3-pyparsing python3-pyperclip python3-pyqt5-sip python3-pyroute2 python3-pyrsistent python3-pytest python3-pytz python3-pyyaml
                            python3-qt5 python3-qt5-base python3-requests-download python3-requests-gssapi python3-requests-oauthlib python3-requests_ntlm python3-rich
                            python3-rpkg python3-rpm-generators python3-rpm-macros python3-rsa python3-ruamel-yaml python3-ruamel-yaml-clib python3-scipy
                            python3-semantic_version python3-sh python3-shellingham python3-simplejson python3-slugify python3-smmap python3-snowballstemmer
                            python3-sphinx python3-sphinx-notfound-page python3-sphinx-theme-alabaster python3-sphinx_ansible_theme python3-sphinx_rtd_theme
                            python3-sphinxcontrib-applehelp python3-sphinxcontrib-devhelp python3-sphinxcontrib-htmlhelp python3-sphinxcontrib-jsmath
                            python3-sphinxcontrib-qthelp python3-sphinxcontrib-serializinghtml python3-sqlparse python3-stevedore python3-string_utils python3-systemd
                            python3-tables python3-tabulate 'python3-tabulate+widechars' python3-testinfra python3-text-unidecode python3-tkinter python3-toml
                            python3-tree-format python3-typing-extensions python3-tzlocal python3-unbound python3-unidiff python3-utils python3-varlink
                            python3-virtualenv python3-wcwidth python3-websocket-client python3-wheel python3-whitenoise python3-winrm python3-xapps-overrides
                            python3-xlrd python3-xlwt python3-xmltodict python3-zeroconf qemu qemu-audio-alsa qemu-audio-oss qemu-audio-pa qemu-audio-sdl qemu-block-curl
                            qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-char-baum qemu-common
                            qemu-device-display-qxl qemu-device-usb-redirect qemu-device-usb-smartcard qemu-img qemu-kvm qemu-kvm-core qemu-system-aarch64
                            qemu-system-aarch64-core qemu-system-alpha qemu-system-alpha-core qemu-system-arm qemu-system-arm-core qemu-system-avr qemu-system-avr-core
                            qemu-system-cris qemu-system-cris-core qemu-system-lm32 qemu-system-lm32-core qemu-system-m68k qemu-system-m68k-core qemu-system-microblaze
                            qemu-system-microblaze-core qemu-system-mips qemu-system-mips-core qemu-system-moxie qemu-system-moxie-core qemu-system-nios2
                            qemu-system-nios2-core qemu-system-or1k qemu-system-or1k-core qemu-system-ppc qemu-system-ppc-core qemu-system-riscv qemu-system-riscv-core
                            qemu-system-rx qemu-system-rx-core qemu-system-s390x qemu-system-s390x-core qemu-system-sh4 qemu-system-sh4-core qemu-system-sparc
                            qemu-system-sparc-core qemu-system-tricore qemu-system-tricore-core qemu-system-unicore32 qemu-system-unicore32-core qemu-system-x86
                            qemu-system-x86-core qemu-system-xtensa qemu-system-xtensa-core qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-ui-spice-app qemu-user
                            qt5-qtconnectivity qt5-qtgraphicaleffects qt5-qtlocation qt5-qtmultimedia qt5-qtquickcontrols qt5-qtquickcontrols2 qt5-qtsensors
                            qt5-qtserialport qt5-qtspeech qt5-qtspeech-speechd qt5-qtsvg qt5-qttools-common qt5-qttools-libs-designer qt5-qttools-libs-help
                            qt5-qtwebchannel qt5-qtwebkit qt5-qtwebsockets qt5-srpm-macros radvd rb_libtorrent recoll recoll-gssp redhat-rpm-config remmina
                            remmina-gnome-session remmina-plugins-exec remmina-plugins-nx remmina-plugins-rdp remmina-plugins-secret remmina-plugins-st
                            remmina-plugins-vnc remmina-plugins-xdmcp rpkg rpkg-common rpkg-macros rpm-build rpm-git-tag-sort rpm-plugin-systemd-inhibit rpmdevtools
                            rpmlint rsyslog ruby ruby-default-gems ruby-devel ruby-libs rubygem-bigdecimal rubygem-builder rubygem-bundler rubygem-excon rubygem-fog-core
                            rubygem-fog-json rubygem-fog-libvirt rubygem-fog-xml rubygem-formatador rubygem-io-console rubygem-irb rubygem-json rubygem-mime-types
                            rubygem-mime-types-data rubygem-multi_json rubygem-nokogiri rubygem-openssl rubygem-psych rubygem-puppet-lint rubygem-puppet-lint-doc
                            rubygem-racc rubygem-rake rubygem-rdoc rubygem-rspec-core rubygem-rspec-support rubygem-ruby-libvirt rubygems rubypick rust-srpm-macros satyr
                            screenfetch scrub seabios-bin seavgabios-bin secilc selinux-policy-devel sepolicy_analysis setools setools-console setools-console-analyses
                            setools-gui setroubleshoot setroubleshoot-plugins setroubleshoot-server sgabios-bin sgml-common sheepdog slang snap-confine snapd snapd-devel
                            snapd-glib snapd-glib-devel snapd-glib-tests snapd-qt snapd-qt-qml snapd-qt-tests snapd-selinux snappy spice-server sqlite sqlite-devel
                            squashfs-tools sscg sshrc standard-test-roles standard-test-roles-inventory-qemu stratis-cli stratisd supermin syncthing syncthing-cli
                            syncthing-tools syslinux syslinux-extlinux syslinux-extlinux-nonlinux syslinux-nonlinux system-switch-mail system-switch-mail-gui
                            systemd-bootchart systemd-container systemd-devel terraform texlive-base texlive-cm-svn49028 texlive-dvipng texlive-epstopdf-pkg-svn53546
                            texlive-etex-svn37057.0 texlive-graphics-def-svn54522 texlive-hyph-utf8-svn54568 texlive-hyphen-base-svn54763 texlive-knuth-lib-svn35820.0
                            texlive-kpathsea texlive-lib texlive-luatex texlive-plain-svn43076 texlive-tex-ini-files-svn40533 texlive-texlive-scripts
                            texlive-texlive.infra texlive-unicode-data-svn54758 tigervnc-license tigervnc-server-minimal tix tk tpm2-tools twitter-twemoji-fonts udica
                            udisks2-bcache udisks2-btrfs unbound-libs unixODBC uriparser usbguard usbguard-selinux usbredir usermode usermode-gtk userspace-rcu vagrant
                            vagrant-libvirt vim-common vim-filesystem virglrenderer w3m w3m-img watchdog web-assets-filesystem webextension-gsconnect
                            webextension-token-signing wine-systemd wmctrl xapian-core-libs xapps xemacs-filesystem xen-libs xen-licenses xerces-c xmlrpc-c
                            xmlrpc-c-client xorg-x11-server-Xephyr xorg-x11-server-Xvfb xorriso xrdp xrdp-selinux xxhash-libs xz-devel yamllint zerofree zfs-fuse zincati
                            zstd zziplib
                 Initramfs: -f 

/root/.ssh/authorized_keys permissions:

-rw-------. 1 root root system_u:object_r:ssh_home_t:s0 388 Nov 15 19:03 /root/.ssh/authorized_keys
-rw-------. 1 root root system_u:object_r:ssh_home_t:s0 388 Nov 15 19:03 /var/roothome/.ssh/authorized_keys

Expected vs actual behavior

# rpm-ostree initramfs --enable --arg='-f' --arg="--debug"

rpm-ostree doesn't install the dracut-sshd module, Journal shows the folowing:

Nov 16 20:50:18 Tubingen rpm-ostree[13738]: dracut: No authorized_keys for root user found!

Expected:

# rpm-ostree initramfs --enable --arg='-f' --arg="--debug"

rpm-ostree installs the dracut-sshd module, without the above error message in the journal Steps to reproduce it

1. Enable https://copr.fedorainfracloud.org/coprs/gsauthof/dracut-sshd/
2. rpm-ostree install dracut-sshd
3. Create /var/roothome/.ssh/authorized_keys
4. Generate initramfs a. Run rpm-ostree initramfs --enable --arg='-f' --arg="--debug" b. In parallel on another terminal run journalctl -faxe|grep rpm-ostree to see the output

Would you like to work on the issue?

I'm happy to work on the issue in my free time, but I'd prefer to have someone who knows Silverblue better to handle it.

[lucab]

@suhancz thank for the report. If I'm reading this right, the dracut module is indeed installed and run, but this check here is failing. If so, it sounds like the "test for file readability" is having some troubles. Can you maybe quickly hack that module to also print the output of id and ls -laZ /root/.ssh /root/.ssh/** right before that check? Additionally, are there any SELinux denials in the journal, or does this work in permissive mode?

[suhancz]

@lucab thanks for the response. I've added a few debug options to my branch of the module to see what's happening. SELinux doesn't seem to be enabled during the build. Apparently the initramfs build runs under a tmpfs called /newroot that doesn't contain root's home directory, /root. See the debug output below.

Nov 17 15:24:16 Tubingen rpm-ostree[13951]: root
Nov 17 15:24:16 Tubingen rpm-ostree[12911]: /
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: TARGET                  SOURCE                                                                                                                                                          FSTYPE   OPTIONS
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: /                       tmpfs[/newroot]                                                                                                                                                 tmpfs    rw,nosuid,nodev,relatime,seclabel,inode64
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: |-/dev                  tmpfs                                                                                                                                                           tmpfs    rw,nosuid,nodev,relatime,seclabel,mode=755,inode64
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | |-/dev/null           devtmpfs[/null]                                                                                                                                                 devtmpfs rw,nosuid,noexec,seclabel,size=4930676k,nr_inodes=1232669,mode=755,inode64
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | |-/dev/zero           devtmpfs[/zero]                                                                                                                                                 devtmpfs rw,nosuid,noexec,seclabel,size=4930676k,nr_inodes=1232669,mode=755,inode64
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | |-/dev/full           devtmpfs[/full]                                                                                                                                                 devtmpfs rw,nosuid,noexec,seclabel,size=4930676k,nr_inodes=1232669,mode=755,inode64
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | |-/dev/random         devtmpfs[/random]                                                                                                                                               devtmpfs rw,nosuid,noexec,seclabel,size=4930676k,nr_inodes=1232669,mode=755,inode64
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | |-/dev/urandom        devtmpfs[/urandom]                                                                                                                                              devtmpfs rw,nosuid,noexec,seclabel,size=4930676k,nr_inodes=1232669,mode=755,inode64
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | |-/dev/tty            devtmpfs[/tty]                                                                                                                                                  devtmpfs rw,nosuid,noexec,seclabel,size=4930676k,nr_inodes=1232669,mode=755,inode64
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | `-/dev/pts            devpts                                                                                                                                                          devpts   rw,nosuid,noexec,relatime,seclabel,mode=620,ptmxmode=666
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: |-/proc                 proc                                                                                                                                                            proc     rw,nosuid,nodev,noexec,relatime
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | |-/proc/sysrq-trigger proc[/sysrq-trigger]                                                                                                                                            proc     ro,nosuid,nodev,noexec,relatime
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | |-/proc/irq           proc[/irq]                                                                                                                                                      proc     ro,nosuid,nodev,noexec,relatime
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: | `-/proc/bus           proc[/bus]                                                                                                                                                      proc     ro,nosuid,nodev,noexec,relatime
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: |-/sys/block            sysfs[/block]                                                                                                                                                   sysfs    ro,nosuid,nodev,noexec,relatime,seclabel
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: |-/sys/bus              sysfs[/bus]                                                                                                                                                     sysfs    ro,nosuid,nodev,noexec,relatime,seclabel
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: |-/sys/class            sysfs[/class]                                                                                                                                                   sysfs    ro,nosuid,nodev,noexec,relatime,seclabel
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: |-/sys/dev              sysfs[/dev]                                                                                                                                                     sysfs    ro,nosuid,nodev,noexec,relatime,seclabel
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: |-/sys/devices          sysfs[/devices]                                                                                                                                                 sysfs    ro,nosuid,nodev,noexec,relatime,seclabel
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: |-/etc                  /dev/mapper/luks-989a2293-84bb-4c90-aba3-e818b7c52036[/root/ostree/deploy/fedora/deploy/8adcc75120d651f887c4993230459d7aad57a65d5f9e03e8898c940a2134ba71.0/etc] btrfs    ro,nosuid,nodev,relatime,seclabel,ssd,space_cache,subvolid=257,subvol=/root
Nov 17 15:24:16 Tubingen rpm-ostree[13952]: `-/usr                  /dev/mapper/luks-989a2293-84bb-4c90-aba3-e818b7c52036[/root/ostree/repo/extensions/rpmostree/private/commit/usr]                                                btrfs    ro,nosuid,nodev,relatime,seclabel,ssd,space_cache,subvolid=257,subvol=/root
Nov 17 15:24:16 Tubingen rpm-ostree[13953]: find: '/root': No such file or directory
Nov 17 15:24:16 Tubingen rpm-ostree[13954]: ls: cannot access '/root/.ssh/authorized_keys': No such file or directory
Nov 17 15:24:16 Tubingen rpm-ostree[13955]: id: --context (-Z) works only on an SELinux-enabled kernel

[jlebon]

Yes, rpm-ostree runs dracut inside a container which doesn't have the local /var mounted. This is by design (see https://bugzilla.redhat.com/show_bug.cgi?id=1352154).

Hmm, I guess we could mount it read-only and that would fix your use case?

Backing up though, are you trying to use dracut-sshd for automatic rootfs unlocking? In Fedora CoreOS (and RHCOS), we're using Clevis for this which should work fine in Fedora Silverblue too. I see you already have it layered, so you should be able to just enroll your LUKS device into a Tang or TPM2 pin, regenerate the initramfs, and add rd.neednet=1 if using Tang pinning.

[suhancz]

Yes, I'd appreciate a read-only mount, I guess this would fix the issue.

For what I've read about Tang it needs an external service running, while I'm using this on some boxes without TPM, so that would neither be an option. My use case is about having an old server, which in any disasterous case reboots I can just open it (having my SSH public key on me).

[jlebon]

Alternatively, I don' think it'd be too unreasonable to have dracut-sshd also check e.g. /etc/dracut-sshd/authorized_keys. Then you could have separate authorized keys for the initrd vs the real root.

[suhancz]

Agreed, though the original tool does check for alternative keys, unfortunately so far only in /root. I've already suggested it to work around the issue in subject.

[suhancz]

I found a similar issue when trying to install fido2luks. As this is also about the mount tree, I consider it worth to update this ticket instead of opening a new one. The mentioned Dracut module uses /dev/log which apparently is a symlink pointing to /run/systemd/journal/dev-log on Silverblue (and probably rpm-ostree at all). As /run is neither mounted while generating initramfs, I'd appreciate to include that one, too. To test feel free to use my COPR repo. Please, let me know if I should rather open a new issue for this one in the tracker.

[suhancz]

I found another issue related to dracut-sshd. It runs sshd with privilege separation by default, which on Fedora depends on /var/empty/sshd. As /var is not mounted initramfs setup time, this also causes sshd to fail starting up.

[travier]

The /var/empty/sshd issue should be fixed in F34 with https://src.fedoraproject.org/rpms/openssh/pull-request/14 and https://github.com/gsauthof/dracut-sshd/pull/38 is fixed so dracut-sshd support should be good.

I could not find where the fido2luks dracut module uses /dev/log. Could you point me to that?