search

dracutdevs / dracut

dracut the event driven initramfs infrastructure
https://github.com/dracutdevs/dracut/wiki
GNU General Public License v2.0
604 stars 400 forks source link

feat(sh): shell meta module #2459

Closed Henrik66 closed 1 year ago

Henrik66 commented 1 year ago

Improve shell selection

Checklist

Henrik66 commented 1 year ago

Current version of this PR is based on this comment on another PR https://github.com/dracutdevs/dracut/pull/2368#issuecomment-1588285469

LaszloGombos commented 1 year ago

@FGrose Can you please help us review and understand what this solution is lacking so that we can compare it with https://github.com/dracutdevs/dracut/pull/2368 .

Would you be able to iterate on top of this PR if we manage to land this PR ?

What are the bugs/known issues on this simpler version of the PR ?

FGrose commented 1 year ago

Complexities arise when we seek to properly support the 4 approved command shells (dash, bash, mksh, & busybox) in rd.debug & rd.live.debug modes. PR #2287 addresses a couple of bugs resulting from mksh having only local xtrace. The solution uses a feature introduced in bash-4.4 from 2016-09-15. This leads to the need to check the installed bash version after any native or 3rd party module might install it or link it to /bin/sh (as the squash module does in an installpost operation). Commit 7e265ec37fce1038ff34c6bab37ccf00d1dc123f deals with the bash version check.

A supported, but less common feature of dracut is the ability to build divided initramfs images where, for example, 2 or more images are entered on the GRUB initrd/initrdefi command line. In this case, or in the case of building an incremental initramfs image with --rebuild, one might desire to have no command shell installed. For this, some mechanism to exclude the installation of a shell is needed. Commit 48c7205fe073c86bb580ae8299ad5c778f73b4a9 addresses this.

The implicit installation of a command shell by dracut-install.c during the Resolving executable dependencies phase of dracut.sh means that an explicit call for a shell must occur before that phase of processing. Here is a simple test case:

  1. ln -sf mksh /bin/sh
  2. dracut /tmp/initrd-test.img -m selinux with the test PR #2459, /usr/bin/mksh will be installed without the dependency /usr/bin/printf and without reporting mksh in /usr/lib/dracut/modules.txt.

Commit ef9faa253455bb40b2a8249737cb2834ef710b1e is designed to run after all module checks have occurred and assures that a command shell is explicitly loaded before the executable dependencies are checked. It is also coded so that it does its work automatically and without the meta module name being included in /usr/lib/dracut/modules.txt.

stale[bot] commented 1 year ago

This issue is being marked as stale because it has not had any recent activity. It will be closed if no further activity occurs. If this is still an issue in the latest release of Dracut and you would like to keep it open please comment on this issue within the next 7 days. Thank you for your contributions.