Closed Freakygnome closed 2 years ago
I think it would be better to use a dracut configuration file for this, so it would be more "permanent". Passing the extra configuration directly in the dracut invocation will work for this particular call performed by the role, but the next time the initramfs is updated -- e.g. during a kernel update --, dracut will not be executed with these extra parameters .
Good point would adding a step to the main-clevis.yml to check and modify the dracut config be suitable?
[citest commit:a3f9f5d653cdbc9467eb3f89d91f30c00efe5081]
I fixed the black
errors - if you rebase on top of the latest, those will go away. However, the yamllint and ansible-lint issues need to be fixed.
ping - can you rebase?
[citest commit:1a0300a592d9eac9a06d5bc772a494b0d78a7d91]
ping - ready for review?
Not yet hoping to get this ready in the next few days
[citest commit:912106cb5c79b770c0beab7e0e71066b4f777c37]
@ukulekek the statuses are stuck in pending - will this be fixed by using tft-bot?
[citest commit:912106cb5c79b770c0beab7e0e71066b4f777c37]
[citest commit:c84a41bf2e92158f94d9082244e87f52794c1e78]
Looks good to me, thanks. @richm, could you take another look as well, please?
[citest commit:108e28f6981107bd28ab116b2390955d9e2a9464]
[citest commit:f70235e757120fa54c9109eb9b848594de30c9d2]
[citest pending]
[citest pending]
[citest pending]
[citest pending]
[citest pending]
how does this PR relate to https://github.com/linux-system-roles/nbde_client/pull/58 ?
[citest pending]
[citest bad]
how does this PR relate to #58 ?
how does this PR relate to #58 ?
That other PR would be a superset of this, as it also enables network in the initramfs. This one could be closed, if the other one gets merged.
how does this PR relate to #58 ?
how does this PR relate to #58 ?
That other PR would be a superset of this, as it also enables network in the initramfs. This one could be closed, if the other one gets merged.
ok - closing
RHEL 8 dracut is no longer adding rd.neednet=1 to initramfs by default. Updated to match Red Hat's recommendation. Refer Section 10.9 of the RHEL 8 security hardening manual.