Use chroot instead of --sysroot in dracut

[aplanas]

cc @aafeijoo-suse

[aplanas]

First, thanks for working on this. TL;DR it works, but with some drawbacks that we must evaluate.

Thanks for the review!

* No dependency for the ESP device, because /boot/efi is not mounted in the chroot environment. For a regular use case, it's ok, because it's not needed. But, do you need this for `dracut-pcr-signature`?

For dracut-pcr-signature should not be needed during the initrd creation. The modules and scripts that should be included in the initrd are in the rootfs. The json file is later included in the initrd but in memory, never on disk.

Do you recommend to mount /boot/efi in the chroot env?

* The root device is not identified as root device by dracut

Is this fixed by adding '--add-device' "$root_device" in the dracut parameters?

[aafeijoo-suse]

Do you recommend to mount /boot/efi in the chroot env?

Personally, no. I've been trying to remove this (IMO useless) dependency for quite some time now: https://github.com/dracutdevs/dracut/issues/2044

* The root device is not identified as root device by dracut

Is this fixed by adding '--add-device' "$root_device" in the dracut parameters?

No, that doesn't work, and it's not necessary because the initrd has a required dependency on the root device. The problem is around the mountpoint / code. We could think about manually installing a conf file with the missing kernel command line options under /etc/cmdline.d/ using --include? Although I'm not sure if all are necessary, e.g., root= is the same in our case, and the other options seem redundant.

localhost:~ # for i in $(</proc/cmdline); do echo $i | grep -e "root=" -e "rootfstype=" -e "rootflags="; done
root=UUID=045fa833-1b00-47b4-b476-ddacf2e817ac
rootflags=subvol=@/.snapshots/9/snapshot

localhost:~ # for i in $(lsinitrd -f etc/cmdline.d/95root-dev.conf /boot/efi/opensuse-microos/6.10.5-1-default/initrd-cfcd53aa0dc8bda31781c9e3d9628526c2e16257); do echo $i | grep -e "root=" -e "rootfstype=" -e "rootflags="; done
root=UUID=045fa833-1b00-47b4-b476-ddacf2e817ac
rootfstype=btrfs
rootflags=ro

[TobiPeterG]

Do you recommend to mount /boot/efi in the chroot env?

Personally, no. I've been trying to remove this (IMO useless) dependency for quite some time now: https://github.com/dracutdevs/dracut/issues/2044

* The root device is not identified as root device by dracut

Is this fixed by adding '--add-device' "$root_device" in the dracut parameters?

No, that doesn't work, and it's not necessary because the initrd has a required dependency on the root device. The problem is around the mountpoint / code. We could think about manually installing a conf file with the missing kernel command line options under /etc/cmdline.d/ using --include? Although I'm not sure if all are necessary, e.g., root= is the same in our case, and the other options seem redundant.

localhost:~ # for i in $(</proc/cmdline); do echo $i | grep -e "root=" -e "rootfstype=" -e "rootflags="; done
root=UUID=045fa833-1b00-47b4-b476-ddacf2e817ac
rootflags=subvol=@/.snapshots/9/snapshot

localhost:~ # for i in $(lsinitrd -f etc/cmdline.d/95root-dev.conf /boot/efi/opensuse-microos/6.10.5-1-default/initrd-cfcd53aa0dc8bda31781c9e3d9628526c2e16257); do echo $i | grep -e "root=" -e "rootfstype=" -e "rootflags="; done
root=UUID=045fa833-1b00-47b4-b476-ddacf2e817ac
rootfstype=btrfs
rootflags=ro

Just a quick comment, afaik the dracut repo you linked is dead. This is the repo Arch switched to: https://github.com/dracut-ng/dracut-ng So maybe have a try there, maybe they already fixed it :)

There is an issue open on the dracut repo you linked. Afaik there are also some efforts on openSUSE's side to switch to it :)

[aafeijoo-suse]

Although I'm not sure if all are necessary, e.g., root= is the same in our case, and the other options seem redundant.

Ahh, these options are only necessary if root= is not directly passed on the kernel command line: https://github.com/openSUSE/dracut/blob/SUSE/059/modules.d/98dracut-systemd/rootfs-generator.sh#L92

So, we should be safe.

[aafeijoo-suse]

Just a quick comment, afaik the dracut repo you linked is dead. This is the repo Arch switched to: https://github.com/dracut-ng/dracut-ng So maybe have a try there, maybe they already fixed it :)

No, it was not fixed, and after almost 2 years I gave up: https://github.com/dracut-ng/dracut-ng/pull/335