Enable Dracut's livenet rootfs handling when systemd-networkd is in use. (#10706)

gmileka · web-flow · commit 589445742ef5 · 2024-11-12T12:04:09.000-08:00
diff --git a/SPECS/dracut/90livenet/azl-liveos-artifacts-download.service b/SPECS/dracut/90livenet/azl-liveos-artifacts-download.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=LiveOS Artifacts Download Daemon
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+ExecStart=/sbin/azl-liveos-artifacts-download
+Type=oneshot
+
+[Install]
+WantedBy=multi-user.target
diff --git a/SPECS/dracut/90livenet/azl-liveos-artifacts-download.sh b/SPECS/dracut/90livenet/azl-liveos-artifacts-download.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+# Dracut version 102 does not implement the code path that handles livenet
+# rootfs download (i.e. by calling /sbin/livenetroot) when systemd-networkd
+# is the underlying networking manager.
+#
+# This has been implemented in 103 (see https://github.com/dracut-ng/dracut-ng/pull/388)
+#
+# As a mitigation for 102, this script will be scheduled to be run after the
+# network stack is up and will basically call into the same livenet rootfs
+# handling code.
+
+echo "executing azl-liveos-artifacts-download.sh" > /dev/kmsg
+
+. /usr/lib/dracut-lib.sh
+. /lib/url-lib.sh
+
+root=$(getarg root -d "")
+
+# set dracut environment
+export fstype="auto"
+export DRACUT_SYSTEMD=1
+
+# replace 'live:' with 'livetnet' so that livenetroot can detect it correctly.
+isoUrl="${root#live:}"
+netroot="livenet:"${isoUrl}
+
+# Looking at livenetroot.sh, the first argument is unused in livenetroot.
+# So, we are just providing a placehold here to preserve the order.
+/sbin/livenetroot dummy $netroot
diff --git a/SPECS/dracut/add-livenet-download-service.patch b/SPECS/dracut/add-livenet-download-service.patch
@@ -0,0 +1,56 @@
+From 5aa61cfd4aa5744171812c473ebd7b35e71c8c5a Mon Sep 17 00:00:00 2001
+From: George Mileka <gmileka@microsoft.com>
+Date: Fri, 30 Aug 2024 18:17:00 -0700
+Subject: [PATCH] Enable netroot for systemd-networkd - temporary fix till
+ upgrading to 103+.
+
+Dracut version 102 does not implement the code path that handles livenet
+rootfs download (i.e. by calling /sbin/livenetroot) when systemd-networkd
+is the underlying networking manager.
+
+This has been implemented in 103 (see https://github.com/dracut-ng/dracut-ng/pull/388)
+
+As a mitigation for 102, this patch allows Dracut's livenet module to schedule
+a daemon to run after the network stack is up and running. The daemon will
+then invoke the usual livenet rootfs handling code to download and pivot to
+the new rootfs.
+---
+ modules.d/90livenet/module-setup.sh  | 2 ++
+ modules.d/90livenet/parse-livenet.sh | 8 ++++++++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/modules.d/90livenet/module-setup.sh b/modules.d/90livenet/module-setup.sh
+index db0def50..57fb384a 100755
+--- a/modules.d/90livenet/module-setup.sh
++++ b/modules.d/90livenet/module-setup.sh
+@@ -17,6 +17,8 @@ install() {
+     inst_hook cmdline 29 "$moddir/parse-livenet.sh"
+     inst_hook initqueue/online 95 "$moddir/fetch-liveupdate.sh"
+     inst_script "$moddir/livenetroot.sh" "/sbin/livenetroot"
++    inst_simple "$moddir/azl-liveos-artifacts-download.service" "/etc/systemd/system/azl-liveos-artifacts-download.service"
++    inst_script "$moddir/azl-liveos-artifacts-download.sh" "/sbin/azl-liveos-artifacts-download"
+     if dracut_module_included "systemd-initrd"; then
+         inst_script "$moddir/livenet-generator.sh" "$systemdutildir"/system-generators/dracut-livenet-generator
+     fi
+diff --git a/modules.d/90livenet/parse-livenet.sh b/modules.d/90livenet/parse-livenet.sh
+index a1d14a8f..f8713eb5 100755
+--- a/modules.d/90livenet/parse-livenet.sh
++++ b/modules.d/90livenet/parse-livenet.sh
+@@ -27,6 +27,14 @@ if get_url_handler "$liveurl" > /dev/null; then
+     root="livenet" # quiet complaints from init
+     # shellcheck disable=SC2034
+     rootok=1
++
++    enableAzureLinuxDownloader=$(getarg rd.live.azldownloader=)
++
++    if [[ "$enableAzureLinuxDownloader" == "enable" ]]; then
++        systemctl enable azl-liveos-artifacts-download
++        systemctl start --no-block azl-liveos-artifacts-download
++    fi
++
+     wait_for_dev -n /dev/root
+ else
+     info "livenet: no url handler for $liveurl"
+-- 
+2.34.1
+
diff --git a/SPECS/dracut/dracut.signatures.json b/SPECS/dracut/dracut.signatures.json
@@ -6,10 +6,12 @@
   "00-vrf.conf": "e2885a4b090d8ca3771e60ce6dcd8b849e28ce5002a5c7b71ff796a92deb2810",
   "00-xen.conf": "8b7a89b7716cb40a9c0d681caed6994d81ff4dfad4fe50cea15cd47b885dc5a6",
   "50-noxattr.conf": "61d95f05890ac6ee3355d0a386dd5645d82b7a4202d90305d997fd18c6d139dd",
+  "azl-liveos-artifacts-download.service": "888be8c82297cccd510d7f963611c2360ae67559826b2b474da6d9935237de64",
+  "azl-liveos-artifacts-download.sh": "f21dc68de8c81d8a8128e7a9d7be45d25978f0b5e47a4cf1a2d97b1e171ec045",
   "dracut-102.tar.gz": "601b175cbf4d2ee902bb7bda3af8826ae2ca060c1af880f6da5a833413f4ec70",
   "lgpl-2.1.txt": "dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551",
   "megaraid.conf": "914824cdbe0c525b71efa05a75e453335b0068beb8bc28bef2a5866d74bf7dd4",
   "module-setup.sh": "8f5a0d3cc393d78bcb523b0d53c578d2767d688f00e84b525355bbb31d753da4",
   "overlayfs-mount.sh": "28f47c107a4435c5153bdb5b2f92f20b7a75bf3932216635ee810875c27dd55b"
  }
-}
+}
diff --git a/SPECS/dracut/dracut.spec b/SPECS/dracut/dracut.spec
@@ -4,7 +4,7 @@
 Summary:        dracut to create initramfs
 Name:           dracut
 Version:        102
-Release:        6%{?dist}
+Release:        7%{?dist}
 # The entire source code is GPLv2+
 # except install/* which is LGPLv2+
 License:        GPLv2+ AND LGPLv2+
@@ -24,12 +24,29 @@ Source8:        00-virtio.conf
 Source9:        00-vrf.conf
 Source10:       00-xen.conf
 Source11:       50-noxattr.conf
+# The 90livenet/azl-liveos-artifacts-download.service and 
+# 90livenet/azl-liveos-artifacts-download.sh are part of the 
+# add-livenet-download-service.patch. They are kept separate for easier
+# code reviews given that they are new to Dracut.
+Source12:       90livenet/azl-liveos-artifacts-download.service
+Source13:       90livenet/azl-liveos-artifacts-download.sh
 
 # allow-liveos-overlay-no-user-confirmation-prompt.patch has been introduced by
-# the Mariner team to allow skipping the user confirmation prompt during boot
-# when the overlay of the liveos is backed by ram. This allows the machine to
-# boot without being blocked on user input in such a scenario.
+# the Azure Linux team to allow skipping the user confirmation prompt during
+# boot when the overlay of the liveos is backed by ram. This allows the machine
+# to boot without being blocked on user input in such a scenario.
 Patch:          allow-liveos-overlay-no-user-confirmation-prompt.patch
+# add-livenet-download-service.patch has been introduced by the Azure Linux
+# team to enable Dracut's livenet module to download and ISO image and proceed
+# with a rootfs overlay mouting/pivoting (using Dracut's existing dmsquash-live
+# module). This enables PXE booting using an ISO image with an embededed rootfs
+# image.
+# This is a temporary fix until Dracut is upgraded to 103.
+# - For reference, see https://github.com/dracut-ng/dracut-ng/issues/719.
+# This patch relies on two new files (azl-liveos-artifacts-download.service and 
+# azl-liveos-artifacts-download.sh) - which are included as separate sources in
+# this package.
+Patch:          add-livenet-download-service.patch
 Patch:          0006-dracut.sh-validate-instmods-calls.patch
 Patch:          0011-Remove-reference-to-kernel-module-zlib-in-fips-module.patch
 Patch:          0012-fix-dracut-functions-avoid-awk-in-get_maj_min.patch
@@ -185,6 +202,9 @@ install -m 0644 %{SOURCE9} %{buildroot}%{_sysconfdir}/dracut.conf.d/00-vrf.conf
 install -m 0644 %{SOURCE10} %{buildroot}%{_sysconfdir}/dracut.conf.d/00-xen.conf
 install -m 0644 %{SOURCE11} %{buildroot}%{_sysconfdir}/dracut.conf.d/50-noxattr.conf
 
+install -m 0644 %{SOURCE12} %{buildroot}%{dracutlibdir}/modules.d/90livenet/azl-liveos-artifacts-download.service
+install -m 0755 %{SOURCE13} %{buildroot}%{dracutlibdir}/modules.d/90livenet/azl-liveos-artifacts-download.sh
+
 mkdir -p %{buildroot}%{dracutlibdir}/modules.d/20overlayfs/
 install -p -m 0755 %{SOURCE4} %{buildroot}%{dracutlibdir}/modules.d/20overlayfs/
 install -p -m 0755 %{SOURCE5} %{buildroot}%{dracutlibdir}/modules.d/20overlayfs/
@@ -290,6 +310,9 @@ ln -srv %{buildroot}%{_bindir}/%{name} %{buildroot}%{_sbindir}/%{name}
 %dir %{_sharedstatedir}/%{name}/overlay
 
 %changelog
+* Thu Oct 31 2024 George Mileka <gmileka@microsoft.com> - 102-7
+- Augment livenet module with a download daemon.
+
 * Thu Oct 10 2024 Thien Trung Vuong <tvuong@microsoft.com> - 102-6
 - Add patch to make tpm2-tss an optional dependency for systemd-pcrphase
 
