Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package suse-module-tools for
openSUSE:Factory checked in at 2024-07-17 15:13:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/suse-module-tools (Old)
and /work/SRC/openSUSE:Factory/.suse-module-tools.new.17339 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "suse-module-tools"
Wed Jul 17 15:13:59 2024 rev:78 rq:1185245 version:16.0.47
Changes:
--------
--- /work/SRC/openSUSE:Factory/suse-module-tools/suse-module-tools.changes
2024-06-25 23:06:58.641211306 +0200
+++
/work/SRC/openSUSE:Factory/.suse-module-tools.new.17339/suse-module-tools.changes
2024-07-17 15:14:30.548661964 +0200
@@ -1,0 +2,13 @@
+Wed Jul 3 21:49:31 UTC 2024 - Martin Wilck <mwi...@suse.com>
+
+- Update to version 16.0.47:
+ * rpm scriptlets: fix shellcheck warnings
+
+- Update to version 16.0.46:
+ * Support for bootloaders that follow the boot loader specification
+ in particular systemd-boot (bsc#1226122)
+ * Spec file: obsolete sdbootutil-rpm-scriptlets, the scriptlets
+ in suse-module-tools-scriptlets have modified to support the
+ systemd-boot / sdbootutil use case, too
+
+-------------------------------------------------------------------
Old:
----
suse-module-tools-16.0.45.obscpio
New:
----
suse-module-tools-16.0.47.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ suse-module-tools.spec ++++++
--- /var/tmp/diff_new_pack.cgGVhz/_old 2024-07-17 15:14:31.600700125 +0200
+++ /var/tmp/diff_new_pack.cgGVhz/_new 2024-07-17 15:14:31.604700269 +0200
@@ -37,7 +37,7 @@
%global modprobe_conf_rpmsave %(echo "%{modprobe_conf_files}" | sed 's,\\([^
]*\\),%{_sysconfdir}/modprobe.d/\\1.conf.rpmsave,g')
Name: suse-module-tools
-Version: 16.0.45
+Version: 16.0.47
Release: 0
Summary: Configuration for module loading and SUSE-specific utilities
for KMPs
License: GPL-2.0-or-later
@@ -81,6 +81,8 @@
Provides: suse-kernel-rpm-scriptlets = 0
Requires: suse-module-tools = %{version}
Provides: suse-module-tools:/usr/lib/module-init-tools/kernel-scriptlets
+Provides: sdbootutil-rpm-scriptlets = 2.0
+Obsoletes: sdbootutil-rpm-scriptlets < 2.0
%description scriptlets
Scripts called by the SUSE kernel packages on installation
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.cgGVhz/_old 2024-07-17 15:14:31.648701865 +0200
+++ /var/tmp/diff_new_pack.cgGVhz/_new 2024-07-17 15:14:31.652702011 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/openSUSE/suse-module-tools.git</param>
- <param
name="changesrevision">66cef9d663358efd86365b12a1e799b173ea157a</param></service></servicedata>
+ <param
name="changesrevision">790fe7ce0eb9db37932c65161d88da73efcb809f</param></service></servicedata>
(No newline at EOF)
++++++ suse-module-tools-16.0.45.obscpio -> suse-module-tools-16.0.47.obscpio
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/suse-module-tools-16.0.45/README.md
new/suse-module-tools-16.0.47/README.md
--- old/suse-module-tools-16.0.45/README.md 2024-06-12 18:19:51.000000000
+0200
+++ new/suse-module-tools-16.0.47/README.md 2024-07-03 23:26:16.000000000
+0200
@@ -115,3 +115,102 @@
are applied by **systemd-sysctl.service** at boot time. These settings are
shipped in the file `/boot/sysctl.conf-$(uname -r)`, which is part of the
kernel package.
+
+
+# Boot Loader Specification (BLS) and EFI System Partition (ESP)
+
+There are scripts generating boot entries (via perl-Bootloader), new
+initrds (via dracut) and updating the kernel module dependency lists
+(via depmod). If we are in a system using the boot entries defined in
+the bootloader specification (BLS), then we need to take special
+considerations.
+
+The tool `sdbootutil` is the one responsible of synchronizing the
+content in the rootfs with the ESP (kernel, bootloader, shim, boot
+entries, initrd, etc), so certain actions should be delegated to it.
+
+To complicate the situation further, transactional systems (like
+MicroOS) cannot access the ESP from inside the transaction as that
+would break the atomicity of the update operation. It is the
+`snapper` plugin provided by `sdbootutil` that will call the scripts
+in the correct moment (when setting the new default snapshot).
+
+This imposes that `weak-modules2`, `regenerate-initrd-posttrans`, the
+`kernel-scriptlets` and the snapper plugin now need to work in
+coordination, reordering certain actions depending on the kind of
+system. The following table summarizes those interactions:
+
+
+| Model | Operation | Element | Done |
+|------------------|-----------|------------|--------------------------------|
+| Traditional | Kernel | depmod | wm2 (rpm-script/post[un]) |
+| | | initrd | wm2 (rpm-script/post[un]) |
+| | | boot entry | rpm-script/post[un] |
+| | | | |
+| | KMP | depmod | wm2 (inkmp-script/post[un]) |
+| | | initrd | wm2 (inkmp-script/post[un]) |
+| | | | |
+| | Dracut | initrd | regenerate-initrd-posttrans[1] |
+|------------------|-----------|------------|--------------------------------|
+| MicroOS[2] | Kernel | depmod | wm2 (rpm-script/post[un]) |
+| | | initrd | wm2 (rpm-script/post[un]) |
+| | | boot entry | rpm-script/post[un] |
+| | | | |
+| | KMP | depmod | wm2 (inkmp-script/post[un]) |
+| | | initrd | wm2 (inkmp-script/post[un]) |
+| | | | |
+| | Dracut | initrd | regenerate-initrd-posttrans |
+|------------------|-----------|------------|--------------------------------|
+| Tumbleweed + BLS | Kernel | depmod | wm2 (rpm-script/post[un])[3] |
+| | | initrd | wm2 (rpm-script/post[un]) |
+| | | boot entry | rpm-script/post[un] |
+| | | | |
+| | KMP | depmod | wm2 (inkmp-script/post[un]) |
+| | | initrd | wm2 (inkmp-script/post[un]) |
+| | | | |
+| | Dracut | initrd | regenerate-initrd-posttrans |
+|------------------|-----------|------------|--------------------------------|
+| MicroOS + BLS | Kernel | depmod | wm2 (rpm-script/post[un]) |
+| | | initrd | snapper plugin[4] |
+| | | boot entry | snapper plugin |
+| | | | |
+| | KMP | depmod | snapper plugin[5] |
+| | | initrd | wm2 (rpm-script/post[un]) |
+| | | | |
+| | Dracut | initrd | snapper plugin |
+|------------------|-----------|------------|--------------------------------|
+| Tumbleweed + BLS | Kernel | depmod | wm2 (rpm-script/post[un])[6] |
+| (no btrfs) | | initrd | wm2 (rpm-script/post[un]) |
+| | | boot entry | rpm-script/post[un] |
+| | | | |
+| | KMP | depmod | wm2 (inkmp-script/post[un]) |
+| | | initrd | wm2 (inkmp-script/post[un]) |
+| | | | |
+| | Dracut | initrd | regenerate-initrd-posttrans |
+|------------------|-----------|------------|--------------------------------|
+
+Notes:
+
+[1] Triggered by the `%regenerate_initrd_post[trans]` macros
+
+[2] In MicroOS (or any system that use transactional-update) the
+ kernel in /boot is inside the transaction, so gets discarded if
+ the snapshot is dropped.
+
+[3] Could be done in the snapper plugin, but it is done in
+ weak-modules2 as in the traditional case, by calling `sdbootutil
+ --no-reuse-initrd`, which also creates the boot entry. The initrd
+ name is selected from the current default boot entry
+
+[4] When adding or removing a kernel, the `sdbootutil
+ set_default_snapshot` will regenerate boot entries for all the
+ remaining kernels in the snapshot. This will synchronize also the
+ initrds (but can leave old initrds in the ESP). Also, wm2 will
+ create a mark in `/run/regenerate-initrd`.
+
+[5] A direct call to `regenerate-initrd-posttrans` inside the
+ transaction will drop the call and keep the
+ `/run/regenerate-initrd` directory. A second call (from the
+ snapper plugin) will complete it.
+
+[6] `sdbootutil` partially understand BLS systems without snapshots.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/suse-module-tools-16.0.45/kernel-scriptlets/cert-script
new/suse-module-tools-16.0.47/kernel-scriptlets/cert-script
--- old/suse-module-tools-16.0.45/kernel-scriptlets/cert-script 2024-06-12
18:19:51.000000000 +0200
+++ new/suse-module-tools-16.0.47/kernel-scriptlets/cert-script 2024-07-03
23:26:16.000000000 +0200
@@ -22,6 +22,8 @@
done
is_efi () {
+ # All shells supported as /bin/sh under SUSE support "local"
+ # shellcheck disable=SC3043
local msg rc=0
# The below statement fails if mokutil isn't installed or UEFI is unsupported.
@@ -72,6 +74,8 @@
# XXX: Only call mokutil if UEFI and shim are used
for cert in $certs; do
cert="/etc/uefi/certs/${cert}.crt"
+ # Word splitting is intended here
+ # shellcheck disable=SC2086
run_mokutil --import "$cert" --root-pw ${MOK_ARGS}
rc=$?
if [ $rc != 0 ] ; then
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/suse-module-tools-16.0.45/kernel-scriptlets/inkmp-script
new/suse-module-tools-16.0.47/kernel-scriptlets/inkmp-script
--- old/suse-module-tools-16.0.45/kernel-scriptlets/inkmp-script
2024-06-12 18:19:51.000000000 +0200
+++ new/suse-module-tools-16.0.47/kernel-scriptlets/inkmp-script
2024-07-03 23:26:16.000000000 +0200
@@ -61,9 +61,6 @@
wm2=/usr/lib/module-init-tools/weak-modules2
nvr="$name"-"$version"-"$release"
-modules_dir=/usr/lib/modules/$kernelrelease-$flavor
-system_map=${modules_dir}/System.map
-
run_wm2() {
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo wm2 "$@" >&2
$wm2 "$@"
@@ -81,7 +78,7 @@
;;
post)
if [ -x "$wm2" ]; then
- rpm -ql "$nvr" | INITRD_IN_POSTTRANS=1 run_wm2 --add-kernel-modules
$kernelrelease-$flavor || script_rc=$?
+ rpm -ql "$nvr" | INITRD_IN_POSTTRANS=1 run_wm2 --add-kernel-modules
"$kernelrelease-$flavor" || script_rc=$?
fi
;;
preun)
@@ -98,7 +95,7 @@
# This is similar to the check for $system_map in rpm-script.
for __i in "${!modules[@]}"; do
if [[ -e "${modules[$__i]}" ]]; then
- unset -v modules["$__i"]
+ unset -v 'modules["$__i"]'
fi
done
if [[ "${#modules[@]}" == 0 ]]; then
@@ -106,7 +103,7 @@
exit 0
fi
if [ -x "$wm2" ]; then
- printf '%s\n' "${modules[@]}" | run_wm2 --remove-kernel-modules
$kernelrelease-$flavor || script_rc=$?
+ printf '%s\n' "${modules[@]}" | run_wm2 --remove-kernel-modules
"$kernelrelease-$flavor" || script_rc=$?
fi
;;
posttrans)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/suse-module-tools-16.0.45/kernel-scriptlets/kmp-script
new/suse-module-tools-16.0.47/kernel-scriptlets/kmp-script
--- old/suse-module-tools-16.0.45/kernel-scriptlets/kmp-script 2024-06-12
18:19:51.000000000 +0200
+++ new/suse-module-tools-16.0.47/kernel-scriptlets/kmp-script 2024-07-03
23:26:16.000000000 +0200
@@ -61,14 +61,14 @@
;;
post)
if [ -x $wm2 ]; then
- INITRD_IN_POSTTRANS=1 run_wm2 --add-kmp $nvr || script_rc=$?
+ INITRD_IN_POSTTRANS=1 run_wm2 --add-kmp "$nvr" || script_rc=$?
fi
;;
preun)
rpm -ql "$nvr" | sed -n '/\.ko\(\.xz\|\.gz\|\.zst\)\?$/p' >
"/var/run/rpm-$nvr-modules" || script_rc=$?
;;
postun)
- modules=( $(cat "/var/run/rpm-$nvr-modules") )
+ mapfile -t modules < "/var/run/rpm-$nvr-modules"
rm -f "/var/run/rpm-$nvr-modules"
if [ ${#modules[*]} = 0 ]; then
echo "WARNING: $nvr does not contain any kernel modules" >&2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/suse-module-tools-16.0.45/kernel-scriptlets/rpm-script
new/suse-module-tools-16.0.47/kernel-scriptlets/rpm-script
--- old/suse-module-tools-16.0.45/kernel-scriptlets/rpm-script 2024-06-12
18:19:51.000000000 +0200
+++ new/suse-module-tools-16.0.47/kernel-scriptlets/rpm-script 2024-07-03
23:26:16.000000000 +0200
@@ -59,11 +59,18 @@
done
wm2=/usr/lib/module-init-tools/weak-modules2
-nvr="$name"-"$version"-"$release"
modules_dir=/usr/lib/modules/$kernelrelease-$flavor
system_map=${modules_dir}/System.map
+# During the image creation (KIWI) we can install the kernel before
+# there is any bootloader installed. If we detect that sdbootutil
+# package is installed, but the bootloader installation test fails,
+# then we assume that sdbootutil will be used.
+if [ -e "/usr/bin/sdbootutil" ] && { /usr/bin/sdbootutil is-installed || [ -e
/.buildenv ]; } then
+ is_sdbootutil=1
+fi
+
trigger_purge_kernels() {
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo Triggering purge-kernels >&2
touch /boot/do_purge_kernels
@@ -84,9 +91,26 @@
echo "available bootloader for your platform (e.g. grub, lilo, zipl, ...)."
}
-update_bootloader() {
+update_bootloader_entry() {
if [ ! -e /.buildenv ] ; then
- if [ -f /etc/fstab ] ; then
+ if [ -n "$is_sdbootutil" ]; then
+ # Transactional systems use the snapper plugins to add new
+ # bootloader entries, and this same hook is used in normal
+ # Tumbleweed installations that uses btrfs.
+ #
+ # For transactional systems we should not mangle with the
+ # /boot inside the transaction, to keep the atomicity
+ # promise.
+ #
+ # For non-transactional ones, we will generate the boot
+ # entries here, ignoring the snapper plugin, so we have a
+ # chance of implementing FDE in case that the system is
+ # not using btrfs.
+ if [ -z "$TRANSACTIONAL_UPDATE" ]; then
+ /usr/bin/sdbootutil --image="$image" add-kernel
"$kernelrelease-$flavor"
+ /usr/bin/sdbootutil set-default-snapshot
+ fi
+ elif [ -f /etc/fstab ] ; then
# only run the bootloader if the usual bootloader configuration
# files are there -- this is different on every architecture
initrd=initrd-"$kernelrelease"-"$flavor"
@@ -95,16 +119,16 @@
fi
# Note: the 2nd condition is for removing the bootloader
# entry for an uninstalled kernel.
- if [ -e /boot/$initrd -o ! -e "$modules_dir" ]; then
- [ -e /boot/$initrd ] || initrd=
+ if [ -e "/boot/$initrd" ] || [ ! -e "$modules_dir" ]; then
+ [ -e "/boot/$initrd" ] || initrd=
if [ -x /usr/lib/bootloader/bootloader_entry ]; then
/usr/lib/bootloader/bootloader_entry \
add \
"$flavor" \
"$kernelrelease"-"$flavor" \
"$image"-"$kernelrelease"-"$flavor" \
- $initrd \
- $default || script_rc=$?
+ "$initrd" \
+ "$default" || script_rc=$?
else
message_install_bl
fi
@@ -115,55 +139,78 @@
fi
}
-[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || \
- echo "$op" name: "$name" version: "$version" release: "$release" \
- kernelrelease: "$kernelrelease" flavor: "$flavor" variant: "$variant" \
- image: "$image" certs: "$certs" -- "$@" >&2
+check_space_in_boot() {
+ # see bug #259303
+ # this script runs when the kernel gets updated with YaST
+ # YaST calls rpm always with -U
+ # -U replaces all packages with the new one
+ # rpm removes the files from the old packages after the postinstall script
ran
+ # this will double the required space below /boot
+ # remove the files from the old packages to make room for the new initrd
+ # rpm may complain about low disk space if /boot/vmlinux does not fit
+ #
+ # When sdbootutil is used, the kernel and initrd should be living
+ # in sysroot, and transferred into /boot later by the snapper
+ # plugin (that calls sdbootutil add-all-kernels)
+ #
+ if [ "$YAST_IS_RUNNING" != "" ]; then
+ mydf="$( POSIXLY_CORRECT=1 df -P /boot/ | awk '/^(\/|-[[:blank:]])/{
print $4}' )"
+ if test "$mydf" != "" ; then
+ echo "Free diskspace below /boot: $mydf blocks"
+ # echo "512 byte blocks: $(( 2 * 1024 * 20 ))"
+ if test "$mydf" -lt "40960" ; then
+ echo "make room for new kernel '$flavor' because there are less
than 20MB available."
+ # disabled because it breaks patch rpms
+ #rm -fv /boot/"$image"-*-"$flavor"
+ rm -fv /boot/initrd-*-"$flavor"
+ fi
+ fi
+ fi
+}
-script_rc=0
+copy_or_link_legacy_files() {
+ # compat stuff for /boot.
+ # if /boot and /usr are not separate partitions we can just link
+ # the kernel there to save space. Otherwise copy.
+ if mountpoint -q /boot || mountpoint -q /usr; then
+ copy_or_link="cp -a --remove-destination"
+ separate_boot='1'
+ else
+ copy_or_link="ln -sf"
+ separate_boot=""
+ fi
-case $op in
- pre)
- # see bug #259303
- # this script runs when the kernel gets updated with YaST
- # YaST calls rpm always with -U
- # -U replaces all packages with the new one
- # rpm removes the files from the old packages after the postinstall
script ran
- # this will double the required space below /boot
- # remove the files from the old packages to make room for the new initrd
- # rpm may complain about low disk space if /boot/vmlinux does not fit
- if [ "$YAST_IS_RUNNING" != "" ]; then
- mydf="$( POSIXLY_CORRECT=1 df -P /boot/ | awk
'/^(\/|-[[:blank:]])/{ print $4}' )"
- if test "$mydf" != "" ; then
- echo "Free diskspace below /boot: $mydf blocks"
- # echo "512 byte blocks: $(( 2 * 1024 * 20 ))"
- if test "$mydf" -lt "40960" ; then
- echo "make room for new kernel '"$flavor"' because there
are less than 20MB available."
- # disabled because it breaks patch rpms
- #rm -fv /boot/"$image"-*-"$flavor"
- rm -fv /boot/initrd-*-"$flavor"
- fi
+ for x in "$image" sysctl.conf System.map config; do
+ if [ "$separate_boot" = 1 ] || [ ! -e "/boot/$x-$kernelrelease-$flavor"
]; then
+ $copy_or_link "..$modules_dir/$x" "/boot/$x-$kernelrelease-$flavor"
|| script_rc=$?
+ if [ -e "$modules_dir/.$x.hmac" ]; then
+ $copy_or_link "..$modules_dir/.$x.hmac"
"/boot/.$x-$kernelrelease-$flavor".hmac || script_rc=$?
fi
fi
+ done
- # On AArch64 we switched from 64k PAGE_SIZE to 4k PAGE_SIZE.
Unfortunately
- # btrfs can only use file systems created with the same PAGE_SIZE. So we
- # check if the user has any btrfs file systems mounted and refuse to
install
- # in that case.
- if [ $( uname -m ) = aarch64 -a \
- "$( zgrep CONFIG_ARM64_64K_PAGES=y /proc/config.gz )" -a \
- "$flavor" = default ]; then
- if [ "$FORCE_4K" = 1 ]; then
- # The user knows what he's doing, let him be.
- exit 0
- fi
-
- if [ "$YAST_IS_RUNNING" = "instsys" ]; then
- # We're probably test installing the kernel, that should succeed
- exit 0
- fi
+ for x in /boot/"$image" /boot/initrd; do
+ rm -f "$x"
+ ln -s "${x##*/}-$kernelrelease-$flavor" "$x"
+ done
+ rm -f /boot/.vmlinuz.hmac
+ [ ! -e "/boot/.vmlinuz-$kernelrelease-$flavor.hmac" ] ||
+ ln -s ".vmlinuz-$kernelrelease-$flavor.hmac" /boot/.vmlinuz.hmac
+}
- cat >&2 <<-EOF
+check_arm_pagesize() {
+ # On AArch64 we switched from 64k PAGE_SIZE to 4k PAGE_SIZE. Unfortunately
+ # btrfs can only use file systems created with the same PAGE_SIZE. So we
+ # check if the user has any btrfs file systems mounted and refuse to
install
+ # in that case.
+ # FORCE_4K: The user knows what he's doing, let him be.
+ # YAST_IS_RUNNING: We're probably test installing the kernel, that should
succeed
+ if [ "$flavor" != default ] || [ "$( uname -m )" != aarch64 ] || \
+ [ "$FORCE_4K" = 1 ] || [ "$YAST_IS_RUNNING" = instsys ] || \
+ ! zgrep -q CONFIG_ARM64_64K_PAGES /proc/config.gz; then
+ return
+ fi
+ cat >&2 <<-EOF
You are running on a 64kb PAGE_SIZE kernel. The default kernel
switched to 4kb PAGE_SIZE which will prevent it from mounting btrfs
or the swap partition.
@@ -181,46 +228,37 @@
You will then be on the 64kb PAGE_SIZE kernel and can update your
system normally.
EOF
+ script_rc=1
+}
- script_rc=1
- fi
+run_cert_script() {
+ [ -z "$certs" ] || \
+ "/usr/lib/module-init-tools/kernel-scriptlets/cert-$op" \
+ --ca-check 1 --certs "$certs" "$@" || \
+ script_rc=$?
+}
+
+[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || \
+ echo "$op" name: "$name" version: "$version" release: "$release" \
+ kernelrelease: "$kernelrelease" flavor: "$flavor" variant: "$variant" \
+ image: "$image" certs: "$certs" -- "$@" >&2
+
+script_rc=0
- [ -z "$certs" ] ||
/usr/lib/module-init-tools/kernel-scriptlets/cert-$op --ca-check 1 --certs
"$certs" "$@" || script_rc=$?
+case $op in
+ pre)
+ [ -n "$is_sdbootutil" ] || check_space_in_boot
+ check_arm_pagesize
+ run_cert_script "$@"
;;
post)
# Flag to trigger /etc/init.d/purge-kernels on next reboot (fate#312018)
- # ... but avoid the first installion (bsc#1180058)
+ # ... but avoid the first installation (bsc#1180058)
if [ "$1" -gt 1 ]; then
trigger_purge_kernels || script_rc=$?
fi
- # compat stuff for /boot.
- # if /boot and /usr are not speparate partitions we can just link
- # the kernel there to save space. Otherwise copy.
- if mountpoint -q /boot || mountpoint -q /usr; then
- copy_or_link="cp -a --remove-destination"
- separate_boot='1'
- else
- copy_or_link="ln -sf"
- separate_boot=""
- fi
-
- for x in "$image" sysctl.conf System.map config; do
- if [ "$separate_boot" = 1 ] || [ ! -e
/boot/$x-"$kernelrelease"-"$flavor" ]; then
- $copy_or_link .."$modules_dir"/$x
/boot/$x-"$kernelrelease"-"$flavor" || script_rc=$?
- if [ -e "$modules_dir"/.$x.hmac ]; then
- $copy_or_link .."$modules_dir"/.$x.hmac
/boot/.$x-"$kernelrelease"-"$flavor".hmac || script_rc=$?
- fi
- fi
- done
-
- for x in /boot/"$image" /boot/initrd; do
- rm -f "$x"
- ln -s "${x##*/}-$kernelrelease-$flavor" "$x"
- done
- rm -f /boot/.vmlinuz.hmac
- [ ! -e "/boot/.vmlinuz-$kernelrelease-$flavor.hmac" ] ||
- ln -s ".vmlinuz-$kernelrelease-$flavor.hmac" /boot/.vmlinuz.hmac
+ [ -n "$is_sdbootutil" ] || copy_or_link_legacy_files
# Add symlinks of compatible modules to
/lib/modules/$krel/weak-updates/,
# run depmod and dracut
@@ -231,14 +269,14 @@
script_rc=1
fi
- [ "$INITRD_IN_POSTTRANS" ] || update_bootloader
- [ -z "$certs" ] ||
/usr/lib/module-init-tools/kernel-scriptlets/cert-$op --ca-check 1 --certs
"$certs" "$@" || script_rc=$?
+ [ "$INITRD_IN_POSTTRANS" ] || update_bootloader_entry
+ run_cert_script "$@"
;;
preun)
[ ! -L /boot/.vmlinuz.hmac ] ||
[ "$(readlink /boot/.vmlinuz.hmac)" !=
".vmlinuz-$kernelrelease-$flavor.hmac" ] ||
rm -f /boot/.vmlinuz.hmac
- [ -z "$certs" ] ||
/usr/lib/module-init-tools/kernel-scriptlets/cert-$op --ca-check 1 --certs
"$certs" "$@" || script_rc=$?
+ run_cert_script "$@"
;;
postun)
# If a kernel package is removed before the next reboot, we assume that
the
@@ -258,8 +296,15 @@
run_wm2 --remove-kernel "$kernelrelease"-"$flavor"
fi
+ # can't check $1 as kernel is usually multiversion. So need to check if
+ # that particular kernel was actually removed from disk.
+ if [ -n "$is_sdbootutil" ] && [ ! -e /.buildenv ] \
+ && [ ! -e /lib/modules/"$kernelrelease-$flavor/$image" ]; then
+ if [ -z "$TRANSACTIONAL_UPDATE" ]; then
+ /usr/bin/sdbootutil --image="$image" remove-kernel
"$kernelrelease-$flavor"
+ fi
# remove fstab check once perl-Bootloader can cope with it
- if [ -f /etc/fstab ]; then
+ elif [ -f /etc/fstab ]; then
if [ -x /usr/lib/bootloader/bootloader_entry ]; then
/usr/lib/bootloader/bootloader_entry \
remove \
@@ -270,13 +315,13 @@
fi
fi
- [ -z "$certs" ] ||
/usr/lib/module-init-tools/kernel-scriptlets/cert-$op --ca-check 1 --certs
"$certs" "$@"
+ run_cert_script "$@"
;;
posttrans)
- if test -x /usr/lib/module-init-tools/regenerate-initrd-posttrans; then
+ if [ -x /usr/lib/module-init-tools/regenerate-initrd-posttrans ]; then
/bin/bash -c 'set +e;
/usr/lib/module-init-tools/regenerate-initrd-posttrans' || script_rc=$?
fi
- [ ! "$INITRD_IN_POSTTRANS" ] || update_bootloader
+ [ ! "$INITRD_IN_POSTTRANS" ] || update_bootloader_entry
;;
*)
echo Unknown scriptlet "$op" >&2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/suse-module-tools-16.0.45/regenerate-initrd-posttrans
new/suse-module-tools-16.0.47/regenerate-initrd-posttrans
--- old/suse-module-tools-16.0.45/regenerate-initrd-posttrans 2024-06-12
18:19:51.000000000 +0200
+++ new/suse-module-tools-16.0.47/regenerate-initrd-posttrans 2024-07-03
23:26:16.000000000 +0200
@@ -21,11 +21,28 @@
exit 0
fi
+if [ -e "/usr/bin/sdbootutil" ] && /usr/bin/sdbootutil is-installed; then
+ is_sdbootutil=1
+fi
+
dir=/run/regenerate-initrd
if ! test -d "$dir"; then
exit 0
fi
+
+# If we are inside a transaction and using a separate /boot/efi
+# partition (ESP) then we cannot touch it, as we will escape the
+# atomicity promise. We need to delay the call to this script after
+# the transaction has been completed. The component that will call
+# again regenerate-initrd-posttrans to generate the new initrd is the
+# sdbootutil snapper plugin (this time outside the live transaction),
+# and the tukit plugin will migrate the signal from inside the
+# transaction to outside.
+if [ -n "$is_sdbootutil" ] && [ -n "$TRANSACTIONAL_UPDATE" ]; then
+ exit 0
+fi
+
for f in "$dir"/*; do
case $f in
"$dir/*")
@@ -46,7 +63,11 @@
if test -e "$dir/all"; then
rm "$dir"/*
[ "$SKIP_REGENERATE_INITRD_ALL" = 1 ] || {
- "$DRACUT" -f --regenerate-all
+ if [ -n "$is_sdbootutil" ]; then
+ /usr/bin/sdbootutil --no-reuse-initrd add-all-kernels
+ else
+ "$DRACUT" -f --regenerate-all
+ fi
work_done=yes
}
else
@@ -66,7 +87,13 @@
echo $0: skipping invalid kernel version "$dir/$kver"
continue
}
- if ! "$DRACUT" -f --kver "$kver"; then
+ if [ -n "$is_sdbootutil" ]; then
+ if ! /usr/bin/sdbootutil --no-reuse-initrd add-kernel
"$kver"; then
+ err=$?
+ else
+ work_done=yes
+ fi
+ elif ! "$DRACUT" -f --kver "$kver"; then
err=$?
else
work_done=yes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/suse-module-tools-16.0.45/suse-module-tools.spec
new/suse-module-tools-16.0.47/suse-module-tools.spec
--- old/suse-module-tools-16.0.45/suse-module-tools.spec 2024-06-12
18:19:51.000000000 +0200
+++ new/suse-module-tools-16.0.47/suse-module-tools.spec 2024-07-03
23:26:16.000000000 +0200
@@ -37,7 +37,7 @@
%global modprobe_conf_rpmsave %(echo "%{modprobe_conf_files}" | sed 's,\\([^
]*\\),%{_sysconfdir}/modprobe.d/\\1.conf.rpmsave,g')
Name: suse-module-tools
-Version: 16.0.45
+Version: 16.0.47
Release: 0
Summary: Configuration for module loading and SUSE-specific utilities
for KMPs
License: GPL-2.0-or-later
@@ -81,6 +81,8 @@
Provides: suse-kernel-rpm-scriptlets = 0
Requires: suse-module-tools = %{version}
Provides: suse-module-tools:/usr/lib/module-init-tools/kernel-scriptlets
+Provides: sdbootutil-rpm-scriptlets = 2.0
+Obsoletes: sdbootutil-rpm-scriptlets < 2.0
%description scriptlets
Scripts called by the SUSE kernel packages on installation
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/suse-module-tools-16.0.45/weak-modules2
new/suse-module-tools-16.0.47/weak-modules2
--- old/suse-module-tools-16.0.45/weak-modules2 2024-06-12 18:19:51.000000000
+0200
+++ new/suse-module-tools-16.0.47/weak-modules2 2024-07-03 23:26:16.000000000
+0200
@@ -76,7 +76,7 @@
find_depmod() {
local _d
- [[ -x "$DEPMOD" ]] && return
+ [[ ! -x "$DEPMOD" ]] || return
DEPMOD=
for _d in /usr/sbin /sbin; do
if [[ -x ${_d}/depmod ]]; then
@@ -91,6 +91,15 @@
dlog "DEPMOD=$DEPMOD"
}
+find_sdbootutil() {
+ [[ ! -x "$SDBOOTUTIL" ]] || return
+ SDBOOTUTIL=
+ if [ -e "/usr/bin/sdbootutil" ] && /usr/bin/sdbootutil is-installed; then
+ SDBOOTUTIL="/usr/bin/sdbootutil"
+ fi
+ dlog "SDBOOTUTIL=$SDBOOTUTIL"
+}
+
find_usrmerge_boot() {
local filename=$1
local kver=$2
@@ -419,8 +428,22 @@
}
}
+get_current_initrd() {
+ local krel=$1
+ local initrd
+ if [ -n "$SDBOOTUTIL" ]; then
+ if [ -z "$TRANSACTIONAL_UPDATE" ] && [ -s '/etc/kernel/entry-token' ];
then
+ read -r initrd <<<"$(sdbootutil --entry-keys=initrd show-entry
$krel)"
+ fi
+ else
+ initrd="/boot/initrd-$krel"
+ fi
+ echo "$initrd"
+}
+
get_current_basenames() {
- $LSINITRD /boot/initrd-$1 |
+ local initrd=$(get_current_initrd $1)
+ $LSINITRD "$initrd" |
sed -rn 's:.*\<usr/lib/modules/.*/::p' |
strip_mod_extensions
}
@@ -487,7 +510,8 @@
dlog "needs_initrd: yes, kernel package"
return 0
fi
- if [ ! -e /boot/initrd-$krel ]; then
+ local initrd="$(get_current_initrd $krel)"
+ if [ -z "$SDBOOTUTIL" ] && [ ! -e "$initrd" ]; then
dlog "needs_initrd: yes, initrd doesn't exist yet"
return 0
fi
@@ -524,11 +548,16 @@
[ -z "$image" ] || break
done
if [ -n "$image" ]; then
- if test -n "$INITRD_IN_POSTTRANS"; then
+ if [ -n "$INITRD_IN_POSTTRANS" ] || ([ -n "$SDBOOTUTIL" ] && [ -n
"$TRANSACTIONAL_UPDATE" ]); then
mkdir -p /run/regenerate-initrd
doit touch /run/regenerate-initrd/$krel
else
- doit "$DRACUT" -f /boot/initrd-$krel $krel
+ if [ -n "$SDBOOTUTIL" ] && [ -z "$TRANSACTIONAL_UPDATE" ]; then
+ doit "$SDBOOTUTIL" --no-reuse-initrd add-kernel "$krel"
+ elif [ -z "$SDBOOTUTIL" ]; then
+ local initrd="$(get_current_initrd $krel)"
+ doit "$DRACUT" -f "$initrd" $krel
+ fi
status=$?
fi
else
@@ -899,6 +928,7 @@
#unset LANG LC_ALL LC_COLLATE
find_depmod
find_lsinitrd
+find_sdbootutil
tmpdir=$(mktemp -d /var/tmp/${0##*/}.XXXXXX)
trap "rm -rf $tmpdir" EXIT
++++++ suse-module-tools.obsinfo ++++++
--- /var/tmp/diff_new_pack.cgGVhz/_old 2024-07-17 15:14:31.780706654 +0200
+++ /var/tmp/diff_new_pack.cgGVhz/_new 2024-07-17 15:14:31.784706799 +0200
@@ -1,5 +1,5 @@
name: suse-module-tools
-version: 16.0.45
-mtime: 1718209191
-commit: 66cef9d663358efd86365b12a1e799b173ea157a
+version: 16.0.47
+mtime: 1720041976
+commit: 790fe7ce0eb9db37932c65161d88da73efcb809f
