Hello community,
here is the log from the commit of package dracut for openSUSE:Factory checked
in at 2020-01-18 12:14:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dracut (Old)
and /work/SRC/openSUSE:Factory/.dracut.new.26092 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dracut"
Sat Jan 18 12:14:25 2020 rev:148 rq:764321 version:049+git118.a6090e2f
Changes:
--------
--- /work/SRC/openSUSE:Factory/dracut/dracut.changes 2019-12-23
22:36:09.697786935 +0100
+++ /work/SRC/openSUSE:Factory/.dracut.new.26092/dracut.changes 2020-01-18
12:16:16.651079265 +0100
@@ -1,0 +2,12 @@
+Tue Jan 14 14:22:25 UTC 2020 - daniel.molken...@suse.com
+
+- Update to version 049+git118.a6090e2f:
+ * Implement support for verifying the boot with fipscheck (bsc#1158530)
+
+-------------------------------------------------------------------
+Thu Jan 09 10:11:10 UTC 2020 - daniel.molken...@suse.com
+
+- Update to version 049+git117.d3206e79:
+ * Remove purge-kernels scripts and service (jsc#SLE-10162)
+
+-------------------------------------------------------------------
Old:
----
dracut-049+git116.e9995c78.obscpio
dracut-049+git116.e9995c78.tar.xz
New:
----
dracut-049+git118.a6090e2f.obscpio
dracut-049+git118.a6090e2f.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dracut.spec ++++++
--- /var/tmp/diff_new_pack.9wgcLA/_old 2020-01-18 12:16:19.375080726 +0100
+++ /var/tmp/diff_new_pack.9wgcLA/_new 2020-01-18 12:16:19.379080728 +0100
@@ -1,7 +1,7 @@
#
# spec file for package dracut
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
%define dracutlibdir %{_prefix}/lib/dracut
Name: dracut
-Version: 049+git116.e9995c78
+Version: 049+git118.a6090e2f
Release: 0
Summary: Initramfs generator using udev
License: GPL-2.0-or-later AND LGPL-2.1-or-later
@@ -158,9 +158,6 @@
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -m 0644 dracut.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/dracut
-install -D -m 0755 suse/purge-kernels %{buildroot}/sbin/purge-kernels
-install -m 644 suse/purge-kernels.service
%{buildroot}/%{_unitdir}/purge-kernels.service
-
install -D -m 0755 suse/dracut-installkernel %{buildroot}/sbin/installkernel
%if 0%{?suse_version}
@@ -172,10 +169,8 @@
%endif
%pre
-%service_add_pre purge-kernels.service
%post
-%service_add_post purge-kernels.service
# check whether /var/run has been converted to a symlink
[ -L /var/run ] || sed -i '/GRUB_CMDLINE_LINUX_DEFAULT.*/s/"$/ rd.convertfs"/'
/etc/default/grub || :
[ -L /var/run ] || cat >>/etc/dracut.conf.d/05-convertfs.conf<<EOF
@@ -196,10 +191,8 @@
%{?regenerate_initrd_post}
%preun
-%service_del_preun purge-kernels.service
%postun
-%service_del_postun purge-kernels.service
%{?regenerate_initrd_post}
%postun fips
@@ -245,7 +238,6 @@
%doc README HACKING TODO AUTHORS NEWS dracut.html dracut.png dracut.svg
%{_bindir}/dracut
%{_bindir}/lsinitrd
-/sbin/purge-kernels
/sbin/installkernel
/sbin/mkinitrd
/sbin/mkinitrd_setup
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.9wgcLA/_old 2020-01-18 12:16:19.419080749 +0100
+++ /var/tmp/diff_new_pack.9wgcLA/_new 2020-01-18 12:16:19.423080752 +0100
@@ -1,4 +1,4 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/opensuse/dracut.git</param>
- <param
name="changesrevision">e9995c7853e61de8513b41a302d465ddb1586a20</param></service></servicedata>
\ No newline at end of file
+ <param
name="changesrevision">a6090e2f68a4ca727005b1de8a45bf474a782008</param></service></servicedata>
\ No newline at end of file
++++++ dracut-049+git116.e9995c78.obscpio -> dracut-049+git118.a6090e2f.obscpio
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/dracut-049+git116.e9995c78/modules.d/01fips/fips.sh
new/dracut-049+git118.a6090e2f/modules.d/01fips/fips.sh
--- old/dracut-049+git116.e9995c78/modules.d/01fips/fips.sh 2019-12-10
09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/modules.d/01fips/fips.sh 2020-01-14
15:18:42.000000000 +0100
@@ -1,4 +1,17 @@
-#!/bin/sh
+#!/bin/bash
+
+# find fipscheck, prefer kernel-based version
+fipscheck()
+{
+ FIPSCHECK=/usr/lib64/libkcapi/fipscheck
+ if [ ! -f $FIPSCHECK ]; then
+ FIPSCHECK=/usr/lib/libkcapi/fipscheck
+ fi
+ if [ ! -f $FIPSCHECK ]; then
+ FIPSCHECK=/usr/bin/fipscheck
+ fi
+ echo $FIPSCHECK
+}
mount_boot()
{
@@ -65,6 +78,7 @@
warn "HMAC sum mismatch"
return 1
fi
+
info "rhevh_check OK"
return 0
}
@@ -75,6 +89,12 @@
local _s
local _v
local _module
+ local _arch=$(uname -m)
+ local _vmname=vmlinuz
+
+ if [ "$_arch" = "s390x" ]; then
+ _vmname=image
+ fi
KERNEL=$(uname -r)
@@ -93,6 +113,22 @@
_found=1
break
done </proc/crypto
+ # If we find some hardware specific modules and cannot load
them
+ # it is not a problem, proceed.
+ if [ "$_found" = "0" ]; then
+ if [ "$_module" != "${_module%intel}" \
+ -o "$_module" != "${_module%ssse3}" \
+ -o "$_module" != "${_module%x86_64}" \
+ -o "$_module" != "${_module%z90}" \
+ -o "$_module" != "${_module%s390}" \
+ -o "$_module" == "twofish_x86_64_3way" \
+ -o "$_module" == "ablk_helper" \
+ -o "$_module" == "glue_helper" \
+ ]; then
+ _found=1
+ fi
+ fi
+
[ "$_found" = "0" ] && cat /tmp/fips.modprobe_err >&2 &&
return 1
fi
fi
@@ -114,14 +150,14 @@
BOOT_IMAGE_PATH="${BOOT_IMAGE%${BOOT_IMAGE_NAME}}"
if [ -z "$BOOT_IMAGE_NAME" ]; then
- BOOT_IMAGE_NAME="vmlinuz-${KERNEL}"
+ BOOT_IMAGE_NAME="${_vmname}-${KERNEL}"
elif ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE}" ]; then
#if /boot is not a separate partition BOOT_IMAGE might start with
/boot
BOOT_IMAGE_PATH=${BOOT_IMAGE_PATH#"/boot"}
#on some achitectures BOOT_IMAGE does not contain path to kernel
#so if we can't find anything, let's treat it in the same way as
if it was empty
if ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE_NAME}" ]; then
- BOOT_IMAGE_NAME="vmlinuz-${KERNEL}"
+ BOOT_IMAGE_NAME="${_vmname}-${KERNEL}"
BOOT_IMAGE_PATH=""
fi
fi
@@ -132,7 +168,12 @@
return 1
fi
- sha512hmac -c "${BOOT_IMAGE_HMAC}" || return 1
+ if [ -n "$(fipscheck)" ]; then
+ $(fipscheck) -c ${BOOT_IMAGE_HMAC} ${BOOT_IMAGE} || return 1
+ else
+ warn "Could not find fipscheck to verify MACs"
+ return 1
+ fi
fi
info "All initrd crypto checks done"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/dracut-049+git116.e9995c78/modules.d/01fips/module-setup.sh
new/dracut-049+git118.a6090e2f/modules.d/01fips/module-setup.sh
--- old/dracut-049+git116.e9995c78/modules.d/01fips/module-setup.sh
2019-12-10 09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/modules.d/01fips/module-setup.sh
2020-01-14 15:18:42.000000000 +0100
@@ -23,6 +23,10 @@
_fipsmodules+="sha3-224 sha3-256 sha3-384 sha3-512 "
_fipsmodules+="crc32c crct10dif ghash "
+ # Hashes, platform specific:
+ _fipsmodules+="sha512-ssse3 sha1-ssse3 sha256-ssse3 "
+ _fipsmodules+="ghash-clmulni-intel "
+
# Ciphers:
_fipsmodules+="cipher_null des3_ede aes "
@@ -66,7 +70,11 @@
inst_hook pre-pivot 01 "$moddir/fips-noboot.sh"
inst_script "$moddir/fips.sh" /sbin/fips.sh
- inst_multiple sha512hmac rmmod insmod mount uname umount
+ inst_multiple rmmod insmod mount uname umount
+ inst_multiple -o sha512hmac \
+ fipscheck \
+ /usr/lib64/libkcapi/fipscheck \
+ /usr/lib/libkcapi/fipscheck
inst_simple /etc/system-fips
[ -c ${initdir}/dev/random ] || mknod ${initdir}/dev/random c 1 8 \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/dracut-049+git116.e9995c78/suse/dracut.spec
new/dracut-049+git118.a6090e2f/suse/dracut.spec
--- old/dracut-049+git116.e9995c78/suse/dracut.spec 2019-12-10
09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/suse/dracut.spec 2020-01-14
15:18:42.000000000 +0100
@@ -158,9 +158,6 @@
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -m 0644 dracut.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/dracut
-install -D -m 0755 suse/purge-kernels %{buildroot}/sbin/purge-kernels
-install -m 644 suse/purge-kernels.service
%{buildroot}/%{_unitdir}/purge-kernels.service
-
install -D -m 0755 suse/dracut-installkernel %{buildroot}/sbin/installkernel
%if 0%{?suse_version}
@@ -172,10 +169,8 @@
%endif
%pre
-%service_add_pre purge-kernels.service
%post
-%service_add_post purge-kernels.service
# check whether /var/run has been converted to a symlink
[ -L /var/run ] || sed -i '/GRUB_CMDLINE_LINUX_DEFAULT.*/s/"$/ rd.convertfs"/'
/etc/default/grub || :
[ -L /var/run ] || cat >>/etc/dracut.conf.d/05-convertfs.conf<<EOF
@@ -196,10 +191,8 @@
%{?regenerate_initrd_post}
%preun
-%service_del_preun purge-kernels.service
%postun
-%service_del_postun purge-kernels.service
%{?regenerate_initrd_post}
%postun fips
@@ -245,7 +238,6 @@
%doc README HACKING TODO AUTHORS NEWS dracut.html dracut.png dracut.svg
%{_bindir}/dracut
%{_bindir}/lsinitrd
-/sbin/purge-kernels
/sbin/installkernel
/sbin/mkinitrd
/sbin/mkinitrd_setup
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/dracut-049+git116.e9995c78/suse/purge-kernels
new/dracut-049+git118.a6090e2f/suse/purge-kernels
--- old/dracut-049+git116.e9995c78/suse/purge-kernels 2019-12-10
09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/suse/purge-kernels 1970-01-01
01:00:00.000000000 +0100
@@ -1,403 +0,0 @@
-#!/usr/bin/perl
-
-use strict;
-use warnings;
-
-use Getopt::Long;
-
-sub usage {
- print "Usage: $0 [--test]\n";
- print "Reads list of kernels to keep from
/etc/zypp/zypp.conf:multiversion.kernels\n";
- print "kernels can be given as <version>, latest(-N), running,
oldest(+N).\n";
-}
-
-# arch/flavor => version-release => [ subpackages ]
-my %kernels;
-
-my @keep_spec;
-my ($want_running, $running_version, $running_flavor);
-
-# do not actually delete anything
-my $test_only;
-
-# undocumented debugging options
-my ($fake_config, $fake_rpm_qa, $fake_uname_r, $fake_uname_m);
-
-sub get_config_line {
- my $file = "/etc/zypp/zypp.conf";
-
- if ($fake_config) {
- return $fake_config;
- }
- if (!-e $file) {
- print STDERR "$0: /etc/zypp/zypp.conf does not exist,
exiting.\n";
- exit 0;
- }
- open(my $fh, '<', $file) or die "$0: $file: $!\n";
- while (<$fh>) {
- chomp;
- next unless /^\s*multiversion\.kernels\b/;
- s/^[^=]*=\s*//;
- close($fh);
- return $_;
- }
- close($fh);
- return "";
-}
-
-sub load_config {
- my @kernels;
-
- @kernels = split(/,\s*/, get_config_line());
- for my $kernel (@kernels) {
- if ($kernel =~
/^\s*(latest|oldest|running)(\s*[-+]\s*\d+)?\s*$/) {
- my $new = { whence => $1, offset => $2 || 0 };
- $new->{offset} =~ s/\s*//g;
- if ($new->{whence} eq "running") {
- $want_running = 1;
- }
- push (@keep_spec, $new);
- } elsif ($kernel =~ /^\d+\.\d+/) {
- my $new = { version => $kernel };
- push (@keep_spec, $new);
- } elsif ($kernel =~ /^\s*$/) {
- next;
- } else {
- print STDERR "$0: Ignoring unknow kernel specification
in\n";
- print STDERR "/etc/zypp/zypp.conf:multiversion.kernels:
$kernel\n";
- }
- }
-}
-
-sub add_package {
- my ($name, $vr, $arch) = @_;
- (my $flavor = $name) =~ s/^kernel-//;
-
- #print STDERR "add_package: $name $vr $arch\n";
- if ($name eq "kernel-firmware" || $name eq "kernel-coverage") {
- return;
- }
- # Put all subpackages into the same group, except for
- # kernel-source-{vanilla,rt}, which are packages on their own
- if ($flavor !~ /^source/) {
- $flavor =~ s/-.*//; # XXX: No dashes in flavor names
- }
- # kernel-devel is a subpackage of kernel-source
- $flavor =~ s/^devel/source/;
- $kernels{"$arch/$flavor"} ||= {};
- $kernels{"$arch/$flavor"}{$vr} ||= [];
- push(@{$kernels{"$arch/$flavor"}{$vr}}, "$name-$vr.$arch");
-}
-
-sub load_packages {
- my $pipe;
-
- if ($fake_rpm_qa) {
- open($pipe, '<', $fake_rpm_qa) or die "$fake_rpm_qa: $!\n";
- } else {
- open($pipe, '-|', 'rpm', '-qa', '--qf',
- '%{n} %{v}-%{r} %{arch}\n', 'kernel-*') or die "rpm:
$!\n";
- }
- while (<$pipe>) {
- chomp;
- my ($name, $vr, $arch) = split;
- add_package($name, $vr, $arch);
- }
- close($pipe)
-}
-
-sub sort_versions {
- my @versions = @_;
-
- pipe (my $read, my $write);
- my $pid = fork();
- if (!defined($pid)) {
- die "Cannot fork: $!\n";
- } elsif ($pid == 0) {
- # child
- close($read);
- open STDOUT, '>&', $write;
- open(my $fh, '|-', "/usr/lib/rpm/rpmsort") or die
"/usr/lib/rpm/rpmsort: $!\n";
- print $fh join("\n", @versions), "\n";
- close($fh);
- die "rpmsort failed ($?)\n" if $? != 0;
-
- exit 0;
- }
- # parent
- close($write);
- @versions = <$read>;
- chomp @versions;
- close($read);
- waitpid($pid, 0);
- die "rpmsort failed ($?)\n" if $? != 0;
-
- return @versions;
-}
-
-# return true if VER1 == VER2 or VER1 == (VER2 minus rebuild counter)
-sub version_match {
- my ($ver1, $ver2) = @_;
-
- return 1 if $ver1 eq $ver2;
-
- # copied from kernel-source/rpm/kernel-spec-macros
- $ver2 =~ s/\.[0-9]+($|\.[^.]*[^.0-9][^.]*$)/$1/;
- return $ver1 eq $ver2;
-}
-
-sub list_old_versions {
- my ($flavor) = @_;
-
- my $is_source = $flavor =~ /\/(source|syms)/;
- my $kernels = $kernels{$flavor};
- my @versions = sort_versions(keys(%$kernels));
- my %idx = (
- oldest => 0,
- latest => scalar(@versions) - 1,
- );
- if ($want_running && ($running_flavor eq $flavor || $is_source)) {
- for (my $i = scalar(@versions) - 1; $i >= 0; $i--) {
- if (version_match($running_version, $versions[$i])) {
- $idx{running} = $i;
- last;
- }
- }
- if (!exists($idx{running}) && !$is_source) {
- print STDERR "$0: Running kernel
$running_version-$running_flavor not installed.\n";
- print "NOT removing any packages for flavor $flavor.\n";
- return;
- }
- }
- my %delete = map { $_ => 1 } @versions;
- for my $keep (@keep_spec) {
- if ($keep->{version}) {
- for my $ver (@versions) {
- if (version_match($keep->{version}, $ver)) {
- $delete{$ver} = 0;
- }
- }
- } elsif ($keep->{whence}) {
- next unless exists($idx{$keep->{whence}});
- my $idx = $idx{$keep->{whence}};
- $idx += $keep->{offset};
- next unless $idx >= 0 && $idx < scalar(@versions);
- $delete{$versions[$idx]} = 0;
- } else {
- die "??";
- }
- }
- return grep { $delete{$_} } @versions;
-}
-
-sub package_exists {
- my ($version, $archs, $flavors) = @_;
-
- for my $arch (@$archs) {
- for my $flavor (@$flavors) {
- my $config = "$arch/$flavor";
- if (exists($kernels{$config})
- && exists($kernels{$config}->{$version})) {
- return 1;
- }
- }
- }
- return 0;
-}
-
-sub list_old_packages {
- my (@packages, @archs, @flavors);
- my (@syms_flavors, @binary_flavors, @source_configs);
-
- # there are some inter-dependencies among the kernel packages,
- # so we have to be careful
- my %t = map { s:/.*::; $_ => 1 } keys(%kernels);
- @archs = sort(keys(%t));
- %t = map { s:.*/::; $_ => 1 } keys(%kernels);
- @flavors = sort(keys(%t));
- @syms_flavors = grep { /^syms/ } @flavors;
- @binary_flavors = grep { !/^(source|syms)/ } @flavors;
- @source_configs = grep { /\/source/ } sort(keys(%kernels));
-
- for my $arch (@archs) {
- for my $flavor (@syms_flavors) {
- my $config = "$arch/$flavor";
- next unless exists($kernels{$config});
- my @versions = list_old_versions($config);
- for my $ver (@versions) {
- push(@packages, @{$kernels{$config}->{$ver}});
- delete($kernels{$config}->{$ver});
- }
- }
- for my $flavor (@binary_flavors) {
- my $config = "$arch/$flavor";
- next unless exists($kernels{$config});
- my @versions = list_old_versions($config);
- for my $ver (@versions) {
- my @pacs = @{$kernels{$config}->{$ver}};
- my $remove_all = 1;
- # do not remove kernel-$flavor-devel-$ver
- # if kernel-syms-$ver still exists
- if (grep { /-devel$/ } @pacs) {
- my $syms = "syms";
- if ($flavor =~ /^rt/) {
- $syms = "syms-rt";
- }
- if (exists($kernels{$syms}->{$ver})) {
- $remove_all = 0;
- @pacs = grep { !/-devel$/ }
- @pacs;
- }
- }
- push(@packages, @pacs);
- if ($remove_all) {
- delete($kernels{$config}->{$ver});
- }
- }
- }
- }
- for my $config (@source_configs) {
- my @versions = list_old_versions($config);
- for my $ver (@versions) {
- # Remove kernel-{devel,source} only if no other package
- # of the same version exists
- next if package_exists($ver, \@archs, \@binary_flavors);
- push(@packages, @{$kernels{$config}->{$ver}});
- }
- }
- return @packages;
-}
-
-sub find_package {
- my $name = shift @_;
- my $version = shift @_;
- my @packages = @_;
- my $expr = "^" . quotemeta("$name-$version");
- my @found = grep { $_ =~ $expr } @packages;
- return @found if @found;
- $expr = "^" . quotemeta($name) . " = " . quotemeta($version) . "\$";
- @found = grep {
- my @provides = qx/rpm -q --provides $_/;
- chomp (@provides);
- grep { $_ =~ $expr} @provides;
- } @packages;
- return @found;
-}
-
-# Try to remove a list of packages.
-#
-# If there is a KMP or livepatch depending on the package remove it as well. If
-# there is another package depending on the kernel keep the kernel. If there is
-# a package that depends on a KMP keep the KMP and a kernel required to use the
-# KMP.
-# In each step a KMP or livepatch may be added or a package which cannot be
-# removed due to dependencies is marked as taboo and removed from the list.
-#
-# Finish when packages uninstall successfully or we can't find any packages to
-# add or remove from the list to make it uninstallable.
-
-sub remove_packages {
- my @packages = @_;
- my %taboo_packages;
-
- while (1) {
- pipe(my $read, my $write);
- my $pid = fork();
- if (!defined($pid)) {
- die "Cannot fork: $!\n";
- } elsif($pid == 0) {
- # child
- close($read);
- open STDOUT, '>&', $write;
- open STDERR, '>&', $write;
- $ENV{LC_ALL} = "C";
- my @cmd = qw(rpm -e);
- push(@cmd, "--test") if $test_only;
- exec(@cmd, @packages) or die "rpm: $!\n";
- }
- # parent
- close($write);
- my @out = <$read>;
- chomp @out;
- close($read);
- waitpid($pid, 0);
- if ($? == 0) {
- print "Removed:\n ", join("\n ", @packages), "\n";
- return 1;
- }
- my $retry = 0;
- my %old_packages = map { $_ => 1 } @packages;
- my %new_packages;
- for (@out) {
- if (/ is needed by \(installed\)
(kernel-syms-.*|kgraft-patch-.*|kernel-livepatch-.*|.*-kmp-.*)/ &&
- !$old_packages{$1} && !$taboo_packages{$1}) {
- push(@packages, $1) unless $new_packages{$1};
- $new_packages{$1} = 1;
- $retry = 1;
- } elsif (/([^ \t]*) = ([^ \t]*) is needed by
\(installed\) /) {
- my @unremovable = find_package($1, $2,
@packages);
- my $match = $unremovable[$#unremovable];
- if ($match) {
- print STDERR "$0: $_\n";
- print STDERR "$0: Keeping $1 = $2
($match)\n";
- @packages = grep { $_ !~ $match }
@packages;
- $taboo_packages{$match} = 1;
- $retry = 1;
- last; # Only remove one package
providing the dependency from the list
- }
- }
- }
- if (!$retry) {
- print STDERR join("\n", @out), "\n";
- print STDERR "$0: giving up.\n";
- return 0;
- }
- }
-}
-
-if (!GetOptions(
- "h|help" => sub { usage(); exit; },
- "--test" => \$test_only,
- "--fake-config=s" => \$fake_config,
- "--fake-rpm-qa=s" => \$fake_rpm_qa,
- "--fake-uname-r=s" => \$fake_uname_r,
- "--fake-uname-m=s" => \$fake_uname_m)) {
- usage();
- exit 1;
-}
-load_config();
-if (!@keep_spec) {
- print STDERR "$0: multiversion.kernels not configured in
/etc/zypp/zypp.conf, exiting.\n";
- exit 0;
-}
-
-load_packages();
-if ($want_running) {
- $running_version = $fake_uname_r ? $fake_uname_r : `uname -r`;
- chomp($running_version);
- ($running_flavor = $running_version) =~ s/.*-//;
- $running_version =~ s/-[^-]*$//;
- (my $release = $running_version) =~ s/.*-//;
- $running_version =~ s/-[^-]*$//;
-
- # copied from kernel-source/rpm/mkspec
- $running_version =~ s/\.0-rc/.rc/;
- $running_version =~ s/-rc\d+//;
- $running_version =~ s/-/./g;
-
- $running_version .= "-$release";
-
- my $arch = $fake_uname_m ? $fake_uname_m : `uname -m`;
- chomp($arch);
- $arch =~ s/^i.86$/i586/;
- $running_flavor = "$arch/$running_flavor";
-}
-my @remove = list_old_packages();
-if (!@remove) {
- print STDERR "$0: Nothing to do.\n";
- exit 0;
-}
-if (remove_packages(@remove)) {
- exit 0;
-}
-exit 1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/dracut-049+git116.e9995c78/suse/purge-kernels.service
new/dracut-049+git118.a6090e2f/suse/purge-kernels.service
--- old/dracut-049+git116.e9995c78/suse/purge-kernels.service 2019-12-10
09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/suse/purge-kernels.service 1970-01-01
01:00:00.000000000 +0100
@@ -1,15 +0,0 @@
-[Unit]
-Description=Purge old kernels
-After=local-fs.target
-ConditionPathExists=/boot/do_purge_kernels
-ConditionPathIsReadWrite=/
-
-[Service]
-Type=oneshot
-Nice=19
-IOSchedulingClass=idle
-ExecStartPre=/bin/rm -f /boot/do_purge_kernels
-ExecStart=/sbin/purge-kernels
-
-[Install]
-WantedBy=multi-user.target
++++++ dracut-049+git116.e9995c78.tar.xz -> dracut-049+git118.a6090e2f.tar.xz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/dracut-049+git116.e9995c78/modules.d/01fips/fips.sh
new/dracut-049+git118.a6090e2f/modules.d/01fips/fips.sh
--- old/dracut-049+git116.e9995c78/modules.d/01fips/fips.sh 2019-12-10
09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/modules.d/01fips/fips.sh 2020-01-14
15:18:42.000000000 +0100
@@ -1,4 +1,17 @@
-#!/bin/sh
+#!/bin/bash
+
+# find fipscheck, prefer kernel-based version
+fipscheck()
+{
+ FIPSCHECK=/usr/lib64/libkcapi/fipscheck
+ if [ ! -f $FIPSCHECK ]; then
+ FIPSCHECK=/usr/lib/libkcapi/fipscheck
+ fi
+ if [ ! -f $FIPSCHECK ]; then
+ FIPSCHECK=/usr/bin/fipscheck
+ fi
+ echo $FIPSCHECK
+}
mount_boot()
{
@@ -65,6 +78,7 @@
warn "HMAC sum mismatch"
return 1
fi
+
info "rhevh_check OK"
return 0
}
@@ -75,6 +89,12 @@
local _s
local _v
local _module
+ local _arch=$(uname -m)
+ local _vmname=vmlinuz
+
+ if [ "$_arch" = "s390x" ]; then
+ _vmname=image
+ fi
KERNEL=$(uname -r)
@@ -93,6 +113,22 @@
_found=1
break
done </proc/crypto
+ # If we find some hardware specific modules and cannot load
them
+ # it is not a problem, proceed.
+ if [ "$_found" = "0" ]; then
+ if [ "$_module" != "${_module%intel}" \
+ -o "$_module" != "${_module%ssse3}" \
+ -o "$_module" != "${_module%x86_64}" \
+ -o "$_module" != "${_module%z90}" \
+ -o "$_module" != "${_module%s390}" \
+ -o "$_module" == "twofish_x86_64_3way" \
+ -o "$_module" == "ablk_helper" \
+ -o "$_module" == "glue_helper" \
+ ]; then
+ _found=1
+ fi
+ fi
+
[ "$_found" = "0" ] && cat /tmp/fips.modprobe_err >&2 &&
return 1
fi
fi
@@ -114,14 +150,14 @@
BOOT_IMAGE_PATH="${BOOT_IMAGE%${BOOT_IMAGE_NAME}}"
if [ -z "$BOOT_IMAGE_NAME" ]; then
- BOOT_IMAGE_NAME="vmlinuz-${KERNEL}"
+ BOOT_IMAGE_NAME="${_vmname}-${KERNEL}"
elif ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE}" ]; then
#if /boot is not a separate partition BOOT_IMAGE might start with
/boot
BOOT_IMAGE_PATH=${BOOT_IMAGE_PATH#"/boot"}
#on some achitectures BOOT_IMAGE does not contain path to kernel
#so if we can't find anything, let's treat it in the same way as
if it was empty
if ! [ -e "/boot/${BOOT_IMAGE_PATH}/${BOOT_IMAGE_NAME}" ]; then
- BOOT_IMAGE_NAME="vmlinuz-${KERNEL}"
+ BOOT_IMAGE_NAME="${_vmname}-${KERNEL}"
BOOT_IMAGE_PATH=""
fi
fi
@@ -132,7 +168,12 @@
return 1
fi
- sha512hmac -c "${BOOT_IMAGE_HMAC}" || return 1
+ if [ -n "$(fipscheck)" ]; then
+ $(fipscheck) -c ${BOOT_IMAGE_HMAC} ${BOOT_IMAGE} || return 1
+ else
+ warn "Could not find fipscheck to verify MACs"
+ return 1
+ fi
fi
info "All initrd crypto checks done"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/dracut-049+git116.e9995c78/modules.d/01fips/module-setup.sh
new/dracut-049+git118.a6090e2f/modules.d/01fips/module-setup.sh
--- old/dracut-049+git116.e9995c78/modules.d/01fips/module-setup.sh
2019-12-10 09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/modules.d/01fips/module-setup.sh
2020-01-14 15:18:42.000000000 +0100
@@ -23,6 +23,10 @@
_fipsmodules+="sha3-224 sha3-256 sha3-384 sha3-512 "
_fipsmodules+="crc32c crct10dif ghash "
+ # Hashes, platform specific:
+ _fipsmodules+="sha512-ssse3 sha1-ssse3 sha256-ssse3 "
+ _fipsmodules+="ghash-clmulni-intel "
+
# Ciphers:
_fipsmodules+="cipher_null des3_ede aes "
@@ -66,7 +70,11 @@
inst_hook pre-pivot 01 "$moddir/fips-noboot.sh"
inst_script "$moddir/fips.sh" /sbin/fips.sh
- inst_multiple sha512hmac rmmod insmod mount uname umount
+ inst_multiple rmmod insmod mount uname umount
+ inst_multiple -o sha512hmac \
+ fipscheck \
+ /usr/lib64/libkcapi/fipscheck \
+ /usr/lib/libkcapi/fipscheck
inst_simple /etc/system-fips
[ -c ${initdir}/dev/random ] || mknod ${initdir}/dev/random c 1 8 \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/dracut-049+git116.e9995c78/suse/dracut.spec
new/dracut-049+git118.a6090e2f/suse/dracut.spec
--- old/dracut-049+git116.e9995c78/suse/dracut.spec 2019-12-10
09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/suse/dracut.spec 2020-01-14
15:18:42.000000000 +0100
@@ -158,9 +158,6 @@
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -m 0644 dracut.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/dracut
-install -D -m 0755 suse/purge-kernels %{buildroot}/sbin/purge-kernels
-install -m 644 suse/purge-kernels.service
%{buildroot}/%{_unitdir}/purge-kernels.service
-
install -D -m 0755 suse/dracut-installkernel %{buildroot}/sbin/installkernel
%if 0%{?suse_version}
@@ -172,10 +169,8 @@
%endif
%pre
-%service_add_pre purge-kernels.service
%post
-%service_add_post purge-kernels.service
# check whether /var/run has been converted to a symlink
[ -L /var/run ] || sed -i '/GRUB_CMDLINE_LINUX_DEFAULT.*/s/"$/ rd.convertfs"/'
/etc/default/grub || :
[ -L /var/run ] || cat >>/etc/dracut.conf.d/05-convertfs.conf<<EOF
@@ -196,10 +191,8 @@
%{?regenerate_initrd_post}
%preun
-%service_del_preun purge-kernels.service
%postun
-%service_del_postun purge-kernels.service
%{?regenerate_initrd_post}
%postun fips
@@ -245,7 +238,6 @@
%doc README HACKING TODO AUTHORS NEWS dracut.html dracut.png dracut.svg
%{_bindir}/dracut
%{_bindir}/lsinitrd
-/sbin/purge-kernels
/sbin/installkernel
/sbin/mkinitrd
/sbin/mkinitrd_setup
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/dracut-049+git116.e9995c78/suse/purge-kernels
new/dracut-049+git118.a6090e2f/suse/purge-kernels
--- old/dracut-049+git116.e9995c78/suse/purge-kernels 2019-12-10
09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/suse/purge-kernels 1970-01-01
01:00:00.000000000 +0100
@@ -1,403 +0,0 @@
-#!/usr/bin/perl
-
-use strict;
-use warnings;
-
-use Getopt::Long;
-
-sub usage {
- print "Usage: $0 [--test]\n";
- print "Reads list of kernels to keep from
/etc/zypp/zypp.conf:multiversion.kernels\n";
- print "kernels can be given as <version>, latest(-N), running,
oldest(+N).\n";
-}
-
-# arch/flavor => version-release => [ subpackages ]
-my %kernels;
-
-my @keep_spec;
-my ($want_running, $running_version, $running_flavor);
-
-# do not actually delete anything
-my $test_only;
-
-# undocumented debugging options
-my ($fake_config, $fake_rpm_qa, $fake_uname_r, $fake_uname_m);
-
-sub get_config_line {
- my $file = "/etc/zypp/zypp.conf";
-
- if ($fake_config) {
- return $fake_config;
- }
- if (!-e $file) {
- print STDERR "$0: /etc/zypp/zypp.conf does not exist,
exiting.\n";
- exit 0;
- }
- open(my $fh, '<', $file) or die "$0: $file: $!\n";
- while (<$fh>) {
- chomp;
- next unless /^\s*multiversion\.kernels\b/;
- s/^[^=]*=\s*//;
- close($fh);
- return $_;
- }
- close($fh);
- return "";
-}
-
-sub load_config {
- my @kernels;
-
- @kernels = split(/,\s*/, get_config_line());
- for my $kernel (@kernels) {
- if ($kernel =~
/^\s*(latest|oldest|running)(\s*[-+]\s*\d+)?\s*$/) {
- my $new = { whence => $1, offset => $2 || 0 };
- $new->{offset} =~ s/\s*//g;
- if ($new->{whence} eq "running") {
- $want_running = 1;
- }
- push (@keep_spec, $new);
- } elsif ($kernel =~ /^\d+\.\d+/) {
- my $new = { version => $kernel };
- push (@keep_spec, $new);
- } elsif ($kernel =~ /^\s*$/) {
- next;
- } else {
- print STDERR "$0: Ignoring unknow kernel specification
in\n";
- print STDERR "/etc/zypp/zypp.conf:multiversion.kernels:
$kernel\n";
- }
- }
-}
-
-sub add_package {
- my ($name, $vr, $arch) = @_;
- (my $flavor = $name) =~ s/^kernel-//;
-
- #print STDERR "add_package: $name $vr $arch\n";
- if ($name eq "kernel-firmware" || $name eq "kernel-coverage") {
- return;
- }
- # Put all subpackages into the same group, except for
- # kernel-source-{vanilla,rt}, which are packages on their own
- if ($flavor !~ /^source/) {
- $flavor =~ s/-.*//; # XXX: No dashes in flavor names
- }
- # kernel-devel is a subpackage of kernel-source
- $flavor =~ s/^devel/source/;
- $kernels{"$arch/$flavor"} ||= {};
- $kernels{"$arch/$flavor"}{$vr} ||= [];
- push(@{$kernels{"$arch/$flavor"}{$vr}}, "$name-$vr.$arch");
-}
-
-sub load_packages {
- my $pipe;
-
- if ($fake_rpm_qa) {
- open($pipe, '<', $fake_rpm_qa) or die "$fake_rpm_qa: $!\n";
- } else {
- open($pipe, '-|', 'rpm', '-qa', '--qf',
- '%{n} %{v}-%{r} %{arch}\n', 'kernel-*') or die "rpm:
$!\n";
- }
- while (<$pipe>) {
- chomp;
- my ($name, $vr, $arch) = split;
- add_package($name, $vr, $arch);
- }
- close($pipe)
-}
-
-sub sort_versions {
- my @versions = @_;
-
- pipe (my $read, my $write);
- my $pid = fork();
- if (!defined($pid)) {
- die "Cannot fork: $!\n";
- } elsif ($pid == 0) {
- # child
- close($read);
- open STDOUT, '>&', $write;
- open(my $fh, '|-', "/usr/lib/rpm/rpmsort") or die
"/usr/lib/rpm/rpmsort: $!\n";
- print $fh join("\n", @versions), "\n";
- close($fh);
- die "rpmsort failed ($?)\n" if $? != 0;
-
- exit 0;
- }
- # parent
- close($write);
- @versions = <$read>;
- chomp @versions;
- close($read);
- waitpid($pid, 0);
- die "rpmsort failed ($?)\n" if $? != 0;
-
- return @versions;
-}
-
-# return true if VER1 == VER2 or VER1 == (VER2 minus rebuild counter)
-sub version_match {
- my ($ver1, $ver2) = @_;
-
- return 1 if $ver1 eq $ver2;
-
- # copied from kernel-source/rpm/kernel-spec-macros
- $ver2 =~ s/\.[0-9]+($|\.[^.]*[^.0-9][^.]*$)/$1/;
- return $ver1 eq $ver2;
-}
-
-sub list_old_versions {
- my ($flavor) = @_;
-
- my $is_source = $flavor =~ /\/(source|syms)/;
- my $kernels = $kernels{$flavor};
- my @versions = sort_versions(keys(%$kernels));
- my %idx = (
- oldest => 0,
- latest => scalar(@versions) - 1,
- );
- if ($want_running && ($running_flavor eq $flavor || $is_source)) {
- for (my $i = scalar(@versions) - 1; $i >= 0; $i--) {
- if (version_match($running_version, $versions[$i])) {
- $idx{running} = $i;
- last;
- }
- }
- if (!exists($idx{running}) && !$is_source) {
- print STDERR "$0: Running kernel
$running_version-$running_flavor not installed.\n";
- print "NOT removing any packages for flavor $flavor.\n";
- return;
- }
- }
- my %delete = map { $_ => 1 } @versions;
- for my $keep (@keep_spec) {
- if ($keep->{version}) {
- for my $ver (@versions) {
- if (version_match($keep->{version}, $ver)) {
- $delete{$ver} = 0;
- }
- }
- } elsif ($keep->{whence}) {
- next unless exists($idx{$keep->{whence}});
- my $idx = $idx{$keep->{whence}};
- $idx += $keep->{offset};
- next unless $idx >= 0 && $idx < scalar(@versions);
- $delete{$versions[$idx]} = 0;
- } else {
- die "??";
- }
- }
- return grep { $delete{$_} } @versions;
-}
-
-sub package_exists {
- my ($version, $archs, $flavors) = @_;
-
- for my $arch (@$archs) {
- for my $flavor (@$flavors) {
- my $config = "$arch/$flavor";
- if (exists($kernels{$config})
- && exists($kernels{$config}->{$version})) {
- return 1;
- }
- }
- }
- return 0;
-}
-
-sub list_old_packages {
- my (@packages, @archs, @flavors);
- my (@syms_flavors, @binary_flavors, @source_configs);
-
- # there are some inter-dependencies among the kernel packages,
- # so we have to be careful
- my %t = map { s:/.*::; $_ => 1 } keys(%kernels);
- @archs = sort(keys(%t));
- %t = map { s:.*/::; $_ => 1 } keys(%kernels);
- @flavors = sort(keys(%t));
- @syms_flavors = grep { /^syms/ } @flavors;
- @binary_flavors = grep { !/^(source|syms)/ } @flavors;
- @source_configs = grep { /\/source/ } sort(keys(%kernels));
-
- for my $arch (@archs) {
- for my $flavor (@syms_flavors) {
- my $config = "$arch/$flavor";
- next unless exists($kernels{$config});
- my @versions = list_old_versions($config);
- for my $ver (@versions) {
- push(@packages, @{$kernels{$config}->{$ver}});
- delete($kernels{$config}->{$ver});
- }
- }
- for my $flavor (@binary_flavors) {
- my $config = "$arch/$flavor";
- next unless exists($kernels{$config});
- my @versions = list_old_versions($config);
- for my $ver (@versions) {
- my @pacs = @{$kernels{$config}->{$ver}};
- my $remove_all = 1;
- # do not remove kernel-$flavor-devel-$ver
- # if kernel-syms-$ver still exists
- if (grep { /-devel$/ } @pacs) {
- my $syms = "syms";
- if ($flavor =~ /^rt/) {
- $syms = "syms-rt";
- }
- if (exists($kernels{$syms}->{$ver})) {
- $remove_all = 0;
- @pacs = grep { !/-devel$/ }
- @pacs;
- }
- }
- push(@packages, @pacs);
- if ($remove_all) {
- delete($kernels{$config}->{$ver});
- }
- }
- }
- }
- for my $config (@source_configs) {
- my @versions = list_old_versions($config);
- for my $ver (@versions) {
- # Remove kernel-{devel,source} only if no other package
- # of the same version exists
- next if package_exists($ver, \@archs, \@binary_flavors);
- push(@packages, @{$kernels{$config}->{$ver}});
- }
- }
- return @packages;
-}
-
-sub find_package {
- my $name = shift @_;
- my $version = shift @_;
- my @packages = @_;
- my $expr = "^" . quotemeta("$name-$version");
- my @found = grep { $_ =~ $expr } @packages;
- return @found if @found;
- $expr = "^" . quotemeta($name) . " = " . quotemeta($version) . "\$";
- @found = grep {
- my @provides = qx/rpm -q --provides $_/;
- chomp (@provides);
- grep { $_ =~ $expr} @provides;
- } @packages;
- return @found;
-}
-
-# Try to remove a list of packages.
-#
-# If there is a KMP or livepatch depending on the package remove it as well. If
-# there is another package depending on the kernel keep the kernel. If there is
-# a package that depends on a KMP keep the KMP and a kernel required to use the
-# KMP.
-# In each step a KMP or livepatch may be added or a package which cannot be
-# removed due to dependencies is marked as taboo and removed from the list.
-#
-# Finish when packages uninstall successfully or we can't find any packages to
-# add or remove from the list to make it uninstallable.
-
-sub remove_packages {
- my @packages = @_;
- my %taboo_packages;
-
- while (1) {
- pipe(my $read, my $write);
- my $pid = fork();
- if (!defined($pid)) {
- die "Cannot fork: $!\n";
- } elsif($pid == 0) {
- # child
- close($read);
- open STDOUT, '>&', $write;
- open STDERR, '>&', $write;
- $ENV{LC_ALL} = "C";
- my @cmd = qw(rpm -e);
- push(@cmd, "--test") if $test_only;
- exec(@cmd, @packages) or die "rpm: $!\n";
- }
- # parent
- close($write);
- my @out = <$read>;
- chomp @out;
- close($read);
- waitpid($pid, 0);
- if ($? == 0) {
- print "Removed:\n ", join("\n ", @packages), "\n";
- return 1;
- }
- my $retry = 0;
- my %old_packages = map { $_ => 1 } @packages;
- my %new_packages;
- for (@out) {
- if (/ is needed by \(installed\)
(kernel-syms-.*|kgraft-patch-.*|kernel-livepatch-.*|.*-kmp-.*)/ &&
- !$old_packages{$1} && !$taboo_packages{$1}) {
- push(@packages, $1) unless $new_packages{$1};
- $new_packages{$1} = 1;
- $retry = 1;
- } elsif (/([^ \t]*) = ([^ \t]*) is needed by
\(installed\) /) {
- my @unremovable = find_package($1, $2,
@packages);
- my $match = $unremovable[$#unremovable];
- if ($match) {
- print STDERR "$0: $_\n";
- print STDERR "$0: Keeping $1 = $2
($match)\n";
- @packages = grep { $_ !~ $match }
@packages;
- $taboo_packages{$match} = 1;
- $retry = 1;
- last; # Only remove one package
providing the dependency from the list
- }
- }
- }
- if (!$retry) {
- print STDERR join("\n", @out), "\n";
- print STDERR "$0: giving up.\n";
- return 0;
- }
- }
-}
-
-if (!GetOptions(
- "h|help" => sub { usage(); exit; },
- "--test" => \$test_only,
- "--fake-config=s" => \$fake_config,
- "--fake-rpm-qa=s" => \$fake_rpm_qa,
- "--fake-uname-r=s" => \$fake_uname_r,
- "--fake-uname-m=s" => \$fake_uname_m)) {
- usage();
- exit 1;
-}
-load_config();
-if (!@keep_spec) {
- print STDERR "$0: multiversion.kernels not configured in
/etc/zypp/zypp.conf, exiting.\n";
- exit 0;
-}
-
-load_packages();
-if ($want_running) {
- $running_version = $fake_uname_r ? $fake_uname_r : `uname -r`;
- chomp($running_version);
- ($running_flavor = $running_version) =~ s/.*-//;
- $running_version =~ s/-[^-]*$//;
- (my $release = $running_version) =~ s/.*-//;
- $running_version =~ s/-[^-]*$//;
-
- # copied from kernel-source/rpm/mkspec
- $running_version =~ s/\.0-rc/.rc/;
- $running_version =~ s/-rc\d+//;
- $running_version =~ s/-/./g;
-
- $running_version .= "-$release";
-
- my $arch = $fake_uname_m ? $fake_uname_m : `uname -m`;
- chomp($arch);
- $arch =~ s/^i.86$/i586/;
- $running_flavor = "$arch/$running_flavor";
-}
-my @remove = list_old_packages();
-if (!@remove) {
- print STDERR "$0: Nothing to do.\n";
- exit 0;
-}
-if (remove_packages(@remove)) {
- exit 0;
-}
-exit 1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/dracut-049+git116.e9995c78/suse/purge-kernels.service
new/dracut-049+git118.a6090e2f/suse/purge-kernels.service
--- old/dracut-049+git116.e9995c78/suse/purge-kernels.service 2019-12-10
09:43:14.000000000 +0100
+++ new/dracut-049+git118.a6090e2f/suse/purge-kernels.service 1970-01-01
01:00:00.000000000 +0100
@@ -1,15 +0,0 @@
-[Unit]
-Description=Purge old kernels
-After=local-fs.target
-ConditionPathExists=/boot/do_purge_kernels
-ConditionPathIsReadWrite=/
-
-[Service]
-Type=oneshot
-Nice=19
-IOSchedulingClass=idle
-ExecStartPre=/bin/rm -f /boot/do_purge_kernels
-ExecStart=/sbin/purge-kernels
-
-[Install]
-WantedBy=multi-user.target
++++++ dracut.obsinfo ++++++
--- /var/tmp/diff_new_pack.9wgcLA/_old 2020-01-18 12:16:19.867080990 +0100
+++ /var/tmp/diff_new_pack.9wgcLA/_new 2020-01-18 12:16:19.871080991 +0100
@@ -1,5 +1,5 @@
name: dracut
-version: 049+git116.e9995c78
-mtime: 1575967394
-commit: e9995c7853e61de8513b41a302d465ddb1586a20
+version: 049+git118.a6090e2f
+mtime: 1579011522
+commit: a6090e2f68a4ca727005b1de8a45bf474a782008
