From 216624e194afd277294fb2756d4242ab2b3e4006 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 8 Sep 2023 15:26:57 -0400 Subject: [PATCH] Stop using deprecated initramfs-args For now we need to write files via postprocess. --- oscore/initramfs.yaml | 14 ++++++++++++++ oscore/manifest.yaml | 1 + oscore/system-configuration.yaml | 5 ----- 3 files changed, 15 insertions(+), 5 deletions(-) create mode 100644 oscore/initramfs.yaml diff --git a/oscore/initramfs.yaml b/oscore/initramfs.yaml new file mode 100644 index 0000000..dc7bf5c --- /dev/null +++ b/oscore/initramfs.yaml @@ -0,0 +1,14 @@ +# Configuration for the initramfs +postprocess: + - | + #!/usr/bin/env bash + mkdir -p /usr/lib/dracut/dracut.conf.d + cat > /usr/lib/dracut/dracut.conf.d/01-bootc-nohostonly.conf + # We want a generic image; hostonly makes no sense as part of a server side build + hostonly=no + EOF + cat > /usr/lib/dracut/dracut.conf.d/49-tpm2-tss.conf << 'EOF' + # We want this for systemd-cryptsetup tpm2 locking + dracutmodules+=" tpm2-tss " + EOF + \ No newline at end of file diff --git a/oscore/manifest.yaml b/oscore/manifest.yaml index 52056c6..adccd44 100644 --- a/oscore/manifest.yaml +++ b/oscore/manifest.yaml @@ -27,6 +27,7 @@ check-groups: include: - bootc.yaml + - initramfs.yaml - bootable-rpm-ostree.yaml - networking-tools.yaml - system-configuration.yaml diff --git a/oscore/system-configuration.yaml b/oscore/system-configuration.yaml index ae8ab58..566efde 100644 --- a/oscore/system-configuration.yaml +++ b/oscore/system-configuration.yaml @@ -1,10 +1,5 @@ # These are packages that are related to configuring parts of the system. -initramfs-args: - - "--no-hostonly" - - "--add" - - "tpm2-tss" # We want this for systemd-cryptsetup tpm2 locking - packages: # Configuring SSH keys, cloud provider check-in, etc # TODO: needs Ignition kargs