From 65de5e0f1676fa20537caa781937c1632eee5718 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Wed, 15 Jul 2020 09:09:30 -0400
Subject: [PATCH] 05core/autologin: query journal instead of /run/ignition.json

We shouldn't use `/run/ignition.json` to determine whether a user
config was provided since it's implementation details. Instead, use the
new official journal messages that Ignition emits.

This is complicated by the fact that we need to support RHCOS, where the
journal messages haven't been backported. Use the fact that we always
have a base config to key off of whether to use the old behaviour vs the
new one. (More accurately, we'd want to check for
https://github.com/coreos/ignition/pull/1002, but there's no easy way to
do this from the outside. Alternatively we can check the Ignition
version, though that's deeply nested under `/usr/lib/dracut/...`).

Anyway, this should be temporary until RHCOS moves to spec v3.

Closes: #514
---
 .../coreos-liveiso-autologin-generator         | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/overlay.d/05core/usr/lib/systemd/system-generators/coreos-liveiso-autologin-generator b/overlay.d/05core/usr/lib/systemd/system-generators/coreos-liveiso-autologin-generator
index dec68b3c30..af8ea9d445 100755
--- a/overlay.d/05core/usr/lib/systemd/system-generators/coreos-liveiso-autologin-generator
+++ b/overlay.d/05core/usr/lib/systemd/system-generators/coreos-liveiso-autologin-generator
@@ -101,8 +101,22 @@ fi
 # If the user supplied an Ignition config, they have the ability to enable
 # autologin themselves.  Don't automatically render them insecure, since
 # they might be running in production and booting via e.g. IPMI.
-if [ -e /run/ignition.json ] ; then
-    exit 0
+
+# This is a hack for RHCOS Ignition which doesn't have
+# https://github.com/coreos/ignition/pull/958. This works because right now both
+# RHCOS and FCOS unconditionally bake in a base config. Once RHCOS moves to
+# Ignition v2, we can drop this and just leave the else block.
+ign_basecfg_msg=$(journalctl -q MESSAGE_ID=57124006b5c94805b77ce473e92a8aeb IGNITION_CONFIG_TYPE=base)
+if [ -z "${ign_basecfg_msg}" ]; then
+    if [ -e /run/ignition.json ]; then
+        exit 0
+    fi
+else
+    # See https://github.com/coreos/ignition/pull/958 for the MESSAGE_ID source.
+    ign_usercfg_msg=$(journalctl -q MESSAGE_ID=57124006b5c94805b77ce473e92a8aeb IGNITION_CONFIG_TYPE=user)
+    if [ -n "${ign_usercfg_msg}" ]; then
+        exit 0
+    fi
 fi
 
 write_dropin "getty@.service"        "--noclear"