diff --git a/image.yaml b/image.yaml index 3eed6c7c47..a6b7ff684b 100644 --- a/image.yaml +++ b/image.yaml @@ -2,6 +2,10 @@ # size is the target disk size in GB. size: 8 +# Disable networking by default on firstboot. We can drop this once cosa stops +# defaulting to `ip=dhcp,dhcp6 rd.neednet=1` when it doesn't see this key. +firstboot-kargs: [] + extra-kargs: # Disable SMT on systems vulnerable to MDS or any similar future issue. - mitigations=auto,nosmt diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service b/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service deleted file mode 100644 index 72ac3c3cf5..0000000000 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.service +++ /dev/null @@ -1,45 +0,0 @@ -# This unit will run very early before the dracut-cmdline -# service and detect if we want to request dracut bring up -# networking or not. We do want to request networking if: -# -# - the user is booting the live ISO -# - the user didn't already request networking via rd.neednet -# - the user provided a ignition.config.url karg, implying -# the need for networking -# -# As of recently we skip networking if a config is injected via -# `coreos-installer iso embed` in order to allow automating -# installs on networks without DHCP. -# -# If we do determine we need network and there are no other -# `ip=` kargs then we'll use `ip=dhcp,dhcp6` by default. -# -# The requesting of network will be done by writing relevant -# dracut networking args into /etc/cmdline.d/coreos-live-network-kargs.conf -# so that it gets picked up by the dracut networking scripts later -# on in boot. -# -# This is all done because we want to support a mode where -# the user can boot the live ISO and get to an interactive -# prompt without requiring networking on boot. The user can -# then configure the networking interactively. -# -[Unit] -Description=Request live ISO networking -DefaultDependencies=no -Before=dracut-cmdline.service - -# Make sure we are in the initramfs. We are booted to the live -# ISO and rd.neednet wasn't already passed somewhere else -ConditionPathExists=/usr/lib/initrd-release -ConditionKernelCommandLine=!rd.neednet -ConditionKernelCommandLine=coreos.liveiso -ConditionPathExists=/run/ostree-live - -# We'll assume we need network in the following case (see description from above) -ConditionKernelCommandLine=|ignition.config.url - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/usr/sbin/coreos-liveiso-network-kargs diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh b/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh deleted file mode 100755 index 9049686ad4..0000000000 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/coreos-liveiso-network-kargs.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/bash - -# For a description of how this is used see coreos-liveiso-network-kargs.service - -# Load the dracut library for getarg -source /usr/lib/dracut-lib.sh - -main() { - - # If we're running this script we already know we need networking - # (determined by conditionals in the systemd unit). - echo 'info: Requesting networking in the initramfs' - echo 'rd.neednet=1' > /etc/cmdline.d/10-coreos-liveiso-network-kargs.conf - - # If there is not already a ip= CLI arg use ip=dhcp,dhcp6 as default. - if ! getarg 'ip' &>/dev/null; then - echo 'info: using ip=dhcp,dhcp6 default networking configuration' - echo 'ip=dhcp,dhcp6' >> /etc/cmdline.d/10-coreos-liveiso-network-kargs.conf - else - echo 'info: using already set karg ip= information' - fi -} - -main diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator b/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator index 90ac7418ce..f61326afc8 100755 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator +++ b/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator @@ -31,7 +31,6 @@ add_requires sysroot.mount initrd-root-fs.target add_requires sysroot-etc.mount initrd-root-fs.target add_requires sysroot-var.mount initrd-root-fs.target -add_requires coreos-liveiso-network-kargs.service initrd.target add_requires coreos-liveiso-reconfigure-nm-wait-online.service initrd.target mkdir -p "${UNIT_DIR}/ostree-prepare-root.service.d" diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh b/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh index d49b0571c9..dcb4cc6b2a 100644 --- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh +++ b/overlay.d/05core/usr/lib/dracut/modules.d/20live/module-setup.sh @@ -34,12 +34,6 @@ install() { inst_simple "$moddir/writable.mount" \ "$systemdsystemunitdir/writable.mount" - inst_simple "$moddir/coreos-liveiso-network-kargs.sh" \ - "/usr/sbin/coreos-liveiso-network-kargs" - - inst_simple "$moddir/coreos-liveiso-network-kargs.service" \ - "$systemdsystemunitdir/coreos-liveiso-network-kargs.service" - inst_simple "$moddir/coreos-liveiso-reconfigure-nm-wait-online.service" \ "$systemdsystemunitdir/coreos-liveiso-reconfigure-nm-wait-online.service" } diff --git a/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service b/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service index befc41e790..a3db8673a6 100644 --- a/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service +++ b/overlay.d/05core/usr/lib/systemd/system/coreos-liveiso-success.service @@ -4,8 +4,7 @@ [Unit] Description=CoreOS Live ISO virtio success Documentation=https://github.com/coreos/fedora-coreos-config -# Only run on the Live ISO, and only if there's no Ignition config; -# the second bits here invert the conditionals in coreos-liveiso-network-kargs.service. +# Only run on the Live ISO, and only if there's no Ignition config ConditionKernelCommandLine=coreos.liveiso ConditionPathExists=!/config.ign ConditionVirtualization=|kvm