File suse-module-tools-16.0.50.obscpio of Package suse-module-tools
07070100000000000081A400000000000000000000000166D1C31D00000015000000000000000000000000000000000000002500000000suse-module-tools-16.0.50/.gitignore*~
\#*
*.rej
*.orig
07070100000001000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000001F00000000suse-module-tools-16.0.50/.obs07070100000002000081A400000000000000000000000166D1C31D000001FE000000000000000000000000000000000000002D00000000suse-module-tools-16.0.50/.obs/workflows.ymlworkflow:
steps:
- branch_package:
source_project: home:mwilck:suse-module-tools
source_package: suse-module-tools
target_project: home:mwilck
- configure_repositories:
project: home:mwilck
repositories:
- name: openSUSE_Tumbleweed
paths:
- target_project: openSUSE:Factory
target_repository: snapshot
architectures:
- x86_64
- i586
filters:
event: pull_request
07070100000003000081A400000000000000000000000166D1C31D000000A3000000000000000000000000000000000000002E00000000suse-module-tools-16.0.50/10-unblacklist.conf# We ship modprobe.d files that call unblacklist.
# It's a noop in the initramfs, but it needs to exist.
install_items+=" /usr/lib/module-init-tools/unblacklist "
07070100000004000081A400000000000000000000000166D1C31D0000467E000000000000000000000000000000000000002200000000suse-module-tools-16.0.50/LICENSE GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc., <http://fsf.org/>
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
{description}
Copyright (C) {year} {fullname}
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
{signature of Ty Coon}, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
07070100000005000081A400000000000000000000000166D1C31D00002BDC000000000000000000000000000000000000002400000000suse-module-tools-16.0.50/README.md# suse-module-tools
This package contains a collection of tools and configuration files for
handling kernel modules and setting module parameters. The configuration files
represent a carefully engineered, recommended default configuration. In
certain cases, it may be necessary to modify or revert some of these settings.
It's ok to do so, but make sure you know what you're doing if you do.
Please don't edit any of the configuration files shipped in this package.
Instead, copy the files from `/lib/modprobe.d` to `/etc/modprobe.d`, preserving
the file name, and edit the copy under `/etc/modprobe.d`.
Likewise for `/lib/depmod.d` vs. `/etc/depmod.d` and `/usr/lib/modules-load.d` vs.
`/etc/modules-load.d`.
To completely mask the directives in a configuration file, it's recommended
to create a symlink to `/dev/null` with the same name as the file to be masked
in the respective directory under `/etc`. E.g. to mask
`/lib/modprobe.d/20-foo.conf`, run
ln -s /dev/null /etc/modprobe.d/20-foo.conf
## Blacklisted file systems
In the Linux kernel, file system types are implemented as kernel modules. While
many of these file systems are well maintained, some of the older and less
frequently used ones are not. Others are actively maintained upstream but SUSE
kernel developers do not not actively review and include fixes for them in the
kernel sources released in openSUSE and SUSE Enterprise Linux. This poses a
security risk, because maliciously crafted file system images might open
security holes when mounted either automatically or by an inadvertent user.
Filesystems not actively maintained by SUSE kernel developers are therefore
**blacklisted** by default under openSUSE and SUSE Enterprise Linux. This means
that the on-demand loading of file system modules at mount time is disabled.
Blacklisting is accomplished by placing configuration files called
`60-blacklist_fs-$SOME_FS.conf` under `/lib/modprobe.d`. The current list of
blacklisted filesystems is:
@FS_BLACKLIST@ # will be filled from spec file during package build
### CAVEAT
In the very unlikely case that one of the blacklisted file systems is necessary
for your system to boot, make sure you un-blacklist your file system before
rebooting.
### Un-blacklisting a file system
If a user tries to **mount(8)** a device with a blacklisted file system, the
mount command prints an error message like this:
mount: /mnt/mx: unknown filesystem type 'minix' (hint: possibly blacklisted, see mount(8)).
(**mount(8)** can't distinguish between a file system for which no kernel
module exists at all, and a file system for which a module exists which
is blacklisted).
Users who need the blacklisted file systems and therefore want to override
the blacklisting can load the blacklisted module directly using `modprobe
$SOME_FS` in a terminal. This will call a script that offers to "un-blacklist"
the module for future use.
# modprobe minix
unblacklist: *** NOTE: minix will be loaded even if you answer "n" below. ***
unblacklist: minix is currently blacklisted, do you want to un-blacklist it (y/n)? y
unblacklist: minix un-blacklisted by creating /etc/modprobe.d/60-blacklist_fs-minix.conf
If the user selects **y**, the module is un-blacklisted by creating a symlink
to `/dev/null` (see above). Future attempts to mount minix file systems will
work with no issue, even after reboot, because the kernel's auto-loading
mechanism works for this file system again. If the user selects **n**, the
module remains blacklisted. Regardless of the user's answer, the module will be
loaded for the time being; i.e. subsequent **mount** commands for devices with
this file system will succeed until the module is unloaded or the system is
rebooted.
For security reasons, it's recommended that you only un-blacklist file system
modules that you know you'll use on a regular basis, and just enable them
temporarily otherwise.
## Weak modules
This package contains the script `weak-modules2` which is necessary to make
3rd party kernel modules installed for one kernel available to
KABI-compatible kernels. SUSE ensures KABI compatibility over the life
time of a service pack in SUSE Enterprise Linux. See the
[SUSE SolidDriver Program](https://drivers.suse.com/doc/SolidDriver/) for
details.
### Capturing log output from weak_modules2
Use the following environment variables:
* WM2_VERBOSE: value from 0 (default, no logging) - 3 (tracing).
the -v/--verbose option increases log level by one.
* WM2_DEBUG: 0 (default) or 1. Enables verbose output of certain
commands called by weak-modules2. Equivalent to --debug.
* WM2_LOGFILE: redirect the output to the given file.
## Kernel scriptlet files
The scripts in kernel-scriptlets directory are used internally by kernel
packages.
### Capturing log output from kernel scripts
* KERNEL_PACKAGE_SCRIPT_DEBUG when non-empty enables some extra output to kernel log.
## Kernel-specific sysctl settings
This package installs the file `50-kernel-uname_r.conf` which makes sure
that sysctl settings which are recommended for the currently running kernel
are applied by **systemd-sysctl.service** at boot time. These settings are
shipped in the file `/boot/sysctl.conf-$(uname -r)`, which is part of the
kernel package.
# Boot Loader Specification (BLS) and EFI System Partition (ESP)
There are scripts generating boot entries (via perl-Bootloader), new
initrds (via dracut) and updating the kernel module dependency lists
(via depmod). If we are in a system using the boot entries defined in
the bootloader specification (BLS), then we need to take special
considerations.
The tool `sdbootutil` is the one responsible of synchronizing the
content in the rootfs with the ESP (kernel, bootloader, shim, boot
entries, initrd, etc), so certain actions should be delegated to it.
To complicate the situation further, transactional systems (like
MicroOS) cannot access the ESP from inside the transaction as that
would break the atomicity of the update operation. It is the
`snapper` plugin provided by `sdbootutil` that will call the scripts
in the correct moment (when setting the new default snapshot).
This imposes that `weak-modules2`, `regenerate-initrd-posttrans`, the
`kernel-scriptlets` and the snapper plugin now need to work in
coordination, reordering certain actions depending on the kind of
system. The following table summarizes those interactions:
| Model | Operation | Element | Done |
|------------------|-----------|------------|--------------------------------|
| Traditional | Kernel | depmod | wm2 (rpm-script/post[un]) |
| | | initrd | wm2 (rpm-script/post[un]) |
| | | boot entry | rpm-script/post[un] |
| | | | |
| | KMP | depmod | wm2 (inkmp-script/post[un]) |
| | | initrd | wm2 (inkmp-script/post[un]) |
| | | | |
| | Dracut | initrd | regenerate-initrd-posttrans[1] |
|------------------|-----------|------------|--------------------------------|
| MicroOS[2] | Kernel | depmod | wm2 (rpm-script/post[un]) |
| | | initrd | wm2 (rpm-script/post[un]) |
| | | boot entry | rpm-script/post[un] |
| | | | |
| | KMP | depmod | wm2 (inkmp-script/post[un]) |
| | | initrd | wm2 (inkmp-script/post[un]) |
| | | | |
| | Dracut | initrd | regenerate-initrd-posttrans |
|------------------|-----------|------------|--------------------------------|
| Tumbleweed + BLS | Kernel | depmod | wm2 (rpm-script/post[un])[3] |
| | | initrd | wm2 (rpm-script/post[un]) |
| | | boot entry | rpm-script/post[un] |
| | | | |
| | KMP | depmod | wm2 (inkmp-script/post[un]) |
| | | initrd | wm2 (inkmp-script/post[un]) |
| | | | |
| | Dracut | initrd | regenerate-initrd-posttrans |
|------------------|-----------|------------|--------------------------------|
| MicroOS + BLS | Kernel | depmod | wm2 (rpm-script/post[un]) |
| | | initrd | snapper plugin[4] |
| | | boot entry | snapper plugin |
| | | | |
| | KMP | depmod | snapper plugin[5] |
| | | initrd | wm2 (rpm-script/post[un]) |
| | | | |
| | Dracut | initrd | snapper plugin |
|------------------|-----------|------------|--------------------------------|
| Tumbleweed + BLS | Kernel | depmod | wm2 (rpm-script/post[un])[6] |
| (no btrfs) | | initrd | wm2 (rpm-script/post[un]) |
| | | boot entry | rpm-script/post[un] |
| | | | |
| | KMP | depmod | wm2 (inkmp-script/post[un]) |
| | | initrd | wm2 (inkmp-script/post[un]) |
| | | | |
| | Dracut | initrd | regenerate-initrd-posttrans |
|------------------|-----------|------------|--------------------------------|
Notes:
[1] Triggered by the `%regenerate_initrd_post[trans]` macros
[2] In MicroOS (or any system that use transactional-update) the
kernel in /boot is inside the transaction, so gets discarded if
the snapshot is dropped.
[3] Could be done in the snapper plugin, but it is done in
weak-modules2 as in the traditional case, by calling `sdbootutil
--no-reuse-initrd`, which also creates the boot entry. The initrd
name is selected from the current default boot entry
[4] When adding or removing a kernel, the `sdbootutil
set_default_snapshot` will regenerate boot entries for all the
remaining kernels in the snapshot. This will synchronize also the
initrds (but can leave old initrds in the ESP). Also, wm2 will
create a mark in `/run/regenerate-initrd`.
[5] A direct call to `regenerate-initrd-posttrans` inside the
transaction will drop the call and keep the
`/run/regenerate-initrd` directory. A second call (from the
snapper plugin) will complete it.
[6] `sdbootutil` partially understand BLS systems without snapshots.
07070100000006000081A400000000000000000000000166D1C31D000001BA000000000000000000000000000000000000002E00000000suse-module-tools-16.0.50/boot-sysctl.service[Unit]
Description=Apply Kernel Variables for %v from /boot
DefaultDependencies=no
Conflicts=shutdown.target
Before=systemd-sysctl.service
After=systemd-modules-load.service
ConditionPathExists=!/usr/lib/modules/%v/sysctl.conf
ConditionPathExists=/boot/sysctl.conf-%v
RequiresMountsFor=/boot
[Service]
Type=oneshot
ExecStart=/usr/lib/systemd/systemd-sysctl /boot/sysctl.conf-%v
RemainAfterExit=yes
[Install]
WantedBy=systemd-sysctl.service
07070100000007000081A400000000000000000000000166D1C31D000001E5000000000000000000000000000000000000003000000000suse-module-tools-16.0.50/depmod-00-system.conf#
# /etc/depmod.conf - configuration file for the depmod(8) command,
# for its format see depmod.conf(5).
#
# Please don't edit this file, place your settings into the /etc/depmod.d
# directory.
# search order:
# 1 updates/ (KMPs)
# 2 extra/ (KMPs or manually compiled modules)
# 3 weak-updates/ (KMPs built for older kernels)
# 4 kgraft/ (kgraft patches)
# 5 everything else
search updates extra weak-updates kgraft built-in
# do not generate modules.*map files
make_map_files no
07070100000008000081A400000000000000000000000166D1C31D00001FEA000000000000000000000000000000000000002A00000000suse-module-tools-16.0.50/driver-check.sh#!/bin/bash
VERSION="0.6"
MAINTAINER="Martin Wilck <mwilck@suse.com>"
USAGE="Usage: ${0##*/} [-o|--out output-file]"
errors=0
warnings=0
trap 'rm -rf "$tmp"' EXIT
tmp=$(mktemp -d)
find_usrmerge_boot() {
local filename=$1
local kver=$2
local ext=${3:+."$3"}
local f
for f in "/usr/lib/modules/$kver/$filename$ext" "/boot/$filename-$kver$ext"
do
if [ -e "$f" ]; then
echo "$f"
return
fi
done
echo "WARNING: find_usrmerge_boot: $filename$ext not found for kernel $kver" >&2
}
find_depmod() {
local _d
[[ -x "$DEPMOD" ]] && return
DEPMOD=
for _d in /usr/sbin /sbin; do
if [[ -x ${_d}/depmod ]]; then
DEPMOD=${_d}/depmod
break;
fi
done
if [[ ! "$DEPMOD" ]]; then
echo "ERROR: depmod is not installed - aborting" >&2
exit 1
fi
}
rpm()
{
# rpm tends to send localized error messages to stdout :-(
LC_ALL=C command rpm "$@"
}
file_owner()
{
local f=$1
if (cd "$tmp/rpms"; grep -lFx "$f" *); then
return
fi
rpm -qf "$f"
}
_explain_called=()
explain()
{
local caller=${BASH_LINENO[0]}
if test -n "${_explain_called[$caller]}"; then
return
fi
_explain_called[$caller]=1
echo "$*"
}
error()
{
echo "ERROR: $*"
let errors++
}
warning()
{
echo "warning: $*" >&2
let warnings++
}
check_system()
{
if test ! -x /usr/lib/module-init-tools/weak-modules2; then
echo "This tool only works on SLE11 and later systems" >&2
exit 1
fi
if ! zypper search >/dev/null; then
echo "Cannot run zypper, please correct the above problem" >&2
exit 1
fi
}
check_rpm_V()
{
local attrs flags path
# kernel packages contain the initrd with permissions 0644,
# but dracut creates initrd with 0600. That's not an error.
while read attrs flags path; do
case $attrs in
.M.......)
if [[ "${path#/boot/initrd}" != "$path" && \
-f "$path" && \
$(stat -c %a "$path") = 600 ]]; then
continue
fi
;;
esac
echo "$attrs $flags $path"
error "$rpm was not installed correctly (see above)"
done
}
check_rpm()
{
local rpm=$1 name=${1%-*-*} out
# ignore changes to %config and %doc files and ignore changed mtimes
check_rpm_V < <(rpm -V "$rpm" | grep -Ev '^[^ ]{8,} [cd] |^\.{7}T\.* ')
}
check_kernel_package()
{
local kernel=$1
if ! rpm -q --qf '%{description}\n' "$kernel" | grep -q '^GIT '; then
error "$kernel does not look like a SUSE kernel package (no commit id)"
fi
if ! rpm -q --qf '%{postin}\n' "$kernel" | grep -Eq 'weak-modules2|kernel-scriptlets/rpm-post'; then
error "$kernel does not look like a SUSE kernel package (wrong %post script)"
fi
}
check_krel()
{
local krel=$1 system_map module_symvers msg res args bad=false
local mit_version
system_map=$(find_usrmerge_boot System.map "$krel")
module_symvers=$(find_usrmerge_boot symvers "$krel" gz)
if ! test -e "$system_map"; then
error "$system_map not found"
bad=true
fi
if ! test -e "$module_symvers"; then
error "$module_symvers not found"
bad=true
fi
if $bad; then
explain "Each kernel must install System.map and symvers.gz to be able to check module dependencies."
return
fi
set -- $("$DEPMOD" --version | sed -rn 's/.* ([0-9]+)(\.([0-9]+)(\..*)?)?/\1 \3/p')
if test -n "$1" -a -n "$2"; then
let "mit_version = $1 * 100 + $2"
elif test -n "$1" -a \! -n "$2" -a "$1" -gt 3; then
let "mit_version = $1 * 100"
else
warning "Cannot determine module-init-tools version, this is a bug in the script"
mit_version=0
fi
# depmod -E was introduced in 3.10
if test "$mit_version" -ge 310; then
gzip -cd <"$module_symvers" >"$tmp/symvers"
args=(-E "$tmp/symvers")
else
args=(-F "$system_map")
fi
msg=$("$DEPMOD" -n -e "${args[@]}" "$krel" 2>&1 >/dev/null)
res=$?
if test -n "$msg" -o "$res" -ne 0; then
echo "$msg"
error "depmod $krel returned errors (exit code $res)"
explain "depmod must pass without errors otherwise KMP scripts will break"
fi
}
req_re='^(kernel\([^:]*:kernel[[:alnum:]_]*\)|ksym\([^:]*:(struct_module|module_layout)\)) = [0-9a-f]+'
check_kmp()
{
local kmp=$1 prefix prev_krel krel path found_module=false
if ! rpm -q --qf '%{postin}\n' "$kmp" | grep -Eq 'weak-modules2|kernel-scriptlets/kmp-post'; then
error "$kmp does not look like a SUSE kernel module package (wrong %post)"
fi
if ! rpm -q -R "$kmp" | grep -Eq "$req_re"; then
error "$kmp does not have proper dependencies"
fi
exec 3< <(sed -rn 's:^(/lib/modules)?/([^/]*)/(.*\.ko(\.[gx]z|\.zst)?)$:\1 \2 \3:p' \
"$tmp/rpms/$kmp")
while read prefix krel path <&3; do
found_module=true
if test "$prefix" != "/lib/modules"; then
error "$kmp installs modules outside of /lib/modules"
continue
fi
if test -z "$prev_krel"; then
prev_krel=$krel
elif test "$prev_krel" != "$krel"; then
error "$kmp installs modules for multiple kernel versions"
fi
case "$path" in
updates/* | extra/*)
;;
weak-updates/*)
error "$kmp installs modules in weak-updates/ instead of updates/ or extra/"
explain "The weak-updates directory is reserved for automatically generated symlinks"
;;
*)
error "$kmp installs modules in an invalid directory"
explain \
"KMPs must install modules in the updates/ or extra/ subdirectories for the
weak-modules2 script to work"
;;
esac
done
if ! $found_module; then
error "$kmp does not contain any modules"
explain \
"A KMP must contain it's modules in the rpm filelist, otherwise weak-modules2
will not work"
fi
}
check_ko()
{
local ko=$1 kmp bad=false
case "$ko" in
*/weak-updates/*)
if test -L "$ko"; then
return
fi
esac
kmp=$(file_owner "$ko")
case "$kmp" in
kernel-* | *-kmp-*) ;;
*not\ owned\ by\ any\ package)
error "$ko is not owned by any package"
bad=true
;;
*)
error "$ko is not packaged as a KMP"
bad=true
;;
esac
if $bad; then
explain \
"External kernel modules must be packaged as KMPs, see
http://developer.novell.com/wiki/index.php/Kernel_Module_Packages_Manuals"
fi
}
options=$(getopt -n "${0##*/}" -o o:h --long out:,help -- "$@")
if test "$?" -ne 0; then
echo "$USAGE" >&2
exit 1
fi
eval set -- "$options"
logfile="driver-check-report.txt"
while :; do
case "$1" in
-o | --out)
logfile="$2"
shift 2
;;
-h | --help)
echo "${0##*/} $VERSION"
echo "$USAGE"
echo
echo "Please report bugs and enhancement requests to $MAINTAINER"
exit 0
;;
--)
shift
break
;;
esac
done
if test $# -gt 0; then
echo "Unrecognized arguments: $*" >&2
echo "$USAGE" >&2
exit 1
fi
find_depmod
check_system
# set up redirection
if test $logfile != "-"; then
if test -e "$logfile"; then
mv -f "$logfile" "$logfile~"
fi
if test -e /proc/self; then
exec 99> >(cat >"$logfile")
exec 1>&99
exec 2> >(tee -a /proc/self/fd/99 >&2)
else
exec 1>"$logfile"
exec 2>"$logfile"
warning "/proc not mounted"
fi
fi
echo "${0##*/} $VERSION started at $(date -R)" >&2
smt=$(rpm -q --qf '%{n}-%{v}-%{r}\n' module-init-tools) || \
smt=$(rpm -q --qf '%{n}-%{v}-%{r}\n' suse-module-tools)
check_rpm "$smt"
mkdir -p "$tmp/rpms"
found_kernel=false
for rpm in $(rpm -qa --qf '%{n}-%{v}-%{r}\n' 'kernel-*' '*-kmp-*' | \
/usr/lib/rpm/rpmsort); do
case "$rpm" in
kernel-source-* | kernel-syms-* | kernel-*-debug* | kernel-*-man-* | \
kernel-*-devel-* | kernel-firmware-* | kernel-coverage-* | \
kernel-docs-* | kernel-devel-* | kernel-macros-* | kernel-install-tools-*)
continue
esac
# store the filelist to speed up file_owner()
rpm -ql "$rpm" >"$tmp/rpms/$rpm"
check_rpm "$rpm"
case "$rpm" in
kernel-*)
check_kernel_package "$rpm"
found_kernel=true
;;
*-kmp-*)
check_kmp "$rpm"
;;
esac
done
if ! $found_kernel; then
warning "no kernel package found"
fi
for krel in /lib/modules/*/kernel; do
krel=${krel%/kernel}
krel=${krel##*/}
check_krel "$krel"
done
modules=($(find /lib/modules/ -name '*.ko' -o -name '*.ko.[gx]z' -o -name '*.ko.zst'))
for module in "${modules[@]}"; do
check_ko "$module"
done
echo "Found $errors error(s) and $warnings warning(s)" >&2
if test "$logfile" != -; then
echo "Report written to $logfile at $(date -R)" >&2
else
echo "Report finished at $(date -R)" >&2
fi
if test $errors -eq 0; then
exit 0
else
exit 1
fi
07070100000009000081ED00000000000000000000000166D1C31D00000604000000000000000000000000000000000000002D00000000suse-module-tools-16.0.50/get_dracut_drivers#! /bin/bash
# This code reads a list of modules from stdin, and takes the
# content of the dracut configuration files as argv[1].
# It evaluates the dracut configuration to set the module-related
# configuration variables add_drivers etc.
# It appends the gathered module names to the input, and
# filters the result using the regex from the omit_drivers variable.
# The code is meant to be executed with decreased privileges,
# in order to avoid sourcing arbitrary scripts as root.
[[ "${WM2_VERBOSE:-0}" -le 2 ]] || set -x
ME=${0##*/}
add_drivers=""
force_drivers=""
omit_drivers=""
drivers=""
eval "$1" ||
echo "$0: error evaluating dracut configuration" >&2
# sanitize omit_drivers; code similar to dracut.sh 059
# filter out empty lines; also handle the case where omit_drivers is empty
omit_drivers_corrected="^[[:space:]]*$"
for d in $omit_drivers; do
[[ " $drivers $add_drivers " == *\ $d\ * ]] && continue
[[ " $drivers $force_drivers " == *\ $d\ * ]] && continue
omit_drivers_corrected+="|$d"
done
if [[ "${WM2_VERBOSE:-0}" -gt 0 ]]; then
echo "$ME: drivers='$drivers'" >&2
echo "$ME: add_drivers='$add_drivers'" >&2
echo "$ME: force_drivers='$force_drivers'" >&2
echo "$ME: omit_drivers='$omit_drivers'" >&2
echo "$ME: omit_drivers_corrected='$omit_drivers_corrected'" >&2
fi
# The sed command below converts space-separated lists to newline-separated
{
cat
echo $drivers $add_drivers $force_drivers
} |
sed -E 's/[[:space:]]+/\n/g;s/\n*$//' |
grep -Ev "$omit_drivers_corrected"
0707010000000A000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000002C00000000suse-module-tools-16.0.50/kernel-scriptlets0707010000000B000081A400000000000000000000000166D1C31D00000C7E000000000000000000000000000000000000003800000000suse-module-tools-16.0.50/kernel-scriptlets/cert-script#!/bin/sh
op=${0##*-}
ca_check=""
certs=""
while true ; do
case $1 in
--ca-check)
ca_check="$2"
shift
;;
--certs)
certs="$2"
shift
;;
*) break
;;
esac
shift
done
is_efi () {
# All shells supported as /bin/sh under SUSE support "local"
# shellcheck disable=SC3043
local msg rc=0
# The below statement fails if mokutil isn't installed or UEFI is unsupported.
# It doesn't fail if UEFI is available but secure boot is off.
msg="$(mokutil --sb-state 2>&1)" || rc=$?
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo "$msg"
return $rc
}
if ! is_efi; then
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || \
echo "$0: system doesn't support UEFI, skipping certificate handling" >&2
exit 0
fi
if [ ! -w /sys/firmware/efi/efivars ]; then
mkdir -p /run/suse-kernel-rpm-scriptlets
if [ -n "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || \
[ ! -e /run/suse-kernel-rpm-scriptlets/cert-warning ]; then
echo "$0: efivarfs is not writable, skipping certificate handling" >&2
fi
touch /run/suse-kernel-rpm-scriptlets/cert-warning
exit 0
fi
run_mokutil () {
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo mokutil "$@" >&2
mokutil "$@"
}
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo "cert $op" ca-check: "$ca_check" certs: "$certs" -- "$@" >&2
script_rc=0
case $op in
pre)
;;
post)
MOK_ARGS=""
# Only apply CA check on the kernel package certs (bsc#1173115)
if [ -n "$ca_check" ] && mokutil -h | grep -q "ca-check"; then
MOK_ARGS="${MOK_ARGS} --ca-check"
fi
# Kernel key needs to be enrolled even if it's in the kernel keyring (bsc#1191480)
if [ -n "$ca_check" ] && mokutil -h | grep -q "ignore-keyring"; then
MOK_ARGS="${MOK_ARGS} --ignore-keyring"
fi
# XXX: Only call mokutil if UEFI and shim are used
for cert in $certs; do
cert="/etc/uefi/certs/${cert}.crt"
# Word splitting is intended here
# shellcheck disable=SC2086
run_mokutil --import "$cert" --root-pw ${MOK_ARGS}
rc=$?
if [ $rc != 0 ] ; then
script_rc=$rc
echo "Failed to import $cert" >&2
fi
done
;;
preun)
for cert in $certs; do
cert="/etc/uefi/certs/${cert}.crt"
# Here we queue the certificate for de-enrollment. If by postun
# the certificate does not exist last kernel using it was
# removed and we can queue it for de-enrollment with mokutil.
# The .delete file must exist after package is removed so we cannot
# add it to the rpm filelist to be removed by rpm. And if script is
# interrupted it may remain. Do not fail when it exists (bsc#1191804).
ln -f "$cert" "$cert.delete" ||:
done
;;
postun)
for cert in $certs; do
cert="/etc/uefi/certs/${cert}.crt"
# If the certificate is now gone there are no users left
# queue -> de-enrollment
if ! test -e "$cert"; then
run_mokutil --delete "$cert.delete" --root-pw
rc=$?
if [ $rc != 0 ] ; then
script_rc=$rc
echo "Failed to delete $cert" >&2
fi
fi
rm "$cert.delete" || script_rc=$?
done
;;
posttrans)
;;
*)
echo Unknown scriptlet "$op" >&2
script_rc=255
;;
esac
exit $script_rc
# vim: set sts=4 sw=4 ts=8 noet:
0707010000000C000081A400000000000000000000000166D1C31D000009BB000000000000000000000000000000000000003900000000suse-module-tools-16.0.50/kernel-scriptlets/inkmp-script#!/bin/bash
op=${0##*-}
name=""
version=""
release=""
kernelrelease=""
flavor=""
variant=""
image=""
certs=""
while true ; do
case $1 in
--name)
name="$2"
shift
;;
--version)
version="$2"
shift
;;
--release)
release="$2"
shift
;;
--kernelrelease)
kernelrelease="$2"
shift
;;
--flavor)
flavor="$2"
shift
;;
--variant)
variant="$2"
shift
;;
--usrmerged)
# ignored for legacy compat reasons
shift
;;
--image)
image="$2"
shift
;;
--certs)
certs="$2"
shift
;;
*) break
;;
esac
shift
done
wm2=/usr/lib/module-init-tools/weak-modules2
nvr="$name"-"$version"-"$release"
run_wm2() {
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo wm2 "$@" >&2
$wm2 "$@"
}
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || \
echo KMP "$op" name: "$name" version: "$version" release: "$release" \
kernelrelease: "$kernelrelease" flavor: "$flavor" variant: "$variant" \
image: "$image" certs: "$certs" -- "$@" >&2
script_rc=0
case $op in
pre)
;;
post)
if [ -x "$wm2" ]; then
rpm -ql "$nvr" | INITRD_IN_POSTTRANS=1 run_wm2 --add-kernel-modules "$kernelrelease-$flavor" || script_rc=$?
fi
;;
preun)
rpm -ql "$nvr" | sed -n '/\.ko\(\.xz\|\.gz\|\.zst\)\?$/p' > "/var/run/rpm-$nvr-modules" || script_rc=$?
;;
postun)
mapfile -t modules < "/var/run/rpm-$nvr-modules"
rm -f "/var/run/rpm-$nvr-modules"
# Only pass modules to weak-modules2 which have actually been removed.
# Modules can still exist e.g. if a kernel subpackage is updated and
# only the build number changed (kernel release remained the same);
# in this case the resulting list of modules will actually be empty.
# This is similar to the check for $system_map in rpm-script.
for __i in "${!modules[@]}"; do
if [[ -e "${modules[$__i]}" ]]; then
unset -v 'modules["$__i"]'
fi
done
if [[ "${#modules[@]}" == 0 ]]; then
echo "$nvr: no kernel modules removed" >&2
exit 0
fi
if [ -x "$wm2" ]; then
printf '%s\n' "${modules[@]}" | run_wm2 --remove-kernel-modules "$kernelrelease-$flavor" || script_rc=$?
fi
;;
posttrans)
if test -x /usr/lib/module-init-tools/regenerate-initrd-posttrans; then
/bin/bash -c 'set +e; /usr/lib/module-init-tools/regenerate-initrd-posttrans' || script_rc=$?
fi
;;
*)
echo Unknown scriptlet "$op" >&2
exit 255
;;
esac
exit $script_rc
# vim: set sts=4 sw=4 ts=8 noet:
0707010000000D000081A400000000000000000000000166D1C31D000006C7000000000000000000000000000000000000003700000000suse-module-tools-16.0.50/kernel-scriptlets/kmp-script#!/bin/bash
op=${0##*-}
name=""
version=""
release=""
kernelrelease=""
flavor=""
while true ; do
case $1 in
--name)
name="$2"
shift
;;
--version)
version="$2"
shift
;;
--release)
release="$2"
shift
;;
--kernelrelease)
kernelrelease="$2"
shift
;;
--flavor)
flavor="$2"
shift
;;
--usrmerged)
# ignored for legacy compat reasons
shift
;;
*) break
;;
esac
shift
done
wm2=/usr/lib/module-init-tools/weak-modules2
nvr="$name"-"$version"-"$release"
run_wm2() {
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo wm2 "$@" >&2
$wm2 "$@"
}
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || \
echo KMP "$op" name: "$name" version: "$version" release: "$release" \
kernelrelease: "$kernelrelease" flavor: "$flavor" -- "$@" >&2
script_rc=0
case $op in
pre)
;;
post)
if [ -x $wm2 ]; then
INITRD_IN_POSTTRANS=1 run_wm2 --add-kmp "$nvr" || script_rc=$?
fi
;;
preun)
rpm -ql "$nvr" | sed -n '/\.ko\(\.xz\|\.gz\|\.zst\)\?$/p' > "/var/run/rpm-$nvr-modules" || script_rc=$?
;;
postun)
mapfile -t modules < "/var/run/rpm-$nvr-modules"
rm -f "/var/run/rpm-$nvr-modules"
if [ ${#modules[*]} = 0 ]; then
echo "WARNING: $nvr does not contain any kernel modules" >&2
exit 0
fi
if [ -x $wm2 ]; then
printf '%s\n' "${modules[@]}" | run_wm2 --remove-kmp "$nvr" || script_rc=$?
fi
;;
posttrans)
if test -x /usr/lib/module-init-tools/regenerate-initrd-posttrans; then
/bin/bash -c 'set +e; /usr/lib/module-init-tools/regenerate-initrd-posttrans' || script_rc=$?
fi
;;
*)
echo Unknown scriptlet "$op" >&2
exit 255
;;
esac
exit $script_rc
# vim: set sts=4 sw=4 ts=8 noet:
0707010000000E000081A400000000000000000000000166D1C31D000026A8000000000000000000000000000000000000003700000000suse-module-tools-16.0.50/kernel-scriptlets/rpm-script#!/bin/sh
op=${0##*-}
name=""
version=""
release=""
kernelrelease=""
flavor=""
variant=""
image=""
certs=""
while true ; do
case $1 in
--name)
name="$2"
shift
;;
--version)
version="$2"
shift
;;
--release)
release="$2"
shift
;;
--kernelrelease)
kernelrelease="$2"
shift
;;
--flavor)
flavor="$2"
shift
;;
--variant)
variant="$2"
shift
;;
--usrmerged)
# ignored for legacy compat reasons
shift
;;
--image)
image="$2"
shift
;;
--certs)
certs="$2"
shift
;;
*) break
;;
esac
shift
done
wm2=/usr/lib/module-init-tools/weak-modules2
modules_dir=/usr/lib/modules/$kernelrelease-$flavor
system_map=${modules_dir}/System.map
# During the image creation (KIWI) we can install the kernel before
# there is any bootloader installed. If we detect that sdbootutil
# package is installed, but the bootloader installation test fails,
# then we assume that sdbootutil will be used.
if [ -e "/usr/bin/sdbootutil" ] && { /usr/bin/sdbootutil is-installed || [ -e /.buildenv ]; } then
is_sdbootutil=1
fi
trigger_purge_kernels() {
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo Triggering purge-kernels >&2
touch /boot/do_purge_kernels
}
disarm_purge_kernels() {
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo Disarming purge-kernels >&2
rm -f /boot/do_purge_kernels
}
run_wm2() {
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || echo wm2 "$@" >&2
$wm2 "$@"
}
message_install_bl () {
echo "You may need to setup and install the boot loader using the"
echo "available bootloader for your platform (e.g. grub, lilo, zipl, ...)."
}
update_bootloader_entry() {
if [ ! -e /.buildenv ] ; then
if [ -n "$is_sdbootutil" ]; then
# Transactional systems use the snapper plugins to add new
# bootloader entries, and this same hook is used in normal
# Tumbleweed installations that uses btrfs.
#
# For transactional systems we should not mangle with the
# /boot inside the transaction, to keep the atomicity
# promise.
#
# For non-transactional ones, we will generate the boot
# entries here, ignoring the snapper plugin, so we have a
# chance of implementing FDE in case that the system is
# not using btrfs.
if [ -z "$TRANSACTIONAL_UPDATE" ]; then
/usr/bin/sdbootutil --image="$image" add-kernel "$kernelrelease-$flavor"
/usr/bin/sdbootutil set-default-snapshot
fi
elif [ -f /etc/fstab ] ; then
# only run the bootloader if the usual bootloader configuration
# files are there -- this is different on every architecture
initrd=initrd-"$kernelrelease"-"$flavor"
if [ "$flavor" = rt ]; then
default=force-default
fi
# Note: the 2nd condition is for removing the bootloader
# entry for an uninstalled kernel.
if [ -e "/boot/$initrd" ] || [ ! -e "$modules_dir" ]; then
[ -e "/boot/$initrd" ] || initrd=
if [ -x /usr/lib/bootloader/bootloader_entry ]; then
/usr/lib/bootloader/bootloader_entry \
add \
"$flavor" \
"$kernelrelease"-"$flavor" \
"$image"-"$kernelrelease"-"$flavor" \
"$initrd" \
"$default" || script_rc=$?
else
message_install_bl
fi
fi
else
message_install_bl
fi
fi
}
check_space_in_boot() {
# see bug #259303
# this script runs when the kernel gets updated with YaST
# YaST calls rpm always with -U
# -U replaces all packages with the new one
# rpm removes the files from the old packages after the postinstall script ran
# this will double the required space below /boot
# remove the files from the old packages to make room for the new initrd
# rpm may complain about low disk space if /boot/vmlinux does not fit
#
# When sdbootutil is used, the kernel and initrd should be living
# in sysroot, and transferred into /boot later by the snapper
# plugin (that calls sdbootutil add-all-kernels)
#
if [ "$YAST_IS_RUNNING" != "" ]; then
mydf="$( POSIXLY_CORRECT=1 df -P /boot/ | awk '/^(\/|-[[:blank:]])/{ print $4}' )"
if test "$mydf" != "" ; then
echo "Free diskspace below /boot: $mydf blocks"
# echo "512 byte blocks: $(( 2 * 1024 * 20 ))"
if test "$mydf" -lt "40960" ; then
echo "make room for new kernel '$flavor' because there are less than 20MB available."
# disabled because it breaks patch rpms
#rm -fv /boot/"$image"-*-"$flavor"
rm -fv /boot/initrd-*-"$flavor"
fi
fi
fi
}
copy_or_link_legacy_files() {
# compat stuff for /boot.
# if /boot and /usr are not separate partitions we can just link
# the kernel there to save space. Otherwise copy.
if mountpoint -q /boot || mountpoint -q /usr; then
copy_or_link="cp -a --remove-destination"
separate_boot='1'
else
copy_or_link="ln -sf"
separate_boot=""
fi
for x in "$image" sysctl.conf System.map config; do
if [ "$separate_boot" = 1 ] || [ ! -e "/boot/$x-$kernelrelease-$flavor" ]; then
$copy_or_link "..$modules_dir/$x" "/boot/$x-$kernelrelease-$flavor" || script_rc=$?
if [ -e "$modules_dir/.$x.hmac" ]; then
$copy_or_link "..$modules_dir/.$x.hmac" "/boot/.$x-$kernelrelease-$flavor".hmac || script_rc=$?
fi
fi
done
for x in /boot/"$image" /boot/initrd; do
rm -f "$x"
ln -s "${x##*/}-$kernelrelease-$flavor" "$x"
done
rm -f /boot/.vmlinuz.hmac
[ ! -e "/boot/.vmlinuz-$kernelrelease-$flavor.hmac" ] ||
ln -s ".vmlinuz-$kernelrelease-$flavor.hmac" /boot/.vmlinuz.hmac
}
check_arm_pagesize() {
# On AArch64 we switched from 64k PAGE_SIZE to 4k PAGE_SIZE. Unfortunately
# btrfs can only use file systems created with the same PAGE_SIZE. So we
# check if the user has any btrfs file systems mounted and refuse to install
# in that case.
# FORCE_4K: The user knows what he's doing, let him be.
# YAST_IS_RUNNING: We're probably test installing the kernel, that should succeed
if [ "$flavor" != default ] || [ "$( uname -m )" != aarch64 ] || \
[ "$FORCE_4K" = 1 ] || [ "$YAST_IS_RUNNING" = instsys ] || \
! zgrep -q CONFIG_ARM64_64K_PAGES=y /proc/config.gz; then
return
fi
cat >&2 <<-EOF
You are running on a 64kb PAGE_SIZE kernel. The default kernel
switched to 4kb PAGE_SIZE which will prevent it from mounting btrfs
or the swap partition.
To ensure that your system still works, I am refusing to install
this kernel. If you want to force installation regardlesss, reinstall
with the environment variable FORCE_4K set to 1.
To stay with a 64kb PAGE_SIZE kernel, please follow these steps:
$ zypper in kernel-64kb
[ reboot into the new kernel ]
$ zypper rm kernel-default
You will then be on the 64kb PAGE_SIZE kernel and can update your
system normally.
EOF
script_rc=1
}
run_cert_script() {
[ -z "$certs" ] || \
"/usr/lib/module-init-tools/kernel-scriptlets/cert-$op" \
--ca-check 1 --certs "$certs" "$@" || \
script_rc=$?
}
[ -z "$KERNEL_PACKAGE_SCRIPT_DEBUG" ] || \
echo "$op" name: "$name" version: "$version" release: "$release" \
kernelrelease: "$kernelrelease" flavor: "$flavor" variant: "$variant" \
image: "$image" certs: "$certs" -- "$@" >&2
script_rc=0
case $op in
pre)
[ -n "$is_sdbootutil" ] || check_space_in_boot
check_arm_pagesize
run_cert_script "$@"
;;
post)
# Flag to trigger /etc/init.d/purge-kernels on next reboot (fate#312018)
# ... but avoid the first installation (bsc#1180058)
if [ "$1" -gt 1 ]; then
trigger_purge_kernels || script_rc=$?
fi
[ -n "$is_sdbootutil" ] || copy_or_link_legacy_files
# Add symlinks of compatible modules to /lib/modules/$krel/weak-updates/,
# run depmod and dracut
if [ -x $wm2 ]; then
run_wm2 --add-kernel "$kernelrelease"-"$flavor" || script_rc=$?
else
echo "$wm2 does not exist, please run depmod and dracut manually" >&2
script_rc=1
fi
[ "$INITRD_IN_POSTTRANS" ] || update_bootloader_entry
run_cert_script "$@"
;;
preun)
[ ! -L /boot/.vmlinuz.hmac ] ||
[ "$(readlink /boot/.vmlinuz.hmac)" != ".vmlinuz-$kernelrelease-$flavor.hmac" ] ||
rm -f /boot/.vmlinuz.hmac
run_cert_script "$@"
;;
postun)
# If a kernel package is removed before the next reboot, we assume that the
# multiversion variable in /etc/zypp/zypp.conf is not configured and we delete
# the flag again (fate#312018)
disarm_purge_kernels
if [ -e "$system_map" ]; then
# the same package was reinstalled or just rebuilt, otherwise the files
# would have been deleted by now
# do not remove anything in this case (bnc#533766)
exit 0
fi
# Remove symlinks from "$modules_dir"/weak-updates/.
if [ -x $wm2 ]; then
run_wm2 --remove-kernel "$kernelrelease"-"$flavor"
fi
# can't check $1 as kernel is usually multiversion. So need to check if
# that particular kernel was actually removed from disk.
if [ -n "$is_sdbootutil" ] && [ ! -e /.buildenv ] \
&& [ ! -e /lib/modules/"$kernelrelease-$flavor/$image" ]; then
if [ -z "$TRANSACTIONAL_UPDATE" ]; then
/usr/bin/sdbootutil --image="$image" remove-kernel "$kernelrelease-$flavor"
fi
# remove fstab check once perl-Bootloader can cope with it
elif [ -f /etc/fstab ]; then
if [ -x /usr/lib/bootloader/bootloader_entry ]; then
/usr/lib/bootloader/bootloader_entry \
remove \
"$flavor" \
"$kernelrelease"-"$flavor" \
"$image"-"$kernelrelease"-"$flavor" \
initrd-"$kernelrelease"-"$flavor"
fi
fi
run_cert_script "$@"
;;
posttrans)
if [ -x /usr/lib/module-init-tools/regenerate-initrd-posttrans ]; then
/bin/bash -c 'set +e; /usr/lib/module-init-tools/regenerate-initrd-posttrans' || script_rc=$?
fi
[ ! "$INITRD_IN_POSTTRANS" ] || update_bootloader_entry
;;
*)
echo Unknown scriptlet "$op" >&2
exit 255
;;
esac
exit $script_rc
# vim: set sts=4 sw=4 ts=8 noet:
0707010000000F000081A400000000000000000000000166D1C31D00000190000000000000000000000000000000000000003000000000suse-module-tools-16.0.50/kernel-sysctl.service[Unit]
Description=Apply Kernel Variables for %v
DefaultDependencies=no
Conflicts=shutdown.target
Before=systemd-sysctl.service
After=systemd-modules-load.service
ConditionPathExists=/usr/lib/modules/%v/sysctl.conf
RequiresMountsFor=/boot
[Service]
Type=oneshot
ExecStart=/usr/lib/systemd/systemd-sysctl /usr/lib/modules/%v/sysctl.conf
RemainAfterExit=yes
[Install]
WantedBy=systemd-sysctl.service
07070100000010000081ED00000000000000000000000166D1C31D000006BA000000000000000000000000000000000000002900000000suse-module-tools-16.0.50/lsinitrd-quick#! /bin/bash
trap 'echo error in $BASH_COMMAND >&2; exit 1' ERR
MG_CPIO=$'\x71\xc7'
MG_CPIO1=070701
MG_GZ=$'\x1f\x8b'
MG_GZ1=$'\x1f\x9e'
MG_BZ="BZh"
MG_XZ=$'\xfd7zXZ'
MG_LZ4=$'\x02\x21'
MG_LZO=$'\x89LZO'
MG_ZSTD=$'\x28\xB5\x2F\xFD'
check_fmt() {
case $1 in
$MG_CPIO*|$MG_CPIO1)
echo cpio;;
$MG_GZ*|$MG_GZ1*)
echo gzip;;
$MG_BZ*)
echo bz2;;
$MG_XZ*)
echo xz;;
$MG_LZ4*)
echo lz4;;
$MG_LZO*)
echo lzo;;
$MG_ZSTD*)
echo zstd;;
esac
}
uncomp() {
case $1 in
$MG_CPIO*|$MG_CPIO1)
cat;;
$MG_GZ*)
zcat;;
$MG_BZ*)
bzcat;;
$MG_XZ*)
xzcat;;
$MG_LZ4*)
lz4 -d -c;;
$MG_LZO*)
lzop -d -c;;
$MG_ZSTD*)
zstd -d -c;;
esac
}
check_size () {
[[ "$SIZE" -gt $1 ]] || {
echo "$INITRD: file too small, cannot read magic" >&2
exit 1
}
}
INITRD=$1
[[ "$INITRD" && -f "$INITRD" ]] || {
echo "$INITRD: file not found" >&2
exit 1
}
SIZE=$(stat -L -c %s "$INITRD")
check_size 6
read -r -d'\0' -n 6 MAGIC <"$INITRD"
FMT=$(check_fmt "$MAGIC")
BYTES=0
if [[ ! $FMT ]]; then
echo "$INITRD: unknown format" >&2
exit 1
elif [[ "$FMT" = cpio ]]; then
# check for "early CPIO" image
TMPFILE=$(mktemp "${TMPDIR:-/tmp}/initrd-XXXXXX")
EARLY=$(cpio -t early_cpio "kernel/*/microcode/*.bin" \
<"$INITRD" 2>"$TMPFILE")
BLOCKS=$(cut -d" " -f1 "$TMPFILE")
rm -f "$TMPFILE"
if [[ -z "$EARLY" ]]; then
# just plain uncompressed cpio
cpio -t <"$INITRD" 2>/dev/null
exit
fi
BYTES=$((512*BLOCKS))
check_size $((BYTES + 6))
read -r -d '\0' -n 6 MAGIC \
< <(dd if="$INITRD" bs=1b count=1 skip=$BLOCKS 2>/dev/null)
fi
tail -c +$((BYTES + 1)) "$INITRD" | uncomp "$MAGIC" | cpio -t 2>/dev/null
07070100000011000081A400000000000000000000000166D1C31D0000047B000000000000000000000000000000000000002800000000suse-module-tools-16.0.50/macros.initrd# Packages installing files and binaries that end up in the initrd should
# call these macros in their post(trans) scriptlets to have the initrd
# regenerated
# See also fate#313506
# mkdir is part of the coreutils package. When the post scriptlet of some
# package using regenerate_initrd_post is run, the mkdir command may be
# unavailable. This is non-fatal, because in all cases that matter for initrd
# generation, coreutils will be part of the same transaction and will trigger
# an initrd rebuild later. See boo#1217775.
#
# Anyway, packages can use the regenerate_initrd_requires macro below to make
# sure mkdir is available in their post scriptlet. Use if this macro is not
# mandatory.
%regenerate_initrd_requires \
Requires(post): /usr/bin/mkdir \
%nil
%regenerate_initrd_post \
! command -v mkdir >/dev/null || mkdir -p /run/regenerate-initrd/; \
[ ! -d /run/regenerate-initrd ] || > /run/regenerate-initrd/all; \
%nil
%regenerate_initrd_posttrans \
if test -x /usr/lib/module-init-tools/regenerate-initrd-posttrans; then \
/bin/bash -c 'set +e; /usr/lib/module-init-tools/regenerate-initrd-posttrans' \
fi \
%nil
07070100000012000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000002800000000suse-module-tools-16.0.50/modprobe.conf07070100000013000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000003000000000suse-module-tools-16.0.50/modprobe.conf/aarch6407070100000014000081A400000000000000000000000166D1C31D00000069000000000000000000000000000000000000004800000000suse-module-tools-16.0.50/modprobe.conf/aarch64/50-blacklist-efifb.conf# does not work on aarch64 because PCI host bridge driver
# remaps the bars (bsc#996080)
blacklist efifb
07070100000015000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000003000000000suse-module-tools-16.0.50/modprobe.conf/armv7hl07070100000016000081A400000000000000000000000166D1C31D00000053000000000000000000000000000000000000003C00000000suse-module-tools-16.0.50/modprobe.conf/armv7hl/40-apm.conf# /dev/apm_bios Advanced Power Management BIOS
install char-major-10-134 /bin/true
07070100000017000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000002F00000000suse-module-tools-16.0.50/modprobe.conf/common07070100000018000081A400000000000000000000000166D1C31D00000057000000000000000000000000000000000000003C00000000suse-module-tools-16.0.50/modprobe.conf/common/10-scsi.conf# load sd_mod and sg early (bsc#1216070, bsc#1036463)
softdep scsi_mod post: sd_mod sg
07070100000019000081A400000000000000000000000166D1C31D00000512000000000000000000000000000000000000004B00000000suse-module-tools-16.0.50/modprobe.conf/common/10-unsupported-modules.conf#
# Every kernel module has a flag 'supported'. If this flag is not set loading
# this module will taint your kernel. You will not get much help with a kernel
# problem if your kernel is marked as tainted. In this case you firstly have
# to avoid loading of unsupported modules.
#
# Setting allow_unsupported_modules 1 enables loading of unsupported modules
# by modprobe, setting allow_unsupported_modules 0 disables it. This can
# be overriden using the --allow-unsupported-modules commandline switch.
#
# CAUTION: In SUSE Linux Enterprise products, loading unsupported modules
# is disabled by default. Re-enabling it is discouraged, as it may compromise
# enterprise product supportability.
#
# SLE users, please read the documentation about kernel module support in the
# SUSE Linux Enterprise Server Administration guide:
#
# https://www.suse.com/documentation/sles-15/book_sle_admin/data/sec_admsupport_kernel.html
#
# NOTE: Modules from SUSE partners delivered under the SUSE SolidDriver Program
# are marked as "externally supported". Such modules are not regarded as
# "unsupported" and thus unaffected by the "allow_unsupported_modules" flag.
#
# On openSUSE, the kernel doesn't have the feature to recognize supported modules,
# and this flag has no effect.
allow_unsupported_modules 0
0707010000001A000081A400000000000000000000000166D1C31D00000015000000000000000000000000000000000000004400000000suse-module-tools-16.0.50/modprobe.conf/common/40-alias-autofs.confalias autofs autofs4
0707010000001B000081A400000000000000000000000166D1C31D0000000F000000000000000000000000000000000000004100000000suse-module-tools-16.0.50/modprobe.conf/common/40-alias-nfs.confalias nfs4 nfs
0707010000001C000081A400000000000000000000000166D1C31D00000051000000000000000000000000000000000000004400000000suse-module-tools-16.0.50/modprobe.conf/common/40-alias-paride.conf# network block device
alias block-major-45 pd
alias block-major-47 pf
0707010000001D000081A400000000000000000000000166D1C31D000002D8000000000000000000000000000000000000004400000000suse-module-tools-16.0.50/modprobe.conf/common/40-bttv_skip_it.conf# These devices have bt878 chip without PCI Subsystem ID. Without that info bttv
# does not know how to treat them properly. Therefore we disable autoloading of
# modules for these devices.
# See https://bugzilla.novell.com/show_bug.cgi?id=149588
# To enable your device create a hardware configuration file for your device.
# See man hwup for details.
# You will probably have to specify an option to identify your card. Have a
# look in /usr/src/linux/Documentation/video4linux/CARDLIST.bttv.
alias pci:v0000109Ed0000036Esv00000000sd00000000bc04sc00i00 bttv_skip_it
alias pci:v0000109Ed00000878sv00000000sd00000000bc04sc80i00 bttv_skip_it
install bttv_skip_it echo "module alias skipped (bt878 chip without PCI Subsystem ID)"
0707010000001E000081A400000000000000000000000166D1C31D00000086000000000000000000000000000000000000003C00000000suse-module-tools-16.0.50/modprobe.conf/common/40-cifs.conf# cifs calls load_nls()
# FIXME: determine the proper nls module based on fstab options instead
# SUSE INITRD: cifs REQUIRES nls_utf8
0707010000001F000081A400000000000000000000000166D1C31D000001A8000000000000000000000000000000000000005200000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-acpi_power_meter.conf# Blacklist acpi_power_meter. The device requires processing ACPI AML code to
# update average power measurement. This may be at a high frequency and has
# been observed executing every 500ms. This has a noticable impact on latency
# sensitive applications that experience delays on workqueue executions. As
# very few applications require the data, blacklist the module by default
# (bnc#974373)
blacklist acpi_power_meter
07070100000020000081A400000000000000000000000166D1C31D00000029000000000000000000000000000000000000004700000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-bfusb.conf# Blue Fritz! USB dongle
blacklist bfusb
07070100000021000081A400000000000000000000000166D1C31D0000004E000000000000000000000000000000000000004900000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-dpt_i2o.conf# This module seems to be good for nothing. See bug 129301.
blacklist dpt_i2o
07070100000022000081A400000000000000000000000166D1C31D000000AF000000000000000000000000000000000000004700000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-evbug.conf# this is a debugging module which should only be loaded manually
# (security sensitive - keystrokes logged to syslog)
# 2021: only shipped on ppc64 / ppc64le
blacklist evbug
07070100000023000081A400000000000000000000000166D1C31D000005C5000000000000000000000000000000000000004400000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-fb.conf# list all framebuffer drivers, some of them tend to crash during boot
# they are either compiled into the kernel, or vesafb is active
# X works fine without them, rcfbset can load them if really required
# sed -e '/\/drivers\/video\/.*\.\(o\|ko\)$/{s@^.*/@@;s@\..*$@@;p};d'
# See also bsc#106715
blacklist backlight
blacklist lcd
# armv7hl still ships these
blacklist sm501fb
# bsc#846218
blacklist udlfb
## 2021: The drivers below aren't shipped any more
# blacklist aty128fb
# blacklist atyfb
# blacklist cyber2000fb
# blacklist g450_pll
# blacklist hgafb
# blacklist i2c-matroxfb
# blacklist i810fb
# blacklist intelfbdrv
# blacklist intelfbhw
# blacklist matroxfb_accel
# blacklist matroxfb_base
# blacklist matroxfb_crtc2
# blacklist matroxfb_DAC1064
# blacklist matroxfb_g450
# blacklist matroxfb_maven
# blacklist matroxfb_misc
# blacklist matroxfb_proc
# blacklist matroxfb_Ti3026
# blacklist mdacon
# blacklist neofb
# blacklist pm2fb
# blacklist pm3fb
# blacklist radeonfb
# blacklist rivafb
# blacklist sisfb
# blacklist sstfb
# blacklist tdfxfb
# blacklist tridentfb
# blacklist vga16fb
# blacklist vgastate
# blacklist kyrofb
# blacklist arcfb
# blacklist cirrusfb
# blacklist gx1fb
# blacklist intelfb
# blacklist macmodes
# blacklist nvidiafb
# blacklist s1d13xxxfb
# blacklist savagefb
# blacklist arkfb
# blacklist carminefb
# blacklist gxfb
# blacklist hecubafb
# blacklist lxfb
# blacklist s3fb
# blacklist viafb
# blacklist vmlfb
# blacklist vt8623fb
07070100000024000081A400000000000000000000000166D1C31D00000083000000000000000000000000000000000000004500000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-mtd.conf# These mtd drivers should be loaded manually.
# bsc#51815
blacklist amd76xrom
blacklist l440gx
blacklist scb2_flash
blacklist pci
07070100000025000081A400000000000000000000000166D1C31D0000006A000000000000000000000000000000000000004800000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-netcls.conf# Module is affected by bsc#1210335 (CVE-2023-1829), prevent loading it unwittingly
blacklist cls_tcindex
07070100000026000081A400000000000000000000000166D1C31D000000E6000000000000000000000000000000000000004B00000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-pata_acpi.conf# pata_acpi is useful for certain limited cases but it tries to attach any
# controller with IDE class code causing more harm than good if loaded by
# default. Blacklist it so that it can be used selectively.
blacklist pata_acpi
07070100000027000081A400000000000000000000000166D1C31D0000007C000000000000000000000000000000000000004700000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-rndis.conf# RNDIS is considered insecure (bsc#1205767, jsc#PED-5731)
blacklist rndis_wlan
blacklist usb_f_rndis
blacklist rndis_host
07070100000028000081A400000000000000000000000166D1C31D00000051000000000000000000000000000000000000004900000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-usbcore.conf# usbcore ... module is loaded implicitly, ignore it otherwise
blacklist usbcore
07070100000029000081A400000000000000000000000166D1C31D000000B7000000000000000000000000000000000000004800000000suse-module-tools-16.0.50/modprobe.conf/common/50-blacklist-xircom.conf# tulip ... de4x5, xircom_tulip_cb, dmfe (...) handle same devices
blacklist de4x5
# At least 2.4.3 and later xircom_tulip doesn't have that conflict
# xircom_tulip_cb
blacklist dmfe
0707010000002A000081A400000000000000000000000166D1C31D00000066000000000000000000000000000000000000004800000000suse-module-tools-16.0.50/modprobe.conf/common/70-softdep-csiostor.conf# bsc#1100989: cxgb4 needs to be loaded before csiostor (Chelsio request)
softdep csiostor pre: cxgb4
0707010000002B000081A400000000000000000000000166D1C31D00000036000000000000000000000000000000000000004800000000suse-module-tools-16.0.50/modprobe.conf/common/70-softdep-dm_crypt.conf# dm-crypt requires essiv
softdep dm-crypt pre: essiv
0707010000002C000081A400000000000000000000000166D1C31D000000A3000000000000000000000000000000000000004800000000suse-module-tools-16.0.50/modprobe.conf/common/70-softdep-ehci_hcd.conf# "Warning! ehci_hcd should always be loaded before uhci_hcd and ohci_hcd, not
# after" (bnc#449853)
softdep uhci-hcd pre: ehci-hcd
softdep ohci-hcd pre: ehci-hcd
0707010000002D000081A400000000000000000000000166D1C31D000000AA000000000000000000000000000000000000004B00000000suse-module-tools-16.0.50/modprobe.conf/common/70-softdep-usb_storage.conf# uas devices can be unpredictably a fallback for both drivers must be present
# (bnc#862397)
# but avoid circular dependency (bsc#1168661)
softdep usb_storage post: uas
0707010000002E000081A400000000000000000000000166D1C31D000000B4000000000000000000000000000000000000004500000000suse-module-tools-16.0.50/modprobe.conf/common/80-options-cdrom.conf# There are repated reports of broken software polling the drive without using
# O_NONBLOCK fighting with the user trying to open the tray (boo#1165047).
options cdrom autoclose=0
0707010000002F000081A400000000000000000000000166D1C31D00000075000000000000000000000000000000000000004200000000suse-module-tools-16.0.50/modprobe.conf/common/80-options-ch.conf# SCSI changers can take 1h to initialize on module load,
# triggering udev timeouts (bnc#760274).
options ch init=0
07070100000030000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000002D00000000suse-module-tools-16.0.50/modprobe.conf/i38607070100000031000081A400000000000000000000000166D1C31D000000C5000000000000000000000000000000000000004100000000suse-module-tools-16.0.50/modprobe.conf/i386/40-alias-mwave.conf# Linux ACP modem (Mwave)
# /dev/modems/mwave MWave modem firmware upload
alias char-major-10-219 mwave
# options mwave mwave_3780i_irq=10 mwave_3780i_io=0x130 mwave_uart_irq=3 mwave_uart_io=0x2f8
07070100000032000081A400000000000000000000000166D1C31D0000007D000000000000000000000000000000000000004400000000suse-module-tools-16.0.50/modprobe.conf/i386/40-alias-thinkpad.conf# IBM thinkpad tpctl
# see /usr/share/doc/packages/tpctl/
alias char-major-10-170 thinkpad
# options thinkpad enable_smapi=0
07070100000033000081A400000000000000000000000166D1C31D00000053000000000000000000000000000000000000003900000000suse-module-tools-16.0.50/modprobe.conf/i386/40-apm.conf# /dev/apm_bios Advanced Power Management BIOS
install char-major-10-134 /bin/true
07070100000034000081A400000000000000000000000166D1C31D00000057000000000000000000000000000000000000003C00000000suse-module-tools-16.0.50/modprobe.conf/i386/40-sonypi.conf# sonypi driver (Sony laptops)
alias char-major-10-250 sonypi
options sonypi minor=250
07070100000035000081A400000000000000000000000166D1C31D00000020000000000000000000000000000000000000003D00000000suse-module-tools-16.0.50/modprobe.conf/i386/40-toshiba.confalias char-major-10-181 toshiba
07070100000036000081A400000000000000000000000166D1C31D000000F4000000000000000000000000000000000000004C00000000suse-module-tools-16.0.50/modprobe.conf/i386/50-blacklist-i82875p_edac.conf# For some bridges both intel-agp and i82875p_edac are loaded. If i82875p_edac
# is loaded first it will grab the device. Then intel-agp doesn't work.
# Therefore we disable automatic loading of 82875p_edac. (Bug 213840)
blacklist i82875p_edac
07070100000037000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000002E00000000suse-module-tools-16.0.50/modprobe.conf/ppc6407070100000038000081A400000000000000000000000166D1C31D00000058000000000000000000000000000000000000004700000000suse-module-tools-16.0.50/modprobe.conf/ppc64/80-options-ib_mthca.conf# catas recovery conflicts with eeh (bsc#456389)
options ib_mthca catas_reset_disable=1
07070100000039000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000002E00000000suse-module-tools-16.0.50/modprobe.conf/s390x0707010000003A000081A400000000000000000000000166D1C31D000001A3000000000000000000000000000000000000004400000000suse-module-tools-16.0.50/modprobe.conf/s390x/40-alias-netiucv.conf# Copied over from modprobe.conf.s390
# Dropped obviously outdated statements.
alias iucv0 netiucv
alias iucv1 netiucv
alias iucv2 netiucv
alias iucv3 netiucv
alias iucv4 netiucv
alias iucv5 netiucv
alias iucv6 netiucv
alias iucv7 netiucv
alias iucv8 netiucv
alias iucv9 netiucv
0707010000003B000081A400000000000000000000000166D1C31D0000001B000000000000000000000000000000000000004200000000suse-module-tools-16.0.50/modprobe.conf/s390x/40-alias-xpram.confalias block-major-35 xpram
0707010000003C000081A400000000000000000000000166D1C31D0000006A000000000000000000000000000000000000004900000000suse-module-tools-16.0.50/modprobe.conf/s390x/50-blacklist-chsc_sch.conf# Blacklist the IBM s390 module for I/O dynamic configuration support
# Bug bnc#478601
blacklist chsc_sch
0707010000003D000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000002F00000000suse-module-tools-16.0.50/modprobe.conf/x86_640707010000003E000081A400000000000000000000000166D1C31D00000022000000000000000000000000000000000000004500000000suse-module-tools-16.0.50/modprobe.conf/x86_64/40-alias-parport.confalias parport_lowlevel parport_pc
0707010000003F000081A400000000000000000000000166D1C31D0000004B000000000000000000000000000000000000004A00000000suse-module-tools-16.0.50/modprobe.conf/x86_64/40-alias-qemu-acpiphp.conf# QEMU/KVM can handle ACPI Hotplugging
alias dmi:bvnQEMU:bvrQEMU:* acpiphp
07070100000040000081A400000000000000000000000166D1C31D00000134000000000000000000000000000000000000004600000000suse-module-tools-16.0.50/modprobe.conf/x86_64/50-blacklist-isst.conf# Intel Speed Select Technology (ISST)
# The isst_if_mbox_msr driver uses a modalias based on CPU family and model,
# which is too unspecific. On large systems, this causes a lot of failing
# modprobe attempts for this driver, leading to slow or even stalled boot
# (bsc#1187196).
blacklist isst_if_mbox_msr
07070100000041000081A400000000000000000000000166D1C31D00000045000000000000000000000000000000000000004800000000suse-module-tools-16.0.50/modprobe.conf/x86_64/70-softdep-ata_piix.conf# ata_piix can't handle ICH6 in AHCI mode
softdep ata_piix pre: ahci
07070100000042000081A400000000000000000000000166D1C31D00000B88000000000000000000000000000000000000003600000000suse-module-tools-16.0.50/regenerate-initrd-posttrans#!/bin/sh
# Local variables:
# indent-tabs-mode: t
# sh-basic-offset: 8
# End:
#
# Packages that install kernels or kernel-modules create a flag
#
# /run/regenerate-initrd/<kernel version>
#
# to have the initrd for <kernel version> generated, or
#
# /run/regenerate-initrd/all
#
# to have all initrds generated. This script is called from posttrans
# and takes care of generating the initrds
: ${DRACUT:=/usr/bin/dracut}
if [ ! -x "$DRACUT" ]; then
echo "${0##*/}: dracut is not installed, not rebuilding the initrd" >&2
exit 0
fi
if [ -e "/usr/bin/sdbootutil" ] && /usr/bin/sdbootutil is-installed; then
is_sdbootutil=1
fi
dir=/run/regenerate-initrd
if ! test -d "$dir"; then
exit 0
fi
# If we are inside a transaction and using a separate /boot/efi
# partition (ESP) then we cannot touch it, as we will escape the
# atomicity promise. We need to delay the call to this script after
# the transaction has been completed. The component that will call
# again regenerate-initrd-posttrans to generate the new initrd is the
# sdbootutil snapper plugin (this time outside the live transaction),
# and the tukit plugin will migrate the signal from inside the
# transaction to outside.
if [ -n "$is_sdbootutil" ] && [ -n "$TRANSACTIONAL_UPDATE" ]; then
exit 0
fi
for f in "$dir"/*; do
case $f in
"$dir/*")
[ -e "$f" ] || break;;
esac
# check if we are in a build chroot
if ! [ -f /etc/fstab -a ! -e /.buildenv -a -x "$DRACUT" ] ; then
echo "Please run \"$DRACUT -f --regenerate-all\" as soon as your system is complete." >&2
rm "$dir"/*
exit 0
fi
break
done
err=0
work_done=
if test -e "$dir/all"; then
rm "$dir"/*
[ "$SKIP_REGENERATE_INITRD_ALL" = 1 ] || {
if [ -n "$is_sdbootutil" ]; then
/usr/bin/sdbootutil --no-reuse-initrd --default-snapshot add-all-kernels
else
"$DRACUT" -f --regenerate-all
fi
work_done=yes
}
else
for f in "$dir"/*; do
case $f in
"$dir/*")
[ -e "$f" ] || break;;
esac
rm -f "$f"
kver=${f##*/}
case "$kver" in
vmlinuz-*|image-*|vmlinux-*|linux-*|bzImage-*|uImage-*|Image-*|zImage-*)
kver=${kver#*-}
;;
esac
[ -d /lib/modules/"$kver" ] || {
echo $0: skipping invalid kernel version "$dir/$kver"
continue
}
if [ -n "$is_sdbootutil" ]; then
if ! /usr/bin/sdbootutil --no-reuse-initrd --default-snapshot add-kernel "$kver"; then
err=$?
else
work_done=yes
fi
elif ! "$DRACUT" -f --kver "$kver"; then
err=$?
else
work_done=yes
fi
done
fi
# For XEN/grub2 configurations, make sure the updated initrds are copied
# to the EFI system partition. See /etc/grub.d/20_linux_xen.
# The test for xen*.gz is simplistic but should be correct here.
# 20_linux_xen will apply more sophisticated heuristics to detect XEN.
[ ! "$work_done" ] || [ ! -d /sys/firmware/efi ] || \
[ ! -x /sbin/update-bootloader ] || \
[ "$(echo /boot/xen*.gz)" = "/boot/xen*.gz" ] || \
/sbin/update-bootloader --refresh
exit $err
07070100000043000081A400000000000000000000000166D1C31D000024D2000000000000000000000000000000000000003100000000suse-module-tools-16.0.50/suse-module-tools.spec#
# spec file for package suse-module-tools
#
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
# Location for modprobe and depmod .conf files
#
# This assumes post-usr-merge (20210527) for Tumbleweed
%global modprobe_dir /usr/lib/modprobe.d
%global depmod_dir /usr/lib/depmod.d
%global dracutlibdir %{_prefix}/lib/dracut
%global with_kernel_sysctl 1
# boot_sysctl may be dropped on TW when we can assume that nobody keeps
# kernel packages around that store sysctl files under /boot
%bcond_without boot_sysctl
%global sysctl_dropin %{_unitdir}/systemd-sysctl.service.d/50-kernel-uname_r.conf
%global systemd_units %{?with_boot_sysctl:boot-sysctl.service} %{?with_kernel_sysctl:kernel-sysctl.service}
# List of legacy file systems to be blacklisted by default
%global fs_blacklist adfs affs bfs befs cramfs efs erofs exofs f2fs freevxfs hfs hfsplus hpfs jffs2 jfs kafs minix nilfs2 ntfs ntfs3 omfs orangefs pstore qnx4 qnx6 reiserfs romfs sysv ufs zonefs
# List of all files installed under modprobe.d
# Note: this list contains files installed by previous versions, like 00-system-937216.conf!
%global modprobe_conf_files 00-system 00-system-937216 10-unsupported-modules 50-blacklist 60-blacklist_fs-* 99-local
%global modprobe_conf_rpmsave %(echo "%{modprobe_conf_files}" | sed 's,\\([^ ]*\\),%{_sysconfdir}/modprobe.d/\\1.conf.rpmsave,g')
Name: suse-module-tools
Version: 16.0.50
Release: 0
Summary: Configuration for module loading and SUSE-specific utilities for KMPs
License: GPL-2.0-or-later
Group: System/Base
URL: https://github.com/openSUSE/suse-module-tools
Source0: %{name}-%{version}.tar.xz
Source1: %{name}.rpmlintrc
BuildRequires: systemd-rpm-macros
Requires: /usr/bin/grep
Requires: /usr/bin/gzip
Requires: /usr/bin/sed
Requires: coreutils
Requires: findutils
Requires: systemd-rpm-macros
Requires: (sdbootutil if sdbootutil)
Requires: rpm
Requires(post): /usr/bin/grep
Requires(post): /usr/bin/sed
Requires(post): coreutils
Provides: udev-extra-rules = 0.3.0
Obsoletes: udev-extra-rules < 0.3.0
Provides: system-tuning-common-SUSE = 0.3.0
Obsoletes: system-tuning-common-SUSE < 0.3.0
# Use weak dependencies for dracut and kmod in order to
# keep Ring0 lean. In normal deployments, these packages
# will be available anyway.
Recommends: dracut
Recommends: kmod
# This release requires the dracut module 90nvdimm
Conflicts: dracut < 49.1
# TW: conflict with pre-usrmerge
Conflicts: filesystem < 16
# Adds an ordering edge (from @mls)
Suggests: sdbootutil
Requires: (sdbootutil > 1+git20240829 if sdbootutil)
%description
This package contains helper scripts for KMP installation and
uninstallation, as well as default configuration files for depmod and
modprobe.
%package scriptlets
Summary: Kernel rpm scriptlets
Provides: suse-kernel-rpm-scriptlets = 0
Requires: suse-module-tools = %{version}
Provides: suse-module-tools:/usr/lib/module-init-tools/kernel-scriptlets
Provides: sdbootutil-rpm-scriptlets = 2.0
Obsoletes: sdbootutil-rpm-scriptlets < 2.0
%description scriptlets
Scripts called by the SUSE kernel packages on installation
%prep
%setup -q
%build
sed -i 's/@FS_BLACKLIST@.*/%{fs_blacklist}/' README.md
%install
install -d -m 755 "%{buildroot}%{modprobe_dir}"
install -d -m 755 "%{buildroot}%{_sysconfdir}/modprobe.d"
install -pm644 -t "%{buildroot}%{modprobe_dir}" modprobe.conf/common/*.conf
if [ -d modprobe.conf/%{_arch} ]; then
install -pm644 -t "%{buildroot}%{modprobe_dir}" modprobe.conf/%{_arch}/*.conf
fi
%ifarch i386
install -pm644 -t "%{buildroot}%{modprobe_dir}" modprobe.conf/x86_64/*.conf
%endif
%ifarch ppc64le
install -pm644 -t "%{buildroot}%{modprobe_dir}" modprobe.conf/ppc64/*.conf
%endif
install -d -m 755 "%{buildroot}/%{depmod_dir}"
install -d -m 755 "%{buildroot}%{_sysconfdir}/depmod.d"
install -pm 644 "depmod-00-system.conf" "%{buildroot}%{depmod_dir}/00-system.conf"
# "/usr/lib/module-init-tools" name hardcoded in other packages
install -d -m 755 "%{buildroot}/usr/lib/module-init-tools"
install -pm 755 -t "%{buildroot}/usr/lib/module-init-tools/" \
weak-modules2 driver-check.sh unblacklist lsinitrd-quick get_dracut_drivers
install -pm 755 "regenerate-initrd-posttrans" "%{buildroot}/usr/lib/module-init-tools/"
install -d -m 755 "%{buildroot}/usr/lib/module-init-tools/kernel-scriptlets"
install -pm 755 "kernel-scriptlets/cert-script" "%{buildroot}/usr/lib/module-init-tools/kernel-scriptlets"
install -pm 755 "kernel-scriptlets/inkmp-script" "%{buildroot}/usr/lib/module-init-tools/kernel-scriptlets"
install -pm 755 "kernel-scriptlets/kmp-script" "%{buildroot}/usr/lib/module-init-tools/kernel-scriptlets"
install -pm 755 "kernel-scriptlets/rpm-script" "%{buildroot}/usr/lib/module-init-tools/kernel-scriptlets"
for i in "pre" "preun" "post" "posttrans" "postun" ; do
ln -s cert-script %{buildroot}/usr/lib/module-init-tools/kernel-scriptlets/cert-$i
ln -s inkmp-script %{buildroot}/usr/lib/module-init-tools/kernel-scriptlets/inkmp-$i
ln -s kmp-script %{buildroot}/usr/lib/module-init-tools/kernel-scriptlets/kmp-$i
ln -s rpm-script %{buildroot}/usr/lib/module-init-tools/kernel-scriptlets/rpm-$i
done
install -d -m 755 %{buildroot}%{dracutlibdir}/dracut.conf.d
install -pm 644 10-unblacklist.conf %{buildroot}%{dracutlibdir}/dracut.conf.d
install -d -m 755 "%{buildroot}%{_prefix}/bin"
# systemd service(s) to load kernel-specific sysctl settings
install -d -m 755 "%{buildroot}%{_unitdir}/systemd-sysctl.service.d"
echo '[Unit]' >"%{buildroot}%{sysctl_dropin}"
%if %{with kernel_sysctl}
install -pm 644 kernel-sysctl.service "%{buildroot}%{_unitdir}"
echo 'Wants=kernel-sysctl.service' >>"%{buildroot}%{sysctl_dropin}"
%endif
%if %{with boot_sysctl}
install -pm 644 boot-sysctl.service "%{buildroot}%{_unitdir}"
echo 'Wants=boot-sysctl.service' >>"%{buildroot}%{sysctl_dropin}"
%endif
install -d -m 755 "%{buildroot}%{_modulesloaddir}"
for _x in modules-load.d/*.conf; do
[ -e "$_x" ] || continue
install -pm 644 -t "%{buildroot}%{_modulesloaddir}" "$_x"
done
%ifarch ppc64 ppc64le
install -d -m 755 %{buildroot}/usr/lib/systemd/system-generators
install -pm 755 udev-trigger-generator %{buildroot}/usr/lib/systemd/system-generators
%endif
# udev rules (formerly system-tuning-common-SUSE, udev-extra-rules)
install -d -m 755 %{buildroot}%{_udevrulesdir}
install -pm 644 udevrules/*.rules %{buildroot}%{_udevrulesdir}
mkdir -p %{buildroot}%{_defaultlicensedir}
for mod in %{fs_blacklist}; do
echo "\
# DO NOT EDIT THIS FILE!
#
# The $mod file system is blacklisted by default because it isn't actively
# supported by SUSE.
blacklist $mod
# The filesystem can be un-blacklisted by running \"modprobe $mod\".
# See README.md in the %{name} package for details.
install $mod /usr/lib/module-init-tools/unblacklist $mod; /sbin/modprobe --ignore-install $mod
" \
>%{buildroot}%{modprobe_dir}/60-blacklist_fs-"$mod".conf
done
%pre
%service_add_pre %{systemd_units}
# Avoid restoring old .rpmsave files in %posttrans
for f in %{modprobe_conf_rpmsave}; do
if [ -f ${f} ]; then
mv -f ${f} ${f}.%{name}
fi
done
if [ -f %{_sysconfdir}/depmod.d/00-system.conf.rpmsave ]; then
mv -f %{_sysconfdir}/depmod.d/00-system.conf.rpmsave \
%{_sysconfdir}/depmod.d/00-system.conf.rpmsave.%{name}
fi
exit 0
%post
%udev_rules_update
%service_add_post %{systemd_units}
exit 0
%preun
%service_del_preun %{systemd_units}
exit 0
%postun
%udev_rules_update
%service_del_postun_without_restart %{systemd_units}
exit 0
%posttrans
# If the user had modified any of the configuration files installed under
# /etc, they'll now be renamed to .rpmsave files. Restore them.
for f in %{modprobe_conf_rpmsave}; do
if [ -f ${f} ]; then
mv -fv ${f} ${f%.rpmsave}
fi
done
if [ -f %{_sysconfdir}/depmod.d/00-system.conf.rpmsave ]; then
mv -fv %{_sysconfdir}/depmod.d/00-system.conf.rpmsave \
%{_sysconfdir}/depmod.d/00-system.conf
fi
exit 0
%files
%defattr(-,root,root)
%license LICENSE
%doc README.md
%{modprobe_dir}
%dir %{_sysconfdir}/modprobe.d
%{depmod_dir}
%dir %{_sysconfdir}/depmod.d
%dir /usr/lib/module-init-tools
/usr/lib/module-init-tools/driver-check.sh
/usr/lib/module-init-tools/lsinitrd-quick
/usr/lib/module-init-tools/unblacklist
/usr/lib/module-init-tools/weak-modules2
/usr/lib/module-init-tools/get_dracut_drivers
%{_unitdir}/*.service
%{_unitdir}/systemd-sysctl.service.d
%{_modulesloaddir}
%{_udevrulesdir}
%dir %{dracutlibdir}
%{dracutlibdir}/dracut.conf.d
%ifarch ppc64 ppc64le
/usr/lib/systemd/system-generators
%endif
#
%files scriptlets
/usr/lib/module-init-tools/kernel-scriptlets
/usr/lib/module-init-tools/regenerate-initrd-posttrans
%changelog
07070100000044000081A400000000000000000000000166D1C31D000003F3000000000000000000000000000000000000003100000000suse-module-tools-16.0.50/udev-trigger-generator#! /bin/bash
# Copyright (c) 2020 SUSE LLC
# SPDX-License-Identifier: GPL-2.0-or-later
#
# bsc#1174287: On PowerPC, exclude memory devices from udev coldplug
#
# This generator creates a drop-in for systemd-udev-trigger.service
# that overrides the default action, skipping coldplug for memory devices.
export PATH=/usr/bin
# /tmp may not be writable yet. Use a different TMPDIR that's guaranteed
# to be writable. Needed for the "here-document" below.
export TMPDIR=/dev/shm
trap 'echo $0: error in "$BASH_COMMAND" >&2' ERR
[[ $(uname -m) = ppc64le ]] || [[ $(uname -m) = ppc64 ]] || exit 0
case $(systemd-detect-virt) in
none|powervm) ;;
*) exit 0;;
esac
DIR=$1
[[ $DIR && -d "$DIR" ]]
DROPIN="$DIR/systemd-udev-trigger.service.d"
mkdir -p "$DROPIN"
cat >"$DROPIN/30-skip-memory-devices.conf" <<EOF
# generated by $0
[Service]
ExecStart=
ExecStart=/usr/bin/udevadm trigger --type=subsystems --action=add
ExecStart=/usr/bin/udevadm trigger --type=devices --action=add --subsystem-nomatch=memory
EOF
07070100000045000041ED00000000000000000000000166D1C31D00000000000000000000000000000000000000000000002400000000suse-module-tools-16.0.50/udevrules07070100000046000081A400000000000000000000000166D1C31D00000797000000000000000000000000000000000000003800000000suse-module-tools-16.0.50/udevrules/42-usb-hid-pm.rules# do not edit this file, it will be overwritten on update
#
# Enable autosuspend for qemu emulated usb hid devices
# Note that there are buggy qemu versions (0.13 & older) which
# advertise remote wakeup support but don't actually implement
# it correctly. This is the reason why we need a match for the
# serial number here. Old, broken versions have serial "1".
# It has been changed to "42" after fixing the bug to indicate
# remote wakeup is working.
ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
# Dell DRAC 4
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="413c", ATTR{idProduct}=="2500", TEST=="power/control", ATTR{power/control}="auto"
# Dell DRAC 5
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="413c", ATTR{idProduct}=="0000", TEST=="power/control", ATTR{power/control}="auto"
# IBM remote access
ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="04b3", ATTR{idProduct}=="4012", TEST=="power/control", ATTR{power/control}="auto"
# Raritan Computer, Inc KVM.
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="14dd", ATTR{idProduct}=="0002", TEST=="power/control", ATTR{power/control}="auto"
# USB HID devices that are internal to the machine should also be safe to autosuspend
ACTION=="add", SUBSYSTEM=="usb", SUBSYSTEMS=="usb", ATTRS{removable}=="removable", GOTO="usb_hid_pm_end"
ACTION=="add", SUBSYSTEM=="usb", SUBSYSTEMS=="usb", ATTRS{removable}=="unknown", GOTO="usb_hid_pm_end"
ACTION=="add", SUBSYSTEM=="usb", ATTR{bInterfaceClass}=="03", ATTRS{removable}=="fixed", TEST=="../power/control", ATTR{../power/control}="auto"
LABEL="usb_hid_pm_end"
07070100000047000081A400000000000000000000000166D1C31D00000959000000000000000000000000000000000000003A00000000suse-module-tools-16.0.50/udevrules/60-io-scheduler.rules# Set optimal IO schedulers for HDD and SSD
# Copyright (c) 2021 SUSE LLC
# ## DO NOT EDIT. ##
# To modify the rules, copy this file to /etc/udev/rules.d/60-io-scheduler.rules
# and edit the copy.
# Please read the section "Tuning I/O performance" in the System Analysis and Tuning Guide
# from the SUSE Documentation.
# --- DO NOT EDIT THIS PART ----
SUBSYSTEM!="block", GOTO="scheduler_end"
ACTION!="add|change", GOTO="scheduler_end"
ENV{DEVTYPE}!="disk", GOTO="scheduler_end"
TEST!="%S%p/queue/scheduler", GOTO="scheduler_end"
# For dm devices, the relevant events are "change" events, see 10-dm.rules
ACTION!="change", KERNEL=="dm-*", GOTO="scheduler_end"
# "none" with no brackets means scheduler isn't configurable
ATTR{queue/scheduler}=="none", GOTO="scheduler_end"
# keep our hands off zoned devices, the kernel auto-configures them
ATTR{queue/zoned}!="none", GOTO="scheduler_end"
# Enforce "none" for multipath components.
ENV{DM_MULTIPATH_DEVICE_PATH}=="1", ATTR{queue/scheduler}="none", GOTO="scheduler_end"
# Enforce "none" for loop devices
KERNEL=="loop[0-9]*", ATTR{queue/scheduler}="none", GOTO="scheduler_end"
# --- EDIT BELOW HERE after copying to /etc/udev/rules.d ---
# Uncomment these if you want to force virtual devices to use no scheduler
# KERNEL=="vd[a-z]*", ATTR{queue/scheduler}="none", GOTO="scheduler_end"
# KERNEL=="xvd[a-z]*", ATTR{queue/scheduler}="none", GOTO="scheduler_end"
# Leave virtual devices untouched
KERNEL=="vd[a-z]*", GOTO="scheduler_end"
KERNEL=="xvd[a-z]*", GOTO="scheduler_end"
# 1. BFQ scheduler for single-queue HDD
ATTR{queue/rotational}!="0", TEST!="%S%p/mq/1", ATTR{queue/scheduler}="bfq", GOTO="scheduler_end"
# 2. BFQ scheduler for every HDD, including "real" multiqueue
# ATTR{queue/rotational}!="0", ATTR{queue/scheduler}="bfq", GOTO="scheduler_end"
# 3. For "real" multiqueue devices, the kernel defaults to no IO scheduling
# Uncomment this (and select your scheduler) if you need an IO scheduler for them
# TEST=="%S%p/mq/1", ATTR{queue/scheduler}="kyber", GOTO="scheduler_end"
# 4. BFQ scheduler for every device (uncomment if you need ionice or blk-cgroup features)
# ATTR{queue/scheduler}="bfq", GOTO="scheduler_end"
# 5. mq-deadline is the kernel default for devices with just one hardware queue
# ATTR{queue/scheduler}="mq-deadline"
# --- EDIT ABOVE HERE after copying to /etc/udev/rules.d ---
LABEL="scheduler_end"
07070100000048000081A400000000000000000000000166D1C31D000004BA000000000000000000000000000000000000003D00000000suse-module-tools-16.0.50/udevrules/80-hotplug-cpu-mem.rules# Do not edit this file under /usr/lib/udev/rules.d, it will be overwritten on update
# If you need modifications, copy it to /etc/udev/rules.d and edit it there
ACTION!="add", GOTO="hotplug_cpu_end"
SUBSYSTEM!="cpu|memory", GOTO="hotplug_cpu_end"
#
# Hotplug physical CPU
#
SUBSYSTEM=="cpu", CONST{arch}=="x86-64", TEST=="online", ATTR{online}=="0", ATTR{online}="1"
SUBSYSTEM=="cpu", CONST{arch}=="s390*", TEST=="online", ATTR{configure}=="1", ATTR{online}=="0", ATTR{online}="1"
#
# Hotplug physical memory. Instances of tmpfs are remounted so their
# size are recalculated. This might be needed if some sizes were
# specified relative to the total amount of memory (boo#869603). For
# now make it simple and remount all tmpfs regardless of how their
# size are specified. It should be handled by the kernel as it has a
# lot of shortcomings anyways (tmpfs mounted by other processes, mount
# namespaces, ...)
#
SUBSYSTEM=="memory", CONST{arch}!="s390x", ATTR{state}=="offline", ATTR{state}="online", \
RUN+="/bin/sh -c ' \
while read src dst fs opts unused; do \
case $$fs in \
tmpfs) mount -o remount \"$$dst\" ;; \
esac \
done </proc/self/mounts"
LABEL="hotplug_cpu_end"
07070100000049000081A400000000000000000000000166D1C31D00000163000000000000000000000000000000000000003E00000000suse-module-tools-16.0.50/udevrules/99-wakeup-from-idle.rules# enable usb and standard AT Keyboards as wakeup sources for suspend-to-idle (S2I) fate#323814
ACTION=="add", ATTR{power/wakeup}=="disabled", SUBSYSTEM=="serio", ATTR{description}=="i8042 KBD port", ATTR{power/wakeup}="enabled"
ACTION=="add", ATTR{power/wakeup}=="disabled", SUBSYSTEM=="hid", ATTRS{bInterfaceProtocol}=="01", ATTR{power/wakeup}="enabled"
0707010000004A000081ED00000000000000000000000166D1C31D000007FE000000000000000000000000000000000000002600000000suse-module-tools-16.0.50/unblacklist#! /bin/sh
# Copyright (c) 2021-2024 SUSE LLC
# SPDX-License-Identifier: GPL-2.0-or-later
ME="${0##*/}"
if [ -e /etc/initrd-release ]; then
[ "$RD_DEBUG" != "yes" ] || \
echo "$ME: called in initramfs for \"$@\" - ignoring" >&2
exit 0
fi
# Never unblacklist non-interactively
if ! tty -s <&0; then
exit 0
fi
if [ $UID -ne 0 ]; then
echo "$ME: you must be root to run this program" >&2
exit 1
fi
if [ $# -ne 1 ]; then
echo "Usage: $ME module" >&2
exit 1
fi
MODULE=$1
if [ -z "$MODULE" ] || \
[ ! -f /lib/modprobe.d/60-blacklist_fs-"$MODULE".conf -a \
! -f /usr/lib/modprobe.d/60-blacklist_fs-"$MODULE".conf ]; then
echo "$ME: Invalid or unknown module \"$MODULE\"" >&2
exit 1
fi
CONF=/etc/modprobe.d/60-blacklist_fs-"$MODULE".conf
if [ -L "$CONF" ]; then
if [ x"$(readlink -f "$CONF")" = x/dev/null ]; then
# already linked to /dev/null
exit 0
else
echo "$ME: $CONF is in unexpected state, exiting" >&2
exit 1
fi
elif [ -f "$CONF" ]; then
if ! grep -E -q "^[ ]*blacklist[ ]+$MODULE" "$CONF"; then
# not blacklisted
exit 0
fi
if ! grep -E -q '^# __THIS FILE MAY BE MODIFIED__' "$CONF"; then
echo "$ME: $CONF exists, cannot modify it" >&2
exit 1
fi
elif [ -e "$CONF" ]; then
echo "$ME: $CONF is in unexpected state, exiting" >&2
exit 1
fi
echo "$ME: loading $MODULE file system module" >&2
_a=
while [ -z "$_a" ]; do
echo -n "$ME: Do you want to un-blacklist $MODULE permanently (<y>es/<n>o/n<e>ver)? " >&2
read _a
case $_a in
y|yes) _a=yes;;
n|no) _a=no;;
e|never) _a=never;;
*) _a=;;
esac
done
case $_a in
no)
echo "$ME: not un-blacklisting $MODULE" >&2
exit 0
;;
never)
echo "$ME: creating $CONF" >&2
rm -f "$CONF"
cat >$CONF <<EOF
# created by $0 (user wants to never unblacklist this module)
blacklist $MODULE
EOF
exit 0
;;
esac
if ln -sf /dev/null "$CONF"; then
echo "$ME: $MODULE un-blacklisted by creating $CONF" >&2
exit 0
else
echo "$ME: Failed to create $CONF" >&2
exit 1
fi
0707010000004B000081A400000000000000000000000166D1C31D00006A3D000000000000000000000000000000000000002800000000suse-module-tools-16.0.50/weak-modules2#! /bin/bash
##############################################################################
# How it works:
# * Kernels install modules below /usr/lib/modules/$krel/kernel/.
# * KMPs install modules below /usr/lib/modules/$krel/updates/ or .../extra/.
# * Symbolic links to modules of compatible KMPs are created under
# /usr/lib/modules/$krel/weak-updates/{updates,extra}/... (the original path
# below /usr/lib/modules/$other_krel is used).
# * Depmod searches the directories in this order: updates/, extra/,
# weak-updates/, kernel/ (see /etd/depmod.conf or
# /etc/depmod.d/00-system.conf for details).
# * Compatibility of a kernel with a KMP is defined as: The KMP is built
# for the same flavor as the kernel and after adding the KMP modules to
# the kernel, depmod -e -E Module.symvers reports no errors about
# missing symbols or different symbol checksums. See the
# has_unresolved_symbols() function for details.
#
# * At KMP install time (function add_kmp()), we create symbolic links
# for all kernels that this KMP is compatible with. We skip kernels that
# already contain symbolic links to a newer KMP of the same name,
# contain the KMP itself or another version in updates/ or extra/ or
# have overlapping module names with other KMPs in the respective
# kernel (this should not happen).
# * At kernel install time (functions add_kernel()), we create symbolic
# links for each compatible KMP, unless the KMP or a different one with
# overlapping module names is present in updates/ or extra/ (KMP build
# against $krel can be installed before a kernel with that version).
# When multiple KMPs of the same name are compatbile, we chose the one
# with the highest version number. This is repeated when subsequent
# subpackages (main or -extra) of that kernel are installed.
# * At KMP removal time (function remove_kmp()), the modules and their
# symlinks are removed and, where possible, replaced by symlinks to the
# newest of the remaining compatible version of that KMP.
# * [NOT IMPLEMENTED] When a kernel subpackage is removed, symlinks to
# KMPs that become incompatible are removed as well. This is not
# implemented, because removing the main subpackage and only keeping
# the -base package AND having KMPs installed is not an expected
# scenario, and implementing this would only slow down kernel updates.
# * When the kernel is removed (function remove_kernel()), it's
# weak-updates directory is also removed.
#
# naming conventions used in this script:
# $kmp: name-version-release of a kmp, e.g kqemu-kmp-default-1.3.0pre11_2.6.25.16_0.1-7.1
# $kmpshort: name of a kmp, e.g kqemu-kmp-default
# $basename: portion of $kmp up to the "-kmp-" part, e.g kqemu
# $flavor: flavor of a kmp or kernel, e.g default
# $krel: kernel version, as in /usr/lib/modules/$krel
# $module: full path to a module below updates/
# $symlink: full path to a module symlink below weak-updates/
#
# files in $tmpdir:
# krel-$kmp: kernel version for which $kmp was built
# modules-$kmp: list of modules in $kmp (full paths)
# basenames-$kmp: list of basenames of modules in $kmp
# kmps: list of kmps, newest first
#
: ${DRACUT:=/usr/bin/dracut}
find_lsinitrd() {
local lsi
LSINITRD=
for lsi in /usr/lib/module-init-tools/lsinitrd-quick /usr/bin/lsinitrd; do
if [[ -x $lsi ]]; then
LSINITRD=$lsi
break
fi
done
if [[ ! "$LSINITRD" ]]; then
echo "$0: could not find lsinitrd" >&2
exit 1
fi
dlog "LSINITRD=$LSINITRD"
}
find_depmod() {
local _d
[[ ! -x "$DEPMOD" ]] || return
DEPMOD=
for _d in /usr/sbin /sbin; do
if [[ -x ${_d}/depmod ]]; then
DEPMOD=${_d}/depmod
break;
fi
done
if [[ ! "$DEPMOD" ]]; then
echo "ERROR: depmod is not installed - aborting" >&2
exit 1
fi
dlog "DEPMOD=$DEPMOD"
}
find_sdbootutil() {
[[ ! -x "$SDBOOTUTIL" ]] || return
SDBOOTUTIL=
if [ -e "/usr/bin/sdbootutil" ] && /usr/bin/sdbootutil is-installed; then
SDBOOTUTIL="/usr/bin/sdbootutil"
fi
dlog "SDBOOTUTIL=$SDBOOTUTIL"
}
find_usrmerge_boot() {
local filename=$1
local kver=$2
local ext=${3:+."$3"}
local f
for f in "/usr/lib/modules/$kver/$filename$ext" "/boot/$filename-$kver$ext"
do
if [ -e "$f" ]; then
echo "$f"
return
fi
done
log "WARNING: find_usrmerge_boot: $filename$ext not found for kernel $kver"
}
log() {
[ $opt_verbose -gt 0 ] && echo "$@" >&2
return 0
}
dlog() {
[ $opt_verbose -gt 1 ] && echo "$@" >&2
return 0
}
doit() {
if [ -n "$doit" ]; then
# override
"$@"
return
fi
log "$@"
if [ -z "$opt_dry_run" ]; then
"$@"
else
:
fi
}
strip_mod_extensions() {
sed -rn '/^_kernel_$/p;s/\.ko(\.[gx]z|\.zst)?$//p'
}
# Name of the symlink that makes a module available to a given kernel
symlink_to_module() {
local module=$1 krel=$2
echo /usr/lib/modules/$krel/weak-updates/${module#/usr/lib/modules/*/}
}
# Is a kmp already present in or linked to from this kernel?
__kmp_is_present() {
local kmp=$1 krel=$2
if [ $krel = "$(cat $tmpdir/krel-$kmp)" ]; then
return 0
fi
local module symlink
while read module; do
symlink=$(symlink_to_module $module $krel)
[ $module -ef $symlink -o $module = "$(readlink $symlink)" ] || return 1
done < $tmpdir/modules-$kmp
return 0
}
kmp_is_present() {
__kmp_is_present "$1" "$2"
local res=$?
dlog "kmp_is_present: kmp=$1 krel=$2 => $res"
return $res
}
# Add the modules of a kmp to /usr/lib/modules/$krel
add_kmp_modules() {
local kmp=$1 krel=$2 basedir=$3
[ -n "$kmp" ] || return 0
local module symlink
while read module; do
symlink=$(symlink_to_module $module $krel)
doit mkdir -p ${opt_debug:+-v} $basedir${symlink%/*} || exit 1
doit ln -sf ${opt_debug:+-v} $module $basedir$symlink || exit 1
dlog "add_kmp_modules: added $module to $krel"
done < $tmpdir/modules-$kmp
}
# Remove the modules of a kmp from /usr/lib/modules/$krel
remove_kmp_modules() {
local kmp=$1 krel=$2 basedir=$3
[ -n "$kmp" ] || return 0
local module symlink
while read module; do
symlink=$(symlink_to_module $module $krel)
doit rm -f ${opt_debug:+-v} $basedir$symlink
dlog "remove_kmp_modules: removed $module from $krel"
done < $tmpdir/modules-$kmp
}
# Create a temporary working copy of /usr/lib/modules/$1
create_temporary_modules_dir() {
local modules_dir=/usr/lib/modules/$1 basedir=$2
local opt_v=${opt_debug:+-v}
mkdir -p $opt_v $basedir$modules_dir/weak-updates
ln -s $opt_v $modules_dir/kernel $basedir$modules_dir/kernel
eval "$(find $modules_dir -path "$modules_dir/modules.*" -prune \
-o -path "$modules_dir/kernel" -prune \
-o -type d -printf "mkdir -p $opt_v $basedir%p\n" \
-o -printf "ln -s $opt_v %p $basedir%p\n"
)"
}
# Check for unresolved symbols
has_unresolved_symbols() {
local krel=$1 basedir=$2 output status args sym_errors _f
if [ ! -e "$tmpdir/symvers-$krel" ]; then
_f=$(find_usrmerge_boot symvers "$krel" gz)
if [ -n "$_f" ]; then
dlog "has_unresolved_symbols: found $_f"
zcat "$_f" >"$tmpdir/symvers-$krel"
fi
fi
if [ -e $tmpdir/symvers-$krel ]; then
args=(-E $tmpdir/symvers-$krel)
else
echo "WARNING: symvers.gz not found for $krel, symbol resolution will be unreliable" >&2
_f=$(find_usrmerge_boot System.map "$krel")
if [ -n "$_f" ]; then
args=(-F "$_f")
else
echo "WARNING: System.map not found for $krel, symbol resolution may fail" >&2
fi
fi
output="$("$DEPMOD" -b "$basedir" -ae "${args[@]}" $krel 2>&1)"
status=$?
if [ $status -ne 0 ]; then
echo "$output" >&2
echo "depmod exited with error $status" >&2
return 0
fi
sym_errors=$(echo "$output" | \
grep -E ' (needs unknown|disagrees about version of) symbol ')
if [ -n "$sym_errors" ]; then
[ -z "$opt_debug" ] || echo "$sym_errors" >&2
return 0
fi
dlog "has_unresolved_symbols: no errors found for $krel"
return 1
}
# KMPs can only be added if none of the module basenames overlap
basenames_are_unique() {
local kmp=$1 krel=$2 basedir=$3 dir
for dir in $basedir/usr/lib/modules/$krel/{weak-updates,updates,extra}/; do
if [ ! -d "$dir" ]; then
continue
fi
local overlap="$(comm -1 -2 $tmpdir/basenames-$kmp \
<(find "$dir" -not -type d -printf '%f\n' | sort -u))"
if [ -n "$overlap" ]; then
dlog "basenames_are_unique: found name overlap for $kmp in $dir: " $overlap
return 1
fi
done
dlog "basenames_are_unique: $kmp is unique in $basedir"
return 0
}
# Can a kmp be replaced by a different version of the same kmp in a kernel?
# Set the old kmp to "" when no kmp is to be removed.
__can_replace_kmp() {
local old_kmp=$1 new_kmp=$2 krel=$3
local basedir=$tmpdir/$krel
local weak_updates=/usr/lib/modules/$krel/weak-updates/
[ -d "$basedir" ] || \
create_temporary_modules_dir "$krel" "$basedir"
# force doit() to execute the commands (in $tmpdir)
doit=1 remove_kmp_modules "$old_kmp" "$krel" "$basedir"
if ! basenames_are_unique "$new_kmp" "$krel" "$basedir"; then
doit=1 add_kmp_modules "$old_kmp" "$krel" "$basedir"
return 1
fi
doit=1 add_kmp_modules "$new_kmp" "$krel" "$basedir"
if has_unresolved_symbols "$krel" "$basedir"; then
doit=1 remove_kmp_modules "$new_kmp" "$krel" "$basedir"
doit=1 add_kmp_modules "$old_kmp" "$krel" "$basedir"
return 1
fi
return 0
}
can_replace_kmp() {
__can_replace_kmp "$1" "$2" "$3"
local res=$?
dlog "can_replace_kmp: old=$1 new=$2 krel=$3 => $res"
return $res
}
# Figure out which modules a kmp contains
check_kmp() {
local kmp=$1
# Make sure all modules are for the same kernel
set -- $(sed -re 's:^/usr/lib/modules/([^/]+)/.*:\1:' \
$tmpdir/modules-$kmp \
| sort -u)
if [ $# -ne 1 ]; then
echo "Error: package $kmp seems to contain modules for multiple" \
"kernel versions" >&2
return 1
fi
echo $1 > $tmpdir/krel-$kmp
dlog "check_kmp: $kmp contains modules for $1"
# Make sure none of the modules are in kernel/ or weak-updates/
if grep -qE -e '^/usr/lib/modules/[^/]+/(kernel|weak-updates)/' \
$tmpdir/modules-$kmp; then
echo "Error: package $kmp must not install modules into " \
"kernel/ or weak-updates/" >&2
return 1
fi
sed -e 's:.*/::' $tmpdir/modules-$kmp \
| sort -u > $tmpdir/basenames-$kmp
dlog "check_kmp: $kmp contains: " $(cat $tmpdir/basenames-$kmp)
}
# Figure out which kmps there are, and which modules they contain
# set basename to '*' to find all kmps of a given flavor
find_kmps() {
local basename=$1 flavor=$2
local kmp
for kmp in $(rpm -qa --qf '%{n}-%{v}-%{r}\n' --nodigest --nosignature "$basename-kmp-$flavor"); do
dlog "find_kmps: looking at $kmp"
if rpm -q --qf '[%{providename}\n]' --nodigest --nosignature "$kmp" | \
grep -q '^kmp_in_kernel$'; then
# KMP built directly from the kernel spec file (fate#319339)
continue
fi
rpm -ql --nodigest --nosignature "$kmp" \
| grep -Ee '^/usr/lib/modules/[^/]+/.+\.ko(\.[gx]z|\.zst)?$' \
> $tmpdir/modules-$kmp
if [ $? != 0 ]; then
echo "WARNING: $kmp does not contain any kernel modules" >&2
rm -f $tmpdir/modules-$kmp
continue
fi
check_kmp $kmp || return 1
done
printf "%s\n" $tmpdir/basenames-* \
| sed -re "s:$tmpdir/basenames-::" \
| /usr/lib/rpm/rpmsort -r \
> $tmpdir/kmps
dlog "find_kmps: kmps found: " $(cat $tmpdir/kmps)
}
__previous_version_of_kmp() {
local new_kmp=$1 krel=$2
local module symlink old_kmp
while read module; do
symlink=$(symlink_to_module $module $krel)
[ -e "$symlink" ] || continue
[ -L "$symlink" ] || return
old_kmp=$(grep -l "$(readlink "$symlink")" $tmpdir/modules-* | sed 's:.*/modules-::' ) || return
# The package %NAME must be the same
[ "${old_kmp%-*-*}" == "${new_kmp%-*-*}" ] || return
# The other kmp must be older
while read kmp; do
[ "$kmp" == "$old_kmp" ] && return
[ "$kmp" == "$new_kmp" ] && break
done <$tmpdir/kmps
done < $tmpdir/modules-$new_kmp
echo "$old_kmp"
}
previous_version_of_kmp() {
local old="$(__previous_version_of_kmp "$1" "$2")"
local res=$?
dlog "previous_version_of_kmp: kmp=$1 krel=$2 => $old"
echo "$old"
return $res
}
# Create list of dracut configuration files to read, taking into
# account priorities of the user and built-in configuration.
# Copied from dracut.sh as of dracut 059 (GPL-2.0-or-later)
dropindirs_sort() {
local suffix=$1
shift
local -a files
local f d
for d in "$@"; do
for i in "$d/"*"$suffix"; do
if [[ -e $i ]]; then
printf "%s\n" "${i##*/}"
fi
done
done | sort -Vu | {
readarray -t files
for f in "${files[@]}"; do
for d in "$@"; do
if [[ -e "$d/$f" ]]; then
printf "%s\n" "$d/$f"
continue 2
fi
done
done
}
}
get_current_initrd() {
local krel=$1
local initrd
if [ -n "$SDBOOTUTIL" ]; then
if [ -z "$TRANSACTIONAL_UPDATE" ] && [ -s '/etc/kernel/entry-token' ]; then
read -r initrd <<<"$(sdbootutil --entry-keys=initrd show-entry $krel)"
fi
else
initrd="/boot/initrd-$krel"
fi
echo "$initrd"
}
get_current_basenames() {
local initrd=$(get_current_initrd $1)
$LSINITRD "$initrd" |
sed -rn 's:.*\<usr/lib/modules/.*/::p' |
strip_mod_extensions
}
DRACUT_CONFFILE=/etc/dracut.conf
DRACUT_CONFDIR=/etc/dracut.conf.d
DRACUT_BUILTIN_CONFDIR=/usr/lib/dracut/dracut.conf.d
GET_DRACUT_DRIVERS=/usr/lib/module-init-tools/get_dracut_drivers
get_initrd_basenames() {
local setpriv=$(command -v setpriv)
local conf= cf
[[ -x "$GET_DRACUT_DRIVERS" && "$setpriv" ]] || {
echo "$0: unable to parse dracut configuration, skipping it" >&2
get_current_basenames "$1"
return
}
[[ ! -f "$DRACUT_CONFFILE" ]] ||
conf="$(cat "$DRACUT_CONFFILE")"
# Assemble the content of the dracut configuration files.
# Make sure to put a newline between subsequent conf file contents.
for cf in $(dropindirs_sort .conf "$DRACUT_CONFDIR" "$DRACUT_BUILTIN_CONFDIR"); do
conf="$conf
$(cat "$cf")"
done
# run get_dracut_drivers with reduced privileges
get_current_basenames "$1" |
"$setpriv" --reuid=nobody --regid=nobody --clear-groups --inh-caps=-all \
"$GET_DRACUT_DRIVERS" "$conf"
}
# test if rebuilding initrd is needed for $krel.
# stdin - list of changed modules ("_kernel_" for the whole kernel)
needs_initrd() {
local krel=$1
# Don't generate an initrd for kdump here. It's done automatically with mkdumprd when
# /etc/init.d/boot.kdump is called to load the kdump kernel. See mkdumprd(8) why
# it is done this way.
if [[ "$krel" == *kdump* ]] ; then
return 1
fi
if ! [ -f /etc/fstab -a ! -e /.buildenv -a -x "$DRACUT" ] ; then
echo "Please run \"$DRACUT -f /boot/initrd-$krel $krel\" as soon as your system is complete." >&2
return 1
fi
# KMPs can force initrd rebuild with %kernel_module_package -b that sets
# this variable
if test -n "$KMP_NEEDS_MKINITRD" && \
! test "$KMP_NEEDS_MKINITRD" -eq 0 2>/dev/null; then
dlog "needs_initrd: yes, KMP_NEEDS_MKINITRD=$KMP_NEEDS_MKINITRD"
return 0
fi
local changed_basenames=($(strip_mod_extensions | sort -u))
dlog "needs_initrd: changed_basenames: " $changed_basenames
if [ "$changed_basenames" = "_kernel_" ]; then
dlog "needs_initrd: yes, kernel package"
return 0
fi
local initrd="$(get_current_initrd $krel)"
if [ -z "$SDBOOTUTIL" ] && [ ! -e "$initrd" ]; then
dlog "needs_initrd: yes, initrd doesn't exist yet"
return 0
fi
local initrd_basenames=($(get_initrd_basenames "$krel" | sort -u))
dlog "needs_initrd: initrd_basenames: " $initrd_basenames
local i=($(join <(printf '%s\n' "${changed_basenames[@]}") \
<(printf '%s\n' "${initrd_basenames[@]}") ))
log "changed initrd modules for kernel $krel: ${i[@]-none}"
if [ ${#i[@]} -gt 0 ]; then
dlog "needs_initrd: yes, modules changed"
return 0
fi
dlog "needs_initrd: no"
return 1
}
# run depmod and rebuild initrd for kernel version $krel
# stdin - list of changed modules ("_kernel_" for a whole kernel)
run_depmod_build_initrd() {
local krel=$1
local status=0
local system_map
if [ -d /usr/lib/modules/$krel ]; then
system_map=$(find_usrmerge_boot System.map "$krel")
if [ -n "$system_map" ]; then
doit "$DEPMOD" -F "$system_map" -ae "$krel" || return 1
fi
fi
if needs_initrd $krel; then
local image x
for x in vmlinuz image vmlinux linux bzImage uImage Image zImage; do
image=$(find_usrmerge_boot "$x" "$krel")
[ -z "$image" ] || break
done
if [ -n "$image" ]; then
if [ -n "$INITRD_IN_POSTTRANS" ] || ([ -n "$SDBOOTUTIL" ] && [ -n "$TRANSACTIONAL_UPDATE" ]); then
mkdir -p /run/regenerate-initrd
doit touch /run/regenerate-initrd/$krel
else
if [ -n "$SDBOOTUTIL" ] && [ -z "$TRANSACTIONAL_UPDATE" ]; then
doit "$SDBOOTUTIL" --no-reuse-initrd add-kernel "$krel"
elif [ -z "$SDBOOTUTIL" ]; then
local initrd="$(get_current_initrd $krel)"
doit "$DRACUT" -f "$initrd" $krel
fi
status=$?
fi
else
echo "WARNING: kernel image for $krel not found!" >&2
fi
fi
return $status
}
walk_kmps() {
local krel=$1
local kmps=( $(cat $tmpdir/kmps) )
while :; do
[ ${#kmps[@]} -gt 0 ] || break
local added='' skipped='' n kmp
for ((n=0; n<${#kmps[@]}; n++)); do
kmp=${kmps[n]}
[ -n "$kmp" ] || continue
dlog "walk_kmps: checking $kmp for $krel"
if kmp_is_present $kmp $krel; then
log "Package $kmp does not need to be added to kernel $krel"
kmps[n]=''
continue
fi
local old_kmp=$(previous_version_of_kmp $kmp $krel)
if can_replace_kmp "$old_kmp" $kmp $krel; then
remove_kmp_modules "$old_kmp" "$krel"
add_kmp_modules "$kmp" "$krel"
if [ -z "$old_kmp" ]; then
log "Package $kmp added to kernel $krel"
else
log "Package $old_kmp replaced by package $kmp in kernel $krel"
fi
added=1
kmps[n]=''
continue
fi
dlog "walk_kmps: skipped $kmp"
skipped=1
done
[ -n "$added" -a -n "$skipped" ] || break
done
}
kernel_changed() {
local krel=$1 flavor=${1##*-}
local system_map=$(find_usrmerge_boot System.map "$krel")
if [ -z "$system_map" ]; then
# this kernel does not exist anymore
dlog "kernel_changed: kernel removed"
return 0
fi
if [ ! -d /usr/lib/modules/$krel ]; then
# a kernel without modules - rebuild initrd nevertheless (to mount the
# root fs, etc).
dlog "kernel_changed: kernel without modules"
elif find_kmps '*' $flavor; then
walk_kmps "$krel"
fi
echo "_kernel_" | run_depmod_build_initrd "$krel"
}
add_kernel() {
local krel=$1
kernel_changed $krel
}
remove_kernel() {
local krel=$1
local dir=/usr/lib/modules/$krel
if [ -d $dir/weak-updates ]; then
rm -rf $dir/weak-updates
fi
# If there are no KMPs left, remove the empty directory
rmdir $dir 2>/dev/null
}
add_kernel_modules() {
local krel=$1
cat >/dev/null
kernel_changed $krel
}
remove_kernel_modules() {
local krel=$1
cat >/dev/null
# FIXME: remove KMP symlinks that no longer work
kernel_changed $krel
}
add_kmp() {
local kmp=$1 kmpshort=${1%-*-*}
local basename=${kmpshort%-kmp-*} flavor=${kmpshort##*-}
local system_map
# Find the kmp to be added as well as any previous versions
find_kmps "$basename" "$flavor" || return 1
local dir krel status
for dir in /usr/lib/modules/*; do
krel=${dir#/usr/lib/modules/}
case "$krel" in
*-$flavor)
;;
*)
continue
esac
dlog "add_kmp: processing $kmp for $krel"
[ -d $dir ] || continue
system_map=$(find_usrmerge_boot System.map "$krel")
[ -n "$system_map" ] || continue
if opt_debug=1 has_unresolved_symbols "$krel" "/"; then
echo "Warning: /usr/lib/modules/$krel is inconsistent" >&2
echo "Warning: weak-updates symlinks might not be created" >&2
fi
if kmp_is_present $kmp $krel; then
log "Package $kmp does not need to be added to kernel $krel"
run_depmod_build_initrd "$krel" <$tmpdir/basenames-$kmp || \
status=1
continue
fi
local old_kmp=$(previous_version_of_kmp $kmp $krel)
if can_replace_kmp "$old_kmp" $kmp $krel; then
remove_kmp_modules "$old_kmp" "$krel"
add_kmp_modules "$kmp" "$krel"
if [ -z "$old_kmp" ]; then
log "Package $kmp added to kernel $krel"
run_depmod_build_initrd "$krel" <$tmpdir/basenames-$kmp || \
status=1
else
log "Package $old_kmp replaced by package $kmp in kernel $krel"
cat $tmpdir/basenames-{$old_kmp,$kmp} \
| run_depmod_build_initrd "$krel" || status=1
fi
else
dlog "add_kmp: skipped $kmp"
fi
done
dlog "add_kmp: status=$status"
return $status
}
remove_kmp() {
local kmp=$1 kmpshort=${1%-*-*}
local basename=${kmpshort%-kmp-*} flavor=${kmpshort##*-}
# Find any previous versions of the same kmp
find_kmps "$basename" "$flavor" || return 1
# Read the list of module names from standard input
# (This kmp may already have been removed!)
cat > $tmpdir/modules-$kmp
check_kmp "$kmp" || return 1
local dir krel status system_map
for dir in /usr/lib/modules/*; do
krel=${dir#/usr/lib/modules/}
case "$krel" in
*-$flavor)
;;
*)
continue
esac
[ -d $dir ] || continue
system_map=$(find_usrmerge_boot System.map "$krel")
[ -n "$system_map" ] || continue
dlog "remove_kmp: processing $kmp for $krel"
if kmp_is_present $kmp $krel; then
local other_found=0 inconsistent=0
if opt_debug=1 has_unresolved_symbols "$krel" "/" \
>$tmpdir/unresolved-"$krel" 2>&1; then
inconsistent=1
fi
if [ $krel != "$(cat $tmpdir/krel-$kmp)" ]; then
remove_kmp_modules "$kmp" "$krel"
fi
local other_kmp
while read other_kmp; do
[ "$kmp" != "$other_kmp" ] || continue
other_found=1
dlog "remove_kmp: checking other KMP $other_kmp"
if can_replace_kmp "" "$other_kmp" "$krel"; then
add_kmp_modules "$other_kmp" "$krel"
break
fi
done < $tmpdir/kmps
if [ -n "$other_kmp" ]; then
log "Package $kmp replaced by package $other_kmp in kernel $krel"
cat $tmpdir/basenames-{$kmp,$other_kmp} \
| run_depmod_build_initrd "$krel" || status=1
else
log "Package $kmp removed from kernel $krel"
if [ $other_found -eq 1 ]; then
log "Weak-updates symlinks to no other $kmpshort package could be created"
if [ $inconsistent -eq 1 ]; then
echo "Warning: /usr/lib/modules/$krel was inconsistent before removal of $kmp" >&2
[ -s $tmpdir/unresolved-"$krel" ] && \
cat $tmpdir/unresolved-"$krel"
fi
fi
run_depmod_build_initrd "$krel" <$tmpdir/basenames-$kmp || \
status=1
fi
rm -f $tmpdir/unresolved-"$krel"
fi
done
dlog "remove_kmp: status=$status"
return $status
}
help() {
cat <<EOF
${0##*/} --add-kmp kmp-name-version-release
To be called in %post of kernel module packages. Creates
symlinks in compatible kernel's weak-updates/ directory and rebuilds
the initrd if needed.
${0##*/} --remove-kmp kmp-name < module-list
To be called in %postun of kernel module packages. Removes
weak-updates/ symlinks for this KMP. As the KMP doesn't exist in
the RPM database at this point, the list of modules has to be
passed on standard input. Rebuilds the initrd if needed.
${0##*/} --add-kernel kernel-release
To be called in %post of the kernel base package. Adds
compatibility symlinks for all compatible KMPs and rebuilds the
initrd if needed.
${0##*/} --remove-kernel kernel-release
To be called in %postun of the kernel base package. Removes all
compatibility symlinks.
${0##*/} --add-kernel-modules kernel-release < module-list
To be called in %post of kernel subpackages that only contain
modules (i.e. not kernel-*-base). Adds newly available
compatibity symlinks and rebuilds the initrd if needed.
${0##*/} --remove-kernel-modules kernel-release < module-list
To be called in %postun of kernel subpackages that only contain
modules (i.e. not kernel-*-base). Removes no longer working
compatibity symlinks and rebuilds the initrd if needed.
${0##*/} --verbose ...
Print commands as they are executed and other information.
${0##*/} --dry-run ...
Do not perform any changes to the system. Useful together with
--verbose for debugging.
EOF
}
usage() {
echo "Usage:"
help | sed -n 's/^[^[:blank:]]/ &/p'
}
##############################################################################
save_argv=("$@")
options=`getopt -o vh --long add-kernel,remove-kernel,add-kmp,remove-kmp \
--long add-kernel-modules,remove-kernel-modules \
--long usage,help,verbose,dry-run,debug,logfile: -- "$@"`
if [ $? -ne 0 ]; then
usage >&2
exit 1
fi
eval set -- "$options"
mode=
opt_logfile=$WM2_LOGFILE
case $WM2_VERBOSE in
[0-3])
opt_verbose=$WM2_VERBOSE
;;
*)
opt_verbose=0
;;
esac
case $WM2_DEBUG in
1)
opt_debug=1
;;
*)
opt_debug=
;;
esac
while :; do
case "$1" in
--add-kernel | --remove-kernel | --add-kernel-modules | \
--remove-kernel-modules | --add-kmp | --remove-kmp )
mode="$1"
;;
-v | --verbose)
opt_verbose=$((opt_verbose + 1))
;;
--dry-run)
opt_dry_run=1
;;
--debug)
opt_debug=1
;;
--logfile)
shift
opt_logfile=$1
;;
--usage)
usage
exit 0
;;
-h | --help)
help
exit 0
;;
--)
shift
break
;;
esac
shift
done
err=
case "$mode" in
"")
err="Please specify one of the --add-* or --remove-* options"
;;
--add-kernel | --remove-kernel)
if [ $# -gt 1 ]; then
err="Too many arguments to $mode"
fi
[ $# -eq 1 ] || set -- $(uname -r)
;;
*)
if [ $# -ne 1 ]; then
err="Option $mode requires exactly one argument"
fi
;;
esac
if [ -n "$err" ]; then
echo "ERROR: $err" >&2
usage >&2
exit 1
fi
if [ -n "$opt_logfile" ]; then
[ "${opt_logfile#/}" != "$opt_logfile" ] || opt_logfile="/var/log/$opt_logfile"
echo "${0##/*}: appending output to $opt_logfile" >&2
exec 2>>"$opt_logfile"
fi
if [ $opt_verbose -gt 2 ]; then
set -x
# tracing will print everything, no need to print in log()
opt_verbose=$((opt_verbose - 3))
fi
#unset LANG LC_ALL LC_COLLATE
find_depmod
find_lsinitrd
find_sdbootutil
tmpdir=$(mktemp -d /var/tmp/${0##*/}.XXXXXX)
trap "rm -rf $tmpdir" EXIT
shopt -s nullglob
case $mode in
--add-kernel)
add_kernel "$1"
;;
--remove-kernel)
remove_kernel "$1"
;;
--add-kernel-modules)
add_kernel_modules "$1"
;;
--remove-kernel-modules)
remove_kernel_modules "$1"
;;
--add-kmp)
add_kmp "$1"
;;
--remove-kmp)
remove_kmp "$1"
esac
# vim:shiftwidth=4 softtabstop=4
07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000B00000000TRAILER!!!257 blocks
