Hi there, On Thu, 10 Dec 2015 02:52:11 +0100 Guilhem Moulin <guil...@guilhem.org> wrote: > AFAIK there is no documentation for where users should set variables to > configure an initramfs hook. There are a couple of workaround, all > hacky and/or relying on undocumented properties of initramfs-tools(8): > > 1/ Setting said variable in initramfs.conf(5). (Since hook scripts > are executed is sub-shells the variable need to be exported.) This > is somewhat ugly since initramfs.conf(5) is the configuration file > *for mkinitramfs*, not for the hook files. > > 2/ Using /usr/share/initramfs-tools/conf-hooks.d/$hook. This is an > undocumented (short of an entry in the changelog) hack. Also > unless that file is marked as a conffile (which violates the > policy) user modifications are wiped upon upgrade.
If I got it right (didn't find documentation about it), the current
purpose of conf-hooks.d seems to be to configure *mkinitramfs* in a
proper way required by the hook scripts, not to set configuration
variables for the hook scripts themselves, no? At least, all that
mkinitramfs does for now, is to source the files from conf-hooks.d. No
export of variables, so the configured variables aren't available to the
hook scripts for now.
> 3/ Make /usr/share/initramfs-tools/conf-hooks.d/$hook a symlink to
> /etc/initramfs-tools/conf-hooks.d/$hook. But again, this uses an
> undocumented property of mkinitramfs(8), and it might hijack your
> /etc/initramfs-tools namespace.
>
> There are packages that ship user configurable initramfs hooks
> (cryptsetup and dropbear-initramfs come to mind). These package need
> documented instructions for where to drop user configuration
> (/etc/initramfs-tools/conf-hooks.d/$package comes to mind).
>
> Alternatively, in a private discussion with Jonas Meurer of the Debian
> Cryptsetup Team (X-Debug-CC), I've been suggested that mkinitramfs(8)
> could instead source files in /etc/initramfs-tools/conf-hooks.d/ after
> sourcing /usr/share/initramfs-tools/conf-hooks.d/. This way package
> maintainers would ship variables with their default in /usr while users
> would write their custom configuration in /etc.
Following up on that I think that a proper solution would be the following:
- redefine the purpose of files in conf-hooks.d to set variables that
are made available to mkinitramfs *and* the hook scripts. In other
words, parse the configure includes from conf-hooks.d in mkinitramfs
and export all variables instead of just sourcing the files.
- add the change proposed by Guilhem and support user-defined configs
from /etc/initramfs-tools/conf-hooks.d/, overwriting the configs from
packages at /usr/share/initramfs-tools/conf-hooks.d/.
See attached patch which implements this.
Cheers,
jonas
> -8<----------------------------------------------------->8-
> --- a/mkinitramfs
> +++ b/mkinitramfs
> @@ -87,6 +87,7 @@
> echo "Warning: ${i} is a directory instead of file, ignoring."
> elif [ -e "${i}" ]; then
> . "${i}"
> + . [ ! -f "/etc/${i#/usr/share/}" ] || . "/etc/${i#/usr/share/}"
> fi
> done
>
> -8<----------------------------------------------------->8-
>
> Either way, IMHO initramfs-tools(8) should include some instructions for
> custom initramfs hook configuration.
>
> Cheers,
> --
> Guilhem.
>
> PS. In fact I've implemented 3/ in dropbear-initramfs a couple of weeks
> ago. Oopsâ¦
From fd3af859880f727088a3fd21fbccef9949bb02ed Mon Sep 17 00:00:00 2001
From: Jonas Meurer <jo...@freesources.org>
Date: Thu, 10 Dec 2015 12:09:06 +0100
Subject: [PATCH] mkinitramfs: export variables from conf-hooks.d directories
Up to now, there was no clear api in initramfs-tools to make initramfs
hook scripts configurable. Variables from conf-hooks.d include files were
not available to the hook scripts due to the hooks beeing executed in
sub-shells. This lead to ugly workarounds in packages that tried (and
most of them: failed) to make their hook scripts configurable to the user.
Now, mkinitramfs exports all variables from conf-hooks.d configuration
includes additionally to sourcing the files. This leads to the variables
being available to hooks, thus providing a clear api to configure initramfs
hook scripts.
Additionally, the directory /etc/initramfs-tools/conf-hooks.d is introduced,
meant as a place to overwrite package-provided hook configuration by local
settings.
Close: #807527
---
debian/changelog | 11 ++++++++++-
debian/initramfs-tools-core.dirs | 1 +
mkinitramfs | 6 +++++-
3 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 16e4e5f..4595b88 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,6 @@
initramfs-tools (0.120) unstable; urgency=medium
+ [ Ben Hutchings ]
* [23ee5f9] Add '.log' to fsck log output file, and document its existence
(Closes: #780352)
* [b87e34b] Remove old comment about running shell on failure of fsck
@@ -10,7 +11,15 @@ initramfs-tools (0.120) unstable; urgency=medium
* [25ab961] NEWS: Add entries about other ways of mounting /usr that won't
work
- -- Ben Hutchings <b...@decadent.org.uk> Mon, 13 Apr 2015 01:18:06 +0100
+ [ Jonas Meurer ]
+ * Redefine the purpose of conf-hooks.d include files (closes: #807527):
+ - Variables from these files are exported to the hooks scripts in
+ mkinitramfs from now on.
+ - Add /etc/initramfs-tools/conf-hooks.d as user-configurable place
+ for conf-hooks.d, potentially overwriting settings from
+ /usr/share/initramfs-tools/conf-hooks.d.
+
+ -- Jonas Meurer <m...@debian.org> Thu, 10 Dec 2015 11:28:46 +0100
initramfs-tools (0.119) unstable; urgency=medium
diff --git a/debian/initramfs-tools-core.dirs b/debian/initramfs-tools-core.dirs
index bcb978b..3098260 100644
--- a/debian/initramfs-tools-core.dirs
+++ b/debian/initramfs-tools-core.dirs
@@ -10,6 +10,7 @@ etc/initramfs-tools/scripts/nfs-top
etc/initramfs-tools/scripts/panic
etc/initramfs-tools/hooks
etc/initramfs-tools/conf.d
+etc/initramfs-tools/conf-hooks.d
usr/share/initramfs-tools/conf.d
usr/share/initramfs-tools/conf-hooks.d
usr/share/initramfs-tools/modules.d
diff --git a/mkinitramfs b/mkinitramfs
index b64c7fb..c394803 100755
--- a/mkinitramfs
+++ b/mkinitramfs
@@ -82,11 +82,15 @@ for i in ${EXTRA_CONF}; do
done
# source package confs
-for i in /usr/share/initramfs-tools/conf-hooks.d/*; do
+for i in /usr/share/initramfs-tools/conf-hooks.d/* /etc/initramfs-tools/conf-hooks.d/*; do
if [ -d "${i}" ]; then
echo "Warning: ${i} is a directory instead of file, ignoring."
elif [ -e "${i}" ]; then
. "${i}"
+ hookvars="$(sed -e '/#.*$/d' -e '/^$/d' ${i} | cut -d= -f1)"
+ if [ -n "${hookvars}" ]; then
+ export ${hookvars}
+ fi
fi
done
--
2.5.0
signature.asc
Description: OpenPGP digital signature
