1812351 – Regenerate initramfs in the right way

Bug 1812351 - Regenerate initramfs in the right way

Summary: Regenerate initramfs in the right way

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Gluster Storage
Classification:	Red Hat Storage
Component:	gluster-ansible
Sub Component:
Version:	rhgs-3.5
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	RHGS 3.5.z Batch Update 2
Assignee:	Gobinda Das
QA Contact:	SATHEESARAN
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1812350
TreeView+	depends on / blocked

Reported:	2020-03-11 05:10 UTC by SATHEESARAN
Modified:	2020-06-16 05:57 UTC (History)
CC List:	5 users (show)
Fixed In Version:	gluster-ansible-infra-1.0.4-6.el8rhgs
Doc Type:	No Doc Update
Doc Text:
Clone Of:	1812350
Environment:	rhhiv, rhel8
Last Closed:	2020-06-16 05:57:30 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	gluster gluster-ansible-infra pull 82	None	closed	NBDE and blacklist issue fixes	2020-06-03 05:30:01 UTC
Github	gluster gluster-ansible pull 97	None	closed	Validate if root device is encrypted prior to actual configuration	2020-06-03 05:30:01 UTC
Red Hat Product Errata	RHEA-2020:2575	None	None	None	2020-06-16 05:57:47 UTC

Description SATHEESARAN 2020-03-11 05:10:52 UTC

Description of problem:
-----------------------
Current part of the code does 'dracut -vf' twice to regenerate initramfs and that's not the right way to achieve the result.

As per RHEL 8 documentation[1] suggest to regenerate initramfs using the following command:
   # dracut -fv --regenerate-all

[1] - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/security_hardening/index#configuring-manual-enrollment-of-volumes-using-clevis_configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption

Version-Release number of selected component (if applicable):
-------------------------------------------------------------
gluster-ansible-infra-1.0.4-5.el8rhgs.noarch.rpm 

How reproducible:
-----------------
Always

Steps to Reproduce:
-------------------
1. Run the playbook to achieve NBDE

Actual results:
---------------
'dracut -fv' is called twice to regenerate initramfs

Expected results:
-----------------
'dracut -fv --regenerate-all' should be used to regenerate initramfs  as per RHEL 8 security hardening document

Comment 2 SATHEESARAN 2020-03-21 09:54:39 UTC

Verified with gluster-ansible-infra-1.0.4-6

initramfs is regenerated in the right way using 'dracut -vf --regenerate-all'

Comment 6 errata-xmlrpc 2020-06-16 05:57:30 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:2575

Note You need to log in before you can comment on or make changes to this bug.