Bug 2181541 - [RHEL9] dracut should update rngd initramfs service file
Summary: [RHEL9] dracut should update rngd initramfs service file
Keywords:
Status: VERIFIED
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: dracut
Version: 9.2
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Pavel Valena
QA Contact: Frantisek Sumsal
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-03-24 13:25 UTC by Vladis Dronov
Modified: 2023-08-24 12:26 UTC (History)
3 users (show)

Fixed In Version: dracut-057-38.git20230725.el9
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-153026 0 None None None 2023-03-24 13:26:07 UTC

Description Vladis Dronov 2023-03-24 13:25:07 UTC 
dracut should update rngd initramfs service file with the latest rng-tools updates including a FIPS one:

/usr/lib/dracut/modules.d/06rngd/rngd.service

$ rpm -qf /usr/lib/dracut/modules.d/06rngd/rngd.service 
dracut-057-3.fc36.x86_64

please see details in: bz2154804#c8

the new file content should be:

[Unit]
Description=Hardware RNG Entropy Gatherer Daemon
DefaultDependencies=no
Before=systemd-udevd.service
ConditionVirtualization=!container
ConditionKernelCommandLine=!fips=1

[Service]
Type=simple
ExecStart=/usr/sbin/rngd -f --fill-watermark=0 -x pkcs11 -x nist -x qrypt
Comment 1 Vladis Dronov 2023-03-24 13:31:09 UTC 
this pack of dracut bzs:
fedora: https://bugzilla.redhat.com/show_bug.cgi?id=2181540
rhel9: https://bugzilla.redhat.com/show_bug.cgi?id=2181541
rhel8: https://bugzilla.redhat.com/show_bug.cgi?id=2181543
Comment 2 David Tardon 2023-05-17 08:11:41 UTC 
No. A unit file should only be duplicated in dracut if there's no other way. We want less divergence from the real system, not more. There's nothing initrd-specific in the unit file you propose, hence it should just be copied from the system.
Comment 3 Vladis Dronov 2023-05-17 11:01:58 UTC 
i was not sure if there's some specific requirements/restrictions for unit files for initrd/dracut. 
if there's none, then great, please, copy it from the system.
Comment 4 Pavel Valena 2023-07-19 08:41:28 UTC 
Setting ITM 26 as agreed with QE.
Comment 5 Pavel Valena 2023-07-24 10:28:31 UTC 
Testd & created PR: https://github.com/redhat-plumbers/dracut-rhel9/pull/64
Note You need to log in before you can comment on or make changes to this bug.