Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix zipl_bootmap_is_up_to_date #11980

Merged
merged 1 commit into from
May 9, 2024
+13 −4
Merged

Fix zipl_bootmap_is_up_to_date #11980

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Loading
Loading status checks…
Fix zipl_bootmap_is_up_to_date 
First, we prioritize order of all zIPL rules that are changing the
bootloader arguments in order to put them before
zipl_bootmap_is_up_to_date. This should ensure that the fixed rule
zipl_bootmap_is_up_to_date isn't broken by remediations executed later.

Second, we align the Ansible remediation in zipl_bootmap_is_up_to_date
to consider modification time of /boot/loader/entries/.

Fixes #11944
@jan-cerny
jan-cerny committed May 9, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
commit bb3dd2cd73cbaf4ec533f8f1166e4556d34bc572
11 changes: 9 additions & 2 deletions linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/ansible/shared.yml
View file
Original file line number Diff line number Diff line change
@@ -16,9 +16,16 @@
path: /etc/zipl.conf
register: zipl_conf

# TODO: handle /boot/loader/entries/*.conf
- name: "Obtain stats of /boot/loader/entries"
stat:
path: /boot/loader/entries
register: boot_loader_entries

- name: "Update zIPL bootmap"
command: /usr/sbin/zipl
changed_when: True
when: boot_bootmap.stat.mtime is defined and zipl_conf.stat.mtime is defined and boot_bootmap.stat.mtime < zipl_conf.stat.mtime
when:
- boot_bootmap.stat.mtime is defined
- zipl_conf.stat.mtime is defined
- boot_loader_entries.stat.mtime is defined
- boot_bootmap.stat.mtime < zipl_conf.stat.mtime or boot_bootmap.stat.mtime < boot_loader_entries.stat.mtime
6 changes: 4 additions & 2 deletions ssg/build_yaml.py
View file
Original file line number Diff line number Diff line change
@@ -693,11 +693,13 @@ def _add_rules_xml(self, group, rules_to_not_include, env_yaml):
r'install_smartcard_packages|' +
r'sshd_set_keepalive(_0)?|' +
r'sshd_set_idle_timeout|' +
r'chronyd_specify_remote_server$')
r'chronyd_specify_remote_server|' +
r'zipl_.*_argument(_absent)?$')
priority_order = ["enable_authselect", "installed", "install_smartcard_packages", "removed",
"enabled", "disabled", "sshd_set_keepalive_0",
"sshd_set_keepalive", "sshd_set_idle_timeout",
"chronyd_specify_remote_server"]
"chronyd_specify_remote_server",
"argument"]
rules_in_group = reorder_according_to_ordering(rules_in_group, priority_order, regex)

# Add rules in priority order, first all packages installed, then removed,