-
Notifications
You must be signed in to change notification settings - Fork 18
Driver Update
Driver Update Disk (DUD) is a mechanism how to update the YaST installer or other systems parts in an already released product. It also allows to install a newer package to the target system than available on the original installation media.
The installation system uses a read-only file system so the files cannot be easily modified there.
It is possible to use a plain RPM package as a driver update. That makes the process simpler, on the other hand it allows only patching the installer. The driver update package will not be installed into the target system.
If you need the package also in the target system you need to build a full driver update archive.
In both cases you need to build the binary RPM package.
To build a DUD archive you need the mkdud tool.
# create a DUD file from an RPM package for SLES/SLED 15
mkdud --create dud.cpio.gz --dist sle15 package.rpmUse --dist leap15.5 when building DUD for openSUSE Leap. Run man mkdud
to see more details.
You can also patch a file in the installer which is not part of any package. For
example to include a new control.xml file put it into the inst-sys directory
and then use
# update arbitrary installer file
mkdud --create dud.cpio.gz --dist sle15 package.rpm inst-sysSee more details in the mkdud documentation
or in the mkdud manual page (man mkdud).
The DUD archive is a compressed CPIO archive, you can easily inspect the content if needed.
The process for creating and later applying the driver update does not check the package dependencies. If an updated packages requires has new or different dependencies they need to be added to the DUD manually.
Be careful when building the updated packages against updated libraries, they need to be included in the DUD as well.
Driver update is triggered by the dud boot option. The dud should point
to the URL with the driver update archive or RPM package.
You can use the dud option multiple times, all referenced driver updates will
be loaded. If you use a lot of driver updates then it might be convenient to
write all parameters to a file and use the info boot parameter pointing to that
file.
Using a plain RPM package:
dud=http://example.com/package.rpm
Using a DUD archive:
dud=http://example.com/dud.cpio.gz
Using a DUD from local disk or USB drive, using the kernel name:
dud=hd:/dev/sdb1/dud.cpio.gz
That is a bit fragile if there are multiple disks in the system, the Linux
kernel might assign different names at each boot. To have more stable names use
the filesystem label (DUD in this case):
dud=hd:/dud.cpio.gz?device=*label/DUD
To create or modify the label use the tool specific for the used filesystem.
Examples for setting the DUD label for the /dev/sdb1 device:
-
dosfslabel /dev/sdb1 DUD- USB flash disk with FAT filesystem (the default) -
e2label /dev/sdb1 DUD- disk with Ext2/3/4 filesystem -
xfs_admin -L DUD /dev/sdb1- disk with XFS filesystem -
btrfs filesystem label /dev/sdb1 DUD- disk with Btrfs filesystem
To see labels for all disks in the system use the lsblk -f command.
See the documentation for the complete list of supported URLs. See more details in the Linuxrc documentation.
By default Linuxrc verifies the GPG signature of the driver update. If the driver update is not signed or signed by an unknown GPG key then Linuxrc will display an error. You can manually confirm using the update.
If you want to disable the check then use the insecure=1 boot option.
insecure=1 option or manually
confirming the signature error, it is a security risk. A malicious DUD file
could install a backdoor or tamper the installation or the installed system.
You can host the driver update on an HTTP/FTP/NFS/SMB server.
For testing purposes you can run a simple web server provided by some languages:
# Ruby based web server
ruby -run -ehttpd . -p8000
# Python base web server
python3 -m http.server 8000These commands will share the files from the current directory via a web server.
Make sure the used port (8000 in this case) is not blocked by the firewall. You can open the port using this command:
firewall-cmd --zone=public --add-port=8000/tcpThen use the dud=http://<my_host_or_ip>:8000/dud.cpio.gz boot option.