adamw, 23 days ago

@bluca #fedora #openqa sez no: https://bodhi.fedoraproject.org/updates/FEDORA-2024-54b3646daf#comment-3506797

bluca, 23 days ago

@adamw check whether dracut is pulling in libkmod, it's now a dlopen

pid_eins, 22 days ago

@bluca @adamw it appears that dracut patches around in /usr/ in the initrd during boot, and that conflicts with the new system-wide ProtectSystem= setting which defaults to on in the initrd and off on the host.

See my mail to fedora-devel.

bluca, 22 days ago

@pid_eins @adamw ...or maybe not :-) https://github.com/systemd/systemd/issues/32508#issuecomment-2080063182

adamw, 22 days ago

@bluca @pid_eins well, I think there are two problems, but it's the missing kmod library that breaks boot 100% of the time. the problem with dracut's hook directory being read-only is a real thing, I'm pretty sure, but it doesn't seem to prevent boot, at least on a simple VM install (I can certainly imagine it might do so in other cases). edit: I filed https://github.com/systemd/systemd/issues/32511 for the read-only hooks issue.

pid_eins, 22 days ago

@adamw @bluca I am pretty sure this one should be fixed in dracut. Either properly by not patching around in /usr/, because that's yuck. Or with a hotfix, by disabling the logic to mount /usr/ read-only in the initrd, there's an easy knob for that in /etc/systemd/system.conf after all.

But there's nothing to fix here in systemd.

Except maybe adding a bigger note about this to NEWS.