You are not logged in.
Pages: 1
I've been using Dracut for quite some time with the uefi=yes option.
I wanted to use the dracut-ukify hook, unfortunately there isn't anything on the arch wiki about it. My /etc/dracut/cmdline.conf looks like this:
hostonly=no
hostonly_cmdline=no
use_fstab=yes
compress=lz4
show_modules=yes
uefi=yes
early_microcode=yes
uefi_splash_image="/usr/share/systemd/bootctl/splash-arch.bmp"
uefi_stub="/usr/lib/systemd/boot/efi/linuxx64.efi.stub"
uefi_secureboot_cert="/etc/secureboot/keys/db/db.pem"
uefi_secureboot_key="/etc/secureboot/keys/db/db.key"
CMDLINE=(
rw
rd.auto=1
rd.luksoptions=discard
root=UUID=05f5a86f-05fc-4667-90d7-3d4d3a5cca65
resume=UUID=05f5a86f-05fc-4667-90d7-3d4d3a5cca65
rootflags=subvol=@
rd.luks.uuid=23230b50-fac4-44e1-b083-ee0abfb01551
mem_encrypt=off
)
kernel_cmdline="${CMDLINE[*]}"
unset CMDLINEI build with:
sudo dracut-ukify -g linuxand there doesn't seem to be any errors, only thing is when I try to boot I get the error "unpacking falied: invalid magic at start of compressed archive"
I have this feeling it's because I haven't done something properly. The only part I have set in /etc/dracut-ukify.conf is
ukify_global_args+=(--cmdline "rw rd.auto=1 rd.luksoptions=discard root=UUID=05f5a86f-05fc-4667-90d7-3d4d3a5cca65 resume=UUID=05f5a86f-05fc-4667-90d7-3d4d3a5cca65 rootflags=subvol=@ rd.luks.uuid=23230b50-fac4-44e1-b083-ee0abfb01551 mem_encrypt=off")Does anyone know why I get this error or what I can do? I had the mistake of once upgrading my kernel and forgetting to run "dracut --kver 6.6.14-hardened1-1-hardened --force", so I wanted the ukify hook to work.
I don't want to copy paste random things of the arch wiki, (want to install dracut-ukify and use the hooks included with that. In dracut-uefi-hook it says:
Hello everyone, dracut-uefi-hook is now in maintenance mode and won't get feature updates anymore. Please take a look to dracut-ukify, which uses systemd's ukify tool and provides similar experience.
Some notes for upgrading path:
1. cmdline must be specified in /etc/dracut-ukify.conf, dracut's own config cannot be used for that purposes
2. UEFI secure boot keys (if any) - the same as cmdline
3. It already supports custom image variants (like fallback image of mkinitcpio)! Also see in the config file for samples.
Last edited by ps246 (2024-01-29 05:57:41)
Offline
One of the things I did find was the modules were different when using dracut-ukify to build for example, it did not build these modules:
bash
cifs
dbus
dbus-broker
dmraid
kernel-network-modules
lunmask
lvm
mdraid
modsign
multipath
network
network-manager
nvdimm
qemu
qemu-net
resume
systemd-sysusers
virtiofsOffline
Hi!
Did you manage to fix the issue?
I've run into the same problem.
Also there seems to be error in the wiki: https://wiki.archlinux.org/title/Dracut … on_program
The dracut-ukify package is the modern way to generate a unified kernel image using systemd-ukify. Unlike the methods below, you can sign your whole kernel image including the initramfs. Using the uefi_secureboot_cert and uefi_secureboot_key options in your dracut config (dracut.conf(5)).
But dracut-ukify does not seem to use dracut config files at all!
Last edited by anonymous_badger (2024-02-09 19:51:37)
Offline
Pages: 1