On Wed, Dec 21, 2022 at 11:56:32AM -0600, Dennis Gilmore via devel wrote:
In my case, I have Network Manager config files included in my
initrd
and bootargs to bring up the network so that I get automatic disk
decryption while on my home network, and prompted for a password when
I am not at home. I think this a reasonable enough use case it should
be considered in the long term plan. There was an effort many years
ago that built the initramfs with the kernel, it was abandoned due to
not being able to guarantee sources for the binaries in the initramfs,
trying to dig up the details I am having trouble finding it, but legal
blocked it there is a reference to it in an old FESCo meeting
https://lists.fedoraproject.org/pipermail/devel/2013-February/178220.html.
I can't see any legal problem with source provision for the
binaries inside the initramfs. We're building the initrds and
UKIs inside koji, so we have a clear record of exactly what
binary RPMs went into the package, and thus have knowledge
of what sources are involved. This is the same situation we
already have in Fedora with libguestfs, where we're building
a disk image inside Koji bundling various binaries. Or for
that matter, not really different from building cloud disk
images, or any other deliverable that bundles together some
binaries from other RPMs and spits out some kind of image
or archive.
Additionally, we should also consider
https://fedoraproject.org/wiki/Features/DracutHostOnly and the size
implications and why we moved to have kernel-core, kernel-modules, and
kernel-modules-extra for cloud and different use cases.
The UKI size for a VM should not be appreciably different from the
combination of the vmluinuz + locally generated initrd. The UKI
will contain a few more modules, as its initrd is built to cope
with Xen, VMware, HyperV + KVM[1], but this only adds a small amount
over a truly minimal initrd targetting 1 hypervisor. So I don't
expect the size of the UKI will be a problem.
With regards,
Daniel
[1]
https://gitlab.com/kraxel/kernel-ark/-/commit/4395c8f99657d14d77622a18457...
--
|:
https://berrange.com -o-
https://www.flickr.com/photos/dberrange :|
|:
https://libvirt.org -o-
https://fstop138.berrange.com :|
|:
https://entangle-photo.org -o-
https://www.instagram.com/dberrange :|