Dismantle initramfs by default in EL9/EL10 diskless

If debugssh is not requsted, the initramfs is not needed. Do not unshare the mount namespace, leave the kernel relevant namespace 'normal' Remove some initramfs content to free up some memory.
2025-08-29 06:18:15 +00:00 · 2025-07-29 14:26:43 -04:00
parent 7066f85520
commit cfa16237e1
2 changed files with 10 additions and 2 deletions
--- a/confluent_osdeploy/el9-diskless/profiles/default/scripts/imageboot.sh
+++ b/confluent_osdeploy/el9-diskless/profiles/default/scripts/imageboot.sh
@@ -130,4 +130,9 @@ ln -s /sysroot/lib/modules/$(uname -r) /lib/modules/
 mv /lib/firmware /lib/firmware-ramfs
 ln -s /sysroot/lib/firmware /lib/firmware
 kill $(grep -l ^/usr/lib/systemd/systemd-udevd  /proc/*/cmdline|cut -d/ -f 3)
-exec /opt/confluent/bin/start_root
+if grep debugssh /proc/cmdline >& /dev/null; then
+    exec /opt/confluent/bin/start_root
+else
+    rm -rf /lib/modules/$(uname -r) /lib/modules/$(uname -r)-ramfs /lib/firmware-ramfs /usr/lib64/libcrypto.so* /usr/lib64/systemd/ /kernel/ /usr/bin/ /usr/sbin/ /usr/libexec/
+    exec /opt/confluent/bin/start_root -s  # share mount namespace, keep kernel callbacks intact
+fi
--- a/confluent_osdeploy/utils/start_root.c
+++ b/confluent_osdeploy/utils/start_root.c
@@ -3,8 +3,11 @@
 #include <sys/mount.h>
 #define __USE_GNU
 #include <sched.h>
+#include <string.h>
 int main(int argc, char* argv[]) {
-    unshare(CLONE_NEWNS);
+    if (argc < 2 || strcmp(argv[1], "-s")) {
+        unshare(CLONE_NEWNS);
+    }
    mount("/dev", "/sysroot/dev", NULL, MS_MOVE, NULL);
    mount("/proc", "/sysroot/proc", NULL, MS_MOVE, NULL);
    mount("/sys", "/sysroot/sys", NULL, MS_MOVE, NULL);