From cfa16237e1f57914c883d7e9b51fd62a23c4167b Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 29 Jul 2025 14:26:43 -0400 Subject: [PATCH] Dismantle initramfs by default in EL9/EL10 diskless If debugssh is not requsted, the initramfs is not needed. Do not unshare the mount namespace, leave the kernel relevant namespace 'normal' Remove some initramfs content to free up some memory. --- .../el9-diskless/profiles/default/scripts/imageboot.sh | 7 ++++++- confluent_osdeploy/utils/start_root.c | 5 ++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/confluent_osdeploy/el9-diskless/profiles/default/scripts/imageboot.sh b/confluent_osdeploy/el9-diskless/profiles/default/scripts/imageboot.sh index fe53bf38..7b340d2c 100644 --- a/confluent_osdeploy/el9-diskless/profiles/default/scripts/imageboot.sh +++ b/confluent_osdeploy/el9-diskless/profiles/default/scripts/imageboot.sh @@ -130,4 +130,9 @@ ln -s /sysroot/lib/modules/$(uname -r) /lib/modules/ mv /lib/firmware /lib/firmware-ramfs ln -s /sysroot/lib/firmware /lib/firmware kill $(grep -l ^/usr/lib/systemd/systemd-udevd /proc/*/cmdline|cut -d/ -f 3) -exec /opt/confluent/bin/start_root +if grep debugssh /proc/cmdline >& /dev/null; then + exec /opt/confluent/bin/start_root +else + rm -rf /lib/modules/$(uname -r) /lib/modules/$(uname -r)-ramfs /lib/firmware-ramfs /usr/lib64/libcrypto.so* /usr/lib64/systemd/ /kernel/ /usr/bin/ /usr/sbin/ /usr/libexec/ + exec /opt/confluent/bin/start_root -s # share mount namespace, keep kernel callbacks intact +fi diff --git a/confluent_osdeploy/utils/start_root.c b/confluent_osdeploy/utils/start_root.c index 132ef469..bd2c4d16 100644 --- a/confluent_osdeploy/utils/start_root.c +++ b/confluent_osdeploy/utils/start_root.c @@ -3,8 +3,11 @@ #include #define __USE_GNU #include +#include int main(int argc, char* argv[]) { - unshare(CLONE_NEWNS); + if (argc < 2 || strcmp(argv[1], "-s")) { + unshare(CLONE_NEWNS); + } mount("/dev", "/sysroot/dev", NULL, MS_MOVE, NULL); mount("/proc", "/sysroot/proc", NULL, MS_MOVE, NULL); mount("/sys", "/sysroot/sys", NULL, MS_MOVE, NULL);