Skip to content

Commit 6c5f208

Browse files
chewichewi
committed
flatcat-debloat: Add module to trim the initrd more aggressively
Signed-off-by: James Le Cuirot <[email protected]>
1 parent 213773e commit 6c5f208

File tree

1 file changed

+21
-0
lines changed

1 file changed

+21
-0
lines changed

dracut/99flatcar-debloat/module-setup.sh

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
config() {
2+
# gcrypt: Only needed for systemd-journal's FSS feature.
3+
# lz4: Flatcar has never needed this for the journal or coredumps.
4+
omit_dlopen_features+=" libsystemd-shared-*.so:gcrypt,lz4 "
5+
}
6+
7+
# shellcheck disable=SC2064
8+
trap "$(shopt -p extglob)" RETURN
9+
shopt -q -s extglob
10+
11+
install() {
12+
# shellcheck disable=SC2064
13+
trap "$(shopt -p extglob)" RETURN
14+
shopt -q -s extglob
15+
16+
# Remove the NSS modules we don't need.
17+
rm "${initdir}"/usr/lib*/libnss_!(dns|files|myhostname|resolve|systemd).so*
18+
19+
# We maybe should include this, but more work is needed for compliance.
20+
rm "${initdir}"/usr/lib*/ossl-modules/fips.so
21+
}

0 commit comments

Comments
 (0)