From 32400243a8adf3a62d14cde9d05d7164294d1a12 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Thu, 2 Apr 2026 14:46:07 +0200
Subject: [PATCH 1/3] initrd-setup-root: Drop workarounds for systemd <259

We are updating systemd to 259, so these are not necessary anymore.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
---
 dracut/99setup-root/initrd-setup-root                | 10 ++++------
 dracut/99setup-root/initrd-setup-root-after-ignition |  4 ++--
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/dracut/99setup-root/initrd-setup-root b/dracut/99setup-root/initrd-setup-root
index d028b33..7dd34fb 100755
--- a/dracut/99setup-root/initrd-setup-root
+++ b/dracut/99setup-root/initrd-setup-root
@@ -32,8 +32,8 @@ COREOS_BLANK_MACHINE_ID="42000000000000000000000000000042"
 MACHINE_ID_FILE="/sysroot/etc/machine-id"
 
 # Allow to rerun the script
-if SYSTEMD_IN_INITRD=0 systemd-confext --root=/sysroot status | grep flatcar-default; then
-  SYSTEMD_IN_INITRD=0 systemd-confext --root=/sysroot unmerge
+if systemd-confext --root=/sysroot status | grep flatcar-default; then
+  systemd-confext --root=/sysroot unmerge
 fi
 
 function selectiveosreset() {
@@ -165,10 +165,8 @@ mkdir -p /sysroot/var/lib/extensions.mutable/
 if [ ! -L /sysroot/var/lib/extensions.mutable/etc ] && [ ! -e /sysroot/var/lib/extensions.mutable/etc ]; then
   ln -s /etc /sysroot/var/lib/extensions.mutable/etc
 fi
-# Workaround until 259: Set SYSTEMD_IN_INITRD because even with --root=
-# this would otherwise look for initrd extension metadata.
-SYSTEMD_IN_INITRD=0 systemd-confext --root=/sysroot merge
-SYSTEMD_IN_INITRD=0 systemd-confext --root=/sysroot status | grep flatcar-default || { echo "error: flatcar-default confext not loaded" ; exit 1 ; }
+systemd-confext --root=/sysroot merge
+systemd-confext --root=/sysroot status | grep flatcar-default || { echo "error: flatcar-default confext not loaded" ; exit 1 ; }
 # Even when the planned sysext/confext .services units are there
 # the above call should stay because we first need confext for Ignition
 # to have default files but then we need to reload for any user confexts
diff --git a/dracut/99setup-root/initrd-setup-root-after-ignition b/dracut/99setup-root/initrd-setup-root-after-ignition
index 6c6af0e..13a0d79 100755
--- a/dracut/99setup-root/initrd-setup-root-after-ignition
+++ b/dracut/99setup-root/initrd-setup-root-after-ignition
@@ -168,11 +168,11 @@ for NAME in $(grep -h -o '^[^#]*' /sysroot/etc/flatcar/enabled-sysext.conf /sysr
 done
 
 # Here we load a second time so that any user-supplied configuration extensions are present at boot
-SYSTEMD_IN_INITRD=0 systemd-confext --root=/sysroot refresh
+systemd-confext --root=/sysroot refresh
 # Then for the first time we can also apply system extensions so that the final system has them at boot
 # (done here until we have an upstream systemd unit doing it).
 if [ $(readlink -f /sysroot/etc/systemd/system/systemd-sysext.service 2>/dev/null) != "/dev/null" ]; then
-  if ! SYSTEMD_IN_INITRD=0 systemd-sysext --root=/sysroot merge ; then
+  if ! systemd-sysext --root=/sysroot merge ; then
     echo "ERROR: systemd-sysext failed to set up extensions in initrd, continuing boot" >&2
   fi
 fi

From 2d20cb54a985d0f78464812803af6f0bb24078c8 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Fri, 24 Apr 2026 16:49:58 +0200
Subject: [PATCH 2/3] dracut/99flatcar-debloat: Hijack the module to add
 necessary libraries

Systemd 259 started dlopening more and more libraries instead of
linking to them at build time. It mentions them in a so-called ELF
notes, but current dracut does not parse those. This caused some
libraries to be missing from initrd and systemd complaining about them
missing.

It is a temporary hack that we can drop once we update dracut to 110 -
this is where parsing of ELF notes was introduced.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
---
 dracut/99flatcar-debloat/module-setup.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/dracut/99flatcar-debloat/module-setup.sh b/dracut/99flatcar-debloat/module-setup.sh
index 0a43327..09eea23 100755
--- a/dracut/99flatcar-debloat/module-setup.sh
+++ b/dracut/99flatcar-debloat/module-setup.sh
@@ -18,4 +18,8 @@ install() {
 
     # We maybe should include this, but more work is needed for compliance.
     rm "${initdir}"/usr/lib*/ossl-modules/fips.so
+
+    # drop it when updating to dracut 110
+    inst_libdir_file "libaudit.so*"
+    inst_libdir_file "libseccomp.so*"
 }

From 1f34a011a8404c664d625cb2d5a5e9cd6d87f896 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Mon, 27 Apr 2026 17:31:34 +0200
Subject: [PATCH 3/3] dracut/99switch-root: Drop obsolete systemd settings

DefaultBlockIOAccounting was a cgroupv1 setting, DefaultCPUAccounting
is ignored because CPU accounting is always available on the unified
cgroup hierarchy.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
---
 dracut/99switch-root/nocgroup.conf | 2 --
 1 file changed, 2 deletions(-)

diff --git a/dracut/99switch-root/nocgroup.conf b/dracut/99switch-root/nocgroup.conf
index efc20ea..b567b3c 100644
--- a/dracut/99switch-root/nocgroup.conf
+++ b/dracut/99switch-root/nocgroup.conf
@@ -1,7 +1,5 @@
 [Manager]
-DefaultCPUAccounting=no
 DefaultIOAccounting=no
 DefaultIPAccounting=no
-DefaultBlockIOAccounting=no
 DefaultMemoryAccounting=no
 DefaultTasksAccounting=no