diff --git a/Dockerfile b/Dockerfile
index f071c84..e06fa58 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,6 +11,11 @@ RUN git clone --depth=1 -b v0.0.10 https://github.com/gardenlinux/aws-kms-pkcs11
 RUN cd aws-kms-pkcs11 && make -j "$(nproc)" AWS_SDK_STATIC=y install
 RUN cp "/usr/lib/$(uname -m)-linux-gnu/pkcs11/aws_kms_pkcs11.so" /aws_kms_pkcs11.so
 
+FROM debian:testing AS datefudge
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends build-essential ca-certificates git
+RUN git clone --branch debian/1.26 --depth=1 https://salsa.debian.org/debian/datefudge.git
+RUN make -C datefudge install
+
 FROM debian:testing
 
 LABEL org.opencontainers.image.source="https://github.com/gardenlinux/builder"
@@ -24,6 +29,8 @@ RUN cd /tmp \
 && rm openssl.deb
 COPY --from=mv_data /usr/bin/mv_data /usr/bin/mv_data
 COPY --from=aws-kms-pkcs11 /aws_kms_pkcs11.so /aws_kms_pkcs11.so
+COPY --from=datefudge /usr/lib/datefudge/datefudge.so /usr/lib/datefudge/datefudge.so
+COPY --from=datefudge /usr/bin/datefudge /usr/bin/datefudge
 RUN mv /aws_kms_pkcs11.so "/usr/lib/$(uname -m)-linux-gnu/pkcs11/aws_kms_pkcs11.so"
 COPY builder /builder
 RUN mkdir /builder/cert
diff --git a/builder/image.d/makepart b/builder/image.d/makepart
index 3740c7f..1aac5b1 100755
--- a/builder/image.d/makepart
+++ b/builder/image.d/makepart
@@ -257,7 +257,6 @@ if [[ -n "$(find "$dracut_include/etc/repart.d/" -name "1.*.conf")" ]] || { [[ -
 fi
 
 read -r _ cmdline < "$rootfs/etc/kernel/cmdline" # hacky assumption that root= is always at start of kernel cmdline. TODO: find better way to handle this
-cmdline="rd.break systemd.journald.forward_to_console=1 $cmdline"
 if [[ -z "$(cat "$root_hash")" ]]; then
 	if [[ -z "$(cat "$root_repart")" ]]; then
 		root_source=$(tail -n 1 "$fstab" | cut -d " " -f 1)
diff --git a/pkg.list b/pkg.list
index 0305950..f454f58 100644
--- a/pkg.list
+++ b/pkg.list
@@ -6,7 +6,6 @@ ca-certificates
 cpio
 cryptsetup
 curl
-datefudge
 dosfstools
 e2fsprogs
 fdisk