diff --git a/README.md b/README.md
index b2c4736..0335f8b 100644
--- a/README.md
+++ b/README.md
@@ -394,6 +394,8 @@ executing `systemctl enable hide-hardware-info.service` as root.
 * hardened malloc compatibility for haveged workaround
 `/lib/systemd/system/haveged.service.d/30_security-misc.conf`
 
+* set `dracut` `reproducible=yes` setting
+
 ## Related
 
 * Linux Kernel Runtime Guard (LKRG)
diff --git a/etc/dracut.conf.d/30-security-misc.conf b/etc/dracut.conf.d/30-security-misc.conf
new file mode 100644
index 0000000..ce80509
--- /dev/null
+++ b/etc/dracut.conf.d/30-security-misc.conf
@@ -0,0 +1 @@
+reproducible=yes