From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Subject: [ptxdist] [PATCH] fixup! rootfs: keep /var writable, even if the rootfs is read-only
Date: Mon, 24 Jun 2019 08:48:25 +0200 [thread overview]
Message-ID: <20190624064825.31374-1-m.olbrich@pengutronix.de> (raw)
In-Reply-To: <20190605125421.20087-2-jbe@pengutronix.de>
---
projectroot/etc/fstab | 6 ++---
.../lib/systemd/system/run-varoverlayfs.mount | 3 +--
projectroot/usr/lib/systemd/system/var.mount | 3 ++-
projectroot/usr/sbin/mount.varoverlayfs | 6 ++---
rules/rootfs.make | 26 +++++++++----------
5 files changed, 21 insertions(+), 23 deletions(-)
diff --git a/projectroot/etc/fstab b/projectroot/etc/fstab
index c79c8de4d896..364b495a9c8b 100644
--- a/projectroot/etc/fstab
+++ b/projectroot/etc/fstab
@@ -11,6 +11,6 @@ debugfs /sys/kernel/debug debugfs noauto 0 0
# ramdisks
tmpfs /tmp tmpfs nosuid,nodev,mode=1777,size=20% 0 0
tmpfs /run tmpfs nosuid,nodev,strictatime,mode=0755 0 0
-#log /var/log tmpfs nosuid,nodev,noexec,mode=0755,size=10% 0 0
-#lock /var/lock tmpfs nosuid,nodev,noexec,mode=0755,size=1M 0 0
-#tmp /var/tmp tmpfs nosuid,nodev,mode=1777,size=20% 0 0
+@VAR_OVERLAYFS@tmpfs /var/log tmpfs nosuid,nodev,noexec,mode=0755,size=10% 0 0
+@VAR_OVERLAYFS@tmpfs /var/lock tmpfs nosuid,nodev,noexec,mode=0755,size=1M 0 0
+@VAR_OVERLAYFS@tmpfs /var/tmp tmpfs nosuid,nodev,mode=1777,size=20% 0 0
diff --git a/projectroot/usr/lib/systemd/system/run-varoverlayfs.mount b/projectroot/usr/lib/systemd/system/run-varoverlayfs.mount
index 034dbfee1b84..c067b9b96f53 100644
--- a/projectroot/usr/lib/systemd/system/run-varoverlayfs.mount
+++ b/projectroot/usr/lib/systemd/system/run-varoverlayfs.mount
@@ -1,10 +1,9 @@
[Unit]
Description=Overlay for '/var'
Before=local-fs.target
-OnFailure=rescue.service
[Mount]
Where=/run/varoverlayfs
What=tmpfs
Type=tmpfs
-Options=nosuid,nodev,noexec,mode=0755,size=10%,nr_inodes=100
+Options=size=20%
diff --git a/projectroot/usr/lib/systemd/system/var.mount b/projectroot/usr/lib/systemd/system/var.mount
index 764108924b9d..bd635023704d 100644
--- a/projectroot/usr/lib/systemd/system/var.mount
+++ b/projectroot/usr/lib/systemd/system/var.mount
@@ -1,10 +1,11 @@
[Unit]
Description=Writable support for '/var'
+After=run-varoverlayfs.mount
Before=local-fs.target
-OnFailure=rescue.service
[Mount]
Where=/var
# note: this is a dummy filesystem only to trigger the corresponding mount helper
What=varoverlayfs
Type=varoverlayfs
+Options=metacopy=on
diff --git a/projectroot/usr/sbin/mount.varoverlayfs b/projectroot/usr/sbin/mount.varoverlayfs
index afd5f2076245..f8fc8c88f349 100644
--- a/projectroot/usr/sbin/mount.varoverlayfs
+++ b/projectroot/usr/sbin/mount.varoverlayfs
@@ -1,11 +1,11 @@
-#!/bin/sh
+#!/bin/sh -e
# Mount helper tool to mount some kind of writable filesystem over '/var'
# (which might be read-only).
# What kind of filesystem is used to mount over '/var' can be controlled via
# the 'run-varoverlayfs.mount' mount unit and is usually a RAM disk.
-systemctl start run-varoverlayfs.mount
mkdir -p /run/varoverlayfs/upper
mkdir -p /run/varoverlayfs/work
-mount -t overlay overlay -olowerdir=/var,upperdir=/run/varoverlayfs/upper,workdir=/run/varoverlayfs/work /var
+mount -t overlay -olowerdir=/var,upperdir=/run/varoverlayfs/upper,workdir=/run/varoverlayfs/work "${@}"
systemctl stop run-varoverlayfs.mount
+rmdir /run/varoverlayfs
diff --git a/rules/rootfs.make b/rules/rootfs.make
index 8183d028886c..d7b7eccdc734 100644
--- a/rules/rootfs.make
+++ b/rules/rootfs.make
@@ -122,9 +122,16 @@ ifdef PTXCONF_ROOTFS_VAR_TMP
@$(call install_copy, rootfs, 0, 0, 01777, /var/tmp)
endif
ifdef PTXCONF_ROOTFS_VAR_OVERLAYFS
- @$(call install_alternative, rootfs, 0, 0, 0644, /usr/lib/systemd/system/run-varoverlayfs.mount)
- @$(call install_alternative, rootfs, 0, 0, 0755, /usr/sbin/mount.varoverlayfs)
- @$(call install_alternative, rootfs, 0, 0, 0644, /usr/lib/systemd/system/var.mount)
+ @$(call install_alternative, rootfs, 0, 0, 0644, \
+ /usr/lib/systemd/system/run-varoverlayfs.mount)
+ @$(call install_link, rootfs, ../run-varoverlayfs.mount, \
+ /usr/lib/systemd/system/local-fs.target.requires/run-varoverlayfs.mount)
+ @$(call install_alternative, rootfs, 0, 0, 0755, \
+ /usr/sbin/mount.varoverlayfs)
+ @$(call install_alternative, rootfs, 0, 0, 0644, \
+ /usr/lib/systemd/system/var.mount)
+ @$(call install_link, rootfs, ../var.mount, \
+ /usr/lib/systemd/system/local-fs.target.requires/var.mount)
endif
# #
@@ -144,17 +151,8 @@ ifdef PTXCONF_ROOTFS_GSHADOW
endif
ifdef PTXCONF_ROOTFS_FSTAB
@$(call install_alternative, rootfs, 0, 0, 0644, /etc/fstab)
-ifndef PTXCONF_ROOTFS_VAR_OVERLAYFS
-ifdef PTXCONF_ROOTFS_VAR_TMP
- @$(call install_replace, rootfs, /etc/fstab, #tmp, "tmpfs")
-endif
-ifdef PTXCONF_ROOTFS_VAR_LOG
- @$(call install_replace, rootfs, /etc/fstab, #log, "tmpfs")
-endif
-ifdef PTXCONF_ROOTFS_VAR_LOCK
- @$(call install_replace, rootfs, /etc/fstab, #lock, "tmpfs")
-endif
-endif # PTXCONF_ROOTFS_VAR_OVERLAYFS
+ @$(call install_replace, rootfs, /etc/fstab, @VAR_OVERLAYFS@, \
+ $(call ptx/ifdef,PTXCONF_ROOTFS_VAR_OVERLAYFS,#))
endif # PTXCONF_ROOTFS_FSTAB
ifdef PTXCONF_ROOTFS_MTAB_FILE
@$(call install_alternative, rootfs, 0, 0, 0644, /etc/mtab)
--
2.20.1
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
next prev parent reply other threads:[~2019-06-24 6:48 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-05 12:54 [ptxdist] More collected changes Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 01/20] rootfs: keep /var writable, even if the rootfs is read-only Juergen Borleis
2019-06-24 6:48 ` Michael Olbrich [this message]
2019-06-24 6:57 ` [ptxdist] [PATCH] fixup! " Michael Olbrich
2019-06-05 12:54 ` [ptxdist] [PATCH 02/20] rootfs: keep '/var/tmp' permissions in sync with 'systemd' Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 03/20] rootfs: '/var' is a mandatory directory according to FHS Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 04/20] conman: adapt package's '/var/lib' requirements Juergen Borleis
2019-06-11 8:17 ` Michael Olbrich
2019-06-05 12:54 ` [ptxdist] [PATCH 05/20] networkmanager: " Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 06/20] ntp: adapt package's '/var/lib' and '/var/log' requirements Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 07/20] dnsmasq: version bump 2.79 -> 2.80 Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 08/20] dnsmasq: clean up rule file Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 09/20] dnsmasq: adapt package's '/var/lib' requirements Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 10/20] mariadb: " Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 11/20] samba: adapt package's '/var/lib' and '/var/cache' requirements Juergen Borleis
2019-06-07 7:15 ` Michael Olbrich
2019-06-05 12:54 ` [ptxdist] [PATCH 12/20] polkit: adapt package's '/var/lib' requirements Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 13/20] nfsutils: " Juergen Borleis
2019-06-07 7:25 ` Michael Olbrich
2019-06-05 12:54 ` [ptxdist] [PATCH 14/20] logrotate: " Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 15/20] systemd: adapt package's '/var/lib' and '/var/cache' requirements Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 16/20] sysstat: adapt package's '/var/log' requirements Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 17/20] minicoredumper: adapt package's '/var/cache' requirements Juergen Borleis
2019-06-07 7:27 ` Michael Olbrich
2019-06-05 12:54 ` [ptxdist] [PATCH 18/20] opkg: move opkg-database to a read-only location Juergen Borleis
2019-06-11 8:19 ` Michael Olbrich
2019-06-05 12:54 ` [ptxdist] [PATCH 19/20] dbus: adapt run-time socket path Juergen Borleis
2019-06-05 12:54 ` [ptxdist] [PATCH 20/20] Update and sync autotools based package templates Juergen Borleis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190624064825.31374-1-m.olbrich@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox