From patchwork Sun Jan 15 12:52:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1726701 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=140.211.166.137; helo=smtp4.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Nvw7V07tLz23g1 for ; Sun, 15 Jan 2023 23:53:25 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 6449640866; Sun, 15 Jan 2023 12:53:23 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 6449640866 X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PqmLnqUXWeGI; Sun, 15 Jan 2023 12:53:22 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp4.osuosl.org (Postfix) with ESMTP id 560AF403CC; Sun, 15 Jan 2023 12:53:21 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 560AF403CC X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 334DB1BF29D for ; Sun, 15 Jan 2023 12:53:08 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 0E6714167D for ; Sun, 15 Jan 2023 12:53:08 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 0E6714167D X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Bsg-vxDPAnz for ; Sun, 15 Jan 2023 12:53:07 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org E34C0415DF Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) by smtp4.osuosl.org (Postfix) with ESMTPS id E34C0415DF for ; Sun, 15 Jan 2023 12:53:06 +0000 (UTC) Received: by mail-ej1-x62f.google.com with SMTP id qx13so3895819ejb.13 for ; Sun, 15 Jan 2023 04:53:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yFSOAJw0pGlVv07TmHhcOip2Zgm9qEOwLMCQf3gaYYE=; b=vHGna8tBLEcDiDYXhKf+H/VWOp1UhfXxOrPaoM7mL8uR2VLfP+FtYwQmxHc4CCX98u rTD1iRMCtz/v6znCFk19SGZ92dV02jEKIHfo6U+OmvBNSjKcTO2zvlW4OTD22g5wRnA7 9uVfH7znbaNI+4OQ7VUYBql73920GLnoliQ7wjh8rhe3noth/SaKrEQg1loKRb4tZHYs gTttsUuCG2br6NS8OuwZNNKHjCpzCdqgQeNgvad3It4Q7ColDqygdVkN4/dOT+r7x+Qr vJrK53mxJACQxGUH1jN5ZLQq1ph1eDxjQSigafBALOUuBLhYm5Yx03906XVeBvJU0Azi YRhQ== X-Gm-Message-State: AFqh2krJ1PYk6zsBqOOiRLqmAVymizLalZxM8BN/TidQStGcnp0eOtzr XMTDfNyjP//fkaUoENLgyU5roISjTK0= X-Google-Smtp-Source: AMrXdXvUU568U2xVRhU9pPDNBpWYj3wSai23If3aiMbdjtafkr3aJ23m2TMOREAqmlU6T9rX/LTm0A== X-Received: by 2002:a17:906:1414:b0:78d:f455:b5dd with SMTP id p20-20020a170906141400b0078df455b5ddmr69465886ejc.29.1673787184919; Sun, 15 Jan 2023 04:53:04 -0800 (PST) Received: from debian-noppl.. (84-113-221-34.cable.dynamic.surfer.at. [84.113.221.34]) by smtp.gmail.com with ESMTPSA id r18-20020a1709061bb200b0084cd08e5cb5sm10581673ejg.159.2023.01.15.04.53.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Jan 2023 04:53:04 -0800 (PST) From: Norbert Lange To: buildroot@buildroot.org Date: Sun, 15 Jan 2023 13:52:46 +0100 Message-Id: <20230115125253.280257-2-nolange79@gmail.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230115125253.280257-1-nolange79@gmail.com> References: <20230115125253.280257-1-nolange79@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=yFSOAJw0pGlVv07TmHhcOip2Zgm9qEOwLMCQf3gaYYE=; b=CxHZSIzBE4VDvZr1/iOqLwwBfT6ZsOSsEXhFzPFQbk7NjKdIAJXDIXAcZuJMKH4neN ivWYbg6lxtYKVCJuPpazsQPu7zWhHpdC6/utWlaitF/7OAC+kth2XpROE7xgHOZrTp9c hz4B2+f940S2iI9n+exovxI5fzkj+xbhE7aAHgxDXvc9OyN8QU5nE1oAI5yV6I50kaya IPs/c9lqAs2cyjNY2QgDJrC8s3MHD5AjE9AI1Ay45WnJZcmW/hkBnHyMM/dG+DtgrYZM bRGRudzVjXmDv4fex/42gih5CwWrvSeO69a7FaHrB3Non51hq5mOu7pJtRqNHaF0J39o S1nw== X-Mailman-Original-Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=CxHZSIzB Subject: [Buildroot] [PATCH 1/7] system: introduce a choice for /var management X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange , "Yann E. MORIN" , "Yann E . MORIN" , Romain Naour Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" From: "Yann E. MORIN" Currently, we have a single solution to handle the /var content on a read-only root filesystem, and users can opt out of using it. We're going to introduce another solution (based on an overlayfs), which is incompatible with using the factory, so we'll have a choice of three mutually exclusive options. Introduce that choice now with just the existing /var factory, and a new option to opt out of it. Signed-off-by: Yann E. MORIN Signed-off-by: Yann E. MORIN Cc: Norbert Lange Cc: Arnout Vandecappelle (Essensium/Mind) Cc: Romain Naour Cc : Jérémy Rosen Acked-by: Norbert Lange --- system/Config.in | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/system/Config.in b/system/Config.in index 806a747315..87df031545 100644 --- a/system/Config.in +++ b/system/Config.in @@ -156,10 +156,16 @@ endchoice if BR2_INIT_SYSTEMD -config BR2_INIT_SYSTEMD_VAR_FACTORY - bool "build a factory to populate a tmpfs on /var" - default y # legacy +choice + bool "/var management" + default BR2_INIT_SYSTEMD_VAR_FACTORY # legacy depends on !BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW + help + Select how Buildroot provides a read-write /var when the + rootfs is not remounted read-write. + +config BR2_INIT_SYSTEMD_VAR_FACTORY + bool "build a factory to populate a tmpfs" help Build a factory of the content of /var as installed by packages, mount a tmpfs on /var at runtime, so that @@ -181,6 +187,16 @@ config BR2_INIT_SYSTEMD_VAR_FACTORY var.mount unit, that overrides the What and Type, and possibly the Options and After, fields. +config BR2_INIT_SYSTEMD_VAR_NONE + bool "do nothing" + help + Choose this if you have custom dispositions (like one or more + of a post-build script, a fakeroot script, systemd units, an + initramfs, or something else) that prepare /var to be writable + on a read-only rootfs. + +endchoice + config BR2_INIT_SYSTEMD_POPULATE_TMPFILES bool "trigger systemd-tmpfiles during build" default y # legacy From patchwork Sun Jan 15 12:52:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1726702 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=140.211.166.136; helo=smtp3.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Nvw7l2wzTz23g1 for ; Sun, 15 Jan 2023 23:53:39 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id C1F426059A; Sun, 15 Jan 2023 12:53:36 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org C1F426059A X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aJnneXDnvdao; Sun, 15 Jan 2023 12:53:35 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp3.osuosl.org (Postfix) with ESMTP id B72D360B3A; Sun, 15 Jan 2023 12:53:34 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org B72D360B3A X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 2545B1BF29D for ; Sun, 15 Jan 2023 12:53:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 0E3D381FFB for ; Sun, 15 Jan 2023 12:53:10 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 0E3D381FFB X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SC8zJgtfmlbJ for ; Sun, 15 Jan 2023 12:53:08 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org A75CB81FF0 Received: from mail-ej1-x636.google.com (mail-ej1-x636.google.com [IPv6:2a00:1450:4864:20::636]) by smtp1.osuosl.org (Postfix) with ESMTPS id A75CB81FF0 for ; Sun, 15 Jan 2023 12:53:08 +0000 (UTC) Received: by mail-ej1-x636.google.com with SMTP id u9so62309543ejo.0 for ; Sun, 15 Jan 2023 04:53:08 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=S9kayaAK/8M7udjSTgNuV9uUvwo+rjt19NwPnLWGOS4=; b=vxfUsUVMsdCT3W77QiynXGoQh17OCGxyR9gewEf4qF/1xdiw3P+5VpHT22Ze6oJupq CNoZclE5XIbydLUe/Zmia9/g5BUzZoSDr7x2dFhwvDODbTB5VcEAUsWi9GVYNv0nhM5n 53iozzDTAAxrnwfhCc9R5rTZaDH9Ip2r2si76JQ++eZZXcLI5k6zJ4GhnJ3Ll11X9kIC GNszno+dIorT5tH+G5iM+4xAhjH4liPN2idoXXtz/Wr2cEqCgw1AmRlFvavNzYjTe2fb anDQ5Jd7/iWze8RA0NLnz5NGZkbnOOf9MOrng8l+Ase+f4ykkTLHaIalb2kj2OFA1P48 s0UA== X-Gm-Message-State: AFqh2koBMAm5TO7YynzFypLAv1zI1ppZx5tY8wxxt2+QZStEwOKCY741 JdkTlQBtY2xcOf2gvubMCH9ykFjwLfw= X-Google-Smtp-Source: AMrXdXt3qc42BZUN1udnoNr9z1mcrkCBuNSiXhZ6+A5UCMQTb1J0UKdaIP0iS9iXoOUHsLoanq9W3A== X-Received: by 2002:a17:907:a485:b0:86f:b541:cd02 with SMTP id vp5-20020a170907a48500b0086fb541cd02mr2113432ejc.28.1673787186615; Sun, 15 Jan 2023 04:53:06 -0800 (PST) Received: from debian-noppl.. (84-113-221-34.cable.dynamic.surfer.at. [84.113.221.34]) by smtp.gmail.com with ESMTPSA id r18-20020a1709061bb200b0084cd08e5cb5sm10581673ejg.159.2023.01.15.04.53.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Jan 2023 04:53:06 -0800 (PST) From: Norbert Lange To: buildroot@buildroot.org Date: Sun, 15 Jan 2023 13:52:47 +0100 Message-Id: <20230115125253.280257-3-nolange79@gmail.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230115125253.280257-1-nolange79@gmail.com> References: <20230115125253.280257-1-nolange79@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=S9kayaAK/8M7udjSTgNuV9uUvwo+rjt19NwPnLWGOS4=; b=m+qVFnrMZQnjervynmS2LT9lKdnrUboZC1D6/+2XDmmoOVGGSdWqE2AQ1TbRE5Imh/ QjQ1si5Kc1ypDmqQuH1gf+y5oyYhnVttvqWYUuK/Lz5hMoQykIHoTqWZxiijjrD/xq/G zvpeqB38NFQkt0aCNa7jpFlHs2BSmZ8VtSaXo73V1em2gjGpZ8VjSeTLwEWCfpuQbXbZ tHuZTa9ejKX8n2x1KZtN44LsEBU/TlJAPtDCfcDOq0293fQmevzl376z29c2VQWb0RrW Zr15Us6msvESBDUezMmp2TmQdtU9HELPeNrpXwp2Au6rCt1Vs1BGX5Iwe5scClcTK+7d W5/g== X-Mailman-Original-Authentication-Results: smtp1.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=m+qVFnrM Subject: [Buildroot] [PATCH 2/7] system: add overlayfs option for ro /var X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange , =?utf-8?q?Je=CC=81re=CC=81my_Rosen?= , "Yann E . MORIN" , Romain Naour Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" This commit adds an alternative that has the following characteristics: - Dont depend on anything being available, except the API File Systems [1]. As /var is meant to be available before normal and even some early services are running. - Be a clean drop-in, that can be trivially added / removed. - Depend on overlayfs being available in the kernel. - Units are supposed to be reusable for custom solutions. Further, a few subdirectories are introduced, which hopefully can serve as template for similar uses. Buildroot owns /run/.br, bind mounts end up in /run/.br/bnd, overlay directories in /run/.br/ovl. The sequence is rather important, and the systemd mount units serve as reliable "sequence point" (cant be replicated otherwise). What we need to do is mount /var in its usable state, and block units depending on this before we are finished. This includes: - Other mounts targeting a subdirectory in /var. - Units using 'RequiresMountsFor' targeting /var or subdirectories. Most notable `basic.target` which most units depend upon by default. - Units that are (transitively) odered after one of the above. As comparison, the /var factory introduces issues here, as systemd-tmpfiles-setup.service will require all mounts to be finished before, as well als journald running. (That means /var will already be used while and before initialization). The necessary steps are: 1. Bindmount /var to /run/.br/bnd/var This is done by using the template br-bindmount-run@.service. 2. Mount an tmpfs and prepare the overlay at /run/.br/ovl/var This is done by using the template br-overlay-prepare@.service, the mounting command is separated so that users can further customize the behaviour. The choice of using a service seems more flexible, as the mount units lack several options of the mount command. As a gut feeling the fileystems mounted under /run should not be accessible or propagate their mounts, hence --make-private. (Or you might not use a mount at all). 3. Finally mount the overlay with a normal mount unit Dependencies on the template-instances of 1. and 2. will ensure correct odering before. By nature off being a systemd mount unit the remaining units will be automatically order after this unit if necessary. As example, consider using /dev/sdc1 as upper layer for var, this can be archived by swapping out just the line executing the mount itself: [Service] ExecStart= ExecStart=/bin/mount --make-private -n /dev/sdc1 ${OVERLAY_DIR} [1] - https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems/ Cc: Yann E. MORIN Cc: Romain Naour Cc: Jérémy Rosen Signed-off-by: Norbert Lange --- .../overlayfs/br-bindmount-run@.service | 26 +++++++++++++++++++ .../overlayfs/br-overlay-prepare@.service | 26 +++++++++++++++++++ .../overlayfs/overlay.mount.in | 16 ++++++++++++ .../skeleton-init-systemd.mk | 17 ++++++++++++ system/Config.in | 13 ++++++++++ 5 files changed, 98 insertions(+) create mode 100644 package/skeleton-init-systemd/overlayfs/br-bindmount-run@.service create mode 100644 package/skeleton-init-systemd/overlayfs/br-overlay-prepare@.service create mode 100644 package/skeleton-init-systemd/overlayfs/overlay.mount.in diff --git a/package/skeleton-init-systemd/overlayfs/br-bindmount-run@.service b/package/skeleton-init-systemd/overlayfs/br-bindmount-run@.service new file mode 100644 index 0000000000..ce944efd92 --- /dev/null +++ b/package/skeleton-init-systemd/overlayfs/br-bindmount-run@.service @@ -0,0 +1,26 @@ +[Unit] +Description=Bind-mount rootfs directory (/%I) to /run +Documentation=man:file-hierarchy(7) +ConditionPathIsSymbolicLink=!/%I +DefaultDependencies=no +Conflicts=umount.target +Before=umount.target + +# Needs to run after rootfs is properly mounted +# and before regular mounts might interfere. +After=systemd-remount-fs.service +Before=local-fs-pre.target + +[Service] +Type=oneshot +RemainAfterExit=yes +# dont fail if common dirs already exist +ExecStartPre=/bin/mkdir -m755 -p /run/.br +ExecStartPre=/bin/mkdir -m700 -p /run/.br/bnd + +ExecStartPre=/bin/mkdir -m700 -p /run/.br/bnd/%I +ExecStart=/bin/mount --make-private -n --bind -o ro /%I /run/.br/bnd/%I + +# lazy unmount, dont block shutdown under any circumstances +ExecStop=/bin/umount -n -l /run/.br/bnd/%I +ExecStopPost=-/bin/rmdir /run/.br/bnd/%I diff --git a/package/skeleton-init-systemd/overlayfs/br-overlay-prepare@.service b/package/skeleton-init-systemd/overlayfs/br-overlay-prepare@.service new file mode 100644 index 0000000000..86b32900dd --- /dev/null +++ b/package/skeleton-init-systemd/overlayfs/br-overlay-prepare@.service @@ -0,0 +1,26 @@ +[Unit] +Description=Mount and prepare tmpfs for overlay (/%I) +Documentation=man:file-hierarchy(7) +ConditionPathIsSymbolicLink=!/%I +DefaultDependencies=no +Conflicts=umount.target +Before=local-fs.target umount.target +# prepare for systemd mount units aswell +RequiresMountsFor=/run/.br/ovl/%I + +[Service] +Environment="OVERLAY_DIR=/run/.br/ovl/%I" +Type=oneshot +RemainAfterExit=yes +# dont fail if common dirs already exist +ExecStartPre=/bin/mkdir -m755 -p /run/.br +ExecStartPre=/bin/mkdir -m700 -p /run/.br/ovl + +ExecStartPre=/bin/mkdir -m700 -p ${OVERLAY_DIR} +# Create an override and edit this line for customization +ExecStart=/bin/mount --make-private -n -t tmpfs tmpfs_br_ovl ${OVERLAY_DIR} +ExecStartPost=/bin/mkdir -p ${OVERLAY_DIR}/up ${OVERLAY_DIR}/wd + +# lazy unmount, dont block shutdown under any circumstances +ExecStop=/bin/umount -n -l ${OVERLAY_DIR} +ExecStopPost=/bin/rmdir ${OVERLAY_DIR} diff --git a/package/skeleton-init-systemd/overlayfs/overlay.mount.in b/package/skeleton-init-systemd/overlayfs/overlay.mount.in new file mode 100644 index 0000000000..84f4d9ee47 --- /dev/null +++ b/package/skeleton-init-systemd/overlayfs/overlay.mount.in @@ -0,0 +1,16 @@ +[Unit] +Description=Variable storage (/@PATH@) +Documentation=man:file-hierarchy(7) +ConditionPathIsSymbolicLink=!/@PATH@ + +After=br-bindmount-run@@PATH@.service +Requires=br-bindmount-run@@PATH@.service + +After=br-overlay-prepare@@PATH@.service +BindsTo=br-overlay-prepare@@PATH@.service + +[Mount] +Type=overlay +What=br_ovl_@PATH@ +Where=/@PATH@ +Options=redirect_dir=on,index=on,xino=on,lowerdir=/run/.br/bnd/@PATH@,upperdir=/run/.br/ovl/@PATH@/up,workdir=/run/.br/ovl/@PATH@/wd diff --git a/package/skeleton-init-systemd/skeleton-init-systemd.mk b/package/skeleton-init-systemd/skeleton-init-systemd.mk index fb15552f99..ad529cddf6 100644 --- a/package/skeleton-init-systemd/skeleton-init-systemd.mk +++ b/package/skeleton-init-systemd/skeleton-init-systemd.mk @@ -57,6 +57,23 @@ define SKELETON_INIT_SYSTEMD_PRE_ROOTFS_VAR endef SKELETON_INIT_SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SKELETON_INIT_SYSTEMD_PRE_ROOTFS_VAR endif # BR2_INIT_SYSTEMD_VAR_FACTORY + +ifeq ($(BR2_INIT_SYSTEMD_VAR_OVERLAYFS),y) +define SKELETON_INIT_SYSTEMD_LINUX_CONFIG_FIXUPS + $(call KCONFIG_ENABLE_OPT,CONFIG_OVERLAY_FS) +endef +define SKELETON_INIT_SYSTEMD_POST_INSTALL_VAR_OVERLAYFS + sed 's,@PATH@,var,g' $(SKELETON_INIT_SYSTEMD_PKGDIR)/overlayfs/overlay.mount.in >$(@D)/var.mount + $(INSTALL) -D -m 0644 $(@D)/var.mount $(TARGET_DIR)/usr/lib/systemd/system/var.mount + $(INSTALL) -D -m 0644 $(SKELETON_INIT_SYSTEMD_PKGDIR)/overlayfs/br-bindmount-run@.service \ + $(TARGET_DIR)/usr/lib/systemd/system/br-bindmount-run@.service + $(INSTALL) -D -m 0644 $(SKELETON_INIT_SYSTEMD_PKGDIR)/overlayfs/br-overlay-prepare@.service \ + $(TARGET_DIR)/usr/lib/systemd/system/br-overlay-prepare@.service + # /var mount gets pulled in automatically by basic.target +endef +SKELETON_INIT_SYSTEMD_POST_INSTALL_TARGET_HOOKS += SKELETON_INIT_SYSTEMD_POST_INSTALL_VAR_OVERLAYFS +endif # BR2_INIT_SYSTEMD_VAR_OVERLAYFS + endif # BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW ifeq ($(BR2_INIT_SYSTEMD_POPULATE_TMPFILES),y) diff --git a/system/Config.in b/system/Config.in index 87df031545..cdf383d0d4 100644 --- a/system/Config.in +++ b/system/Config.in @@ -187,6 +187,19 @@ config BR2_INIT_SYSTEMD_VAR_FACTORY var.mount unit, that overrides the What and Type, and possibly the Options and After, fields. +config BR2_INIT_SYSTEMD_VAR_OVERLAYFS + bool "mount an overlayfs backed by a tmpfs" + help + Mount an overlayfs on /var, with the upper as a tmpfs. + + You can customize the backing storage with an override, for + ecample create this file and add the content following: + /lib/systemd/system/br-overlay-prepare@var.service.d/mount.conf + + [Service] + ExecStart= + ExecStart=/bin/mount --make-private -n /dev/sdc1 ${OVERLAY_DIR} + config BR2_INIT_SYSTEMD_VAR_NONE bool "do nothing" help From patchwork Sun Jan 15 12:52:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1726703 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Nvw7z3g48z23g1 for ; Sun, 15 Jan 2023 23:53:51 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 7575860B3A; Sun, 15 Jan 2023 12:53:49 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 7575860B3A X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EytGuHkirULv; Sun, 15 Jan 2023 12:53:48 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp3.osuosl.org (Postfix) with ESMTP id 8E53D60FA6; Sun, 15 Jan 2023 12:53:47 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 8E53D60FA6 X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 171011BF29D for ; Sun, 15 Jan 2023 12:53:11 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id E521341680 for ; Sun, 15 Jan 2023 12:53:10 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org E521341680 X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y57xZmwpBhgh for ; Sun, 15 Jan 2023 12:53:10 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org EEAB1415DF Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) by smtp4.osuosl.org (Postfix) with ESMTPS id EEAB1415DF for ; Sun, 15 Jan 2023 12:53:09 +0000 (UTC) Received: by mail-ej1-x630.google.com with SMTP id l22so32555954eja.12 for ; Sun, 15 Jan 2023 04:53:09 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WPQzlDSfYWMhjHCHNxDY+x/a3b1tcxWeg+Mbjs+1TmM=; b=VGKFDqBYFc1mht6V3W7CHqGMSkvEjEZlEqf8EoiO4nDItWeznN1RjpG49VATZ+ieBF Md38kKrPcfbMJU1jkQbBQokfmHHEQwiCI5bSOHPkK0k2b5+hBhZIG7LejeK8m6fTz+oc Um7LHWBlfY5LBo7SAc37x7NBRb2SCj9tHvpvMBOgsSLSjzd1soMJ4BsJ652PwPEql3V1 ruO+vmWWGiowFc7QJRCMRpNCeKhAVvg9uqE+YWsmwQoOv2XgEunfOBR/Eqc3am+Wab9G CCj4dd7Wgohlp2gQ/uC/CbUt6uWENvhMdez3kdw/tcnv8VsKXoetRsH60W7ncp6x57Fe kptQ== X-Gm-Message-State: AFqh2kpMSTIzZfJnFdgixmLvBatpXniYDDCHDcsEESgpUwtBzVL/JCU6 TqfNhHloV7dIfiOwY6xzxiTKJkZiTFE= X-Google-Smtp-Source: AMrXdXvi2vapM1Zne0FJrXCbzTe4nQMKozqIvmCGkjzGuX4jkRwRGTgE7PO9Vi3PHvjsIgk593+kqw== X-Received: by 2002:a17:906:1d41:b0:86e:b750:d0fe with SMTP id o1-20020a1709061d4100b0086eb750d0femr3842631ejh.32.1673787188177; Sun, 15 Jan 2023 04:53:08 -0800 (PST) Received: from debian-noppl.. (84-113-221-34.cable.dynamic.surfer.at. [84.113.221.34]) by smtp.gmail.com with ESMTPSA id r18-20020a1709061bb200b0084cd08e5cb5sm10581673ejg.159.2023.01.15.04.53.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Jan 2023 04:53:07 -0800 (PST) From: Norbert Lange To: buildroot@buildroot.org Date: Sun, 15 Jan 2023 13:52:48 +0100 Message-Id: <20230115125253.280257-4-nolange79@gmail.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230115125253.280257-1-nolange79@gmail.com> References: <20230115125253.280257-1-nolange79@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WPQzlDSfYWMhjHCHNxDY+x/a3b1tcxWeg+Mbjs+1TmM=; b=NKnwrPVpCTNIMVZGVkImlhZO5qYh+wBSzh07kgyZ3tTqMGVU64xvy6YaoslHkQ5m2l 9tax0RfFfT/UdbbzE5qxdwqkTYFV7KoB6BgDOsF/Hvk6eC/c1SJ8zMeheGBrV9f3vmjj vpqmN5U/As4OYATU7DjFwdrFGJTaFR5kFr/bp7Ph3rgadow8eaiPYgVBj66UAxiMolOY CNQPjaIS41bmDSZd6Fnp76pH66QsYO7HYqyvc24J7aqznVeyh0mYGEQ9EeuQaDbYiKUL OUxxV97xtBgxWolLHI7qUu1jszaGkakOuGg2YD0c5leES94fnovPGRl3IpBWeq+M2kH8 fQWA== X-Mailman-Original-Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=NKnwrPVp Subject: [Buildroot] [PATCH 3/7] package/skeleton-init-systemd: force permissions for buildroot runtime dirs X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange , "Yann E . MORIN" Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" A previous commit introduced /run/.br and /tmp/.br and a few subdirectories. Add a tmpfile to ensure the existance, ownership and permissions. Signed-off-by: Norbert Lange --- package/skeleton-init-systemd/00-buildroot.conf | 7 +++++++ package/skeleton-init-systemd/skeleton-init-systemd.mk | 1 + 2 files changed, 8 insertions(+) create mode 100644 package/skeleton-init-systemd/00-buildroot.conf diff --git a/package/skeleton-init-systemd/00-buildroot.conf b/package/skeleton-init-systemd/00-buildroot.conf new file mode 100644 index 0000000000..a4c7bf0576 --- /dev/null +++ b/package/skeleton-init-systemd/00-buildroot.conf @@ -0,0 +1,7 @@ +# Create buildroot API directories and fix permissions + +d /run/.br 0755 root root - +d /tmp/.br 0755 root root - + +z /run/.br/bnd 0700 root root - +z /run/.br/ovl 0700 root root - diff --git a/package/skeleton-init-systemd/skeleton-init-systemd.mk b/package/skeleton-init-systemd/skeleton-init-systemd.mk index ad529cddf6..f431ec4612 100644 --- a/package/skeleton-init-systemd/skeleton-init-systemd.mk +++ b/package/skeleton-init-systemd/skeleton-init-systemd.mk @@ -91,6 +91,7 @@ define SKELETON_INIT_SYSTEMD_INSTALL_TARGET_CMDS ln -s ../run $(TARGET_DIR)/var/run # prevent install scripts to create var/lock as directory ln -s ../run/lock $(TARGET_DIR)/var/lock + install -D -m644 $(SKELETON_INIT_SYSTEMD_PKGDIR)/00-buildroot.conf $(TARGET_DIR)/usr/lib/tmpfiles.d/00-buildroot.conf install -D -m644 $(SKELETON_INIT_SYSTEMD_PKGDIR)/legacy.conf $(TARGET_DIR)/usr/lib/tmpfiles.d/legacy.conf $(SKELETON_INIT_SYSTEMD_ROOT_RO_OR_RW) endef From patchwork Sun Jan 15 12:52:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1726704 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=140.211.166.136; helo=smtp3.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Nvw8C4dzXz23g1 for ; Sun, 15 Jan 2023 23:54:03 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id E98466059A; Sun, 15 Jan 2023 12:54:01 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org E98466059A X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PFNNkx-GncET; Sun, 15 Jan 2023 12:54:01 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp3.osuosl.org (Postfix) with ESMTP id 1337761194; Sun, 15 Jan 2023 12:54:00 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 1337761194 X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id D24261BF29D for ; Sun, 15 Jan 2023 12:53:12 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id B632D415DF for ; Sun, 15 Jan 2023 12:53:11 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org B632D415DF X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7msb1pN9i6Sw for ; Sun, 15 Jan 2023 12:53:10 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 341BF4167D Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) by smtp4.osuosl.org (Postfix) with ESMTPS id 341BF4167D for ; Sun, 15 Jan 2023 12:53:10 +0000 (UTC) Received: by mail-ej1-x62f.google.com with SMTP id qx13so3896041ejb.13 for ; Sun, 15 Jan 2023 04:53:10 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Mk5A43aGuSWnzp3jC3JgZ4eZkg6iZJt7fFF/rxhysdE=; b=XEd8uoPXLe68Hc4hntkRT+tyHdgfIlvfxvatekS1dlSLdzN6KtxpdwMIRcOl93IR5D wlECf+DzASykAIlTGooZAQ10EVjmaQgHwAoIRRrxL0dA07kziyCYJw+eIuPyiteIOSoU CCuYy2w1lyuuZpW+am1zgtRzQtK5GiYF5zl/5Zl4htJx/NPBHQprv6iEV84I55h21XD6 o3piJWzFZVsVFLhqWKxN7tASL0Yraq9JYDpv2NE/3zDZCeYyXZ/YGVYUe4bWus15ipkb /TiE2gkMPqoF8eGZD8R4bsTelwOMbI/a3hCWHg56DWOzNtP6qrgzx2gTg1NBopN2i00T t7Sw== X-Gm-Message-State: AFqh2kodAOl29Hy/8PYE9awa1+BdVPAgHA5jT++vMDfvwZlZ+USUQssq i1XSCt0KtTAG56BwWg+CeTNkKaPS8Sw= X-Google-Smtp-Source: AMrXdXsiJbdsd++SfeYI/qLCRWUPI0+5zP1o11aHeuKiBjhSuISejPW3x7er34shKFg6kISMI7aSGg== X-Received: by 2002:a17:907:674e:b0:78d:f455:b5d4 with SMTP id qm14-20020a170907674e00b0078df455b5d4mr14549387ejc.20.1673787189761; Sun, 15 Jan 2023 04:53:09 -0800 (PST) Received: from debian-noppl.. (84-113-221-34.cable.dynamic.surfer.at. [84.113.221.34]) by smtp.gmail.com with ESMTPSA id r18-20020a1709061bb200b0084cd08e5cb5sm10581673ejg.159.2023.01.15.04.53.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Jan 2023 04:53:09 -0800 (PST) From: Norbert Lange To: buildroot@buildroot.org Date: Sun, 15 Jan 2023 13:52:49 +0100 Message-Id: <20230115125253.280257-5-nolange79@gmail.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230115125253.280257-1-nolange79@gmail.com> References: <20230115125253.280257-1-nolange79@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Mk5A43aGuSWnzp3jC3JgZ4eZkg6iZJt7fFF/rxhysdE=; b=COlgYZeHRhiiDT1Xh1TprR1NnXNkMpnOgMquMAVxC+ppASIkvgTveq6bXJuXKQM+qX gqiavqPaCT0PbjCpnr/6P6rMgwuLBe118oAFxr79yVbl/iQeYoNH1iNj19AsJJmBjz7a UezDZhduI5oEdQqSv/2TfxO/W6eKwzeNlkCO/UbtZO+GmXo9uUyNmwVpNPERZp8Pxbfy 8QUz5PsKPwuJATMWfMQuE71NWM1zgB//2pOcMb9JjmyILlemzUhaDbH7/6ZdzzFpiM1h 2B9UZ7gslFwevRzSq/wSqGJpD7Mdsh3JRihJUk9Qz9dGZpjpQZBarXpFebkSm1Vruj6Q Th/Q== X-Mailman-Original-Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=COlgYZeH Subject: [Buildroot] [PATCH 4/7] system: add systemd generator for /var X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange , =?utf-8?q?Je=CC=81re=CC=81my_Rosen?= , "Yann E . MORIN" , Romain Naour Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" This commit adds an alternative that has the following characteristics: - Dont depend on anything being available, except the API File Systems [1]. - Be a clean drop-in, that can be trivially added / removed. - Runs before systemd loads its configuration. Could be extended to handle more tricky paths like /etc. For more explaination, see the commit introducing the overlay method. The implementation doesnt focus on being expandable but simple, in the future there could be an attempt to source shell scripts for configuration. So that multiple paths can be covered (/etc), or the mounts and handling specified (do-nothing, copy-over or overlay original contents). The intent is to have a direct replacement for the var factory method. [1] - https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems/ Cc: Yann E. MORIN Cc: Romain Naour Cc: Jérémy Rosen Signed-off-by: Norbert Lange --- .../generator/br-mount-generator | 19 +++++++++++++++++++ .../skeleton-init-systemd.mk | 10 +++++++++- system/Config.in | 13 +++++++++++++ 3 files changed, 41 insertions(+), 1 deletion(-) create mode 100755 package/skeleton-init-systemd/generator/br-mount-generator diff --git a/package/skeleton-init-systemd/generator/br-mount-generator b/package/skeleton-init-systemd/generator/br-mount-generator new file mode 100755 index 0000000000..fd10659c1c --- /dev/null +++ b/package/skeleton-init-systemd/generator/br-mount-generator @@ -0,0 +1,19 @@ +#!/bin/sh +set -e +# SPDX-License-Identifier: MIT +# Note: doing heavy stuff here is not recommended, but this way +# the ordering is guaranteed. Be quick about everything. +# Know that the generator can be run again later. + +[ "${SYSTEMD_IN_INITRD-0}" = 1 ] && exit +grep '^tmpfs_br_var /var tmpfs' /proc/self/mounts >/dev/null && exit + +TMPMOUNT=/run/.br/.tmpvar +trap "umount -l $TMPMOUNT || :; rmdir $TMPMOUNT || :" 0 + +mkdir -m755 -p $TMPMOUNT +mount -n -t tmpfs -o nosuid,nodev,size=50% tmpfs_br_var $TMPMOUNT + +cp -r -p /var/. $TMPMOUNT +# this is a shared mount so --move wont work +mount -n --bind $TMPMOUNT /var diff --git a/package/skeleton-init-systemd/skeleton-init-systemd.mk b/package/skeleton-init-systemd/skeleton-init-systemd.mk index f431ec4612..b9b8492f58 100644 --- a/package/skeleton-init-systemd/skeleton-init-systemd.mk +++ b/package/skeleton-init-systemd/skeleton-init-systemd.mk @@ -69,11 +69,19 @@ define SKELETON_INIT_SYSTEMD_POST_INSTALL_VAR_OVERLAYFS $(TARGET_DIR)/usr/lib/systemd/system/br-bindmount-run@.service $(INSTALL) -D -m 0644 $(SKELETON_INIT_SYSTEMD_PKGDIR)/overlayfs/br-overlay-prepare@.service \ $(TARGET_DIR)/usr/lib/systemd/system/br-overlay-prepare@.service - # /var mount gets pulled in automatically by basic.target + # var.mount gets pulled in automatically by basic.target endef SKELETON_INIT_SYSTEMD_POST_INSTALL_TARGET_HOOKS += SKELETON_INIT_SYSTEMD_POST_INSTALL_VAR_OVERLAYFS endif # BR2_INIT_SYSTEMD_VAR_OVERLAYFS +ifeq ($(BR2_INIT_SYSTEMD_VAR_GENERATOR),y) +define SKELETON_INIT_SYSTEMD_POST_INSTALL_VAR_GENERATOR + $(INSTALL) -D -m 0755 $(SKELETON_INIT_SYSTEMD_PKGDIR)/generator/br-mount-generator \ + $(TARGET_DIR)/usr/lib/systemd/system-generators/br-var-mount-generator +endef +SKELETON_INIT_SYSTEMD_POST_INSTALL_TARGET_HOOKS += SKELETON_INIT_SYSTEMD_POST_INSTALL_VAR_GENERATOR +endif # BR2_INIT_SYSTEMD_VAR_GENERATOR + endif # BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW ifeq ($(BR2_INIT_SYSTEMD_POPULATE_TMPFILES),y) diff --git a/system/Config.in b/system/Config.in index cdf383d0d4..14fefbf283 100644 --- a/system/Config.in +++ b/system/Config.in @@ -200,6 +200,19 @@ config BR2_INIT_SYSTEMD_VAR_OVERLAYFS ExecStart= ExecStart=/bin/mount --make-private -n /dev/sdc1 ${OVERLAY_DIR} +config BR2_INIT_SYSTEMD_VAR_GENERATOR + bool "use a systemd generator to mount and populate a tmpfs" + help + Mount an tmpfs on /var, with the the original contents copied. + + The logic is contained in a systemd generator, to ensure this + is done early and ordered before anything can access /var. + + Unlike the var factory, nothing needs to be prepared and + the populating happens before any unit accesses /var. + + Unlike the var factory, it does not need an overlayfs. + config BR2_INIT_SYSTEMD_VAR_NONE bool "do nothing" help From patchwork Sun Jan 15 12:52:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1726705 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Nvw8S1hbDz23g1 for ; Sun, 15 Jan 2023 23:54:16 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 7282160FBE; Sun, 15 Jan 2023 12:54:14 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 7282160FBE X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ReS5chabObgd; Sun, 15 Jan 2023 12:54:13 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp3.osuosl.org (Postfix) with ESMTP id A8E5A6118F; Sun, 15 Jan 2023 12:54:12 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org A8E5A6118F X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 900A41BF29D for ; Sun, 15 Jan 2023 12:53:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 75E6D4167D for ; Sun, 15 Jan 2023 12:53:14 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 75E6D4167D X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BRWJUzctnfJg for ; Sun, 15 Jan 2023 12:53:13 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 172CF415DF Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) by smtp4.osuosl.org (Postfix) with ESMTPS id 172CF415DF for ; Sun, 15 Jan 2023 12:53:13 +0000 (UTC) Received: by mail-ej1-x62c.google.com with SMTP id az20so43188578ejc.1 for ; Sun, 15 Jan 2023 04:53:12 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VkcK0rndVt/0vobRIpFh+ekJXQB9/eAGIKhNDzijbT4=; b=VQgk3SPf7BqIx4iOXfRPaM+YW4frUFT/44BTfvQDUHy+NftD/9cIPuatp9bu1CvPSa SXYzIyqs66nJKHSfvwA64DToPKb/tL+67Rk8hUlsCkOjkro8bhtcuCiWtKFx2nFskiyO YR0PxyE7v6ChvpxF3BLiwfPyLOmaXfmrd+nvzFI9hMktdThpHZN5B1hPtKJJq364UaR8 2WntuiLY0aF/QG5vEbBrFwsycjH+sSOuXESLG26h8vCCqsZW9otrQDeVfxhREFnOGSXl oQgYx81N5Xm2fU4GXqj9JWeNKYE4GG5NcPEovXApUnwjx7JVATEZC7JuFnmvfbIoOzl8 uIBw== X-Gm-Message-State: AFqh2kpWaFB6cTlAqDCbPOQmaSqc4oGbg96xTOtNyjYMtCY9fsmFrnWN G+TvVHWQ96sj/vhkmhQDlemFQe9EUVs= X-Google-Smtp-Source: AMrXdXt6/JaSkq89q0WLw/nxzwQeUm8tHUQpnZPpLbaP7IcdeFeGWaJUPT2q160cND2PGXTCrJwcKg== X-Received: by 2002:a17:906:f88e:b0:7aa:491c:6cdf with SMTP id lg14-20020a170906f88e00b007aa491c6cdfmr9680190ejb.18.1673787191307; Sun, 15 Jan 2023 04:53:11 -0800 (PST) Received: from debian-noppl.. (84-113-221-34.cable.dynamic.surfer.at. [84.113.221.34]) by smtp.gmail.com with ESMTPSA id r18-20020a1709061bb200b0084cd08e5cb5sm10581673ejg.159.2023.01.15.04.53.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Jan 2023 04:53:11 -0800 (PST) From: Norbert Lange To: buildroot@buildroot.org Date: Sun, 15 Jan 2023 13:52:50 +0100 Message-Id: <20230115125253.280257-6-nolange79@gmail.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230115125253.280257-1-nolange79@gmail.com> References: <20230115125253.280257-1-nolange79@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VkcK0rndVt/0vobRIpFh+ekJXQB9/eAGIKhNDzijbT4=; b=fXu+iP3CKOJM642+E2zy+Uw9vGYF+gfsveB5NO1ElEkNFmvQj/WTrp6+Xm6wEcq+Ib X4uSV8Qn+WzCUce4df2xllw5rzrbkfRGvGKYcdojz2fPBoVbgc8Pt2Bb/e5UaceEE8GG fDp3GLLFva7eS4tYdH+Xzq1SIM57ByjRC/811nzffhyFLSrpoc0Wbko/iVGnyw3S4aj9 P95IcpXYqi00beiTnyeCUQRQZ6dpaLnGQc1VQxXmkGNNsg1fr66RWx3AG7jglTitirmA e3bOyN6bu6zSWYizPHX70dxTZmnLgRM9yTi8zD3Stehes6QAYCyvhs+F5Oit8BZywyS6 9uJA== X-Mailman-Original-Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=fXu+iP3C Subject: [Buildroot] [PATCH 5/7] package/skeleton-init-systemd: fix var.mount options X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange , "Yann E . MORIN" Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" The mode should reflect the mount directory, and 755 is the default - so drop the mount option. Cc: Yann E. MORIN Signed-off-by: Norbert Lange --- package/skeleton-init-systemd/var.mount | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package/skeleton-init-systemd/var.mount b/package/skeleton-init-systemd/var.mount index e97accef93..a681ab0c54 100644 --- a/package/skeleton-init-systemd/var.mount +++ b/package/skeleton-init-systemd/var.mount @@ -12,4 +12,4 @@ After=swap.target What=tmpfs Where=/var Type=tmpfs -Options=mode=1777,strictatime,nosuid,nodev,size=50%%,nr_inodes=1m +Options=nosuid,nodev,size=50%%,nr_inodes=1m From patchwork Sun Jan 15 12:52:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1726706 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Nvw8h69qjz23g1 for ; Sun, 15 Jan 2023 23:54:28 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 31FE741682; Sun, 15 Jan 2023 12:54:27 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 31FE741682 X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BGuzFUhaVq_E; Sun, 15 Jan 2023 12:54:26 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp4.osuosl.org (Postfix) with ESMTP id 25AF2408FA; Sun, 15 Jan 2023 12:54:25 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 25AF2408FA X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id C1BE21BF29D for ; Sun, 15 Jan 2023 12:53:15 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id A9D9241680 for ; Sun, 15 Jan 2023 12:53:15 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org A9D9241680 X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 62wjfsxoKv7z for ; Sun, 15 Jan 2023 12:53:14 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org AB6BF415DF Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) by smtp4.osuosl.org (Postfix) with ESMTPS id AB6BF415DF for ; Sun, 15 Jan 2023 12:53:14 +0000 (UTC) Received: by mail-ej1-x629.google.com with SMTP id kt14so3376415ejc.3 for ; Sun, 15 Jan 2023 04:53:14 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kfTwvODlOpkPd6tXy38lcnd9njjgJQrst4KoDNR9LQE=; b=lno45bWKAa/thijhLq8XHPqOz2TEFYDQPAwJzwFIyz/9pK9I02KUY0h/leg5n0e1YB G5k8Srbx78Us8retpbOvBvjNXIZp3FeirPfZby1VlFHsgZfM4Cql16TxjsxQTNMg9stt SaMxBsr/oNxChWWEcnU/7l161kh+FM1t0WYKiJALkuHvmq87qlCrwrKbWvp76EJzHPi+ daZxnP6/p3EtwirQ1ZO3fN0HTpDE85GbjBjrJfEX4BPB08D6ilvfZMFmmqhvzF4klMVF OP+lSNfk60bKJNOBOPDsRufwOjqIakuM6nm3P+QJu2awr03aKohwvOTlXEkkM5Kvjrro CRKg== X-Gm-Message-State: AFqh2koBSdLflTpi72MFksiNcLMQ0V5+11R1YBmc+YSRqzbgZ+/cvXc7 qd+KTNp/0O7MdlaQi7UA9JDItzD5MY4= X-Google-Smtp-Source: AMrXdXv+n2GAiwaIBEkh4N6/RnH6Zo3Dnr5NTsHNmWCFWnrv2nhf63A6rAho3pcolCNrZXjkIYvOkg== X-Received: by 2002:a17:907:2127:b0:86f:724b:726c with SMTP id qo7-20020a170907212700b0086f724b726cmr2222249ejb.59.1673787192822; Sun, 15 Jan 2023 04:53:12 -0800 (PST) Received: from debian-noppl.. (84-113-221-34.cable.dynamic.surfer.at. [84.113.221.34]) by smtp.gmail.com with ESMTPSA id r18-20020a1709061bb200b0084cd08e5cb5sm10581673ejg.159.2023.01.15.04.53.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Jan 2023 04:53:12 -0800 (PST) From: Norbert Lange To: buildroot@buildroot.org Date: Sun, 15 Jan 2023 13:52:51 +0100 Message-Id: <20230115125253.280257-7-nolange79@gmail.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230115125253.280257-1-nolange79@gmail.com> References: <20230115125253.280257-1-nolange79@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kfTwvODlOpkPd6tXy38lcnd9njjgJQrst4KoDNR9LQE=; b=F80BbPpQyB9FZWvxAtJ60XtgLfad6hQF4DEeQHTenhygIA5VZhj/Foi14wbXLuav9X Jw0fWVKhXM/+Ypd5vAlpo073X5sG0eqOfUN5W9DOLPVtbP5m0GlmFg7lcBXmApWur3ta ynLG4Jd6SsSn+aAnOH+a410WTfS6ov1imtZMv+rDPdpFZWuRcDtd1Bx4UdSXvsbY3NQB 63/6eQIFMs3p+/cYwPhh1cLPVcZNVGfc/wuRsvuBrfEl43Bwfr0zTUodTqX3pL2O9i4b xHXodiZ3QJXdVg5MTrU5Kylw4IjSMj7nlXpTk7UPfQpgASECAtyepvm8DnUPxWGTOARE Qbgg== X-Mailman-Original-Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=F80BbPpQ Subject: [Buildroot] [PATCH 6/7] package/systemd: handle creation of /var/log/journal X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange , "Yann E . MORIN" , Sen Hastings Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" journald will always have a runtime log in /run/systemd/journal, and a persistent one in /var/log/journal under certain conditions. By default it will check for the existence of that directory. When /var is not backed by mass-storage you typically dont want your log duplicated and journald should be tuned to account for having only RAM available. Buildroot will now create this directory conditionally together with it's handling of /var under a read-only filesystem. It is rather easy for users to opt-in by either creating that directory or editing /etc/systemd/journald.conf. Signed-off-by: Norbert Lange --- package/systemd/systemd.mk | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk index b96873b73f..420197005c 100644 --- a/package/systemd/systemd.mk +++ b/package/systemd/systemd.mk @@ -61,6 +61,7 @@ SYSTEMD_SELINUX_MODULES = systemd udev xdg SYSTEMD_PROVIDES = udev SYSTEMD_CONF_OPTS += \ + -Dcreate-log-dirs=false \ -Ddefault-hierarchy=unified \ -Didn=true \ -Dima=false \ @@ -100,6 +101,10 @@ ifeq ($(BR2_nios2),y) SYSTEMD_LDFLAGS = $(TARGET_LDFLAGS) -Wl,--no-fatal-warnings endif +ifeq ($(BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW),y) +SYSTEMD_JOURNALD_PERMISSIONS = /var/log/journal d 2755 root systemd-journal - - - - - +endif + ifeq ($(BR2_PACKAGE_ACL),y) SYSTEMD_DEPENDENCIES += acl SYSTEMD_CONF_OPTS += -Dacl=true @@ -603,6 +608,7 @@ define SYSTEMD_PERMISSIONS /var/lib/private d 700 0 0 - - - - - /var/log/private d 700 0 0 - - - - - /var/cache/private d 700 0 0 - - - - - + $(SYSTEMD_JOURNALD_PERMISSIONS) $(SYSTEMD_LOGIND_PERMISSIONS) $(SYSTEMD_MACHINED_PERMISSIONS) $(SYSTEMD_HOMED_PERMISSIONS) @@ -782,6 +788,7 @@ HOST_SYSTEMD_CONF_OPTS = \ --libdir=lib \ --sysconfdir=/etc \ --localstatedir=/var \ + -Dcreate-log-dirs=false \ -Dmode=release \ -Dutmp=false \ -Dhibernate=false \ From patchwork Sun Jan 15 12:52:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1726707 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org (client-ip=140.211.166.136; helo=smtp3.osuosl.org; envelope-from=buildroot-bounces@buildroot.org; receiver=) Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Nvw8y0x8Pz23g1 for ; Sun, 15 Jan 2023 23:54:42 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 68A9260FA4; Sun, 15 Jan 2023 12:54:40 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 68A9260FA4 X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sY-9sRl6DMlz; Sun, 15 Jan 2023 12:54:39 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp3.osuosl.org (Postfix) with ESMTP id A6B3C60DB7; Sun, 15 Jan 2023 12:54:38 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org A6B3C60DB7 X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 12E3B1BF29D for ; Sun, 15 Jan 2023 12:53:18 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 10C1F40571 for ; Sun, 15 Jan 2023 12:53:17 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 10C1F40571 X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jEKixJmAd_CQ for ; Sun, 15 Jan 2023 12:53:15 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org C66D14167D Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) by smtp4.osuosl.org (Postfix) with ESMTPS id C66D14167D for ; Sun, 15 Jan 2023 12:53:14 +0000 (UTC) Received: by mail-ej1-x630.google.com with SMTP id l22so32556257eja.12 for ; Sun, 15 Jan 2023 04:53:14 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=j1ufLKLBzPjIlTytBQPrame8U2+w7/NVYQET1pG0KGI=; b=3GtA5d0nEg1531CmSt9boHH0uuXIF7ZhmBAxWYthZni+eiVbp4CabGImr03yalAaPm qfjQRS2PxStEVSG8cH9NxptYP55Kp/wMWQG8y03fvPL6o6UBNbVSULPlQzUaDrQnWpUU 4XQRKPHvEF6+OSOJJkbzvw6jfOYjAvr4tvoG3k97Amo9Uq7yootaW3qsBfoi796/rbi7 cxWDJ39b6fSL31CPx01zFAZ+5AlS4Pu0aklxiSBLGPkMBSB9hrh/3Jcmh8hsy+Gv8g3E LMCOiK8OZZj/bFblFzesmkvJmqugmZmTt5ccgq38qB3KiRs5wfd0ISOR/4r09jzE2wL5 8Cyw== X-Gm-Message-State: AFqh2kokKXuehFfHV7+BG7qtmWYf8SVtnT5vELwOpIkvRxBbL1rxt6v1 N/QjFZh7aUCUB6znLTyBxc5W9INlMhg= X-Google-Smtp-Source: AMrXdXuGC+mu9c/TWQAr1Hz09oTJHjRKJsCzMwP0k1CW3uhfaYf3e2NfBUNdrmA66qq5GBrf12pjvA== X-Received: by 2002:a17:907:a407:b0:84c:7974:8a73 with SMTP id sg7-20020a170907a40700b0084c79748a73mr72875333ejc.57.1673787194335; Sun, 15 Jan 2023 04:53:14 -0800 (PST) Received: from debian-noppl.. (84-113-221-34.cable.dynamic.surfer.at. [84.113.221.34]) by smtp.gmail.com with ESMTPSA id r18-20020a1709061bb200b0084cd08e5cb5sm10581673ejg.159.2023.01.15.04.53.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Jan 2023 04:53:14 -0800 (PST) From: Norbert Lange To: buildroot@buildroot.org Date: Sun, 15 Jan 2023 13:52:52 +0100 Message-Id: <20230115125253.280257-8-nolange79@gmail.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230115125253.280257-1-nolange79@gmail.com> References: <20230115125253.280257-1-nolange79@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=j1ufLKLBzPjIlTytBQPrame8U2+w7/NVYQET1pG0KGI=; b=e3wM5hmwziDbnFZcbEIXRlShp8uVHFOo+wDkTR/MRuhJ6hW5MQCmyhB4Lbi2+ugJI1 iVb8YyhtFhe79/iXnXkXdaXSEAX0WKVS7XroGHxBUPmuEvt55S828v9TdxsxtYZYdDRw VIdpHv2PIeGrMqd62C6thi/OrsbgB0ANbntQU4FBFptwDNz+AF3m/Y8hV6JYtFn/fIhy xP2w84VuDB1gcEf7u30HrJl1asLxS1/PNJtAx9tVT2VAiYe6s+iyAjg4YSY1f7q0IrRC 1p9tWPKpoBpn/pWbIkBKA7SUDfGYWuU7DzLWMCyNg3dtPSWdcLkpd0jDbjzvmV3TyPQI nv1w== X-Mailman-Original-Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=e3wM5hmw Subject: [Buildroot] [PATCH 7/7] package/systemd: create the /boot directory X-BeenThere: buildroot@buildroot.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange , "Yann E . MORIN" , Sen Hastings Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" The gpt-auto-generator can generate the boot.mount unit, and report an error if this directory cant be created (read-only fs). Signed-off-by: Norbert Lange --- package/systemd/systemd.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk index 420197005c..0074fa8791 100644 --- a/package/systemd/systemd.mk +++ b/package/systemd/systemd.mk @@ -603,6 +603,7 @@ define SYSTEMD_INSTALL_IMAGES_CMDS endef define SYSTEMD_PERMISSIONS + /boot d 700 0 0 - - - - - /var/spool d 755 0 0 - - - - - /var/lib d 755 0 0 - - - - - /var/lib/private d 700 0 0 - - - - -