Re: [yocto] Simple solution to create a non-root partition image?

[Felix Mellmann <flix.yocto@benfm.de>]

Am 2026-05-03 22:40, schrieb Michael Opdenacker:
> Greetings,
> 
> For an ongoing project with a read-only root filesystem, I'd like to 
> create an image for a non-root partition.
> 

Within my projects I split up the TAR balls by their mounting point and 
then use these archives for further processing.
The main reason for me was to use RAUC with multiple images per slot (a 
customer urged me to split up /var from / ).

Create classes-recipe/foo-image-types.bbclass:

# tar file which only covers /storage
IMAGE_CMD:storage.tar = "${IMAGE_CMD_TAR} --sort=name --format=posix 
--numeric-owner -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}.storage.tar -C 
${IMAGE_ROOTFS}/storage . || [ $? -eq 1 ]"
# tar file which only covers /var
IMAGE_CMD:var.tar = "${IMAGE_CMD_TAR} --sort=name --format=posix 
--numeric-owner -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}.var.tar -C 
${IMAGE_ROOTFS}/var . || [ $? -eq 1 ]"

# tar file which covers the whole root filesystem except of the 
separated archives above
IMAGE_CMD:remaining.tar = "${IMAGE_CMD_TAR} --sort=name --format=posix 
--numeric-owner -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}.remaining.tar -C 
${IMAGE_ROOTFS} --exclude='./storage/*' --exclude='./var/*' . || [ $? 
-eq 1 ]"

Use a custom image recipe, i.e. "foo-image.bb":

SUMMARY = "Foo image"

inherit core-image

IMAGE_CLASSES += "foo-image-types"
IMAGE_FSTYPES = "storage.tar.xz var.tar.xz remaining.tar.xz"

IMAGE_INSTALL:append = " \
     packagegroup-foo \
"

When you build "foo-image" instead of 
"foo-image-foo-machine.rootfs.tar.xz" you'll get 
"foo-image-foo-machine.rootfs.storage.tar.xz", 
"foo-image-foo-machine.rootfs.var.tar.xz" and 
"foo-image-foo-machine.rootfs.remaining.tar.xz" which you can use in 
further stages (i.e. build RAUC bundle). I don't know if those images 
can be integrated within WIC, as I don't use it, but maybe something 
like this work within a custom WKS file:

part / --source rootfs.remaining [...]
part /storage --source rootfs.storage [...]
part /var --source rootfs.var [...]


With such a setup you can do whatever you like with your partitions 
(mount some of them read-only, apply overlay, share them between A/B 
setups, ...) and build your application recipes independent from 
architectural decision and still allow updating system and application 
packages which span multiple partitions within the field by either using 
a package manager or RAUC.

Good luck,
Felix

> To give you some context, this partition would contain data and scripts 
> to be used at first boot to do per device provisioning work. Some of 
> these would be removed after provisioning, as they could tip attackers 
> about how secrets are stored if they get their hands on devices that 
> haven't been provisioned yet. Hence, these cannot be in the read-only 
> root filesystem.
> 
> To create such an image, I tried to create a new image recipe 
> inheriting the "image" class, and then install some packages into the 
> image with a "local" IMAGE_INSTALL list.
> 
> This seems it could work, but I'm struggling with removing dependencies 
> (bootloader, kernel, etc) that are only relevant for a root filesystem 
> image.
> 
> Would there be a simpler way to create a non root partition image?
> 
> Thanks in advance
> Cheers
> Michael.
> 
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#66467): 
> https://lists.yoctoproject.org/g/yocto/message/66467
> Mute This Topic: https://lists.yoctoproject.org/mt/119133286/8090339
> Group Owner: yocto+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
> [flix.yocto@benfm.de]
> -=-=-=-=-=-=-=-=-=-=-=-