From: Bruce Ashfield <bruce.ashfield@gmail.com>
To: pavel@zhukoff.net
Cc: meta-virtualization@lists.yoctoproject.org
Subject: Re: [meta-virtualization][RFC][PATCH] meta-virt-container.inc: Install shadow in read-only rootfs
Date: Thu, 1 Aug 2024 17:08:09 +0000 [thread overview]
Message-ID: <ZqvA+YJ25uoVcmvp@gmail.com> (raw)
In-Reply-To: <20240613085409.1860824-2-pavel@zhukoff.net>
In message: [meta-virtualization][RFC][PATCH] meta-virt-container.inc: Install shadow in read-only rootfs
on 13/06/2024 Pavel Zhukov via lists.yoctoproject.org wrote:
> Podman requires /etc/sub[g]uid for rootless mode but the file is being deleted
> if shadow is in ROOTFS_RO_UNNEEDED (even if different package like the
> podman itself provides it) and rpm backend is used.
>
> Signed-off-by: Pavel Zhukov <pavel@zhukoff.net>
> ---
> conf/distro/include/meta-virt-container.inc | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/conf/distro/include/meta-virt-container.inc b/conf/distro/include/meta-virt-container.inc
> index c3ac8394..7a8a9616 100644
> --- a/conf/distro/include/meta-virt-container.inc
> +++ b/conf/distro/include/meta-virt-container.inc
> @@ -38,3 +38,4 @@ VIRTUAL-RUNTIME_container_orchestration ??= "k3s"
>
> VIRTUAL-RUNTIME_cri ??= "virtual-containerd"
> VIRTUAL-RUNTIME_cni ??= "cni"
> +ROOTFS_RO_UNNEEDED:remove = " shadow"
I've finally got enough of my recipe version uprevs working
to get back to this.
I haven't come up with anything that is much different than
your proposal for this, but I still think we can make it a
bit more virtualization "friendly" and something that could
be overriden if needed.
The easiest way would be to just assign to a variable first,
make that variable a weak assignent and if someone wants
to override the behaviour they could.
Or alternatively, we just initialize our variable by
the default one, and do the remove from that variable,
finally doing the assignment back to ROORFS_RO_UNNEEDED.
I thought about asking for an image feature test, but
since the variable is only used when readonly roofs is
in image features, that seems exessive.
We are covered on the virtualization disto feature front
by the core meta-virt checks, so also good for that.
Did you want to have a crack at those changes, or should
I have a go at them ?
Bruce
> --
> 2.44.2
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#8796): https://lists.yoctoproject.org/g/meta-virtualization/message/8796
> Mute This Topic: https://lists.yoctoproject.org/mt/106648146/1050810
> Group Owner: meta-virtualization+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [bruce.ashfield@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
prev parent reply other threads:[~2024-08-01 17:08 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-13 8:54 [meta-virtualization][RFC][PATCH] meta-virt-container.inc: Install shadow in read-only rootfs Pavel Zhukov
2024-06-24 21:02 ` Bruce Ashfield
2024-08-01 17:08 ` Bruce Ashfield [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZqvA+YJ25uoVcmvp@gmail.com \
--to=bruce.ashfield@gmail.com \
--cc=meta-virtualization@lists.yoctoproject.org \
--cc=pavel@zhukoff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.