* [PATCH 0/2] read-only rootfs support
@ 2012-12-24 7:54 Qi.Chen
2012-12-24 7:54 ` [PATCH 1/2] initscripts: support read-only rootfs Qi.Chen
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Qi.Chen @ 2012-12-24 7:54 UTC (permalink / raw)
To: openembedded-core; +Cc: Zhenfeng.Zhao
From: Chen Qi <Qi.Chen@windriver.com>
Add read-only rootfs support to sysvinit startup system.
The main changes are:
1) Let rootfs_xxx.bbclass support 'read-only-rootfs' image feature.
If IMAGE_FEATURES contains 'read-only-rootfs', then the populate-volatile.sh
script is run at rootfs time to set up basic directories and files.
2) Improve the populate-volatile.sh init script.
3) Add two config files specific to read-only-rootfs image, which are to be used
by the populate-volatile.sh script.
4) Automatically adjust the mount options in fstab when 'read-only-rootfs' is in
IMAGE_FEATURES.
The following changes since commit 90c0eb29f0b41e4ac2d3d17ebad7295c2ebdc02a:
rootfs_rpm.bbclass: remove debug code (2012-12-19 21:43:55 +0000)
are available in the git repository at:
git://git.pokylinux.org/poky-contrib ChenQi/readonly-rootfs
http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=ChenQi/readonly-rootfs
Chen Qi (2):
initscripts: support read-only rootfs
rootfs_xxx.bbclass: support read-only-rootfs image feature
meta/classes/rootfs_deb.bbclass | 14 +
meta/classes/rootfs_ipk.bbclass | 15 ++
meta/classes/rootfs_rpm.bbclass | 20 +-
meta/recipes-core/base-files/base-files_3.0.14.bb | 8 +-
.../initscripts/initscripts-1.0/bootmisc.sh | 9 +-
.../initscripts-1.0/populate-volatile.sh | 285 ++++++++++----------
.../initscripts/initscripts-1.0/volatiles | 1 +
.../initscripts-1.0/volatiles-readonly-minimal | 23 ++
.../initscripts-1.0/volatiles-readonly-sato | 30 +++
meta/recipes-core/initscripts/initscripts_1.0.bb | 15 +-
10 files changed, 265 insertions(+), 155 deletions(-)
create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal
create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato
--
1.7.9.5
^ permalink raw reply [flat|nested] 7+ messages in thread* [PATCH 1/2] initscripts: support read-only rootfs 2012-12-24 7:54 [PATCH 0/2] read-only rootfs support Qi.Chen @ 2012-12-24 7:54 ` Qi.Chen 2012-12-24 8:14 ` Martin Jansa 2012-12-24 7:54 ` [PATCH 2/2] rootfs_xxx.bbclass: support read-only-rootfs image feature Qi.Chen 2012-12-25 8:19 ` [PATCH V2 0/2] read-only rootfs support Martin Jansa 2 siblings, 1 reply; 7+ messages in thread From: Qi.Chen @ 2012-12-24 7:54 UTC (permalink / raw) To: openembedded-core; +Cc: Zhenfeng.Zhao From: Chen Qi <Qi.Chen@windriver.com> Add read-only rootfs support to sysvinit startup system. The main ideas here are: 1) Let populate-volatile.sh run at rootfs time to set up basic directories and files needed by read-only rootfs. 2) Use symbolic links to create the illusion that some directories/files are writable. Two extra config files for read-only rootfs support are created, one for minimal image -- volatiles-readonly-minimal, and the other for sato image -- volatiles-readonly-sato. [YOCTO #3404] [YOCTO #3406] Signed-off-by: Chen Qi <Qi.Chen@windriver.com> --- meta/recipes-core/base-files/base-files_3.0.14.bb | 8 +- .../initscripts/initscripts-1.0/bootmisc.sh | 9 +- .../initscripts-1.0/populate-volatile.sh | 285 ++++++++++---------- .../initscripts/initscripts-1.0/volatiles | 1 + .../initscripts-1.0/volatiles-readonly-minimal | 23 ++ .../initscripts-1.0/volatiles-readonly-sato | 30 +++ meta/recipes-core/initscripts/initscripts_1.0.bb | 15 +- 7 files changed, 217 insertions(+), 154 deletions(-) create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato diff --git a/meta/recipes-core/base-files/base-files_3.0.14.bb b/meta/recipes-core/base-files/base-files_3.0.14.bb index ba355ee..c48cb8c 100644 --- a/meta/recipes-core/base-files/base-files_3.0.14.bb +++ b/meta/recipes-core/base-files/base-files_3.0.14.bb @@ -1,7 +1,7 @@ SUMMARY = "Miscellaneous files for the base system." DESCRIPTION = "The base-files package creates the basic system directory structure and provides a small set of key configuration files for the system." SECTION = "base" -PR = "r72" +PR = "r73" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://licenses/GPL-2;md5=94d55d512a9ba36caa9b7df079bae19f" # Removed all license related tasks in this recipe as license.bbclass @@ -67,6 +67,12 @@ hostname = "openembedded" BASEFILESISSUEINSTALL ?= "do_install_basefilesissue" +do_install_prepend() { + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then + sed -i '/rootfs/ s/defaults/ro/' ${WORKDIR}/fstab + fi +} + do_install () { for d in ${dirs755}; do install -m 0755 -d ${D}$d diff --git a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh index 4f76cb4..3b5a47f 100755 --- a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh +++ b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh @@ -54,14 +54,7 @@ fi # # This is as good a place as any for a sanity check -# /tmp should be a symlink to /var/tmp to cut down on the number -# of mounted ramdisks. -if test ! -L /tmp && test -d /var/tmp -then - rm -rf /tmp - ln -sf /var/tmp /tmp -fi - +# # Set the system clock from hardware clock # If the timestamp is more recent than the current time, # use the timestamp instead. diff --git a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh index d2175d7..9c1ce23 100755 --- a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh +++ b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh @@ -8,192 +8,191 @@ # Short-Description: Populate the volatile filesystem ### END INIT INFO -. /etc/default/rcS - -CFGDIR="/etc/default/volatiles" -TMPROOT="/var/tmp" +# Get ROOT_DIR +DIRNAME=`dirname $0` +ROOT_DIR=`echo $DIRNAME | sed -ne 's:etc/.*::p'` + +. ${ROOT_DIR}/etc/default/rcS +# Test whether rootfs is read-only or not +if > ${ROOT_DIR}/etc/test-read-write; then + ROOTFS_READ_ONLY=no + rm ${ROOT_DIR}/etc/test-read-write +else + ROOTFS_READ_ONLY=yes +fi 2>/dev/null + +# When running populat-volatile.sh at rootfs time, disable cache. +[ "$ROOT_DIR" != "/" ] && VOLATILE_ENABLE_CACHE=no +# If rootfs is read-only, disable cache. +[ "$ROOTFS_READ_ONLY" = "yes" ] && VOLATILE_ENABLE_CACHE=no +# All above statements will be moved to a central place, say var.sh which +# encapsulates '. /etc/default/rcS'. + +CFGDIR="${ROOT_DIR}/etc/default/volatiles" +TMPROOT="${ROOT_DIR}/var/volatile/tmp" COREDEF="00_core" +COREDEF_READONLY="00_core_readonly" -[ "${VERBOSE}" != "no" ] && echo "Populating volatile Filesystems." +[ "${VERBOSE}" != "no" ] && echo "Setting up basic files related to volatile storage under ${ROOT_DIR}." create_file() { - EXEC=" - touch \"$1\"; - chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1; - chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 " + EXEC=" + touch \"$1\"; + chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" > /dev/null 2>&1; + chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" > /dev/null 2>&1 " test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build [ -e "$1" ] && { - [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping." + [ "${VERBOSE}" != "no" ] && echo "Target $1 already exists. Skipping." } || { - eval $EXEC & + if [ "$ROOT_DIR" = "/" ]; then + eval $EXEC + else + # Some operations at rootfs time may fail and should fail, + # but these failures should not be logged. + eval $EXEC > /dev/null 2>&1 + fi } } mk_dir() { EXEC=" mkdir -p \"$1\"; - chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1; - chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 " + chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" 2>&1; + chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" 2>&1 " test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build [ -e "$1" ] && { - [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping." + [ "${VERBOSE}" != "no" ] && echo "Target ${1} already exists. Skipping." } || { - eval $EXEC + if [ "$ROOT_DIR" = "/" ]; then + eval $EXEC + else + # Some operations at rootfs time may fail and should fail, + # but these failures should not be logged. + eval $EXEC > /dev/null 2>&1 + fi } } link_file() { - EXEC="test -e \"$2\" -o -L $2 || ln -s \"$1\" \"$2\" >/dev/tty0 2>&1" - - test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build - - [ -e "$2" ] && { - echo "Cannot create link over existing -${TNAME}-." >&2 - } || { - eval $EXEC & - } + EXEC=" + if [ -L \"$2\" ]; then + [ \"$(readlink -f \"$2\")\" != \"$(readlink -f \"$1\")\" ] && { rm -f \"$2\"; ln -sf \"$1\" \"$2\"; }; + elif [ -d \"$2\" ]; then + rm -rf \"$2\"; + ln -sf \"$1\" \"$2\"; + else + ln -sf \"$1\" \"$2\"; + fi + " + test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build + if [ "$ROOT_DIR" = "/" ]; then + eval $EXEC + else + # Some operations at rootfs time may fail and should fail, + # but these failures should not be logged + eval $EXEC > /dev/null 2>&1 + fi } check_requirements() { + cleanup() { + rm "${TMP_INTERMED}" + rm "${TMP_DEFINED}" + rm "${TMP_COMBINED}" + } + + CFGFILE="$1" + [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0 + [ `basename "${CFGFILE}"` = "${COREDEF_READONLY}" ] && return 0 + TMP_INTERMED="${TMPROOT}/tmp.$$" + TMP_DEFINED="${TMPROOT}/tmpdefined.$$" + TMP_COMBINED="${TMPROOT}/tmpcombined.$$" + + cat ${ROOT_DIR}/etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}" + cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}" + cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}" + NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`" + NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`" + + [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && { + echo "Undefined users:" + diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" + cleanup + return 1 + } - cleanup() { - rm "${TMP_INTERMED}" - rm "${TMP_DEFINED}" - rm "${TMP_COMBINED}" - } - - CFGFILE="$1" - - [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0 - - TMP_INTERMED="${TMPROOT}/tmp.$$" - TMP_DEFINED="${TMPROOT}/tmpdefined.$$" - TMP_COMBINED="${TMPROOT}/tmpcombined.$$" - - - cat /etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}" - cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}" - cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}" - - NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`" - NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`" - - [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && { - echo "Undefined users:" - diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" - cleanup - return 1 - } - - - cat /etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}" - cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}" - cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}" - NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`" - NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`" + cat ${ROOT_DIR}/etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}" + cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}" + cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}" - [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && { - echo "Undefined groups:" - diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" - cleanup - return 1 - } + NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`" + NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`" - # Add checks for required directories here + [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && { + echo "Undefined groups:" + diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" + cleanup + return 1 + } - cleanup - return 0 - } + cleanup + return 0 +} apply_cfgfile() { + CFGFILE="$1" + [ ${VERBOSE} != "no" ] && echo "Applying config file: $CFGFILE" + + check_requirements "${CFGFILE}" || { + echo "Skipping ${CFGFILE}" + return 1 + } + + cat ${CFGFILE} | grep -v "^#" | sed -e '/^$/ d' | \ + while read LINE; do + eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"` + TNAME=${ROOT_DIR}/${TNAME} + [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-." + + [ "${TTYPE}" = "l" ] && { + TSOURCE="$TLTARGET" + [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-." + link_file "${TSOURCE}" "${TNAME}" + continue + } + case "${TTYPE}" in + "f") [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-." + create_file "${TNAME}" + ;; + "d") [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-." + mk_dir "${TNAME}" + ;; + *) [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-." + continue + ;; + esac + done + return 0 +} - CFGFILE="$1" - - check_requirements "${CFGFILE}" || { - echo "Skipping ${CFGFILE}" - return 1 - } - - cat ${CFGFILE} | grep -v "^#" | \ - while read LINE; do - - eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"` - - [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-." - - - [ "${TTYPE}" = "l" ] && { - TSOURCE="$TLTARGET" - [ -L "${TNAME}" ] || { - [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-." - link_file "${TSOURCE}" "${TNAME}" & - } - continue - } - - [ -L "${TNAME}" ] && { - [ "${VERBOSE}" != "no" ] && echo "Found link." - NEWNAME=`ls -l "${TNAME}" | sed -e 's/^.*-> \(.*\)$/\1/'` - echo ${NEWNAME} | grep -v "^/" >/dev/null && { - TNAME="`echo ${TNAME} | sed -e 's@\(.*\)/.*@\1@'`/${NEWNAME}" - [ "${VERBOSE}" != "no" ] && echo "Converted relative linktarget to absolute path -${TNAME}-." - } || { - TNAME="${NEWNAME}" - [ "${VERBOSE}" != "no" ] && echo "Using absolute link target -${TNAME}-." - } - } - - case "${TTYPE}" in - "f") [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-." - create_file "${TNAME}" & - ;; - "d") [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-." - mk_dir "${TNAME}" - # Add check to see if there's an entry in fstab to mount. - ;; - *) [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-." - continue - ;; - esac - - - done - - return 0 - - } - -clearcache=0 -exec 9</proc/cmdline -while read line <&9 -do - case "$line" in - *clearcache*) clearcache=1 - ;; - *) continue - ;; - esac -done -exec 9>&- - -if test -e /etc/volatile.cache -a "$VOLATILE_ENABLE_CACHE" = "yes" -a "x$1" != "xupdate" -a "x$clearcache" = "x0" +if test -e ${ROOT_DIR}/etc/volatile.cache -a $VOLATILE_ENABLE_CACHE = yes -a x$1 != xupdate then - sh /etc/volatile.cache + sh ${ROOT_DIR}/etc/volatile.cache else - rm -f /etc/volatile.cache /etc/volatile.cache.build + rm -f ${ROOT_DRI}/etc/volatile.cache ${ROOT_DIR}/etc/volatile.cache.build for file in `ls -1 "${CFGDIR}" | sort`; do apply_cfgfile "${CFGDIR}/${file}" done - [ -e /etc/volatile.cache.build ] && sync && mv /etc/volatile.cache.build /etc/volatile.cache + [ -e ${ROOT_DIR}/etc/volatile.cache.build ] && sync && mv ${ROOT_DIR}/etc/volatile.cache.build ${ROOT_DIR}/etc/volatile.cache fi -if test -f /etc/ld.so.cache -a ! -f /var/run/ld.so.cache +if [ "${ROOT_DIR}" = "/" ] && [ -f /etc/ld.so.cache ] && [ ! -f /var/run/ld.so.cache ] then ln -s /etc/ld.so.cache /var/run/ld.so.cache fi diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles b/meta/recipes-core/initscripts/initscripts-1.0/volatiles index e0741aa..f7e2ef7 100644 --- a/meta/recipes-core/initscripts/initscripts-1.0/volatiles +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles @@ -31,6 +31,7 @@ l root root 1777 /var/lock /var/volatile/lock l root root 0755 /var/log /var/volatile/log l root root 0755 /var/run /var/volatile/run l root root 1777 /var/tmp /var/volatile/tmp +l root root 1777 /tmp /var/tmp d root root 0755 /var/lock/subsys none f root root 0664 /var/log/wtmp none f root root 0664 /var/run/utmp none diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal new file mode 100644 index 0000000..6169ecc --- /dev/null +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal @@ -0,0 +1,23 @@ +# This configuration file lists filesystem objects specific to readonly rootfs +# that should get verified during startup and be created if missing. +# +# Every line must either be a comment starting with # +# or a definition of format: +# <type> <owner> <group> <mode> <path> <linksource> +# where the items are separated by whitespace ! +# +# <type> : d|f|l : (d)irectory|(f)ile|(l)ink +# +# A linking example: +# l root root 0777 /var/test /tmp/testfile +# f root root 0644 /var/test none +# +# Understanding links: +# When populate-volatile is to verify/create a directory or file, it will first +# check its existence. If a link is found to exist in the place of the target, +# the path of the target is replaced with the target the link points to. +# Thus, if a link is in the place to be verified, the object will be created +# in the place the link points to instead. +# This explains the order of "link before object" as in the example above, where +# a link will be created at /var/test pointing to /tmp/testfile and due to this +# link the file defined as /var/test will actually be created as /tmp/testfile. diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato new file mode 100644 index 0000000..e128869 --- /dev/null +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato @@ -0,0 +1,30 @@ +# This configuration file lists filesystem objects specific to readonly rootfs +# that should get verified during startup and be created if missing. +# +# Every line must either be a comment starting with # +# or a definition of format: +# <type> <owner> <group> <mode> <path> <linksource> +# where the items are separated by whitespace ! +# +# <type> : d|f|l : (d)irectory|(f)ile|(l)ink +# +# A linking example: +# l root root 0777 /var/test /tmp/testfile +# f root root 0644 /var/test none +# +# Understanding links: +# When populate-volatile is to verify/create a directory or file, it will first +# check it's existence. If a link is found to exist in the place of the target, +# the path of the target is replaced with the target the link points to. +# Thus, if a link is in the place to be verified, the object will be created +# in the place the link points to instead. +# This explains the order of "link before object" as in the example above, where +# a link will be created at /var/test pointing to /tmp/testfile and due to this +# link the file defined as /var/test will actually be created as /tmp/testfile. +d root root 0755 /var/volatile/lib/ none +d root root 0755 /var/volatile/lib/dropbear/ none +d root root 0755 /var/volatile/lib/nfs/ none +d root root 1777 /var/volatile/lib/dbus/ none +l root root 0755 /var/lib/dropbear /var/volatile/lib/dropbear +l root root 0755 /var/lib/nfs /var/volatile/lib/nfs +l root root 0755 /var/lib/dbus /var/volatile/lib/dbus diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb index 39be9a8..d0869ea 100644 --- a/meta/recipes-core/initscripts/initscripts_1.0.bb +++ b/meta/recipes-core/initscripts/initscripts_1.0.bb @@ -3,7 +3,7 @@ DESCRIPTION = "Initscripts provide the basic system startup initialization scrip SECTION = "base" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" -PR = "r138" +PR = "r139" INHIBIT_DEFAULT_DEPS = "1" @@ -30,8 +30,10 @@ SRC_URI = "file://functions \ file://device_table.txt \ file://populate-volatile.sh \ file://volatiles \ + file://volatiles-readonly-minimal \ + file://volatiles-readonly-sato \ file://save-rtc.sh \ - file://GPLv2.patch" + file://GPLv2.patch" SRC_URI_append_arm = " file://alignment.sh" @@ -86,6 +88,15 @@ do_install () { install -m 0755 ${WORKDIR}/populate-volatile.sh ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/save-rtc.sh ${D}${sysconfdir}/init.d install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/00_core + # Install read-only rootfs specific config files in case of an read-only-rootfs image + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false" ,d)}; then + if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then + install -m 0644 ${WORKDIR}/volatiles-readonly-sato ${D}${sysconfdir}/default/volatiles/00_core_readonly + else + install -m 0644 ${WORKDIR}/volatiles-readonly-minimal ${D}${sysconfdir}/default/volatiles/00_core_readonly + fi + fi + if [ "${TARGET_ARCH}" = "arm" ]; then install -m 0755 ${WORKDIR}/alignment.sh ${D}${sysconfdir}/init.d fi -- 1.7.9.5 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH 1/2] initscripts: support read-only rootfs 2012-12-24 7:54 ` [PATCH 1/2] initscripts: support read-only rootfs Qi.Chen @ 2012-12-24 8:14 ` Martin Jansa 2012-12-24 8:24 ` ChenQi 0 siblings, 1 reply; 7+ messages in thread From: Martin Jansa @ 2012-12-24 8:14 UTC (permalink / raw) To: Qi.Chen; +Cc: Zhenfeng.Zhao, openembedded-core [-- Attachment #1: Type: text/plain, Size: 22103 bytes --] On Mon, Dec 24, 2012 at 03:54:53PM +0800, Qi.Chen@windriver.com wrote: > From: Chen Qi <Qi.Chen@windriver.com> > > Add read-only rootfs support to sysvinit startup system. > > The main ideas here are: > 1) Let populate-volatile.sh run at rootfs time to set up basic > directories and files needed by read-only rootfs. > 2) Use symbolic links to create the illusion that some directories/files > are writable. > > Two extra config files for read-only rootfs support are created, one for > minimal image -- volatiles-readonly-minimal, and the other for sato > image -- volatiles-readonly-sato. What if you build base-files/initscripts for image with read-only-rootfs and then you build another image without read-only-rootfs? The way you're using it, it's more like DISTRO_FEATURE then IMAGE_FEATURE. For this to work as IMAGE_FEATURE you would need to adjust it in ROOTFS_POSTPROCESS_COMMAND, which is usually bad when base-files/initscripts are later updated by package-manager (loose read-only-rootfs changes) but that probably isn't issue here as it's read-only. Cheers, > > [YOCTO #3404] > [YOCTO #3406] > > Signed-off-by: Chen Qi <Qi.Chen@windriver.com> > --- > meta/recipes-core/base-files/base-files_3.0.14.bb | 8 +- > .../initscripts/initscripts-1.0/bootmisc.sh | 9 +- > .../initscripts-1.0/populate-volatile.sh | 285 ++++++++++---------- > .../initscripts/initscripts-1.0/volatiles | 1 + > .../initscripts-1.0/volatiles-readonly-minimal | 23 ++ > .../initscripts-1.0/volatiles-readonly-sato | 30 +++ > meta/recipes-core/initscripts/initscripts_1.0.bb | 15 +- > 7 files changed, 217 insertions(+), 154 deletions(-) > create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal > create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato > > diff --git a/meta/recipes-core/base-files/base-files_3.0.14.bb b/meta/recipes-core/base-files/base-files_3.0.14.bb > index ba355ee..c48cb8c 100644 > --- a/meta/recipes-core/base-files/base-files_3.0.14.bb > +++ b/meta/recipes-core/base-files/base-files_3.0.14.bb > @@ -1,7 +1,7 @@ > SUMMARY = "Miscellaneous files for the base system." > DESCRIPTION = "The base-files package creates the basic system directory structure and provides a small set of key configuration files for the system." > SECTION = "base" > -PR = "r72" > +PR = "r73" > LICENSE = "GPLv2" > LIC_FILES_CHKSUM = "file://licenses/GPL-2;md5=94d55d512a9ba36caa9b7df079bae19f" > # Removed all license related tasks in this recipe as license.bbclass > @@ -67,6 +67,12 @@ hostname = "openembedded" > > BASEFILESISSUEINSTALL ?= "do_install_basefilesissue" > > +do_install_prepend() { > + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then > + sed -i '/rootfs/ s/defaults/ro/' ${WORKDIR}/fstab > + fi > +} > + > do_install () { > for d in ${dirs755}; do > install -m 0755 -d ${D}$d > diff --git a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh > index 4f76cb4..3b5a47f 100755 > --- a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh > +++ b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh > @@ -54,14 +54,7 @@ fi > > # > # This is as good a place as any for a sanity check > -# /tmp should be a symlink to /var/tmp to cut down on the number > -# of mounted ramdisks. > -if test ! -L /tmp && test -d /var/tmp > -then > - rm -rf /tmp > - ln -sf /var/tmp /tmp > -fi > - > +# > # Set the system clock from hardware clock > # If the timestamp is more recent than the current time, > # use the timestamp instead. > diff --git a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh > index d2175d7..9c1ce23 100755 > --- a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh > +++ b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh > @@ -8,192 +8,191 @@ > # Short-Description: Populate the volatile filesystem > ### END INIT INFO > > -. /etc/default/rcS > - > -CFGDIR="/etc/default/volatiles" > -TMPROOT="/var/tmp" > +# Get ROOT_DIR > +DIRNAME=`dirname $0` > +ROOT_DIR=`echo $DIRNAME | sed -ne 's:etc/.*::p'` > + > +. ${ROOT_DIR}/etc/default/rcS > +# Test whether rootfs is read-only or not > +if > ${ROOT_DIR}/etc/test-read-write; then > + ROOTFS_READ_ONLY=no > + rm ${ROOT_DIR}/etc/test-read-write > +else > + ROOTFS_READ_ONLY=yes > +fi 2>/dev/null > + > +# When running populat-volatile.sh at rootfs time, disable cache. > +[ "$ROOT_DIR" != "/" ] && VOLATILE_ENABLE_CACHE=no > +# If rootfs is read-only, disable cache. > +[ "$ROOTFS_READ_ONLY" = "yes" ] && VOLATILE_ENABLE_CACHE=no > +# All above statements will be moved to a central place, say var.sh which > +# encapsulates '. /etc/default/rcS'. > + > +CFGDIR="${ROOT_DIR}/etc/default/volatiles" > +TMPROOT="${ROOT_DIR}/var/volatile/tmp" > COREDEF="00_core" > +COREDEF_READONLY="00_core_readonly" > > -[ "${VERBOSE}" != "no" ] && echo "Populating volatile Filesystems." > +[ "${VERBOSE}" != "no" ] && echo "Setting up basic files related to volatile storage under ${ROOT_DIR}." > > create_file() { > - EXEC=" > - touch \"$1\"; > - chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1; > - chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 " > + EXEC=" > + touch \"$1\"; > + chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" > /dev/null 2>&1; > + chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" > /dev/null 2>&1 " > > test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build > > [ -e "$1" ] && { > - [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping." > + [ "${VERBOSE}" != "no" ] && echo "Target $1 already exists. Skipping." > } || { > - eval $EXEC & > + if [ "$ROOT_DIR" = "/" ]; then > + eval $EXEC > + else > + # Some operations at rootfs time may fail and should fail, > + # but these failures should not be logged. > + eval $EXEC > /dev/null 2>&1 > + fi > } > } > > mk_dir() { > EXEC=" > mkdir -p \"$1\"; > - chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1; > - chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 " > + chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" 2>&1; > + chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" 2>&1 " > > test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build > > [ -e "$1" ] && { > - [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping." > + [ "${VERBOSE}" != "no" ] && echo "Target ${1} already exists. Skipping." > } || { > - eval $EXEC > + if [ "$ROOT_DIR" = "/" ]; then > + eval $EXEC > + else > + # Some operations at rootfs time may fail and should fail, > + # but these failures should not be logged. > + eval $EXEC > /dev/null 2>&1 > + fi > } > } > > link_file() { > - EXEC="test -e \"$2\" -o -L $2 || ln -s \"$1\" \"$2\" >/dev/tty0 2>&1" > - > - test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build > - > - [ -e "$2" ] && { > - echo "Cannot create link over existing -${TNAME}-." >&2 > - } || { > - eval $EXEC & > - } > + EXEC=" > + if [ -L \"$2\" ]; then > + [ \"$(readlink -f \"$2\")\" != \"$(readlink -f \"$1\")\" ] && { rm -f \"$2\"; ln -sf \"$1\" \"$2\"; }; > + elif [ -d \"$2\" ]; then > + rm -rf \"$2\"; > + ln -sf \"$1\" \"$2\"; > + else > + ln -sf \"$1\" \"$2\"; > + fi > + " > + test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build > + if [ "$ROOT_DIR" = "/" ]; then > + eval $EXEC > + else > + # Some operations at rootfs time may fail and should fail, > + # but these failures should not be logged > + eval $EXEC > /dev/null 2>&1 > + fi > } > > check_requirements() { > + cleanup() { > + rm "${TMP_INTERMED}" > + rm "${TMP_DEFINED}" > + rm "${TMP_COMBINED}" > + } > + > + CFGFILE="$1" > + [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0 > + [ `basename "${CFGFILE}"` = "${COREDEF_READONLY}" ] && return 0 > + TMP_INTERMED="${TMPROOT}/tmp.$$" > + TMP_DEFINED="${TMPROOT}/tmpdefined.$$" > + TMP_COMBINED="${TMPROOT}/tmpcombined.$$" > + > + cat ${ROOT_DIR}/etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}" > + cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}" > + cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}" > + NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`" > + NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`" > + > + [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && { > + echo "Undefined users:" > + diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" > + cleanup > + return 1 > + } > > - cleanup() { > - rm "${TMP_INTERMED}" > - rm "${TMP_DEFINED}" > - rm "${TMP_COMBINED}" > - } > - > - CFGFILE="$1" > - > - [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0 > - > - TMP_INTERMED="${TMPROOT}/tmp.$$" > - TMP_DEFINED="${TMPROOT}/tmpdefined.$$" > - TMP_COMBINED="${TMPROOT}/tmpcombined.$$" > - > - > - cat /etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}" > - cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}" > - cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}" > - > - NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`" > - NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`" > - > - [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && { > - echo "Undefined users:" > - diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" > - cleanup > - return 1 > - } > - > - > - cat /etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}" > - cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}" > - cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}" > > - NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`" > - NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`" > + cat ${ROOT_DIR}/etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}" > + cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}" > + cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}" > > - [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && { > - echo "Undefined groups:" > - diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" > - cleanup > - return 1 > - } > + NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`" > + NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`" > > - # Add checks for required directories here > + [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && { > + echo "Undefined groups:" > + diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" > + cleanup > + return 1 > + } > > - cleanup > - return 0 > - } > + cleanup > + return 0 > +} > > apply_cfgfile() { > + CFGFILE="$1" > + [ ${VERBOSE} != "no" ] && echo "Applying config file: $CFGFILE" > + > + check_requirements "${CFGFILE}" || { > + echo "Skipping ${CFGFILE}" > + return 1 > + } > + > + cat ${CFGFILE} | grep -v "^#" | sed -e '/^$/ d' | \ > + while read LINE; do > + eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"` > + TNAME=${ROOT_DIR}/${TNAME} > + [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-." > + > + [ "${TTYPE}" = "l" ] && { > + TSOURCE="$TLTARGET" > + [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-." > + link_file "${TSOURCE}" "${TNAME}" > + continue > + } > + case "${TTYPE}" in > + "f") [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-." > + create_file "${TNAME}" > + ;; > + "d") [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-." > + mk_dir "${TNAME}" > + ;; > + *) [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-." > + continue > + ;; > + esac > + done > + return 0 > +} > > - CFGFILE="$1" > - > - check_requirements "${CFGFILE}" || { > - echo "Skipping ${CFGFILE}" > - return 1 > - } > - > - cat ${CFGFILE} | grep -v "^#" | \ > - while read LINE; do > - > - eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"` > - > - [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-." > - > - > - [ "${TTYPE}" = "l" ] && { > - TSOURCE="$TLTARGET" > - [ -L "${TNAME}" ] || { > - [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-." > - link_file "${TSOURCE}" "${TNAME}" & > - } > - continue > - } > - > - [ -L "${TNAME}" ] && { > - [ "${VERBOSE}" != "no" ] && echo "Found link." > - NEWNAME=`ls -l "${TNAME}" | sed -e 's/^.*-> \(.*\)$/\1/'` > - echo ${NEWNAME} | grep -v "^/" >/dev/null && { > - TNAME="`echo ${TNAME} | sed -e 's@\(.*\)/.*@\1@'`/${NEWNAME}" > - [ "${VERBOSE}" != "no" ] && echo "Converted relative linktarget to absolute path -${TNAME}-." > - } || { > - TNAME="${NEWNAME}" > - [ "${VERBOSE}" != "no" ] && echo "Using absolute link target -${TNAME}-." > - } > - } > - > - case "${TTYPE}" in > - "f") [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-." > - create_file "${TNAME}" & > - ;; > - "d") [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-." > - mk_dir "${TNAME}" > - # Add check to see if there's an entry in fstab to mount. > - ;; > - *) [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-." > - continue > - ;; > - esac > - > - > - done > - > - return 0 > - > - } > - > -clearcache=0 > -exec 9</proc/cmdline > -while read line <&9 > -do > - case "$line" in > - *clearcache*) clearcache=1 > - ;; > - *) continue > - ;; > - esac > -done > -exec 9>&- > - > -if test -e /etc/volatile.cache -a "$VOLATILE_ENABLE_CACHE" = "yes" -a "x$1" != "xupdate" -a "x$clearcache" = "x0" > +if test -e ${ROOT_DIR}/etc/volatile.cache -a $VOLATILE_ENABLE_CACHE = yes -a x$1 != xupdate > then > - sh /etc/volatile.cache > + sh ${ROOT_DIR}/etc/volatile.cache > else > - rm -f /etc/volatile.cache /etc/volatile.cache.build > + rm -f ${ROOT_DRI}/etc/volatile.cache ${ROOT_DIR}/etc/volatile.cache.build > for file in `ls -1 "${CFGDIR}" | sort`; do > apply_cfgfile "${CFGDIR}/${file}" > done > > - [ -e /etc/volatile.cache.build ] && sync && mv /etc/volatile.cache.build /etc/volatile.cache > + [ -e ${ROOT_DIR}/etc/volatile.cache.build ] && sync && mv ${ROOT_DIR}/etc/volatile.cache.build ${ROOT_DIR}/etc/volatile.cache > fi > > -if test -f /etc/ld.so.cache -a ! -f /var/run/ld.so.cache > +if [ "${ROOT_DIR}" = "/" ] && [ -f /etc/ld.so.cache ] && [ ! -f /var/run/ld.so.cache ] > then > ln -s /etc/ld.so.cache /var/run/ld.so.cache > fi > diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles b/meta/recipes-core/initscripts/initscripts-1.0/volatiles > index e0741aa..f7e2ef7 100644 > --- a/meta/recipes-core/initscripts/initscripts-1.0/volatiles > +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles > @@ -31,6 +31,7 @@ l root root 1777 /var/lock /var/volatile/lock > l root root 0755 /var/log /var/volatile/log > l root root 0755 /var/run /var/volatile/run > l root root 1777 /var/tmp /var/volatile/tmp > +l root root 1777 /tmp /var/tmp > d root root 0755 /var/lock/subsys none > f root root 0664 /var/log/wtmp none > f root root 0664 /var/run/utmp none > diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal > new file mode 100644 > index 0000000..6169ecc > --- /dev/null > +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal > @@ -0,0 +1,23 @@ > +# This configuration file lists filesystem objects specific to readonly rootfs > +# that should get verified during startup and be created if missing. > +# > +# Every line must either be a comment starting with # > +# or a definition of format: > +# <type> <owner> <group> <mode> <path> <linksource> > +# where the items are separated by whitespace ! > +# > +# <type> : d|f|l : (d)irectory|(f)ile|(l)ink > +# > +# A linking example: > +# l root root 0777 /var/test /tmp/testfile > +# f root root 0644 /var/test none > +# > +# Understanding links: > +# When populate-volatile is to verify/create a directory or file, it will first > +# check its existence. If a link is found to exist in the place of the target, > +# the path of the target is replaced with the target the link points to. > +# Thus, if a link is in the place to be verified, the object will be created > +# in the place the link points to instead. > +# This explains the order of "link before object" as in the example above, where > +# a link will be created at /var/test pointing to /tmp/testfile and due to this > +# link the file defined as /var/test will actually be created as /tmp/testfile. > diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato > new file mode 100644 > index 0000000..e128869 > --- /dev/null > +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato > @@ -0,0 +1,30 @@ > +# This configuration file lists filesystem objects specific to readonly rootfs > +# that should get verified during startup and be created if missing. > +# > +# Every line must either be a comment starting with # > +# or a definition of format: > +# <type> <owner> <group> <mode> <path> <linksource> > +# where the items are separated by whitespace ! > +# > +# <type> : d|f|l : (d)irectory|(f)ile|(l)ink > +# > +# A linking example: > +# l root root 0777 /var/test /tmp/testfile > +# f root root 0644 /var/test none > +# > +# Understanding links: > +# When populate-volatile is to verify/create a directory or file, it will first > +# check it's existence. If a link is found to exist in the place of the target, > +# the path of the target is replaced with the target the link points to. > +# Thus, if a link is in the place to be verified, the object will be created > +# in the place the link points to instead. > +# This explains the order of "link before object" as in the example above, where > +# a link will be created at /var/test pointing to /tmp/testfile and due to this > +# link the file defined as /var/test will actually be created as /tmp/testfile. > +d root root 0755 /var/volatile/lib/ none > +d root root 0755 /var/volatile/lib/dropbear/ none > +d root root 0755 /var/volatile/lib/nfs/ none > +d root root 1777 /var/volatile/lib/dbus/ none > +l root root 0755 /var/lib/dropbear /var/volatile/lib/dropbear > +l root root 0755 /var/lib/nfs /var/volatile/lib/nfs > +l root root 0755 /var/lib/dbus /var/volatile/lib/dbus > diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb > index 39be9a8..d0869ea 100644 > --- a/meta/recipes-core/initscripts/initscripts_1.0.bb > +++ b/meta/recipes-core/initscripts/initscripts_1.0.bb > @@ -3,7 +3,7 @@ DESCRIPTION = "Initscripts provide the basic system startup initialization scrip > SECTION = "base" > LICENSE = "GPLv2" > LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" > -PR = "r138" > +PR = "r139" > > INHIBIT_DEFAULT_DEPS = "1" > > @@ -30,8 +30,10 @@ SRC_URI = "file://functions \ > file://device_table.txt \ > file://populate-volatile.sh \ > file://volatiles \ > + file://volatiles-readonly-minimal \ > + file://volatiles-readonly-sato \ > file://save-rtc.sh \ > - file://GPLv2.patch" > + file://GPLv2.patch" > > SRC_URI_append_arm = " file://alignment.sh" > > @@ -86,6 +88,15 @@ do_install () { > install -m 0755 ${WORKDIR}/populate-volatile.sh ${D}${sysconfdir}/init.d > install -m 0755 ${WORKDIR}/save-rtc.sh ${D}${sysconfdir}/init.d > install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/00_core > + # Install read-only rootfs specific config files in case of an read-only-rootfs image > + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false" ,d)}; then > + if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then > + install -m 0644 ${WORKDIR}/volatiles-readonly-sato ${D}${sysconfdir}/default/volatiles/00_core_readonly > + else > + install -m 0644 ${WORKDIR}/volatiles-readonly-minimal ${D}${sysconfdir}/default/volatiles/00_core_readonly > + fi > + fi > + > if [ "${TARGET_ARCH}" = "arm" ]; then > install -m 0755 ${WORKDIR}/alignment.sh ${D}${sysconfdir}/init.d > fi > -- > 1.7.9.5 > > > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core -- Martin 'JaMa' Jansa jabber: Martin.Jansa@gmail.com [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 205 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/2] initscripts: support read-only rootfs 2012-12-24 8:14 ` Martin Jansa @ 2012-12-24 8:24 ` ChenQi 0 siblings, 0 replies; 7+ messages in thread From: ChenQi @ 2012-12-24 8:24 UTC (permalink / raw) To: Martin Jansa; +Cc: Zhenfeng.Zhao, openembedded-core On 12/24/2012 04:14 PM, Martin Jansa wrote: > On Mon, Dec 24, 2012 at 03:54:53PM +0800, Qi.Chen@windriver.com wrote: >> From: Chen Qi<Qi.Chen@windriver.com> >> >> Add read-only rootfs support to sysvinit startup system. >> >> The main ideas here are: >> 1) Let populate-volatile.sh run at rootfs time to set up basic >> directories and files needed by read-only rootfs. >> 2) Use symbolic links to create the illusion that some directories/files >> are writable. >> >> Two extra config files for read-only rootfs support are created, one for >> minimal image -- volatiles-readonly-minimal, and the other for sato >> image -- volatiles-readonly-sato. > What if you build base-files/initscripts for image with read-only-rootfs > and then you build another image without read-only-rootfs? > > The way you're using it, it's more like DISTRO_FEATURE then > IMAGE_FEATURE. > > For this to work as IMAGE_FEATURE you would need to adjust it in > ROOTFS_POSTPROCESS_COMMAND, which is usually bad when > base-files/initscripts are later updated by package-manager (loose > read-only-rootfs changes) but that probably isn't issue here as it's > read-only. > > Cheers, > Thanks a lot for your prompt reply :) I'll rework on this patch and send out a V2. Thanks, Chen Qi >> [YOCTO #3404] >> [YOCTO #3406] >> >> Signed-off-by: Chen Qi<Qi.Chen@windriver.com> >> --- >> meta/recipes-core/base-files/base-files_3.0.14.bb | 8 +- >> .../initscripts/initscripts-1.0/bootmisc.sh | 9 +- >> .../initscripts-1.0/populate-volatile.sh | 285 ++++++++++---------- >> .../initscripts/initscripts-1.0/volatiles | 1 + >> .../initscripts-1.0/volatiles-readonly-minimal | 23 ++ >> .../initscripts-1.0/volatiles-readonly-sato | 30 +++ >> meta/recipes-core/initscripts/initscripts_1.0.bb | 15 +- >> 7 files changed, 217 insertions(+), 154 deletions(-) >> create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal >> create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato >> >> diff --git a/meta/recipes-core/base-files/base-files_3.0.14.bb b/meta/recipes-core/base-files/base-files_3.0.14.bb >> index ba355ee..c48cb8c 100644 >> --- a/meta/recipes-core/base-files/base-files_3.0.14.bb >> +++ b/meta/recipes-core/base-files/base-files_3.0.14.bb >> @@ -1,7 +1,7 @@ >> SUMMARY = "Miscellaneous files for the base system." >> DESCRIPTION = "The base-files package creates the basic system directory structure and provides a small set of key configuration files for the system." >> SECTION = "base" >> -PR = "r72" >> +PR = "r73" >> LICENSE = "GPLv2" >> LIC_FILES_CHKSUM = "file://licenses/GPL-2;md5=94d55d512a9ba36caa9b7df079bae19f" >> # Removed all license related tasks in this recipe as license.bbclass >> @@ -67,6 +67,12 @@ hostname = "openembedded" >> >> BASEFILESISSUEINSTALL ?= "do_install_basefilesissue" >> >> +do_install_prepend() { >> + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then >> + sed -i '/rootfs/ s/defaults/ro/' ${WORKDIR}/fstab >> + fi >> +} >> + >> do_install () { >> for d in ${dirs755}; do >> install -m 0755 -d ${D}$d >> diff --git a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh >> index 4f76cb4..3b5a47f 100755 >> --- a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh >> +++ b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh >> @@ -54,14 +54,7 @@ fi >> >> # >> # This is as good a place as any for a sanity check >> -# /tmp should be a symlink to /var/tmp to cut down on the number >> -# of mounted ramdisks. >> -if test ! -L /tmp&& test -d /var/tmp >> -then >> - rm -rf /tmp >> - ln -sf /var/tmp /tmp >> -fi >> - >> +# >> # Set the system clock from hardware clock >> # If the timestamp is more recent than the current time, >> # use the timestamp instead. >> diff --git a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh >> index d2175d7..9c1ce23 100755 >> --- a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh >> +++ b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh >> @@ -8,192 +8,191 @@ >> # Short-Description: Populate the volatile filesystem >> ### END INIT INFO >> >> -. /etc/default/rcS >> - >> -CFGDIR="/etc/default/volatiles" >> -TMPROOT="/var/tmp" >> +# Get ROOT_DIR >> +DIRNAME=`dirname $0` >> +ROOT_DIR=`echo $DIRNAME | sed -ne 's:etc/.*::p'` >> + >> +. ${ROOT_DIR}/etc/default/rcS >> +# Test whether rootfs is read-only or not >> +if> ${ROOT_DIR}/etc/test-read-write; then >> + ROOTFS_READ_ONLY=no >> + rm ${ROOT_DIR}/etc/test-read-write >> +else >> + ROOTFS_READ_ONLY=yes >> +fi 2>/dev/null >> + >> +# When running populat-volatile.sh at rootfs time, disable cache. >> +[ "$ROOT_DIR" != "/" ]&& VOLATILE_ENABLE_CACHE=no >> +# If rootfs is read-only, disable cache. >> +[ "$ROOTFS_READ_ONLY" = "yes" ]&& VOLATILE_ENABLE_CACHE=no >> +# All above statements will be moved to a central place, say var.sh which >> +# encapsulates '. /etc/default/rcS'. >> + >> +CFGDIR="${ROOT_DIR}/etc/default/volatiles" >> +TMPROOT="${ROOT_DIR}/var/volatile/tmp" >> COREDEF="00_core" >> +COREDEF_READONLY="00_core_readonly" >> >> -[ "${VERBOSE}" != "no" ]&& echo "Populating volatile Filesystems." >> +[ "${VERBOSE}" != "no" ]&& echo "Setting up basic files related to volatile storage under ${ROOT_DIR}." >> >> create_file() { >> - EXEC=" >> - touch \"$1\"; >> - chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\">/dev/tty0 2>&1; >> - chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\">/dev/tty0 2>&1 " >> + EXEC=" >> + touch \"$1\"; >> + chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\"> /dev/null 2>&1; >> + chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\"> /dev/null 2>&1 " >> >> test "$VOLATILE_ENABLE_CACHE" = yes&& echo "$EXEC">> /etc/volatile.cache.build >> >> [ -e "$1" ]&& { >> - [ "${VERBOSE}" != "no" ]&& echo "Target already exists. Skipping." >> + [ "${VERBOSE}" != "no" ]&& echo "Target $1 already exists. Skipping." >> } || { >> - eval $EXEC& >> + if [ "$ROOT_DIR" = "/" ]; then >> + eval $EXEC >> + else >> + # Some operations at rootfs time may fail and should fail, >> + # but these failures should not be logged. >> + eval $EXEC> /dev/null 2>&1 >> + fi >> } >> } >> >> mk_dir() { >> EXEC=" >> mkdir -p \"$1\"; >> - chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\">/dev/tty0 2>&1; >> - chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\">/dev/tty0 2>&1 " >> + chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" 2>&1; >> + chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" 2>&1 " >> >> test "$VOLATILE_ENABLE_CACHE" = yes&& echo "$EXEC">> /etc/volatile.cache.build >> >> [ -e "$1" ]&& { >> - [ "${VERBOSE}" != "no" ]&& echo "Target already exists. Skipping." >> + [ "${VERBOSE}" != "no" ]&& echo "Target ${1} already exists. Skipping." >> } || { >> - eval $EXEC >> + if [ "$ROOT_DIR" = "/" ]; then >> + eval $EXEC >> + else >> + # Some operations at rootfs time may fail and should fail, >> + # but these failures should not be logged. >> + eval $EXEC> /dev/null 2>&1 >> + fi >> } >> } >> >> link_file() { >> - EXEC="test -e \"$2\" -o -L $2 || ln -s \"$1\" \"$2\">/dev/tty0 2>&1" >> - >> - test "$VOLATILE_ENABLE_CACHE" = yes&& echo " $EXEC">> /etc/volatile.cache.build >> - >> - [ -e "$2" ]&& { >> - echo "Cannot create link over existing -${TNAME}-.">&2 >> - } || { >> - eval $EXEC& >> - } >> + EXEC=" >> + if [ -L \"$2\" ]; then >> + [ \"$(readlink -f \"$2\")\" != \"$(readlink -f \"$1\")\" ]&& { rm -f \"$2\"; ln -sf \"$1\" \"$2\"; }; >> + elif [ -d \"$2\" ]; then >> + rm -rf \"$2\"; >> + ln -sf \"$1\" \"$2\"; >> + else >> + ln -sf \"$1\" \"$2\"; >> + fi >> + " >> + test "$VOLATILE_ENABLE_CACHE" = yes&& echo " $EXEC">> /etc/volatile.cache.build >> + if [ "$ROOT_DIR" = "/" ]; then >> + eval $EXEC >> + else >> + # Some operations at rootfs time may fail and should fail, >> + # but these failures should not be logged >> + eval $EXEC> /dev/null 2>&1 >> + fi >> } >> >> check_requirements() { >> + cleanup() { >> + rm "${TMP_INTERMED}" >> + rm "${TMP_DEFINED}" >> + rm "${TMP_COMBINED}" >> + } >> + >> + CFGFILE="$1" >> + [ `basename "${CFGFILE}"` = "${COREDEF}" ]&& return 0 >> + [ `basename "${CFGFILE}"` = "${COREDEF_READONLY}" ]&& return 0 >> + TMP_INTERMED="${TMPROOT}/tmp.$$" >> + TMP_DEFINED="${TMPROOT}/tmpdefined.$$" >> + TMP_COMBINED="${TMPROOT}/tmpcombined.$$" >> + >> + cat ${ROOT_DIR}/etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq> "${TMP_DEFINED}" >> + cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2> "${TMP_INTERMED}" >> + cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq> "${TMP_COMBINED}" >> + NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`" >> + NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`" >> + >> + [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ]&& { >> + echo "Undefined users:" >> + diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" >> + cleanup >> + return 1 >> + } >> >> - cleanup() { >> - rm "${TMP_INTERMED}" >> - rm "${TMP_DEFINED}" >> - rm "${TMP_COMBINED}" >> - } >> - >> - CFGFILE="$1" >> - >> - [ `basename "${CFGFILE}"` = "${COREDEF}" ]&& return 0 >> - >> - TMP_INTERMED="${TMPROOT}/tmp.$$" >> - TMP_DEFINED="${TMPROOT}/tmpdefined.$$" >> - TMP_COMBINED="${TMPROOT}/tmpcombined.$$" >> - >> - >> - cat /etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq> "${TMP_DEFINED}" >> - cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2> "${TMP_INTERMED}" >> - cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq> "${TMP_COMBINED}" >> - >> - NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`" >> - NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`" >> - >> - [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ]&& { >> - echo "Undefined users:" >> - diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" >> - cleanup >> - return 1 >> - } >> - >> - >> - cat /etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq> "${TMP_DEFINED}" >> - cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3> "${TMP_INTERMED}" >> - cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq> "${TMP_COMBINED}" >> >> - NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`" >> - NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`" >> + cat ${ROOT_DIR}/etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq> "${TMP_DEFINED}" >> + cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3> "${TMP_INTERMED}" >> + cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq> "${TMP_COMBINED}" >> >> - [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ]&& { >> - echo "Undefined groups:" >> - diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" >> - cleanup >> - return 1 >> - } >> + NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`" >> + NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`" >> >> - # Add checks for required directories here >> + [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ]&& { >> + echo "Undefined groups:" >> + diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>" >> + cleanup >> + return 1 >> + } >> >> - cleanup >> - return 0 >> - } >> + cleanup >> + return 0 >> +} >> >> apply_cfgfile() { >> + CFGFILE="$1" >> + [ ${VERBOSE} != "no" ]&& echo "Applying config file: $CFGFILE" >> + >> + check_requirements "${CFGFILE}" || { >> + echo "Skipping ${CFGFILE}" >> + return 1 >> + } >> + >> + cat ${CFGFILE} | grep -v "^#" | sed -e '/^$/ d' | \ >> + while read LINE; do >> + eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"` >> + TNAME=${ROOT_DIR}/${TNAME} >> + [ "${VERBOSE}" != "no" ]&& echo "Checking for -${TNAME}-." >> + >> + [ "${TTYPE}" = "l" ]&& { >> + TSOURCE="$TLTARGET" >> + [ "${VERBOSE}" != "no" ]&& echo "Creating link -${TNAME}- pointing to -${TSOURCE}-." >> + link_file "${TSOURCE}" "${TNAME}" >> + continue >> + } >> + case "${TTYPE}" in >> + "f") [ "${VERBOSE}" != "no" ]&& echo "Creating file -${TNAME}-." >> + create_file "${TNAME}" >> + ;; >> + "d") [ "${VERBOSE}" != "no" ]&& echo "Creating directory -${TNAME}-." >> + mk_dir "${TNAME}" >> + ;; >> + *) [ "${VERBOSE}" != "no" ]&& echo "Invalid type -${TTYPE}-." >> + continue >> + ;; >> + esac >> + done >> + return 0 >> +} >> >> - CFGFILE="$1" >> - >> - check_requirements "${CFGFILE}" || { >> - echo "Skipping ${CFGFILE}" >> - return 1 >> - } >> - >> - cat ${CFGFILE} | grep -v "^#" | \ >> - while read LINE; do >> - >> - eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"` >> - >> - [ "${VERBOSE}" != "no" ]&& echo "Checking for -${TNAME}-." >> - >> - >> - [ "${TTYPE}" = "l" ]&& { >> - TSOURCE="$TLTARGET" >> - [ -L "${TNAME}" ] || { >> - [ "${VERBOSE}" != "no" ]&& echo "Creating link -${TNAME}- pointing to -${TSOURCE}-." >> - link_file "${TSOURCE}" "${TNAME}"& >> - } >> - continue >> - } >> - >> - [ -L "${TNAME}" ]&& { >> - [ "${VERBOSE}" != "no" ]&& echo "Found link." >> - NEWNAME=`ls -l "${TNAME}" | sed -e 's/^.*-> \(.*\)$/\1/'` >> - echo ${NEWNAME} | grep -v "^/">/dev/null&& { >> - TNAME="`echo ${TNAME} | sed -e 's@\(.*\)/.*@\1@'`/${NEWNAME}" >> - [ "${VERBOSE}" != "no" ]&& echo "Converted relative linktarget to absolute path -${TNAME}-." >> - } || { >> - TNAME="${NEWNAME}" >> - [ "${VERBOSE}" != "no" ]&& echo "Using absolute link target -${TNAME}-." >> - } >> - } >> - >> - case "${TTYPE}" in >> - "f") [ "${VERBOSE}" != "no" ]&& echo "Creating file -${TNAME}-." >> - create_file "${TNAME}"& >> - ;; >> - "d") [ "${VERBOSE}" != "no" ]&& echo "Creating directory -${TNAME}-." >> - mk_dir "${TNAME}" >> - # Add check to see if there's an entry in fstab to mount. >> - ;; >> - *) [ "${VERBOSE}" != "no" ]&& echo "Invalid type -${TTYPE}-." >> - continue >> - ;; >> - esac >> - >> - >> - done >> - >> - return 0 >> - >> - } >> - >> -clearcache=0 >> -exec 9</proc/cmdline >> -while read line<&9 >> -do >> - case "$line" in >> - *clearcache*) clearcache=1 >> - ;; >> - *) continue >> - ;; >> - esac >> -done >> -exec 9>&- >> - >> -if test -e /etc/volatile.cache -a "$VOLATILE_ENABLE_CACHE" = "yes" -a "x$1" != "xupdate" -a "x$clearcache" = "x0" >> +if test -e ${ROOT_DIR}/etc/volatile.cache -a $VOLATILE_ENABLE_CACHE = yes -a x$1 != xupdate >> then >> - sh /etc/volatile.cache >> + sh ${ROOT_DIR}/etc/volatile.cache >> else >> - rm -f /etc/volatile.cache /etc/volatile.cache.build >> + rm -f ${ROOT_DRI}/etc/volatile.cache ${ROOT_DIR}/etc/volatile.cache.build >> for file in `ls -1 "${CFGDIR}" | sort`; do >> apply_cfgfile "${CFGDIR}/${file}" >> done >> >> - [ -e /etc/volatile.cache.build ]&& sync&& mv /etc/volatile.cache.build /etc/volatile.cache >> + [ -e ${ROOT_DIR}/etc/volatile.cache.build ]&& sync&& mv ${ROOT_DIR}/etc/volatile.cache.build ${ROOT_DIR}/etc/volatile.cache >> fi >> >> -if test -f /etc/ld.so.cache -a ! -f /var/run/ld.so.cache >> +if [ "${ROOT_DIR}" = "/" ]&& [ -f /etc/ld.so.cache ]&& [ ! -f /var/run/ld.so.cache ] >> then >> ln -s /etc/ld.so.cache /var/run/ld.so.cache >> fi >> diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles b/meta/recipes-core/initscripts/initscripts-1.0/volatiles >> index e0741aa..f7e2ef7 100644 >> --- a/meta/recipes-core/initscripts/initscripts-1.0/volatiles >> +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles >> @@ -31,6 +31,7 @@ l root root 1777 /var/lock /var/volatile/lock >> l root root 0755 /var/log /var/volatile/log >> l root root 0755 /var/run /var/volatile/run >> l root root 1777 /var/tmp /var/volatile/tmp >> +l root root 1777 /tmp /var/tmp >> d root root 0755 /var/lock/subsys none >> f root root 0664 /var/log/wtmp none >> f root root 0664 /var/run/utmp none >> diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal >> new file mode 100644 >> index 0000000..6169ecc >> --- /dev/null >> +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal >> @@ -0,0 +1,23 @@ >> +# This configuration file lists filesystem objects specific to readonly rootfs >> +# that should get verified during startup and be created if missing. >> +# >> +# Every line must either be a comment starting with # >> +# or a definition of format: >> +#<type> <owner> <group> <mode> <path> <linksource> >> +# where the items are separated by whitespace ! >> +# >> +#<type> : d|f|l : (d)irectory|(f)ile|(l)ink >> +# >> +# A linking example: >> +# l root root 0777 /var/test /tmp/testfile >> +# f root root 0644 /var/test none >> +# >> +# Understanding links: >> +# When populate-volatile is to verify/create a directory or file, it will first >> +# check its existence. If a link is found to exist in the place of the target, >> +# the path of the target is replaced with the target the link points to. >> +# Thus, if a link is in the place to be verified, the object will be created >> +# in the place the link points to instead. >> +# This explains the order of "link before object" as in the example above, where >> +# a link will be created at /var/test pointing to /tmp/testfile and due to this >> +# link the file defined as /var/test will actually be created as /tmp/testfile. >> diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato >> new file mode 100644 >> index 0000000..e128869 >> --- /dev/null >> +++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato >> @@ -0,0 +1,30 @@ >> +# This configuration file lists filesystem objects specific to readonly rootfs >> +# that should get verified during startup and be created if missing. >> +# >> +# Every line must either be a comment starting with # >> +# or a definition of format: >> +#<type> <owner> <group> <mode> <path> <linksource> >> +# where the items are separated by whitespace ! >> +# >> +#<type> : d|f|l : (d)irectory|(f)ile|(l)ink >> +# >> +# A linking example: >> +# l root root 0777 /var/test /tmp/testfile >> +# f root root 0644 /var/test none >> +# >> +# Understanding links: >> +# When populate-volatile is to verify/create a directory or file, it will first >> +# check it's existence. If a link is found to exist in the place of the target, >> +# the path of the target is replaced with the target the link points to. >> +# Thus, if a link is in the place to be verified, the object will be created >> +# in the place the link points to instead. >> +# This explains the order of "link before object" as in the example above, where >> +# a link will be created at /var/test pointing to /tmp/testfile and due to this >> +# link the file defined as /var/test will actually be created as /tmp/testfile. >> +d root root 0755 /var/volatile/lib/ none >> +d root root 0755 /var/volatile/lib/dropbear/ none >> +d root root 0755 /var/volatile/lib/nfs/ none >> +d root root 1777 /var/volatile/lib/dbus/ none >> +l root root 0755 /var/lib/dropbear /var/volatile/lib/dropbear >> +l root root 0755 /var/lib/nfs /var/volatile/lib/nfs >> +l root root 0755 /var/lib/dbus /var/volatile/lib/dbus >> diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb >> index 39be9a8..d0869ea 100644 >> --- a/meta/recipes-core/initscripts/initscripts_1.0.bb >> +++ b/meta/recipes-core/initscripts/initscripts_1.0.bb >> @@ -3,7 +3,7 @@ DESCRIPTION = "Initscripts provide the basic system startup initialization scrip >> SECTION = "base" >> LICENSE = "GPLv2" >> LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" >> -PR = "r138" >> +PR = "r139" >> >> INHIBIT_DEFAULT_DEPS = "1" >> >> @@ -30,8 +30,10 @@ SRC_URI = "file://functions \ >> file://device_table.txt \ >> file://populate-volatile.sh \ >> file://volatiles \ >> + file://volatiles-readonly-minimal \ >> + file://volatiles-readonly-sato \ >> file://save-rtc.sh \ >> - file://GPLv2.patch" >> + file://GPLv2.patch" >> >> SRC_URI_append_arm = " file://alignment.sh" >> >> @@ -86,6 +88,15 @@ do_install () { >> install -m 0755 ${WORKDIR}/populate-volatile.sh ${D}${sysconfdir}/init.d >> install -m 0755 ${WORKDIR}/save-rtc.sh ${D}${sysconfdir}/init.d >> install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/00_core >> + # Install read-only rootfs specific config files in case of an read-only-rootfs image >> + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false" ,d)}; then >> + if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then >> + install -m 0644 ${WORKDIR}/volatiles-readonly-sato ${D}${sysconfdir}/default/volatiles/00_core_readonly >> + else >> + install -m 0644 ${WORKDIR}/volatiles-readonly-minimal ${D}${sysconfdir}/default/volatiles/00_core_readonly >> + fi >> + fi >> + >> if [ "${TARGET_ARCH}" = "arm" ]; then >> install -m 0755 ${WORKDIR}/alignment.sh ${D}${sysconfdir}/init.d >> fi >> -- >> 1.7.9.5 >> >> >> _______________________________________________ >> Openembedded-core mailing list >> Openembedded-core@lists.openembedded.org >> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 2/2] rootfs_xxx.bbclass: support read-only-rootfs image feature 2012-12-24 7:54 [PATCH 0/2] read-only rootfs support Qi.Chen 2012-12-24 7:54 ` [PATCH 1/2] initscripts: support read-only rootfs Qi.Chen @ 2012-12-24 7:54 ` Qi.Chen 2012-12-25 8:19 ` [PATCH V2 0/2] read-only rootfs support Martin Jansa 2 siblings, 0 replies; 7+ messages in thread From: Qi.Chen @ 2012-12-24 7:54 UTC (permalink / raw) To: openembedded-core; +Cc: Zhenfeng.Zhao From: Chen Qi <Qi.Chen@windriver.com> If IMAGE_FEATUERS contains 'read-only-rootfs', we make populate-volatile.sh run at rootfs time to set up basic files and directories. [YOCTO #3406] Signed-off-by: Chen Qi <Qi.Chen@windriver.com> --- meta/classes/rootfs_deb.bbclass | 14 ++++++++++++++ meta/classes/rootfs_ipk.bbclass | 15 +++++++++++++++ meta/classes/rootfs_rpm.bbclass | 20 +++++++++++++++++++- 3 files changed, 48 insertions(+), 1 deletion(-) diff --git a/meta/classes/rootfs_deb.bbclass b/meta/classes/rootfs_deb.bbclass index 293953d..052d5d9 100644 --- a/meta/classes/rootfs_deb.bbclass +++ b/meta/classes/rootfs_deb.bbclass @@ -84,6 +84,20 @@ fakeroot rootfs_deb_do_rootfs () { ${ROOTFS_POSTPROCESS_COMMAND} + # Let populate-volatile.sh run at rootfs time in case of an read-only rootfs + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then + if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then + echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist." + exit 1 + else + ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh + if [ $? != 0 ]; then + echo "Running populate-volatile.sh under ${IMAGE_ROOTFS} failed" + exit 1 + fi + fi + fi + log_check rootfs } diff --git a/meta/classes/rootfs_ipk.bbclass b/meta/classes/rootfs_ipk.bbclass index 5c962de..b851049 100644 --- a/meta/classes/rootfs_ipk.bbclass +++ b/meta/classes/rootfs_ipk.bbclass @@ -114,6 +114,21 @@ fakeroot rootfs_ipk_do_rootfs () { remove_packaging_data_files fi fi + + # Let populate-volatile.sh run at rootfs time in case of a read-only-rootfs image + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then + if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then + echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist." + exit 1 + else + ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh + if [ $? != 0 ]; then + echo "Running populate-volatile.sh under ${IMAGE_ROOTFS} failed" + exit 1 + fi + fi + fi + set +x log_check rootfs } diff --git a/meta/classes/rootfs_rpm.bbclass b/meta/classes/rootfs_rpm.bbclass index f7e4c5e..733764a 100644 --- a/meta/classes/rootfs_rpm.bbclass +++ b/meta/classes/rootfs_rpm.bbclass @@ -89,6 +89,8 @@ fakeroot rootfs_rpm_do_rootfs () { # Report delayed package scriptlets for i in ${IMAGE_ROOTFS}/etc/rpm-postinsts/*; do + # We should add a check here to check whether we're building a read-only rootfs + # If so, exit 1, because there are still postintalls that are to be run on target. if [ -f $i ]; then echo "Delayed package scriptlet: `head -n 3 $i | tail -n 1`" fi @@ -104,7 +106,7 @@ for i in /etc/rpm-postinsts/*; do if [ -f $i ] && $i; then rm $i else - echo "ERROR: postinst $i failed." + [ -f $i ] && echo "ERROR: postinst $i failed." fi done rm -f ${sysconfdir}/rcS.d/S${POSTINSTALL_INITPOSITION}run-postinsts @@ -127,6 +129,22 @@ EOF # Remove all remaining resolver files rm -rf ${IMAGE_ROOTFS}/install + # Run init scripts that are necessary in case of an read-only rootfs + if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then + if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then + echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist." + exit 1 + else + # Run populate_volatile.sh under ${IMAGE_ROOTFS} to set up basic + # directories and files which are related to volatile storage. + ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh + if [ $? != 0 ]; then + echo "Running populate-volatile.sh under ${IMAGE_ROOTFS} failed" + exit 1 + fi + fi + fi + log_check rootfs } -- 1.7.9.5 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH V2 0/2] read-only rootfs support 2012-12-24 7:54 [PATCH 0/2] read-only rootfs support Qi.Chen 2012-12-24 7:54 ` [PATCH 1/2] initscripts: support read-only rootfs Qi.Chen 2012-12-24 7:54 ` [PATCH 2/2] rootfs_xxx.bbclass: support read-only-rootfs image feature Qi.Chen @ 2012-12-25 8:19 ` Martin Jansa 2012-12-25 9:23 ` ChenQi 2 siblings, 1 reply; 7+ messages in thread From: Martin Jansa @ 2012-12-25 8:19 UTC (permalink / raw) To: Qi.Chen; +Cc: Zhenfeng.Zhao, openembedded-core [-- Attachment #1: Type: text/plain, Size: 2672 bytes --] On Tue, Dec 25, 2012 at 10:55:03AM +0800, Qi.Chen@windriver.com wrote: > From: Chen Qi <Qi.Chen@windriver.com> > > Add read-only rootfs support to sysvinit startup system. > The main changes are: > 1) Let rootfs_xxx.bbclass support 'read-only-rootfs' image feature. > If IMAGE_FEATURES contains 'read-only-rootfs', then the populate-volatile.sh > script is run at rootfs time to set up basic directories and files. > 2) Improve the populate-volatile.sh init script. > 3) Add two config files specific to read-only-rootfs image, which are to be used > by the populate-volatile.sh script. > 4) Automatically adjust the mount options in fstab when 'read-only-rootfs' is in > IMAGE_FEATURES. > > Version 2 fixes a problem version one has, that is, if we build an image without > 'read-only-rootfs' image feature after we built one that has this feature, the > mount options in fstab is wrong. initscripts recipe still have that issue. Cheers, > The following changes since commit 90c0eb29f0b41e4ac2d3d17ebad7295c2ebdc02a: > > rootfs_rpm.bbclass: remove debug code (2012-12-19 21:43:55 +0000) > > are available in the git repository at: > > git://git.pokylinux.org/poky-contrib ChenQi/readonly-rootfs > http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=ChenQi/readonly-rootfs > > Chen Qi (2): > initscripts: support read-only rootfs > rootfs_xxx.bbclass: support read-only-rootfs image feature > > meta/classes/rootfs_deb.bbclass | 14 + > meta/classes/rootfs_ipk.bbclass | 15 ++ > meta/classes/rootfs_rpm.bbclass | 20 +- > meta/recipes-core/base-files/base-files_3.0.14.bb | 8 +- > .../initscripts/initscripts-1.0/bootmisc.sh | 9 +- > .../initscripts-1.0/populate-volatile.sh | 285 ++++++++++---------- > .../initscripts/initscripts-1.0/volatiles | 1 + > .../initscripts-1.0/volatiles-readonly-minimal | 23 ++ > .../initscripts-1.0/volatiles-readonly-sato | 30 +++ > meta/recipes-core/initscripts/initscripts_1.0.bb | 15 +- > 10 files changed, 265 insertions(+), 155 deletions(-) > create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal > create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato > > -- > 1.7.9.5 > > > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core -- Martin 'JaMa' Jansa jabber: Martin.Jansa@gmail.com [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 205 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH V2 0/2] read-only rootfs support 2012-12-25 8:19 ` [PATCH V2 0/2] read-only rootfs support Martin Jansa @ 2012-12-25 9:23 ` ChenQi 0 siblings, 0 replies; 7+ messages in thread From: ChenQi @ 2012-12-25 9:23 UTC (permalink / raw) To: Martin Jansa; +Cc: Zhenfeng.Zhao, openembedded-core On 12/25/2012 04:19 PM, Martin Jansa wrote: > On Tue, Dec 25, 2012 at 10:55:03AM +0800, Qi.Chen@windriver.com wrote: >> From: Chen Qi<Qi.Chen@windriver.com> >> >> Add read-only rootfs support to sysvinit startup system. >> The main changes are: >> 1) Let rootfs_xxx.bbclass support 'read-only-rootfs' image feature. >> If IMAGE_FEATURES contains 'read-only-rootfs', then the populate-volatile.sh >> script is run at rootfs time to set up basic directories and files. >> 2) Improve the populate-volatile.sh init script. >> 3) Add two config files specific to read-only-rootfs image, which are to be used >> by the populate-volatile.sh script. >> 4) Automatically adjust the mount options in fstab when 'read-only-rootfs' is in >> IMAGE_FEATURES. >> >> Version 2 fixes a problem version one has, that is, if we build an image without >> 'read-only-rootfs' image feature after we built one that has this feature, the >> mount options in fstab is wrong. > initscripts recipe still have that issue. > > Cheers, Yes, you're right. If we build an image without 'read-only-rootfs' image feature after we built one that has, all symbolic links used for an read-only-rootfs image should be removed and corresponding directories should be created. Thanks a lot for your review and reply. I'll fix this problem and send out a V3. Best Regards, Chen Qi >> The following changes since commit 90c0eb29f0b41e4ac2d3d17ebad7295c2ebdc02a: >> >> rootfs_rpm.bbclass: remove debug code (2012-12-19 21:43:55 +0000) >> >> are available in the git repository at: >> >> git://git.pokylinux.org/poky-contrib ChenQi/readonly-rootfs >> http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=ChenQi/readonly-rootfs >> >> Chen Qi (2): >> initscripts: support read-only rootfs >> rootfs_xxx.bbclass: support read-only-rootfs image feature >> >> meta/classes/rootfs_deb.bbclass | 14 + >> meta/classes/rootfs_ipk.bbclass | 15 ++ >> meta/classes/rootfs_rpm.bbclass | 20 +- >> meta/recipes-core/base-files/base-files_3.0.14.bb | 8 +- >> .../initscripts/initscripts-1.0/bootmisc.sh | 9 +- >> .../initscripts-1.0/populate-volatile.sh | 285 ++++++++++---------- >> .../initscripts/initscripts-1.0/volatiles | 1 + >> .../initscripts-1.0/volatiles-readonly-minimal | 23 ++ >> .../initscripts-1.0/volatiles-readonly-sato | 30 +++ >> meta/recipes-core/initscripts/initscripts_1.0.bb | 15 +- >> 10 files changed, 265 insertions(+), 155 deletions(-) >> create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal >> create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato >> >> -- >> 1.7.9.5 >> >> >> _______________________________________________ >> Openembedded-core mailing list >> Openembedded-core@lists.openembedded.org >> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2012-12-25 9:38 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2012-12-24 7:54 [PATCH 0/2] read-only rootfs support Qi.Chen 2012-12-24 7:54 ` [PATCH 1/2] initscripts: support read-only rootfs Qi.Chen 2012-12-24 8:14 ` Martin Jansa 2012-12-24 8:24 ` ChenQi 2012-12-24 7:54 ` [PATCH 2/2] rootfs_xxx.bbclass: support read-only-rootfs image feature Qi.Chen 2012-12-25 8:19 ` [PATCH V2 0/2] read-only rootfs support Martin Jansa 2012-12-25 9:23 ` ChenQi
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.