* [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems
@ 2014-07-28 5:34 Chen Qi
2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Chen Qi @ 2014-07-28 5:34 UTC (permalink / raw)
To: openembedded-core; +Cc: clarson
This patchset mainly comes from https://github.com/MentorEmbedded/meta-ro-rootfs with only a little
modification.
//Chen Qi
The following changes since commit 3f7fcbc167c13bdaa6c12a81c7851530d72f02e0:
directfb-examples: Fix building with new autoconf (2014-07-27 08:30:13 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib ChenQi/systemd_readonly
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=ChenQi/systemd_readonly
Chen Qi (3):
volatile-binds: add recipe
systemd: add volatile-binds to RDEPENDS
image.bbclass: tweak read_only_rootfs_hook to also support systemd
based systems
meta/classes/image.bbclass | 5 +-
meta/recipes-core/systemd/systemd_213.bb | 1 +
meta/recipes-core/volatile-binds/files/COPYING.MIT | 17 +++++
.../volatile-binds/files/mount-copybind | 34 +++++++++
.../volatile-binds/files/volatile-binds.service.in | 19 +++++
meta/recipes-core/volatile-binds/volatile-binds.bb | 74 ++++++++++++++++++++
6 files changed, 148 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-core/volatile-binds/files/COPYING.MIT
create mode 100755 meta/recipes-core/volatile-binds/files/mount-copybind
create mode 100644 meta/recipes-core/volatile-binds/files/volatile-binds.service.in
create mode 100644 meta/recipes-core/volatile-binds/volatile-binds.bb
--
1.7.9.5
^ permalink raw reply [flat|nested] 9+ messages in thread* [PATCH 1/3] volatile-binds: add recipe 2014-07-28 5:34 [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems Chen Qi @ 2014-07-28 5:34 ` Chen Qi 2014-07-28 13:00 ` Burton, Ross 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi 2014-07-28 5:34 ` [PATCH 3/3] image.bbclass: tweak read_only_rootfs_hook to also support systemd based systems Chen Qi 2 siblings, 1 reply; 9+ messages in thread From: Chen Qi @ 2014-07-28 5:34 UTC (permalink / raw) To: openembedded-core; +Cc: clarson --- meta/recipes-core/volatile-binds/files/COPYING.MIT | 17 +++++ .../volatile-binds/files/mount-copybind | 34 +++++++++ .../volatile-binds/files/volatile-binds.service.in | 19 +++++ meta/recipes-core/volatile-binds/volatile-binds.bb | 74 ++++++++++++++++++++ 4 files changed, 144 insertions(+) create mode 100644 meta/recipes-core/volatile-binds/files/COPYING.MIT create mode 100755 meta/recipes-core/volatile-binds/files/mount-copybind create mode 100644 meta/recipes-core/volatile-binds/files/volatile-binds.service.in create mode 100644 meta/recipes-core/volatile-binds/volatile-binds.bb diff --git a/meta/recipes-core/volatile-binds/files/COPYING.MIT b/meta/recipes-core/volatile-binds/files/COPYING.MIT new file mode 100644 index 0000000..7e7d574 --- /dev/null +++ b/meta/recipes-core/volatile-binds/files/COPYING.MIT @@ -0,0 +1,17 @@ +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR +THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/meta/recipes-core/volatile-binds/files/mount-copybind b/meta/recipes-core/volatile-binds/files/mount-copybind new file mode 100755 index 0000000..2aeaf84 --- /dev/null +++ b/meta/recipes-core/volatile-binds/files/mount-copybind @@ -0,0 +1,34 @@ +#!/bin/sh +# +# Perform a bind mount, copying existing files as we do so to ensure the +# overlaid path has the necessary content. + +if [ $# -lt 2 ]; then + echo >&2 "Usage: $0 spec mountpoint [OPTIONS]" + exit 1 +fi + +spec=$1 +mountpoint=$2 + +if [ $# -gt 2 ]; then + options=$3 +else + options= +fi + +[ -n "$options" ] && options=",$options" + +mkdir -p "${spec%/*}" +if [ -d "$mountpoint" ]; then + if [ ! -d "$spec" ]; then + mkdir "$spec" + cp -pPR "$mountpoint"/. "$spec/" + fi +elif [ -f "$mountpoint" ]; then + if [ ! -f "$spec" ]; then + cp -pP "$mountpoint" "$spec" + fi +fi + +mount -o "bind$options" "$spec" "$mountpoint" diff --git a/meta/recipes-core/volatile-binds/files/volatile-binds.service.in b/meta/recipes-core/volatile-binds/files/volatile-binds.service.in new file mode 100644 index 0000000..32be5b4 --- /dev/null +++ b/meta/recipes-core/volatile-binds/files/volatile-binds.service.in @@ -0,0 +1,19 @@ +[Unit] +Description=Bind mount volatile @where@ +DefaultDependencies=false +Before=local-fs.target +RequiresMountsFor=@whatparent@ @whereparent@ +ConditionPathIsReadWrite=@whatparent@ +ConditionPathExists=@where@ +ConditionPathIsReadWrite=!@where@ + +[Service] +Type=oneshot +RemainAfterExit=Yes +StandardOutput=syslog +TimeoutSec=0 +ExecStart=/sbin/mount-copybind @what@ @where@ +ExecStop=/sbin/umount @where@ + +[Install] +WantedBy=local-fs.target diff --git a/meta/recipes-core/volatile-binds/volatile-binds.bb b/meta/recipes-core/volatile-binds/volatile-binds.bb new file mode 100644 index 0000000..7d6bf32 --- /dev/null +++ b/meta/recipes-core/volatile-binds/volatile-binds.bb @@ -0,0 +1,74 @@ +SUMMARY = "Volatile bind mount setup and configuration for read-only-rootfs" +DESCRIPTION = "${SUMMARY}" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://../COPYING.MIT;md5=5750f3aa4ea2b00c2bf21b2b2a7b714d" + +SRC_URI = "\ + file://mount-copybind \ + file://COPYING.MIT \ + file://volatile-binds.service.in \ +" + +inherit allarch systemd + +VOLATILE_BINDS ?= "\ + /var/volatile/lib /var/lib\n\ +" +VOLATILE_BINDS[type] = "list" +VOLATILE_BINDS[separator] = "\n" + +def volatile_systemd_services(d): + services = [] + for line in oe.data.typed_value("VOLATILE_BINDS", d): + if not line: + continue + what, where = line.split(None, 1) + services.append("%s.service" % what[1:].replace("/", "-")) + return " ".join(services) + +SYSTEMD_SERVICE_volatile-binds = "${@volatile_systemd_services(d)}" + +FILES_${PN} += "${systemd_unitdir}/system/*.service" + +do_compile () { + while read spec mountpoint; do + if [ -z "$spec" ]; then + continue + fi + + servicefile="${spec#/}" + servicefile="$(echo "$servicefile" | tr / -).service" + sed -e "s#@what@#$spec#g; s#@where@#$mountpoint#g" \ + -e "s#@whatparent@#${spec%/*}#g; s#@whereparent@#${mountpoint%/*}#g" \ + volatile-binds.service.in >$servicefile + done <<END +${@d.getVar('VOLATILE_BINDS', True).replace("\\n", "\n")} +END + + if [ -e var-volatile-lib.service ]; then + # As the seed is stored under /var/lib, ensure that this service runs + # after the volatile /var/lib is mounted. + sed -i -e "/^Before=/s/\$/ systemd-random-seed.service/" \ + -e "/^WantedBy=/s/\$/ systemd-random-seed.service/" \ + var-volatile-lib.service + fi +} +do_compile[dirs] = "${WORKDIR}" + +do_install () { + install -d ${D}${base_sbindir} + install -m 0755 mount-copybind ${D}${base_sbindir}/ + + install -d ${D}${systemd_unitdir}/system + for service in ${SYSTEMD_SERVICE_volatile-binds}; do + install -m 0644 $service ${D}${systemd_unitdir}/system/ + done +} +do_install[dirs] = "${WORKDIR}" + +# This package is only for systemd based systems. So building it with 'systemd' +# missing in DISTRO_FEATURES makes no sense. +python () { + if not bb.utils.contains ('DISTRO_FEATURES', 'systemd', True, False, d): + raise bb.parse.SkipPackage("'systemd' not in DISTRO_FEATURES") +} -- 1.7.9.5 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 1/3] volatile-binds: add recipe 2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi @ 2014-07-28 13:00 ` Burton, Ross 2014-07-29 2:06 ` ChenQi 0 siblings, 1 reply; 9+ messages in thread From: Burton, Ross @ 2014-07-28 13:00 UTC (permalink / raw) To: Chen Qi; +Cc: Chris Larson, OE-core On 28 July 2014 06:34, Chen Qi <Qi.Chen@windriver.com> wrote: > +# This package is only for systemd based systems. So building it with 'systemd' > +# missing in DISTRO_FEATURES makes no sense. > +python () { > + if not bb.utils.contains ('DISTRO_FEATURES', 'systemd', True, False, d): > + raise bb.parse.SkipPackage("'systemd' not in DISTRO_FEATURES") > +} There's a class to help with this: distro_features_check.bbclass. Ross ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/3] volatile-binds: add recipe 2014-07-28 13:00 ` Burton, Ross @ 2014-07-29 2:06 ` ChenQi 0 siblings, 0 replies; 9+ messages in thread From: ChenQi @ 2014-07-29 2:06 UTC (permalink / raw) To: Burton, Ross; +Cc: Chris Larson, OE-core On 07/28/2014 09:00 PM, Burton, Ross wrote: > On 28 July 2014 06:34, Chen Qi <Qi.Chen@windriver.com> wrote: >> +# This package is only for systemd based systems. So building it with 'systemd' >> +# missing in DISTRO_FEATURES makes no sense. >> +python () { >> + if not bb.utils.contains ('DISTRO_FEATURES', 'systemd', True, False, d): >> + raise bb.parse.SkipPackage("'systemd' not in DISTRO_FEATURES") >> +} > There's a class to help with this: distro_features_check.bbclass. > > Ross > > Got it. I'll send out a V2. Thanks! //Chen Qi ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 2/3] systemd: add volatile-binds to RDEPENDS 2014-07-28 5:34 [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems Chen Qi 2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi @ 2014-07-28 5:34 ` Chen Qi 2014-07-28 13:21 ` Richard Purdie 2014-08-20 6:45 ` Koen Kooi 2014-07-28 5:34 ` [PATCH 3/3] image.bbclass: tweak read_only_rootfs_hook to also support systemd based systems Chen Qi 2 siblings, 2 replies; 9+ messages in thread From: Chen Qi @ 2014-07-28 5:34 UTC (permalink / raw) To: openembedded-core; +Cc: clarson --- meta/recipes-core/systemd/systemd_213.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-core/systemd/systemd_213.bb b/meta/recipes-core/systemd/systemd_213.bb index 5de7cdc..4fb7ffc 100644 --- a/meta/recipes-core/systemd/systemd_213.bb +++ b/meta/recipes-core/systemd/systemd_213.bb @@ -243,6 +243,7 @@ FILES_${PN}-dbg += "${rootlibdir}/.debug ${systemd_unitdir}/.debug ${systemd_uni FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV})" +RDEPENDS_${PN} += "volatile-binds" RRECOMMENDS_${PN} += "systemd-serialgetty systemd-compat-units udev-hwdb\ util-linux-agetty \ -- 1.7.9.5 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 2/3] systemd: add volatile-binds to RDEPENDS 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi @ 2014-07-28 13:21 ` Richard Purdie 2014-07-29 2:05 ` ChenQi 2014-08-20 6:45 ` Koen Kooi 1 sibling, 1 reply; 9+ messages in thread From: Richard Purdie @ 2014-07-28 13:21 UTC (permalink / raw) To: Chen Qi; +Cc: clarson, openembedded-core On Mon, 2014-07-28 at 13:34 +0800, Chen Qi wrote: > --- > meta/recipes-core/systemd/systemd_213.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-core/systemd/systemd_213.bb b/meta/recipes-core/systemd/systemd_213.bb > index 5de7cdc..4fb7ffc 100644 > --- a/meta/recipes-core/systemd/systemd_213.bb > +++ b/meta/recipes-core/systemd/systemd_213.bb > @@ -243,6 +243,7 @@ FILES_${PN}-dbg += "${rootlibdir}/.debug ${systemd_unitdir}/.debug ${systemd_uni > FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" > > RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV})" > +RDEPENDS_${PN} += "volatile-binds" > > RRECOMMENDS_${PN} += "systemd-serialgetty systemd-compat-units udev-hwdb\ > util-linux-agetty \ Do we always need/want to include this? Does this have any implications for rw systems? I couldn't immediately see how this triggers on a ro system... Cheers, Richard ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 2/3] systemd: add volatile-binds to RDEPENDS 2014-07-28 13:21 ` Richard Purdie @ 2014-07-29 2:05 ` ChenQi 0 siblings, 0 replies; 9+ messages in thread From: ChenQi @ 2014-07-29 2:05 UTC (permalink / raw) To: Richard Purdie; +Cc: clarson, openembedded-core On 07/28/2014 09:21 PM, Richard Purdie wrote: > On Mon, 2014-07-28 at 13:34 +0800, Chen Qi wrote: >> --- >> meta/recipes-core/systemd/systemd_213.bb | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/meta/recipes-core/systemd/systemd_213.bb b/meta/recipes-core/systemd/systemd_213.bb >> index 5de7cdc..4fb7ffc 100644 >> --- a/meta/recipes-core/systemd/systemd_213.bb >> +++ b/meta/recipes-core/systemd/systemd_213.bb >> @@ -243,6 +243,7 @@ FILES_${PN}-dbg += "${rootlibdir}/.debug ${systemd_unitdir}/.debug ${systemd_uni >> FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" >> >> RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV})" >> +RDEPENDS_${PN} += "volatile-binds" >> >> RRECOMMENDS_${PN} += "systemd-serialgetty systemd-compat-units udev-hwdb\ >> util-linux-agetty \ > Do we always need/want to include this? Does this have any implications > for rw systems? I couldn't immediately see how this triggers on a ro > system... > > Cheers, > > Richard > > > Hi Richard, Take var-lib-volatile.service as an example. In the service file, we have: ConditionPathIsReadWrite=!/var/lib So if /var/lib is rw, the service is not started. On a ro system, /var/lib is read-only, and the service is started. I just realized that I didn't put comments in these patches. I'll send out a V2. Best Regards, Chen Qi ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 2/3] systemd: add volatile-binds to RDEPENDS 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi 2014-07-28 13:21 ` Richard Purdie @ 2014-08-20 6:45 ` Koen Kooi 1 sibling, 0 replies; 9+ messages in thread From: Koen Kooi @ 2014-08-20 6:45 UTC (permalink / raw) To: Chen Qi; +Cc: clarson, openembedded-core Op 28 jul. 2014, om 07:34 heeft Chen Qi <Qi.Chen@windriver.com> het volgende geschreven: > --- > meta/recipes-core/systemd/systemd_213.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-core/systemd/systemd_213.bb b/meta/recipes-core/systemd/systemd_213.bb > index 5de7cdc..4fb7ffc 100644 > --- a/meta/recipes-core/systemd/systemd_213.bb > +++ b/meta/recipes-core/systemd/systemd_213.bb > @@ -243,6 +243,7 @@ FILES_${PN}-dbg += "${rootlibdir}/.debug ${systemd_unitdir}/.debug ${systemd_uni > FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" > > RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV})" > +RDEPENDS_${PN} += "volatile-binds" I'm seeing more and more patches using this pattern and I'm wondering why. The above is only adding more bitbake overhead, why can't you just write it as: RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV}) \ volatile-binds" ? ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 3/3] image.bbclass: tweak read_only_rootfs_hook to also support systemd based systems 2014-07-28 5:34 [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems Chen Qi 2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi @ 2014-07-28 5:34 ` Chen Qi 2 siblings, 0 replies; 9+ messages in thread From: Chen Qi @ 2014-07-28 5:34 UTC (permalink / raw) To: openembedded-core; +Cc: clarson --- meta/classes/image.bbclass | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index da13bb8..82605f2 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -199,9 +199,10 @@ do_rootfs[umask] = "022" # A hook function to support read-only-rootfs IMAGE_FEATURES # Currently, it only supports sysvinit system. read_only_rootfs_hook () { + # Tweak the mount option and fs_passno for rootfs in fstab + sed -i -e '/^[#[:space:]]*\/dev\/root/{s/defaults/ro/;s/\([[:space:]]*[[:digit:]]\)\([[:space:]]*\)[[:digit:]]$/\1\20/}' ${IMAGE_ROOTFS}/etc/fstab + if ${@bb.utils.contains("DISTRO_FEATURES", "sysvinit", "true", "false", d)}; then - # Tweak the mount option and fs_passno for rootfs in fstab - sed -i -e '/^[#[:space:]]*\/dev\/root/{s/defaults/ro/;s/\([[:space:]]*[[:digit:]]\)\([[:space:]]*\)[[:digit:]]$/\1\20/}' ${IMAGE_ROOTFS}/etc/fstab # Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes if [ -e ${IMAGE_ROOTFS}/etc/default/rcS ]; then sed -i 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' ${IMAGE_ROOTFS}/etc/default/rcS -- 1.7.9.5 ^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2014-08-20 6:45 UTC | newest] Thread overview: 9+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2014-07-28 5:34 [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems Chen Qi 2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi 2014-07-28 13:00 ` Burton, Ross 2014-07-29 2:06 ` ChenQi 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi 2014-07-28 13:21 ` Richard Purdie 2014-07-29 2:05 ` ChenQi 2014-08-20 6:45 ` Koen Kooi 2014-07-28 5:34 ` [PATCH 3/3] image.bbclass: tweak read_only_rootfs_hook to also support systemd based systems Chen Qi
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.