* [PATCH 0/2] [RFC] fix systemd-resolved and connman boot in read only rootfs @ 2017-06-12 15:10 Maxin B. John 2017-06-12 15:10 ` [PATCH 1/2] systemd: enable resolved and networkd Maxin B. John 2017-06-12 15:10 ` [PATCH 2/2] connman: correct the systemd boot in read only rootfs Maxin B. John 0 siblings, 2 replies; 6+ messages in thread From: Maxin B. John @ 2017-06-12 15:10 UTC (permalink / raw) To: openembedded-core 1. Enable systemd-resolved and systemd-networkd by default 2. Fix systemd-resolved in read only rootfs 3. Fix connman for read-only rootfs 4. Resolve the conflict with systemd-resolved and connman Maxin B. John (2): systemd: enable resolved and networkd connman: correct the systemd boot in read only rootfs meta/recipes-connectivity/connman/connman.inc | 15 ++++++++++- ...vice-stop-systemd-resolved-when-we-use-co.patch | 29 ++++++++++++++++++++++ meta/recipes-connectivity/connman/connman_1.34.bb | 1 + meta/recipes-core/systemd/systemd_232.bb | 13 +++++++--- 4 files changed, 54 insertions(+), 4 deletions(-) create mode 100644 meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch -- 2.4.0 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/2] systemd: enable resolved and networkd 2017-06-12 15:10 [PATCH 0/2] [RFC] fix systemd-resolved and connman boot in read only rootfs Maxin B. John @ 2017-06-12 15:10 ` Maxin B. John 2017-07-06 15:12 ` Patrick Ohly 2017-06-12 15:10 ` [PATCH 2/2] connman: correct the systemd boot in read only rootfs Maxin B. John 1 sibling, 1 reply; 6+ messages in thread From: Maxin B. John @ 2017-06-12 15:10 UTC (permalink / raw) To: openembedded-core Enable systemd-resolved and systemd-networkd by default. Make it co-exist with connman and Fix associated problems in read-only rootfs. Fixes [YOCTO #11331] Signed-off-by: Maxin B. John <maxin.john@intel.com> --- meta/recipes-core/systemd/systemd_232.bb | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/meta/recipes-core/systemd/systemd_232.bb b/meta/recipes-core/systemd/systemd_232.bb index f843c58..6aeccbd 100644 --- a/meta/recipes-core/systemd/systemd_232.bb +++ b/meta/recipes-core/systemd/systemd_232.bb @@ -62,6 +62,8 @@ PACKAGECONFIG ??= "xz \ firstboot \ utmp \ polkit \ + resolved \ + networkd \ " PACKAGECONFIG_remove_libc-musl = "selinux" PACKAGECONFIG_remove_libc-musl = "smack" @@ -244,9 +246,10 @@ do_install() { echo 'L! ${sysconfdir}/resolv.conf - - - - ../run/systemd/resolve/resolv.conf' >>${D}${exec_prefix}/lib/tmpfiles.d/etc.conf echo 'd /run/systemd/resolve 0755 root root -' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf echo 'f /run/systemd/resolve/resolv.conf 0644 root root' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf - ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd else sed -i -e "s%^L! /etc/resolv.conf.*$%L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf%g" ${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd fi install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON ${D}${systemd_unitdir}/systemd-sysv-install } @@ -451,7 +454,7 @@ FILES_${PN} = " ${base_bindir}/* \ ${sysconfdir}/tmpfiles.d/ \ ${sysconfdir}/xdg/ \ ${sysconfdir}/init.d/README \ - ${sysconfdir}/resolv.conf \ + ${sysconfdir}/resolv-conf.systemd \ ${rootlibexecdir}/systemd/* \ ${systemd_unitdir}/* \ ${base_libdir}/security/*.so \ @@ -535,7 +538,7 @@ python __anonymous() { # TODO: # u-a for runlevel and telinit -ALTERNATIVE_${PN} = "init halt reboot shutdown poweroff runlevel" +ALTERNATIVE_${PN} = "init halt reboot shutdown poweroff runlevel resolv-conf" ALTERNATIVE_TARGET[init] = "${rootlibexecdir}/systemd/systemd" ALTERNATIVE_LINK_NAME[init] = "${base_sbindir}/init" @@ -561,6 +564,10 @@ ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl" ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel" ALTERNATIVE_PRIORITY[runlevel] ?= "300" +ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd" +ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" +ALTERNATIVE_PRIORITY[resolv-conf] ?= "50" + pkg_postinst_${PN} () { sed -e '/^hosts:/s/\s*\<myhostname\>//' \ -e 's/\(^hosts:.*\)\(\<files\>\)\(.*\)\(\<dns\>\)\(.*\)/\1\2 myhostname \3\4\5/' \ -- 2.4.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] systemd: enable resolved and networkd 2017-06-12 15:10 ` [PATCH 1/2] systemd: enable resolved and networkd Maxin B. John @ 2017-07-06 15:12 ` Patrick Ohly 2017-07-07 8:10 ` Maxin B. John 0 siblings, 1 reply; 6+ messages in thread From: Patrick Ohly @ 2017-07-06 15:12 UTC (permalink / raw) To: Maxin B. John; +Cc: openembedded-core On Mon, 2017-06-12 at 18:10 +0300, Maxin B. John wrote: > Enable systemd-resolved and systemd-networkd by default. > Make it co-exist with connman and Fix associated problems > in read-only rootfs. > > Fixes [YOCTO #11331] Let me come back to this, because I think it is not quite working as intended yet. The goal is that the "right" resolver is chosen via alternative priorities, right? So during build time, we set /etc/resolv.conf to what is the desired resolver. However, there's still a L+ entry for /etc/resolv.conf in /usr/lib/tmpfiles.d/connman_resolvconf.conf: L+ /etc/resolv.conf - - - - /var/run/connman/resolv.conf As a result, when systemd is used and the rootfs is read/write, then systemd overwrites /etc/resolv.conf, leading to: # ls -l /etc/resolv.conf lrwxrwxrwx 1 root root 28 Jul 6 14:44 /etc/resolv.conf -> /var/run/connman/resolv.conf That happens even if systemd-resolved has a higher priority and should be used. Maxin, do you agree? Can you finish this work and patch the ConnMan recipe so that it behaves as expected? -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] systemd: enable resolved and networkd 2017-07-06 15:12 ` Patrick Ohly @ 2017-07-07 8:10 ` Maxin B. John 0 siblings, 0 replies; 6+ messages in thread From: Maxin B. John @ 2017-07-07 8:10 UTC (permalink / raw) To: Patrick Ohly; +Cc: openembedded-core Hi Patrick, On Thu, Jul 06, 2017 at 05:12:05PM +0200, Patrick Ohly wrote: > On Mon, 2017-06-12 at 18:10 +0300, Maxin B. John wrote: > > Enable systemd-resolved and systemd-networkd by default. > > Make it co-exist with connman and Fix associated problems > > in read-only rootfs. > > > > Fixes [YOCTO #11331] > > Let me come back to this, because I think it is not quite working as > intended yet. > > The goal is that the "right" resolver is chosen via alternative > priorities, right? So during build time, we set /etc/resolv.conf to what > is the desired resolver. Yes. Eventhough for practical reasons, ConnMan's resolver is preferred when we use ConnMan in the image. That is the reason why we have "Conflicts=systemd-resolved.service" in "connman.service.in" > However, there's still a L+ entry for /etc/resolv.conf > in /usr/lib/tmpfiles.d/connman_resolvconf.conf: > > L+ /etc/resolv.conf - - - - /var/run/connman/resolv.conf > As a result, when systemd is used and the rootfs is read/write, then > systemd overwrites /etc/resolv.conf, leading to: > > # ls -l /etc/resolv.conf > lrwxrwxrwx 1 root root 28 Jul 6 14:44 /etc/resolv.conf -> /var/run/connman/resolv.conf > > That happens even if systemd-resolved has a higher priority and should > be used. > > Maxin, do you agree? Can you finish this work and patch the ConnMan > recipe so that it behaves as expected? Looks reasonable to me. Thanks for suggesting this. Will update the recipe. > -- > Best Regards, Patrick Ohly Best Regards, Maxin ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 2/2] connman: correct the systemd boot in read only rootfs 2017-06-12 15:10 [PATCH 0/2] [RFC] fix systemd-resolved and connman boot in read only rootfs Maxin B. John 2017-06-12 15:10 ` [PATCH 1/2] systemd: enable resolved and networkd Maxin B. John @ 2017-06-12 15:10 ` Maxin B. John 2017-11-24 12:03 ` Patrick Ohly 1 sibling, 1 reply; 6+ messages in thread From: Maxin B. John @ 2017-06-12 15:10 UTC (permalink / raw) To: openembedded-core connman fails to start in systemd based read-only images while creating links: Jun 08 12:53:56 qemux86-64 systemd[1]: Starting Create Volatile Files and Directories... Jun 08 12:53:56 qemux86-64 systemd-tmpfiles[366]: [[0;1;31msymlink(/var/run/connman/resolv.conf, /etc/resolv.conf) failed: Read-only file system[[0m Fix this failure and make connman co-exist with systemd-resolved. Signed-off-by: Maxin B. John <maxin.john@intel.com> --- meta/recipes-connectivity/connman/connman.inc | 15 ++++++++++- ...vice-stop-systemd-resolved-when-we-use-co.patch | 29 ++++++++++++++++++++++ meta/recipes-connectivity/connman/connman_1.34.bb | 1 + 3 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch diff --git a/meta/recipes-connectivity/connman/connman.inc b/meta/recipes-connectivity/connman/connman.inc index cc2d469..ab18f2f 100644 --- a/meta/recipes-connectivity/connman/connman.inc +++ b/meta/recipes-connectivity/connman/connman.inc @@ -13,7 +13,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ file://src/main.c;beginline=1;endline=20;md5=486a279a6ab0c8d152bcda3a5b5edc36" -inherit autotools pkgconfig systemd update-rc.d bluetooth +inherit autotools pkgconfig systemd update-rc.d bluetooth update-alternatives DEPENDS = "dbus glib-2.0 ppp readline" @@ -69,6 +69,11 @@ SYSTEMD_SERVICE_${PN} = "connman.service" SYSTEMD_SERVICE_${PN}-vpn = "connman-vpn.service" SYSTEMD_SERVICE_${PN}-wait-online = "connman-wait-online.service" +ALTERNATIVE_PRIORITY = "100" +ALTERNATIVE_${PN} ="resolv-conf" +ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.connman" +ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" + do_install_append() { if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then install -d ${D}${sysconfdir}/init.d @@ -89,6 +94,14 @@ do_install_append() { # Automake 1.12 won't install empty directories, but we need the # plugins directory to be present for ownership mkdir -p ${D}${libdir}/connman/plugins + + # For read-only filesystem, do not create links during bootup + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + if ${@bb.utils.contains('IMAGE_FEATURES','read-only-rootfs','true','false',d)}; then + echo "d /var/run/connman - - - -" > ${D}${sysconfdir}/tmpfiles.d/connman_resolvconf.conf + fi + ln -sf ../run/connman/resolv.conf ${D}${sysconfdir}/resolv-conf.connman + fi } # These used to be plugins, but now they are core diff --git a/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch b/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch new file mode 100644 index 0000000..8e2e0bd --- /dev/null +++ b/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch @@ -0,0 +1,29 @@ +From 9f70b94ebf18f52c115634642652830fa77f27a1 Mon Sep 17 00:00:00 2001 +From: "Maxin B. John" <maxin.john@intel.com> +Date: Mon, 12 Jun 2017 16:52:39 +0300 +Subject: [PATCH] connman.service: stop systemd-resolved when we use connman + +Stop systemd-resolved service when we use connman as network manager. + +Upstream-Status: Inappropriate [configuration] + +Signed-off-by: Maxin B. John <maxin.john@intel.com> +--- + src/connman.service.in | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/connman.service.in b/src/connman.service.in +index 9f5c10f..dab48bc 100644 +--- a/src/connman.service.in ++++ b/src/connman.service.in +@@ -6,6 +6,7 @@ RequiresMountsFor=@localstatedir@/lib/connman + After=dbus.service network-pre.target systemd-sysusers.service + Before=network.target multi-user.target shutdown.target + Wants=network.target ++Conflicts=systemd-resolved.service + + [Service] + Type=dbus +-- +2.4.0 + diff --git a/meta/recipes-connectivity/connman/connman_1.34.bb b/meta/recipes-connectivity/connman/connman_1.34.bb index 5d0f242..d520568 100644 --- a/meta/recipes-connectivity/connman/connman_1.34.bb +++ b/meta/recipes-connectivity/connman/connman_1.34.bb @@ -3,6 +3,7 @@ require connman.inc SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \ file://0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch \ + file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ file://connman \ file://no-version-scripts.patch \ file://includes.patch \ -- 2.4.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 2/2] connman: correct the systemd boot in read only rootfs 2017-06-12 15:10 ` [PATCH 2/2] connman: correct the systemd boot in read only rootfs Maxin B. John @ 2017-11-24 12:03 ` Patrick Ohly 0 siblings, 0 replies; 6+ messages in thread From: Patrick Ohly @ 2017-11-24 12:03 UTC (permalink / raw) To: Maxin B. John, openembedded-core On Mon, 2017-06-12 at 18:10 +0300, Maxin B. John wrote: > connman fails to start in systemd based read-only images while > creating links: > > Jun 08 12:53:56 qemux86-64 systemd[1]: Starting Create Volatile Files > and Directories... > Jun 08 12:53:56 qemux86-64 systemd-tmpfiles[366]: > [[0;1;31msymlink(/var/run/connman/resolv.conf, /etc/resolv.conf) > failed: > Read-only file system[[0m > > Fix this failure and make connman co-exist with systemd-resolved. > > Signed-off-by: Maxin B. John <maxin.john@intel.com> > --- > meta/recipes-connectivity/connman/connman.inc | 15 ++++++++++- > ...vice-stop-systemd-resolved-when-we-use-co.patch | 29 > ++++++++++++++++++++++ > meta/recipes-connectivity/connman/connman_1.34.bb | 1 + > 3 files changed, 44 insertions(+), 1 deletion(-) > create mode 100644 meta/recipes-connectivity/connman/connman/0001- > connman.service-stop-systemd-resolved-when-we-use-co.patch > > diff --git a/meta/recipes-connectivity/connman/connman.inc > b/meta/recipes-connectivity/connman/connman.inc > index cc2d469..ab18f2f 100644 > --- a/meta/recipes-connectivity/connman/connman.inc > +++ b/meta/recipes-connectivity/connman/connman.inc > @@ -13,7 +13,7 @@ LICENSE = "GPLv2" > LIC_FILES_CHKSUM = > "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ > file://src/main.c;beginline=1;endline=20;md5=486 > a279a6ab0c8d152bcda3a5b5edc36" > > -inherit autotools pkgconfig systemd update-rc.d bluetooth > +inherit autotools pkgconfig systemd update-rc.d bluetooth update- > alternatives > > DEPENDS = "dbus glib-2.0 ppp readline" > > @@ -69,6 +69,11 @@ SYSTEMD_SERVICE_${PN} = "connman.service" > SYSTEMD_SERVICE_${PN}-vpn = "connman-vpn.service" > SYSTEMD_SERVICE_${PN}-wait-online = "connman-wait-online.service" > > +ALTERNATIVE_PRIORITY = "100" > +ALTERNATIVE_${PN} ="resolv-conf" > +ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv- > conf.connman" > +ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" > + > do_install_append() { > if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true', > 'false',d)}; then > install -d ${D}${sysconfdir}/init.d > @@ -89,6 +94,14 @@ do_install_append() { > # Automake 1.12 won't install empty directories, but we need > the > # plugins directory to be present for ownership > mkdir -p ${D}${libdir}/connman/plugins > + > + # For read-only filesystem, do not create links during bootup > + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','fals > e',d)}; then > + if ${@bb.utils.contains('IMAGE_FEATURES','re > ad-only-rootfs','true','false',d)}; then > + echo "d /var/run/connman - - - -" > > ${D}${sysconfdir}/tmpfiles.d/connman_resolvconf.conf > + fi > + ln -sf ../run/connman/resolv.conf ${D}${sysconfdir}/resolv- > conf.connman > + fi > } This check for 'IMAGE_FEATURES' is bogus: that's a per-image recipe variable, which can't be assumed to be set consistently for all images in the base configuration and therefore the connman recipe can't depend on it. The effect is that the tmpfiles.d entry doesn't get created when setting IMAGE_FEATURES only for some images. It still works for me (refkit, based on OE-core Rocko at the moment). Something has created /var/run/connman (perhaps connman itself?) and the resolv.conf inside it, so /etc/resolv.conf -> /etc/resolv- conf.connman -> ../run/connman/resolv.conf = /run/connman/resolv.conf exists. But the bogus lines should be removed nonetheless, because it causes the connman recipe to depend on IMAGE_FEATURES. -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-11-24 12:03 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2017-06-12 15:10 [PATCH 0/2] [RFC] fix systemd-resolved and connman boot in read only rootfs Maxin B. John 2017-06-12 15:10 ` [PATCH 1/2] systemd: enable resolved and networkd Maxin B. John 2017-07-06 15:12 ` Patrick Ohly 2017-07-07 8:10 ` Maxin B. John 2017-06-12 15:10 ` [PATCH 2/2] connman: correct the systemd boot in read only rootfs Maxin B. John 2017-11-24 12:03 ` Patrick Ohly
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox