* [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems
@ 2014-07-28 5:34 Chen Qi
2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Chen Qi @ 2014-07-28 5:34 UTC (permalink / raw)
To: openembedded-core; +Cc: clarson
This patchset mainly comes from https://github.com/MentorEmbedded/meta-ro-rootfs with only a little
modification.
//Chen Qi
The following changes since commit 3f7fcbc167c13bdaa6c12a81c7851530d72f02e0:
directfb-examples: Fix building with new autoconf (2014-07-27 08:30:13 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib ChenQi/systemd_readonly
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=ChenQi/systemd_readonly
Chen Qi (3):
volatile-binds: add recipe
systemd: add volatile-binds to RDEPENDS
image.bbclass: tweak read_only_rootfs_hook to also support systemd
based systems
meta/classes/image.bbclass | 5 +-
meta/recipes-core/systemd/systemd_213.bb | 1 +
meta/recipes-core/volatile-binds/files/COPYING.MIT | 17 +++++
.../volatile-binds/files/mount-copybind | 34 +++++++++
.../volatile-binds/files/volatile-binds.service.in | 19 +++++
meta/recipes-core/volatile-binds/volatile-binds.bb | 74 ++++++++++++++++++++
6 files changed, 148 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-core/volatile-binds/files/COPYING.MIT
create mode 100755 meta/recipes-core/volatile-binds/files/mount-copybind
create mode 100644 meta/recipes-core/volatile-binds/files/volatile-binds.service.in
create mode 100644 meta/recipes-core/volatile-binds/volatile-binds.bb
--
1.7.9.5
^ permalink raw reply [flat|nested] 9+ messages in thread* [PATCH 1/3] volatile-binds: add recipe 2014-07-28 5:34 [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems Chen Qi @ 2014-07-28 5:34 ` Chen Qi 2014-07-28 13:00 ` Burton, Ross 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi 2014-07-28 5:34 ` [PATCH 3/3] image.bbclass: tweak read_only_rootfs_hook to also support systemd based systems Chen Qi 2 siblings, 1 reply; 9+ messages in thread From: Chen Qi @ 2014-07-28 5:34 UTC (permalink / raw) To: openembedded-core; +Cc: clarson --- meta/recipes-core/volatile-binds/files/COPYING.MIT | 17 +++++ .../volatile-binds/files/mount-copybind | 34 +++++++++ .../volatile-binds/files/volatile-binds.service.in | 19 +++++ meta/recipes-core/volatile-binds/volatile-binds.bb | 74 ++++++++++++++++++++ 4 files changed, 144 insertions(+) create mode 100644 meta/recipes-core/volatile-binds/files/COPYING.MIT create mode 100755 meta/recipes-core/volatile-binds/files/mount-copybind create mode 100644 meta/recipes-core/volatile-binds/files/volatile-binds.service.in create mode 100644 meta/recipes-core/volatile-binds/volatile-binds.bb diff --git a/meta/recipes-core/volatile-binds/files/COPYING.MIT b/meta/recipes-core/volatile-binds/files/COPYING.MIT new file mode 100644 index 0000000..7e7d574 --- /dev/null +++ b/meta/recipes-core/volatile-binds/files/COPYING.MIT @@ -0,0 +1,17 @@ +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR +THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/meta/recipes-core/volatile-binds/files/mount-copybind b/meta/recipes-core/volatile-binds/files/mount-copybind new file mode 100755 index 0000000..2aeaf84 --- /dev/null +++ b/meta/recipes-core/volatile-binds/files/mount-copybind @@ -0,0 +1,34 @@ +#!/bin/sh +# +# Perform a bind mount, copying existing files as we do so to ensure the +# overlaid path has the necessary content. + +if [ $# -lt 2 ]; then + echo >&2 "Usage: $0 spec mountpoint [OPTIONS]" + exit 1 +fi + +spec=$1 +mountpoint=$2 + +if [ $# -gt 2 ]; then + options=$3 +else + options= +fi + +[ -n "$options" ] && options=",$options" + +mkdir -p "${spec%/*}" +if [ -d "$mountpoint" ]; then + if [ ! -d "$spec" ]; then + mkdir "$spec" + cp -pPR "$mountpoint"/. "$spec/" + fi +elif [ -f "$mountpoint" ]; then + if [ ! -f "$spec" ]; then + cp -pP "$mountpoint" "$spec" + fi +fi + +mount -o "bind$options" "$spec" "$mountpoint" diff --git a/meta/recipes-core/volatile-binds/files/volatile-binds.service.in b/meta/recipes-core/volatile-binds/files/volatile-binds.service.in new file mode 100644 index 0000000..32be5b4 --- /dev/null +++ b/meta/recipes-core/volatile-binds/files/volatile-binds.service.in @@ -0,0 +1,19 @@ +[Unit] +Description=Bind mount volatile @where@ +DefaultDependencies=false +Before=local-fs.target +RequiresMountsFor=@whatparent@ @whereparent@ +ConditionPathIsReadWrite=@whatparent@ +ConditionPathExists=@where@ +ConditionPathIsReadWrite=!@where@ + +[Service] +Type=oneshot +RemainAfterExit=Yes +StandardOutput=syslog +TimeoutSec=0 +ExecStart=/sbin/mount-copybind @what@ @where@ +ExecStop=/sbin/umount @where@ + +[Install] +WantedBy=local-fs.target diff --git a/meta/recipes-core/volatile-binds/volatile-binds.bb b/meta/recipes-core/volatile-binds/volatile-binds.bb new file mode 100644 index 0000000..7d6bf32 --- /dev/null +++ b/meta/recipes-core/volatile-binds/volatile-binds.bb @@ -0,0 +1,74 @@ +SUMMARY = "Volatile bind mount setup and configuration for read-only-rootfs" +DESCRIPTION = "${SUMMARY}" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://../COPYING.MIT;md5=5750f3aa4ea2b00c2bf21b2b2a7b714d" + +SRC_URI = "\ + file://mount-copybind \ + file://COPYING.MIT \ + file://volatile-binds.service.in \ +" + +inherit allarch systemd + +VOLATILE_BINDS ?= "\ + /var/volatile/lib /var/lib\n\ +" +VOLATILE_BINDS[type] = "list" +VOLATILE_BINDS[separator] = "\n" + +def volatile_systemd_services(d): + services = [] + for line in oe.data.typed_value("VOLATILE_BINDS", d): + if not line: + continue + what, where = line.split(None, 1) + services.append("%s.service" % what[1:].replace("/", "-")) + return " ".join(services) + +SYSTEMD_SERVICE_volatile-binds = "${@volatile_systemd_services(d)}" + +FILES_${PN} += "${systemd_unitdir}/system/*.service" + +do_compile () { + while read spec mountpoint; do + if [ -z "$spec" ]; then + continue + fi + + servicefile="${spec#/}" + servicefile="$(echo "$servicefile" | tr / -).service" + sed -e "s#@what@#$spec#g; s#@where@#$mountpoint#g" \ + -e "s#@whatparent@#${spec%/*}#g; s#@whereparent@#${mountpoint%/*}#g" \ + volatile-binds.service.in >$servicefile + done <<END +${@d.getVar('VOLATILE_BINDS', True).replace("\\n", "\n")} +END + + if [ -e var-volatile-lib.service ]; then + # As the seed is stored under /var/lib, ensure that this service runs + # after the volatile /var/lib is mounted. + sed -i -e "/^Before=/s/\$/ systemd-random-seed.service/" \ + -e "/^WantedBy=/s/\$/ systemd-random-seed.service/" \ + var-volatile-lib.service + fi +} +do_compile[dirs] = "${WORKDIR}" + +do_install () { + install -d ${D}${base_sbindir} + install -m 0755 mount-copybind ${D}${base_sbindir}/ + + install -d ${D}${systemd_unitdir}/system + for service in ${SYSTEMD_SERVICE_volatile-binds}; do + install -m 0644 $service ${D}${systemd_unitdir}/system/ + done +} +do_install[dirs] = "${WORKDIR}" + +# This package is only for systemd based systems. So building it with 'systemd' +# missing in DISTRO_FEATURES makes no sense. +python () { + if not bb.utils.contains ('DISTRO_FEATURES', 'systemd', True, False, d): + raise bb.parse.SkipPackage("'systemd' not in DISTRO_FEATURES") +} -- 1.7.9.5 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 1/3] volatile-binds: add recipe 2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi @ 2014-07-28 13:00 ` Burton, Ross 2014-07-29 2:06 ` ChenQi 0 siblings, 1 reply; 9+ messages in thread From: Burton, Ross @ 2014-07-28 13:00 UTC (permalink / raw) To: Chen Qi; +Cc: Chris Larson, OE-core On 28 July 2014 06:34, Chen Qi <Qi.Chen@windriver.com> wrote: > +# This package is only for systemd based systems. So building it with 'systemd' > +# missing in DISTRO_FEATURES makes no sense. > +python () { > + if not bb.utils.contains ('DISTRO_FEATURES', 'systemd', True, False, d): > + raise bb.parse.SkipPackage("'systemd' not in DISTRO_FEATURES") > +} There's a class to help with this: distro_features_check.bbclass. Ross ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/3] volatile-binds: add recipe 2014-07-28 13:00 ` Burton, Ross @ 2014-07-29 2:06 ` ChenQi 0 siblings, 0 replies; 9+ messages in thread From: ChenQi @ 2014-07-29 2:06 UTC (permalink / raw) To: Burton, Ross; +Cc: Chris Larson, OE-core On 07/28/2014 09:00 PM, Burton, Ross wrote: > On 28 July 2014 06:34, Chen Qi <Qi.Chen@windriver.com> wrote: >> +# This package is only for systemd based systems. So building it with 'systemd' >> +# missing in DISTRO_FEATURES makes no sense. >> +python () { >> + if not bb.utils.contains ('DISTRO_FEATURES', 'systemd', True, False, d): >> + raise bb.parse.SkipPackage("'systemd' not in DISTRO_FEATURES") >> +} > There's a class to help with this: distro_features_check.bbclass. > > Ross > > Got it. I'll send out a V2. Thanks! //Chen Qi ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 2/3] systemd: add volatile-binds to RDEPENDS 2014-07-28 5:34 [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems Chen Qi 2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi @ 2014-07-28 5:34 ` Chen Qi 2014-07-28 13:21 ` Richard Purdie 2014-08-20 6:45 ` Koen Kooi 2014-07-28 5:34 ` [PATCH 3/3] image.bbclass: tweak read_only_rootfs_hook to also support systemd based systems Chen Qi 2 siblings, 2 replies; 9+ messages in thread From: Chen Qi @ 2014-07-28 5:34 UTC (permalink / raw) To: openembedded-core; +Cc: clarson --- meta/recipes-core/systemd/systemd_213.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-core/systemd/systemd_213.bb b/meta/recipes-core/systemd/systemd_213.bb index 5de7cdc..4fb7ffc 100644 --- a/meta/recipes-core/systemd/systemd_213.bb +++ b/meta/recipes-core/systemd/systemd_213.bb @@ -243,6 +243,7 @@ FILES_${PN}-dbg += "${rootlibdir}/.debug ${systemd_unitdir}/.debug ${systemd_uni FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV})" +RDEPENDS_${PN} += "volatile-binds" RRECOMMENDS_${PN} += "systemd-serialgetty systemd-compat-units udev-hwdb\ util-linux-agetty \ -- 1.7.9.5 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 2/3] systemd: add volatile-binds to RDEPENDS 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi @ 2014-07-28 13:21 ` Richard Purdie 2014-07-29 2:05 ` ChenQi 2014-08-20 6:45 ` Koen Kooi 1 sibling, 1 reply; 9+ messages in thread From: Richard Purdie @ 2014-07-28 13:21 UTC (permalink / raw) To: Chen Qi; +Cc: clarson, openembedded-core On Mon, 2014-07-28 at 13:34 +0800, Chen Qi wrote: > --- > meta/recipes-core/systemd/systemd_213.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-core/systemd/systemd_213.bb b/meta/recipes-core/systemd/systemd_213.bb > index 5de7cdc..4fb7ffc 100644 > --- a/meta/recipes-core/systemd/systemd_213.bb > +++ b/meta/recipes-core/systemd/systemd_213.bb > @@ -243,6 +243,7 @@ FILES_${PN}-dbg += "${rootlibdir}/.debug ${systemd_unitdir}/.debug ${systemd_uni > FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" > > RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV})" > +RDEPENDS_${PN} += "volatile-binds" > > RRECOMMENDS_${PN} += "systemd-serialgetty systemd-compat-units udev-hwdb\ > util-linux-agetty \ Do we always need/want to include this? Does this have any implications for rw systems? I couldn't immediately see how this triggers on a ro system... Cheers, Richard ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 2/3] systemd: add volatile-binds to RDEPENDS 2014-07-28 13:21 ` Richard Purdie @ 2014-07-29 2:05 ` ChenQi 0 siblings, 0 replies; 9+ messages in thread From: ChenQi @ 2014-07-29 2:05 UTC (permalink / raw) To: Richard Purdie; +Cc: clarson, openembedded-core On 07/28/2014 09:21 PM, Richard Purdie wrote: > On Mon, 2014-07-28 at 13:34 +0800, Chen Qi wrote: >> --- >> meta/recipes-core/systemd/systemd_213.bb | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/meta/recipes-core/systemd/systemd_213.bb b/meta/recipes-core/systemd/systemd_213.bb >> index 5de7cdc..4fb7ffc 100644 >> --- a/meta/recipes-core/systemd/systemd_213.bb >> +++ b/meta/recipes-core/systemd/systemd_213.bb >> @@ -243,6 +243,7 @@ FILES_${PN}-dbg += "${rootlibdir}/.debug ${systemd_unitdir}/.debug ${systemd_uni >> FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" >> >> RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV})" >> +RDEPENDS_${PN} += "volatile-binds" >> >> RRECOMMENDS_${PN} += "systemd-serialgetty systemd-compat-units udev-hwdb\ >> util-linux-agetty \ > Do we always need/want to include this? Does this have any implications > for rw systems? I couldn't immediately see how this triggers on a ro > system... > > Cheers, > > Richard > > > Hi Richard, Take var-lib-volatile.service as an example. In the service file, we have: ConditionPathIsReadWrite=!/var/lib So if /var/lib is rw, the service is not started. On a ro system, /var/lib is read-only, and the service is started. I just realized that I didn't put comments in these patches. I'll send out a V2. Best Regards, Chen Qi ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 2/3] systemd: add volatile-binds to RDEPENDS 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi 2014-07-28 13:21 ` Richard Purdie @ 2014-08-20 6:45 ` Koen Kooi 1 sibling, 0 replies; 9+ messages in thread From: Koen Kooi @ 2014-08-20 6:45 UTC (permalink / raw) To: Chen Qi; +Cc: clarson, openembedded-core Op 28 jul. 2014, om 07:34 heeft Chen Qi <Qi.Chen@windriver.com> het volgende geschreven: > --- > meta/recipes-core/systemd/systemd_213.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-core/systemd/systemd_213.bb b/meta/recipes-core/systemd/systemd_213.bb > index 5de7cdc..4fb7ffc 100644 > --- a/meta/recipes-core/systemd/systemd_213.bb > +++ b/meta/recipes-core/systemd/systemd_213.bb > @@ -243,6 +243,7 @@ FILES_${PN}-dbg += "${rootlibdir}/.debug ${systemd_unitdir}/.debug ${systemd_uni > FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" > > RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV})" > +RDEPENDS_${PN} += "volatile-binds" I'm seeing more and more patches using this pattern and I'm wondering why. The above is only adding more bitbake overhead, why can't you just write it as: RDEPENDS_${PN} += "kmod dbus util-linux-mount udev (= ${EXTENDPKGV}) \ volatile-binds" ? ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 3/3] image.bbclass: tweak read_only_rootfs_hook to also support systemd based systems 2014-07-28 5:34 [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems Chen Qi 2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi @ 2014-07-28 5:34 ` Chen Qi 2 siblings, 0 replies; 9+ messages in thread From: Chen Qi @ 2014-07-28 5:34 UTC (permalink / raw) To: openembedded-core; +Cc: clarson --- meta/classes/image.bbclass | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index da13bb8..82605f2 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -199,9 +199,10 @@ do_rootfs[umask] = "022" # A hook function to support read-only-rootfs IMAGE_FEATURES # Currently, it only supports sysvinit system. read_only_rootfs_hook () { + # Tweak the mount option and fs_passno for rootfs in fstab + sed -i -e '/^[#[:space:]]*\/dev\/root/{s/defaults/ro/;s/\([[:space:]]*[[:digit:]]\)\([[:space:]]*\)[[:digit:]]$/\1\20/}' ${IMAGE_ROOTFS}/etc/fstab + if ${@bb.utils.contains("DISTRO_FEATURES", "sysvinit", "true", "false", d)}; then - # Tweak the mount option and fs_passno for rootfs in fstab - sed -i -e '/^[#[:space:]]*\/dev\/root/{s/defaults/ro/;s/\([[:space:]]*[[:digit:]]\)\([[:space:]]*\)[[:digit:]]$/\1\20/}' ${IMAGE_ROOTFS}/etc/fstab # Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes if [ -e ${IMAGE_ROOTFS}/etc/default/rcS ]; then sed -i 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' ${IMAGE_ROOTFS}/etc/default/rcS -- 1.7.9.5 ^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2014-08-20 6:45 UTC | newest] Thread overview: 9+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2014-07-28 5:34 [PATCH 0/3] Support 'read-only-rootfs' IMAGE_FEATURES for systemd based systems Chen Qi 2014-07-28 5:34 ` [PATCH 1/3] volatile-binds: add recipe Chen Qi 2014-07-28 13:00 ` Burton, Ross 2014-07-29 2:06 ` ChenQi 2014-07-28 5:34 ` [PATCH 2/3] systemd: add volatile-binds to RDEPENDS Chen Qi 2014-07-28 13:21 ` Richard Purdie 2014-07-29 2:05 ` ChenQi 2014-08-20 6:45 ` Koen Kooi 2014-07-28 5:34 ` [PATCH 3/3] image.bbclass: tweak read_only_rootfs_hook to also support systemd based systems Chen Qi
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox