[OE-core][dunfell 7/9] systemd: Fix unwritable /var/lock when no sysvinit handling

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 7/9] systemd: Fix unwritable /var/lock when no sysvinit handling
Date: Tue, 13 Sep 2022 16:25:17 -1000	[thread overview]
Message-ID: <b8aa4d53b636bec55ad0ff4de764222662647859.1663122098.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1663122098.git.steve@sakoman.com>

From: "niko.mauno@vaisala.com" <niko.mauno@vaisala.com>

Commit 8089cefed8e83c0348037768c292058f1bcbbbe5 ("systemd: Add
PACKAGECONFIG for sysvinit") decoupled enabling of systemd's sysvinit
handling behavior behind a distinct PACKAGECONFIG feature.

This new option affects among other things the installing of
tmpfiles.d/legacy.conf, which is responsible for creating /run/lock
directory, which is pointed to by /var/lock symlink provided by
base-files package.

In case the option is not enabled, then base-files provided /var/lock
is a dangling symlink on resulting rootfs, causing problems with
certain Linux userspace components that rely on existence of writable
/var/lock directory. As an example:

  # fw_printenv
  Error opening lock file /var/lock/fw_printenv.lock

Since Filesystem Hierarchy Standard Version 3.0 states in
https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s09.html that

  Lock files should be stored within the /var/lock directory structure.

Ensure the /run/lock directory is always created, so that lock files
can be stored under /var/lock also when 'sysvinit' handling is
disabled.

(From OE-Core rev: 85e5ee2c35cf5778c3aefda45f526e8f6a511131)

Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-core/systemd/systemd/00-create-volatile.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-core/systemd/systemd/00-create-volatile.conf b/meta/recipes-core/systemd/systemd/00-create-volatile.conf
index 87cbe1e7d3..c4277221a2 100644
--- a/meta/recipes-core/systemd/systemd/00-create-volatile.conf
+++ b/meta/recipes-core/systemd/systemd/00-create-volatile.conf
@@ -3,5 +3,6 @@
 # inside /var/log.

+d		/run/lock		1777	-	-	-
 d		/var/volatile/log		-	-	-	-
 d		/var/volatile/tmp		1777	-	-
-- 
2.25.1

next prev parent reply	other threads:[~2022-09-14  2:26 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-14  2:25 [OE-core][dunfell 0/9] Patch review Steve Sakoman
2022-09-14  2:25 ` [OE-core][dunfell 1/9] python3: Fix CVE-2021-28861 for python3 Steve Sakoman
2022-09-14  2:25 ` [OE-core][dunfell 2/9] tiff: Fix for CVE-2022-2867/8/9 Steve Sakoman
2022-09-14  2:25 ` [OE-core][dunfell 3/9] tiff: Security fixes CVE-2022-1354 and CVE-2022-1355 Steve Sakoman
2022-09-14  2:25 ` [OE-core][dunfell 4/9] connman: fix CVE-2022-32292 Steve Sakoman
2022-09-14  2:25 ` [OE-core][dunfell 5/9] gnutls: fix CVE-2021-4209 Steve Sakoman
2022-09-14  2:25 ` [OE-core][dunfell 6/9] virglrenderer: fix CVE-2022-0135 Steve Sakoman
2022-09-14  2:25 ` Steve Sakoman [this message]
2022-09-14  2:25 ` [OE-core][dunfell 8/9] systemd: Add 'no-dns-fallback' PACKAGECONFIG option Steve Sakoman
2022-09-14  2:25 ` [OE-core][dunfell 9/9] binutils : CVE-2022-38533 Steve Sakoman

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:87cbe1e7d dfblob:c4277221a )
 OR (
bs:"[OE-core][dunfell 7/9] systemd: Fix unwritable /var/lock when no sysvinit handling" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b8aa4d53b636bec55ad0ff4de764222662647859.1663122098.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox