[PATCH V6 0/6] read-only rootfs support

[PATCH V6 0/6] read-only rootfs support

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

The series of patches add support to read-only rootfs.

The main idea is to use symbolic links to create the illuion that some
directories are writable in case of a read-only rootfs.

This set of patches have been tested on minimal images with and without
'read-only-rootfs' image feature enabled. Everything is OK.

For sato images, everything is the same as before if 'read-only-rootfs' is not enabled.
With 'read-only-rootfs' enabled, sato image could work if graphic interface is diabled.
When all postinstall problems are resolved, sato image should work well (maybe with some
small changes in volatiles-readonly-sato conf file).

Changes for Version 4:
1) Improve the commit messages to be clearer.
2) Use 'sed -i' to replace 'sed' and 'mv' operations to cut down the exec overhead.

Changes for Version 5:
Fix the problem of failing to build the live images

Changes for Version 6:
1) Let the image recipes provide the corresponding conf files for read-only rootfs.
   The config files are closely related to the image types, so it's more reasonable
   to let these image recipes provide the config files.
2) Support customized conf files for customized images.


The following changes since commit 4a36a32567ecfbc7ce7b967803e6e23314953ef5:

  libpng: fix packaging (2012-12-26 11:34:09 +0000)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib ChenQi/readonly-rootfs
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=ChenQi/readonly-rootfs

Chen Qi (6):
  sysvinit: add ROOTFS_READ_ONLY variable to rcS-default
  image.bbclass: add two funtions to support readonly rootfs
  core-image.bbclass: support read-only rootfs
  initscripts: support read-only rootfs
  core-image-minimal: support read-only rootfs
  core-image-sato: support read-only rootfs

 meta/classes/core-image.bbclass                    |    5 +-
 meta/classes/image.bbclass                         |   29 +-
 meta/recipes-core/images/core-image-minimal.bb     |   10 +
 .../images/files/volatiles-readonly-minimal        |    8 +
 .../initscripts/initscripts-1.0/bootmisc.sh        |    9 +-
 .../initscripts-1.0/populate-volatile.sh           |  281 ++++++++++----------
 .../initscripts/initscripts-1.0/volatiles          |    1 +
 meta/recipes-core/initscripts/initscripts_1.0.bb   |    5 +-
 meta/recipes-core/sysvinit/sysvinit/rcS-default    |    4 +
 meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb     |    2 +-
 meta/recipes-sato/images/core-image-sato.bb        |    8 +
 .../images/files/volatiles-readonly-sato           |   14 +
 12 files changed, 215 insertions(+), 161 deletions(-)
 create mode 100644 meta/recipes-core/images/files/volatiles-readonly-minimal
 create mode 100644 meta/recipes-sato/images/files/volatiles-readonly-sato

-- 
1.7.9.5

[PATCH V6 1/6] sysvinit: add ROOTFS_READ_ONLY variable to rcS-default

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

This variable indicates whether the rootfs is intended to be read-only
or not. Changing this value from 'no' to 'yes' on a currently running
system with read-write rootfs and rebooting will give the user a working
system with read-only rootfs.

However, it is not suggested to change its value. Normally, if a read-only
rootfs is required, we should build an image with 'read-only-rootfs' image
feature.

[YOCTO #3406]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 meta/recipes-core/sysvinit/sysvinit/rcS-default |    4 ++++
 meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb  |    2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-core/sysvinit/sysvinit/rcS-default b/meta/recipes-core/sysvinit/sysvinit/rcS-default
index 3c9dea9..709cdf6 100644
--- a/meta/recipes-core/sysvinit/sysvinit/rcS-default
+++ b/meta/recipes-core/sysvinit/sysvinit/rcS-default
@@ -23,3 +23,7 @@ FSCKFIX=yes
 #TICKADJ=10000
 # Enable caching in populate-volatile.sh
 VOLATILE_ENABLE_CACHE=yes
+# Indicate whether the rootfs is intended to be read-only or not.
+# Setting ROOTFS_READ_ONLY to yes and rebooting will give you a read-only rootfs.
+# Normally you should not change this value.
+ROOTFS_READ_ONLY=no
diff --git a/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb b/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb
index de073b8..bf6a29b 100644
--- a/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb
+++ b/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb
@@ -5,7 +5,7 @@ SECTION = "base"
 LICENSE = "GPLv2+"
 LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe \
                     file://COPYRIGHT;endline=15;md5=349c872e0066155e1818b786938876a4"
-PR = "r9"
+PR = "r10"
 
 RDEPENDS_${PN} = "${PN}-inittab"
 
-- 
1.7.9.5

[PATCH V6 2/6] image.bbclass: add two funtions to support readonly rootfs

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

read_only_rootfs_hook: this funtion is invoked only if 'read-only-rootfs'
is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
volatile.sh script run at rootfs time.

choose_volatile_conf: this function is exported and should be overriden
by the specific image recipe. Config files specific to read-only rootfs
are closely related to the image types. So these config file should be
provided by the corresponding image recipes.
In addition, this function adds support to customized config files for
customized images.

[YOCTO #3406]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 meta/classes/image.bbclass |   29 ++++++++++++++++++++++++-----
 1 file changed, 24 insertions(+), 5 deletions(-)

diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index d3a416d..0cd49f0 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -167,6 +167,7 @@ inherit ${IMAGE_CLASSES}
 IMAGE_POSTPROCESS_COMMAND ?= ""
 MACHINE_POSTPROCESS_COMMAND ?= ""
 ROOTFS_POSTPROCESS_COMMAND_prepend = "run_intercept_scriptlets; "
+ROOTFS_POSTPROCESS_COMMAND_prepend = "choose_volatile_conf; "
 
 # some default locales
 IMAGE_LINGUAS ?= "de-de fr-fr en-gb"
@@ -185,6 +186,11 @@ do_build[nostamp] = "1"
 # task, so that we have a single fakeroot context for the whole process.
 do_rootfs[umask] = "022"
 
+choose_volatile_conf () {
+        # This task should be overriden by the specific image recipe.
+        # It is used to install the correct conf file for volatile storage
+        # handling to support read-only rootfs.
+}
 
 run_intercept_scriptlets () {
 	if [ -d ${WORKDIR}/intercept_scripts ]; then
@@ -396,6 +402,21 @@ zap_root_password () {
 	mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
 } 
 
+# A hook function to support read-only-rootfs IMAGE_FEATURES
+read_only_rootfs_hook () {
+	# Tweak the mount option in fstab
+	sed -i '/rootfs/ s/defaults/ro/' ${IMAGE_ROOTFS}/etc/fstab
+	# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
+	if [ -e ${IMAGE_ROOTFS}/etc/default/rcS ]; then
+		sed -i 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' ${IMAGE_ROOTFS}/etc/default/rcS
+	fi
+	# Run populate-volatile.sh at rootfs time to set up basic files
+	# and directories to support read-only rootfs.
+	if [ -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
+		${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
+	fi
+}
+
 # allow openssh accept login with empty password string
 openssh_allow_empty_password () {
 	if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
@@ -458,11 +479,9 @@ rootfs_trim_schemas () {
 	done
 }
 
-EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs make_zimage_symlink_relative set_image_autologin rootfs_update_timestamp rootfs_no_x_startup
+EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs make_zimage_symlink_relative set_image_autologin rootfs_update_timestamp rootfs_no_x_startup choose_volatile_conf
 
-do_fetch[noexec] = "1"
-do_unpack[noexec] = "1"
-do_patch[noexec] = "1"
+# do_fetch, do_unpack and do_patch are needed to copy conf files to workdir
 do_configure[noexec] = "1"
 do_compile[noexec] = "1"
 do_install[noexec] = "1"
@@ -472,4 +491,4 @@ do_package_write_ipk[noexec] = "1"
 do_package_write_deb[noexec] = "1"
 do_package_write_rpm[noexec] = "1"
 
-addtask rootfs before do_build
+addtask rootfs before do_build after do_patch
-- 
1.7.9.5

[PATCH V6 3/6] core-image.bbclass: support read-only rootfs

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

The hook function is appended to ROOTFS_POSTPROCESS_COMMAND
properly to support the 'read-only-rootfs' image feature.

[YOCTO #3406]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 meta/classes/core-image.bbclass |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass
index 2e67018..ebb9597 100644
--- a/meta/classes/core-image.bbclass
+++ b/meta/classes/core-image.bbclass
@@ -28,6 +28,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3
 # - dev-pkgs            - development packages (headers, etc.) for all installed packages in the rootfs
 # - dbg-pkgs            - debug symbol packages for all installed packages in the rootfs
 # - doc-pkgs            - documentation packages for all installed packages in the rootfs
+# - read-only-rootfs    - tweaks an image to support read-only rootfs
 #
 PACKAGE_GROUP_x11 = "packagegroup-core-x11"
 PACKAGE_GROUP_x11-base = "packagegroup-core-x11-base"
@@ -73,9 +74,9 @@ inherit image
 
 # Create /etc/timestamp during image construction to give a reasonably sane default time setting
 ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; "
-
 # Zap the root password if debug-tweaks feature is not enabled
 ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}'
 # Allow openssh accept empty password login if both debug-tweaks and ssh-server-openssh are enabled
 ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", "openssh_allow_empty_password; ", "",d)}'
-
+# Tweak the mount options for rootfs in /etc/fstab if read-only-rootfs is enabled
+ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "read_only_rootfs_hook; ", "",d)}'
-- 
1.7.9.5

[PATCH V6 4/6] initscripts: support read-only rootfs

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

To support a read-only rootfs, we use symbolic links which point
to volatile storage to create the illusion that some directories
are writable.

Improve populate-volatile.sh script to support read-only rootfs.
Add two default config files specific to read-only-rootfs image.

[YOCTO #3406]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 .../initscripts/initscripts-1.0/bootmisc.sh        |    9 +-
 .../initscripts-1.0/populate-volatile.sh           |  281 ++++++++++----------
 .../initscripts/initscripts-1.0/volatiles          |    1 +
 meta/recipes-core/initscripts/initscripts_1.0.bb   |    5 +-
 4 files changed, 143 insertions(+), 153 deletions(-)

diff --git a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
index 4f76cb4..3b5a47f 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
@@ -54,14 +54,7 @@ fi
 
 #
 # This is as good a place as any for a sanity check
-# /tmp should be a symlink to /var/tmp to cut down on the number
-# of mounted ramdisks.
-if test ! -L /tmp && test -d /var/tmp
-then
-	rm -rf /tmp
-	ln -sf /var/tmp /tmp
-fi
-
+#
 # Set the system clock from hardware clock
 # If the timestamp is more recent than the current time,
 # use the timestamp instead.
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
index d2175d7..2691173 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
@@ -8,192 +8,187 @@
 # Short-Description:  Populate the volatile filesystem
 ### END INIT INFO
 
-. /etc/default/rcS
-
-CFGDIR="/etc/default/volatiles"
-TMPROOT="/var/tmp"
+# Get ROOT_DIR
+DIRNAME=`dirname $0`
+ROOT_DIR=`echo $DIRNAME | sed -ne 's:etc/.*::p'`
+
+. ${ROOT_DIR}/etc/default/rcS
+# When running populat-volatile.sh at rootfs time, disable cache.
+[ "$ROOT_DIR" != "/" ] && VOLATILE_ENABLE_CACHE=no
+# If rootfs is read-only, disable cache.
+[ "$ROOTFS_READ_ONLY" = "yes" ] && VOLATILE_ENABLE_CACHE=no
+# All above statements will be moved to a central place, say var.sh which
+# encapsulates '. /etc/default/rcS'. 
+
+CFGDIR="${ROOT_DIR}/etc/default/volatiles"
+TMPROOT="${ROOT_DIR}/var/volatile/tmp"
 COREDEF="00_core"
+COREDEF_READONLY="00_core_readonly"
 
-[ "${VERBOSE}" != "no" ] && echo "Populating volatile Filesystems."
+[ "${VERBOSE}" != "no" ] && echo "Setting up basic files related to volatile storage under ${ROOT_DIR}."
 
 create_file() {
-	EXEC=" 
-	touch \"$1\"; 
-	chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1; 
-	chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 " 
+	EXEC="
+	touch \"$1\";
+	chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" > /dev/null 2>&1;
+	chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" > /dev/null 2>&1 "
 
 	test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build
 
 	[ -e "$1" ] && {
-	  [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping."
+		[ "${VERBOSE}" != "no" ] && echo "Target $1 already exists. Skipping."
 	} || {
-	  eval $EXEC &
+		if [ "$ROOT_DIR" = "/" ]; then
+			eval $EXEC
+		else
+			# Some operations at rootfs time may fail and should fail,
+		        # but these failures should not be logged.
+			eval $EXEC > /dev/null 2>&1
+		fi
 	}
 }
 
 mk_dir() {
 	EXEC=" 
 	mkdir -p \"$1\"; 
-	chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1; 
-	chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 "
+	chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" 2>&1; 
+	chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" 2>&1 "
 
 	test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build
 	
 	[ -e "$1" ] && {
-	  [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping."
+		[ "${VERBOSE}" != "no" ] && echo "Target ${1} already exists. Skipping."
 	} || {
-	  eval $EXEC
+		if [ "$ROOT_DIR" = "/" ]; then
+			eval $EXEC
+		else
+			# Some operations at rootfs time may fail and should fail,
+                        # but these failures should not be logged.
+			eval $EXEC > /dev/null 2>&1
+		fi
 	}
 }
 
 link_file() {
-	EXEC="test -e \"$2\" -o -L $2 || ln -s \"$1\" \"$2\" >/dev/tty0 2>&1" 
-
-	test "$VOLATILE_ENABLE_CACHE" = yes && echo "	$EXEC" >> /etc/volatile.cache.build
-	
-	[ -e "$2" ] && {
-	  echo "Cannot create link over existing -${TNAME}-." >&2
-	} || {
-	  eval $EXEC &
-	}
+	EXEC="
+	if [ -L \"$2\" ]; then
+		[ \"$(readlink -f \"$2\")\" != \"$(readlink -f \"$1\")\" ] && { rm -f \"$2\"; ln -sf \"$1\" \"$2\"; };
+	elif [ -d \"$2\" ]; then
+		rm -rf \"$2\";
+                ln -sf \"$1\" \"$2\";
+        else
+                ln -sf \"$1\" \"$2\";
+	fi
+        "
+        test "$VOLATILE_ENABLE_CACHE" = yes && echo "   $EXEC" >> /etc/volatile.cache.build
+	if [ "$ROOT_DIR" = "/" ]; then
+		eval $EXEC
+	else
+		# Some operations at rootfs time may fail and should fail,
+                # but these failures should not be logged
+		eval $EXEC > /dev/null 2>&1
+	fi
 }
 
 check_requirements() {
+	cleanup() {
+		rm "${TMP_INTERMED}"
+		rm "${TMP_DEFINED}"
+		rm "${TMP_COMBINED}"
+	}
+	
+	CFGFILE="$1"
+	[ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0
+	# $COREDEF_READONLY conf file should only be applied when rootfs is read-only
+	if [ `basename "${CFGFILE}"` = "${COREDEF_READONLY}" ]; then
+		[ "$ROOTFS_READ_ONLY" = "yes" ] && return 0 || return 1
+	fi
+
+	TMP_INTERMED="${TMPROOT}/tmp.$$"
+	TMP_DEFINED="${TMPROOT}/tmpdefined.$$"
+	TMP_COMBINED="${TMPROOT}/tmpcombined.$$"
+
+	cat ${ROOT_DIR}/etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
+	cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}"
+	cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
+	NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`"
+	NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`"
+
+	[ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && {
+		echo "Undefined users:"
+		diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
+		cleanup
+		return 1
+	}
 
-  cleanup() {
-    rm "${TMP_INTERMED}"
-    rm "${TMP_DEFINED}"
-    rm "${TMP_COMBINED}"
-    }
-    
-  CFGFILE="$1"
-
-  [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0
-
-  TMP_INTERMED="${TMPROOT}/tmp.$$"
-  TMP_DEFINED="${TMPROOT}/tmpdefined.$$"
-  TMP_COMBINED="${TMPROOT}/tmpcombined.$$"
-
-
-  cat /etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
-  cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}"
-  cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
-
-  NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`"
-  NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`"
-
-  [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && {
-    echo "Undefined users:"
-    diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
-    cleanup
-    return 1
-    }
-
-
-  cat /etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
-  cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}"
-  cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
 
-  NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`"
-  NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`"
+	cat ${ROOT_DIR}/etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
+	cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}"
+	cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
 
-  [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && {
-    echo "Undefined groups:"
-    diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
-    cleanup
-    return 1
-    }
+	NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`"
+	NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`"
 
-  # Add checks for required directories here
+	[ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && {
+		echo "Undefined groups:"
+		diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
+		cleanup
+		return 1
+	}
 
-  cleanup
-  return 0
-  }
+	cleanup
+	return 0
+}
 
 apply_cfgfile() {
+	CFGFILE="$1"
+	[ ${VERBOSE} != "no" ] && echo "Applying config file: $CFGFILE"
+	
+	check_requirements "${CFGFILE}" || {
+		echo "Skipping ${CFGFILE}"
+		return 1
+	}
+
+	cat ${CFGFILE} | grep -v "^#" | sed -e '/^$/ d' | \
+		while read LINE; do
+		eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"`
+		TNAME=${ROOT_DIR}/${TNAME}
+		[ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-."
+
+		[ "${TTYPE}" = "l" ] && {
+			TSOURCE="$TLTARGET"
+			[ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-."
+			link_file "${TSOURCE}" "${TNAME}"
+			continue
+		}
+		case "${TTYPE}" in
+			"f")  [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-."
+				create_file "${TNAME}"
+				;;
+			"d")  [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-."
+				mk_dir "${TNAME}"
+				;;
+			*)    [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-."
+				continue
+				;;
+		esac
+	done
+	return 0
+}
 
-  CFGFILE="$1"
-
-  check_requirements "${CFGFILE}" || {
-    echo "Skipping ${CFGFILE}"
-    return 1
-    }
-
-  cat ${CFGFILE} | grep -v "^#" | \
-  while read LINE; do
-
-    eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"`
-
-    [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-."
-
-
-    [ "${TTYPE}" = "l" ] && {
-      TSOURCE="$TLTARGET"
-      [ -L "${TNAME}" ] || {
-        [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-."
-        link_file "${TSOURCE}" "${TNAME}" &
-        }
-      continue
-      }
-
-    [ -L "${TNAME}" ] && {
-      [ "${VERBOSE}" != "no" ] && echo "Found link."
-      NEWNAME=`ls -l "${TNAME}" | sed -e 's/^.*-> \(.*\)$/\1/'`
-      echo ${NEWNAME} | grep -v "^/" >/dev/null && {
-        TNAME="`echo ${TNAME} | sed -e 's@\(.*\)/.*@\1@'`/${NEWNAME}"
-        [ "${VERBOSE}" != "no" ] && echo "Converted relative linktarget to absolute path -${TNAME}-."
-        } || {
-        TNAME="${NEWNAME}"
-        [ "${VERBOSE}" != "no" ] && echo "Using absolute link target -${TNAME}-."
-        }
-      }
-
-    case "${TTYPE}" in
-      "f")  [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-."
-            create_file "${TNAME}" &
-	    ;;
-      "d")  [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-."
-            mk_dir "${TNAME}"
-	    # Add check to see if there's an entry in fstab to mount.
-	    ;;
-      *)    [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-."
-            continue
-	    ;;
-    esac
-
-
-    done
-
-  return 0
-
-  }
-
-clearcache=0
-exec 9</proc/cmdline
-while read line <&9
-do
-	case "$line" in
-		*clearcache*)  clearcache=1
-			       ;;
-		*)	       continue
-			       ;;
-	esac
-done
-exec 9>&-
-
-if test -e /etc/volatile.cache -a "$VOLATILE_ENABLE_CACHE" = "yes" -a "x$1" != "xupdate" -a "x$clearcache" = "x0"
+if test -e ${ROOT_DIR}/etc/volatile.cache -a $VOLATILE_ENABLE_CACHE = yes -a x$1 != xupdate
 then
-	sh /etc/volatile.cache
+	sh ${ROOT_DIR}/etc/volatile.cache
 else	
-	rm -f /etc/volatile.cache /etc/volatile.cache.build
+	rm -f ${ROOT_DRI}/etc/volatile.cache ${ROOT_DIR}/etc/volatile.cache.build
 	for file in `ls -1 "${CFGDIR}" | sort`; do
 		apply_cfgfile "${CFGDIR}/${file}"
 	done
 
-	[ -e /etc/volatile.cache.build ] && sync && mv /etc/volatile.cache.build /etc/volatile.cache
+	[ -e ${ROOT_DIR}/etc/volatile.cache.build ] && sync && mv ${ROOT_DIR}/etc/volatile.cache.build ${ROOT_DIR}/etc/volatile.cache
 fi
 
-if test -f /etc/ld.so.cache -a ! -f /var/run/ld.so.cache
+if [ "${ROOT_DIR}" = "/" ] && [ -f /etc/ld.so.cache ] && [ ! -f /var/run/ld.so.cache ]
 then
 	ln -s /etc/ld.so.cache /var/run/ld.so.cache
 fi
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles b/meta/recipes-core/initscripts/initscripts-1.0/volatiles
index e0741aa..f7e2ef7 100644
--- a/meta/recipes-core/initscripts/initscripts-1.0/volatiles
+++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles
@@ -31,6 +31,7 @@ l root root 1777 /var/lock /var/volatile/lock
 l root root 0755 /var/log /var/volatile/log
 l root root 0755 /var/run /var/volatile/run
 l root root 1777 /var/tmp /var/volatile/tmp
+l root root 1777 /tmp /var/tmp
 d root root 0755 /var/lock/subsys none
 f root root 0664 /var/log/wtmp none
 f root root 0664 /var/run/utmp none
diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb
index 39be9a8..3c4e9ee 100644
--- a/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -3,7 +3,7 @@ DESCRIPTION = "Initscripts provide the basic system startup initialization scrip
 SECTION = "base"
 LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
-PR = "r138"
+PR = "r139"
 
 INHIBIT_DEFAULT_DEPS = "1"
 
@@ -31,7 +31,7 @@ SRC_URI = "file://functions \
            file://populate-volatile.sh \
            file://volatiles \
            file://save-rtc.sh \
-	   file://GPLv2.patch"
+           file://GPLv2.patch"
 
 SRC_URI_append_arm = " file://alignment.sh"
 
@@ -86,6 +86,7 @@ do_install () {
 	install -m 0755    ${WORKDIR}/populate-volatile.sh ${D}${sysconfdir}/init.d
 	install -m 0755    ${WORKDIR}/save-rtc.sh	${D}${sysconfdir}/init.d
 	install -m 0644    ${WORKDIR}/volatiles		${D}${sysconfdir}/default/volatiles/00_core
+
 	if [ "${TARGET_ARCH}" = "arm" ]; then
 		install -m 0755 ${WORKDIR}/alignment.sh	${D}${sysconfdir}/init.d
 	fi
-- 
1.7.9.5

[PATCH V6 5/6] core-image-minimal: support read-only rootfs

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

Support read-only rootfs by providing a specific conf file for volatile storage.

[YOCTO #3406]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 meta/recipes-core/images/core-image-minimal.bb     |   10 ++++++++++
 .../images/files/volatiles-readonly-minimal        |    8 ++++++++
 2 files changed, 18 insertions(+)
 create mode 100644 meta/recipes-core/images/files/volatiles-readonly-minimal

diff --git a/meta/recipes-core/images/core-image-minimal.bb b/meta/recipes-core/images/core-image-minimal.bb
index 0d2613e..2e8d2ff 100644
--- a/meta/recipes-core/images/core-image-minimal.bb
+++ b/meta/recipes-core/images/core-image-minimal.bb
@@ -6,9 +6,19 @@ IMAGE_LINGUAS = " "
 
 LICENSE = "MIT"
 
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+SRC_URI += "file://volatiles-readonly-minimal"
+
 inherit core-image
 
 IMAGE_ROOTFS_SIZE = "8192"
 
 # remove not needed ipkg informations
 ROOTFS_POSTPROCESS_COMMAND += "remove_packaging_data_files ; "
+
+# install read-only rootfs specific conf file for minimal image
+choose_volatile_conf () {
+	cp ${WORKDIR}/volatiles-readonly-minimal \
+		${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
+}
diff --git a/meta/recipes-core/images/files/volatiles-readonly-minimal b/meta/recipes-core/images/files/volatiles-readonly-minimal
new file mode 100644
index 0000000..b7146a2
--- /dev/null
+++ b/meta/recipes-core/images/files/volatiles-readonly-minimal
@@ -0,0 +1,8 @@
+# This configuration file lists filesystem objects specific to minimal image
+# with read-only rootfs.
+# This configuration file will only be applied if the image is minimal and the
+# rootfs is read-only.
+# For the detailed format information, refer to /etc/default/volatiles/00_core.
+d root root 0755 /var/volatile/lib/ none
+d root root 0755 /var/volatile/lib/urandom/ none
+l root root 0755 /var/lib/urandom /var/volatile/lib/urandom
-- 
1.7.9.5

[PATCH V6 6/6] core-image-sato: support read-only rootfs

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

Support read-only rootfs by providing a specific conf file for volatile storage.

[YOCTO #3406]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 meta/recipes-sato/images/core-image-sato.bb        |    8 ++++++++
 .../images/files/volatiles-readonly-sato           |   14 ++++++++++++++
 2 files changed, 22 insertions(+)
 create mode 100644 meta/recipes-sato/images/files/volatiles-readonly-sato

diff --git a/meta/recipes-sato/images/core-image-sato.bb b/meta/recipes-sato/images/core-image-sato.bb
index f52a1a5..4ca1746 100644
--- a/meta/recipes-sato/images/core-image-sato.bb
+++ b/meta/recipes-sato/images/core-image-sato.bb
@@ -6,6 +6,14 @@ IMAGE_FEATURES += "splash package-management x11-base x11-sato ssh-server-dropbe
 
 LICENSE = "MIT"
 
+SRC_URI += "file://volatiles-readonly-sato"
+
 inherit core-image
 
 IMAGE_INSTALL += "packagegroup-core-x11-sato-games"
+
+# install read-only rootfs specific conf file for sato image
+choose_volatile_conf () {
+	cp ${WORKDIR}/volatiles-readonly-sato \
+		${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
+}
diff --git a/meta/recipes-sato/images/files/volatiles-readonly-sato b/meta/recipes-sato/images/files/volatiles-readonly-sato
new file mode 100644
index 0000000..4a56b81
--- /dev/null
+++ b/meta/recipes-sato/images/files/volatiles-readonly-sato
@@ -0,0 +1,14 @@
+# This configuration file lists filesystem objects specific to sato image
+# with read-only rootfs.
+# This configuration file will only be applied if the image is sato and the
+# rootfs is read-only.
+# For the detailed format information, refer to /etc/default/volatiles/00_core.
+d root root 0755 /var/volatile/lib/ none
+d root root 0755 /var/volatile/lib/urandom/ none
+d root root 0755 /var/volatile/lib/dropbear/ none
+d root root 0755 /var/volatile/lib/nfs/ none
+d root root 0755 /var/volatile/lib/dbus/ none
+l root root 0755 /var/lib/urandom /var/volatile/lib/urandom
+l root root 0755 /var/lib/dropbear /var/volatile/lib/dropbear
+l root root 0755 /var/lib/nfs /var/volatile/lib/nfs
+l root root 0755 /var/lib/dbus /var/volatile/lib/dbus
-- 
1.7.9.5

Re: [PATCH V6 3/6] core-image.bbclass: support read-only rootfs

[Martin Jansa]

[-- Attachment #1: Type: text/plain, Size: 2446 bytes --]

On Sun, Jan 06, 2013 at 05:44:25PM +0800, Qi.Chen@windriver.com wrote:
> From: Chen Qi <Qi.Chen@windriver.com>
> 
> The hook function is appended to ROOTFS_POSTPROCESS_COMMAND
> properly to support the 'read-only-rootfs' image feature.
> 
> [YOCTO #3406]
> 
> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
> ---
>  meta/classes/core-image.bbclass |    5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass
> index 2e67018..ebb9597 100644
> --- a/meta/classes/core-image.bbclass
> +++ b/meta/classes/core-image.bbclass
> @@ -28,6 +28,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3
>  # - dev-pkgs            - development packages (headers, etc.) for all installed packages in the rootfs
>  # - dbg-pkgs            - debug symbol packages for all installed packages in the rootfs
>  # - doc-pkgs            - documentation packages for all installed packages in the rootfs
> +# - read-only-rootfs    - tweaks an image to support read-only rootfs
>  #
>  PACKAGE_GROUP_x11 = "packagegroup-core-x11"
>  PACKAGE_GROUP_x11-base = "packagegroup-core-x11-base"
> @@ -73,9 +74,9 @@ inherit image
>  
>  # Create /etc/timestamp during image construction to give a reasonably sane default time setting
>  ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; "
> -
>  # Zap the root password if debug-tweaks feature is not enabled
>  ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}'
>  # Allow openssh accept empty password login if both debug-tweaks and ssh-server-openssh are enabled
>  ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", "openssh_allow_empty_password; ", "",d)}'
> -
> +# Tweak the mount options for rootfs in /etc/fstab if read-only-rootfs is enabled

This read_only_rootfs_hook does more than that, please update comment

Cheers,

> +ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "read_only_rootfs_hook; ", "",d)}'
> -- 
> 1.7.9.5
> 
> 
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core

-- 
Martin 'JaMa' Jansa     jabber: Martin.Jansa@gmail.com

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 205 bytes --]

Re: [PATCH V6 6/6] core-image-sato: support read-only rootfs

[Otavio Salvador]

On Sun, Jan 6, 2013 at 7:44 AM,  <Qi.Chen@windriver.com> wrote:
> From: Chen Qi <Qi.Chen@windriver.com>
>
> Support read-only rootfs by providing a specific conf file for volatile storage.
>
> [YOCTO #3406]
>
> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>

I prefer this solution than the previous one however why you don't use
a sato-volatile-conf package to provide this?

--
Otavio Salvador                             O.S. Systems
E-mail: otavio@ossystems.com.br  http://www.ossystems.com.br
Mobile: +55 53 9981-7854              http://projetos.ossystems.com.br

Re: [PATCH V6 6/6] core-image-sato: support read-only rootfs

[ChenQi]

On 01/07/2013 03:05 AM, Otavio Salvador wrote:
> On Sun, Jan 6, 2013 at 7:44 AM,  <Qi.Chen@windriver.com> wrote:
>> From: Chen Qi <Qi.Chen@windriver.com>
>>
>> Support read-only rootfs by providing a specific conf file for volatile storage.
>>
>> [YOCTO #3406]
>>
>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
> I prefer this solution than the previous one however why you don't use
> a sato-volatile-conf package to provide this?
Because the there exists a one-to-one (or almost one-to-one) 
correspondence between the volatile conf file and the specific image.

If there is a 'sato-volatile-conf' package, then there should be a 
'minimal-volatile-conf', and maybe a 'custom-volatile-conf' if users are 
using a customized image.

So I think it's simpler to let the image recipe provide the conf file.
The only thing we have to do, when adding read-only rootfs support to 
some image, is to add the conf file to SRC_URI and install it in 
choose_volatile_conf.

Kind Regards,
Chen Qi
>
> --
> Otavio Salvador                             O.S. Systems
> E-mail: otavio@ossystems.com.br  http://www.ossystems.com.br
> Mobile: +55 53 9981-7854              http://projetos.ossystems.com.br
>
>

Re: [PATCH V6 3/6] core-image.bbclass: support read-only rootfs

[ChenQi]

On 01/06/2013 05:52 PM, Martin Jansa wrote:
> On Sun, Jan 06, 2013 at 05:44:25PM +0800, Qi.Chen@windriver.com wrote:
>> From: Chen Qi <Qi.Chen@windriver.com>
>>
>> The hook function is appended to ROOTFS_POSTPROCESS_COMMAND
>> properly to support the 'read-only-rootfs' image feature.
>>
>> [YOCTO #3406]
>>
>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>> ---
>>   meta/classes/core-image.bbclass |    5 +++--
>>   1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass
>> index 2e67018..ebb9597 100644
>> --- a/meta/classes/core-image.bbclass
>> +++ b/meta/classes/core-image.bbclass
>> @@ -28,6 +28,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3
>>   # - dev-pkgs            - development packages (headers, etc.) for all installed packages in the rootfs
>>   # - dbg-pkgs            - debug symbol packages for all installed packages in the rootfs
>>   # - doc-pkgs            - documentation packages for all installed packages in the rootfs
>> +# - read-only-rootfs    - tweaks an image to support read-only rootfs
>>   #
>>   PACKAGE_GROUP_x11 = "packagegroup-core-x11"
>>   PACKAGE_GROUP_x11-base = "packagegroup-core-x11-base"
>> @@ -73,9 +74,9 @@ inherit image
>>   
>>   # Create /etc/timestamp during image construction to give a reasonably sane default time setting
>>   ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; "
>> -
>>   # Zap the root password if debug-tweaks feature is not enabled
>>   ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}'
>>   # Allow openssh accept empty password login if both debug-tweaks and ssh-server-openssh are enabled
>>   ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", "openssh_allow_empty_password; ", "",d)}'
>> -
>> +# Tweak the mount options for rootfs in /etc/fstab if read-only-rootfs is enabled
> This read_only_rootfs_hook does more than that, please update comment
>
> Cheers,
>

Thank you for your kindly reminding.

I've modified the comment and sent out this patch again.

Cheers,
Chen Qi

>> +ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "read_only_rootfs_hook; ", "",d)}'
>> -- 
>> 1.7.9.5
>>
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core

Re: [PATCH V6 6/6] core-image-sato: support read-only rootfs

[Otavio Salvador]

On Mon, Jan 7, 2013 at 1:06 AM, ChenQi <Qi.Chen@windriver.com> wrote:
> On 01/07/2013 03:05 AM, Otavio Salvador wrote:
>>
>> On Sun, Jan 6, 2013 at 7:44 AM,  <Qi.Chen@windriver.com> wrote:
>>>
>>> From: Chen Qi <Qi.Chen@windriver.com>
>>>
>>> Support read-only rootfs by providing a specific conf file for volatile
>>> storage.
>>>
>>> [YOCTO #3406]
>>>
>>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>>
>> I prefer this solution than the previous one however why you don't use
>> a sato-volatile-conf package to provide this?
>
> Because the there exists a one-to-one (or almost one-to-one) correspondence
> between the volatile conf file and the specific image.
>
> If there is a 'sato-volatile-conf' package, then there should be a
> 'minimal-volatile-conf', and maybe a 'custom-volatile-conf' if users are
> using a customized image.
>
> So I think it's simpler to let the image recipe provide the conf file.
> The only thing we have to do, when adding read-only rootfs support to some
> image, is to add the conf file to SRC_URI and install it in
> choose_volatile_conf.

The problem of not using a package for it is regarding upgrades; it is
not possible to upgrade the configuration file using the package
manager. I know most systems using the read-only-fs will be small and
do not use a package manager at all but some use cases will do (mine,
in case).

So I do believe we ought to have a one-to-one correspondence here.

--
Otavio Salvador                             O.S. Systems
E-mail: otavio@ossystems.com.br  http://www.ossystems.com.br
Mobile: +55 53 9981-7854              http://projetos.ossystems.com.br

Re: [PATCH V6 6/6] core-image-sato: support read-only rootfs

[ChenQi]

On 01/07/2013 06:30 PM, Otavio Salvador wrote:
> On Mon, Jan 7, 2013 at 1:06 AM, ChenQi <Qi.Chen@windriver.com> wrote:
>> On 01/07/2013 03:05 AM, Otavio Salvador wrote:
>>> On Sun, Jan 6, 2013 at 7:44 AM,  <Qi.Chen@windriver.com> wrote:
>>>> From: Chen Qi <Qi.Chen@windriver.com>
>>>>
>>>> Support read-only rootfs by providing a specific conf file for volatile
>>>> storage.
>>>>
>>>> [YOCTO #3406]
>>>>
>>>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>>> I prefer this solution than the previous one however why you don't use
>>> a sato-volatile-conf package to provide this?
>> Because the there exists a one-to-one (or almost one-to-one) correspondence
>> between the volatile conf file and the specific image.
>>
>> If there is a 'sato-volatile-conf' package, then there should be a
>> 'minimal-volatile-conf', and maybe a 'custom-volatile-conf' if users are
>> using a customized image.
>>
>> So I think it's simpler to let the image recipe provide the conf file.
>> The only thing we have to do, when adding read-only rootfs support to some
>> image, is to add the conf file to SRC_URI and install it in
>> choose_volatile_conf.
> The problem of not using a package for it is regarding upgrades; it is
> not possible to upgrade the configuration file using the package
> manager. I know most systems using the read-only-fs will be small and
> do not use a package manager at all but some use cases will do (mine,
> in case).
Sounds reasonable.
I'll think about it :)

Thanks,
Chen Qi

> So I do believe we ought to have a one-to-one correspondence here.
>
> --
> Otavio Salvador                             O.S. Systems
> E-mail: otavio@ossystems.com.br  http://www.ossystems.com.br
> Mobile: +55 53 9981-7854              http://projetos.ossystems.com.br
>
>

Re: [PATCH V6 6/6] core-image-sato: support read-only rootfs

[Saul Wold]

On 01/07/2013 06:22 PM, ChenQi wrote:
> On 01/07/2013 06:30 PM, Otavio Salvador wrote:
>> On Mon, Jan 7, 2013 at 1:06 AM, ChenQi <Qi.Chen@windriver.com> wrote:
>>> On 01/07/2013 03:05 AM, Otavio Salvador wrote:
>>>> On Sun, Jan 6, 2013 at 7:44 AM,  <Qi.Chen@windriver.com> wrote:
>>>>> From: Chen Qi <Qi.Chen@windriver.com>
>>>>>
>>>>> Support read-only rootfs by providing a specific conf file for
>>>>> volatile
>>>>> storage.
>>>>>
>>>>> [YOCTO #3406]
>>>>>
>>>>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>>>> I prefer this solution than the previous one however why you don't use
>>>> a sato-volatile-conf package to provide this?
>>> Because the there exists a one-to-one (or almost one-to-one)
>>> correspondence
>>> between the volatile conf file and the specific image.
>>>
>>> If there is a 'sato-volatile-conf' package, then there should be a
>>> 'minimal-volatile-conf', and maybe a 'custom-volatile-conf' if users are
>>> using a customized image.
>>>
>>> So I think it's simpler to let the image recipe provide the conf file.
>>> The only thing we have to do, when adding read-only rootfs support to
>>> some
>>> image, is to add the conf file to SRC_URI and install it in
>>> choose_volatile_conf.
>> The problem of not using a package for it is regarding upgrades; it is
>> not possible to upgrade the configuration file using the package
>> manager. I know most systems using the read-only-fs will be small and
>> do not use a package manager at all but some use cases will do (mine,
>> in case).
> Sounds reasonable.
> I'll think about it :)
>

+1 for creating a *-volatile-conf package instead of having it buried in 
the image recipe.

Sau!

> Thanks,
> Chen Qi
>
>> So I do believe we ought to have a one-to-one correspondence here.
>>
>> --
>> Otavio Salvador                             O.S. Systems
>> E-mail: otavio@ossystems.com.br  http://www.ossystems.com.br
>> Mobile: +55 53 9981-7854              http://projetos.ossystems.com.br
>>
>>
>
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
>

Re: [PATCH V6 2/6] image.bbclass: add two funtions to support readonly rootfs

[Saul Wold]

On 01/06/2013 01:44 AM, Qi.Chen@windriver.com wrote:
> From: Chen Qi <Qi.Chen@windriver.com>
>
> read_only_rootfs_hook: this funtion is invoked only if 'read-only-rootfs'
> is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
> volatile.sh script run at rootfs time.
>
> choose_volatile_conf: this function is exported and should be overriden
> by the specific image recipe. Config files specific to read-only rootfs
> are closely related to the image types. So these config file should be
> provided by the corresponding image recipes.
> In addition, this function adds support to customized config files for
> customized images.
>
> [YOCTO #3406]
>
> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
> ---
>   meta/classes/image.bbclass |   29 ++++++++++++++++++++++++-----
>   1 file changed, 24 insertions(+), 5 deletions(-)
>
> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
> index d3a416d..0cd49f0 100644
> --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -167,6 +167,7 @@ inherit ${IMAGE_CLASSES}
>   IMAGE_POSTPROCESS_COMMAND ?= ""
>   MACHINE_POSTPROCESS_COMMAND ?= ""
>   ROOTFS_POSTPROCESS_COMMAND_prepend = "run_intercept_scriptlets; "
> +ROOTFS_POSTPROCESS_COMMAND_prepend = "choose_volatile_conf; "
>
>   # some default locales
>   IMAGE_LINGUAS ?= "de-de fr-fr en-gb"
> @@ -185,6 +186,11 @@ do_build[nostamp] = "1"
>   # task, so that we have a single fakeroot context for the whole process.
>   do_rootfs[umask] = "022"
>
> +choose_volatile_conf () {
> +        # This task should be overriden by the specific image recipe.
> +        # It is used to install the correct conf file for volatile storage
> +        # handling to support read-only rootfs.
> +}
>
>   run_intercept_scriptlets () {
>   	if [ -d ${WORKDIR}/intercept_scripts ]; then
> @@ -396,6 +402,21 @@ zap_root_password () {
>   	mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
>   }
>
> +# A hook function to support read-only-rootfs IMAGE_FEATURES
> +read_only_rootfs_hook () {
> +	# Tweak the mount option in fstab
> +	sed -i '/rootfs/ s/defaults/ro/' ${IMAGE_ROOTFS}/etc/fstab
> +	# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
> +	if [ -e ${IMAGE_ROOTFS}/etc/default/rcS ]; then
> +		sed -i 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' ${IMAGE_ROOTFS}/etc/default/rcS
> +	fi
> +	# Run populate-volatile.sh at rootfs time to set up basic files
> +	# and directories to support read-only rootfs.
> +	if [ -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
> +		${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
> +	fi
> +}
> +
>   # allow openssh accept login with empty password string
>   openssh_allow_empty_password () {
>   	if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
> @@ -458,11 +479,9 @@ rootfs_trim_schemas () {
>   	done
>   }
>
> -EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs make_zimage_symlink_relative set_image_autologin rootfs_update_timestamp rootfs_no_x_startup
> +EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs make_zimage_symlink_relative set_image_autologin rootfs_update_timestamp rootfs_no_x_startup choose_volatile_conf
>
> -do_fetch[noexec] = "1"
> -do_unpack[noexec] = "1"
> -do_patch[noexec] = "1"
> +# do_fetch, do_unpack and do_patch are needed to copy conf files to workdir
>   do_configure[noexec] = "1"
>   do_compile[noexec] = "1"
>   do_install[noexec] = "1"
> @@ -472,4 +491,4 @@ do_package_write_ipk[noexec] = "1"
>   do_package_write_deb[noexec] = "1"
>   do_package_write_rpm[noexec] = "1"
>
> -addtask rootfs before do_build
> +addtask rootfs before do_build after do_patch
>
Why is this needed, and will it continue to be needed if we move to the 
*-volatile-conf packages?

Sau!

Re: [PATCH V6 2/6] image.bbclass: add two funtions to support readonly rootfs

[ChenQi]

On 01/12/2013 07:33 AM, Saul Wold wrote:
> On 01/06/2013 01:44 AM, Qi.Chen@windriver.com wrote:
>> From: Chen Qi <Qi.Chen@windriver.com>
>>
>> read_only_rootfs_hook: this funtion is invoked only if 
>> 'read-only-rootfs'
>> is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
>> volatile.sh script run at rootfs time.
>>
>> choose_volatile_conf: this function is exported and should be overriden
>> by the specific image recipe. Config files specific to read-only rootfs
>> are closely related to the image types. So these config file should be
>> provided by the corresponding image recipes.
>> In addition, this function adds support to customized config files for
>> customized images.
>>
>> [YOCTO #3406]
>>
>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>> ---
>>   meta/classes/image.bbclass |   29 ++++++++++++++++++++++++-----
>>   1 file changed, 24 insertions(+), 5 deletions(-)
>>
>> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
>> index d3a416d..0cd49f0 100644
>> --- a/meta/classes/image.bbclass
>> +++ b/meta/classes/image.bbclass
>> @@ -167,6 +167,7 @@ inherit ${IMAGE_CLASSES}
>>   IMAGE_POSTPROCESS_COMMAND ?= ""
>>   MACHINE_POSTPROCESS_COMMAND ?= ""
>>   ROOTFS_POSTPROCESS_COMMAND_prepend = "run_intercept_scriptlets; "
>> +ROOTFS_POSTPROCESS_COMMAND_prepend = "choose_volatile_conf; "
>>
>>   # some default locales
>>   IMAGE_LINGUAS ?= "de-de fr-fr en-gb"
>> @@ -185,6 +186,11 @@ do_build[nostamp] = "1"
>>   # task, so that we have a single fakeroot context for the whole 
>> process.
>>   do_rootfs[umask] = "022"
>>
>> +choose_volatile_conf () {
>> +        # This task should be overriden by the specific image recipe.
>> +        # It is used to install the correct conf file for volatile 
>> storage
>> +        # handling to support read-only rootfs.
>> +}
>>
>>   run_intercept_scriptlets () {
>>       if [ -d ${WORKDIR}/intercept_scripts ]; then
>> @@ -396,6 +402,21 @@ zap_root_password () {
>>       mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
>>   }
>>
>> +# A hook function to support read-only-rootfs IMAGE_FEATURES
>> +read_only_rootfs_hook () {
>> +    # Tweak the mount option in fstab
>> +    sed -i '/rootfs/ s/defaults/ro/' ${IMAGE_ROOTFS}/etc/fstab
>> +    # Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
>> +    if [ -e ${IMAGE_ROOTFS}/etc/default/rcS ]; then
>> +        sed -i 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' 
>> ${IMAGE_ROOTFS}/etc/default/rcS
>> +    fi
>> +    # Run populate-volatile.sh at rootfs time to set up basic files
>> +    # and directories to support read-only rootfs.
>> +    if [ -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
>> +        ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
>> +    fi
>> +}
>> +
>>   # allow openssh accept login with empty password string
>>   openssh_allow_empty_password () {
>>       if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
>> @@ -458,11 +479,9 @@ rootfs_trim_schemas () {
>>       done
>>   }
>>
>> -EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs 
>> make_zimage_symlink_relative set_image_autologin 
>> rootfs_update_timestamp rootfs_no_x_startup
>> +EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs 
>> make_zimage_symlink_relative set_image_autologin 
>> rootfs_update_timestamp rootfs_no_x_startup choose_volatile_conf
>>
>> -do_fetch[noexec] = "1"
>> -do_unpack[noexec] = "1"
>> -do_patch[noexec] = "1"
>> +# do_fetch, do_unpack and do_patch are needed to copy conf files to 
>> workdir
>>   do_configure[noexec] = "1"
>>   do_compile[noexec] = "1"
>>   do_install[noexec] = "1"
>> @@ -472,4 +491,4 @@ do_package_write_ipk[noexec] = "1"
>>   do_package_write_deb[noexec] = "1"
>>   do_package_write_rpm[noexec] = "1"
>>
>> -addtask rootfs before do_build
>> +addtask rootfs before do_build after do_patch
>>
> Why is this needed, and will it continue to be needed if we move to 
> the *-volatile-conf packages?
>

The read_only_rootfs_hook function is always needed.
The choose_volatile_conf function is not needed any more if we move to 
the *-volatile-conf package.

Thanks,
Chen Qi

> Sau!
>
>
>

Re: [PATCH V6 6/6] core-image-sato: support read-only rootfs

[ChenQi]

On 01/12/2013 07:32 AM, Saul Wold wrote:
> On 01/07/2013 06:22 PM, ChenQi wrote:
>> On 01/07/2013 06:30 PM, Otavio Salvador wrote:
>>> On Mon, Jan 7, 2013 at 1:06 AM, ChenQi <Qi.Chen@windriver.com> wrote:
>>>> On 01/07/2013 03:05 AM, Otavio Salvador wrote:
>>>>> On Sun, Jan 6, 2013 at 7:44 AM, <Qi.Chen@windriver.com> wrote:
>>>>>> From: Chen Qi <Qi.Chen@windriver.com>
>>>>>>
>>>>>> Support read-only rootfs by providing a specific conf file for
>>>>>> volatile
>>>>>> storage.
>>>>>>
>>>>>> [YOCTO #3406]
>>>>>>
>>>>>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>>>>> I prefer this solution than the previous one however why you don't 
>>>>> use
>>>>> a sato-volatile-conf package to provide this?
>>>> Because the there exists a one-to-one (or almost one-to-one)
>>>> correspondence
>>>> between the volatile conf file and the specific image.
>>>>
>>>> If there is a 'sato-volatile-conf' package, then there should be a
>>>> 'minimal-volatile-conf', and maybe a 'custom-volatile-conf' if 
>>>> users are
>>>> using a customized image.
>>>>
>>>> So I think it's simpler to let the image recipe provide the conf file.
>>>> The only thing we have to do, when adding read-only rootfs support to
>>>> some
>>>> image, is to add the conf file to SRC_URI and install it in
>>>> choose_volatile_conf.
>>> The problem of not using a package for it is regarding upgrades; it is
>>> not possible to upgrade the configuration file using the package
>>> manager. I know most systems using the read-only-fs will be small and
>>> do not use a package manager at all but some use cases will do (mine,
>>> in case).
>> Sounds reasonable.
>> I'll think about it :)
>>
>
> +1 for creating a *-volatile-conf package instead of having it buried 
> in the image recipe.
>
I'll rework on it and send out the patch again.

Thanks for your review :)

Cheers,
Chen Qi

> Sau!
>
>> Thanks,
>> Chen Qi
>>
>>> So I do believe we ought to have a one-to-one correspondence here.
>>>
>>> -- 
>>> Otavio Salvador                             O.S. Systems
>>> E-mail: otavio@ossystems.com.br  http://www.ossystems.com.br
>>> Mobile: +55 53 9981-7854 http://projetos.ossystems.com.br
>>>
>>>
>>
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>>
>>
>