[PATCH 0/2] initscripts: read-only rootfs fixes

[PATCH 0/2] initscripts: read-only rootfs fixes

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

The following changes since commit b467b99a5d25efe5eadfb07dbecba608575256ac:

  linux-yocto: switch genericx86 to use common-pc (2013-08-24 09:37:49 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib ChenQi/initscripts-readonly
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=ChenQi/initscripts-readonly

Chen Qi (2):
  checkroot.sh: check for conflicting configurations
  read-only-rootfs-hook.sh: check before bind mounting /var/lib

 .../initscripts/initscripts-1.0/checkroot.sh       |   10 ++++++
 .../initscripts-1.0/read-only-rootfs-hook.sh       |   33 +++++++++++++++++---
 2 files changed, 39 insertions(+), 4 deletions(-)

-- 
1.7.9.5

[PATCH 1/2] checkroot.sh: check for conflicting configurations

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

In our current boot scripts, two ways are used to determine whether
the rootfs is read-only or not. One by checking the READ_ONLY_ROOTFS
value in /etc/default/rcS, the other by checking the /etc/fstab entry.

From a normal Linux user's point of view, the way of checking the
/etc/fstab entry is preferred. However, as there are several boot scripts
that need to know whether rootfs is read-only or not, checking /etc/fstab
in each script brings too much overhead. Thus, these boot scripts
use the READ_ONLY_ROOTFS value in /etc/default/rcS.

In normal use cases, there would be no problem, as both /etc/default/rcS and
the /etc/fstab are modified at rootfs time. However, if the user changes
the mount option for rootfs in /etc/fstab to read-write, and he/she forgets
to change the value in /etc/default/rcS, there would be unexpected results.
For example, the udev-cache would still be disabled.

So at a minimal, a check for conflicting configurations between /etc/fstab
and /etc/default/rcS should be added in checkroot.sh so that there would be
reasonable warnings if users have configured the system in a non-consistent
way.

[YOCTO #4880]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 .../initscripts/initscripts-1.0/checkroot.sh       |   10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh b/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
index cf84cfa..dfee2af 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
@@ -54,6 +54,16 @@ do
 done
 exec 0>&9 9>&-
 
+# Check for conflicting configurations
+if [ "$rootmode" = "ro" -a "$ROOTFS_READ_ONLY" = "no" ] || \
+	[ "$rootmode" = "rw" -a "$ROOTFS_READ_ONLY" = "yes" ]; then
+	echo ""
+	echo "WARN: conflicting configurations in /etc/fstab and /etc/default/rcS"
+	echo "      regarding the writability of rootfs. Please fix one of them."
+	echo ""
+fi
+
+
 #
 # Activate the swap device(s) in /etc/fstab. This needs to be done
 # before fsck, since fsck can be quite memory-hungry.
-- 
1.7.9.5

[PATCH 2/2] read-only-rootfs-hook.sh: check before bind mounting /var/lib

[Qi.Chen]

From: Chen Qi <Qi.Chen@windriver.com>

It's possible that /var/lib is on a separate writable partition. In such
situation, we should not bind mount /var/lib with tmpfs, becasue it's
already writable.

This patch fixes this problem by checking whether /var/lib is already
on a writable partition.

[YOCTO #4888]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 .../initscripts-1.0/read-only-rootfs-hook.sh       |   33 +++++++++++++++++---
 1 file changed, 29 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh b/meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh
index 9cf0921..1a0328d 100644
--- a/meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh
@@ -4,10 +4,35 @@
 
 [ "$ROOTFS_READ_ONLY" = "no" ] && exit 0
 
+is_on_read_only_partition () {
+	DIRECTORY=$1
+	dir=`readlink -f $DIRECTORY`
+	while true; do
+		if [ ! -d "$dir" ]; then
+			echo "ERROR: $dir is not a directory"
+			exit 1
+		else
+			for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \
+				END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do
+				[ "$flag" = "FOUND" ] && partition="read-write"
+				[ "$flag" = "ro" ] && { partition="read-only"; break; }
+			done
+			if [ "$dir" = "/" -o -n "$partition" ]; then
+				break
+			else
+				dir=`dirname $dir`
+			fi
+		fi
+	done
+	[ "$partition" = "read-only" ] && echo "yes" || echo "no"
+}
+
 if [ "$1" = "start" ] ; then
-	grep -q "tmpfs /var/volatile" /proc/mounts || mount /var/volatile
-	mkdir -p /var/volatile/lib
-	cp -a /var/lib/* /var/volatile/lib
-	mount --bind /var/volatile/lib /var/lib
+	if [ `is_on_read_only_partition /var/lib` = "yes" ]; then
+		grep -q "tmpfs /var/volatile" /proc/mounts || mount /var/volatile
+		mkdir -p /var/volatile/lib
+		cp -a /var/lib/* /var/volatile/lib
+		mount --bind /var/volatile/lib /var/lib
+	fi
 fi
 
-- 
1.7.9.5