From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id AABF1F364B4 for ; Thu, 9 Apr 2026 19:18:29 +0000 (UTC) Received: from smtpout-03.galae.net (smtpout-03.galae.net [185.246.85.4]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.140351.1775762307160125099 for ; Thu, 09 Apr 2026 12:18:28 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="dkim: key syntax error: missing public key data" header.i=@rootcommit.com header.s=dkim header.b=HFRh4X+q; spf=pass (domain: rootcommit.com, ip: 185.246.85.4, mailfrom: michael.opdenacker@rootcommit.com) Received: from smtpout-01.galae.net (smtpout-01.galae.net [212.83.139.233]) by smtpout-03.galae.net (Postfix) with ESMTPS id CB09A4E42994; Thu, 9 Apr 2026 19:18:24 +0000 (UTC) Received: from mail.galae.net (mail.galae.net [212.83.136.155]) by smtpout-01.galae.net (Postfix) with ESMTPS id 81725603E4; Thu, 9 Apr 2026 19:18:24 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id E7075104501B9; Thu, 9 Apr 2026 21:18:22 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rootcommit.com; s=dkim; t=1775762304; h=from:subject:date:message-id:to:cc:mime-version:content-type: content-transfer-encoding:content-language:in-reply-to:references; bh=/adb1lIB3fqCzm7t5GRWJ1VR5qBvJOKlOmU3FfUFr+g=; b=HFRh4X+qTmg5Nbs6xMqNDsnirr9erqZTCE2otUvP/wsp9Sj/KVjN0DPmpQHsVnxGwK5C6C 0yoM1fJ54v3aoejXmPwB5k7cU71PW9qn2s5cZyxlWrKbdmgafQLqQKvIYeYHHVgkQ+6X3u lC99BmJ6D58WJZ+vkapZDieCcRLYormB1Rgcd9HPQiS475egjEVKYTa/gXazD1u3ThrKKf q177YKzT8Fq64sjEt//ahRjVoe3nafoxniKwFYjgXt/uJ+DaUwLTI8bD4vz501utFnojcq j+f/EXE7cXcizH6/3r3R46c+dKMUD+cjRhlqGXTcn0kXbhFFN/1zJ5lseDpDrQ== Message-ID: <05cc6299-d354-4b9b-b0d9-2c9e02ef986f@rootcommit.com> Date: Thu, 9 Apr 2026 21:18:21 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Cc: michael.opdenacker@rootcommit.com, yocto@lists.yoctoproject.org, Vyacheslav Yurkov Subject: Re: [yocto] overlayfs-etc on top of dm-verity? To: Francesco Valla References: Content-Language: en-US From: Michael Opdenacker In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Last-TLS-Session-Version: TLSv1.3 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 09 Apr 2026 19:18:29 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/66394 Hi Francesco, On 3/26/26 11:19 PM, Francesco Valla wrote: >> The code looks right though, I need to understand why this happens. >> >> Another weirdness that remains is these volatile mounts for /var/cache/, >> /var/lib, /var/spool and /srv, which I didn't have with a regular read-only >> root filesystem. > AFAIK, this should be the regular behavior on a read-only root > filesystem. The overlayfs mounts are created by services generated by: > > meta/recipes-core/volatile-binds/volatile-binds.bb > > depending on the content of the VOLATILE_BINDS variable. For each couple > of upperdir-lowerdir specified there, a service is generated that > starts only if upperdir's parent is writable and lowerdir is not. > > E.g.: > lowerdir=/srv > upperdir=/var/volatile/srv > > In a vanilla openembedded-core system, a tmpfs is mounted on /var/volatile > by the fstab (that is, by the fstab systemd generator), so the > upperdir's parent directory (which is the same /var/volatile) is writable. > > You can force a copy+bind behavior setting AVOID_OVERLAYFS=1. I didn't thank you for these great clarifications and tips. It's good to understand the "magic". I eventually dropped overlayfs-etc and started implementing specific mount points using VOLATILE_BINDS indeed (with AVOID_OVERLAYFS=1). It's a very easy to use mechanism thanks to the volatile-binds.bb recipe. Thanks again, you made my day! Cheers Michael. -- Root Commit Embedded Linux Training and Consulting https://rootcommit.com