Add a treefile option to stop creating /etc/machine-id

We actually want systemd's `ConditionFirstBoot` to fire. The primary rationale here is that we're adopting Ignition for Fedora CoreOS, and having `ConditionFirstBoot=` function will help a lot, as the idea is it only runs once. However, I discovered that this breaks the `units` directive for example, as systemd blows away all the unit state in `/etc`. The correct thing to do from the start is to use presets. We could add an implementation of `units` which works with this on and instead writes a preset file but...eh. My plan is to at some point introduce an "epoch" and flip various defaults, this one, `tmp-is-dir`, the passwd file handling, etc. See: https://github.com/dustymabe/bootengine/pull/11 Closes: #1425 Approved by: jlebon
2018-06-22 15:15:04 -04:00 · 2018-06-22 15:15:04 -04:00 · d7342731ab
commit d7342731ab
parent 94ee42b03b
5 changed files with 51 additions and 8 deletions
--- a/docs/manual/treefile.md
+++ b/docs/manual/treefile.md
@ -198,6 +198,15 @@ It supports the following parameters:
   to be writable. For host system composes, we recommend turning this on;
   it's left off by default to ease the transition.

+ * `machineid-compat`: boolean, optional: Defaults to `true`.  By default,
+   rpm-ostree creates `/usr/etc/machine-id` as an empty file for historical
+   reasons.  Set this to `false` to ensure it's not present at all.  This
+   will cause systemd to execute `ConditionFirstBoot=`, which implies
+   running `systemctl preset-all` for example.  If you enable this, avoid
+   using the `units` member, as it will no longer function.  Instead,
+   create a `/usr/lib/systemd/system-presets/XX-example.preset` file.
+
+
 Experimental options
 --------

--- a/rust/src/treefile.rs
+++ b/rust/src/treefile.rs
@ -122,6 +122,11 @@ pub struct CheckPasswd {
    // entries: Option<Map<>String>,
 }

+// https://github.com/serde-rs/serde/issues/368
+fn serde_true() -> bool {
+    true
+}
+
 #[derive(Serialize, Deserialize, Debug)]
 pub struct TreeComposeConfig {
    // Compose controls
@ -164,6 +169,9 @@ pub struct TreeComposeConfig {
    pub units: Option<Vec<String>>,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub default_target: Option<String>,
+    #[serde(default = "serde_true")]
+    #[serde(rename = "machineid-compat")]
+    pub machineid_compat: bool,

    // versioning
    #[serde(skip_serializing_if = "Option::is_none")]
--- a/src/libpriv/rpmostree-postprocess.c
+++ b/src/libpriv/rpmostree-postprocess.c
@ -364,8 +364,19 @@ process_kernel_and_initramfs (int            rootfs_dfd,
        return glnx_throw (error, "Invalid boot location '%s'", boot_location_str);
    }

-  /* Ensure the /etc/machine-id file is present and empty; it is read by
-   * dracut. Apparently systemd doesn't work when the file is missing (as of
+  gboolean machineid_compat = TRUE;
+  if (!_rpmostree_jsonutil_object_get_optional_boolean_member (treefile, "machineid-compat",
+                                                               &machineid_compat, error))
+    return FALSE;
+  if (machineid_compat)
+    {
+      /* Update June 2018: systemd seems to work fine with this deleted now in
+       * both Fedora 28 and RHEL 7.5. However, see the treefile.md docs for why
+       * "compat" mode is enabled by default.
+       *
+       * ORIGINAL COMMENT:
+       * Ensure the /etc/machine-id file is present and empty; it is read by
+       * dracut.  Systemd doesn't work when the file is missing (as of
       * systemd-219-9.fc22) but it is correctly populated if the file is there.
       */
      g_print ("Creating empty machine-id\n");
@ -373,6 +384,11 @@ process_kernel_and_initramfs (int            rootfs_dfd,
                                          GLNX_FILE_REPLACE_NODATASYNC,
                                          cancellable, error))
        return FALSE;
+    }
+  else
+    {
+      (void) unlinkat (rootfs_dfd, "usr/etc/machine-id", 0);
+    }

  /* Run dracut with our chosen arguments (commonly at least --no-hostonly) */
  g_autoptr(GPtrArray) dracut_argv = g_ptr_array_new ();
--- a/tests/compose-tests/libbasic-test.sh
+++ b/tests/compose-tests/libbasic-test.sh
@ -34,6 +34,10 @@ ostree --repo=${repobuild} ls -R ${treeref} /usr/share/man > manpages.txt
 assert_file_has_content manpages.txt man5/ostree.repo.5
 echo "ok manpages"

+# https://github.com/projectatomic/rpm-ostree/pull/1425
+ostree --repo=${repobuild} ls ${treeref} /usr/etc/machine-id
+echo "ok machine-id"
+
 ostree --repo=${repobuild} ls ${treeref} usr/etc/systemd/system/multi-user.target.wants/chronyd.service > preset.txt
 assert_file_has_content_literal preset.txt '-> /usr/lib/systemd/system/chronyd.service'
 echo "ok systemctl preset"
--- a/tests/compose-tests/test-misc-tweaks.sh
+++ b/tests/compose-tests/test-misc-tweaks.sh
@ -10,6 +10,7 @@ prepare_compose_test "misc-tweaks"
 pysetjsonmember "documentation" "False"
 # And tweak some of the systemd units
 pysetjsonmember "default_target" '"multi-user.target"'
+pysetjsonmember "machineid-compat" 'False'
 pysetjsonmember "units" '["tuned.service"]'
 # And test adding/removing files
 pysetjsonmember "add-files" '[["foo.txt", "/usr/etc/foo.txt"],
@ -78,3 +79,8 @@ echo "ok remove-from-packages"
 ostree --repo=${repobuild} ls  ${treeref} /tmp > ls.txt
 assert_file_has_content ls.txt 'd01777 0 0      0 /tmp'
 echo "ok /tmp"
+
+# https://github.com/projectatomic/rpm-ostree/pull/1425
+ostree --repo=${repobuild} ls ${treeref} /usr/etc > ls.txt
+assert_not_file_has_content ls.txt 'machine-id'
+echo "ok machine-id"