mirror of
https://github.com/ostreedev/ostree.git
synced 2024-12-22 17:35:55 +03:00
prepare-root: Switch to a tmpfs for transient root
We're debating this over in https://github.com/CentOS/centos-bootc-dev/pull/27 and I have come to the conclusion that having changes to `/` persist across reboot by default was a bad idea. - It conflicts with any kind of secure boot scenario - Having things only go away on upgrades is in some ways even *more* surprising - The term `transient` implies this There may be a use case in the future for having something like `root.transient = persistent`, but this is just a better default. Signed-off-by: Colin Walters <walters@verbum.org>
This commit is contained in:
parent
eeccac7fc9
commit
0cff65d61a
@ -308,17 +308,6 @@ main (int argc, char *argv[])
|
|||||||
if (mkdirat (AT_FDCWD, OTCORE_RUN_OSTREE_PRIVATE, 0) < 0)
|
if (mkdirat (AT_FDCWD, OTCORE_RUN_OSTREE_PRIVATE, 0) < 0)
|
||||||
err (EXIT_FAILURE, "Failed to create %s", OTCORE_RUN_OSTREE_PRIVATE);
|
err (EXIT_FAILURE, "Failed to create %s", OTCORE_RUN_OSTREE_PRIVATE);
|
||||||
|
|
||||||
g_autofree char *transient_root_workdir = NULL;
|
|
||||||
g_autofree char *transient_root_upperdir = NULL;
|
|
||||||
if (root_transient)
|
|
||||||
{
|
|
||||||
g_autofree char *backingdir = g_strdup_printf ("../../backing/%s", deploy_directory_name);
|
|
||||||
transient_root_workdir
|
|
||||||
= g_build_filename (backingdir, OSTREE_DEPLOYMENT_ROOT_TRANSIENT_DIR, "work", NULL);
|
|
||||||
transient_root_upperdir
|
|
||||||
= g_build_filename (backingdir, OSTREE_DEPLOYMENT_ROOT_TRANSIENT_DIR, "upper", NULL);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Fall back to querying the repository configuration in the target disk.
|
/* Fall back to querying the repository configuration in the target disk.
|
||||||
* This is an operating system builder choice. More info:
|
* This is an operating system builder choice. More info:
|
||||||
* https://github.com/ostreedev/ostree/pull/1767
|
* https://github.com/ostreedev/ostree/pull/1767
|
||||||
@ -387,11 +376,26 @@ main (int argc, char *argv[])
|
|||||||
|
|
||||||
g_autofree char *expected_digest = NULL;
|
g_autofree char *expected_digest = NULL;
|
||||||
|
|
||||||
|
// For now we just stick the transient root on the default /run tmpfs;
|
||||||
|
// however, see
|
||||||
|
// https://github.com/systemd/systemd/blob/604b2001081adcbd64ee1fbe7de7a6d77c5209fe/src/basic/mountpoint-util.h#L36
|
||||||
|
// which bumps up these defaults for the rootfs a bit.
|
||||||
|
g_autofree char *root_upperdir
|
||||||
|
= root_transient ? g_build_filename (OTCORE_RUN_OSTREE_PRIVATE, "root/upper", NULL)
|
||||||
|
: NULL;
|
||||||
|
g_autofree char *root_workdir
|
||||||
|
= root_transient ? g_build_filename (OTCORE_RUN_OSTREE_PRIVATE, "root/work", NULL) : NULL;
|
||||||
|
|
||||||
// Propagate these options for transient root, if provided
|
// Propagate these options for transient root, if provided
|
||||||
if (transient_root_upperdir)
|
if (root_transient)
|
||||||
{
|
{
|
||||||
cfs_options.workdir = transient_root_workdir;
|
if (!glnx_shutil_mkdir_p_at (AT_FDCWD, root_upperdir, 0755, NULL, &error))
|
||||||
cfs_options.upperdir = transient_root_upperdir;
|
errx (EXIT_FAILURE, "Failed to create %s: %s", root_upperdir, error->message);
|
||||||
|
if (!glnx_shutil_mkdir_p_at (AT_FDCWD, root_workdir, 0700, NULL, &error))
|
||||||
|
errx (EXIT_FAILURE, "Failed to create %s: %s", root_workdir, error->message);
|
||||||
|
|
||||||
|
cfs_options.workdir = root_workdir;
|
||||||
|
cfs_options.upperdir = root_upperdir;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user