shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2024-12-22 17:35:55 +03:00
Code Issues Projects Releases Wiki Activity
13844c6b3e
ostree/Makefile-switchroot.am
Colin Walters 5af403be0c Support mounting /sysroot (and /boot) read-only 
We want to support extending the read-only state to cover `/sysroot`
and `/boot`, since conceptually all of the data there should only
be written via libostree.  Or at least for `/boot` should *mostly*
just be written by ostree.

This change needs to be opt-in though to avoid breaking anyone.

Add a `sysroot/readonly` key to the repository config which instructs
`ostree-remount.service` to ensure `/sysroot` is read-only.  This
requires a bit of a dance because `/sysroot` is actually the same
filesystem as `/`; so we make `/etc` a writable bind mount in this case.

We also need to handle `/var` in the "OSTree default" case of a bind
mount; the systemd generator now looks at the writability state of
`/sysroot` and uses that to determine whether it should have the
`var.mount` unit happen before or after `ostree-remount.service.`

Also add an API to instruct the libostree shared library
that the caller has created a new mount namespace.  This way
we can freely remount read-write.

This approach extends upon in a much better way previous work
we did to support remounting `/boot` read-write.

Closes: https://github.com/ostreedev/ostree/issues/1265
2019-12-11 15:33:57 +00:00

83 lines
3.6 KiB
Plaintext
Raw Blame History

# Copyright (C) 2011 Colin Walters <walters@verbum.org>
#
# SPDX-License-Identifier: LGPL-2.0+
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
if BUILDOPT_SYSTEMD
ostree_boot_PROGRAMS += ostree-remount
else
# It is built anyway as a side-effect of having the symlink in tests/,
# and if we declare it here, it gets cleaned up properly
check_PROGRAMS += ostree-remount
endif
ostree_prepare_root_SOURCES = \
src/switchroot/ostree-mount-util.h \
src/switchroot/ostree-prepare-root.c \
$(NULL)
ostree_prepare_root_CPPFLAGS = $(AM_CPPFLAGS)
if BUILDOPT_USE_STATIC_COMPILER
# ostree-prepare-root can be used as init in a system without a populated /lib.
# To support this use case we need to link statically as we will be unable to
# locate libc.so at run time if it's not installed in /lib.
#
# We support building ostree-prepare-root with a different compiler to the rest
# of ostree so we can use musl rather than glibc. This reduces the size of the
# executable significantly: from ~700K -> ~30K. We have to use _SCRIPTS here
# to get autotools to install this as an executable but without generating rules
# to make it itself which we have specified manually. See
# https://lists.gnu.org/archive/html/help-gnu-utils/2007-01/msg00007.html
ostree_boot_SCRIPTS += ostree-prepare-root
ostree-prepare-root : $(ostree_prepare_root_SOURCES)
$(STATIC_COMPILER) -o $@ -static $(top_srcdir)/src/switchroot/ostree-prepare-root.c $(ostree_prepare_root_CPPFLAGS) $(AM_CFLAGS) $(DEFAULT_INCLUDES) -DOSTREE_PREPARE_ROOT_STATIC=1
else
ostree_boot_PROGRAMS += ostree-prepare-root
ostree_prepare_root_CFLAGS = $(AM_CFLAGS) -Isrc/switchroot
endif
ostree_remount_SOURCES = \
src/switchroot/ostree-mount-util.h \
src/switchroot/ostree-remount.c \
$(NULL)
ostree_remount_CPPFLAGS = $(AM_CPPFLAGS) $(OT_INTERNAL_GIO_UNIX_CFLAGS) -Isrc/switchroot -I$(srcdir)/libglnx
ostree_remount_LDADD = $(AM_LDFLAGS) $(OT_INTERNAL_GIO_UNIX_LIBS) libglnx.la
if BUILDOPT_SYSTEMD
ostree_prepare_root_CPPFLAGS += -DHAVE_SYSTEMD=1
ostree_prepare_root_LDADD = $(AM_LDFLAGS) $(LIBSYSTEMD_LIBS)
endif
# This is the "new mode" of using a generator for /var; see
# https://github.com/ostreedev/ostree/issues/855
if BUILDOPT_SYSTEMD_AND_LIBMOUNT
ostree_prepare_root_CPPFLAGS += -DHAVE_SYSTEMD_AND_LIBMOUNT=1
ostree_remount_CPPFLAGS += -DHAVE_SYSTEMD_AND_LIBMOUNT=1
systemdsystemgenerator_PROGRAMS = ostree-system-generator
GITIGNOREFILES += $(systemdsystemgenerator_PROGRAMS)
ostree_system_generator_SOURCES = src/switchroot/ostree-mount-util.h \
src/switchroot/ostree-system-generator.c
ostree_system_generator_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/libglnx -I$(srcdir)/src/libostree
ostree_system_generator_CFLAGS = $(AM_CFLAGS) $(OT_INTERNAL_GIO_UNIX_CFLAGS)
ostree_system_generator_LDADD = $(AM_LDFLAGS) libglnx.la libostree-1.la $(OT_INTERNAL_GIO_UNIX_LIBS)
# Allow the distcheck install under $prefix test to pass
AM_DISTCHECK_CONFIGURE_FLAGS += --with-systemdsystemgeneratordir='$${libdir}/systemd/system-generators'
endif
Reference in New Issue View Git Blame Copy Permalink