mirror of
https://github.com/ostreedev/ostree.git
synced 2025-01-27 18:04:17 +03:00
5af403be0c
We want to support extending the read-only state to cover `/sysroot` and `/boot`, since conceptually all of the data there should only be written via libostree. Or at least for `/boot` should *mostly* just be written by ostree. This change needs to be opt-in though to avoid breaking anyone. Add a `sysroot/readonly` key to the repository config which instructs `ostree-remount.service` to ensure `/sysroot` is read-only. This requires a bit of a dance because `/sysroot` is actually the same filesystem as `/`; so we make `/etc` a writable bind mount in this case. We also need to handle `/var` in the "OSTree default" case of a bind mount; the systemd generator now looks at the writability state of `/sysroot` and uses that to determine whether it should have the `var.mount` unit happen before or after `ostree-remount.service.` Also add an API to instruct the libostree shared library that the caller has created a new mount namespace. This way we can freely remount read-write. This approach extends upon in a much better way previous work we did to support remounting `/boot` read-write. Closes: https://github.com/ostreedev/ostree/issues/1265
83 lines
3.6 KiB
Plaintext
83 lines
3.6 KiB
Plaintext
# Copyright (C) 2011 Colin Walters <walters@verbum.org>
|
|
#
|
|
# SPDX-License-Identifier: LGPL-2.0+
|
|
#
|
|
# This library is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU Lesser General Public
|
|
# License as published by the Free Software Foundation; either
|
|
# version 2 of the License, or (at your option) any later version.
|
|
#
|
|
# This library is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
# Lesser General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Lesser General Public
|
|
# License along with this library; if not, write to the
|
|
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
|
# Boston, MA 02111-1307, USA.
|
|
|
|
if BUILDOPT_SYSTEMD
|
|
ostree_boot_PROGRAMS += ostree-remount
|
|
else
|
|
# It is built anyway as a side-effect of having the symlink in tests/,
|
|
# and if we declare it here, it gets cleaned up properly
|
|
check_PROGRAMS += ostree-remount
|
|
endif
|
|
|
|
ostree_prepare_root_SOURCES = \
|
|
src/switchroot/ostree-mount-util.h \
|
|
src/switchroot/ostree-prepare-root.c \
|
|
$(NULL)
|
|
ostree_prepare_root_CPPFLAGS = $(AM_CPPFLAGS)
|
|
|
|
if BUILDOPT_USE_STATIC_COMPILER
|
|
# ostree-prepare-root can be used as init in a system without a populated /lib.
|
|
# To support this use case we need to link statically as we will be unable to
|
|
# locate libc.so at run time if it's not installed in /lib.
|
|
#
|
|
# We support building ostree-prepare-root with a different compiler to the rest
|
|
# of ostree so we can use musl rather than glibc. This reduces the size of the
|
|
# executable significantly: from ~700K -> ~30K. We have to use _SCRIPTS here
|
|
# to get autotools to install this as an executable but without generating rules
|
|
# to make it itself which we have specified manually. See
|
|
# https://lists.gnu.org/archive/html/help-gnu-utils/2007-01/msg00007.html
|
|
ostree_boot_SCRIPTS += ostree-prepare-root
|
|
|
|
ostree-prepare-root : $(ostree_prepare_root_SOURCES)
|
|
$(STATIC_COMPILER) -o $@ -static $(top_srcdir)/src/switchroot/ostree-prepare-root.c $(ostree_prepare_root_CPPFLAGS) $(AM_CFLAGS) $(DEFAULT_INCLUDES) -DOSTREE_PREPARE_ROOT_STATIC=1
|
|
else
|
|
ostree_boot_PROGRAMS += ostree-prepare-root
|
|
ostree_prepare_root_CFLAGS = $(AM_CFLAGS) -Isrc/switchroot
|
|
endif
|
|
|
|
ostree_remount_SOURCES = \
|
|
src/switchroot/ostree-mount-util.h \
|
|
src/switchroot/ostree-remount.c \
|
|
$(NULL)
|
|
ostree_remount_CPPFLAGS = $(AM_CPPFLAGS) $(OT_INTERNAL_GIO_UNIX_CFLAGS) -Isrc/switchroot -I$(srcdir)/libglnx
|
|
ostree_remount_LDADD = $(AM_LDFLAGS) $(OT_INTERNAL_GIO_UNIX_LIBS) libglnx.la
|
|
|
|
if BUILDOPT_SYSTEMD
|
|
ostree_prepare_root_CPPFLAGS += -DHAVE_SYSTEMD=1
|
|
ostree_prepare_root_LDADD = $(AM_LDFLAGS) $(LIBSYSTEMD_LIBS)
|
|
endif
|
|
|
|
# This is the "new mode" of using a generator for /var; see
|
|
# https://github.com/ostreedev/ostree/issues/855
|
|
if BUILDOPT_SYSTEMD_AND_LIBMOUNT
|
|
ostree_prepare_root_CPPFLAGS += -DHAVE_SYSTEMD_AND_LIBMOUNT=1
|
|
ostree_remount_CPPFLAGS += -DHAVE_SYSTEMD_AND_LIBMOUNT=1
|
|
|
|
systemdsystemgenerator_PROGRAMS = ostree-system-generator
|
|
GITIGNOREFILES += $(systemdsystemgenerator_PROGRAMS)
|
|
ostree_system_generator_SOURCES = src/switchroot/ostree-mount-util.h \
|
|
src/switchroot/ostree-system-generator.c
|
|
ostree_system_generator_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/libglnx -I$(srcdir)/src/libostree
|
|
ostree_system_generator_CFLAGS = $(AM_CFLAGS) $(OT_INTERNAL_GIO_UNIX_CFLAGS)
|
|
ostree_system_generator_LDADD = $(AM_LDFLAGS) libglnx.la libostree-1.la $(OT_INTERNAL_GIO_UNIX_LIBS)
|
|
|
|
# Allow the distcheck install under $prefix test to pass
|
|
AM_DISTCHECK_CONFIGURE_FLAGS += --with-systemdsystemgeneratordir='$${libdir}/systemd/system-generators'
|
|
endif
|