mirror of
https://github.com/systemd/systemd.git
synced 2024-10-27 10:25:37 +03:00
Merge pull request #10912 from poettering/gpt-root-rw
make sure to propagate GPT root partition r/w flag into mount r/w flag
This commit is contained in:
commit
6ea05ac99f
3
TODO
3
TODO
@ -46,9 +46,6 @@ Features:
|
||||
inserting them into the kernel keyring. Maybe SecretsDirectory= similar to
|
||||
ConfigurationDirectory=.
|
||||
|
||||
* systemd-gpt-auto: if we find the root dir mounted read-only and the gpt flag
|
||||
doesn't say so generate job that remounts it writable
|
||||
|
||||
* when no locale is configured, default to UEFI's PlatformLang variable
|
||||
|
||||
* When logind.conf contains HandleLidSwitch=suspend-then-hibernate and we can't
|
||||
|
@ -165,3 +165,11 @@ systemd itself:
|
||||
* `$SYSTEMD_ACTIVATION_SCOPE` — closely related to `$SYSTEMD_ACTIVATION_UNIT`,
|
||||
it is either set to `system` or `user` depending on whether the NSS/PAM
|
||||
module is called by systemd in `--system` or `--user` mode.
|
||||
|
||||
systemd-remount-fs:
|
||||
|
||||
* `$SYSTEMD_REMOUNT_ROOT_RW=1` — if set and and no entry for the root directory
|
||||
exists in /etc/fstab (this file always takes precedence), then the root
|
||||
directory is remounted writable. This is primarily used by
|
||||
systemd-gpt-auto-generator to ensure the root partition is mounted writable
|
||||
in accordance to the GPT partition flags.
|
||||
|
@ -39,7 +39,7 @@
|
||||
static const char *arg_dest = NULL;
|
||||
static bool arg_enabled = true;
|
||||
static bool arg_root_enabled = true;
|
||||
static bool arg_root_rw = false;
|
||||
static int arg_root_rw = -1;
|
||||
|
||||
static int add_cryptsetup(const char *id, const char *what, bool rw, bool require, char **device) {
|
||||
_cleanup_free_ char *e = NULL, *n = NULL, *d = NULL, *id_escaped = NULL, *what_escaped = NULL;
|
||||
@ -446,6 +446,43 @@ static int add_esp(DissectedPartition *p) {
|
||||
}
|
||||
#endif
|
||||
|
||||
static int add_root_rw(DissectedPartition *p) {
|
||||
const char *path;
|
||||
int r;
|
||||
|
||||
assert(p);
|
||||
|
||||
if (in_initrd()) {
|
||||
log_debug("In initrd, not generating drop-in for systemd-remount-fs.service.");
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (arg_root_rw >= 0) {
|
||||
log_debug("Parameter ro/rw specified on kernel command line, not generating drop-in for systemd-remount-fs.service.");
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!p->rw) {
|
||||
log_debug("Root partition marked read-only in GPT partition table, not generating drop-in for systemd-remount-fs.service.");
|
||||
return 0;
|
||||
}
|
||||
|
||||
path = strjoina(arg_dest, "/systemd-remount-fs.service.d/50-remount-rw.conf");
|
||||
(void) mkdir_parents(path, 0755);
|
||||
|
||||
r = write_string_file(path,
|
||||
"# Automatically generated by systemd-gpt-generator\n\n"
|
||||
"[Unit]\n"
|
||||
"ConditionPathExists=\n\n" /* We need to turn off the ConditionPathExist= in the main unit file */
|
||||
"[Service]\n"
|
||||
"Environment=SYSTEMD_REMOUNT_ROOT_RW=1\n",
|
||||
WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_NOFOLLOW);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to write drop-in file %s: %m", path);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int open_parent(dev_t devnum, int *ret) {
|
||||
_cleanup_(sd_device_unrefp) sd_device *d = NULL;
|
||||
const char *name, *devtype, *node;
|
||||
@ -550,6 +587,12 @@ static int enumerate_partitions(dev_t devnum) {
|
||||
r = k;
|
||||
}
|
||||
|
||||
if (m->partitions[PARTITION_ROOT].found) {
|
||||
k = add_root_rw(m->partitions + PARTITION_ROOT);
|
||||
if (k < 0)
|
||||
r = k;
|
||||
}
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
@ -558,7 +601,8 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
||||
|
||||
assert(key);
|
||||
|
||||
if (STR_IN_SET(key, "systemd.gpt_auto", "rd.systemd.gpt_auto")) {
|
||||
if (proc_cmdline_key_streq(key, "systemd.gpt_auto") ||
|
||||
proc_cmdline_key_streq(key, "rd.systemd.gpt_auto")) {
|
||||
|
||||
r = value ? parse_boolean(value) : 1;
|
||||
if (r < 0)
|
||||
@ -566,7 +610,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
||||
else
|
||||
arg_enabled = r;
|
||||
|
||||
} else if (streq(key, "root")) {
|
||||
} else if (proc_cmdline_key_streq(key, "root")) {
|
||||
|
||||
if (proc_cmdline_value_missing(key, value))
|
||||
return 0;
|
||||
@ -576,7 +620,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
||||
|
||||
arg_root_enabled = streq(value, "gpt-auto");
|
||||
|
||||
} else if (streq(key, "roothash")) {
|
||||
} else if (proc_cmdline_key_streq(key, "roothash")) {
|
||||
|
||||
if (proc_cmdline_value_missing(key, value))
|
||||
return 0;
|
||||
@ -585,9 +629,9 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
||||
|
||||
arg_root_enabled = false;
|
||||
|
||||
} else if (streq(key, "rw") && !value)
|
||||
} else if (proc_cmdline_key_streq(key, "rw") && !value)
|
||||
arg_root_rw = true;
|
||||
else if (streq(key, "ro") && !value)
|
||||
else if (proc_cmdline_key_streq(key, "ro") && !value)
|
||||
arg_root_rw = false;
|
||||
|
||||
return 0;
|
||||
@ -639,7 +683,7 @@ static int add_root_mount(void) {
|
||||
"/dev/gpt-auto-root",
|
||||
in_initrd() ? "/sysroot" : "/",
|
||||
NULL,
|
||||
arg_root_rw,
|
||||
arg_root_rw > 0,
|
||||
NULL,
|
||||
"Root Partition",
|
||||
in_initrd() ? SPECIAL_INITRD_ROOT_FS_TARGET : SPECIAL_LOCAL_FS_TARGET);
|
||||
|
@ -8,6 +8,7 @@
|
||||
#include <sys/wait.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "env-util.h"
|
||||
#include "exit-status.h"
|
||||
#include "log.h"
|
||||
#include "main-func.h"
|
||||
@ -19,13 +20,37 @@
|
||||
#include "strv.h"
|
||||
#include "util.h"
|
||||
|
||||
/* Goes through /etc/fstab and remounts all API file systems, applying
|
||||
* options that are in /etc/fstab that systemd might not have
|
||||
* respected */
|
||||
/* Goes through /etc/fstab and remounts all API file systems, applying options that are in /etc/fstab that systemd
|
||||
* might not have respected */
|
||||
|
||||
static int track_pid(Hashmap **h, const char *path, pid_t pid) {
|
||||
_cleanup_free_ char *c = NULL;
|
||||
int r;
|
||||
|
||||
assert(h);
|
||||
assert(path);
|
||||
assert(pid_is_valid(pid));
|
||||
|
||||
r = hashmap_ensure_allocated(h, NULL);
|
||||
if (r < 0)
|
||||
return log_oom();
|
||||
|
||||
c = strdup(path);
|
||||
if (!c)
|
||||
return log_oom();
|
||||
|
||||
r = hashmap_put(*h, PID_TO_PTR(pid), c);
|
||||
if (r < 0)
|
||||
return log_oom();
|
||||
|
||||
TAKE_PTR(c);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int run(int argc, char *argv[]) {
|
||||
_cleanup_hashmap_free_free_ Hashmap *pids = NULL;
|
||||
_cleanup_endmntent_ FILE *f = NULL;
|
||||
bool has_root = false;
|
||||
struct mntent* me;
|
||||
int r;
|
||||
|
||||
@ -39,57 +64,72 @@ static int run(int argc, char *argv[]) {
|
||||
|
||||
f = setmntent("/etc/fstab", "re");
|
||||
if (!f) {
|
||||
if (errno == ENOENT)
|
||||
return 0;
|
||||
if (errno != ENOENT)
|
||||
return log_error_errno(errno, "Failed to open /etc/fstab: %m");
|
||||
} else {
|
||||
while ((me = getmntent(f))) {
|
||||
pid_t pid;
|
||||
|
||||
return log_error_errno(errno, "Failed to open /etc/fstab: %m");
|
||||
/* Remount the root fs, /usr and all API VFS */
|
||||
if (!mount_point_is_api(me->mnt_dir) &&
|
||||
!PATH_IN_SET(me->mnt_dir, "/", "/usr"))
|
||||
continue;
|
||||
|
||||
log_debug("Remounting %s...", me->mnt_dir);
|
||||
|
||||
if (path_equal(me->mnt_dir, "/"))
|
||||
has_root = true;
|
||||
|
||||
r = safe_fork("(remount)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
execv(MOUNT_PATH, STRV_MAKE(MOUNT_PATH, me->mnt_dir, "-o", "remount"));
|
||||
log_error_errno(errno, "Failed to execute " MOUNT_PATH ": %m");
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
/* Parent */
|
||||
r = track_pid(&pids, me->mnt_dir, pid);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
}
|
||||
|
||||
pids = hashmap_new(NULL);
|
||||
if (!pids)
|
||||
return log_oom();
|
||||
if (!has_root) {
|
||||
/* The $SYSTEMD_REMOUNT_ROOT_RW environment variable is set by systemd-gpt-auto-generator to tell us
|
||||
* whether to remount things. We honour it only if there's no explicit line in /etc/fstab configured
|
||||
* which takes precedence. */
|
||||
|
||||
while ((me = getmntent(f))) {
|
||||
_cleanup_free_ char *s = NULL;
|
||||
pid_t pid;
|
||||
int k;
|
||||
r = getenv_bool("SYSTEMD_REMOUNT_ROOT_RW");
|
||||
if (r > 0) {
|
||||
pid_t pid;
|
||||
|
||||
/* Remount the root fs, /usr and all API VFS */
|
||||
if (!mount_point_is_api(me->mnt_dir) &&
|
||||
!path_equal(me->mnt_dir, "/") &&
|
||||
!path_equal(me->mnt_dir, "/usr"))
|
||||
continue;
|
||||
log_debug("Remounting / writable...");
|
||||
|
||||
log_debug("Remounting %s", me->mnt_dir);
|
||||
r = safe_fork("(remount-rw)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &pid);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
execv(MOUNT_PATH, STRV_MAKE(MOUNT_PATH, "/", "-o", "remount,rw"));
|
||||
log_error_errno(errno, "Failed to execute " MOUNT_PATH ": %m");
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
r = safe_fork("(remount)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
/* Child */
|
||||
r = track_pid(&pids, "/", pid);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
execv(MOUNT_PATH, STRV_MAKE(MOUNT_PATH, me->mnt_dir, "-o", "remount"));
|
||||
|
||||
log_error_errno(errno, "Failed to execute " MOUNT_PATH ": %m");
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
/* Parent */
|
||||
|
||||
s = strdup(me->mnt_dir);
|
||||
if (!s)
|
||||
return log_oom();
|
||||
|
||||
k = hashmap_put(pids, PID_TO_PTR(pid), s);
|
||||
if (k < 0)
|
||||
return log_oom();
|
||||
TAKE_PTR(s);
|
||||
} else if (r < 0 && r != -ENXIO)
|
||||
log_warning_errno(r, "Failed to parse $SYSTEMD_REMOUNT_ROOT_RW, ignoring: %m");
|
||||
}
|
||||
|
||||
r = 0;
|
||||
while (!hashmap_isempty(pids)) {
|
||||
siginfo_t si = {};
|
||||
_cleanup_free_ char *s = NULL;
|
||||
siginfo_t si = {};
|
||||
|
||||
if (waitid(P_ALL, 0, &si, WEXITED) < 0) {
|
||||
if (errno == EINTR)
|
||||
|
Loading…
Reference in New Issue
Block a user