* [cip-dev][isar-cip-core][PATCH] Bullseye: Fix journalctl on read-only
@ 2022-04-19 15:49 Q. Gylstorff
2022-04-21 5:28 ` Jan Kiszka
0 siblings, 1 reply; 2+ messages in thread
From: Q. Gylstorff @ 2022-04-19 15:49 UTC (permalink / raw)
To: jan.kiszka, cip-dev
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
If an image with a read-only partition and etc overlay
is build journalctl does not display the system log in
Debian Bullseye.
The log is available with the command `journalctl --merged'.
The root cause is overwriting the mount point for /etc/machine-id
by the etc-overlay. This leads to the usage of multiple machine-ids
and journalctl does not match the current used journal file to
the machine.
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
kas-cip.yml | 4 ++
...stproc-extension-Remove-etc-machine-.patch | 37 +++++++++++++++++++
2 files changed, 41 insertions(+)
create mode 100644 patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch
diff --git a/kas-cip.yml b/kas-cip.yml
index fce176b..2c2b7d7 100644
--- a/kas-cip.yml
+++ b/kas-cip.yml
@@ -29,6 +29,10 @@ repos:
fix-pseudo:
repo: cip-core
path: patches/isar/0001-Fix-permissions-when-splitting-rootfs-folders-across.patch
+ fix-machine-id:
+ repo: cip-core
+ path: patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch
+
bblayers_conf_header:
standard: |
diff --git a/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch b/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch
new file mode 100644
index 0000000..95b49ae
--- /dev/null
+++ b/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch
@@ -0,0 +1,37 @@
+From 6e72a422c52f9995f5ee3acca293b92a7c0194d9 Mon Sep 17 00:00:00 2001
+From: kas <kas@example.com>
+Date: Tue, 19 Apr 2022 14:52:54 +0000
+Subject: [PATCH] classes/image-postproc-extension: Remove /etc/machine-id
+
+In a read-only system the machine id should be deleted or
+set to `unitialized\n`[1].
+
+Systemd will generate a new machine-id during the first boot.
+In the case of a read-only root file system Systemd generates a mount point with
+the machine id. If an overlay for /etc is used this creates a mount conflict.
+To avoid the conflict between the overlay filesystem and systemd /etc/machine-id
+mount point deleted the file /etc/machine-id.
+
+[1]: https://systemd.io/BUILDING_IMAGES/
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ meta/classes/image-postproc-extension.bbclass | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass
+index ca520273..0c412c0d 100644
+--- a/meta/classes/image-postproc-extension.bbclass
++++ b/meta/classes/image-postproc-extension.bbclass
+@@ -57,7 +57,7 @@ ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id"
+ image_postprocess_machine_id() {
+ # systemd(1) takes care of recreating the machine-id on first boot
+ sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id'
+- sudo install -m 644 '/dev/null' '${IMAGE_ROOTFS}/etc/machine-id'
++ sudo rm -f '${IMAGE_ROOTFS}/etc/machine-id'
+ }
+
+ ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_sshd_key_regen"
+--
+2.35.1
+
--
2.35.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [cip-dev][isar-cip-core][PATCH] Bullseye: Fix journalctl on read-only
2022-04-19 15:49 [cip-dev][isar-cip-core][PATCH] Bullseye: Fix journalctl on read-only Q. Gylstorff
@ 2022-04-21 5:28 ` Jan Kiszka
0 siblings, 0 replies; 2+ messages in thread
From: Jan Kiszka @ 2022-04-21 5:28 UTC (permalink / raw)
To: Q. Gylstorff, cip-dev
On 19.04.22 17:49, Q. Gylstorff wrote:
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>
> If an image with a read-only partition and etc overlay
> is build journalctl does not display the system log in
> Debian Bullseye.
>
> The log is available with the command `journalctl --merged'.
>
> The root cause is overwriting the mount point for /etc/machine-id
> by the etc-overlay. This leads to the usage of multiple machine-ids
> and journalctl does not match the current used journal file to
> the machine.
>
> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> ---
> kas-cip.yml | 4 ++
> ...stproc-extension-Remove-etc-machine-.patch | 37 +++++++++++++++++++
> 2 files changed, 41 insertions(+)
> create mode 100644 patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch
>
> diff --git a/kas-cip.yml b/kas-cip.yml
> index fce176b..2c2b7d7 100644
> --- a/kas-cip.yml
> +++ b/kas-cip.yml
> @@ -29,6 +29,10 @@ repos:
> fix-pseudo:
> repo: cip-core
> path: patches/isar/0001-Fix-permissions-when-splitting-rootfs-folders-across.patch
> + fix-machine-id:
> + repo: cip-core
> + path: patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch
> +
>
> bblayers_conf_header:
> standard: |
> diff --git a/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch b/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch
> new file mode 100644
> index 0000000..95b49ae
> --- /dev/null
> +++ b/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch
> @@ -0,0 +1,37 @@
> +From 6e72a422c52f9995f5ee3acca293b92a7c0194d9 Mon Sep 17 00:00:00 2001
> +From: kas <kas@example.com>
> +Date: Tue, 19 Apr 2022 14:52:54 +0000
> +Subject: [PATCH] classes/image-postproc-extension: Remove /etc/machine-id
> +
> +In a read-only system the machine id should be deleted or
> +set to `unitialized\n`[1].
> +
> +Systemd will generate a new machine-id during the first boot.
> +In the case of a read-only root file system Systemd generates a mount point with
> +the machine id. If an overlay for /etc is used this creates a mount conflict.
> +To avoid the conflict between the overlay filesystem and systemd /etc/machine-id
> +mount point deleted the file /etc/machine-id.
> +
> +[1]: https://systemd.io/BUILDING_IMAGES/
> +
> +Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> +---
> + meta/classes/image-postproc-extension.bbclass | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass
> +index ca520273..0c412c0d 100644
> +--- a/meta/classes/image-postproc-extension.bbclass
> ++++ b/meta/classes/image-postproc-extension.bbclass
> +@@ -57,7 +57,7 @@ ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id"
> + image_postprocess_machine_id() {
> + # systemd(1) takes care of recreating the machine-id on first boot
> + sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id'
> +- sudo install -m 644 '/dev/null' '${IMAGE_ROOTFS}/etc/machine-id'
> ++ sudo rm -f '${IMAGE_ROOTFS}/etc/machine-id'
> + }
> +
> + ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_sshd_key_regen"
> +--
> +2.35.1
> +
As discussed directly already: It takes more than that to make systemd
happy, and the easiest approach will be mounting /etc overlay from
within the initramfs. I have a prototype working, but it will also need
a conversion of image-uuid to a cip-core-initramfs recipe so that it can
be applied to both secure and non-secure read-only setups. I'm on it.
Jan
--
Siemens AG, Technology
Competence Center Embedded Linux
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-04-21 16:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-19 15:49 [cip-dev][isar-cip-core][PATCH] Bullseye: Fix journalctl on read-only Q. Gylstorff
2022-04-21 5:28 ` Jan Kiszka
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.