From: Ed Tanous <ed.tanous@intel.com>
To: "Alexander A. Filippov" <a.filippov@yadro.com>,
"openbmc@lists.ozlabs.org" <openbmc@lists.ozlabs.org>
Subject: Re: Continuing discussion on Handling persistent files (/etc/group)during BMC updates
Date: Fri, 9 Aug 2019 08:43:02 -0700 [thread overview]
Message-ID: <20dcb81d-9048-508c-d890-757b1d78db14@intel.com> (raw)
In-Reply-To: <20190809073304.GA327@bbwork.lan>
On 8/9/19 12:33 AM, Alexander A. Filippov wrote:
> On Fri, Aug 09, 2019 at 12:19:32PM +0530, Raviteja Bailapudi wrote:
>> Hi all,
>>
>> We are looking for thoughts and perspectives on the way the persistent files
>> are managed across BMC code updates.
>>
>> The problem is regarding the code update where, as a part of code update we
>> don't touch any of the persistent files like /etc/group or /etc/passwor
>>
>> what if the new BMC image has an application which requires some changes to
>> be present in these persistent files ?
>>
>> For Example:
>> Let's say the BMC image which is used for code update has a new
>> feature(ex:avahi) and it requires avahi user and
>> the group to be present in the /etc/passwd and /etc/group to even kick start
>> it's daemon.
One way that I've seen work quite well in other production firmwares is
to treat it like you would a database schema, and simply generate the
"new" files via patching the existing file in a script that executes on
first new firmware startup. In general, when you're messing with these
files, you're either appending a new line, which would be done with a
script like:
if grep -Fxqv "avahi:x:41:" /etc/group
then
cat "avahi:x:41:" >> /etc/group
fi
or you're modifying an existing line, which would be done with a sed
replace.
In the above, we're checking to see if the file has been changed
appropriately before actually appending the line, to make sure that the
update only gets applied once. I've seen other cases where it makes
more sense to simply leave a separate marker file, with an arbitrary
revision number so that the BMC knows which updates it needs to apply.
It really all depends on what you're attempting to add and whether or
not it could conflict.
If you're careful about how you craft the matching regexes, and keep the
scripts around forever, you can generally transition files like that
from one firmware update to another without any ill effects.
The only case where it doesn't work is in the downgrade case, which gets
really tricky really fast, and why most vendors give a "your mileage may
vary" warning on downgrades, and recommend defaulting the configuration
after a downgrade.
next prev parent reply other threads:[~2019-08-09 15:43 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-09 6:49 Continuing discussion on Handling persistent files (/etc/group)during BMC updates Raviteja Bailapudi
2019-08-09 7:33 ` Alexander A. Filippov
2019-08-09 15:43 ` Ed Tanous [this message]
2019-08-21 8:40 ` Raviteja Bailapudi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20dcb81d-9048-508c-d890-757b1d78db14@intel.com \
--to=ed.tanous@intel.com \
--cc=a.filippov@yadro.com \
--cc=openbmc@lists.ozlabs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.