* [PATCH V2 1/2] initscripts: support read-only rootfs
[not found] <cover.1356403679.git.Qi.Chen@windriver.com>
@ 2012-12-25 2:55 ` Qi.Chen
2012-12-25 2:55 ` [PATCH V2 2/2] rootfs: support read-only-rootfs image feature Qi.Chen
1 sibling, 0 replies; 2+ messages in thread
From: Qi.Chen @ 2012-12-25 2:55 UTC (permalink / raw)
To: openembedded-core; +Cc: Zhenfeng.Zhao
From: Chen Qi <Qi.Chen@windriver.com>
Add read-only rootfs support to sysvinit startup system.
The main ideas here are:
1) Let populate-volatile.sh run at rootfs time to set up basic
directories and files needed by read-only rootfs.
2) Use symbolic links to create the illusion that some directories/files
are writable.
Two extra config files for read-only rootfs support are created, one for
minimal image -- volatiles-readonly-minimal, and the other for sato
image -- volatiles-readonly-sato.
[YOCTO #3404]
[YOCTO #3406]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
.../initscripts/initscripts-1.0/bootmisc.sh | 9 +-
.../initscripts-1.0/populate-volatile.sh | 285 ++++++++++----------
.../initscripts/initscripts-1.0/volatiles | 1 +
.../initscripts-1.0/volatiles-readonly-minimal | 23 ++
.../initscripts-1.0/volatiles-readonly-sato | 30 +++
meta/recipes-core/initscripts/initscripts_1.0.bb | 15 +-
6 files changed, 210 insertions(+), 153 deletions(-)
create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal
create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
index 4f76cb4..3b5a47f 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
@@ -54,14 +54,7 @@ fi
#
# This is as good a place as any for a sanity check
-# /tmp should be a symlink to /var/tmp to cut down on the number
-# of mounted ramdisks.
-if test ! -L /tmp && test -d /var/tmp
-then
- rm -rf /tmp
- ln -sf /var/tmp /tmp
-fi
-
+#
# Set the system clock from hardware clock
# If the timestamp is more recent than the current time,
# use the timestamp instead.
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
index d2175d7..9c1ce23 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
@@ -8,192 +8,191 @@
# Short-Description: Populate the volatile filesystem
### END INIT INFO
-. /etc/default/rcS
-
-CFGDIR="/etc/default/volatiles"
-TMPROOT="/var/tmp"
+# Get ROOT_DIR
+DIRNAME=`dirname $0`
+ROOT_DIR=`echo $DIRNAME | sed -ne 's:etc/.*::p'`
+
+. ${ROOT_DIR}/etc/default/rcS
+# Test whether rootfs is read-only or not
+if > ${ROOT_DIR}/etc/test-read-write; then
+ ROOTFS_READ_ONLY=no
+ rm ${ROOT_DIR}/etc/test-read-write
+else
+ ROOTFS_READ_ONLY=yes
+fi 2>/dev/null
+
+# When running populat-volatile.sh at rootfs time, disable cache.
+[ "$ROOT_DIR" != "/" ] && VOLATILE_ENABLE_CACHE=no
+# If rootfs is read-only, disable cache.
+[ "$ROOTFS_READ_ONLY" = "yes" ] && VOLATILE_ENABLE_CACHE=no
+# All above statements will be moved to a central place, say var.sh which
+# encapsulates '. /etc/default/rcS'.
+
+CFGDIR="${ROOT_DIR}/etc/default/volatiles"
+TMPROOT="${ROOT_DIR}/var/volatile/tmp"
COREDEF="00_core"
+COREDEF_READONLY="00_core_readonly"
-[ "${VERBOSE}" != "no" ] && echo "Populating volatile Filesystems."
+[ "${VERBOSE}" != "no" ] && echo "Setting up basic files related to volatile storage under ${ROOT_DIR}."
create_file() {
- EXEC="
- touch \"$1\";
- chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1;
- chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 "
+ EXEC="
+ touch \"$1\";
+ chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" > /dev/null 2>&1;
+ chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" > /dev/null 2>&1 "
test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build
[ -e "$1" ] && {
- [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping."
+ [ "${VERBOSE}" != "no" ] && echo "Target $1 already exists. Skipping."
} || {
- eval $EXEC &
+ if [ "$ROOT_DIR" = "/" ]; then
+ eval $EXEC
+ else
+ # Some operations at rootfs time may fail and should fail,
+ # but these failures should not be logged.
+ eval $EXEC > /dev/null 2>&1
+ fi
}
}
mk_dir() {
EXEC="
mkdir -p \"$1\";
- chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1;
- chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 "
+ chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" 2>&1;
+ chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" 2>&1 "
test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build
[ -e "$1" ] && {
- [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping."
+ [ "${VERBOSE}" != "no" ] && echo "Target ${1} already exists. Skipping."
} || {
- eval $EXEC
+ if [ "$ROOT_DIR" = "/" ]; then
+ eval $EXEC
+ else
+ # Some operations at rootfs time may fail and should fail,
+ # but these failures should not be logged.
+ eval $EXEC > /dev/null 2>&1
+ fi
}
}
link_file() {
- EXEC="test -e \"$2\" -o -L $2 || ln -s \"$1\" \"$2\" >/dev/tty0 2>&1"
-
- test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build
-
- [ -e "$2" ] && {
- echo "Cannot create link over existing -${TNAME}-." >&2
- } || {
- eval $EXEC &
- }
+ EXEC="
+ if [ -L \"$2\" ]; then
+ [ \"$(readlink -f \"$2\")\" != \"$(readlink -f \"$1\")\" ] && { rm -f \"$2\"; ln -sf \"$1\" \"$2\"; };
+ elif [ -d \"$2\" ]; then
+ rm -rf \"$2\";
+ ln -sf \"$1\" \"$2\";
+ else
+ ln -sf \"$1\" \"$2\";
+ fi
+ "
+ test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build
+ if [ "$ROOT_DIR" = "/" ]; then
+ eval $EXEC
+ else
+ # Some operations at rootfs time may fail and should fail,
+ # but these failures should not be logged
+ eval $EXEC > /dev/null 2>&1
+ fi
}
check_requirements() {
+ cleanup() {
+ rm "${TMP_INTERMED}"
+ rm "${TMP_DEFINED}"
+ rm "${TMP_COMBINED}"
+ }
+
+ CFGFILE="$1"
+ [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0
+ [ `basename "${CFGFILE}"` = "${COREDEF_READONLY}" ] && return 0
+ TMP_INTERMED="${TMPROOT}/tmp.$$"
+ TMP_DEFINED="${TMPROOT}/tmpdefined.$$"
+ TMP_COMBINED="${TMPROOT}/tmpcombined.$$"
+
+ cat ${ROOT_DIR}/etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
+ cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}"
+ cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
+ NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`"
+ NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`"
+
+ [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && {
+ echo "Undefined users:"
+ diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
+ cleanup
+ return 1
+ }
- cleanup() {
- rm "${TMP_INTERMED}"
- rm "${TMP_DEFINED}"
- rm "${TMP_COMBINED}"
- }
-
- CFGFILE="$1"
-
- [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0
-
- TMP_INTERMED="${TMPROOT}/tmp.$$"
- TMP_DEFINED="${TMPROOT}/tmpdefined.$$"
- TMP_COMBINED="${TMPROOT}/tmpcombined.$$"
-
-
- cat /etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
- cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}"
- cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
-
- NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`"
- NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`"
-
- [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && {
- echo "Undefined users:"
- diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
- cleanup
- return 1
- }
-
-
- cat /etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
- cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}"
- cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
- NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`"
- NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`"
+ cat ${ROOT_DIR}/etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
+ cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}"
+ cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
- [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && {
- echo "Undefined groups:"
- diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
- cleanup
- return 1
- }
+ NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`"
+ NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`"
- # Add checks for required directories here
+ [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && {
+ echo "Undefined groups:"
+ diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
+ cleanup
+ return 1
+ }
- cleanup
- return 0
- }
+ cleanup
+ return 0
+}
apply_cfgfile() {
+ CFGFILE="$1"
+ [ ${VERBOSE} != "no" ] && echo "Applying config file: $CFGFILE"
+
+ check_requirements "${CFGFILE}" || {
+ echo "Skipping ${CFGFILE}"
+ return 1
+ }
+
+ cat ${CFGFILE} | grep -v "^#" | sed -e '/^$/ d' | \
+ while read LINE; do
+ eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"`
+ TNAME=${ROOT_DIR}/${TNAME}
+ [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-."
+
+ [ "${TTYPE}" = "l" ] && {
+ TSOURCE="$TLTARGET"
+ [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-."
+ link_file "${TSOURCE}" "${TNAME}"
+ continue
+ }
+ case "${TTYPE}" in
+ "f") [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-."
+ create_file "${TNAME}"
+ ;;
+ "d") [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-."
+ mk_dir "${TNAME}"
+ ;;
+ *) [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-."
+ continue
+ ;;
+ esac
+ done
+ return 0
+}
- CFGFILE="$1"
-
- check_requirements "${CFGFILE}" || {
- echo "Skipping ${CFGFILE}"
- return 1
- }
-
- cat ${CFGFILE} | grep -v "^#" | \
- while read LINE; do
-
- eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"`
-
- [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-."
-
-
- [ "${TTYPE}" = "l" ] && {
- TSOURCE="$TLTARGET"
- [ -L "${TNAME}" ] || {
- [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-."
- link_file "${TSOURCE}" "${TNAME}" &
- }
- continue
- }
-
- [ -L "${TNAME}" ] && {
- [ "${VERBOSE}" != "no" ] && echo "Found link."
- NEWNAME=`ls -l "${TNAME}" | sed -e 's/^.*-> \(.*\)$/\1/'`
- echo ${NEWNAME} | grep -v "^/" >/dev/null && {
- TNAME="`echo ${TNAME} | sed -e 's@\(.*\)/.*@\1@'`/${NEWNAME}"
- [ "${VERBOSE}" != "no" ] && echo "Converted relative linktarget to absolute path -${TNAME}-."
- } || {
- TNAME="${NEWNAME}"
- [ "${VERBOSE}" != "no" ] && echo "Using absolute link target -${TNAME}-."
- }
- }
-
- case "${TTYPE}" in
- "f") [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-."
- create_file "${TNAME}" &
- ;;
- "d") [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-."
- mk_dir "${TNAME}"
- # Add check to see if there's an entry in fstab to mount.
- ;;
- *) [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-."
- continue
- ;;
- esac
-
-
- done
-
- return 0
-
- }
-
-clearcache=0
-exec 9</proc/cmdline
-while read line <&9
-do
- case "$line" in
- *clearcache*) clearcache=1
- ;;
- *) continue
- ;;
- esac
-done
-exec 9>&-
-
-if test -e /etc/volatile.cache -a "$VOLATILE_ENABLE_CACHE" = "yes" -a "x$1" != "xupdate" -a "x$clearcache" = "x0"
+if test -e ${ROOT_DIR}/etc/volatile.cache -a $VOLATILE_ENABLE_CACHE = yes -a x$1 != xupdate
then
- sh /etc/volatile.cache
+ sh ${ROOT_DIR}/etc/volatile.cache
else
- rm -f /etc/volatile.cache /etc/volatile.cache.build
+ rm -f ${ROOT_DRI}/etc/volatile.cache ${ROOT_DIR}/etc/volatile.cache.build
for file in `ls -1 "${CFGDIR}" | sort`; do
apply_cfgfile "${CFGDIR}/${file}"
done
- [ -e /etc/volatile.cache.build ] && sync && mv /etc/volatile.cache.build /etc/volatile.cache
+ [ -e ${ROOT_DIR}/etc/volatile.cache.build ] && sync && mv ${ROOT_DIR}/etc/volatile.cache.build ${ROOT_DIR}/etc/volatile.cache
fi
-if test -f /etc/ld.so.cache -a ! -f /var/run/ld.so.cache
+if [ "${ROOT_DIR}" = "/" ] && [ -f /etc/ld.so.cache ] && [ ! -f /var/run/ld.so.cache ]
then
ln -s /etc/ld.so.cache /var/run/ld.so.cache
fi
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles b/meta/recipes-core/initscripts/initscripts-1.0/volatiles
index e0741aa..f7e2ef7 100644
--- a/meta/recipes-core/initscripts/initscripts-1.0/volatiles
+++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles
@@ -31,6 +31,7 @@ l root root 1777 /var/lock /var/volatile/lock
l root root 0755 /var/log /var/volatile/log
l root root 0755 /var/run /var/volatile/run
l root root 1777 /var/tmp /var/volatile/tmp
+l root root 1777 /tmp /var/tmp
d root root 0755 /var/lock/subsys none
f root root 0664 /var/log/wtmp none
f root root 0664 /var/run/utmp none
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal
new file mode 100644
index 0000000..6169ecc
--- /dev/null
+++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal
@@ -0,0 +1,23 @@
+# This configuration file lists filesystem objects specific to readonly rootfs
+# that should get verified during startup and be created if missing.
+#
+# Every line must either be a comment starting with #
+# or a definition of format:
+# <type> <owner> <group> <mode> <path> <linksource>
+# where the items are separated by whitespace !
+#
+# <type> : d|f|l : (d)irectory|(f)ile|(l)ink
+#
+# A linking example:
+# l root root 0777 /var/test /tmp/testfile
+# f root root 0644 /var/test none
+#
+# Understanding links:
+# When populate-volatile is to verify/create a directory or file, it will first
+# check its existence. If a link is found to exist in the place of the target,
+# the path of the target is replaced with the target the link points to.
+# Thus, if a link is in the place to be verified, the object will be created
+# in the place the link points to instead.
+# This explains the order of "link before object" as in the example above, where
+# a link will be created at /var/test pointing to /tmp/testfile and due to this
+# link the file defined as /var/test will actually be created as /tmp/testfile.
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato
new file mode 100644
index 0000000..e128869
--- /dev/null
+++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato
@@ -0,0 +1,30 @@
+# This configuration file lists filesystem objects specific to readonly rootfs
+# that should get verified during startup and be created if missing.
+#
+# Every line must either be a comment starting with #
+# or a definition of format:
+# <type> <owner> <group> <mode> <path> <linksource>
+# where the items are separated by whitespace !
+#
+# <type> : d|f|l : (d)irectory|(f)ile|(l)ink
+#
+# A linking example:
+# l root root 0777 /var/test /tmp/testfile
+# f root root 0644 /var/test none
+#
+# Understanding links:
+# When populate-volatile is to verify/create a directory or file, it will first
+# check it's existence. If a link is found to exist in the place of the target,
+# the path of the target is replaced with the target the link points to.
+# Thus, if a link is in the place to be verified, the object will be created
+# in the place the link points to instead.
+# This explains the order of "link before object" as in the example above, where
+# a link will be created at /var/test pointing to /tmp/testfile and due to this
+# link the file defined as /var/test will actually be created as /tmp/testfile.
+d root root 0755 /var/volatile/lib/ none
+d root root 0755 /var/volatile/lib/dropbear/ none
+d root root 0755 /var/volatile/lib/nfs/ none
+d root root 1777 /var/volatile/lib/dbus/ none
+l root root 0755 /var/lib/dropbear /var/volatile/lib/dropbear
+l root root 0755 /var/lib/nfs /var/volatile/lib/nfs
+l root root 0755 /var/lib/dbus /var/volatile/lib/dbus
diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb
index 39be9a8..d0869ea 100644
--- a/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -3,7 +3,7 @@ DESCRIPTION = "Initscripts provide the basic system startup initialization scrip
SECTION = "base"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
-PR = "r138"
+PR = "r139"
INHIBIT_DEFAULT_DEPS = "1"
@@ -30,8 +30,10 @@ SRC_URI = "file://functions \
file://device_table.txt \
file://populate-volatile.sh \
file://volatiles \
+ file://volatiles-readonly-minimal \
+ file://volatiles-readonly-sato \
file://save-rtc.sh \
- file://GPLv2.patch"
+ file://GPLv2.patch"
SRC_URI_append_arm = " file://alignment.sh"
@@ -86,6 +88,15 @@ do_install () {
install -m 0755 ${WORKDIR}/populate-volatile.sh ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/save-rtc.sh ${D}${sysconfdir}/init.d
install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/00_core
+ # Install read-only rootfs specific config files in case of an read-only-rootfs image
+ if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false" ,d)}; then
+ if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then
+ install -m 0644 ${WORKDIR}/volatiles-readonly-sato ${D}${sysconfdir}/default/volatiles/00_core_readonly
+ else
+ install -m 0644 ${WORKDIR}/volatiles-readonly-minimal ${D}${sysconfdir}/default/volatiles/00_core_readonly
+ fi
+ fi
+
if [ "${TARGET_ARCH}" = "arm" ]; then
install -m 0755 ${WORKDIR}/alignment.sh ${D}${sysconfdir}/init.d
fi
--
1.7.9.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [PATCH V2 2/2] rootfs: support read-only-rootfs image feature
[not found] <cover.1356403679.git.Qi.Chen@windriver.com>
2012-12-25 2:55 ` [PATCH V2 1/2] initscripts: support read-only rootfs Qi.Chen
@ 2012-12-25 2:55 ` Qi.Chen
1 sibling, 0 replies; 2+ messages in thread
From: Qi.Chen @ 2012-12-25 2:55 UTC (permalink / raw)
To: openembedded-core; +Cc: Zhenfeng.Zhao
From: Chen Qi <Qi.Chen@windriver.com>
Two small tweaks at rootfs time:
1) If IMAGE_FEATUERS contains 'read-only-rootfs', we make
populate-volatile.sh run at rootfs time to set up basic files and
directories.
2) If IMAGE_FEATURES contains 'read-only-rootfs', mount options in
/etc/fstab is automatically tweaked to the appropriate value.
[YOCTO #3406]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
meta/classes/core-image.bbclass | 4 +++-
meta/classes/image.bbclass | 6 ++++++
meta/classes/rootfs_deb.bbclass | 14 ++++++++++++++
meta/classes/rootfs_ipk.bbclass | 15 +++++++++++++++
meta/classes/rootfs_rpm.bbclass | 20 +++++++++++++++++++-
5 files changed, 57 insertions(+), 2 deletions(-)
diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass
index 2e67018..ee0b397 100644
--- a/meta/classes/core-image.bbclass
+++ b/meta/classes/core-image.bbclass
@@ -28,6 +28,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3
# - dev-pkgs - development packages (headers, etc.) for all installed packages in the rootfs
# - dbg-pkgs - debug symbol packages for all installed packages in the rootfs
# - doc-pkgs - documentation packages for all installed packages in the rootfs
+# - read-only-rootfs - tweaks an image to support read-only rootfs
#
PACKAGE_GROUP_x11 = "packagegroup-core-x11"
PACKAGE_GROUP_x11-base = "packagegroup-core-x11-base"
@@ -78,4 +79,5 @@ ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; "
ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}'
# Allow openssh accept empty password login if both debug-tweaks and ssh-server-openssh are enabled
ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", "openssh_allow_empty_password; ", "",d)}'
-
+# Tweak the mount options for rootfs in /etc/fstab if read-only-rootfs is enabled
+ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "fstab_tweak_mount_opt; ", "",d)}'
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 8bf718a..3854ee7 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -394,6 +394,12 @@ zap_root_password () {
mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
}
+# Change the mount options for rootfs in case of a read-only-rootfs image
+fstab_tweak_mount_opt () {
+ sed '/rootfs/ s/defaults/ro/' < ${IMAGE_ROOTFS}/etc/fstab > ${IMAGE_ROOTFS}/etc/fstab.new
+ mv ${IMAGE_ROOTFS}/etc/fstab.new ${IMAGE_ROOTFS}/etc/fstab
+}
+
# allow openssh accept login with empty password string
openssh_allow_empty_password () {
if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
diff --git a/meta/classes/rootfs_deb.bbclass b/meta/classes/rootfs_deb.bbclass
index 293953d..052d5d9 100644
--- a/meta/classes/rootfs_deb.bbclass
+++ b/meta/classes/rootfs_deb.bbclass
@@ -84,6 +84,20 @@ fakeroot rootfs_deb_do_rootfs () {
${ROOTFS_POSTPROCESS_COMMAND}
+ # Let populate-volatile.sh run at rootfs time in case of an read-only rootfs
+ if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then
+ if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
+ echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
+ exit 1
+ else
+ ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
+ if [ $? != 0 ]; then
+ echo "Running populate-volatile.sh under ${IMAGE_ROOTFS} failed"
+ exit 1
+ fi
+ fi
+ fi
+
log_check rootfs
}
diff --git a/meta/classes/rootfs_ipk.bbclass b/meta/classes/rootfs_ipk.bbclass
index 5c962de..b851049 100644
--- a/meta/classes/rootfs_ipk.bbclass
+++ b/meta/classes/rootfs_ipk.bbclass
@@ -114,6 +114,21 @@ fakeroot rootfs_ipk_do_rootfs () {
remove_packaging_data_files
fi
fi
+
+ # Let populate-volatile.sh run at rootfs time in case of a read-only-rootfs image
+ if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then
+ if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
+ echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
+ exit 1
+ else
+ ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
+ if [ $? != 0 ]; then
+ echo "Running populate-volatile.sh under ${IMAGE_ROOTFS} failed"
+ exit 1
+ fi
+ fi
+ fi
+
set +x
log_check rootfs
}
diff --git a/meta/classes/rootfs_rpm.bbclass b/meta/classes/rootfs_rpm.bbclass
index f7e4c5e..733764a 100644
--- a/meta/classes/rootfs_rpm.bbclass
+++ b/meta/classes/rootfs_rpm.bbclass
@@ -89,6 +89,8 @@ fakeroot rootfs_rpm_do_rootfs () {
# Report delayed package scriptlets
for i in ${IMAGE_ROOTFS}/etc/rpm-postinsts/*; do
+ # We should add a check here to check whether we're building a read-only rootfs
+ # If so, exit 1, because there are still postintalls that are to be run on target.
if [ -f $i ]; then
echo "Delayed package scriptlet: `head -n 3 $i | tail -n 1`"
fi
@@ -104,7 +106,7 @@ for i in /etc/rpm-postinsts/*; do
if [ -f $i ] && $i; then
rm $i
else
- echo "ERROR: postinst $i failed."
+ [ -f $i ] && echo "ERROR: postinst $i failed."
fi
done
rm -f ${sysconfdir}/rcS.d/S${POSTINSTALL_INITPOSITION}run-postinsts
@@ -127,6 +129,22 @@ EOF
# Remove all remaining resolver files
rm -rf ${IMAGE_ROOTFS}/install
+ # Run init scripts that are necessary in case of an read-only rootfs
+ if ${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "true", "false", d)}; then
+ if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
+ echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
+ exit 1
+ else
+ # Run populate_volatile.sh under ${IMAGE_ROOTFS} to set up basic
+ # directories and files which are related to volatile storage.
+ ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
+ if [ $? != 0 ]; then
+ echo "Running populate-volatile.sh under ${IMAGE_ROOTFS} failed"
+ exit 1
+ fi
+ fi
+ fi
+
log_check rootfs
}
--
1.7.9.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-12-25 3:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <cover.1356403679.git.Qi.Chen@windriver.com>
2012-12-25 2:55 ` [PATCH V2 1/2] initscripts: support read-only rootfs Qi.Chen
2012-12-25 2:55 ` [PATCH V2 2/2] rootfs: support read-only-rootfs image feature Qi.Chen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.