Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--TODO3
-rw-r--r--docs/ENVIRONMENT.md8
-rw-r--r--src/gpt-auto-generator/gpt-auto-generator.c58
-rw-r--r--src/remount-fs/remount-fs.c132
4 files changed, 145 insertions, 56 deletions
diff --git a/TODO b/TODO
index 1fbffc740..24ec98416 100644
--- a/TODO
+++ b/TODO
@@ -46,9 +46,6 @@ Features:
inserting them into the kernel keyring. Maybe SecretsDirectory= similar to
ConfigurationDirectory=.
-* systemd-gpt-auto: if we find the root dir mounted read-only and the gpt flag
- doesn't say so generate job that remounts it writable
-
* when no locale is configured, default to UEFI's PlatformLang variable
* When logind.conf contains HandleLidSwitch=suspend-then-hibernate and we can't
diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md
index 038f3d2d1..619a57eb3 100644
--- a/docs/ENVIRONMENT.md
+++ b/docs/ENVIRONMENT.md
@@ -165,3 +165,11 @@ systemd itself:
* `$SYSTEMD_ACTIVATION_SCOPE` — closely related to `$SYSTEMD_ACTIVATION_UNIT`,
it is either set to `system` or `user` depending on whether the NSS/PAM
module is called by systemd in `--system` or `--user` mode.
+
+systemd-remount-fs:
+
+* `$SYSTEMD_REMOUNT_ROOT_RW=1` — if set and and no entry for the root directory
+ exists in /etc/fstab (this file always takes precedence), then the root
+ directory is remounted writable. This is primarily used by
+ systemd-gpt-auto-generator to ensure the root partition is mounted writable
+ in accordance to the GPT partition flags.
diff --git a/src/gpt-auto-generator/gpt-auto-generator.c b/src/gpt-auto-generator/gpt-auto-generator.c
index e9f3d7dab..d9e29c47f 100644
--- a/src/gpt-auto-generator/gpt-auto-generator.c
+++ b/src/gpt-auto-generator/gpt-auto-generator.c
@@ -39,7 +39,7 @@
static const char *arg_dest = NULL;
static bool arg_enabled = true;
static bool arg_root_enabled = true;
-static bool arg_root_rw = false;
+static int arg_root_rw = -1;
static int add_cryptsetup(const char *id, const char *what, bool rw, bool require, char **device) {
_cleanup_free_ char *e = NULL, *n = NULL, *d = NULL, *id_escaped = NULL, *what_escaped = NULL;
@@ -446,6 +446,43 @@ static int add_esp(DissectedPartition *p) {
}
#endif
+static int add_root_rw(DissectedPartition *p) {
+ const char *path;
+ int r;
+
+ assert(p);
+
+ if (in_initrd()) {
+ log_debug("In initrd, not generating drop-in for systemd-remount-fs.service.");
+ return 0;
+ }
+
+ if (arg_root_rw >= 0) {
+ log_debug("Parameter ro/rw specified on kernel command line, not generating drop-in for systemd-remount-fs.service.");
+ return 0;
+ }
+
+ if (!p->rw) {
+ log_debug("Root partition marked read-only in GPT partition table, not generating drop-in for systemd-remount-fs.service.");
+ return 0;
+ }
+
+ path = strjoina(arg_dest, "/systemd-remount-fs.service.d/50-remount-rw.conf");
+ (void) mkdir_parents(path, 0755);
+
+ r = write_string_file(path,
+ "# Automatically generated by systemd-gpt-generator\n\n"
+ "[Unit]\n"
+ "ConditionPathExists=\n\n" /* We need to turn off the ConditionPathExist= in the main unit file */
+ "[Service]\n"
+ "Environment=SYSTEMD_REMOUNT_ROOT_RW=1\n",
+ WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_NOFOLLOW);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write drop-in file %s: %m", path);
+
+ return 0;
+}
+
static int open_parent(dev_t devnum, int *ret) {
_cleanup_(sd_device_unrefp) sd_device *d = NULL;
const char *name, *devtype, *node;
@@ -550,6 +587,12 @@ static int enumerate_partitions(dev_t devnum) {
r = k;
}
+ if (m->partitions[PARTITION_ROOT].found) {
+ k = add_root_rw(m->partitions + PARTITION_ROOT);
+ if (k < 0)
+ r = k;
+ }
+
return r;
}
@@ -558,7 +601,8 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
assert(key);
- if (STR_IN_SET(key, "systemd.gpt_auto", "rd.systemd.gpt_auto")) {
+ if (proc_cmdline_key_streq(key, "systemd.gpt_auto") ||
+ proc_cmdline_key_streq(key, "rd.systemd.gpt_auto")) {
r = value ? parse_boolean(value) : 1;
if (r < 0)
@@ -566,7 +610,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
else
arg_enabled = r;
- } else if (streq(key, "root")) {
+ } else if (proc_cmdline_key_streq(key, "root")) {
if (proc_cmdline_value_missing(key, value))
return 0;
@@ -576,7 +620,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
arg_root_enabled = streq(value, "gpt-auto");
- } else if (streq(key, "roothash")) {
+ } else if (proc_cmdline_key_streq(key, "roothash")) {
if (proc_cmdline_value_missing(key, value))
return 0;
@@ -585,9 +629,9 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
arg_root_enabled = false;
- } else if (streq(key, "rw") && !value)
+ } else if (proc_cmdline_key_streq(key, "rw") && !value)
arg_root_rw = true;
- else if (streq(key, "ro") && !value)
+ else if (proc_cmdline_key_streq(key, "ro") && !value)
arg_root_rw = false;
return 0;
@@ -639,7 +683,7 @@ static int add_root_mount(void) {
"/dev/gpt-auto-root",
in_initrd() ? "/sysroot" : "/",
NULL,
- arg_root_rw,
+ arg_root_rw > 0,
NULL,
"Root Partition",
in_initrd() ? SPECIAL_INITRD_ROOT_FS_TARGET : SPECIAL_LOCAL_FS_TARGET);
diff --git a/src/remount-fs/remount-fs.c b/src/remount-fs/remount-fs.c
index af92ddb96..0bac355e0 100644
--- a/src/remount-fs/remount-fs.c
+++ b/src/remount-fs/remount-fs.c
@@ -8,6 +8,7 @@
#include <sys/wait.h>
#include <unistd.h>
+#include "env-util.h"
#include "exit-status.h"
#include "log.h"
#include "main-func.h"
@@ -19,13 +20,37 @@
#include "strv.h"
#include "util.h"
-/* Goes through /etc/fstab and remounts all API file systems, applying
- * options that are in /etc/fstab that systemd might not have
- * respected */
+/* Goes through /etc/fstab and remounts all API file systems, applying options that are in /etc/fstab that systemd
+ * might not have respected */
+
+static int track_pid(Hashmap **h, const char *path, pid_t pid) {
+ _cleanup_free_ char *c = NULL;
+ int r;
+
+ assert(h);
+ assert(path);
+ assert(pid_is_valid(pid));
+
+ r = hashmap_ensure_allocated(h, NULL);
+ if (r < 0)
+ return log_oom();
+
+ c = strdup(path);
+ if (!c)
+ return log_oom();
+
+ r = hashmap_put(*h, PID_TO_PTR(pid), c);
+ if (r < 0)
+ return log_oom();
+
+ TAKE_PTR(c);
+ return 0;
+}
static int run(int argc, char *argv[]) {
_cleanup_hashmap_free_free_ Hashmap *pids = NULL;
_cleanup_endmntent_ FILE *f = NULL;
+ bool has_root = false;
struct mntent* me;
int r;
@@ -39,57 +64,72 @@ static int run(int argc, char *argv[]) {
f = setmntent("/etc/fstab", "re");
if (!f) {
- if (errno == ENOENT)
- return 0;
-
- return log_error_errno(errno, "Failed to open /etc/fstab: %m");
- }
-
- pids = hashmap_new(NULL);
- if (!pids)
- return log_oom();
-
- while ((me = getmntent(f))) {
- _cleanup_free_ char *s = NULL;
- pid_t pid;
- int k;
-
- /* Remount the root fs, /usr and all API VFS */
- if (!mount_point_is_api(me->mnt_dir) &&
- !path_equal(me->mnt_dir, "/") &&
- !path_equal(me->mnt_dir, "/usr"))
- continue;
-
- log_debug("Remounting %s", me->mnt_dir);
-
- r = safe_fork("(remount)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid);
- if (r < 0)
- return r;
- if (r == 0) {
- /* Child */
-
- execv(MOUNT_PATH, STRV_MAKE(MOUNT_PATH, me->mnt_dir, "-o", "remount"));
+ if (errno != ENOENT)
+ return log_error_errno(errno, "Failed to open /etc/fstab: %m");
+ } else {
+ while ((me = getmntent(f))) {
+ pid_t pid;
+
+ /* Remount the root fs, /usr and all API VFS */
+ if (!mount_point_is_api(me->mnt_dir) &&
+ !PATH_IN_SET(me->mnt_dir, "/", "/usr"))
+ continue;
- log_error_errno(errno, "Failed to execute " MOUNT_PATH ": %m");
- _exit(EXIT_FAILURE);
+ log_debug("Remounting %s...", me->mnt_dir);
+
+ if (path_equal(me->mnt_dir, "/"))
+ has_root = true;
+
+ r = safe_fork("(remount)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid);
+ if (r < 0)
+ return r;
+ if (r == 0) {
+ /* Child */
+ execv(MOUNT_PATH, STRV_MAKE(MOUNT_PATH, me->mnt_dir, "-o", "remount"));
+ log_error_errno(errno, "Failed to execute " MOUNT_PATH ": %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ /* Parent */
+ r = track_pid(&pids, me->mnt_dir, pid);
+ if (r < 0)
+ return r;
}
+ }
- /* Parent */
-
- s = strdup(me->mnt_dir);
- if (!s)
- return log_oom();
-
- k = hashmap_put(pids, PID_TO_PTR(pid), s);
- if (k < 0)
- return log_oom();
- TAKE_PTR(s);
+ if (!has_root) {
+ /* The $SYSTEMD_REMOUNT_ROOT_RW environment variable is set by systemd-gpt-auto-generator to tell us
+ * whether to remount things. We honour it only if there's no explicit line in /etc/fstab configured
+ * which takes precedence. */
+
+ r = getenv_bool("SYSTEMD_REMOUNT_ROOT_RW");
+ if (r > 0) {
+ pid_t pid;
+
+ log_debug("Remounting / writable...");
+
+ r = safe_fork("(remount-rw)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &pid);
+ if (r < 0)
+ return r;
+ if (r == 0) {
+ /* Child */
+ execv(MOUNT_PATH, STRV_MAKE(MOUNT_PATH, "/", "-o", "remount,rw"));
+ log_error_errno(errno, "Failed to execute " MOUNT_PATH ": %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ r = track_pid(&pids, "/", pid);
+ if (r < 0)
+ return r;
+
+ } else if (r < 0 && r != -ENXIO)
+ log_warning_errno(r, "Failed to parse $SYSTEMD_REMOUNT_ROOT_RW, ignoring: %m");
}
r = 0;
while (!hashmap_isempty(pids)) {
- siginfo_t si = {};
_cleanup_free_ char *s = NULL;
+ siginfo_t si = {};
if (waitid(P_ALL, 0, &si, WEXITED) < 0) {
if (errno == EINTR)