mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-08 05:26:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

build_library/build_image_util.sh: Split base_image_var.conf into two

Browse Source 
We used to create a base_image_var.conf tmpfiles config file that
contained information about directories under /var that weren't
covered by any other tmpfiles config file. Recently some package
update started installing a directory under /var that belonged to a
user/group not found directly in passwd/group file in /etc. This
user/group was defined in passwd/group in /usr/share/baselayout, but
at the early boot, these are not yet checked for user/group
information, so systemd-tmpfiles running inside initrd failed when
trying to create such an entry using the base_image_var.conf tmpfiles
config file.

Split the base_image_var.conf into two files - base_image_var.conf and
base_image_var_late.conf. The former will only contain entries owned
by user/group that are supposed to exist very early in the boot, while
the latter will contain the rest of directories - those will be
created later during the boot.
This commit is contained in:
Krzesimir Nowak 2023-04-26 11:01:03 +02:00
parent 5bc546919f
commit 076e6940e2
1 changed files with 26 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
build_library/build_image_util.sh
View File

@ -744,11 +744,34 @@ finish_image() {
done done
# Record directories installed to the state partition. # Record directories installed to the state partition.
# Explicitly ignore entries covered by existing configs. # Explicitly ignore entries covered by existing configs.
local tmp_ignore=$(awk '/^[dDfFL]/ {print "--ignore=" $2}' \ local ignores=() allowed_users=() allowed_groups=()
mapfile -t ignores < <(awk '/^[dDfFL]/ {print "--ignore=" $2}' \
"${root_fs_dir}"/usr/lib/tmpfiles.d/*.conf) "${root_fs_dir}"/usr/lib/tmpfiles.d/*.conf)
# Also ignore directories owned by users/groups not in /etc/passwd
# or /etc/group. This is for setting up needed directories in very
# early boot phase (initrd-setup-root). Our source of truth for
# allowed users and groups are users and groups copied by the
# flatcar-tmpfiles script.
# The grep, sed and tr below basically turn a line like:
# COPY_USERS="root|core"
# into:
# --allow-user=root
# --allow-user=core
mapfile -t allowed_users < <(grep '^COPY_USERS=' "${root_fs_dir}/sbin/flatcar-tmpfiles" | sed -e 's/.*="\([^"]*\)"/\1/' | tr '|' '\n' | sed -e 's/^/--allow-user=/')
mapfile -t allowed_users < <(grep '^COPY_GROUPS=' "${root_fs_dir}/sbin/flatcar-tmpfiles" | sed -e 's/.*="\([^"]*\)"/\1/' | tr '|' '\n' | sed -e 's/^/--allow-group=/')
sudo "${BUILD_LIBRARY_DIR}/gen_tmpfiles.py" --root="${root_fs_dir}" \ sudo "${BUILD_LIBRARY_DIR}/gen_tmpfiles.py" --root="${root_fs_dir}" \
--output="${root_fs_dir}/usr/lib/tmpfiles.d/base_image_var.conf" \ --output="${root_fs_dir}/usr/lib/tmpfiles.d/base_image_var.conf" \
${tmp_ignore} "${root_fs_dir}/var" "${ignores[@]}" "${allowed_users[@]}" "${allowed_groups[@]}" "${root_fs_dir}/var"
# Now record the rest of the directories installed to the state
# partition. We go through tmpfiles again to also ignore the entries
# from the just generated base_image_var.conf.
mapfile -t ignores < <(awk '/^[dDfFL]/ {print "--ignore=" $2}' \
"${root_fs_dir}"/usr/lib/tmpfiles.d/*.conf)
sudo "${BUILD_LIBRARY_DIR}/gen_tmpfiles.py" --root="${root_fs_dir}" \
--output="${root_fs_dir}/usr/lib/tmpfiles.d/base_image_var_late.conf" \
"${ignores[@]}" "${root_fs_dir}/var"
# Only configure bootloaders if there is a boot partition # Only configure bootloaders if there is a boot partition
if mountpoint -q "${root_fs_dir}"/boot; then if mountpoint -q "${root_fs_dir}"/boot; then