From 714559fb3d582fb52bfde8589803ee6094857edd Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Wed, 17 Aug 2022 16:09:22 +0000 Subject: [PATCH] Handle ostree's non-writable /etc/kernel Signed-off-by: Robbie Harwood --- ...write-etc-kernel-cmdline-if-writable.patch | 57 +++++++++++++++++++ grub.patches | 1 + grub2.spec | 5 +- 3 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 0280-squish-BLS-only-write-etc-kernel-cmdline-if-writable.patch diff --git a/0280-squish-BLS-only-write-etc-kernel-cmdline-if-writable.patch b/0280-squish-BLS-only-write-etc-kernel-cmdline-if-writable.patch new file mode 100644 index 00000000..ed378b89 --- /dev/null +++ b/0280-squish-BLS-only-write-etc-kernel-cmdline-if-writable.patch @@ -0,0 +1,57 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jonathan Lebon +Date: Wed, 17 Aug 2022 10:26:03 -0400 +Subject: [PATCH] squish: BLS: only write /etc/kernel/cmdline if writable + +On OSTree systems, `grub2-mkconfig` is run with `/etc` mounted read-only +because as part of the promise of transactional updates, we want to make +sure that we're not modifying the current deployment's state (`/etc` or +`/var`). + +This conflicts with 0837dcdf1 ("BLS: create /etc/kernel/cmdline during +mkconfig") which wants to write to `/etc/kernel/cmdline`. I'm not +exactly sure on the background there, but based on the comment I think +the intent is to fulfill grubby's expectation that the file exists. + +However, in systems like Silverblue, kernel arguments are managed by the +rpm-ostree stack and grubby is not shipped at all. + +Adjust the script slightly so that we only write `/etc/kernel/cmdline` +if the parent directory is writable. + +In the future, we're hoping to simplify things further on rpm-ostree +systems by not running `grub2-mkconfig` at all since libostree already +directly writes BLS entries. Doing that would also have avoided this, +but ratcheting it into existing systems needs more careful thought. + +Signed-off-by: Jonathan Lebon + +Fixes: https://github.com/fedora-silverblue/issue-tracker/issues/322 +--- + util/grub.d/10_linux.in | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +index 5ad624bfec..e5e87a6d80 100644 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -161,12 +161,13 @@ update_bls_cmdline() + local cmdline="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" + local -a files=($(get_sorted_bls)) + +- if [[ ! -f /etc/kernel/cmdline ]] || +- [[ /etc/kernel/cmdline -ot /etc/default/grub ]]; then +- # anaconda has the correct information to create this during install; +- # afterward, grubby will take care of syncing on updates. If the user +- # has modified /etc/default/grub, try to cope. +- echo "$cmdline" > /etc/kernel/cmdline ++ if [ -w /etc/kernel ] && ++ [[ ! -f /etc/kernel/cmdline || ++ /etc/kernel/cmdline -ot /etc/default/grub ]]; then ++ # anaconda has the correct information to create this during install; ++ # afterward, grubby will take care of syncing on updates. If the user ++ # has modified /etc/default/grub, try to cope. ++ echo "$cmdline" > /etc/kernel/cmdline + fi + + for bls in "${files[@]}"; do diff --git a/grub.patches b/grub.patches index 3829ee89..b0acec4a 100644 --- a/grub.patches +++ b/grub.patches @@ -277,3 +277,4 @@ Patch0276: 0276-BLS-create-etc-kernel-cmdline-during-mkconfig.patch Patch0277: 0277-Try-reserving-less-ram.patch Patch0278: 0278-squish-don-t-dup-rhgb-quiet-check-mtimes.patch Patch0279: 0279-squish-give-up-on-rhgb-quiet.patch +Patch0280: 0280-squish-BLS-only-write-etc-kernel-cmdline-if-writable.patch diff --git a/grub2.spec b/grub2.spec index 9aa085ba..b9e4543a 100644 --- a/grub2.spec +++ b/grub2.spec @@ -17,7 +17,7 @@ Name: grub2 Epoch: 1 Version: 2.06 -Release: 51%{?dist} +Release: 52%{?dist} Summary: Bootloader with support for Linux, Multiboot and more License: GPLv3+ URL: http://www.gnu.org/software/grub/ @@ -530,6 +530,9 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %endif %changelog +* Wed Aug 17 2022 Robbie Harwood - 2.06-52 +- Handle ostree's non-writable /etc/kernel + * Wed Aug 17 2022 Robbie Harwood - 2.06-51 - Give up on rhgb quiet