Backport a1c1c0b500
To aid https://github.com/coreos/fedora-coreos-config/pull/2783
This commit is contained in:
parent
a447541e7a
commit
68a1444bcb
@ -0,0 +1,53 @@
|
|||||||
|
From a1c1c0b500d23ff129adbfe9486a067788b24969 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Colin Walters <walters@verbum.org>
|
||||||
|
Date: Wed, 3 Jan 2024 14:01:38 -0500
|
||||||
|
Subject: [PATCH] prepare-root: Fix composefs + ostree admin unlock --hotfix
|
||||||
|
compat
|
||||||
|
|
||||||
|
There's a test case for `ostree admin unlock --hotfix` that
|
||||||
|
runs in FCOS, not here; it breaks when enabling composefs.
|
||||||
|
|
||||||
|
The reason is because the composefs is mounted readonly, and
|
||||||
|
we tried to remount it writable. Instead of trying to remount
|
||||||
|
the rootfs writable at this point forcibly, honor the
|
||||||
|
*real* sysroot readonly state flag from the underlying FS before
|
||||||
|
we mounted the composefs.
|
||||||
|
|
||||||
|
Note that in FCOS derivatives we always have the root mounted
|
||||||
|
writable via `rw` on the kernel cmdline and this is the default
|
||||||
|
general expectation now with ostree usage.
|
||||||
|
---
|
||||||
|
src/switchroot/ostree-prepare-root.c | 17 +++++------------
|
||||||
|
1 file changed, 5 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/switchroot/ostree-prepare-root.c b/src/switchroot/ostree-prepare-root.c
|
||||||
|
index 1a0539e1..d7c44e97 100644
|
||||||
|
--- a/src/switchroot/ostree-prepare-root.c
|
||||||
|
+++ b/src/switchroot/ostree-prepare-root.c
|
||||||
|
@@ -639,18 +639,11 @@ main (int argc, char *argv[])
|
||||||
|
const char usr_ovl_options[]
|
||||||
|
= "lowerdir=" TMP_SYSROOT "/usr,upperdir=.usr-ovl-upper,workdir=.usr-ovl-work";
|
||||||
|
|
||||||
|
- /* Except overlayfs barfs if we try to mount it on a read-only
|
||||||
|
- * filesystem. For this use case I think admins are going to be
|
||||||
|
- * okay if we remount the rootfs here, rather than waiting until
|
||||||
|
- * later boot and `systemd-remount-fs.service`.
|
||||||
|
- */
|
||||||
|
- if (path_is_on_readonly_fs (TMP_SYSROOT))
|
||||||
|
- {
|
||||||
|
- if (mount (TMP_SYSROOT, TMP_SYSROOT, NULL, MS_REMOUNT | MS_SILENT, NULL) < 0)
|
||||||
|
- err (EXIT_FAILURE, "failed to remount rootfs writable (for overlayfs)");
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if (mount ("overlay", TMP_SYSROOT "/usr", "overlay", MS_SILENT, usr_ovl_options) < 0)
|
||||||
|
+ unsigned long mflags = MS_SILENT;
|
||||||
|
+ // Propagate readonly state
|
||||||
|
+ if (!sysroot_currently_writable)
|
||||||
|
+ mflags |= MS_RDONLY;
|
||||||
|
+ if (mount ("overlay", TMP_SYSROOT "/usr", "overlay", mflags, usr_ovl_options) < 0)
|
||||||
|
err (EXIT_FAILURE, "failed to mount /usr overlayfs");
|
||||||
|
}
|
||||||
|
else if (!using_composefs)
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -18,6 +18,10 @@ Source0: https://github.com/ostreedev/%{name}/releases/download/v%{version}/libo
|
|||||||
License: LGPL-2.0-or-later
|
License: LGPL-2.0-or-later
|
||||||
URL: https://ostree.readthedocs.io/en/latest/
|
URL: https://ostree.readthedocs.io/en/latest/
|
||||||
|
|
||||||
|
# Backport https://github.com/ostreedev/ostree/pull/3129/commits/a1c1c0b500d23ff129adbfe9486a067788b24969
|
||||||
|
# To aid https://github.com/coreos/fedora-coreos-config/pull/2783
|
||||||
|
Patch0: 0001-prepare-root-Fix-composefs-ostree-admin-unlock-hotfi.patch
|
||||||
|
|
||||||
# Conditional to ELN right now to reduce blast radius; xref
|
# Conditional to ELN right now to reduce blast radius; xref
|
||||||
# https://github.com/containers/composefs/pull/229#issuecomment-1838735764
|
# https://github.com/containers/composefs/pull/229#issuecomment-1838735764
|
||||||
%if 0%{?rhel} >= 10
|
%if 0%{?rhel} >= 10
|
||||||
|
Loading…
Reference in New Issue
Block a user