From a1c1c0b500d23ff129adbfe9486a067788b24969 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 3 Jan 2024 14:01:38 -0500 Subject: [PATCH] prepare-root: Fix composefs + ostree admin unlock --hotfix compat There's a test case for `ostree admin unlock --hotfix` that runs in FCOS, not here; it breaks when enabling composefs. The reason is because the composefs is mounted readonly, and we tried to remount it writable. Instead of trying to remount the rootfs writable at this point forcibly, honor the *real* sysroot readonly state flag from the underlying FS before we mounted the composefs. Note that in FCOS derivatives we always have the root mounted writable via `rw` on the kernel cmdline and this is the default general expectation now with ostree usage. --- src/switchroot/ostree-prepare-root.c | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/src/switchroot/ostree-prepare-root.c b/src/switchroot/ostree-prepare-root.c index 1a0539e1..d7c44e97 100644 --- a/src/switchroot/ostree-prepare-root.c +++ b/src/switchroot/ostree-prepare-root.c @@ -639,18 +639,11 @@ main (int argc, char *argv[]) const char usr_ovl_options[] = "lowerdir=" TMP_SYSROOT "/usr,upperdir=.usr-ovl-upper,workdir=.usr-ovl-work"; - /* Except overlayfs barfs if we try to mount it on a read-only - * filesystem. For this use case I think admins are going to be - * okay if we remount the rootfs here, rather than waiting until - * later boot and `systemd-remount-fs.service`. - */ - if (path_is_on_readonly_fs (TMP_SYSROOT)) - { - if (mount (TMP_SYSROOT, TMP_SYSROOT, NULL, MS_REMOUNT | MS_SILENT, NULL) < 0) - err (EXIT_FAILURE, "failed to remount rootfs writable (for overlayfs)"); - } - - if (mount ("overlay", TMP_SYSROOT "/usr", "overlay", MS_SILENT, usr_ovl_options) < 0) + unsigned long mflags = MS_SILENT; + // Propagate readonly state + if (!sysroot_currently_writable) + mflags |= MS_RDONLY; + if (mount ("overlay", TMP_SYSROOT "/usr", "overlay", mflags, usr_ovl_options) < 0) err (EXIT_FAILURE, "failed to mount /usr overlayfs"); } else if (!using_composefs) -- 2.41.0