rpms/ostree
5
0
Fork 0
Code Issues Pull Requests Releases Activity
22916589d6
ostree/ostree-readonly-sysroot-migration
Miguel Martín 22916589d6
Rename boot entries with old naming scheme 
A new naming scheme for boot entries was introduced in
version 2014.5 [1]. We need to rename the old ones to this
new scheme before running `ostree admin kargs edit-in-place`.
Otherwise, the updated bootloader configuration will be written
to a new file instead of updating the existing one making the
system not bootable.

[1] https://github.com/ostreedev/ostree/pull/3206
Resolves: RHEL-45151
2024-09-09 08:00:32 +02:00

88 lines
3.0 KiB
Bash
Raw Blame History

#!/bin/bash
# Update an existing system to use a read only sysroot
# and https://bugzilla.redhat.com/show_bug.cgi?id=2060976
set -euo pipefail
rename_boot_entries() {
local -r boot_entries="$(find /boot/loader/entries -name 'ostree-*-*\.conf')"
for boot_entry in ${boot_entries} ; do
new_boot_entry=$(echo "${boot_entry}" | sed -e 's/ostree-\([1-9]\+\).*/ostree-\1.conf/')
echo "Renaming ${boot_entry} to ${new_boot_entry}"
mv "${boot_entry}" "${new_boot_entry}"
done
}
main() {
# Used to condition execution of this unit at the systemd level
local -r stamp_file="/var/lib/.ostree-readonly-sysroot"
if [[ -f "${stamp_file}" ]]; then
exit 0
fi
local -r ostree_sysroot_readonly="$(ostree config --repo=/sysroot/ostree/repo get "sysroot.readonly" &> /dev/null || echo "false")"
if [[ "${ostree_sysroot_readonly}" == "true" ]]; then
# Nothing to do
touch "${stamp_file}"
exit 0
fi
# A new naming for bootboot entries was introduced in 2024.5
# version: https://github.com/ostreedev/ostree/pull/3206
[[ "${OSTREE_SYSROOT_OPTS:-none}" == *bootboot-naming-1* ]] || rename_boot_entries
local -r boot_entries="$(ls -A /boot/loader/entries/ | wc -l)"
# Ensure that we can read BLS entries to avoid touching systems where /boot
# is not mounted
if [[ "${boot_entries}" -eq 0 ]]; then
echo "No BLS entry found: Maybe /boot is not mounted?" 1>&2
echo "This is unexpected thus no migration will be performed" 1>&2
touch "${stamp_file}"
exit 0
fi
# Check if any existing deployment is still missing the rw karg
local rw_kargs_found=0
local count=0
for f in "/boot/loader/entries/"*; do
count="$(grep -c "^options .* rw" "${f}" || true)"
if [[ "${count}" -ge 1 ]]; then
rw_kargs_found=$((rw_kargs_found + 1))
fi
done
# Some deployments are still missing the rw karg. Let's try to update them
if [[ "${boot_entries}" -ne "${rw_kargs_found}" ]]; then
ostree admin kargs edit-in-place --append-if-missing=rw || \
echo "Failed to edit kargs in place with ostree" 1>&2
fi
# Re-check if any existing deployment is still missing the rw karg
rw_kargs_found=0
count=0
for f in "/boot/loader/entries/"*; do
count="$(grep -c "^options .* rw" "${f}" || true)"
if [[ "${count}" -ge 1 ]]; then
rw_kargs_found=$((rw_kargs_found + 1))
fi
done
unset count
# If all deployments are good, then we can set the sysroot.readonly option
# in the ostree repo config
if [[ "${boot_entries}" -eq "${rw_kargs_found}" ]]; then
echo "Setting up the sysroot.readonly option in the ostree repo config"
ostree config --repo=/sysroot/ostree/repo set "sysroot.readonly" "true"
touch "${stamp_file}"
exit 0
fi
# If anything else before failed, we will retry on next boot
echo "Will retry next boot" 1>&2
exit 0
}
main "${@}"
Reference in New Issue View Git Blame Copy Permalink