Copy /etc and /var from /mnt/runtime to the root filesystem.
Apps running in the second stage may expect to have 'normal' files in
/etc or /var. By staging it this way, they can just be kept in the
second stage, and copied to the first stage at runtime, rather than
having to keep them in the first stage. We can't symlink to
/mnt/runtime/etc or /mnt/runtime/var, because the second stage isn't
writable. /etc/selinux is still symlinked, because it's huge.
---
loader2/loader.c | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
if (!FL_TESTING(flags)) {
+ int ret;
+
/* unlink dirs and link to the ones in /mnt/runtime */
migrate_runtime_directory("/usr");
migrate_runtime_directory("/lib");
migrate_runtime_directory("/lib64");
+ ret = symlink("/mnt/runtime/etc/selinux", "/etc/selinux");
+ copyDirectory("/mnt/runtime/etc","/etc", copyWarnFn, copyErrorFn);
+ copyDirectory("/mnt/runtime/var","/var", copyWarnFn, copyErrorFn);
}
/* now load SELinux policy before exec'ing anaconda and the shell
@@ -1721,10 +1726,6 @@ int main(int argc, char ** argv) {
logMessage(ERROR, "failed to mount /selinux: %s, disabling SELinux", strerror(errno));
flags &= ~LOADER_FLAGS_SELINUX;
} else {
- /* FIXME: this is a bad hack for libselinux assuming things
- * about paths */
- int ret;
- ret = symlink("/mnt/runtime/etc/selinux", "/etc/selinux");
if (loadpolicy() == 0) {
setexeccon(ANACONDA_CONTEXT);
} else {
--
1.5.3.4
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
12-06-2007, 03:53 PM
Jeremy Katz
Copy /etc and /var from /mnt/runtime to the root filesystem.
On Wed, 2007-12-05 at 18:24 -0500, Bill Nottingham wrote:
> Apps running in the second stage may expect to have 'normal' files in
> /etc or /var. By staging it this way, they can just be kept in the
> second stage, and copied to the first stage at runtime, rather than
> having to keep them in the first stage. We can't symlink to
> /mnt/runtime/etc or /mnt/runtime/var, because the second stage isn't
> writable. /etc/selinux is still symlinked, because it's huge.
What needs something to be writable under /etc at runtime? /var I can
see although we could also continue the path of what we've done
for /var/lib/xkb to point the paths we know need to be writable at /tmp
instead
Jeremy
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
12-06-2007, 04:03 PM
Bill Nottingham
Copy /etc and /var from /mnt/runtime to the root filesystem.
Jeremy Katz (katzj@redhat.com) said:
> On Wed, 2007-12-05 at 18:24 -0500, Bill Nottingham wrote:
> > Apps running in the second stage may expect to have 'normal' files in
> > /etc or /var. By staging it this way, they can just be kept in the
> > second stage, and copied to the first stage at runtime, rather than
> > having to keep them in the first stage. We can't symlink to
> > /mnt/runtime/etc or /mnt/runtime/var, because the second stage isn't
> > writable. /etc/selinux is still symlinked, because it's huge.
>
> What needs something to be writable under /etc at runtime?
The problem isn't writable, the problem is that it needs to be *there*
under /etc. As it stands now, things in /mnt/runtime either need modified
to look in a different /etc/, or have their required /etc files installed
in stage1.
> /var I can
> see although we could also continue the path of what we've done
> for /var/lib/xkb to point the paths we know need to be writable at /tmp
> instead
Again, that means putting any required /var things in stage1, and requires
that everyone know that you can't just put /etc or /var stuff in KEEPFILES
and expect it to work.
Bill
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
12-06-2007, 04:18 PM
Jeremy Katz
Copy /etc and /var from /mnt/runtime to the root filesystem.
On Thu, 2007-12-06 at 12:03 -0500, Bill Nottingham wrote:
> Jeremy Katz (katzj@redhat.com) said:
> > On Wed, 2007-12-05 at 18:24 -0500, Bill Nottingham wrote:
> > > Apps running in the second stage may expect to have 'normal' files in
> > > /etc or /var. By staging it this way, they can just be kept in the
> > > second stage, and copied to the first stage at runtime, rather than
> > > having to keep them in the first stage. We can't symlink to
> > > /mnt/runtime/etc or /mnt/runtime/var, because the second stage isn't
> > > writable. /etc/selinux is still symlinked, because it's huge.
> >
> > What needs something to be writable under /etc at runtime?
>
> The problem isn't writable, the problem is that it needs to be *there*
> under /etc. As it stands now, things in /mnt/runtime either need modified
> to look in a different /etc/, or have their required /etc files installed
> in stage1.
Oh, I think I'm following you now. Because there's now /etc in stage1
and stage2 and different things need from one vs the other? What if we
just had a copy of the files which are in the initrd in both places.
Then we could just move over /mnt/runtime/etc like we do today. I can't
imagine the space hit being that significant
Jeremy
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
12-06-2007, 04:21 PM
Bill Nottingham
Copy /etc and /var from /mnt/runtime to the root filesystem.
Jeremy Katz (katzj@redhat.com) said:
> Oh, I think I'm following you now. Because there's now /etc in stage1
> and stage2 and different things need from one vs the other? What if we
> just had a copy of the files which are in the initrd in both places.
> Then we could just move over /mnt/runtime/etc like we do today. I can't
> imagine the space hit being that significant
You want to prefer the stage2 /etc/passwd and /etc/group, but other than that,
copying stage1 over to stage2 and switching should work fine.
Bill
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
12-06-2007, 08:18 PM
Bill Nottingham
Copy /etc and /var from /mnt/runtime to the root filesystem.
Bill Nottingham (notting@redhat.com) said:
> Jeremy Katz (katzj@redhat.com) said:
> > Oh, I think I'm following you now. Because there's now /etc in stage1
> > and stage2 and different things need from one vs the other? What if we
> > just had a copy of the files which are in the initrd in both places.
> > Then we could just move over /mnt/runtime/etc like we do today. I can't
> > imagine the space hit being that significant
>
> You want to prefer the stage2 /etc/passwd and /etc/group, but other than that,
> copying stage1 over to stage2 and switching should work fine.
Updated patchset:
commit 213985cdbb8c1dea25e3e88d28c7919a975eca29
Author: Bill Nottingham <notting@redhat.com>
Date: Thu Dec 6 15:59:13 2007 -0500
Use the passwd and group from the second stage, rather than create our own.
commit 6f5bcc6457d5fd3fe0b4f3846515d35743a68575
Author: Bill Nottingham <notting@redhat.com>
Date: Thu Dec 6 16:08:47 2007 -0500
Copy /var from stage2 to stage1, use /mnt/runtime/etc as /etc
Apps running in the second stage may expect to have 'normal' files in
/etc or /var. We use /mnt/runtime/etc as /etc, but only after copying
over the stage1 /etc. We do the reverse for /var - we copy the files
from /mnt/runtime, as we can't use the read-only /var on stage2.
if (!FL_TESTING(flags)) {
+ int ret;
+
/* unlink dirs and link to the ones in /mnt/runtime */
migrate_runtime_directory("/usr");
migrate_runtime_directory("/lib");
migrate_runtime_directory("/lib64");
+ copyDirectory("/etc","/mnt/runtime/etc", copyWarnFn, copyErrorFn);
+ migrate_runtime_directory("/etc");
+ copyDirectory("/mnt/runtime/var","/var", copyWarnFn, copyErrorFn);
}
/* now load SELinux policy before exec'ing anaconda and the shell
@@ -1721,10 +1726,6 @@ int main(int argc, char ** argv) {
logMessage(ERROR, "failed to mount /selinux: %s, disabling SELinux", strerror(errno));
flags &= ~LOADER_FLAGS_SELINUX;
} else {
- /* FIXME: this is a bad hack for libselinux assuming things
- * about paths */
- int ret;
- ret = symlink("/mnt/runtime/etc/selinux", "/etc/selinux");
if (loadpolicy() == 0) {
setexeccon(ANACONDA_CONTEXT);
} else {
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
12-06-2007, 09:15 PM
Jeremy Katz
Copy /etc and /var from /mnt/runtime to the root filesystem.
On Thu, 2007-12-06 at 16:18 -0500, Bill Nottingham wrote:
> Bill Nottingham (notting@redhat.com) said:
> > Jeremy Katz (katzj@redhat.com) said:
> > > Oh, I think I'm following you now. Because there's now /etc in stage1
> > > and stage2 and different things need from one vs the other? What if we
> > > just had a copy of the files which are in the initrd in both places.
> > > Then we could just move over /mnt/runtime/etc like we do today. I can't
> > > imagine the space hit being that significant
> >
> > You want to prefer the stage2 /etc/passwd and /etc/group, but other than that,
> > copying stage1 over to stage2 and switching should work fine.
>
> Updated patchset:
> commit 6f5bcc6457d5fd3fe0b4f3846515d35743a68575
> Author: Bill Nottingham <notting@redhat.com>
> Date: Thu Dec 6 16:08:47 2007 -0500
>
> Copy /var from stage2 to stage1, use /mnt/runtime/etc as /etc
>
> Apps running in the second stage may expect to have 'normal' files in
> /etc or /var. We use /mnt/runtime/etc as /etc, but only after copying
> over the stage1 /etc.
Don't you want to do this copy when building the images? The squashfs
won't be writable. That or I've been looking at this thread for too
long
Jeremy
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
12-06-2007, 09:21 PM
Bill Nottingham
Copy /etc and /var from /mnt/runtime to the root filesystem.
Jeremy Katz (katzj@redhat.com) said:
> Don't you want to do this copy when building the images? The squashfs
> won't be writable. That or I've been looking at this thread for too
> long
I knew there was a reason why I did it that way the first time. In that case,
I prefer the first approach of just copying at runtime - that way you don't
have to hack in mk-images to copy back to the exploded tree.
Bill
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
12-06-2007, 09:26 PM
Jeremy Katz
Copy /etc and /var from /mnt/runtime to the root filesystem.
On Thu, 2007-12-06 at 17:21 -0500, Bill Nottingham wrote:
> Jeremy Katz (katzj@redhat.com) said:
> > Don't you want to do this copy when building the images? The squashfs
> > won't be writable. That or I've been looking at this thread for too
> > long
>
> I knew there was a reason why I did it that way the first time. In that case,
> I prefer the first approach of just copying at runtime - that way you don't
> have to hack in mk-images to copy back to the exploded tree.
Yeah, but what happens when we get something else "large" there like
selinux policy? Meh, cross that bridge when we get to it I guess
Jeremy
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
Copy /etc and /var from /mnt/runtime to the root filesystem.
