| Message ID | 20220419154918.223283-1-Quirin.Gylstorff@siemens.com (mailing list archive) |
|---|---|
| State | Handled Elsewhere |
| Headers | show |
| Series | [isar-cip-core] Bullseye: Fix journalctl on read-only | expand |
On 19.04.22 17:49, Q. Gylstorff wrote: > From: Quirin Gylstorff <quirin.gylstorff@siemens.com> > > If an image with a read-only partition and etc overlay > is build journalctl does not display the system log in > Debian Bullseye. > > The log is available with the command `journalctl --merged'. > > The root cause is overwriting the mount point for /etc/machine-id > by the etc-overlay. This leads to the usage of multiple machine-ids > and journalctl does not match the current used journal file to > the machine. > > Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> > --- > kas-cip.yml | 4 ++ > ...stproc-extension-Remove-etc-machine-.patch | 37 +++++++++++++++++++ > 2 files changed, 41 insertions(+) > create mode 100644 patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch > > diff --git a/kas-cip.yml b/kas-cip.yml > index fce176b..2c2b7d7 100644 > --- a/kas-cip.yml > +++ b/kas-cip.yml > @@ -29,6 +29,10 @@ repos: > fix-pseudo: > repo: cip-core > path: patches/isar/0001-Fix-permissions-when-splitting-rootfs-folders-across.patch > + fix-machine-id: > + repo: cip-core > + path: patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch > + > > bblayers_conf_header: > standard: | > diff --git a/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch b/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch > new file mode 100644 > index 0000000..95b49ae > --- /dev/null > +++ b/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch > @@ -0,0 +1,37 @@ > +From 6e72a422c52f9995f5ee3acca293b92a7c0194d9 Mon Sep 17 00:00:00 2001 > +From: kas <kas@example.com> > +Date: Tue, 19 Apr 2022 14:52:54 +0000 > +Subject: [PATCH] classes/image-postproc-extension: Remove /etc/machine-id > + > +In a read-only system the machine id should be deleted or > +set to `unitialized\n`[1]. > + > +Systemd will generate a new machine-id during the first boot. > +In the case of a read-only root file system Systemd generates a mount point with > +the machine id. If an overlay for /etc is used this creates a mount conflict. > +To avoid the conflict between the overlay filesystem and systemd /etc/machine-id > +mount point deleted the file /etc/machine-id. > + > +[1]: https://systemd.io/BUILDING_IMAGES/ > + > +Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> > +--- > + meta/classes/image-postproc-extension.bbclass | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass > +index ca520273..0c412c0d 100644 > +--- a/meta/classes/image-postproc-extension.bbclass > ++++ b/meta/classes/image-postproc-extension.bbclass > +@@ -57,7 +57,7 @@ ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id" > + image_postprocess_machine_id() { > + # systemd(1) takes care of recreating the machine-id on first boot > + sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id' > +- sudo install -m 644 '/dev/null' '${IMAGE_ROOTFS}/etc/machine-id' > ++ sudo rm -f '${IMAGE_ROOTFS}/etc/machine-id' > + } > + > + ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_sshd_key_regen" > +-- > +2.35.1 > + As discussed directly already: It takes more than that to make systemd happy, and the easiest approach will be mounting /etc overlay from within the initramfs. I have a prototype working, but it will also need a conversion of image-uuid to a cip-core-initramfs recipe so that it can be applied to both secure and non-secure read-only setups. I'm on it. Jan
diff --git a/kas-cip.yml b/kas-cip.yml index fce176b..2c2b7d7 100644 --- a/kas-cip.yml +++ b/kas-cip.yml @@ -29,6 +29,10 @@ repos: fix-pseudo: repo: cip-core path: patches/isar/0001-Fix-permissions-when-splitting-rootfs-folders-across.patch + fix-machine-id: + repo: cip-core + path: patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch + bblayers_conf_header: standard: | diff --git a/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch b/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch new file mode 100644 index 0000000..95b49ae --- /dev/null +++ b/patches/isar/0001-classes-image-postproc-extension-Remove-etc-machine-.patch @@ -0,0 +1,37 @@ +From 6e72a422c52f9995f5ee3acca293b92a7c0194d9 Mon Sep 17 00:00:00 2001 +From: kas <kas@example.com> +Date: Tue, 19 Apr 2022 14:52:54 +0000 +Subject: [PATCH] classes/image-postproc-extension: Remove /etc/machine-id + +In a read-only system the machine id should be deleted or +set to `unitialized\n`[1]. + +Systemd will generate a new machine-id during the first boot. +In the case of a read-only root file system Systemd generates a mount point with +the machine id. If an overlay for /etc is used this creates a mount conflict. +To avoid the conflict between the overlay filesystem and systemd /etc/machine-id +mount point deleted the file /etc/machine-id. + +[1]: https://systemd.io/BUILDING_IMAGES/ + +Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> +--- + meta/classes/image-postproc-extension.bbclass | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass +index ca520273..0c412c0d 100644 +--- a/meta/classes/image-postproc-extension.bbclass ++++ b/meta/classes/image-postproc-extension.bbclass +@@ -57,7 +57,7 @@ ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id" + image_postprocess_machine_id() { + # systemd(1) takes care of recreating the machine-id on first boot + sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id' +- sudo install -m 644 '/dev/null' '${IMAGE_ROOTFS}/etc/machine-id' ++ sudo rm -f '${IMAGE_ROOTFS}/etc/machine-id' + } + + ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_sshd_key_regen" +-- +2.35.1 +