picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #13209 from poettering/nspawn-volatile-merged-usr 

make incompatibility of non-/usr-merged distros with --volatile=yes more discoverable
This commit is contained in:
Lennart Poettering 2019-07-29 14:25:04 +02:00 committed by GitHub
parent a13c64b1d7 2e542f4e62
commit 07e324af43
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
man/systemd-nspawn.xml
View File

@ -368,12 +368,16 @@
<citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details.</para>
<para>Note that setting this option to <option>yes</option> or <option>state</option> will only work correctly
with operating systems in the container that can boot up with only <filename>/usr</filename> mounted, and are
able to automatically populate <filename>/var</filename>, and also <filename>/etc</filename> in case of
<literal>--volatile=yes</literal>. The <option>overlay</option> option does not require any particular
preparations in the OS, but do note that <literal>overlayfs</literal> behaviour differs from regular file
systems in a number of ways, and hence compatibility is limited.</para></listitem>
<para>Note that setting this option to <option>yes</option> or <option>state</option> will only work
correctly with operating systems in the container that can boot up with only
<filename>/usr/</filename> mounted, and are able to automatically populate <filename>/var/</filename>
(and <filename>/etc/</filename> in case of <literal>--volatile=yes</literal>). Specifically, this
means that operating systems that follow the historic split of <filename>/bin/</filename> and
<filename>/lib/</filename> (and related directories) from <filename>/usr/</filename> (i.e. where the
former are not symlinks into the latter) are not supported by <literal>--volatile=yes</literal> as
container payload. The <option>overlay</option> option does not require any particular preparations
in the OS, but do note that <literal>overlayfs</literal> behaviour differs from regular file systems
in a number of ways, and hence compatibility is limited.</para></listitem>
</varlistentry>
<varlistentry>

25
src/nspawn/nspawn-mount.c
View File

@ -1007,14 +1007,33 @@ static int setup_volatile_yes(
bool tmpfs_mounted = false, bind_mounted = false;
char template[] = "/tmp/nspawn-volatile-XXXXXX";
_cleanup_free_ char *buf = NULL;
_cleanup_free_ char *buf = NULL, *bindir = NULL;
const char *f, *t, *options;
struct stat st;
int r;
assert(directory);
/* --volatile=yes means we mount a tmpfs to the root dir, and the original /usr to use inside it, and that
read-only. */
/* --volatile=yes means we mount a tmpfs to the root dir, and the original /usr to use inside it, and
* that read-only. Before we start setting this up let's validate if the image has the /usr merge
* implemented, and let's output a friendly log message if it hasn't. */
bindir = path_join(directory, "/bin");
if (!bindir)
return log_oom();
if (lstat(bindir, &st) < 0) {
if (errno != ENOENT)
return log_error_errno(errno, "Failed to stat /bin directory below image: %m");
/* ENOENT is fine, just means the image is probably just a naked /usr and we can create the
* rest. */
} else if (S_ISDIR(st.st_mode))
return log_error_errno(SYNTHETIC_ERRNO(EISDIR),
"Sorry, --volatile=yes mode is not supported with OS images that have not merged /bin/, /sbin/, /lib/, /lib64/ into /usr/. "
"Please work with your distribution and help them adopt the merged /usr scheme.");
else if (!S_ISLNK(st.st_mode))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Error starting image: if --volatile=yes is used /bin must be a symlink (for merged /usr support) or non-existent (in which case a symlink is created automatically).");
if (!mkdtemp(template))
return log_error_errno(errno, "Failed to create temporary directory: %m");