nspawn: create essential base directories at system bootup

This allows us to bootup a rootfs with a /usr directory only.
2014-06-24 13:30:11 +02:00 · 2014-06-24 13:30:11 +02:00 · 3577de7ac3
parent 96e2644150
commit 3577de7ac3
5 changed files with 117 additions and 1 deletions
--- a/Makefile.am
+++ b/Makefile.am
@ -827,7 +827,9 @@ libsystemd_shared_la_SOURCES = \
 	src/shared/eventfd-util.c \
 	src/shared/eventfd-util.h \
 	src/shared/copy.c \
-	src/shared/copy.h
+	src/shared/copy.h \
+	src/shared/base-filesystem.c \
+	src/shared/base-filesystem.h

 nodist_libsystemd_shared_la_SOURCES = \
 	src/shared/errno-from-name.h \
--- a/src/core/machine-id-setup.c
+++ b/src/core/machine-id-setup.c
@ -181,6 +181,7 @@ int machine_id_setup(const char *root) {
                 * will be owned by root it doesn't matter much, but maybe
                 * people look. */

+                mkdir_parents(etc_machine_id, 0755);
                fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
                if (fd >= 0)
                        writable = true;
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@ -89,6 +89,7 @@
 #include "gpt.h"
 #include "siphash24.h"
 #include "copy.h"
+#include "base-filesystem.h"

 #ifdef HAVE_SECCOMP
 #include "seccomp-util.h"
@ -3008,6 +3009,12 @@ int main(int argc, char *argv[]) {
                                          srv_device, srv_device_rw) < 0)
                                goto child_fail;

+                        r = base_filesystem_create(arg_directory);
+                        if (r < 0) {
+                                log_error("creating base filesystem failed: %s", strerror(-r));
+                                goto child_fail;
+                        }
+
                        /* Turn directory into bind mount */
                        if (mount(arg_directory, arg_directory, "bind", MS_BIND|MS_REC, NULL) < 0) {
                                log_error("Failed to make bind mount: %m");
--- a/src/shared/base-filesystem.c
+++ b/src/shared/base-filesystem.c
@ -0,0 +1,82 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+  This file is part of systemd.
+
+  Copyright 2014 Kay Sievers
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <errno.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include <unistd.h>
+
+#include "base-filesystem.h"
+#include "log.h"
+#include "macro.h"
+#include "util.h"
+#include "label.h"
+#include "mkdir.h"
+
+typedef struct BaseFilesystem {
+        const char *dir;
+        mode_t mode;
+        const char *target;
+} BaseFilesystem;
+
+static const BaseFilesystem table[] = {
+        { "bin",      0, "usr/bin"   },
+        { "lib",      0, "usr/lib"   },
+        { "lib64",    0, "usr/lib64" },
+        { "root",  0755, NULL },
+        { "sbin",     0, "usr/sbin"  },
+};
+
+int base_filesystem_create(const char *root) {
+        _cleanup_close_ int fd = -1;
+        unsigned i;
+        int r;
+
+        fd = open(root, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW);
+        if (fd < 0)
+                return -errno;
+
+        for (i = 0; i < ELEMENTSOF(table); i ++) {
+                if (table[i].target) {
+                        /* check if target exists */
+                        if (faccessat(fd, table[i].target, F_OK, AT_SYMLINK_NOFOLLOW) < 0)
+                                continue;
+
+                        r = symlinkat(table[i].target, fd, table[i].dir);
+                        if (r < 0 && errno != EEXIST) {
+                                log_error("Failed to create symlink at %s/%s: %m", root, table[i].dir);
+                                return -errno;
+                        }
+                        continue;
+                }
+
+                RUN_WITH_UMASK(0000)
+                        r = mkdirat(fd, table[i].dir, table[i].mode);
+                if (r < 0 && errno != EEXIST) {
+                        log_error("Failed to create directory at %s/%s: %m", root, table[i].dir);
+                        return -errno;
+                }
+        }
+
+        return 0;
+}
--- a/src/shared/base-filesystem.h
+++ b/src/shared/base-filesystem.h
@ -0,0 +1,24 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#pragma once
+
+/***
+  This file is part of systemd.
+
+  Copyright 2014 Kay Sievers
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+int base_filesystem_create(const char *root);