nspawn: create essential base directories at system bootup
This allows us to bootup a rootfs with a /usr directory only.
This commit is contained in:
parent
96e2644150
commit
3577de7ac3
|
@ -827,7 +827,9 @@ libsystemd_shared_la_SOURCES = \
|
||||||
src/shared/eventfd-util.c \
|
src/shared/eventfd-util.c \
|
||||||
src/shared/eventfd-util.h \
|
src/shared/eventfd-util.h \
|
||||||
src/shared/copy.c \
|
src/shared/copy.c \
|
||||||
src/shared/copy.h
|
src/shared/copy.h \
|
||||||
|
src/shared/base-filesystem.c \
|
||||||
|
src/shared/base-filesystem.h
|
||||||
|
|
||||||
nodist_libsystemd_shared_la_SOURCES = \
|
nodist_libsystemd_shared_la_SOURCES = \
|
||||||
src/shared/errno-from-name.h \
|
src/shared/errno-from-name.h \
|
||||||
|
|
|
@ -181,6 +181,7 @@ int machine_id_setup(const char *root) {
|
||||||
* will be owned by root it doesn't matter much, but maybe
|
* will be owned by root it doesn't matter much, but maybe
|
||||||
* people look. */
|
* people look. */
|
||||||
|
|
||||||
|
mkdir_parents(etc_machine_id, 0755);
|
||||||
fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
|
fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
|
||||||
if (fd >= 0)
|
if (fd >= 0)
|
||||||
writable = true;
|
writable = true;
|
||||||
|
|
|
@ -89,6 +89,7 @@
|
||||||
#include "gpt.h"
|
#include "gpt.h"
|
||||||
#include "siphash24.h"
|
#include "siphash24.h"
|
||||||
#include "copy.h"
|
#include "copy.h"
|
||||||
|
#include "base-filesystem.h"
|
||||||
|
|
||||||
#ifdef HAVE_SECCOMP
|
#ifdef HAVE_SECCOMP
|
||||||
#include "seccomp-util.h"
|
#include "seccomp-util.h"
|
||||||
|
@ -3008,6 +3009,12 @@ int main(int argc, char *argv[]) {
|
||||||
srv_device, srv_device_rw) < 0)
|
srv_device, srv_device_rw) < 0)
|
||||||
goto child_fail;
|
goto child_fail;
|
||||||
|
|
||||||
|
r = base_filesystem_create(arg_directory);
|
||||||
|
if (r < 0) {
|
||||||
|
log_error("creating base filesystem failed: %s", strerror(-r));
|
||||||
|
goto child_fail;
|
||||||
|
}
|
||||||
|
|
||||||
/* Turn directory into bind mount */
|
/* Turn directory into bind mount */
|
||||||
if (mount(arg_directory, arg_directory, "bind", MS_BIND|MS_REC, NULL) < 0) {
|
if (mount(arg_directory, arg_directory, "bind", MS_BIND|MS_REC, NULL) < 0) {
|
||||||
log_error("Failed to make bind mount: %m");
|
log_error("Failed to make bind mount: %m");
|
||||||
|
|
82
src/shared/base-filesystem.c
Normal file
82
src/shared/base-filesystem.c
Normal file
|
@ -0,0 +1,82 @@
|
||||||
|
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
|
||||||
|
|
||||||
|
/***
|
||||||
|
This file is part of systemd.
|
||||||
|
|
||||||
|
Copyright 2014 Kay Sievers
|
||||||
|
|
||||||
|
systemd is free software; you can redistribute it and/or modify it
|
||||||
|
under the terms of the GNU Lesser General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2.1 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
systemd is distributed in the hope that it will be useful, but
|
||||||
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
Lesser General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU Lesser General Public License
|
||||||
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
***/
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <assert.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
#include "base-filesystem.h"
|
||||||
|
#include "log.h"
|
||||||
|
#include "macro.h"
|
||||||
|
#include "util.h"
|
||||||
|
#include "label.h"
|
||||||
|
#include "mkdir.h"
|
||||||
|
|
||||||
|
typedef struct BaseFilesystem {
|
||||||
|
const char *dir;
|
||||||
|
mode_t mode;
|
||||||
|
const char *target;
|
||||||
|
} BaseFilesystem;
|
||||||
|
|
||||||
|
static const BaseFilesystem table[] = {
|
||||||
|
{ "bin", 0, "usr/bin" },
|
||||||
|
{ "lib", 0, "usr/lib" },
|
||||||
|
{ "lib64", 0, "usr/lib64" },
|
||||||
|
{ "root", 0755, NULL },
|
||||||
|
{ "sbin", 0, "usr/sbin" },
|
||||||
|
};
|
||||||
|
|
||||||
|
int base_filesystem_create(const char *root) {
|
||||||
|
_cleanup_close_ int fd = -1;
|
||||||
|
unsigned i;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
fd = open(root, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW);
|
||||||
|
if (fd < 0)
|
||||||
|
return -errno;
|
||||||
|
|
||||||
|
for (i = 0; i < ELEMENTSOF(table); i ++) {
|
||||||
|
if (table[i].target) {
|
||||||
|
/* check if target exists */
|
||||||
|
if (faccessat(fd, table[i].target, F_OK, AT_SYMLINK_NOFOLLOW) < 0)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
r = symlinkat(table[i].target, fd, table[i].dir);
|
||||||
|
if (r < 0 && errno != EEXIST) {
|
||||||
|
log_error("Failed to create symlink at %s/%s: %m", root, table[i].dir);
|
||||||
|
return -errno;
|
||||||
|
}
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
RUN_WITH_UMASK(0000)
|
||||||
|
r = mkdirat(fd, table[i].dir, table[i].mode);
|
||||||
|
if (r < 0 && errno != EEXIST) {
|
||||||
|
log_error("Failed to create directory at %s/%s: %m", root, table[i].dir);
|
||||||
|
return -errno;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
24
src/shared/base-filesystem.h
Normal file
24
src/shared/base-filesystem.h
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
|
||||||
|
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
/***
|
||||||
|
This file is part of systemd.
|
||||||
|
|
||||||
|
Copyright 2014 Kay Sievers
|
||||||
|
|
||||||
|
systemd is free software; you can redistribute it and/or modify it
|
||||||
|
under the terms of the GNU Lesser General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2.1 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
systemd is distributed in the hope that it will be useful, but
|
||||||
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
Lesser General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU Lesser General Public License
|
||||||
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
***/
|
||||||
|
|
||||||
|
int base_filesystem_create(const char *root);
|
Loading…
Reference in a new issue