From fd89051ec3d2555c19d71d5fc6d76809ca3bb79c Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 23 Nov 2018 22:16:57 +0100
Subject: [PATCH] gpt-auto: propagate gpt partition ro/rw flag into root mount
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This ensures that the read/write state of the root mount matches the
read/write flag in the GPT partition table entry.

This is only used as fallback in case no ro/rw flag is specified on the
kernel cmdline, and there's no entry for the root partition in
/etc/fstab.

This is missing functionality of the GPT auto logic, as without this the
root partition was always mounted read-only — when booting with zero
configuration in /etc/fstab and /proc/cmdline —, as we defaulted to
read-only behaviour for all mounts. Moreover we honoured the r/o flag in
the partition table for all other partition types, except for the root
partition.
---
 src/gpt-auto-generator/gpt-auto-generator.c | 43 +++++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/src/gpt-auto-generator/gpt-auto-generator.c b/src/gpt-auto-generator/gpt-auto-generator.c
index 425f5421ca..c6a801389e 100644
--- a/src/gpt-auto-generator/gpt-auto-generator.c
+++ b/src/gpt-auto-generator/gpt-auto-generator.c
@@ -446,6 +446,43 @@ static int add_esp(DissectedPartition *p) {
 }
 #endif
 
+static int add_root_rw(DissectedPartition *p) {
+        const char *path;
+        int r;
+
+        assert(p);
+
+        if (in_initrd()) {
+                log_debug("In initrd, not generating drop-in for systemd-remount-fs.service.");
+                return 0;
+        }
+
+        if (arg_root_rw >= 0) {
+                log_debug("Parameter ro/rw specified on kernel command line, not generating drop-in for systemd-remount-fs.service.");
+                return 0;
+        }
+
+        if (!p->rw) {
+                log_debug("Root partition marked read-only in GPT partition table, not generating drop-in for systemd-remount-fs.service.");
+                return 0;
+        }
+
+        path = strjoina(arg_dest, "/systemd-remount-fs.service.d/50-remount-rw.conf");
+        (void) mkdir_parents(path, 0755);
+
+        r = write_string_file(path,
+                              "# Automatically generated by systemd-gpt-generator\n\n"
+                              "[Unit]\n"
+                              "ConditionPathExists=\n\n" /* We need to turn off the ConditionPathExist= in the main unit file */
+                              "[Service]\n"
+                              "Environment=SYSTEMD_REMOUNT_ROOT_RW=1\n",
+                              WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_NOFOLLOW);
+        if (r < 0)
+                return log_error_errno(r, "Failed to write drop-in file %s: %m", path);
+
+        return 0;
+}
+
 static int open_parent(dev_t devnum, int *ret) {
         _cleanup_(sd_device_unrefp) sd_device *d = NULL;
         const char *name, *devtype, *node;
@@ -550,6 +587,12 @@ static int enumerate_partitions(dev_t devnum) {
                         r = k;
         }
 
+        if (m->partitions[PARTITION_ROOT].found) {
+                k = add_root_rw(m->partitions + PARTITION_ROOT);
+                if (k < 0)
+                        r = k;
+        }
+
         return r;
 }