| Message ID | 20250127140814.762632-1-Quirin.Gylstorff@siemens.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [isar-cip-core,RFC] read-only-rootfs.bbclass: Exclude var and home from the erofs and squashfs | expand |
On Mon, 2025-01-27 at 15:07 +0100, Quirin Gylstorff wrote: > From: Quirin Gylstorff <quirin.gylstorff@siemens.com> > > This excludes the content of both var and home from the root file > system. > > This fixes issue #126. > > Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> > --- > classes/read-only-rootfs.bbclass | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/classes/read-only-rootfs.bbclass b/classes/read-only- > rootfs.bbclass > index 9ebcadc..b3bab32 100644 > --- a/classes/read-only-rootfs.bbclass > +++ b/classes/read-only-rootfs.bbclass > @@ -34,6 +34,10 @@ copy_dpkg_state() { > sudo cp -a ${ROOTFSDIR}/var/lib/dpkg "$IMMUTABLE_VAR_LIB/" > } > > +RO_ROOTFS_EXCLUDE_DIRS = "var home" > +EROFS_EXCLUDE_DIRS = "${RO_ROOTFS_EXCLUDE_DIRS}" > +SQUASHFS_EXCLUDE_DIRS = "${RO_ROOTFS_EXCLUDE_DIRS}" Hi, we should also exclude boot, but I'm unsure why this is done in the read-only-rootfs class? You can *very-well* have a ro rootfs that includes a home that is over-mounted with an overlay. In my opinion, this should be done in the imagers instead. Best regards, Felix > + > image_configure_fstab() { > sudo tee '${IMAGE_ROOTFS}/etc/fstab' << EOF > # Begin /etc/fstab
On 1/29/25 13:25, Moessbauer, Felix (FT RPD CED OES-DE) wrote: > On Mon, 2025-01-27 at 15:07 +0100, Quirin Gylstorff wrote: >> From: Quirin Gylstorff <quirin.gylstorff@siemens.com> >> >> This excludes the content of both var and home from the root file >> system. >> >> This fixes issue #126. >> >> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> >> --- >> classes/read-only-rootfs.bbclass | 4 ++++ >> 1 file changed, 4 insertions(+) >> >> diff --git a/classes/read-only-rootfs.bbclass b/classes/read-only- >> rootfs.bbclass >> index 9ebcadc..b3bab32 100644 >> --- a/classes/read-only-rootfs.bbclass >> +++ b/classes/read-only-rootfs.bbclass >> @@ -34,6 +34,10 @@ copy_dpkg_state() { >> sudo cp -a ${ROOTFSDIR}/var/lib/dpkg "$IMMUTABLE_VAR_LIB/" >> } >> >> +RO_ROOTFS_EXCLUDE_DIRS = "var home" >> +EROFS_EXCLUDE_DIRS = "${RO_ROOTFS_EXCLUDE_DIRS}" >> +SQUASHFS_EXCLUDE_DIRS = "${RO_ROOTFS_EXCLUDE_DIRS}" > > Hi, > > we should also exclude boot, but I'm unsure why this is done in the > read-only-rootfs class? You can *very-well* have a ro rootfs that > includes a home that is over-mounted with an overlay. > The var/boot exclusion should be part of the read-only-rootfs class as we already require an empty var with the immutable rootfs package. What we could do is ``` read-only-rootfs.bbclass RO_ROOTFS_EXCLUDE_DIRS ??= "" ``` ``` cip-core-image.inc RO_ROOTFS_EXCLUDE_DIRS += "boot home var" ``` The squashfs/erofs classes should not define any exclusions. Quirin > In my opinion, this should be done in the imagers instead. > > Best regards, > Felix > >> + >> image_configure_fstab() { >> sudo tee '${IMAGE_ROOTFS}/etc/fstab' << EOF >> # Begin /etc/fstab >
On Thu, 2025-01-30 at 08:38 +0100, Quirin Gylstorff wrote: > > > On 1/29/25 13:25, Moessbauer, Felix (FT RPD CED OES-DE) wrote: > > On Mon, 2025-01-27 at 15:07 +0100, Quirin Gylstorff wrote: > > > From: Quirin Gylstorff <quirin.gylstorff@siemens.com> > > > > > > This excludes the content of both var and home from the root file > > > system. > > > > > > This fixes issue #126. > > > > > > Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> > > > --- > > > classes/read-only-rootfs.bbclass | 4 ++++ > > > 1 file changed, 4 insertions(+) > > > > > > diff --git a/classes/read-only-rootfs.bbclass b/classes/read- > > > only- > > > rootfs.bbclass > > > index 9ebcadc..b3bab32 100644 > > > --- a/classes/read-only-rootfs.bbclass > > > +++ b/classes/read-only-rootfs.bbclass > > > @@ -34,6 +34,10 @@ copy_dpkg_state() { > > > sudo cp -a ${ROOTFSDIR}/var/lib/dpkg "$IMMUTABLE_VAR_LIB/" > > > } > > > > > > +RO_ROOTFS_EXCLUDE_DIRS = "var home" > > > +EROFS_EXCLUDE_DIRS = "${RO_ROOTFS_EXCLUDE_DIRS}" > > > +SQUASHFS_EXCLUDE_DIRS = "${RO_ROOTFS_EXCLUDE_DIRS}" > > > > Hi, > > > > we should also exclude boot, but I'm unsure why this is done in the > > read-only-rootfs class? You can *very-well* have a ro rootfs that > > includes a home that is over-mounted with an overlay. > > > The var/boot exclusion should be part of the read-only-rootfs class > as we already require an empty var with the immutable rootfs package. > > What we could do is > > ``` read-only-rootfs.bbclass > RO_ROOTFS_EXCLUDE_DIRS ??= "" > ``` > > ``` cip-core-image.inc > RO_ROOTFS_EXCLUDE_DIRS += "boot home var" > ``` > > The squashfs/erofs classes should not define any exclusions. Hi, that's also a valid point. Usually the exlusions are defined in the wks script, but in case of squashfs/erofs we deploy full filesystems as blobs, so that won't work. Anyways, I'm fine with you change, as long as it also excludes /boot :) Felix > > Quirin > > In my opinion, this should be done in the imagers instead. > > > > Best regards, > > Felix > > > > > + > > > image_configure_fstab() { > > > sudo tee '${IMAGE_ROOTFS}/etc/fstab' << EOF > > > # Begin /etc/fstab > > >
diff --git a/classes/read-only-rootfs.bbclass b/classes/read-only-rootfs.bbclass index 9ebcadc..b3bab32 100644 --- a/classes/read-only-rootfs.bbclass +++ b/classes/read-only-rootfs.bbclass @@ -34,6 +34,10 @@ copy_dpkg_state() { sudo cp -a ${ROOTFSDIR}/var/lib/dpkg "$IMMUTABLE_VAR_LIB/" } +RO_ROOTFS_EXCLUDE_DIRS = "var home" +EROFS_EXCLUDE_DIRS = "${RO_ROOTFS_EXCLUDE_DIRS}" +SQUASHFS_EXCLUDE_DIRS = "${RO_ROOTFS_EXCLUDE_DIRS}" + image_configure_fstab() { sudo tee '${IMAGE_ROOTFS}/etc/fstab' << EOF # Begin /etc/fstab