diff mbox series

[isar-cip-core,RFC,3/4] add move-homedir-var package

Message ID 20250211085125.22154-4-Quirin.Gylstorff@siemens.com (mailing list archive)
State New
Headers show
Series Make /home partition optional | expand

Commit Message

Quirin Gylstorff Feb. 11, 2025, 8:49 a.m. UTC 
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

This creates a tmpfiles to copy /usr/share/immutable-data/home to /var
Also the recipe moves /home to /var/home and creates a symbolic link
between them.

This is prerequisite to move the home partition to /var as requested
by issue #123.

https://gitlab.com/cip-project/cip-core/isar-cip-core/-/issues/123
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 .../files/move-homedir-var.tmpfiles.tmpl      |  3 +++
 recipes-core/move-homedir-var/files/postinst  | 20 ++++++++++++++++
 .../move-homedir-var/move-homedir-var_0.1.bb  | 24 +++++++++++++++++++
 3 files changed, 47 insertions(+)
 create mode 100644 recipes-core/move-homedir-var/files/move-homedir-var.tmpfiles.tmpl
 create mode 100644 recipes-core/move-homedir-var/files/postinst
 create mode 100644 recipes-core/move-homedir-var/move-homedir-var_0.1.bb

Comments

MOESSBAUER, Felix Feb. 11, 2025, 11:41 a.m. UTC | #1 
On Tue, 2025-02-11 at 09:49 +0100, Quirin Gylstorff wrote:
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> 
> This creates a tmpfiles to copy /usr/share/immutable-data/home to
> /var
> Also the recipe moves /home to /var/home and creates a symbolic link
> between them.
> 
> This is prerequisite to move the home partition to /var as requested
> by issue #123.
> 
> https://gitlab.com/cip-project/cip-core/isar-cip-core/-/issues/123
> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> ---
>  .../files/move-homedir-var.tmpfiles.tmpl      |  3 +++
>  recipes-core/move-homedir-var/files/postinst  | 20 ++++++++++++++++
>  .../move-homedir-var/move-homedir-var_0.1.bb  | 24
> +++++++++++++++++++
>  3 files changed, 47 insertions(+)
>  create mode 100644 recipes-core/move-homedir-var/files/move-homedir-
> var.tmpfiles.tmpl
>  create mode 100644 recipes-core/move-homedir-var/files/postinst
>  create mode 100644 recipes-core/move-homedir-var/move-homedir-
> var_0.1.bb
> 
> diff --git a/recipes-core/move-homedir-var/files/move-homedir-
> var.tmpfiles.tmpl b/recipes-core/move-homedir-var/files/move-homedir-
> var.tmpfiles.tmpl
> new file mode 100644
> index 0000000..4dd691d
> --- /dev/null
> +++ b/recipes-core/move-homedir-var/files/move-homedir-
> var.tmpfiles.tmpl
> @@ -0,0 +1,3 @@
> +L /home - - - - /var/home
> +C /var/home - - - - /${IMMUTABLE_DATA_DIR}/home
> +
> diff --git a/recipes-core/move-homedir-var/files/postinst b/recipes-
> core/move-homedir-var/files/postinst
> new file mode 100644
> index 0000000..c2575a5
> --- /dev/null
> +++ b/recipes-core/move-homedir-var/files/postinst
> @@ -0,0 +1,20 @@
> +#!/bin/sh
> +#
> +# CIP Core, generic profile
> +#
> +# Copyright (c) Siemens AG, 2025
> +#
> +# Authors:
> +#  Quirin Gylstorff <quirin.gylstorff@siemens.com>
> +#
> +# SPDX-License-Identifier: MIT
> +#
> +
> +set -e
> +
> +if [ ! -L /home ]; then
> +	# usermod --move-home can not be used while the target user
> +	# has running processes, also we keep a symlink here
> +	mv /home /var/
> +	ln -s /var/home /home

Hi,

I prefer to not do this in a package postinst, but rather as a rootfs-
postinst bitbake task. Also the symlink should already be there, as you
add a systemd tmpfiles.d snippet in the same patch.

Felix

> +fi
> diff --git a/recipes-core/move-homedir-var/move-homedir-var_0.1.bb
> b/recipes-core/move-homedir-var/move-homedir-var_0.1.bb
> new file mode 100644
> index 0000000..965de92
> --- /dev/null
> +++ b/recipes-core/move-homedir-var/move-homedir-var_0.1.bb
> @@ -0,0 +1,24 @@
> +#
> +# CIP Core, generic profile
> +#
> +# Copyright (c) Siemens AG, 2025
> +#
> +# Authors:
> +#  Quirin Gylstorff <quirin.gylstorff@siemens.com>
> +#
> +# SPDX-License-Identifier: MIT
> +
> +inherit dpkg-raw
> +
> +DEBIAN_CONFLICTS = "home-fs"
> +SRC_URI = "file://postinst \
> +           file://${BPN}.tmpfiles.tmpl"
> +DPKG_ARCH = "all"
> +
> +IMMUTABLE_DATA_DIR ??= "usr/share/immutable-data"
> +TEMPLATE_VARS = "IMMUTABLE_DATA_DIR"
> +TEMPLATE_FILES += "${BPN}.tmpfiles.tmpl"
> +
> +do_prepare_build:append() {
> +    cp ${WORKDIR}/${BPN}.tmpfiles ${S}/debian/
> +}
Nussel, Ludwig Feb. 12, 2025, 3:10 p.m. UTC | #2 
On Tue, 2025-02-11 at 09:49 +0100, Quirin Gylstorff wrote:
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> 
> This creates a tmpfiles to copy /usr/share/immutable-data/home to /var
> Also the recipe moves /home to /var/home and creates a symbolic link
> between them.

FWIW for this kind of stuff systemd uses /usr/share/factory/ by
default. Is anyone actually creating images with non-system users that
have files in their home? Sounds like bad practice to me at least.

cu
Ludwig
Quirin Gylstorff Feb. 14, 2025, 12:38 p.m. UTC | #3 
On 2/12/25 16:10, Nussel, Ludwig (SI E R&D IOT) wrote:
> On Tue, 2025-02-11 at 09:49 +0100, Quirin Gylstorff wrote:
>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>>
>> This creates a tmpfiles to copy /usr/share/immutable-data/home to /var
>> Also the recipe moves /home to /var/home and creates a symbolic link
>> between them.
> 
> FWIW for this kind of stuff systemd uses /usr/share/factory/ by
> default.
Which systemd versions support that feature?
  Is anyone actually creating images with non-system users that
> have files in their home? Sounds like bad practice to me at least.

Agree, but I have seen that pattern so I can not assume it does not occur.

> 
> cu
> Ludwig
> 
Quirin
diff mbox series

Patch

diff --git a/recipes-core/move-homedir-var/files/move-homedir-var.tmpfiles.tmpl b/recipes-core/move-homedir-var/files/move-homedir-var.tmpfiles.tmpl
new file mode 100644
index 0000000..4dd691d
--- /dev/null
+++ b/recipes-core/move-homedir-var/files/move-homedir-var.tmpfiles.tmpl
@@ -0,0 +1,3 @@ 
+L /home - - - - /var/home
+C /var/home - - - - /${IMMUTABLE_DATA_DIR}/home
+
diff --git a/recipes-core/move-homedir-var/files/postinst b/recipes-core/move-homedir-var/files/postinst
new file mode 100644
index 0000000..c2575a5
--- /dev/null
+++ b/recipes-core/move-homedir-var/files/postinst
@@ -0,0 +1,20 @@ 
+#!/bin/sh
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2025
+#
+# Authors:
+#  Quirin Gylstorff <quirin.gylstorff@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+#
+
+set -e
+
+if [ ! -L /home ]; then
+	# usermod --move-home can not be used while the target user
+	# has running processes, also we keep a symlink here
+	mv /home /var/
+	ln -s /var/home /home
+fi
diff --git a/recipes-core/move-homedir-var/move-homedir-var_0.1.bb b/recipes-core/move-homedir-var/move-homedir-var_0.1.bb
new file mode 100644
index 0000000..965de92
--- /dev/null
+++ b/recipes-core/move-homedir-var/move-homedir-var_0.1.bb
@@ -0,0 +1,24 @@ 
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2025
+#
+# Authors:
+#  Quirin Gylstorff <quirin.gylstorff@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+
+inherit dpkg-raw
+
+DEBIAN_CONFLICTS = "home-fs"
+SRC_URI = "file://postinst \
+           file://${BPN}.tmpfiles.tmpl"
+DPKG_ARCH = "all"
+
+IMMUTABLE_DATA_DIR ??= "usr/share/immutable-data"
+TEMPLATE_VARS = "IMMUTABLE_DATA_DIR"
+TEMPLATE_FILES += "${BPN}.tmpfiles.tmpl"
+
+do_prepare_build:append() {
+    cp ${WORKDIR}/${BPN}.tmpfiles ${S}/debian/
+}