Merge pull request #2186 from jlebon/pr/etc-rw

Fix read-only /etc when using sysroot=readonly and a separate /var mount
2020-08-28 14:52:24 -04:00 · 2020-08-28 14:52:24 -04:00 · 75376bae4c
parent 22b3883aa4 8408f8913b
commit 75376bae4c
3 changed files with 12 additions and 1 deletions
--- a/.cci.jenkinsfile
+++ b/.cci.jenkinsfile
@ -72,6 +72,12 @@ parallel fcos: {
        tar -C insttree -xzvf insttree.tar.gz
        rsync -rlv insttree/ /
        coreos-assembler init --force https://github.com/coreos/fedora-coreos-config
+        # XXX: We temporarily add these tests until they get merged into FCOS proper
+        (mkdir -p tests/kola/var-mount
+         cd tests/kola/var-mount
+         curl -L --remote-name-all \
+            https://raw.githubusercontent.com/jlebon/fedora-coreos-config/pr/var-mount/tests/kola/var-mount/{config.ign,test.sh}
+         chmod a+x test.sh)
        mkdir -p overrides/rootfs
        mv insttree/* overrides/rootfs/
        rmdir insttree
--- a/src/switchroot/ostree-prepare-root.c
+++ b/src/switchroot/ostree-prepare-root.c
@ -251,7 +251,7 @@ main(int argc, char *argv[])
       * sysroot, we still need a writable /etc.  And to avoid race conditions
       * we ensure it's writable in the initramfs, before we switchroot at all.
       */
-      if (mount ("/etc", "/etc", NULL, MS_BIND, NULL) < 0)
+      if (mount ("etc", "etc", NULL, MS_BIND, NULL) < 0)
        err (EXIT_FAILURE, "failed to make /etc a bind mount");
      /* Pass on the fact that we discovered a readonly sysroot to ostree-remount.service */
      int fd = open (_OSTREE_SYSROOT_READONLY_STAMP, O_WRONLY | O_CREAT | O_CLOEXEC, 0644);
--- a/src/switchroot/ostree-remount.c
+++ b/src/switchroot/ostree-remount.c
@ -112,6 +112,11 @@ main(int argc, char *argv[])
  bool sysroot_configured_readonly = unlink (_OSTREE_SYSROOT_READONLY_STAMP) == 0;
  do_remount ("/sysroot", !sysroot_configured_readonly);

+  /* And also make sure to make /etc rw again. We make this conditional on
+   * sysroot_configured_readonly because only in that case is it a bind-mount. */
+  if (sysroot_configured_readonly)
+    do_remount ("/etc", true);
+
  /* If /var was created as as an OSTree default bind mount (instead of being a separate filesystem)
    * then remounting the root mount read-only also remounted it.
    * So just like /etc, we need to make it read-write by default.