GNOME Bugzilla – Bug 732979
ostree-remount: mount a tmpfs on /var if necessary so /var is read-write
Last modified: 2014-07-10 22:03:41 UTC
As discussed on #gnome-hackers. I gave a go at using var.mount systemd unit, but it turns out to be infeasible; systemd's idea is that mounts are statically configured, and it can't handle a mount changing from one thing to another. This *could* be done as a separate service, but: * It needs to happen after ostree-remount and before everything ostree-remount is before. * If the ostree handling of /var changes (to handle /var on a network mount, for example), this will also need adjustment. * Any changes to systemd that affect how the filesystem is constructed will need coordinated adjustment of existing ostree code and this. The main other place that something like this would make sense to me would be in systemd itself, but figuring out it would work exactly seems like a big project!
Created attachment 280316 [details] [review] ostree-remount: mount a tmpfs on /var if necessary so /var is read-write /var needs to be read-write for a functioning system. Various systemd services will fail to start if /var is read-only. After we remount /var (or if we skip remounting /var because / is read-only), if /var is still readonly, mount a tmpfs file system on /var. While this isn't strictly part of ostree, keeping it here makes sense because it keeps twiddling around with the /var mount in one place for easier coordination and maintenance. This will likely need updating if systemd gains better support for a readonly root filesystem.
Review of attachment 280316 [details] [review]: rev ::: src/switchroot/ostree-remount.c @@ +116,3 @@ } + + maybe_mount_tmpfs_on_var (); I'm a bit confused by this one - under what scenarios would / be mounted read-write, but we still see /var as readonly? The code just above it must have mounted it read-write too?
(In reply to comment #2) > Review of attachment 280316 [details] [review]: > > rev > > ::: src/switchroot/ostree-remount.c > @@ +116,3 @@ > } > + > + maybe_mount_tmpfs_on_var (); > > I'm a bit confused by this one - under what scenarios would / be mounted > read-write, but we still see /var as readonly? The code just above it must > have mounted it read-write too? There is some concern in ostree-remount for handling scenarios that aren't just like the canonical OSTree setup - namely handling / subdirectories that are symlinks are that aren't bind mounts. So this was basically along the same lines - I remembered an IRC conversation from a few days ago where someone suggested making / a tmpfs. Also, if the claim of the patch is to mount tmpfs over /var if read-only it seemed best to do that definitively and not leave cracks or questions. But that being said, I don't feel at all strongly about it and would be happy to leave the tmpfs-mount only in the readonly path if you'd prefer it that way - an earlier iteration of my patch did that.
Got go-ahead from Colin in person based on latest comment. Attachment 280316 [details] pushed as ff6883c - ostree-remount: mount a tmpfs on /var if necessary so /var is read-write