From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 02 Jul 2025 08:00:46 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-qt1-f183.google.com (mail-qt1-f183.google.com [209.85.160.183]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 56260iB6006305 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 2 Jul 2025 08:00:45 +0200 Received: by mail-qt1-f183.google.com with SMTP id d75a77b69052e-4a441a769c7sf114646461cf.3 for ; Tue, 01 Jul 2025 23:00:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1751436039; x=1752040839; darn=ilbers.de; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:x-original-sender :mime-version:subject:references:in-reply-to:message-id:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=3RL1OfMx7HHZPP8zxrGZxsdd/4MwC90AtJumOHH/C0E=; b=HLq7ZFvdRN/7zW1IHOnlIpydw6wm0LW5eW80edooATn9b/elSqE+A97KCeK+E5PFff u2AYlmXnO1Px1zD/+jkvVH+UZQnKieKJTy10TkcI3iAZmKawBW+KdOc4NXcNEULiBpXz L0lgsCDdvQx7qUqKm8PYT4MSJVuidNWdZdFOZ2MP+/nbITBe45YWJJ8rJhlOt4WJ+PNk iJOI5hiFcqZzffsNFAcL7aaugn3TUGxZzgbZusY+9KyrfwlclXSN9n6wWRvlrKAt9S7A dvyMdpMEIRXpSh4q41yBepESUgwECyskqIaRxEjS/Pc9RB+yOH6bCQARO5af0ipIg9hu u2tQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751436039; x=1752040839; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-sender:mime-version:subject:references:in-reply-to :message-id:to:from:date:x-beenthere:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3RL1OfMx7HHZPP8zxrGZxsdd/4MwC90AtJumOHH/C0E=; b=LM4BQctzhv/T5FgJB3Skx7O+UPMdokKU334q/M/ItWipRGiQO0KCSdr9FWMg9v7Qx7 dhchVC2hBdRecfLggYQxJaktftTb6tsStA9tidRditarI/BRyF75Q9cXZjKD4jQxIzu7 rV/MzfpDvdyuI2XolNu/RMOn2maRvqfB69T4itUYA8j3PJfPnV4t9KScbBJjsAETrLOB 2+RKPg7pU9TMHb6ZNtj5b0nskky8JTElmq4zhrLU+DbRWL4DBbmX5eoBxyHZb9QGyG12 KPLuffO1ESX2a1ZBUqMkkiSPpAYGoo6IhqgPfzoBSItYtj5pXNjUtLkLvMCk2uQsYmzJ k7pw== X-Forwarded-Encrypted: i=1; AJvYcCVrY2eSDuMC1QCwoUuOSqgsTcuJBnw2WlVqP+n5lOz6YyQbgbtjerpRdjhOY/bNES6TUIY/@ilbers.de X-Gm-Message-State: AOJu0YzUXDt0iJ/lWUwiyFndLF/7+LseREFtb0oguj3HPqWdkjWn2m/h IdCVmIyHn2NIYJeer941Cs+/gp0F4bltbfdWBF7oW5YQ6N4Jz1QAZ2Wb X-Google-Smtp-Source: AGHT+IEtRSKESxQFVi9JbquVneJpNw4Uk3SUicmQMJVqXLR++wDCLDtaIjfWv8Q03AxsAeZcuC9FvA== X-Received: by 2002:ac8:5942:0:b0:4a8:5a:9e2f with SMTP id d75a77b69052e-4a97692a5a6mr26905131cf.8.1751436038451; Tue, 01 Jul 2025 23:00:38 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=AZMbMZfqcjR/2JQwBk9tuiDjijSY257EVBkW0Jfxf2XgkNiPuA== Received: by 2002:a05:622a:59ca:b0:4a5:a87e:51c1 with SMTP id d75a77b69052e-4a82f15a0a7ls28394701cf.1.-pod-prod-03-us; Tue, 01 Jul 2025 23:00:37 -0700 (PDT) X-Received: by 2002:a05:620a:178e:b0:7cc:8a39:29df with SMTP id af79cd13be357-7d5c4661a4fmr277675085a.9.1751436037222; Tue, 01 Jul 2025 23:00:37 -0700 (PDT) Date: Tue, 1 Jul 2025 23:00:35 -0700 (PDT) From: "'Badrikesh Prusty' via isar-users" To: isar-users Message-Id: <04d29557-40ed-4a02-a675-66ae292829e6n@googlegroups.com> In-Reply-To: References: <20250629202822.10616-1-badrikesh.prusty@siemens.com> Subject: Re: [PATCH v4] isar-installer: Mount /tmp as tmpfs for read-only boot fix MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_49740_1595999935.1751436035958" X-Original-Sender: badrikesh.prusty@siemens.com X-Original-From: Badrikesh Prusty Reply-To: Badrikesh Prusty Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HTML_MESSAGE,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-TUID: X6ifg77TVvpc ------=_Part_49740_1595999935.1751436035958 Content-Type: multipart/alternative; boundary="----=_Part_49741_586412031.1751436035958" ------=_Part_49741_586412031.1751436035958 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi, I'm unsure why a defensive approach to avoid overruling /etc/fstab. My goal for systemd-tmpfs-tmp package (as it is configuration package) was= =20 for it to be an out-of-the-box solution requiring no additional=20 configuration. Since users can choose whether to pre-install this package= =20 during build time, and if /tmp is already configured in /etc/fstab (if=20 users aren't aware of), installing it will be ineffective, which could lead= =20 users to think it's not working as intended. Furthermore, systemd versions >=3D 256 now ship the tmp.mount unit file at= =20 /usr/lib/systemd/system/tmp.mount. Any suggestions are welcome. Thanks, Badrikesh On Wednesday, July 2, 2025 at 1:42:29=E2=80=AFAM UTC+5:30 Heinisch, Alexand= er wrote: > On Sun, 2025-06-29 at 16:28 -0400, 'Badrikesh Prusty' via isar-users > wrote: > > From: badrikesh prusty > >=20 > > Fix image installation when isar-image-installer rootfs is booted as > > read-only > > by ensuring /tmp is mounted as tmpfs. > >=20 > > With the latest isar installer, Bmaptool now creates the > > /tmp/progress pipe to > > track and display installation progress in a progress bar. > >=20 > > To mount /tmp as tmpfs, this change utilizes systemd's tmp.mount. As > > tmp.mount > > is located in /usr/share/systemd/ for systemd versions up to Debian > > Bookworm, > > and in /usr/lib/systemd/system/tmp.mount for versions 256.x and > > newer, the file > > must be copied to /etc/systemd/system/. > >=20 > > Placing tmp.mount unit file in /etc/systemd/system/ ensures its > > configuration > > for /tmp takes precedence, overriding any entry found in /etc/fstab. > >=20 > > Signed-off-by: badrikesh prusty > > --- > > .../deploy-image/deploy-image_0.1.bb | 6 ++++-- > > .../systemd-tmpfs-tmp/files/postinst | 16 > > ++++++++++++++++ > > .../systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb | 13 +++++++++++++ > > 3 files changed, 33 insertions(+), 2 deletions(-) > > create mode 100644 meta-isar/recipes-installer/systemd-tmpfs- > > tmp/files/postinst > > create mode 100644 meta-isar/recipes-installer/systemd-tmpfs- > > tmp/systemd-tmpfs-tmp_0.1.b > > b > >=20 > > diff --git a/meta-isar/recipes-installer/deploy-image/deploy- > > image_0.1.bb b/meta-isar/recipes-installer/deploy-image/deploy- > > image_0.1.bb > > index 54e521b5..b287a8d1 100644 > > --- a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb > > +++ b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb > > @@ -10,8 +10,10 @@ inherit dpkg-raw > > SRC_URI =3D "file://usr/bin/deploy-image-wic.sh \ > > file://usr/lib/deploy-image-wic/handle-config.sh \ > > " > > -DEPENDS:bookworm +=3D "bmap-tools" > > -DEBIAN_DEPENDS =3D "bmap-tools, pv, dialog, util-linux, parted, fdisk, > > gdisk, pigz, xz-utils, pbzip2, zstd" > > + > > +DEPENDS:append:bookworm =3D " bmap-tools" > > +DEPENDS:append =3D " systemd-tmpfs-tmp" > > +DEBIAN_DEPENDS =3D "bmap-tools, pv, dialog, util-linux, parted, fdisk, > > gdisk, pigz, systemd-tmpfs-tmp, xz-utils, pbzip2, zstd" > > do_install[cleandirs] =3D "${D}/usr/bin/ \ > > ${D}/usr/lib/deploy-image-wic \ > > " > > diff --git a/meta-isar/recipes-installer/systemd-tmpfs- > > tmp/files/postinst b/meta-isar/recipes-installer/systemd-tmpfs- > > tmp/files/postinst > > new file mode 100644 > > index 00000000..9d75025d > > --- /dev/null > > +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst > > @@ -0,0 +1,16 @@ > > +#!/bin/sh > > + > > +set -e > > + > > +DEST=3D"/etc/systemd/system/tmp.mount" > Do we really want to overrule /etc/fstab? > Wouldn't `DEST=3D"/usr/lib/systemd/system/tmp.mount"` be a more defensive > approach? > > Repost from previous thread: > --- > Systemd already provides some predefined behaviour to manage common > mounts like `/tmp`. [1] > > "If a mount point is configured in both /etc/fstab and a unit file that > is stored below /usr/, the former will take precedence. If the unit > file is stored below /etc/, it will take precedence. This means: native > unit files take precedence over traditional configuration files, but > this is superseded by the rule that configuration in /etc/ will always > take precedence over configuration in /usr/." > - [2] > > TL;DR: If we put `tmp.mount` at `/usr/lib/systemd/system/` systemd > takes care about fstab vs tmp.mount precedence as you try to enforce it > here. > Besides that, as this check is executed as postinst, it possibly leads > to undesired mount results, depending on package install order. e.g. > later packages modify `/etc/fstab`. > --- > > + > > +if [ ! -e "${DEST}" ]; then > > + # Possible source paths for tmp.mount > > + for SRC in /usr/share/systemd/tmp.mount > > /usr/lib/systemd/system/tmp.mount; do > > + # If the source file exists, copy it to the destination and > > exit the loop > > + [ -e "${SRC}" ] && cp ${SRC} ${DEST} && break > > + done > > +fi > > + > > +# Enable the mount unit using deb-systemd-helper; ignore errors if > > it fails > > +deb-systemd-helper enable tmp.mount || true > > diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd- > > tmpfs-tmp_0.1.bb b/meta-isar/recipes-installer/systemd-tmpfs- > > tmp/systemd-tmpfs-tmp_0.1.bb > > new file mode 100644 > > index 00000000..c0ab1bcf > > --- /dev/null > > +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs- > > tmp_0.1.bb > > @@ -0,0 +1,13 @@ > > +# This software is a part of ISAR. > > +# Copyright (C) Siemens AG, 2025 > > +# > > +# SPDX-License-Identifier: MIT > > + > > +inherit dpkg-raw > > + > > +DESCRIPTION =3D "Configures /tmp as systemd-managed temporary > > filesystem (tmpfs), ensuring read-write access even if rootfs is > > read-only" > > +MAINTAINER =3D "isar-users " > > + > > +SRC_URI =3D "file://postinst" > > + > > +DEBIAN_DEPENDS =3D "systemd" > > --=20 > > 2.47.2 > >=20 > > --=20 > Alexander Heinisch > Siemens AG > www.siemens.com > --=20 You received this message because you are subscribed to the Google Groups "= isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/= 04d29557-40ed-4a02-a675-66ae292829e6n%40googlegroups.com. ------=_Part_49741_586412031.1751436035958 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi,

I'm unsure why a defensive approach to avoid overr= uling /etc/fstab.

My goal for systemd-tmpfs-tmp = package (as it is configuration package) was for it to be an out-of-the-box= solution requiring no additional configuration. Since users can choose whe= ther to pre-install this package during build time, and if /tmp is already = configured in /etc/fstab (if users aren't aware of), installing it will be = ineffective, which could lead users to think it's not working as intended.<= /div>

Furthermore, systemd versions >=3D 256 now sh= ip the tmp.mount unit file at /usr/lib/systemd/system/tmp.mount.

Any suggestions are welcome.

Thanks,=
Badrikesh
On Wednesday, July 2, 2025 at 1:42:29=E2=80=AFAM UTC+5:30 = Heinisch, Alexander wrote:
On Sun, 2025-06-29 at 16:28 -0400, 'Badrikesh Prusty'= via isar-users
wrote:
> From: badrikesh prusty <badrikes...@siemens.com>
>=20
> Fix image installation when isar-image-installer rootfs is booted = as
> read-only
> by ensuring /tmp is mounted as tmpfs.
>=20
> With the latest isar installer, Bmaptool now creates the
> /tmp/progress pipe to
> track and display installation progress in a progress bar.
>=20
> To mount /tmp as tmpfs, this change utilizes systemd's tmp.mou= nt. As
> tmp.mount
> is located in /usr/share/systemd/ for systemd versions up to Debia= n
> Bookworm,
> and in /usr/lib/systemd/system/tmp.mount for versions 256.x and
> newer, the file
> must be copied to /etc/systemd/system/.
>=20
> Placing tmp.mount unit file in /etc/systemd/system/ ensures its
> configuration
> for /tmp takes precedence, overriding any entry found in /etc/fsta= b.
>=20
> Signed-off-by: badrikesh prusty <badrikes...@siemens.com>
> ---
> =C2=A0.../deploy-image/deploy-image_0= .1.bb=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0 |=C2=A0 6 ++++--
> =C2=A0.../systemd-tmpfs-tmp/files/postinst=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | 16
> ++++++++++++++++
> =C2=A0.../systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb=C2=A0=C2=A0 | 13 +++++++++++++
> =C2=A03 files changed, 33 insertions(+), 2 deletions(-)
> =C2=A0create mode 100644 meta-isar/recipes-installer/systemd-tmpfs= -
> tmp/files/postinst
> =C2=A0create mode 100644 meta-isar/recipes-installer/systemd-tmpfs= -
> tmp/systemd-tmpfs-tmp_0.1.b
> b
>=20
> diff --git a/meta-isar/recipes-installer/deploy-image/deploy-
> image_0.1.bb b/meta-isar/recipes-installer/depl= oy-image/deploy-
> image_0.1.bb
> index 54e521b5..b287a8d1 100644
> --- a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb
> +++ b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb
> @@ -10,8 +10,10 @@ inherit dpkg-raw
> =C2=A0SRC_URI =3D "file://usr/bin/deploy-image-wic.sh=C2=A0\
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= file://usr/lib/deploy-image-wic/handle-config.sh=C2=A0\
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 "= ;
> -DEPENDS:bookworm +=3D "bmap-tools"
> -DEBIAN_DEPENDS =3D "bmap-tools, pv, dialog, util-linux, part= ed, fdisk,
> gdisk, pigz, xz-utils, pbzip2, zstd"
> +
> +DEPENDS:append:bookworm =3D " bmap-tools"
> +DEPENDS:append =3D " systemd-tmpfs-tmp"
> +DEBIAN_DEPENDS =3D "bmap-tools, pv, dialog, util-linux, part= ed, fdisk,
> gdisk, pigz, systemd-tmpfs-tmp, xz-utils, pbzip2, zstd"
> =C2=A0do_install[cleandirs] =3D "${D}/usr/bin/ \
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 ${D}/usr/lib/deploy-image-wic \
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 "
> diff --git a/meta-isar/recipes-installer/systemd-tmpfs-
> tmp/files/postinst b/meta-isar/recipes-installer/systemd-tmpfs-
> tmp/files/postinst
> new file mode 100644
> index 00000000..9d75025d
> --- /dev/null
> +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst
> @@ -0,0 +1,16 @@
> +#!/bin/sh
> +
> +set -e
> +
> +DEST=3D"/etc/systemd/system/tmp.mount"
Do we really want to overrule /etc/fstab?
Wouldn't `DEST=3D"/usr/lib/systemd/system/tmp.mount"` be = a more defensive
approach?

Repost from previous thread:
---
Systemd already provides some predefined behaviour to manage common
mounts like `/tmp`. [1]

"If a mount point is configured in both /etc/fstab and a unit file= that
is stored below /usr/, the former will take precedence. If the unit
file is stored below /etc/, it will take precedence. This means: native
unit files take precedence over traditional configuration files, but
this is superseded by the rule that configuration in /etc/ will always
take precedence over configuration in /usr/."
- [2]

TL;DR: If we put `tmp.mount` at `/usr/lib/systemd/system/` systemd
takes care about fstab vs tmp.mount precedence as you try to enforce it
here.
Besides that, as this check is executed as postinst, it possibly leads
to undesired mount results, depending on package install order. e.g.
later packages modify `/etc/fstab`.
---
> +
> +if [ ! -e "${DEST}" ]; then
> +=C2=A0=C2=A0=C2=A0 # Possible source paths for tmp.mount
> +=C2=A0=C2=A0=C2=A0 for SRC in /usr/share/systemd/tmp.mount
> /usr/lib/systemd/system/tmp.mount; do
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 # If the source file e= xists, copy it to the destination and
> exit the loop
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 [ -e "${SRC}"= ; ] && cp ${SRC} ${DEST} && break
> +=C2=A0=C2=A0=C2=A0 done
> +fi
> +
> +# Enable the mount unit using deb-systemd-helper; ignore errors i= f
> it fails
> +deb-systemd-helper enable tmp.mount || true
> diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd= -
> tmpfs-tmp_0.1.bb b/meta-isar/recipes-i= nstaller/systemd-tmpfs-
> tmp/systemd-tmpfs-tmp_0.1.b= b
> new file mode 100644
> index 00000000..c0ab1bcf
> --- /dev/null
> +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-
> tmp_0.1.bb
> @@ -0,0 +1,13 @@
> +# This software is a part of ISAR.
> +# Copyright (C) Siemens AG, 2025
> +#
> +# SPDX-License-Identifier: MIT
> +
> +inherit dpkg-raw
> +
> +DESCRIPTION =3D "Configures /tmp as systemd-managed temporar= y
> filesystem (tmpfs), ensuring read-write access even if rootfs is
> read-only"
> +MAINTAINER =3D "isar-users <isar-...@googlegroups.com>"
> +
> +SRC_URI =3D "file://postinst"
> +
> +DEBIAN_DEPENDS =3D "systemd"
> --=20
> 2.47.2
>=20

--=20
Alexander Heinisch
Siemens AG
www.siemens.com

--
You received this message because you are subscribed to the Google Groups &= quot;isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to isar-use= rs+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-use= rs/04d29557-40ed-4a02-a675-66ae292829e6n%40googlegroups.com.
------=_Part_49741_586412031.1751436035958-- ------=_Part_49740_1595999935.1751436035958--