* [PATCH v2] isar-installer: Mount /tmp as tmpfs for read-only boot fix [not found] <xaL_dTtRg-0> @ 2025-06-13 17:48 ` 'Badrikesh Prusty' via isar-users 2025-06-16 9:44 ` [PATCH v3] " 'Badrikesh Prusty' via isar-users 2025-06-29 20:28 ` [PATCH v4] " 'Badrikesh Prusty' via isar-users 2 siblings, 0 replies; 6+ messages in thread From: 'Badrikesh Prusty' via isar-users @ 2025-06-13 17:48 UTC (permalink / raw) To: isar-users; +Cc: Badrikesh Prusty Fix image installation when isar-image-installer rootfs is booted as read-only by ensuring /tmp is mounted as tmpfs. With the latest isar installer, Bmaptool now creates the /tmp/progress pipe to track and display installation progress in a progress bar. This change utilizes systemd's tmp.mount to mount /tmp as tmpfs. Since systemd versions up to Debian Bookworm ship tmp.mount in /usr/share/systemd/, the file must be copied to a directory where systemctl can enable it. For systemd versions 256.x and newer, tmp.mount is shipped in the appropriate location: /usr/lib/systemd/system/tmp.mount Signed-off-by: Badrikesh Prusty <badrikesh.prusty@siemens.com> --- .../deploy-image/deploy-image_0.1.bb | 3 ++- .../systemd-tmpfs-tmp/files/postinst | 15 +++++++++++++++ .../systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb | 10 ++++++++++ 3 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst create mode 100644 meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb diff --git a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb index 54e521b5..e67feae5 100644 --- a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb +++ b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb @@ -11,7 +11,8 @@ SRC_URI = "file://usr/bin/deploy-image-wic.sh \ file://usr/lib/deploy-image-wic/handle-config.sh \ " DEPENDS:bookworm += "bmap-tools" -DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, gdisk, pigz, xz-utils, pbzip2, zstd" +DEPENDS:append = " systemd-tmpfs-tmp" +DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, gdisk, pigz, systemd-tmpfs-tmp, xz-utils, pbzip2, zstd" do_install[cleandirs] = "${D}/usr/bin/ \ ${D}/usr/lib/deploy-image-wic \ " diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst new file mode 100644 index 00000000..be1594e6 --- /dev/null +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst @@ -0,0 +1,15 @@ +#!/bin/sh + +set -e + +# Enable tmp.mount if /tmp is NOT configured in /etc/fstab +if ! grep -q '/tmp' /etc/fstab; then + # Ensure tmp.mount exists in systemd path + if [ ! -e /usr/lib/systemd/system/tmp.mount ] && [ ! -e /etc/systemd/system/tmp.mount ]; then + cp /usr/share/systemd/tmp.mount /etc/systemd/system/tmp.mount + fi + + # Enable the mount unit using deb-systemd-helper + deb-systemd-helper enable tmp.mount || true +fi + diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb new file mode 100644 index 00000000..a1410f65 --- /dev/null +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb @@ -0,0 +1,10 @@ +# This software is a part of ISAR. +# Copyright (C) Siemens AG, 2025 +# +# SPDX-License-Identifier: MIT + +inherit dpkg-raw + +SRC_URI = "file://postinst" + +DEBIAN_DEPENDS = "systemd" -- 2.39.5 -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/20250613174859.14859-1-badrikesh.prusty%40siemens.com. ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v3] isar-installer: Mount /tmp as tmpfs for read-only boot fix [not found] <xaL_dTtRg-0> 2025-06-13 17:48 ` [PATCH v2] isar-installer: Mount /tmp as tmpfs for read-only boot fix 'Badrikesh Prusty' via isar-users @ 2025-06-16 9:44 ` 'Badrikesh Prusty' via isar-users 2025-06-29 20:28 ` [PATCH v4] " 'Badrikesh Prusty' via isar-users 2 siblings, 0 replies; 6+ messages in thread From: 'Badrikesh Prusty' via isar-users @ 2025-06-16 9:44 UTC (permalink / raw) To: isar-users; +Cc: Badrikesh Prusty Fix image installation when isar-image-installer rootfs is booted as read-only by ensuring /tmp is mounted as tmpfs. With the latest isar installer, Bmaptool now creates the /tmp/progress pipe to track and display installation progress in a progress bar. This change utilizes systemd's tmp.mount to mount /tmp as tmpfs. Since systemd versions up to Debian Bookworm ship tmp.mount in /usr/share/systemd/, the file must be copied to a directory where systemctl can enable it. For systemd versions 256.x and newer, tmp.mount is shipped in the appropriate location: /usr/lib/systemd/system/tmp.mount Signed-off-by: Badrikesh Prusty <badrikesh.prusty@siemens.com> --- .../deploy-image/deploy-image_0.1.bb | 6 ++++-- .../systemd-tmpfs-tmp/files/postinst | 15 +++++++++++++++ .../systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb | 13 +++++++++++++ 3 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst create mode 100644 meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb diff --git a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb index 54e521b5..b287a8d1 100644 --- a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb +++ b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb @@ -10,8 +10,10 @@ inherit dpkg-raw SRC_URI = "file://usr/bin/deploy-image-wic.sh \ file://usr/lib/deploy-image-wic/handle-config.sh \ " -DEPENDS:bookworm += "bmap-tools" -DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, gdisk, pigz, xz-utils, pbzip2, zstd" + +DEPENDS:append:bookworm = " bmap-tools" +DEPENDS:append = " systemd-tmpfs-tmp" +DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, gdisk, pigz, systemd-tmpfs-tmp, xz-utils, pbzip2, zstd" do_install[cleandirs] = "${D}/usr/bin/ \ ${D}/usr/lib/deploy-image-wic \ " diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst new file mode 100644 index 00000000..cb979303 --- /dev/null +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst @@ -0,0 +1,15 @@ +#!/bin/sh + +set -e + +# Enable tmp.mount if /tmp is not configured in /etc/fstab +if ! grep -q '/tmp' /etc/fstab; then + # Ensure tmp.mount exists in systemd path + if [ ! -e /usr/lib/systemd/system/tmp.mount ] && [ ! -e /etc/systemd/system/tmp.mount ]; then + cp /usr/share/systemd/tmp.mount /etc/systemd/system/tmp.mount + fi + + # Enable the mount unit using deb-systemd-helper + deb-systemd-helper enable tmp.mount || true +fi + diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb new file mode 100644 index 00000000..c0ab1bcf --- /dev/null +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb @@ -0,0 +1,13 @@ +# This software is a part of ISAR. +# Copyright (C) Siemens AG, 2025 +# +# SPDX-License-Identifier: MIT + +inherit dpkg-raw + +DESCRIPTION = "Configures /tmp as systemd-managed temporary filesystem (tmpfs), ensuring read-write access even if rootfs is read-only" +MAINTAINER = "isar-users <isar-users@googlegroups.com>" + +SRC_URI = "file://postinst" + +DEBIAN_DEPENDS = "systemd" -- 2.39.5 -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/20250616094433.44736-1-badrikesh.prusty%40siemens.com. ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v4] isar-installer: Mount /tmp as tmpfs for read-only boot fix [not found] <xaL_dTtRg-0> 2025-06-13 17:48 ` [PATCH v2] isar-installer: Mount /tmp as tmpfs for read-only boot fix 'Badrikesh Prusty' via isar-users 2025-06-16 9:44 ` [PATCH v3] " 'Badrikesh Prusty' via isar-users @ 2025-06-29 20:28 ` 'Badrikesh Prusty' via isar-users 2025-07-01 20:12 ` 'Heinisch, Alexander' via isar-users 2 siblings, 1 reply; 6+ messages in thread From: 'Badrikesh Prusty' via isar-users @ 2025-06-29 20:28 UTC (permalink / raw) To: isar-users; +Cc: badrikesh prusty From: badrikesh prusty <badrikesh.prusty@siemens.com> Fix image installation when isar-image-installer rootfs is booted as read-only by ensuring /tmp is mounted as tmpfs. With the latest isar installer, Bmaptool now creates the /tmp/progress pipe to track and display installation progress in a progress bar. To mount /tmp as tmpfs, this change utilizes systemd's tmp.mount. As tmp.mount is located in /usr/share/systemd/ for systemd versions up to Debian Bookworm, and in /usr/lib/systemd/system/tmp.mount for versions 256.x and newer, the file must be copied to /etc/systemd/system/. Placing tmp.mount unit file in /etc/systemd/system/ ensures its configuration for /tmp takes precedence, overriding any entry found in /etc/fstab. Signed-off-by: badrikesh prusty <badrikesh.prusty@siemens.com> --- .../deploy-image/deploy-image_0.1.bb | 6 ++++-- .../systemd-tmpfs-tmp/files/postinst | 16 ++++++++++++++++ .../systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb | 13 +++++++++++++ 3 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst create mode 100644 meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb diff --git a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb index 54e521b5..b287a8d1 100644 --- a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb +++ b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb @@ -10,8 +10,10 @@ inherit dpkg-raw SRC_URI = "file://usr/bin/deploy-image-wic.sh \ file://usr/lib/deploy-image-wic/handle-config.sh \ " -DEPENDS:bookworm += "bmap-tools" -DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, gdisk, pigz, xz-utils, pbzip2, zstd" + +DEPENDS:append:bookworm = " bmap-tools" +DEPENDS:append = " systemd-tmpfs-tmp" +DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, gdisk, pigz, systemd-tmpfs-tmp, xz-utils, pbzip2, zstd" do_install[cleandirs] = "${D}/usr/bin/ \ ${D}/usr/lib/deploy-image-wic \ " diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst new file mode 100644 index 00000000..9d75025d --- /dev/null +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst @@ -0,0 +1,16 @@ +#!/bin/sh + +set -e + +DEST="/etc/systemd/system/tmp.mount" + +if [ ! -e "${DEST}" ]; then + # Possible source paths for tmp.mount + for SRC in /usr/share/systemd/tmp.mount /usr/lib/systemd/system/tmp.mount; do + # If the source file exists, copy it to the destination and exit the loop + [ -e "${SRC}" ] && cp ${SRC} ${DEST} && break + done +fi + +# Enable the mount unit using deb-systemd-helper; ignore errors if it fails +deb-systemd-helper enable tmp.mount || true diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb new file mode 100644 index 00000000..c0ab1bcf --- /dev/null +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb @@ -0,0 +1,13 @@ +# This software is a part of ISAR. +# Copyright (C) Siemens AG, 2025 +# +# SPDX-License-Identifier: MIT + +inherit dpkg-raw + +DESCRIPTION = "Configures /tmp as systemd-managed temporary filesystem (tmpfs), ensuring read-write access even if rootfs is read-only" +MAINTAINER = "isar-users <isar-users@googlegroups.com>" + +SRC_URI = "file://postinst" + +DEBIAN_DEPENDS = "systemd" -- 2.47.2 -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/20250629202822.10616-1-badrikesh.prusty%40siemens.com. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v4] isar-installer: Mount /tmp as tmpfs for read-only boot fix 2025-06-29 20:28 ` [PATCH v4] " 'Badrikesh Prusty' via isar-users @ 2025-07-01 20:12 ` 'Heinisch, Alexander' via isar-users 2025-07-02 6:00 ` 'Badrikesh Prusty' via isar-users 0 siblings, 1 reply; 6+ messages in thread From: 'Heinisch, Alexander' via isar-users @ 2025-07-01 20:12 UTC (permalink / raw) To: Prusty, Badrikesh, isar-users On Sun, 2025-06-29 at 16:28 -0400, 'Badrikesh Prusty' via isar-users wrote: > From: badrikesh prusty <badrikesh.prusty@siemens.com> > > Fix image installation when isar-image-installer rootfs is booted as > read-only > by ensuring /tmp is mounted as tmpfs. > > With the latest isar installer, Bmaptool now creates the > /tmp/progress pipe to > track and display installation progress in a progress bar. > > To mount /tmp as tmpfs, this change utilizes systemd's tmp.mount. As > tmp.mount > is located in /usr/share/systemd/ for systemd versions up to Debian > Bookworm, > and in /usr/lib/systemd/system/tmp.mount for versions 256.x and > newer, the file > must be copied to /etc/systemd/system/. > > Placing tmp.mount unit file in /etc/systemd/system/ ensures its > configuration > for /tmp takes precedence, overriding any entry found in /etc/fstab. > > Signed-off-by: badrikesh prusty <badrikesh.prusty@siemens.com> > --- > .../deploy-image/deploy-image_0.1.bb | 6 ++++-- > .../systemd-tmpfs-tmp/files/postinst | 16 > ++++++++++++++++ > .../systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb | 13 +++++++++++++ > 3 files changed, 33 insertions(+), 2 deletions(-) > create mode 100644 meta-isar/recipes-installer/systemd-tmpfs- > tmp/files/postinst > create mode 100644 meta-isar/recipes-installer/systemd-tmpfs- > tmp/systemd-tmpfs-tmp_0.1.b > b > > diff --git a/meta-isar/recipes-installer/deploy-image/deploy- > image_0.1.bb b/meta-isar/recipes-installer/deploy-image/deploy- > image_0.1.bb > index 54e521b5..b287a8d1 100644 > --- a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb > +++ b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb > @@ -10,8 +10,10 @@ inherit dpkg-raw > SRC_URI = "file://usr/bin/deploy-image-wic.sh \ > file://usr/lib/deploy-image-wic/handle-config.sh \ > " > -DEPENDS:bookworm += "bmap-tools" > -DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, > gdisk, pigz, xz-utils, pbzip2, zstd" > + > +DEPENDS:append:bookworm = " bmap-tools" > +DEPENDS:append = " systemd-tmpfs-tmp" > +DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, > gdisk, pigz, systemd-tmpfs-tmp, xz-utils, pbzip2, zstd" > do_install[cleandirs] = "${D}/usr/bin/ \ > ${D}/usr/lib/deploy-image-wic \ > " > diff --git a/meta-isar/recipes-installer/systemd-tmpfs- > tmp/files/postinst b/meta-isar/recipes-installer/systemd-tmpfs- > tmp/files/postinst > new file mode 100644 > index 00000000..9d75025d > --- /dev/null > +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst > @@ -0,0 +1,16 @@ > +#!/bin/sh > + > +set -e > + > +DEST="/etc/systemd/system/tmp.mount" Do we really want to overrule /etc/fstab? Wouldn't `DEST="/usr/lib/systemd/system/tmp.mount"` be a more defensive approach? Repost from previous thread: --- Systemd already provides some predefined behaviour to manage common mounts like `/tmp`. [1] "If a mount point is configured in both /etc/fstab and a unit file that is stored below /usr/, the former will take precedence. If the unit file is stored below /etc/, it will take precedence. This means: native unit files take precedence over traditional configuration files, but this is superseded by the rule that configuration in /etc/ will always take precedence over configuration in /usr/." - [2] TL;DR: If we put `tmp.mount` at `/usr/lib/systemd/system/` systemd takes care about fstab vs tmp.mount precedence as you try to enforce it here. Besides that, as this check is executed as postinst, it possibly leads to undesired mount results, depending on package install order. e.g. later packages modify `/etc/fstab`. --- > + > +if [ ! -e "${DEST}" ]; then > + # Possible source paths for tmp.mount > + for SRC in /usr/share/systemd/tmp.mount > /usr/lib/systemd/system/tmp.mount; do > + # If the source file exists, copy it to the destination and > exit the loop > + [ -e "${SRC}" ] && cp ${SRC} ${DEST} && break > + done > +fi > + > +# Enable the mount unit using deb-systemd-helper; ignore errors if > it fails > +deb-systemd-helper enable tmp.mount || true > diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd- > tmpfs-tmp_0.1.bb b/meta-isar/recipes-installer/systemd-tmpfs- > tmp/systemd-tmpfs-tmp_0.1.bb > new file mode 100644 > index 00000000..c0ab1bcf > --- /dev/null > +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs- > tmp_0.1.bb > @@ -0,0 +1,13 @@ > +# This software is a part of ISAR. > +# Copyright (C) Siemens AG, 2025 > +# > +# SPDX-License-Identifier: MIT > + > +inherit dpkg-raw > + > +DESCRIPTION = "Configures /tmp as systemd-managed temporary > filesystem (tmpfs), ensuring read-write access even if rootfs is > read-only" > +MAINTAINER = "isar-users <isar-users@googlegroups.com>" > + > +SRC_URI = "file://postinst" > + > +DEBIAN_DEPENDS = "systemd" > -- > 2.47.2 > -- Alexander Heinisch Siemens AG www.siemens.com -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/af0ea7ffa089cf03fcea247631c1b03ba375f850.camel%40siemens.com. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v4] isar-installer: Mount /tmp as tmpfs for read-only boot fix 2025-07-01 20:12 ` 'Heinisch, Alexander' via isar-users @ 2025-07-02 6:00 ` 'Badrikesh Prusty' via isar-users 2025-07-03 8:44 ` 'Heinisch, Alexander' via isar-users 0 siblings, 1 reply; 6+ messages in thread From: 'Badrikesh Prusty' via isar-users @ 2025-07-02 6:00 UTC (permalink / raw) To: isar-users [-- Attachment #1.1: Type: text/plain, Size: 6504 bytes --] Hi, I'm unsure why a defensive approach to avoid overruling /etc/fstab. My goal for systemd-tmpfs-tmp package (as it is configuration package) was for it to be an out-of-the-box solution requiring no additional configuration. Since users can choose whether to pre-install this package during build time, and if /tmp is already configured in /etc/fstab (if users aren't aware of), installing it will be ineffective, which could lead users to think it's not working as intended. Furthermore, systemd versions >= 256 now ship the tmp.mount unit file at /usr/lib/systemd/system/tmp.mount. Any suggestions are welcome. Thanks, Badrikesh On Wednesday, July 2, 2025 at 1:42:29 AM UTC+5:30 Heinisch, Alexander wrote: > On Sun, 2025-06-29 at 16:28 -0400, 'Badrikesh Prusty' via isar-users > wrote: > > From: badrikesh prusty <badrikes...@siemens.com> > > > > Fix image installation when isar-image-installer rootfs is booted as > > read-only > > by ensuring /tmp is mounted as tmpfs. > > > > With the latest isar installer, Bmaptool now creates the > > /tmp/progress pipe to > > track and display installation progress in a progress bar. > > > > To mount /tmp as tmpfs, this change utilizes systemd's tmp.mount. As > > tmp.mount > > is located in /usr/share/systemd/ for systemd versions up to Debian > > Bookworm, > > and in /usr/lib/systemd/system/tmp.mount for versions 256.x and > > newer, the file > > must be copied to /etc/systemd/system/. > > > > Placing tmp.mount unit file in /etc/systemd/system/ ensures its > > configuration > > for /tmp takes precedence, overriding any entry found in /etc/fstab. > > > > Signed-off-by: badrikesh prusty <badrikes...@siemens.com> > > --- > > .../deploy-image/deploy-image_0.1.bb | 6 ++++-- > > .../systemd-tmpfs-tmp/files/postinst | 16 > > ++++++++++++++++ > > .../systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb | 13 +++++++++++++ > > 3 files changed, 33 insertions(+), 2 deletions(-) > > create mode 100644 meta-isar/recipes-installer/systemd-tmpfs- > > tmp/files/postinst > > create mode 100644 meta-isar/recipes-installer/systemd-tmpfs- > > tmp/systemd-tmpfs-tmp_0.1.b > > b > > > > diff --git a/meta-isar/recipes-installer/deploy-image/deploy- > > image_0.1.bb b/meta-isar/recipes-installer/deploy-image/deploy- > > image_0.1.bb > > index 54e521b5..b287a8d1 100644 > > --- a/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb > > +++ b/meta-isar/recipes-installer/deploy-image/deploy-image_0.1.bb > > @@ -10,8 +10,10 @@ inherit dpkg-raw > > SRC_URI = "file://usr/bin/deploy-image-wic.sh \ > > file://usr/lib/deploy-image-wic/handle-config.sh \ > > " > > -DEPENDS:bookworm += "bmap-tools" > > -DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, > > gdisk, pigz, xz-utils, pbzip2, zstd" > > + > > +DEPENDS:append:bookworm = " bmap-tools" > > +DEPENDS:append = " systemd-tmpfs-tmp" > > +DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, fdisk, > > gdisk, pigz, systemd-tmpfs-tmp, xz-utils, pbzip2, zstd" > > do_install[cleandirs] = "${D}/usr/bin/ \ > > ${D}/usr/lib/deploy-image-wic \ > > " > > diff --git a/meta-isar/recipes-installer/systemd-tmpfs- > > tmp/files/postinst b/meta-isar/recipes-installer/systemd-tmpfs- > > tmp/files/postinst > > new file mode 100644 > > index 00000000..9d75025d > > --- /dev/null > > +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/files/postinst > > @@ -0,0 +1,16 @@ > > +#!/bin/sh > > + > > +set -e > > + > > +DEST="/etc/systemd/system/tmp.mount" > Do we really want to overrule /etc/fstab? > Wouldn't `DEST="/usr/lib/systemd/system/tmp.mount"` be a more defensive > approach? > > Repost from previous thread: > --- > Systemd already provides some predefined behaviour to manage common > mounts like `/tmp`. [1] > > "If a mount point is configured in both /etc/fstab and a unit file that > is stored below /usr/, the former will take precedence. If the unit > file is stored below /etc/, it will take precedence. This means: native > unit files take precedence over traditional configuration files, but > this is superseded by the rule that configuration in /etc/ will always > take precedence over configuration in /usr/." > - [2] > > TL;DR: If we put `tmp.mount` at `/usr/lib/systemd/system/` systemd > takes care about fstab vs tmp.mount precedence as you try to enforce it > here. > Besides that, as this check is executed as postinst, it possibly leads > to undesired mount results, depending on package install order. e.g. > later packages modify `/etc/fstab`. > --- > > + > > +if [ ! -e "${DEST}" ]; then > > + # Possible source paths for tmp.mount > > + for SRC in /usr/share/systemd/tmp.mount > > /usr/lib/systemd/system/tmp.mount; do > > + # If the source file exists, copy it to the destination and > > exit the loop > > + [ -e "${SRC}" ] && cp ${SRC} ${DEST} && break > > + done > > +fi > > + > > +# Enable the mount unit using deb-systemd-helper; ignore errors if > > it fails > > +deb-systemd-helper enable tmp.mount || true > > diff --git a/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd- > > tmpfs-tmp_0.1.bb b/meta-isar/recipes-installer/systemd-tmpfs- > > tmp/systemd-tmpfs-tmp_0.1.bb > > new file mode 100644 > > index 00000000..c0ab1bcf > > --- /dev/null > > +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd-tmpfs- > > tmp_0.1.bb > > @@ -0,0 +1,13 @@ > > +# This software is a part of ISAR. > > +# Copyright (C) Siemens AG, 2025 > > +# > > +# SPDX-License-Identifier: MIT > > + > > +inherit dpkg-raw > > + > > +DESCRIPTION = "Configures /tmp as systemd-managed temporary > > filesystem (tmpfs), ensuring read-write access even if rootfs is > > read-only" > > +MAINTAINER = "isar-users <isar-...@googlegroups.com>" > > + > > +SRC_URI = "file://postinst" > > + > > +DEBIAN_DEPENDS = "systemd" > > -- > > 2.47.2 > > > > -- > Alexander Heinisch > Siemens AG > www.siemens.com > -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/04d29557-40ed-4a02-a675-66ae292829e6n%40googlegroups.com. [-- Attachment #1.2: Type: text/html, Size: 10533 bytes --] ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v4] isar-installer: Mount /tmp as tmpfs for read-only boot fix 2025-07-02 6:00 ` 'Badrikesh Prusty' via isar-users @ 2025-07-03 8:44 ` 'Heinisch, Alexander' via isar-users 0 siblings, 0 replies; 6+ messages in thread From: 'Heinisch, Alexander' via isar-users @ 2025-07-03 8:44 UTC (permalink / raw) To: Prusty, Badrikesh, isar-users On Tue, 2025-07-01 at 23:00 -0700, 'Badrikesh Prusty' via isar-users wrote: > Hi, > > I'm unsure why a defensive approach to avoid overruling /etc/fstab. I thought this package is used to fill the gap for what comes with later systemd versions >=256 as default. > > My goal for systemd-tmpfs-tmp package (as it is configuration > package) was for it to be an out-of-the-box solution requiring no > additional configuration. Since users can choose whether to pre- > install this package during build time, and if /tmp is already > configured in /etc/fstab (if users aren't aware of), installing it > will be ineffective, which could lead users to think it's not working > as intended. Valid argument. > > Furthermore, systemd versions >= 256 now ship the tmp.mount unit file > at /usr/lib/systemd/system/tmp.mount. > > Any suggestions are welcome. > > Thanks, > Badrikesh > On Wednesday, July 2, 2025 at 1:42:29 AM UTC+5:30 Heinisch, Alexander > wrote: > > On Sun, 2025-06-29 at 16:28 -0400, 'Badrikesh Prusty' via isar- > > users > > wrote: > > > From: badrikesh prusty <badrikes...@siemens.com> > > > > > > Fix image installation when isar-image-installer rootfs is booted > > > as > > > read-only > > > by ensuring /tmp is mounted as tmpfs. > > > > > > With the latest isar installer, Bmaptool now creates the > > > /tmp/progress pipe to > > > track and display installation progress in a progress bar. > > > > > > To mount /tmp as tmpfs, this change utilizes systemd's tmp.mount. > > > As > > > tmp.mount > > > is located in /usr/share/systemd/ for systemd versions up to > > > Debian > > > Bookworm, > > > and in /usr/lib/systemd/system/tmp.mount for versions 256.x and > > > newer, the file > > > must be copied to /etc/systemd/system/. > > > > > > Placing tmp.mount unit file in /etc/systemd/system/ ensures its > > > configuration > > > for /tmp takes precedence, overriding any entry found in > > > /etc/fstab. > > > > > > Signed-off-by: badrikesh prusty <badrikes...@siemens.com> > > > --- > > > .../deploy-image/deploy-image_0.1.bb | 6 ++++-- > > > .../systemd-tmpfs-tmp/files/postinst | 16 > > > ++++++++++++++++ > > > .../systemd-tmpfs-tmp/systemd-tmpfs-tmp_0.1.bb | 13 > > > +++++++++++++ > > > 3 files changed, 33 insertions(+), 2 deletions(-) > > > create mode 100644 meta-isar/recipes-installer/systemd-tmpfs- > > > tmp/files/postinst > > > create mode 100644 meta-isar/recipes-installer/systemd-tmpfs- > > > tmp/systemd-tmpfs-tmp_0.1.b > > > b > > > > > > diff --git a/meta-isar/recipes-installer/deploy-image/deploy- > > > image_0.1.bb b/meta-isar/recipes-installer/deploy-image/deploy- > > > image_0.1.bb > > > > > index 54e521b5..b287a8d1 100644 > > > --- a/meta-isar/recipes-installer/deploy-image/deploy- > > > image_0.1.bb > > > > > +++ b/meta-isar/recipes-installer/deploy-image/deploy- > > > image_0.1.bb > > > > > @@ -10,8 +10,10 @@ inherit dpkg-raw > > > SRC_URI = "file://usr/bin/deploy-image-wic.sh \ > > > file://usr/lib/deploy-image-wic/handle-config.sh \ > > > " > > > -DEPENDS:bookworm += "bmap-tools" > > > -DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, > > > fdisk, > > > gdisk, pigz, xz-utils, pbzip2, zstd" > > > + > > > +DEPENDS:append:bookworm = " bmap-tools" > > > +DEPENDS:append = " systemd-tmpfs-tmp" > > > +DEBIAN_DEPENDS = "bmap-tools, pv, dialog, util-linux, parted, > > > fdisk, > > > gdisk, pigz, systemd-tmpfs-tmp, xz-utils, pbzip2, zstd" > > > do_install[cleandirs] = "${D}/usr/bin/ \ > > > ${D}/usr/lib/deploy-image-wic \ > > > " > > > diff --git a/meta-isar/recipes-installer/systemd-tmpfs- > > > tmp/files/postinst b/meta-isar/recipes-installer/systemd-tmpfs- > > > tmp/files/postinst > > > new file mode 100644 > > > index 00000000..9d75025d > > > --- /dev/null > > > +++ b/meta-isar/recipes-installer/systemd-tmpfs- > > > tmp/files/postinst > > > @@ -0,0 +1,16 @@ > > > +#!/bin/sh > > > + > > > +set -e > > > + > > > +DEST="/etc/systemd/system/tmp.mount" > > Do we really want to overrule /etc/fstab? > > Wouldn't `DEST="/usr/lib/systemd/system/tmp.mount"` be a more > > defensive > > approach? > > > > Repost from previous thread: > > --- > > Systemd already provides some predefined behaviour to manage common > > mounts like `/tmp`. [1] > > > > "If a mount point is configured in both /etc/fstab and a unit file > > that > > is stored below /usr/, the former will take precedence. If the unit > > file is stored below /etc/, it will take precedence. This means: > > native > > unit files take precedence over traditional configuration files, > > but > > this is superseded by the rule that configuration in /etc/ will > > always > > take precedence over configuration in /usr/." > > - [2] > > > > TL;DR: If we put `tmp.mount` at `/usr/lib/systemd/system/` systemd > > takes care about fstab vs tmp.mount precedence as you try to > > enforce it > > here. > > Besides that, as this check is executed as postinst, it possibly > > leads > > to undesired mount results, depending on package install order. > > e.g. > > later packages modify `/etc/fstab`. > > --- > > > + > > > +if [ ! -e "${DEST}" ]; then > > > + # Possible source paths for tmp.mount > > > + for SRC in /usr/share/systemd/tmp.mount > > > /usr/lib/systemd/system/tmp.mount; do > > > + # If the source file exists, copy it to the destination > > > and > > > exit the loop > > > + [ -e "${SRC}" ] && cp ${SRC} ${DEST} && break > > > + done > > > +fi > > > + > > > +# Enable the mount unit using deb-systemd-helper; ignore errors > > > if > > > it fails > > > +deb-systemd-helper enable tmp.mount || true > > > diff --git a/meta-isar/recipes-installer/systemd-tmpfs- > > > tmp/systemd- > > > tmpfs-tmp_0.1.bb b/meta-isar/recipes-installer/systemd-tmpfs- > > > tmp/systemd-tmpfs-tmp_0.1.bb > > > > > new file mode 100644 > > > index 00000000..c0ab1bcf > > > --- /dev/null > > > +++ b/meta-isar/recipes-installer/systemd-tmpfs-tmp/systemd- > > > tmpfs- > > > tmp_0.1.bb > > > > > @@ -0,0 +1,13 @@ > > > +# This software is a part of ISAR. > > > +# Copyright (C) Siemens AG, 2025 > > > +# > > > +# SPDX-License-Identifier: MIT > > > + > > > +inherit dpkg-raw > > > + > > > +DESCRIPTION = "Configures /tmp as systemd-managed temporary > > > filesystem (tmpfs), ensuring read-write access even if rootfs is > > > read-only" > > > +MAINTAINER = "isar-users <isar-...@googlegroups.com>" > > > + > > > +SRC_URI = "file://postinst" > > > + > > > +DEBIAN_DEPENDS = "systemd" > > > -- > > > 2.47.2 > > > > > > > -- > > Alexander Heinisch > > Siemens AG > > www.siemens.com > > -- Alexander Heinisch Siemens AG www.siemens.com -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/eec2deb5e40bed773ca1b6406665a0a30114793e.camel%40siemens.com. ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2025-07-03 8:44 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <xaL_dTtRg-0>
2025-06-13 17:48 ` [PATCH v2] isar-installer: Mount /tmp as tmpfs for read-only boot fix 'Badrikesh Prusty' via isar-users
2025-06-16 9:44 ` [PATCH v3] " 'Badrikesh Prusty' via isar-users
2025-06-29 20:28 ` [PATCH v4] " 'Badrikesh Prusty' via isar-users
2025-07-01 20:12 ` 'Heinisch, Alexander' via isar-users
2025-07-02 6:00 ` 'Badrikesh Prusty' via isar-users
2025-07-03 8:44 ` 'Heinisch, Alexander' via isar-users
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox