Re: [PATCH] classes/image-postproc-extension: Remove /etc/machine-id

[Henning Schild <henning.schild@siemens.com>]

Am Tue, 19 Apr 2022 18:15:10 +0200
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> On 19.04.22 17:36, Q. Gylstorff wrote:
> > From: kas <kas@example.com>
> > 
> > In a read-only system the machine id should be deleted or 
> > set to `unitialized\n`[1]. 
> > 
> > Systemd will generate a new machine-id during the first boot. 
> > In the case of a read-only root file system Systemd generates a
> > mount point with the machine id. If an overlay for /etc is used
> > this creates a mount conflict. To avoid the conflict between the
> > overlay filesystem and systemd /etc/machine-id mount point deleted
> > the file /etc/machine-id.
> > 
> > [1]: https://systemd.io/BUILDING_IMAGES/
> > 
> > Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> > ---
> >  meta/classes/image-postproc-extension.bbclass | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/meta/classes/image-postproc-extension.bbclass
> > b/meta/classes/image-postproc-extension.bbclass index
> > ca520273..0c412c0d 100644 ---
> > a/meta/classes/image-postproc-extension.bbclass +++
> > b/meta/classes/image-postproc-extension.bbclass @@ -57,7 +57,7 @@
> > ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id"
> > image_postprocess_machine_id() { # systemd(1) takes care of
> > recreating the machine-id on first boot sudo rm -f
> > '${IMAGE_ROOTFS}/var/lib/dbus/machine-id'
> > -    sudo install -m 644 '/dev/null'
> > '${IMAGE_ROOTFS}/etc/machine-id'
> > +    sudo rm -f '${IMAGE_ROOTFS}/etc/machine-id'
> >  }
> >  
> >  ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_sshd_key_regen"  
> 
> This partially reverts 98d6a72d3064. Did you read that commit and can
> you comment on it in your patch?

In fact the man pages changes a bit from buster to bullseye, but having
the machine-id being an empty file still seems the most generic way
which should cover both older and newer systemd. However we will never
have a "first boot" "ConditionFirstBoot=yes" when using that empty
file, i tend to think removal is the correct way ... at least for newer
systemd.

https://manpages.debian.org/buster/systemd/machine-id.5.en.html

says

> Having an empty file in place is useful because it allows a temporary
> file to be bind-mounted over the real file, in case the image is used
> read-only.

https://manpages.debian.org/bullseye/systemd/machine-id.5.en.html

says 

> 3.If /etc/machine-id exists and is empty, a boot is not considered
> the first boot. systemd will still bind-mount a file containing the
> actual machine-id over it and later try to commit it to disk (if
> /etc/ is writable).

Which makes me wonder if we want systemd to know that it is the first
boot, i bet we would want that ... and not want an empty machine id.
Also the link quirin sent ... coming directly from systemd says one
should remove the file.

Maybe things really changed between buster and bullseye and we need to
do other things for more recent systemd.

Henning

> Jan
>