From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7088339307047419904 X-Received: by 2002:a05:651c:506:b0:24d:c35f:5129 with SMTP id o6-20020a05651c050600b0024dc35f5129mr6217235ljp.144.1650445209975; Wed, 20 Apr 2022 02:00:09 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6512:1693:b0:448:3742:2320 with SMTP id bu19-20020a056512169300b0044837422320ls1348249lfb.1.gmail; Wed, 20 Apr 2022 02:00:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzZJhCjWBe8EqgZKro2YseD/AGTzkFtgI5oRNfHH5Uz4S46QqXAUIsyG/zR1QSO0LndDEHM X-Received: by 2002:a05:6512:a83:b0:46b:9e41:597a with SMTP id m3-20020a0565120a8300b0046b9e41597amr13987579lfu.460.1650445208872; Wed, 20 Apr 2022 02:00:08 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1650445208; cv=pass; d=google.com; s=arc-20160816; b=nsB9A6lIEsuF0E6BGdVmk+65tHWb+WnUW8GjWJjk4ekFD2ndHLNokApCHhtRexKuCY xxqGycQphxqPL5UA9dWSSzhv+6yj8KdcL6+w8u6miBodFGwOORTBuqwBUFypiM35rFUc /TuW6oaQjinaSJWlBjHfpHxn02yKEr+VopgDn0YSWjgF4qWms04fxXSRIYPvfkVJiwE2 69VLGqWsOiKv2e1Sr6E2lwzcWBtEEkO7vq7CDXqa4pBXVhUKUNM2OxiKz3rSmfwyauZI 3iOkd+36Wzo43eRKLfyDETtne/UQtlGmY5rqLC7JurTDfYQYudxraewRX+nkmPWhSd6e 9wBw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:subject:cc:to:from:date:dkim-signature; bh=p4RvlyQCM9+ZkpYNfcG+u02B/Dt0Zk/lCdvv6mGCRxY=; b=dnR4NZBZknyyY9kzmug3tHknjc2k8Y987NwK9afL766+8qWp0jX8EhUbEVtR+muOFP DPcbcA/VSSIacu7krIUED14hnLp0bSSp08wHPYJQgD7PioxVJApyswGwJoiegT1jOUyu 1FXwP/l46Xf/M5r6G4sZYFWUt18G69K7gKLSHxMqUeV8G5JjUeb7yWnEifPPtpdWBfnw lpQ7gLJe6ymlvR248O9DL4S1kw+38WwoL0oSJLS0kjicrwMnNJGtR7hjAOzSnWcxDDF5 QMuz+MezEuSoeUu6e4+stpqY2MOqgUkQRe1kqzDHmLWVBmYQqz+M3qv6CLBUgPg0RZbw atHg== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=SfvEl0OA; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of henning.schild@siemens.com designates 2a01:111:f400:fe06::61b as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02on061b.outbound.protection.outlook.com. [2a01:111:f400:fe06::61b]) by gmr-mx.google.com with ESMTPS id e2-20020a05651c150200b0024af7c96040si83280ljf.5.2022.04.20.02.00.08 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Apr 2022 02:00:08 -0700 (PDT) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 2a01:111:f400:fe06::61b as permitted sender) client-ip=2a01:111:f400:fe06::61b; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=SfvEl0OA; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of henning.schild@siemens.com designates 2a01:111:f400:fe06::61b as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nGdHoYxUDmJrON9wZVpO9aIUClEjyUzrXcdkJFSiS9odsGQiTS3Tm2kzIPqYcQzyVvjZj0FjOvn/xxmjnOXhjPDnyNYB9dV+PCEq2/XhrDkSNuT1MQ/H0zVovBMXoE21rdgVB32LhGLWfWvnqQIiW7XQiORXRFdI5vpCGInh6emFx/nmsDKclLYQazXSNDGhw3aNEAmwSZ1mTem95WeG64xoU3/LSqm12MTqazkS+qjQ2iorLcHm+ZtsmwpYLp4Zrf1s/K8GopePlm1f25l+JfnD9ZDDngu/jn+dBJUeAXVAqK6bbrTVlJcdpGM3shgiSKUOg05xpAAiCx8Z9R4t/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=p4RvlyQCM9+ZkpYNfcG+u02B/Dt0Zk/lCdvv6mGCRxY=; b=gF6wEyJsgzcQFO5W29i1SaXcFW6RX/dkuy95EJ7lGBgG2dre/uvDmkC35wkrGg7+bA12e4oCrefumkleFs8VTqspu+ZBOh9H4FE5L+yzYl7vfYrbs5OMVNYr8O8ln8txlRe0I68YrXO8lqSj6mzoLJ5l7XldARuy+g9YxNoLuQDm8oxoxguxgSnqd3AkLDy4mVKiSs4mYcZ9A50w2UXiI8cqKGlZ+/hyW0N1GXtxDTgVXeHob/YrmgRTKnoLWtumXPbUMYZdYcjfQOWD4BEuzDEVoYfxEF40p5Gu1UpJ8frrdHlkjyEvkQSPiLZJxwOjNfbkYkZiwtAgoB6/Imb1sg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p4RvlyQCM9+ZkpYNfcG+u02B/Dt0Zk/lCdvv6mGCRxY=; b=SfvEl0OARGDlTdIqU/pqvUgdaEcWpy0licCXYiTYWaY3Kuljj0az2Aao2jzHOEEnlWa3Zyd6xXl+KxjCxO+HypTKZ5lXR2g1nusl0nusFRLUfZArIB+1lnNJg+zlNm+FaZTNly2dMrxS2SpgZte2aHtdYHHBMPA+SlqrY9UoaDad8cId+DHQCrKnJeX1kZa2TrI8c3u53D3A1+YBR3D7Th6xeKeG1skQHb8kM9+42obnCUy7t8Sx00jxMRuDHZYNANeRcV29i4QRoGzMvREmIaXqKK1wTU1yQmG1+yU0fBTci1UjgtX1wfsyLgRGkJN4wiWyI/M98taP5x7j6Jp8bQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com; Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8) by AM0PR10MB1905.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:48::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.13; Wed, 20 Apr 2022 09:00:07 +0000 Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM ([fe80::f4be:8b5d:4314:c2d8]) by PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM ([fe80::f4be:8b5d:4314:c2d8%4]) with mapi id 15.20.5164.025; Wed, 20 Apr 2022 09:00:07 +0000 Date: Wed, 20 Apr 2022 11:00:02 +0200 From: Henning Schild To: Jan Kiszka Cc: "Q. Gylstorff" , , "Su, Bao Cheng (RC-CN DF FA R&D)" Subject: Re: [PATCH] classes/image-postproc-extension: Remove /etc/machine-id Message-ID: <20220420110002.63a60c14@md1za8fc.ad001.siemens.net> In-Reply-To: References: <20220419153640.222797-1-Quirin.Gylstorff@siemens.com> X-Mailer: Claws Mail 3.18.0 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-ClientProxiedBy: AM6P191CA0044.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:7f::21) To PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8) Return-Path: henning.schild@siemens.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2195810a-a6e4-4873-3f15-08da22ac29db X-MS-TrafficTypeDiagnostic: AM0PR10MB1905:EE_ X-LD-Processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GwYQbt7VeLhDgRz10Zsk0TRKN6JQyx/5x2lNfusO7OaeFbuou2AU3CbCje81+IsLAldEkMAUEbX6ZL5T/cYRjhUoo4zVOOMB1EeboKD2rWL+iwxtwB5TFXD7ewmkYQuzLUqbQuGW8l2UCZEtG2vaWL2ucuOWNnev+Zy3Ewx10HM5CV2w094kRFxlifMUPamVpo0tUJeXMoqs3GSVEN5svqNrc+TWiZUmIDRnKlCIc4Pmo9eWzoAt5lJoanPman7PdVFWsGQWhe14EXG4tUbKpp//kjTnut7gwF5nTCqdKvZ5+oOqoeTtJdr25+8ioHNqmo/arVV/sS6DodChDprwp6/k/h5uU5k3J9IPSzy6nxbfCi6uKqm739NBlQzZPGvchmb0cewimFu7uAHDHLQkrC8qxhYJU0w6EWS2jQJLbZSlNblH7PA8tYmyl+C9GMl46w63Cwpu6FkD3zwJa/1f1C0HyeRMLdGRFqAHZWWN7xMbYZAdxh7dfNrWrobEUfmjhYYxce/56naLaH02q8QFCUOyJghbAF6f1WXte5sY7S85y/XK8p9U6E9X0e9BoHnDCvqGi5V4SBPuWXE1uzxOXYDpWuRk09xIVT7mb9ctcQurnn2YgwCe2/SRIUMVyI4u1OkFXcpSVI1JVNz9iV0Bplzlilk7h1lEnNIwuzj773hKHbjPs5sPGP1aMievVUxO9D66LahoaGz3jshTVJqcSvxZhrh7CwsRjL8tn5GmiOA= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(66946007)(66556008)(53546011)(6862004)(8676002)(66476007)(4326008)(44832011)(6636002)(54906003)(5660300002)(186003)(6506007)(2906002)(316002)(6486002)(966005)(83380400001)(6512007)(1076003)(6666004)(26005)(508600001)(86362001)(8936002)(82960400001)(9686003)(107886003)(38100700002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?MdaAH2g/kPGjGBBhvz0dlbtcG+3Hs3OF3ck7mlhSnx1ESzo9ieCAuwLC25fQ?= =?us-ascii?Q?sbFmhjbkdOkDwnBQP9yyRb+KUgea6EQhg39UUhHvrR0JObIymU54J4kiNs+A?= =?us-ascii?Q?AWJNt/A8DyTwyxJZznSDBSXDZwAQ3u2v1ieMm3ZD8NKhzZzSEeMu3maIAc6B?= =?us-ascii?Q?2TDgiW1L0aGc7LJAk8+V7gP9nwhtEeNxLDrBq32aXOS75LaS0vUQGAYfxz4G?= =?us-ascii?Q?3oiwX0mJ7/rnQEvqhv5jdT8krptnU3bTyAL28QN4HUktx8siWs/E55Zx4InD?= =?us-ascii?Q?M9LmDkft/5aJaa9ClIGxTvkYsBKMv8u3j7gH5uDYwEUXkSeuMpvD47U9ykxz?= =?us-ascii?Q?TByei/oQGbaGhl3Iwbmn/IeppPy33TTq9pa6k6elL3klUSaSlk08VJhxomvw?= =?us-ascii?Q?Vm0XkFo8p3JVeewFyHM33s3X0nW+GBZcj9bMIIF3bAPpYiZCxGw6+Silcy2c?= =?us-ascii?Q?TYOG2s8nT2fWQoEYBdWQMHam2kQ7iJ0c3Sq2NASPD6z3Rv2T5iimOE1XwaUF?= =?us-ascii?Q?GsUiWGcoxOCPsiskzC/mCLr+RiojFF8Eb202tGLqaVY8XBTEaC+E4oZcu+pV?= =?us-ascii?Q?PiASEE+V9VCIAx0TYX0kE3AlMHQMFXXOivwkKxoNL5Tu8lrWM8wrpkjXO8FE?= =?us-ascii?Q?4oAhfeL5s04MIB8i+4XflcRYCK/yPye0DQZtWoq/01W0UeDdaOPh2WVeKA7V?= =?us-ascii?Q?sY+P4gdUO/jQpZb7ivA+rwXxj4/qhHuokI3HezIEiTAWqZMbe8+P7VM3JTA9?= =?us-ascii?Q?DHs9rMh0owGlKtOVRHn2QUqgtuh2p1e3M/46k7Jbi+RQiaoGAIS1WdJ2d9c/?= =?us-ascii?Q?8+VV5H/UGDfwXqn/Oqtdq2kb5KZ9Le0zJM6pmVAgsixqSef9UcGJ9DEbZfIj?= =?us-ascii?Q?cob7eXM9Ri89fMVylJZaHnj6qms+DRiek4q+WRX/LQ4vwCdhHD+Z6FCXZ/Ne?= =?us-ascii?Q?oKcNtEKuKdA9DPzYv2+w7D4VUw560W7TpG6tnbDZklGJEJpRlLC5zM75avtb?= =?us-ascii?Q?ENyigzltcHWOECkPq0n12sJRf4yVaemXP7CnJy5Whqo5OdTstoBRL0IRtfK4?= =?us-ascii?Q?NHlHzDmcYbTnctBEJXg1UT+jJmfpofVv5KEpWA3sOKrBZZ8dnkDAt9JLp7Fl?= =?us-ascii?Q?NgkJtjfqIRwEUAlY+bDaffOtVH865a4f4MH7XIKFYemckR2D1XZ+jZUjrL/2?= =?us-ascii?Q?oNYL1Biq04Vhmq85hSm8PBH24fPYcmz6UDPTR14KPBdp7d8eI1AIqSTdtbHY?= =?us-ascii?Q?QyG7FKPbt+6K0sG9Zw+v1HeL5yBirDe6dAvc3FndPokwLWy7xOvb2YfV/4tt?= =?us-ascii?Q?8f69SxsSeC//JH3k78o3JTEjHDL91uQK1Zux9ccYNI+jy8YgVQxfBKJZI/YW?= =?us-ascii?Q?NLhySOBc5SKsfx+9+eWYNu49LghNNc+y7gGEA2n7olyGrzvD8mNNzFMm5ybC?= =?us-ascii?Q?+ekubxa1wZWZZ2XL0uwzaSe1GvCsu9WuzU2aDDMj1jGYoNQjuuDgkVjN7jwr?= =?us-ascii?Q?OzJp5Aihk3NQ3MvOSCEw+ETMaxtz0VVS+D4ecZkJGR2d/Lt8mFNFSeLYSI3B?= =?us-ascii?Q?AajoDs6gQbE/rfGykKcm88C2tk8ExqS3ZE4WqOGFW2doc7dliH6fyFfCzd+b?= =?us-ascii?Q?sun1QrplUObZBo25/UhwAoc7urjsZykqgYvJzPI0FBAOJG/x5mfu+/1xoS7V?= =?us-ascii?Q?nYuOM+zRsn34k0rJquC+KcQznFnPQ+Jh4XvhA1WNDG0Ae6auHONxkiuKJOde?= =?us-ascii?Q?imUfpDspt6NGO5tn57hgKeoGRZm3qvA=3D?= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2195810a-a6e4-4873-3f15-08da22ac29db X-MS-Exchange-CrossTenant-AuthSource: PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Apr 2022 09:00:06.9550 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: UrpJeTrUlFrmcfOAztCGBfqE14Xy7ahaXZqiVs2R2c/GrOazoxB0+EgKVNkJFyHD7+acEjB1aMu1N1Tu2CYsVgeZppQCOQ90fItWsgn0esI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB1905 X-TUID: jqzBgwiVt96I Am Tue, 19 Apr 2022 18:15:10 +0200 schrieb Jan Kiszka : > On 19.04.22 17:36, Q. Gylstorff wrote: > > From: kas > > > > In a read-only system the machine id should be deleted or > > set to `unitialized\n`[1]. > > > > Systemd will generate a new machine-id during the first boot. > > In the case of a read-only root file system Systemd generates a > > mount point with the machine id. If an overlay for /etc is used > > this creates a mount conflict. To avoid the conflict between the > > overlay filesystem and systemd /etc/machine-id mount point deleted > > the file /etc/machine-id. > > > > [1]: https://systemd.io/BUILDING_IMAGES/ > > > > Signed-off-by: Quirin Gylstorff > > --- > > meta/classes/image-postproc-extension.bbclass | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/meta/classes/image-postproc-extension.bbclass > > b/meta/classes/image-postproc-extension.bbclass index > > ca520273..0c412c0d 100644 --- > > a/meta/classes/image-postproc-extension.bbclass +++ > > b/meta/classes/image-postproc-extension.bbclass @@ -57,7 +57,7 @@ > > ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id" > > image_postprocess_machine_id() { # systemd(1) takes care of > > recreating the machine-id on first boot sudo rm -f > > '${IMAGE_ROOTFS}/var/lib/dbus/machine-id' > > - sudo install -m 644 '/dev/null' > > '${IMAGE_ROOTFS}/etc/machine-id' > > + sudo rm -f '${IMAGE_ROOTFS}/etc/machine-id' > > } > > > > ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_sshd_key_regen" > > This partially reverts 98d6a72d3064. Did you read that commit and can > you comment on it in your patch? In fact the man pages changes a bit from buster to bullseye, but having the machine-id being an empty file still seems the most generic way which should cover both older and newer systemd. However we will never have a "first boot" "ConditionFirstBoot=yes" when using that empty file, i tend to think removal is the correct way ... at least for newer systemd. https://manpages.debian.org/buster/systemd/machine-id.5.en.html says > Having an empty file in place is useful because it allows a temporary > file to be bind-mounted over the real file, in case the image is used > read-only. https://manpages.debian.org/bullseye/systemd/machine-id.5.en.html says > 3.If /etc/machine-id exists and is empty, a boot is not considered > the first boot. systemd will still bind-mount a file containing the > actual machine-id over it and later try to commit it to disk (if > /etc/ is writable). Which makes me wonder if we want systemd to know that it is the first boot, i bet we would want that ... and not want an empty machine id. Also the link quirin sent ... coming directly from systemd says one should remove the file. Maybe things really changed between buster and bullseye and we need to do other things for more recent systemd. Henning > Jan >