From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6842309179660566528 X-Received: by 2002:a2e:b6cc:: with SMTP id m12mr5555578ljo.330.1593421452101; Mon, 29 Jun 2020 02:04:12 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:651c:30c:: with SMTP id a12ls1384400ljp.9.gmail; Mon, 29 Jun 2020 02:04:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxMaLMFJidrKtBqv6mW4D8s0M3nWZWFAkDSAjS7G1NYV+eWw1assb3iNcez83C1fyHPj2fI X-Received: by 2002:a2e:b554:: with SMTP id a20mr7023703ljn.108.1593421451358; Mon, 29 Jun 2020 02:04:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1593421451; cv=none; d=google.com; s=arc-20160816; b=T+yjC47pagOYoxX4VUy3wMerPPO6jPrjxk0fmvpGqySAvw4us44j/DB1+niFEz6UPg /ewDg5VtiJ6Op/K7GKh5DOc8klEaKV/A15MI8pzVQiFVFexf8IdVQZ7hBJQAZwTjNaxD +itSqf5scl4NE+N3yc66g5zej/M7bNo8oHdd+uReW+3NV2/qPK4L4/g3g50uVJslLxdI 440bWvZ6UFPFQvb4d9Qa0hZNWbextZQ5mbfB2KEBWEiK571AoX3nPTYI5jKIjiFvahn0 cIIn5Z+bLiYIqOBKz3Ijsibap3TN0xm+l9UBB0BFUrKnaJkfEUtbaNvL2X/GdMtocJoL +D0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:mime-version:user-agent:date:message-id:autocrypt:from :references:cc:to:subject; bh=lPJTIhyfrCEeqzslJpXVcmunhffgfPv7kLmSxylyYdg=; b=zx1Pvb7pek//vl7gkE78o26+whaGeP6nk5GaWikoMTX+ukSNMi4I/zXO6yWBo5tpEX fOqIDoUFPMHSurAFC+8XK8RI8fsh+5lbEFlXpz2LdK1bnlTRsK7J7DsTe4pTNKaKoun9 c6wKc48FPai8aKRiezGdXKn4J038pHD2PVfxeKfwdvr5M/ObT1k8owOlSSh/sN/l52K3 hBlzlGg1VJna3ww7TT617LWCIb+u4px5mWsdrownXSQfhzJy7MvvizRypUfGTH5oUVXg kiJmpCdg8gTm1ad8VrPgLU52ilIvCiDEdvaHX2yGgOFNnTzWDM4+Bzi8rA24VEpqYzb7 cccA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of ch@denx.de) smtp.mailfrom=ch@denx.de Return-Path: Received: from mail-out.m-online.net (mail-out.m-online.net. [212.18.0.10]) by gmr-mx.google.com with ESMTPS id j14si1665360lji.8.2020.06.29.02.04.11 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 29 Jun 2020 02:04:11 -0700 (PDT) Received-SPF: neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of ch@denx.de) client-ip=212.18.0.10; Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of ch@denx.de) smtp.mailfrom=ch@denx.de Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 49wM4B5d7Xz1rwb8; Mon, 29 Jun 2020 11:04:10 +0200 (CEST) Received: from localhost (dynscan1.mnet-online.de [192.168.6.70]) by mail.m-online.net (Postfix) with ESMTP id 49wM4B59zVz1qqkn; Mon, 29 Jun 2020 11:04:10 +0200 (CEST) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new, port 10024) with ESMTP id t_2lLrCzbi5o; Mon, 29 Jun 2020 11:04:09 +0200 (CEST) X-Auth-Info: K+U8r3L1P+kJc20fYW/4h1XufAC/WQG1z5+Ak4uLplk= Received: from deneb.denx.de (p578adb1c.dip0.t-ipconnect.de [87.138.219.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPSA; Mon, 29 Jun 2020 11:04:09 +0200 (CEST) Subject: Re: [PATCH] image: Run copy_boot_files after rootfs postprocessing To: Jan Kiszka , Harald Seiler , Henning Schild Cc: isar-users@googlegroups.com References: <20200625153351.3402179-1-hws@denx.de> <20200625184822.236ff069@md1za8fc.ad001.siemens.net> <91ce92c15d267e4836ab4d9de2870bc8e6f6dfa1.camel@denx.de> <5a86e555-416e-d788-2655-003403f1d190@siemens.com> From: Claudius Heine Autocrypt: addr=ch@denx.de; prefer-encrypt=mutual; keydata= mQINBFSuWugBEADI18RqDRNsXrWtQBuI60knLMfJ6j26C4ArB5ht4TzTQg9PfTJf1BwKUMYH 1s5qKikAX1mAFm7ca4uxc8uY1AdTFKepNp6ewcRShWPFo1+7DJcTlS1O+cIUyOeo6yrMMI2D DeILzcird0ATI+v7QzO1TmAmEGB28kp9KozZqFKS28p6/GLJ8qCYo50MpacsB0oi8pUeU6+8 KUlKfDDNZvwM+7rVlshOdp0iuAe12IH4gePkXycTm/PvCdqpvm6Uc0FryYh2AzB78Zvzpysb VTdGzFYavdLJJjNifj1XKgeRayR1UG0dMpcUwzLxqRmeRN1Ca7/NVT/NUHm8r80ta6mvjDHj 0vHWfn0CFgfikRtB4tftWmsvYs8YtDtR7X4gaYk5CHhR9iAGU2zElYp2Q417oe1FuXn0eFxG 1SzENtFdUZv64oQSOblJ9ZKslXLBlwCLacSdNK499IEs03UAaTPgh5L/t8G81FDeXduFt129 h6UY6Si2xDYE9wZ90XGag7Uv0wC2LKyOWzEgeOJDIGjQVAMlcr5i6nNa30n/qMTWSf+jahLa 7cr8Mgzw0W9lSAX1CytJJjh5hTHF/atZkl6+vInHJLTtBA2leRF7og2H6PHfUmpJ/A46x71l rODfqjq4/ZblSgqgQCU3rXq8bPwnl7zo/dlyqYUPVAJQ79m9jwARAQABtBtDbGF1ZGl1cyBI ZWluZSA8Y2hAZGVueC5kZT6JAlUEEwEKAD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheA FiEEb/LlnwDGvCgx2GTBEXPLGZgIsVMFAl4pTU4FCQtcJeYACgkQEXPLGZgIsVM+ow//beDC TngJxFrJIgYqHKe93kMBUNjeY9X96nYxELg2dtQQXVeMx+CWsZymP4B9UVXQLGti9ZStKuOB HHlxfVGttwdNeQ1BjjeO9TNJNS0T1jSfz+j/lmSuoCGveojONse2/MOwMNRHtfrkws0JoM1L X3oZkv5JGXDQ51ZVIKXe2+aqIu7oouYpGsDYhxyP2tMhS3J/BHjFDjtQu1H/w64Hq28oa2aY 44prBgz0eCS8V88nlbFPc8K0nZNQYxb0bFcm4VuEHqpSHwbr6Gll9zXVpiOUddv/kbghsz3l u1/7k5Va5ZtRMumhnids5ttmrOIEib+GjpukWGUgZaukF0SNHxhHoAiyklgjEAPMJXYUZjw6 PEUMY+ocYMOgU7uZVLu8rWyCztE0/MW/JawfX/jPAUSRWluA8mP6UNkJDQmuquoaDAv1cQCH h8te/W+Rqa5xYCJCx5B4jEa8Kxmdq6kaWxU2/RXLAHypssiO5Y1XRhDImSjG2SEwJ3nzVpP5 Rd0lDhuoz+UnyidB5Np0tAvQ/4dq4XXxg7/dze0isi58GDtUxMDvtbOnmH2Y/AwxWiM4bC2B gq3JOuG4zAhWFbTG8WHirsvvkzdNXwCyepcR+2jzj1v80k3YqZOYE05POhr0dqeGPFAJJdxl TzwsLPp1z+fsE2nr9jAGd/rLNQ0YCzC5Ag0EVK5a6AEQANbSW8FeAXDMaL26JYiaWriOCB4g zqSIGXPjy1pdtS3dghks2WvADdoUuXBE6ZdbEGl+3QUlXhv167iY1M48oOVCmBnp/ENt1D9s mYB8lby4bVfb5e6eP4VivRUKiU1S2Yvp3en6/Bnts8q6clDezcbWu8lOjzlZEgXbcUPM77r3 3knriTtjnGEGc4Blta/1ED6U00NjqZ3mxpyVT1dmafmMt2Onh6XsYUgCuuAFOkhg0hUB3ems 7NPawURj6PYDYxnbpt/qTJiKbWM6CCkPDHrHesoY/ONvCeGaxzIytaUwXJ/mi3ws36hJXSST Nfyo2W5SskPJvGyn06KXr9YMW9IyZ4AV1pIs2iJ6T1rUXlXpxZ63BMY8Ja8r58Zg5+0cOaBr IAtMCo2aPsfChHEBc3m7XBCfM8yNtvzex8SCVLa/pOVXbKmXKbseInpdtP+3EM1p3R/PjBvK bvsyesk90F6+zsyVu46JVCyqrN3RGGyZCdicFHIPfqzUAnuFIOlUYSDwqvJXMwT5XcZ1jvNR eUvYwqpIJJYumoL3V5SFu434Wu81vMLeFPEccgLW4tbqpckBdbwP8GaPVmgnCWsQhcO9KUDE bnL4nO4lNPgz94dmb579BLsoAH5VVNQONyBEBxeiQBsK3DebwCmQha3qunRc4VUJQlZm/if4 lBdkNMavABEBAAGJAjwEGAEKACYCGwwWIQRv8uWfAMa8KDHYZMERc8sZmAixUwUCXilOFQUJ C1wmrQAKCRARc8sZmAixUyC7EACZIIclsnQc9gLSLxDwBMdEIXmTOEy0tuqJ5MPLNkULH6Sz nPtNBufvkhkKgt56pxTUrxS3ARahLb6AGn8Pl0B2DDtc8SE/L16LCXElssz4VpZ51udKHDzk ijPuaeCevQdTU2Rqdvx26XZre7kQBTXGgvlJAMJlJp0SMfsQ8QdhIHtGLtQmRAzSy6cHNeHX 3HDC7jxrJlJYsmwxbViagYVd9g1D7OE3dCfv9AWqclzbCMLxL0K5QCLLpqiI89dCNKzYyL4F +Cnt98PDa5GG+VXeMB6X6nfWApR20mC1pZP7Tb3XJrEtVkDONejUgQMj9Ao1cPWndma3LAtO aWcenPIPjYQ5Ab38rlE9hEHBfWSC7NriRvCEID7jDmcNG+4j5shKexz7KBoM+Kdr1WjUb3h5 TemrZycE3JGQ4GK46FwRp2O6F4mnrmNdVpnFRT+ilwZ5HOhxKqi8MslDlWmfu6m15JZSvv48 sBWpuXSbJlAKtJkuHVf45gejesDEqG89wE3xGuEnoMsn3+1rpcdLlsXtGuY8fXV4nlPw6Y8e iMuaOyn8qWvxczORDrWk1ZfRlUyV64LDDnbosHoxGLxZ1hf7V6VBtwPqngij2rsMTnCOD11y 3V3xxZAIv7Im43MsUbhZe2andR4UCQFE6NKWG5yHZtCC51APbLwM4ryINad1LA== Message-ID: <98c4dd24-b450-b9c3-ca6d-79996e3ab8ae@denx.de> Date: Mon, 29 Jun 2020 11:04:04 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 In-Reply-To: <5a86e555-416e-d788-2655-003403f1d190@siemens.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="JQRireq6Ro7dlMFa798eO3i5PonZkwxEX" X-TUID: z8WWQk9v2U3+ This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --JQRireq6Ro7dlMFa798eO3i5PonZkwxEX Content-Type: multipart/mixed; boundary="Ax033taLKGOJYAylKgx3p2OueRVHdVuTm" --Ax033taLKGOJYAylKgx3p2OueRVHdVuTm Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Hi Jan, On 26/06/2020 11.12, Jan Kiszka wrote: >>>>> Maybe you can point out an issue in isar itself, or explain how you= >>>>> got >>>>> into this situation? We can then see if your change is generic enou= gh >>>>> for upstream. You could also provide the error-case from your layer= as >>>>> an upstream feature, if that is generic enough. >>> >>> I think this patch addresses an issue in isar itself.=C2=A0 There is = no >>> reason >>> for copy_boot_files() to run before the postprocessing does.=C2=A0 I'= ve >>> checked >>> through the git history and the reason this relationship was introduc= ed >>> was a bigger refactor of the task dependency chain.=C2=A0 It does not= seem to >>> be intentionally this way from what I can tell. >>> >>> The other way around makes more sense, in my opinion.=C2=A0 As stated= in the >>> commit message, postprocessing might do an update to the initramfs (a= s >>> seen above) and this change needs to be reflected in the deployed >>> initramfs as well, instead of silently only living in the version >>> that is >>> part of the rootfs. >>> >>> I also checked all existing postprocessing commands and did not see a= ny >>> that assume to be run after the boot files have been deployed. >> >> Its been a while when I implemented this, but I also thought of the >> scenario where someone would like to 'minimize' a image via the root f= s >> postprocessing by deleting everything that is not needed, and that cou= ld >> possible include the kernel + initramfs, if those are stored somewhere= >> else outside the root file system. So the idea was, IIRC, to move the >> kernel and initrd to the deploy dir, out of harms way, before >> postprocessing does its rootfs manipulation. >> >> So by ordering the copy_boot_files behind the root fs post processing,= >> you might break other layers that rely on this ordering and have such >> 'minimization' procedures, that remove the kernel package and specific= >> files. >> >> We don't have such 'minimization' stuff in upstream isar, since it >> pretty much breaks apt and dpkg, but if you do image based update, you= >> might not care. >=20 > I think the problem with this pattern is elsewhere: We should not > install stuff on the rootfs in the first place that shall not end up in= > the rootfs. Not sure if I understand you correctly. Do you mean that minimization in the rootfs postprocess should not be done and instead the things that get removed there should just not be installed? To be concrete, one thing that might be removed is 'apt' and 'dpkg' itself. The only way how you can setup a root file system without it is if you would install it using a package management from outside the root file system. While this would be the cleanest approach, and might even be supported (See RootDir in apt.conf(5)), that would mean pretty massive changes to Isar. > That this copy_boot_files thing depends on the installation > on the rootfs is actually a bug. It should use the chroot for its work,= > like the imager does (for the bootloader e.g.). Right, copy_boot_files is in need for some rethinking. regards, Claudius --Ax033taLKGOJYAylKgx3p2OueRVHdVuTm-- --JQRireq6Ro7dlMFa798eO3i5PonZkwxEX Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEb/LlnwDGvCgx2GTBEXPLGZgIsVMFAl75roUACgkQEXPLGZgI sVNp6g//TUbycVzkMvQfriis/75SgivJO3WJjLvEfBdWasxVoJGhJpzyC3pmwwt5 JrpNBVUVrcGMdwj5nGv03gLgK6tsZM1kWfB0NGU+/wpXlg1a33cKOkP7ANI6knTA llAOPggndOMsyB2A7UIPcj4COhv/8w+ioaAlEtUHnM3FrEJf+OS7HPF7Zd3xdrl9 hVscQbyg7HFO4D7xrqUt5RYtYZlnhNTEdqHAwuELIElIzsacwuFlgAAGPX7Laa25 2ppaulxN1c7r5qJ/S5F0v6NMEfd2dmRnnIcNbi3vPTAYqYy/siP23GGn9qAdEDom gF3Wgjiwjd6Pq2d6iDEl6ml0dNqrSJwVaKwhBSo9zZoxi6MmNFQMjbb5WSOSjtEs 63vFCSEGgAOkk9pWEtKiAMDswtgVGg73p+Vsyh8rRYX1P3c8InMH3O/XXRR6XLvk lyzQ43Na9EzhzoleVkIfJaRS6FxOwsYC+mBl6KWi9Yx+LdRx5LMkaxkHZVbY0n9d w5GBC1h/IJyCFYYYEm1wtgbfBUZ7KX94Ets4wkTjamZ6DQ1FIeISlCnDjyQQVn7m cIG5jSmpCO1L4moyLWPzj8YBObHWHbONdIAb7yCKEGJV6GaOenpxrceifikIVfow jyZ078+lMpq/dLQIdHNMXwx3SgKFMMoYtFqBawlFKyqo1zV/BXw= =JNA4 -----END PGP SIGNATURE----- --JQRireq6Ro7dlMFa798eO3i5PonZkwxEX--