[PATCH 0/1] classes/image-postproc: chroot before postprocessing /etc/machine-id

[PATCH 0/1] classes/image-postproc: chroot before postprocessing /etc/machine-id

[alexander.heinisch via isar-users]

From: Alexander Heinisch <alexander.heinisch@siemens.com>

We were experimenting with /etc-overlay removal
ending up with systemd detecting first-boot conditions due to
unitinitialized /etc/machine-id.
To circumvent this on ro etc, we put a link on /etc/machine-id to
a mutable location instead. Without chroot writing to /etc/machine-id
linked to e.g. /var/local/machine-id resolves to the hosts /var partition
instead of the file in ${IMAGE_ROOTFS}.
Apart from that overriding the machine-id-commit service was needed
to make this setup work properly. Not sure if a patch for that is
desired as well?

Alexander Heinisch (1):
  classes/image-postproc: chroot before postprocessing /etc/machine-id

 meta/classes/image-postproc-extension.bbclass | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--
2.39.5

-- 
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/20250627094756.151803-1-alexander.heinisch%40siemens.com.

[PATCH 1/1] classes/image-postproc: chroot before postprocessing /etc/machine-id

[alexander.heinisch via isar-users]

From: Alexander Heinisch <alexander.heinisch@siemens.com>

If /etc/machine-id happens to be a link to e.g. /var/...
the postprocessing overrides build-hosts /var/... instead of
the desired file on the rootfs.

Signed-off-by: Alexander Heinisch <alexander.heinisch@siemens.com>
---
 meta/classes/image-postproc-extension.bbclass | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass
index 991bac4c..4f2a3d00 100644
--- a/meta/classes/image-postproc-extension.bbclass
+++ b/meta/classes/image-postproc-extension.bbclass
@@ -58,12 +58,12 @@ image_postprocess_machine_id() {
     # systemd(1) takes care of recreating the machine-id on first boot
     # for systemd < v247, set to empty string, else set to uninitialized
     # (required if initramfs with ro root is used)
-    SYSTEMD_VERSION=$( sudo chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" )
+    SYSTEMD_VERSION=$( sudo chroot '${IMAGE_ROOTFS}' dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" )
     MACHINE_ID="uninitialized"
     if dpkg --compare-versions "$SYSTEMD_VERSION" "lt" "247"; then
         MACHINE_ID=""
     fi
-    echo "$MACHINE_ID" | sudo tee '${IMAGE_ROOTFS}/etc/machine-id'
+    echo "$MACHINE_ID" | sudo chroot '${IMAGE_ROOTFS}' tee '/etc/machine-id'
     sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id'
 }
 
-- 
2.39.5

-- 
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/20250627094756.151803-2-alexander.heinisch%40siemens.com.

Re: [PATCH 1/1] classes/image-postproc: chroot before postprocessing /etc/machine-id

['MOESSBAUER, Felix' via isar-users]

On Fri, 2025-06-27 at 11:47 +0200, alexander.heinisch via isar-users
wrote:
> From: Alexander Heinisch <alexander.heinisch@siemens.com>
> 
> If /etc/machine-id happens to be a link to e.g. /var/...
> the postprocessing overrides build-hosts /var/... instead of
> the desired file on the rootfs.
> 
> Signed-off-by: Alexander Heinisch <alexander.heinisch@siemens.com>
> ---
>  meta/classes/image-postproc-extension.bbclass | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/meta/classes/image-postproc-extension.bbclass
> b/meta/classes/image-postproc-extension.bbclass
> index 991bac4c..4f2a3d00 100644
> --- a/meta/classes/image-postproc-extension.bbclass
> +++ b/meta/classes/image-postproc-extension.bbclass
> @@ -58,12 +58,12 @@ image_postprocess_machine_id() {
>      # systemd(1) takes care of recreating the machine-id on first
> boot
>      # for systemd < v247, set to empty string, else set to
> uninitialized
>      # (required if initramfs with ro root is used)
> -    SYSTEMD_VERSION=$( sudo chroot ${IMAGE_ROOTFS} dpkg-query --
> showformat='${source:Upstream-Version}' --show systemd || echo "0" )
> +    SYSTEMD_VERSION=$( sudo chroot '${IMAGE_ROOTFS}' dpkg-query --
> showformat='${source:Upstream-Version}' --show systemd || echo "0"

Unrelated fix, please move to separate commit. Please also check if a
IMAGE_ROOTFS with special characters works at all (I doubt it).

> )
>      MACHINE_ID="uninitialized"
>      if dpkg --compare-versions "$SYSTEMD_VERSION" "lt" "247"; then
>          MACHINE_ID=""
>      fi
> -    echo "$MACHINE_ID" | sudo tee '${IMAGE_ROOTFS}/etc/machine-id'
> +    echo "$MACHINE_ID" | sudo chroot '${IMAGE_ROOTFS}' tee
> '/etc/machine-id'

Acked!

Felix

>      sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id'
>  }
>  
> -- 
> 2.39.5

-- 
Siemens AG
Linux Expert Center
Friedrich-Ludwig-Bauer-Str. 3
85748 Garching, Germany

-- 
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/9a978a45c3121778e498093b280e73a177e42f9a.camel%40siemens.com.