This repository has been archived by the owner on Aug 5, 2022. It is now read-only.
stateless support #233
Open
stateless support #233
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nss-altfiles may be needed for a stateless OS. It is a NSS extension which allows moving /etc/passwd and friends into a read-only location like /usr/share/defaults/etc. That path is what the Clear Linux patches for shadow use and thus what we pick here. Signed-off-by: Patrick Ohly <[email protected]>
Clear Linux uses nss-altfiles. It has regular releases and should be good enough for refkit, too. Signed-off-by: Patrick Ohly <[email protected]>
This is a cleaned up and updated version of the stateless work that was done before. It introduces "stateless" as distro and image feature. All of the functionality is in stateless.bbclass, which also has documentation. Currently the class is meant to be inherited globally, because it enables additional patches for individual recipes according to the STATELESS_SRC variables set by the .inc files. This approach was chosen as an interim solution because it keeps those changes all in individual files, instead of scattering them across different .bbappends or upstream recipes. Also, most of the patches come straight from the Clear Linux Project without modifications, so it cannot be guaranteed that they always apply. Ideally, the patches should go into the recipes that they are patching or (better) upstream. Most of the functionality is around the rootfs transformation. The idea here is that packages and rootfs creation do not need to be modified in several cases. For images that use a whole-disk update mechanism, additional post-processing can move configuration files around and change them as needed. In other cases (like not installing unnecessary example config files into /etc), the upstream recipe would need to be changed, so there is further work left for OE and Yocto. This commit can serve as a starting point for a discussion arounnd that. Signed-off-by: Patrick Ohly <[email protected]>
Once we have added users and groups to the /etc databases, the systemd sysusers.d config files shouldn't have any effect any more at runtime and thus can be removed from images. This works around a limitation of the current implementation and/or a bug in the base files: because the user "nobody" exists, the current implementation does nothing. But there is no group "nobody", and systemd then adds that at runtime. That prevents updating /etc/group with OSTree, because the file is always considered as "locally modified by admin". Signed-off-by: Patrick Ohly <[email protected]>
The main part of the test is that a new system user is active after an update. Optionally, the test does the update while a local user has been added. The normal OSTree /etc handling is not enough for the full test: once /etc/passwd and /etc/group were modified by adding the local user, that copy of the files continue to be used and the new system user is not registered after the update. So for now we only enable the "light" test. Signed-off-by: Patrick Ohly <[email protected]>
The test_update_user test only passed after ensuring that booting didn't modify /etc/group. We should have an explicit check for that. Signed-off-by: Patrick Ohly <[email protected]>
nsswitch.conf turned out to be a problematic choice, because some stateless configurations move it away. host.conf is slight better. Now we also explicitly test that the configured files are really present. That makes mis-configured tests more obvious. Signed-off-by: Patrick Ohly <[email protected]>
When there is a dangling symlink, the resulting error message did not make it clear how to suppress the error for valid symlinks. Now it mentions REFKIT_QA_IMAGE_SYMLINK_WHITELIST and what was checked for in it. The path resolution uses the same string before giving the full path on the build host. Signed-off-by: Patrick Ohly <[email protected]>
This enables the "stateless" distro feature and the "stateless" image for all refkit-image.bbclass images. However, only the changes that do no require upstream source code patching get enabled. For example, systemd configuration gets moved from /etc entirely into /usr. This is a choice we make for the "refkit" distro. "refkit-config.inc" merely activates the base stateless support, without any of the .inc files which actually cause changes. Advanced changes like allowing local user management separately from the system users are not enabled because they depend on patches. Enabling those changes would increase the risk that building IoT Refkit breaks when OE-core gets updated, and at this point it is not certain whether that is a risk worth taking. Signed-off-by: Patrick Ohly <[email protected]>
pohly
force-pushed
the
stateless-pr
branch
2 times, most recently
from
b8a1d19
to
cad48a7
Compare
|
Can one of the admins verify this patch? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This enables the "stateless" distro feature and the "stateless" image for
all refkit-image.bbclass images.
However, only the changes that do not require upstream source code patching
get enabled. For example, systemd configuration gets moved from /etc
entirely into /usr.
Advanced changes like allowing local user management separately from the
system users are not enabled because they depend on patches. Enabling those
changes would increase the risk that building IoT Refkit breaks when
OE-core gets updated, and at this point it is not certain whether that is a
risk worth taking.
The goals for merging these changes now are:
without constantly having to update a separate branch
absolutely required as OSTree can handle /etc, but a bit nicer