Patchwork [2/4] image.bbclass: add two hook funtions to support read-only rootfs

login
register
mail settings
Submitter Qi.Chen@windriver.com
Date Dec. 27, 2012, 2:57 a.m.
Message ID <819997e2cad5d6a4bf2621fb7cc443105ca0fc87.1356576405.git.Qi.Chen@windriver.com>
Download mbox | patch
Permalink /patch/41701/
State New
Headers show

Comments

Qi.Chen@windriver.com - Dec. 27, 2012, 2:57 a.m.
From: Chen Qi <Qi.Chen@windriver.com>

read_only_rootfs_hook: this funtion is invoked only if 'read-only-rootfs'
is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
volatile.sh script run at rootfs time.

choose_volatile_conf_file: this function properly chooses the right
conf file for volatile storage handling according to the IMAGE_FEATURES.

[YOCTO #3406]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 meta/classes/image.bbclass |   29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
Martin Jansa - Dec. 27, 2012, 8:42 a.m.
On Thu, Dec 27, 2012 at 10:57:39AM +0800, Qi.Chen@windriver.com wrote:
> From: Chen Qi <Qi.Chen@windriver.com>
> 
> read_only_rootfs_hook: this funtion is invoked only if 'read-only-rootfs'
> is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
> volatile.sh script run at rootfs time.
> 
> choose_volatile_conf_file: this function properly chooses the right
> conf file for volatile storage handling according to the IMAGE_FEATURES.

choose_volatile_conf_file is always called from core-image with or
without read-only-rootfs in IMAGE_FEATURES.

So it will use /etc/default/volatiles_stage/volatiles-readonly-minimal
without read-only-rootfs.

Cheers,

> 
> [YOCTO #3406]
> 
> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
> ---
>  meta/classes/image.bbclass |   29 +++++++++++++++++++++++++++++
>  1 file changed, 29 insertions(+)
> 
> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
> index 8bf718a..15d42d0 100644
> --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -394,6 +394,35 @@ zap_root_password () {
>  	mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
>  } 
>  
> +# A hook function to support read-only-rootfs IMAGE_FEATURES
> +read_only_rootfs_hook () {
> +	# Tweak the mount option in fstab
> +	sed '/rootfs/ s/defaults/ro/' < ${IMAGE_ROOTFS}/etc/fstab > ${IMAGE_ROOTFS}/etc/fstab.new
> +	mv ${IMAGE_ROOTFS}/etc/fstab.new ${IMAGE_ROOTFS}/etc/fstab
> +	# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
> +	sed 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' < ${IMAGE_ROOTFS}/etc/default/rcS > ${IMAGE_ROOTFS}/etc/default/rcS.new
> +	mv ${IMAGE_ROOTFS}/etc/default/rcS.new ${IMAGE_ROOTFS}/etc/default/rcS
> +	# Run populate-volatile.sh at rootfs time to set up basic files
> +	# and directories to support read-only rootfs.
> +	if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
> +		echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
> +		exit 1
> +	else
> +		${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
> +	fi
> +}
> +
> +# Choose the correct config file for volatile storage handling according to the image type
> +choose_volatile_conf_file () {
> +	if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then
> +		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-sato \
> +			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
> +	else
> +		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-minimal \
> +			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
> +	fi
> +}
> +
>  # allow openssh accept login with empty password string
>  openssh_allow_empty_password () {
>  	if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
> -- 
> 1.7.9.5
> 
> 
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Qi.Chen@windriver.com - Dec. 27, 2012, 8:51 a.m.
On 12/27/2012 04:42 PM, Martin Jansa wrote:
> On Thu, Dec 27, 2012 at 10:57:39AM +0800, Qi.Chen@windriver.com wrote:
>> From: Chen Qi <Qi.Chen@windriver.com>
>>
>> read_only_rootfs_hook: this funtion is invoked only if 'read-only-rootfs'
>> is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
>> volatile.sh script run at rootfs time.
>>
>> choose_volatile_conf_file: this function properly chooses the right
>> conf file for volatile storage handling according to the IMAGE_FEATURES.
> choose_volatile_conf_file is always called from core-image with or
> without read-only-rootfs in IMAGE_FEATURES.
>
> So it will use /etc/default/volatiles_stage/volatiles-readonly-minimal
> without read-only-rootfs.
>
> Cheers,
Yes. And I did this on purpose.

I want to ship the conf file no matter we're building a 
'read-only-rootfs' image or not.
In this way, changing 'ROOTFS_READ_ONLY' to 'yes' on a currently running 
system and rebooting will give the user a working system with read-only 
rootfs.

If the rootfs is not read-only, this conf file will not be applied, both 
at rootfs construction time and at system startup time.

Best Regards,
Chen Qi

>> [YOCTO #3406]
>>
>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>> ---
>>   meta/classes/image.bbclass |   29 +++++++++++++++++++++++++++++
>>   1 file changed, 29 insertions(+)
>>
>> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
>> index 8bf718a..15d42d0 100644
>> --- a/meta/classes/image.bbclass
>> +++ b/meta/classes/image.bbclass
>> @@ -394,6 +394,35 @@ zap_root_password () {
>>   	mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
>>   }
>>   
>> +# A hook function to support read-only-rootfs IMAGE_FEATURES
>> +read_only_rootfs_hook () {
>> +	# Tweak the mount option in fstab
>> +	sed '/rootfs/ s/defaults/ro/' < ${IMAGE_ROOTFS}/etc/fstab > ${IMAGE_ROOTFS}/etc/fstab.new
>> +	mv ${IMAGE_ROOTFS}/etc/fstab.new ${IMAGE_ROOTFS}/etc/fstab
>> +	# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
>> +	sed 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' < ${IMAGE_ROOTFS}/etc/default/rcS > ${IMAGE_ROOTFS}/etc/default/rcS.new
>> +	mv ${IMAGE_ROOTFS}/etc/default/rcS.new ${IMAGE_ROOTFS}/etc/default/rcS
>> +	# Run populate-volatile.sh at rootfs time to set up basic files
>> +	# and directories to support read-only rootfs.
>> +	if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
>> +		echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
>> +		exit 1
>> +	else
>> +		${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
>> +	fi
>> +}
>> +
>> +# Choose the correct config file for volatile storage handling according to the image type
>> +choose_volatile_conf_file () {
>> +	if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then
>> +		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-sato \
>> +			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
>> +	else
>> +		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-minimal \
>> +			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
>> +	fi
>> +}
>> +
>>   # allow openssh accept login with empty password string
>>   openssh_allow_empty_password () {
>>   	if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
>> -- 
>> 1.7.9.5
>>
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Qi.Chen@windriver.com - Dec. 27, 2012, 8:56 a.m.
On 12/27/2012 04:42 PM, Martin Jansa wrote:
> On Thu, Dec 27, 2012 at 10:57:39AM +0800, Qi.Chen@windriver.com wrote:
>> From: Chen Qi <Qi.Chen@windriver.com>
>>
>> read_only_rootfs_hook: this funtion is invoked only if 'read-only-rootfs'
>> is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
>> volatile.sh script run at rootfs time.
>>
>> choose_volatile_conf_file: this function properly chooses the right
>> conf file for volatile storage handling according to the IMAGE_FEATURES.
> choose_volatile_conf_file is always called from core-image with or
> without read-only-rootfs in IMAGE_FEATURES.
>
> So it will use /etc/default/volatiles_stage/volatiles-readonly-minimal
> without read-only-rootfs.
>
> Cheers,
Thanks for your review  :)

The commit message here is kind of misleading.
Maybe I should modify the commit message here?

Thanks,
Chen Qi

>> [YOCTO #3406]
>>
>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>> ---
>>   meta/classes/image.bbclass |   29 +++++++++++++++++++++++++++++
>>   1 file changed, 29 insertions(+)
>>
>> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
>> index 8bf718a..15d42d0 100644
>> --- a/meta/classes/image.bbclass
>> +++ b/meta/classes/image.bbclass
>> @@ -394,6 +394,35 @@ zap_root_password () {
>>   	mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
>>   }
>>   
>> +# A hook function to support read-only-rootfs IMAGE_FEATURES
>> +read_only_rootfs_hook () {
>> +	# Tweak the mount option in fstab
>> +	sed '/rootfs/ s/defaults/ro/' < ${IMAGE_ROOTFS}/etc/fstab > ${IMAGE_ROOTFS}/etc/fstab.new
>> +	mv ${IMAGE_ROOTFS}/etc/fstab.new ${IMAGE_ROOTFS}/etc/fstab
>> +	# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
>> +	sed 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' < ${IMAGE_ROOTFS}/etc/default/rcS > ${IMAGE_ROOTFS}/etc/default/rcS.new
>> +	mv ${IMAGE_ROOTFS}/etc/default/rcS.new ${IMAGE_ROOTFS}/etc/default/rcS
>> +	# Run populate-volatile.sh at rootfs time to set up basic files
>> +	# and directories to support read-only rootfs.
>> +	if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
>> +		echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
>> +		exit 1
>> +	else
>> +		${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
>> +	fi
>> +}
>> +
>> +# Choose the correct config file for volatile storage handling according to the image type
>> +choose_volatile_conf_file () {
>> +	if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then
>> +		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-sato \
>> +			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
>> +	else
>> +		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-minimal \
>> +			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
>> +	fi
>> +}
>> +
>>   # allow openssh accept login with empty password string
>>   openssh_allow_empty_password () {
>>   	if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
>> -- 
>> 1.7.9.5
>>
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Saul Wold - Dec. 27, 2012, 6:22 p.m.
On 12/26/2012 06:57 PM, Qi.Chen@windriver.com wrote:
> From: Chen Qi <Qi.Chen@windriver.com>
>
> read_only_rootfs_hook: this funtion is invoked only if 'read-only-rootfs'
> is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
> volatile.sh script run at rootfs time.
>
> choose_volatile_conf_file: this function properly chooses the right
> conf file for volatile storage handling according to the IMAGE_FEATURES.
>
> [YOCTO #3406]
>
> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
> ---
>   meta/classes/image.bbclass |   29 +++++++++++++++++++++++++++++
>   1 file changed, 29 insertions(+)
>
> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
> index 8bf718a..15d42d0 100644
> --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -394,6 +394,35 @@ zap_root_password () {
>   	mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
>   }
>
> +# A hook function to support read-only-rootfs IMAGE_FEATURES
> +read_only_rootfs_hook () {
> +	# Tweak the mount option in fstab
> +	sed '/rootfs/ s/defaults/ro/' < ${IMAGE_ROOTFS}/etc/fstab > ${IMAGE_ROOTFS}/etc/fstab.new
> +	mv ${IMAGE_ROOTFS}/etc/fstab.new ${IMAGE_ROOTFS}/etc/fstab
> +	# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
> +	sed 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' < ${IMAGE_ROOTFS}/etc/default/rcS > ${IMAGE_ROOTFS}/etc/default/rcS.new
> +	mv ${IMAGE_ROOTFS}/etc/default/rcS.new ${IMAGE_ROOTFS}/etc/default/rcS
For the above 2 sed/mv, can't you use sed -i instead, cuts down on the 
exec overhead.

Sau!

> +	# Run populate-volatile.sh at rootfs time to set up basic files
> +	# and directories to support read-only rootfs.
> +	if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
> +		echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
> +		exit 1
> +	else
> +		${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
> +	fi
> +}
> +
> +# Choose the correct config file for volatile storage handling according to the image type
> +choose_volatile_conf_file () {
> +	if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then
> +		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-sato \
> +			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
> +	else
> +		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-minimal \
> +			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
> +	fi
> +}
> +
>   # allow openssh accept login with empty password string
>   openssh_allow_empty_password () {
>   	if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
>
Qi.Chen@windriver.com - Dec. 28, 2012, 2:16 a.m.
On 12/28/2012 02:22 AM, Saul Wold wrote:
> On 12/26/2012 06:57 PM, Qi.Chen@windriver.com wrote:
>> From: Chen Qi <Qi.Chen@windriver.com>
>>
>> read_only_rootfs_hook: this funtion is invoked only if 
>> 'read-only-rootfs'
>> is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
>> volatile.sh script run at rootfs time.
>>
>> choose_volatile_conf_file: this function properly chooses the right
>> conf file for volatile storage handling according to the IMAGE_FEATURES.
>>
>> [YOCTO #3406]
>>
>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>> ---
>>   meta/classes/image.bbclass |   29 +++++++++++++++++++++++++++++
>>   1 file changed, 29 insertions(+)
>>
>> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
>> index 8bf718a..15d42d0 100644
>> --- a/meta/classes/image.bbclass
>> +++ b/meta/classes/image.bbclass
>> @@ -394,6 +394,35 @@ zap_root_password () {
>>       mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
>>   }
>>
>> +# A hook function to support read-only-rootfs IMAGE_FEATURES
>> +read_only_rootfs_hook () {
>> +    # Tweak the mount option in fstab
>> +    sed '/rootfs/ s/defaults/ro/' < ${IMAGE_ROOTFS}/etc/fstab > 
>> ${IMAGE_ROOTFS}/etc/fstab.new
>> +    mv ${IMAGE_ROOTFS}/etc/fstab.new ${IMAGE_ROOTFS}/etc/fstab
>> +    # Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
>> +    sed 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' < 
>> ${IMAGE_ROOTFS}/etc/default/rcS > ${IMAGE_ROOTFS}/etc/default/rcS.new
>> +    mv ${IMAGE_ROOTFS}/etc/default/rcS.new 
>> ${IMAGE_ROOTFS}/etc/default/rcS
> For the above 2 sed/mv, can't you use sed -i instead, cuts down on the 
> exec overhead.
>
> Sau!
>
I've fixed this and sent out a V4.

Thanks,
Chen Qi
>> +    # Run populate-volatile.sh at rootfs time to set up basic files
>> +    # and directories to support read-only rootfs.
>> +    if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
>> +        echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh 
>> doesn't exist."
>> +        exit 1
>> +    else
>> +        ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
>> +    fi
>> +}
>> +
>> +# Choose the correct config file for volatile storage handling 
>> according to the image type
>> +choose_volatile_conf_file () {
>> +    if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", 
>> "false" ,d)}; then
>> +        cp 
>> ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-sato \
>> + ${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
>> +    else
>> +        cp 
>> ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-minimal \
>> + ${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
>> +    fi
>> +}
>> +
>>   # allow openssh accept login with empty password string
>>   openssh_allow_empty_password () {
>>       if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
>>
>
>

Patch

diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 8bf718a..15d42d0 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -394,6 +394,35 @@  zap_root_password () {
 	mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
 } 
 
+# A hook function to support read-only-rootfs IMAGE_FEATURES
+read_only_rootfs_hook () {
+	# Tweak the mount option in fstab
+	sed '/rootfs/ s/defaults/ro/' < ${IMAGE_ROOTFS}/etc/fstab > ${IMAGE_ROOTFS}/etc/fstab.new
+	mv ${IMAGE_ROOTFS}/etc/fstab.new ${IMAGE_ROOTFS}/etc/fstab
+	# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
+	sed 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' < ${IMAGE_ROOTFS}/etc/default/rcS > ${IMAGE_ROOTFS}/etc/default/rcS.new
+	mv ${IMAGE_ROOTFS}/etc/default/rcS.new ${IMAGE_ROOTFS}/etc/default/rcS
+	# Run populate-volatile.sh at rootfs time to set up basic files
+	# and directories to support read-only rootfs.
+	if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
+		echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
+		exit 1
+	else
+		${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
+	fi
+}
+
+# Choose the correct config file for volatile storage handling according to the image type
+choose_volatile_conf_file () {
+	if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then
+		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-sato \
+			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
+	else
+		cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-minimal \
+			${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
+	fi
+}
+
 # allow openssh accept login with empty password string
 openssh_allow_empty_password () {
 	if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then