Message ID | 20240530090243.3927412-1-changqing.li@windriver.com |
---|---|
State | New |
Headers | show |
Series | VOLATILE_TMP_DIR: Extend to specify the persistence of /var/tmp | expand |
On Thu, 2024-05-30 at 17:02 +0800, Changqing Li via lists.openembedded.org wrote: > From: Changqing Li <changqing.li@windriver.com> > > Currently, set VOLATILE_TMP_DIR to "no", only make /tmp as persistent. > This patch extends VOLATILE_TMP_DIR to also specify the persistence of > /var/tmp by following changes: > > * change FILESYSTEM_PERMS_TABLES to remove symlink /var/tmp -> /var/volatile/tmp > for the packaging process > * update base-files to create /var/tmp as a dir not symlink to /var/volatile/tmp > > Here is an use case: > Steps: > 1. docker import core-image-minimal-qemux86-64.tar.bz2 poky:latest > 2. docker run -it --rm poky:latest /bin/sh > 3. /var/log /var/tmp are deadlinks, and cause "No such file or directory" errors > > Root cause: > By default, /var/tmp links to /var/volatile/tmp, and /var/volatile/tmp > usually created by initscript(sysV) or systemd-tmpfile.d(systemd) during > boot up, but for container, initscript/systemd-tmpfile.d will not be > executed, so /var/volatile/tmp is not created. > > This patch provides an option for user want to use container, set > VOLATILE_TMP_DIR to "no" can resolve above case. > > Signed-off-by: Changqing Li <changqing.li@windriver.com> Sorry it has taken me so long to get to this. I agree we should try and fix the issues you raise here but I don't think the patch is quite the best way to do it. What I'd propose is that we keen the new fs-perms files you're creating but change the tables variable to simply be: FILESYSTEM_PERMS_TABLES ?= " files/fs-perms.txt \ files/fs-perms-volatile-log.txt \ files/fs-perms-volatile-tmp.txt \ " The other references can then simply work along the lines of: ${@bb.utils.contains("FILESYSTEM_PERMS_TABLES", "files/fs-perms-volatile-log.txt", "log", "", d)} and we drop the VOLATILE_*_DIR variables. I'd suggest two patches, one separating out fs-perms-volatile-log.txt and the other adding fs-perms-volatile-tmp.txt. Cheers, Richard
On 8/24/24 00:15, Richard Purdie wrote: > CAUTION: This email comes from a non Wind River email account! > Do not click links or open attachments unless you recognize the sender and know the content is safe. > > On Thu, 2024-05-30 at 17:02 +0800, Changqing Li via lists.openembedded.org wrote: >> From: Changqing Li<changqing.li@windriver.com> >> >> Currently, set VOLATILE_TMP_DIR to "no", only make /tmp as persistent. >> This patch extends VOLATILE_TMP_DIR to also specify the persistence of >> /var/tmp by following changes: >> >> * change FILESYSTEM_PERMS_TABLES to remove symlink /var/tmp -> /var/volatile/tmp >> for the packaging process >> * update base-files to create /var/tmp as a dir not symlink to /var/volatile/tmp >> >> Here is an use case: >> Steps: >> 1. docker import core-image-minimal-qemux86-64.tar.bz2 poky:latest >> 2. docker run -it --rm poky:latest /bin/sh >> 3. /var/log /var/tmp are deadlinks, and cause "No such file or directory" errors >> >> Root cause: >> By default, /var/tmp links to /var/volatile/tmp, and /var/volatile/tmp >> usually created by initscript(sysV) or systemd-tmpfile.d(systemd) during >> boot up, but for container, initscript/systemd-tmpfile.d will not be >> executed, so /var/volatile/tmp is not created. >> >> This patch provides an option for user want to use container, set >> VOLATILE_TMP_DIR to "no" can resolve above case. >> >> Signed-off-by: Changqing Li<changqing.li@windriver.com> > Sorry it has taken me so long to get to this. I agree we should try and > fix the issues you raise here but I don't think the patch is quite the > best way to do it. What I'd propose is that we keen the new fs-perms > files you're creating but change the tables variable to simply be: > > FILESYSTEM_PERMS_TABLES ?= " files/fs-perms.txt \ > files/fs-perms-volatile-log.txt \ > files/fs-perms-volatile-tmp.txt \ > " > > The other references can then simply work along the lines of: > > ${@bb.utils.contains("FILESYSTEM_PERMS_TABLES", "files/fs-perms-volatile-log.txt", "log", "", d)} > > and we drop the VOLATILE_*_DIR variables. > > I'd suggest two patches, one separating out fs-perms-volatile-log.txt > and the other adding fs-perms-volatile-tmp.txt. ok, I will send patches follow this comments. Thanks Changqing > > Cheers, > > Richard >
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf index 3ef2deb088..e6ec640809 100644 --- a/meta/conf/bitbake.conf +++ b/meta/conf/bitbake.conf @@ -384,7 +384,10 @@ FILESEXTRAPATHS ?= "__default:" # base_prefix, prefix, exec_prefix, base_bindir, base_sbindir, base_libdir, # datadir, sysconfdir, servicedir, sharedstatedir, localstatedir, infodir, # mandir, docdir, bindir, sbindir, libexecdir, libdir and includedir -FILESYSTEM_PERMS_TABLES ?= "${@'files/fs-perms.txt' if oe.types.boolean(d.getVar('VOLATILE_LOG_DIR')) else 'files/fs-perms-persistent-log.txt'}" +FILESYSTEM_PERMS_TABLES ?= " files/fs-perms.txt \ + ${@'files/fs-perms-volatile-log.txt' if oe.types.boolean(d.getVar('VOLATILE_LOG_DIR')) else ''} \ + ${@'files/fs-perms-volatile-tmp.txt' if oe.types.boolean(d.getVar('VOLATILE_TMP_DIR')) else ''} \ + " ################################################################## # General work and output directories for the build system. diff --git a/meta/files/fs-perms.txt b/meta/files/fs-perms-volatile-log.txt similarity index 53% copy from meta/files/fs-perms.txt copy to meta/files/fs-perms-volatile-log.txt index 48191f504c..fc846bbdc5 100644 --- a/meta/files/fs-perms.txt +++ b/meta/files/fs-perms-volatile-log.txt @@ -28,39 +28,7 @@ # Note: all standard config directories are automatically assigned "0755 root root false - - -" # Documentation should always be corrected -${mandir} 0755 root root true 0644 root root -${infodir} 0755 root root true 0644 root root -${docdir} 0755 root root true 0644 root root -${datadir}/gtk-doc 0755 root root true 0644 root root - -# Fixup locales -${datadir}/locale 0755 root root true 0644 root root - -# Cleanup headers -${includedir} 0755 root root true 0644 root root - -# Cleanup debug src -/usr/src/debug 0755 root root true 0644 root root # Items from base-files # Links -${localstatedir}/run link /run ${localstatedir}/log link volatile/log -${localstatedir}/lock link /run/lock -${localstatedir}/tmp link volatile/tmp - -/home 0755 root root false - - - -/srv 0755 root root false - - - -${prefix}/src 0755 root root false - - - -${localstatedir}/local 0755 root root false - - - - -# Special permissions from base-files -# Set 1777 -/tmp 01777 root root false - - - -${localstatedir}/volatile/tmp 01777 root root false - - - - -# Set 0700 -${ROOT_HOME} 0700 root root false - - - - -# Set 2775-lsb -${localstatedir}/mail 02775 root mail false - - - diff --git a/meta/files/fs-perms-persistent-log.txt b/meta/files/fs-perms-volatile-tmp.txt similarity index 59% rename from meta/files/fs-perms-persistent-log.txt rename to meta/files/fs-perms-volatile-tmp.txt index 61f0a6e26a..26247acda8 100644 --- a/meta/files/fs-perms-persistent-log.txt +++ b/meta/files/fs-perms-volatile-tmp.txt @@ -28,38 +28,11 @@ # Note: all standard config directories are automatically assigned "0755 root root false - - -" # Documentation should always be corrected -${mandir} 0755 root root true 0644 root root -${infodir} 0755 root root true 0644 root root -${docdir} 0755 root root true 0644 root root -${datadir}/gtk-doc 0755 root root true 0644 root root - -# Fixup locales -${datadir}/locale 0755 root root true 0644 root root - -# Cleanup headers -${includedir} 0755 root root true 0644 root root - -# Cleanup debug src -/usr/src/debug 0755 root root true 0644 root root # Items from base-files # Links -${localstatedir}/run link /run -${localstatedir}/lock link /run/lock ${localstatedir}/tmp link volatile/tmp -/home 0755 root root false - - - -/srv 0755 root root false - - - -${prefix}/src 0755 root root false - - - -${localstatedir}/local 0755 root root false - - - - # Special permissions from base-files # Set 1777 -/tmp 01777 root root false - - - ${localstatedir}/volatile/tmp 01777 root root false - - - - -# Set 0700 -${ROOT_HOME} 0700 root root false - - - - -# Set 2775-lsb -${localstatedir}/mail 02775 root mail false - - - diff --git a/meta/files/fs-perms.txt b/meta/files/fs-perms.txt index 48191f504c..d2266c1b26 100644 --- a/meta/files/fs-perms.txt +++ b/meta/files/fs-perms.txt @@ -45,9 +45,7 @@ ${includedir} 0755 root root true 0644 root root # Items from base-files # Links ${localstatedir}/run link /run -${localstatedir}/log link volatile/log ${localstatedir}/lock link /run/lock -${localstatedir}/tmp link volatile/tmp /home 0755 root root false - - - /srv 0755 root root false - - - @@ -57,7 +55,6 @@ ${localstatedir}/local 0755 root root false - - - # Special permissions from base-files # Set 1777 /tmp 01777 root root false - - - -${localstatedir}/volatile/tmp 01777 root root false - - - # Set 0700 ${ROOT_HOME} 0700 root root false - - - diff --git a/meta/recipes-core/base-files/base-files_3.0.14.bb b/meta/recipes-core/base-files/base-files_3.0.14.bb index 1b6e9671e4..256dfb214e 100644 --- a/meta/recipes-core/base-files/base-files_3.0.14.bb +++ b/meta/recipes-core/base-files/base-files_3.0.14.bb @@ -31,7 +31,7 @@ UNPACKDIR = "${S}" INHIBIT_DEFAULT_DEPS = "1" docdir:append = "/${P}" -dirs1777 = "/tmp ${localstatedir}/volatile/tmp" +dirs1777 = "/tmp ${localstatedir}/${@'volatile/' if oe.types.boolean('${VOLATILE_TMP_DIR}') else ''}tmp" dirs2775 = "" dirs555 = "/sys /proc" dirs755 = "/boot /dev ${base_bindir} ${base_sbindir} ${base_libdir} \ @@ -55,7 +55,8 @@ dirs755-lsb = "/srv \ ${prefix}/lib/locale" dirs2775-lsb = "/var/mail" -volatiles = "${@'log' if oe.types.boolean('${VOLATILE_LOG_DIR}') else ''} tmp" +volatiles = "${@'log' if oe.types.boolean('${VOLATILE_LOG_DIR}') else ''} \ + ${@'tmp' if oe.types.boolean('${VOLATILE_TMP_DIR}') else ''}" conffiles = "${sysconfdir}/debian_version ${sysconfdir}/host.conf \ ${sysconfdir}/issue /${sysconfdir}/issue.net \ ${sysconfdir}/nsswitch.conf ${sysconfdir}/profile \