From 26031dfcf6567a84b3df5f72b72661b070ee50b096ac9bac584f7f9eb6dfe615 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Sat, 4 May 2024 00:02:13 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main read-only-root-fs revision 13637b8167e0c0144e759b35820d63b3 --- .gitattributes | 23 +++ README.packaging.txt | 11 ++ _service | 14 ++ _servicedata | 6 + ...nly-root-fs-1.0+git20240228.d85232a.tar.xz | 3 + read-only-root-fs.changes | 151 ++++++++++++++++++ read-only-root-fs.spec | 110 +++++++++++++ 7 files changed, 318 insertions(+) create mode 100644 .gitattributes create mode 100644 README.packaging.txt create mode 100644 _service create mode 100644 _servicedata create mode 100644 read-only-root-fs-1.0+git20240228.d85232a.tar.xz create mode 100644 read-only-root-fs.changes create mode 100644 read-only-root-fs.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/README.packaging.txt b/README.packaging.txt new file mode 100644 index 0000000..8451b89 --- /dev/null +++ b/README.packaging.txt @@ -0,0 +1,11 @@ +This package should use just the content of the git tree. If you need +to make changes, make them in git and update the package from git (you +can send merge request if you don't have write access). + +The online repository is at: +http://github.com/openSUSE/read-only-root-fs + +For building the package from git run the service directly: +osc service disabledrun + +Note that spec and changes files are not part of the git repo. diff --git a/_service b/_service new file mode 100644 index 0000000..d5c7ad8 --- /dev/null +++ b/_service @@ -0,0 +1,14 @@ + + + 1.0 + 1.0+git%cd.%h + https://github.com/openSUSE/read-only-root-fs.git + git + enable + + + xz + *.tar + + + diff --git a/_servicedata b/_servicedata new file mode 100644 index 0000000..debcd7a --- /dev/null +++ b/_servicedata @@ -0,0 +1,6 @@ + + + https://github.com/openSUSE/read-only-root-fs.git + d85232a9c138eb6dc768c97ac3a5b2d80c16b7e6 + + \ No newline at end of file diff --git a/read-only-root-fs-1.0+git20240228.d85232a.tar.xz b/read-only-root-fs-1.0+git20240228.d85232a.tar.xz new file mode 100644 index 0000000..c4b97d9 --- /dev/null +++ b/read-only-root-fs-1.0+git20240228.d85232a.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e29ca21657a2bf9b6494dee784b95e6f8c241162a9df4860671dcc8dcb112c14 +size 8868 diff --git a/read-only-root-fs.changes b/read-only-root-fs.changes new file mode 100644 index 0000000..0b72a76 --- /dev/null +++ b/read-only-root-fs.changes @@ -0,0 +1,151 @@ +------------------------------------------------------------------- +Wed Feb 28 15:15:15 UTC 2024 - fvogt@suse.com + +- Update to version 1.0+git20240228.d85232a: + * etc/grub.d/01_suse_ro_root: Don't btrfs-mount-subvol inside grub-emu + +------------------------------------------------------------------- +Mon Aug 08 09:53:28 UTC 2022 - fvogt@suse.com + +- Update to version 1.0+git20220808.cd59f4f: + * Fix writableagain.conf + +------------------------------------------------------------------- +Fri Aug 05 12:45:16 UTC 2022 - fvogt@suse.com + +- Update to version 1.0+git20220805.4a3d850: + * Work around read-only state of subvolumes in a different way + +------------------------------------------------------------------- +Mon Aug 01 14:14:08 UTC 2022 - iforster@suse.com + +- Update to version 1.0+git20220801.cbb90bc: + * Add another workaround for read-only subvolumes (boo#1202000) + * Correctly declare mount-overlay.sh as Bash file +- Update source service URL + +------------------------------------------------------------------- +Wed Sep 2 08:53:55 UTC 2020 - Thorsten Kukuk + +- Adjust btrfsmaintenance sysconfig to not use the read-only + root filesystem [bsc#1176052] + +------------------------------------------------------------------- +Thu Jul 30 17:50:08 UTC 2020 - iforster@suse.com + +- Update to version 1.0+git20200730.1243fd0: + * Add comment about the mounting of /root in the initrd + * Better check for already existing /etc overlay [boo#1174733] + +------------------------------------------------------------------- +Tue Jul 21 11:22:14 UTC 2020 - Thorsten Kukuk + +- Use file requires, add sed + +------------------------------------------------------------------- +Tue Jan 21 17:35:13 UTC 2020 - iforster@suse.com + +- Update to version 1.0+git20200121.5ed8d15: + * Always mount /root during initrd [boo#1161264] + +------------------------------------------------------------------- +Tue Dec 03 10:14:40 UTC 2019 - opensuse-packaging@opensuse.org + +- Update to version 1.0+git20191203.3f7cc07: + * Workaround /var being RO during systemd-journal-flush (boo#1156421) + +------------------------------------------------------------------- +Tue Nov 12 16:18:56 UTC 2019 - kukuk@suse.com + +- Update to version 1.0+git20191112.42add9e: + * Add RequiresMountsFor=/etc override for systemd-udevd.service + +------------------------------------------------------------------- +Fri Jun 07 11:47:47 UTC 2019 - iforster@suse.com + +- Update to version 1.0+git20190607.11f8587: + * Determine /@ programmatically + +------------------------------------------------------------------- +Thu Jun 06 15:59:41 UTC 2019 - iforster@suse.com + +- Update to version 1.0+git20190606.e1f756c: + * Mount writable /boot subvolume in GRUB environment +- Create /boot/writable subvolume to provide a place to store the + GRUB environment block or Ignition's firstboot flag on a ro root + device +------------------------------------------------------------------- +Wed Feb 6 14:25:54 UTC 2019 - iforster@suse.com + +- Update description to reflect new behaviour +- Fix creation of overlay directories + +------------------------------------------------------------------- +Wed Feb 6 11:48:10 CET 2019 - kukuk@suse.de + +- Fix file list + +------------------------------------------------------------------- +Wed Feb 06 10:26:57 UTC 2019 - fvogt@suse.com + +- Update to version 1.0+git20190206.586e9f1: + * Remove migration code, only handle the initial setup here + * Drop use of fstab.sys + * Use a dracut config file instead of a module + +------------------------------------------------------------------- +Wed Jun 06 07:53:45 UTC 2018 - kukuk@suse.de + +- Update to version 1.0+git20180606.046b099: + * Fix missing shebang + * Make scripts executeable + * Enable create-dirs-from-rpmdb.service by default + +------------------------------------------------------------------- +Wed Apr 18 14:39:45 UTC 2018 - fvogt@suse.com + +- Update to version 1.0+git20180418.4373cf9: + * Fix 99volatile-overlay + * proper shell escaping in mount-overlay.sh (#3) + +------------------------------------------------------------------- +Mon Apr 16 08:52:47 UTC 2018 - fvogt@suse.com + +- Update to version 1.0+git20180416.825ad6c: + * Add new 99volatile-overlay dracut module +- BuildRequire/Require dracut for proper directory ownership +- Fix posttrans if zypper is not installed + +------------------------------------------------------------------- +Wed Mar 21 09:38:22 CET 2018 - kukuk@suse.de + +- Disable multiversion feature of libzypp at install time +- Document, that this package should never be installed in a + running system, only during installation + +------------------------------------------------------------------- +Wed Mar 21 06:09:40 UTC 2018 - kukuk@suse.de + +- Update to version 1.0+git20180321.a5b34ab: + * Disable purge-kernels.service, does not work with read-only + root filesystem + * Enable man-db-create.service, man cannot create cache in %post + * Fix OBS URL + +------------------------------------------------------------------- +Fri Mar 2 09:42:47 UTC 2018 - rbrown@suse.com + +- Add Requires(post) for coreutils & grep to ensure post script has + what it needs (boo#1083526) + +------------------------------------------------------------------- +Tue Feb 27 14:57:51 UTC 2018 - kukuk@suse.de + +- Update to version 1.0+git20180227.44d5e8a: + * Initial import of read-only-root-fs stuff from caasp-tools + +------------------------------------------------------------------- +Tue Feb 27 15:43:59 CET 2018 - kukuk@suse.de + +- Initial version + diff --git a/read-only-root-fs.spec b/read-only-root-fs.spec new file mode 100644 index 0000000..5f66348 --- /dev/null +++ b/read-only-root-fs.spec @@ -0,0 +1,110 @@ +# +# spec file for package read-only-root-fs +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: read-only-root-fs +Version: 1.0+git20240228.d85232a +Release: 0 +Summary: Files and Scripts for a RO root fileystem +License: GPL-2.0-or-later +Group: System/Fhs +URL: https://github.com/openSUSE/read-only-root-fs +Source: read-only-root-fs-%{version}.tar.xz +Source1: README.packaging.txt +BuildRequires: dracut +BuildRequires: update-bootloader-rpm-macros +Requires: dracut +Requires(post): /usr/bin/mkdir /usr/bin/cat /usr/bin/sed +Requires(post): gawk +Requires(post): snapper +# Required if system with new /etc/fstab entries is supposed to be updated +Conflicts: transactional-update < 2.15 +BuildArch: noarch +%{update_bootloader_requires} + +%description +Files, scripts and directories to run the system with a +read-only root filesystem with %{_sysconfdir} writeable via overlayfs. + +This package should never be installed in an already running +system! It should only be selected by a system role for a +read-only root filesystem with transactional updates. +The package will create / modify entries for mounting /etc and /var. +Those entries are used by dracut to mount the overlay file systems +during the early boot phase. + +%package volatile +Summary: Dracut Module to mount a tmpfs overlay on a RO root +Group: System/Fhs +Requires: dracut + +%description volatile +A dracut module which mounts an overlayfs each on /etc and /var, with the upper +layer in a tmpfs mount. This is the minimal setup to get a booting system, to +have a writable /root or /home, additional fstab entries can be added. + +%prep +%setup -q + +%build + +%install +cp -a etc usr %{buildroot} +mkdir -p %{buildroot}%{_localstatedir}/lib/overlay/work-etc + +%post +if [ "$1" = 1 ] ; then + %{_sbindir}/setup-fstab-for-overlayfs + mkdir -p %{_localstatedir}/lib/overlay/1/etc +fi +if [ ! -e /boot/writable -a "`findmnt -n -o FSTYPE -l /`" = "btrfs" ]; then + %{_sbindir}/mksubvolume /boot/writable +fi +%{?update_bootloader_refresh_post} + +%posttrans +if [ -f %{_sysconfdir}/zypp/zypp.conf ]; then + sed -i 's/^multiversion =.*/multiversion =/g' %{_sysconfdir}/zypp/zypp.conf +fi +# btrfsmaintainence uses as default "/", but that is read-only. +# Change that to /.snapshots/ +for var in BTRFS_BALANCE_MOUNTPOINTS BTRFS_SCRUB_MOUNTPOINTS BTRFS_TRIM_MOUNTPOINTS; do + grep -q "${var}=\"/\"" /etc/sysconfig/btrfsmaintenance && sed -i "s|${var}=.*|${var}=\"/.snapshots\"|g" /etc/sysconfig/btrfsmaintenance +done +%{?update_bootloader_posttrans} +exit 0 + +%files +%license COPYING +%{_sbindir}/setup-fstab-for-overlayfs +%{_localstatedir}/lib/overlay +%{_prefix}/lib/dracut/dracut.conf.d/10-read-only-root-fs.conf +%{_prefix}/lib/systemd/system-preset/* +%dir %{_prefix}/lib/systemd/system/systemd-udevd.service.d +%{_prefix}/lib/systemd/system/systemd-udevd.service.d/etcmount.conf +%dir %{_prefix}/lib/systemd/system/systemd-journal-flush.service.d +%{_prefix}/lib/systemd/system/systemd-journal-flush.service.d/afterlocalfs.conf +%dir %{_prefix}/lib/systemd/system/systemd-remount-fs.service.d +%{_prefix}/lib/systemd/system/systemd-remount-fs.service.d/writableagain.conf +%dir %{_sysconfdir}/grub.d +%config(noreplace) %{_sysconfdir}/grub.d/01_suse_ro_root + +%files volatile +%license COPYING +%{_prefix}/lib/dracut/modules.d/99volatile-overlay/ + +%changelog