Merge pull request #2186 from jlebon/pr/etc-rw

Fix read-only /etc when using sysroot=readonly and a separate /var mount
ostreedev · Aug 28, 2020 · 75376ba · 75376ba
2 parents 22b3883 + 8408f89
commit 75376ba
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 1 deletion.
diff --git a/.cci.jenkinsfile b/.cci.jenkinsfile
@@ -72,6 +72,12 @@ parallel fcos: {
         tar -C insttree -xzvf insttree.tar.gz
         rsync -rlv insttree/ /
         coreos-assembler init --force https://github.com/coreos/fedora-coreos-config
+        # XXX: We temporarily add these tests until they get merged into FCOS proper
+        (mkdir -p tests/kola/var-mount
+         cd tests/kola/var-mount
+         curl -L --remote-name-all \
+            https://raw.githubusercontent.com/jlebon/fedora-coreos-config/pr/var-mount/tests/kola/var-mount/{config.ign,test.sh}
+         chmod a+x test.sh)
         mkdir -p overrides/rootfs
         mv insttree/* overrides/rootfs/
         rmdir insttree

diff --git a/src/switchroot/ostree-prepare-root.c b/src/switchroot/ostree-prepare-root.c
@@ -251,7 +251,7 @@ main(int argc, char *argv[])
        * sysroot, we still need a writable /etc.  And to avoid race conditions
        * we ensure it's writable in the initramfs, before we switchroot at all.
        */
-      if (mount ("/etc", "/etc", NULL, MS_BIND, NULL) < 0)
+      if (mount ("etc", "etc", NULL, MS_BIND, NULL) < 0)
         err (EXIT_FAILURE, "failed to make /etc a bind mount");
       /* Pass on the fact that we discovered a readonly sysroot to ostree-remount.service */
       int fd = open (_OSTREE_SYSROOT_READONLY_STAMP, O_WRONLY | O_CREAT | O_CLOEXEC, 0644);

diff --git a/src/switchroot/ostree-remount.c b/src/switchroot/ostree-remount.c
@@ -112,6 +112,11 @@ main(int argc, char *argv[])
   bool sysroot_configured_readonly = unlink (_OSTREE_SYSROOT_READONLY_STAMP) == 0;
   do_remount ("/sysroot", !sysroot_configured_readonly);
 
+  /* And also make sure to make /etc rw again. We make this conditional on
+   * sysroot_configured_readonly because only in that case is it a bind-mount. */
+  if (sysroot_configured_readonly)
+    do_remount ("/etc", true);
+
   /* If /var was created as as an OSTree default bind mount (instead of being a separate filesystem)
     * then remounting the root mount read-only also remounted it.
     * So just like /etc, we need to make it read-write by default.