[OE-core] [PATCH] wic: Prevent duplicate entries on fstab
Otavio Salvador
otavio.salvador at ossystems.com.br
Fri Mar 10 13:32:05 UTC 2017
On Fri, Mar 10, 2017 at 4:33 AM, Patrick Ohly <patrick.ohly at intel.com> wrote:
> On Thu, 2017-03-09 at 18:11 -0300, Otavio Salvador wrote:
...
>> While discussing this with Fabio here, at O.S. Systems, we ended
>> agreeing that wic touching the fstab is wrong. The fstab should be
>> prepare as part of the image and not mangled during the disk
>> generation.
>
> I agree that it is a hack, and I also would prefer to not have wic
> modify the existing rootfs. That also breaks when IMA is enabled,
> because then the content of the /etc/fstab must match the security.ima
> xattr that was calculated for the unmodified content.
Exactly! the generated rootfs should not be modified. This is critical
for IMA but also for root-only fs and delta-based upgrades.
> However, it's a problem that doesn't have a good solution. The image
> recipe which describes what goes into the rootfs and thus determines the
> content of /etc/fstab has little control over the IMAGE_FSTYPES - that's
> typically set by the BSP or the user.
Yes but the /etc/fstab should be modified by the metadata and not
during the image generation. The format used (ext4, fsfs, wic...)
should not impact in the contents inside of the image.
> Suppose IMAGE_FSTYPES = "ext4 wic", and the WKS_FILE has multiple
> partitions and thus needs more entries in /etc/fstab than the
> single-partition "ext4" - the result of do_rootfs simply cannot work for
> both.
That is the point. If the machine requires to use multiple partitions
the ext4 should have the /etc/fstab ready for use when deployed.
> Right now, all one can do is assume (or perhaps check) that the right
> IMAGE_FSTYPES are set.
>
>> The mangled fstab is disastrous if someone uses an image upgrade. The
>> generated tarball or filesystem WILL NOT be the same running on the
>> device as wic will add entries.
>
> When do you take a snapshot of the rootfs? Is it as another do_image_*
> task, via an IMAGE_FSTYPE entry?
We generally use the pristine ext4 filesystem, for example.
--
Otavio Salvador O.S. Systems
http://www.ossystems.com.br http://code.ossystems.com.br
Mobile: +55 (53) 9981-7854 Mobile: +1 (347) 903-9750
More information about the Openembedded-core
mailing list