[OE-core] [OE-Core][PATCH v6 6/6] image: call systemctl preset-all for images

Jonas Bonn jonas at norrbonn.se
Fri May 3 13:02:43 UTC 2019 

Hi Alex,

On 02/05/2019 23:09, Alex Kiernan wrote:
> From: Alex Kiernan <alex.kiernan at hivehome.com>
> 
> Rather than rely on systemd's default invocation of preset-all at
> runtime, we pre-populate the symlink tree as part of of the image. This
> is done late so any overrides of presets during rootfs construction
> should already have happened.
> 
> Whilst we don't strictly need this for the read-write root case, it
> avoids boot time churn; for read-only root we have to do it here.
> 
> Signed-off-by: Alex Kiernan <alex.kiernan at gmail.com>
> ---
> 
> Changes in v6:
> - moved systemctl preset-all to IMAGE_PREPROCESS so it runs after ROOTFS,
>    run for all images, not just read-only
> 
> Changes in v5: None
> 
>   meta/classes/image.bbclass | 9 ++++++++-
>   1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
> index 276d0d31f4a5..a23403c0827a 100644
> --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -664,6 +664,13 @@ reproducible_final_image_task () {
>           find  ${IMAGE_ROOTFS} -exec touch -h  --date=@$REPRODUCIBLE_TIMESTAMP_ROOTFS {} \;
>       fi
>   }
> -IMAGE_PREPROCESS_COMMAND_append = " reproducible_final_image_task; "
> +
> +IMAGE_EXTRADEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd-systemctl-native', '', d)}"
> +
> +systemd_preset_all () {
> +	systemctl --root="${IMAGE_ROOTFS}" --preset-mode=enable-only preset-all
> +}
> +
> +IMAGE_PREPROCESS_COMMAND_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd_preset_all;', '', d)} reproducible_final_image_task; "
>   
>   CVE_PRODUCT = ""
> 

In the interest of being able to produce a "stateless" system, I'd 
prefer to see us trying to empty out /etc at buildtime.  That will 
allows us to error out when things are being installed directly to /etc 
such that they won't be set up properly at runtime when the system is 
"stateless".  Allow things that _can_ be set up at runtime to be so; the 
runtime cost is small and paid only at first boot for stateful systems.

Calling preset-all at buildtime should only be necessary for read-only 
rootfs; even there, long term, /etc should be writable as that's what 
systemd (and others) expect.

/Jonas

More information about the Openembedded-core mailing list