aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoe MacDonald <joe@deserted.net>2013-09-27 15:09:06 -0400
committerJoe MacDonald <joe@deserted.net>2013-10-02 13:24:45 -0400
commitc7fc09794c20db9e3b32d326abb627985d2b5b65 (patch)
tree3519562a6192659686c770da2d059e5cf2d0e940
parenta43e03a87c4d69c2554621394127d50f197d9eaf (diff)
downloadmeta-selinux-c7fc09794c20db9e3b32d326abb627985d2b5b65.tar.gz
meta-selinux-c7fc09794c20db9e3b32d326abb627985d2b5b65.tar.bz2
meta-selinux-c7fc09794c20db9e3b32d326abb627985d2b5b65.zip
udev/init: work around dev-cache restore problems
Restoring from the dev-cache with selinux enforcing causes various failures as devices are lacking, at a minimum, reasonable types and attributes. If, on the other hand, we at least create the cache with selinux and xattrs preserved and restored, we get significantly fewer errors and warnings on boot and we can successfully restore the context further down in init anyway. It still leaves some devices mislabeled, though, and still produces warnings on boot. Previous versions of the initscript removed all use of the dev-cache, if need be, we fall back to that. It is possible to get the middle-ground behaviour by defining use_udev_cache at the top of the udev initscript. Signed-off-by: Joe MacDonald <joe@deserted.net>
-rw-r--r--recipes-core/udev/udev/init63
-rw-r--r--recipes-core/udev/udev/udev-cache32
2 files changed, 66 insertions, 29 deletions
diff --git a/recipes-core/udev/udev/init b/recipes-core/udev/udev/init
index e88bddf..a96638f 100644
--- a/recipes-core/udev/udev/init
+++ b/recipes-core/udev/udev/init
@@ -14,7 +14,9 @@ export TZ=/etc/localtime
[ -d /sys/class ] || exit 1
[ -r /proc/mounts ] || exit 1
[ -x @UDEVD@ ] || exit 1
-[ -f /etc/default/udev-cache ] && . /etc/default/udev-cache
+if [ "$use_udev_cache" != "" ]; then
+ [ -f /etc/default/udev-cache ] && . /etc/default/udev-cache
+fi
[ -f /etc/udev/udev.conf ] && . /etc/udev/udev.conf
[ -f /etc/default/rcS ] && . /etc/default/rcS
@@ -60,35 +62,38 @@ case "$1" in
# Cache handling.
# A list of files which are used as a criteria to judge whether the udev cache could be reused.
CMP_FILE_LIST="/proc/version /proc/cmdline /proc/devices /proc/atags"
- if [ "$DEVCACHE" != "" ]; then
- if [ -e $DEVCACHE ]; then
- readfiles $CMP_FILE_LIST
- NEWDATA="$READDATA"
- readfiles /etc/udev/cache.data
- OLDDATA="$READDATA"
- if [ "$OLDDATA" = "$NEWDATA" ]; then
- (cd /; tar xf $DEVCACHE > /dev/null 2>&1)
- not_first_boot=1
- [ "$VERBOSE" != "no" ] && echo "udev: using cache file $DEVCACHE"
- [ -e /dev/shm/udev.cache ] && rm -f /dev/shm/udev.cache
- else
- # Output detailed reason why the cached /dev is not used
- if [ "$VERBOSE" != "no" ]; then
- echo "udev: udev cache not used"
- echo "udev: we use $CMP_FILE_LIST as criteria to judge whether the cache /dev could be resued"
- echo "udev: olddata: $OLDDATA"
- echo "udev: newdata: $NEWDATA"
- fi
- echo "$NEWDATA" > /dev/shm/udev.cache
- fi
- else
- if [ "$ROOTFS_READ_ONLY" != "yes" ]; then
- # If rootfs is not read-only, it's possible that a new udev cache would be generated;
- # otherwise, we do not bother to read files.
+ if [ "$use_udev_cache" != "" ]; then
+ if [ "$DEVCACHE" != "" ]; then
+ if [ -e $DEVCACHE ]; then
readfiles $CMP_FILE_LIST
- echo "$READDATA" > /dev/shm/udev.cache
+ NEWDATA="$READDATA"
+ readfiles /etc/udev/cache.data
+ OLDDATA="$READDATA"
+ if [ "$OLDDATA" = "$NEWDATA" ]; then
+ tar --directory=/ -xf $DEVCACHE > /dev/null 2>&1
+ not_first_boot=1
+ [ "$VERBOSE" != "no" ] && echo "udev: using cache file $DEVCACHE"
+ [ -e /dev/shm/udev.cache ] && rm -f /dev/shm/udev.cache
+ else
+ # Output detailed reason why the cached /dev is not used
+ if [ "$VERBOSE" != "no" ]; then
+ echo "udev: udev cache not used"
+ echo "udev: we use $CMP_FILE_LIST as criteria to judge whether the cache /dev could be resued"
+ echo "udev: olddata: $OLDDATA"
+ echo "udev: newdata: $NEWDATA"
+ fi
+ echo "$NEWDATA" > /dev/shm/udev.cache
+ fi
+ /usr/sbin/setenforce 1
+ else
+ if [ "$ROOTFS_READ_ONLY" != "yes" ]; then
+ # If rootfs is not read-only, it's possible that a new udev cache would be generated;
+ # otherwise, we do not bother to read files.
+ readfiles $CMP_FILE_LIST
+ echo "$READDATA" > /dev/shm/udev.cache
+ fi
fi
- fi
+ fi
fi
# make_extra_nodes
@@ -101,7 +106,7 @@ case "$1" in
/usr/bin/udevadm control --env=STARTUP=1
if [ "$not_first_boot" != "" ];then
/usr/bin/udevadm trigger --action=add --subsystem-nomatch=tty --subsystem-nomatch=mem --subsystem-nomatch=vc --subsystem-nomatch=vtconsole --subsystem-nomatch=misc --subsystem-nomatch=dcon --subsystem-nomatch=pci_bus --subsystem-nomatch=graphics --subsystem-nomatch=backlight --subsystem-nomatch=video4linux --subsystem-nomatch=platform
- (/usr/bin/udevadm settle --timeout=3; /usr/bin/udevadm control --env=STARTUP=)&
+ (/usr/bin/udevadm settle --timeout=10; /usr/bin/udevadm control --env=STARTUP=)&
else
/usr/bin/udevadm trigger --action=add
/usr/bin/udevadm settle
diff --git a/recipes-core/udev/udev/udev-cache b/recipes-core/udev/udev/udev-cache
new file mode 100644
index 0000000..6898577
--- /dev/null
+++ b/recipes-core/udev/udev/udev-cache
@@ -0,0 +1,32 @@
+#!/bin/sh -e
+
+### BEGIN INIT INFO
+# Provides: udev-cache
+# Required-Start: mountall
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: cache /dev to speedup the udev next boot
+### END INIT INFO
+
+export TZ=/etc/localtime
+
+[ -r /proc/mounts ] || exit 1
+[ -x @UDEVD@ ] || exit 1
+[ -d /sys/class ] || exit 1
+
+[ -f /etc/default/rcS ] && . /etc/default/rcS
+[ -f /etc/default/udev-cache ] && . /etc/default/udev-cache
+
+if [ "$ROOTFS_READ_ONLY" = "yes" ]; then
+ [ "$VERBOSE" != "no" ] && echo "udev-cache: read-only rootfs, skip generating udev-cache"
+ exit 0
+fi
+
+if [ "$DEVCACHE" != "" -a -e /dev/shm/udev.cache ]; then
+ echo "Populating dev cache"
+ tar --directory=/ --selinux --xattrs -cf "$DEVCACHE" dev
+ mv /dev/shm/udev.cache /etc/udev/cache.data
+fi
+
+exit 0