summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/volatile-binds/files/mount-copybind
AgeCommit message (Collapse)Author
2022-03-26mount-copybind: add MOUNT_COPYBIND_AVOID_OVERLAYFS env var to skip OverlayFSLuca Boccassi
In some cases we don't want to even attempt to set up OverlayFS, for example because SELinux in enforcing mode would kill the process attempting to use the mount. See: https://lore.kernel.org/all/CA+FmFJBDwt52Z-dVGfuUcnRMiMtGPhK4cCQJ=J_fg0r3x-b6ng@mail.gmail.com/T/#mef98aa406324096d1889d3d467251f30456f403c If MOUNT_COPYBIND_AVOID_OVERLAYFS=1 is set, skip directly to copy and bind mount. (From OE-Core rev: a8e7dca69054798b1c9843a0de889cef3e261c4f) Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-03-26mount-copybind: fix shellcheck warningLuca Boccassi
$ shellcheck meta/recipes-core/volatile-binds/files/mount-copybind In meta/recipes-core/volatile-binds/files/mount-copybind line 54: mountcontext=",rootcontext=$(matchpathcon -n $mountpoint)" ^---------^ SC2086: Double quote to prevent globbing and word splitting. Did you mean: mountcontext=",rootcontext=$(matchpathcon -n "$mountpoint")" For more information: https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ... (From OE-Core rev: 56c7962a6c31acfe0e118f713954aeafd7e2d9c0) Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-10-11mount-copybind: add rootcontext mountoption for overlayfsMaximilian Blenk
If selinux is enabled, the context of the mountpoint for overlayfs needs to be specified manually via the rootcontext option. To this end, the required context is determined using matchpathcon(1) and passed via the rootcontext mount option. Additionally, if the mount source directory is created by mount-copybind it also needs to take care that the context of the directory is correct (From OE-Core rev: 57f51e8c73ab9f55f20815a9459c3afad2b281e6) Signed-off-by: Tobias Kaufmann <Tobias.KA.Kaufmann@bmw.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-10-11mount-copybind: add SELinux supportTobias Kaufmann
bind mounts don't use the SELinux label of the target, but the SELinux label of the source. This patch restores the SELinux context of the bind mount recursively using restorecon. (From OE-Core rev: 6f3e231dc9bc11772573bf9683de9804460362d1) Signed-off-by: Tobias Kaufmann <Tobias.KA.Kaufmann@bmw.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-19volatile-binds: Change cp to use -a instead of -p.Chris PeBenito
This is needed on SELinux systems, so the labels (xattrs) are preserved. (From OE-Core rev: ab7e3caf3e29f2d8db55e2901e0a9b01061afd88) Signed-off-by: Chris PeBenito <Christopher.PeBenito@microsoft.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-10-20volatile-binds: use overlayfs if availableMatt Hoosier
Copying files from the read-only root filesystem to the tmpfs providing the volatile directories can be slow and waste memory. If the kernel supports the overlay filesystem, use it to mount a writable tmpfs on top of the read-only directory from the rootfs and avoid copies. Analogous to the modification made to initscripts's read-only-rootfs-hook in 370fda1b2e8d5dc011522131bba4106de26bfb19. (From OE-Core rev: b4976f3cf8cd028f165100b67867adb862da4d7f) Signed-off-by: Matt Hoosier <matt.hoosier@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-08-02volatile-binds: add recipeChen Qi
This recipe is designed to play a key role in a read-only rootfs of systemd based systems. It generates service files from a template, volatile-binds.service.in and the VOLATILE_BINDS variable. By default, VOLATILE_BINDS takes the value of "/var/volatile/lib /var/lib\n", which leads to the generation of volatile-var-lib.service file. This file doesn't have any effect in a read-write system, as it has "ConditionPathIsReadWrite = !/var/lib" in the [Unit] section. In other words, this file only has effect in a read-only rootfs. (From OE-Core rev: ed7d30dc0cdb6d6c56c50ac7a3440c4ed0ee70d3) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-03 07:11:47 +0000