diff options
author | Anton Gerasimov <anton@advancedtelematic.com> | 2016-10-04 14:42:42 +0200 |
---|---|---|
committer | Anton Gerasimov <anton@advancedtelematic.com> | 2016-10-04 14:42:42 +0200 |
commit | 689d2a8e825b3fc77bd4671f2c0597d2de5f0fdf (patch) | |
tree | 50da6e3b59d6e112c15eabd2a3d675d7334ab4ab /meta-sota | |
parent | 46b4d2dd4a44de0588426d69168415af3e01acac (diff) |
Tuned initrd image and pseudo environment to fix bugs with extended
security attributes.
Bug-AGL: SPEC-259
Change-Id: I44499ce3f5f1924aecf63689a93d1f20e779225e
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
Diffstat (limited to 'meta-sota')
10 files changed, 157 insertions, 375 deletions
diff --git a/meta-sota/classes/image_types_ostree.bbclass b/meta-sota/classes/image_types_ostree.bbclass index a180721..4353af7 100644 --- a/meta-sota/classes/image_types_ostree.bbclass +++ b/meta-sota/classes/image_types_ostree.bbclass @@ -4,7 +4,7 @@ inherit image IMAGE_DEPENDS_ostree = "ostree-native:do_populate_sysroot \ virtual/kernel:do_deploy \ - ${OSTREE_INITRAMFS_IMAGE}:do_image_cpio" + ${OSTREE_INITRAMFS_IMAGE}:do_image_ext4" export OSTREE_REPO export OSTREE_BRANCHNAME @@ -93,7 +93,7 @@ IMAGE_CMD_ostree () { checksum=`sha256sum ${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGETYPE} | cut -f 1 -d " "` cp ${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGETYPE} boot/vmlinuz-${checksum} - cp ${DEPLOY_DIR_IMAGE}/${OSTREE_INITRAMFS_IMAGE}-${MACHINE}.cpio.gz boot/initramfs-${checksum} + cp ${DEPLOY_DIR_IMAGE}/${OSTREE_INITRAMFS_IMAGE}-${MACHINE}.ext4.gz boot/initramfs-${checksum} cd ${WORKDIR} diff --git a/meta-sota/recipes-bsp/u-boot/u-boot-ota/0001-Set-up-environment-for-OSTree-integration.patch b/meta-sota/recipes-bsp/u-boot/u-boot-ota/0001-Set-up-environment-for-OSTree-integration.patch index 186a2a2..851a0ab 100644 --- a/meta-sota/recipes-bsp/u-boot/u-boot-ota/0001-Set-up-environment-for-OSTree-integration.patch +++ b/meta-sota/recipes-bsp/u-boot/u-boot-ota/0001-Set-up-environment-for-OSTree-integration.patch @@ -23,7 +23,7 @@ index 78c296f..79df455 100644 + +#undef CONFIG_BOOTCOMMAND +#define CONFIG_BOOTCOMMAND "run loadenv;" \ -+ "setenv bootargs $bootargs\" console=ttyS0 root=/dev/hda\";" \ ++ "setenv bootargs $bootargs\" console=ttyS0 root=/dev/ram0 rw rootfstype=ext4 rootwait rootdelay=2 ostree_root=/dev/hda ramdisk_size=8192 \";" \ + "ext2load ide 0 $loadaddr \"/boot\"$kernel_image;" \ + "ext2load ide 0 $ramdiskaddr \"/boot\"$ramdisk_image;" \ + "zboot $loadaddr - $ramdiskaddr $filesize" diff --git a/meta-sota/recipes-core/images/initramfs-ostree-image.bb b/meta-sota/recipes-core/images/initramfs-ostree-image.bb index 71aa631..9e47086 100644 --- a/meta-sota/recipes-core/images/initramfs-ostree-image.bb +++ b/meta-sota/recipes-core/images/initramfs-ostree-image.bb @@ -1,7 +1,7 @@ # Netboot initramfs image. DESCRIPTION = "OSTree initramfs image" -PACKAGE_INSTALL = "ostree ostree-initramfs systemd-initramfs busybox base-passwd ${ROOTFS_BOOTSTRAP_INSTALL}" +PACKAGE_INSTALL = "ostree-switchroot ostree-initrd busybox base-passwd ${ROOTFS_BOOTSTRAP_INSTALL}" SYSTEMD_DEFAULT_TARGET = "initrd.target" diff --git a/meta-sota/recipes-devtools/pseudo/files/0001-Add-check-for-existence-of-old-file-to-renameat.patch b/meta-sota/recipes-devtools/pseudo/files/0001-Add-check-for-existence-of-old-file-to-renameat.patch new file mode 100644 index 0000000..3da2ad7 --- /dev/null +++ b/meta-sota/recipes-devtools/pseudo/files/0001-Add-check-for-existence-of-old-file-to-renameat.patch @@ -0,0 +1,40 @@ +From 41bb6c818a7ec9eeb33b60302c55c9c5ee393c5f Mon Sep 17 00:00:00 2001 +From: Anton Gerasimov <anton@advancedtelematic.com> +Date: Fri, 30 Sep 2016 17:12:19 +0200 +Subject: [PATCH 1/1] Add check for existence of old file to renameat + +--- + ports/unix/guts/renameat.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/ports/unix/guts/renameat.c b/ports/unix/guts/renameat.c +index ade0509..d5e36fa 100644 +--- a/ports/unix/guts/renameat.c ++++ b/ports/unix/guts/renameat.c +@@ -11,6 +11,7 @@ + int oldrc, newrc; + int save_errno; + int old_db_entry = 0; ++ int may_unlinked = 0; + + pseudo_debug(PDBGF_FILE, "renameat: %d,%s->%d,%s\n", + olddirfd, oldpath ? oldpath : "<nil>", +@@ -44,10 +45,14 @@ + /* as with unlink, we have to mark that the file may get deleted */ + msg = pseudo_client_op(OP_MAY_UNLINK, 0, -1, newdirfd, newpath, newrc ? NULL : &newbuf); + if (msg && msg->result == RESULT_SUCCEED) ++ may_unlinked = 1; ++ msg = pseudo_client_op(OP_STAT, 0, -1, olddirfd, oldpath, oldrc ? NULL : &oldbuf); ++ if (msg && msg->result == RESULT_SUCCEED) + old_db_entry = 1; ++ + rc = real_renameat(olddirfd, oldpath, newdirfd, newpath); + save_errno = errno; +- if (old_db_entry) { ++ if (may_unlinked) { + if (rc == -1) { + /* since we failed, that wasn't really unlinked -- put + * it back. +-- +2.9.3 + diff --git a/meta-sota/recipes-devtools/pseudo/pseudo_1.7.5.bbappend b/meta-sota/recipes-devtools/pseudo/pseudo_1.7.5.bbappend new file mode 100644 index 0000000..73b43df --- /dev/null +++ b/meta-sota/recipes-devtools/pseudo/pseudo_1.7.5.bbappend @@ -0,0 +1,3 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +SRC_URI += "file://0001-Add-check-for-existence-of-old-file-to-renameat.patch" diff --git a/meta-sota/recipes-sota/ostree-initramfs/ostree-initramfs.bb b/meta-sota/recipes-sota/ostree-initramfs/ostree-initramfs.bb deleted file mode 100644 index 5b3818c..0000000 --- a/meta-sota/recipes-sota/ostree-initramfs/ostree-initramfs.bb +++ /dev/null @@ -1,32 +0,0 @@ -# Small hook to call ostree-prepare-root on initrd-switch-root - -LICENSE = "GPLv2+" -LIC_FILES_CHKSUM = "file://COPYING.GPL;md5=751419260aa954499f7abaabaa882bbe" - -S = "${WORKDIR}" - -SRC_URI = "file://COPYING.GPL" - -DEPENDS += " ostree" - -FILES_${PN} += "${systemd_unitdir} \ - ${systemd_unitdir}/system \ - ${systemd_unitdir}/system/initrd-switch-root.target.wants \ - ${systemd_unitdir}/system/initrd-switch-root.target.wants/ostree-prepare-root.service \ - ${sysconfdir}/initrd-release \ - " - -export OSTREE_INITRAMFS_IMAGE - -do_install() { - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir} - echo "NAME=${OSTREE_INITRAMFS_IMAGE}" > ${D}/${sysconfdir}/initrd-release - install -d ${D}${systemd_unitdir} - install -d ${D}${systemd_unitdir}/system - - install -d ${D}${systemd_unitdir}/system/initrd-switch-root.target.wants - ln -s ${systemd_unitdir}/system/ostree-prepare-root.service \ - "${D}${systemd_unitdir}/system/initrd-switch-root.target.wants/ostree-prepare-root.service" - fi -} diff --git a/meta-sota/recipes-sota/ostree-initramfs/ostree-initramfs/COPYING.GPL b/meta-sota/recipes-sota/ostree-initramfs/ostree-initramfs/COPYING.GPL deleted file mode 100644 index d511905..0000000 --- a/meta-sota/recipes-sota/ostree-initramfs/ostree-initramfs/COPYING.GPL +++ /dev/null @@ -1,339 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - <one line to give the program's name and a brief idea of what it does.> - Copyright (C) <year> <name of author> - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - <signature of Ty Coon>, 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. diff --git a/meta-sota/recipes-sota/ostree-initrd/files/init.sh b/meta-sota/recipes-sota/ostree-initrd/files/init.sh new file mode 100644 index 0000000..5aa99d6 --- /dev/null +++ b/meta-sota/recipes-sota/ostree-initrd/files/init.sh @@ -0,0 +1,84 @@ +#!/bin/sh + +# global variables + +SMACK=n +DEBUG=n + +# ------------------------------------------- + +log_info() { echo "$0[$$]: $@" >&2; } +log_error() { echo "$0[$$]: ERROR $@" >&2; } + +do_mount_fs() { + log_info "mounting FS: $@" + [[ -e /proc/filesystems ]] && { grep -q "$1" /proc/filesystems || { log_error "Unknown filesystem"; return 1; } } + [[ -d "$2" ]] || mkdir -p "$2" + [[ -e /proc/mounts ]] && { grep -q -e "^$1 $2 $1" /proc/mounts && { log_info "$2 ($1) already mounted"; return 0; } } + mount -t "$1" "$1" "$2" +} + +bail_out() { + log_error "$@" + log_info "Rebooting..." + #exec reboot -f + exec sh +} + +get_ostree_sysroot() { + for opt in `cat /proc/cmdline`; do + arg=`echo $opt | cut -d'=' -f1` + if [ $arg == "ostree_root" ]; then + echo $opt | cut -d'=' -f2 + return + fi + done +} + +export PATH=/sbin:/usr/sbin:/bin:/usr/bin + +log_info "starting initrd script" + +do_mount_fs proc /proc +do_mount_fs sysfs /sys +do_mount_fs devtmpfs /dev +do_mount_fs devpts /dev/pts +do_mount_fs tmpfs /dev/shm +do_mount_fs tmpfs /tmp +do_mount_fs tmpfs /run + +# check if smack is active (and if so, mount smackfs) +grep -q smackfs /proc/filesystems && { + SMACK=y + + do_mount_fs smackfs /sys/fs/smackfs + + # adjust current label and network label + echo System >/proc/self/attr/current + echo System >/sys/fs/smackfs/ambient +} + +mkdir -p /sysroot +ostree_sysroot=$(get_ostree_sysroot) + +mount $ostree_sysroot /sysroot || bail_out "Unable to mount $ostree_sysroot as physical sysroot" +ostree-prepare-root /sysroot + +# move mounted devices to new root +cd /sysroot +for x in dev proc; do + log_info "Moving /$x to new rootfs" + mount -o move /$x $x +done + +# switch to new rootfs +log_info "Switching to new rootfs" +mkdir -p run/initramfs + +pivot_root . run/initramfs || bail_out "pivot_root failed." + +log_info "Launching target init" + +exec chroot . sh -c 'umount /run/initramfs; exec /sbin/init' \ + <dev/console >dev/console 2>&1 + diff --git a/meta-sota/recipes-sota/ostree-initrd/ostree-initrd.bb b/meta-sota/recipes-sota/ostree-initrd/ostree-initrd.bb new file mode 100644 index 0000000..5c85bee --- /dev/null +++ b/meta-sota/recipes-sota/ostree-initrd/ostree-initrd.bb @@ -0,0 +1,19 @@ +SUMMARY = "Extremely basic live image init script" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" +SRC_URI = "file://init.sh" + +S = "${WORKDIR}" + +do_install() { + install -dm 0755 ${D}/etc + touch ${D}/etc/initrd-release + install -dm 0755 ${D}/dev + install -dm 0755 ${D}/sbin + install -m 0755 ${WORKDIR}/init.sh ${D}/sbin/init +} + +inherit allarch + +FILES_${PN} += " /dev /etc/initrd-release /sbin/init " + diff --git a/meta-sota/recipes-sota/ostree/ostree_git.bb b/meta-sota/recipes-sota/ostree/ostree_git.bb index 6adac5f..b5675ab 100644 --- a/meta-sota/recipes-sota/ostree/ostree_git.bb +++ b/meta-sota/recipes-sota/ostree/ostree_git.bb @@ -7,6 +7,7 @@ inherit autotools-brokensep pkgconfig systemd INHERIT_remove_class-native = "systemd" SRC_URI = "gitsm://github.com/ostreedev/ostree.git;branch=master" + SRCREV="v2016.5" S = "${WORKDIR}/git" @@ -65,3 +66,9 @@ FILES_${PN} += " \ ${libdir}/girepository-1.0/OSTree-1.0.typelib \ " +PACKAGES =+ "${PN}-switchroot" + +FILES_${PN}-switchroot = "${sbindir}/ostree-prepare-root" +RDEPENDS_${PN}-switchroot = "" +DEPENDS_remove_class-native = "systemd-native" + |