summaryrefslogtreecommitdiffstats
path: root/meta-netboot/recipes-core/initramfs-netboot
AgeCommit message (Collapse)AuthorFilesLines
2022-07-27meta-netboot: Add SELinux supportScott Murray1-0/+16
Changes: - Add logic to init.sh to handle autorelabeling the root filesystem if it is tagged as requiring it. In practice this should only be required when booting images built on hosts that have xattr support, or if relabeling is manually triggered on subsequent boots. There was a stated goal of avoiding the reboot from the later userspace handling of autorelabeling in CI, so this hook aims to enable that for the non-xattr build host corner case. - Add a resolv-conf-relabel recipe that installs a systemd unit to relabel /etc/resolv.conf when netbooting. This is required because the file always gets modified inside init.sh, and it does not seem worthwhile to always do the extra policy load required to relabel it in the initramfs. This may need to be revisited if it proves difficult to handle denials in early booting when netbooting. - Add the required extra packages for relabeling to IMAGE_INSTALL. Bug-AGL: SPEC-4332 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I26b27c1cea68a029264352bd206c160cac3d451e Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27791 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-05-16Replace "/etc" with "${sysconfidir}"duerpei1-3/+3
make them more standardized Bug-AGL: SPEC-4374 Signed-off-by: duerpei <duep.fnst@fujitsu.com> Change-Id: Ie11168254ab76acd11382b33501fb4881710a5bf Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27479 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-05-06Enable usrmergeScott Murray1-3/+3
An increasing number of advanced systemd features with respect to immutable systems and sandboxing are effectively dependent on the usrmerge distro feature, so it seems reasonable to enable it since upstream AGL currently requires systemd usage. See SPEC-4352 for more detailed discussion of rationale. Changes: - Add usrmerge to AGL_DEFAULT_DISTRO_FEATURES in poky-agl.conf. - Add workarounds via bbappends in meta-agl-bsp for the assumption of using /lib instead of ${nonarch_base_libdir} in various meta-rcar-gen3 kernel module recipes. This will be followed up with upstream to hopefully fix the recipes. - Replaced some explicit /sbin usage with ${sbindir} in the initramfs-netboot recipe used by the agl-netboot feature to avoid packaging errors. Bug-AGL: SPEC-4352 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ibc0ae1e2628aca6474401e0852bbb97085f4ecfa Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27437 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2021-11-04Prepare master for new framework integrationJan-Simon Moeller1-14/+1
During the last workshop the transition to the new framework was presented. This change essentially deprecates the SMACK-based application framework. To prepare the integration of it, we remove the deprecated components: - meta-agl-core: remove Smack kernel patches - meta-app-framework - meta-pipewire/dynamic-layers/meta-app-framework/ v2: rebased Bug-AGL: SPEC-4121 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Icdaeadfb5d2193f3a4c535168c88da6073423e67 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26752
2021-08-23Convert to new override syntaxScott Murray1-2/+2
This is mostly the result of running a slightly customized version of the convert-overrides.py script from poky with additional overrides added. A few minor fixups were done by hand afterwards during a review of the changes. The intent of these changes is to minimize the effort to keep the "next" branch that builds against poky master up to date and tested in preparation for the switch to the next Yocto LTS release in early 2022. Bug-AGL: SPEC-4052 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia3bf63b7cb1aa1d95ada373d1a3ab56def0a125d Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26564 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2020-03-12Update netboot initrd to persist the nbd connectionJan-Simon Moeller1-1/+1
Use -persist option for nbd. Bug-AGL: SPEC-3221 Bug-AGL: SPEC-3232 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Ia2eb94eeb3882b6546ebe9df04befdd42c99bd15
2019-10-23meta-netboot: don't use 'ip' command to detect boot interfaceStephane Desneux1-3/+29
This patch changes the method to detect the current network interface used for netboot. Instead of using the 'ip' command, it parses the content of /sys/class/net/* to detect the first running ethernet interface. Two new messages are now visible on the console in initramfs phase: -------------------------------------------------- /sbin/init[1]: find_active_interface: first active interface is eth0 /sbin/init[1]: Adjusting Connman command line. Will be: 'connmand -r -n -I eth0' -------------------------------------------------- Background: When booting using netboot, it's necessary to update connman command line options to ignore the network interface used for NBD connection. For this, the initramfs script tries to detect the interface in use by running 'ip -o link show state'. 'ip' command comes with iproute2 package but for various reasons, some AGL images like m3ulcb-nogfx don't have iproute2 installed. In this case, the 'ip' command is implemented by busybox, which doesn't support the '-o' option. This leads to issues when running connman as the command line is not properly updated. Bug-AGL: SPEC-2921 Change-Id: I5691f04ab462a148219b741d235247a2bfbc2e24 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2019-07-12netboot: adjust SMACK label for /etc/resolv.confStephane Desneux1-0/+1
When using netboot, the kernel is responsible for establishing the IP connection. For this reason, connman is instructed to "forget" this boot interface and /etc/resolv.conf is generated by the initrd script (from /proc/net/pnp). This patch removes the previously set SMACK label 'System' so file has label _, which makes it readable by any process. Bug-AGL: SPEC-2640 Change-Id: I13704827434a795aab2264755dc01ec796be8847 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2019-07-07netboot: systemd must mount /tmp and /runStephane Desneux1-2/+8
When using netboot, the initrd script mounts /tmp and /run before pivoting on the new rootfs and then running systemd. As a consequence, systemd doesn't try to remount /tmp or /run (and the correct smack labels are not applied on /tmp and /run, leading to many issues). This patch unmounts /tmp and /run just before running systemd which will then mount them with correct labels. Bug-AGL: SPEC-2596 Change-Id: I4cd7b67f04c232a6e48c777fb5fefa6c46f6744a Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2019-06-21Add support for nbd protocol v3Ronan Le Martret2-3/+12
Add a new cmdline argument using option 'nbd.v3' that could be parsed by the initrd script used for netboot. Bug-AGL: SPEC-1423 Change-Id: I1cd189c343672631feda5bcee2e393eb46b9d000 Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
2016-06-19meta-netboot: generate appropriate resolv.conf from /proc/net/pnpStephane Desneux1-2/+5
Change-Id: I5867a08162b1d9405c769c25d066c2d1e813bca8 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-06-10meta-netboot: mount remote filesystem with 'noatime' optionStephane Desneux1-1/+1
Change-Id: I7486c7b785673f0833409267f52db5c09663fcba Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-05-29add layer meta-netboot to enable network boot over NBD (Network Block Device)Stephane Desneux2-0/+168
To enable the build of network bootable images, the following line must be added to conf/local.conf: INHERIT += "netboot" This layer contains recipes for the following components: * busybox: activate the built-in NBD client * initramfs-netboot: contains the init script started by the kernel, responsible for mounting the remote root filesystem then pivoting and exec'ing systemd * initramfs-netboot-image: image to specify for building the initrd More details are available in meta-netboot/README. Bug-AGL: SPEC-175 Change-Id: Id2328dd9233d238cde77311e64e58344be244988 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>