From f8735714d019273bbc17beab1a288aed9291de62 Mon Sep 17 00:00:00 2001 From: Stephane Desneux Date: Wed, 3 Jul 2019 14:44:09 +0000 Subject: netboot: systemd must mount /tmp and /run When using netboot, the initrd script mounts /tmp and /run before pivoting on the new rootfs and then running systemd. As a consequence, systemd doesn't try to remount /tmp or /run (and the correct smack labels are not applied on /tmp and /run, leading to many issues). This patch unmounts /tmp and /run just before running systemd which will then mount them with correct labels. Bug-AGL: SPEC-2596 Change-Id: I4cd7b67f04c232a6e48c777fb5fefa6c46f6744a Signed-off-by: Stephane Desneux --- meta-netboot/recipes-core/initramfs-netboot/files/init.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'meta-netboot') diff --git a/meta-netboot/recipes-core/initramfs-netboot/files/init.sh b/meta-netboot/recipes-core/initramfs-netboot/files/init.sh index 2def28eb1..7064314a5 100644 --- a/meta-netboot/recipes-core/initramfs-netboot/files/init.sh +++ b/meta-netboot/recipes-core/initramfs-netboot/files/init.sh @@ -126,8 +126,8 @@ done # switch to new rootfs log_info "Switching to new rootfs" -mkdir -p run/initramfs -pivot_root . run/initramfs || bail_out "pivot_root failed." +mkdir -p boot/initramfs +pivot_root . boot/initramfs || bail_out "pivot_root failed." # workaround for connman (avoid bringing down the network interface used for booting, disable DNS proxy) if [[ -f /lib/systemd/system/connman.service ]]; then @@ -137,8 +137,14 @@ if [[ -f /lib/systemd/system/connman.service ]]; then fi # also use /proc/net/pnp to generate /etc/resolv.conf +rm -f /etc/resolv.conf grep -v bootserver /proc/net/pnp | sed 's/^domain/search/g' >/etc/resolv.conf +# unmount tmp and run to let systemd remount them with correct smack labels (SPEC-2596) +log_info "Unmounting /tmp and /run" +umount /tmp +umount /run + # finally, run systemd check_debug "Debug point 2. Exit to continue initrd script (run systemd)." -- cgit 1.2.3-korg