chiark / gitweb /
nspawn: create essential base directories at system bootup
authorKay Sievers <kay@vrfy.org>
Tue, 24 Jun 2014 11:30:11 +0000 (13:30 +0200)
committerKay Sievers <kay@vrfy.org>
Tue, 24 Jun 2014 13:41:03 +0000 (15:41 +0200)
This allows us to bootup a rootfs with a /usr directory only.

Makefile.am
src/core/machine-id-setup.c
src/nspawn/nspawn.c
src/shared/base-filesystem.c [new file with mode: 0644]
src/shared/base-filesystem.h [new file with mode: 0644]

index 37a164e..bc56d75 100644 (file)
@@ -827,7 +827,9 @@ libsystemd_shared_la_SOURCES = \
        src/shared/eventfd-util.c \
        src/shared/eventfd-util.h \
        src/shared/copy.c \
-       src/shared/copy.h
+       src/shared/copy.h \
+       src/shared/base-filesystem.c \
+       src/shared/base-filesystem.h
 
 nodist_libsystemd_shared_la_SOURCES = \
        src/shared/errno-from-name.h \
index e2e6d02..f154800 100644 (file)
@@ -181,6 +181,7 @@ int machine_id_setup(const char *root) {
                  * will be owned by root it doesn't matter much, but maybe
                  * people look. */
 
+                mkdir_parents(etc_machine_id, 0755);
                 fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
                 if (fd >= 0)
                         writable = true;
index 212f722..501bcca 100644 (file)
@@ -89,6 +89,7 @@
 #include "gpt.h"
 #include "siphash24.h"
 #include "copy.h"
+#include "base-filesystem.h"
 
 #ifdef HAVE_SECCOMP
 #include "seccomp-util.h"
@@ -3008,6 +3009,12 @@ int main(int argc, char *argv[]) {
                                           srv_device, srv_device_rw) < 0)
                                 goto child_fail;
 
+                        r = base_filesystem_create(arg_directory);
+                        if (r < 0) {
+                                log_error("creating base filesystem failed: %s", strerror(-r));
+                                goto child_fail;
+                        }
+
                         /* Turn directory into bind mount */
                         if (mount(arg_directory, arg_directory, "bind", MS_BIND|MS_REC, NULL) < 0) {
                                 log_error("Failed to make bind mount: %m");
diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c
new file mode 100644 (file)
index 0000000..a220101
--- /dev/null
@@ -0,0 +1,82 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+  This file is part of systemd.
+
+  Copyright 2014 Kay Sievers
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <errno.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include <unistd.h>
+
+#include "base-filesystem.h"
+#include "log.h"
+#include "macro.h"
+#include "util.h"
+#include "label.h"
+#include "mkdir.h"
+
+typedef struct BaseFilesystem {
+        const char *dir;
+        mode_t mode;
+        const char *target;
+} BaseFilesystem;
+
+static const BaseFilesystem table[] = {
+        { "bin",      0, "usr/bin"   },
+        { "lib",      0, "usr/lib"   },
+        { "lib64",    0, "usr/lib64" },
+        { "root",  0755, NULL },
+        { "sbin",     0, "usr/sbin"  },
+};
+
+int base_filesystem_create(const char *root) {
+        _cleanup_close_ int fd = -1;
+        unsigned i;
+        int r;
+
+        fd = open(root, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW);
+        if (fd < 0)
+                return -errno;
+
+        for (i = 0; i < ELEMENTSOF(table); i ++) {
+                if (table[i].target) {
+                        /* check if target exists */
+                        if (faccessat(fd, table[i].target, F_OK, AT_SYMLINK_NOFOLLOW) < 0)
+                                continue;
+
+                        r = symlinkat(table[i].target, fd, table[i].dir);
+                        if (r < 0 && errno != EEXIST) {
+                                log_error("Failed to create symlink at %s/%s: %m", root, table[i].dir);
+                                return -errno;
+                        }
+                        continue;
+                }
+
+                RUN_WITH_UMASK(0000)
+                        r = mkdirat(fd, table[i].dir, table[i].mode);
+                if (r < 0 && errno != EEXIST) {
+                        log_error("Failed to create directory at %s/%s: %m", root, table[i].dir);
+                        return -errno;
+                }
+        }
+
+        return 0;
+}
diff --git a/src/shared/base-filesystem.h b/src/shared/base-filesystem.h
new file mode 100644 (file)
index 0000000..03201f7
--- /dev/null
@@ -0,0 +1,24 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#pragma once
+
+/***
+  This file is part of systemd.
+
+  Copyright 2014 Kay Sievers
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+int base_filesystem_create(const char *root);