commit read-only-root-fs for openSUSE:Factory

Source-Sync Tue, 15 Apr 2025 11:49:37 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package read-only-root-fs for 
openSUSE:Factory checked in at 2025-04-15 20:47:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/read-only-root-fs (Old)
 and      /work/SRC/openSUSE:Factory/.read-only-root-fs.new.1907 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "read-only-root-fs"

Tue Apr 15 20:47:12 2025 rev:18 rq:1269648 version:1.0+git20250415.7e7aea4

Changes:
--------
--- /work/SRC/openSUSE:Factory/read-only-root-fs/read-only-root-fs.changes      
2024-02-29 21:49:17.491650190 +0100
+++ 
/work/SRC/openSUSE:Factory/.read-only-root-fs.new.1907/read-only-root-fs.changes
    2025-04-15 20:47:22.149805815 +0200
@@ -1,0 +2,19 @@
+Tue Apr 15 14:23:08 UTC 2025 - Fabian Vogt <fv...@suse.com>
+
+- Update to version 1.0+git20250415.7e7aea4:
+  * Add missing dependency on mountpoint
+
+-------------------------------------------------------------------
+Tue Apr 15 13:03:01 UTC 2025 - Fabian Vogt <fv...@suse.com>
+
+- Add missing dependencies for %post
+
+-------------------------------------------------------------------
+Mon Apr 14 13:26:18 UTC 2025 - fv...@suse.com
+
+- Update to version 1.0+git20250414.6ef7163:
+  * Add a note why we need to keep 10-read-only-root-fs.conf around
+  * Migrate from /etc overlays to subvolumes
+- Switch _service to use mode="manual"
+
+-------------------------------------------------------------------

Old:
----
  read-only-root-fs-1.0+git20240228.d85232a.tar.xz

New:
----
  read-only-root-fs-1.0+git20250415.7e7aea4.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ read-only-root-fs.spec ++++++
--- /var/tmp/diff_new_pack.wughnf/_old  2025-04-15 20:47:22.729829885 +0200
+++ /var/tmp/diff_new_pack.wughnf/_new  2025-04-15 20:47:22.729829885 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package read-only-root-fs
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           read-only-root-fs
-Version:        1.0+git20240228.d85232a
+Version:        1.0+git20250415.7e7aea4
 Release:        0
 Summary:        Files and Scripts for a RO root fileystem
 License:        GPL-2.0-or-later
@@ -28,17 +28,19 @@
 BuildRequires:  dracut
 BuildRequires:  update-bootloader-rpm-macros
 Requires:       dracut
-Requires(post): /usr/bin/mkdir /usr/bin/cat /usr/bin/sed
-Requires(post): gawk
+Requires(post): /usr/bin/mv /usr/bin/rsync /usr/bin/gawk /usr/sbin/btrfs
 Requires(post): snapper
 # Required if system with new /etc/fstab entries is supposed to be updated
-Conflicts:      transactional-update < 2.15
+Conflicts:      transactional-update < 5.0.0
+# Support for /etc as subvolume
+Conflicts:      combustion < 1.5
+Conflicts:      ignition < 2.21.0
 BuildArch:      noarch
 %{update_bootloader_requires}
 
 %description
 Files, scripts and directories to run the system with a
-read-only root filesystem with %{_sysconfdir} writeable via overlayfs.
+read-only root filesystem with nested writable %{_sysconfdir} BTRFS subvolume.
 
 This package should never be installed in an already running
 system! It should only be selected by a system role for a
@@ -64,12 +66,10 @@
 
 %install
 cp -a etc usr %{buildroot}
-mkdir -p %{buildroot}%{_localstatedir}/lib/overlay/work-etc
 
 %post
-if [ "$1" = 1 ] ; then
-    %{_sbindir}/setup-fstab-for-overlayfs
-    mkdir -p %{_localstatedir}/lib/overlay/1/etc
+if [ "$1" = 1 -a "`findmnt -n -o FSTYPE -l /`" = "btrfs" ] ; then
+    %{_libexecdir}/setup-etc-subvol
 fi
 if [ ! -e /boot/writable -a "`findmnt -n -o FSTYPE -l /`" = "btrfs" ]; then
     %{_sbindir}/mksubvolume /boot/writable
@@ -90,9 +90,10 @@
 
 %files
 %license COPYING
-%{_sbindir}/setup-fstab-for-overlayfs
-%{_localstatedir}/lib/overlay
+%{_libexecdir}/setup-etc-subvol
 %{_prefix}/lib/dracut/dracut.conf.d/10-read-only-root-fs.conf
+%dir %{_prefix}/lib/dracut/modules.d/50writable-etc
+%{_prefix}/lib/dracut/modules.d/50writable-etc/*
 %{_prefix}/lib/systemd/system-preset/*
 %dir %{_prefix}/lib/systemd/system/systemd-udevd.service.d
 %{_prefix}/lib/systemd/system/systemd-udevd.service.d/etcmount.conf

++++++ _service ++++++
--- /var/tmp/diff_new_pack.wughnf/_old  2025-04-15 20:47:22.777831877 +0200
+++ /var/tmp/diff_new_pack.wughnf/_new  2025-04-15 20:47:22.785832210 +0200
@@ -1,15 +1,15 @@
 <services>
-  <service name="tar_scm" mode="disabled">
+  <service name="tar_scm" mode="manual">
     <param name="version">1.0</param>
     <param name="versionformat">1.0+git%cd.%h</param>
     <param name="url">https://github.com/openSUSE/read-only-root-fs.git</param>
     <param name="scm">git</param>
     <param name="changesgenerate">enable</param>
   </service>
-  <service name="recompress" mode="disabled">
+  <service name="recompress" mode="manual">
     <param name="compression">xz</param>
     <param name="file">*.tar</param>
   </service>
-  <service name="set_version" mode="disabled"/>
+  <service name="set_version" mode="manual"/>
 </services>
 

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.wughnf/_old  2025-04-15 20:47:22.813833372 +0200
+++ /var/tmp/diff_new_pack.wughnf/_new  2025-04-15 20:47:22.817833538 +0200
@@ -1,7 +1,7 @@
 <servicedata>
   <service name="tar_scm">
     <param name="url">https://github.com/openSUSE/read-only-root-fs.git</param>
-    <param 
name="changesrevision">d85232a9c138eb6dc768c97ac3a5b2d80c16b7e6</param>
+    <param 
name="changesrevision">7e7aea42996f68a4ade290aa0b1542d6ccb5f46d</param>
   </service>
 </servicedata>
 (No newline at EOF)

++++++ read-only-root-fs-1.0+git20240228.d85232a.tar.xz -> 
read-only-root-fs-1.0+git20250415.7e7aea4.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/lib/dracut/dracut.conf.d/10-read-only-root-fs.conf
 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/lib/dracut/dracut.conf.d/10-read-only-root-fs.conf
--- 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/lib/dracut/dracut.conf.d/10-read-only-root-fs.conf
        2024-02-28 14:01:51.000000000 +0100
+++ 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/lib/dracut/dracut.conf.d/10-read-only-root-fs.conf
        2025-04-15 16:19:23.000000000 +0200
@@ -1,2 +1,3 @@
+# Snapshots created by t-u < 5 still have an overlayfs on /etc
 add_dracutmodules+=" systemd-initrd "
 force_drivers+=" overlay "
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/lib/dracut/modules.d/50writable-etc/module-setup.sh
 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/lib/dracut/modules.d/50writable-etc/module-setup.sh
--- 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/lib/dracut/modules.d/50writable-etc/module-setup.sh
       1970-01-01 01:00:00.000000000 +0100
+++ 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/lib/dracut/modules.d/50writable-etc/module-setup.sh
       2025-04-15 16:19:23.000000000 +0200
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+check() {
+    return 0
+}
+
+install() {
+    inst_multiple mountpoint
+
+    mkdir -p "${initdir}/$systemdsystemunitdir/initrd-parse-etc.service.d"
+    inst_simple "$moddir/writable-etc.conf" 
"$systemdsystemunitdir/initrd-parse-etc.service.d/writable-etc.conf"
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/lib/dracut/modules.d/50writable-etc/writable-etc.conf
 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/lib/dracut/modules.d/50writable-etc/writable-etc.conf
--- 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/lib/dracut/modules.d/50writable-etc/writable-etc.conf
     1970-01-01 01:00:00.000000000 +0100
+++ 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/lib/dracut/modules.d/50writable-etc/writable-etc.conf
     2025-04-15 16:19:23.000000000 +0200
@@ -0,0 +1,8 @@
+[Service]
+# /etc is a subvolume of the read-only root file system, so also mounted
+# read-only. Mounting it read-write requires a two step process:
+# - Bind mount the subvolume to get a dedicated mount point
+# - Remount that bind mount as read-write
+# Unfortunately systemd does not support two lines for one mount point,
+# so the remount part is done manually here.
+ExecStart=/bin/sh -e -c 'if mountpoint -q /sysroot/etc; then mount -o 
remount,rw /sysroot/etc; fi'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/lib/systemd/system/systemd-remount-fs.service.d/writableagain.conf
 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/lib/systemd/system/systemd-remount-fs.service.d/writableagain.conf
--- 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/lib/systemd/system/systemd-remount-fs.service.d/writableagain.conf
        2024-02-28 14:01:51.000000000 +0100
+++ 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/lib/systemd/system/systemd-remount-fs.service.d/writableagain.conf
        2025-04-15 16:19:23.000000000 +0200
@@ -3,3 +3,6 @@
 # ro-remount of /, so that the filesystem is writable again as
 # quickly as possible (boo#1156421).
 ExecStart=/bin/sh -e -c 'if mountpoint -q /boot/writable; then mount -o 
remount,rw /boot/writable; fi'
+# Changing the read/write mode of a bind mount needs a second
+# fstab entry, but systemd doesn't support set by itself
+ExecStart=/bin/sh -e -c 'if mountpoint -q /etc; then mount -o remount,rw /etc; 
fi'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/libexec/setup-etc-subvol 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/libexec/setup-etc-subvol
--- old/read-only-root-fs-1.0+git20240228.d85232a/usr/libexec/setup-etc-subvol  
1970-01-01 01:00:00.000000000 +0100
+++ new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/libexec/setup-etc-subvol  
2025-04-15 16:19:23.000000000 +0200
@@ -0,0 +1,28 @@
+#!/bin/sh -e
+#
+# Copyright (c) 2019-2025 SUSE Linux GmbH, Nuernberg, Germany
+#
+# Create nested /etc subvolume and add it to fstab.
+
+# Already there?
+if [ -e /etc/fstab ] && [ -n "$(awk '$2 == "/etc"' /etc/fstab)" ]; then
+       echo "ERROR: Conflicting /etc entry found - cannot create nested 
subvolume."
+       exit 1
+fi
+
+echo "Creating nested /etc subvolume..."
+mv /etc /etc.transactional-update
+btrfs subvolume create /etc
+rsync --quiet --archive --xattrs --acls /etc.transactional-update/ /etc
+rm -r /etc.transactional-update
+
+# Add entry for /etc
+echo "/etc /etc none bind,x-initrd.mount 0 0" >> /etc/fstab
+
+# Still expected by components such as Combustion
+gawk -i inplace '$2 == "/var" { $4 = $4",x-initrd.mount" } { print $0 }' 
/etc/fstab
+
+# Make the /root subvolume available during ignition runs (boo#1161264)
+gawk -i inplace '$2 == "/root" { $4 = $4",x-initrd.mount" } { print $0 }' 
/etc/fstab
+
+exit 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/sbin/setup-fstab-for-overlayfs
 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/sbin/setup-fstab-for-overlayfs
--- 
old/read-only-root-fs-1.0+git20240228.d85232a/usr/sbin/setup-fstab-for-overlayfs
    2024-02-28 14:01:51.000000000 +0100
+++ 
new/read-only-root-fs-1.0+git20250415.7e7aea4/usr/sbin/setup-fstab-for-overlayfs
    1970-01-01 01:00:00.000000000 +0100
@@ -1,34 +0,0 @@
-#!/bin/sh
-#
-# Copyright (c) 2019 SUSE Linux GmbH, Nuernberg, Germany
-#
-# Add mountpoint for the /etc overlay and workaround for /var to /etc/fstab
-#
-
-# Already there?
-if [ -e /etc/fstab ] && grep -qE '^overlay[[:space:]]+/etc[[:space:]]' 
/etc/fstab; then
-       exit 0 # Do nothing
-fi
-
-# Not a fresh installation?
-if [ -e /etc/fstab.sys ]; then
-       # Let transactional-update handle the migration - doing anything here 
would be pointless
-       # as it's only written into the overlay anyway and if for some reason 
transactional-update
-       # is too old, it would result in duplicate /etc entries.
-       exit 0
-fi
-
-# Add entry for /etc
-# Workaround for bsc#1121276 is to prefix paths in /etc/fstab options with 
/sysroot,
-# which also means duplicating the x-systemd.requires-mounts-for entry for 
/etc.
-cat << EOF >> /etc/fstab
-overlay /etc overlay 
defaults,lowerdir=/sysroot/etc,upperdir=/sysroot/var/lib/overlay/1/etc,workdir=/sysroot/var/lib/overlay/work-etc,x-systemd.requires-mounts-for=/var,x-systemd.requires-mounts-for=/sysroot/var,x-initrd.mount
 0 0
-EOF
-
-# Workaround for bsc#1121279
-gawk -i inplace '$2 == "/var" { $4 = $4",x-initrd.mount" } { print $0 }' 
/etc/fstab
-
-# Make the /root subvolume available during ignition runs (boo#1161264)
-gawk -i inplace '$2 == "/root" { $4 = $4",x-initrd.mount" } { print $0 }' 
/etc/fstab
-
-exit 0

commit read-only-root-fs for openSUSE:Factory

Reply via email to