Am Freitag, den 27.03.2020, 10:17 -0700 schrieb Preston L. Bannister:
> Looking for a sanity check from the folk how know more of systemd than do I.
> Not looking for someone else to solve my problem, but could use a clue.
>
> Trying to figure out how to get an overlayfs root mounted early in boot.
>
> Building an embedded system that must not store any sensitive data when
> powered down. Found this was referred to on this list more recently as a
> "stateless" system. (And Tobias Hunger seems to have the most to say. :) ) We
> are using Centos8, with systemd 239. Starting point is a vanilla Centos8
> server installation to a small (8 or 32GB) flash volume.
>
> Had the (possibly) clever notion of using an overlayfs as the root mount,
> with a tmpfs as the upper, and the usual persistent volume as the lower. The
> initial round of configuration and test would just be against a stock Centos8
> install. Once fully configured and tested, would add a default boot menu item
> to boot with root mounted as an overlayfs, with the fully configured root
> volume as the read-only lower.
>
> Updates would be accomplished by booting from the original boot menu entry.
> (This is slightly complicated by the fact the target systems' computers do
> not have a console - but figure I can script altering the default boot.)
>
> Have what I think is a properly configured overlayfs root. Currently hung up
> on getting that root mounted early enough(?) in boot. Working down a list of
> possibilities. :)
>
> Have a script to repeatably build/rebuild the overlayfs root. Relevant
> commands (w/o supporting logic):
> ----
> BASE=/run/overlay_root
> OVERLAY=$BASE/merged
> ROOT_MOUNT=$OVERLAY/mnt/root
> mount -t tmpfs root-base $BASE ; mkdir $BASE/{lower,upper,work,merged}
> mount --bind / $BASE/lower
> mount -t overlayfs root-overlay $OVERLAY
> -olowerdir=$BASE/lower,upperdir=$BASE/upper,workdir=$BASE/work
> for d in boot dev proc run sys ; do mount --bind /$d $OVERLAY/$d ; done
> mkdir $ROOT_MOUNT ; mount --bind / $ROOT_MOUNT
> ----
> This all seems to work. The overlayfs prevents writes to persistent media in
> usual places. Have a path to write to persistent media. The special
> directories (that do not work from mounts to lower on an overlayfs) work as
> expected.
>
> What I do not have as yet is a means to get the overlayfs root mounted early
> in boot.
> 1. Does not look like /etc/fstab can create the overlayfs.
> 2. Tried the "systemd.volatile=yes" kernel command line, w/o luck.
> Substantial commits between 239 and 245 around this.
> 3. See systemd "pivot_root" and "switch_root", but not yet puzzled out usage.
>
> Looking for where/how to swap in the overlayfs root early in boot. Or tell me
> I'm an idiot, and this will not work. :/
Hi Preston,
So, you need a initramfs doing this for you and where you do all the
mounting. Or you use tmpfiles.d snippets and /etc as tmpfs. See
http://0pointer.net/blog/projects/stateless.html for more information.
BR
Silvio
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
