29/11/12 13:10, intrigeri wrote: > Hi, > > ticket: https://tails.boum.org/todo/newer_live-boot/ > branch: feature/live-boot-3.x > candidate for 0.16 > > Tails ships a relatively old live-boot. We need to resync' with > upstream. Aside of the obvious reasons to do so, the new version > improves resilience of persistent data in some cases. > > I eventually took time to complete the update, adapt whatever had to > be, and test whatever feature I felt could be directly impacted (see > the ticket for details, please do mention the cases I have missed).
It seems you didn't test read-only persistence, cause it doesn't work any more. Let's look at the "Persistent" preset. In the end we'll end up with running this command: mount -t aufs -o noatime,noxino,dirs=/live/overlay//home/amnesia/Persistent=rw:/live/persistence/sdb2_unlocked/Persistent=rr+wh aufs /home/amnesia/Persistent which fails. In dmesg we'll find: [...] unsupported filesystem /live/overlay//home/amnesia/Persistent (aufs) I believe this is an upstream bug in aufs: it seems the symlink /live -> /lib/live messes up its filesystem detection. /live/overlay is really /lib/live/overlay, which is a tmpfs and thus supported by aufs. But aufs thinks it has the filesystem of where the /live symlink is stored, namely the root, which is aufs (aufs-over-aufs nesting isn't supported). Indeed, if I s@/live/overlay@/lib/live/overlay@ in the mount command above, it works again. However, I'm gonna call this a bug in live-boot instead. None of the persistence code has had the /live to /lib/live move made, and that would work around this potential aufs bug. And fix another, similar, path inconsistency bug which I think will affect our dotfiles (i.e. live-boot's "link" option) persistence preset in read-only mode: some code use "/live/rootfs" but it has been moved into "/lib/live/mount/rootfs". I must say I don't understand the /live to /lib/live move in live-boot. >From what I understand [1], the move is supposed to completely eliminate /live, but there's still so much stuff going on in /live so I'm not sure. Do you known what's going on? [1] http://lists.debian.org/debian-live/2012/10/msg00021.html I'm gonna think about this a bit more and perhaps ask on the debian-live mailing list (unless you have all the details) before I take proper action and hopefully get send a fix upstream tomorrow. Until then, the attached patch (against live-boot 3.0~b7-1) fixes the issues with read-only persistence in Tails from my tests (note: I only tested by patching 9990-overlay.sh in a running Tails session, but I doubt it'll break the boot part of live-boot since the patch only touches persistence code). > This branch also fixes an unrelated bug in live-persist, that made it > so --media was actually ignored until now. > > Note that once merged, the ticket should not be tagged pending right > away, as there are next steps that are waiting for the merge. > > 352a407 Fix live-persist --media option handling. > 908fee3 Fetch live-boot and live-config from our own APT repository. > 410fd22 Update doc to match new persistence volume mountpoint. > 0837dda Check for errors when sourcing live-boot files. > 69cc23e Adapt live-persist to new live-boot filenames > 4a37286 live-persist: move error() function before the first potential > usecase. > 9c96cb2 Add compatibility symlink from /live/image to /lib/live/mount/medium. > e9d6658 Fetch live-boot and live-config from sid. > c8ef15f Merge branch 'devel' into feature/live-boot-3.x > 72b98a2 Merge branch 'devel' into feature/live-boot-3.x > 31cc83f Update Live image mountpoint path to match new live-boot. > bf54c09 Update variables exported in live-persist to match new live-boot. > ae92107 Revert "Import live-config{,-sysvinit} 3.0.8-1." > 1e04c91 Merge branch 'testing' into feature/live-boot-3.x > 2cb4cc5 Import live-boot 3.0~b7-1. > 2399cde Import live-boot 3.0~b6-1. > 4faf089 Add a compatibility symlink from /live to /lib/live. Looks good! Cheers!
>From 3be83a6d7411065df6d764537b92177b8fa41cf2 Mon Sep 17 00:00:00 2001 From: Tails developers <amne...@boum.org> Date: Tue, 4 Dec 2012 18:00:46 +0100 Subject: [PATCH] Make the /live to /lib/live move for the persistence code. --- scripts/boot/9990-misc-helpers.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/scripts/boot/9990-misc-helpers.sh b/scripts/boot/9990-misc-helpers.sh index ace130b..f8e856e 100755 --- a/scripts/boot/9990-misc-helpers.sh +++ b/scripts/boot/9990-misc-helpers.sh @@ -728,7 +728,7 @@ mount_persistence_media () local device=${1} local probe=${2} - local backing="/live/persistence/$(basename ${device})" + local backing="/lib/live/persistence/$(basename ${device})" mkdir -p "${backing}" local old_backing="$(where_is_mounted ${device})" @@ -940,7 +940,7 @@ find_persistence_media () local white_listed_devices="${2}" local ret="" - local black_listed_devices="$(what_is_mounted_on /live/medium)" + local black_listed_devices="$(what_is_mounted_on /lib/live/medium)" for dev in $(storage_devices "${black_listed_devices}" "${white_listed_devices}") do @@ -1233,7 +1233,7 @@ do_union () get_custom_mounts () { - # Side-effect: leaves $devices with persistence.conf mounted in /live/persistence + # Side-effect: leaves $devices with persistence.conf mounted in /lib/live/persistence # Side-effect: prints info to file $custom_mounts local custom_mounts=${1} @@ -1271,7 +1271,7 @@ get_custom_mounts () if [ -n "${DEBUG}" ] && [ -e "${include_list}" ] then - cp ${include_list} /live/persistence/${persistence_list}.${device_name} + cp ${include_list} /lib/live/persistence/${persistence_list}.${device_name} fi while read dir options # < ${include_list} @@ -1282,9 +1282,9 @@ get_custom_mounts () continue fi - if trim_path ${dir} | grep -q -e "^[^/]" -e "^/live\(/.*\)\?$" -e "^/\(.*/\)\?\.\.\?\(/.*\)\?$" + if trim_path ${dir} | grep -q -e "^[^/]" -e "^/lib\(/.*\)\?$" -e "^/\(.*/\)\?\.\.\?\(/.*\)\?$" then - log_warning_msg "Skipping unsafe custom mount ${dir}: must be an absolute path containing neither the \".\" nor \"..\" special dirs, and cannot be \"/live\" or any sub-directory therein." + log_warning_msg "Skipping unsafe custom mount ${dir}: must be an absolute path containing neither the \".\" nor \"..\" special dirs, and cannot be \"/lib\" or any sub-directory therein." continue fi @@ -1451,7 +1451,7 @@ activate_custom_mounts () local rootfs_dest_backing="" if [ -n "${opt_link}"] then - for d in /live/rootfs/* + for d in /lib/live/mount/rootfs/* do if [ -n "${rootmnt}" ] then @@ -1473,8 +1473,8 @@ activate_custom_mounts () link_files ${source} ${dest} ${rootmnt} elif [ -n "${opt_link}" ] && [ -n "${PERSISTENCE_READONLY}" ] then - mkdir -p /live/persistence - local links_source=$(mktemp -d /live/persistence/links-source-XXXXXX) + mkdir -p /lib/live/persistence + local links_source=$(mktemp -d /lib/live/persistence/links-source-XXXXXX) chown_ref ${source} ${links_source} chmod_ref ${source} ${links_source} # We put the cow dir in the below strange place to @@ -1482,7 +1482,7 @@ activate_custom_mounts () # has its own directory and isn't nested with some # other custom mount (if so that mount's files would # be linked, causing breakage. - local cow_dir="/live/overlay/live/persistence/$(basename ${links_source})" + local cow_dir="/lib/live/mount/overlay/lib/live/persistence/$(basename ${links_source})" mkdir -p ${cow_dir} chown_ref "${source}" "${cow_dir}" chmod_ref "${source}" "${cow_dir}" @@ -1501,11 +1501,11 @@ activate_custom_mounts () # is non-empty (and necessary) only for unions if [ -n "${rootmnt}" ] then - local cow_dir="$(echo ${dest} | sed -e "s|^${rootmnt}|/live/overlay/|")" + local cow_dir="$(echo ${dest} | sed -e "s|^${rootmnt}|/lib/live/mount/overlay/|")" else # This is happens if persistence is activated # post boot - local cow_dir="/live/overlay/${dest}" + local cow_dir="/lib/live/mount/overlay/${dest}" fi if [ -e "${cow_dir}" ] && [ -z "${opt_link}" ] then -- 1.7.10.4
_______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev