29/11/12 13:10, intrigeri wrote:
> Hi,
>
> ticket: https://tails.boum.org/todo/newer_live-boot/
> branch: feature/live-boot-3.x
> candidate for 0.16
>
> Tails ships a relatively old live-boot. We need to resync' with
> upstream. Aside of the obvious reasons to do so, the new version
> improves resilience of persistent data in some cases.
>
> I eventually took time to complete the update, adapt whatever had to
> be, and test whatever feature I felt could be directly impacted (see
> the ticket for details, please do mention the cases I have missed).
It seems you didn't test read-only persistence, cause it doesn't work
any more. Let's look at the "Persistent" preset. In the end we'll end up
with running this command:
mount -t aufs -o
noatime,noxino,dirs=/live/overlay//home/amnesia/Persistent=rw:/live/persistence/sdb2_unlocked/Persistent=rr+wh
aufs /home/amnesia/Persistent
which fails. In dmesg we'll find:
[...] unsupported filesystem /live/overlay//home/amnesia/Persistent
(aufs)
I believe this is an upstream bug in aufs: it seems the symlink /live ->
/lib/live messes up its filesystem detection. /live/overlay is really
/lib/live/overlay, which is a tmpfs and thus supported by aufs. But aufs
thinks it has the filesystem of where the /live symlink is stored,
namely the root, which is aufs (aufs-over-aufs nesting isn't supported).
Indeed, if I s@/live/overlay@/lib/live/overlay@ in the mount command
above, it works again.
However, I'm gonna call this a bug in live-boot instead. None of the
persistence code has had the /live to /lib/live move made, and that
would work around this potential aufs bug. And fix another, similar,
path inconsistency bug which I think will affect our dotfiles (i.e.
live-boot's "link" option) persistence preset in read-only mode: some
code use "/live/rootfs" but it has been moved into "/lib/live/mount/rootfs".
I must say I don't understand the /live to /lib/live move in live-boot.
>From what I understand [1], the move is supposed to completely eliminate
/live, but there's still so much stuff going on in /live so I'm not
sure. Do you known what's going on?
[1] http://lists.debian.org/debian-live/2012/10/msg00021.html
I'm gonna think about this a bit more and perhaps ask on the debian-live
mailing list (unless you have all the details) before I take proper
action and hopefully get send a fix upstream tomorrow. Until then, the
attached patch (against live-boot 3.0~b7-1) fixes the issues with
read-only persistence in Tails from my tests (note: I only tested by
patching 9990-overlay.sh in a running Tails session, but I doubt it'll
break the boot part of live-boot since the patch only touches
persistence code).
> This branch also fixes an unrelated bug in live-persist, that made it
> so --media was actually ignored until now.
>
> Note that once merged, the ticket should not be tagged pending right
> away, as there are next steps that are waiting for the merge.
>
> 352a407 Fix live-persist --media option handling.
> 908fee3 Fetch live-boot and live-config from our own APT repository.
> 410fd22 Update doc to match new persistence volume mountpoint.
> 0837dda Check for errors when sourcing live-boot files.
> 69cc23e Adapt live-persist to new live-boot filenames
> 4a37286 live-persist: move error() function before the first potential
> usecase.
> 9c96cb2 Add compatibility symlink from /live/image to /lib/live/mount/medium.
> e9d6658 Fetch live-boot and live-config from sid.
> c8ef15f Merge branch 'devel' into feature/live-boot-3.x
> 72b98a2 Merge branch 'devel' into feature/live-boot-3.x
> 31cc83f Update Live image mountpoint path to match new live-boot.
> bf54c09 Update variables exported in live-persist to match new live-boot.
> ae92107 Revert "Import live-config{,-sysvinit} 3.0.8-1."
> 1e04c91 Merge branch 'testing' into feature/live-boot-3.x
> 2cb4cc5 Import live-boot 3.0~b7-1.
> 2399cde Import live-boot 3.0~b6-1.
> 4faf089 Add a compatibility symlink from /live to /lib/live.
Looks good!
Cheers!
>From 3be83a6d7411065df6d764537b92177b8fa41cf2 Mon Sep 17 00:00:00 2001
From: Tails developers <amne...@boum.org>
Date: Tue, 4 Dec 2012 18:00:46 +0100
Subject: [PATCH] Make the /live to /lib/live move for the persistence code.
---
scripts/boot/9990-misc-helpers.sh | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/scripts/boot/9990-misc-helpers.sh b/scripts/boot/9990-misc-helpers.sh
index ace130b..f8e856e 100755
--- a/scripts/boot/9990-misc-helpers.sh
+++ b/scripts/boot/9990-misc-helpers.sh
@@ -728,7 +728,7 @@ mount_persistence_media ()
local device=${1}
local probe=${2}
- local backing="/live/persistence/$(basename ${device})"
+ local backing="/lib/live/persistence/$(basename ${device})"
mkdir -p "${backing}"
local old_backing="$(where_is_mounted ${device})"
@@ -940,7 +940,7 @@ find_persistence_media ()
local white_listed_devices="${2}"
local ret=""
- local black_listed_devices="$(what_is_mounted_on /live/medium)"
+ local black_listed_devices="$(what_is_mounted_on /lib/live/medium)"
for dev in $(storage_devices "${black_listed_devices}" "${white_listed_devices}")
do
@@ -1233,7 +1233,7 @@ do_union ()
get_custom_mounts ()
{
- # Side-effect: leaves $devices with persistence.conf mounted in /live/persistence
+ # Side-effect: leaves $devices with persistence.conf mounted in /lib/live/persistence
# Side-effect: prints info to file $custom_mounts
local custom_mounts=${1}
@@ -1271,7 +1271,7 @@ get_custom_mounts ()
if [ -n "${DEBUG}" ] && [ -e "${include_list}" ]
then
- cp ${include_list} /live/persistence/${persistence_list}.${device_name}
+ cp ${include_list} /lib/live/persistence/${persistence_list}.${device_name}
fi
while read dir options # < ${include_list}
@@ -1282,9 +1282,9 @@ get_custom_mounts ()
continue
fi
- if trim_path ${dir} | grep -q -e "^[^/]" -e "^/live\(/.*\)\?$" -e "^/\(.*/\)\?\.\.\?\(/.*\)\?$"
+ if trim_path ${dir} | grep -q -e "^[^/]" -e "^/lib\(/.*\)\?$" -e "^/\(.*/\)\?\.\.\?\(/.*\)\?$"
then
- log_warning_msg "Skipping unsafe custom mount ${dir}: must be an absolute path containing neither the \".\" nor \"..\" special dirs, and cannot be \"/live\" or any sub-directory therein."
+ log_warning_msg "Skipping unsafe custom mount ${dir}: must be an absolute path containing neither the \".\" nor \"..\" special dirs, and cannot be \"/lib\" or any sub-directory therein."
continue
fi
@@ -1451,7 +1451,7 @@ activate_custom_mounts ()
local rootfs_dest_backing=""
if [ -n "${opt_link}"]
then
- for d in /live/rootfs/*
+ for d in /lib/live/mount/rootfs/*
do
if [ -n "${rootmnt}" ]
then
@@ -1473,8 +1473,8 @@ activate_custom_mounts ()
link_files ${source} ${dest} ${rootmnt}
elif [ -n "${opt_link}" ] && [ -n "${PERSISTENCE_READONLY}" ]
then
- mkdir -p /live/persistence
- local links_source=$(mktemp -d /live/persistence/links-source-XXXXXX)
+ mkdir -p /lib/live/persistence
+ local links_source=$(mktemp -d /lib/live/persistence/links-source-XXXXXX)
chown_ref ${source} ${links_source}
chmod_ref ${source} ${links_source}
# We put the cow dir in the below strange place to
@@ -1482,7 +1482,7 @@ activate_custom_mounts ()
# has its own directory and isn't nested with some
# other custom mount (if so that mount's files would
# be linked, causing breakage.
- local cow_dir="/live/overlay/live/persistence/$(basename ${links_source})"
+ local cow_dir="/lib/live/mount/overlay/lib/live/persistence/$(basename ${links_source})"
mkdir -p ${cow_dir}
chown_ref "${source}" "${cow_dir}"
chmod_ref "${source}" "${cow_dir}"
@@ -1501,11 +1501,11 @@ activate_custom_mounts ()
# is non-empty (and necessary) only for unions
if [ -n "${rootmnt}" ]
then
- local cow_dir="$(echo ${dest} | sed -e "s|^${rootmnt}|/live/overlay/|")"
+ local cow_dir="$(echo ${dest} | sed -e "s|^${rootmnt}|/lib/live/mount/overlay/|")"
else
# This is happens if persistence is activated
# post boot
- local cow_dir="/live/overlay/${dest}"
+ local cow_dir="/lib/live/mount/overlay/${dest}"
fi
if [ -e "${cow_dir}" ] && [ -z "${opt_link}" ]
then
--
1.7.10.4
_______________________________________________
tails-dev mailing list
tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
