|
 |
d3c3ab |
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
d3c3ab |
From: Jonathan Lebon <jonathan@jlebon.com>
|
|
|
d3c3ab |
Date: Wed, 17 Aug 2022 10:26:03 -0400
|
|
|
d3c3ab |
Subject: [PATCH] squish: BLS: only write /etc/kernel/cmdline if writable
|
|
|
d3c3ab |
|
|
|
d3c3ab |
On OSTree systems, `grub2-mkconfig` is run with `/etc` mounted read-only
|
|
|
d3c3ab |
because as part of the promise of transactional updates, we want to make
|
|
|
d3c3ab |
sure that we're not modifying the current deployment's state (`/etc` or
|
|
|
d3c3ab |
`/var`).
|
|
|
d3c3ab |
|
|
|
d3c3ab |
This conflicts with 0837dcdf1 ("BLS: create /etc/kernel/cmdline during
|
|
|
d3c3ab |
mkconfig") which wants to write to `/etc/kernel/cmdline`. I'm not
|
|
|
d3c3ab |
exactly sure on the background there, but based on the comment I think
|
|
|
d3c3ab |
the intent is to fulfill grubby's expectation that the file exists.
|
|
|
d3c3ab |
|
|
|
d3c3ab |
However, in systems like Silverblue, kernel arguments are managed by the
|
|
|
d3c3ab |
rpm-ostree stack and grubby is not shipped at all.
|
|
|
d3c3ab |
|
|
|
d3c3ab |
Adjust the script slightly so that we only write `/etc/kernel/cmdline`
|
|
|
d3c3ab |
if the parent directory is writable.
|
|
|
d3c3ab |
|
|
|
d3c3ab |
In the future, we're hoping to simplify things further on rpm-ostree
|
|
|
d3c3ab |
systems by not running `grub2-mkconfig` at all since libostree already
|
|
|
d3c3ab |
directly writes BLS entries. Doing that would also have avoided this,
|
|
|
d3c3ab |
but ratcheting it into existing systems needs more careful thought.
|
|
|
d3c3ab |
|
|
|
d3c3ab |
Signed-off-by: Jonathan Lebon <jonathan@jlebon.com>
|
|
|
d3c3ab |
|
|
|
d3c3ab |
Fixes: https://github.com/fedora-silverblue/issue-tracker/issues/322
|
|
|
d3c3ab |
(cherry picked from commit 3c3d1a3c4a2dc4adfb38c2724618fefc913a63fc)
|
|
|
d3c3ab |
---
|
|
|
d3c3ab |
util/grub.d/10_linux.in | 13 +++++++------
|
|
|
d3c3ab |
1 file changed, 7 insertions(+), 6 deletions(-)
|
|
|
d3c3ab |
|
|
|
d3c3ab |
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
|
|
|
d3c3ab |
index 5a7e5326da..b1b9255c32 100644
|
|
|
d3c3ab |
--- a/util/grub.d/10_linux.in
|
|
|
d3c3ab |
+++ b/util/grub.d/10_linux.in
|
|
|
d3c3ab |
@@ -166,12 +166,13 @@ update_bls_cmdline()
|
|
|
d3c3ab |
local cmdline="root=${LINUX_ROOT_DEVICE} ro ${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
|
|
|
d3c3ab |
local -a files=($(get_sorted_bls))
|
|
|
d3c3ab |
|
|
|
d3c3ab |
- if [[ ! -f /etc/kernel/cmdline ]] ||
|
|
|
d3c3ab |
- [[ /etc/kernel/cmdline -ot /etc/default/grub ]]; then
|
|
|
d3c3ab |
- # anaconda has the correct information to create this during install;
|
|
|
d3c3ab |
- # afterward, grubby will take care of syncing on updates. If the user
|
|
|
d3c3ab |
- # has modified /etc/default/grub, try to cope.
|
|
|
d3c3ab |
- echo "$cmdline" > /etc/kernel/cmdline
|
|
|
d3c3ab |
+ if [ -w /etc/kernel ] &&
|
|
|
d3c3ab |
+ [[ ! -f /etc/kernel/cmdline ||
|
|
|
d3c3ab |
+ /etc/kernel/cmdline -ot /etc/default/grub ]]; then
|
|
|
d3c3ab |
+ # anaconda has the correct information to create this during install;
|
|
|
d3c3ab |
+ # afterward, grubby will take care of syncing on updates. If the user
|
|
|
d3c3ab |
+ # has modified /etc/default/grub, try to cope.
|
|
|
d3c3ab |
+ echo "$cmdline" > /etc/kernel/cmdline
|
|
|
d3c3ab |
fi
|
|
|
d3c3ab |
|
|
|
d3c3ab |
for bls in "${files[@]}"; do
|