Re: Questions about systemd's "root storage daemon" concept

[Lennart Poettering <lennart@xxxxxxxxxxxxxx>]

On Mo, 25.01.21 19:04, Martin Wilck (mwilck@xxxxxxxx) wrote:

> Is there any way for the daemon to get notified if root is switched?

/proc/self/mountinfo sends out notification events via inotify when
mounts are established/removed. I am pretty sure pivot_root() also
generates that. Your daemon could subscribe to that, and then recheck
each time if /etc/initrd-release is still accessible. Once you see
ENOENT on that you can assume the switch root took place, then close
the inotify.

> Would there be a potential security issue because the daemon keeps a
> reference to the intird root FS?

Modern initrds transition their own root to /run/initramfs anyway, so
this shouldn't be a problem normally.

> Imagine two parallel instances of systemd-udevd (IMO there are reasons
> to handle it like a "root storage daemon" in some distant future).

Hmm, wa? naahh.. udev is about dicovery it should not be required to
maintain access to something you found.

> > option two: if you cannot have multiple instances of your subsystem,
> > then the only option is to make the initrd version manage
> > everything. But of course, that sucks, but there's little one can do
> > about that.
>
> Why would it be so bad? I would actually prefer a single instance for
> most subsystems. But maybe I'm missing something.

Well, because you can't update things on-the-fly then, you cannot
reexec since everything is backed by initrd. You cannot restart
things, and so on.

Lennart

--
Lennart Poettering, Berlin
_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel