On Mi, 27.01.21 21:51, Martin Wilck (mwilck@xxxxxxxx) wrote:
> Meanwhile I've looked a bit deeper into the problems accessing "/dev"
> that I talked about in my other post. scandir on "/" actually returns
> an empty directory after switching root, and any path lookups for
> absolute paths fail. I didn't expect that, because I thought systemd
> removed the contents of the old root, and stopped on (bind) mounts.
> Again, this is systemd-234.
Oh, right we actually use MS_MOVE to move the old /dev to the new
root. If you stay behind in the old you won't see anything anymore — it
got moved away.
Note that the switch root code also attempts to empty out the initrd
after the transition, or what's left of it. You might want to make the
initrd read-only if that is a problem to you.
> If I chdir("/run") before switching root and chroot("..") afterwards
> (*), I'm able to access everything just fine (**). However, if I do
> this, I end up in the real root file system, which is what I wanted to
> avoid in the first place.
Yes, this works the way it works, because /run is moved to the new
root, and thus if you chroot its parent you are in the new root.
> So, I guess I'll have to create bind mounts for /dev, /sys etc. in the
> old root, possibly after entering a private mount namespace?
if you want the initrd environment to fully continue to exist,
consider creating a new mount namespace, bind mount the initrd root
into it recursively to some new dir you created. Then afterwards mark
that mount MS_PRIVATE. then pivot_root()+chroot()+chdir() into your
new old world.
also, make the initrd superblock read-only, if you need its contents.
> The other option would be to save fd's for the file systems I need to
> access and use opendirat() only. Right?
That works too, if you can.
> (**) For notification about switching root, I used epoll(EPOLLPRI) on
> /proc/self/mountinfo, because I read that inotify doesn't work on proc.
> polling for EPOLLPRI works just fine.
Right, sorry. POLLPRI is the right API. inotify is used by cgroupfs
for similar notifications, and I mixed that up. for
/proc/self/mountinfo POLLPRI is the right choice.
Lennart
--
Lennart Poettering, Berlin
_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: Questions about systemd's "root storage daemon" concept
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Questions about systemd's "root storage daemon" concept
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Wed, 27 Jan 2021 23:56:32 +0100
- Cc: Franck Bui <fbui@xxxxxxxx>, systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <fc0d888a5bf7f809ec7e586001632cc78eaa129e.camel@suse.com>
- References: <9f530958929000658e91c3fb0535e2c95a39347e.camel@suse.com> <20210125173312.GA25212@gardel-login> <4e32391dc08e4cd2fd1f7ccfd35d5f4c00c68b01.camel@suse.com> <20210126103351.GB25897@gardel-login> <fc0d888a5bf7f809ec7e586001632cc78eaa129e.camel@suse.com>
- Follow-Ups:
- Re: Questions about systemd's "root storage daemon" concept
- From: Martin Wilck
- Re: Questions about systemd's "root storage daemon" concept
- References:
- Questions about systemd's "root storage daemon" concept
- From: Martin Wilck
- Re: Questions about systemd's "root storage daemon" concept
- From: Lennart Poettering
- Re: Questions about systemd's "root storage daemon" concept
- From: Martin Wilck
- Re: Questions about systemd's "root storage daemon" concept
- From: Lennart Poettering
- Re: Questions about systemd's "root storage daemon" concept
- From: Martin Wilck
- Questions about systemd's "root storage daemon" concept
- Prev by Date: Re: Questions about systemd's "root storage daemon" concept
- Next by Date: udev and btrfs multiple devices
- Previous by thread: Re: Questions about systemd's "root storage daemon" concept
- Next by thread: Re: Questions about systemd's "root storage daemon" concept
- Index(es):
 |