Re: systemd-remount-fs and ConditionKernelCommandLine=!rw

[Lennart Poettering <lennart@xxxxxxxxxxxxxx>]

On Sa, 01.02.25 14:16, Etienne Champetier (champetier.etienne@xxxxxxxxx) wrote:

> Hello,
>
> If we have `rw` kargs, is systemd-remount-fs.service actually needed
> ?

The service is responsible for applying the mount options listed in
/etc/fstab onto all API VFS (i.e. /proc/ + /sys/ & co), the root fs,
and /usr/. This is necessary so that ro/rw on the kernel cmdline is
overriden by /etc/fstab's setting, whatever that might be, as well as
appliying and additional options the user might have specified there
for these file systems (because when we first mount all these we
generally don't check fstab on the host, because it's not accessible
in the initrd that early).

So, if you can guarantee that whatever options we apply to all these
mounts when first mounting them (i.e. the options hardcoded in PID 1
for the API VFS, plus the options specified on the kernel cmdline for
rootfs and usrfs) match what /etc/fstab has to say, then yeah, you
don't need syszemd-remount-fs.service.

i guess it really depends on how much customization regarding
additional mount options you want to allow your users though. Let's
say a user wants to enable quota or so on your writable root fs, then
they would normally set "usrquota" as mount option for it in
/etc/fstab, and it would work, but if you remove
systemd-remount-fs.service, then this will have zero effect. Hence
figure out what you want.

Also: note that if you have a modern initrd setup that properly fscks
the rootfs before mounting it and you definitely know you want the
rootfs writable and mutable (i.e. your OS doesn't support immutable
operation), then just drop "ro" from the kernel cmdline together,
there's really no point in first mounting it read-only just to very
shortly after remounting it writable anyway.

Lennart

--
Lennart Poettering, Berlin