[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libguestfs] What to do about mounting filesystems, febootstrap's /init



* Richard W.M. Jones:

> I forgot an important one:
>
> - Mustn't require root.

This was on my list, of course.

But never mind, I am already less enthusiastic about the idea.

What initramfs-tools puts into the initrd is tied to what is installed
on the host system. One would need to maintain a list of what essentials
need to be included in the initrd and clean out everything else.

> dracut basically requires root for everything.  

Does it? I didn't run into _that_ problem.

There is a dracut package in Debian/unstable, but it hasn't been kept
up-to-date and it wouldn't build an initrd for me because it didn't find
some files installed in the system. There seems to be more that needs to
be straightened out first.

For the moment, I lean towards using febootstrap from your git
repository plus the attached patch to helper/init.c and uploading that
to Debian.

When somebody comes up with a solution for using dracut, initramfs-tools
or whatever for building febootstrap's initrd, the binary /init can
still be replaced. I'll certainly keep this in mind as a goal, but right
now I'd rather put efforts to libguestfs packages.

> We used to use fakeroot/fakechroot in febootstrap 2.x, and it was a
> world of pain.

What kinds of pain? fakeroot is used to build Debian packages all the
time.

-Hilko
diff --git a/helper/init.c b/helper/init.c
index 34a8450..4609890 100644
--- a/helper/init.c
+++ b/helper/init.c
@@ -62,7 +62,7 @@ static const char *moderror(int err)
  */
 #define verbose 1
 
-static void mount_proc (void);
+static void do_mount (const char*, const char*, const char*, unsigned long, const void*);
 static void print_uptime (void);
 static void insmod (const char *filename);
 static void show_directory (const char *dir);
@@ -72,23 +72,20 @@ static char line[1024];
 int
 main ()
 {
-  mount_proc ();
+  /* mount -t proc -o nodev,noexec,nosuid proc /proc */
+  do_mount ("proc", "/proc", "proc", MS_NODEV|MS_NOEXEC|MS_NOSUID, "");
 
   print_uptime ();
   fprintf (stderr, "febootstrap: ext2 mini initrd starting up\n");
 
-  /* Create some fixed directories. */
-  mkdir ("/dev", 0755);
-  mkdir ("/root", 0755);
-  mkdir ("/sys", 0755);
-
-  /* Mount /sys. */
-  if (verbose)
-    fprintf (stderr, "febootstrap: mounting /sys\n");
-  if (mount ("sysfs", "/sys", "sysfs", 0, "") == -1) {
-    perror ("mount: /sys");
-    exit (EXIT_FAILURE);
-  }
+  /* mount -t devtmpfs -o mode=0755 udev /dev */
+  do_mount ("udev", "/dev", "devtmpfs", 0, "mode=0755");
+  /* mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts */
+  do_mount ("devpts", "/dev/pts", "devtmpfs", MS_NOEXEC|MS_NOSUID, "gid=5,mode=0620");
+  /* mount -t sysfs -o nodev,noexec,nosuid sysfs /sys */
+  do_mount ("sysfs", "/sys", "sysfs", MS_NODEV|MS_NOEXEC|MS_NOSUID, "");
+  /* mount -t tmpfs -o "nosuid,size=20%,mode=0755" tmpfs /run */
+  do_mount ("tmpfs", "/run", "tmpfs", MS_NOSUID, "size=20%,mode=0755");
 
   FILE *fp = fopen ("/modules", "r");
   if (fp == NULL) {
@@ -144,10 +141,6 @@ main ()
   int minor = atoi (p);
 
   fclose (fp);
-  if (umount ("/sys") == -1) {
-    perror ("umount: /sys");
-    exit (EXIT_FAILURE);
-  }
 
   if (verbose)
     fprintf (stderr, "febootstrap: creating /dev/root as block special %d:%d\n",
@@ -161,10 +154,12 @@ main ()
   /* Mount new root and chroot to it. */
   if (verbose)
     fprintf (stderr, "febootstrap: mounting new root on /root\n");
-  if (mount ("/dev/root", "/root", "ext2", MS_NOATIME, "") == -1) {
-    perror ("mount: /root");
-    exit (EXIT_FAILURE);
-  }
+
+  do_mount ("/dev/root", "/root", "ext2", MS_NOATIME, "");
+  do_mount ("/dev", "/root/dev", "", MS_MOVE, "");
+  do_mount ("/proc", "/root/proc", "", MS_MOVE, "");
+  do_mount ("/run", "/root/run", "", MS_MOVE, "");
+  do_mount ("/sys", "/root/sys", "", MS_MOVE, "");
 
   /* Note that pivot_root won't work.  See the note in
    * Documentation/filesystems/ramfs-rootfs-initramfs.txt
@@ -234,20 +229,18 @@ insmod (const char *filename)
   }
 }
 
-/* Mount /proc unless it's mounted already. */
 static void
-mount_proc (void)
+do_mount (const char *source, const char *target,
+          const char *filesystemtype, unsigned long mountflags,
+          const void *data)
 {
-  if (access ("/proc/uptime", R_OK) == -1) {
-    mkdir ("/proc", 0755);
-
-    if (verbose)
-      fprintf (stderr, "febootstrap: mounting /proc\n");
-
-    if (mount ("proc", "/proc", "proc", 0, "") == -1) {
-      perror ("mount: /proc");
-      /* Non-fatal. */
-    }
+  if (access (target, X_OK) == -1)
+    mkdir (target, 0755);
+  if (verbose)
+    fprintf (stderr, "febootstrap: mounting %s\n", target);
+  if (mount (source, target, filesystemtype, mountflags, data) == -1) {
+    fprintf (stderr, "mount: %s: %m", target);
+    exit (EXIT_FAILURE);
   }
 }

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]