> This patch allows you to expose the root read only, this > way you could upgrade the root filesystem without requiring > the user to reboot. The root filesystem could be kept on > an nfs volume or some other persistent medium. Multiple > clients could then be booted off the same root fs. I used > ltsp as a template to determine which directories to make rw. > > This is the first cut, suggestions are welcome. > > Bugs: > > X will not work because xdebconfigurator uses debconf to > change values. You can still set things up manually with > X -configure
Daniel, any thoughts or suggestions on this patch? thanks, Jesse > commit 516fc6fad24b0114376886a2f2847e790f1c5ad0 > Author: Jesse Hathaway <[EMAIL PROTECTED]> > Date: Tue Oct 2 12:18:40 2007 -0400 > > add option --exposed-root which allows the root > filesystem to be read only and not covered by > the union filesystem > > diff --git a/functions/defaults.sh b/functions/defaults.sh > index 5d971d8..611c88c 100755 > --- a/functions/defaults.sh > +++ b/functions/defaults.sh > @@ -432,6 +432,9 @@ Set_defaults () > # Setting chroot filesystem > LH_CHROOT_FILESYSTEM="${LH_CHROOT_FILESYSTEM:-squashfs}" > > + # Setting whether to expose root filesystem as read only > + LH_EXPOSED_ROOT="${LH_EXPOSED_ROOT:-disabled}" > + > # Setting union filesystem > LH_UNION_FILESYSTEM="${LH_UNION_FILESYSTEM:-unionfs}" > > diff --git a/helpers/lh_binary_grub b/helpers/lh_binary_grub > index 4bb5f7d..6ba7937 100755 > --- a/helpers/lh_binary_grub > +++ b/helpers/lh_binary_grub > @@ -172,6 +172,11 @@ then > esac > fi > > +if [ "${LH_EXPOSED_ROOT}" != "disabled" ] > +then > + LH_BOOTAPPEND_LIVE="${LH_BOOTAPPEND_LIVE} exposedroot" > +fi > + > if [ "${LH_UNION_FILESYSTEM}" != "unionfs" ] > then > LH_BOOTAPPEND_LIVE="${LH_BOOTAPPEND_LIVE} union=${LH_UNION_FILESYSTEM}" > diff --git a/helpers/lh_binary_syslinux b/helpers/lh_binary_syslinux > index 92963ea..2b964c9 100755 > --- a/helpers/lh_binary_syslinux > +++ b/helpers/lh_binary_syslinux > @@ -236,6 +236,11 @@ then > esac > fi > > +if [ "${LH_EXPOSED_ROOT}" != "disabled" ] > +then > + LH_BOOTAPPEND_LIVE="${LH_BOOTAPPEND_LIVE} exposedroot" > +fi > + > if [ "${LH_UNION_FILESYSTEM}" != "unionfs" ] > then > LH_BOOTAPPEND_LIVE="${LH_BOOTAPPEND_LIVE} union=${LH_UNION_FILESYSTEM}" > diff --git a/helpers/lh_binary_yaboot b/helpers/lh_binary_yaboot > index e3f8df3..646349a 100755 > --- a/helpers/lh_binary_yaboot > +++ b/helpers/lh_binary_yaboot > @@ -180,6 +180,11 @@ then > esac > fi > > +if [ "${LH_EXPOSED_ROOT}" != "disabled" ] > +then > + LH_BOOTAPPEND_LIVE="${LH_BOOTAPPEND_LIVE} exposedroot" > +fi > + > if [ "${LH_UNION_FILESYSTEM}" != "unionfs" ] > then > LH_BOOTAPPEND_LIVE="${LH_BOOTAPPEND_LIVE} union=${LH_UNION_FILESYSTEM}" > diff --git a/helpers/lh_chroot_hacks b/helpers/lh_chroot_hacks > index da2be17..ba94ee8 100755 > --- a/helpers/lh_chroot_hacks > +++ b/helpers/lh_chroot_hacks > @@ -113,3 +113,40 @@ fi > > # Creating stage file > Create_stagefile .stage/chroot_hacks > + > +if [ "${LH_EXPOSED_ROOT}" = "enabled" ] > +then > + # make sure rw dirs exist so that the initramfs script has > + # directory in which to bind the tmpfs filesystems > + cow_dirs='/tmp /var/tmp /var/lock /var/run /var/lib/live /var/log > + /var/spool /home /live' > + for dir in ${cow_dirs}; do > + mkdir -p chroot${dir} > + done > + > + # config rw files > + config_files='/etc/hostname /etc/hosts /etc/resolv.conf /etc/fstab > + /etc/live.conf /etc/network/interfaces /etc/X11/xorg.conf > + /etc/udev/rules.d/z25_persistent-net.rules > + /etc/udev/rules.d/z25_persistent-cd.rules' > + > + rw_dir='/var/lib/live' > + > + for file_path in ${config_files}; do > + # touch files in case they don't yet exist > + file_dir=${file_path%/*} > + mkdir -p chroot${file_dir} > + touch chroot${file_path} > + file_name=$(basename $file_path) > + mkdir -p chroot${rw_dir}${file_dir} > + mv chroot${file_path} chroot${rw_dir}${file_dir} > + relative_path=$(echo $file_dir|sed 's/[^\/]\+/../g; s/^\///g') > + ln -s ${relative_path}${rw_dir}${file_path} chroot${file_path} > + done > + > + # mount doesnt write to a symlink so use /proc/mounts instead > + # see debian bug #154438 for more info > + rm chroot/etc/mtab > + ln -s /proc/mounts chroot/etc/mtab > + > +fi > diff --git a/helpers/lh_config b/helpers/lh_config > index 0c4c256..be092a0 100755 > --- a/helpers/lh_config > +++ b/helpers/lh_config > @@ -53,6 +53,7 @@ USAGE="${PROGRAM} [--apt apt|aptitude]\n\ > \t [--debug]\n\ > \t [-d|--distribution CODENAME]\n\ > \t [-e|--encryption aes128|aes192|aes256]\n\ > +\t [--exposed-root enabled|disabled]\n\ > \t [--force]\n\ > \t [--genisoimage genisomage|mkisofs]\n\ > \t [--grub-splash FILE]\n\ > @@ -101,7 +102,7 @@ USAGE="${PROGRAM} [--apt apt|aptitude]\n\ > > Local_arguments () > { > - ARGUMENTS="$(getopt --longoptions > apt:,apt-ftp-proxy:,apt-http-proxy:,apt-pdiffs:,apt-pipeline:,apt-recommends:,apt-secure:,bootstrap:,cache:,cache-indices:,cache-packages:,cache-stages:,debconf-frontend:,debconf-nowarnings:,debconf-priority:,genisoimage:,initramfs:,losetup:,mode:,root-command:,tasksel:,includes:,templates:,architecture:,bootstrap-config:,bootstrap-flavour:,bootstrap-keyring:,distribution:,mirror-bootstrap:,mirror-bootstrap-security:,mirror-binary:,mirror-binary-security:,sections:,chroot-filesystem:,union-filesystem:,hooks:,interactive:,keyring-packages:,language:,linux-flavours:,linux-packages:,packages:,packages-lists:,tasks:,security:,symlinks:,sysvinit:,binary-images:,binary-indices:,bootappend-install:,bootappend-live:,bootloader:,chroot-build:,debian-installer:,debian-installer-daily:,encryption:,grub-splash:,hostname:,iso-application:,iso-preparer:,iso-publisher:,iso-volume:,iso-memtest:,net-filesystem:,net-mountoptions:,net-path:,net-server:,syslinux-splash:,syslinux-timeout:,username:,source:,source-images:,breakpoints,conffile:,debug,force,help,quiet,usage,verbose,version > --name=${PROGRAM} --options a:f:d:m:l:k:p:b:e:s:c:huv --shell sh -- "[EMAIL > PROTECTED]")" > + ARGUMENTS="$(getopt --longoptions > apt:,apt-ftp-proxy:,apt-http-proxy:,apt-pdiffs:,apt-pipeline:,apt-recommends:,apt-secure:,bootstrap:,cache:,cache-indices:,cache-packages:,cache-stages:,debconf-frontend:,debconf-nowarnings:,debconf-priority:,genisoimage:,initramfs:,losetup:,mode:,root-command:,tasksel:,includes:,templates:,architecture:,bootstrap-config:,bootstrap-flavour:,bootstrap-keyring:,distribution:,mirror-bootstrap:,mirror-bootstrap-security:,mirror-binary:,mirror-binary-security:,sections:,chroot-filesystem:,exposed-root:,union-filesystem:,hooks:,interactive:,keyring-packages:,language:,linux-flavours:,linux-packages:,packages:,packages-lists:,tasks:,security:,symlinks:,sysvinit:,binary-images:,binary-indices:,bootappend-install:,bootappend-live:,bootloader:,chroot-build:,debian-installer:,debian-installer-daily:,encryption:,grub-splash:,hostname:,iso-application:,iso-preparer:,iso-publisher:,iso-volume:,iso-memtest:,net-filesystem:,net-mountoptions:,net-path:,net-server:,syslinux-splash:,syslinux-timeout:,username:,source:,source-images:,breakpoints,conffile:,debug,force,help,quiet,usage,verbose,version > --name=${PROGRAM} --options a:f:d:m:l:k:p:b:e:s:c:huv --shell sh -- "[EMAIL > PROTECTED]")" > > if [ "${?}" != "0" ] > then > @@ -317,6 +318,11 @@ Local_arguments () > shift 2 > ;; > > + --exposed-root) > + LH_EXPOSED_ROOT="${2}" > + shift 2 > + ;; > + > --union-filesystem) > LH_UNION_FILESYSTEM="${2}" > shift 2 > @@ -769,6 +775,10 @@ cat > config/chroot << EOF > # (Default: ${LH_CHROOT_FILESYSTEM}) > LH_CHROOT_FILESYSTEM="${LH_CHROOT_FILESYSTEM}" > > +# \$LH_EXPOSED_ROOT: expose root as read only > +# (Default: ${LH_EXPOSED_ROOT}) > +LH_EXPOSED_ROOT="${LH_EXPOSED_ROOT}" > + > # \$LH_UNION_FILESYSTEM: set union filesystem > # (Default: ${LH_UNION_FILESYSTEM} > LH_UNION_FILESYSTEM="${LH_UNION_FILESYSTEM}" > commit 17c2f2f1739edb845a62e428f554ff750dbed000 > Author: Jesse Hathaway <[EMAIL PROTECTED]> > Date: Tue Oct 2 12:20:02 2007 -0400 > > add code to support --exposed-root in live-helper > > diff --git a/scripts/live b/scripts/live > index d4b253b..16c7eea 100755 > --- a/scripts/live > +++ b/scripts/live > @@ -362,6 +362,11 @@ Arguments () > export TORAM MODULETORAM > ;; > > + exposedroot) > + EXPOSED_ROOT="Yes" > + export EXPOSED_ROOT > + ;; > + > union=*) > UNIONTYPE="${ARGUMENT#union=}" > export UNIONTYPE > @@ -927,9 +932,26 @@ setup_unionfs () > fi > fi > > - mount ${cowdevice} -t ${cow_fstype} -o rw /cow || panic "Can not mount > ${cowdevice} on /cow" > + if [ -n "${EXPOSED_ROOT}" ] > + then > + rofsstring=${rofsstring%%=*} > + > + mount --bind ${rofsstring} ${rootmnt} || panic "bind mount failed" > + > + cow_dirs='/tmp /var/tmp /var/lock /var/run /var/log /var/spool > + /home /live /var/lib/live' > + > + mount ${cowdevice} -t ${cow_fstype} -o rw /cow || panic "Can not mount > ${cowdevice} on /cow" > + > + for dir in ${cow_dirs}; do > + mkdir -p /cow${dir} > + mount -t ${UNIONTYPE} -o dirs=/cow${dir}=rw:${rofsstring}${dir}=ro > ${UNIONTYPE} "${rootmnt}${dir}" || panic "${UNIONTYPE} mount failed" > + done > + else > + mount ${cowdevice} -t ${cow_fstype} -o rw /cow || panic "Can not mount > ${cowdevice} on /cow" > > - mount -t ${UNIONTYPE} -o dirs=/cow=rw:${rofsstring} ${UNIONTYPE} > "${rootmnt}" || panic "${UNIONTYPE} mount failed" > + mount -t ${UNIONTYPE} -o dirs=/cow=rw:${rofsstring} ${UNIONTYPE} > "${rootmnt}" || panic "${UNIONTYPE} mount failed" > + fi > > # Adding other custom mounts > if [ -n "${PERSISTENT}" ] -- The trenchant blade, Toledo trusty, For want of fighting was grown rusty, And ate into itself, for lack Of somebody to hew and hack. -- Samuel Butler _______________________________________________ debian-live-devel mailing list debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel