[OE-core] systemd-firstboot not triggered on read/write /etc folder

[dave . elek . 96]

Hi!

In the systemd-systemctl there is a *systemctl* script used for some 
configuration/settings for the systemd services (e.g. enabling services).

In this script if we call the *preset_all* command, it will create an empty 
/etc/machine-id file. This is required on read-only /etc folder, otherwise the 
systemd will fail to boot. However on read-write /etc folder this file is still 
created, which prevents systemd to satisfy the ConditionFirstBoot condition. 
This is used in systemd services, for example for systemd-firstboot, where you 
can configure the root password, localization, hostname, etc.

The preset_all command is triggered from the image.bbclass file. A quick 
solution in my case was to add a task in my own layer, which deletes the 
/etc/machine-id file, but I think it would be great, to prevent others from the 
headache it can cause to investigate/fix this.

I attached the patch file about my proposed solution.

Waiting for you reply soon,
David

From 137e3bab6ad5d228105e9936f020a49eaaa4c943 Mon Sep 17 00:00:00 2001
From: "Elek, David" <dave.elek...@gmail.com>
Date: Sat, 17 Feb 2024 18:39:20 +0100
Subject: [PATCH] image.bbclass: add readonly parameter in systemd_preset_all

If IMAGE_FEATURES contains read-only-rootfs call the systemctl script
with --readonly argument.

systemd-systemctl/systemctl: check for readonly argument
if the script was called with this argument, it will prevent creating
the /etc/machine-id file when executing the preset_all command

If the system is read-write and the /etc/machine-id file exists, the
systemd-firstboot is not triggered (ConditionFirstBoot=yes condition is
not met). In readonly rootfs the empty machine-id file must be created,
because of the systemd.

Signed-off-by: Elek, David <dave.elek...@gmail.com>
---
 meta/classes/image.bbclass                            | 2 +-
 meta/recipes-core/systemd/systemd-systemctl/systemctl | 8 +++++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 00413d56d1..e68cf780e6 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -669,7 +669,7 @@ reproducible_final_image_task () {
 
 systemd_preset_all () {
     if [ -e ${IMAGE_ROOTFS}${root_prefix}/lib/systemd/systemd ]; then
-	systemctl --root="${IMAGE_ROOTFS}" --preset-mode=enable-only preset-all
+	systemctl --root="${IMAGE_ROOTFS}" --preset-mode=enable-only preset-all ${@bb.utils.contains('IMAGE_FEATURES', 'read-only-rootfs', '--readonly', '', d)}
     fi
 }
 
diff --git a/meta/recipes-core/systemd/systemd-systemctl/systemctl b/meta/recipes-core/systemd/systemd-systemctl/systemctl
index 0fd7e24085..0850a37575 100755
--- a/meta/recipes-core/systemd/systemd-systemctl/systemctl
+++ b/meta/recipes-core/systemd/systemd-systemctl/systemctl
@@ -273,7 +273,7 @@ def collect_services(root):
     return services
 
 
-def preset_all(root):
+def preset_all(root, readonly):
     presets = Presets('system-preset', root)
     services = collect_services(root)
 
@@ -293,7 +293,8 @@ def preset_all(root):
     # For the stateless configuration, where /etc is generated at runtime
     # (for example on a tmpfs), this script shouldn't run at all and we
     # allow systemd to completely populate /etc.
-    (root / SYSCONFDIR / "machine-id").touch()
+    if readonly:
+        (root / SYSCONFDIR / "machine-id").touch()
 
 
 def main():
@@ -308,6 +309,7 @@ def main():
     parser.add_argument('--preset-mode',
                         choices=['full', 'enable-only', 'disable-only'],
                         default='full')
+    parser.add_argument('--readonly', action='store_true')
 
     args = parser.parse_args()
 
@@ -341,7 +343,7 @@ def main():
             sys.exit("Too many arguments.")
         if args.preset_mode != "enable-only":
             sys.exit("Only enable-only is supported as preset-mode.")
-        preset_all(root)
+        preset_all(root, args.readonly)
     else:
         raise RuntimeError()
 
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#195823): 
https://lists.openembedded.org/g/openembedded-core/message/195823
Mute This Topic: https://lists.openembedded.org/mt/104425254/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-