commit: ab6d73225f21be7d55649363ceb460d91270638d
Author: Thomas Deutschmann gentoo org>
AuthorDate: Mon Feb 8 01:25:50 2021 +
Commit: Thomas Deutschmann gentoo org>
CommitDate: Mon Feb 8 21:20:28 2021 +
URL:https://gitweb.gentoo.org/proj/genkernel.git/commit/?id=ab6d7322
linuxrc: Add gk.preserverun.disabled
When this boolean option is set and enabled, genkernel initramfs will unmount
/run
before calling switch_root.
This can help in SELinux context for example where labeling is required which is
not supported by genkernel.
Bug: https://bugs.gentoo.org/739424
Bug: https://bugs.gentoo.org/740576
Signed-off-by: Thomas Deutschmann gentoo.org>
defaults/initrd.defaults | 1 +
defaults/linuxrc | 15 +++
doc/genkernel.8.txt| 6 +
1-switch_root-check-if-mountpoint-exists.patch | 31 ++
4 files changed, 53 insertions(+)
diff --git a/defaults/initrd.defaults b/defaults/initrd.defaults
index ac3b072..7ee78e9 100644
--- a/defaults/initrd.defaults
+++ b/defaults/initrd.defaults
@@ -87,6 +87,7 @@ GK_NET_TIMEOUT_DAD=10
GK_NET_TIMEOUT_DECONFIGURATION=10
GK_NET_TIMEOUT_DHCP=10
GK_NET_TIMEOUT_INTERFACE=10
+GK_PRESERVE_RUN=1
GK_PROMPT_FILE='/tmp/current_prompt'
GK_PROMPT_TIMEOUT=0
GK_ROOTFS_DETECTED_STATEFILE="/tmp/rootfs.detected"
diff --git a/defaults/linuxrc b/defaults/linuxrc
index e33576d..d8fee73 100644
--- a/defaults/linuxrc
+++ b/defaults/linuxrc
@@ -372,6 +372,15 @@ do
fi
unset tmp_disabled
;;
+ gk.preserverun.disabled=*)
+ tmp_disabled=${x#*=}
+ if is_true "${tmp_disabled}"
+ then
+ warn_msg "gk.preserverun.disabled is set; /run
will not be moved to newroot!"
+ GK_PRESERVE_RUN=0
+ fi
+ unset tmp_disabled
+ ;;
gk.prompt.timeout=*)
tmp_timeout=${x#*=}
if is_int "${tmp_timeout}"
@@ -1336,6 +1345,12 @@ fi
# Run debug shell if requested
rundebugshell "before entering switch_root"
+if [ "${GK_PRESERVE_RUN}" = '0' ]
+then
+ GK_INIT_LOG=
+ run umount /run
+fi
+
# init_opts is set in the environment by the kernel when it parses the command
line
init=${REAL_INIT:-/sbin/init}
if ! mountpoint "${CHROOT}" 1>/dev/null 2>&1
diff --git a/doc/genkernel.8.txt b/doc/genkernel.8.txt
index ddccd9f..74729be 100644
--- a/doc/genkernel.8.txt
+++ b/doc/genkernel.8.txt
@@ -745,6 +745,12 @@ recognized by the kernel itself.
By default we will wait up to 120 seconds (UDEV default) for
UDEV event queue to become empty.
+*gk.preserverun.disabled*=<...>::
+By default, *switch_root* will preserve and move already mounted '/run'
+to *newroot*. This boolean option allows you to disable preserving of
+'/run', which is maybe required for SELinux due to missing labeling
+support in genkernel.
+
*gk.prompt.timeout*=<...>::
By default a prompt within genkernel initramfs like shown when set
*root* could not be found will never timeout. Use this option to set
diff --git
a/patches/util-linux/2.36.1/util-linux-2.36.1-switch_root-check-if-mountpoint-exists.patch
b/patches/util-linux/2.36.1/util-linux-2.36.1-switch_root-check-if-mountpoint-exists.patch
new file mode 100644
index 000..17bcd91
--- /dev/null
+++
b/patches/util-linux/2.36.1/util-linux-2.36.1-switch_root-check-if-mountpoint-exists.patch
@@ -0,0 +1,31 @@
+switch_root: check if mount point to move even exists
+
+--- a/sys-utils/switch_root.c
b/sys-utils/switch_root.c
+@@ -131,7 +131,12 @@ static int switchroot(const char *newroot)
+ int i;
+ int cfd;
+ pid_t pid;
+- struct stat newroot_stat, sb;
++ struct stat newroot_stat, oldroot_stat, sb;
++
++ if (stat("/", _stat) != 0) {
++ warn(_("stat of %s failed"), "/");
++ return -1;
++ }
+
+ if (stat(newroot, _stat) != 0) {
+ warn(_("stat of %s failed"), newroot);
+@@ -143,6 +148,11 @@ static int switchroot(const char *newroot)
+
+ snprintf(newmount, sizeof(newmount), "%s%s", newroot,
umounts[i]);
+
++ if ((stat(umounts[i], ) == 0) && sb.st_dev ==
oldroot_stat.st_dev) {
++ /* mount point to move seems to be a normal directory
or stat failed */
++ continue;
++ }
++
+ if ((stat(newmount, ) != 0) || (sb.st_dev !=
newroot_stat.st_dev)) {
+ /* mount point seems to be mounted already or stat
failed */
+ umount2(umounts[i], MNT_DETACH);
+
