diff options
| author | Luca Boccassi <bluca@debian.org> | 2023-03-28 16:19:47 +0100 |
|---|---|---|
| committer | Luca Boccassi <bluca@debian.org> | 2023-03-30 11:25:17 +0100 |
| commit | de862276eddbbe76b436213b4d427205356d1886 (patch) | |
| tree | e5694bb106270a0380789d5904e4e839e996f802 /units | |
| parent | d51f8eb366c761ef4925742e75e210cddbff89e6 (diff) | |
| download | systemd-de862276eddbbe76b436213b4d427205356d1886.tar.gz | |
sysext: stop storing under /usr/lib[/local]/extensions/
sysexts are meant to extend /usr. All extension images and directories are opened and merged in a
single, read-only overlayfs layer, mounted on /usr.
So far, we had fallback storage directories in /usr/lib/extensions and /usr/local/lib/extensions.
This is problematic for three reasons.
Firstly, technically, for directory-based extensions the kernel will reject
creating such an overlay, as there is a recursion problem. It actively
validates that a lowerdir is not a child of another lowerdir, and fails with
-ELOOP if it is. So having a sysext /usr/lib/extensions/myextdir/ would result
in an overlayfs config lowerdir=/usr/lib/extensions/myextdir/usr/:/usr which is
not allowed, as indicated by Christian the kernel performs this check:
/*
* Check if this layer root is a descendant of:
* - another layer of this overlayfs instance
* - upper/work dir of any overlayfs instance
*/
<...>
/* Walk back ancestors to root (inclusive) looking for traps */
while (!err && parent != next) {
if (is_lower && ovl_lookup_trap_inode(sb, parent)) {
err = -ELOOP;
pr_err("overlapping %s path\n", name);
Secondly, there's a confusing aspect to this recursive storage. If you
have /usr/lib/extensions/myext.raw which contains /usr/lib/extensions/mynested.raw
'systemd-sysext merge' will only pick up the first one, but both will appear in
the merged root under /usr/lib/extensions/. So you have two extension images, both
appear in your merged filesystem, but only one is actually in use.
Finally, there's a conceptual aspect: the idea behind sysexts and hermetic /usr
is that the /usr tree is not modified locally, but owned by the vendor. Dropping
extensions in /usr thus goes contrary to this foundational concept.
Diffstat (limited to 'units')
| -rw-r--r-- | units/systemd-sysext.service | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/units/systemd-sysext.service b/units/systemd-sysext.service index f8c26f5fbf..9a8d4ebc5f 100644 --- a/units/systemd-sysext.service +++ b/units/systemd-sysext.service @@ -15,8 +15,6 @@ ConditionCapability=CAP_SYS_ADMIN ConditionDirectoryNotEmpty=|/etc/extensions ConditionDirectoryNotEmpty=|/run/extensions ConditionDirectoryNotEmpty=|/var/lib/extensions -ConditionDirectoryNotEmpty=|/usr/local/lib/extensions -ConditionDirectoryNotEmpty=|/usr/lib/extensions DefaultDependencies=no After=local-fs.target |