added more important features

added ability to use current rootfs as read-only rootfs added ability to delete the read-write filesystem prior to overlay fs creation use init script in strict shell mode moved root mounts to /media/rfs and use /mnt as new rootfs mount, where the overlay is created
author: Claudius Heine <ch@denx.de> 2016-10-20 14:23:36 +0200
committer: Claudius Heine <ch@denx.de> 2016-10-20 14:23:36 +0200
commit: 1c55880c8cbba009e07645e3a7b26f2bf2a5756c (patch)
tree: 7050f632cfa00017e5af3f37ad1ea1f6ddbf26ca
parent: 57080e0f657450382fcfbd8d1d7a5c9ca0308e63 (diff)
download: meta-readonly-rootfs-overlay-1c55880c8cbba009e07645e3a7b26f2bf2a5756c.tar.gz
2 files changed, 65 insertions, 37 deletions
diff --git a/README.md b/README.md
index 4daec18..8f037b3 100644
--- a/README.md
+++ b/README.md
@@ -60,16 +60,20 @@ If you use this layer you do *not* need to set `read-only-rootfs` in the
 Example:
 ```
-root=/dev/vda rootfstype=ext4 rootrw=/dev/vdb rootrwfstype=btrfs
+root=/dev/sda1 rootfstype=ext4 rootrw=/dev/sda2 rootrwfstype=btrfs
 ```
-`root=` specifies the read-only root filesystem device. (required)
+`root=` specifies the read-only root filesystem device. If this is not
+specified, the current rootfs is used.
 `rootfstype=` if support for the-read only filesystem is not build into the
 kernel, you can specifiy the required module name here.
-`rootrw=` specifies the read-write root filesystem device. If this is not
+`rootrw=` specifies the read-write filesystem device. If this is not
 specified, `tmpfs` is used.
-`rootrwfstype=`  if support for the read-write filesystem is not build into the
+`rootrwfstype=` if support for the read-write filesystem is not build into the
 kernel, you can specifiy the required module name here.
+`rootrwreset=` set to `yes` if you want to delete all the files in the
+read-write filesystem prior to building the overlay root files system.
diff --git a/recipes-core/initrdscripts/files/init-readonly-rootfs-overlay-boot.sh b/recipes-core/initrdscripts/files/init-readonly-rootfs-overlay-boot.sh
index 315da9b..37a1635 100644
--- a/recipes-core/initrdscripts/files/init-readonly-rootfs-overlay-boot.sh
+++ b/recipes-core/initrdscripts/files/init-readonly-rootfs-overlay-boot.sh
@@ -1,13 +1,21 @@
 #!/bin/sh
+# Enable strict shell mode
+set -euo pipefail
 PATH=/sbin:/bin:/usr/sbin:/usr/bin
-ROOT_MOUNT="/rootfs"
 MOUNT="/bin/mount"
 UMOUNT="/bin/umount"
-ROOT_RWDEVICE="tmpfs"
-ROOT_ROMOUNT="/rfs/ro"
+INIT="/sbin/init"
-ROOT_RWMOUNT="/rfs/rw"
+ROOT_MOUNT="/mnt"
+ROOT_RODEVICE=""
+ROOT_RWDEVICE=""
+ROOT_ROMOUNT="/media/rfs/ro"
+ROOT_RWMOUNT="/media/rfs/rw"
+ROOT_RWRESET="no"
 # Copied from initramfs-framework. The core of this script probably should be
 # turned into initramfs-framework modules to reduce duplication.
@@ -33,9 +41,6 @@ early_setup() {
    $MOUNT -t sysfs sysfs /sys
    $MOUNT -t devtmpfs none /dev
-    # support modular kernel
-    modprobe isofs 2> /dev/null
    mkdir -p /run
    mkdir -p /var/run
@@ -44,24 +49,28 @@ early_setup() {
 }
 read_args() {
-    [ -z "$CMDLINE" ] && CMDLINE=`cat /proc/cmdline`
+    [ -z "${CMDLINE+x}" ] && CMDLINE=`cat /proc/cmdline`
    for arg in $CMDLINE; do
        optarg=`expr "x$arg" : 'x[^=]*=\(.*\)'`
        case $arg in
            root=*)
-                ROOT_DEVICE=$optarg ;;
+                ROOT_RODEVICE=$optarg ;;
            rootfstype=*)
                modprobe $optarg 2> /dev/null ;;
            rootrw=*)
                ROOT_RWDEVICE=$optarg ;;
            rootrwfstype=*)
                modprobe $optarg 2> /dev/null ;;
+            rootrwreset=*)
+                ROOT_RWRESET=$optarg ;;
            video=*)
                video_mode=$arg ;;
            vga=*)
                vga_mode=$arg ;;
+            init=*)
+                INIT=$optarg ;;
            console=*)
-                if [ -z "${console_params}" ]; then
+                if [ -z "${console_params+x}" ]; then
                    console_params=$arg
                else
                    console_params="$console_params $arg"
@@ -78,42 +87,55 @@ fatal() {
 early_setup
-[ -z "$CONSOLE" ] && CONSOLE="/dev/console"
+[ -z "${CONSOLE+x}" ] && CONSOLE="/dev/console"
 read_args
 mount_and_boot() {
    mkdir -p $ROOT_MOUNT $ROOT_ROMOUNT $ROOT_RWMOUNT
-    mknod /dev/loop0 b 7 0 2>/dev/null
-    # Mount read-only root filesystem into initramfs rootfs
+    # Build mount options for read only root filesystem.
-    if ! $MOUNT -o ro,noatime,nodiratime $ROOT_DEVICE $ROOT_ROMOUNT ; then
+    # If no read-only device was specified via kernel commandline, use current
-        fatal "Could not mount read-only rootfs"
+    # rootfs.
+    if [ -z "${ROOT_RODEVICE}" ]; then
+        ROOT_ROMOUNTOPTIONS="--bind,ro /"
+    else
+        ROOT_ROMOUNTOPTIONS="-o ro,noatime,nodiratime $ROOT_RODEVICE"
    fi
-    # determine which unification filesystem to use
+    # Mount rootfs as read-only to mount-point
-    union_fs_type=""
+    if ! $MOUNT $ROOT_ROMOUNTOPTIONS $ROOT_ROMOUNT ; then
-    if grep -w "overlay" /proc/filesystems; then
+        fatal "Could not mount read-only rootfs"
-        union_fs_type="overlay"
-    elif grep -w "aufs" /proc/filesystems; then
-        union_fs_type="aufs"
-    else
-        union_fs_type=""
    fi
    # Build mount options for read write root filesystem.
    # If no read-write device was specified via kernel commandline, use tmpfs.
-    if [ "tmpfs" == $ROOT_RWDEVICE ]; then
+    if [ -z "${ROOT_RWDEVICE}" ]; then
-        ROOT_RWMOUNTOPTIONS="-t tmpfs -o rw,noatime,mode=755"
+        ROOT_RWMOUNTOPTIONS="-t tmpfs -o rw,noatime,mode=755 tmpfs"
    else
-        ROOT_RWMOUNTOPTIONS="-o rw,noatime,mode=755"
+        ROOT_RWMOUNTOPTIONS="-o rw,noatime,mode=755 $ROOT_RWDEVICE"
    fi
    # Mount read-write filesystem into initram rootfs
-    if ! $MOUNT $ROOT_RWMOUNTOPTIONS $ROOT_RWDEVICE $ROOT_RWMOUNT ; then
+    if ! $MOUNT $ROOT_RWMOUNTOPTIONS $ROOT_RWMOUNT ; then
        fatal "Could not mount read-write rootfs"
    fi
+    # Reset read-write filesystem if specified
+    if [ "yes" == "$ROOT_RWRESET" -a -n "${ROOT_RWMOUNT}" ]; then
+        rm -rf $ROOT_RWMOUNT/*
+    fi
+    # Determine which unification filesystem to use
+    union_fs_type=""
+    if grep -w "overlay" /proc/filesystems; then
+        union_fs_type="overlay"
+    elif grep -w "aufs" /proc/filesystems; then
+        union_fs_type="aufs"
+    else
+        union_fs_type=""
+    fi
    # Create/Mount overlay root filesystem 
    case $union_fs_type in
        "overlay")
@@ -130,15 +152,18 @@ mount_and_boot() {
    # Move read-only and read-write root filesystem into the overlay filesystem
    mkdir -p $ROOT_MOUNT/$ROOT_ROMOUNT $ROOT_MOUNT/$ROOT_RWMOUNT
-    $MOUNT --move $ROOT_ROMOUNT $ROOT_MOUNT/$ROOT_ROMOUNT
+    $MOUNT -n --move $ROOT_ROMOUNT ${ROOT_MOUNT}/$ROOT_ROMOUNT
-    $MOUNT --move $ROOT_RWMOUNT $ROOT_MOUNT/$ROOT_RWMOUNT
+    $MOUNT -n --move $ROOT_RWMOUNT ${ROOT_MOUNT}/$ROOT_RWMOUNT
    # Watches the udev event queue, and exits if all current events are handled
-    udevadm settle --timeout=3 --quiet
+    udevadm settle --timeout=3
    # Kills the current udev running processes, which survived after
    # device node creation events were handled, to avoid unexpected behavior
    killall -9 "${_UDEV_DAEMON##*/}" 2>/dev/null
+    # Remove /run /var/run that are created in early_setup
+    rm -rf /run /var/run
    # Move the mount points of some filesystems over to
    # the corresponding directories under the real root filesystem.
    for dir in `awk '/\/dev.* \/run\/media/{print $2}' /proc/mounts`; do
@@ -152,9 +177,8 @@ mount_and_boot() {
    cd $ROOT_MOUNT
    # busybox switch_root supports -c option
-    exec switch_root -c /dev/console $ROOT_MOUNT /sbin/init $CMDLINE ||
+    exec chroot $ROOT_MOUNT $INIT ||
-        fatal "Couldn't switch_root, dropping to shell"
+        fatal "Couldn't chroot, dropping to shell"
 }
 mount_and_boot
author	Claudius Heine <ch@denx.de>	2016-10-20 14:23:36 +0200
committer	Claudius Heine <ch@denx.de>	2016-10-20 14:23:36 +0200
commit	1c55880c8cbba009e07645e3a7b26f2bf2a5756c (patch)
tree	7050f632cfa00017e5af3f37ad1ea1f6ddbf26ca
parent	57080e0f657450382fcfbd8d1d7a5c9ca0308e63 (diff)
download	meta-readonly-rootfs-overlay-1c55880c8cbba009e07645e3a7b26f2bf2a5756c.tar.gz

diff --git a/README.md b/README.md index 4daec18..8f037b3 100644 --- a/README.md +++ b/README.md
@@ -60,16 +60,20 @@ If you use this layer you do not need to set `read-only-rootfs` in the
60	Example:	60	Example:
61		61
62	```	62	```
63	root=/dev/vda rootfstype=ext4 rootrw=/dev/vdb rootrwfstype=btrfs	63	root=/dev/sda1 rootfstype=ext4 rootrw=/dev/sda2 rootrwfstype=btrfs
64	```	64	```
65		65
66	`root=` specifies the read-only root filesystem device. (required)	66	`root=` specifies the read-only root filesystem device. If this is not
		67	specified, the current rootfs is used.
67		68
68	`rootfstype=` if support for the-read only filesystem is not build into the	69	`rootfstype=` if support for the-read only filesystem is not build into the
69	kernel, you can specifiy the required module name here.	70	kernel, you can specifiy the required module name here.
70		71
71	`rootrw=` specifies the read-write root filesystem device. If this is not	72	`rootrw=` specifies the read-write filesystem device. If this is not
72	specified, `tmpfs` is used.	73	specified, `tmpfs` is used.
73		74
74	`rootrwfstype=` if support for the read-write filesystem is not build into the	75	`rootrwfstype=` if support for the read-write filesystem is not build into the
75	kernel, you can specifiy the required module name here.	76	kernel, you can specifiy the required module name here.
		77
		78	`rootrwreset=` set to `yes` if you want to delete all the files in the
		79	read-write filesystem prior to building the overlay root files system.


diff --git a/recipes-core/initrdscripts/files/init-readonly-rootfs-overlay-boot.sh b/recipes-core/initrdscripts/files/init-readonly-rootfs-overlay-boot.sh index 315da9b..37a1635 100644 --- a/recipes-core/initrdscripts/files/init-readonly-rootfs-overlay-boot.sh +++ b/recipes-core/initrdscripts/files/init-readonly-rootfs-overlay-boot.sh
@@ -1,13 +1,21 @@
1	#!/bin/sh	1	#!/bin/sh
2		2
		3	# Enable strict shell mode
		4	set -euo pipefail
		5
3	PATH=/sbin:/bin:/usr/sbin:/usr/bin	6	PATH=/sbin:/bin:/usr/sbin:/usr/bin
4		7
5	ROOT_MOUNT="/rootfs"
6	MOUNT="/bin/mount"	8	MOUNT="/bin/mount"
7	UMOUNT="/bin/umount"	9	UMOUNT="/bin/umount"
8	ROOT_RWDEVICE="tmpfs"	10
9	ROOT_ROMOUNT="/rfs/ro"	11	INIT="/sbin/init"
10	ROOT_RWMOUNT="/rfs/rw"	12
		13	ROOT_MOUNT="/mnt"
		14	ROOT_RODEVICE=""
		15	ROOT_RWDEVICE=""
		16	ROOT_ROMOUNT="/media/rfs/ro"
		17	ROOT_RWMOUNT="/media/rfs/rw"
		18	ROOT_RWRESET="no"
11		19
12	# Copied from initramfs-framework. The core of this script probably should be	20	# Copied from initramfs-framework. The core of this script probably should be
13	# turned into initramfs-framework modules to reduce duplication.	21	# turned into initramfs-framework modules to reduce duplication.
@@ -33,9 +41,6 @@ early_setup() {
33	$MOUNT -t sysfs sysfs /sys	41	$MOUNT -t sysfs sysfs /sys
34	$MOUNT -t devtmpfs none /dev	42	$MOUNT -t devtmpfs none /dev
35		43
36	# support modular kernel
37	modprobe isofs 2> /dev/null
38
39	mkdir -p /run	44	mkdir -p /run
40	mkdir -p /var/run	45	mkdir -p /var/run
41		46
@@ -44,24 +49,28 @@ early_setup() {
44	}	49	}
45		50
46	read_args() {	51	read_args() {
47	[ -z "$CMDLINE" ] && CMDLINE=`cat /proc/cmdline`	52	[ -z "${CMDLINE+x}" ] && CMDLINE=`cat /proc/cmdline`
48	for arg in $CMDLINE; do	53	for arg in $CMDLINE; do
49	optarg=`expr "x$arg" : 'x[^=]=\(.\)'`	54	optarg=`expr "x$arg" : 'x[^=]=\(.\)'`
50	case $arg in	55	case $arg in
51	root=*)	56	root=*)
52	ROOT_DEVICE=$optarg ;;	57	ROOT_RODEVICE=$optarg ;;
53	rootfstype=*)	58	rootfstype=*)
54	modprobe $optarg 2> /dev/null ;;	59	modprobe $optarg 2> /dev/null ;;
55	rootrw=*)	60	rootrw=*)
56	ROOT_RWDEVICE=$optarg ;;	61	ROOT_RWDEVICE=$optarg ;;
57	rootrwfstype=*)	62	rootrwfstype=*)
58	modprobe $optarg 2> /dev/null ;;	63	modprobe $optarg 2> /dev/null ;;
		64	rootrwreset=*)
		65	ROOT_RWRESET=$optarg ;;
59	video=*)	66	video=*)
60	video_mode=$arg ;;	67	video_mode=$arg ;;
61	vga=*)	68	vga=*)
62	vga_mode=$arg ;;	69	vga_mode=$arg ;;
		70	init=*)
		71	INIT=$optarg ;;
63	console=*)	72	console=*)
64	if [ -z "${console_params}" ]; then	73	if [ -z "${console_params+x}" ]; then
65	console_params=$arg	74	console_params=$arg
66	else	75	else
67	console_params="$console_params $arg"	76	console_params="$console_params $arg"
@@ -78,42 +87,55 @@ fatal() {
78		87
79	early_setup	88	early_setup
80		89
81	[ -z "$CONSOLE" ] && CONSOLE="/dev/console"	90	[ -z "${CONSOLE+x}" ] && CONSOLE="/dev/console"
82		91
83	read_args	92	read_args
84		93
85	mount_and_boot() {	94	mount_and_boot() {
86	mkdir -p $ROOT_MOUNT $ROOT_ROMOUNT $ROOT_RWMOUNT	95	mkdir -p $ROOT_MOUNT $ROOT_ROMOUNT $ROOT_RWMOUNT
87	mknod /dev/loop0 b 7 0 2>/dev/null
88		96
89	# Mount read-only root filesystem into initramfs rootfs	97	# Build mount options for read only root filesystem.
90	if ! $MOUNT -o ro,noatime,nodiratime $ROOT_DEVICE $ROOT_ROMOUNT ; then	98	# If no read-only device was specified via kernel commandline, use current
91	fatal "Could not mount read-only rootfs"	99	# rootfs.
		100	if [ -z "${ROOT_RODEVICE}" ]; then
		101	ROOT_ROMOUNTOPTIONS="--bind,ro /"
		102	else
		103	ROOT_ROMOUNTOPTIONS="-o ro,noatime,nodiratime $ROOT_RODEVICE"
92	fi	104	fi
93		105
94	# determine which unification filesystem to use	106	# Mount rootfs as read-only to mount-point
95	union_fs_type=""	107	if ! $MOUNT $ROOT_ROMOUNTOPTIONS $ROOT_ROMOUNT ; then
96	if grep -w "overlay" /proc/filesystems; then	108	fatal "Could not mount read-only rootfs"
97	union_fs_type="overlay"
98	elif grep -w "aufs" /proc/filesystems; then
99	union_fs_type="aufs"
100	else
101	union_fs_type=""
102	fi	109	fi
103		110
104	# Build mount options for read write root filesystem.	111	# Build mount options for read write root filesystem.
105	# If no read-write device was specified via kernel commandline, use tmpfs.	112	# If no read-write device was specified via kernel commandline, use tmpfs.
106	if [ "tmpfs" == $ROOT_RWDEVICE ]; then	113	if [ -z "${ROOT_RWDEVICE}" ]; then
107	ROOT_RWMOUNTOPTIONS="-t tmpfs -o rw,noatime,mode=755"	114	ROOT_RWMOUNTOPTIONS="-t tmpfs -o rw,noatime,mode=755 tmpfs"
108	else	115	else
109	ROOT_RWMOUNTOPTIONS="-o rw,noatime,mode=755"	116	ROOT_RWMOUNTOPTIONS="-o rw,noatime,mode=755 $ROOT_RWDEVICE"
110	fi	117	fi
111		118
112	# Mount read-write filesystem into initram rootfs	119	# Mount read-write filesystem into initram rootfs
113	if ! $MOUNT $ROOT_RWMOUNTOPTIONS $ROOT_RWDEVICE $ROOT_RWMOUNT ; then	120	if ! $MOUNT $ROOT_RWMOUNTOPTIONS $ROOT_RWMOUNT ; then
114	fatal "Could not mount read-write rootfs"	121	fatal "Could not mount read-write rootfs"
115	fi	122	fi
116		123
		124	# Reset read-write filesystem if specified
		125	if [ "yes" == "$ROOT_RWRESET" -a -n "${ROOT_RWMOUNT}" ]; then
		126	rm -rf $ROOT_RWMOUNT/*
		127	fi
		128
		129	# Determine which unification filesystem to use
		130	union_fs_type=""
		131	if grep -w "overlay" /proc/filesystems; then
		132	union_fs_type="overlay"
		133	elif grep -w "aufs" /proc/filesystems; then
		134	union_fs_type="aufs"
		135	else
		136	union_fs_type=""
		137	fi
		138
117	# Create/Mount overlay root filesystem	139	# Create/Mount overlay root filesystem
118	case $union_fs_type in	140	case $union_fs_type in
119	"overlay")	141	"overlay")
@@ -130,15 +152,18 @@ mount_and_boot() {
130		152
131	# Move read-only and read-write root filesystem into the overlay filesystem	153	# Move read-only and read-write root filesystem into the overlay filesystem
132	mkdir -p $ROOT_MOUNT/$ROOT_ROMOUNT $ROOT_MOUNT/$ROOT_RWMOUNT	154	mkdir -p $ROOT_MOUNT/$ROOT_ROMOUNT $ROOT_MOUNT/$ROOT_RWMOUNT
133	$MOUNT --move $ROOT_ROMOUNT $ROOT_MOUNT/$ROOT_ROMOUNT	155	$MOUNT -n --move $ROOT_ROMOUNT ${ROOT_MOUNT}/$ROOT_ROMOUNT
134	$MOUNT --move $ROOT_RWMOUNT $ROOT_MOUNT/$ROOT_RWMOUNT	156	$MOUNT -n --move $ROOT_RWMOUNT ${ROOT_MOUNT}/$ROOT_RWMOUNT
135		157
136	# Watches the udev event queue, and exits if all current events are handled	158	# Watches the udev event queue, and exits if all current events are handled
137	udevadm settle --timeout=3 --quiet	159	udevadm settle --timeout=3
138	# Kills the current udev running processes, which survived after	160	# Kills the current udev running processes, which survived after
139	# device node creation events were handled, to avoid unexpected behavior	161	# device node creation events were handled, to avoid unexpected behavior
140	killall -9 "${_UDEV_DAEMON##*/}" 2>/dev/null	162	killall -9 "${_UDEV_DAEMON##*/}" 2>/dev/null
141		163
		164	# Remove /run /var/run that are created in early_setup
		165	rm -rf /run /var/run
		166
142	# Move the mount points of some filesystems over to	167	# Move the mount points of some filesystems over to
143	# the corresponding directories under the real root filesystem.	168	# the corresponding directories under the real root filesystem.
144	for dir in `awk '/\/dev.* \/run\/media/{print $2}' /proc/mounts`; do	169	for dir in `awk '/\/dev.* \/run\/media/{print $2}' /proc/mounts`; do
@@ -152,9 +177,8 @@ mount_and_boot() {
152	cd $ROOT_MOUNT	177	cd $ROOT_MOUNT
153		178
154	# busybox switch_root supports -c option	179	# busybox switch_root supports -c option
155	exec switch_root -c /dev/console $ROOT_MOUNT /sbin/init $CMDLINE \|\|	180	exec chroot $ROOT_MOUNT $INIT \|\|
156	fatal "Couldn't switch_root, dropping to shell"	181	fatal "Couldn't chroot, dropping to shell"
157	}	182	}
158		183
159	mount_and_boot	184	mount_and_boot
160