[thirdparty/systemd.git] / src / volatile-root / volatile-root.c

/* SPDX-License-Identifier: LGPL-2.1+ */

#include <sys/mount.h>

#include "alloc-util.h"
#include "blockdev-util.h"
#include "escape.h"
#include "fs-util.h"
#include "main-func.h"
#include "mkdir.h"
#include "mount-util.h"
#include "mountpoint-util.h"
#include "path-util.h"
#include "stat-util.h"
#include "string-util.h"
#include "volatile-util.h"

static int make_volatile(const char *path) {
        _cleanup_free_ char *old_usr = NULL;
        int r;

        assert(path);

        r = chase_symlinks("/usr", path, CHASE_PREFIX_ROOT, &old_usr, NULL);
        if (r < 0)
                return log_error_errno(r, "/usr not available in old root: %m");

        r = mkdir_p("/run/systemd/volatile-sysroot", 0700);
        if (r < 0)
                return log_error_errno(r, "Couldn't generate volatile sysroot directory: %m");

        r = mount_verbose(LOG_ERR, "tmpfs", "/run/systemd/volatile-sysroot", "tmpfs", MS_STRICTATIME, "mode=755" TMPFS_LIMITS_ROOTFS);
        if (r < 0)
                goto finish_rmdir;

        if (mkdir("/run/systemd/volatile-sysroot/usr", 0755) < 0) {
                r = log_error_errno(errno, "Failed to create /usr directory: %m");
                goto finish_umount;
        }

        r = mount_verbose(LOG_ERR, old_usr, "/run/systemd/volatile-sysroot/usr", NULL, MS_BIND|MS_REC, NULL);
        if (r < 0)
                goto finish_umount;

        r = bind_remount_recursive("/run/systemd/volatile-sysroot/usr", MS_RDONLY, MS_RDONLY, NULL);
        if (r < 0) {
                log_error_errno(r, "Failed to remount /usr read-only: %m");
                goto finish_umount;
        }

        r = umount_recursive(path, 0);
        if (r < 0) {
                log_error_errno(r, "Failed to unmount %s: %m", path);
                goto finish_umount;
        }

        if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0)
                log_warning_errno(errno, "Failed to remount %s MS_SLAVE|MS_REC, ignoring: %m", path);

        r = mount_verbose(LOG_ERR, "/run/systemd/volatile-sysroot", path, NULL, MS_MOVE, NULL);

finish_umount:
        (void) umount_recursive("/run/systemd/volatile-sysroot", 0);

finish_rmdir:
        (void) rmdir("/run/systemd/volatile-sysroot");

        return r;
}

static int make_overlay(const char *path) {
        _cleanup_free_ char *escaped_path = NULL;
        bool tmpfs_mounted = false;
        const char *options = NULL;
        int r;

        assert(path);

        r = mkdir_p("/run/systemd/overlay-sysroot", 0700);
        if (r < 0)
                return log_error_errno(r, "Couldn't create overlay sysroot directory: %m");

        r = mount_verbose(LOG_ERR, "tmpfs", "/run/systemd/overlay-sysroot", "tmpfs", MS_STRICTATIME, "mode=755" TMPFS_LIMITS_ROOTFS);
        if (r < 0)
                goto finish;

        tmpfs_mounted = true;

        if (mkdir("/run/systemd/overlay-sysroot/upper", 0755) < 0) {
                r = log_error_errno(errno, "Failed to create /run/systemd/overlay-sysroot/upper: %m");
                goto finish;
        }

        if (mkdir("/run/systemd/overlay-sysroot/work", 0755) < 0) {
                r = log_error_errno(errno, "Failed to create /run/systemd/overlay-sysroot/work: %m");
                goto finish;
        }

        escaped_path = shell_escape(path, ",:");
        if (!escaped_path) {
                r = log_oom();
                goto finish;
        }

        options = strjoina("lowerdir=", escaped_path, ",upperdir=/run/systemd/overlay-sysroot/upper,workdir=/run/systemd/overlay-sysroot/work");
        r = mount_verbose(LOG_ERR, "overlay", path, "overlay", 0, options);

finish:
        if (tmpfs_mounted)
                (void) umount_verbose("/run/systemd/overlay-sysroot");

        (void) rmdir("/run/systemd/overlay-sysroot");
        return r;
}

static int run(int argc, char *argv[]) {
        VolatileMode m = _VOLATILE_MODE_INVALID;
        const char *path;
        dev_t devt;
        int r;

        log_setup_service();

        if (argc > 3)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "Too many arguments. Expected directory and mode.");

        r = query_volatile_mode(&m);
        if (r < 0)
                return log_error_errno(r, "Failed to determine volatile mode from kernel command line.");
        if (r == 0 && argc >= 2) {
                /* The kernel command line always wins. However if nothing was set there, the argument passed here wins instead. */
                m = volatile_mode_from_string(argv[1]);
                if (m < 0)
                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Couldn't parse volatile mode: %s", argv[1]);
        }

        if (argc < 3)
                path = "/sysroot";
        else {
                path = argv[2];

                if (isempty(path))
                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                               "Directory name cannot be empty.");
                if (!path_is_absolute(path))
                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                               "Directory must be specified as absolute path.");
                if (path_equal(path, "/"))
                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                               "Directory cannot be the root directory.");
        }

        if (!IN_SET(m, VOLATILE_YES, VOLATILE_OVERLAY))
                return 0;

        r = path_is_mount_point(path, NULL, AT_SYMLINK_FOLLOW);
        if (r < 0)
                return log_error_errno(r, "Couldn't determine whether %s is a mount point: %m", path);
        if (r == 0)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "%s is not a mount point.", path);

        r = path_is_temporary_fs(path);
        if (r < 0)
                return log_error_errno(r, "Couldn't determine whether %s is a temporary file system: %m", path);
        if (r > 0) {
                log_info("%s already is a temporary file system.", path);
                return 0;
        }

        /* We are about to replace the root directory with something else. Later code might want to know what we
         * replaced here, hence let's save that information as a symlink we can later use. (This is particularly
         * relevant for the overlayfs case where we'll fully obstruct the view onto the underlying device, hence
         * querying the backing device node from the file system directly is no longer possible. */
        r = get_block_device_harder(path, &devt);
        if (r < 0)
                return log_error_errno(r, "Failed to determine device major/minor of %s: %m", path);
        else if (r > 0) {
                _cleanup_free_ char *dn = NULL;

                r = device_path_make_major_minor(S_IFBLK, devt, &dn);
                if (r < 0)
                        return log_error_errno(r, "Failed to format device node path: %m");

                if (symlink(dn, "/run/systemd/volatile-root") < 0)
                        log_warning_errno(errno, "Failed to create symlink /run/systemd/volatile-root: %m");
        }

        if (m == VOLATILE_YES)
                return make_volatile(path);
        else {
                assert(m == VOLATILE_OVERLAY);
                return make_overlay(path);
        }
}

DEFINE_MAIN_FUNCTION(run);
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
91214a37 LP	2
	3	#include <sys/mount.h>
	4
	5	#include "alloc-util.h"
d10b92cb	6	#include "blockdev-util.h"
1de7f825	7	#include "escape.h"
91214a37	8	#include "fs-util.h"
5e332028	9	#include "main-func.h"
91214a37 LP	10	#include "mkdir.h"
91214a37 LP	11	#include "mount-util.h"
049af8ad	12	#include "mountpoint-util.h"
5e332028	13	#include "path-util.h"
91214a37	14	#include "stat-util.h"
91214a37	15	#include "string-util.h"
5e332028	16	#include "volatile-util.h"
91214a37 LP	17
	18	static int make_volatile(const char *path) {
	19	_cleanup_free_ char *old_usr = NULL;
	20	int r;
	21
1de7f825	22	assert(path);
91214a37	23
a5648b80	24	r = chase_symlinks("/usr", path, CHASE_PREFIX_ROOT, &old_usr, NULL);
91214a37 LP	25	if (r < 0)
	26	return log_error_errno(r, "/usr not available in old root: %m");
	27
	28	r = mkdir_p("/run/systemd/volatile-sysroot", 0700);
	29	if (r < 0)
	30	return log_error_errno(r, "Couldn't generate volatile sysroot directory: %m");
	31
7d85383e	32	r = mount_verbose(LOG_ERR, "tmpfs", "/run/systemd/volatile-sysroot", "tmpfs", MS_STRICTATIME, "mode=755" TMPFS_LIMITS_ROOTFS);
91214a37 LP	33	if (r < 0)
	34	goto finish_rmdir;
	35
	36	if (mkdir("/run/systemd/volatile-sysroot/usr", 0755) < 0) {
85fb5bb2	37	r = log_error_errno(errno, "Failed to create /usr directory: %m");
91214a37 LP	38	goto finish_umount;
	39	}
	40
	41	r = mount_verbose(LOG_ERR, old_usr, "/run/systemd/volatile-sysroot/usr", NULL, MS_BIND\|MS_REC, NULL);
	42	if (r < 0)
	43	goto finish_umount;
	44
64e82c19	45	r = bind_remount_recursive("/run/systemd/volatile-sysroot/usr", MS_RDONLY, MS_RDONLY, NULL);
85fb5bb2 LP	46	if (r < 0) {
85fb5bb2 LP	47	log_error_errno(r, "Failed to remount /usr read-only: %m");
91214a37	48	goto finish_umount;
85fb5bb2	49	}
91214a37 LP	50
	51	r = umount_recursive(path, 0);
	52	if (r < 0) {
	53	log_error_errno(r, "Failed to unmount %s: %m", path);
	54	goto finish_umount;
	55	}
	56
	57	if (mount(NULL, "/", NULL, MS_SLAVE\|MS_REC, NULL) < 0)
85fb5bb2	58	log_warning_errno(errno, "Failed to remount %s MS_SLAVE\|MS_REC, ignoring: %m", path);
91214a37 LP	59
	60	r = mount_verbose(LOG_ERR, "/run/systemd/volatile-sysroot", path, NULL, MS_MOVE, NULL);
	61
	62	finish_umount:
	63	(void) umount_recursive("/run/systemd/volatile-sysroot", 0);
	64
	65	finish_rmdir:
	66	(void) rmdir("/run/systemd/volatile-sysroot");
	67
	68	return r;
	69	}
	70
1de7f825 LP	71	static int make_overlay(const char *path) {
	72	_cleanup_free_ char *escaped_path = NULL;
	73	bool tmpfs_mounted = false;
	74	const char *options = NULL;
	75	int r;
	76
	77	assert(path);
	78
	79	r = mkdir_p("/run/systemd/overlay-sysroot", 0700);
	80	if (r < 0)
	81	return log_error_errno(r, "Couldn't create overlay sysroot directory: %m");
	82
7d85383e	83	r = mount_verbose(LOG_ERR, "tmpfs", "/run/systemd/overlay-sysroot", "tmpfs", MS_STRICTATIME, "mode=755" TMPFS_LIMITS_ROOTFS);
1de7f825 LP	84	if (r < 0)
	85	goto finish;
	86
	87	tmpfs_mounted = true;
	88
	89	if (mkdir("/run/systemd/overlay-sysroot/upper", 0755) < 0) {
	90	r = log_error_errno(errno, "Failed to create /run/systemd/overlay-sysroot/upper: %m");
	91	goto finish;
	92	}
	93
	94	if (mkdir("/run/systemd/overlay-sysroot/work", 0755) < 0) {
	95	r = log_error_errno(errno, "Failed to create /run/systemd/overlay-sysroot/work: %m");
	96	goto finish;
	97	}
	98
	99	escaped_path = shell_escape(path, ",:");
	100	if (!escaped_path) {
	101	r = log_oom();
	102	goto finish;
	103	}
	104
	105	options = strjoina("lowerdir=", escaped_path, ",upperdir=/run/systemd/overlay-sysroot/upper,workdir=/run/systemd/overlay-sysroot/work");
	106	r = mount_verbose(LOG_ERR, "overlay", path, "overlay", 0, options);
	107
	108	finish:
	109	if (tmpfs_mounted)
	110	(void) umount_verbose("/run/systemd/overlay-sysroot");
	111
	112	(void) rmdir("/run/systemd/overlay-sysroot");
	113	return r;
	114	}
	115
51e23786	116	static int run(int argc, char *argv[]) {
91214a37 LP	117	VolatileMode m = _VOLATILE_MODE_INVALID;
91214a37 LP	118	const char *path;
d10b92cb	119	dev_t devt;
91214a37 LP	120	int r;
91214a37 LP	121
6bf3c61c	122	log_setup_service();
91214a37	123
baaa35ad ZJS	124	if (argc > 3)
	125	return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
	126	"Too many arguments. Expected directory and mode.");
91214a37 LP	127
91214a37 LP	128	r = query_volatile_mode(&m);
51e23786 ZJS	129	if (r < 0)
51e23786 ZJS	130	return log_error_errno(r, "Failed to determine volatile mode from kernel command line.");
91214a37 LP	131	if (r == 0 && argc >= 2) {
	132	/* The kernel command line always wins. However if nothing was set there, the argument passed here wins instead. */
	133	m = volatile_mode_from_string(argv[1]);
26945d18 LP	134	if (m < 0)
26945d18 LP	135	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Couldn't parse volatile mode: %s", argv[1]);
91214a37 LP	136	}
	137
	138	if (argc < 3)
	139	path = "/sysroot";
	140	else {
	141	path = argv[2];
	142
baaa35ad ZJS	143	if (isempty(path))
	144	return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
	145	"Directory name cannot be empty.");
	146	if (!path_is_absolute(path))
	147	return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
	148	"Directory must be specified as absolute path.");
	149	if (path_equal(path, "/"))
	150	return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
	151	"Directory cannot be the root directory.");
91214a37 LP	152	}
91214a37 LP	153
1de7f825	154	if (!IN_SET(m, VOLATILE_YES, VOLATILE_OVERLAY))
51e23786	155	return 0;
91214a37	156
1de7f825 LP	157	r = path_is_mount_point(path, NULL, AT_SYMLINK_FOLLOW);
	158	if (r < 0)
	159	return log_error_errno(r, "Couldn't determine whether %s is a mount point: %m", path);
	160	if (r == 0)
	161	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "%s is not a mount point.", path);
	162
	163	r = path_is_temporary_fs(path);
	164	if (r < 0)
	165	return log_error_errno(r, "Couldn't determine whether %s is a temporary file system: %m", path);
	166	if (r > 0) {
	167	log_info("%s already is a temporary file system.", path);
	168	return 0;
	169	}
	170
d10b92cb LP	171	/* We are about to replace the root directory with something else. Later code might want to know what we
	172	* replaced here, hence let's save that information as a symlink we can later use. (This is particularly
	173	* relevant for the overlayfs case where we'll fully obstruct the view onto the underlying device, hence
	174	* querying the backing device node from the file system directly is no longer possible. */
	175	r = get_block_device_harder(path, &devt);
	176	if (r < 0)
	177	return log_error_errno(r, "Failed to determine device major/minor of %s: %m", path);
	178	else if (r > 0) {
	179	_cleanup_free_ char *dn = NULL;
	180
	181	r = device_path_make_major_minor(S_IFBLK, devt, &dn);
	182	if (r < 0)
	183	return log_error_errno(r, "Failed to format device node path: %m");
	184
	185	if (symlink(dn, "/run/systemd/volatile-root") < 0)
	186	log_warning_errno(errno, "Failed to create symlink /run/systemd/volatile-root: %m");
	187	}
	188
1de7f825 LP	189	if (m == VOLATILE_YES)
	190	return make_volatile(path);
	191	else {
	192	assert(m == VOLATILE_OVERLAY);
	193	return make_overlay(path);
	194	}
91214a37	195	}
51e23786 ZJS	196
51e23786 ZJS	197	DEFINE_MAIN_FUNCTION(run);