]>
Commit | Line | Data |
---|---|---|
c5915c63 ZJS |
1 | <?xml version='1.0'?> <!--*-nxml-*--> |
2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" | |
3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> | |
4 | ||
5 | <!-- | |
6 | This file is part of systemd. | |
7 | ||
8 | Copyright 2013 Lennart Poettering | |
45f0c64e | 9 | Copyright 2016 Zbigniew Jędrzejewski-Szmek |
c5915c63 ZJS |
10 | |
11 | systemd is free software; you can redistribute it and/or modify it | |
12 | under the terms of the GNU Lesser General Public License as published by | |
13 | the Free Software Foundation; either version 2.1 of the License, or | |
14 | (at your option) any later version. | |
15 | ||
16 | systemd is distributed in the hope that it will be useful, but | |
17 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
18 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
19 | Lesser General Public License for more details. | |
20 | ||
21 | You should have received a copy of the GNU Lesser General Public License | |
22 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
23 | --> | |
24 | ||
25 | <refentry id="systemd.offline-updates"> | |
26 | <refentryinfo> | |
27 | <title>systemd.offline-updates</title> | |
28 | <productname>systemd</productname> | |
29 | ||
30 | <authorgroup> | |
31 | <author> | |
32 | <contrib>Developer</contrib> | |
33 | <firstname>Lennart</firstname> | |
34 | <surname>Poettering</surname> | |
35 | <email>lennart@poettering.net</email> | |
36 | </author> | |
37 | </authorgroup> | |
38 | </refentryinfo> | |
39 | ||
40 | <refmeta> | |
41 | <refentrytitle>systemd.offline-updates</refentrytitle> | |
42 | <manvolnum>7</manvolnum> | |
43 | </refmeta> | |
44 | ||
45 | <refnamediv> | |
46 | <refname>systemd.offline-updates</refname> | |
47 | <refpurpose>Implementation of offline updates in systemd</refpurpose> | |
48 | </refnamediv> | |
49 | ||
50 | <refsect1> | |
51 | <title>Implementing Offline System Updates</title> | |
52 | ||
45f0c64e | 53 | <para>This man page describes how to implement "offline" system updates with systemd. By "offline" |
c5915c63 ZJS |
54 | OS updates we mean package installations and updates that are run with the system booted into a |
55 | special system update mode, in order to avoid problems related to conflicts of libraries and | |
56 | services that are currently running with those on disk. This document is inspired by this | |
57 | <ulink url="https://wiki.gnome.org/Design/OS/SoftwareUpdates">GNOME design whiteboard</ulink>. | |
58 | </para> | |
59 | ||
60 | <para>The logic:</para> | |
61 | ||
62 | <orderedlist> | |
63 | <listitem> | |
64 | <para>The package manager prepares system updates by downloading all (RPM or DEB or | |
65 | whatever) packages to update off-line in a special directory | |
66 | <filename noindex="true">/var/lib/system-update</filename> (or | |
67 | another directory of the package/upgrade manager's choice).</para> | |
68 | </listitem> | |
69 | ||
70 | <listitem> | |
71 | <para>When the user OK'ed the update, the symlink <filename>/system-update</filename> is | |
45f0c64e ZJS |
72 | created that points to <filename noindex="true">/var/lib/system-update</filename> (or |
73 | wherever the directory with the upgrade files is located) and the system is rebooted. This | |
c5915c63 ZJS |
74 | symlink is in the root directory, since we need to check for it very early at boot, at a |
75 | time where <filename>/var</filename> is not available yet.</para> | |
76 | </listitem> | |
77 | ||
78 | <listitem> | |
45f0c64e ZJS |
79 | <para>Very early in the new boot |
80 | <citerefentry><refentrytitle>systemd-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
81 | checks whether <filename>/system-update</filename> exists. If so, it (temporarily and for | |
82 | this boot only) redirects (i.e. symlinks) <filename>default.target</filename> to | |
83 | <filename>system-update.target</filename>, a special target that is pulls in the base system | |
84 | (i.e. <filename>sysinit.target</filename>, so that all file systems are mounted but little | |
85 | else) and the system update units.</para> | |
c5915c63 ZJS |
86 | </listitem> |
87 | ||
88 | <listitem> | |
89 | <para>The system now continues to boot into <filename>default.target</filename>, and thus | |
45f0c64e ZJS |
90 | into <filename>system-update.target</filename>. This target pulls in the system update unit, |
91 | which starts the system update script after all file systems have been mounted.</para> | |
92 | </listitem> | |
93 | ||
94 | <listitem> | |
95 | <para>As the first step, the update script should check if the | |
61233823 | 96 | <filename>/system-update</filename> symlink points to the location used by that update |
45f0c64e ZJS |
97 | script. In case it does not exists or points to a different location, the script must exit |
98 | without error. It is possible for multiple update services to be installed, and for multiple | |
99 | update scripts to be launched in parallel, and only the one that corresponds to the tool | |
100 | that <emphasis>created</emphasis> the symlink before reboot should perform any actions. It | |
101 | is unsafe to run multiple updates in parallel.</para> | |
c5915c63 ZJS |
102 | </listitem> |
103 | ||
104 | <listitem> | |
45f0c64e ZJS |
105 | <para>The update script should now do its job. If applicable and possible, it should |
106 | create a file system snapshot, then install all packages. | |
107 | After completion (regardless whether the update succeeded or failed) the machine | |
108 | must be rebooted, for example by calling <command>systemctl reboot</command>. | |
109 | In addition, on failure the script should revert to the old file system snapshot | |
110 | (without the symlink).</para> | |
c5915c63 ZJS |
111 | </listitem> |
112 | ||
113 | <listitem> | |
114 | <para>The system is rebooted. Since the <filename>/system-update</filename> symlink is gone, | |
115 | the generator won't redirect <filename>default.target</filename> after reboot and the | |
116 | system now boots into the default target again.</para> | |
117 | </listitem> | |
118 | </orderedlist> | |
119 | </refsect1> | |
120 | ||
121 | <refsect1> | |
122 | <title>Recommendations</title> | |
123 | ||
124 | <orderedlist> | |
125 | <listitem> | |
126 | <para>To make things a bit more robust we recommend hooking the update script into | |
127 | <filename>system-update.target</filename> via a <filename noindex='true'>.wants/</filename> | |
128 | symlink in the distribution package, rather than depending on <command>systemctl | |
129 | enable</command> in the postinst scriptlets of your package. More specifically, for your | |
130 | update script create a .service file, without [Install] section, and then add a symlink like | |
131 | <filename noindex='true'>/usr/lib/systemd/system-update.target.wants/foobar.service</filename> | |
132 | → <filename noindex='true'>../foobar.service</filename> to your package.</para> | |
133 | </listitem> | |
134 | ||
135 | <listitem> | |
45f0c64e ZJS |
136 | <para>Make sure to remove the <filename>/system-update</filename> symlink as early as |
137 | possible in the update script to avoid reboot loops in case the update fails.</para> | |
c5915c63 ZJS |
138 | </listitem> |
139 | ||
140 | <listitem> | |
45f0c64e ZJS |
141 | <para>Use <varname>FailureAction=reboot</varname> in the service file for your update script |
142 | to ensure that a reboot is automatically triggered if the update fails. | |
143 | <varname>FailureAction=</varname> makes sure that the specified unit is activated if your | |
144 | script exits uncleanly (by non-zero error code, or signal/coredump). If your script succeeds | |
145 | you should trigger the reboot in your own code, for example by invoking logind's | |
146 | <command>Reboot()</command> call or calling <command>systemct reboot</command>. See | |
c5915c63 ZJS |
147 | <ulink url="http://www.freedesktop.org/wiki/Software/systemd/logind">logind dbus API</ulink> |
148 | for details.</para> | |
149 | </listitem> | |
45f0c64e ZJS |
150 | |
151 | <listitem> | |
152 | <para>The update service should declare <varname>DefaultDependencies=false</varname>, | |
153 | and pull in any services it requires explicitly.</para> | |
154 | </listitem> | |
c5915c63 ZJS |
155 | </orderedlist> |
156 | </refsect1> | |
157 | ||
158 | <refsect1> | |
159 | <title>See also</title> | |
160 | ||
161 | <para> | |
162 | <ulink url="http://www.freedesktop.org/wiki/Software/systemd/SystemUpdates/">Implementing Offline System Updates</ulink>, | |
163 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
45f0c64e ZJS |
164 | <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>, |
165 | <citerefentry><refentrytitle>systemd-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, | |
0a07667d | 166 | <citerefentry project='mankier'><refentrytitle>dnf.plugin.system-upgrade</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
c5915c63 ZJS |
167 | </para> |
168 | </refsect1> | |
169 | </refentry> |