systemd-sysext.service.d: add drop-in for OEM partition mount actions#69
Merged
pothos merged 1 commit intoflatcar-masterfrom Apr 25, 2022
Merged
systemd-sysext.service.d: add drop-in for OEM partition mount actions#69pothos merged 1 commit intoflatcar-masterfrom
pothos merged 1 commit intoflatcar-masterfrom
Conversation
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Apr 14, 2022
This pulls in flatcar/init#69 to restore the OEM partition mount point after the /usr overlay is done.
1 task
pothos
force-pushed
the
kai/sysext-oem-partition
branch
from
dc973c9 to
64558d5
Compare
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Apr 14, 2022
This pulls in flatcar/init#69 to restore the OEM partition mount point after the /usr overlay is done.
pothos
force-pushed
the
kai/sysext-oem-partition
branch
from
64558d5 to
50b473a
Compare
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Apr 22, 2022
This pulls in flatcar/init#69 to restore the OEM partition mount point after the /usr overlay is done.
jepio
reviewed
Apr 22, 2022
| @@ -0,0 +1,12 @@ | |||
| [Unit] | |||
| Before=oem-gce.service waagent.service amazon-ssm-agent.service vmtoolsd.service nvidia.service | |||
Member
There was a problem hiding this comment.
I don't understand why this is necessary - systemd-sysext is a Before=sysinit.target service so these should already be ordered correctly.
Member
Author
There was a problem hiding this comment.
Yes, it's not necessary at the moment, it's more a precaution in case DefaultDependencies=no would be used in one of them.
Member
Author
There was a problem hiding this comment.
I thought it would be good to have even if this workaround won't be needed for too long hopefully. I can add a comment.
Member
There was a problem hiding this comment.
Maybe you could also document how did you come up with this list?
Member
Author
There was a problem hiding this comment.
Actually it is required for oem-gce-enable-oslogin.service to prevent having it fail.
Yes, added coreos-overlay:coreos-base/oem-*/files/units/*service as a hint
pothos
force-pushed
the
kai/sysext-oem-partition
branch
from
50b473a to
c7d0fd9
Compare
krnowak
reviewed
Apr 22, 2022
| @@ -0,0 +1,12 @@ | |||
| [Unit] | |||
| Before=oem-gce.service waagent.service amazon-ssm-agent.service vmtoolsd.service nvidia.service | |||
Member
There was a problem hiding this comment.
Maybe you could also document how did you come up with this list?
When systemd-sysext sets up the new /usr mount, the OEM partition remains mounted but the mount point is not visible anymore. This breaks access to grub.cfg, oem-release, and any OEM tools. Add a drop-in for the systemd-sysext service to first unmount the OEM partition to prevent stale mounts from piling up that cause the usr-share-oem.mount unit to fail on stop, and then mount the OEM partition again when systemd-sysext did its work. At the moment a "ExecStopPre" action does not exist in systemd and luckily is not needed because systemd-sysext removes the OEM mount together with the overlay mounts. The lazy unmount makes it possible to unmount while a process from the OEM tools is running. In the future we can try to move the OEM mountpoint under /mnt or /run and make /usr/share/oem a symlink to it.
pothos
force-pushed
the
kai/sysext-oem-partition
branch
from
c7d0fd9 to
4671910
Compare
krnowak
approved these changes
Apr 22, 2022
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Apr 25, 2022
This pulls in flatcar/init#69 to restore the OEM partition mount point after the /usr overlay is done.
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Apr 25, 2022
This pulls in flatcar/init#69 to restore the OEM partition mount point after the /usr overlay is done.
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Apr 25, 2022
This pulls in flatcar/init#69 to restore the OEM partition mount point after the /usr overlay is done.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When systemd-sysext sets up the new /usr mount, the OEM partition
remains mounted but the mount point is not visible anymore. This breaks
access to grub.cfg, oem-release, and any OEM tools.
Add a drop-in for the systemd-sysext service to first unmount the OEM
partition to prevent stale mounts from piling up that cause the
usr-share-oem.mount unit to fail on stop, and then mount the OEM
partition again when systemd-sysext did its work. At the moment a
"ExecStopPre" action does not exist in systemd and luckily is not
needed because systemd-sysext removes the OEM mount together with the
overlay mounts. The lazy unmount makes it possible to unmount while a
process from the OEM tools is running.
How to use
Check whether the OEM remount interferes with the OEM tool startup
Testing done
Manually restarted systemd-sysext on Azure (process kept running), on GCE (couldn't test because GCE is broken at the moment, see Jeremi's PRs for the fix) and on VMware ESX (process kept running). The remount on boot was finished before the OEM services started.
changelog/directory (user-facing change, bug fix, security fix, update)↑ TODO in c-o