From 3be49f5d07907ac3b58e43ff791f04afc8eb7363 Mon Sep 17 00:00:00 2001 From: Matthias Reichl Date: Tue, 8 Oct 2019 13:49:41 +0200 Subject: [PATCH 1/8] busybox: create marker file if kernel ip configuration is used Signed-off-by: Matthias Reichl --- packages/sysutils/busybox/scripts/init | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/packages/sysutils/busybox/scripts/init b/packages/sysutils/busybox/scripts/init index c1587abb10..3f755efca5 100755 --- a/packages/sysutils/busybox/scripts/init +++ b/packages/sysutils/busybox/scripts/init @@ -1077,6 +1077,9 @@ for arg in $(cat /proc/cmdline); do bigfont=*) BIGFONT="${arg#*=}" ;; + ip=*) + KERNEL_IPCONFIG="yes" + ;; esac done @@ -1145,6 +1148,10 @@ if [ "$FLASH_NETBOOT" = "yes" ]; then echo "" > /sysroot/dev/.flash_netboot fi +if [ "$KERNEL_IPCONFIG" = "yes" ]; then + echo "" > /sysroot/dev/.kernel_ipconfig +fi + # swap can not be used over nfs.(see scripts/mount-swap) if [ "$STORAGE_NETBOOT" = "yes" ]; then echo "" > /sysroot/dev/.storage_netboot From 4159f973162d47911f309eb6444f6dbc2b79b5ec Mon Sep 17 00:00:00 2001 From: Matthias Reichl Date: Tue, 8 Oct 2019 14:37:19 +0200 Subject: [PATCH 2/8] connman: move host and resolver configuration to separate service Setup system hostname, /etc/resolv.conf and /etc/hosts in a service that can be run independently of connman. The volatile etc files are created in /run/libreelec instead of /run/connman so they can be modified similarily to standard linux installations with a writable /etc. Connman can then hook into that and move resolv.conf management to /run/connman/resolv.conf when it's started. If kernel IP configuration is used the resolv info from the kernel will be used to create resolv.conf. Users can also provide their own resolv.conf file in /storage/.config/resolv.conf which takes precedence over ther kernel info. If no resolv.conf info is present a fallback with use the Google nameservers is created (as before). Loopback network interface setup has been removed, this is already set up by systemd. Signed-off-by: Matthias Reichl --- packages/network/connman/package.mk | 9 ------- .../network/connman/scripts/connman-setup | 8 ++++++ .../network/connman/system.d/connman.service | 6 +---- .../systemd}/config/hosts.conf | 0 packages/sysutils/systemd/package.mk | 6 +++++ .../systemd/scripts/network-base-setup | 26 +++++++++++++++++++ .../systemd/system.d/network-base.service | 12 +++++++++ 7 files changed, 53 insertions(+), 14 deletions(-) rename packages/{network/connman => sysutils/systemd}/config/hosts.conf (100%) create mode 100755 packages/sysutils/systemd/scripts/network-base-setup create mode 100644 packages/sysutils/systemd/system.d/network-base.service diff --git a/packages/network/connman/package.mk b/packages/network/connman/package.mk index f3d971eeeb..69bd12703f 100644 --- a/packages/network/connman/package.mk +++ b/packages/network/connman/package.mk @@ -59,12 +59,6 @@ post_makeinstall_target() { mkdir -p $INSTALL/usr/lib/connman cp -P $PKG_DIR/scripts/connman-setup $INSTALL/usr/lib/connman - mkdir -p $INSTALL/etc - ln -sf /run/connman/resolv.conf $INSTALL/etc/resolv.conf - - # /etc/hosts must be writeable - ln -sf /run/connman/hosts $INSTALL/etc/hosts - mkdir -p $INSTALL/etc/connman cp ../src/main.conf $INSTALL/etc/connman sed -i $INSTALL/etc/connman/main.conf \ @@ -78,9 +72,6 @@ post_makeinstall_target() { -e "s|^# PersistentTetheringMode.*|PersistentTetheringMode = true|g" \ -e "s|^# NetworkInterfaceBlacklist = vmnet,vboxnet,virbr,ifb|NetworkInterfaceBlacklist = vmnet,vboxnet,virbr,ifb,docker,veth,zt|g" - mkdir -p $INSTALL/usr/config - cp $PKG_DIR/config/hosts.conf $INSTALL/usr/config - mkdir -p $INSTALL/usr/share/connman/ cp $PKG_DIR/config/settings $INSTALL/usr/share/connman/ } diff --git a/packages/network/connman/scripts/connman-setup b/packages/network/connman/scripts/connman-setup index b6388ed37e..16bc279ad2 100755 --- a/packages/network/connman/scripts/connman-setup +++ b/packages/network/connman/scripts/connman-setup @@ -15,3 +15,11 @@ else export CONNMAN_MAIN="--config=/etc/connman/main.conf" fi + +# switch resolv.conf management to connman and use current contents +# as a fallback +if [ -f /run/libreelec/resolv.conf ]; then + cat /run/libreelec/resolv.conf > /run/connman/resolv.conf +fi +rm -f /run/libreelec/resolv.conf +ln -s /run/connman/resolv.conf /run/libreelec/resolv.conf diff --git a/packages/network/connman/system.d/connman.service b/packages/network/connman/system.d/connman.service index f65dfa8e98..e9711abb77 100644 --- a/packages/network/connman/system.d/connman.service +++ b/packages/network/connman/system.d/connman.service @@ -3,7 +3,7 @@ Description=Connection service DefaultDependencies=false Conflicts=shutdown.target Before=network.target multi-user.target shutdown.target -After=dbus.service +After=dbus.service network-base.service Wants=network.target [Service] @@ -11,10 +11,6 @@ Type=dbus BusName=net.connman Restart=on-failure EnvironmentFile=-/run/libreelec/debug/connman.conf -ExecStartPre=-/bin/sh -c "echo -e 'nameserver 8.8.8.8\nnameserver 8.8.4.4' > /etc/resolv.conf" -ExecStartPre=-/bin/sh -c "cat /storage/.cache/hostname > /proc/sys/kernel/hostname" -ExecStartPre=-/bin/sh -c "cat /storage/.config/hosts.conf > /etc/hosts" -ExecStartPre=/sbin/ifconfig lo 127.0.0.1 netmask 255.0.0.0 up ExecStart=/bin/sh -c ". /usr/lib/connman/connman-setup; exec /usr/sbin/connmand -nr $CONNMAN_MAIN $CONNMAN_DEBUG" StandardOutput=null RestartSec=2 diff --git a/packages/network/connman/config/hosts.conf b/packages/sysutils/systemd/config/hosts.conf similarity index 100% rename from packages/network/connman/config/hosts.conf rename to packages/sysutils/systemd/config/hosts.conf diff --git a/packages/sysutils/systemd/package.mk b/packages/sysutils/systemd/package.mk index 9f79c815ed..4787293db9 100644 --- a/packages/sysutils/systemd/package.mk +++ b/packages/sysutils/systemd/package.mk @@ -208,6 +208,11 @@ post_makeinstall_target() { mkdir -p $INSTALL/usr/sbin cp $PKG_DIR/scripts/kernel-overlays-setup $INSTALL/usr/sbin + cp $PKG_DIR/scripts/network-base-setup $INSTALL/usr/sbin + + # /etc/resolv.conf and /etc/hosts must be writable + ln -sf /run/libreelec/resolv.conf $INSTALL/etc/resolv.conf + ln -sf /run/libreelec/hosts $INSTALL/etc/hosts # provide 'halt', 'shutdown', 'reboot' & co. ln -sf /usr/bin/systemctl $INSTALL/usr/sbin/halt @@ -268,4 +273,5 @@ post_install() { enable_service usercache.service enable_service kernel-overlays.service enable_service hwdb.service + enable_service network-base.service } diff --git a/packages/sysutils/systemd/scripts/network-base-setup b/packages/sysutils/systemd/scripts/network-base-setup new file mode 100755 index 0000000000..58b0ec557e --- /dev/null +++ b/packages/sysutils/systemd/scripts/network-base-setup @@ -0,0 +1,26 @@ +#!/bin/sh + +# setup hostname +if [ -f /storage/.cache/hostname ]; then + cat /storage/.cache/hostname > /proc/sys/kernel/hostname +fi + +# setup /etc/hosts +rm -f /run/libreelec/hosts +if [ -f /storage/.config/hosts.conf ]; then + cat /storage/.config/hosts.conf > /run/libreelec/hosts +fi + +# setup /etc/resolv.conf +rm -f /run/libreelec/resolv.conf +if [ -f /storage/.config/resolv.conf ]; then + cat /storage/.config/resolv.conf > /run/libreelec/resolv.conf +elif [ -f /dev/.kernel_ipconfig -a -f /proc/net/pnp ]; then + cat /proc/net/pnp > /run/libreelec/resolv.conf +else + cat << EOF > /run/libreelec/resolv.conf +nameserver 8.8.8.8 +nameserver 8.8.4.4 +EOF +fi + diff --git a/packages/sysutils/systemd/system.d/network-base.service b/packages/sysutils/systemd/system.d/network-base.service new file mode 100644 index 0000000000..bc2c15947c --- /dev/null +++ b/packages/sysutils/systemd/system.d/network-base.service @@ -0,0 +1,12 @@ +[Unit] +Description=Base Network Configuration +DefaultDependencies=no +After=local-fs.target systemd-tmpfiles-setup.service userconfig.service + +[Service] +Type=oneshot +ExecStart=/usr/sbin/network-base-setup +RemainAfterExit=yes + +[Install] +WantedBy=network.target From bee4bb3f4a4c71a273384f2cb70c65b4f1872446 Mon Sep 17 00:00:00 2001 From: Matthias Reichl Date: Tue, 8 Oct 2019 14:39:21 +0200 Subject: [PATCH 3/8] connman: disable service if ip configuration is used Signed-off-by: Matthias Reichl --- packages/network/connman/system.d/connman.service | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/network/connman/system.d/connman.service b/packages/network/connman/system.d/connman.service index e9711abb77..7ae77172e8 100644 --- a/packages/network/connman/system.d/connman.service +++ b/packages/network/connman/system.d/connman.service @@ -5,6 +5,7 @@ Conflicts=shutdown.target Before=network.target multi-user.target shutdown.target After=dbus.service network-base.service Wants=network.target +ConditionPathExists=!/dev/.kernel_ipconfig [Service] Type=dbus From 4f5fee765310e2a0b67713017fd9c54c443be8e0 Mon Sep 17 00:00:00 2001 From: Matthias Reichl Date: Tue, 8 Oct 2019 15:24:32 +0200 Subject: [PATCH 4/8] systemd: enable systemd-timesyncd when using kernel ip configuration connman's NTP client can't be used if it's not managing the network interface so use systemd's timesyncd as we already build it. timesyncd is automatically configured to use the NTP servers provided by kernel ip config, if they are missing the default fallback NTP servers (currently the ones from Google) are used. Users can also provide timesyncd configuration files via /storage/.config/timesyncd.conf.d/ eg to change the (fallback) servers. Signed-off-by: Matthias Reichl --- .../systemd/config/timesyncd.conf.d/README | 86 +++++++++++++++++++ packages/sysutils/systemd/package.mk | 4 + .../systemd/scripts/systemd-timesyncd-setup | 22 +++++ .../system.d/systemd-timesyncd-setup.service | 12 +++ .../depend-on-kernel-ip-config.conf | 3 + 5 files changed, 127 insertions(+) create mode 100644 packages/sysutils/systemd/config/timesyncd.conf.d/README create mode 100755 packages/sysutils/systemd/scripts/systemd-timesyncd-setup create mode 100644 packages/sysutils/systemd/system.d/systemd-timesyncd-setup.service create mode 100644 packages/sysutils/systemd/system.d/systemd-timesyncd.service.d/depend-on-kernel-ip-config.conf diff --git a/packages/sysutils/systemd/config/timesyncd.conf.d/README b/packages/sysutils/systemd/config/timesyncd.conf.d/README new file mode 100644 index 0000000000..17537eb0c4 --- /dev/null +++ b/packages/sysutils/systemd/config/timesyncd.conf.d/README @@ -0,0 +1,86 @@ +TIMESYNCD.CONF(5) timesyncd.conf TIMESYNCD.CONF(5) + +NAME + timesyncd.conf, timesyncd.conf.d - Network Time Synchronization + configuration files + +SYNOPSIS + /etc/systemd/timesyncd.conf + + /etc/systemd/timesyncd.conf.d/*.conf + + /run/systemd/timesyncd.conf.d/*.conf + + /usr/lib/systemd/timesyncd.conf.d/*.conf + +DESCRIPTION + These configuration files control NTP network time synchronization. See + systemd.syntax(5) for a general description of the syntax. + +CONFIGURATION DIRECTORIES AND PRECEDENCE + The default configuration is defined during compilation, so a + configuration file is only needed when it is necessary to deviate from + those defaults. By default, the configuration file in /etc/systemd/ + contains commented out entries showing the defaults as a guide to the + administrator. This file can be edited to create local overrides. + + When packages need to customize the configuration, they can install + configuration snippets in /usr/lib/systemd/*.conf.d/. Files in /etc/ + are reserved for the local administrator, who may use this logic to + override the configuration files installed by vendor packages. The main + configuration file is read before any of the configuration directories, + and has the lowest precedence; entries in a file in any configuration + directory override entries in the single configuration file. Files in + the *.conf.d/ configuration subdirectories are sorted by their filename + in lexicographic order, regardless of which of the subdirectories they + reside in. When multiple files specify the same option, for options + which accept just a single value, the entry in the file with the + lexicographically latest name takes precedence. For options which + accept a list of values, entries are collected as they occur in files + sorted lexicographically. It is recommended to prefix all filenames in + those subdirectories with a two-digit number and a dash, to simplify + the ordering of the files. + + To disable a configuration file supplied by the vendor, the recommended + way is to place a symlink to /dev/null in the configuration directory + in /etc/, with the same filename as the vendor configuration file. + +OPTIONS + The following settings are configured in the "[Time]" section: + + NTP= + A space-separated list of NTP server host names or IP addresses. + During runtime this list is combined with any per-interface NTP + servers acquired from systemd-networkd.service(8). + systemd-timesyncd will contact all configured system or + per-interface servers in turn until one is found that responds. + When the empty string is assigned, the list of NTP servers is + reset, and all assignments prior to this one will have no effect. + This setting defaults to an empty list. + + FallbackNTP= + A space-separated list of NTP server host names or IP addresses to + be used as the fallback NTP servers. Any per-interface NTP servers + obtained from systemd-networkd.service(8) take precedence over this + setting, as do any servers set via NTP= above. This setting is + hence only used if no other NTP server information is known. When + the empty string is assigned, the list of NTP servers is reset, and + all assignments prior to this one will have no effect. If this + option is not given, a compiled-in list of NTP servers is used + instead. + + RootDistanceMaxSec= + Maximum acceptable root distance. Takes a time value (in seconds). + Defaults to 5 seconds. + + PollIntervalMinSec=, PollIntervalMaxSec= + The minimum and maximum poll intervals for NTP messages. Each + setting takes a time value (in seconds). PollIntervalMinSec= must + not be smaller than 16 seconds. PollIntervalMaxSec= must be larger + than PollIntervalMinSec=. PollIntervalMinSec= defaults to 32 + seconds, and PollIntervalMaxSec= defaults to 2048 seconds. + +SEE ALSO + systemd(1), systemd-timesyncd.service(8), systemd-networkd.service(8) + +systemd 241 TIMESYNCD.CONF(5) diff --git a/packages/sysutils/systemd/package.mk b/packages/sysutils/systemd/package.mk index 4787293db9..b59f66d53c 100644 --- a/packages/sysutils/systemd/package.mk +++ b/packages/sysutils/systemd/package.mk @@ -209,6 +209,7 @@ post_makeinstall_target() { mkdir -p $INSTALL/usr/sbin cp $PKG_DIR/scripts/kernel-overlays-setup $INSTALL/usr/sbin cp $PKG_DIR/scripts/network-base-setup $INSTALL/usr/sbin + cp $PKG_DIR/scripts/systemd-timesyncd-setup $INSTALL/usr/sbin # /etc/resolv.conf and /etc/hosts must be writable ln -sf /run/libreelec/resolv.conf $INSTALL/etc/resolv.conf @@ -235,6 +236,7 @@ post_makeinstall_target() { ln -sf /storage/.config/logind.conf.d $INSTALL/etc/systemd/logind.conf.d safe_remove $INSTALL/etc/systemd/sleep.conf.d ln -sf /storage/.config/sleep.conf.d $INSTALL/etc/systemd/sleep.conf.d + ln -sf /storage/.config/timesyncd.conf.d $INSTALL/etc/systemd/timesyncd.conf.d safe_remove $INSTALL/etc/sysctl.d ln -sf /storage/.config/sysctl.d $INSTALL/etc/sysctl.d safe_remove $INSTALL/etc/tmpfiles.d @@ -274,4 +276,6 @@ post_install() { enable_service kernel-overlays.service enable_service hwdb.service enable_service network-base.service + enable_service systemd-timesyncd.service + enable_service systemd-timesyncd-setup.service } diff --git a/packages/sysutils/systemd/scripts/systemd-timesyncd-setup b/packages/sysutils/systemd/scripts/systemd-timesyncd-setup new file mode 100755 index 0000000000..eb9494ca5e --- /dev/null +++ b/packages/sysutils/systemd/scripts/systemd-timesyncd-setup @@ -0,0 +1,22 @@ +#!/bin/sh +KERNEL_NTP="${1:-/proc/net/ipconfig/ntp_servers}" +NTP_SERVERS="" +if [ -f /proc/net/ipconfig/ntp_servers ]; then + for srv in $(cat /proc/net/ipconfig/ntp_servers); do + if [ -n "$srv" -a "$srv" != "0.0.0.0" ]; then + if [ -z "$NTP_SERVERS" ]; then + NTP_SERVERS="$srv" + else + NTP_SERVERS="${NTP_SERVERS} $srv" + fi + fi + done + if [ -n "$NTP_SERVERS" ]; then + mkdir -p /run/systemd/timesyncd.conf.d/ + cat << EOF > /run/systemd/timesyncd.conf.d/kernel-ntp-servers.conf +[Time] +NTP=$NTP_SERVERS +EOF + fi +fi + diff --git a/packages/sysutils/systemd/system.d/systemd-timesyncd-setup.service b/packages/sysutils/systemd/system.d/systemd-timesyncd-setup.service new file mode 100644 index 0000000000..852492e3e9 --- /dev/null +++ b/packages/sysutils/systemd/system.d/systemd-timesyncd-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Setup NTP servers for timesyncd +DefaultDependencies=no +After=systemd-remount-fs.service systemd-sysusers.service + +[Service] +Type=oneshot +ExecStart=/usr/sbin/systemd-timesyncd-setup +RemainAfterExit=yes + +[Install] +WantedBy=sysinit.target diff --git a/packages/sysutils/systemd/system.d/systemd-timesyncd.service.d/depend-on-kernel-ip-config.conf b/packages/sysutils/systemd/system.d/systemd-timesyncd.service.d/depend-on-kernel-ip-config.conf new file mode 100644 index 0000000000..7a50036ce5 --- /dev/null +++ b/packages/sysutils/systemd/system.d/systemd-timesyncd.service.d/depend-on-kernel-ip-config.conf @@ -0,0 +1,3 @@ +[Unit] +ConditionPathExists=/dev/.kernel_ipconfig +After=systemd-timesyncd-setup.service network-base.service From 97e2c5204c037a9cd4753d4c68de32e593b58d3f Mon Sep 17 00:00:00 2001 From: Matthias Reichl Date: Tue, 8 Oct 2019 16:51:47 +0200 Subject: [PATCH 5/8] disable network online services when using kernel ip configuration Also drop Requisite on connman.service as it's not really needed (connman and network online services all have conditions on !/dev/.kernel_ipconfig) and it causes a dependency failed message as Requisites are evaluated before conditions. Signed-off-by: Matthias Reichl --- packages/mediacenter/kodi/system.d/kodi-waitonnetwork.service | 2 +- packages/network/connman/system.d/network-online.service | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/mediacenter/kodi/system.d/kodi-waitonnetwork.service b/packages/mediacenter/kodi/system.d/kodi-waitonnetwork.service index 555b8108a0..1c5a15e2c3 100644 --- a/packages/mediacenter/kodi/system.d/kodi-waitonnetwork.service +++ b/packages/mediacenter/kodi/system.d/kodi-waitonnetwork.service @@ -1,11 +1,11 @@ [Unit] Description=Wait on network -Requisite=connman.service After=connman.service Before=network-online.target DefaultDependencies=no Conflicts=shutdown.target ConditionPathExists=/storage/.cache/libreelec/network_wait +ConditionPathExists=!/dev/.kernel_ipconfig [Service] Type=oneshot diff --git a/packages/network/connman/system.d/network-online.service b/packages/network/connman/system.d/network-online.service index a6d42403f9..935f638938 100644 --- a/packages/network/connman/system.d/network-online.service +++ b/packages/network/connman/system.d/network-online.service @@ -1,10 +1,10 @@ [Unit] Description=Wait for network to be configured by ConnMan -Requisite=connman.service After=connman.service Before=network-online.target DefaultDependencies=no Conflicts=shutdown.target +ConditionPathExists=!/dev/.kernel_ipconfig [Service] Type=oneshot From 092e574f57cc5204ca8acda3168eb0e0e33d2f5a Mon Sep 17 00:00:00 2001 From: Matthias Reichl Date: Fri, 15 Nov 2019 17:01:04 +0100 Subject: [PATCH 6/8] systemd: add backport patch from PR 14040 This removes the root mount dependency on systemd-journal.socket and fixes drop-in loading for storage.mount. See https://github.com/systemd/systemd/pull/14040 Signed-off-by: Matthias Reichl --- ...pdate-exec-deps-on-mountinfo-changes.patch | 84 +++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 packages/sysutils/systemd/patches/systemd-0900-backport-do-not-update-exec-deps-on-mountinfo-changes.patch diff --git a/packages/sysutils/systemd/patches/systemd-0900-backport-do-not-update-exec-deps-on-mountinfo-changes.patch b/packages/sysutils/systemd/patches/systemd-0900-backport-do-not-update-exec-deps-on-mountinfo-changes.patch new file mode 100644 index 0000000000..0f422c9a8f --- /dev/null +++ b/packages/sysutils/systemd/patches/systemd-0900-backport-do-not-update-exec-deps-on-mountinfo-changes.patch @@ -0,0 +1,84 @@ +From 9074b57fd5a5c8ae20b15b59ed9abe9a7f0147b0 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 15 Nov 2019 14:00:54 +0100 +Subject: [PATCH] mount: do not update exec deps on mountinfo changes + +Fixes: #13978 +--- + src/core/mount.c | 42 ++++++++++++++++++++++++++++-------------- + 1 file changed, 28 insertions(+), 14 deletions(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 1d1d2683da4..dfed691c43f 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -550,6 +550,32 @@ static int mount_verify(Mount *m) { + return 0; + } + ++static int mount_add_non_exec_dependencies(Mount *m) { ++ int r; ++ assert(m); ++ ++ /* Adds in all dependencies directly responsible for ordering the mount, as opposed to dependencies ++ * resulting from the ExecContext and such. */ ++ ++ r = mount_add_device_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_mount_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_quota_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_default_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ return 0; ++} ++ + static int mount_add_extras(Mount *m) { + Unit *u = UNIT(m); + int r; +@@ -577,18 +603,6 @@ static int mount_add_extras(Mount *m) { + return r; + } + +- r = mount_add_device_dependencies(m); +- if (r < 0) +- return r; +- +- r = mount_add_mount_dependencies(m); +- if (r < 0) +- return r; +- +- r = mount_add_quota_dependencies(m); +- if (r < 0) +- return r; +- + r = unit_patch_contexts(u); + if (r < 0) + return r; +@@ -601,7 +615,7 @@ static int mount_add_extras(Mount *m) { + if (r < 0) + return r; + +- r = mount_add_default_dependencies(m); ++ r = mount_add_non_exec_dependencies(m); + if (r < 0) + return r; + +@@ -1574,7 +1588,7 @@ static int mount_setup_existing_unit( + + unit_remove_dependencies(u, UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT); + +- r = mount_add_extras(MOUNT(u)); ++ r = mount_add_non_exec_dependencies(MOUNT(u)); + if (r < 0) + return r; + } From dd6f2cfe5cf4b41c204fe1906e17facbbe111fc2 Mon Sep 17 00:00:00 2001 From: Matthias Reichl Date: Fri, 15 Nov 2019 17:04:59 +0100 Subject: [PATCH 7/8] systemd: prevent unmounting storage via umount.target /storage will be unmounted by systemd-shutdown, like /flash. As the squashfs root has several symlinks to /storage it should not be unmounted during the normal shutdown process. This prevents the symlinked files/directories vanishing too early and also removes the "unmount /storage failed" messages when netbooting. Signed-off-by: Matthias Reichl --- .../sysutils/systemd/system.d/storage.mount.d/dependencies.conf | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 packages/sysutils/systemd/system.d/storage.mount.d/dependencies.conf diff --git a/packages/sysutils/systemd/system.d/storage.mount.d/dependencies.conf b/packages/sysutils/systemd/system.d/storage.mount.d/dependencies.conf new file mode 100644 index 0000000000..911bbfa0ce --- /dev/null +++ b/packages/sysutils/systemd/system.d/storage.mount.d/dependencies.conf @@ -0,0 +1,2 @@ +[Unit] +DefaultDependencies=no From 29d9d08e4940519cc822db7e45522fb705ce0bce Mon Sep 17 00:00:00 2001 From: Matthias Reichl Date: Sat, 16 Nov 2019 15:37:41 +0100 Subject: [PATCH 8/8] init: don't mount nfs shares with soft option by default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Using the soft timeout option for NFS mounts is a really bad idea and the nfs(5) manpage explicitly warns about it's issues: NB: A so-called "soft" timeout can cause silent data corruption in certain cases. As such, use the soft op‐ tion only when client responsiveness is more important than data integrity. Using NFS over TCP or increasing the value of the retrans option may mitigate some of the risks of using the soft option. So don't enable it by default, anyone who feels keen to take the risk can specify it manually on kernel command line. Signed-off-by: Matthias Reichl --- packages/sysutils/busybox/scripts/init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/sysutils/busybox/scripts/init b/packages/sysutils/busybox/scripts/init index 3f755efca5..a5fb91b3ff 100755 --- a/packages/sysutils/busybox/scripts/init +++ b/packages/sysutils/busybox/scripts/init @@ -203,7 +203,7 @@ mount_nfs() { [ "$NFS_OPTIONS" = "$1" ] && NFS_OPTIONS= - mount_common "$NFS_EXPORT" "$2" "$3,nolock,soft,timeo=3,retrans=2,rsize=32768,wsize=32768,$NFS_OPTIONS" "nfs" + mount_common "$NFS_EXPORT" "$2" "$3,nolock,rsize=32768,wsize=32768,$NFS_OPTIONS" "nfs" } mount_ubifs() {