From 1b511990e3c4c4c718c843658f1cc687c0b68021 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= <sairon@users.noreply.github.com>
Date: Wed, 19 Feb 2025 15:33:16 +0100
Subject: [PATCH] Allow overriding sysctl parameters via /etc/sysctl.d files
 (#3883)

Relocate current content of /etc/sysctl.d to /usr/lib and make the /etc folder
writable via a bind mount.
---
 .../rootfs-overlay/etc/sysctl.d/.empty             |  0
 .../{etc => usr/lib}/sysctl.d/10-printk.conf       |  0
 .../{etc => usr/lib}/sysctl.d/15-vm.conf           |  0
 .../{etc => usr/lib}/sysctl.d/20-network.conf      |  0
 .../{etc => usr/lib}/sysctl.d/30-cp15barrier.conf  |  0
 .../lib}/sysctl.d/60-otbr-ancillary-buffer.conf    |  0
 .../lib}/sysctl.d/60-otbr-ip-forward.conf          |  0
 .../usr/lib/systemd/system/etc-sysctl.d.mount      | 14 ++++++++++++++
 8 files changed, 14 insertions(+)
 create mode 100644 buildroot-external/rootfs-overlay/etc/sysctl.d/.empty
 rename buildroot-external/rootfs-overlay/{etc => usr/lib}/sysctl.d/10-printk.conf (100%)
 rename buildroot-external/rootfs-overlay/{etc => usr/lib}/sysctl.d/15-vm.conf (100%)
 rename buildroot-external/rootfs-overlay/{etc => usr/lib}/sysctl.d/20-network.conf (100%)
 rename buildroot-external/rootfs-overlay/{etc => usr/lib}/sysctl.d/30-cp15barrier.conf (100%)
 rename buildroot-external/rootfs-overlay/{etc => usr/lib}/sysctl.d/60-otbr-ancillary-buffer.conf (100%)
 rename buildroot-external/rootfs-overlay/{etc => usr/lib}/sysctl.d/60-otbr-ip-forward.conf (100%)
 create mode 100644 buildroot-external/rootfs-overlay/usr/lib/systemd/system/etc-sysctl.d.mount

diff --git a/buildroot-external/rootfs-overlay/etc/sysctl.d/.empty b/buildroot-external/rootfs-overlay/etc/sysctl.d/.empty
new file mode 100644
index 000000000..e69de29bb
diff --git a/buildroot-external/rootfs-overlay/etc/sysctl.d/10-printk.conf b/buildroot-external/rootfs-overlay/usr/lib/sysctl.d/10-printk.conf
similarity index 100%
rename from buildroot-external/rootfs-overlay/etc/sysctl.d/10-printk.conf
rename to buildroot-external/rootfs-overlay/usr/lib/sysctl.d/10-printk.conf
diff --git a/buildroot-external/rootfs-overlay/etc/sysctl.d/15-vm.conf b/buildroot-external/rootfs-overlay/usr/lib/sysctl.d/15-vm.conf
similarity index 100%
rename from buildroot-external/rootfs-overlay/etc/sysctl.d/15-vm.conf
rename to buildroot-external/rootfs-overlay/usr/lib/sysctl.d/15-vm.conf
diff --git a/buildroot-external/rootfs-overlay/etc/sysctl.d/20-network.conf b/buildroot-external/rootfs-overlay/usr/lib/sysctl.d/20-network.conf
similarity index 100%
rename from buildroot-external/rootfs-overlay/etc/sysctl.d/20-network.conf
rename to buildroot-external/rootfs-overlay/usr/lib/sysctl.d/20-network.conf
diff --git a/buildroot-external/rootfs-overlay/etc/sysctl.d/30-cp15barrier.conf b/buildroot-external/rootfs-overlay/usr/lib/sysctl.d/30-cp15barrier.conf
similarity index 100%
rename from buildroot-external/rootfs-overlay/etc/sysctl.d/30-cp15barrier.conf
rename to buildroot-external/rootfs-overlay/usr/lib/sysctl.d/30-cp15barrier.conf
diff --git a/buildroot-external/rootfs-overlay/etc/sysctl.d/60-otbr-ancillary-buffer.conf b/buildroot-external/rootfs-overlay/usr/lib/sysctl.d/60-otbr-ancillary-buffer.conf
similarity index 100%
rename from buildroot-external/rootfs-overlay/etc/sysctl.d/60-otbr-ancillary-buffer.conf
rename to buildroot-external/rootfs-overlay/usr/lib/sysctl.d/60-otbr-ancillary-buffer.conf
diff --git a/buildroot-external/rootfs-overlay/etc/sysctl.d/60-otbr-ip-forward.conf b/buildroot-external/rootfs-overlay/usr/lib/sysctl.d/60-otbr-ip-forward.conf
similarity index 100%
rename from buildroot-external/rootfs-overlay/etc/sysctl.d/60-otbr-ip-forward.conf
rename to buildroot-external/rootfs-overlay/usr/lib/sysctl.d/60-otbr-ip-forward.conf
diff --git a/buildroot-external/rootfs-overlay/usr/lib/systemd/system/etc-sysctl.d.mount b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/etc-sysctl.d.mount
new file mode 100644
index 000000000..73aad40b4
--- /dev/null
+++ b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/etc-sysctl.d.mount
@@ -0,0 +1,14 @@
+[Unit]
+Description=Kernel persistent sysctl.d
+Requires=mnt-overlay.mount
+After=mnt-overlay.mount
+Before=systemd-sysctl.service
+
+[Mount]
+What=/mnt/overlay/etc/sysctl.d
+Where=/etc/sysctl.d
+Type=None
+Options=bind
+
+[Install]
+WantedBy=hassos-bind.target