From patchwork Wed Jul 24 13:39:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Clara Kowalsky X-Patchwork-Id: 3716 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 24 Jul 2024 15:39:54 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-lf1-f61.google.com (mail-lf1-f61.google.com [209.85.167.61]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 46ODdrZl032724 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 24 Jul 2024 15:39:53 +0200 Received: by mail-lf1-f61.google.com with SMTP id 2adb3069b0e04-52f0258b020sf3783908e87.0 for ; Wed, 24 Jul 2024 06:39:53 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1721828388; cv=pass; d=google.com; s=arc-20160816; b=WaLk8VFsJLOuFlZgcS491HXcLiIuUYGmTwftWgouNZe9CIPIv8np6p15jDFT+1VUOn y/Vt3k3PWDV1LIWq8/BWoLSgCqfsUeAu2+I8enN2nz8OEFxhjZhcpkiHsVWDVERX7ub/ IgHFZOQiAcUrxLIzgfjQ+ot2GJLrLjM30611GJQFTOGKnN2tv4JPuI7dwdyTx6NDtbpP CmuLXwtjXca2cXxgt7lWbkkTTBtZyo0Z9lfzjiG+WmMXqim6aEbb1RMNBduLFfnUYhnU Xa2EM8zA6c/SyQAa3hJ3tcJn8OkRdH2q3dic7/tItERax2IgdmO/B4MiMmOXZAvqa86I x1aA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=TPL2dE/x1eU1Y38ICXXE7CJBYbJFjrGswolEj5xm7rc=; fh=4STzq4agt3LUNXI8EhKqWPzWenFUYIyxdq/QHjbV3LU=; b=hgUsYWFiOklmVvB9skYt8qo+m9t8+ob+uN/7NlQJ4t02ZyUn25oO5AEhXS9tV2otli YfN1Po8bCLlegFCEi1UAQYfQ6Qa0izpZblWG0R6W/4Ozd3DAnssajrfhb16AArbUtbgw x4o9j3MJ6dGcCdV4kOts0syGbCnbgiaUeKbrfu97ywz/uga21xDkdzT5GDZsT+K5CHx+ D0onLPqyMlUQSXyA8rCYYkSaVvO11MHU+lXEfoeYb6EJsKOsIf3Jfj7CS+akhAhwNhVS QrsKhidXKUpL09RLc8fd4MNIbktb8h1ENvVlDP9YmNVUA0XSfIdx0DHGzNs6Pnd0zNrS ghdg==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=uvTRk6IG; spf=pass (google.com: domain of fm-1047747-2024072413394453763bc8000127b960-ies1_p@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1047747-2024072413394453763bc8000127b960-Ies1_P@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1721828388; x=1722433188; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:message-id:date:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=TPL2dE/x1eU1Y38ICXXE7CJBYbJFjrGswolEj5xm7rc=; b=JfuoWA0eLxQSnVZit+DfLo6sQRfIkeU70z3TxX9aMZryy9+ezvoKNesqOEdUEcsPRp FDfI9iIUwe2d30VNCl09dtBlXMazWFoAU76+z94qvBh7h5Q8aMYDKTAmoBFAvc11yhsH FywLgIzH8DXX1f9hmi84nBIiLJeVQPwIgU8ffQw6QnwSiF13uIKlfITMnzaU8oq67Ezw fEhUyqGkPqHjaXuh2cIGQIQIbwUiuorvdbogFv5i7mFJCvCbdF8JNF/iGpdKKAOJjfzZ /g2pPYrSuaMR3Wtli1mgJVmLGP08X7XGPuY/Dz3bjXkS4I4owJjk5LxdzK/PY/+wEFhX Q15g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721828388; x=1722433188; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:message-id:date:subject:cc:to:from:x-beenthere :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=TPL2dE/x1eU1Y38ICXXE7CJBYbJFjrGswolEj5xm7rc=; b=oTGE57T4Db3JW3rgpUBughfc5UfEpKpc3Ry/3xg/zTpe/znL7XW4vbllrRtA5Lv/X+ Ek/GLCkEiQuZpJJWiTLYh83MDmQqvulJs0Id8HfjrIVyOYcivCX6IkoVCmvNP9ReKfwK HJv+VVMSTsbgpbYrWSoM9+4NKp6H3JcseoXgFNKhSXYDG+bTWyW9Sqdlwq3amajiTEfq g9b23lXmvTyn2tmAdELA4rAcRThXwwxR9KpM4Z71b27Ea1WPLbvqbXyz5HapvYtc5JGl PS8Nu85URKUJxc+4ikvXvMRJMmzSLAhPgnTTDjhU04me6qPToFkdOAqgmiN4SJWXpm5c QHsg== X-Forwarded-Encrypted: i=2; AJvYcCVNGaCyCf7I8Krta0BzSebrUQ2dU4Yg3PVKyyZxSfZwsaGU0l7ils3CODmhhKfQIyPPLSlnia2PAzfxUNlnV0GjWaf1lq4= X-Gm-Message-State: AOJu0YypHBJa12EnzPIbpL1VMA6X3Tj5jwXIDe2OuiU4E6WEFODPRLJU pQ2jCrXsFhW+ZhsEy6x81rGMHOG7ilJqY7e83yRoLVqaZSeY+nzO X-Google-Smtp-Source: AGHT+IFkRjFnZbkk7zcXUikBg6YuNqECvgf8Qd4/QY8X2BZPctj9/sWg4HoQZy4/WRY5E5Y5zn5G5Q== X-Received: by 2002:a05:6512:1247:b0:52f:2ea:499f with SMTP id 2adb3069b0e04-52fc4047b36mr4589062e87.24.1721828386999; Wed, 24 Jul 2024 06:39:46 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6512:3189:b0:52f:cbbe:1afc with SMTP id 2adb3069b0e04-52fcbbe1d5fls739154e87.2.-pod-prod-09-eu; Wed, 24 Jul 2024 06:39:45 -0700 (PDT) X-Received: by 2002:a05:6512:684:b0:52e:9670:e40b with SMTP id 2adb3069b0e04-52fc404f3f7mr4520834e87.39.1721828385020; Wed, 24 Jul 2024 06:39:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1721828385; cv=none; d=google.com; s=arc-20160816; b=vdUSljQcI863q+GfRcN3iwZmW922BBTGaWE4nkYPFLTflMEjpcUNIu4PUa4EycyfcZ 0mC6aOrdEShdLIn3g7H87EjZFi22xW9ZkD5aP+Y0HomGaq8BG+/jO07r3mqqlQ2ljq6+ XTrG8OtGQAewRg29i94O9ecLL0Y4rMO+eWsFS2ZEbDurYeD4/E3JIG/f7L0hFIZSKret LhGNpzCZ4k3+/0nZeXSB5dQd4CkxVWgbXeqm8QXVCZYMT8FHceTAWeXh6TMGxMeDINaa LrptIcU5Gkrzpm7GRZwrDjk3PHm3E4w/EqQNvS5M0U9d4cLd47fnkRPzbE1LSh9YVmFN t17A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=feedback-id:content-transfer-encoding:mime-version:message-id:date :subject:cc:to:from:dkim-signature; bh=G5MQIMwzRsMa/Mi1UjyeVF7Y6g2m5edGqhN65mqUX8Q=; fh=a/whyPBaBHcGEIUHNzsYkldQWeziqq3pHW0lRWinC6c=; b=qMwe4xnoW6XAgnJG8GaxoPsshdRDM4Z6BciejxP8x1ZQ/yBFsB/Ax+bvha86VTQGfI FyDvcJxk5P5upSvR2ApVyI2HNKYNTqF9cADSwyhvvM9Yfd78cmwCKORvCadLr2mRC76s NSzrXbsvozuB/jBegJMbxIhVQw7dTW9VxK7kNBTKS/fg+3hAjlgpK0S2GjISiXHrhpSm pDLBvw6PfDgpTfgSKrVFlYI4FueNIhzWAyK1sKi9rep4MpTvaTLpASqnp7hfFTkx5KN7 Bi11rfZnLsOK/WCxGZQyAHLUeeUdZgDz0M3aQzMfHAkTBH9IZlyhLtkYl9CoTmBk0SCM J5Yw==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=uvTRk6IG; spf=pass (google.com: domain of fm-1047747-2024072413394453763bc8000127b960-ies1_p@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1047747-2024072413394453763bc8000127b960-Ies1_P@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net. [185.136.65.227]) by gmr-mx.google.com with ESMTPS id 2adb3069b0e04-52f003c15adsi173843e87.5.2024.07.24.06.39.44 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 24 Jul 2024 06:39:45 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1047747-2024072413394453763bc8000127b960-ies1_p@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) client-ip=185.136.65.227; Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 2024072413394453763bc8000127b960 for ; Wed, 24 Jul 2024 15:39:44 +0200 X-Patchwork-Original-From: "'Clara Kowalsky' via isar-users" From: Clara Kowalsky To: isar-users@googlegroups.com Cc: quirin.gylstorff@siemens.com, Clara Kowalsky Subject: [PATCH v3] expand-on-first-boot: Ensure that /tmp is writable Date: Wed, 24 Jul 2024 15:39:38 +0200 Message-Id: <20240724133938.1298789-1-clara.kowalsky@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1047747:519-21489:flowmailer X-Original-Sender: clara.kowalsky@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=uvTRk6IG; spf=pass (google.com: domain of fm-1047747-2024072413394453763bc8000127b960-ies1_p@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1047747-2024072413394453763bc8000127b960-Ies1_P@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Clara Kowalsky Reply-To: Clara Kowalsky Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= By setting PrivateTmp, a new file system namespace is created for this service and private /tmp//tmp and /var/tmp//tmp subdirectories are mounted, which are only used for processes of this namespace. The service unit receives a mount unit dependency for all mounts required to access /tmp and /var/tmp. This ensures that the /tmp directory is writable for the service, as mktemp is used in expand-last-partition.sh and creates a temporary file. --- .../expand-on-first-boot/files/expand-on-first-boot.service | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service b/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service index 90c92a39..8e76998b 100644 --- a/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service +++ b/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service @@ -16,6 +16,7 @@ Type=oneshot ExecStart=/usr/share/expand-on-first-boot/expand-last-partition.sh ExecStartPost=-/bin/systemctl disable expand-on-first-boot.service ExecStopPost=-/bin/systemctl disable expand-on-first-boot.service +PrivateTmp=true [Install] WantedBy=sysinit.target