From patchwork Wed Sep 17 10:35:06 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "alexander.heinisch" X-Patchwork-Id: 4362 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 17 Sep 2025 12:35:40 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-wm1-f60.google.com (mail-wm1-f60.google.com [209.85.128.60]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 58HAZda0024649 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 17 Sep 2025 12:35:39 +0200 Received: by mail-wm1-f60.google.com with SMTP id 5b1f17b1804b1-45f29eb22f8sf17682305e9.0 for ; Wed, 17 Sep 2025 03:35:39 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1758105334; cv=pass; d=google.com; s=arc-20240605; b=ZcJvVc6R2ZE3rZiYNrbN93NLu1fR/6SLqYWLB1Nxg8qQwD/xPaeG9aA3xn8O205Ulr ojb64Djbd35qSxYfcmITcb83OQPtOM5G3iVQ0GeBUh3VSE3CMYlmcUn5ecfw2TZz3JuH 5sQMyVZNYk/0NCRpiEtSkhFoNmzI+tGfpJFKmCaQtTPI8cUG1z1spii42owkAWpnrAE1 Lud+5h2DxcHECCwL3LkShZKd8+aKyMUx/z8gjjZfZnQFSAuSknDh9cLVj1bSIcwnBsgV H3BoHUzoZd7SS/bgFcBQ2E350U8RE3KoCetY6K36KSh1zfGhzPIDMqzcXxR2joT1vaGJ ik6w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=k0UlFishxHtfm4iMH8AVpSM6T/RQaJLhJX96Snj0h8M=; fh=IU/3P2kr6Q6tSZ22KEXxENsUi5ADWrUKQvjfM/Xfv28=; b=ZkfXbh6eAN/dYRBSiicJDdlks48/AWH7Jnj6n8IxgeXRHp8PSl58ziZKTQzBWW7X5s wQKpFnTuCBEmq0myO0LVtiK7+9P8FNzQ4PEJ5aNHk5/wAsdHHX5Y9pM6V2eeBLucVlSn 2DCqz3raAJ48S5GDqzEuSuK6TmwsX/laEPw2rbtJN6A1JkocxRs5qMOlUSt3T9R3RftF vEdz9eimBiuunWGJroIbYZ1flr+jeXXYxoXxbxIZJUvwjl7qR/frWiVlrOYEwhC6Rnng Rv5aLzOa2oVCY9LSg/YIGvPlWkzaJn+5TXlzRWIslPZYjQQIiAVps7s6OvSRwAXj1kHo +rFw==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=EpDv7+yj; spf=pass (google.com: domain of fm-1330684-20250917103530bc02386f4f000207ed-fbhsep@rts-flowmailer.siemens.com designates 185.136.65.225 as permitted sender) smtp.mailfrom=fm-1330684-20250917103530bc02386f4f000207ed-fbhSEP@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1758105334; x=1758710134; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=k0UlFishxHtfm4iMH8AVpSM6T/RQaJLhJX96Snj0h8M=; b=WMDPpaHQTKXFTcVT3a3aOSogBhLViQA3wNiVxRMHvOMwS7x+pSsODNPx6p8YDF8ENq rg0fw0zOlxkw62Luc1f2Jcid8LNA+MmG1g++fvcHBuldO2ndhYnMtQlZdf0ns2HERFhf awlImQr/a0kfgHiy2luZAQTcvsEiJvkMWxfEY4oWTnC85USCct9JpC1+PjvkPFd970Q5 2BMsqSVncWqtPys7ux85qQ0hoBEWVC+TJlUPClwKECV4m/YiQlsnTtFhbYLBkmJrh0N3 3Fdu3Uk1hqTHUSREzuDQie4ikr5FCOkEEtOzXjGG+zjIKZPtZDJc5wSmJlb0rR6KXWjO 77pA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1758105334; x=1758710134; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=k0UlFishxHtfm4iMH8AVpSM6T/RQaJLhJX96Snj0h8M=; b=RBNzyRQvYoQH7IoyZ0cX8JUci7VZuR0OzyLgxESv3mZ27ZVTmlrA1+KDJi2lNeZ99e Ff+gubEQ6DODvPZRJvUHviPIUz4AUOZVz4gnXX0swbM/F3omp63+71/6OMWsVg5iSflY 3hf/M02Cuixd7cXtc0lh+LvgvfLE9i2lRd7JTDwX+lLU8n/Ijix8Ab163kUKaTACuveV zUZMigJuIiyH1hUY57tit0a3oMq1hrgoK8ZvguTsXQCvXgO67gVeylxzTi8eYjXv4ptD yI0f1AggxNSNXgO3uHnWYfD+/tYn5EJ/2MUgnMOuHtTOCcLSuX53KIxhi/qKbLpDDd0i yXZQ== X-Forwarded-Encrypted: i=2; AJvYcCWCy+UVUd+TLKrEXUPNx9tL0IWGIhInGCu5qU1AAFagqPZhpiyeRJ72rxMPEdEPmzvpE+AdZo0=@isar-build.org X-Gm-Message-State: AOJu0YyKDae5CeJJVM6u0U5LlEQsbDzMSWXl9qzvSQ4vIBG/npjLl930 uwArrAlzELxks2UQxn2NGxnUAXcAq5OT5YFjL4jsmNggqIYIYsWRTrin X-Google-Smtp-Source: AGHT+IHzKotq6nTmWzT7RsG6QzEBpvYTmbJQY3pexPZN4f1beF0yy8sGSEncWa/ofnpApb9CQAhraA== X-Received: by 2002:a05:600c:1551:b0:456:1a69:94fa with SMTP id 5b1f17b1804b1-46202a0e698mr14431275e9.13.1758105333662; Wed, 17 Sep 2025 03:35:33 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=ARHlJd6sCKFWLxBMaihKHsGROaauzX2oSp2L09+lV0EKLewjkQ== Received: by 2002:a05:600c:1c82:b0:45b:5fbd:3012 with SMTP id 5b1f17b1804b1-45e029f1e45ls36825075e9.1.-pod-prod-01-eu; Wed, 17 Sep 2025 03:35:31 -0700 (PDT) X-Received: by 2002:a5d:5d83:0:b0:3e8:f67:894a with SMTP id ffacd0b85a97d-3ecdf9b19b2mr1651011f8f.5.1758105330766; Wed, 17 Sep 2025 03:35:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1758105330; cv=none; d=google.com; s=arc-20240605; b=AhC8CtndniF4+E/R0knKB/7/htWmFQaAvcjJAwZzZCDfHztbZaHTykkpJHVyce05RY AakNnz9q5ZZ5EBbTRQ1ImVjcinoKDCJFhYYzcj2sgQtHTP6pTgkwkkivhNyBTGvMlbV8 +8opAirP+jGZdn88etFCZqpM6QdSsAeqLnrvHFxhqAEQnHY+GF1HZva426pwmKs7RfNW VmChPPi7v6penllI/sY5TC2OtQZEE0FnKt4xN41qp17uVHht6ZvY93RQgbeZaqakKGEl 9sQqQI4tEHsYfJNdmTqpgIbHnw4+fu0yIRZvMbcHEfsovEA7pWnAG7T8wTC1ARql09qa QIhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=0qylrD5gKm3rkKd2BECdIppAAX+OAxdCl8EqcdRopz8=; fh=Z5Qnyb0EtJ8UwrxkpbdSYE+xHzQI6qPfwJivtsUki18=; b=kHTV63lcCpgYoXX6p0g30/931C8ppJRmX9rHF3FV7s468g8YJ1GMEr7gBQY6KgsMON RgnheI9auM/MmskGNijAWLfkR8QkCwbHWhNu7PEeHs5PfgWQLs7T87d6qCT/4wJ+h8ni vRIUfK5Dqa50UmohxYAGl6zs87goez8KNNpR/Aw4vvk83DTU0qbfVTZEvk8rQOUkxkh0 BwLicreb/aS8mBfruCjGoovTsv4zd1/PR3JDcIIgSBab0WzonulLN6dXa9beTUVgabOG n2v0yfb1+nqRP9EKAqKyTHcgUnBSi27GTQ08iIMQVBCZL+oUCLB1i+p3vYGJXpMMkV5Q i9PA==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=EpDv7+yj; spf=pass (google.com: domain of fm-1330684-20250917103530bc02386f4f000207ed-fbhsep@rts-flowmailer.siemens.com designates 185.136.65.225 as permitted sender) smtp.mailfrom=fm-1330684-20250917103530bc02386f4f000207ed-fbhSEP@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-65-225.siemens.flowmailer.net (mta-65-225.siemens.flowmailer.net. [185.136.65.225]) by gmr-mx.google.com with ESMTPS id ffacd0b85a97d-3ea6f192487si187728f8f.5.2025.09.17.03.35.30 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Sep 2025 03:35:30 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1330684-20250917103530bc02386f4f000207ed-fbhsep@rts-flowmailer.siemens.com designates 185.136.65.225 as permitted sender) client-ip=185.136.65.225; Received: by mta-65-225.siemens.flowmailer.net with ESMTPSA id 20250917103530bc02386f4f000207ed for ; Wed, 17 Sep 2025 12:35:30 +0200 X-Patchwork-Original-From: "alexander.heinisch via isar-users" From: "alexander.heinisch" To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, felix.moessbauer@siemens.com, Alexander Heinisch Subject: [PATCH v3 2/2] classes/image-postproc: Enable systemd units based on systemd presets Date: Wed, 17 Sep 2025 12:35:06 +0200 Message-Id: <20250917103506.295010-3-alexander.heinisch@siemens.com> In-Reply-To: <20250917103506.295010-1-alexander.heinisch@siemens.com> References: <20250917103506.295010-1-alexander.heinisch@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1330684:519-21489:flowmailer X-Original-Sender: alexander.heinisch@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=EpDv7+yj; spf=pass (google.com: domain of fm-1330684-20250917103530bc02386f4f000207ed-fbhsep@rts-flowmailer.siemens.com designates 185.136.65.225 as permitted sender) smtp.mailfrom=fm-1330684-20250917103530bc02386f4f000207ed-fbhSEP@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: alexander.heinisch@siemens.com Reply-To: alexander.heinisch@siemens.com Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= From: Alexander Heinisch By default population of the presets is automatically done by systemd on first-boot. There were several issues with that: 1. The rootfs we get as a build artifact does not reflect the actual system running in the field. 2. For setups without writeable /etc this fails. With that addition it happens already at build time. Note: Additional services are enabled only. Services already enabled during the package installation won't be changed. Opt-out: `ROOTFS_FEATURES:remove = "populate-systemd-preset"` Signed-off-by: Alexander Heinisch --- RECIPE-API-CHANGELOG.md | 18 ++++++++++++++++++ meta/classes/image.bbclass | 1 + meta/classes/rootfs.bbclass | 6 ++++++ 3 files changed, 25 insertions(+) diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index 92e7811c..f2e21088 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -741,3 +741,21 @@ By setting `MS_TPM_20_REF_DIR` in an optee-ftpm recipe, it is now possible to use the new optee_ftpm code base from the OP-TEE project. That variable has to point to a subdir in `WORKDIR` which contains the unpacked ms-tpm-20-ref source code. + +### Populate systemd units based on presets during image postprocessing + +By default population of the presets is automatically done by systemd +on first-boot. + +There were several issues with that: + +1. The rootfs we get as a build artifact does not reflect the actual +system running in the field. + +2. For setups without writeable /etc this fails. With that addition +it happens already at build time. + +**Note**: Additional services are enabled only. Services already enabled +during the package installation won't be changed. + +Opt-out: `ROOTFS_FEATURES:remove = "populate-systemd-preset"` diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index d833564f..44b59420 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -73,6 +73,7 @@ ROOTFS_FEATURES += "\ export-dpkg-status \ clean-log-files \ clean-debconf-cache \ + populate-systemd-preset \ " # when using a custom initrd, do not generate one as part of the image rootfs ROOTFS_FEATURES += "${@ '' if d.getVar('INITRD_IMAGE') == '' else 'no-generate-initrd'}" diff --git a/meta/classes/rootfs.bbclass b/meta/classes/rootfs.bbclass index ebe3bf4a..fdfad2fa 100644 --- a/meta/classes/rootfs.bbclass +++ b/meta/classes/rootfs.bbclass @@ -15,6 +15,7 @@ ROOTFS_BASE_DISTRO ?= "${BASE_DISTRO}" # 'export-dpkg-status' - exports /var/lib/dpkg/status file to ${ROOTFS_DPKGSTATUS_DEPLOY_DIR} # 'clean-log-files' - delete log files that are not owned by packages # 'no-generate-initrd' - do not generate debian default initrd +# 'populate-systemd-preset' - enable systemd units according to systemd presets ROOTFS_FEATURES ?= "" ROOTFS_APT_ARGS="install --yes -o Debug::pkgProblemResolver=yes" @@ -429,6 +430,11 @@ rootfs_cleanup_base_apt() { EOSUDO } +ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'populate-systemd-preset', 'image_postprocess_populate_systemd_preset', '', d)}" +image_postprocess_populate_systemd_preset() { + sudo chroot '${ROOTFSDIR}' systemctl preset-all --preset-mode="enable-only" +} + do_rootfs_postprocess[vardeps] = "${ROOTFS_POSTPROCESS_COMMAND}" do_rootfs_postprocess[network] = "${TASK_USE_SUDO}" python do_rootfs_postprocess() {