From patchwork Thu Jul 25 14:17:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Clara Kowalsky X-Patchwork-Id: 3719 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Thu, 25 Jul 2024 16:17:46 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-wm1-f60.google.com (mail-wm1-f60.google.com [209.85.128.60]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 46PEHjQW006641 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 25 Jul 2024 16:17:45 +0200 Received: by mail-wm1-f60.google.com with SMTP id 5b1f17b1804b1-42808efc688sf2104965e9.0 for ; Thu, 25 Jul 2024 07:17:45 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1721917060; cv=pass; d=google.com; s=arc-20160816; b=dg4aA6bcNsTJv2iH94ujARLxVph1KNMIw/Io2RV1n2aE/MxICtBP7hdz9A2b9lmyWB wDFV3a3KKwZv4xXn2klJuwQujKQ2oPQs6MlpHH8s2uagfaLeH7fh9SMCDOoRuofo9bM4 +XgLasSqYa8+QZg2+E8olhMDjqwpiI3tHfFNe9TqT1/cktRxOPDMjmuHsRtCTlA9Ks3K YkMkhm+KVugq4H9rExQqzSvhepmeZJ8LDSwGiHk1ghdVKRu/z7+KfALnPQVGrqRXKd69 p/D4wUfuXaPcho/8wlABD2u5/zUyG7EvHW9TLmLzF8YOqf2wOT+wir7fghAE8uc4bBpo LYNg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=AVWcUS08cbVMK5dt4YfenkCV+p8Fu3Nwci9ZgiUxXvU=; fh=PwDPI4WWqwVR4goEMSocqPBsemvEGEc6yaY+6/CAF9M=; b=p4iYj1AEaJIrXZgn82qSd8Tek9RLt13p7fjnsxhm+B8AVWfpBMembicWhe3Vu3e2m/ XjkTY2HiMIbvCB0l5jYIXtBSITxvHDs63U4aLuH0jUdkU8ZkBcLKu8rCdQpKfzq23g+a PZL2mcK+voykyHD4E8wLSfC36YQPBmIkvCp4YAytBeGaak4po5YGiCrjR32ZCNC38B4K LeQ/SVDB9AMy2+Mo+NherdLegjEr4ddQQPcETjGqosrCLMTJyM+zcwq3YDxHHPNlvdnM aKLJdr7JoTucrv2/vaCsTOdCyt19uHwiHiw3ldR5jS/hdMM/7ctcQuWJSscNpS06JQmD IjzA==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=NiHKVZrs; spf=pass (google.com: domain of fm-1047747-2024072514173795c4897121474e0106-vqfz9w@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1047747-2024072514173795c4897121474e0106-VQFz9W@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1721917060; x=1722521860; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:message-id:date:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=AVWcUS08cbVMK5dt4YfenkCV+p8Fu3Nwci9ZgiUxXvU=; b=f+DFQd8CnEsaDwbuROgSoETZpxF/6HrEGUx31MnDrHAv+jxMCNHtEv3Qpk2SyNrnI2 5Z5wD3WTUvEQCmQDgzZLp6tf6YyZxAeabdRkWJSEcjTIWrXS4tLT/GBO2uEplpJqlpwc VVABQstT7SY58N+Q3F0T3UILExU2RNsG8XPFg2a3d6rNxCey8EddtAu0Y1A+rk63cwL/ lWicxHMzVVgfYuaOzr5gQsUzUAOQofekIlUoItGUTC1vyNfApTr55NawQk4IFD4GhJXz CINpb+WkYpq1ddfM4AFcCadjvthZQFuAmL/FdIbRbJW9snn4D8vBAKdDlYav0SHLVQ/e sulw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721917060; x=1722521860; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:message-id:date:subject:cc:to:from:x-beenthere :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=AVWcUS08cbVMK5dt4YfenkCV+p8Fu3Nwci9ZgiUxXvU=; b=DtoMMYu4DR+Jx6GA+zkboyoGsAMlzFh2e/F1FJ4O7+g9sKj55yLt0xjF749bZc+l/Y 6crJjuYLkWgdgTEqcIrMcMPincQcf3OEO4PuBb8ERlIyuis3WqAk77AxN0bMpRgb3mBa dCBNknTtLvnqnXdDGiu625Ee/TDuQRrsi39CNsOJ2Lzr/KzNaGOnjE71NA/Of7aQbkCH OnwKOVFuf+jpU1rqZtjMI9VlrJsf5JmV/6E4jZ7BCTFXxUmNVWR9wk6VPjbUbaMJ9scW bfg/Fv646rvPXRCdZR35okTNxDSu5k9QW3rD8bsOg3mOKKN4LT/KAqPMSrJHoW/DWRoE Mu8Q== X-Forwarded-Encrypted: i=2; AJvYcCXOPtHVYIXiajO0QxWypW8KIQ/q4kakV0gK5CtvX89gATvcIqG6mrVnOCO0e5A5MQBzLrM8fV7ZhYbE/TX6YrvVrEz+OUA= X-Gm-Message-State: AOJu0Yyi1j7k59ggzjGffIN6GU8gv8GoPPEsVOmmYQLI3VbRk6fmEa41 dJj1ghlR1eRopuKVWWgQbPGxNXYYeVJIfBoujLW23OaJQaIG9h/G X-Google-Smtp-Source: AGHT+IHXi8TYaqzgQDvnnUVjOUmeTIhrNenjBrhl1QIkjfhn3qlyEmw0+lYfKuZ7ZivdPA0/uO6SmA== X-Received: by 2002:a05:600c:4e8d:b0:427:d8fd:42a9 with SMTP id 5b1f17b1804b1-4280571e364mr19010795e9.22.1721917059410; Thu, 25 Jul 2024 07:17:39 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:600c:3ca3:b0:426:6eba:e1f4 with SMTP id 5b1f17b1804b1-4280386beabls4539815e9.0.-pod-prod-02-eu; Thu, 25 Jul 2024 07:17:38 -0700 (PDT) X-Received: by 2002:a05:600c:19cd:b0:426:66a2:b200 with SMTP id 5b1f17b1804b1-428053c0403mr17452905e9.0.1721917057629; Thu, 25 Jul 2024 07:17:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1721917057; cv=none; d=google.com; s=arc-20160816; b=hCaqS/auGzb04+kwPPSKgTyr8ElM4WihE7G7IhDlgBUZWooGhtue6YwAN69SQ8aYxu lVb3xxSDp0PaaZNEnlB/NgGwTsQANJhqcJZUW3KeKQQ4bQMYQaWnpRj9zNlhB6/VEfuw 5Z12EdbwGaKhs+cS0PrhlMV4wVIDxf/YwMdRm8o3U0+DHSigYkTjzNA8ePDg/v8wUfzn IBnk/fVuYLIPhzY8MNaLioIcLeaqxOemjEoTeTYQ3HWF9TQFccaacdhgYDfyu8oYv914 sV2Xf2BpipDjmeIx63bj6KGzB7BAvkSeR08GZQocamOKLD72TCVjDJj1fBwFHyWg6xzk SwDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=feedback-id:content-transfer-encoding:mime-version:message-id:date :subject:cc:to:from:dkim-signature; bh=ucgAQSSQPOPNH6SqSMVqV28oqK4c5Su2gDIUyJ63SG8=; fh=a/whyPBaBHcGEIUHNzsYkldQWeziqq3pHW0lRWinC6c=; b=jmZBLWQpnEREu8ulEPNVnDz9iFRiXuu1loTzzoJyneZjiDUe8heJu5HVgybPFlJ7eN Og9ibH+k5YhHc3uAb8sx+aVUk55uMkzaKGB4DUhRPVb9p90XNH1xlqX4mCjbG2ZRRmnF 3xUs6wmaxUWcI4bYiX8RajBOyx03H1ti5DDlqpXYn6HldCRBT8dBYkXImq0bsRVnBEC8 5foCYE8voumhqsgDDMUBcC4LvgIRavuoI5Y+w1wTx5aIH23HyozMCalRI8+k9xnLj14L 1kIieZLrHxMKuvvZNNXONwSWtKvkjLNsCJm/F5F+aq4szapnZlL6nbN6siLq5R/BJ/0D Hv/g==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=NiHKVZrs; spf=pass (google.com: domain of fm-1047747-2024072514173795c4897121474e0106-vqfz9w@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1047747-2024072514173795c4897121474e0106-VQFz9W@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net. [185.136.64.228]) by gmr-mx.google.com with ESMTPS id ffacd0b85a97d-36b36836a17si34537f8f.5.2024.07.25.07.17.37 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 25 Jul 2024 07:17:37 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1047747-2024072514173795c4897121474e0106-vqfz9w@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) client-ip=185.136.64.228; Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 2024072514173795c4897121474e0106 for ; Thu, 25 Jul 2024 16:17:37 +0200 X-Patchwork-Original-From: "'Clara Kowalsky' via isar-users" From: Clara Kowalsky To: isar-users@googlegroups.com Cc: quirin.gylstorff@siemens.com, Clara Kowalsky Subject: [PATCH v3] expand-on-first-boot: Ensure that /tmp is writable Date: Thu, 25 Jul 2024 16:17:29 +0200 Message-Id: <20240725141729.1344298-1-clara.kowalsky@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1047747:519-21489:flowmailer X-Original-Sender: clara.kowalsky@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=NiHKVZrs; spf=pass (google.com: domain of fm-1047747-2024072514173795c4897121474e0106-vqfz9w@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1047747-2024072514173795c4897121474e0106-VQFz9W@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Clara Kowalsky Reply-To: Clara Kowalsky Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= By setting PrivateTmp, a new file system namespace is created for this service and private /tmp//tmp and /var/tmp//tmp subdirectories are mounted, which are only used for processes of this namespace. The service unit receives a mount unit dependency for all mounts required to access /tmp and /var/tmp. This ensures that the /tmp directory is writable for the service, as mktemp is used in expand-last-partition.sh and creates a temporary file. Signed-off-by: Clara Kowalsky --- .../expand-on-first-boot/files/expand-on-first-boot.service | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service b/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service index 90c92a39..8e76998b 100644 --- a/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service +++ b/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service @@ -16,6 +16,7 @@ Type=oneshot ExecStart=/usr/share/expand-on-first-boot/expand-last-partition.sh ExecStartPost=-/bin/systemctl disable expand-on-first-boot.service ExecStopPost=-/bin/systemctl disable expand-on-first-boot.service +PrivateTmp=true [Install] WantedBy=sysinit.target