Support reading configs from /run/ignition and /etc/ignition/
#1891
Labels
jira
for syncing to jira
Comments
jlebon
added a commit
to jlebon/fedora-coreos-config
that referenced
this issue
Jun 18, 2024
systemd v256 now runs the initrd with `ProtectSystem=yes`, which makes `/usr` read-only: https://github.com/systemd/systemd/blob/07748c53df5a72111d8b3eef49d275210d6018cd/NEWS#L168-L175 This breaks coreos-ignition-setup-user which wants to copy the Ignition config to `/usr/lib/ignition`. I think the right fix for this is to have Ignition learn to also source from `/etc` and `/run`, which is the standard nowadays: coreos/ignition#1891 But for now at least, we can safely remount `/usr` read-write ourselves without affecting the rest of the system since we're already running with `MountFlags=slave`.
|
Maybe we could also completely move to |
jbtrystram
pushed a commit
to coreos/fedora-coreos-config
that referenced
this issue
Jun 19, 2024
systemd v256 now runs the initrd with `ProtectSystem=yes`, which makes `/usr` read-only: https://github.com/systemd/systemd/blob/07748c53df5a72111d8b3eef49d275210d6018cd/NEWS#L168-L175 This breaks coreos-ignition-setup-user which wants to copy the Ignition config to `/usr/lib/ignition`. I think the right fix for this is to have Ignition learn to also source from `/etc` and `/run`, which is the standard nowadays: coreos/ignition#1891 But for now at least, we can safely remount `/usr` read-write ourselves without affecting the rest of the system since we're already running with `MountFlags=slave`.
2 tasks
nikita-dubrovskii
added a commit
to nikita-dubrovskii/fedora-coreos-config
that referenced
this issue
Nov 5, 2024
Issue: coreos/ignition#1891 Fedora 41 comes with systemd-256, where /usr is read-only during initramfs time.
nikita-dubrovskii
added a commit
to nikita-dubrovskii/fedora-coreos-config
that referenced
this issue
Nov 5, 2024
Fedora 41 comes with systemd-256, where /usr is read-only during initramfs time. See similar issue description in coreos/ignition#1891
nikita-dubrovskii
added a commit
to nikita-dubrovskii/fedora-coreos-config
that referenced
this issue
Nov 5, 2024
Fedora 41 comes with systemd-256, where /usr is read-only during initramfs time. See similar issue description in coreos/ignition#1891
nikita-dubrovskii
added a commit
to nikita-dubrovskii/fedora-coreos-config
that referenced
this issue
Nov 6, 2024
Fedora 41 comes with systemd-256, where /usr is read-only during initramfs time. See similar issue description in coreos/ignition#1891
jlebon
pushed a commit
to coreos/fedora-coreos-config
that referenced
this issue
Nov 6, 2024
Fedora 41 comes with systemd-256, where /usr is read-only during initramfs time. See similar issue description in coreos/ignition#1891
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Starting from systemd v256, systemd units in the initramfs run with
ProtectSystem=by default. This means that/usris now mounted read-only there:https://github.com/systemd/systemd/blob/07748c53df5a72111d8b3eef49d275210d6018cd/NEWS#L168-L175
This breaks
coreos-ignition-setup-user.shwhich is used in various flows to copy the Ignition config to/usr/lib/ignition/.Let's have Ignition also support sourcing from
/runand/etc, which is standard nowadays for a lot of services. I thinkcoreos-ignition-setup-userwould probably want to use/etcsince it's lifecycled with the initramfs, so we don't have to worry about cleaning it up.The text was updated successfully, but these errors were encountered: