diff options
| author | Johannes Schneider <johannes.schneider@leica-geosystems.com> | 2025-05-31 13:00:22 +0200 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2025-06-09 21:24:18 -0700 |
| commit | c8cfd6fe202e57a54ab8b44b0cf73fc61e30b4b3 (patch) | |
| tree | f80537e099fba95a24313c06f6c8535ed41456d9 | |
| parent | e740140323100fa97d5beda26b1bae008dd8c8fe (diff) | |
| download | meta-openembedded-c8cfd6fe202e57a54ab8b44b0cf73fc61e30b4b3.tar.gz | |
classes: add a systemd-sysext image class
systemd-sysext can load a raw-image containing usr/ and opt/ folders
to mount them as RO overlay over the rootfs, to "extend" the systems.
This class provides the necessary changes/additions to the enclosed
filesystem so that systemd-sysext accepts the extension for "merge"
into the rootfs.
With such a created image, placed into the correct folder (see [1]),
`systemd-sysext list` should be able to list the "extension" and
`systemd-sysext merge` should enable the overlay. On both commands a
preceding "SYSTEMD_LOG_LEVEL=debug" can aide in figuring out what is
amiss.
Link: https://www.freedesktop.org/software/systemd/man/latest/systemd-sysext.html
Link: https://0pointer.net/blog/testing-my-system-code-in-usr-without-modifying-usr.html
Signed-off-by: Johannes Schneider <johannes.schneider@leica-geosystems.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| -rw-r--r-- | meta-oe/classes/sysext-image.bbclass | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/meta-oe/classes/sysext-image.bbclass b/meta-oe/classes/sysext-image.bbclass new file mode 100644 index 0000000000..4d97b59ce3 --- /dev/null +++ b/meta-oe/classes/sysext-image.bbclass | |||
| @@ -0,0 +1,76 @@ | |||
| 1 | # | ||
| 2 | # Copyright OpenEmbedded Contributors | ||
| 3 | # | ||
| 4 | # SPDX-License-Identifier: MIT | ||
| 5 | # | ||
| 6 | |||
| 7 | # System extension images may – dynamically at runtime — extend the | ||
| 8 | # /usr/ and /opt/ directory hierarchies with additional files. This is | ||
| 9 | # particularly useful on immutable system images where a /usr/ and/or | ||
| 10 | # /opt/ hierarchy residing on a read-only file system shall be | ||
| 11 | # extended temporarily at runtime without making any persistent | ||
| 12 | # modifications. | ||
| 13 | |||
| 14 | # Example usage: | ||
| 15 | ## place a symlink into the systemd-sysext image search path: | ||
| 16 | # $> mkdir /run/extensions | ||
| 17 | # $> ln -s /tmp/extension-example.sysext.ddi /run/extensions/example.raw | ||
| 18 | ## list all available extensions: | ||
| 19 | # $> systemd-sysext list | ||
| 20 | ## and enable the found extensions: | ||
| 21 | # $> SYSTEMD_LOG_LEVEL=debug systemd-sysext merge | ||
| 22 | |||
| 23 | # Note: PACKAGECONFIG:pn-systemd needs to include 'sysext' | ||
| 24 | |||
| 25 | # systemd-sysext [1] has a simple mechanism for version compatibility: | ||
| 26 | # the extension to be loaded has to contain a file named | ||
| 27 | # /usr/lib/extension-release.d/extension-release.NAME | ||
| 28 | # with "NAME" part *exactly* matching the filename of the extensions | ||
| 29 | # raw-device filename/ | ||
| 30 | # | ||
| 31 | # From the extension-release file the "ID" and "VERSION_ID" fields are | ||
| 32 | # matched against same fields present in `os-release` and the extension | ||
| 33 | # is "merged" only if values in both fields from both files are an | ||
| 34 | # exact match. | ||
| 35 | # | ||
| 36 | # Link: https://www.freedesktop.org/software/systemd/man/latest/systemd-sysext.html | ||
| 37 | |||
| 38 | inherit image | ||
| 39 | |||
| 40 | # Include '.sysext' in the deployed image filename and symlink | ||
| 41 | IMAGE_NAME = "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${IMAGE_VERSION_SUFFIX}.sysext" | ||
| 42 | IMAGE_LINK_NAME = "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}.sysext" | ||
| 43 | EXTENSION_NAME = "${IMAGE_LINK_NAME}.${IMAGE_FSTYPES}" | ||
| 44 | |||
| 45 | # Base extension identification fields | ||
| 46 | EXTENSION_ID_FIELD ?= "${DISTRO}" | ||
| 47 | EXTENSION_VERSION_FIELD ?= "${DISTRO_VERSION}" | ||
| 48 | |||
| 49 | sysext_image_add_version_identifier_file() { | ||
| 50 | # Use matching based on Distro name and version | ||
| 51 | echo 'ID=${EXTENSION_ID_FIELD}' > ${WORKDIR}/extension-release.base | ||
| 52 | # os-release.bb does "sanitise_value(ver)", which needs to be done here too | ||
| 53 | echo 'VERSION_ID=${EXTENSION_VERSION_FIELD}' \ | ||
| 54 | | sed 's,+,-,g;s, ,_,g' \ | ||
| 55 | >> ${WORKDIR}/extension-release.base | ||
| 56 | |||
| 57 | # Instruct `systemd-sysext` to perform re-load once extension image is verified | ||
| 58 | echo 'EXTENSION_RELOAD_MANAGER=1' >> ${WORKDIR}/extension-release.base | ||
| 59 | |||
| 60 | install -d ${IMAGE_ROOTFS}${nonarch_libdir}/extension-release.d | ||
| 61 | install -m 0644 ${WORKDIR}/extension-release.base \ | ||
| 62 | ${IMAGE_ROOTFS}${nonarch_libdir}/extension-release.d/extension-release.${EXTENSION_NAME} | ||
| 63 | |||
| 64 | # systemd-sysext expects an extension-release file of the exact same name as the image; | ||
| 65 | # by setting a xattr we allow renaming of the extension image file. | ||
| 66 | # (Kernel: this requires xattr support in the used filesystem) | ||
| 67 | setfattr -n user.extension-release.strict -v false \ | ||
| 68 | ${IMAGE_ROOTFS}${nonarch_libdir}/extension-release.d/extension-release.${EXTENSION_NAME} | ||
| 69 | } | ||
| 70 | |||
| 71 | ROOTFS_POSTPROCESS_COMMAND += "sysext_image_add_version_identifier_file" | ||
| 72 | |||
| 73 | # remove 'os-release' from the packages to be installed into the image. | ||
| 74 | # systemd-sysext otherwise raises the error: | ||
| 75 | # Extension contains '/usr/lib/os-release', which is not allowed, refusing. | ||
| 76 | PACKAGE_EXCLUDE += "os-release" | ||