From ad3d7cb6b272cb33561954bf31e6487e106a3231 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 13 Jul 2023 14:51:39 -0400 Subject: [PATCH] prepare-root: Also support configuration via `OSTREE_COMPOSEFS` In general, kernel arguments should be parsed by the Linux kernel and init. For code that's already running in the initramfs like we are, we're already in a position to parse config files or environment variables. In the interest of simplicitly, let's do the latter for now. I started to add a config file like `/usr/lib/ostree/prepare-root.conf` but it's probably not worth it right now. --- docs/composefs.md | 12 ++++++++---- src/switchroot/ostree-prepare-root.c | 9 +++++++-- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/docs/composefs.md b/docs/composefs.md index 8f2c425e96..9217d56e5f 100644 --- a/docs/composefs.md +++ b/docs/composefs.md @@ -32,16 +32,20 @@ shared with the current `/ostree/repo/objects`. ### Kernel argument ot-composefs -The `ostree-prepare-root` binary will look for a kernel argument called `ot-composefs`. +The `ostree-prepare-root` binary will look for two things: -The default value is `maybe` (this will likely become a build and initramfs-configurable option) -in the future too. +- An environment variable `OSTREE_COMPOSEFS` (preferred); set this via e.g. + a systemd drop-in in the initramfs. (Or just hardcode it at build time + for your OS if you prefer) +- A kernel argument called `ot-composefs` (this will likely be removed). + +The default value is `maybe`. The possible values are: - `off`: Never use composefs - `maybe`: Use composefs if supported and there is a composefs image in the deployment directory -- `on`: Require composefs +- `on`: Require composefs (but do not perform any integrity or signature checks) - `digest=`: Require the mounted composefs image to have a particular digest - `signed=`: Require that the commit is signed as validated by the ed25519 public key specified by `path` (the path is resolved in the initrd). diff --git a/src/switchroot/ostree-prepare-root.c b/src/switchroot/ostree-prepare-root.c index 6d29e1a68f..c01ba3a92e 100644 --- a/src/switchroot/ostree-prepare-root.c +++ b/src/switchroot/ostree-prepare-root.c @@ -241,8 +241,13 @@ load_composefs_config (GError **error) g_autoptr (ComposefsConfig) ret = g_new0 (ComposefsConfig, 1); ret->enabled = OT_TRISTATE_MAYBE; - // TODO: Drop this kernel argument in favor of just the config file in the initramfs - autofree char *ot_composefs = read_proc_cmdline_key (OT_COMPOSEFS_KARG); + // This can be set via e.g. systemd unit drop-ins + const char *ot_composefs = g_getenv ("OSTREE_COMPOSEFS"); + + // TODO: Drop this kernel argument in favor of just the environment variable + autofree char *composefs_karg = NULL; + if (!ot_composefs) + ot_composefs = composefs_karg = read_proc_cmdline_key (OT_COMPOSEFS_KARG); if (ot_composefs) { if (strcmp (ot_composefs, "off") == 0)