[systemd-devel] OSTree mount integration

Colin Walters walters at verbum.org
Mon Sep 24 15:12:39 PDT 2012

On Mon, 2012-09-24 at 22:19 +0200, Lennart Poettering wrote:

> i.e. my suggestion would be to patch dracut (or write a dracut module)
> that sets up your target OS tree with /var and friends directly, and
> then transitions directly to it via moving it to / rather than first
> moving into the host OS tree via a move/bind mount and then using
> chroot() for the second step. (That said, whether you do this in one or
> two steps is not important, what is important however is that you do not
> use chroot()).

For reference by the way, the current ostree_switch_root code that gets
called from dracut is here:
(It's a fork of util-linux switch_root).

The issue with your suggestion I think is that the "deployment root" as
I call them (ostree chroots) isn't a mount point, so I can't just
MS_MOVE move the whole directory to /.  Although I can make it into a
mount point I guess with the trick of bind-mounting it to itself, and
then move that?

Hm.  So something something like this, from dracut's perspective,
where /sysroot is the "target rootfs", and its / is the initramfs:

move(/dev, /sysroot/ostree/current/dev)
move(/proc, /sysroot/ostree/current/proc)
move(/sys, /sysroot/ostree/current/sys)
bind(/sysroot, /sysroot/ostree/current/sysroot)
bind(/sysroot/home, /sysroot/ostree/current/home)
bind(/sysroot/ostree/var, /sysroot/ostree/current/var)
bind(/sysroot/ostree/current-etc, /sysroot/ostree/current/etc)
move(/sysroot/ostree/current/, /)

I may try this and see if it works.

But I don't think this will exactly the solve all the problems.  In this
case / is still a bind mount, not the real backing store.  So for
example if I have a normal / entry in /etc/fstab, systemd is going to
fail to remount it read/write.

(Right now, rather hackily, I just remount the backing store r/w in
 ostree_switch_root, but...)

One notable complication with this whole setup is the read-only bind
mount over /usr (and /bin, /lib at the moment), which I've elided from
the above.

> I am not totally against that, but I'd really like to keep explicit
> virtualization checks at a minimum and use them as solution only if
> nothing else works nicely.

Right, definitely agree.  But even with the above setup I'm not sure how
we can completely avoid it.

I should get a chance to try out some patches here within a few weeks.
The main thing that needs fixing is /etc/fstab :


More information about the systemd-devel mailing list