[systemd-devel] [PATCH] firstboot: remove extra paranoia in --root checking

Dave Reisner dreisner at archlinux.org
Thu Aug 28 10:30:53 PDT 2014

Some package managers will chroot before running post-install and
post-upgrade scripts. Doing this prevents systemd-firstboot from being
used piecemeal at installation or upgrade time, as the --root=/ will be
"cleverly" ignored.

There's already enough sanity checks in this tool that we don't also
need add "intelligence" on top of the --root parameter. If a sys-admin
wants to run this tool with --root=/, I see no reason why we should
actively stop them.

It's currently far more difficult than it needs to be to perform the seemingly
simple task of creating a *unique* machine ID for new installations. The
systemd-machine-id-setup tool almost accomplishes this, but fails to create
something unique when generating IDs for nspawn containers in VMs[1]. A recent
change[2] tried to address this, but it's still negated by the fact that most
package managers will chroot before running install scriptlets.

systemd-firstboot is too smart for its own good. The tool has a --root
parameter, but this is made useless by the fact that it silently ignores any
root value which is equivalent to "/". And, without a --root specified, the
--setup-machine-id feature of firstboot will be a no-op. This makes
systemd-firstboot unsuitable for usage in a post-install script, again, because
of the chroot.

systemd is the only software on most machines which will read and use the
machine ID. It therefore makes sense that systemd is responsible for creating
this. The installation bootstrap scripts shouldn't have to rely on systemd
being installed in the host environment in order to generate this data. This
really is a dead simple task that's entirely feasible to do as part of the
package's post-installation work. But yet... it currently isn't.

Why does a tool called "firstboot" have a feature which refuses to run on first

[1] https://bugs.archlinux.org/task/40131
[2] http://cgit.freedesktop.org/systemd/systemd/commit/?id=5dd6d0f8ff1

 src/firstboot/firstboot.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index fd73adb..a17c18a 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -747,11 +747,6 @@ static int parse_argv(int argc, char *argv[]) {
-                        if (path_equal(arg_root, "/")) {
-                                free(arg_root);
-                                arg_root = NULL;
-                        }
                 case ARG_LOCALE:

More information about the systemd-devel mailing list