[systemd-devel] Image based OS, CopyBlocks, verity and duplicate UUIDs

[Marius Schiffer]

Hi,

I'm currently building an OS image (with mkosi), for which I'm struggling
to find a suitable installation and updating strategy for. One requirement
is a self-replicating install. It should be bootable from a USB stick with
full functionality and be installable from there.

I settled on using verity protected partitions with their roothash embedded
into the signed UKI's cmdline.
This works perfectly fine for booting from the USB stick.
For the installation, I use systemd-repart to create slots for A/B
partitions and copying the partitions from the USB stick by block to the
first slot.
Updating using systemd-sysupdate (on the installed system) installs a new
data and verity partition in the unused slot and a UKI with the
corresponding roothash. systemd-boot can then sort the UKIs by version.

Unfortunately, copying the data and verity partitions on installation of
course results in the same partition UUIDs on the installed medium and the
USB stick. UUID collision results in unpredictable mounting when both the
installed medium and the USB stick is present (which could be the case for
reinstallation for some reason, or if the USB stick was left on reboot).

One possible solution is creating two different UKIs with hardcoded
partition labels in their cmdline.
This would lose some flexibility/automagic in e.g. sysupdate though. The
partition label would have to be set manually.
Another solution could be to extend systemd to first search the booted
device for the UUIDs specified by the roothash.

Is there a better solution here I'm not seeing?

Marius
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20230612/74d1051e/attachment.htm>