/*
* Copyright (C) 2011 Colin Walters <walters@verbum.org>
*
* SPDX-License-Identifier: LGPL-2.0+
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*
* Author: Colin Walters <walters@verbum.org>
*/
#include "config.h"
#include <string.h>
#include <stdio.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <sys/param.h>
#include <sys/mount.h>
#include <sys/statvfs.h>
#include <fcntl.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/stat.h>
#include <err.h>
#include <errno.h>
#include <glib.h>
#include "ostree-mount-util.h"
#include "glnx-backport-autocleanups.h"
static void
do_remount (const char *target,
bool writable)
{
struct stat stbuf;
if (lstat (target, &stbuf) < 0)
return;
/* Silently ignore symbolic links; we expect these to point to
* /sysroot, and thus there isn't a bind mount there.
*/
if (S_ISLNK (stbuf.st_mode))
return;
/* If not a mountpoint, skip it */
struct statvfs stvfsbuf;
if (statvfs (target, &stvfsbuf) == -1)
return;
const bool currently_writable = ((stvfsbuf.f_flag & ST_RDONLY) == 0);
if (writable == currently_writable)
return;
int mnt_flags = MS_REMOUNT | MS_SILENT;
if (!writable)
mnt_flags |= MS_RDONLY;
if (mount (target, target, NULL, mnt_flags, NULL) < 0)
{
/* Also ignore EINVAL - if the target isn't a mountpoint
* already, then assume things are OK.
*/
if (errno != EINVAL)
err (EXIT_FAILURE, "failed to remount(%s) %s", writable ? "rw" : "ro", target);
else
return;
}
printf ("Remounted %s: %s\n", writable ? "rw" : "ro", target);
}
int
main(int argc, char *argv[])
{
/* When systemd is in use this is normally created via the generator, but
* we ensure it's created here as well for redundancy.
*/
touch_run_ostree ();
/* The /sysroot mount needs to be private to avoid having a mount for e.g. /var/cache
* also propagate to /sysroot/ostree/deploy/$stateroot/var/cache
*
* Today systemd remounts / (recursively) as shared, so we're undoing that as early
* as possible. See also a copy of this in ostree-prepare-root.c.
*/
if (mount ("none", "/sysroot", NULL, MS_REC | MS_PRIVATE, NULL) < 0)
perror ("warning: While remounting /sysroot MS_PRIVATE");
if (path_is_on_readonly_fs ("/"))
{
/* If / isn't writable, don't do any remounts; we don't want
* to clear the readonly flag in that case.
*/
exit (EXIT_SUCCESS);
}
/* Handle remounting /sysroot; if it's explicitly marked as read-only (opt in)
* then ensure it's readonly, otherwise mount writable, the same as /
*/
bool sysroot_configured_readonly = unlink (_OSTREE_SYSROOT_READONLY_STAMP) == 0;
do_remount ("/sysroot", !sysroot_configured_readonly);
/* And also make sure to make /etc rw again. We make this conditional on
* sysroot_configured_readonly because only in that case is it a bind-mount. */
if (sysroot_configured_readonly)
do_remount ("/etc", true);
/* If /var was created as as an OSTree default bind mount (instead of being a separate filesystem)
* then remounting the root mount read-only also remounted it.
* So just like /etc, we need to make it read-write by default.
* If it was a separate filesystem, we expect it to be writable anyways,
* so it doesn't hurt to remount it if so.
*
* And if we started out with a writable system root, then we need
* to ensure that the /var bind mount created by the systemd generator
* is writable too.
*/
do_remount ("/var", true);
exit (EXIT_SUCCESS);
}