Atomically create files/folders with proper ownership and permissions in a way that unclean reboots could not lead to any corruption or inconsistency. See also:
http://www.linux-mtd.infradead.org/faq/ubifs.html#L_atomic_change This guarantees that in case of a sudden power-cut we either don't have a destination file/folder at all (in this case it will be handled by next populate-volatile.sh execution) or have it with correct ownership and permissions. Note: we can't use ${TMPROOT} for storing temporary files/folders because final mv command is guaranteed to be atomic only if both source and destination are located within the same filesystem. Other changes: - Change owner:group for symlinks as requested. - Wrap in double quotes all values which could have spaces. - Propagate proper exit code from eval script. This might be useful in future e.g. to print a nice error message or propagate an error code further down to script caller. clean_temp() is executed all the time (on both success and failure) but doesn't affect exit code of the eval script (in case of chown/chmod failure the exit code will be propagated). - mk_dir(): never silently create a parent folder if it doesn't exist because parent folders in this case might have undesired ownership/permissions. For malformed configs like: d root root 0750 /grand_parent/parent/me/child none d user1 group1 0700 /grand_parent/parent none d user2 group2 0777 /grand_parent none while processing a first line we'd better not create /grand_parent, /grand_parent/parent, /grand_parent/parent/me with wrong (default) ownership and permissions. Instead we'd better fail to create them at all (it will likely be noticed and fixed). Signed-off-by: Viacheslav Volkov <viacheslav.volko...@gmail.com> --- .../initscripts-1.0/populate-volatile.sh | 76 +++++++++++++++---- 1 file changed, 61 insertions(+), 15 deletions(-) diff --git a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh index bc630e871c..c7b95e0540 100755 --- a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh +++ b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh @@ -25,24 +25,45 @@ ROOT_DIR="$(echo "$DIRNAME" | sed -ne 's:/etc/.*::p')" CFGDIR="${ROOT_DIR}/etc/default/volatiles" TMPROOT="${ROOT_DIR}/var/volatile/tmp" COREDEF="00_core" +SUFFIX=".populate-volatile.tmp" +if [ -z "$ROOT_DIR" ]; then + SYNC_CMD="sync" # on target run sync +else + # At rootfs time sync is not required. Moreover sync symlink is not + # present in ${TMPDIR}/hosttools directory while building rootfs, hence + # attempting to execute sync would cause a silent error (further + # commands won't be executed). + SYNC_CMD="true" +fi [ "${VERBOSE}" != "no" ] && echo "Populating volatile Filesystems." create_file() { - EXEC="" + EXEC="( + clean_temp() + { + rm -rf \"${1}${SUFFIX}\" + } + trap clean_temp EXIT + clean_temp&& + " if [ -z "$2" ]; then EXEC=" - touch \"$1\"; + ${EXEC} + touch \"${1}${SUFFIX}\"&& " else EXEC=" - cp \"$2\" \"$1\"; + ${EXEC} + cp \"$2\" \"${1}${SUFFIX}\"&& " fi EXEC=" ${EXEC} - chown ${TUSER}:${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\"; - chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" " + chown \"${TUSER}:${TGROUP}\" \"${1}${SUFFIX}\"&& + chmod \"${TMODE}\" \"${1}${SUFFIX}\"&& + $SYNC_CMD \"${1}${SUFFIX}\"&& + mv \"${1}${SUFFIX}\" \"$1\")" test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build @@ -62,10 +83,18 @@ create_file() { } mk_dir() { - EXEC=" - mkdir -p \"$1\"; - chown ${TUSER}:${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\"; - chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" " + EXEC="( + clean_temp() + { + rm -rf \"${1}${SUFFIX}\" + } + trap clean_temp EXIT + clean_temp&& + mkdir \"${1}${SUFFIX}\"&& + chown \"${TUSER}:${TGROUP}\" \"${1}${SUFFIX}\"&& + chmod \"${TMODE}\" \"${1}${SUFFIX}\"&& + $SYNC_CMD \"${1}${SUFFIX}\"&& + mv \"${1}${SUFFIX}\" \"$1\")" test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build if [ -e "$1" ]; then @@ -82,20 +111,37 @@ mk_dir() { } link_file() { - EXEC=" + EXEC="( + clean_temp() + { + rm -rf \"${2}${SUFFIX}\" + } + create_symlink() + { + ln -sf \"$1\" \"${2}${SUFFIX}\"&& + chown -h \"${TUSER}:${TGROUP}\" \"${2}${SUFFIX}\"&& + $SYNC_CMD \"${2}${SUFFIX}\"&& + mv \"${2}${SUFFIX}\" \"$2\" + } + trap clean_temp EXIT + clean_temp&& if [ -L \"$2\" ]; then - [ \"\$(readlink \"$2\")\" != \"$1\" ] && { rm -f \"$2\"; ln -sf \"$1\" \"$2\"; }; + if [ \"\$(readlink \"$2\")\" != \"$1\" ]; then + rm -f \"$2\"&& + create_symlink + fi elif [ -d \"$2\" ]; then if awk '\$2 == \"$2\" {exit 1}' /proc/mounts; then cp -a $2/* $1 2>/dev/null; cp -a $2/.[!.]* $1 2>/dev/null; - rm -rf \"$2\"; - ln -sf \"$1\" \"$2\"; + $SYNC_CMD&& + rm -rf \"$2\"&& + create_symlink fi else - ln -sf \"$1\" \"$2\"; + create_symlink fi - " + )" test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build -- 2.45.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#203817): https://lists.openembedded.org/g/openembedded-core/message/203817 Mute This Topic: https://lists.openembedded.org/mt/108119948/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
