From b9ce0e89801bbc92d50473d3620b3f41f1dbef9f Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 26 Jan 2024 18:10:37 -0500 Subject: [PATCH] generator: Exit if there's no `/run/ostree` Currently if run in a container image under systemd, we will incorrectly synthesize a `var.mount` unit even if `ostree-prepare-root` hasn't run. The comment here said why we didn't do that before, but that's for the really legacy embedded-only "ostree-prepare-root-static" path, and even then I'm pretty sure it was wrong because the generator here only runs in the *real* root, and we should have `/run/ostree` at that point. --- src/libostree/ostree-impl-system-generator.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/libostree/ostree-impl-system-generator.c b/src/libostree/ostree-impl-system-generator.c index ad785eb9ec..1c4a5d106b 100644 --- a/src/libostree/ostree-impl-system-generator.c +++ b/src/libostree/ostree-impl-system-generator.c @@ -251,18 +251,18 @@ _ostree_impl_system_generator (const char *normal_dir, const char *early_dir, co if (unlinkat (AT_FDCWD, INITRAMFS_MOUNT_VAR, 0) == 0) return TRUE; + // If we're not booted via ostree, do nothing + if (!glnx_fstatat_allow_noent (AT_FDCWD, OTCORE_RUN_OSTREE, NULL, 0, error)) + return FALSE; + if (errno == ENOENT) + return TRUE; + g_autofree char *cmdline = read_proc_cmdline (); if (!cmdline) return glnx_throw (error, "Failed to read /proc/cmdline"); - - /* If we're installed on a system which isn't using OSTree for boot (e.g. - * package installed as a dependency for flatpak or whatever), silently - * exit so that we don't error, but at the same time work where switchroot - * is PID 1 (and so hasn't created /run/ostree-booted). - */ g_autofree char *ostree_cmdline = otcore_find_proc_cmdline_key (cmdline, "ostree"); - if (!ostree_cmdline) - return TRUE; + // SAFETY: If we have /run/ostree, then we must have the ostree= karg + g_assert (ostree_cmdline); if (!require_internal_units (normal_dir, early_dir, late_dir, error)) return FALSE;