aboutsummaryrefslogtreecommitdiffstats
path: root/systemd
diff options
context:
space:
mode:
authorVáclav Pavlín <vpavlin@redhat.com>2013-09-03 17:36:39 +0200
committerVáclav Pavlín <vpavlin@redhat.com>2013-09-12 15:32:25 +0200
commite969b90c1a1d3c049b6757ebb0f1d86801f3e4c9 (patch)
tree64a9a5a51381b7fbaa1d8fd892f739324d73c8ac /systemd
parenta6b9d19b819884bfaf28070b0ed9c2fe3bb6a1bc (diff)
downloadinitscripts-e969b90c1a1d3c049b6757ebb0f1d86801f3e4c9.tar
initscripts-e969b90c1a1d3c049b6757ebb0f1d86801f3e4c9.tar.gz
initscripts-e969b90c1a1d3c049b6757ebb0f1d86801f3e4c9.tar.bz2
initscripts-e969b90c1a1d3c049b6757ebb0f1d86801f3e4c9.tar.xz
initscripts-e969b90c1a1d3c049b6757ebb0f1d86801f3e4c9.zip
readonly-root: bind-mount only necessary subset of entries in rwtab
Diffstat (limited to 'systemd')
-rwxr-xr-xsystemd/rhel-readonly45
1 files changed, 32 insertions, 13 deletions
diff --git a/systemd/rhel-readonly b/systemd/rhel-readonly
index 66634e24..bc2b2bcb 100755
--- a/systemd/rhel-readonly
+++ b/systemd/rhel-readonly
@@ -38,27 +38,32 @@ if strstr "$cmdline" noreadonlyroot ; then
READONLY=no
fi
+MOUNTS=()
if [ "$READONLY" = "yes" -o "$TEMPORARY_STATE" = "yes" ]; then
- mount_empty() {
- if [ -e "$1" ]; then
+ add_mount() {
+ MOUNTS=("${MOUNTS[@]}" "$1")
+ }
+
+ cp_empty() {
+ if [ -e "$1" ]; then
echo "$1" | cpio -p -vd "$RW_MOUNT" &>/dev/null
- mount -n --bind "$RW_MOUNT$1" "$1"
+ add_mount $1
fi
- }
+ }
- mount_dirs() {
+ cp_dirs() {
if [ -e "$1" ]; then
mkdir -p "$RW_MOUNT$1"
find "$1" -type d -print0 | cpio -p -0vd "$RW_MOUNT" &>/dev/null
- mount -n --bind "$RW_MOUNT$1" "$1"
+ add_mount $1
fi
}
- mount_files() {
+ cp_files() {
if [ -e "$1" ]; then
cp -a --parents "$1" "$RW_MOUNT"
- mount -n --bind "$RW_MOUNT$1" "$1"
+ add_mount $1
fi
}
@@ -83,24 +88,38 @@ if [ "$READONLY" = "yes" -o "$TEMPORARY_STATE" = "yes" ]; then
for file in /etc/rwtab /etc/rwtab.d/* /run/initramfs/rwtab ; do
is_ignored_file "$file" && continue
- [ -f $file ] && cat $file | while read type path ; do
+ [ -f $file ] && while read type path ; do
case "$type" in
empty)
- mount_empty $path
+ cp_empty $path
;;
files)
- mount_files $path
+ cp_files $path
;;
dirs)
- mount_dirs $path
+ cp_dirs $path
;;
*)
;;
esac
selinux_fixup "$path"
- done
+ done < <(cat $file)
done
+ for m in "${MOUNTS[@]}"; do
+ prefix=0
+ for mount_point in "${MOUNTS[@]}"; do
+ [[ $m = $mount_point ]] && continue
+ if [[ $m =~ ^$mount_point.* ]] ; then
+ prefix=1
+ break
+ fi
+ done
+ [[ $prefix -eq 1 ]] && continue
+
+ mount -n --bind "$RW_MOUNT$m" "$m"
+ done
+
# Use any state passed by initramfs
[ -d /run/initramfs/state ] && cp -a /run/initramfs/state/* $RW_MOUNT