rancher/immucore
1
0
Fork 0
mirror of https://github.com/kairos-io/immucore.git synced 2025-08-12 03:22:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix master to boot normal (#68)

Browse Source 
* Be more careful with commandWithPaths PATHS

Signed-off-by: Itxaka <itxaka.garcia@spectrocloud.com>

* Do not mount all the things :/

Signed-off-by: Itxaka <itxaka.garcia@spectrocloud.com>

* Only mount /proc otherwise we break stuff

Signed-off-by: Itxaka <itxaka.garcia@spectrocloud.com>

---------

Signed-off-by: Itxaka <itxaka.garcia@spectrocloud.com>
This commit is contained in:
Itxaka 2023-03-01 16:20:45 +01:00 committed by GitHub
parent 4fabf06d7f
commit 68fc3afa24
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 25 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
internal/utils/common.go
View File

@ -1,6 +1,7 @@
package utils package utils
import ( import (
"fmt"
"github.com/joho/godotenv" "github.com/joho/godotenv"
"github.com/kairos-io/kairos/sdk/state" "github.com/kairos-io/kairos/sdk/state"
"os" "os"
@ -130,12 +131,14 @@ func DisableImmucore() bool {
cmdline, _ := os.ReadFile("/proc/cmdline") cmdline, _ := os.ReadFile("/proc/cmdline")
cmdlineS := string(cmdline) cmdlineS := string(cmdline)
return strings.Contains(cmdlineS, "live:LABEL") || strings.Contains(cmdlineS, "live:CDLABEL") || strings.Contains(cmdlineS, "netboot") || strings.Contains(cmdlineS, "rd.cos.disable") return strings.Contains(cmdlineS, "live:LABEL") || strings.Contains(cmdlineS, "live:CDLABEL") ||
strings.Contains(cmdlineS, "netboot") || strings.Contains(cmdlineS, "rd.cos.disable") ||
strings.Contains(cmdlineS, "rd.immucore.disable")
} }
// RootRW tells us if the mode to mount root // RootRW tells us if the mode to mount root
func RootRW() string { func RootRW() string {
if len(ReadCMDLineArg("rd.cos.debugrw")) > 0 { if len(ReadCMDLineArg("rd.cos.debugrw")) > 0 || len(ReadCMDLineArg("rd.immucore.debugrw")) > 0 {
Log.Warn().Msg("Mounting root as RW") Log.Warn().Msg("Mounting root as RW")
return "rw" return "rw"
} }
@ -172,8 +175,16 @@ func IsUKI() bool {
func CommandWithPath(c string) (string, error) { func CommandWithPath(c string) (string, error) {
cmd := exec.Command("/bin/sh", "-c", c) cmd := exec.Command("/bin/sh", "-c", c)
cmd.Env = os.Environ() cmd.Env = os.Environ()
// TODO: extract PATH from env and append to existing instead of overwriting pathAppend := "/usr/bin:/usr/sbin:/bin:/sbin"
cmd.Env = append(cmd.Env, "PATH=/usr/bin:/usr/sbin") // try to extract any existing path from the environment
for _, env := range cmd.Env {
splitted := strings.Split(env, "=")
if splitted[0] == "PATH" {
pathAppend = fmt.Sprintf("%s:%s", pathAppend, splitted[1])
}
}
Log.Debug().Str("content", pathAppend).Msg("PATH")
cmd.Env = append(cmd.Env, fmt.Sprintf("PATH=%s", pathAppend))
o, err := cmd.CombinedOutput() o, err := cmd.CombinedOutput()
return string(o), err return string(o), err
} }

35
internal/utils/mounts.go
View File

@ -172,32 +172,13 @@ func Fsck(device string) error {
return e return e
} }
// MinimalMounts will set the minimal mounts needed for immucore // MountProc will mount /proc
// For now only proc is needed to read the cmdline fully in uki mode // For now proc is needed to read the cmdline fully in uki mode
// in normal modes this should already be done by the initramfs process, so we can ignore errors // in normal modes this should already be done by the initramfs process, so we can skip this
// Just mount dev, tmp and sys just in case func MountProc() {
func MinimalMounts() { _ = os.MkdirAll("/proc", 0755)
type m struct { if !IsMounted("/proc") {
source string _ = syscall.Mount("proc", "/proc", "proc", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, "")
target string
t string
flags int
data string
}
toMount := []m{
{"dev", "/dev", "devtmpfs", syscall.MS_NOSUID, "mode=755"},
{"proc", "/proc", "proc", syscall.MS_NOSUID | syscall.MS_NODEV | syscall.MS_NOEXEC | syscall.MS_RELATIME, ""},
{"sys", "/sys", "sysfs", syscall.MS_NOSUID | syscall.MS_NODEV | syscall.MS_NOEXEC | syscall.MS_RELATIME, ""},
{"tmp", "/tmp", "tmpfs", syscall.MS_NOSUID | syscall.MS_NODEV, ""},
{"run", "/run", "tmpfs", syscall.MS_NOSUID | syscall.MS_NODEV | syscall.MS_NOEXEC | syscall.MS_RELATIME, "mode=755"},
}
for _, mnt := range toMount {
_ = os.MkdirAll(mnt.target, 0755)
if !IsMounted(mnt.target) {
err := syscall.Mount(mnt.source, mnt.target, mnt.t, uintptr(mnt.flags), mnt.data)
if err != nil {
fmt.Println(err.Error())
}
}
} }
} }

4
main.go
View File

@ -21,7 +21,7 @@ func main() {
var targetDevice, targetImage string var targetDevice, targetImage string
var state *mount.State var state *mount.State
utils.MinimalMounts() utils.MountProc()
utils.SetLogger() utils.SetLogger()
v := version.Get() v := version.Get()
@ -42,7 +42,7 @@ func main() {
} }
if utils.DisableImmucore() { if utils.DisableImmucore() {
utils.Log.Info().Msg("Stanza rd.cos.disable on the cmdline or booting from CDROM/Netboot/Squash recovery. Disabling immucore.") utils.Log.Info().Msg("Stanza rd.cos.disable/rd.immucore.disable on the cmdline or booting from CDROM/Netboot/Squash recovery. Disabling immucore.")
err = state.RegisterLiveMedia(g) err = state.RegisterLiveMedia(g)
} else if utils.IsUKI() { } else if utils.IsUKI() {
utils.Log.Info().Msg("UKI booting!") utils.Log.Info().Msg("UKI booting!")