The return of the call to libcalamares.utils.mount is never tested and
it may fail silently; this causes some mounpoints to be missing.
This adds a warning if mountpoint cannot be mounted.
chcon: failed to get security context of '/tmp/verity': Operation not supported
06:44:23 [6]: static CalamaresUtils::ProcessResult CalamaresUtils::System::runCommand(CalamaresUtils::System::RunLocation, const QStringList&, const QString&, const QString&, std::chrono::seconds)
Running "env" ("mount", "-t", "unformatted", "/dev/sdb2", "/tmp/calamares-root-kv8dqgb5/tmp/verity")
.. Finished. Exit code: 32
.. Target cmd: ("mount", "-t", "unformatted", "/dev/sdb7", "/tmp/calamares-root-kv8dqgb5/tmp/verity") output:
mount: /tmp/calamares-root-kv8dqgb5/tmp/verity: unknown filesystem type 'unformatted'.
- point to main Calamares site in the 'part of' headers instead
of to github (this is the "this file is part of Calamares"
opening line for most files).
- remove boilerplate from all source files, CMake modules and completions,
this is the 3-paragraph summary of the GPL-3.0-or-later, which has
a meaning entirely covered by the SPDX tag.
- Simplify the iteration by first determining which partitions
are mountable (at all).
- This guards against the very rare case that a partition
does not have a mountPoint at all (the if guarded against that)
where the lambda passed to sort() would get a KeyError.
Instead of having a special case for extra mounts to be processed right
after the rootfs, a better approach is to add them to the partitions
list, and then sort the list by mount point.
This way, we make sure every partition is mounted right when it is
needed: `/` is obviously mounted first, `/run` is mounted before
`/run/udev`, and so on.
The overall process is therefore more generic and should suit all
use-cases.
Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com>
When the rootfs partition is read-only, mount points for the other
partitions cannot be created, therefore they need to be created in a
tmpfs, already mounted somewhere in `/`.
However, the extra mounts are only mounted at the end, which causes an
error as no tmpfs is currently mounted.
This patch makes sure all extra mounts are mounted right after the `/`
partition, allowing the use of a read-only rootfs.
Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com>
On systems with SELinux enabled, we have to create the directories on
top of which we mount another partition or virtual file system (e.g.,
/dev) with the correct SELinux context, BEFORE we mount the other
partition. Otherwise, SELinux will get really confused when systemd
tries to recreate the mount tree for a private file system namespace for
a service. And unfortunately, even an autorelabel does not fix it
because it runs when /dev etc. are already mounted.
Without this fix, on Fedora >= 30, the system installed with Calamares
would fail to start the dbus-broker system bus, leading to several
important pieces of functionality not working (e.g., shutdown as
non-root).
On systems without SELinux enabled, chcon (which is part of coreutils)
will just print a warning and do nothing, so this should always be safe.
- One might argue whether an empty list of partitions to mount is
a bad thing. It suggests that the partition module wasn't used,
and so we're in an OEM situation -- but then everything should
already be mounted anyway. That's why I choose empty -> bail.
- If a key is missing from mount.conf, don't raise KeyError
- If both keys are missing, suggest that mount.conf might
be missing instead (a consequence of INSTALL_CONFIG=OFF, for
instance).
- Simplify code a bit.
- Don't bother returning None explicitly.
Only the string "fat32" and "fat16" will be replaced with vfat. If an
case sensitive "Fat32" some problems occure:
- mount: partition cannot be mounted (e.g. a fat32 efi partition)
- fstab: system won't even boot because fstab does not know the type "Fat32"
mount: Remember the extraMounts (and extraMountsEfi, if applicable) in
the global storage (as "extraMounts").
unpackfs: Read the extra mounts from the global storage to generate the
exclude list instead of trying to detect it from the "mount" command's
output, because the latter also includes normally-mounted destination
partitions.
This makes having separate partitions for non-/ mountpoints work again.
