Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

modules/boot: Specify the type for tmpfs mounts #108860

Merged
merged 1 commit into from Jan 14, 2021
Merged

modules/boot: Specify the type for tmpfs mounts #108860

merged 1 commit into from Jan 14, 2021

Conversation

endocrimes
Copy link
Member

Motivation for this change

#107497 broke booting on many systems that
use tmpOnTmpfs due to the lack of specifying the mount type.

This commit explicitly adds the mount type, which should fix booting
such systems.

The original change may want to be revisited however too, because we don't differ from the upstream unit (for 247 at least) https://github.com/systemd/systemd/blob/v247/units/tmp.mount

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@endocrimes
modules/boot: Specify the type for tmpfs mounts
ca7b35d 
NixOS#107497 broke booting on many systems that
use tmpOnTmpfs due to the lack of specifying the mount type.

This commit explicitly adds the mount type, which should fix booting
such systems.

The original change may want to be revisited however too.
@endocrimes endocrimes mentioned this pull request Jan 9, 2021
Merged
10 tasks
cpcloud
cpcloud approved these changes Jan 9, 2021
View reviewed changes
Copy link
Contributor

@cpcloud cpcloud left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This LGTM. Thanks!

cole-h
cole-h approved these changes Jan 9, 2021
View reviewed changes
Copy link
Member

@cole-h cole-h left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Diff LGTM.

nixos/modules/system/boot/tmp.nix
@@ -34,6 +34,7 @@ with lib;
{
what = "tmpfs";
where = "/tmp";
type = "tmpfs";
mountConfig.Options = [ "mode=1777" "strictatime" "rw" "nosuid" "nodev" "size=50%" ];
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is where we differ from upstream: we don't have an inode limit, whereas upstream does:

https://github.com/systemd/systemd/blob/4d484e14bb9864cef1d124885e625f33bf31e91c/units/tmp.mount#L25

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I saw that after I posted the PR and forgot to update 😅, although that has been there since May, so probably isn't something that is worth us forking it for IMO (As most people will never run into it)

@cole-h
Copy link
Member

cole-h commented Jan 9, 2021

@ofborg test boot

@andir
Copy link
Member

andir commented Jan 9, 2021

Are you able to come up with a test configuration that fails currently? I've tried enable boot.tmpOnTmpfs = true; but that still succeeds without this change. This bug should not occure again and thus we should have a test for this very commonly used option.

@endocrimes
Copy link
Member Author

@andir FWIW without this change, a system rebuild succeeds because the tmpfs mount doesn't get cleaned up, but a reboot would fail. NixOS Tests can't really be used to test this afaict because they have their own implementation of tmpOnTmpfs inside nixos/modules/qemu-vm.

@ajs124
Copy link
Member

ajs124 commented Jan 9, 2021

Another option would be re-adding systemd.additionalUpstreamSystemUnits = optional config.boot.tmpOnTmpfs "tmp.mount";

With that, you get something like

# /nix/store/q6ylicsava582g55mdx0788yg2fib7js-systemd-246.6/example/systemd/system/tmp.mount
#  SPDX-License-Identifier: LGPL-2.1+
#
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.

[Unit]
Description=Temporary Directory (/tmp)
Documentation=https://systemd.io/TEMPORARY_DIRECTORIES
Documentation=man:file-hierarchy(7)
Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
ConditionPathIsSymbolicLink=!/tmp
DefaultDependencies=no
Conflicts=umount.target
Before=local-fs.target umount.target
After=swap.target

[Mount]
What=tmpfs
Where=/tmp
Type=tmpfs
Options=mode=1777,strictatime,nosuid,nodev,size=50%,nr_inodes=400k

# /nix/store/xgxf0nqiimbzmvzrqz77xrdbijdkkiy0-system-units/tmp.mount.d/overrides.conf
[Unit]

[Mount]
Options=mode=1777,strictatime,rw,nosuid,nodev,size=50%,huge=within_size
What=tmpfs
Where=/tmp

@endocrimes
Copy link
Member Author

@ajs124 thats my preference too, but I wanted to avoid starting a revert/re request cycle if I could help it, while in the mean time systems are unbootable

@ajs124 ajs124 mentioned this pull request Jan 9, 2021
Closed
10 tasks
@cole-h
Copy link
Member

cole-h commented Jan 9, 2021
edited

EDIT: https://logs.nix.samueldr.com/nixos/2021-01-10#1610240617-1610240313

(In summary: I don't have a preference for which PR is merged.)

@ajs124
Copy link
Member

ajs124 commented Jan 10, 2021

systemd doesn't merge these options, but overwrites. So even with #108881, you'd have no inode limit.

@jshholland jshholland mentioned this pull request Jan 12, 2021
Closed
@flokli
Copy link
Contributor

flokli commented Jan 13, 2021

@ajs124 , @endocrimes I'm a bit lost on if this or #108881 is the right way forward, which work, and which one is cleaner. Can you sort that out, so we can merge one fix or the other?

@endocrimes
Copy link
Member Author

@Floki sure - @ajs124 if your override gets reduced to just the mount options and you add a comment explaining the override behavior then I'd go for that over this PR.

Tracking systemd defaults automatically is the better behavior IMO.

@cole-h
Copy link
Member

cole-h commented Jan 13, 2021

FYI: where is necessary because it's what the unit's name is derived from (#108881 (comment)).

@andir
Copy link
Member

andir commented Jan 14, 2021

I think we should stick with this PR. It is precise in what it does and we can update it when needed. Upstream systemd shouldn't be the authorative source for how things are done but rather a source for inspiration and guidance.

@andir
Copy link
Member

andir commented Jan 14, 2021

Also using upstream units is what got us into this situation in the first place. We have the ability to merge options properly without weird empty line hacks etc..

@andir
Copy link
Member

andir commented Jan 14, 2021

Works on my machine.

@andir andir merged commit 3be09b9 into NixOS:master Jan 14, 2021
@endocrimes endocrimes deleted the dani/fix-tmp branch January 21, 2021 14:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cpcloud cpcloud cpcloud approved these changes

@cole-h cole-h cole-h approved these changes

@Mic92 Mic92 Awaiting requested review from Mic92

Assignees
No one assigned
Labels
6.topic: nixos 6.topic: systemd 8.has: module (update) 10.rebuild-darwin: 0 10.rebuild-linux: 0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@endocrimes @cole-h @andir @ajs124 @flokli @cpcloud @alyssais