From patchwork Sat May 3 14:22:56 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Hilton Chain X-Patchwork-Id: 42270 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 1585D27BC4A; Sat, 3 May 2025 15:24:46 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,FROM_SUSPICIOUS_NTLD,MAILING_LIST_MULTI,PDS_OTHER_BAD_TLD, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL, RCVD_IN_VALIDITY_SAFE,SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id DE49227BC49 for ; Sat, 3 May 2025 15:24:43 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uBDmi-0003kc-B5; Sat, 03 May 2025 10:24:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uBDmg-0003k9-LO for guix-patches@gnu.org; Sat, 03 May 2025 10:24:06 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1uBDmg-0003LT-1G; Sat, 03 May 2025 10:24:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:References:In-Reply-To:Date:From:To:Subject; bh=Sal8SDRuIHwT7zsIU6PojSGHVB2VF9Bdobkupid51Co=; b=bLGlNiSvb3SpkJHOF8+AxbGDLHuY4maEAkPuXLv7XiJz9O70sgi5+jxXI+moF+TWlXpDmPxoGvn9nxVcInZRJ+r275iCEGp3ngRQLCrclIDU8bLwPhujyctZTW7yLoCB9yLkpE23iA2Y0JbkCqj5qoVBNq9Nx4fyiSnnG/gADuC5Tgk6H5NENraALzbLfdjbtZfaf49b1AkF7sv78rdEF7Yo4DEGZUbKAD+JRRVJgL0x/oUDesSMrke4SFyUnsKAr3gn48FGnkhbE8crw4EvMf5+VV3f8ta+3VH8/cULHeCKWPdpwNXEcX8x/2/jr/uhVG12yRsPIdcARAJTrpmD/Q==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1uBDmc-0001tU-K6; Sat, 03 May 2025 10:24:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#73494] [PATCH v5 2/3] services: cleanup: Bind mount /var/run to /run. Resent-From: Hilton Chain Original-Sender: "Debbugs-submit" Resent-CC: hako@ultrarare.space, maxim.cournoyer@gmail.com, ludo@gnu.org, vagrant@debian.org, zhengjunjie@iscas.ac.cn, gabriel@erlikon.ch, guix-patches@gnu.org Resent-Date: Sat, 03 May 2025 14:24:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 73494 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 73494@debbugs.gnu.org Cc: Hilton Chain , Maxim Cournoyer , Hilton Chain , Maxim Cournoyer , Ludovic =?utf-8?q?Court=C3=A8s?= , Vagrant Cascadian , Z572 , Gabriel Wicki X-Debbugs-Original-Xcc: Hilton Chain , Maxim Cournoyer , Ludovic =?utf-8?q?Court=C3=A8s?= , Vagrant Cascadian , Z572 , Gabriel Wicki Received: via spool by 73494-submit@debbugs.gnu.org id=B73494.17462822397253 (code B ref 73494); Sat, 03 May 2025 14:24:02 +0000 Received: (at 73494) by debbugs.gnu.org; 3 May 2025 14:23:59 +0000 Received: from localhost ([127.0.0.1]:41976 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uBDmY-0001su-DB for submit@debbugs.gnu.org; Sat, 03 May 2025 10:23:59 -0400 Received: from mail.boiledscript.com ([2a01:4f8:242:4aeb::42]:45050) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uBDmV-0001sa-A0 for 73494@debbugs.gnu.org; Sat, 03 May 2025 10:23:56 -0400 From: Hilton Chain DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ultrarare.space; s=mail; t=1746282234; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Sal8SDRuIHwT7zsIU6PojSGHVB2VF9Bdobkupid51Co=; b=ZRvjqtcR62Q4Fe48CbH4opzgdIgjqPsPsM6q5CejIuvKiuhArDyBtRJ4SrFQdOllCBBsHM 77SOGsK58u4lePBb7s19MoD2O7EBR1O8WCM6/8kNWrGXkTWiLPoEDWAc5DOy5j1MEd4e0R 8WOg/1KyZnfoJerJrBcjUhpqhDossea8P/Hp8jvfgM1OSJO6R2deRlTjWmU8yj9sKtxY3V dfRQZfvug789yCtUz76zh2uaCGgOc1/XyD5lvKG7DXQRdi6lvaJm2RF2u3/MjDyU8rmKRw phAZAjftnOw4CB3s8SHuDZpkcLQUV7uE/zRDM9m4QKJ74lyoyHZbrDAaeEFrhg== Date: Sat, 3 May 2025 22:22:56 +0800 Message-ID: <4b536e1414e4c6f62e0bdaea88fe3c809c06de87.1746281900.git.hako@ultrarare.space> In-Reply-To: References: MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches * gnu/system/file-systems.scm (%runtime-variable-data) (%runtime-variable-data/bind-mount): New variables. * gnu/system/file-systems.scm (%base-file-systems): Register %runtime-variable-data. * gnu/services.scm (cleanup-gexp): Bind mount /var/run to /run. Remove now extraneous cleanups. * doc/guix.texi (File Systems): Document it. Change-Id: Ie462347935569acddfba68441cf58815a5087cff Modified-by: Maxim Cournoyer --- doc/guix.texi | 7 +++++++ gnu/services.scm | 21 +++++++++++++-------- gnu/services/dbus.scm | 31 ------------------------------- gnu/system/file-systems.scm | 29 +++++++++++++++++++++++++++-- 4 files changed, 47 insertions(+), 41 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 0537cae87d..eb8dd39c89 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -18383,6 +18383,13 @@ File Systems read-write in its own ``name space.'' @end defvar +@defvar %runtime-variable-data +This file system is mounted as @file{/run} and contains system +information data describing the system since it was booted. +@file{/var/run} is bind mounted to @file{/run}, for backward +compatibility. +@end defvar + @defvar %binary-format-file-system The @code{binfmt_misc} file system, which allows handling of arbitrary executable file types to be delegated to user space. This requires the diff --git a/gnu/services.scm b/gnu/services.scm index 6865c7560f..700966c4c2 100644 --- a/gnu/services.scm +++ b/gnu/services.scm @@ -628,9 +628,14 @@ (define (system-provenance system) (define (cleanup-gexp _) "Return a gexp to clean up /tmp and similar places upon boot." - (with-imported-modules '((guix build utils)) + (with-imported-modules (source-module-closure + '((guix build utils) + (gnu build file-systems) + (gnu system file-systems))) #~(begin - (use-modules (guix build utils)) + (use-modules (guix build utils) + (gnu build file-systems) + (gnu system file-systems)) ;; Clean out /tmp, /var/run, and /run. ;; @@ -662,17 +667,17 @@ (define (cleanup-gexp _) "/lib/locale")) (setlocale LC_CTYPE "en_US.utf8") (delete-file-recursively "/tmp") - (delete-file-recursively "/var/run") - (delete-file-recursively "/run") ;; Note: The second argument to 'mkdir' is and'ed with umask, ;; hence the 'chmod' calls. (mkdir "/tmp" #o1777) (chmod "/tmp" #o1777) - (mkdir "/var/run" #o755) - (chmod "/var/run" #o755) - (mkdir "/run" #o755) - (chmod "/var/run" #o755)))))) + + ;; XXX: It'd be cleaner if we could simply register + ;; %runtime-variable-data/bind-mount in %base-file-systems, that + ;; fails with: 'statfs-raw: No such file or directory' when + ;; checking for "/run". + (mount-file-system %runtime-variable-data/bind-mount #:root "/")))))) (define cleanup-service-type ;; Service that cleans things up in /tmp and similar. diff --git a/gnu/services/dbus.scm b/gnu/services/dbus.scm index 76e04bf221..9292172e01 100644 --- a/gnu/services/dbus.scm +++ b/gnu/services/dbus.scm @@ -190,37 +190,6 @@ (define (dbus-activation config) ;; world-readable. (mkdir-p/perms "/run/dbus" user #o755)) - (catch 'system-error - (lambda () - (symlink "/run/dbus" "/var/run/dbus")) - (lambda args - (let ((errno (system-error-errno args))) - (cond - ((= errno EEXIST) - (let ((existing-name - (false-if-exception - (readlink "/var/run/dbus")))) - (unless (equal? existing-name "/run/dbus") - ;; Move the content of /var/run/dbus to /run/dbus, and - ;; retry. - (let ((dir (opendir "/var/run/dbus"))) - (let loop ((next (readdir dir))) - (cond - ((eof-object? next) (closedir dir)) - ((member next '("." "..")) (loop (readdir dir))) - (else - (begin - (rename-file (string-append "/var/run/dbus/" next) - (string-append "/run/dbus/" next)) - (loop (readdir dir))))))) - (rmdir "/var/run/dbus") - (symlink "/run/dbus" "/var/run/dbus")))) - (else - (format (current-error-port) - "Failed to symlink /run/dbus to /var/run/dbus: ~s~%" - (strerror errno)) - (error "cannot create /var/run/dbus")))))) - (unless (file-exists? "/etc/machine-id") (format #t "creating /etc/machine-id...~%") (invoke (string-append #$(dbus-configuration-dbus config) diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm index 4ea8237c70..c75ef39377 100644 --- a/gnu/system/file-systems.scm +++ b/gnu/system/file-systems.scm @@ -2,7 +2,7 @@ ;;; Copyright © 2013-2022 Ludovic Courtès ;;; Copyright © 2020 Google LLC ;;; Copyright © 2020 Jakub Kądziołka -;;; Copyright © 2020, 2021 Maxim Cournoyer +;;; Copyright © 2020, 2021, 2025 Maxim Cournoyer ;;; Copyright © 2021 Tobias Geerinckx-Rice ;;; Copyright © 2022 Oleg Pykhalov ;;; @@ -82,6 +82,8 @@ (define-module (gnu system file-systems) %pseudo-terminal-file-system %tty-gid %immutable-store + %runtime-variable-data + %runtime-variable-data/bind-mount %control-groups %elogind-file-systems @@ -448,6 +450,28 @@ (define %immutable-store (check? #f) (flags '(read-only bind-mount no-atime)))) +(define %runtime-variable-data + (file-system + (type "tmpfs") + (mount-point "/run") + (device "tmpfs") + ;; Don't use no-suid here as /run/privileged/bin may contain SUID + ;; executables. + (flags '(no-dev strict-atime)) + (options "mode=0755,nr_inodes=800k,size=20%") + (needed-for-boot? #t) + (check? #f) + (create-mount-point? #t))) + +(define %runtime-variable-data/bind-mount + (file-system + (device "/run") + (mount-point "/var/run") + (type "tmpfs") + (flags '(bind-mount)) + (check? #f) + (create-mount-point? #t))) + (define %control-groups ;; The cgroup2 file system. (list (file-system @@ -497,7 +521,8 @@ (define %base-file-systems %debug-file-system %shared-memory-file-system %efivars-file-system - %immutable-store)) + %immutable-store + %runtime-variable-data)) (define %base-live-file-systems ;; This is the bare minimum to use live file-systems.