[bug#73494,v4,2/3] services: cleanup: Bind mount /var/run to /run.
Commit Message
From: Hilton Chain <hako@ultrarare.space>
* gnu/system/file-systems.scm (%runtime-variable-data)
(%runtime-variable-data/bind-mount): New variables.
* gnu/system/file-systems.scm (%base-file-systems): Register
%runtime-variable-data.
* gnu/services.scm (cleanup-gexp): Bind mount /var/run to /run. Remove now
extraneous cleanups.
* doc/guix.texi (File Systems): Document it.
Change-Id: Ie462347935569acddfba68441cf58815a5087cff
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
---
doc/guix.texi | 7 +++++++
gnu/services.scm | 21 +++++++++++++--------
gnu/services/dbus.scm | 31 -------------------------------
gnu/system/file-systems.scm | 29 +++++++++++++++++++++++++++--
4 files changed, 47 insertions(+), 41 deletions(-)
@@ -18379,6 +18379,13 @@ File Systems
read-write in its own ``name space.''
@end defvar
+@defvar %runtime-variable-data
+This file system is mounted as @file{/run} and contains system
+information data describing the system since it was booted.
+@file{/var/run} is bind mounted to @file{/run}, for backward
+compatibility.
+@end defvar
+
@defvar %binary-format-file-system
The @code{binfmt_misc} file system, which allows handling of arbitrary
executable file types to be delegated to user space. This requires the
@@ -628,9 +628,14 @@ (define (system-provenance system)
(define (cleanup-gexp _)
"Return a gexp to clean up /tmp and similar places upon boot."
- (with-imported-modules '((guix build utils))
+ (with-imported-modules (source-module-closure
+ '((guix build utils)
+ (gnu build file-systems)
+ (gnu system file-systems)))
#~(begin
- (use-modules (guix build utils))
+ (use-modules (guix build utils)
+ (gnu build file-systems)
+ (gnu system file-systems))
;; Clean out /tmp, /var/run, and /run.
;;
@@ -662,17 +667,17 @@ (define (cleanup-gexp _)
"/lib/locale"))
(setlocale LC_CTYPE "en_US.utf8")
(delete-file-recursively "/tmp")
- (delete-file-recursively "/var/run")
- (delete-file-recursively "/run")
;; Note: The second argument to 'mkdir' is and'ed with umask,
;; hence the 'chmod' calls.
(mkdir "/tmp" #o1777)
(chmod "/tmp" #o1777)
- (mkdir "/var/run" #o755)
- (chmod "/var/run" #o755)
- (mkdir "/run" #o755)
- (chmod "/var/run" #o755))))))
+
+ ;; XXX: It'd be cleaner if we could simply register
+ ;; %runtime-variable-data/bind-mount in %base-file-systems, that
+ ;; fails with: 'statfs-raw: No such file or directory' when
+ ;; checking for "/run".
+ (mount-file-system %runtime-variable-data/bind-mount #:root "/"))))))
(define cleanup-service-type
;; Service that cleans things up in /tmp and similar.
@@ -190,37 +190,6 @@ (define (dbus-activation config)
;; world-readable.
(mkdir-p/perms "/run/dbus" user #o755))
- (catch 'system-error
- (lambda ()
- (symlink "/run/dbus" "/var/run/dbus"))
- (lambda args
- (let ((errno (system-error-errno args)))
- (cond
- ((= errno EEXIST)
- (let ((existing-name
- (false-if-exception
- (readlink "/var/run/dbus"))))
- (unless (equal? existing-name "/run/dbus")
- ;; Move the content of /var/run/dbus to /run/dbus, and
- ;; retry.
- (let ((dir (opendir "/var/run/dbus")))
- (let loop ((next (readdir dir)))
- (cond
- ((eof-object? next) (closedir dir))
- ((member next '("." "..")) (loop (readdir dir)))
- (else
- (begin
- (rename-file (string-append "/var/run/dbus/" next)
- (string-append "/run/dbus/" next))
- (loop (readdir dir)))))))
- (rmdir "/var/run/dbus")
- (symlink "/run/dbus" "/var/run/dbus"))))
- (else
- (format (current-error-port)
- "Failed to symlink /run/dbus to /var/run/dbus: ~s~%"
- (strerror errno))
- (error "cannot create /var/run/dbus"))))))
-
(unless (file-exists? "/etc/machine-id")
(format #t "creating /etc/machine-id...~%")
(invoke (string-append #$(dbus-configuration-dbus config)
@@ -2,7 +2,7 @@
;;; Copyright © 2013-2022 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2020 Google LLC
;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
-;;; Copyright © 2020, 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2020, 2021, 2025 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;; Copyright © 2021 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2022 Oleg Pykhalov <go.wigust@gmail.com>
;;;
@@ -82,6 +82,8 @@ (define-module (gnu system file-systems)
%pseudo-terminal-file-system
%tty-gid
%immutable-store
+ %runtime-variable-data
+ %runtime-variable-data/bind-mount
%control-groups
%elogind-file-systems
@@ -448,6 +450,28 @@ (define %immutable-store
(check? #f)
(flags '(read-only bind-mount no-atime))))
+(define %runtime-variable-data
+ (file-system
+ (type "tmpfs")
+ (mount-point "/run")
+ (device "tmpfs")
+ ;; Don't use no-suid here as /run/privileged/bin may contain SUID
+ ;; executables.
+ (flags '(no-dev strict-atime))
+ (options "mode=0755,nr_inodes=800k,size=20%")
+ (needed-for-boot? #t)
+ (check? #f)
+ (create-mount-point? #t)))
+
+(define %runtime-variable-data/bind-mount
+ (file-system
+ (device "/run")
+ (mount-point "/var/run")
+ (type "tmpfs")
+ (flags '(bind-mount))
+ (check? #f)
+ (create-mount-point? #t)))
+
(define %control-groups
;; The cgroup2 file system.
(list (file-system
@@ -497,7 +521,8 @@ (define %base-file-systems
%debug-file-system
%shared-memory-file-system
%efivars-file-system
- %immutable-store))
+ %immutable-store
+ %runtime-variable-data))
(define %base-live-file-systems
;; This is the bare minimum to use live file-systems.