#239 atomic: Adapt `systemctl mask tmp.mount` for rpmostree `tmp-is-dir` change
Closed 5 years ago by walters. Opened 6 years ago by walters.
walters/fedora-kickstarts atomic-notmpfs-new  into  master

file modified
+16 -1
@@ -95,8 +95,23 @@ 

  # Because memory is scarce resource in most cloud/virt environments,

  # and because this impedes forensics, we are differing from the Fedora

  # default of having /tmp on tmpfs.

+ # Adapted for: https://github.com/projectatomic/rpm-ostree/pull/778

  echo "Disabling tmpfs for /tmp."

- systemctl mask tmp.mount

+ if test -L /tmp; then

+    systemctl mask tmp.mount

+ else

+    cat >/etc/systemd/system/tmp.mount << EOF

I think for this we should provide a unit from the rpm that is disabled by default that can be used to achieve this behavior: see upstream request for this: https://github.com/projectatomic/rpm-ostree/issues/820

ausil commented 6 years ago

+1 we should try keep all the content coming from RPMS

+ # Generated by fedora-atomic.ks in https://pagure.io/fedora-kickstarts/

+ [Unit]

+ Description=/tmp to /var/tmp mount

+ Before=local-fs.target

+ 

+ [Mount]

+ Where=/tmp

+ What=/var/tmp

+ Options=bind

+ EOF

+ fi

  

  # make sure firstboot doesn't start

  echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot

For more information, see: https://github.com/projectatomic/rpm-ostree/pull/778

Basically I'd like to use tmp-is-dir for FAH, this change adapts things so we
get the same semantics (/tmp is not tmpfs) in both cases.

An admin wanting tmpfs for their cloud images would need to rm /etc/systemd/system/tmp.mount and go back to using the default systemd
tmp.mount.

Note: not tested locally yet

I think for this we should provide a unit from the rpm that is disabled by default that can be used to achieve this behavior: see upstream request for this: https://github.com/projectatomic/rpm-ostree/issues/820

+1 we should try keep all the content coming from RPMS

(Side note, if people don't mind let's please keep this open...I agree with the last comment and will try to fix it)

(Side note, if people don't mind let's please keep this open...I agree with the last comment and will try to fix it)

+1

This has been sitting here for 10 months now. :(

What do we want to do here?

@walters - how does this relate to the tmp-is-dir change we did for FAW recently? Should we do the same thing for FAH in rawhide?

So, should we merge this or no? I see the patch says not tested there... but that was a year ago.

No, we'll do this as part of Fedora CoreOS.

Pull-Request has been closed by walters

5 years ago