Hello. I'm new to Fedora (and Linux in general,) and I've been playing around with Silverblue recently. I wanted the secondary drive in my system to mount automatically at startup because I noticed it wasn't. I used the Gnome disk utility, ungreyed the options and checked the box to automatically mount at startup. I also changed "identify as" to a label I set for the drive rather than the random string of characters it used to be. To test it out, I rebooted system and was met with the "F" logo slowly filling up, but never quite making it. This usually works fine in the non-Silverblue Fedora workstations, but it seems bugged here.
snapshot: https://postimg.cc/ykQqtDb5
Hmm. I'm guessing this has something to do with symlinks; see https://github.com/systemd/systemd/pull/6293
The systemd journal should have more useful error messages here, journalctl |grep fstab perhaps.
journalctl |grep fstab
I poked around with this problem in a VM, using the steps described by @neowave. I was able to reproduce the problem as described.
I used rd.break enforcing=0 as kernel args after rebooting, so I could edit /etc/fstab and alter some of the options for the secondary disk. After booting into the initramfs (due to the use of rd.break):
rd.break enforcing=0
/etc/fstab
rd.break
# mount -o remount,rw /sysroot/ # chroot /sysroot/ostree/boot.0/fedora-workstation/ac11951e4d0add8abf633d461de9739b56d63355462c88f2ce2a31fd7955a165/0/ # vi /etc/fstab
The default line in /etc/fstab for the secondary disk looked like this:
LABEL=extra_disk /mnt/extra_disk auto nosuid,nodev,nofail,x-gvfs-show 0 0
I tried changing a number of the options, but nothing seemed to make any difference until I changed the mount point to /var/mnt/extra_disk
/var/mnt/extra_disk
This allowed me to successfully mount the second disk during boot.
Do we have to further alter the fstab-generator to understand the use of /var/mnt on ostree systems?
fstab-generator
/var/mnt
ostree
The problem is SELinux policy:
Oct 08 14:31:05 localhost.localdomain audit[1]: AVC avc: denied { getattr } for pid=1 comm="systemd" path="/mnt" dev="dm-0" ino=33554545 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:mnt_t:s 0 tclass=lnk_file permissive=0 Oct 08 14:30:51 localhost.localdomain audit[3176]: AVC avc: denied { getattr } for pid=3176 comm="systemd-fstab-g" path="/mnt" dev="dm-0" ino=33554545 scontext=system_u:system_r:init_t:s0 tcontext=system_u:ob ject_r:mnt_t:s0 tclass=lnk_file permissive=0
This is easier to debug if you avoid rebooting, just add the mount to /etc/fstab then systemctl daemon-reload. You'll see the new generated mount unit in /run/systemd/generator, like mnt-foo.mount for /mnt/foo.
systemctl daemon-reload
/run/systemd/generator
mnt-foo.mount
/mnt/foo
Trying to systemctl start mnt-foo.mount crashes systemd here as it's not expecting denials.
systemctl start mnt-foo.mount
https://bugzilla.redhat.com/show_bug.cgi?id=1637070
Sorry for the delay. I can confirm that @miabbott's suggestion to set mount point to /var/mnt/another_disk works. the system boots just fine and mounts the 2nd disk automatically. Thanks for the help!
It also seems that @walters has found the root issue and filed a bug report on Red Hat's Bugzilla. Is it safe to close this now?
Closing as the root issues was fixed (https://bugzilla.redhat.com/show_bug.cgi?id=1637070)
Metadata Update from @tpopela: - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.