#246 fedora-common-ostree: Make presets canonical
Merged 9 months ago by siosm. Opened 2 years ago by siosm.
siosm/workstation-ostree-config preset-all  into  main

file modified
+10
@@ -111,4 +111,14 @@ 

      # Remove loader directory causing issues in Anaconda in unified core mode

      # Will be obsolete once we start using bootupd

      rm -rf /usr/lib/ostree-boot/loader

+ 

+     # Undo RPM scripts enabling units; we want the presets to be canonical

+     # https://github.com/projectatomic/rpm-ostree/issues/1803

+     rm -rf /etc/systemd/system/*

+     systemctl preset-all

+     rm -rf /etc/systemd/user/*

+     systemctl --user --global preset-all

+ 

+     # Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=2218006

+     systemctl enable nfs-client.target

  postprocess-script: "postprocess.sh"

fedora-common-ostree: Make presets canonical

This ensures that only services defined in presets are enabled by
default. This has two advantages:
- services enabed in RPM scriptlets are dropped
- new services can be enabled by default simply by adding them to
presets

This mirrors the behaviour of Fedora CoreOS. For more informations, see:
- https://github.com/coreos/fedora-coreos-config/blob/testing-devel/manifests/ignition-and-ostree.yaml#L39..L48
- https://github.com/coreos/fedora-coreos-config/pull/73
- https://github.com/coreos/fedora-coreos-config/pull/77
- https://github.com/coreos/fedora-coreos-config/pull/122
- https://github.com/coreos/rpm-ostree/issues/1803


fedora-common-ostree: Add workaround for nfs-client.target

See: https://bugzilla.redhat.com/show_bug.cgi?id=2218006

Marking as draft as this one needs testing.

Do you know what the net delta is in /etc/systemd/system before and after the presets commit?

There are possibly services which will lose their enablement state on update due to this. In FCOS, this was safe to do (see https://github.com/coreos/fedora-coreos-config/pull/77#issuecomment-484272164), but FSB pulls in more packages.

I don't know yet. I'll have to make test builds and compare the content of /usr/etc.

rebased onto 6942c5d5389bbfcdced2600c07503595ec981af8

9 months ago

Diff (f38 non unified core, no preset-all -> rawhide unified core + preset-all):

sudo diff -rq c351a6e4ab7c0a8b4180801e69031905bea69243a259804e86fd54ef3533b917.0/etc/systemd/system 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system | sort
[sudo] password for silverblue: 
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system/basic.target.wants: rpmdb-migrate.service
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system/basic.target.wants: rpmdb-rebuild.service
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system: dbus-org.freedesktop.home1.service
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system/multi-user.target.wants: ostree-finalize-staged.path
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system/multi-user.target.wants: remote-cryptsetup.target
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system/multi-user.target.wants: systemd-homed.service
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system/sysinit.target.wants: systemd-pstore.service
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system: systemd-homed.service.wants
Only in 83efc9cc08d88f17e8418de4f6672837ac82bdb13051c20e44460b512cf9b90c.0/etc/systemd/system/timers.target.wants: rpm-ostree-countme.timer
Only in c351a6e4ab7c0a8b4180801e69031905bea69243a259804e86fd54ef3533b917.0/etc/systemd/system: default.target
Only in c351a6e4ab7c0a8b4180801e69031905bea69243a259804e86fd54ef3533b917.0/etc/systemd/system/multi-user.target.wants: nfs-client.target
Only in c351a6e4ab7c0a8b4180801e69031905bea69243a259804e86fd54ef3533b917.0/etc/systemd/system: remote-fs.target.wants

See: https://pagure.io/pungi-fedora/pull-request/1145

Explaination for the diff:

Only in non unified core mode without preset all (f38):

  • /etc/systemd/system/default.target: The systemd default, no change, not really needed

  • /etc/systemd/system/multi-user.target.wants/nfs-client.target: nfs-utils does not have a preset and uses a post-script (https://src.fedoraproject.org/rpms/nfs-utils/blob/rawhide/f/nfs-utils.spec#_252)

  • /etc/systemd/system: remote-fs.target.wants/nfs-client.target: nfs-utils does not have a preset and uses a post-script

Only in unified code mode + preset all (rawhide):

  • /etc/systemd/system/basic.target.wants/rpmdb-migrate.service: Part of the RPM package, will never trigger due to a path check condition
  • /etc/systemd/system/basic.target.wants/rpmdb-rebuild.service: Part of the RPM package, will never trigger due to a path check condition

  • /etc/systemd/system/multi-user.target.wants/ostree-finalize-staged.path: Looks like this is from https://github.com/ostreedev/ostree/issues/545 and thus wasn't fixed for non-FCOS users

  • /etc/systemd/system/multi-user.target.wants/remote-cryptsetup.target: Enabled in preset but not in RPM

  • /etc/systemd/system/sysinit.target.wants/systemd-pstore.service: Enabled in preset but not in RPM
  • /etc/systemd/system/systemd-homed.service.wants: Enabled in preset but not in RPM
  • /etc/systemd/system/dbus-org.freedesktop.home1.service: see above
  • /etc/systemd/system/multi-user.target.wants/systemd-homed.service: see above

  • /etc/systemd/system/timers.target.wants/rpm-ostree-countme.timer: Manually enabled in fedora-release subpackage to specifically avoid having the issue we're trying to fix here :)

rebased onto 9aea74b

9 months ago

rebased onto fa59f1e

9 months ago

Added a workaround for nfs-client.target to this PR until the preset is fixed: https://bugzilla.redhat.com/show_bug.cgi?id=2218006

/etc/systemd/system/multi-user.target.wants/ostree-finalize-staged.path: Looks like this is from https://github.com/ostreedev/ostree/issues/545 and thus wasn't fixed for non-FCOS users

This is still activated on my Silverblue/Kinoite systems so the fix is there.

I've verified the diff with a build with this PR and also verified that this works for the openQA test by disabling GDM and making sure to get a TTY.

We'll need this to enabled unified core builds so merging.

Pull-Request has been merged by siosm

9 months ago
Metadata