Commits on Feb 9, 2024

1. sysroot: Rework /var handling to act like Docker VOLUME /var …

   We've long struggled with semantics for `/var`.  Our stance of
   "/var should start out empty and be managed by the OS" is a strict
   one, that pushes things closer to the original systemd upstream
   ideal of the "OS state is in /usr".
   
   However...well, a few things.  First, we had some legacy bits
   here which were always populating the deployment `/var`.  I don't
   think we need that if systemd is in use, so detect if the tree
   has `usr/lib/tmpfiles.d`, and don't create that stuff at
   `ostree admin stateroot-init` time if so.
   
   Building on that then, we have the stateroot `var` starting out
   actually empty.
   
   When we do a deployment, if the stateroot `var` is empty,
   make a copy (reflink if possible of course) of the commit's `/var`
   into it.
   
   This matches the semantics that Docker created with volumes,
   and this is sufficiently simple and easy to explain that I think
   it's closer to the right thing to do.
   
   Crucially...it's just really handy to have some pre-existing
   directories in `/var` in container images, because Docker (and podman/kube/etc)
   don't run systemd and hence don't run `tmpfiles.d` on startup.
   
   I really hit on the fact that we need `/var/tmp` in our container
   images by default for example.
   
   So there's still some overlap here with e.g. `/usr/lib/tmpfiles.d/var.conf`
   as shipped by systemd, but that's fine - they don't actually conflict
   per se.

   

   cgwalters committed Feb 9, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for f81b9fa
   • Browse repository at this point

   Copy the full SHA

   f81b9fa View commit details

   Browse the repository at this point in the history