New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
systemd failed to set up mount namespacing for /var/lib/bluetooth #329
Comments
@hadess Why you add the |
@herbrechtsmeier it looks like it is possible to have a ReadWritePaths that points to a subdir inside ReadOnlyPaths:
I do wonder why we didn't use StateDirectory and ConfigurationDirectory though since it appears to be a more explicit way to tell systemd what these directories are meant for. |
Therefore you need Does the bluetooth systemd service support a state and configuration directory which is different to the system values? This is the only case in which the Why the bluetooth service use
This was also my first idea but the bluetooth daemon already create the state directory and the I propose to add |
@herbrechtsmeier https://patchwork.kernel.org/project/bluetooth/patch/20220412201949.4011833-1-luiz.dentz@gmail.com/ Regarding ProtectSystem, having it set to strict seem to be even more restrictive than full:
So if we set to strict I assume it will affect even the likes of StateDirectory since it set the entire file system as read-only so we would need to use ReadWritePaths to enabling writing the states, perhaps that was the original intend so we are kinda running in circle here and we would be hitting the same problem or does systemd creates the directory set in StateDirectory? Perhaps we can look into some other daemons similar to bluetoothd to see how the use ProtectSystem. |
You have to use a relative directory for
Yes. It looks like this was the indention of the original commit (442d211):
Systemd creates the
The systemd-timesyncd.service use |
Weird I don't see anything on the documentation suggesting it would be a relative path, the problem is that the likes of --sysconfdir and --localstatedir are absolute path so one can configure these to be outside of the default path and in that case that wouldn't match what the bluetooth.service points to.
|
The systemd bluetooth service failed to start. Add a workaround for this whilst the final fix is discussed upstream, bluez/bluez#329. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The second sentence of the Documentation mention it:
Systemd expects that a service use the system wide state and configuration directories. Otherwise most of the assumption and configuration doesn't work as expected (ex. ProtectSystem=full). Systemd pass the state and configuration directories via environment variable to the service (see Table 2. Automatic directory creation and environment variables). |
The systemd bluetooth service failed to start. Add a workaround for this whilst the final fix is discussed upstream, bluez/bluez#329. (From OE-Core rev: 84ce3a90ba27b377c4a5dfea279f42b61640e9c3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yep, not sure how I missed it.
So if we don't change build system we can't really use StateDirectory and ConfigurationDirectory, at least not when it is configured outside of the supported paths. We could in theory detect if no prefix have been given than use relative paths otherwise we need to use ReadWritePaths, but the fact that one can use ReadWritePaths absolute paths that would point inside StateDirectory makes me wonder why the later couldn't just do the same if an absolute path is given, or ReadWritePaths don't really work with ProtectSystem=strict? From the documentation it seems to be allowed:
Regarding the use of environment variables, that wouldn't work when example the daemon is run from the source tree and not as a service under systemd control, we would probably need something like a shell script to set the environment variables or a runtime code that detects if the environment variables are set or not. |
The systemd bluetooth service failed to start. Add a workaround for this whilst the final fix is discussed upstream, bluez/bluez#329. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The systemd bluetooth service failed to start. Add a workaround for this whilst the final fix is discussed upstream, bluez/bluez#329. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The systemd bluetooth service failed to start. Add a workaround for this whilst the final fix is discussed upstream, bluez/bluez#329. (From OE-Core rev: 3e85ce436699a2b5b7751f671e4a6eabb4ca5404) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This makes use of StateDirectory[1] and ConfigurationDirectory[1] to inform systemd what those paths are used for instead of using ReadWritePaths and ReadOnlyPaths which can lead to issues. Fixes: bluez#329 [1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html
This fixes bluetooth.service failing to start if statedir has not been created yet: bluetooth.service: Failed to set up mount namespacing: /run/systemd/unit-root/var/lib/bluetooth: No such file or directory It also removes ReadOnlyPaths since ProtectSystem=full already mounts the entire filesystem as read-only. Fixes: bluez#329
This makes use of StateDirectory[1] and ConfigurationDirectory[1] to inform systemd what those paths are used for instead of using ReadWritePaths and ReadOnlyPaths which can lead to issues. Fixes: bluez#329 [1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html
This fixes bluetooth.service failing to start if statedir has not been created yet: bluetooth.service: Failed to set up mount namespacing: /run/systemd/unit-root/var/lib/bluetooth: No such file or directory It also removes ReadOnlyPaths since ProtectSystem=full already mounts the entire filesystem as read-only. Fixes: bluez#329
This makes use of StateDirectory[1] and ConfigurationDirectory[1] to inform systemd what those paths are used for instead of using ReadWritePaths and ReadOnlyPaths which can lead to issues. Fixes: bluez#329 [1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html
This makes use of StateDirectory[1] and ConfigurationDirectory[1] to inform systemd what those paths are used for instead of using ReadWritePaths and ReadOnlyPaths which can lead to issues. Fixes: bluez#329 [1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html
This makes use of StateDirectory[1] and ConfigurationDirectory[1] to inform systemd what those paths are used for instead of using ReadWritePaths and ReadOnlyPaths which can lead to issues. Fixes: bluez#329 [1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html
This makes use of StateDirectory[1] and ConfigurationDirectory[1] to inform systemd what those paths are used for instead of using ReadWritePaths and ReadOnlyPaths which can lead to issues. Fixes: bluez#329 [1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html
@herbrechtsmeier check with the following set: https://patchwork.kernel.org/project/bluetooth/patch/20220415223049.1155838-3-luiz.dentz@gmail.com/ |
At the moment I have no access to the hardware but I have already test the changes manual on my hardware before I suggest the change above and poky already use this change. |
Your change is mostly correct, but it makes
You should add |
There's also a regression for anyone that uses |
This seems to be worked around by 5fb2741 and 385e8d6 although that would also require changes in |
I will fix it, we actually need to set the StateDirectoryMode as well since the defaults is 0755 but we used to have 0700 since it may contain sensitve information. |
This sets ConfigurationDirectoryMode to 0555 to really enforce the ConfigurationDirectory to be read-only [1]. [1] bluez#329 (comment)
This sets ConfigurationDirectoryMode to 0555 to really enforce the ConfigurationDirectory to be read-only [1]. [1] bluez#329 (comment)
This sets ConfigurationDirectoryMode to 0555 to really enforce the ConfigurationDirectory to be read-only [1]. [1] bluez/bluez#329 (comment)
This makes use of StateDirectory[1] and ConfigurationDirectory[1] to inform systemd what those paths are used for instead of using ReadWritePaths and ReadOnlyPaths which can lead to issues. Fixes: bluez/bluez#329 [1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html
This sets ConfigurationDirectoryMode to 0555 to really enforce the ConfigurationDirectory to be read-only [1]. [1] bluez/bluez#329 (comment)
The systemd bluetooth service failed to start because the
/var/lib/bluetooth
path ofReadWritePaths=
is created by the bluetooth daemon itself.The commit
systemd: Add more filesystem lockdown
(442d211) addReadWritePaths=/etc/bluetooth
andReadOnlyPaths=/var/lib/bluetooth
options to the bluetooth systemd service. The existingProtectSystem=full
option mounts the/usr
, the boot loader directories and/etc
read-only. This means the two option are useless and could be removed.Alternative the
ReadWritePaths=
path should be prefixed with "-" to ignore a not existing path.The text was updated successfully, but these errors were encountered: