New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wiping root file system is not the same as a "factory reset" #2276

Closed
ajeddeloh opened this Issue Dec 1, 2017 · 2 comments

Comments

Projects
None yet
3 participants
@ajeddeloh

ajeddeloh commented Dec 1, 2017

Issue Report

Bug

Container Linux Version

$ cat /etc/os-release
NAME="Container Linux by CoreOS"
ID=coreos
VERSION=1590.0.0+2017-11-27-1556
VERSION_ID=1590.0.0
BUILD_ID=2017-11-27-1556
PRETTY_NAME="Container Linux by CoreOS 1590.0.0+2017-11-27-1556 (Ladybug)"
ANSI_COLOR="38;5;75"
HOME_URL="https://coreos.com/"
BUG_REPORT_URL="https://issues.coreos.com"
COREOS_BOARD="amd64-usr"

Environment

Any

Expected Behavior

The root filesystem we ship in the image should be the same as the one that is populated by tmpfiles. From our documentation on our disk layout:

Due to the unique disk layout of Container Linux, an rm -rf / is an un-supported but valid operation to do a "factory reset". The machine should boot and operate normally afterwards.

Actual Behavior

The root filesystem contains extra files and some differences as well. The differences are all in the /etc/g?{shadow,passwd}-? files, except /etc/audit/audit.rules which is generated by other files.

Reproduction Steps

  1. run the coreos.filesystem test from this PR

Other Information

Here is a list of all the files that are not created (at least on my current build, current alpha/beta/stable may differ slightly).

We should audit this list and determine if it is safe to ship an empty root.

@lucab

This comment has been minimized.

Show comment
Hide comment
@lucab

lucab Feb 23, 2018

Member

I took the unrelated PR at coreos/docs#1213 to slightly relax the terminology. I still prefer the term "factory reset" for clarity, so I suggest to reintroduce it (if possible) once the investigation here is over.

Member

lucab commented Feb 23, 2018

I took the unrelated PR at coreos/docs#1213 to slightly relax the terminology. I still prefer the term "factory reset" for clarity, so I suggest to reintroduce it (if possible) once the investigation here is over.

@bgilbert

This comment has been minimized.

Show comment
Hide comment
@bgilbert

bgilbert Sep 26, 2018

Member

Thank you for reporting this issue. Unfortunately, we don't think we'll end up addressing it in Container Linux.

We're now working on Fedora CoreOS, the successor to Container Linux, and we expect most major development to occur there instead. Meanwhile, Container Linux will be fully maintained into 2020 but won't see many new features. We appreciate your taking the time to report this issue and we're sorry that we won't be able to address it.

Member

bgilbert commented Sep 26, 2018

Thank you for reporting this issue. Unfortunately, we don't think we'll end up addressing it in Container Linux.

We're now working on Fedora CoreOS, the successor to Container Linux, and we expect most major development to occur there instead. Meanwhile, Container Linux will be fully maintained into 2020 but won't see many new features. We appreciate your taking the time to report this issue and we're sorry that we won't be able to address it.

@bgilbert bgilbert closed this Sep 26, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment