New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Checks for /boot/EFI write permissions are cached for too long #6046
Comments
I don't know why this happens:
fwupd isn't actually generating the Also, do you know why this bug might be Gentoo-specific? We've not seen this before. |
Could it be because of the systemd unit? |
I wondered that too, but that wouldn't explain why restarting it make it suddenly r/w -- no? |
Does this also fail?
|
yeah good point. My next guess here would be that glib internally doesn't release the fd for a given path specifically in the error path, but I looked through glib code and I didn't see anywhere it should cache an fd. It just ends up calling |
Apologies for the delay responding, holiday season. Anyway:
Good idea, I'll keep that in mind for the next time I have an update to install on one of the affected systems.
I do not know if that affects Gentoo only, it's just that all of my "/boot is mounted ro" systems happen to run Gentoo.
If it is then it is likely not a Gentoo-specific thing, as we do not customise fwupd units.
I've tried that before and yes, it does. Which makes sense because my systems do not start fwupd at either boot or login time, it only gets launched when fwupdmgr is run. |
You should be able to use the |
No open descriptors to anywhere in /boot, or indeed nowhere on the file system except /dev/null and /var/lib/fwupd/pending.db. I am beginning to suspect this has got something to do with the way systemd sets up filesystem namespaces for protected services like fwupd.service. No idea if this is something that could be addressed on the fwupd side, or indeed at all, though. |
Could you ask on the systemd mailing list perhaps? |
What if you run the daemon manually without systemd? Does it still happen? |
No, with the daemon having been launched manually remounting /boot rw takes immediate effect. I have just e-mailed systemd-devel about this, let's see what they say. |
Great thanks! It's good to know it's caused by systemd. Can you get a ticket opened in their tracker? Then we can close the fwupd one as a duplicate and track there. |
Describe the bug
If the fwupd daemon is started on a system with /boot mounted read-only, it keeps thinking it remains read-only - and refuse writing to /boot/EFI/ - even after the partition having been remounted rw. It is necessary to kill the daemon for the change to take effect.
Steps to Reproduce
Expected behavior
Operations requiring write access to /boot/EFI begin to succeed as soon as the file system in question has been remounted read-write. Or possibly fwupd taking care of remounting /boot rw (and back as ro afterwards) itself.
fwupd version information
All versions from at least 1.2.4 (see https://bugs.gentoo.org/677352) up to and including 1.9.3, installed using Gentoo Linux ebuilds in either case. Current Git head not tested.
**fwupd device information**
Likely not relevant due to the issue having been observed on several different systems, and therefore omitted for privacy reasons.
Additional questions
The text was updated successfully, but these errors were encountered: