stages(machine-id): add a new "machine-id" stage #1452
Conversation
|
Makes sense to me! The question of whether or not to enable FirstBoot mode, and when is correctly deferred to |
mvo5
force-pushed
the
stages/machine-id
branch
4 times, most recently
from
a395d7f
to
d13f1d5
Compare
mvo5
force-pushed
the
stages/machine-id
branch
2 times, most recently
from
ed94a89
to
54dbc12
Compare
mvo5
force-pushed
the
stages/machine-id
branch
from
54dbc12
to
797c7ed
Compare
This is a variation of PR osbuild#960 that put the machine-id handling into it's own stage and adds explicit handling what should happen with it. For machine-id(5) we essentially want the following three states implemented: 1. `first-boot: yes` will ensure that /etc/machine-id is in the "uninitialized" state. This means on boot the systemd `ConditionFirstBoot` is triggered and a new id in `/etc/machine-id` is created. This will work for systemd v247+. 2. `first-boot: no` will ensure that /etc/machine-id exists but is empty. This will trigger the creation of a new machine-id but will *not* trigger `ConditionFirstBoot`. 3. `first-boot: preserve` will just keep the existing machine-id. Note that it will error if there is no /etc/machine-id Note that the `org.osbuild.rpm` will also create a `{tree}/etc/machine-id` while it runs to ensure that postinst scripts will not fail that rely on this file. This is an implementation detail but unfortunately the rpm stage will leave an empty machine-id file if it was missing. So we cannot just remove /etc/machine-id because any following rpm stage would re-create it again (and we cannot change that without breaking backward compatiblity). Thanks to the special semantic that a missing /etc/machine-id and an /etc/machine-id with the `uninitialized` string are equivalent we don't care. To support systemd versions below v247 we could offer an option to remove /etc/machine-id. But the downside of this is that it would only work if the org.osbuild.machine-id stage is after the rpm stage. See also the discussion in PR#960. Thanks to Tom, Christian for the PR and the background.
mvo5
force-pushed
the
stages/machine-id
branch
from
797c7ed
to
b55278c
Compare
|
I had to remove the integration test for the feature from this commit because I need to figure out how to run |
There was a problem hiding this comment.
I think this is the perfect solution to our old problem. Like Tom said, it puts the decision in the hands of the manifest generator, which should know when the stage is needed and if an option is unsupported (based on distro/systemd version).
I'm looking forward to writing proper first-boot stages with ConditionFirstBoot in our image definitions with this now instead of fiddling with our own marker files.
This is a draft for a new machien-id stage. it would allow us to create image that are in the sytemd "ConditionFirstBoot" state.
Draft for now to ensure it follows the vision/ideas of Tom and the team.
See also #960 for more context (and the commit messages here).