Re: update-initramfs, chroots ro /boot, and debian-live (Re: d-l and /boot ro)
On Mon, Sep 03, 2007 at 10:36:56PM +0200, maximilian attems wrote:
> On Mon, Sep 03, 2007 at 03:28:00PM -0400, Justin Pryzby wrote:
> > On Mon, Sep 03, 2007 at 08:57:41PM +0200, Daniel Baumann wrote:
> > > maximilian attems wrote:
> > > > well update-initramfs checks if there is a readable /proc/mounts,
> > > > so if /proc is !mounted everything si fine.
> > >
> > > that's what i stated.. but it's ugly to mount, do stuff, unmount, update
> > > initramfs, mount, do stuff, and unmount again.
> > >
> > > it would be, probably, better if update-initramfs could handle read-only
> > > /boot.
> > Unfortunately the problem is that it *does* handle ro boot, as a
> > special case (and not chroot).
> >
> > Perhaps it should also test "`stat -c '%i' /boot`" = "`stat -c '%i'
> > /proc/1/root/boot`" or some such other chroot indicator.
>
> so could you reexplain what your request is, cool thanks.
I'm wondering whether initramfs should have some more checks before
exiting without doing anything. In particular whether it should check
for a chroot. I'm not sure either way, but I think I agree with
Daniel it would be a kludge to solve this within debian-live. It
would be something like:
. unmounting and remounting proc and manually rather than
automatically calling "update-initramfs" (since otherwise dpkg and
who knows what else will be run without /proc); or,
. trying to hide from initramfs that the "external" /boot is ro.
> i'll try to rephrase you have chroot where /proc is mounted,
> where the exterior /boot is ro. thus no initramfs is generated
> inside of the chroot?
Right. The readonly boot is specific to me (but could happen
anywhere). The chroot with mounted /proc is normal "debian-live"
build process.
> why is proc mounted?
For the same reason it has to be mounted outside the chroot: things
fail in obscure ways when it isn't. Within the chroot dpkg runs
maintainer scripts which run next to everything. Here, IIRC,
update-initramfs is being run by a kernel installation.
Justin
Reply to: