Ubuntu
ubuntu-image package

Using “content:” in gadget.yaml for a “role: system-data” partition makes it not be system-data anymore

Bug #1751249 reported by Oliver Grawert
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Ubuntu Image
New
Undecided
Łukasz Zemczak
ubuntu-image (Ubuntu)
Confirmed
Undecided
Łukasz Zemczak

Bug Description

The core team thinks this is an ubuntu image bug, so i'm filing this here additionally to

https://forum.snapcraft.io/t/using-content-for-a-role-system-data-partition-makes-it-not-be-system-data-anymore

When i use a gadget.yaml entry like:

      - name: writable
        type: 83,0FC63DAF-8483-4772-8E79-3D69D8477DE4
        filesystem: ext4
        filesystem-label: writable
        size: 270M
        role: system-data
        content:
          - source: writable/
            target: /

The partition is not pre-populated with snaps and seed but only the files defined in content are copied in.

I would expect that the partition is still properly pre-populated with the usual writable/system-data content and that the content from the content: entry is additionally copied in place. Or at least that the role: system-data takes precedence here if this combination is not allowed (though snapcraft or ubuntu-image should then spill a warning at least) so that a bootable system exists.

See original description
Oliver Grawert (ogra)
description: updated
summary: - Using “content:” in gadget.ymal for a “role: system-data” partition
+ Using “content:” in gadget.yaml for a “role: system-data” partition
makes it not be system-data anymore
Revision history for this message
Oliver Grawert (ogra) wrote :

building with -b ./build creates the following (the proper files from the gadget copied via "content:"):

$ find build/volumes/beaglebone/part3
build/volumes/beaglebone/part3
build/volumes/beaglebone/part3/meep.txt
build/volumes/beaglebone/part3/system-data
build/volumes/beaglebone/part3/system-data/etc
build/volumes/beaglebone/part3/system-data/etc/foo.txt

Revision history for this message
Oliver Grawert (ogra) wrote :

$ find build/unpack/gadget/writable/
build/unpack/gadget/writable/
build/unpack/gadget/writable/meep.txt
build/unpack/gadget/writable/system-data
build/unpack/gadget/writable/system-data/etc
build/unpack/gadget/writable/system-data/etc/foo.txt

Łukasz Zemczak (sil2100)
Changed in ubuntu-image (Ubuntu):
assignee: nobody → Łukasz Zemczak (sil2100)
Łukasz Zemczak (sil2100)
Changed in ubuntu-image:
assignee: nobody → Łukasz Zemczak (sil2100)
Revision history for this message
Konrad Zapałowicz (kzapalowicz) wrote :

Hey, what is the forecast time-wise on this being fixed & released?

Revision history for this message
Łukasz Zemczak (sil2100) wrote :

@ogra: I just performed some experiments while trying to reproduce this bug, but my observations are a bit different than yours. Actually it's still more or less a bug, but not as severe. The story:

So what I noticed happening is: when there is a system-data partition, ubuntu-image actually never considers the content: section of the partition's definition when creating the partition *images*. At one point we do copy over the content-defined parts to the partX/ directory for every partition (which is what you saw in comment #1), but for system-data partitions we basically ignore the contents of that directory and only create a clean ext4 partition with the rootfs contents only.

You can check that is the case by going to the volumes directory (after using -b ./build or similar) and mounting the part3.img image file (or whichever partition number it has) and looking into its contents. You should only see the rootfs data there. In this case the part3/ directory contents have no correlation to what's in part3.img. Which is why looking into the part3/ dir and seeing files without the rootfs could cause confusion.

This means that basically right now the "role: system-data" role takes precedence over the "content:" definition, so the end result should fit your expectation as per the bug description. I'm not saying this is what we ultimately want, but I'm just saying that in theory an image built with a gadget.yaml like this should still have a 'valid' rootfs.

This makes me wonder: are you sure you do not have the rootfs contents in your system-data partition in the final image? Maybe I am seeing something different han you on your system?

That being said, the current behavior is not correct for sure, but I still need to think if this should be done by ubuntu-image or by snap prepare-image. Might be that the original idea was for the responsibility to be on the u-i side, seeing that we do handle the 'content:' parsing anyway for all other partition roles, but let me think about it a bit more.

Revision history for this message
Oliver Grawert (ogra) wrote :

@sil2100 weird, I wonder why I always ended up with the opposite but will re-check it again ...

nontheless, we need the "content:" directive on a "role: system-data" partition working for a customer project soon where some udev rules (and other files) need to be pre-installed in the system-data partition.

While I could apply hacks to do this from i.e. a customized hacked initrd I would really prefer if we could give something clean to the customer for their production images instead.

Revision history for this message
Steve Langasek (vorlon) wrote : Re: [Bug 1751249] Re: Using“content:” in gadget.yaml for a “role: system-data”partition makes it not be system-data anymore

On Thu, Mar 15, 2018 at 05:15:37PM -0000, Oliver Grawert wrote:
> nontheless, we need the "content:" directive on a "role: system-data"
> partition working for a customer project soon where some udev rules (and
> other files) need to be pre-installed in the system-data partition.

I agree that this is a useful feature to have, and this has come up before.
However, it doesn't follow from the spec (which is admittedly ambiguous),
and it's new feature work. If this is a requirement for a customer project
"soon", you might need to look at contributing that feature.

In any case, if there is a deadline for this please communicate this to us
so we can try to schedule it appropriately.

> While I could apply hacks to do this from i.e. a customized hacked
> initrd I would really prefer if we could give something clean to the
> customer for their production images instead.

For a possibly-reusable example of this from the joule images, see:

  git+ssh://git.launchpad.net/~vorlon/tuchuck/+git/uc16-build-script

Revision history for this message
Oliver Grawert (ogra) wrote :

> For a possibly-reusable example of this from the joule images, see:
>
> git+ssh://git.launchpad.net/~vorlon/tuchuck/+git/uc16-build-script

This script is exactly what we want to get rid of for the upcoming
customers and what triggered the work making me hit this bug/missing-feature
altogether.

For production images a simple "ubuntu-image /path/to/model" should
DTRT for the customer, there should not be any wrapper scripts needed
and there should not be any files injected that do not come from a snap
(like you would not ship randomly injected files in a desktop iso that
are not part of a .deb or postinst script shipped in a .deb).

Francis Ginther (fginther)
tags: added: id-5aaae805ae59a6e226e8ad1b
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in ubuntu-image (Ubuntu):
status: New → Confirmed
Matthieu Clemenceau (mclemenceau)
tags: added: fr-470
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.