Allow writable /var and /etc directories
#2522
Conversation
| #define VAR_OVERLAY_PATH OVERLAY_PATH "/var" | ||
| #define ETC_OVERLAY_PATH OVERLAY_PATH "/etc" | ||
|
|
||
| const struct InitOp overlay_ops[] = { |
There was a problem hiding this comment.
Would hard-coding this be restrictive?
Say tomorrow somebody wants to write logs to /tmp and want it to be overlay.
There was a problem hiding this comment.
yes, but the flipside would be the complexity of C code needed to handle parsing and validating a list of user-provided directories from the command line
There was a problem hiding this comment.
True, but we will future proof this so that we don't need code change every time new directory needs to be writable.
Should we pass something like "--overlay-dirs=/etc,/var,/opt" to init process?
There was a problem hiding this comment.
we can always add that in the future, but i think the long option parsing and additional path validation would over-complicate this already complicated PR
helsaawy
force-pushed
the
ms-rel-init-overlay-rw
branch
from
b518f5d to
9772b9c
Compare
Binaries in the uVM can require writing to (or be configured by) files in `/var` (or `/etc`, respectively). An LCOW uVM VHD-backed rootfs, however, is readonly (as opposed to WCOW, which creates a new snapshot and therefor scratch VHD per uVM). Remedy this by creating `overlay` mounts for the two directories, enabled by the `/init` flag `-w`. Use `overlay` instead of creating a `tmpfs` mount directly over the directories (which is done for `/run` and `/tmp`) to preserve existing content in the rootfs. Add a new `WritableOverlayDirs` annotation to enable the feature. Make the annotation internal (unpublished) since: - it is implementation dependent (i.e., how LCOW uVMs are run could conceivably change in the future); and - the feature is aimed at more advanced use cases where users are modifying the LCOW uVMs rootfs and should be familiar with `hcshims`'s inner workings Signed-off-by: Hamza El-Saawy <[email protected]>
helsaawy
force-pushed
the
ms-rel-init-overlay-rw
branch
from
9772b9c to
3d71f98
Compare
4 participants
Binaries in the uVM can require writing to (or be configured by) files in
/var(or/etc, respectively).An LCOW uVM VHD-backed rootfs, however, is readonly (as opposed to WCOW, which creates a new snapshot and therefor scratch VHD per uVM). Remedy this by creating
overlaymounts for the two directories, enabled by the/initflag-w.Use
overlayinstead of creating atmpfsmount directly over the directories (which is done for/runand/tmp) to preserve existing content in the rootfs.Add a new
WritableOverlayDirsannotation to enable the feature. Make the annotation internal (unpublished) since:hcshims's inner workings