From d21b42b463739b2960fa686f537eac59fc10921a Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Sat, 30 Nov 2024 13:01:48 +0000 Subject: [PATCH] sysext: add initrd-specific unit In the initrd we want to run as early as possible, before any of the filesystems are set up, so that users can use sysexts to customize kernel modules, firmware, etc. But in the root fs it needs to run after /var/ has been set up. Split the unit, and have an initrd-specific one that runs very early. --- man/rules/meson.build | 1 + man/systemd-sysext.xml | 1 + units/meson.build | 5 +++++ units/systemd-sysext-initrd.service | 34 +++++++++++++++++++++++++++++ units/systemd-sysext.service | 6 ++--- 5 files changed, 44 insertions(+), 3 deletions(-) create mode 100644 units/systemd-sysext-initrd.service diff --git a/man/rules/meson.build b/man/rules/meson.build index 74613987206..df4af1e543a 100644 --- a/man/rules/meson.build +++ b/man/rules/meson.build @@ -1096,6 +1096,7 @@ manpages = [ ['systemd-confext', 'systemd-confext-initrd.service', 'systemd-confext.service', + 'systemd-sysext-initrd.service', 'systemd-sysext.service'], 'ENABLE_SYSEXT'], ['systemd-system-update-generator', '8', [], ''], diff --git a/man/systemd-sysext.xml b/man/systemd-sysext.xml index 9f78b3b214f..bf47e7ca559 100644 --- a/man/systemd-sysext.xml +++ b/man/systemd-sysext.xml @@ -19,6 +19,7 @@ systemd-sysext systemd-sysext.service + systemd-sysext-initrd.service systemd-confext systemd-confext.service systemd-confext-initrd.service diff --git a/units/meson.build b/units/meson.build index bc71c726868..792c4250c0e 100644 --- a/units/meson.build +++ b/units/meson.build @@ -624,6 +624,11 @@ units = [ 'file' : 'systemd-sysext.service', 'conditions' : ['ENABLE_SYSEXT'], }, + { + 'file' : 'systemd-sysext-initrd.service', + 'conditions' : ['ENABLE_INITRD', 'ENABLE_SYSEXT'], + 'symlinks' : ['initrd.target.wants/'], + }, { 'file' : 'systemd-sysext.socket', 'conditions' : ['ENABLE_SYSEXT'], diff --git a/units/systemd-sysext-initrd.service b/units/systemd-sysext-initrd.service new file mode 100644 index 00000000000..4f0b8ff4de4 --- /dev/null +++ b/units/systemd-sysext-initrd.service @@ -0,0 +1,34 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Merge System Extension Images into /usr/ and /opt/ +Documentation=man:systemd-sysext-initrd.service(8) + +ConditionCapability=CAP_SYS_ADMIN +ConditionDirectoryNotEmpty=|/etc/extensions +ConditionDirectoryNotEmpty=|/run/extensions +ConditionDirectoryNotEmpty=|/var/lib/extensions +ConditionDirectoryNotEmpty=|/.extra/sysext +ConditionPathExists=/etc/initrd-release + +DefaultDependencies=no +Before=local-fs-pre.target cryptsetup-pre.target systemd-tmpfiles-setup.service +Wants=local-fs-pre.target cryptsetup-pre.target +Conflicts=initrd-switch-root.target +Before=initrd-switch-root.target +Wants=modprobe@loop.service modprobe@dm_mod.service modprobe@squashfs.service modprobe@erofs.service +After=modprobe@loop.service modprobe@dm_mod.service modprobe@squashfs.service modprobe@erofs.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=systemd-sysext refresh +ExecReload=systemd-sysext refresh +ExecStop=systemd-sysext unmerge diff --git a/units/systemd-sysext.service b/units/systemd-sysext.service index 5c11eba7c97..672faa946ff 100644 --- a/units/systemd-sysext.service +++ b/units/systemd-sysext.service @@ -15,13 +15,13 @@ ConditionCapability=CAP_SYS_ADMIN ConditionDirectoryNotEmpty=|/etc/extensions ConditionDirectoryNotEmpty=|/run/extensions ConditionDirectoryNotEmpty=|/var/lib/extensions -ConditionDirectoryNotEmpty=|/.extra/sysext +ConditionPathExists=!/etc/initrd-release DefaultDependencies=no After=local-fs.target Before=sysinit.target systemd-tmpfiles-setup.service -Conflicts=shutdown.target initrd-switch-root.target -Before=shutdown.target initrd-switch-root.target +Conflicts=shutdown.target +Before=shutdown.target [Service] Type=oneshot