[backport] Persist device mapper devices in udev database #203
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
55-dm.rules will disable cold plugged device mapper block devices. In order for it not to disable them we need to keep the state from initrd to main boot. That is we need to mark the devices as `persist_db` so that initrd-udevadm-cleanup-db.service does not remove it. When a device mapper device gets disabled, then all systemd mounts with BindsTo to the device will get unmounted, as well as all bind mounts that depend on it. Which causes a catastrophic failure of Ubuntu Core. As a work-around for this issue we have used a stateless reexecution of systemd. This was making systemd forget about encrypted mount units and thus did not trigger unmount when devices were taken down. Now that we mark the device mapper devices as `persist_db`, this work-around is not needed anymore. Tested on: - qemu x86_64 without secure boot - qemu x86_64 with secure boot - intel nuc with secure boot - raspberry pi 4 The mounts in `/proc/mounts` are the same as before the fix, except than now `systemd-mount --list` properly lists device mapper mounts. This commit does not contain the removal of the stateless reexecutil work around.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Note that while we do not plan to bring systemd re-exec in UC20, this fix does fix the state of dev mapper devices. Without this fix, they are disabled with
SYSTEMD_READY=0while being dependencies of inferred mount units, which can be problematic in some cases.The following is the commit message:
55-dm.rules will disable cold plugged device mapper block devices. In order for it not to disable them we need to keep the state from initrd to main boot. That is we need to mark the devices as
persist_dbso that initrd-udevadm-cleanup-db.service does not remove it.When a device mapper device gets disabled, then all systemd mounts with BindsTo to the device will get unmounted, as well as all bind mounts that depend on it. Which causes a catastrophic failure of Ubuntu Core.
As a work-around for this issue we have used a stateless reexecution of systemd. This was making systemd forget about encrypted mount units and thus did not trigger unmount when devices were taken down.
Now that we mark the device mapper devices as
persist_db, this work-around is not needed anymore.Tested on:
The mounts in
/proc/mountsare the same as before the fix, except than nowsystemd-mount --listproperly lists device mapper mounts.This commit does not contain the removal of the stateless reexecutil work around.