Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Impermanence does not work when system.etc.overlay.mutable = false #210

Open
Guanran928 opened this issue Aug 30, 2024 · 2 comments
Open

Impermanence does not work when system.etc.overlay.mutable = false #210

Guanran928 opened this issue Aug 30, 2024 · 2 comments

Comments

@Guanran928
Copy link

Guanran928 commented Aug 30, 2024
edited
Loading

configuration:

  system.etc.overlay.enable = true;
  system.etc.overlay.mutable = false;
  services.userborn.enable = true;

systemd:

$ systemctl --failed
  UNIT                                                              LOAD   ACTIVE SUB    DESCRIPTION                                                                                          
● persist-\x27-persist-etc-ssh-ssh_host_ed25519_key.pub\x27.service loaded failed failed Bind mount or link '/persist/etc/ssh/ssh_host_ed25519_key.pub' to '/etc/ssh/ssh_host_ed25519_key.pub'
● persist-\x27-persist-etc-ssh-ssh_host_ed25519_key\x27.service     loaded failed failed Bind mount or link '/persist/etc/ssh/ssh_host_ed25519_key' to '/etc/ssh/ssh_host_ed25519_key'
● persist-\x27-persist-etc-ssh-ssh_host_rsa_key.pub\x27.service     loaded failed failed Bind mount or link '/persist/etc/ssh/ssh_host_rsa_key.pub' to '/etc/ssh/ssh_host_rsa_key.pub'
● persist-\x27-persist-etc-ssh-ssh_host_rsa_key\x27.service         loaded failed failed Bind mount or link '/persist/etc/ssh/ssh_host_rsa_key' to '/etc/ssh/ssh_host_rsa_key'

Legend: LOAD   → Reflects whether the unit definition was properly loaded.
        ACTIVE → The high-level unit activation state, i.e. generalization of SUB.
        SUB    → The low-level unit activation state, values depend on unit type.

4 loaded units listed.

log:

Aug 31 01:48:08 dust zhwr6q6s9q05c12015397d2jsw8zfd8r-impermanence-mount-file[1113]: touch: cannot touch '/etc/ssh/ssh_host_rsa_key': Read-only file system
Aug 31 01:48:08 dust zhwr6q6s9q05c12015397d2jsw8zfd8r-impermanence-mount-file[1096]: Error when executing touch "$mountPoint" at line 39!
Aug 31 01:48:08 dust systemd[1]: persist-\x27-persist-etc-ssh-ssh_host_rsa_key\x27.service: Main process exited, code=exited, status=1/FAILURE

A workaround:

environment.etc."secureboot".source = pkgs.emptyDirectory;
environment.etc."ssh/ssh_host_ed25519_key.pub".source = pkgs.emptyFile;
@Mic92
Copy link
Member

Mic92 commented Oct 4, 2024

Instead of "touch" it should create these files in /etc before hand as empty files than perform the bind mount at runtime in this case.

@Mic92
Copy link
Member

Mic92 commented Oct 4, 2024

If you do use userborn, you want at least this pull request I believe: #223

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Mic92 @Guanran928