Open Fuseteam opened 3 years ago
I've been a user of ubuntu for over 2 years. one interesting aspect of it is the read-only rootfs
Did you forget a word in this sentence? Does Ubuntu really have a read-only rootfs by default? That’s news to me. Are you talking about a variant of Ubuntu maybe?
with that as a preface, here's my question since Distri uses images for updates could it work with read-only rootfs?
I haven’t tested this much, but here’s what I think: making most parts of the system read-only should work fine.
distri uses systemd, which does not need a read-writable root file system, see this Pid Eins systemd blog post about stateless systems for details and a lot more nuance.
As long as distri’s image store is writable (so that you can add a new image to the system), distri can mount the images and make the software available.
Now, does making the image store writable really still qualify as “read-only rootfs”? What’s left that’s read-only? /etc
? Depending on the software, users might need to modify /etc
, and then everything I can think of is writable after all :)
Typically, making a system read-only is done to prevent it from accidental modification. It sounds like you want to allow intentional modification (users installing tools/packages), so what do you want to achieve with a read-only rootfs in this case? If package installation works, doesn’t that go counter to the purpose of making anything read-only to begin with?
I hope that gives some perspective, but I’d really need more details to give better guidance here.
I've been a user of ubuntu for over 2 years. one interesting aspect of it is the read-only rootfs
Did you forget a word in this sentence? Does Ubuntu really have a read-only rootfs by default? That’s news to me. Are you talking about a variant of Ubuntu maybe?
ah right i forgot the word "touch" ubuntu touch
has a readonly rootfs by default not ubuntu
with that as a preface, here's my question since Distri uses images for updates could it work with read-only rootfs?
I haven’t tested this much, but here’s what I think: making most parts of the system read-only should work fine.
distri uses systemd, which does not need a read-writable root file system, see this Pid Eins systemd blog post about stateless systems for details and a lot more nuance.
As long as distri’s image store is writable (so that you can add a new image to the system), distri can mount the images and make the software available.
Now, does making the image store writable really still qualify as “read-only rootfs”? What’s left that’s read-only?
/etc
? Depending on the software, users might need to modify/etc
, and then everything I can think of is writable after all :)Typically, making a system read-only is done to prevent it from accidental modification. It sounds like you want to allow intentional modification (users installing tools/packages), so what do you want to achieve with a read-only rootfs in this case? If package installation works, doesn’t that go counter to the purpose of making anything read-only to begin with?
I hope that gives some perspective, but I’d really need more details to give better guidance here.
so the system has a readonly rootfs to allow for image based updates but it also allow for some paths to be writable. some some folders in /etc are indeed writable for example. Typically the system is updated by replacing the rootfs image sans some writable paths. my goal is to allow installations of packages to work with this ota system.
i assume the image store is a single folder? where does distri mount the images to make it available?
i assume the image store is a single folder?
Yes, the /roimg
directory contains the images.
where does distri mount the images to make it available?
In the /ro
mount point, using a FUSE daemon.
See https://distr1.org/things-to-try/ and https://distr1.org/getting-started/ to see the system in action
are /roimg
and /ro
the only writable paths we need? that actually seems to be compatible with ubuntu touch's readonly rootfs afaict. are there potential problems you can foresee? do you need to some more info about the set up?
are
/roimg
and/ro
the only writable paths we need?
(nit: /roimg
can be writable, /ro
is a virtual file system that is always read-only and allows access to the image contents)
Depends on the software. Some programs (e.g. Google Chrome) are portable and can run from /ro
just fine. Other programs (e.g. the postfix
mail server) require writing to /var
.
distri does nothing to address this (a read-only root file system is not one of the project’s goals).
In distri, we compile programs with --prefix=/ro
so that they can find their files when mounted under /ro
.
Conceptually, this is pretty similar to homebrew installing everything under /usr/local
, or Nix installing to /nix-store
.
Perhaps this is all you need to do? Arrange for a single, writable path and install software in there?
hmmm that sounds promising to me yes, I will likely experiment with this once I get a chance, as for programs requiring write access to other paths, I suppose that's out of scope but an important note for me to keep in mind, thanks for the insight. For now I would be happy if I can make a distri work as is on ubuntu touch, I feel like I can get a better understanding of it all. i am definitely willing try and arrange for a single writable path to install software and see how distri behaves, I'll assume that will have to be /roimage
in (for research purposes ofcourse). what about size, how large can these images get?
For now I would be happy if I can make a distri work as is on ubuntu touch
Definitely try distri as-is before trying to make anything more involved work. See https://distr1.org/getting-started/
i am definitely willing try and arrange for a single writable path to install software and see how distri behaves
Note that you don’t need distri to play around with installing software to a single writable path. You can just build your software with --prefix=
set accordingly and see how it behaves.
what about size, how large can these images get?
I've been a user of ubuntu for over 2 years. one interesting aspect of it is the read-only rootfs. the distro makes use of image-based updates. one question that I've seen pop up a lot of times is: "why doesn't support apt?" the answer is of course because we use a read-only rootfs for image updates and as such cannot support apt. this leads to many users being unsatisfied because they can't install their favorite tools and package.
with that as a preface, here's my question since Distri uses images for updates could it work with read-only rootfs?