From b2adc260a88f3aaa8fdc1fed18a2b1fa5d34e6d2 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Tue, 26 Mar 2024 09:51:19 -0600 Subject: [PATCH] Revert /tmp to tmpfs Podman *really* needs /tmp to be tmpfs, to detect and handle reboots. Although there are (at this time) no reboots involved in CI testing, it's still important for CI hosts to reflect something close to a real-world environment. And, there is work underway to check /tmp: https://github.com/containers/podman/pull/22141 This PR removes special-case Fedora code that was disabling a tmpfs /tmp mount. History dates back to PR #30 back in 2020. Some of the image-build code in this repo performs reboots and relies on persistent tmp files, so you'll note a flurry of /tmp -> /var/tmp changes. Signed-off-by: Ed Santiago --- .cirrus.yml | 2 +- IMG_SFX | 2 +- base_images/cloud.yml | 8 ++++---- base_images/fedora_base-setup.sh | 6 ------ cache_images/cloud.yml | 10 +++++----- ci/Containerfile | 2 +- image_builder/gce.yml | 6 +++--- lib.sh | 2 +- 8 files changed, 16 insertions(+), 22 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index db2d883c..cf8395b9 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -104,7 +104,7 @@ container_images_task: &container_images REG_PASSWORD: ENCRYPTED[255ec05057707c20237a6c7d15b213422779c534f74fe019b8ca565f635dba0e11035a034e533a6f39e146e7435d87b5] script: ci/make_container_images.sh; package_cache: &package_cache - folder: "/tmp/automation_images_tmp/.cache/**" + folder: "/var/tmp/automation_images_tmp/.cache/**" fingerprint_key: "${TARGET_NAME}-cache-version-1" diff --git a/IMG_SFX b/IMG_SFX index 2ff237a3..bb9541ab 100644 --- a/IMG_SFX +++ b/IMG_SFX @@ -1 +1 @@ -20240410t200635z-f39f38d13 \ No newline at end of file +20240411t124913z-f39f38d13 diff --git a/base_images/cloud.yml b/base_images/cloud.yml index 083551c7..f9803c38 100644 --- a/base_images/cloud.yml +++ b/base_images/cloud.yml @@ -187,23 +187,23 @@ provisioners: # Debian images come bundled with GCE integrations provisioned - type: 'shell' inline: - 'set -e' - - 'mkdir -p /tmp/automation_images' + - 'mkdir -p /var/tmp/automation_images' - type: 'file' source: '{{ pwd }}/' - destination: '/tmp/automation_images/' + destination: '/var/tmp/automation_images/' - except: ['debian'] type: 'shell' inline: - 'set -e' - - '/bin/bash /tmp/automation_images/base_images/fedora_base-setup.sh' + - '/bin/bash /var/tmp/automation_images/base_images/fedora_base-setup.sh' - only: ['debian'] type: 'shell' inline: - 'set -e' - - 'env DEBIAN_FRONTEND=noninteractive /bin/bash /tmp/automation_images/base_images/debian_base-setup.sh' + - 'env DEBIAN_FRONTEND=noninteractive /bin/bash /var/tmp/automation_images/base_images/debian_base-setup.sh' post-processors: # Must be double-nested to guarantee execution order diff --git a/base_images/fedora_base-setup.sh b/base_images/fedora_base-setup.sh index c00f7080..06c22042 100644 --- a/base_images/fedora_base-setup.sh +++ b/base_images/fedora_base-setup.sh @@ -95,10 +95,4 @@ if ! ((CONTAINER)); then /lib/$METADATA_SERVICE_PATH | $SUDO tee -a /etc/$METADATA_SERVICE_PATH fi -if [[ "$OS_RELEASE_ID" == "fedora" ]] && ((OS_RELEASE_VER>=33)); then - # Ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783509 - echo "Disabling automatic /tmp (tmpfs) mount" - $SUDO systemctl mask tmp.mount -fi - finalize diff --git a/cache_images/cloud.yml b/cache_images/cloud.yml index 98829bfc..d8f87cf1 100644 --- a/cache_images/cloud.yml +++ b/cache_images/cloud.yml @@ -183,30 +183,30 @@ provisioners: - type: 'shell' inline: - 'set -e' - - 'mkdir -p /tmp/automation_images' + - 'mkdir -p /var/tmp/automation_images' - type: 'file' source: '{{ pwd }}/' - destination: "/tmp/automation_images" + destination: "/var/tmp/automation_images" - only: ['rawhide'] type: 'shell' expect_disconnect: true # VM will be rebooted at end of script inline: - 'set -e' - - '/bin/bash /tmp/automation_images/cache_images/rawhide_setup.sh' + - '/bin/bash /var/tmp/automation_images/cache_images/rawhide_setup.sh' - except: ['debian'] type: 'shell' inline: - 'set -e' - - '/bin/bash /tmp/automation_images/cache_images/fedora_setup.sh' + - '/bin/bash /var/tmp/automation_images/cache_images/fedora_setup.sh' - only: ['debian'] type: 'shell' inline: - 'set -e' - - 'env DEBIAN_FRONTEND=noninteractive /bin/bash /tmp/automation_images/cache_images/debian_setup.sh' + - 'env DEBIAN_FRONTEND=noninteractive /bin/bash /var/tmp/automation_images/cache_images/debian_setup.sh' post-processors: # This is critical for human-interaction. Copntents will be used diff --git a/ci/Containerfile b/ci/Containerfile index 4d30ad44..c19aae3f 100644 --- a/ci/Containerfile +++ b/ci/Containerfile @@ -8,7 +8,7 @@ FROM registry.fedoraproject.org/fedora:${FEDORA_RELEASE} ARG PACKER_VERSION MAINTAINER https://github.com/containers/automation_images/ci -ENV CIRRUS_WORKING_DIR=/tmp/automation_images \ +ENV CIRRUS_WORKING_DIR=/var/tmp/automation_images \ PACKER_INSTALL_DIR=/usr/local/bin \ PACKER_VERSION=$PACKER_VERSION \ CONTAINER=1 diff --git a/image_builder/gce.yml b/image_builder/gce.yml index dce74345..e6208d5f 100644 --- a/image_builder/gce.yml +++ b/image_builder/gce.yml @@ -45,16 +45,16 @@ provisioners: - type: 'shell' inline: - 'set -e' - - 'mkdir -p /tmp/automation_images' + - 'mkdir -p /var/tmp/automation_images' - type: 'file' source: '{{ pwd }}/' - destination: '/tmp/automation_images/' + destination: '/var/tmp/automation_images/' - type: 'shell' inline: - 'set -e' - - '/bin/bash /tmp/automation_images/image_builder/setup.sh' + - '/bin/bash /var/tmp/automation_images/image_builder/setup.sh' post-processors: # Must be double-nested to guarantee execution order diff --git a/lib.sh b/lib.sh index 05597ba7..f998f6b6 100644 --- a/lib.sh +++ b/lib.sh @@ -298,7 +298,7 @@ common_finalize() { $SUDO rm -rf /var/lib/cloud/instanc* $SUDO rm -rf /root/.ssh/* $SUDO rm -rf /etc/ssh/*key* - $SUDO rm -rf /tmp/* + $SUDO rm -rf /tmp/* /var/tmp/automation_images $SUDO rm -rf /tmp/.??* echo -n "" | $SUDO tee /etc/machine-id $SUDO sync