Feature #8473: Add support to live-boot to support multiple read-only lower layers with overlayfs

Feature #8473

Add support to live-boot to support multiple read-only lower layers with overlayfs

Added by intrigeri 2014-12-21 21:49:21 . Updated 2019-11-23 17:03:59 .

Status:

Resolved

Priority:

Elevated

Assignee:

Category:

Target version:

2019

Start date:

2014-12-21

Due date:

% Done:

100%

Feature Branch:

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

Subtasks

Related issues

Blocked by Tails - ~~Feature #8472~~: Wait for overlayfs to support multiple read-only lower layers	Resolved	2014-12-21
Blocked by Tails - ~~Bug #8483~~: Fix overlayfs support in live-boot upstream	Resolved	2014-12-24
Blocks Tails - ~~Feature #9373~~: Make tails-iuk support overlayfs	Resolved
Blocks Tails - Feature #16209: Core work: Foundations Team	Confirmed

History

#1 Updated by intrigeri 2014-12-21 21:49:43

blocked by ~~Feature #8472~~: Wait for overlayfs to support multiple read-only lower layers added

#2 Updated by intrigeri 2014-12-24 15:46:25

blocked by ~~Bug #8483~~: Fix overlayfs support in live-boot upstream added

#3 Updated by intrigeri 2015-04-29 05:55:18

This can be worked on once Linux 4.0.0 has been successfully built for i386 in Debian experimental.

#4 Updated by intrigeri 2015-05-23 17:28:15

I’m told that something like that works:

mount -t overlay overlay -olowerdir=./psu-test2_squashfs:./psu-test_squashfs:filesystem_squashfs,upperdir=./psu_overlay_rw,workdir=./psu_overlay_work ./psu_overlay

#5 Updated by intrigeri 2015-06-12 21:57:03

Feature Branch set to feature/8415-overlayfs

intrigeri wrote:
> This can be worked on once Linux 4.0.0 has been successfully built for i386 in Debian experimental.

That’s not a blocker anymore in the topic branch.

#6 Updated by intrigeri 2015-07-13 03:48:59

Target version set to Sustainability_M1

#7 Updated by sajolida 2015-09-07 10:44:02

Target version changed from Sustainability_M1 to 2016

#8 Updated by intrigeri 2015-12-31 10:23:54

Seems to be done in Git already: https://anonscm.debian.org/cgit/debian-live/live-boot.git/commit/?id=30b31df28b63f2b684327f16d566326ad84a25b9 — untested here, though.

#9 Updated by intrigeri 2016-01-05 17:00:31

Status changed from Confirmed to In Progress
% Done changed from 0 to 10

#10 Updated by intrigeri 2016-01-17 20:51:48

… but seems to be buggy, see https://lists.debian.org/debian-live/2016/01/msg00010.html

#11 Updated by intrigeri 2016-08-20 10:52:20

Target version deleted (~~2016~~)

Given we could do ~~Feature #10298~~ without migrating to overlayfs, we removed this from our roadmap at the summit this year.

#12 Updated by Anonymous 2018-01-15 11:48:34

Assignee set to anonym

anonym, I’m reassigning this to you as the parent is part of the roadmap again it seems, and you’re the assignee. I let you verify if / how this ticket here is still relevant.

#13 Updated by intrigeri 2018-09-12 06:53:59

Assignee changed from anonym to segfault
Target version set to Tails_3.11

#14 Updated by intrigeri 2018-09-12 06:54:06

blocks ~~Feature #15506~~: Core work 2018Q4: Foundations Team added

#15 Updated by intrigeri 2018-09-12 06:54:34

blocks ~~Feature #9373~~: Make tails-iuk support overlayfs added

#16 Updated by intrigeri 2018-11-06 15:04:44

Target version changed from Tails_3.11 to Tails_3.13

#17 Updated by intrigeri 2019-01-04 15:03:40

blocks ~~Feature #15507~~: Core work 2019Q1: Foundations Team added

#18 Updated by intrigeri 2019-01-04 15:03:59

blocked by deleted (~~~~Feature #15506~~: Core work 2018Q4: Foundations Team~~)

#19 Updated by intrigeri 2019-02-06 14:01:29

blocked by deleted (~~~~Feature #15507~~: Core work 2019Q1: Foundations Team~~)

#20 Updated by intrigeri 2019-02-06 14:01:33

blocks Feature #16209: Core work: Foundations Team added

#21 Updated by intrigeri 2019-02-06 14:01:43

Target version changed from Tails_3.13 to 2019

#22 Updated by intrigeri 2019-04-05 16:07:58

Assignee deleted (~~segfault~~)

#23 Updated by intrigeri 2019-11-23 09:17:05

Feature Branch deleted (~~feature/8415-overlayfs~~)

#24 Updated by intrigeri 2019-11-23 09:42:12

blocked by ~~Feature #17152~~: Port tails-iuk to a more lightweight set of dependencies added

#25 Updated by intrigeri 2019-11-23 10:15:38

blocks deleted (~~~~Feature #17152~~: Port tails-iuk to a more lightweight set of dependencies~~)

#26 Updated by segfault 2019-11-23 13:26:30

live-boot already supports multiple read-only layers. I tested it like this:

Create 3 squashfs files:

mkdir 1 2 3
echo 1 > 1/foo
echo 2 > 2/foo
echo 3 > 3/foo
echo 1 > 1/bar
echo 2 > 2/bar
mksqashfs 1 1.squashfs
mksqashfs 2 2.squashfs
mksqashfs 3 3.squashfs

Create a disk image and put the squashfs files there:

truncate -s 1M usb
LOOPDEV="$(sudo losetup --find --show usb)"
// Format the loop device via GNOME Disks
sudo mount "${LOOPDEV}" /mnt
cp *.squashfs /mnt
sudo umount /mnt

Boot an image built from the ~~Feature #8415~~ feature branch (commit 5209e7d757)
Add break=premount (and debug) to the kernel command line options
Attach the disk image to the VM as a USB
Copy the squashfs files to the live directory and add them to Tails.module:

// Mount the root filesystem:
mount -t vfat /dev/sda1 /root

// Mount the USB
mkdir /mnt
mount -t ext4 /dev/sdb /mnt

// Copy the squashfs files to the live directory
cp /mnt/*.squashfs /root/live/

// Add the filenames to Tails.module
echo -e "1.squashfs\n2.squashfs\n3.squashfs" >> /root/live/Tails.module

// Unmount the filesystems
umount /mnt /root

// Continue boot
exit

The booted Tails then contained the following files:

cat /foo
3
cat /bar
2

… which means that the squashfs’s were mounted in the correct order (first 1, then 2, then 3).

#27 Updated by intrigeri 2019-11-23 14:40:01

Status changed from In Progress to Resolved

Great!

#28 Updated by intrigeri 2019-11-23 17:03:59

% Done changed from 10 to 100