coreos-boot-mount-generator: Always use mpath for /boot if for root

If root is on multipath, then we *know* we must use it for `/boot`. The current code is I believe racy because at the time the generator runs, we're querying the current properties of the device at `/dev/disk/by-label/boot`. But multipathd could still be in the process of setting up and replacing what that symlink points to. https://bugzilla.redhat.com/show_bug.cgi?id=1944660
coreos · May 18, 2021 · 560b996 · 560b996
1 parent b6a7c99
commit 560b996
Showing 1 changed file with 15 additions and 15 deletions.
diff --git a/overlay.d/05core/usr/lib/systemd/system-generators/coreos-boot-mount-generator b/overlay.d/05core/usr/lib/systemd/system-generators/coreos-boot-mount-generator
@@ -41,43 +41,43 @@ add_wants() {
 # is backed by a device-mapper target the dev-mapper.*.device is used.
 mk_mount() {
     local mount_pt="${1}"; shift
-    local label="${1}"; shift
+    local path="${1}"; shift
     local options="${1}"; shift
 
-    local path="/dev/disk/by-label/${label}"
+    local devservice=$(systemd-escape -p ${path} --suffix=service)
     local unit_name=$(systemd-escape -p ${mount_pt} --suffix=mount)
 
-    eval $(udevadm info --query property --export "${path}")
-    device="$(systemd-escape ${path})"
-    if [ "${DM_NAME:-x}" != "x" ]; then
-        path="/dev/mapper/${DM_NAME}"
-        device="$(systemd-escape dev/mapper/${DM_NAME})"
-    fi
-    device="${device//-dev/dev}"
-    echo "coreos-boot-mount-generator: using ${device} for ${label} mount to ${mount_pt}"
-
     cat > "${UNIT_DIR}/${unit_name}" <<EOF
 # Automatically created by coreos-boot-mount-generator
 [Unit]
 Description=CoreOS Dynamic Mount for ${mount_pt}
 Documentation=https://github.com/coreos/fedora-coreos-config
 
 Before=local-fs.target
-Requires=systemd-fsck@${device}.service
-After=systemd-fsck@${device}.service
+Requires=systemd-fsck@${devservice}
+After=systemd-fsck@${devservice}
 
 [Mount]
 What=${path}
 Where=${mount_pt}
 Options=${options}
 EOF
-
     add_wants "${unit_name}"
 }
 
+# If the root device is multipath, hook up /boot to use that too,
+# based on our custom udev rules in 90-coreos-device-mapper.rules
+# that creates "label found on mpath" links.
+# Otherwise, use the usual by-label symlink.
+rootdev="$(findmnt -nvr -o SOURCE /)"
+case "${rootdev}" in
+    /dev/mapper/mpath*) bootdev=/dev/disk/by-label/dm-mpath-boot;;
+    *) bootdev=/dev/disk/by-label/boot;;
+esac
+
 # We mount read-only by default mostly to protect
 # against accidental damage.  Only a few things
 # owned by CoreOS should be touching /boot or the ESP.
 # Use nodev,nosuid because some hardening guides want
 # that even though it's of minimal value.
-mk_mount /boot boot ro,nodev,nosuid
+mk_mount /boot "${bootdev}" ro,nodev,nosuid