Add resourced plugins to ISU configuration
resourced is a special case. As the service binary performs mounts that must be
visible by the rest of the system, it cannot use any form of sandboxing. That's
why the binary has to be run directly from the ISU package. In addition, different
images may provide different set of configuration files (/etc/resourced/*) and some
configurations may need plugins in the form of shared libraries. As if that was not
enough, the aforementioned plugins may reside in different directories, depending on
the target architecture (as with all shared libraries on Linux systems). Putting all
this together and preparing a correct and roboust ISU configuration is challenging.
The solution is to prepare an ISU package that will work in all these cases:
- any collection of configuration files (/etc/resourced/*)
- any collection of plugins (possibly with no plugins at all)
- support a whole raft of different combinations of the above two.
The solution is based on direct binary file exchange, bind mounting the whole
/etc/resourced directory and bind mounting the whole plugins directory. The latter
is optional (so possibly resourced can run without plugins at all on some
configurations). Bind mounting entire subdirectories allows for the flexibility of
the whole ISU configuration. Please find the implementation details below.
The following changes have been made for ISU:
* isu/isu.cfg - ISU configuration file.
[isu] section:
`name` and `version` have been filled by using the #NAME# and #VERSION#
that will be replaced into the name and version of the RPM package.
`system_service` is the systemd service name and must be the same as the
original one. It has also been extended to add two dependent mount units:
`##PLUGIN_MOUNT##` will be substituted into
`usr-lib{64}-resourced-plugins.mount` (depending on the architecture)
which bind mounts resourced plugins subdirectory allowing it to be
replaced with the ones provided by the ISU package
`etc-resourced.mount` which is responsible for replacing /etc/resourced
with the one provided by ISU
[files] section:
contains a list of files/directories that should be added to the ISU package.
We provide 3 mandatory entries here:
/usr/bin/resourced - resourced binary
/etc/resourced - directory containing resourced configuration
libresourced-private-api.so.* - library that is mandatory for resourced
resourced/plugins - directory with resourced plugins (optional)
We use the `##LIBDIR##` snippet to obtain the proper library path (explained
later).
* isu/resourced.service- modified ISU service file.
Comparing to the original service file, dependency on plugin mount unit has been
introduced. Plugin mount unit in turns is dependent on the `etc-resourced` mount
unit. Also, the ExecStart has been modified so that it loads the service binary
from the ISU package path rather than the original one (/usr/bin/resourced).
* isu/etc-resourced.mount - mount unit responsible for replacing the original
/etc/resourced directory with the one provided by the ISU package
* isu/usr-lib-resourced-plugins.mount - mount unit responsible for replacing plugins
subdirectory with the one provided by the ISU package.
##PLUGIN_LIB_DIR## is substituted by the appropriate string generated in the
resourced.spec file, which depends on the architecture: on 32-bit systems it will
be /usr/lib, and on 64-bit ones /usr/lib64. This mount unit may be renamed later
to `usr-lib64-resourced-plugins.mount` as the name of the mount unit must reflect
the path to which it applies a bind mount. This is done in the isu/CMakeLists.txt.
* packaging/resourced.spec - main resourced RPM spec file.
The following changes has been made:
- added isu package, its description, and isu configuration files section
- added ISU_ARCH_BIT constant to be passed to the cmake invocation, so that it
knows for which architecture the build was invoked
- added `##LIBDIR##`, `##PLUGIN_LIB_DIR## ` and `##PLUGIN_MOUNT##` symbols
expansion to substitute the placeholders in isu configuration, service file and
mount unit files depending on the architecture:
##LIBDIR## exapnds to /usr/lib{64}
##PLUGIN_MOUNT## expands to usr-lib{64}-resourced-plugins.mount
##PLUGIN_LIB_DIR## expands to /usr/lib{64}/resourced/plugins
- added packaing plugins directory to the `bin` rpm package. This is needed to
prevent plugins mount unit from failing when the plugins are not present (they
are optional).
* isu/CMakeLists.txt - CMake config file for the ISU rpm package
Added installing ISU config file, isu service file and mount units to the
appropriate locations (/etc/isu/*). Also added renaming plugins mount unit file
to the appropriate one (depending on the architecture).
* src/CMakeLists.txt - main CMake config file
Added creating resourced plugins directory unconditionally. Necessary for the
spec file to be able to package plugins directory (possibly empty) into the `bin`
rpm package.
Change-Id: If267bd00999fae84b79a67122af8cd98cd84644f