diff options
| author | Helmut Grohne <helmut@subdivi.de> | 2024-02-26 14:39:12 +0100 |
|---|---|---|
| committer | Helmut Grohne <helmut@subdivi.de> | 2024-02-26 14:39:12 +0100 |
| commit | f0979fae03bcc4767ac4df1cb8fad9277e952637 (patch) | |
| tree | 6784eb09ab5e00730f20a270c70a47372b565e4f | |
| parent | c3ceb1929c4154db42003350d54d41ba4beb20e5 (diff) | |
| download | debvm-f0979fae03bcc4767ac4df1cb8fad9277e952637.tar.gz | |
debvm-create: switch from genext2fs to mkfs.ext4
Why?
genext2fs is slow. It has O(n^2) behaviour, which becomes annoying with
larger filesystems. It also creates an ext2 image and we have to upgrade
it to ext4 in multiple steps. Even then, the image has an inode size of
128, which is incompatible with 2038 and does not allow storing
sub-second precision time stamps.
How?
We use mkfs.ext4 from e2fsprogs (which is required anyway) instead.
Running this from within a --customize-hook does not work, because the
user namespace used for the hook often has no privileges to write to the
output image. Instead, we now ask mmdebstrap to output to a directory
and create the filesystem separately. We construct a special namespace
that has both access to the tree and to the output image and perform the
mkfs.ext4 there. As a consequence, we no longer support any mode but
unshare and since mkfs.ext4 consumes the size parameter, the size syntax
is reduced a bit.
| -rw-r--r-- | .gitlab-ci.yml | 6 | ||||
| -rw-r--r-- | README.md | 5 | ||||
| -rwxr-xr-x | bin/debvm-create | 47 | ||||
| -rw-r--r-- | debian/control | 4 | ||||
| -rwxr-xr-x | tests/dist-upgrades.sh | 2 |
5 files changed, 38 insertions, 26 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 188d919..24cbab1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -28,14 +28,14 @@ release_test: script: - apt-get update - apt-get dist-upgrade --yes - - apt-get --no-install-recommends --yes install curl e2fsprogs genext2fs mmdebstrap openssh-client qemu-kvm dpkg-dev + - apt-get --no-install-recommends --yes install curl e2fsprogs mmdebstrap openssh-client qemu-kvm dpkg-dev - PATH=$(pwd)/bin:$PATH ./tests/create-and-run.sh $(dpkg --print-architecture) "$RELEASE" debci_test: script: - apt-get update - apt-get dist-upgrade --yes - - apt-get --no-install-recommends --yes install e2fsprogs genext2fs mmdebstrap openssh-client qemu-kvm dpkg-dev + - apt-get --no-install-recommends --yes install e2fsprogs mmdebstrap openssh-client qemu-kvm dpkg-dev - PATH=$(pwd)/bin:$PATH ./tests/create-and-run.sh $(dpkg --print-architecture) "" arch_test: @@ -54,6 +54,6 @@ arch_test: - test -e /proc/sys/fs/binfmt_misc/status || mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc - apt-get update - apt-get dist-upgrade --yes - - apt-get --no-install-recommends --yes install curl e2fsprogs genext2fs mmdebstrap openssh-client qemu-system arch-test qemu-user-static file systemd dpkg-dev debian-ports-archive-keyring + - apt-get --no-install-recommends --yes install curl e2fsprogs mmdebstrap openssh-client qemu-system arch-test qemu-user-static file systemd dpkg-dev debian-ports-archive-keyring - /lib/systemd/systemd-binfmt - PATH=$(pwd)/bin:$PATH ./tests/create-and-run.sh "$ARCHITECTURE" sid @@ -32,10 +32,10 @@ A regular user account[^1] suffices. The following Debian packages should be installed: * `arch-test` (when running foreign images) * `e2fsprogs` - * `genext2fs` (used by `mmdebstrap`) * `mmdebstrap` * `qemu-system-something` * `qemu-user-static` (when creating foreign images) + * `uidmap` (for using user namespaces) What is this image format precisely? ==================================== @@ -63,8 +63,7 @@ The other aspect is restricting to Debian-based systems. This allows for a lot of simplification of the problem space. While most similar tools require root privileges at some point, this one works -with either fakeroot or a subuid allocation for user namespaces, which is often -available. +with a subuid allocation for user namespaces, which is often available. The implementation is so short that it still is feasible to read and understand it. Let's see how long that lasts. diff --git a/bin/debvm-create b/bin/debvm-create index bfc02e3..b93fa23 100755 --- a/bin/debvm-create +++ b/bin/debvm-create @@ -74,8 +74,8 @@ This is specific to using B<finit>, B<runit>, B<systemd> or B<sysv> as init syst =item B<ext4> -Internally, B<mmdebstrap> creates a tar archive first and converts that to ext2, which is then upgraded to ext4. -This option causes the conversion to ext2 and further steps to be skipped and the output image will be a tar archive instead. +Normally, B<mmdebstrap> bootstraps to a temporary directory and we create the output ext4 image from that directory. +This option causes the creation of the ext4 image to be skipped and the output file becomes a tar archive of the temporary directory instead. Such a tar archive is not suitable for being booted by B<debvm-run>. =item B<ifupdown> @@ -116,7 +116,7 @@ Without the hook, dependencies will pull the B<usrmerge> package as needed, whic =item B<-z> I<size>, B<--size>=I<size> Specify the minimum image size as an integer and optional unit (example: 10K is 10*1024). -Units are K,M,G,T,P,E,Z,Y (powers of 1024) or KB,MB,... (powers of 1000). +Units are K,M,G,T (powers of 1024). The resulting image will be grown as a sparse file to this size if necessary. The default is 1 GB. @@ -294,7 +294,7 @@ if ! check_skip kernel; then set -- "--customize-hook=$SHARE_DIR/customize-kernel.sh" "$@" fi -MMFORMAT=ext2 +MMFORMAT=directory # output a tarball if the ext4 step is skipped if check_skip ext4; then MMFORMAT=tar @@ -303,6 +303,7 @@ fi # construct mmdebstrap options as $@: set -- \ --verbose \ + --mode=unshare \ --variant=apt \ "--format=$MMFORMAT" \ '--customize-hook=echo "LABEL=debvm / ext4 defaults 0 0" >"$1/etc/fstab"' \ @@ -393,20 +394,34 @@ if ! check_skip autologin; then set -- "--customize-hook=$SHARE_DIR/customize-autologin.sh" "$@" fi -set -- "$SUITE" "$IMAGE" "$@" +run_inside_userns() { + unshare --user --map-auto --map-user=65536 --map-group=65536 --keep-caps -- "$@" +} -set -ex +TEMPROOT= +cleanup() { + if test -n "$TEMPROOT"; then + run_inside_userns rm -Rf "$TEMPROOT" + fi +} -mmdebstrap "$@" +if check_skip ext4; then + set -- "$IMAGE" "$@" +else + trap cleanup EXIT + trap 'exit 1' HUP INT QUIT TERM + TEMPROOT="$(mktemp -d)" -{ set +x; } 2>/dev/null -check_skip ext4 && exit + set -- "$TEMPROOT" "$@" +fi + +set -- "$SUITE" "$@" -set -x +set -ex + +mmdebstrap "$@" -truncate -s ">$SIZE" "$IMAGE" -/sbin/resize2fs "$IMAGE" -/sbin/tune2fs -L debvm -c 0 -i 0 -O dir_index,dir_nlink,extents,extra_isize,flex_bg,has_journal,huge_file "$IMAGE" -/sbin/resize2fs -b "$IMAGE" -# Must fsck after tune2fs: https://ext4.wiki.kernel.org/index.php/UpgradeToExt4 -/sbin/fsck.ext4 -fDp "$IMAGE" +# Create and truncate the file with "normal" permission. +: >"$IMAGE" +check_skip ext4 || + run_inside_userns /sbin/mkfs.ext4 -L debvm -d "$TEMPROOT" "$IMAGE" "$SIZE" diff --git a/debian/control b/debian/control index d4dbda0..0474049 100644 --- a/debian/control +++ b/debian/control @@ -15,12 +15,12 @@ Depends: ${misc:Depends}, dpkg-dev, e2fsprogs, - genext2fs, mmdebstrap (>= 1.3.0), passwd, qemu-kvm (>> 1:8.0) | qemu-system-any, # Required for -device virtio-net-pci,netdev=net0 ipxe-qemu, + uidmap, Recommends: arch-test, file, @@ -29,8 +29,6 @@ Recommends: qemu-system, qemu-user-static, seabios, - uidmap | fakeroot, - uidmap | fakechroot, Suggests: qemu-system-gui, Description: create and run virtual machines for various Debian releases and architectures diff --git a/tests/dist-upgrades.sh b/tests/dist-upgrades.sh index 121f87e..171500a 100755 --- a/tests/dist-upgrades.sh +++ b/tests/dist-upgrades.sh @@ -2,7 +2,7 @@ # Copyright 2022 Jochen Sprickerhof <debvm@jochen.sprickerhof.de> # SPDX-License-Identifier: MIT # -# apt install e2fsprogs genext2fs mmdebstrap openssh-client qemu-kvm +# apt install e2fsprogs mmdebstrap openssh-client qemu-kvm set -x |