Hi intrigeri,
Thanks for the feedback! :)
intrigeri:
> > I've noticed that, in the /usr/local/sbin/live-persist script (l.517),
> > the function Cmdline_old() (from /lib/live/boot/9990-cmdline-old in
> > the live-boot package) was called but that the variable
> > LIVE_BOOT_CMDLINE it uses to get the actual kernel command line was
> > unset.
>
> Your analysis seems entirely correct to me. Now I wonder: why do we
> need to call Cmdline_old at all? Is it so that live-boot functions
> get_custom_mounts() honor custom arguments a user may have manually
> passed on the kernel command line? Could you provide any example
> of such an argument we may wish to support actively in Tails?
Well, I don't know what was the exact rationale behind the call to
Arguments in the first place, but I can imagine that the value of some
arguments such as "persistence-read-only" might be of some interest
(even though they can also be overridden passing command-line
parameters to live-persist; but this would require changing the call
in tailsgreeter/persistence.py).
In fact, I've stumbled upon this while looking into customizing my
persistence in order to overlay some stuff on top of the root
filesystem using an union mount. This is when I realized the
UNIONTYPE variable (set by Cmdline_old and used by
activate_custom_mounts) was set to the default "overlay", even though
the kernel command line had the "union" argument set to "aufs".
Digging into that, I found the call to Cmdline_old without
LIVE_BOOT_CMDLINE being properly initialized, which seemed to be a
regression due to the change in live-boot. Hence my patch.
But to be honest, I was mostly trying to fix the apparent regression
here. If you think that dropping the call to Cmdline_old altogether is
a better solution, I'm perfectly fine with that as well! :)
We just need to make sure that the live-boot functions that are called
by live-persist do not depend on variables set (possibly to their
default value) by Cmdline_old; or that these variables are properly
set beforehand in live-persist.
Another possibility (the less fragile, I would think) would be to
craft a "fake" minimal kernel cmdline following the command-line
options passed to live-persist, and feed this cmdline to live-boot's
Cmdline_old via the LIVE_BOOT_CMDLINE variable. For instance, a call
to
live-persist --read-only --union=aufs
would do something along the lines of
LIVE_BOOT_CMDLINE="persistence persistence-read-only union=aufs"
Cmdline_old
According to live-boot's commit log, this was actually the point of
the LIVE_BOOT_CMDLINE variable when it was introduced:
https://anonscm.debian.org/cgit/debian-live/live-boot.git/commit/?id=f788126730ccd13eeef5a7a97796e001cfc6bb50
This way, we would avoid having to pass the actual kernel cmdline to
Cmdline_old, as this entails some extra tinkering in live-persist:
since Tails's cmdline contains "nopersistence", live-persist has to
override this to actually enable persistence (see ll.523-524):
export PERSISTENCE="true"
export NOPERSISTENCE=""
So, maybe putting a dedicated custom cmdline taylored to our needs in
LIVE_BOOT_CMDLINE would spare us all this trouble?
I can definitely look into that, if you think that it is relevant.
Cheers!
patapon.
P.S. Wow! This reply got much longer than anticipated! :)
