diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-06-15 19:24:43 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-06-15 19:28:55 +0200 |
| commit | 770b5ce4fc31a336a41e81381c229da725ef0cfa (patch) | |
| tree | 7ccdca8270ec46ee43d0f109da5c5439426a85d2 | |
| parent | 1b26f09eb0ab6925ca15835107e75c47931cdef2 (diff) | |
tmpfiles: automatically remove old machine snapshots at boot
Remove old temporary snapshots, but only at boot. Ideally we'd have
"self-destroying" btrfs snapshots that go away if the last last
reference to it does. To mimic a scheme like this at least remove the
old snapshots on fresh boots, where we know they cannot be referenced
anymore. Note that we actually remove all temporary files in
/var/lib/machines/ at boot, which should be safe since the directory has
defined semantics. In the root directory (where systemd-nspawn
--ephemeral places snapshots) we are more strict, to avoid removing
unrelated temporary files.
This also splits out nspawn/container related tmpfiles bits into a new
tmpfiles snippet to systemd-nspawn.conf
| -rw-r--r-- | Makefile.am | 3 | ||||
| -rw-r--r-- | src/nspawn/nspawn.c | 4 | ||||
| -rw-r--r-- | tmpfiles.d/systemd-nspawn.conf | 23 | ||||
| -rw-r--r-- | tmpfiles.d/var.conf | 1 |
4 files changed, 27 insertions, 4 deletions
diff --git a/Makefile.am b/Makefile.am index a2e8709e52..6ca303f6a4 100644 --- a/Makefile.am +++ b/Makefile.am @@ -2183,7 +2183,8 @@ dist_tmpfiles_DATA = \ tmpfiles.d/tmp.conf \ tmpfiles.d/x11.conf \ tmpfiles.d/var.conf \ - tmpfiles.d/home.conf + tmpfiles.d/home.conf \ + tmpfiles.d/systemd-nspawn.conf if HAVE_SYSV_COMPAT dist_tmpfiles_DATA += \ diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 7b22b8c21b..080bf06077 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -4522,9 +4522,9 @@ int main(int argc, char *argv[]) { goto finish; } if (r > 0) - r = tempfn_random_child(arg_directory, NULL, &np); + r = tempfn_random_child(arg_directory, "machine.", &np); else - r = tempfn_random(arg_directory, NULL, &np); + r = tempfn_random(arg_directory, "machine.", &np); if (r < 0) { log_error_errno(r, "Failed to generate name for snapshot: %m"); goto finish; diff --git a/tmpfiles.d/systemd-nspawn.conf b/tmpfiles.d/systemd-nspawn.conf new file mode 100644 index 0000000000..5a3124a0fc --- /dev/null +++ b/tmpfiles.d/systemd-nspawn.conf @@ -0,0 +1,23 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# See tmpfiles.d(5) for details + +v /var/lib/machines 0700 - - - + +# Remove old temporary snapshots, but only at boot. Ideally we'd have +# "self-destroying" btrfs snapshots that go away if the last last +# reference to it does. To mimic a scheme like this at least remove +# the old snapshots on fresh boots, where we know they cannot be +# referenced anymore. Note that we actually remove all temporary files +# in /var/lib/machines/ at boot, which should be safe since the +# directory has defined semantics. In the root directory (where +# systemd-nspawn --ephemeral places snapshots) we are more strict, to +# avoid removing unrelated temporary files. + +R! /var/lib/machines/.#* +R! /.#machine.* diff --git a/tmpfiles.d/var.conf b/tmpfiles.d/var.conf index 814652a22c..472680c3bf 100644 --- a/tmpfiles.d/var.conf +++ b/tmpfiles.d/var.conf @@ -18,6 +18,5 @@ f /var/log/btmp 0600 root utmp - d /var/cache 0755 - - - d /var/lib 0755 - - - -v /var/lib/machines 0700 - - - d /var/spool 0755 - - - |