On Wed, Jan 12, 2022, at 4:04 AM, Panu Matilainen wrote:
Here seems to be another SMALL undocumented dependency of this change:
completing the /usrmove thing to cover the whole world including /opt,
/etc, /var, and presumably /boot as well because packages put stuff in it.
There are very few packages that put things in /boot. For example, fwupd used to be in
that set, but moved into a "self updater" model where the binary goes in /usr,
and then it copies itself into the ESP instead of having yum/rpm do it.
Now, rpm-ostree also does this with /boot:
https://github.com/coreos/rpm-ostree/blob/210bf148342a9545c9841ae6d840335...
And then we have a sister project
https://github.com/coreos/bootupd/ that is only shipped
in FCOS today (but would make sense to use on everything that uses rpm-ostree) which is
scoped explicitly to only handle stuff on the ESP (and eventually, stuff like grub on the
MBR and other architectures too).
Correct handling of /boot is obviously essential for transactional updates; ostree is
entirely designed around a "strong binding" of (kernel, userspace) pairs.
Handling kernels in /boot for "client side snapshots" is something most projects
in this space do out of band, as far as I've seen.
Again, it's really that 90% of the data in the rpmdb is for /usr. We recently changed
the kernel RPM to stick the kernel binary in /usr/lib/modules/$kver and only *copy* it
from there to strengthen this model. And this move is pushing things farther along in
that direction.