OSTree Manual |
---|
First, OSTree encourages systems to implement UsrMove.
This is simply to avoid the need for more bind mounts. By
default OSTree's dracut hook creates a read-only bind mount over
/usr
; you can of course
generate individual bind-mounts for /bin
, all the /lib
variants, etc. So it is not
intended to be a hard requirement.
Remember, because by default the system is booted into a
chroot
equivalent, there has to be some way
to refer to the actual physical root filesystem. Therefore,
your operating system tree should contain an empty /sysroot
directory; at boot time,
OSTree will make this a bind mount to the physical / root
directory. There is precedent for this name in the initramfs
context. You should furthermore make a toplevel symbolic link
/ostree
which points to
/sysroot/ostree
, so that
the OSTree tool at runtime can consistently find the system data
regardless of whether it's operating on a physical root or
inside a deployment.
Because OSTree only preserves /var
across upgrades (each
deployment's chroot directory will be garbage collected
eventually), you will need to choose how to handle other
toplevel writable directories specified by the Filesystem Hierarchy
Standard. Your operating system may of course choose
not to support some of these such as /usr/local
, but following is the
recommended set:
/home
to/var/home
/opt
to/var/opt
/srv
to/var/srv
/root
to/var/roothome
/usr/local
to/var/local
/mnt
to/var/mnt
/tmp
to/sysroot/tmp
Furthermore, since /var
is empty by default, your operating system will need to
dynamically create the targets of these at
boot. A good way to do this is using
systemd-tmpfiles, if your OS uses systemd.
For example:
d /var/log/journal 0755 root root - L /var/home - - - - ../sysroot/home d /var/opt 0755 root root - d /var/srv 0755 root root - d /var/roothome 0700 root root - d /var/usrlocal 0755 root root - d /var/usrlocal/bin 0755 root root - d /var/usrlocal/etc 0755 root root - d /var/usrlocal/games 0755 root root - d /var/usrlocal/include 0755 root root - d /var/usrlocal/lib 0755 root root - d /var/usrlocal/man 0755 root root - d /var/usrlocal/sbin 0755 root root - d /var/usrlocal/share 0755 root root - d /var/usrlocal/src 0755 root root - d /var/mnt 0755 root root - d /run/media 0755 root root -
Particularly note here the double indirection of /home
. By default, each
deployment will share the global toplevel /home
directory on the physical
root filesystem. It is then up to higher levels of management
tools to keep /etc/passwd
or equivalent
synchronized between operating systems.
Each deployment can easily be reconfigured to have its own home
directory set simply by making /var/home
a real directory.