From Fedora Project Wiki

Revision as of 16:25, 2 August 2022 by Bcotton (talk | contribs) (Add trackers)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


Preset All Systemd Units on First Boot

Summary

Systemd will execute the equivalent of systemctl preset-all when an unconfigured system is booted ("First Boot" condition). This means that units will be enabled or disabled according to the preset configuration. We currently do the equivalent of systemctl preset-all --preset-mode=enable-only, and this will be extended to also disable units, i.e. systemctl preset-all --preset-mode=full. Any units which are manually symlinked but presets say they shouldn't (which is against the packaging guidelines for packaged units) will be disabled.

Note that this applies to "first boot" only, i.e. to boot from an image without /etc fully populated. In does not apply to systems that were installed using Anaconda.

Owner

Current status

Detailed Description

Our guidelines say that units that are packaged in rpms must be enabled through macros (%systemd_post) and the preset system. Almost all packages conform to this, so effectively their enablement state follows the preset config. When the system is installed, or more precisely when systemd.rpm is installed, we do preset-all. But for historical reasons, when booting an unconfigured system ("first boot") we only 'enable' units in this fashion. In Fedora and RHEL CoreOS, some symlinks are created in the golden image, but should be disabled in the local image after local preset configuration has been inserted. To make this work, the call in systemd will be changed to execute the equivalent of preset-all --preset-mode=full, making enablement during "first boot" more like enablement during an Anaconda installation.

Feedback

Benefit to Fedora

  • CoreOS can insert local preset configuration through Ignition and this configuration will be applied on the first boot.
  • Users can do something similar with local preset configuration on distributed images.
  • The system is made a bit simpler and easier to understand, because we can say that "units are enabled/disabled after installation as specified by the preset system".
  • Users can call systemctl preset-all at any time to apply preset-configuration. If no local changes to configuration have been made, preset-all would make no changes to unit state. If units have been enabled or disabled, preset-all would return unit enablement to the pristine state after installation.

Scope

  • Other developers: review and merge the pull requests
  • Release engineering: N/A
  • Policies and guidelines: none, this change is about following the guidelines more closely
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives:

Upgrade/compatibility impact

None.

How To Test

  • On a newly installed system, with arbitrary set of packages: call systemctl preset-all. This should result in no changes.
  • On a system which is booted from an unconfigured image (e.g. the new Server VM image should qualify, see Changes/Supplement-server-by-kvm-vm-image): before the first boot, enable some units manually that are disabled in presets. After booting, those units should be disabled again.

User Experience

In general this change will be a noop for users, because it only applies to "first boot", i.e. to the case when a system is booted from a distributable image without local configuration and is configured when initially booted. In case where Anaconda is used to install images, /etc is populated before the first boot and the "first boot" condition never applies, thus this change is irrelevant. On systems installed from a "golden image" such as Fedora CoreOS, units will follow the preset configuration more closely. Thanks to the fixes to make packages conform to packaging guidelines, users can call preset-all to return the system to defaults.

Dependencies

Contingency Plan

  • Contingency mechanism: (What to do? Who will do it?) Systemd maintainers: flip back the default in systemd, rebuild.
  • Contingency deadline: N/A (not a System Wide Change) This can be done at any time up to the release.
  • Blocks release? No.

Documentation

N/A (not a System Wide Change)

Release Notes