From 25f77eaf9d3ef4e9eafe431455b66fe2eae83885 Mon Sep 17 00:00:00 2001 From: Chen Chengjun Date: Sat, 6 Dec 2025 04:30:05 +0000 Subject: [PATCH] Add overlay and configuration files for systemd --- distro/aster_configuration.nix | 9 ++- distro/modules/systemd.nix | 26 ++++++ .../0001-Skip-mount-state-checking.patch | 32 ++++++++ .../0002-Disable-loop-too-fast-warning.patch | 28 +++++++ .../0003-Switch-MS_SLAVE-to-MS_PRIVATE.patch | 56 +++++++++++++ distro/overlays/systemd/default.nix | 81 +++++++++++++++++++ 6 files changed, 230 insertions(+), 2 deletions(-) create mode 100644 distro/modules/systemd.nix create mode 100644 distro/overlays/systemd/0001-Skip-mount-state-checking.patch create mode 100644 distro/overlays/systemd/0002-Disable-loop-too-fast-warning.patch create mode 100644 distro/overlays/systemd/0003-Switch-MS_SLAVE-to-MS_PRIVATE.patch create mode 100644 distro/overlays/systemd/default.nix diff --git a/distro/aster_configuration.nix b/distro/aster_configuration.nix index dcd83066f..55917ad7b 100644 --- a/distro/aster_configuration.nix +++ b/distro/aster_configuration.nix @@ -17,8 +17,12 @@ # The content defined in these module files must adhere to the options permissible within 'configuration.nix'. # For a comprehensive list of available options, # please refer to https://search.nixos.org/options. - imports = - [ ./modules/core.nix ./modules/xfce/default.nix ./modules/container.nix ]; + imports = [ + ./modules/core.nix + ./modules/xfce/default.nix + ./modules/container.nix + ./modules/systemd.nix + ]; # Overlays provide patches to 'nixpkgs' that enable these packages to run effectively on AsterNixOS. # For details on the overlay file definition format, @@ -27,5 +31,6 @@ (import ./overlays/hello-asterinas/default.nix) (import ./overlays/desktop/default.nix) (import ./overlays/podman/default.nix) + (import ./overlays/systemd/default.nix) ]; } diff --git a/distro/modules/systemd.nix b/distro/modules/systemd.nix new file mode 100644 index 000000000..5f955ac40 --- /dev/null +++ b/distro/modules/systemd.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }: + +{ + systemd.package = pkgs.aster_systemd; + + systemd.coredump.enable = false; + systemd.services.logrotate.enable = false; + systemd.services.systemd-tmpfiles-clean.enable = false; + systemd.services.systemd-tmpfiles-setup.enable = false; + systemd.services.systemd-random-seed.enable = false; + systemd.oomd.enable = false; + services.timesyncd.enable = false; + services.udev.enable = false; + + services.getty.autologinUser = "root"; + users.users.root = { + shell = "${pkgs.bash}/bin/bash"; + hashedPassword = null; + }; + systemd.targets.getty.wants = [ "autovt@hvc0.service" ]; + + systemd.extraConfig = '' + LogLevel=crit + ShowStatus=no + ''; +} diff --git a/distro/overlays/systemd/0001-Skip-mount-state-checking.patch b/distro/overlays/systemd/0001-Skip-mount-state-checking.patch new file mode 100644 index 000000000..3f9e1295c --- /dev/null +++ b/distro/overlays/systemd/0001-Skip-mount-state-checking.patch @@ -0,0 +1,32 @@ +From 3590c030252b0a7bae7749e65e4d0b4d34dbb055 Mon Sep 17 00:00:00 2001 +From: Chen Chengjun +Date: Sat, 6 Dec 2025 04:19:38 +0000 +Subject: [PATCH] Skip mount state checking + +Systemd uses epoll on /proc/mountinfo to detect whether the mount service +has succeeded. Currently, Asterinas does not support this operation. + +--- + src/core/mount.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 689ef5672d..1e99afc7ed 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1533,10 +1533,8 @@ static void mount_sigchld_event(Unit *u, pid_t pid, int code, int status) { + /* Our mount point has not appeared in mountinfo. Something went wrong. */ + + if (f == MOUNT_SUCCESS) { +- /* Either /bin/mount has an unexpected definition of success, or someone raced us +- * and we lost. */ +- log_unit_warning(UNIT(m), "Mount process finished, but there is no mount."); +- f = MOUNT_FAILURE_PROTOCOL; ++ mount_enter_mounted(m, f); ++ break; + } + mount_enter_dead(m, f, /* flush_result = */ false); + break; +-- +2.34.1 + diff --git a/distro/overlays/systemd/0002-Disable-loop-too-fast-warning.patch b/distro/overlays/systemd/0002-Disable-loop-too-fast-warning.patch new file mode 100644 index 000000000..511722a20 --- /dev/null +++ b/distro/overlays/systemd/0002-Disable-loop-too-fast-warning.patch @@ -0,0 +1,28 @@ +From 44a4dcc8e703f6dea45868bfd9615e0709f094f9 Mon Sep 17 00:00:00 2001 +From: Chen Chengjun +Date: Sat, 6 Dec 2025 04:20:37 +0000 +Subject: [PATCH] Disable loop too fast warning + +Disable the warning about "looping too fast", as this warning affects +usability when systemd logging is enabled. + +--- + src/core/manager.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/manager.c b/src/core/manager.c +index 9308b730e1..37df4f2a04 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -3456,7 +3456,7 @@ int manager_loop(Manager *m) { + + if (!ratelimit_below(&rl)) { + /* Yay, something is going seriously wrong, pause a little */ +- log_warning("Looping too fast. Throttling execution a little."); ++ //log_warning("Looping too fast. Throttling execution a little."); + sleep(1); + } + +-- +2.34.1 + diff --git a/distro/overlays/systemd/0003-Switch-MS_SLAVE-to-MS_PRIVATE.patch b/distro/overlays/systemd/0003-Switch-MS_SLAVE-to-MS_PRIVATE.patch new file mode 100644 index 000000000..13af05916 --- /dev/null +++ b/distro/overlays/systemd/0003-Switch-MS_SLAVE-to-MS_PRIVATE.patch @@ -0,0 +1,56 @@ +From 848ea732d0a5184326643f0e6d6f0a280b173d8f Mon Sep 17 00:00:00 2001 +From: Chen Chengjun +Date: Sat, 6 Dec 2025 04:21:07 +0000 +Subject: [PATCH] Switch MS_SLAVE to MS_PRIVATE + +Replace the use of MS_SLAVE with MS_PRIVATE, as Asterinas currently does +not support the MS_SLAVE flag. + +--- + src/basic/process-util.c | 2 +- + src/core/exec-credential.c | 2 +- + src/shared/mount-util.c | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/basic/process-util.c b/src/basic/process-util.c +index 18fbadf175..0aa68a1162 100644 +--- a/src/basic/process-util.c ++++ b/src/basic/process-util.c +@@ -1652,7 +1652,7 @@ int safe_fork_full( + + if (FLAGS_SET(flags, FORK_NEW_MOUNTNS | FORK_MOUNTNS_SLAVE)) { + /* Optionally, make sure we never propagate mounts to the host. */ +- if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) < 0) { ++ if (mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL) < 0) { + log_full_errno(prio, errno, "Failed to remount root directory as MS_SLAVE: %m"); + _exit(EXIT_FAILURE); + } +diff --git a/src/core/exec-credential.c b/src/core/exec-credential.c +index 6ab3edbb54..dd40cdf081 100644 +--- a/src/core/exec-credential.c ++++ b/src/core/exec-credential.c +@@ -1119,7 +1119,7 @@ int exec_setup_credentials( + * no one else sees this should be OK to do. */ + + /* Turn off propagation from our namespace to host */ +- r = mount_nofollow_verbose(LOG_DEBUG, NULL, "/dev", NULL, MS_SLAVE|MS_REC, NULL); ++ r = mount_nofollow_verbose(LOG_DEBUG, NULL, "/dev", NULL, MS_PRIVATE|MS_REC, NULL); + if (r < 0) + goto child_fail; + +diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c +index 35b1049531..e2f611e07a 100644 +--- a/src/shared/mount-util.c ++++ b/src/shared/mount-util.c +@@ -904,7 +904,7 @@ static int mount_in_namespace_legacy( + + mount_slave_mounted = true; + +- r = mount_nofollow_verbose(LOG_DEBUG, NULL, mount_slave, NULL, MS_SLAVE, NULL); ++ r = mount_nofollow_verbose(LOG_DEBUG, NULL, mount_slave, NULL, MS_PRIVATE, NULL); + if (r < 0) + goto finish; + +-- +2.34.1 + diff --git a/distro/overlays/systemd/default.nix b/distro/overlays/systemd/default.nix new file mode 100644 index 000000000..dbbbf339a --- /dev/null +++ b/distro/overlays/systemd/default.nix @@ -0,0 +1,81 @@ +final: prev: { + aster_systemd = prev.systemdMinimal.overrideAttrs (old: { + patches = (old.patches or [ ]) ++ [ + ./0001-Skip-mount-state-checking.patch + ./0002-Disable-loop-too-fast-warning.patch + ./0003-Switch-MS_SLAVE-to-MS_PRIVATE.patch + ]; + + postInstall = '' + ${old.postInstall or ""} + + mkdir -p "$out/example/systemd/system" + + cat > "$out/example/systemd/system/systemd-logind.service" <<'EOF' + # placeholder for $out + [Unit] + Description=systemd-logind (placeholder) + EOF + + cat > "$out/example/systemd/system/systemd-user-sessions.service" <<'EOF' + # placeholder injected by override + [Unit] + Description=placeholder systemd-user-sessions (disabled) + EOF + + cat > "$out/example/systemd/system/dbus-org.freedesktop.login1.service" <<'EOF' + # placeholder for $out + [Unit] + Description=placeholder dbus-org.freedesktop.login1.service + [Service] + Type=dbus + BusName=org.freedesktop.login1 + ExecStart=/bin/true + EOF + + cat > "$out/example/systemd/system/user@.service" <<'EOF' + # placeholder for $out + [Unit] + Description=placeholder user@.service + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=/bin/true + EOF + + cat > "$out/example/systemd/system/user-runtime-dir@.service" <<'EOF' + # placeholder for $out + [Unit] + Description=placeholder user-runtime-dir@.service + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=/bin/mkdir -p /run/user/%i + EOF + + cat > "$out/example/systemd/system/local-fs.target.wants/tmp.mount" <<'EOF' + # placeholder for $out + # This file is intentionally empty as a placeholder for tmp.mount + EOF + + cat > "$out/example/systemd/system/systemd-firstboot.service" <<'EOF' + # placeholder for $out + [Unit] + Description=placeholder systemd-firstboot + [Service] + Type=oneshot + ExecStart=/bin/true + EOF + + cat > "$out/example/systemd/system/systemd-random-seed.service" <<'EOF' + # placeholder for $out + [Unit] + Description=placeholder systemd-random-seed + [Service] + Type=oneshot + ExecStart=/bin/true + EOF + + ''; + }); +}