From 09e3dd35b18967c413e9addb4c5b1cb64e9e8d2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Sun, 14 Sep 2025 14:03:35 +0200 Subject: [PATCH] Create filesystem on xvda1 on update The new systemd (Debian trixie, Fedora 43) really insist on having proper filesystem on the EFI partition, otherwise it marks several units as failed. Create a filesystem there on package update too. Do not interrupt package update if it fails. Fixes QubesOS/qubes-issues#8954 --- archlinux/PKGBUILD.in | 1 + archlinux/PKGBUILD.install | 10 ++++++++++ debian/control | 1 + debian/qubes-core-agent.postinst | 10 ++++++++++ rpm_spec/core-agent.spec.in | 10 ++++++++++ 5 files changed, 32 insertions(+) diff --git a/archlinux/PKGBUILD.in b/archlinux/PKGBUILD.in index d8b2f94b..2e0a4d3c 100644 --- a/archlinux/PKGBUILD.in +++ b/archlinux/PKGBUILD.in @@ -59,6 +59,7 @@ package_qubes-vm-core() { release=${BASH_REMATCH[1]}.${BASH_REMATCH[2]} depends=( dconf + dosfstools fakeroot gawk gnome-packagekit diff --git a/archlinux/PKGBUILD.install b/archlinux/PKGBUILD.install index f45497f0..9062f8b9 100644 --- a/archlinux/PKGBUILD.install +++ b/archlinux/PKGBUILD.install @@ -85,6 +85,16 @@ update_qubesconfig() { mount /usr/local || : fi + rootdev=$(grep -o '^[^ ]* / ' /proc/mounts | cut -f 1 -d ' ') || rootdev= + # if root volume uses partitions, and is mounted directly (no dm-snapshot), + # check if xvda1 needs filesystem to be created + if [ -n "$rootdev" ] && [ "$(readlink -f "$rootdev")" = "/dev/xvda3" ]; then + if [ -z "$(blkid -o value -s TYPE /dev/xvda1)" ]; then + mkfs.vfat -S 4096 -n EFI /dev/xvda1 || \ + echo "Creating EFI fs failed: 'mkfs.vfat -S 4096 -n EFI /dev/xvda1': $?" >&2 + fi + fi + # Install qubes version of fstab if ! grep -q dmroot /etc/fstab; then cp -f /etc/fstab.qubes /etc/fstab diff --git a/debian/control b/debian/control index b0f4051f..216f61a6 100644 --- a/debian/control +++ b/debian/control @@ -31,6 +31,7 @@ Depends: dconf-cli, distro-info-data, dmsetup, + dosfstools, e2fsprogs, gawk, graphicsmagick, diff --git a/debian/qubes-core-agent.postinst b/debian/qubes-core-agent.postinst index 399ea01f..231e6c5f 100755 --- a/debian/qubes-core-agent.postinst +++ b/debian/qubes-core-agent.postinst @@ -166,6 +166,16 @@ case "${1}" in mount /usr/local || : fi + rootdev=$(grep -o '^[^ ]* / ' /proc/mounts | cut -f 1 -d ' ') || rootdev= + # if root volume uses partitions, and is mounted directly (no dm-snapshot), + # check if xvda1 needs filesystem to be created + if [ -n "$rootdev" ] && [ "$(readlink -f "$rootdev")" = "/dev/xvda3" ]; then + if [ -z "$(blkid -o value -s TYPE /dev/xvda1)" ]; then + mkfs.vfat -S 4096 -n EFI /dev/xvda1 || \ + echo "Creating EFI fs failed: 'mkfs.vfat -S 4096 -n EFI /dev/xvda1': $?" >&2 + fi + fi + # remove old symlinks if [ -L /etc/systemd/system/sysinit.target.wants/qubes-random-seed.service ]; then rm /etc/systemd/system/sysinit.target.wants/qubes-random-seed.service diff --git a/rpm_spec/core-agent.spec.in b/rpm_spec/core-agent.spec.in index db92b350..6b8f386e 100644 --- a/rpm_spec/core-agent.spec.in +++ b/rpm_spec/core-agent.spec.in @@ -186,6 +186,7 @@ Obsoletes: qubes-core-vm-doc < 4.0.0 Conflicts: qubes-gui-agent < 4.1.6 Conflicts: pulseaudio-qubes < 4.2.0 Provides: group(qubes) +Requires(post): dosfstools Requires(pre): shadow Requires(pre): qubes-db BuildRequires: gcc @@ -574,6 +575,15 @@ if [ -L /usr/local ]; then mount /usr/local || : fi +rootdev=$(grep -o '^[^ ]* / ' /proc/mounts | cut -f 1 -d ' ') || rootdev= +# if root volume uses partitions, and is mounted directly (no dm-snapshot), +# check if xvda1 needs filesystem to be created +if [ -n "$rootdev" ] && [ "$(readlink -f "$rootdev")" = "/dev/xvda3" ]; then + if [ -z "$(blkid -o value -s TYPE /dev/xvda1)" ]; then + mkfs.vfat -S 4096 -n EFI /dev/xvda1 || echo "Creating EFI fs failed: 'mkfs.vfat -S 4096 -n EFI /dev/xvda1': $?" >&2 + fi +fi + %if 0%{?fedora} < 41 if [ ! -f /etc/qubes-dnf-hardened ]; then dnf config-manager --setopt=zchunk=0 --setopt=deltarpm=0 --save &&