Move all to /usr

Summary

Provide a way of mounting /usr read-only and share it between multiple hosts to save maintenance and space.

/usr on its own filesystem is useful in custom setups. But instead of the Unix way to (almost randomly) split-off tools from /usr and put them in /, and require more and more tools to move to /, we today just expect /usr to be mounted from inside the initramfs, to be available before 'init' starts. What /bin and /sbin was for Unix is the initramfs for Linux. An initramfs that supports to mount /usr on top of /, before it starts 'init', makes all current setups work properly.

Owner

• Name: Harald Hoyer
• Email: harald@redhat.com

Current status

• Targeted release: Fedora 17
• Last updated: (DATE)
• Percentage of completion: 0%

Detailed Description

There is no way to reliably bring up a modern system with an empty /usr, there are two alternatives to fix it: copy /usr back to the rootfs or use an initramfs which can hide the split-off from the system.

Historically /bin, /sbin, /lib had the purpose to contain the utilities to mount /usr. This role can now be taken by the initramfs. Because the initramfs knows, where to find the root partition (which includes /etc), it can parse /etc/fstab and other configuration files and mount /usr before it finally switches the root partition and executes /usr/bin/init. From this point on init mounts the remaining partitions in /etc/fstab and the system starts as usual.

The long-term plan is to clean up the mess and confusion the current split of / vs. /usr has created. All tools will move back to /usr where they belong, and the rootfs will only contain compat-symlinks into /usr. Almost the entire system installed by packages will reside in /usr. This will split all non-host specific data to /usr. /usr can then be seen as the Unix System Resources partition (/System), which defines the base operating system (e.g. F18 or RHEL-7).

This new /usr could be mounted read-only by default, while the rootfs is read-write and contains only empty mount points, compat-symlinks to /usr and the host-specific data like /etc, /root, /srv. Compared to today's setups, the rootfs will be very small. The new /usr could also easily be shared read-only across several systems, and it would contain almost the entire system. Such setups are more efficient, can optionally provide a lot more security, are more flexible, provide more sane options for custom setups, and are much simpler to setup and maintain.

The remaining non-volatile top level directories are host specific:

• /boot - data to boot the machine (bootloader, kernel and initramfs image)
• /var - host specific variable data
• /home - user data
• /root - user data
• /etc - host specific configuration data
• /opt - host specific non-base OS apps
• /srv - host specific contents to be served

Example F15

This output is from a modified F15 standard installation:

# df -h
Filesystem            Size  Used Avail Use% Mounted on
rootfs                2.0G  162M  1.8G   9% /
udev                  484M     0  484M   0% /dev
tmpfs                 494M  248K  493M   1% /dev/shm
tmpfs                 494M   43M  451M   9% /run
/dev/sda2             2.0G  162M  1.8G   9% /
/dev/sda5              13G  3.3G  8.8G  28% /usr
tmpfs                 494M   43M  451M   9% /run
tmpfs                 494M     0  494M   0% /sys/fs/cgroup
tmpfs                 494M     0  494M   0% /media
/dev/sda1             117M   47M   65M  42% /boot

# ls -l /
total 66
lrwxrwxrwx    1 root root     7 Jul  7 16:28 bin -> usr/bin
dr-xr-xr-x.   5 root root  1024 Jul  4 19:33 boot
drwxr-xr-x   16 root root  3480 Jul 11 19:34 dev
drwxr-xr-x. 127 root root 12288 Jul 11 19:34 etc
drwxr-xr-x.   3 root root  4096 Jul  4 17:33 home
lrwxrwxrwx    1 root root     7 Jul 11 17:30 lib -> usr/lib
lrwxrwxrwx    1 root root     9 Jul 11 17:23 lib64 -> usr/lib64
drwx------.   2 root root 16384 Jul  4 16:02 lost+found
drwxr-xr-x    2 root root    40 Jul 11 19:33 media
drwxr-xr-x.   2 root root  4096 May 18 13:33 mnt
drwxr-xr-x.   2 root root  4096 May 18 13:33 opt
dr-xr-xr-x  116 root root     0 Jul 11 17:33 proc
dr-xr-x---.   6 root root  4096 Jul 11 15:58 root
drwxr-xr-x   28 root root  1060 Jul 11 19:35 run
lrwxrwxrwx    1 root root     7 Jul  7 16:28 sbin -> usr/bin
drwxr-xr-x.   2 root root  4096 Jul  4 16:02 selinux
drwxr-xr-x.   2 root root  4096 May 18 13:33 srv
drwxr-xr-x   13 root root     0 Jul 11 19:33 sys
drwxrwxrwt.  14 root root  4096 Jul 11 19:34 tmp
drwxr-xr-x.  13 root root  4096 Jul  4 19:55 usr
drwxr-xr-x.  18 root root  4096 Jul  4 17:27 var

Benefit to Fedora

Clear separation of operating system and host specific resources. /usr can be read-only and shareable.

Scope

The ability to share /usr is especially useful for clusters and virtual machines. The ability to mount /usr read-only (e.g. on read-only media) adds to the security of the machine.

How To Test

User Experience

• less toplevel directories

Dependencies

• initramfs (dracut)
• selinux
• repackaging of packages with content in /bin, /sbin, /lib*
• drop consolehelper to move /usr/sbin/* to /usr/bin
• alternatives symlinks?
• filesystem rpm, toplevel symlinks

Roadmap

• prepare dracut to mount /usr
• check, if rpm can cope with old packages, rpm error, if conflicting files due to symlinks
• update rpmlint
• change at least 285 packages and selinux
• /bin -> usr/bin, /sbin -> usr/bin, /lib -> usr/lib, /lib64 -> usr/lib64, /usr/sbin -> bin
• drop consolehelper to enable the /usr/sbin -> /usr/bin move
• RPM package list:

$ (for i in bin sbin lib lib64 usr/sbin; do yum -C --disablerepo=* --enablerepo=fedora  provides  "/$i/*"; done) \
  |egrep -v '^Filename '|egrep -v '^Repo '|egrep -v 'Matched '|egrep -v '^\s+:' \
  |while read a b; do a=${a#[0-9]*:}; echo ${a%%-[0-9]*};done|sort -u

Outputs 1059 rpm packages.

Contingency Plan

• The move of /usr/sbin to /usr/bin can be delayed. /bin -> /usr/bin, /sbin -> /usr/sbin

Documentation

Release Notes

Comments and Discussion

• See Talk:Features/UsrMove