bootc-setup-root-conf - Man Page

bootc-setup-root-conf.toml

Synopsis

/usr/lib/composefs/setup-root-conf.toml

Description

When the composefs backend is active, bootc-root-setup.service runs in the initramfs to mount the root filesystem before switch-root.  It reads this optional TOML configuration file to control how /, /etc, and /var are mounted.

If the file does not exist all options take their documented defaults.

The 51bootc dracut module installs this file into the initramfs automatically when it is present on the host image.  Image authors can therefore ship the file at this path in their container image and rebuild the initramfs with a plain dracut --force; no --include flags are needed.

NOTE: The composefs backend and this configuration file are experimental and subject to change without notice.

Sections

[root]

Controls the mount of the root (/) filesystem.

transient (boolean, default: false)
 If true, the composefs root is wrapped in a tmpfs overlay before
 switch-root.  All writes to / are discarded at the next reboot.
 This is useful for kiosk or lab systems where runtime modifications
 must never persist.

[etc]

Controls how /etc is mounted from the deployment state directory.

mount (string)
 One of "none", "bind" (default), "overlay", or "transient".

transient (boolean, default: false)
 Shorthand for mount = "transient".  Ignored when mount is also set.

[var]

Controls how /var is mounted from the deployment state directory.

mount (string)
 One of "bind" (default) or "none".

For a fresh, ephemeral /var on every boot (e.g. for stateless or kiosk systems), use the systemd.volatile=state kernel argument.  bootc-root-setup detects this karg automatically and skips the /var bind-mount, so no explicit [var] section is needed.  The karg can be baked into the image via /usr/lib/bootc/kargs.d/:

# /usr/lib/bootc/kargs.d/50-var-volatile.toml
kargs = ["systemd.volatile=state"]

This causes systemd to mount /var as a plain tmpfs at early boot, which is fully compatible with tools like podman that use overlayfs under /var. Note: unlike /etc and /root, using overlayfs (the "transient" mount type from earlier releases) for /var is not supported because it breaks podman and other tools that use overlayfs under /var/lib/containers.

Examples

Default (all persistent, equivalent to an absent file):

[etc]
mount = "bind"

Transient /etc — suitable for sealed or integrity-verified images where runtime /etc changes should be discarded on reboot:

[etc]
transient = true

Transient root with read-only /etc/ and /etc follow the composefs image exactly within the session (all writes discarded on reboot).  To also make /var ephemeral, combine with systemd.volatile=state in kargs.d:

[root]
transient = true

[etc]
mount = "root"

Files

/usr/lib/composefs/setup-root-conf.toml
 The configuration file read by bootc-root-setup.service.

See Also

bootc-root-setup.service(5), bootc(8)

Version

v1.16.0