Post by Alessandro Tagliapietra
Thanks for helping Mantas,
- before first boot /etc/machine-id is empty (and I think that's expected)
- right after boot, /etc/machine-id isn't writable because the root fs is
mounted as readonly from fstab
- after the /etc overlay is mounted /etc/machine-id should still be the
one from the underlying filesystem and at this point is also writable,
however it's still empty
[ 3.577477] systemd: Initializing machine ID from random generator.
[ 3.584284] systemd: Installed transient /etc/machine-id file.
however /etc/machine-id shouldn't be writable at that point, what should I
do? Make our overlay mount unit depend on whatever service is generating
machine-id and make sure our mount happens before the generation of
The assumption is that the machine-id is accessible and remains stable
during the entire system uptime, once the host PID 1 initialized
(i.e. afte transitioning from the initrd). Apps should be able to rely
that the machine ID just works and can be cached.
If you replace /etc/ with a different file system during runtime,
that's OK as long as that file remains accessible throughout.
Note that if /etc/machine-id is empty at boot and /etc read-only PID1
will generate a transient machine ID and write it to a file in /run
which it then bind mounts over /etc/machined-id, so that it appears
there unconditionallty. If you now replce /etc with your own overlayfs
you need to make sure to cover this bind mount too. Note that the
lower layers of an overlayfs refer to the specified top-level mount
points only: a lower layer is nt the whole tree of mounts but only the
mount you explicitly list.
This means you probably want to prepare your overlayfs at some
temporary location first, then bind mount the existing bind mount that
is /etc/machine-id over the overlayfs at the same place, and then move
the whole overlayfs to /etc into place. That way /etc/ is suddenly
replaced by your overlayfs but /etc/machine-id will be accessible in a
stable way continously.
Note that /etc/machine-id is used by various parts of systemd. DHCP
stuff is just one case. Logging uses it too and plenty other
stuff. Hence, you really should follow the documented behaviour of
machine-id, because if you don't then things will break all over the
Please see machine-id(5) for details about the file.
Lennart Poettering, Berlin