From b7057368c8c23e622cbf06089b313268fad053e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 10 Oct 2023 10:53:58 +0200 Subject: [PATCH] systemd-boot-builder: add missing fsync in atomic writes write(2) and close(2) doesn't ensure the file content actually got synched, so let's also fsync before doing the rename --- .../system/boot/loader/systemd-boot/systemd-boot-builder.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py index 78b43c57e905..310584e398bc 100644 --- a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py +++ b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py @@ -66,6 +66,8 @@ def write_loader_conf(profile: str | None, generation: int, specialisation: str if not @editor@: f.write("editor 0\n") f.write("console-mode @consoleMode@\n") + f.flush() + os.fsync(f.fileno()) os.rename("@efiSysMountPoint@/loader/loader.conf.tmp", "@efiSysMountPoint@/loader/loader.conf") @@ -143,6 +145,8 @@ def write_entry(profile: str | None, generation: int, specialisation: str | None description=describe_generation(profile, generation, specialisation))) if machine_id is not None: f.write("machine-id %s\n" % machine_id) + f.flush() + os.fsync(f.fileno()) os.rename(tmp_path, entry_file)