制作 Debian 或 Fedora 可持久化 Live 映像档

制作 Debian 或 Fedora 可持久化 Live 映像档
Making Debian or Fedora persistent live images

原始链接: https://sigwait.org/~alex/blog/2026/05/28/smdBC8.html

Live ISO 本质上是只读的，重启后数据会丢失。为了实现持久化，各发行版使用了 OverlayFS，这需要一个可写的分区和特定的内核参数。遗憾的是，目前并没有统一标准：Ubuntu 使用带有 `casper-rw` 标签的 `persistent` 参数，而 Debian 则使用带有 `persistence.conf` 文件的 `persistence` 参数。修改这些 ISO 通常涉及在 GRUB 配置中进行“拙劣”的字节替换，如果字符串长度不一致，可能会导致文件系统损坏。对于 Fedora 而言，这些覆盖方法尤为脆弱且复杂。作者建议采用一种更稳健的替代方案：完全绕过 ISO 结构。通过将内部 `squashfs.img` 的内容提取到可写的 ext4 分区中，并配置自定义的 GRUB 引导程序，用户可以创建一个真正持久化的 Live 环境。这种方法避开了 ISO9660 的局限性和非标准化覆盖实现的缺陷，从而在 USB 驱动器上实现了一个灵活且可靠的系统。

这篇 Hacker News 帖子讨论了创建持久化 Linux Live 镜像的多种方法，超越了传统的安装方式。社区分享的主要方案包括： * **Alpine Linux：** 采用“无盘”（diskless）模式，允许用户通过本地备份工具（LBU）将状态更改提交回镜像。 * **原子系统（Atomic Systems）：** 讨论了 `rpm-ostree`（及其继任者 `bootc`），它提供了稳健的版本化系统更新，在不可变的基座之上叠加用户更改，以安装速度换取系统可靠性。 * **外置驱动器：** 一些用户倾向于将完整的 Linux 发行版安装到外置 NVMe 驱动器上，从而在不同硬件上提供原生体验（但可能受限于某些专有驱动）。 * **自定义持久化：** 其他建议包括手动分区策略（例如挂载特定的“已保存”分区），在保持基础系统纯净的同时存储用户数据。 * **工具：** 参与者指出，虽然可以进行手动配置（如使用 `OverlayFS`），但 Ubuntu `disk-creator` 和 `Ventoy` 等用户友好型工具简化了标准用例的操作流程。总的来说，讨论强调了“现成”持久化工具的易用性与原子化版本控制系统的可靠性之间的权衡。

原文

Latest update: 2026-05-31 19:51:45

When you download a 'live' ISO, dd it to a USB drive, you notice that all your tweaks or installed packages vanish after a reboot. If you think about how most such 'live' ISOs work, it becomes apparent why:

$ parted -s Fedora-Xfce-Live-44-1.7.x86_64.iso print free | grep '^[PN ]'
Partition Table: gpt
Number  Start   End     Size    File system  Name       Flags
 1      32.8kB  2897MB  2897MB               ISO9660    hidden, msftdata
 2      2897MB  2929MB  31.5MB  fat16        Appended2  boot, esp
        2929MB  2929MB  512B    Free Space

ISO9660 is a read-only filesystem, & the fact it was written onto a writable medium is irrelevant: its fs driver contains no implementation for writing data blocks, & the Linux VFS layer immediately returns EROFS (code 30, Read-only file system) when it sees that a fs was mounted read-only.

A common workaround is to use OverlayFS; in the case of 'live' ISOs, to do an overlay with a chunk of RAM.

Obviously, you can do an overlay with a filesystem that supports write operations instead, like ext4, but inside the Live ISO there isn't one, & hence there is nothing to do an overlay with.

While you can always create an ext4 partition manually, how do you tell the 'live' OS to use it during boot? This distro corner has no standardisation whatsoever, & everybody is doing it in their own unique way. E.g., Debian & Ubuntu have diverged so much throughout the years that even the kernel parameters for their 'persistence' implementations differ. While it may seem logical to an impartial spectator to keep at least the user-facing interface the same between the distros, it's not how it is done in practice.

Ubuntu

Kernel parameter: "persistent".
An (empty) partition must have the label "casper-rw".

What is annoying is that it's surprisingly non-obvious to detect whether such a trick worked: if your partition is /dev/sda4, & Ubuntu does not show it as mounted, & /cow is roughly the size of /dev/sda4:

$ df -h | grep cow
/cow           9.8G  161M  9.2G   2% /

then persistence is on. If, on the other hand, you see this:

$ df -h | grep casper
/dev/disk/by-label/casper-rw  9.8G  161M  9.2G   2% /var/log

you most likely mistyped the word persistent.

The next issue is how to save grub parameters in the .iso. As it's absolutely useless to mount it to modify files, you can either extract everything from the .iso, edit what you want in grub.cfg, & recreate the image, or, alternatively, do a simple 12-byte to 12-byte swap:

$ export LANG=C
$ sed -i 's/quiet splash/persistent  /' xubuntu-26.04-desktop-amd64.iso

It's amusingly hacky, but works. If your replacement string is not equal in length to the pattern, you'll corrupt the ISO9660 filesystem, & grub will refuse to boot the kernel.

(See a github sample for a script that does all this; it assumes a Linux host & injects an ext4 partition into a copy of an .iso. You can always resize the partition (& its filesystem) in real time using the Disks utility that the .iso ships with.)

Debian

Kernel parameter: "persistence".
A partition must have:
- the label "persistence";
- a file named persistence.conf in the root of the partition with a line akin to "/ union".

Notice that it was "persistent" for Ubuntu, but it's "persistence" for Debian. Why not.

The same mechanism of rude byte swapping in the .iso applies here too:

$ export LANG=C
$ sed -i 's/splash quiet/persistence /' debian-live-13.5.0-amd64-xfce.iso

Detecting a successful overlay is easier:

$ mount | grep sda3
/dev/sda3 on /run/live/persistence/sda3 type ext4 (rw,noatime)
overlay on / type overlay (rw,noatime,lowerdir=/run/live/rootfs/filesystem.squashfs/,upperdir=/run/live/persistence/sda3/rw,workdir=/run/live/persistence/sda3/work,redirect_dir=on)

Fedora

Kernel parameters: "selinux=0 rd.live.overlay=LABEL=foo:/bar".
A partition must have:
- a label "foo" (choose whatever you want, but it must correspond to the value in the kernel parameter);
- a "bar" directory (again, see the kernel parameter);
- an "ovlwork" directory (this is a hardcoded name).

To check:

$ df -h | grep sdb1
/dev/sdb1        9.8G  134M  9.1G   2% /run/initramfs/overlayfs
$ mount | grep Live
LiveOS_rootfs on / type overlay (rw,relatime,lowerdir=/run/rootfsbase,upperdir=/run/overlayfs,workdir=/run/ovlwork)
$ file /run/overlayfs
/run/overlayfs: symbolic link to /run/initramfs/overlayfs/bar

In the case of Fedora, this is all mostly useless. Its 'linux' loader command in grub.cfg menu entries contains no space to sacrifice for a different 40-byte-long string. You, of course, can delete one menu entry completely & substitute it with your own, but this would be rather fragile: if, in the next version of Fedora, the size of grub.cfg changes, your script will corrupt the underlying ISO9660 filesystem.

If the only reliable way here is to extract the rootfs from the .iso to edit it, why bother with overlays then? This is what Fedora Live mounts during boot:

$ isoinfo -i Fedora-Xfce-Live-44-1.7.x86_64.iso -Jf | grep -i liveos/
/LiveOS/squashfs.img

Despite its name, it's a 2.6GB EROFS image file (the name is a pun on a generic EROFS error code).

The image contains everything, including the kernel & initramfs. We can just create 2 image files:

a FAT32 one to hold EFI/BOOT/BOOTX64.EFI, alongside the kernel & initramfs;
an ext4 one with a label, say "Fedora-Live", into which we extract the contents of squashfs.img.

The ext4 partition can be of any length, & our 'live' Fedora image will have space to hold user files without any shenanigans with overlays.

After creating these 2 images, we combine them into 1 (with a GPT layout), & dd it onto a USB drive.

grub.cfg can be as short as:

set timeout=3
menuentry "Fedora Live" {
  linux /vmlinuz rd.live.image root=LABEL=Fedora-Live rw noresume
  initrd /initramfs
}

rd.live.image parameter is required for systemd to start livesys service, otherwise, no liveuser will be created.

The mechanism works for any official Fedora spin.

See another github sample for a script that does all this. For a quick test in QEMU, you'll need to specify a UEFI bios:

$ sudo ./mflip 10G Fedora-Xfce-Live-44-1.7.x86_64.iso out.img

$ alias qemu3d='qemu-kvm -machine q35 \
   -bios /usr/share/OVMF/OVMF_CODE.fd -m 4G \
   -display gtk,gl=on -smp 2 \
   -device virtio-vga-gl,hostmem=2G,blob=true,venus=true'

$ qemu3d out.img

Tags: ойті
Authors: ag