Commit Graph

9 Commits

Author SHA1 Message Date
Colin Walters
a6da3c08d4 passwd: Make default perms 0644
This matches the default from the RPM, and we don't want
the file to be writable if an admin adds a user to the `root`
group.  (Which IMO is just a bad idea, but
for historical reasons OpenShift suggests this for
images
https://docs.openshift.com/container-platform/4.7/openshift_images/create-images.html#images-create-guide-openshift_create-images
for example)
2021-05-13 17:49:07 -04:00
Jonathan Lebon
502088e7d3 tests/compose: Change rpmdb test to check for sqlite
That's what FCOS uses now in the latest bump.
2021-04-27 21:06:50 -04:00
Luca BRUNO
a1573ed8c7
tests/compose: check symlinks injected into the rootfs
This adds some integration tests, covering symlinks injection logic.
2021-04-21 07:18:23 +00:00
Jonathan Lebon
99486a75e8 Add /usr/lib/rpm/macros.d/macros.rpm-ostree to set %_dbpath to /usr/share/rpm
We trigger a librpm macro file load in many of our paths. Since the
default value shipped by rpm's macro file sets `_dbpath` to
`/var/lib/rpm`, we have to explicitly set that back to `/usr/share/rpm`
in those paths.

This became more problematic recently with libsolv v0.7.17 which fully
keys off of `_dbpath` to find the rpmdb path to load:

04d4d036b2

And it's not technically wrong; we really should make that macro not
lie. This is what this patch does by injecting an RPM macro file in our
composes which sets it to /usr/share/rpm. So then e.g. the `rpm` CLI
doesn't actually need the `/var/lib/rpm` backcompat link anymore, though
there's no harm in leaving it.

In the future, we should be able to drop this once we move all of Fedora
to `/usr/lib/sysimage/rpm` (see
https://github.com/coreos/fedora-coreos-tracker/issues/639).

Closes: #2548
2021-02-09 18:36:35 -05:00
Jonathan Lebon
821d2e1a46 tests/compose: Check filecaps of arping instead of ping
In f32, ping is no longer privileged since it ships with the sysctl for
`ping_group_range` which allows unpriv pings. Check the file caps of
arping instead, which does still use them.
2020-10-14 03:44:19 +02:00
Colin Walters
456a3ec7c2 compose: Add rpmdb option, default to bdb
The design of https://fedoraproject.org/wiki/Changes/Sqlite_Rpmdb
is problematic for us for multiple reasons.  The first big reason
is that rpm-ostree is designed for "cross" builds and e.g. today
we use a Fedora-derived container to build RHEL CoreOS images.

However the default database lives inside the `rpm` package which
means that if we e.g. upgrade the coreos-assembler container to F33
it will suddenly try to use sqlite for RHCOS which is obviously broken.

Related to this, rebases from f32 to f33 w/layered packages
are broken: https://bugzilla.redhat.com/show_bug.cgi?id=1876194#c3

With this we can configure things to continue to use bdb for f33
for ostree-based systems, so that by enforcing an upgrade order
f32 → f33 [bdb] → f34 [sqlite] ... the intermediate f33 w/bdb
still understands sqlite and hence rebases will work.
2020-09-11 10:06:28 -04:00
Colin Walters
d29627ca6e postprocess: Add a symlink /usr/lib/sysimage/rpm to the rpmdb
Following on to:

- http://lists.rpm.org/pipermail/rpm-maint/2017-October/006681.html
- https://github.com/coreos/rpm-ostree/pull/1142/
- https://github.com/openSUSE/libsolv/pull/386

Write a symlink in `/usr/lib/sysimage/rpm` pointing to our current
`/usr/share/rpm` - this way clients can start looking for it there,
and then at some point we'll flip the symlink around and
have `/usr/share/rpm` pointing to the new location.

(Doing a hard swap now has upgrade implications)
2020-07-08 03:30:15 +02:00
Jonathan Lebon
9daea46d66 tests/compose: Target FCOS 31, move off of PAPR
Again, a lot going on here, but essentially, we adapt the compose tests
to run either privileged or fully unprivileged via supermin, just like
cosa.

I actually got more than halfway through this initially using `cosa
build` directly for testing. But in the end, we simply need more
flexibility than that. We want to be able to manipulate exactly how
rpm-ostree is called, and cosa is very opinionated about this (and may
also change from under us in the future).

(Another big difference for example is that cosa doesn't care about
non-unified mode, whereas we *need* to have coverage for this until we
fully kill it.)

Really, the most important bit we want from there is the
unprivileged-via-supermin bits. So we copy and adapt that here. One
obvious improvement then is sharing this code more easily (e.g. a
`cosa runasroot` or something?)

However, we still use the FCOS manifest (frozen at a specific tag). It's
a realistic example, and because of the lockfiles and pool, we get good
reproducibility.
2020-01-08 16:42:54 +01:00
Jonathan Lebon
462a389b3a tests/compose: Move files around
This is mostly cosmetic, though I want the test layout to mirror what we
do for `vmcheck`.
2020-01-08 16:42:54 +01:00