IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Nothing in the file seems to use it. Doing this quickly via GitHub UI under assumption that the magic @walters bot will take care of running the full test suite, but otherwise I'll test it later when I get back to a machine I can use for that.
Closes: #481
Approved by: cgwalters
This makes the design fully coherent now - we don't try to store
multiple commits, we no longer reference them, and the cleanup does a
depth=0 pruning.
Closes: #475
Approved by: jlebon
My desktop system was aborting on upgrade with a missing metadata
object, which turned out to be the fact that my previous changes to
the package layering code pruned with depth=0, but the commit it was
looking for had a parent commit that had been pruned.
Closes: #475
Approved by: jlebon
I hit a pile of:
```
Oct 04 12:44:15 icarus.verbum.local rpm-ostreed[26257]: ostree_repo_resolve_partial_checksum: assertion 'error == NULL || *error == NULL' failed
```
Which turned out to be a missing metadata object (for some reason),
but this function's incorrect use of `ret = TRUE` caused the GError
to have already been set.
Fix this, and we change to "direct return" style which is more
readable.
Closes: #474
Approved by: jlebon
Per OSTree design, /var can start out empty. However, our warning
spam here is annoying. Let's first delete some known files -
obviously this won't be exhaustive, but it's way faster than trying to
fix all of this in the packages right now.
The major one is the SELinux policy, which resulted in a lot of spam.
Closes: #473
Approved by: jlebon
The API for json_generator_to_stream() says:
Return value: %TRUE if the write operation was successful, and
%FALSE on failure. In case of error, the #GError will be filled
accordingly
When in fact, because it just gives back what g_output_stream_write(),
1. it doesn't strictly return TRUE/FALSE, but a full-range uint, and
2. it will return -1 (which is as good as anything > 0 for success
checks) when an error occurs.
Although a simple <= 0 would fix it, let's just be extra strict and also
check for an error.
Closes: #468Closes: #469
Approved by: miabbott
These were added to shadow-utils in recent times (Fedora 25 e.g.) and
like the other passwd files, shadow-utils opens them with `O_TRUNC`.
(At some point we should patch it to do create-new-then-replace internally)
Closes: https://github.com/projectatomic/rpm-ostree/issues/458Closes: #459
Approved by: jlebon
Commit 334cec56a0 had a fatal
logic error - I changed it to write a temporary ref for the final
commit, not the base.
I noticed this by getting `missing metadata object $base.commit` on my
desktop system. Hooray for dogfooding git master.
Closes: #452
Approved by: jlebon
I think these are suitable for wider consumption now, and we should
be able to support existing installs.
Rename the verb to just `install` since it's what every other package
manager uses.
Closes: #450
Approved by: jlebon
It turns out it was buggy (for some reason `PS1` wasn't propagating),
and furthermore, things mostly work if one enables `--new-chroot` i.e.
`systemd-nspawn`, which is what Fedora is going to do, and everyone
else in the world uses Docker.
While we're here, tweak the error message to use `<>` around the URL
which makes it more easily clickable from terminals.
Closes: #449
Approved by: jlebon
It needs to be under `[Unit]`. I noticed the systemd warning
in my logs; not sure how this worked when I was testing it locally.
Closes: #446
Approved by: jlebon
Right now the daemon assumes the system is using ostree, but
for various reasons people can try to start it on non-ostree systems.
This is a simple fix to avoid crashing. A better fix would
need to rework a lot of the code to return dummy/stub values but
that would be painful. Maybe later.
https://bugzilla.redhat.com/show_bug.cgi?id=1372194Closes: #445
Approved by: jlebon
Communicating information is a hard problem, but basically there
are two things here. First, the changelogs make the diff visual
spaghetti. (If we were rendering to HTML with expanders or something,
it could work).
Second, I think RPM changelogs are legacy - tooling should pull from
git.
So far when doing release announcements I've been manually stripping
out the changelogs, embarassingly enough. Time to fix that.
Anyways, we preserve the changelog-emitting code, it's just not the
default now.
Closes: #439
Approved by: jlebon
We need to manage our baselayer refs independently of the deployment
being written by libostree, so suppress the default clean; we'll do
it in rpm-ostree.
I noticed the `Freed objects:` message twice and always wondered why
until today.
Closes: #437
Approved by: jlebon
Until now, we weren't pruning the pkgcache repo at all. I ran out of
space in the root partition in my CAHC vagrant test box, so it's time
to fix this.
The basic algorithm is to walk over the full rpmdb contents of each
root, generate a set of "currently referenced" cached refs, then delete
any refs in the pkgcache repo which aren't included. Then, do a prune
of the pkgcache repo.
While we're here, factor out a `sysroot_upgrader_cleanup()` function
which does all of the cleanup. The idea is at some point we need to
introduce an `rpm-ostree cleanup` command or so which calls this, to
handle the case where the system is interrupted post-deploy but
pre-clean.
Closes: https://github.com/projectatomic/rpm-ostree/issues/428Closes: #437
Approved by: jlebon
In preparation for future changes here, rework things so
that we only walk the set of deployments once after the new
deployment has been generated.
To avoid a race where if we're interrupted after the deployment write
but before the regeneration, create a special `rpmostree/base/tmp` ref
that we delete after all the bases are regenerated.
Closes: #437
Approved by: jlebon
Currently, we do the final commit into the pkgcache repo, then
pull it to the base. The problem with this is that, combined
with the fact that we're not presently pruning the pkgcache repo,
we leak space.
In preparation for a cleaner fix for this, rework things so that the
core infra can know about *both* a base repo and a pkgcache repo. If
they're separate (as is the case for rpm-ostree-on-host), whenever we
are doing layering, explicitly pull just the `.file` objects that are
referenced into the parent repo. We do the final commit in the base
repo.
Closes: #437
Approved by: jlebon
I hit this with librepo subbing out the $releasever with e.g. 7.2016.1
when trying to pull various URLs. It should be enough for the user to
see the ostree version in VERSION and PRETTY_NAME. For applications,
there's OSTREE_VERSION if they need just that.
Closes: #433
Approved by: cgwalters
`systemctl start/stop/try-restart` are all useless for us in
scripts, since changes should only affect the *next* boot.
`systemctl enable` is also wrong - one should use presets instead.
Currently, systemd has code to detect whether it's inside
a chroot, which works for mock, but *not* for Docker or bubblewrap.
(We should teach systemd a nicer way to disable itself, but
even if we did that we'd have to support old scripts)
So, this fixes layering `glusterfs` in CAHC.
Closes: #432
Approved by: jlebon
When executing scripts, map `/usr/lib/passwd` temporarily back to
`/etc/passwd` from the POV of the script, then move it back. This
allows client-side layered packages be merged with the base tree
version, while still being distinct from the `/etc/passwd`.
(In the future we'll likely rewrite all of this to use
`systemd-sysusers(8)`, but for now let's be incremental.)
Note in this commit it isn't very useful, because pretty much all RPMs
only call `useradd` in `%pre`, which is the next commit.
Closes: #432
Approved by: jlebon
Because OSTree includes numeric uid/gid, but package layering (and
traditional full-client-side RPM) expects to allocate UIDs on the
machine, we need to handle non-root owned files specially.
For files in /run and /var, we can convert them to
`systemd-tmpfiles(8)` snippets which will be executed at the next
boot, after a uid/gid has been assigned.
Closes: #432
Approved by: jlebon
Decided to test this on Sunday evening. Of course it was broken =(
(Actually I tested mock-in-Docker but it should be the same)
The core problem is that mock does `chroot()` without using `/`
as a mount point. This breaks an assumption in bwrap that it is.
Now, in theory we could move this same logic down into bwrap to
work around this situation, but for now let's hack it here.
Mock is old, legacy container code that doesn't really do anything
in a modern way - in fact our goal should be to replace it
with a combination of rpm-ostree and bwrap. So carrying this
hack here to get us to that future should be OK for now.
Closes: #431
Approved by: jlebon
I want a better error message if the user happens to execute
inside e.g. a Docker container without sufficient privileges
for recursive containerization.
Closes: #429
Approved by: jlebon
The previous commit https://github.com/projectatomic/rpm-ostree/pull/422
introduced a regression in the "outside of a container" path - we
get `EINVAL` trying to `mount("proc",...)` and honestly I'm not sure why.
We can either back up or plow forward, and it turns out to be
pretty straightforward to complete the port to using bwrap.
I extracted the bwrap-execution code out of the RPM script engine,
because the treecompose model is currently different (no hardlinks
yet).
NOTE: A *very* important side effect of this is that we now
require "privileged" containers on hosts without user namespaces,
and on userns hosts, require `CLONE_NEWUSER` to be exported to the
container host.
In general though, the previous path of blindly executing scripts as root
without e.g. `proc` mounted was just bad.
Closes: #429
Approved by: jlebon
The treecompose code will learn how to use bwrap instead of
libcontainer in libglnx, since the latter is a buggy copy of a subset
of the former.
Closes: #429
Approved by: jlebon
If next_dent returns `FALSE`, we need to also return `FALSE` from
the function.
I just noticed this as I happened to be reading the code randomly.
Closes: #426
Approved by: jlebon
Otherwise we try to execute as shell script which obviously doesn't
work. This was noticed when @dustymabe was trying to assemble
a Fedora container with `glibc-all-langpacks`.
Closes: #424
Approved by: jlebon
When trying to test treecomposes, it's annoying to hit the
metadata servers each time. Add a `--cache-only` option which
is kind of like yum's `-C` option (but not quite because
if the metadata doesn't exist we will update it).
Closes: #423
Approved by: jlebon
I was looking at starting to unify the treecompose path to the
"new world" infrastructure in package layering. An initial
step here is to port to fd-relative, which cleans up the code.
Note this depends on a libglnx pull.
Closes: #422
Approved by: jlebon
Until we finally do the "store packages as ostree commits and union"
thing, doing commits can be slow, particularly into archive repos
where we pay lots of cost in gzip.
Let's show a progress bar. The implementation here uses a background
thread which communicates with the "UI" via atomics. The UI uses a
timer - and if stdout isn't a tty, we assume it's Jenkins or something
and dial updates back to every 5 seconds to avoid spamming output.
Closes: #409
Approved by: giuseppe
`ostree commit --table-output` can already do this, and since we're
super noisy for `compose tree` right now, we might as well print this.
It's useful to see how many new objects were created.
Closes: #409
Approved by: giuseppe
Users/administrators can now enable the "mutate-os-release" string
key to tell rpm-ostree to modify /etc/os-release in the following ways:
- All occurrences of the key's value found in VERSION, VERSION_ID, and
PRETTY_NAME will be replaced by the version string of new compose.
- A new OSTREE_VERSION key is appended containing the version string of
the new compose.
This provides an easy way for clients and third-party applications to
find out what version they are currently running.
Also bump libglnx so that we can use the latest version of
glnx_file_replace_contents_at() which supports AT_FDCWD.
Closes: #410
Approved by: cgwalters
Commit d153ece removes redundant transaction printing, but we do still
want to print it manually when we're doing a dry run.
Closes: #407
Approved by: cgwalters
...but still do print it for `compose tree` and `container`. This
is more followup to #403, where I noticed we were printing
just the overlay transaction in the middle of `Overlaying...`.
Since we're now printing the package diff again at the end, let's just
rely on that rather than show the user over and over which packages
they requested.
Closes: #403Closes: #404
Approved by: jlebon
This came up in #403, but looking at this more, I don't see a need to
print out the input package set here. The list of overlaid packages
is very clear in `rpm-ostree status`, and the user knows what they
typed on the command line.
Closes: https://github.com/projectatomic/rpm-ostree/issues/403Closes: #404
Approved by: jlebon
It's really in-your-face for admins to see `(unsigned)` which originally
was intentional, but in practice right now at least several major
users (Fedora, RHEL) don't enable GPG signatures.
So let's just hide it if not enabled.
Perhaps in the future we should add a `-v` option or something which
would show all of the fields even if not enabled.
Closes: #399Closes: #402
Approved by: jlebon
Since some of the DBus data like `CachedUpdate/commit` derives solely
from the ostree repo state, and `upgrade --check` only writes to the
repo, we need to watch for and reload from changes there too.
Closes: #392Closes: #400
Approved by: jlebon
Previously in #353 we changed this to not resolve the rev, but
that breaks the `CachedUpdateDetails` which actually wants it
to be resolved, to show pending updates.
This effectively reverts 749a5f03a8586392cafff949075c45a040d4e984
and changes things so we set `allow_noent=TRUE` and if there is
no ref, just return the deployment checksum.
Fixes: 749a5f03a8586392cafff949075c45a040d4e984
Closes: #392Closes: #398
Approved by: jlebon
In looking at this code, I noticed we were incorrectly mixing
`Option(GVariant)` with GError handling. If the deployment
had no refspec we'd return `NULL` but not set `error`.
Fix this by requiring a respec, and change the single caller that
relied on this to check outside.
Closes: #398
Approved by: jlebon
First I noticed we needed to query the new default *after* the
transaction had run. Then, I noticed the obvious embarassing logic
error.
Fixes: 3f1e7c85a18182669899f4065d23fec6ac0962c
Closes: #396Closes: #397
Approved by: jlebon
We don't have a lot of outstanding changes to the C code, so now seems
like a good time to do this. I implemented this with some highly
sophisticated sed commands like:
```
find -name '*.c' | while read name; do sed -i -e 's,gs_unref_object \([A-Za-z]*\) \*,g_autoptr(\1),' ${name}; done
```
Part of dropping the dependency on libgsystem, same as what we're
doing in ostree.
Closes: #393
Approved by: jlebon
So that it's easier to build bubblewrap as `Source1` in an RPM
embedded (flatpak is using a git submodule, but for this I think
`Source1` is better).
Closes: #384
Approved by: jlebon
The `rpmostreed_refspec_parse_partial` method would only work with
refspecs that include a remote. This was causing rebases to fail when
specifying a local ref. However, it should be perfectly valid to do
this. Adapt the function.
Closes: #371
Approved by: cgwalters
We would unconditionally call ostree's pull() regardless of whether the
branch we were tracking was remote or not. We need this to work to make
it easier to write tests, though it's a worthy addition on its own.
Closes: #371
Approved by: cgwalters
The origin might have an empty "requested" key in the "packages"
section, which is probably an indication that packages were once added
but were then removed.
Explicitly check the length of the pkg array in case it's actually
empty before adding the base-checksum to the deployment variant.
Closes: #371
Approved by: cgwalters
I'm thinking this list of things actually needs to live outside of the
source code and be more obvious (and we should file bugs to get the
packages fixed), but in the short term my demo today uses Vagrant and
it'd be nice if it was installable.
Closes: #364
Approved by: jlebon
I was hitting a strange segfault when trying to add a package,
and it ended up being that `krb5-libs` was in the transaction,
but its `rpmteKey()` was `NULL`.
It took me a while to realize that the reason this was happening is
`krb5-libs` was in the base, but there was a newer `krb5-workstation`
package wants a newer version.
We're going to encounter interesting issues with packages that have
hard version locking, where one half of the package is in the base and
the other half is layered.
It works for me to drop out `UPGRADE` etc. from the transaction. In
this case, what will happen is libsolv seems to silently avoid
upgrading to the newer version of `krb5-workstation`.
In general, we're going to need `pkg-add` to be able to upgrade as
well at the same time, but that's for a later patch.
Closes: #362
Approved by: jlebon
I noticed that actually `hif_package_get_nevra()` mallocs, but a bunch
of this core code seems to assume it's const.
Actually, I suspect there's no good reason for it to strdup, so I'll
fix that too.
But in the meantime, we actually don't need to indirect through the
nevra, we can just store the `HifPackage` that we wanted anyways as
the key.
Now, the *real* reason I wrote this is right now rpm-ostreed is
segfaulting due to failing to look up the key, and I can't figure
out why...this doesn't fix it, but it makes the code better.
Closes: #359
Approved by: jlebon
Let's say package layering is "preview" - we show it in help, but
marked `(preview)`.
Whereas the `container` and `internals` builtins this patch calls
"experimental" - we don't show them in help even.
Both get a warning message when executed.
Closes: #354
Approved by: jlebon
I was trying to upgrade my desktop today and hit errors due
the fact I was apparently only upgrading the base, and not
layered packages. (Due to a newer shared library in the base
needing to be version locked with a layered package).
It turns out we were keeping the cache forever, which is really quite
the opposite of what we want here.
I haven't looked if librepo is doing If-Modified-Since etc. updates or
not, but if it isn't we need to fix that.
Closes: #355
Approved by: jlebon
During the initialization of the daemon, it would try to load the
deployments and cache a few things. One of these steps wanted to look up
the rev of the deployment. However, if the rev no longer exists (e.g. we
just did a rebase, purged the ref, and rebooted), this would error out.
Replace the lookup by simply directly using the csum from the
deployment.
Closes: #353
Approved by: cgwalters
Rebasing on a new branch should not in any way care about which commit
we're currently overridden on.
Also fix a typo which would cause override-commit keys to not be
deleted from the origin.
Closes: #353
Approved by: cgwalters
Now that the `status` command learned a `--json` option, we can pretty
much avoid parsing human-readable output. The only piece of information
that is missing from the JSON output compared to the output for humans
is *which* deployment we're currently booted in.
This patch fixes that shortcoming by adding a "booted" boolean variant
to the deployment variant.
Closes: #350
Approved by: cgwalters
In order to make many things work, we need to run scripts. Short version:
For now, we:
- Run `%posttrans`
- Treat most `%post` as the same as `%posttrans`
- Ignore `%preun` and such since we never uninstall
Most importantly though, we start to build up an "override" list
for script handling. Currently it's just a blacklist of scripts
we don't need.
Significant work here would be needed to run Lua scripts, so far I've
been able to just skip them.
Closes: #338
Approved by: jlebon
We don't currently expect people to sign commits locally.
However, long term, I would like to support a verified boot model
where we still support layered packages. A system administrator could
log in and perform changes, and possibly use a remote hardware token
to sign the commit. Anyways that's for the future.
Closes: #346
Approved by: jlebon
I've found it's a lot less code to have multiple builtins share live
in the same `.c` file where they can share things like options.
Also, rename `pkg-delete` -> `pkg-remove` since the canonical antonym
of `add` is `remove`.
Closes: #345
Approved by: jlebon
Link to the Fedora bug that introduced this, and also change things so
it's also used for the "compose" case because:
- Again it doesn't add security
- Tools that operate on "compose" repos have to work around this
when doing checkouts, see e.g. https://lists.freedesktop.org/archives/xdg-app/2016-June/000241.htmlCloses: #335
Approved by: jlebon
I was in the process of trying to support `%post` scripts, and I
wanted to use `rpm-ostree container` for convenient and safe testing.
However the recent package layering changes broke it to error out
on perms like `filesystem`'s `root:mail` on `/var/mail`.
I decided to introduce a new `rpmostree_context_new_compose` which had
the current behavior, switch `compose tree` to use it, and then change
`_new_unprivileged` to *really* be unprivileged. Specifically we
ignore file ownership (and fix dir owners) because we assume we'll be
operating with `bare-user` repos.
Closes: #327
Approved by: jlebon
We need the ability to both add and remove packages as one
transaction in the general case (`Conflicts:`), plus it'd
be quite nice to allow users to do multiple package things
before rebooting.
And finally, this deletes a lot of duplicate code.
Where I'm really thinking this should go is we only have one
transaction type internally for at least upgrade/pkg as a group.
Closes: #326
Approved by: jlebon
I really want a command to cancel the running transaction, but as a
preparatory step, let's display what's going on in `status`.
The text output here is really a demonstration - I'll improve it but I
want to rework the internals first.
Closes: #320
Approved by: jlebon
In the future I want to add more content in the status such
as active operations, so let's make the "deployments" just
one entry in an object.
Closes: #320
Approved by: jlebon
Really...we should have done this since day zero. Given that the
final integration of package layering/compose/rpm caching is finally
over the horizion but not yet here, let's still do this now.
I plan to backport this patch to the 2016.3-fixes branch.
Closes: #332
Approved by: jlebon
In the future we'll be taking over pretty much all RPM functionality
(unpack/scripts) and will be able to provide a lot more useful
information more directly under our control.
But in the meantime:
- Set the default to "info" which is apparently where things like
corrupted packages will show up. It's just info you know?
- Allow callers to override this via environment variable, specifially
one can use "debug" for lots of info.
Closes: #331
Approved by: jlebon
According to tmpfiles.d(5), files should follow the convention
<package>.conf or <package>-<part>.conf. So we rename
tmpfiles-ostree-integration.conf to rpm-ostree-0-integration.conf.
The 0 index is so that the autovar conf created by postprocess is
sourced *after* this one, so that `integration.conf` has higher
precedence if there are duplicate entries.
Closes: #325
Approved by: cgwalters
Right now, while one can `pkg-add strace`, there are a lot of
packages with `%post`. Since some current developers want
to use package layering as it is today, let's add the concept.
Even after we have a whitelist of scripts and have cleaned up Fedora
to use them, we'll still have potential issues with 3rd party RPMs
etc. for a long time, so allow people this out to stumble forward for
those and potentially run them by hand if necessary.
Closes: #311
Approved by: jlebon
A friend once convinced me that having two boolean arguments to a
function was bad, three or more really should be converted into flags
to avoid confusion.
I plan to add another.
Closes: #311
Approved by: jlebon
This is bringing forward an old PR for libhif:
https://github.com/rpm-software-management/libhif/pull/39
Right now, we aren't running `%post` or any of the other variants. A
lot of packages will work if we just ignore `%post`, others won't.
Let's be conservative until we start running them, and don't imply we
support things we don't yet.
Closes: #311
Approved by: jlebon
This squashes an ugly `/var/tmp/rootfs.XXXX/usr/share/rpm: ENOENT`
warning that occurs because we were nuking the temporary rootfs
before cleaning up the context object, which was indirectly
holding references to it.
Closes: #319
Approved by: jlebon
It's really simple to reflect the DBus API into JSON, which tools like
Ansible or `jq` from the command line or whatever can parse to find
interesting things like the current version.
Closes: #301Closes: #315
Approved by: jlebon
I think most users are really going to be interested in the base/origin
commit, and not whatever the stuff they made locally happened to hash
to.
Closes: #295
Approved by: jlebon
I really don't like doing a `g_warning()` in the middle of a call
stack and stumbling onwards. If we fail to load a commit, we should
pass the error back up to toplevel boundary - normally a DBus method
invocation. As opposed to giving partial or incorrect data.
This is a preparatory (git) commit for adding more data from the
(ostree) commit to the deployment variant.
Closes: #295
Approved by: jlebon
- `ostree_sysroot_get_deployments()` cannot fail (only assert)
- Relying on setting a GError to detect the rollback only to
clear it was a bit weird; instead just pass `NULL` there.
Closes: #295
Approved by: jlebon
With the end goal in mind that I want to optimize for the case
of 1-2 deployments, it's actually a lot simpler to just
nuke the whole current column base.
It just really doesn't make sense with layered packages, and even
before then, I usually found the timestamp and osname columns
redundant.
Closes: #295
Approved by: jlebon
It's slightly prettier, but this is just laying some
groundwork/precedent for importing more systemd code and using it for
our formatting.
Closes: #295
Approved by: jlebon
Since we now run everything uninstalled, we can't expect the tmpfiles
conf file to be installed. We add an env var that will allow us to tell
rpm-ostree to look elsewhere. This is then used in test-compose.sh.
Closes: #304
Approved by: cgwalters
GPG signing an RPM doesn't change its NEVRA, and we need to support
detecting the case when RPMs change from unsigned to signed (or vice
versa).
It's also quite common for local developers to rev RPMs without
bumping the release or whatever, so this will fix that too.
Closes: #291Closes: #296
Approved by: jlebon
Some code changes in the package layering broke this to always
error out with `refs are equal`.
Reading the code I was confused for a bit until it dawned on
me that `self->refspec` was the input, and we extracted the current
one in a different way. I ended up modeling it back on the last
working commit I saw (`9eabc1ba`).
That said the logic here could be cleaned up more...it feels like we
should just have a "dry run" flag for the rebase transaction core or
something. Anyways, going for a surgical fix now.
Closes: #299
Approved by: jlebon
I wanted to avoid yet another copy of the "generate tempfile name"
code, so moved it to libglnx:
https://github.com/GNOME/libglnx/pull/14
This also closes the TODO about deduping the "break one hardlink" code
with the "break all links in one dir" code. The core observation here
is that it's simpler to copy to a tempfile and rename over the
existing, rather than rename, create, unlink.
Closes: #293
Approved by: jlebon
This patch prepares RpmOstreeContext for supporting package layering. A
relabel operation is added as well to support relabeling imported
packages if the sepolicy of the rootfs we're overlaying onto is
different from during import.
Closes: #289
Approved by: cgwalters
- Delete unpack_to_dfd path
- Get rid of copynpaste stuff and use the newly reworked ostree
libarchive API which now supports the callbacks we need
Closes: #289
Approved by: cgwalters
This patch fixes up errors in the parent commit which added pkg-add.
Some of them are due to the rebase on top of the unprivileged
infrastructure.
- fix compile errors (due to libhif changes after rebase)
- delete duplicate prototype for rpmostree_sysroot_upgrader_deploy
- include allow-older in flags type
- fix change_upgrader_refspec to use g_strdup() (this was causing the
wrong old refspec to be registered)
- in builtin-status.c, check for NULL before joining the packages array
- sysroot-upgrader: fix gtype function names
- roc_context_prepare_for_root(): delete unused param
- assemble_commit(): delete unused param
- RpmOstreeSysrootUpgraderFlags: fix docs
- Fix sysroot property name and add reboot opt
Closes: #289
Approved by: cgwalters
This builds upon the earlier prototype in
https://github.com/cgwalters/atomic-pkglayer
The `.origin` file says for a replicated installation:
[origin]
refspec=local:rhel-atomic-host/7/x86_64/standard
If you then run `rpm-ostree pkg-add strace`, it will result in a new tree with:
[origin]
baserefspec=local:rhel-atomic-host/7/x86_64/standard
[packages]
requested=strace;
Work still remaining here is to teach `rpm-ostree status` and
`rpm-ostree upgrade` about this.
Closes: #289
Approved by: cgwalters
This works around a potential issue with libsolv if we go down the
rpmostree_get_pkglist_for_root() path. Though rpm has been using the
/usr/share/rpm location (since the RpmOstreeContext set the _dbpath
macro), the /var/lib/rpm directory will still exist, but be empty.
libsolv gets confused because it sees the /var/lib/rpm dir and doesn't
even try the /usr/share/rpm location, and eventually dies when it tries
to load the data.
So we set the symlink now. This is also what we do on boot anyway for
compatibility reasons using tmpfiles.
This also means we don't have to do the /var/lib/rpm --> /usr/share/rpm
transition during the rootfs postprocess (but we still have to clean up
db and lock files).
Also get rid of the unused pkglist variable.
NB: I used the GFile & gs APIs to mesh with the surrounding code.
Closes: #290
Approved by: cgwalters
I'm trying to debug why I'm getting an older version of `docker`,
and it's useful to see the repository name we're getting something
from. Yum does this by default.
(Though we should probably consider column formatted output too
on a tty)
Closes: #282
Approved by: jlebon
Right now the `ostree.rpm` package always configures dracut to inject
the ostree setup via a conf file. But it's actually simpler and
cleaner to just have callers specify it explicitly.
https://bugzilla.redhat.com/show_bug.cgi?id=1331369Closes: #276
Approved by: jlebon
This comes from the tradition of yum repo files. It's significantly
easier for rpm-ostree users building multiple architectures if some
core templating for the treefiles is built in.
Otherwise, everyone needs to learn about a new wrapper tool for
rpm-ostree, and said tool would need to re-do the same "basearch"
evaluation that is already occuring inside libhif.
This commit also paves the way for introducing `${releasever}`
substitution.
NOTE: This depends on pending changes to libhif git.
Closes: #274
Approved by: jlebon
A future commit is going to change our parsing of the "ref" member in
treefiles, so ensure we only load it once early on in compose-tree.
We already looked up the previous commit there, so just pass it down
rather than reloading the ref.
Closes: #274
Approved by: jlebon
This will allow to copy arbitrary files into the rootfs, specifying something like:
"add-files": [["service.template", "/exports/service.template"],
["config.json.template", "/exports/config.json.template"]]
It is quite useful when building a container image.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #253
Approved by: cgwalters
If one does `rpm-ostree foo --bar`, one would expect to see
`Unknown subcommand foo`, not `Unknown option --bar`.
Closes: #267Closes: #270
Approved by: jlebon
Otherwise we `exit(0)`, but trip an internal warning.
We have so much copy/paste going on here, but let's fix the
bug first.
Closes: #261Closes: #262
Approved by: giuseppe
Because `hif_source_get_location()` is actually a reference to the
upstream repo, we shouldn't create a cache directory there.
This is just a two line fix, but I changed some things so that we keep
track of the number of local packages, in order to make the "Need to
download" print accurate.
We still need to add them (confusingly) to the `packages_to_download`
because that's also used for the container path which imports them.
Closes: #255Closes: #256
Approved by: jlebon
It's not really baked, totally undocumented etc. Let's leave it in as
a tech demonstration for people who saw my Devconf.cz talk, but that's
it for now.
Pull request: #248
Approved by: jlebon
The fact that we didn't notice this is a testament to the state of
testing =(
I think I want to change the container build path to also only
grab /usr and /etc rather than having the paths be different,
but for now - the quick fix.
Pull request: #243
Approved by: jlebon
I was tracking another regression where we seem to have lost
`/usr/etc` contents which manifested as `Labeling with... (null)`
which was clearly wrong.
Now this change actually impacts the test suite - we now (again IMO
correctly) error out if `selinux: true`. The `no-selinux-tag` test
no longer makes sense, so delete it.
We do need more "real" tests that use selinux on and off.
Pull request: #243
Approved by: jlebon
The new context methods recently added for unprivileged infrastructure
would set the ostreerepo member when calling new_unprivileged(). Since
here we will be using the sysroot repo, we need the ability to set the
repo. Just add a new set function for now, maybe move it into
new_system() later.
Also, make sure we dereference the repo on finalize.
Pull request: #240
Approved by: cgwalters
There will be cases where we don't actually want to tag a ref on the
final assembled commit. This will be true for package layering.
Pull request: #240
Approved by: cgwalters
We allow the "repos" key to be missing, which just means that we let
libhif do its job, i.e. automatically use the repos in repodir that are
enabled.
We still do a check in rpmostree_context_setup() to make sure that at
least one repo is functional.
Pull request: #240
Approved by: cgwalters
It's expected to be able to switch to something different when
rebasing, even if the current origin has unconfigured-state.
Closes#232
Pull request: #238
Approved by: jlebon
libgsystem has long been deprecated, so this is a small step for man,
and not really a gigantic leap at all for anyone but hey, at least I
changed something in git today.
While I was debugging the tests, I wanted to run the daemon
interactively under gdb but still on the session. In our previous
logic this was only possible if we were exec'd by dbus-daemon which
made attaching gdb annoying.
Let's honor the environment variable consistently on client and
server.
This was a semantic change could potentially impact a lot of users who
weren't aware of the new '77 == unchanged' status and would treat it
as an error.
We retain the 77 for `--check` as I feel it's likely fewer people were
scripting that, and the ones that were would more quickly adapt to the
change.
As part of this, change the logic for detecting a change to be more
explicit by comparing the defaults. I think this will fix a potential
bug where we could get a property change notification even if nothing
changed.
Now that the internal reading methods operate on the mainloop, and we
know there can only be one write transaction at a time, it should be
safe to drop the internal mutexes (and multithreading).
Updates to the `OstreeSysroot` instance and DBus API all happen off
the mainloop now. The write transactions now use a separate
`OstreeSysroot` instance, and do not perform any changes to process
state on their own. We always reload state from disk.
I think this is a lot simpler to reason about from a correctness point
of view, at a likely negligble loss in performance for read
transactions.
I'd like to move towards a model where internal worker threads don't
touch the "main context data", i.e. we only use message passing (via
main contexts). This means we wouldn't use a mutex.
I find this model to be significantly simpler to reason about.
Every transaction runs in a thread now, and there's no real drawback
to consistently creating a main context to go with it always. Most
of the transaction types now do a pull, which needs it.
Now that we have `ostree_sysroot_load_if_changed()`, we know more
precisely (and cheaply) when things change. Use inotify to detect
changes as before, but we don't need a timeout because all we do is
call `fstatat()` which is basically free; the inode is going to be in
memory.
This will hopefully help with
https://github.com/projectatomic/rpm-ostree/issues/220
but more investigation is needed.
We were loading the list of osnames by walking the FS, but it's a lot
simpler to just extract the set of known osnames from the deployment
array.
This is part of an effort to unify the "sync cached state with disk"
code in order to address race conditions.
We can't rely on the the GLib hash functions not changing (or being
stable across host systems). Basically here we have a "stringified"
deployment...it might be simpler to just declare this stable.
For the columns that can vary in width, check that the minimum width of
the column is at least the length of the column header. Otherwise, we
can run in a situation where some columns are stuck to each other. The
trivial strlen() should be optimized to a constant by the compiler.
There are many reasons why the daemon may not be able to start up. An
initialization error doesn't/shouldn't reflect a programming mistake,
but instead a runtime issue in the environment.
Thus, if we fail to start the daemon, we shouldn't use g_error(), which
dumps core. We should instead print the GError and clean up as nicely as
we can.
Resolves https://github.com/projectatomic/rpm-ostree/issues/194.
Right now we're doing the /etc -> /usr/etc inside the RPM import, but
we might as well do the /usr/local bits in both. Also, use
/usr/share/rpm by default for treecompose too so that is unified.
Other things like systemd unit files and kernel handling are only
going to be used for host side composes.
I debated config file formats a lot. JSON is fairly awkward for
humans to write, and really painful to parse from C. YAML is nice,
but also painful from C.
Both are fairly overpowered for what we really need. Keyfiles
(desktop spec, `GKeyFile`) have a lot of limitations, but at least
it's used by systemd and `.desktop` files, and we already have a
parser.
We still parse the JSON treefiles, but internally convert them to
`GKeyFile` (which is in turn converted to `GVariant` for a canonical
form).
This is just a tech demo. Example usage:
```
mkdir -p ~/.cache/rpmostree-containers
cd ~/.cache/rpmostree-containers
rpm-ostree container init
cp /etc/yum.repos.d/CentOS-Core.repo rpmmd.repos.d
rpm-ostree container assemble bash
rpm-ostree container assemble httpd
```
This is in preparation for `rpm-ostree container`, which handles
unpacking RPMs as non-root.
At the moment, I'm copying code in from both ostree's libarchive bits
(fixable...may need to export some utility functions) and some
functions from libhif (harder, see:
http://lists.rpm.org/pipermail/rpm-ecosystem/2016-January/000297.html )
There's lots more cleanup to do here, but I don't want to block on the
resolution of the libhif changes.
This is part of taking over from librpm. The most important high
level goal is fully unprivilged operation.
Right now we're basically starting to do what
http://libguestfs.org/supermin.1.html does, except in C, and
faster.
There's no reason that `compose tree` should require privileges.
However right now, things like `%post` scripts will want to run in the
target root - so we'd have to require `linux-user-chroot`.
Regardless of unprivileged operation though, another major thing we
can do is use our control over the unpacking process to do a lot more
sophisticated caching. We can build up a precise mapping of (rpm
ENVR, file path, selinux label) -> object and avoid rechecksumming
each time.
And even for files that aren't known, we can parallelize commit with
unpacking, etc. (Ok assuming treecompose-post won't mutate anything).
I'd like to experiment with different things that end up
reusing chunks of the rpm-ostree internals, such as libhif, the
helpers we already have around RPM, etc.
In this particular case I'm experimenting with unpacking/committing
RPM packages as non-root. Eventually most of this should end up as
internal private shared library, but it's convenient to have an
ABI-unstable and hidden "internals" command to run things directly.
This commit though just adds the scaffolding for "internals".
As we start to do more package things, extract common helper functions
around HifContext * that by default operates on the system root.
Some of these bits should go in libhif, but the immediate plan is to
iterate here, then push downwards later.
Besides porting GFile -> fd, I specifically want it to operate in an
append mode for package layering. Then given an existing tree, we
ensure we're not deleting the underlying tree's autovar files.
Encountered a couple crash scenarios:
1) A commit with an invalid timestamp trips an assertion. Instead
show the timestamp as "invalid".
2) If a deployed commit is unsigned, the daemon will not include a
"signatures" array in the deployment's GVariant representation.
The logic for --pretty was assuming the "signatures" array is
always present.
Determines a revision argument to either be a SHA256 checksum or a version
metadata value.
The revision string may have a "revision=" prefix to denote a SHA256
checksum, or a "version=" prefix to denote a version metadata value. If
the revision string lacks either prefix, the function attempts to infer
the type of revision. The prefixes are case-insensitive.
rpm-ostree upgrade --preview - Just preview package differences,
like deploy --preview
rpm-ostree upgrade --check - Just check if an upgrade is available
In both cases, the exit codes are 0 (upgrade available), 77 (no upgrade
available) and 1 (error).
The --check-diff option still works but is deprecated and not shown in
the --help option listing.
Don't remember why we're not using the daemon for this, but I already
went to the trouble of writing rpmostree_print_package_diffs() for the
"deploy" command. Use it here as well.
rpmostreed_commit_generate_cached_details_variant() returns NULL if the
origin checksum of an OstreeDeployment matches the checksum of a refspec,
which may also be the OstreeDeployment's origin.
I don't understand the reasoning for that, especially since none of the
callers are prepared to deal with a NULL return. Nor is there a comment,
so remove the check.
This was making the daemon crash on
rpm-ostree deploy --preview <current-deployment-checksum>
which should just indicate no package differences.
Deploy method locks the deployment at a particular commit by adding an
"override-commit" line to the origin file.
Upgrade method must undo the override so we always upgrade to the latest
available commit.
Deploy(revision) pulls and deploys a particular revision on the
branch of the currently booted deployment. The revision can be
expressed as a SHA256 checksum or as a version metadata value.
Similar to rpmostreed_repo_lookup_version(), except without pulling from
a remote repository. It traverses whatever commits are available in the
local repository.
