Commit Graph

2158 Commits

Author SHA1 Message Date
Jonathan Lebon
07ecfca3d9 Add new reset command
Add a new `reset` command that makes it easy to blow away all
customizations: overlays, overrides, and initramfs. One can use flags to
only reset some of the customizations.

I placed this under `ex` out of conservatism. It's a pretty simple
command with simple behaviour, though the features it relies on
(no-layering, no-initramfs) are brand new. We can move it out of there
in a release or two?

Closes: #1387

Closes: #1419
Approved by: cgwalters
2018-06-26 20:32:28 +00:00
Jonathan Lebon
c84b8b81db app: Lift kargs out of experimental
It's been in experimental for a while now, and we've had good feedback
that it's working. With #1392 fixed, it seems in a good position to
declare stable and commit to that API. This also helps empty out `ex` a
bit.

Closes: #1428
Approved by: cgwalters
2018-06-26 19:14:56 +00:00
Colin Walters
77e2e19c1f postprocess: Set default.target in /usr
Follow-up improvement after
https://github.com/openshift/os/pull/135

This should ensure it survives systemd's preset run on firstboot.

Although honestly...what we should *really* do is check whether
the `default.target` symlink target exists, and if not reset it
to `multi-user.target` so no one would have to care, but that'd
be conceptually separate from this, so I may do it later.

Closes: #1427
Approved by: jlebon
2018-06-25 20:45:32 +00:00
Colin Walters
d7342731ab Add a treefile option to stop creating /etc/machine-id
We actually want systemd's `ConditionFirstBoot` to fire.  The
primary rationale here is that we're adopting Ignition for Fedora CoreOS,
and having `ConditionFirstBoot=` function will help a lot, as the idea
is it only runs once.

However, I discovered that this breaks the `units` directive for example,
as systemd blows away all the unit state in `/etc`.  The correct thing
to do from the start is to use presets.  We could add an implementation of
`units` which works with this on and instead writes a preset file but...eh.
My plan is to at some point introduce an "epoch" and flip various defaults,
this one, `tmp-is-dir`, the passwd file handling, etc.

See: https://github.com/dustymabe/bootengine/pull/11

Closes: #1425
Approved by: jlebon
2018-06-25 16:19:00 +00:00
Jonathan Lebon
94ee42b03b daemon: Add a few missing transaction titles
Closes: #1424
Approved by: cgwalters
2018-06-22 15:07:42 +00:00
Jonathan Lebon
b302aa45bc daemon/deploy: Allow layering with no-layering option
We added the `no-layering` option, but made it conflicting with
`--install`. This loosens that requirement so that one can do e.g.

    rpm-ostree uninstall --all -install foobar

to essentially remove all layered packages and then add back `foobar`.
Prep for `reset` command.

Closes: #1424
Approved by: cgwalters
2018-06-22 15:07:42 +00:00
Michael Scherer
14b104d9f1 Fix the link to Fedora Atomic json file
Closes: #1423
Approved by: jlebon
2018-06-22 14:13:06 +00:00
Colin Walters
a4a8c7cc96 rust/treefile: Fix mutate-os-release typo
It's tempting to enable this by default in YAML...one step at a
time though.
2018-06-21 11:53:06 -04:00
Micah Abbott
4c61a19f42 Clarify the use of --uninstall switch
While looking at the inline help for `install`, I thought we could do
better by specifically stating that the `--uninstall` switch only
operates on layered packages.  This might prevent any users from
trying to use the `--uninstall` switch on a package that is part of
the base deployment.

Closes: #1421
Approved by: jlebon
2018-06-20 14:26:33 +00:00
Ruixin Bao
92f08ea80b upgrader/vmcheck: fix kargs get lost when doing multiple operations
Kernel arguments added from `rpm-ostree ex kargs` can be lost
after doing multiple deploy related operations (e.g upgrade, install etc).

The root cause of that is because when doing the deployment
(ostree_sysroot_deploy_tree), the kernel arguments from the
pending deployment were never passed in.

This commit adds logic to pass in kernel arguments from pending deployment
to fix the above mentioned problem

Closes: https://github.com/projectatomic/rpm-ostree/issues/1392

Closes: #1420
Approved by: cgwalters
2018-06-18 16:13:57 +00:00
Jonathan Lebon
8b66c830b7 app/builtins: Consistent description for --reboot
A bunch of commands had descriptions for `--reboot` that were copied
from the `upgrade` description. Let's just make them all the same to
keep it consistent.

Closes: #1418
Approved by: cgwalters
2018-06-18 13:49:41 +00:00
Jonathan Lebon
096b0554f0 man/rpm-ostree: Tweak install/uninstall docs
Minor tweaks to try to clarify that the `install` and `uninstall`
commands are for managing an overlay. This should hopefully make it less
likely that someone tries `uninstall` when really they want
`override remove`.

Also drop the paragraph about having to specify NEVRAs for removing
local RPMs since that's no longer necessary.

Closes: #1418
Approved by: cgwalters
2018-06-18 13:49:41 +00:00
Colin Walters
57475e5cc7 daemon: Further consolidate option parsing for deploy
Fewer variables and avoid extra strdupv calls.  I also fixed
handling of refspec canonicalization that I broke with a previous
change (we weren't actually setting `self->refspec` to the canonicalized
version).

Closes: #1414
Approved by: jlebon
2018-06-15 20:19:41 +00:00
Jonathan Lebon
293baa222d treefile.rs: Add missing #[serde(rename)] attributes
I was surprised when I fired up GDB and found out that my
`etc-group-members` modifications weren't being obeyed. It turns out
serde was looking for the wrong field name. I did a quick sanity check
and found a few others.

Closes: #1417
Approved by: cgwalters
2018-06-15 18:48:34 +00:00
Colin Walters
5d75697dc4 status: Assert that we have deployments
I think this is what's showing up in a PR test:
21b68a68ff.2.1529072619059542132/artifacts/vmcheck/livefs.log
```
(rpm-ostree status:17017): Json-CRITICAL **: json_gvariant_serialize: assertion 'variant != NULL' failed
```

It shouldn't be happening; let's add an assertion which will give us a core
dump reliably instead of the "stumble on" `g_warning()` default.

Closes: #1416
Approved by: jlebon
2018-06-15 18:24:19 +00:00
Colin Walters
999bf3d3d9 daemon: Drop some internal options → flags conversion
It's just all-around simpler if we only parse the vardict
and avoid exploding everything into enums/parameters.  Previously
we were converting the variant into parameters and flags, and
then in most cases converting the flags back into booleans!
This should make it easier to add new parameters.

Closes: #1412
Approved by: jlebon
2018-06-15 13:25:21 +00:00
Colin Walters
eacd97c4ef daemon/txn: Hold a ref to deployment options variant
This will allow later code to parse it directly.

Closes: #1412
Approved by: jlebon
2018-06-15 13:25:21 +00:00
Ruixin Bao
ec0af351f2 passwd-util: change passwd to FALSE to allow checking groups
We are having exact same function call between rpmostree_check_groups
and rpmostree_check_passwd, which means we are ignoring all the logic
for group checking.

This commit changes the option `passwd` to FALSE to also check for groups
during compose process.

Closes: #1413
Approved by: cgwalters
2018-06-15 13:19:08 +00:00
Jonathan Lebon
445954ddb8 app/dbus-helpers: Initialize reboot & dry run vars
Minor regression from #1382. Since we no longer always include all the
option keys, we actually need to initialize the default values now.

Closes: #1410

Closes: #1411
Approved by: cgwalters
2018-06-14 18:17:08 +00:00
Jonathan Lebon
fb006b5b43 app/uninstall: Add --all switch to drop all layering
This is one part of #1387 and is prep for a single higher level command
that makes it easier to remove all customizations (layering *and*
overrides).

Closes: #1408
Approved by: cgwalters
2018-06-14 12:36:15 +00:00
Jonathan Lebon
65d08d928e daemon/deploy: Fix off-by-one count in localinstall
We were also counting the `NULL` element we added at the end of the
array when appending how many local installs we were doing. Fix this by
just reading the array length before adding the `NULL` terminator.

Closes: #1407
Approved by: cgwalters
2018-06-13 20:32:37 +00:00
Jonathan Lebon
ca9e04714b daemon/deploy: Tweak no-op output message
We were previously relying on `!self->revision` to determine what
message to print in the no-op case. This made `override reset --all`
also print `No upgrade available.`.

Fix this by using the stronger `is_upgrade` instead.

Closes: #1407
Approved by: cgwalters
2018-06-13 20:32:37 +00:00
Jonathan Lebon
8c11060f75 daemon/deploy: Fix transaction title on uninstalls
We were labeling pure `uninstall` transactions as `install`. Tease out
that distinction. (Though if a `--install` switch is passed, then we
still just label it as `install` -- there's no difference between that
and `install --uninstall` anyway).

Closes: #1407
Approved by: cgwalters
2018-06-13 20:32:37 +00:00
Jonathan Lebon
72e427cc3d app/override: Don't crash on no change
Doing `override reset --all` may be a no-op if there are no overrides
currently applied. But we were trying to always print the tree diff
under the assumption that all override invocations have to result in a
new deployment.

Fix this by using the same default deployment check that `upgrade` does
before printing.

Closes: #1407
Approved by: cgwalters
2018-06-13 20:32:37 +00:00
Colin Walters
85a39dd923 rust/treefile: Buffer writes
Not doing buffering is a perf footgun.  Thanks to @lucab for
the PR on the original code that was copied here.

Equivalent to https://github.com/cgwalters/coreos-assembler/pull/3

Closes: #1405
Approved by: jlebon
2018-06-12 21:25:07 +00:00
Colin Walters
2c8a144c1b daemon: Move deploy parsing down into _new_deploy()
Follow to previous change; this should make it easier to add
a new parameter.  It also just makes more sense to centralize
the parsing here.

Closes: #1403
Approved by: jlebon
2018-06-12 20:29:56 +00:00
Colin Walters
826177c2a0 daemon: Push deploy GVariant parsing down a level
Subsequent patches will move it down farther; the high level
goal is to avoid touching many functions to add a parameter.

Closes: #1403
Approved by: jlebon
2018-06-12 20:29:56 +00:00
Jonathan Lebon
d436d48a2f libpriv/origin: Allow removing local RPMs by name only
This fixes a painful UX issue where one must use the full NEVRA when
uninstalling a locally layered RPM. Now, one can specify either the
NEVRA or the package name only. Though we still try to interpret the
request first as a NEVRA or a capability.

Closes: #1386

Closes: #1400
Approved by: cgwalters
2018-06-12 14:55:40 +00:00
Jonathan Lebon
073978aace app/override: Don't auto-enable cache-only if also installing
Otherwise, we won't be able to fetch the requested packages from the
repo.

Closes: #1384

Closes: #1402
Approved by: cgwalters
2018-06-12 14:52:27 +00:00
Colin Walters
27bd7b97bb Handle "pinned commits" specifically
There are a few scenarios today where one might deliver content
to a machine via an external transport.  For example, take the
scenario of a single server updated via USB drive.  While we
can provide a refspec...what should the remote be?  (This gets
into ostree collections).  There's nothing really that can
happen when typing `rpm-ostree upgrade` unless the USB stick
is plugged in.  That type of scenario should be emphasized
by pinning the commit - the machine is updated via an external
script.

Another case: we're experimenting embedding OSTree commits inside OCI
containers.  Here again since rpm-ostree can't understand how to
pull content from containers, it's saner to drop the refspec
bits, and pin to a commit.

Further enhancements will follow to make the admin experience more
obvious.

Closes: #1396
Approved by: jlebon
2018-06-11 20:37:58 +00:00
Colin Walters
26f04595b2 upgrade: Note if automatic updates are enabled
When e.g. FAH does the automatic update transition, let's remind
people who are doing it manually still.

Closes: #1399
Approved by: jlebon
2018-06-11 18:46:58 +00:00
Jonathan Lebon
eeb5213ddd upgrader: Add missing values to flags GType
We were missing a bunch of flags as part of the property GType. I was
getting a warning that's become fatal because we set
`G_DEBUG=fatal-warnings` for `make vmsync`, which is how I was testing
this:

```
rpm-ostree[1813]: value "((RpmOstreeSysrootUpgraderFlags) 48)" of type 'RpmOstreeSysrootUpgraderFlags' is invalid or out of range for property 'flags' of type 'RpmOstreeSysrootUpgraderFlags'
kernel: traps: pool[1816] trap int3 ip:7f47f4b4b6d5 sp:7f47e989d1f0 error:0 in libglib-2.0.so.0.5600.1[7f47f4af9000+115000]
```

I'm not quite sure why this is happening now though, since I use
`make vmsync` a lot. My guess would be something to do with how we
changed flag passing in d568e54d from "all of them" to "only those we
need", but I didn't verify that.

Closes: #1398
Approved by: cgwalters
2018-06-11 17:50:34 +00:00
Colin Walters
5fec2b1af3 build-sys: Add some gitignore for Rust bits
Just keeping status tidy.

Closes: #1397
Approved by: jlebon
2018-06-11 13:08:41 +00:00
Jonathan Lebon
4249dc8c63 libpriv: Directly parse NEVRAs, don't use branches
When I initially added support for local RPM layering (#657), I was
operating under the assumption that there is no reliable way to parse a
NEVRA back to its constituent elements. So we worked around this by
doing lookups in the pkgcache and comparing against branches converted
back to their NEVRAs, which was pretty hacky.

Later on, I learned that you *can* reliably parse a NEVRA back to its
elements because RPM forbids all fields from having a colon `:` and all
fields other than the package name to have a dash `-`. In fact, there is
a helper from `libdnf` to do exactly this.

This patch swaps out the old way of decomposing NEVRAs and converting
NEVRAs to their cache branch notation with a simpler more direct
approach using the helper function from `libdnf`.

Closes: #1395
Approved by: cgwalters
2018-06-08 20:51:30 +00:00
Jonathan Lebon
df4e1d7b75 libpriv: Move cache-branch functions to rpm-util.c
Prep for later commit.

I hesitated between `rpmostree-util.c` and `rpmostree-rpm-util.c`. In
the end, I decided on the latter since some of the functions require
rpmlib headers, which aren't currently included in `rpmostree-util.c`.

Closes: #1395
Approved by: cgwalters
2018-06-08 20:51:30 +00:00
Colin Walters
a8a5f236f1 packaging: Fix Rust vendoring
I made a subtle change at the last minute with the previous PR
to use `*` for the glob instead of `.`, because the tmpdir had a `.tmp`
file I didn't want.

But - this caused us to miss the `.cargo` directory which has
the config file.  And while I'd been testing builds with no network,
of course cargo was really pulling content from `~/.cargo`.

When I went to do a scratch build in Koji, that failed obviously.
I tested this makes things [work with a SRPM scratch](https://koji.fedoraproject.org/koji/taskinfo?taskID=27490830)
and in my dev container under `bwrap --unshare-net` with `mv ~/.cargo{,.orig}`.

Closes: #1394
Approved by: jlebon
2018-06-08 15:42:03 +00:00
Colin Walters
9f6f529f81 compose: Print out the input hash
We're seeing a case where the change detection apparently isn't
working; let's log the hash we got so it's easier to debug.

Closes: #1393
Approved by: jlebon
2018-06-07 17:33:17 +00:00
Colin Walters
c997fd99c2 rust: Fix unused-import in release mode
Closes: #1391
Approved by: jlebon
2018-06-06 15:52:48 +00:00
Colin Walters
7b69294b8a packaging: Support vendoring the Rust sources
This ends up being different than what landed in librsvg (that
was imported into ostree) because in rpm-ostree we've basically
been using `git archive`-based tarball generation rather than `make dist`
for a long time.  And supporting `make dist` looks like it'd get into
handling the `libdnf` bits and walking into `cmake` land so...yeah
let's not do that.

The canonical sources are in git (recursively via submodule),
except for the Rust sources, which cargo can download dynamically,
and with this patch we support glomming all of that together
into a tarball.

(And turn off `make dist` so people understand how we do it)

Tested by `make -f Makefile.dist-packaging dist-snapshot`, then
copying the resulting tarball into a container with `--net=none`
and building there.

Closes: #1391
Approved by: jlebon
2018-06-06 15:52:48 +00:00
Jonathan Lebon
98ed545e1e rust: Use flat_map for splitting package whitespace
This is mostly for fun, though I do like the final result as well.

Closes: #1390
Approved by: cgwalters
2018-06-05 22:02:34 +00:00
Jonathan Lebon
60d49c3413 rust: Pass through clippy
Some tweaks as suggested by rust-clippy.

Closes: #1390
Approved by: cgwalters
2018-06-05 22:02:34 +00:00
Colin Walters
702daa2335 rust: Fix automake warnings, add unit tests to glibutils
Automake was warning about duplicate `clean-local` definitions, let's
do the nonrecursive automake dance.

And while I'm here, let's add some Rust unit tests that actually run
on `make check` too, since the whole unit testing bits of Rust are
awesome.

(I also tweaked the propagate bits to use the nicer `is_null()` method)

Closes: #1389
Approved by: jlebon
2018-06-05 19:53:41 +00:00
Jonathan Lebon
34c3d5a02a app/install: Add --allow-inactive switch
For now all this switch does is turn off the scary warning. We also
tweak the warning to make it clear that this will be required in a
future release.

Closes: #1378
Approved by: cgwalters
2018-06-05 19:01:41 +00:00
Jonathan Lebon
625c17f9b0 daemon/deploy: Re-use base layer rsack
Follow-up to previous commit. Rather than allocating and destroying
RefSacks multiple times, hoist it out of those blocks so it can be
re-used.

Closes: #1378
Approved by: cgwalters
2018-06-05 19:01:41 +00:00
Jonathan Lebon
3c12a58b25 daemon/deploy: Warn on immediately inactive requests
This has been a huge point of confusion for users with the new
declarative way of specifying package requests (see #1216, #1287).
Essentially, doing `rpm-ostree install glibc` will work, but it's not
very useful because we don't really expect glibc to ever go away. As a
heuristic, let's work towards forbidding package requests that would
immediately become inactive. For now, we just print a warning.

Note that this still leaves the door open for layered pkgs that e.g.
become inactive during a rebase to a tree which has it baked in, and
then active again when rebasing back; supporting this was the major
advantage of switching to a declarative approach.

Closes: #1378
Approved by: cgwalters
2018-06-05 19:01:41 +00:00
Jonathan Lebon
315406d8cd daemon: Don't use absolute path for gdbus-codegen
This breaks builds on platforms that don't have `gdbus-codegen`
installed at that path.  This reverts #1153, which was needed at the
time, but things appear to be fixed now.

Closes: #1383
Approved by: cgwalters
2018-06-05 18:09:59 +00:00
Micah Abbott
de42ef701f docs: improve install/uninstall help
This adds some additional help to the man page and the RTD page around
using local packages with the install/uninstall commands.

Closes: #1388
Approved by: cgwalters
2018-06-05 15:59:52 +00:00
Jonathan Lebon
479406e6a5 Add support for YAML treefiles
Let's modernize and start supporting YAML treefiles. I'll dare make the
sweeping generalization that most people would prefer reading and
writing YAML over JSON.

This takes bits from coreos-assembler[1] that know how to serialize a
YAML file and spit it back out as a JSON and makes it into a shared lib
that we can link against. We could use this eventually for JSON inputs
as well to force a validation check before composing.

If we go this route, we could then turn on `--enable-rust` in FAHC for
now and drop the duplicate code in coreos-assembler.

[1] https://github.com/cgwalters/coreos-assembler

Closes: #1377
Approved by: cgwalters
2018-06-05 13:08:33 +00:00
Jonathan Lebon
9085e5144d tests/vmcheck: Fix rojig expected NEVRA for f28
Closes: #1382
Approved by: jlebon
2018-06-04 14:10:21 +00:00
Jonathan Lebon
8f71aa95e6 tests/vmcheck: Disable rojig test on CentOS
I was honestly surprised to see this test was running all this time for
CentOS. As cool as it is, this test is really more meant for Fedora.

Closes: #1382
Approved by: jlebon
2018-06-04 14:10:21 +00:00