Commit Graph

878 Commits

Author SHA1 Message Date
Colin Walters
b716959252 Major revamp/extension of libhif/unpacker code
This is in preparation for `rpm-ostree container`, which handles
unpacking RPMs as non-root.

At the moment, I'm copying code in from both ostree's libarchive bits
(fixable...may need to export some utility functions) and some
functions from libhif (harder, see:
http://lists.rpm.org/pipermail/rpm-ecosystem/2016-January/000297.html )

There's lots more cleanup to do here, but I don't want to block on the
resolution of the libhif changes.
2016-02-22 14:27:45 -05:00
Colin Walters
a09ba2c9aa Merge pull request #213 from jlebon/pr/mutable-deployments
tests: make ostree use mutable deployments
2016-02-19 12:48:16 -05:00
Jonathan Lebon
34fdcaaf50 tests: make ostree use mutable deployments
For the same reasons as described in GNOME/ostree#187. In summary: we
want to make it easy for testers to clean up after we're done by not
setting the immutable flag.

Note that I had to also add it to setup-session.sh so that the daemon
inherited the env var. The libtest.sh hunk is redundant in that case,
but still necessary if the tests are run directly.
2016-02-19 12:39:46 -05:00
Colin Walters
3ca0f1bcd8 Merge pull request #206 from mbarnes/dbus-policy
Update D-Bus security policy for rpm-ostreed
2016-01-12 21:24:12 -05:00
Matthew Barnes
134dd2bf44 daemon: Update D-Bus security policy
Poke some holes in the policy so normal users can introspect paths,
peek at properties, and run "rpm-ostree status".
2016-01-12 16:03:33 -05:00
Colin Walters
e5ce418fe5 Merge pull request #205 from cgwalters/libarchive-builddep
build: Add `libarchive` to pkg-config deps
2016-01-12 12:39:45 -05:00
Colin Walters
04164fc025 build: Add libarchive to pkg-config deps
For some reason my CD builder didn't trigger this, but we do actually
need `-larchive` (and we want to have the dependency metadata so
packagers know to BuildDepends on it).
2016-01-12 11:22:16 -05:00
Colin Walters
5b7e34f427 Merge pull request #204 from cgwalters/unprivileged
Add testing-only `internals` subcommand, with `unpack` verb
2016-01-12 10:38:15 -05:00
Colin Walters
ec4387afba internals: New unpack verb
This is part of taking over from librpm.  The most important high
level goal is fully unprivilged operation.

Right now we're basically starting to do what
http://libguestfs.org/supermin.1.html does, except in C, and
faster.

There's no reason that `compose tree` should require privileges.
However right now, things like `%post` scripts will want to run in the
target root - so we'd have to require `linux-user-chroot`.

Regardless of unprivileged operation though, another major thing we
can do is use our control over the unpacking process to do a lot more
sophisticated caching.  We can build up a precise mapping of (rpm
ENVR, file path, selinux label) -> object and avoid rechecksumming
each time.

And even for files that aren't known, we can parallelize commit with
unpacking, etc.  (Ok assuming treecompose-post won't mutate anything).
2016-01-12 10:22:43 -05:00
Colin Walters
b456badba3 Add testing-only internals subcommand
I'd like to experiment with different things that end up
reusing chunks of the rpm-ostree internals, such as libhif, the
helpers we already have around RPM, etc.

In this particular case I'm experimenting with unpacking/committing
RPM packages as non-root.  Eventually most of this should end up as
internal private shared library, but it's convenient to have an
ABI-unstable and hidden "internals" command to run things directly.

This commit though just adds the scaffolding for "internals".
2016-01-11 23:06:27 -05:00
Colin Walters
eda6abf13d Merge pull request #192 from puiterwijk/no-comps
There is no support for comps groups at this moment
2016-01-10 09:29:40 -05:00
Colin Walters
81bd21e77b Merge pull request #203 from cgwalters/shared-libhif-review
Honor --proxy again, tweak internal libhif API
2016-01-10 09:26:33 -05:00
Colin Walters
5a530b9c85 Honor --proxy again, tweak internal libhif API
Two nits noticed in review that I accidentally ignored before pushing.

https://github.com/projectatomic/rpm-ostree/pull/202
2016-01-10 09:11:04 -05:00
Colin Walters
3f3d59a195 Merge pull request #202 from cgwalters/shared-libhif
Extract a shared internal rpmostree-hif.[ch]
2016-01-10 09:08:23 -05:00
Colin Walters
236a3c46cd Extract a shared internal rpmostree-hif.[ch]
As we start to do more package things, extract common helper functions
around HifContext * that by default operates on the system root.

Some of these bits should go in libhif, but the immediate plan is to
iterate here, then push downwards later.
2016-01-09 11:07:12 -05:00
Patrick Uiterwijk
b03b37416b There is no support for comps groups at this moment
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-01-08 23:20:25 +01:00
Colin Walters
c1488d7e96 Merge pull request #201 from cgwalters/postprocess-cleanup-yumdb
postprocess: Delete dead code relating to yumdb
2016-01-04 16:47:19 -05:00
Colin Walters
163f50214b postprocess: Delete dead code relating to yumdb
This has been long useless because we now disable history writing in
libhif.
2016-01-04 16:23:54 -05:00
Colin Walters
9d928b19bc Merge pull request #200 from cgwalters/postprocess-cleanup
/var -> tmpfiles postprocess cleanup
2016-01-04 14:25:16 -05:00
Colin Walters
5cd40e6d86 postprocess: Cleanup more /var -> tmpfiles code to fd relative
Besides porting GFile -> fd, I specifically want it to operate in an
append mode for package layering.  Then given an existing tree, we
ensure we're not deleting the underlying tree's autovar files.
2016-01-04 12:47:31 -05:00
Colin Walters
cca057d24b postprocess: Convert some of the /var -> tmpfiles to fd relative
Part of an ongoing effort to port away from `GFile`.

Conflicts:
	src/libpriv/rpmostree-postprocess.c
2016-01-04 12:47:14 -05:00
Colin Walters
637ab495eb Merge pull request #199 from cgwalters/postprocess-selinux-prep
Postprocess selinux prep
2016-01-03 09:54:01 -05:00
Colin Walters
8de94004df libpriv: Change internal API to prepare SELinux
This function will be made public for use in package layering.
2016-01-03 09:45:14 -05:00
Colin Walters
e2fa1675f8 libpriv: Convert some SELinux labeling code to dirfd-relative
This is preparatory work for the package layering branch, which
will also reuse this code.
2016-01-03 08:00:10 -05:00
Colin Walters
49b4d721bb Merge pull request #198 from cgwalters/libglnx-update
libglnx: Update
2015-12-30 06:27:30 -05:00
Colin Walters
3f43bfb5e4 libglnx: Update
Nothing right now needs this, but I plan to use the new mkdtemp API in
a later patch.
2015-12-30 06:22:14 -05:00
Colin Walters
6d622e17ec Merge pull request #197 from cgwalters/daemon-local-gpg-verify
daemon: Treat local deployments as gpg-verify=false
2015-12-29 08:25:57 -05:00
Colin Walters
2adf0fce47 daemon: Treat local deployments as gpg-verify=false
Otherwise we trip an assertion.  In the future I think we should
likely encourage `file:///ostree/repo` or so, and thus support
`gpg-verify`.
2015-12-29 08:20:05 -05:00
Colin Walters
900da5190b Merge pull request #196 from miabbott/bootstrap
docs: Removing old content
2015-12-18 18:41:30 -05:00
Micah Abbott
2f0214fd69 docs: Removing old content
compose-server.md:  Removed redundant treefile section

treefile.md:  Edited to indicate that `bootstrap_packages` is no longer
              mandatory and is effectively deprecated
2015-12-18 16:42:42 -05:00
Colin Walters
538a9decbe Release 2015.11 2015-12-15 09:37:47 -05:00
Colin Walters
517bc2b8fb Merge pull request #189 from jlebon/pr/print-before
postprocess.c: be more verbose when running script
2015-12-10 15:30:43 -05:00
Jonathan Lebon
033830e0c0 postprocess.c: be more verbose when running script
We should tell the user that we will run the postprocess script *before*
we run it to help them diagnose issues if things go wrong.

Resolves: #188
2015-12-10 14:49:57 -05:00
Matthew Barnes
fa83724187 status: Fix some crashes
Encountered a couple crash scenarios:

1) A commit with an invalid timestamp trips an assertion.  Instead
   show the timestamp as "invalid".

2) If a deployed commit is unsigned, the daemon will not include a
   "signatures" array in the deployment's GVariant representation.
   The logic for --pretty was assuming the "signatures" array is
   always present.
2015-12-01 12:11:40 -05:00
Colin Walters
154318aff3 Merge pull request #185 from cgwalters/client-notty
app: Handle progress when not being connected to a tty
2015-11-23 21:07:47 -05:00
Colin Walters
5d4c173a9e app: Handle progress when not being connected to a tty
`rpm-ostree deploy X.Y.Z | cat` was aborting on the client side.  I
noticed this when using it via Ansible.
2015-11-23 16:53:24 -05:00
Colin Walters
b82f7338ea src: Quiet a few gcc -Wmaybe-uninitialized warnings
GCC (at least 5.2.1) isn't smart enough to figure out these are always
initialized.
2015-11-23 12:08:37 -05:00
Colin Walters
8d357565b6 Release 2015.10 2015-11-21 10:07:53 -05:00
Colin Walters
54d9263149 man: Document deploy 2015-11-21 10:07:53 -05:00
Colin Walters
f18ef6d291 Merge pull request #183 from miabbott/version
Use PACKAGE_STRING for version output
2015-11-19 17:00:51 -05:00
Micah Abbott
25ae79bc98 Use PACKAGE_STRING for version output
We are currently using PACKAGE_NAME for version output, which returns
exactly what it says it does: the package name.  Not very useful when
looking for version information.

PACKAGE_STRING, on the the other hand, returns the package name and the
version.  Much better!

This is nicely documented in the autoconf manual [1].

[1] http://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.69/html_node/Initializing-configure.html#Initializing-configure

Signed-off-by: Micah Abbott <miabbott@redhat.com>
2015-11-19 14:22:48 -05:00
Colin Walters
37ef92b966 Merge pull request #182 from mbarnes/rebase-tolerant-cleanup
Don't fail during rebase cleanup
2015-11-16 15:43:29 -05:00
Matthew Barnes
6c197455e1 daemon: Don't fail during rebase cleanup
Ignore errors during cleanup after a successful rebase.  The source
origin ref may not actually exist.  The issue linked below describes
one such case.

Fixes https://github.com/projectatomic/rpm-ostree/issues/179
2015-11-16 15:35:39 -05:00
Matthew Barnes
e1dc5fdbac libglnx: Pick up g_autoptr backport for GCancellable 2015-11-06 10:07:36 -05:00
Matthew Barnes
e61fbd144c Merge pull request #178 from mbarnes/enhanced-rebase 2015-11-06 09:16:09 -05:00
Matthew Barnes
9c81c47f2f tests: Add deploy command tests 2015-11-06 09:10:48 -05:00
Matthew Barnes
63d7ff8d5f daemon: Add rpmostreed_parse_revision()
Determines a revision argument to either be a SHA256 checksum or a version
metadata value.

The revision string may have a "revision=" prefix to denote a SHA256
checksum, or a "version=" prefix to denote a version metadata value.  If
the revision string lacks either prefix, the function attempts to infer
the type of revision.  The prefixes are case-insensitive.
2015-11-06 09:10:48 -05:00
Matthew Barnes
6114255b8e app: Split upgrade --check-diff into separate options
rpm-ostree upgrade --preview   - Just preview package differences,
                                 like deploy --preview
rpm-ostree upgrade --check     - Just check if an upgrade is available

In both cases, the exit codes are 0 (upgrade available), 77 (no upgrade
available) and 1 (error).

The --check-diff option still works but is deprecated and not shown in
the --help option listing.
2015-11-06 09:10:48 -05:00
Matthew Barnes
1c01141e0c app: Define a special exit code for no changes (77)
Used by upgrade and deploy to allow scripts to test for changes.
2015-11-06 09:10:48 -05:00
Matthew Barnes
a555af0050 app: Redo "update --check-diff" implementation
Don't remember why we're not using the daemon for this, but I already
went to the trouble of writing rpmostree_print_package_diffs() for the
"deploy" command.  Use it here as well.
2015-11-06 09:10:48 -05:00