IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Now that the `status` command learned a `--json` option, we can pretty
much avoid parsing human-readable output. The only piece of information
that is missing from the JSON output compared to the output for humans
is *which* deployment we're currently booted in.
This patch fixes that shortcoming by adding a "booted" boolean variant
to the deployment variant.
Closes: #350
Approved by: cgwalters
In order to make many things work, we need to run scripts. Short version:
For now, we:
- Run `%posttrans`
- Treat most `%post` as the same as `%posttrans`
- Ignore `%preun` and such since we never uninstall
Most importantly though, we start to build up an "override" list
for script handling. Currently it's just a blacklist of scripts
we don't need.
Significant work here would be needed to run Lua scripts, so far I've
been able to just skip them.
Closes: #338
Approved by: jlebon
We don't currently expect people to sign commits locally.
However, long term, I would like to support a verified boot model
where we still support layered packages. A system administrator could
log in and perform changes, and possibly use a remote hardware token
to sign the commit. Anyways that's for the future.
Closes: #346
Approved by: jlebon
I've found it's a lot less code to have multiple builtins share live
in the same `.c` file where they can share things like options.
Also, rename `pkg-delete` -> `pkg-remove` since the canonical antonym
of `add` is `remove`.
Closes: #345
Approved by: jlebon
By far the longest step in provisioning a new VM is the building of the
container. This helps alleviate things a little by caching it on the
host. It's not a complete solution however. We also need to make it easy
to update an existing container.
Closes: #344
Approved by: cgwalters
From Vagrantfile:
It's just easier to have ssh set up as root from the start so that tests
don't need to sudo, which can sometimes cause issues. If we need to test
any unprivileged things, we can still just sudo back into the vagrant
user.
Closes: #344
Approved by: cgwalters
This is a preliminary package layering test which simply installs the
foo package and verifies that it functions properly. A bunch of
primitives are added to libvm.sh to facilitate this and future tests.
Closes: #344
Approved by: cgwalters
We're going to be create many different packages in the future. Let's
refactor and generalize the targets so that they can build anything.
We also add a package foo, which will be used soon for a basic test of
package layering.
Closes: #344
Approved by: cgwalters
This is a very simple test harness inspired by the atomic one. It's a
simple bash script that sets up a permanent ssh connection to the host
and runs the test scripts. Also add a "demo" test-basic.sh test to make
sure that it works.
Closes: #344
Approved by: cgwalters
Add a HACKING.md document detailing how to get started and test
rpm-ostree using the vagrant box.
Fix the CONTRIBUTING.md link and add a link to HACKING.md in README.md.
Closes: #344
Approved by: cgwalters
If the dir that was rsync'ed already contains build artifacts, we don't
want those contaminating our build process.
Closes: #336
Approved by: cgwalters
Link to the Fedora bug that introduced this, and also change things so
it's also used for the "compose" case because:
- Again it doesn't add security
- Tools that operate on "compose" repos have to work around this
when doing checkouts, see e.g. https://lists.freedesktop.org/archives/xdg-app/2016-June/000241.htmlCloses: #335
Approved by: jlebon
I was in the process of trying to support `%post` scripts, and I
wanted to use `rpm-ostree container` for convenient and safe testing.
However the recent package layering changes broke it to error out
on perms like `filesystem`'s `root:mail` on `/var/mail`.
I decided to introduce a new `rpmostree_context_new_compose` which had
the current behavior, switch `compose tree` to use it, and then change
`_new_unprivileged` to *really* be unprivileged. Specifically we
ignore file ownership (and fix dir owners) because we assume we'll be
operating with `bare-user` repos.
Closes: #327
Approved by: jlebon
We need the ability to both add and remove packages as one
transaction in the general case (`Conflicts:`), plus it'd
be quite nice to allow users to do multiple package things
before rebooting.
And finally, this deletes a lot of duplicate code.
Where I'm really thinking this should go is we only have one
transaction type internally for at least upgrade/pkg as a group.
Closes: #326
Approved by: jlebon
I really want a command to cancel the running transaction, but as a
preparatory step, let's display what's going on in `status`.
The text output here is really a demonstration - I'll improve it but I
want to rework the internals first.
Closes: #320
Approved by: jlebon
In the future I want to add more content in the status such
as active operations, so let's make the "deployments" just
one entry in an object.
Closes: #320
Approved by: jlebon
Really...we should have done this since day zero. Given that the
final integration of package layering/compose/rpm caching is finally
over the horizion but not yet here, let's still do this now.
I plan to backport this patch to the 2016.3-fixes branch.
Closes: #332
Approved by: jlebon
In the future we'll be taking over pretty much all RPM functionality
(unpack/scripts) and will be able to provide a lot more useful
information more directly under our control.
But in the meantime:
- Set the default to "info" which is apparently where things like
corrupted packages will show up. It's just info you know?
- Allow callers to override this via environment variable, specifially
one can use "debug" for lots of info.
Closes: #331
Approved by: jlebon
According to tmpfiles.d(5), files should follow the convention
<package>.conf or <package>-<part>.conf. So we rename
tmpfiles-ostree-integration.conf to rpm-ostree-0-integration.conf.
The 0 index is so that the autovar conf created by postprocess is
sourced *after* this one, so that `integration.conf` has higher
precedence if there are duplicate entries.
Closes: #325
Approved by: cgwalters
The `make vmshell` target makes it even easier to immediately try out
your changes in a live running Atomic Host. It will automatically
provision the VM, sync your latest changes, build, install in a new
deployment onto which the VM is rebooted, and drop you in the shell.
Closes: #321
Approved by: cgwalters
In order for vmcheck to be useful for testing, we need the machine to be
in a "clean" state. That is, sitting on a commit, ready for being
manipulated.
This is a small step towards this goal. Instead of overwriting the
files, we use rofiles-fuse to safely install and create a new
deployment.
Closes: #321
Approved by: cgwalters
Right now, while one can `pkg-add strace`, there are a lot of
packages with `%post`. Since some current developers want
to use package layering as it is today, let's add the concept.
Even after we have a whitelist of scripts and have cleaned up Fedora
to use them, we'll still have potential issues with 3rd party RPMs
etc. for a long time, so allow people this out to stumble forward for
those and potentially run them by hand if necessary.
Closes: #311
Approved by: jlebon
A friend once convinced me that having two boolean arguments to a
function was bad, three or more really should be converted into flags
to avoid confusion.
I plan to add another.
Closes: #311
Approved by: jlebon
This is bringing forward an old PR for libhif:
https://github.com/rpm-software-management/libhif/pull/39
Right now, we aren't running `%post` or any of the other variants. A
lot of packages will work if we just ignore `%post`, others won't.
Let's be conservative until we start running them, and don't imply we
support things we don't yet.
Closes: #311
Approved by: jlebon
This squashes an ugly `/var/tmp/rootfs.XXXX/usr/share/rpm: ENOENT`
warning that occurs because we were nuking the temporary rootfs
before cleaning up the context object, which was indirectly
holding references to it.
Closes: #319
Approved by: jlebon
It's really simple to reflect the DBus API into JSON, which tools like
Ansible or `jq` from the command line or whatever can parse to find
interesting things like the current version.
Closes: #301Closes: #315
Approved by: jlebon
I was running out of RAM doing builds in the VM with just 512MB.
I think for single host machines, we can assume a lot of RAM.
If one is doing multi-node Vagrant that's a different thing.
Also update the comment at the top.
Closes: #313
Approved by: jlebon
I think most users are really going to be interested in the base/origin
commit, and not whatever the stuff they made locally happened to hash
to.
Closes: #295
Approved by: jlebon
I really don't like doing a `g_warning()` in the middle of a call
stack and stumbling onwards. If we fail to load a commit, we should
pass the error back up to toplevel boundary - normally a DBus method
invocation. As opposed to giving partial or incorrect data.
This is a preparatory (git) commit for adding more data from the
(ostree) commit to the deployment variant.
Closes: #295
Approved by: jlebon
- `ostree_sysroot_get_deployments()` cannot fail (only assert)
- Relying on setting a GError to detect the rollback only to
clear it was a bit weird; instead just pass `NULL` there.
Closes: #295
Approved by: jlebon
With the end goal in mind that I want to optimize for the case
of 1-2 deployments, it's actually a lot simpler to just
nuke the whole current column base.
It just really doesn't make sense with layered packages, and even
before then, I usually found the timestamp and osname columns
redundant.
Closes: #295
Approved by: jlebon
It's slightly prettier, but this is just laying some
groundwork/precedent for importing more systemd code and using it for
our formatting.
Closes: #295
Approved by: jlebon
I find myself not liking the name rpm-ostree anymore; it's
descriptive, but unfortunately we compete with other projects with
easier and sexier names.
Also, people continually find the ostree and rpm-ostree layering
unclear. It's *much* easier to say "nxs depends on ostree", even
though textually it's obvious "rpm-ostree depends on ostree".
Anyways, just an experiment for now.
Closes: #307
Approved by: giuseppe