IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is a better alternative to https://github.com/coreos/fedora-coreos-config/pull/830
Basically rather than trying to send this out to all FCOS users,
it's much saner to allow people to opt-in to it locally.
If we'd finished https://github.com/coreos/rpm-ostree/issues/2326
then this would be something as trivial as:
```
$ echo 'cliwrap: true' > /etc/rpm-ostree.d/cliwrap.yaml
$ rpm-ostree rebuild
```
Unfortunately that's not the world we live in, so a whole lot of
layers here need crossing to just propagate a boolean. And it
interacts in a tricky way with our change detection code.
But, it works and will allow people to try this out.
Other fixed problems:
- Our `rpm --verify` wrapping was broken
- Dropping privileges clashed with the default directory being `/root`,
so `chdir(/)` too
This new `rpm-ostree ex-container` CLI is just code copied
from the `ostree-ext-cli container` binary code. In the future
I may just add the CLI code as a library API too to simplify this.
For now, I don't want to try to add a new Rust CLI as an RPM
package for example. This exposes it via rpm-ostree, and
in the future rpm-ostree may have some layering on top of this
anyways.
This isn't important at all, but I am just trying to up my
"Rust iterator and mapping" skills. Here:
- In this case we always want to go from `Option<T>` to `Option<T>`,
so instead of destructuring `Some()` back to another `Some()`
we can use `as_mut()` to manipulate the inner vector directly.
- Now instead of destroying the inner `Vec<>` we need to use `drain()`
instead
- And then we can just `extend()` with a reversed iterator from
our explicit temporary
`syncfs()` isn't going to do anything on e.g. `tmpfs` and even
if it did wouldn't fix any race conditions because that's about
synchronizing in memory changes to disk, but won't change
what system calls return.
Some investigation turned up
https://stackoverflow.com/questions/14392975/timestamp-accuracy-on-ext4-sub-millsecond
and `current_fs_time` is now:
https://www.kernel.org/doc/html/v5.12/core-api/timekeeping.html
Basically there's a "coarse" time that might only update once every 10ms
for example.
Let's just sleep 100ms for now.
I think we should be using the inode versions, but we can investigate
that separately.
ostree hard requires UTF-8 paths (and really we should
never have any non-UTF-8 paths in the OS in general). The
camino library has types that are both `Path` and `&str` and
has a convenient `try_into()` too to avoid us duplicating
the error handling.
This addresses the server compose side of
https://github.com/coreos/rpm-ostree/issues/2584.
One tricky bit is handling overrides across included treefiles (or
really, even within a single treefile): as usual, higher-level treefiles
should override lowel-level ones. Rust makes it pretty nice to handle.
For now this just supports a `repo` field, but one could imagine e.g.
`repos` (which takes an array of repoids instead), or e.g.
`exclude-repos`.
The actual core implementation otherwise is pretty straightforward.
This should help a lot in RHCOS where we currently use many `exclude=`
directives in repo files to get it to do what we want.
This is also kind of a requirement for modularity support because as
soon as rpm-ostree becomes modules-aware, modular filtering logic will
break composes which assume rpm-ostree treats modular and non-modular
packages the same.
The only entrypoint so far doesn't use it (`countme`), but a future new
entrypoint will.
Also mention that the commands should add themselves to the array in
libmain.cxx if applicable so it shows up in `--help`.
Followup to https://pagure.io/fedora-infrastructure/issue/9909
In the refactor we were passing `unified_core: true` unconditionally which was wrong,
as that implies using fuse. Anyways what we really want here is an immutable bwrap
and not `rofiles-fuse` annyways. So refactor things to use that.
From https://kojipkgs.fedoraproject.org//work/tasks/7579/66867579/runroot.log
```
fuse: device not found, try 'modprobe fuse' first
fuse: device not found, try 'modprobe fuse' first
bwrap: execvp realpath: No such file or directory
fusermount: failed to unmount /tmp/rpmostree-rofiles-fuseAAphRY: Invalid argument
fusermount: failed to unmount /tmp/rpmostree-rofiles-fuseSCLs24: Invalid argument
error: Updating os-release with commit version: Running realpath: bwrap(realpath): Child process killed by signal 1
```
This is further hardening to prevent a situation like
https://github.com/coreos/rpm-ostree/issues/2771
where we would crash on an ostree-based host that has both
`/etc` and `/usr/etc` as physical directories.
That shouldn't happen after the bwrap fix, but we might
as well be more correct here.
We should never have any effect on the host system, so let's
use the more direct APIs which allow us to use the immutable
flag, don't mount `/var` etc.
Crucially this also avoids us running through the tempetc
guard which would try to rename `usr/etc` which can trigger
on an ostree based host.
Closes: https://github.com/coreos/rpm-ostree/issues/2771
We need to handle the case where no previous commit exists. This is
expressed from the C side by passing the empty string.
We're currently not testing this, though... AFAIK no distro uses this
right now anyway and hopefully we simplify a lot of this when we move to
systemd-sysusers!
Fixes: #2580Fixes: #2769
This ports to Rust the auto-tmfiles.d translation logic which is
meant to consume a populated `/var` and to produce a matching
`rpm-ostree-1-autovar.conf` instead.
It also adds a unit-test covering most codepaths.
