Commit Graph

345 Commits

Author SHA1 Message Date
Colin Walters
7ab2325081 ostree-nspawn: Correctly shift initial root argument 2014-07-20 07:33:47 -04:00
Colin Walters
9c81a83e14 README.md: We no longer need nss-altfiles on the host 2014-07-18 16:16:19 -04:00
Colin Walters
711745bbc6 Add: --sysroot and --os arguments
These match OSTree.  There are a variety of use cases here.  One is
for test suites; we can stand up a temporary sysroot directory, and
operate on content inside there.

Another is doing virtual machine upgrades offline from a host system,
or upgrading a different OS.

The duplication here is a bit unfortunate; if we add a lot more
commands we should revisit this and perhaps have a common option
group.
2014-07-17 12:59:38 -04:00
Colin Walters
f642512ae6 status: Don't require a booted deployment
I'm working on a patch to add --sysroot support, and for testing
OSTree stuff I often work from a "traditional" host workstation, and
then I have OSTree content in /.

This makes "atomic status" just work for that; I simply have no booted
deployment.
2014-07-16 16:17:59 -04:00
Colin Walters
932dbdfa67 Release 2014.104 2014-07-13 17:32:39 -04:00
James Antill
8a67101de7 Namespace and share DEFINE_TRIVIAL_CLEANUP_FUNC via. rpmostree-util.h
Conflicts:
	src/rpmostree-builtin-rpm.c
2014-07-11 16:47:05 -04:00
Colin Walters
827e711eb7 compose: Migrate content of /etc/{passwd,group} to /usr/lib more sanely
I had an epiphany today while working on
https://bugzilla.redhat.com/show_bug.cgi?id=1098304 - I realized that
I can just do an install, and then copy over everything except the
root entries from /etc/passwd into /usr/lib/passwd.

No need for a patched shadow-utils.  No need to modify the
/etc/nsswitch.conf before doing the install root.  It totally works.
I have no idea why I originally overcomplicated this.

The thing that sucks a bit about this code is that I have to drop to
the FILE * APIs so that I can use the glibc APIs for processing
group/shadow.

Also, the way I deduplicated the code paths for processing
passwd/group is crappy, but I think it's better than duplicating them
(as systemd-sysusers does).

The good: We don't need a two-step RPM transaction, we don't need
          a patch for shadow-utils, it's just saner
The bad: Code is not the most beautiful?  Not really bad.
The ugly: I didn't think of this in the first place and spent
          months beating my head against the wall of shadow-utils...
2014-07-10 18:50:54 -04:00
Colin Walters
aa5ae877de compose: Set SHADOW_USE_USRLIB
See https://bugzilla.redhat.com/show_bug.cgi?id=1098304
2014-07-09 17:29:28 -04:00
Colin Walters
fdb4724d69 compose tree: Read in security.capability xattrs
Per http://fedoraproject.org/wiki/Features/RemoveSETUID
many programs (famously /usr/bin/ping) switched to using
"file capabilities" instead of setuid.

rpm-ostree had code to specially handle SELinux labels, but was
discarding other xattrs.  Let's just whitelist reading in
security.capability.

Closes #14
2014-07-03 15:14:53 -04:00
Colin Walters
19d093a496 compose: Add --workdir-tmpfs
This ~halves the write traffic to my SSD when doing local composes.
My laptop has 12GiB of RAM, plenty for this.
2014-07-02 08:43:59 -04:00
Colin Walters
fd045ca511 Release 2014.103 2014-06-22 18:10:49 -04:00
Colin Walters
c577cb0296 packaging: Enable hawkey and usrbinatomic by default
This will break on F20 but if that starts being a problem we can work
around it with an automatic version check or so.
2014-06-22 18:03:21 -04:00
Colin Walters
f3b393ce03 README.md: Note that we work on the client as well 2014-06-20 11:02:24 -04:00
Colin Walters
d63bc65a06 compose: Tell yum not to cache packages locally
They get deleted anyways since we blow away the tmpdir, but we expect
people to be using a local HTTP proxy.  We stopped trying to cache
packages internally as that caused conflicts with the yum lock with
concurrently executing composes.
2014-06-19 11:57:33 -04:00
Colin Walters
8ee134909a design/package-layering: New file
I keep explaining the vision verbally, let's write it down.
2014-06-18 08:48:03 -04:00
Colin Walters
c23e0a9c37 man: A bit more fleshed out explanation of semantics, link to docker(1) 2014-06-17 16:42:30 -04:00
Colin Walters
3fae1238c0 man: Update leading para to note "atomic" name and client/server split 2014-06-17 16:38:04 -04:00
Anne LoVerso
e498016ff6 status: Rework format into columns
After a discussion on what the status command should offer a
sysadmin, we decided to try a column output format similar to that
of systemctl or docker images.  This will print the timestamp,
a truncated checksum, the osname, and the refspec of each
deployment.  It also includes a --pretty option to print
the information formatted in rows with the full checksum and a
title to specify the default and the rollback target.
2014-06-17 14:47:01 -04:00
Anne LoVerso
7ef1108a96 status: Rework code organization and readability
This includes several changes to format the code to follow GNU Coding Standards as per
the restof rpm-ostree.  This includes fixing indentations, adding spaces between
identifers and parentheses, replacing "goto print" with an else structure, and
reformatting print statements into complete sentences for internationalization.
2014-06-17 14:47:01 -04:00
Anne LoVerso
489b2e301f status: New builtin for system administrators to see deployments
This allows administrators to configure between deployments and easily see which deployment
they are booted into as well as indicating which is chronologically most recent.  This makes
the process more user-friendly, rather than requiring the user to remember which deployment
checksum corresponds to the most recent upgrade.
2014-06-17 14:47:01 -04:00
Colin Walters
227137ed41 compose: Add support for "default_target"
Currently the systemd RPM ships with default.target ->
graphical.target, which is either itself changed by Anaconda (via
parsing /etc/sysconfig/desktop, which...anyways let's stop here).

Or anaconda might set it directly to multi-user.target.

For rpm-ostree, we perform some minimal level of "preconfiguration"
per tree, so they are directly usable without an intervening
installer.

As an example for fedora-atomic/base/core, we just want
multi-user.target.  Thus, this patch provides the treefile author a
declarative mechanism to set it.
2014-06-17 13:49:15 -04:00
Colin Walters
903ac827c2 Release 2014.102 2014-06-13 12:39:23 -04:00
Colin Walters
c151b56595 compose tree: Cleanup workdir always
Particularly if we hit the cached case, but we might as well always do
it.
2014-06-11 07:27:31 -04:00
Colin Walters
87a00befe2 compose-tree: Auto-create cache directory
It's just more friendly.
2014-06-06 18:25:08 -04:00
Colin Walters
1613435f7d tree compose: Delete .dbenv.lock and __db.* files from /usr/share/rpm
Currently on an Atomic compose, I'm seeing abrtd trying to write to
/usr/share/rpm/.dbenv.lock, which is denied by policy because it's
usr_t.  There are multiple ways to address this, but there's no good
reason to leave the lock files and __db* files around.

rpm appears to operate correctly without them if calling process
merely gets EROFS.
2014-06-06 16:28:19 -04:00
Colin Walters
c8c54d5095 Delete repoquery-sorted script
This was used previously by the caching infrastructure, but is no
longer used.
2014-06-06 14:57:54 -04:00
Anne LoVerso
3256ba5383 manpage: Add clarifications and options on existing commands 2014-06-06 14:55:24 -04:00
Anne LoVerso
bbbf28db30 rollback: Add comment 2014-06-05 16:51:12 -04:00
Colin Walters
406b7207ca Release 2014.101 2014-06-05 08:59:06 -04:00
Colin Walters
35dc098c31 README.md: Add a note about HTTP proxy 2014-06-05 08:59:06 -04:00
Colin Walters
976c68542b Add a "rebase" builtin
This is exactly the code from "ostree admin switch", except it's
called "rebase" because in the future it will also carry along any
locally layered packages.
2014-05-29 18:00:11 -04:00
Colin Walters
7ba1a9b46f compose-tree: Fix location of rpmdb querying for caching
We were just repeatedly hitting the cache...oops.

Also add an assertion that the returned data isn't empty.
2014-05-29 14:57:55 -04:00
Colin Walters
bf0f3b3e80 composeui: Delete from here
This is now canonically in -toolbox.
2014-05-26 17:38:34 -04:00
Colin Walters
7ba5e4cb09 README.md: Link to -toolbox now 2014-05-26 17:36:45 -04:00
Colin Walters
7f7259ada0 build: Use ln -sf to help "sudo make install"
This way we don't error when installing over an existing install.
2014-05-26 15:41:58 -04:00
Colin Walters
5ed249c755 docs: Update rename of treecompose -> compose tree 2014-05-26 15:11:38 -04:00
Colin Walters
7c71fbc077 Add new "compose" builtin, rename "treecompose" -> "compose tree"
And do the same for "sign".  This way we can have the compose server
utilities cleanly separated from what most people will see, which is
the client side tools.
2014-05-26 15:05:08 -04:00
Colin Walters
9a73843908 New release; major version bump
This release splits off the old -autobuilder code into a new -toolbox
module, among other things.
2014-05-23 10:35:16 -04:00
Colin Walters
cc8e5ef97c build: Add --enable-usrbinatomic
The name "rpm-ostree" kind of sucks; see:
https://lists.projectatomic.io/projectatomic-archives/atomic/2014-April/msg00003.html

But we can't make a hard transition easily, so let's add a build-time
option to create an optional link for operating systems which want
this.
2014-05-21 08:21:36 -04:00
Colin Walters
9d954d433a treecompose: s/create/treecompose/ in help text 2014-05-20 21:37:51 -04:00
Colin Walters
6e2c55cebe packaging/Dockerfile: Make ENTRYPOINT just be rpm-ostree
We might want to add other commands later, so require specifying
"treecompose" explicitly.
2014-05-18 18:52:36 -04:00
Colin Walters
6fd8515f2e treecompose: Look for yum repo configs in same directory as treefiles
This is significantly easier than requiring mutation of the host yum
configuration.
2014-05-18 14:13:31 -04:00
Colin Walters
f203b60aa6 packaging: More Docker fixes 2014-05-18 14:13:13 -04:00
Colin Walters
2756398d84 treecompose: Honor http_proxy environment variable 2014-05-18 09:29:51 -04:00
Colin Walters
97607f22d5 packaging: Rework to also create Docker container 2014-05-18 09:26:13 -04:00
Colin Walters
18d0d989ae treecompose: Add initial caching
The way this works is still fairly naive in that we hash in two
inputs:

1) The treefile JSON
2) The result of rpm -qa

If both of those are a hit, we reuse the existing commit.
2014-05-16 04:29:17 -04:00
Colin Walters
ce862456e3 treecompose: De-indent unnecessarily indented region 2014-05-15 17:47:47 -04:00
Colin Walters
9eff6b5951 treecompose: Remove code to delete cached packages
No longer needed now that we recommend an HTTP proxy.
2014-05-15 16:57:43 -04:00
Colin Walters
a7905176a4 packaging: Add man page 2014-05-15 16:57:12 -04:00
Colin Walters
18b2121c91 Remove internal postprocessing support
It was too hacky.  If we do this it should be a higher level language
like what Lorax has.
2014-05-14 13:59:40 -04:00