Commit Graph

70 Commits

Author SHA1 Message Date
Colin Walters
975c0703c3 [ASAN] tree-wide: Clean up gvariant-related leaks
I kept thinking `^a&s` was sufficient for allocation-free reading
of `as`, but it's not, we need to free the outer buffer.  Other
minor cases were using `s` instead of `&s`.

Closes: #533
Approved by: jlebon
2016-12-06 16:47:26 +00:00
Colin Walters
6074a6d728 daemon: Use new OSTree API to verify commits by remotes
Otherwise, we would show remotes using the new `gpgkeypath`
as unknown.

See: https://github.com/ostreedev/ostree/pull/575
See: https://github.com/ostreedev/ostree/issues/573
See: https://bugzilla.redhat.com/show_bug.cgi?id=1393545

Closes: #521
Approved by: jlebon
2016-11-17 16:32:11 +00:00
Colin Walters
a9ccf765c4 daemon: Fix use of a potentially uninitialized variable
If there's no origin, we'd be adding undefined stack memory for
the value of `gpg-enabled`.

Closes: #501
Approved by: jlebon
2016-10-27 14:30:47 +00:00
Colin Walters
4ccee066a0 Add gpg-enabled to DBus data, hide GpgSignature field if disabled
It's really in-your-face for admins to see `(unsigned)` which originally
was intentional, but in practice right now at least several major
users (Fedora, RHEL) don't enable GPG signatures.

So let's just hide it if not enabled.

Perhaps in the future we should add a `-v` option or something which
would show all of the fields even if not enabled.

Closes: #399

Closes: #402
Approved by: jlebon
2016-07-21 20:52:28 +00:00
Colin Walters
803ebebc21 daemon: Do resolve rev for deployment variant details
Previously in #353 we changed this to not resolve the rev, but
that breaks the `CachedUpdateDetails` which actually wants it
to be resolved, to show pending updates.

This effectively reverts 749a5f03a8586392cafff949075c45a040d4e984
and changes things so we set `allow_noent=TRUE` and if there is
no ref, just return the deployment checksum.

Fixes: 749a5f03a8586392cafff949075c45a040d4e984
Closes: #392

Closes: #398
Approved by: jlebon
2016-07-18 18:12:29 +00:00
Colin Walters
ce73e4d9cc daemon: Clean up CachedUpdate GError usage
In looking at this code, I noticed we were incorrectly mixing
`Option(GVariant)` with GError handling.  If the deployment
had no refspec we'd return `NULL` but not set `error`.

Fix this by requiring a respec, and change the single caller that
relied on this to check outside.

Closes: #398
Approved by: jlebon
2016-07-18 18:12:29 +00:00
Jonathan Lebon
8c76381a97 daemon: only add base-checksum if pkgs layered
The origin might have an empty "requested" key in the "packages"
section, which is probably an indication that packages were once added
but were then removed.

Explicitly check the length of the pkg array in case it's actually
empty before adding the base-checksum to the deployment variant.

Closes: #371
Approved by: cgwalters
2016-07-05 15:26:45 +00:00
Jonathan Lebon
8be7d4968a daemon: don't try to resolve rev
During the initialization of the daemon, it would try to load the
deployments and cache a few things. One of these steps wanted to look up
the rev of the deployment. However, if the rev no longer exists (e.g. we
just did a rebase, purged the ref, and rebooted), this would error out.

Replace the lookup by simply directly using the csum from the
deployment.

Closes: #353
Approved by: cgwalters
2016-06-27 17:29:26 +00:00
Jonathan Lebon
225be81c40 RPMOSTreeSysroot: add "booted" entry to deployment variant
Now that the `status` command learned a `--json` option, we can pretty
much avoid parsing human-readable output. The only piece of information
that is missing from the JSON output compared to the output for humans
is *which* deployment we're currently booted in.

This patch fixes that shortcoming by adding a "booted" boolean variant
to the deployment variant.

Closes: #350
Approved by: cgwalters
2016-06-25 12:23:04 +00:00
Colin Walters
6130032e80 daemon: Check for GPG signature on base commit, not layered
We don't currently expect people to sign commits locally.

However, long term, I would like to support a verified boot model
where we still support layered packages.  A system administrator could
log in and perform changes, and possibly use a remote hardware token
to sign the commit.  Anyways that's for the future.

Closes: #346
Approved by: jlebon
2016-06-23 18:03:07 +00:00
Colin Walters
d587051d0f daemon: Add base-commit to deployment metadata
I think most users are really going to be interested in the base/origin
commit, and not whatever the stuff they made locally happened to hash
to.

Closes: #295
Approved by: jlebon
2016-06-09 19:33:19 +00:00
Colin Walters
879ecbe6f1 daemon: More error handling cleanup for loading deployment metadata
I really don't like doing a `g_warning()` in the middle of a call
stack and stumbling onwards.  If we fail to load a commit, we should
pass the error back up to toplevel boundary - normally a DBus method
invocation.  As opposed to giving partial or incorrect data.

This is a preparatory (git) commit for adding more data from the
(ostree) commit to the deployment variant.

Closes: #295
Approved by: jlebon
2016-06-09 19:33:19 +00:00
Colin Walters
ea4fdf1692 daemon: Insert unlocked state into deployment dict
So we can consume it via `rpm-ostree status` etc.

Closes: #295
Approved by: jlebon
2016-06-09 19:33:19 +00:00
Colin Walters
beb026f701 pkg-add: New builtin to layer additional packages
This builds upon the earlier prototype in
https://github.com/cgwalters/atomic-pkglayer

The `.origin` file says for a replicated installation:

    [origin]
    refspec=local:rhel-atomic-host/7/x86_64/standard

If you then run `rpm-ostree pkg-add strace`, it will result in a new tree with:

    [origin]
    baserefspec=local:rhel-atomic-host/7/x86_64/standard

    [packages]
    requested=strace;

Work still remaining here is to teach `rpm-ostree status` and
`rpm-ostree upgrade` about this.

Closes: #289
Approved by: cgwalters
2016-05-27 22:18:44 +00:00
Colin Walters
6b4becaef3 daemon: Generate more predictable "id" variables for deployments
We can't rely on the the GLib hash functions not changing (or being
stable across host systems).  Basically here we have a "stringified"
deployment...it might be simpler to just declare this stable.
2016-03-03 10:49:12 -05:00
Colin Walters
2adf0fce47 daemon: Treat local deployments as gpg-verify=false
Otherwise we trip an assertion.  In the future I think we should
likely encourage `file:///ostree/repo` or so, and thus support
`gpg-verify`.
2015-12-29 08:20:05 -05:00
Matthew Barnes
6f184d6072 daemon: Remove equivalence check for details variant
rpmostreed_commit_generate_cached_details_variant() returns NULL if the
origin checksum of an OstreeDeployment matches the checksum of a refspec,
which may also be the OstreeDeployment's origin.

I don't understand the reasoning for that, especially since none of the
callers are prepared to deal with a NULL return.  Nor is there a comment,
so remove the check.

This was making the daemon crash on

  rpm-ostree deploy --preview <current-deployment-checksum>

which should just indicate no package differences.
2015-11-06 09:10:48 -05:00
petervo
cb6ed53fec daemon: Expose details for cached updates
Adds a CachedUpdate property that allows clients
to see version, timestamp and other detailed
information for pending updates. Additionally
changes to this property signal clients that a
new rpm-diff can be fetched with GetCachedUpdateRpmDiff.

This will be used by the Cockpit interface.
2015-09-29 17:38:51 -07:00
Matthew Barnes
a22c592a78 daemon: Use GVariantDict ("a{sv}") for deployments
Allows for future extensibility.  Also some of the optional attributes
can actually be optional.  See the XML interface spec for the key names.
2015-09-09 22:00:06 -04:00
Matthew Barnes
aaadcba77b daemon: Rename all the things!
Use 'rpmostreed' as the symbol prefix.
2015-09-09 22:00:05 -04:00