IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Amazingly we had 3 variations of this bug in the different
layers above using the `RpmOstreeContext` API (in compose, container,
and layering).
We fixed the first two already, this fixes the last one. We
get a warning if librpm holds a ref to a deleted rpmdb.
Closes: https://github.com/projectatomic/rpm-ostree/issues/987Closes: #994
Approved by: jlebon
This ensures we close the rpm database before we start moving
things around during postprocessing, and avoids a warning about
the rpmdb going missing being printed at the end of a compose.
Related: https://github.com/projectatomic/rpm-ostree/issues/987Closes: #989
Approved by: jlebon
This PR uses https://github.com/ostreedev/ostree/pull/1156
to ensure that when installing packages containing files with
exact same content, the files will be merged.
When installing packages containing conflicting files,
the error will still be detected at the ostree side.
The checkout overwrite option at rpm-ostree side is also
modified to accomodate the changes made in ostree side.
A test is added for regression
Commands like `upgrade` and `deploy` need to know if a new deployment
was actually laid down so that it may print a pkg diff if so. This is
implemented by listening for changes to the DefaultDeployment D-Bus
property. D-Bus emits a signal when the deployment variant changes
value.
However, in #595, with the introduction of `pending-*` related keys, the
deployment variant no longer represents data solely tied to that
specific deployment. In this case, because `deploy` operations currently
set the ref to the resolved checksum, it can happen that deploying the
same base commit when the current refspec *isn't* pointing to that base
commit will result in the `pending-*` keys dropping out and a default
deployment change notification going out.
In this patch, we strengthen how we determine whether a new deployment
was laid down by actually looking at the deployment id, rather than just
assuming that a change to the property implies a new deployment.
Closes: #981Closes: #984
Approved by: cgwalters
Also something I noticed while working on #981. When sitting on a livefs
commit, once a user does `rpm-ostree cleanup --pending --rollback`, it's
impossible to redeploy the same booted commit. Let's allow users to do
this.
Closes: #984
Approved by: cgwalters
Currently, when setting the `override-commit` key in the origin, the
upgrader pulls that commit checksum directly and then updates the
refspec to point to it. This behaviour was inherited from its ostree
version; at the time it was implemented, the pull code didn't support
passing a specific commit for a given refspec. However, we now have
the override-commit-ids option, which will make libostree update the ref
for us.
We change the code here to make use of it and simplify the function.
This also fixes the corner case of local branches: we shouldn't change
the ref if we're on a local branch. This is actually what drove me to
this patch as I was debugging #981.
(Aside: I'm still not convinced updating the refspec is always the
correct thing to do even in the remote case, though it's a bit messy to
disentangle).
Closes: #984
Approved by: cgwalters
Prep for changing `boot_location: new` to use `/usr/lib/ostree-boot`
and `/usr/lib/modules`. Rework our kernel postprocessing
so that we unify the `boot_location` handling with initramfs generation.
Instead of doing the initramfs first in postprocessing, we do it nearly last,
after e.g. `etc` is renamed to `usr/etc`. This has some consequences, such as
the fact that `run_bwrap_mutably()` is now called in both situations. In
general, our handling of `etc` is inconsistent, although understandably so.
As part of this, I finally got around to implementing the bit from
https://github.com/systemd/systemd/pull/4174 however suboptimal it is; need the
unified core so we can cleanly ignore the posttrans like we do others. We
intentionally keep the file around in the generated tree so that installing a
kernel RPM per client doesn't try to do any of this either.
This all gets folded together so that the logic for handling the bootloader gets
simpler - in the Fedora case, we now know to find kernels in `/usr/lib/modules`
and can ignore `/boot`.
Closes: #959
Approved by: jlebon
We have 3 locations to find kernels now; I can't think of
a reason to support placing kernels *only* in `/boot`. The
original commit
15ecaacd36
doesn't give a reason, and I certainly can't think of one now.
This makes `legacy` be an alias for `both`, which should be fully compatible.
Prep for further refactoring towards changing `new` to mean both
`/usr/lib/ostree-boot` *and* `/usr/lib/modules`.
Closes: #959
Approved by: jlebon
Make `upgrade` use the same trick as `deploy` to determine if a new
deployment was laid down. Apart from those two, all other operations
that can lay down a new deployment always do so in the happy path.
Prep for further work.
Closes: #983
Approved by: cgwalters
Today in Fedora the `glibc-all-langpacks.posttrans` is implemented
in lua, for no good reason. See:
https://bugzilla.redhat.com/show_bug.cgi?id=1367585
Since that's stalled out, let's add support for overrides. This
is obviously a much bigger step with more long term maintenance
implications over our current "ignore scripts" list. But we can't
block either.
This is needed for unified core work:
https://github.com/projectatomic/rpm-ostree/issues/729
(We also override `fedora-release-atomichost` but I'll likely
submit a patch for that upstream)
Closes: #980
Approved by: jlebon
I was linking to this code from elsewhere and noticed that
for our hardlink breaks we were not using fd-relative even
though we can. Down the line if we fork librpm into a separate
process and do e.g. `--dbpath=.` it'll do it too.
(Side note, I verified that commenting out the hardlink breaking
here was caught by the `ostree fsck` I added to the test suite)
Closes: #979
Approved by: jlebon
Started on porting to the new `glnx_fstatat_allow_noent()`. The
usage varies a lot and it felt easy to screw up, so I'm just
starting by doing a few of them.
Update submodule: libglnx
Closes: #978
Approved by: jlebon
I'd like to cut down on the number of tempdirs we make; when
debugging with gdb I often use e.g. `r` to restart forcibly, and
that leaves the dirs around.
Previously we'd make a tmpdir per relabeled package; this hoists it into a
well-known "relabel/" subdir of the per-core tmpdir we make. (A next step here
is to dedup the core tmpdir with the tmpdir that the upgrader makes)
Further while I'm here, let's use a single OSTree transaction for all of the
relabeling; the rationale here is that it's better to do fewer `syncfs()`
operations.
Closes: #970
Approved by: jlebon
This fixes `rpm-ostree reload` as root, and supports configuring
it to be enabled for other users as well. This was overlooked
in the polkit work originally.
Closes: https://github.com/projectatomic/rpm-ostree/issues/976Closes: #977
Approved by: jlebon
At one point `rpm-ostree install libvirt` dragged in libguestfs which in turn
brought in `syslinux-extlinux-nonlinux` which has files in `/boot/extlinux`,
which we rejected. (That dependency chain appears to have been fixed currently)
For the general case, this is just a partial fix in that we haven't nailed down
the semantics of how updates for `/boot` work. But in this particular case,
we'll just break libguestfs' `extlinux` verb, which I'm OK with.
Another case is `fwupdate-efi` - we require manual intervention to copy the
data into `/boot` after installing the package.
This is also preparation for [unified core](https://github.com/projectatomic/rpm-ostree/issues/729)
in that we now ensure imported kernels don't end up in `/boot` unless
explicitly configured.
Closes: https://github.com/projectatomic/rpm-ostree/issues/853Closes: #969
Approved by: jlebon
I noticed our C-style comments were actually showing up in the generated hash
table. Consistently use gperf's `#`, and also move all comments to the line
above the value for more readability.
Closes: #967
Approved by: jlebon
While working on unified core and the Fedora Atomic Host content set, I hit a
dependency between `docker.posttrans` which tries to read `/etc/os-release`, and
`fedora-release-atomichost.post` which creates that symlink.
It seems best practice to me to run `%post`s strictly before
`%posttrans`; we're not likely to do parallelization anytime
soon anyways.
While here I cleaned things up by having an enum for the script kind,
rather than multiple functions, otherwise we would have had another
wrapper in core.c.
Closes: #963
Approved by: jlebon
I initially thought I wouldn't need this but it turns out it makes things nicer
unified core. In the legacy path we'll need to write
`etc/passwd`, but now we need `usr/etc/passwd` in the unified path, and
we can start to match up with the other code paths which are fd-relative.
Closes: #950
Approved by: jlebon
The core use case always enabled this; we exposed it on the command line, but
honestly I think it's a lot simpler if our imports always enable this. If we
need to *undo* it (for example, generating a "traditional feeling" OCI/Docker
image a la <https://github.com/projectatomic/rpm-ostree/pull/367>), we can
easily do that as postprocessing afterwards.
Closes: #951
Approved by: jlebon
We should be using `g_propagate_error()` to ensure we handle the case where the
caller specifies `NULL` for the error.
Closes: #951
Approved by: jlebon
Just noticed this while trying out the unified core work. We were
passing arguments in the wrong order (or alternatively, receiving them
in the wrong order).
Closes: #952
Approved by: cgwalters
This is a trap when doing style porting; we added a rule to ostree's `maint.mk`
to catch it but not here. Not sure I want to add `maint.mk` here yet.
Note that in newer libglnx `glnx_opendirat()` does error prefixing, so
drop the prefixing there.
Closes: #943
Approved by: jlebon
It was partially removed in 325ee354e9
from PR #873 - this removes all of the rest of the layers in
the daemon and core for this.
Note that while working on this I found it astoundingly confusing that
`rpmts_add_install()` and `add_install()` had separate orderings for `gboolean
noscripts, is_install`. That's fixed by having the latter lose the `noscripts`
flag entirely, but while we're here change `rpmts_add_install()` to use flags
for clarity.
Closes: #938
Approved by: jlebon
Missed this in the tmpdir porting since it used `g_mkdtemp_full()`.
We also now have autocleanups for `OstreeRepoCommitModifier`.
Closes: #939
Approved by: jlebon
I was about to copy this bit from the daemon for subprocess work, so let's
centralize it. Further, we should invoke `setenv()` as early as possible; see
<https://sourceware.org/bugzilla/show_bug.cgi?id=15607#c2>.
Closes: #934
Approved by: jlebon
See <https://github.com/projectatomic/bubblewrap/pull/165>; really every
bwrap use case I can think of should specify this (including ours), it's
just not the default out of conservatism.
This way if the daemon happens to e.g. SEGV it'll also cleanly `SIGKILL` any
outstanding scripts.
Was just looking at our bwrap usage for multiprocess work.
Closes: #936
Approved by: jlebon
Lots of cleanups, and this also allows us to fully port to new style in several
places.
We can drop our own `rpmostree_mkdtemp()`.
Update submodule: libglnx
Closes: #928
Approved by: jlebon
Since we have a copy of this libostree code, pick up the new
changes from <https://github.com/ostreedev/ostree/pull/1055>.
Note the added test doesn't really test our logic since
we're only doing local pulls, but at least we have something.
Closes: #932
Approved by: jlebon
There's no reason to touch things in the target root *before*
we've even downloaded the repodata. Further, doing so has
the potential trigger the "existing root" logic in libdnf if
it detects `/usr`. This doesn't matter now since we're writing
to `/etc/`, but it will for later work, so let's put these bits
in the right place.
Prep for <https://github.com/projectatomic/rpm-ostree/pull/927>
Closes: #931
Approved by: jlebon
systemd has to go to a bit more effort to integrate `syslog()`, let's
use the journal directly for consistency. Just happened to be
reading the code.
Closes: #921
Approved by: jlebon
Make use of the new journal-msg signal that OstreeSysroot emits. Since
we now also only rely on the output API to print messages, this allows
us to drop the outrageous hacks we had to do to watch our own stdout,
part of which Coverity didn't like.
Coverity CID: 163694
Closes: #919
Approved by: cgwalters
There were places where we were relying on the stdout self read hack to
relay messages to clients. Fix those by explicitly using the output API
in all spots where the daemon may pass. Really, we should exclusively be
using the output API in the daemon and libpriv trees, though many other
instances exist for now.
Closes: #919
Approved by: cgwalters
This closes a longstanding bug - since package layering first
landed, we only checked for newer RPMs if the base tree changed.
In some scenarios like RHELAH, this doesn't matter much by default
since they move at the same cadence. Except if you use EPEL for example.
In Fedora, today the FAH releases are async of the rpm-md repos, and
there's also COPR which can update more than once a day even.
We should check for both update sources. Luckily we'd already introduced logic
for this in the treecompose case (checksumming the depsolved package sack). We
just need to start using it for client side assembly too.
Closes: https://github.com/projectatomic/rpm-ostree/issues/391Closes: #911
Approved by: jlebon
`g_mkdtemp_full` returns a pointer to the template var itself or NULl on
error. We were treating it like an integer.
Coverity CID: 163698
Closes: #918
Approved by: cgwalters
I hesitated on this one. Really, we *could* just explicitly cast the
result to mark it as used, though OTOH, we really should at least drop
something in the journal. It's not fatal, but it shouldn't happen so we
should know about it.
Coverity CID: 163717
Closes: #918
Approved by: cgwalters
1. We weren't initializing all fds to -1, but 0 is a valid fd number.
2. We were checking for nonzero rather than explicitly for -1.
Coverity CID: 163691
Coverity CID: 163700
Coverity CID: 163714
Closes: #918
Approved by: cgwalters
Before, when using rpm-ostree -h command, the command
description was shown together with the command itself
Now, we separate the command description out, providing
user a better view of the description.
Closes: #916
Approved by: jlebon
This is no longer necessary since we switched to tracking livefs state in the
origin, and we don't support changing content outside of `/usr` right now
via livefs.
Just noticed this while looking at the livefs code.
Closes: #912
Approved by: jlebon
Move basically everything except early option
processing into a helper function.
Also update a few other misc bits above that to new style.
Closes: #904
Approved by: jlebon
Down the line when we have a unified core, this will be totally unnecessary.
Even without that, it's not worth the maintenance pain for us. Anyone who wants
this can easily on their own mount a tmpfs and point us at it with --workdir.
Prep for further code cleanup.
Closes: #904
Approved by: jlebon
The rebase command syntax has confused people a lot. Let's follow
git here and add a `-b/--branch` option and encourage people to use
that. The case of switching remotes is `-m/--remote`; it's definitely
unfortunate that `-r` is already taken for `--reboot`.
One thing I'm a little bit unhappy about is how we're doing logic
on the client side here. Changing the DBus API for this would
also be awkward though.
Closes: https://github.com/projectatomic/rpm-ostree/issues/886Closes: #890
Approved by: jlebon
The script delay is annoying; some of them take over half a second here. This
helps with debugging. Another enhancement we could make after this is aborting
scripts that appear to be hung after e.g. 30 seconds, and logging that.
Closes: #905
Approved by: jlebon
The new API to find pending and rollback deployments do so relative to
the booted deployment. This caused an interesting behaviour: the first
time a user uses "rpm-ostree rollback", it would (as expected) move the
previous deployment first. but the second call to "rpm-ostree rollback"
would fail since there were now no more rollback deployments.
We fine tune the logic here to allow this, as well as the more general
case of putting the booted deployment back on top.
This fixes a subtle regression from b7cf58e
(https://github.com/projectatomic/rpm-ostree/pull/767).
Closes: https://github.com/projectatomic/rpm-ostree/issues/906Closes: #907
Approved by: cgwalters
Now that the query_deployment() function was upstreamed in ostree (see
https://github.com/ostreedev/ostree/pull/897), let's just use it from
there and drop our copy here.
Closes: #907
Approved by: cgwalters
Prep for more code cleanup here and porting to new style. We
had a mix of owner pointers. Fix this by consistently having
the `self` struct own the data.
Closes: #903
Approved by: jlebon
Some of the scripts can be expensive (`shared-mime-info` for example), and we
appear to be hanging for at least a few seconds even on fast hardware. I'd like
to have a lot more logging here...potentially something like showing
individual package names live in the terminal, but this is a start.
Closes: #902
Approved by: jlebon
When commit metadata contains ostree.endoflife attribute,
its information will be added to the deployment Variant,
which will later be shown as a red & bold message when
'rpm-ostree status' command is called.
A test is added for future regression
Closes: #889
Approved by: cgwalters
File triggers are a post-RHEL7 thing; more information at
http://rpm.org/user_doc/file_triggers.html
There are two notable users I've been testing this with;
`glib2` and `vagrant`. The `vagrant` one is more immediately urgent,
since it makes `vagrant-libvirt` work, which I currently rely on
for my workstation dev.
I've tested things successfully with `vagrant`, and I did verify that we run the
`glib2` ones when doing `rpm-ostree ex container`.
Long term, more transaction file triggers are likely to live in
"base" packages like `glib2`. We don't implement those yet, but
extending this to do that shouldn't be too hard.
There was *significant* what I'd call reverse engineering of the
implementation in librpm. The file triggers code there is spread out
and abstracted in a few different places in the code. I found
trying to understand what header values were involved to be quite
tricky.
There are some corner cases like multiple patterns that I *think*
this does correctly, but could use more validation. The main
question I had was - is it required that the patterns for e.g.
`%transfiletriggerin` and `%transfiletriggerun` be identical?
Closes: https://github.com/projectatomic/rpm-ostree/issues/648Closes: #869
Approved by: jlebon
Follow-up tweak to #894. Make the client smarter so we only register
when we know we can. We could be more sophisticated here and e.g.
introduce the concept of "read-only" clients in the daemon to only allow
access to non-mutating methods, though let's delay that discussion at
least until the daemon learns to auto-exit.
Closes: #898Closes: #900
Approved by: cgwalters
This is a followup to https://github.com/projectatomic/rpm-ostree/pull/888
but more comprehensive; in the layering case, the sanitycheck runs
after all the `%posttrans` scripts, so we'll get a consistent error message
for the `rm -rf /` test.
We also do the sanitycheck for the "pure ostree" case, as well as cases
where we didn't actually layer packages (including `ex override remove` as
well as simply regenerating an initrd).
There's obviously a lot more we could do in a sanitycheck; as I say in the
comment it's tempting to consider trying to boot systemd (in a fully volatile
config), but for now let's do this. In the end of course the admin has rollback
too.
Closes: #892
Approved by: jlebon
Spawn pkttyagent when trying to call a method that may require
authentication to give users a chance to provide auth right from the
terminal.
Since we're now relying on polkit for authorizing most of the OS
interface methods, let's drop the root check on those.
Closes: #894
Approved by: cgwalters
Drop the root check for RegisterClient() so that any UID can use it to
then safely invoke methods. UIDs which already have an active session do
not need to authenticate for RegisterClient().
In order to implement this, we move the polkit authority setup into the
RpmostreedSysroot object and enable polkit on the interface.
Closes: #894
Approved by: cgwalters
The version checking function in particular is really useful for people doing
`from gi.repository import RpmOstree`, which we'd like at least some things like
Anaconda and Pungi to do.
Closes: #891
Approved by: jlebon
For https://pagure.io/atomic-wg/issue/299 we need to make it
more convenient to substitute the architecture in an installation
context. I plan to use this API inside `rpmostreepayload` in Anaconda,
so we can substitute the same value of `${basearch}` we use in treefiles
since https://github.com/projectatomic/rpm-ostree/pull/305
Now, you might wonder - why do we need an API wrapping libdnf? It's because
libdnf is not API stable yet. We're just exposing a tiny subset. In theory we
could use the Python dnf bindings in Anaconda, but things get slightly weird if
rpmostreepayload depends on dnf. Perhaps we'll do that down the road, but for
now this a small API surface to maintain (forever).
This change reworks the internal `varsubst` bits to take a pure `DnfContext`,
since we don't want to spin up a whole `RpmOstreeContext` just to do some
string substitutions.
Closes: #877
Approved by: jlebon
Closes: https://github.com/projectatomic/rpm-ostree/issues/546
Previously, we'd open up the host's rpmdb for both `compose tree`
and `ex container`. In the first case, because we require root, we'd
succeed. For `ex container`, we'd spew an error.
Fixing this was trickier than I thought. First because there was
*also* a libdnf bug here: https://github.com/rpm-software-management/libdnf/pull/307
Second, there's a compatibility hazard here for anyone using `.repo` files that
reference `$releasever`. This actually happened to me with `ex container` as I'd
just done a `ln -s /etc/yum.repos.d/fedora.repo rpmmd.repos.d`. I fixed
that first by doing a `sed -i -e 's,$releasever,26,' rpmmd.repos.d/*.repo`.
As far as I can see today, none of Fedora Atomic or CentOS AH rely on this. But
in order to enhance compatibility, let's add a "releasever" option. This makes
it easier again to reuse stock `.repo` files if we wanted to do so.
(Also, I realized we can just use `/usr/share/empty` as *the* canonical immutable
empty directory)
Closes: #875
Approved by: jlebon
This is required for glibc-all-langpacks at least:
https://bugzilla.redhat.com/show_bug.cgi?id=1367585
Otherwise, its usage is...extraordinarily rare. In fact looking at a snapshot of
`rpm-specs-20170518.tar.xz` from Fedora, the only other use is in
`postfix.spec`, and it appears bogus (the value is already expanded at build
time).
But the glibc case is special, as the value of `install_langs` is indeed
potentially dynamic per system.
Closes: #873
Approved by: jlebon
No functional changes; the main thing is to change the "ignore" case to an early
return, and also introduce a "medium level" function that does argument parsing.
Prep for file trigger work.
Closes: #873
Approved by: jlebon
This was a transient hack that I don't think we need any longer.
Since then we've now committed to e.g. ignoring `%pretrans` etc.,
and we also have the hardcoded blacklist.
It never really worked in a complete sense since one would have to re-specify
the ignore on every operation, which was not sustainable.
Closes: #873
Approved by: jlebon
We don't care about repos enabled only for METADATA. This works around
an interesting libdnf behaviour in which all repos in redhat.repo are
enabled for metadata, even if disabled.
Downstream RHBZ: #1468302Closes: #863
Approved by: cgwalters
Add experimental support for replacing packages from the base layer with
local RPMs. This is useful for example, to cherry pick a fixed package,
or to roll back to a previous package version. Like with pkg removals,
only files in /usr are actually replaced.
This patch also contains a few usability improvements as well, e.g.
showing the full NEVRA of removed packages rather than just their names,
and support for resetting overrides using either the pkgname or NEVRA.
Closes: #852
Approved by: cgwalters
This function was already mostly in the new style. Just moving the
declarations closer to where they are used. No functional changes. The
logic will be tweaked in an upcoming commit.
Closes: #859
Approved by: cgwalters
Seen in the wild with `vagrant`'s use of `%post -p /usr/bin/ruby`. This was a
very easy fix, and actually makes the code a little bit nicer, as we no longer
need to explicitly make the script executable, since we now pass it as
`argv[1]`, the same way librpm does. That in turn would make it possible to fix
the TODO and use `bwrap --file`, but that can come later.
Closes: https://github.com/projectatomic/rpm-ostree/issues/856Closes: #858
Approved by: jlebon
I initially planned to use the metadata tmp dir for another reason than
just in finalize_overlays(), but I will not anymore. Regardless, this
seems like a nice patch which also allows us to complete the style
conversion in this file.
Closes: #847
Approved by: cgwalters
It seems silly that to find out more detailed information about the
NEVRA of a cached pkg, we have to resort to write out the header to
disk, then reading it back in with librpm in order to tease out the info
we want. Let's just encode that information directly in the commit
metadata and provide a helper to fetch it.
Closes: #847
Approved by: cgwalters
This is an extension to the previous change to distingush between
"caller" and "client". Now for clients we log the uid (both
in the message and structured).
This is a natural followon from the polkit work, since now different
uids can invoke us.
Closes: #838
Approved by: jlebon
A "caller" is a bus address that hasn't called `RegisterClient`.
Prep for things like unifying the bus name tracking between the transaction and
the daemon; right now it's a bit silly that the txn code also monitors the
caller's bus name. So down the line we could change that code to call into the
daemon and use its tracking for registered clients.
Closes: #837
Approved by: jlebon
The property of removal overrides dropping out if the package was
removed from the base layer felt a bit too magical and hacky. We really
should remember that wish and re-apply it if the pkg comes back. This is
similar to package layering: requests can become inactive (seems like a
better word than "dormant") if the package is already part of the base
layer, but they don't really go away.
This patch reworks the logic so that removal overrides work the same
way. In the status output, we now have both "RemovedBasePackages" and
"InactiveBaseRemovals" (which is only printed in verbose mode),
similarly to how we have "LayeredPackages" and "InactiveRequests". And
similarly, we also print out in the upgrader during a transaction all
the inactive base removals.
Another cool thing is that we now allow any pattern to be specified at
the CLI. E.g. `ex override remove /usr/bin/strace` will resolve to
strace.
Closes: #836
Approved by: cgwalters
In the JSON output, the "requested-packages" holds *all* the requests
for package layering, whereas the "packages" key holds only those
requests which actually caused a package to be layered.
When outputting RequestedPackages, we try to be nice and print only the
"dormant" packages, i.e. those requests which did not require any
packages to be layered since the base layer already fulfilled them. This
is the subset of "requested-packages" not also in "packages". But then,
we could call this subset something much more appropriate than
"RequestedPackages" when outputting.
This patch renames it to "InactiveRequests" to reflect the "dormant"
aspect of them. We also make it only be output in verbose mode, since
it's not as interesting as what was *actually* layered when trying to
understand what the host is currently running. But we do adapt the
upgrader so that it prints out inactive requests during transactions.
Closes: #836
Approved by: cgwalters
Example of what the new macros look like when applied on a whole
codebase. It definitely feels much nicer to work with!
Update submodule: libglnx
Requires: https://github.com/GNOME/libglnx/pull/55Closes: #834
Approved by: cgwalters
This allows non-root users access to the rpm-ostree daemon, which is
a pre-requirement for gnome-software rpm-ostree support.
Closes: #745Closes: #825
Approved by: cgwalters
In the error path when trying to remove a base package, we would try to
print a DnfPackage as char*, which of course didn't result in any
coherent output.
Closes: #833
Approved by: cgwalters
We shouldn't just check that the "targeted" dir exists, but rather that
the actual directory where the modules are stored exists. This fixes a
regression on RHEL in which the new selinux-policy-targeted lists some
%ghost files under /var/lib/selinux and as a result think that the
policy is in /var.
Closes: #831
Approved by: cgwalters
This is just a cosmetic patch that ensures we use the same names for the
same things everywhere to make it easier to follow along.
Closes: #829
Approved by: cgwalters
Minor prep for replace overrides.
Let rpmostree_sort_pkgs_strv work on an existing fd list rather than
creating its own, since it may be called multiple times on different
pkgs arrays.
Factor out the logic that calls to sort and inserts the values in the
final modifiers variant dict to prepare for being able to do this
operation multiple times.
Closes: #829
Approved by: cgwalters
Only add information to it re. installing/uninstall/local installs after
we check that the corresponding arrays are not `NULL`.
Closes: #826Closes: #827
Approved by: cgwalters
This is to assuage my pet peeve of bad grammar output. It's of course
English-centric, and would require some tweaking if/when we support
internalionalization systems like gettext. Though I don't think it
makes it more difficult to do so in the future.
Closes: #824
Approved by: cgwalters
Starting from v4.12, rpmteFI has been deprecated in favour of
rpmteFiles. Make use of it if we can, otherwise fall back to the older
API.
Closes: #824
Approved by: cgwalters
This is part of the saga of permissions and checkouts that
came about thinking about flatpak, but suid and world-writable dirs
are also an issue for us.
There's no reason to make suid binaries accessible temporarily
to users while we're computing a new root. Similarly, we don't
want anyone to actually *write* to our temporary `/tmp`. The
simple fix is to make an intermediate dir that's `0700`.
See: https://github.com/ostreedev/ostree/pull/909
See: https://github.com/flatpak/flatpak/pull/843Closes: #821
Approved by: jlebon
This is one more step towards making rpm-ostree more powerful in its
quest to be the ultimate *hybrid* image/package system. Package layering
allows us to add packages on top of the base package set received from
the content provider. However, we're not able to remove or replace
packages in the base set itself.
This patch introduces a new `override` command, which is for now nested
under the experimental `ex` command. The `override` command will allow
users to modify the base package set itself. The first implemented
subcommands are `remove` and `reset`.
A stub has been provided for the more useful `replace` subcommand,
though much of the needed logic for that operation are implemented in
this patch as part of the `remove` subcommand.
Part of: https://github.com/projectatomic/rpm-ostree/issues/485Closes: #797
Approved by: cgwalters
1. There's no point in passing a GCancellable in those cases. All the
manipulations should be short-lived.
2. Rename delete_packages to remove_packages, since "remove" is the
proper antonym of "add".
Closes: #819
Approved by: cgwalters
There's a lot that could be done to improve this; we're not setting a title for
`rollback` etc. But I think in practice right now the "deploy" path (which
includes upgrade/install) etc. is most important.
Re-synthesizing a human readable string here is definitely a bit fragile and
going to be a maintenance pain. One thing I debated is having the client send
its commandline as a string. But that would only work for `/usr/bin/rpm-ostree`,
not e.g. Cockpit.
Anyways for now, this is useful and we can always improve it later.
Closes: https://github.com/projectatomic/rpm-ostree/issues/454Closes: #814
Approved by: jlebon
There's a subtle but classic issue in this code: calling `continue`
really just continued the inner loop, whereas we meant continuing the
outer loop.
Fix this by making the prefix lookup check a proper predicate function.
Place that function somewhere public, because we'll make use of it in
base overrides as well.
Closes: #807
Approved by: cgwalters
At this point, there are many helper functions that really should just
be made upgrader-aware to make it easier to follow. For example, now
both find_missing_pkgs_in_rpmdb() and generate_treespec() are passed the
Upgrader object directly, allowing us to avoid having to thread through
multiple arguments everywhere. Another example is that the Upgrader now
carries the list of final packages that need to be overlaid rather than
passing it around.
We also rename the functions to better reflect what they actually do.
Closes: #804
Approved by: cgwalters
Since we now use a predictable directory for the rootfs checkout and
assembly operation, there's no need for a tmprootfs variable anymore.
Closes: #804
Approved by: cgwalters
It's less cumbersome to check for this in the origin. Factor it out
there so that it's easier to modify it in the future.
Closes: #804
Approved by: cgwalters
In all cases, we always do download_metadata() followed by prepare().
Let's just make life easier for callers by inlining this in prepare(),
much like what libdnf does. The function is still public in case some
use case calls for making them separate.
Closes: #805
Approved by: cgwalters
There's not much use in having RpmOstreeInstall be separate now that
it's completely private. Let's just make it part of the main context
object rather than making callers allocate space for it and pass it to
the various context methods.
We also rename `prepare_install` to `prepare` since it will (soon) do
more than just installs (and sometimes only pure uninstalls).
Closes: #805
Approved by: cgwalters
We had a lot of duplicate code that handled subcommand handling. Though
now that we have proper structs to represent commands and command
invocations, we can easily unify these.
Closes: #803
Approved by: cgwalters
Part of: https://github.com/projectatomic/rpm-ostree/issues/774
Basically, for `rpm-ostree status` to accurately help people
understand whether or not their system is up to date, we need
to be showing repository timestamps.
Ideally, we'd change the libdnf API to support what we're doing
here better. But, this works for now.
Closes: #791
Approved by: jlebon
This is prep for a rework of rpm-md downloads (visualizing state better + prep
for parallelization). libdnf defaults to a week which is just too long
(particularly for async security updates).
See also the linked https://github.com/rpm-software-management/libdnf/issues/291Closes: #791
Approved by: jlebon
And tweak the comment; I'm not blindly adding everything from
e.g. a Fedora compose here, since while in practice we omit them,
the ugliness serves as a reminder to fix the packages.
(For example, pam should use tmpfiles.d snippets for `/var/log/tallylog`,
or %ghost it)
Closes: #795
Approved by: jlebon
We need to add an `__attribute((used))` to the autocleanup variable in order to
pacify its set-but-unused, so make a macro to simplify callers. This is a bit
like systemd's `PRESERVE_ERRNO` cleanup.
Closes: #794
Approved by: jlebon
This way we only have one directory to `rm_rf` at cleanup time.
A next steps might be teaching libdnf to use this. Futher, we could
consider inheriting a tmpdir from the transaction.
Closes: #792
Approved by: jlebon
In various places we thread down the tmpdir dfd. But since its lifecycle is
bound to the context, we might as well pass the context itself. This just ends
up being cleaner, and is also prep for changing how we do the tmpdir.
Closes: #792
Approved by: jlebon
Allows us to convert the metadata download func to new code style, and is
generally in line with our cleanup-focused philosophy on code, life,
and the meaning of the universe.
Closes: #789
Approved by: jlebon
Splitting this out before I keep hacking on this file. Pretty
straightforward stuff. There is one legitimate use of the `goto out`
pattern left in which we clean up a tmpdir.
Closes: #788
Approved by: cgwalters
There are a few reasons to do this. First, systemd changed to refuse mounts on
symlinks, and hence if one *wants* "/tmp-on-tmpfs", one would need to write a
different `sysroot-tmp.mount` unit.
Second, the original rationale for having this symlink was that if you had
multiple ostree stateroots ("osnames"), it's nicer if they had the same `/tmp`
to avoid duplication. But in practice today that's already an issue due to
`/var/tmp`, and further the multiple-stateroot case is pretty unusual. And that
case is *further* broken by SELinux (if one wanted to have e.g. an Ubuntu and
Fedora) stateroots. So let's fully decouple this and make `/tmp` a plain
old directory by default, so systemd's `tmp.mount` can become useful.
Now, things get interesting for the case where someone wants a physical `/tmp`
that *does* persist across reboots. Right now, if one just did a `systemctl mask
tmp.mount` as we do in Fedora Atomic Host's cloud images, you'd get a semantic
where `/tmp` stays per-deployment, which is weird. Our recommendation for
that should likely be to set up a bind mount for `/tmp` → `/var/tmp`.
For now, this stays an option to ensure compatibility; if FAH Cloud images
want to stay with "physical /tmp", then we'd have to change the kickstart.
Closes: https://github.com/projectatomic/rpm-ostree/issues/669Closes: #778
Approved by: jlebon
This was a kind of last-minute bug introduced when I tweaked the
checkout to use `.` to avoid a `mkdir()` for files. But there were
multiple bugs with that; for files that are in subdirectories of `/etc`
we obviously need to get the right subdir and not use `/etc`.
Second, we need to handle the case where we're adding new subdirectories.
This change fixes `rpm-ostree install firewalld + rpm-ostree ex livefs`.
Closes: #783
Approved by: jlebon
This is a valid case when layering local RPMs. Otherwise (e.g. if
specific non-local packages are requested), give the nicer error rather
than letting libdnf throw something less useful.
Closes: #780Closes: #781
Approved by: cgwalters
This is part of: https://github.com/projectatomic/rpm-ostree/issues/774
Basically, it's very useful for debugging since one could get an out-of-date
mirror or the like.
Down the line we may more formally store this data in a permanently-persistent
way, but this is a simple extension of the journaling we do now.
Closes: #775
Approved by: jlebon
There are a few different use cases here. First, for layering new packages,
there's no good reason for us to force a reboot. Second, we want some support
for cherry-picking security updates and allowing admins to restart services. Finally,
at some point we should offer support for entirely replacing the running tree
if that's what the user wants.
Until now we've been very conservative, but there's a spectrum here. In
particular, this patch changes things so we push a rollback before we start
doing anything live. I think in practice, many use cases would be totally fine
with doing most changes live, and falling back to the rollback if something went
wrong.
This initial code drop *only* supports live layering of new packages. However,
a lot of the base infrastructure is laid for future work.
For now, this will be classified as an experimental feature, hence `ex livefs`.
Part of: https://github.com/projectatomic/rpm-ostree/issues/639Closes: #652
Approved by: jlebon
I noticed I had `/tmp/rpmostree-metadata*` directories, and there
were two cases where we created those dirs. Astonishingly,
*both* had bugs that prevented cleaning up.
Rename one of them so in the future it'll be clearer which is buggy (or both).
Closes: #772
Approved by: jlebon
Switch a couple of core functions to the new style in preparation for
some other work there. This doesn't tackle the larger assemble()
function.
Another function which escaped for now is one that uses a tmpdir. Makes
me wonder if we should add a "GlnxTmpDir" type thing which simplifies
the mkdtempat/opendirat pattern and has a shutil_rmrf cleanup.
Closes: #771
Approved by: cgwalters
Now that the unpacker actually tracks what the RPM checksum was at
import time, we can make use of that to determine whether we should
download the newer RPM, even if it has the same NEVRA.
Closes: #769
Approved by: cgwalters
In addition to the header checksum, we also want a checksum of the RPM
file itself. This will allow us to know right away whether an RPM with
the same NEVRA in the repos is actually the same one we already
imported.
Closes: #769
Approved by: cgwalters
The actual number of imported packages is not printed right now on the
terminal. But it's useful information to have, so stick it in the
journal.
Also make both the ENABLED_REPOS and ENABLED_REPOS_SOLVABLES
comma-separated lists. This essentially makes them valid YAML/JSON,
which is a nice property to have for e.g. test/shell interactions.
Closes: #769
Approved by: cgwalters
Before this commit, in the case where we have 3 deployments, the rollback code
would pick the merge/pending deployment. This is understandable since that logic
predates us potentially creating 3 deployments.
For livefs, I want rollback to actually go to the rollback, not the pending.
Add an API to find the pending/rollback, and put it in syscore, since we have
other similar functions to this there. (Perhaps in the future we'll figure out a
way to dedup the deployment walking/filtering logic a bit).
Port the two callers to it.
Closes: #767
Approved by: jlebon
I didn't realize we had this dbus method. It was added in the initial
drop of the DBus API, and AFAICS nothing uses it; it's not exposed
via the cmdline, and a quick `git grep` in Cockpit shows it's
not used there either.
It's tempting to delete it.
However, before we take that step, let's reimplement it in terms of the new,
shiny, more powerful "cleanup" txn.
The particular reason I'm doing this is I want to change how we handle
rollbacks.
Closes: #767
Approved by: jlebon
This is a follow-up to commit 77acf62. There, we added support for
rebasing from a local branch to another local branch. But in testing,
it's also really useful to be able to rebase from a remote-based refspec
to a local branch. We allow this here by slightly expanding the syntax
of allowed refspecs.
Now, we can use rpm-ostree all the time rather than fallback to `ostree
admin deploy`, which isn't pkg-aware.
Closes: #764
Approved by: cgwalters
This was argued on list a while ago: http://lists.rpm.org/pipermail/rpm-ecosystem/2016-August/000391.html
Basically, every use of `%pretrans` is a workaround for some in-place
upgrade problem. But we never do inplace updates, we always assemble
a new tree. Hence, there is no point for us to ever execute these.
Let's stop erroring out on them. If there does turn out to be some problem with
a particular package (e.g. the `openjdk-copy-configs` or whatever), we would
likely end up needing to fix that package's `%post`, not start executing its
`%pretrans`.
Closes: #763
Approved by: jlebon
An updated version of: https://github.com/projectatomic/rpm-ostree/pull/316
using the journal (and structured logging) instead.
I was just curious. And yeah, in some quick testing via deploying an old
FAH `25.67`, there are zero relabels.
We should likely have a test that actually forces a relabel...would require
custom SELinux policy build? Or hm, maybe we could override a file context.
Closes: #760
Approved by: jlebon
When appending the trailing bytes, we were passing (p - s), but p by
definition is always NULL at that point. Chaos ensues.
The really evil part about this is that the len is passed signed and
glib treats negative values to mean it should lookup the length itself,
so this worked *most of the time*. Though I'm guessing if the address at
s is large enough, (p - s) can wrap around and become positive again,
thus causing a massive allocation. Anyway, I didn't actually check this
(esp. since the report was for ARM), but the patch is clearly right.
I think this may be the cause for
https://bugzilla.redhat.com/show_bug.cgi?id=1381357.
Closes: #756
Approved by: cgwalters
I want to use this in livefs, where I'll end up doing some diff
computations on the server and am currently rendering text there.
It might also be a step towards using this in `db diff`.
Closes: #709
Approved by: jlebon
