IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The new context methods recently added for unprivileged infrastructure
would set the ostreerepo member when calling new_unprivileged(). Since
here we will be using the sysroot repo, we need the ability to set the
repo. Just add a new set function for now, maybe move it into
new_system() later.
Also, make sure we dereference the repo on finalize.
Pull request: #240
Approved by: cgwalters
There will be cases where we don't actually want to tag a ref on the
final assembled commit. This will be true for package layering.
Pull request: #240
Approved by: cgwalters
We allow the "repos" key to be missing, which just means that we let
libhif do its job, i.e. automatically use the repos in repodir that are
enabled.
We still do a check in rpmostree_context_setup() to make sure that at
least one repo is functional.
Pull request: #240
Approved by: cgwalters
Right now we're doing the /etc -> /usr/etc inside the RPM import, but
we might as well do the /usr/local bits in both. Also, use
/usr/share/rpm by default for treecompose too so that is unified.
Other things like systemd unit files and kernel handling are only
going to be used for host side composes.
I debated config file formats a lot. JSON is fairly awkward for
humans to write, and really painful to parse from C. YAML is nice,
but also painful from C.
Both are fairly overpowered for what we really need. Keyfiles
(desktop spec, `GKeyFile`) have a lot of limitations, but at least
it's used by systemd and `.desktop` files, and we already have a
parser.
We still parse the JSON treefiles, but internally convert them to
`GKeyFile` (which is in turn converted to `GVariant` for a canonical
form).
This is just a tech demo. Example usage:
```
mkdir -p ~/.cache/rpmostree-containers
cd ~/.cache/rpmostree-containers
rpm-ostree container init
cp /etc/yum.repos.d/CentOS-Core.repo rpmmd.repos.d
rpm-ostree container assemble bash
rpm-ostree container assemble httpd
```
This is in preparation for `rpm-ostree container`, which handles
unpacking RPMs as non-root.
At the moment, I'm copying code in from both ostree's libarchive bits
(fixable...may need to export some utility functions) and some
functions from libhif (harder, see:
http://lists.rpm.org/pipermail/rpm-ecosystem/2016-January/000297.html )
There's lots more cleanup to do here, but I don't want to block on the
resolution of the libhif changes.
This is part of taking over from librpm. The most important high
level goal is fully unprivilged operation.
Right now we're basically starting to do what
http://libguestfs.org/supermin.1.html does, except in C, and
faster.
There's no reason that `compose tree` should require privileges.
However right now, things like `%post` scripts will want to run in the
target root - so we'd have to require `linux-user-chroot`.
Regardless of unprivileged operation though, another major thing we
can do is use our control over the unpacking process to do a lot more
sophisticated caching. We can build up a precise mapping of (rpm
ENVR, file path, selinux label) -> object and avoid rechecksumming
each time.
And even for files that aren't known, we can parallelize commit with
unpacking, etc. (Ok assuming treecompose-post won't mutate anything).
As we start to do more package things, extract common helper functions
around HifContext * that by default operates on the system root.
Some of these bits should go in libhif, but the immediate plan is to
iterate here, then push downwards later.
Besides porting GFile -> fd, I specifically want it to operate in an
append mode for package layering. Then given an existing tree, we
ensure we're not deleting the underlying tree's autovar files.
This should help to generate the same initrd when the files didn't
change.
Newer versions of gzip (or pigz when available) can generate rsync
friendly files and if present, Dracut already takes advantage of it.
Also use --reproducible, to instruct Dracut to generate CPIO
reproducible files. It is required a version of GNU CPIO that
has support for it.
Check that Dracut has --reproducible in its --help output before
setting it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
- Can also give you a file descriptor
- Takes a constant string as input, returning a mutated string as a
separate variable which means that one can check whether the variable
is `NULL` to know whether or not one needs to `rm -rf` it on error
paths.
The refsack code was using the latter, and it stood out. Now that
we're making use of explicit export markers, there's no need to uglify
internal APIs with a leading `_`.
While `rpm-util.c` may not best describe this, it's where most
of this code is ending up. Let's further centralize things.
We more consistently return an `RpmOstreeRefSack` instead of a
`HySack`, where the former supports refcounting and knows how to clean
up its temporary directory if it was allocated from a commit.
And now, finally the actual goal is achieved. \o/
Only one code path dealing with extracting the rpm database from an
OSTree commit.
An astute reader would notice that the `root` member of the struct was
actually only necessary as of a few commits ago. But said astute
reader would also realize it's kind of late in the evening and not
worth rebasing it to where it would properly go.
hawkey and libsolv are both patched to look in `usr/share/rpm` if the
db can't be found in `/var/lib/rpm`. However, librpm itself isn't.
One *can* override it with a macro...which is process global. Yuck.
Needs fixing.
Anyways, we can just make a symlink. That's a lot easier than writing
a patch for librpm and waiting a billion years to be able to use it
everywhere we care about.
This will help unify the librpm tempdir code with the hawkey tempdir
code.
As far as I can tell, this is basically a way to specify the temporary
directory. That significantly complicates the code as it now
needs to keep track of whether or not it owns the temporary directory.
This hinders unifying this code with the hawkey query path.
Because of this, and since I'm not aware of a use case for specifying
this tempdir, let's remove it.
It was only used to access the yumdb, which we don't use because:
- It badly exacerbates the OSTree one-HTTP-request-per-object issue
- We're assembling multiple repos on the server side, so things like
who took the action aren't relevant.
But the reason I did this patch at the moment is because I want to
unify the code that's creating tempdirs from commits so we can feed
real files to librpm.
For a future patch, I want to add an API to get an rpmts for a commit,
instead of a hawkey Sack, because libsolv doesn't expose some
optimized queries that we can get by just going directly to librpm,
such as package file owners.
We had `src/lib` having its own little private library; I wanted to
use some of it inside `src/libpriv`, so let's consistently have all
private utility code in `src/libpriv`.
Closes: https://github.com/projectatomic/rpm-ostree/pull/147
This is a step forward to deduplicating; the client tooling now calls
into the public API for diffs, rather than using the older internal
function.
Note: this patch also links the client against the public library.
On the plus side, we share some code between the library and the
binary now. On the downside, because `librpmostreepriv.la` is a
noinst library, its code text is duplicated between the shared library
and binary, at least until we either:
- Have the binary solely use the public shared library (like ostree does)
- Install `librpmostreepriv.so` to e.g. `/usr/lib64/rpm-ostree/librpmostreepriv.so`
without the headers being public
We presently have 3 internal code paths that are doing rpmdb
inspection. This conversion to fd-relative for one of them is a
generic cleanup preparatory to de-duplicating.
Note this bumps libglnx to include
381ca54ee3
The file is automatically populated by systemd when it is empty.
Apparently it doesn't work when the file is missing (as of
systemd-219-9.fc22).
https://bugzilla.redhat.com/show_bug.cgi?id=1198700
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
We currently have an internal-only library, but the sources for it are
in the same dir as the app. For future work on a public shared
library, we'll need a clearer source structure.
Start by just renaming the app files into `src/app/`, and the internal
private library into `src/libpriv/`, with the appropriate
`Makefile.am` changes.
Closes: https://github.com/projectatomic/rpm-ostree/pull/123
