Commit Graph

64 Commits

Author SHA1 Message Date
Colin Walters
fa81456cbf Rewrite bwrap code in Rust
I tried to do this incrementally but it snowballed.
2021-03-29 14:45:35 +00:00
Luca BRUNO
42d86d6895 libpriv/passwd: move pre-commit validation hooks to Rust
This moves the users/groups validation logic to Rust, taking care of
all the treefile check-passwd/check-groups knobs.
As all the passwd-handling logic has been ported to Rust, it also
drops the stale C source/headers/imports.
2021-03-22 09:02:01 -04:00
Colin Walters
1d242ddb59 Add a C++ rpmdb-diff API wrapping the C one, bind in Rust
I'd like to compute diffs in apply-live to differentiate
between "pure layering" versus modifications/removals.
2021-02-19 09:08:22 -05:00
Colin Walters
08c414f897 Rework bindgen/cxx.rs usage and CI build
cxx.rs (aka cxxbridge) and cbindgen are
both generating source code.  Since the last release
we've introduced the former, and we need to ensure
that the generated cxx.rs source ends up in release tarballs
the same way as the cbindgen code.

Rationalize and clean up the binding infrastructure.
Drop support for the vendored cbindgen which we
weren't actually using:
Closes: https://github.com/coreos/rpm-ostree/issues/2392

Move the cxx-rs and cbindgen bits into the same place,
and update our CoreOS CI build to use a separate `Makefile.bindings`
that just generates the code, so our CI still "works like"
a main Koji RPM build.
2021-01-04 13:17:35 +01:00
Colin Walters
562acedbaa Move "ignored script list" to Rust, drop gperf
Rust has a nice crate for doing perfect hashing.  Move that
code into Rust and drop the dependency on `gperf`.  This also
helps move away from Autotools.
2020-12-24 16:37:04 +01:00
Colin Walters
6579ab791b Use cxx-rs instead of gresources
The way gresources work using a constructor function started
failing when I was refactoring the build system, and I couldn't
figure it out.  It's just easier to use Rust for this which
has nice toolchain-integrated functionality for this.
2020-12-23 17:45:29 +01:00
Colin Walters
9565c19ef0 Use cxx-rs for core.rs
This is much better than bindgen because it's fully safe.  It's
much more ergonomic too:

 - Invoke Rust methods-on-structs just like C++ methods-on-structs
 - Rust `Result<>` is translated automatically to exceptions

See https://cxx.rs/context.html for more.
2020-12-23 17:45:29 +01:00
Colin Walters
e90eb462b4 Port rpmostree-editor to C++
Prep for using https://cxx.rs/
2020-12-22 09:24:34 -05:00
Colin Walters
d5f518c785 Port rpmostree-json-parsing to C++
Prep for using https://cxx.rs/
2020-12-22 09:24:34 -05:00
Colin Walters
41ff46a1a6 Port rpmostree-rojig-assembler to C++
Prep for using https://cxx.rs/
2020-12-21 16:03:57 -05:00
Colin Walters
3f6b83ed9f Port rpmostree-origin to C++
Prep for using https://cxx.rs/
2020-12-21 16:03:57 -05:00
Colin Walters
2824fb556f Port rpmostree-rojig-client to C++
Prep for using https://cxx.rs/
2020-12-21 16:03:57 -05:00
Colin Walters
828be5380b Port rpmostree-importer to C++
Prep for using https://cxx.rs/
2020-12-21 16:03:57 -05:00
Colin Walters
88624692fb Port rpmostree-unpacker-core to C++
Prep for using https://cxx.rs/
2020-12-21 16:03:57 -05:00
Colin Walters
a03b5a26d7 Port rpmostree-scripts to C++
Prep for using https://cxx.rs/
2020-12-21 16:03:57 -05:00
Colin Walters
022ff333a3 Port rpmostree-libarchive-input-stream to C++
Prep for using https://cxx.rs/
2020-12-21 08:58:14 +00:00
Colin Walters
8bdbc81442 Port rpmostree-refts to C++
Prep for using https://cxx.rs/
2020-12-21 08:58:14 +00:00
Colin Walters
ec4c1b5530 Port rpmostree-util to C++
Prep for using https://cxx.rs/
2020-12-21 08:58:14 +00:00
Colin Walters
29dbeee72f More C++ porting, round 6
Port rojig-build and rpm-util to C++.

Prep for using https://cxx.rs/
2020-12-21 08:58:14 +00:00
Colin Walters
f35afb197d buildsys: Unify build of binary and internal shared library
This completes the task of unifying the build of all of our C/C++
into a single unit, which avoids code duplication and will allow
us to more easily use LTO in the future.
2020-12-20 15:23:53 +00:00
Colin Walters
15836d988a Port rpmostree-passwd-util to C++
Prep for using https://cxx.rs/
2020-12-19 12:40:43 +00:00
Colin Walters
0571917254 Port rpmostree-output to C++
Prep for using https://cxx.rs/
2020-12-19 12:40:43 +00:00
Colin Walters
0c7de65f8e Port rpmostree-kernel to C++
Prep for reworking `core.rs` to use cxx-rs

(Notable in this is the dropping of `goto out` by writing
 a small struct with a destructor to handle the cleanup `unlinkat()` for us)
2020-12-11 06:58:53 -05:00
Colin Walters
ca8c54e21c Port rpmostree-core to C++
More prep for using https://cxx.rs/
2020-12-08 09:57:08 -05:00
Colin Walters
d79e0e5c77 Port rpmostree-postprocess to C++
Prep for using https://cxx.rs/
2020-12-08 09:57:08 -05:00
Colin Walters
887d362906 Convert some code to compile in C++ mode
This is part of investigating using https://cxx.rs/
In order to make this really work, we need to convert some of our C
code to C++ so we can include cxx.rs-generated code.

This starts by converting just two files as a starting point.
I did the minimal porting; I didn't try to actually rewrite them
to resemble modern C++, just "C in C++ mode".
2020-12-01 22:07:49 +01:00
Colin Walters
5650f376fb Add --enable-rojig, disable by default
We're seeing some CI failures that I think are a bug in rojig.
In the bigger picture...we never actually started using this,
and I think longer term shipping os updates via containers
probably makes more sense.

I put a *lot* of effort into this code and it's pretty cool
so it's hard to just delete it.  And *maybe* someone out there
is using it (but I doubt it).  So rather than just deleting
it entirely let's make it a build-time option.

I verified that it builds at least.
2020-10-22 15:38:50 -04:00
Rafael Fonseca
cac5aa413d app,daemon: Use public libostree's kargs API
This deduplicates the code between the two repositories.

Closes: #1862

Signed-off-by: Rafael Fonseca <r4f4rfs@gmail.com>
2019-08-21 16:47:52 -04:00
Colin Walters
3ea364ee61 scripts: Ignore new glibc lua %post
Tried a `--unified-core` build of Silverblue and it blew up on this.
Just copy-pasting the comment in the code:

34927af202

From a read of that script, none of it is necessary for rpm-ostree.  It's about working around
bugs from a traditional RPM in-place update, but rpm-ostree always starts from a clean
filesystem checkout.

Closes: #1869
Approved by: jlebon
2019-07-17 13:43:03 +00:00
Jonathan Lebon
ad1451fac2 Rebase to latest libdnf
This brings us back in sync with the latest libdnf git master. This
required a bunch of work both on the libdnf and rpm-ostree side to get
working. See e.g.
https://github.com/rpm-software-management/libdnf/issues/645.

A few things to adapt to:

- soname bump to `libdnf.so.2`
- `DnfAdvisory` is no longer a `GObject` (annoyingly it's not replaced
  by something we can keep a ref on, so this requires some hacks to
  steal from the `GPtrArray` -- could enhance libdnf for this later)
- disable SWDB history writing
- use new reldep public API
- update for latest `hy_subject_get_best_selector()` API

This now unlocks the possibility to add support for modules. (One can
see hints of this in the diff by the fact that `libdnf` links to
`libmodulemd1`.)

Update submodule: libdnf

Closes: #1404
Approved by: cgwalters
2019-03-19 14:29:15 +00:00
Colin Walters
f05b980094 build-sys: Mark libpriv symbols as private
This was caught by the abicheck in Fedora; since we were building with default
visibility for `librpmostreepriv.la` which was linked statically into the public
library, we'd end up with lots of internals as public ABI.

Fix this by using `-fvisibility=private` for the libpriv build and for good
measure elsewhere so we remember to use it by default.

Closes: #1320
Approved by: jlebon
2018-03-28 15:18:11 +00:00
Colin Walters
36071d3c69 rojig-rename: (almost) Everything else
This renames the remaining C files, tests, etc.  There are only
a few hits for `jigdo` left; changing them would be a format break,
so let's wait to do that until we need to.

Closes: #1279
Approved by: jlebon
2018-03-01 22:35:46 +00:00
Colin Walters
ec5b560979 rojig-rename: Client side files
Closes: #1279
Approved by: jlebon
2018-03-01 22:35:46 +00:00
Colin Walters
df86d81ad7 rojig-rename: Rename the "build" side files
Closes: #1279
Approved by: jlebon
2018-03-01 22:35:46 +00:00
Colin Walters
6dcc8376a1 rojig-rename: Core defines
Rename the `core.h` file and the `#define` set.

Closes: #1279
Approved by: jlebon
2018-03-01 22:35:46 +00:00
pcahyna
1ea5426751 fix "make tags"
src/libpriv/rpmostree-cleanup.h was removed in commit f14d1a3536 and its presence in Makefile causes "make tags" to fail.
Closes: #1270
Approved by: jlebon
2018-02-23 16:35:48 +00:00
Jonathan Lebon
553a68c32a libpriv: add new rpmostree-types.h
There are types that we want to share between the daemon and the client
for deduplication. Those are, as expected, related to D-Bus things like
formats and enums. Let's create a new file for it rather than shove it
in `rpmostree-util.h`. As mentioned in the file, some of these probably
belong better directly in the public API.

Closes: #1147
Approved by: cgwalters
2018-01-27 23:52:43 +00:00
Jonathan Lebon
51fb641305 Initial support for automatic updates
This patch introduces a new `AutomaticUpdatePolicy` configuration. This
was a long time coming for rpm-ostree, given that its update model makes
it extremely apt for such a feature.

The config supports a `check` mode, which should be very useful to
Atomic Workstation users, as well as a `reboot` mode, which could be
used in its present form in simple single node Atomic Host situations.

There is still a lot of work to be done, including integrating
advisories, and supporting a `deploy` mode. This feature hopefully will
be leveraged as well by higher-level projects like GNOME Software and
Cockpit.

Closes: #1147
Approved by: cgwalters
2018-01-27 23:52:43 +00:00
Colin Walters
affa50fbc1 Lower jigdo client logic into core
Introduce a new `rpmostree_context_execute_jigdo()` that fills the same role as
`ostree_repo_pull_with_options()`. This will be used by the sysroot upgrader.

I didn't change the jigdo client code much yet; as a TODO says there's a lot
more we can do to improve things. Some of the public APIs we added to the core
no longer need to be public, such as `rpmostree_context_set_packages()`. But
let's try to do things incrementally.

I did at least change the `g_print()`s to `rpmostree_output_message()`.  I
dropped the `commit_and_print()`; at some point will come back and clean things
up so we consistently journal/print stats.

Closes: #1168
Approved by: jlebon
2018-01-05 17:02:53 +00:00
Colin Walters
a55e923eae core: Split out a -private.h header with struct
Prep for doing the "single object, multiple .c files" pattern like is done in
e.g. libostree with OstreeRepo and `ostree-repo-{refs,commit.c}` etc. For jigdo
we'll need to split things up (see what I did there?).

Closes: #1168
Approved by: jlebon
2018-01-05 17:02:52 +00:00
Colin Walters
8b41718d60 Move most jigdo build logic into internal library
Prep for adding `compose tree --ex-jigdo` to do both at the same time.

Changes other than code motion were minimized; the main thing was tweaks around
the initial option processing to call the API.

Closes: #1146
Approved by: jlebon
2017-12-14 19:37:38 +00:00
Colin Walters
6a2962fd8b core: Process systemctl preset in %post
Rather than entirely symlinking `systemctl` → `/bin/true`, in order
to e.g. have NetworkManager be enabled, we need to process presets.

This is one of the things that's breaking FAHC where I did a
`--ex-unified-core` deployment.

(Actually it's a bit tempting to run a mass preset pass at the end,
 but for now let's do this)

Implementation note: this is our first use of GResources, which
is a handy way to embed data into our final binary.

Closes: https://github.com/projectatomic/rpm-ostree/issues/550

Closes: #1148
Approved by: jlebon
2017-12-14 19:05:25 +00:00
Colin Walters
694b798c73 Introduce experimental "rpm-ostree jigdo"
Tracking issue: https://github.com/projectatomic/rpm-ostree/issues/1081

To briefly recap: Let's experiment with doing ostree-in-RPM, basically the
"compose" process injects additional data (SELinux labels for example) in an
"ostree image" RPM, like `fedora-atomic-host-27.8-1.x86_64.rpm`. That "ostree
image" RPM will contain the OSTree commit+metadata, and tell us what RPMs we
need need to download. For updates, like `yum update` we only download changed
RPMs, plus the new "oirpm". But SELinux labeling, depsolving, etc. are still
done server side, and we still have a reliable OSTree commit checksum.

This is a lot like [Jigdo](http://atterer.org/jigdo/)

Here we fully demonstrate the concept working end-to-end; we use the
"traditional" `compose tree` to commit a bunch of RPMs to an OSTree repo, which
has a checksum, version etc. Then the new `ex commit2jigdo` generates the
"oirpm". This is the "server side" operation. Next simulating the client side,
`jigdo2commit` takes the OIRPM and uses it and downloads the "jigdo set" RPMs,
fully regenerating *bit for bit* the final OSTree commit.

If you want to play with this, I'd take a look at the `test-jigdo.sh`; from
there you can find other useful bits like the example `fedora-atomic-host.spec`
file (though the canonical copy of this will likely land in the
[fedora-atomic](http://pagure.io/fedora-atomic) manifest git repo.

Closes: #1103
Approved by: jlebon
2017-12-04 14:24:53 +00:00
Ruixin Bao
2ef240d401 app/libpriv: add editor option for karg command
Add editor option for kernel arguments. The logic
was taken from the ostree-commit editor.

The user now can edit the kernel arguments from an editor.

The synchronization related issue is resolved by reloading the
sysroot and see if the sysroot has been changed since the call
of the editor prompt.

Closes: #1097
Approved by: jlebon
2017-11-28 18:29:42 +00:00
Colin Walters
366826132a libpriv: Rename "unpacker" to "importer", split off "unpacker-core"
In the jigdo path we don't actually want to import the OIRPM literally
into ostree.  I considered adding jigdo logic into `rpmostree-unpacker.c`
but it'd be a mess as the functionality is quite logically separate
from importing.

So split off an `unpacker-core.c` file which has the bare libarchive+RPM
helpers, and rename `RpmOstreeUnpacker` to `RpmOstreeImporter`.

Closes: #1110
Approved by: jlebon
2017-11-20 20:57:33 +00:00
Ruixin Bao
50863c370d daemon: add handlation for kargs append
API functions from ostree-kernel-args.c
are copied to libpriv. The append functionality
reuses  _ostree_kernel_args_append_argv() for
collecting added kernel arguments.

Also added handlation in rpm-ostree upgrader
to allow deployments happen with kernel arguments.

Now, the user is able to add kernel arguments via
'rpm-ostree ex kargs --append key=value'
or 'rpm-ostree ex kargs --append key' if they
want to have an empty value with key.

The user is also able to display the current
kernel arguments via 'rpm-ostree ex kargs'

In addition, this functionality will create a pending deployment,
and will update the conf file in /boot/loader/entries/ostree-$osname-0.conf upon success.

Closes: #1013
Approved by: cgwalters
2017-11-06 18:49:36 +00:00
Colin Walters
7d98e3efc8 libpriv: Add a helper function to print pkg diff
I want to use this in livefs, where I'll end up doing some diff
computations on the server and am currently rendering text there.

It might also be a step towards using this in `db diff`.

Closes: #709
Approved by: jlebon
2017-04-26 14:26:00 +00:00
Colin Walters
f8edd59d5f daemon: Introduce an origin structure
In prep for adding "regenerates initramfs" to "is locally assembled",
we need more abstraction.  I previously introduced a helper function, but
I'd still need to touch every call site when changing that.

Rather than having each caller re-parse the origin, let's parse it once into a
structure, and then have error-free accessors for it (that also don't malloc).
This way when adding a new flag, I don't need to touch every call site.

Notes:

 - Some places in the code (like the deployments -> variant bits) tried to
   handle deployments without an origin gracefully.  That's no
   longer true.  I'm not sure how much we care - do we?
 - There are a few places where I changed `packagelist.len() > 0` to
   `is_locally_assembled()`.  I think this is right, but we'll need
   to be sure the "no packages to overlay, just initramfs" case
   works when that lands.

Closes: #566
Approved by: jlebon
2017-01-13 20:08:24 +00:00
Colin Walters
e1cdfa1712 libpriv: Introduce an rpmostree-kernel.[ch] for dracut
Since the dracut run is now separated from the rest of postprocess, we change it
to use the bwrap API diretly, and this lets use the new _IMMUTABLE bwrap type.
This will make it easier to reuse for client-side initramfs regeneration.

Splitting this off makes it also easier to simplify the remaining mutable
usage in postprocess.c.

Closes: #560
Approved by: jlebon
2017-01-11 18:39:26 +00:00
Colin Walters
88a130da09 lib: Extract bwrap-executing internal API
The treecompose code will learn how to use bwrap instead of
libcontainer in libglnx, since the latter is a buggy copy of a subset
of the former.

Closes: #429
Approved by: jlebon
2016-08-12 23:34:33 +00:00