Commit Graph

127 Commits

Author SHA1 Message Date
Colin Walters
dded5c0fdc core: Use DEVINO_CANONICAL for pkglayer if policy unchanged
There's a lot more details in the libostree PR:
https://github.com/ostreedev/ostree/pull/1357

Basically loading the xattrs is slow; let's only do it if we need to, and "need
to" is defined by "SELinux policy changed". On my test F27AH VM, the difference
between a stat() + hash table lookup versus the full xattr load on my test case
of rpm-ostree install ./tree-1.7.0-10.fc27.x86_64.rpm is absolutely dramatic;
consistently on the order of 10s without this support, and <1s with (800ms).

Closes: #1123
Approved by: jlebon
2017-12-04 20:13:34 +00:00
Colin Walters
cb86194e2c Release v2017.10
Now that there's a new libostree out, let's cut one here too, since we have a
fair bit accumulated, and I think it'd be good to have the oustanding kargs PR
to soak in master for a bit after landing.

Closes: #1080
Approved by: jlebon
2017-11-02 18:01:58 +00:00
Colin Walters
eacbcc34e0 Release 2017.9
Closes: #1007
Approved by: jlebon
2017-09-25 15:39:57 +00:00
Colin Walters
9711ea6c16 Release 2017.8
Closes: #925
Approved by: jlebon
2017-08-17 21:04:26 +00:00
Colin Walters
0d4d6be94f Implement file triggers (%transfiletriggerin) for layered pkgs
File triggers are a post-RHEL7 thing; more information at
http://rpm.org/user_doc/file_triggers.html

There are two notable users I've been testing this with;
`glib2` and `vagrant`.  The `vagrant` one is more immediately urgent,
since it makes `vagrant-libvirt` work, which I currently rely on
for my workstation dev.

I've tested things successfully with `vagrant`, and I did verify that we run the
`glib2` ones when doing `rpm-ostree ex container`.

Long term, more transaction file triggers are likely to live in
"base" packages like `glib2`.  We don't implement those yet, but
extending this to do that shouldn't be too hard.

There was *significant* what I'd call reverse engineering of the
implementation in librpm.  The file triggers code there is spread out
and abstracted in a few different places in the code.  I found
trying to understand what header values were involved to be quite
tricky.

There are some corner cases like multiple patterns that I *think*
this does correctly, but could use more validation.  The main
question I had was - is it required that the patterns for e.g.
`%transfiletriggerin` and `%transfiletriggerun` be identical?

Closes: https://github.com/projectatomic/rpm-ostree/issues/648

Closes: #869
Approved by: jlebon
2017-07-27 20:58:09 +00:00
Colin Walters
2082b3f8fb lib: Add version macros and version checking function
The version checking function in particular is really useful for people doing
`from gi.repository import RpmOstree`, which we'd like at least some things like
Anaconda and Pungi to do.

Closes: #891
Approved by: jlebon
2017-07-21 20:35:26 +00:00
Colin Walters
fee6d06bf4 lib: Expose new API around basearch
For https://pagure.io/atomic-wg/issue/299 we need to make it
more convenient to substitute the architecture in an installation
context.  I plan to use this API inside `rpmostreepayload` in Anaconda,
so we can substitute the same value of `${basearch}` we use in treefiles
since https://github.com/projectatomic/rpm-ostree/pull/305

Now, you might wonder - why do we need an API wrapping libdnf? It's because
libdnf is not API stable yet. We're just exposing a tiny subset. In theory we
could use the Python dnf bindings in Anaconda, but things get slightly weird if
rpmostreepayload depends on dnf. Perhaps we'll do that down the road, but for
now this a small API surface to maintain (forever).

This change reworks the internal `varsubst` bits to take a pure `DnfContext`,
since we don't want to spin up a whole `RpmOstreeContext` just to do some
string substitutions.

Closes: #877
Approved by: jlebon
2017-07-21 16:02:41 +00:00
Colin Walters
a64b222c66 build-sys: Update release instructions
I got confused since ostree changed to post-release bumps.  Let's
document the current process here.

Closes: #866
Approved by: jlebon
2017-07-11 06:37:40 +00:00
Colin Walters
37a2de7f05 Release 2017.7 2017-07-10 17:03:16 -04:00
Kalev Lember
84f6bcb4f0 Add polkit support
This allows non-root users access to the rpm-ostree daemon, which is
a pre-requirement for gnome-software rpm-ostree support.

Closes: #745

Closes: #825
Approved by: cgwalters
2017-06-19 21:19:42 +00:00
Jonathan Lebon
cba24435b0 core: don't use rpmfiles if missing
Starting from v4.12, rpmteFI has been deprecated in favour of
rpmteFiles. Make use of it if we can, otherwise fall back to the older
API.

Closes: #824
Approved by: cgwalters
2017-06-08 21:14:58 +00:00
Colin Walters
fdaea2e8d6 Release 2017.6
Closes: #798
Approved by: jlebon
2017-05-26 19:47:16 +00:00
Colin Walters
23a9e7e1bc Release 2017.5
A very minor release, but better than backporting more patches. This rolls in
the `RegisterClient` fix as non-root, plus the arm32 crasher.

The syscore refactoring is the only risky part, but I'm pretty confident in it.

Closes: #757
Approved by: jlebon
2017-04-28 13:24:12 +00:00
Colin Walters
9ab46f5221 Require ostree 2017.5
This is preparatory for future changes which will make use the newer sysroot
writing API. But in this change, we can drop all of our version ifdef'd code.

Closes: #740
Approved by: jlebon
2017-04-20 20:58:51 +00:00
Colin Walters
d91e4942cb Release 2017.4
Closes: #734
Approved by: jlebon
2017-04-13 15:42:06 +00:00
Colin Walters
14a9135ea0 main: Output YAML for --version
Equivalent of https://github.com/ostreedev/ostree/pull/691
Basically, it's nicer to parse.

Closes: #665
Approved by: jlebon
2017-03-09 14:23:34 +00:00
Colin Walters
7b8e05ffc2 Allow and start using C99 declaration-after-statement
The equivalent of https://github.com/ostreedev/ostree/pull/718
but for this codebase.

I just picked one example at random, there's plenty of others, but I don't want
to do any kind of tree-wide conversion since we have lots of outstanding
patches.

Closes: #664
Approved by: jlebon
2017-03-06 23:16:30 +00:00
Colin Walters
6003779450 Release 2017.3
This release includes a fix for [CVE-2017-2623](https://bugzilla.redhat.com/show_bug.cgi?id=1422157).

There are a few new features, such as `systemctl reload rpm-ostreed` now being
supported. Some bugfixes such as memory leak fixes. Besides that, there's a lot
of internal refactoring going on in preparation for work on local RPM
installation.

Closes: #663
Approved by: jlebon
2017-03-06 17:13:10 +00:00
Colin Walters
127275fe0e build: Depend on ostree 2017.2, drop check for gpg symbol
Since somehow it's breaking in [Fedora's Koji](https://kojipkgs.fedoraproject.org//packages/rpm-ostree/2017.2/2.fc25/data/logs/x86_64/build.log)
and I don't feel like debugging it.  Let's just take a hard dependency
now and kill the conditional.

Closes: https://github.com/projectatomic/rpm-ostree/issues/653

Closes: #655
Approved by: jlebon
2017-03-03 14:34:57 +00:00
Colin Walters
f6842838d7 build: Deal with gperf 3.1 changing to size_t
https://bugzilla.redhat.com/show_bug.cgi?id=1424268

Closes: #631
Approved by: jlebon
2017-02-17 18:51:53 +00:00
Colin Walters
12448b9e33 Release 2017.2
Lots of client side improvements here.

Closes: #627
Approved by: jlebon
2017-02-14 22:54:50 +00:00
Colin Walters
98be9cef4e Release 2017.1
Closes: #588
Approved by: cgwalters
2017-01-22 16:25:11 +00:00
Colin Walters
59f34e8a03 tests: Disable ASAN leak checks
Right now we're far from leak free, and I want to use ASAN
as a sanity checker, not a leak checker.

Closes: #576
Approved by: jlebon
2017-01-18 16:52:46 +00:00
Colin Walters
9b51b7f652 Release 2016.13
Closes: #549
Approved by: jlebon
2016-12-12 17:20:32 +00:00
Colin Walters
23198fd553 build: Sync up warnings with ostree
Mostly to pick up `-Werror=incompatible-pointer-types`.

Closes: #542
Approved by: jlebon
2016-12-07 22:57:10 +00:00
Colin Walters
977835fd41 unpacker: Fix logic error regression in previous commit
I spotted this warning go by in the build logs.  Let's make it
fatal from now on.

Closes: #536
Approved by: jlebon
2016-12-07 20:16:32 +00:00
Colin Walters
6074a6d728 daemon: Use new OSTree API to verify commits by remotes
Otherwise, we would show remotes using the new `gpgkeypath`
as unknown.

See: https://github.com/ostreedev/ostree/pull/575
See: https://github.com/ostreedev/ostree/issues/573
See: https://bugzilla.redhat.com/show_bug.cgi?id=1393545

Closes: #521
Approved by: jlebon
2016-11-17 16:32:11 +00:00
Colin Walters
78eba17c2e Release 2016.12
Closes: #519
Approved by: jlebon
2016-11-15 15:11:56 +00:00
Colin Walters
c8e7c63ab2 Final removal of libgsystem dependency
Just like ostree.  Now we can consider it dead.

Closes: #511
Approved by: jlebon
2016-11-08 14:38:54 +00:00
Colin Walters
c389b6e939 Release 2016.11
Closes: #500
Approved by: jlebon
2016-10-21 20:07:49 +00:00
Colin Walters
17100ef27c libdnf: Update to current master
This notably fixes the spam of transaction warnings.  Due to a libdnf
build system improvement, we no longer need to manually propagate
`CFLAGS`.

Closes: #499
Approved by: jlebon
2016-10-21 19:27:13 +00:00
Colin Walters
328b85d396 Add infrastructure for alternative name (currently nts)
See https://github.com/projectatomic/rpm-ostree/issues/405

This patch adds an (off by default) `--enable-new-name` build option
which currently defaults to `nts`.  This is purely additive, and
the intention is that we'll support the rpm-ostree name in
perpetuity most likely.

At the moment, we add a new name for:
  - /usr/bin/$name
  - The systemd unit file

But we notably *don't* attempt to add a new name to the DBus API,
as it'd be a lot more invasive of a patch, and less payoff (it's
mostly just programs/scripts that interact with the DBus).

Closes: #497
Approved by: jlebon
2016-10-20 14:22:28 +00:00
Colin Walters
af23b948f1 Release 2016.10
Closes: #478
Approved by: cgwalters
2016-10-07 19:22:00 +00:00
Colin Walters
65424b0e10 Release 2016.9
Closes: #453
Approved by: cgwalters
2016-09-09 00:10:10 +00:00
Colin Walters
9dda288f70 Release 2016.8
Closes: #451
Approved by: cgwalters
2016-09-08 01:19:10 +00:00
Colin Walters
09c5f9a4fe Release 2016.7
Closes: #430
Approved by: cgwalters
2016-08-13 14:34:38 +00:00
Colin Walters
873f4766d7 Release 2016.6
Closes: #427
Approved by: jlebon
2016-08-11 20:22:54 +00:00
Colin Walters
0c8f6b982e build: Import attributes.m4 copy from systemd, update warnings
This matches https://github.com/ostreedev/ostree/pull/431
I also merged in the `-Wint-conversion` here since we build fine
with it now.

Closes: #420
Approved by: jlebon
2016-08-08 14:26:28 +00:00
Colin Walters
39913a2c25 Update for libhif -> libdnf
Still not many PRs outstanding, so it's a good time to take this plunge.
Mostly automated via `sed`.

Closes: #416
Approved by: Conan-Kudo
2016-08-04 01:10:08 +00:00
Colin Walters
89f7e481b4 Release 2016.5
Closes: #408
Approved by: cgwalters
2016-07-25 17:01:08 +00:00
Colin Walters
4abb3ebff7 build: Make bubblewrap path configurable
So that it's easier to build bubblewrap as `Source1` in an RPM
embedded (flatpak is using a git submodule, but for this I think
`Source1` is better).

Closes: #384
Approved by: jlebon
2016-07-11 19:20:09 +00:00
Colin Walters
e48ec22fc2 Release 2016.4
Closes: #383
Approved by: jlebon
2016-07-08 19:52:24 +00:00
Jonathan Lebon
ff5dee43fb configure.ac: exit if libhif's cmake fails
Closes: #371
Approved by: cgwalters
2016-07-05 15:26:45 +00:00
Colin Walters
125c482b1d Switch to using libhif as a git submodule
So I was trying to hack on my host's copy of rpm-ostree inside a pet
docker container, but ran into a conflict with libhif since dnf uses
it.  I think we basically need to *always* build the bundled path,
rather than what I'm doing with CAHC and FADC where it's built as a
regular RPM.

It's not really sustainable right now for us to have both bundled and
not-bundled build paths - and we need to support co-installation with
dnf.

Another major issue is that we want to version lock with libhif -
right now our CI and both CAHC/FADC track libhif master, but that
means everything breaks if libhif breaks and we don't immediately
port.

git submodules solve all of these problems - the same as we're doing
with libglnx.

libglnx is *designed* for use as a git submodule, where as libhif
needs to support being both bundled and not-bundled.  So we end up
with some hacks on our side, but I think it's all not too bad.  I've
marked build rules with `# bundled libhif` so we know where to find
them later when libhif is stable.

Closes: #357
Approved by: jlebon
2016-06-30 14:27:55 +00:00
Colin Walters
9d473df11e build: Remove --enable-usrbin-atomic
We haven't used this in a long time now that the atomic command
exists.

Closes: #361
Approved by: jlebon
2016-06-29 16:44:08 +00:00
Colin Walters
f35f5cf468 core: Initial implementation of %posttrans using bwrap+rofiles-fuse
In order to make many things work, we need to run scripts.  Short version:
For now, we:

 - Run `%posttrans`
 - Treat most `%post` as the same as `%posttrans`
 - Ignore `%preun` and such since we never uninstall

Most importantly though, we start to build up an "override" list
for script handling.  Currently it's just a blacklist of scripts
we don't need.

Significant work here would be needed to run Lua scripts, so far I've
been able to just skip them.

Closes: #338
Approved by: jlebon
2016-06-24 16:08:08 +00:00
Colin Walters
24ec30180c Release 2016.3 2016-05-20 08:54:05 -04:00
Colin Walters
8dc292a62a Release 2016.2 2016-05-19 10:20:11 -04:00
Colin Walters
168e12d32f Release 2016.1 2016-03-28 10:58:46 -04:00
Colin Walters
9f3f1ad06a build: Work without gtk-doc installed
This follows the pattern used by e.g. glib.  If people (commonly
embedded systems) don't want docs, we should support that.

Pull request: #235
Approved by: jlebon
2016-03-15 19:34:19 +00:00