Commit Graph

25 Commits

Author SHA1 Message Date
Jonathan Lebon
ead1ecdd23 package layering: major rework
- Move the package layering logic away from pkg-add and into the
  upgrader
- Add pkg-delete
- Add dry-run option

Closes: #289
Approved by: cgwalters
2016-05-27 22:18:44 +00:00
Colin Walters
beb026f701 pkg-add: New builtin to layer additional packages
This builds upon the earlier prototype in
https://github.com/cgwalters/atomic-pkglayer

The `.origin` file says for a replicated installation:

    [origin]
    refspec=local:rhel-atomic-host/7/x86_64/standard

If you then run `rpm-ostree pkg-add strace`, it will result in a new tree with:

    [origin]
    baserefspec=local:rhel-atomic-host/7/x86_64/standard

    [packages]
    requested=strace;

Work still remaining here is to teach `rpm-ostree status` and
`rpm-ostree upgrade` about this.

Closes: #289
Approved by: cgwalters
2016-05-27 22:18:44 +00:00
Jonathan Lebon
d9e8535bcf treecompose: fix crash when "remove-from-packages" used
This works around a potential issue with libsolv if we go down the
rpmostree_get_pkglist_for_root() path. Though rpm has been using the
/usr/share/rpm location (since the RpmOstreeContext set the _dbpath
macro), the /var/lib/rpm directory will still exist, but be empty.
libsolv gets confused because it sees the /var/lib/rpm dir and doesn't
even try the /usr/share/rpm location, and eventually dies when it tries
to load the data.

So we set the symlink now. This is also what we do on boot anyway for
compatibility reasons using tmpfiles.

This also means we don't have to do the /var/lib/rpm --> /usr/share/rpm
transition during the rootfs postprocess (but we still have to clean up
db and lock files).

Also get rid of the unused pkglist variable.

NB: I used the GFile & gs APIs to mesh with the surrounding code.

Closes: #290
Approved by: cgwalters
2016-05-27 17:06:08 +00:00
Colin Walters
b718e28d79 postprocess: Add --add ostree to dracut invocation
Right now the `ostree.rpm` package always configures dracut to inject
the ostree setup via a conf file.  But it's actually simpler and
cleaner to just have callers specify it explicitly.

https://bugzilla.redhat.com/show_bug.cgi?id=1331369

Closes: #276
Approved by: jlebon
2016-05-06 14:50:42 +00:00
Giuseppe Scrivano
94a2804b0a compose: support adding external files
This will allow to copy arbitrary files into the rootfs, specifying something like:

"add-files": [["service.template", "/exports/service.template"],
              ["config.json.template", "/exports/config.json.template"]]

It is quite useful when building a container image.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #253
Approved by: cgwalters
2016-04-27 20:21:12 +00:00
Colin Walters
3350c0e062 postprocess: Fix "compose tree" regression with /etc
The fact that we didn't notice this is a testament to the state of
testing =(

I think I want to change the container build path to also only
grab /usr and /etc rather than having the paths be different,
but for now - the quick fix.

Pull request: #243
Approved by: jlebon
2016-03-22 18:35:33 +00:00
Colin Walters
ed7fc02b04 postprocess: Ensure we error out if selinux is enabled, but no policy found
I was tracking another regression where we seem to have lost
`/usr/etc` contents which manifested as `Labeling with... (null)`
which was clearly wrong.

Now this change actually impacts the test suite - we now (again IMO
correctly) error out if `selinux: true`.  The `no-selinux-tag` test
no longer makes sense, so delete it.

We do need more "real" tests that use selinux on and off.

Pull request: #243
Approved by: jlebon
2016-03-22 18:35:33 +00:00
Colin Walters
f577279fac libpriv: Unify /usr/local, /etc -> /usr/etc, rpmdb handling
Right now we're doing the /etc -> /usr/etc inside the RPM import, but
we might as well do the /usr/local bits in both.  Also, use
/usr/share/rpm by default for treecompose too so that is unified.

Other things like systemd unit files and kernel handling are only
going to be used for host side composes.
2016-02-22 14:27:46 -05:00
Colin Walters
f14d1a3536 build: Port to master libhif
This is a work-in-progress port against the libhif master + some
outstanding PRs.
2016-02-22 14:27:46 -05:00
Colin Walters
163f50214b postprocess: Delete dead code relating to yumdb
This has been long useless because we now disable history writing in
libhif.
2016-01-04 16:23:54 -05:00
Colin Walters
5cd40e6d86 postprocess: Cleanup more /var -> tmpfiles code to fd relative
Besides porting GFile -> fd, I specifically want it to operate in an
append mode for package layering.  Then given an existing tree, we
ensure we're not deleting the underlying tree's autovar files.
2016-01-04 12:47:31 -05:00
Colin Walters
cca057d24b postprocess: Convert some of the /var -> tmpfiles to fd relative
Part of an ongoing effort to port away from `GFile`.

Conflicts:
	src/libpriv/rpmostree-postprocess.c
2016-01-04 12:47:14 -05:00
Colin Walters
8de94004df libpriv: Change internal API to prepare SELinux
This function will be made public for use in package layering.
2016-01-03 09:45:14 -05:00
Colin Walters
e2fa1675f8 libpriv: Convert some SELinux labeling code to dirfd-relative
This is preparatory work for the package layering branch, which
will also reuse this code.
2016-01-03 08:00:10 -05:00
Jonathan Lebon
033830e0c0 postprocess.c: be more verbose when running script
We should tell the user that we will run the postprocess script *before*
we run it to help them diagnose issues if things go wrong.

Resolves: #188
2015-12-10 14:49:57 -05:00
Giuseppe Scrivano
bb2f32502b postprocess: provide --gzip and --reproducible to dracut if supported
This should help to generate the same initrd when the files didn't
change.

Newer versions of gzip (or pigz when available) can generate rsync
friendly files and if present, Dracut already takes advantage of it.

Also use --reproducible, to instruct Dracut to generate CPIO
reproducible files.  It is required a version of GNU CPIO that
has support for it.

Check that Dracut has --reproducible in its --help output before
setting it.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-11-04 12:33:55 +01:00
Colin Walters
60ed86228f compose: Don't do container stuff if we're in a container already
This helps avoid some failures.  See:
fbdb15cd95
2015-08-24 16:16:52 -04:00
Colin Walters
84d2d51576 postprocess: Don't use absolute paths for helpers like dracut
It moved from `/usr/sbin` -> `/usr/bin`, which obviously broke
rpm-ostree.

No reason to hardcode absolute paths here.
2015-06-15 13:44:52 -04:00
Colin Walters
07871a08fd libpriv: Further centralize (commit | root) -> (sack | rpmdb) code
While `rpm-util.c` may not best describe this, it's where most
of this code is ending up.  Let's further centralize things.

We more consistently return an `RpmOstreeRefSack` instead of a
`HySack`, where the former supports refcounting and knows how to clean
up its temporary directory if it was allocated from a commit.
2015-05-22 09:32:03 -04:00
Alexander Larsson
79cdcd1817 Support container: true in treefile
If this is set we don't do anything special for kernel or /boot, as
such things are not needed when running in a container.
2015-05-21 12:00:20 +02:00
Colin Walters
1c3a549ef9 postprocess: Handle Fedora rawhide kernel installation
The vmlinuz binary has moved to /usr/lib/modules, which is a change
mostly for the better, but we need to adapt.

Closes: https://github.com/projectatomic/rpm-ostree/pull/143
2015-05-12 13:51:12 -04:00
Colin Walters
c16058b66a libpriv: Move rpm/hawkey util functions into -rpm-util
`treepkgdiff` no longer describes the function of the file; as a baby
step towards unifying the db and hawkey code, move the functions into
that file.
2015-04-23 16:30:18 -04:00
Colin Walters
f3600e922e libpriv: Adjust internal package diff API to be fd-relative
We presently have 3 internal code paths that are doing rpmdb
inspection.  This conversion to fd-relative for one of them is a
generic cleanup preparatory to de-duplicating.

Note this bumps libglnx to include
381ca54ee3
2015-04-23 16:30:17 -04:00
Giuseppe Scrivano
3bf7926adc postprocess: do not hardcode /etc/machine-id
The file is automatically populated by systemd when it is empty.

Apparently it doesn't work when the file is missing (as of
systemd-219-9.fc22).

https://bugzilla.redhat.com/show_bug.cgi?id=1198700

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-04-23 11:37:50 +02:00
Colin Walters
a8a2049443 build: Split up src into app/ and libpriv/
We currently have an internal-only library, but the sources for it are
in the same dir as the app.  For future work on a public shared
library, we'll need a clearer source structure.

Start by just renaming the app files into `src/app/`, and the internal
private library into `src/libpriv/`, with the appropriate
`Makefile.am` changes.

Closes: https://github.com/projectatomic/rpm-ostree/pull/123
2015-04-08 16:17:06 -04:00