Commit Graph

7074 Commits

Author SHA1 Message Date
Colin Walters
1e430366b7
Merge pull request #3304 from dbnicholson/pages-redux
Redo pages workflow
2024-09-15 13:01:19 -04:00
Dan Nicholson
6d590db379 Redo pages workflow 2024-09-15 10:19:06 -06:00
Timothée Ravier
b18e78bfb8
Merge pull request #3301 from travier/main-github-artifact-v4
github/workflows/tests: Update actions/upload-artifact to v4
2024-09-14 00:34:08 +02:00
Timothée Ravier
db4be85546 github/workflows/tests: Update actions/{upload,download}-artifact to v4
See: https://github.blog/changelog/2024-02-13-deprecation-notice-v1-and-v2-of-the-artifact-actions/
See: https://github.blog/news-insights/product-news/get-started-with-v4-of-github-actions-artifacts/
Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-13 14:45:34 -04:00
Eric Curtin
81867f0444
Merge pull request #3287 from cgwalters/fix-memleak
lib/traverse: Fix minor memory leak
2024-09-07 01:30:25 +01:00
Colin Walters
413b0ad00e
Merge pull request #3292 from dbnicholson/var-slave-shared
switchroot: Stop making /sysroot mount private
2024-09-06 19:35:19 -04:00
Colin Walters
bd5b4adccd lib/traverse: Fix minor memory leak
I was trying to check something with `-fsanitize=address`
and it warned about this memory leak. It's...subtle, basically
we were leaking when the same commit was added to the hash table.

But unfortunately fixing that then complicates ownership
over the return value; what we really want to use here is
`g_hash_table_steal_all_keys` but RHEL 9.4 is still rocking
`glib2-2.68.4` so we can't use it.

(Rust would mean we wouldn't have leaked anything here in the
 first place...)

Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-06 18:52:33 -04:00
Dan Nicholson
2973ec5910 switchroot: Stop making /sysroot mount private
Back in 2b8d586c5, /sysroot was changed to be a private mount so that
submounts of /var do not propagate back to the stateroot /var. That's
laudible, but it makes /sysroot different than every other shared mount
in the root namespace. In particular, it means that submounts of
/sysroot do not propagate into separate mount namespaces.

Rather than make /sysroot private, make /var a slave+shared mount so
that it receives mount events from /sysroot but not vice versa. That
achieves the same effect of preventing /var submount events from
propagating back to /sysroot while allowing /sysroot mount events to
propagate forward like every other system mount. See
mount_namespaces(7)[1] and the linux shared subtrees[2] documentation
for details on slave+shared mount propagation.

When /var is mounted in the initramfs, this is accomplished with
mount(2) syscalls. When /var is mounted after switching to the real
root, the mount propagation flags are applied as options in the
generated var.mount unit. This depends on a mount(8) feature that has
been present since util-linux 2.23. That's available in RHEL 7 and every
non-EOL Debian and Ubuntu release. Applying the propagation from
var.mount fixes a small race, too. Previously, if a /var submount was
added before /sysroot was made private, it would have propagated back
into /sysroot. That was possible since ostree-remount.service orders
itself after var.mount but not before any /var submounts.

1. https://man7.org/linux/man-pages/man7/mount_namespaces.7.html
2. https://docs.kernel.org/filesystems/sharedsubtree.html

Fixes: #2086
2024-09-06 15:49:49 -06:00
Dan Nicholson
fae8941196 tests: Add mount propagation test
This tests the current behavior of making /sysroot a private mount so
that submounts on /var do not propagate back to /sysroot. It also shows
how submounts of /sysroot do not propagate into separate mount
namespaces for the same reason.
2024-09-06 15:49:43 -06:00
Eric Curtin
fbb1cc7e38
Merge pull request #3290 from cgwalters/include-grub-stderr
grub2: Show output when run in systemd by default
2024-09-03 15:36:26 +01:00
Colin Walters
cdbe93dc9b grub2: Show output when run in systemd by default
xref https://github.com/coreos/rpm-ostree/issues/5071

Hiding errors by default is painful. At least as of
recently in Fedora it looks like the command is nice
and quiet by default, I only see

```
Generating grub configuration file ...
Adding boot menu entry for UEFI Firmware Settings ...
done
```

Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-03 08:55:35 -04:00
Eric Curtin
4207d92365
Merge pull request #3285 from cgwalters/drop-deploy-print
tests: Attempt to update auto-prune test
2024-08-30 21:40:33 +01:00
Colin Walters
4f46d06ba8 deploy: Log to journal for boot space, not stderr
bootc doesn't run as a systemd unit, and this pollutes stderr.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-08-30 15:00:27 -04:00
Eric Curtin
2b01c93cd9
Merge pull request #3283 from cgwalters/fix-more-coverity-dirname
sysroot: Make coverity happy with dirname+strdup
2024-08-16 00:26:52 -04:00
Colin Walters
62284ea3ec
Merge pull request #3284 from cgwalters/even-more-readlinkat
commit/payload-link: Ensure we don't overrun target_checksum size
2024-08-15 13:42:20 -04:00
Colin Walters
7683eb5aa4 commit/payload-link: Ensure we don't overrun target_checksum size
This is another warning from recently changed code from Coverity:

```
1. Defect type: OVERRUN
16. libostree-2024.7/src/libostree/ostree-repo-commit.c:823:7: overrun-buffer-arg: Overrunning array "target_checksum" of 65 bytes by passing it to a function which accesses it at byte offset 258 using argument "size" (which evaluates to 259). [Note: The source code implementation of the function has been overridden by a builtin model.]
```

I think this can only happen if the repository is corrupt; the
data shouldn't be that long. But fix this by passing the max
length we expect; this will ignore the rest currently.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-08-15 12:15:50 -04:00
Colin Walters
70430fe02b sysroot: Make coverity happy with dirname+strdup
Similar to d528083cae - I don't
believe we actually had a leak here because `dirname` always
returns the same start pointer, but this makes Coverity
happy.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-08-15 11:29:22 -04:00
Colin Walters
0d5e554b69
Merge pull request #3282 from cgwalters/drop-deploy-print
deploy: Log to journal for boot space, not stderr
2024-08-14 16:50:43 -04:00
Colin Walters
3d07a808ce deploy: Log to journal for boot space, not stderr
bootc doesn't run as a systemd unit, and this pollutes stderr.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-08-14 09:09:15 -04:00
Colin Walters
28c184f244
Merge pull request #3281 from cgwalters/fix-readlinkat-payload-link
repo: NUL terminate readlinkat result
2024-08-09 16:10:05 -04:00
Colin Walters
f08cea998e repo: NUL terminate readlinkat result
Coverity was correctly complaining about this.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-29 17:14:12 -04:00
Colin Walters
d260d918dd tests: Add a payload link unit test
Motivated by changing this code.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-29 17:08:03 -04:00
Colin Walters
5dac2adef6
Merge pull request #3280 from cgwalters/release
Release 2024.7
2024-07-19 07:10:51 -04:00
Colin Walters
68679e03b3 Post-release version bump
Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-18 17:55:21 -04:00
Colin Walters
4941d9cd0d Release 2024.7
Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-18 17:55:21 -04:00
Colin Walters
4b96359e10
Merge pull request #3277 from cgwalters/karg-disable-composefs
prepare-root: Add ostree.prepare-root.composefs
2024-07-11 20:08:38 -04:00
Colin Walters
e226c87614 prepare-root: Add ostree.prepare-root.composefs
We have a use case for overriding the composefs state via
the kernel commandline; see e.g.
https://gitlab.com/fedora/bootc/tracker/-/issues/27

Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-11 17:04:09 -04:00
Colin Walters
5378fe2aa9
Merge pull request #3276 from cgwalters/parse-bool
keyfile-utils: Add API to parse tristate strings
2024-07-11 16:06:35 -04:00
Colin Walters
65ff404195 prepare-root: Gather kernel cmdline early
Prep for parsing the composefs config from the kernel cmdline.
No functional changes intended.
2024-07-10 17:52:28 -04:00
Colin Walters
26abca7126 keyfile-utils: Add API to parse tristate strings
Prep for using this in multiple places. Add unit tests.
2024-07-10 17:52:28 -04:00
Colin Walters
47edd1a2a9 keyfile-utils: Add API to parse tristate strings
Prep for using this in multiple places. Add unit tests.
2024-07-10 17:21:57 -04:00
Colin Walters
97fb11127b
Merge pull request #3275 from ueno/wip/dueno/glib-2.44
libostree: Remove compatibility code with GLib < 2.44
2024-07-10 08:27:45 -04:00
Daiki Ueno
a0bd18945f libostree: Remove compatibility code with GLib < 2.44
As the build system has required GLib 2.44 since commit
eb09207e1a, the manual expansion of
G_DECLARE_INTERFACE and G_DECLARE_FINAL_TYPE is no longer necessary.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
2024-07-10 10:22:07 +09:00
Colin Walters
d7eb9a1040
Merge pull request #3273 from cgwalters/drop-library-printf
sysroot: Use journal rather than printf()
2024-07-08 09:56:26 -04:00
Colin Walters
772801faf0 sysroot: Use journal rather than printf()
Fix the TODO here; this was making some bootc output
ugly.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-08 07:52:39 -04:00
Colin Walters
9b977e2828
Merge pull request #3265 from lukewarmtemp/2023.8-3-coverity-scan
2023.8-3 coverity scan
2024-06-27 13:05:53 -04:00
Luke Yang
e99693c787 prepare: Create global var for tmp_sysroot_etc
Coverity points out that ""/sysroot.tmp/etc"" could be a copy-paste
error. This is mistake from coverity, but to supress the warning,
we create a global var, tmp_sysroot_etc, which replaces all
instances of TMP_SYSROOT "/etc".
2024-06-20 15:09:11 -04:00
Luke Yang
d528083cae repo: Fix dir_or_file_path memory leak
Coverity points out that we have a memory leak from
`g_strdup(dir_or_file_path)`. Make the duplication of the string a
temporary variable that is freed using `g_autofree`.
2024-06-20 15:09:11 -04:00
Luke Yang
20d5bc8453 commit: Null terminate target_buf var
Coverity points out that we are passing an unterminated string to
sprintf(). Fix by using snprintf() which stores the content as a C
string.
2024-06-20 15:09:11 -04:00
Luke Yang
dc9eaef1e5 tree: Fix name memory leak
Coverity points out that we have a memory leak from `g_strdup(name)`.
`insert_child_mtree()` takes a const char * and duplicates it.
`name` can be passed directly to `insert_child_mtree()`.
2024-06-20 15:09:11 -04:00
Colin Walters
0ea7d2e326
Merge pull request #3269 from cgwalters/fix-ordering
remount: Drop `Before=systemd-sysusers.service`
2024-06-20 11:54:23 -04:00
Colin Walters
1db6911e41
Merge pull request #3270 from cgwalters/bump-runners
ci: Bump bootc e2e to latest ubuntu, drop docker
2024-06-20 11:23:27 -04:00
Colin Walters
0153abe4bb ci: Bump bootc e2e to latest ubuntu, drop docker
As newer docker refuses to talk to ancient skopeo.
Update this to use podman directly, also add the missing `-v /dev:/dev`.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-06-20 09:52:38 -04:00
Colin Walters
1544d20560
Merge pull request #3268 from ueno/wip/dueno/composefs-doc-fixes
Minor cleanup related to composefs
2024-06-20 09:18:55 -04:00
Colin Walters
b0ab531e08 remount: Drop Before=systemd-sysusers.service
This created an ordering cycle, and I merged over red CI
for bad reasons.
2024-06-20 09:18:08 -04:00
Daiki Ueno
371540f9ab repo: Remove leftover OpenSSL includes
This removes OpenSSL includes for PKCS#7, previously used to generate
fs-verity builtin signatures.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
2024-06-20 15:06:49 +09:00
Daiki Ueno
023888d8a3 docs/composefs: Fix reference to ostree sign
Signed-off-by: Daiki Ueno <dueno@redhat.com>
2024-06-20 15:06:46 +09:00
Colin Walters
f280b1216b
Merge pull request #3266 from ericcurtin/if-file-missing-on-relabel-continue
remount: ignore ENOENT error during SELinux relabeling
2024-06-18 14:14:02 -04:00
Eric Curtin
e25ca8099f remount: ignore ENOENT error during SELinux relabeling
Ignore ENOENT error in selinux_restorecon to avoid failures when
temporary files created by systemd-sysusers in /etc are missing during
relabeling. This prevents errors such as:

  "Failed to relabel /etc/.#gshadowJzu4Rx: No such file or directory"

and allows the process to continue.

Co-Authored-By: Alexander Larsson <alexl@redhat.com>
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
2024-06-18 18:43:51 +01:00
Colin Walters
8f559e94b7
Merge pull request #3261 from cgwalters/validate-xattrs
core: Validate that xattr names aren't empty
2024-06-04 13:32:20 -04:00