Commit Graph

210 Commits

Author SHA1 Message Date
Colin Walters
eb35821a51 build-sys: Move bash completions to /usr/share/ by default
This is in line with the "/etc is for sysadmins", "/usr is OS" model;
e.g. systemd's bash completions go there.

Making this change since I was looking at the required spec file changes.

Closes: #1083
Approved by: mbarnes
2017-08-16 15:14:31 +00:00
Matthew Barnes
a11d696b4c bash: Add bash completion
Completes commands, options, commit checksums, ref names, remotes, and file paths.

Closes: #1077
Approved by: jlebon
2017-08-15 15:51:34 +00:00
Matthew Leeds
5682f4cc04 main: Fix subcommand usage output
This commit sets prgname correctly so that the "ostree subcommand
--help" output prints the subcommand rather than just "ostree".

This was removed in commit f0519e541f because it tripped the thread
sanitizer, but it's being added back conditionally so most users who
don't compile with -fsanitize=adress see proper help output.

Closes: #1054
Approved by: cgwalters
2017-08-05 00:55:36 +00:00
Colin Walters
79a88ac249 build-sys: Post-release version bump
Closes: #1029
Approved by: jlebon
2017-07-26 21:04:08 +00:00
Colin Walters
fa3e07e5d7 Release 2017.9
Closes: #1029
Approved by: jlebon
2017-07-26 21:04:08 +00:00
Colin Walters
8456fd5057 build: Turn off default warnings if we find -Werror specified
Our CI runs use `-Werror`; there's no point to our default warning set kicking
in, it just bloats the command line output.

Closes: #1023
Approved by: jlebon
2017-07-21 20:45:47 +00:00
Colin Walters
28ec43c41a build-sys: Post-release version bump
Closes: #994
Approved by: jlebon
2017-07-06 14:45:02 +00:00
Colin Walters
5a5e465492 Release 2017.8
Closes: #994
Approved by: jlebon
2017-07-06 14:45:02 +00:00
Philip Withnall
e3d4eeacbc lib/repo-finder: Add Avahi based OstreeRepoFinder implementation
This is a more complex implementation of OstreeRepoFinder which resolves
ref names to remote URIs by looking for refs advertised by peers on the
local network using DNS-SD records and mDNS (Avahi). The idea is to
allow OS and app updates to be propagated over local networks, without
the internet.

It requires an OSTree server and code to generate the DNS-SD adverts in
order to be fully functional — support for this will be added
separately.

Unit tests are included.

Includes fixes by Krzesimir Nowak <krzesimir@kinvolk.io>.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #924
Approved by: cgwalters
2017-06-26 15:56:07 +00:00
Philip Withnall
fd50c97322 build: Add ‘devel’ or ‘release’ to OSTREE_FEATURES for test-symbols.sh
test-symbols.sh was looking for the DevelBuild string, which is actually
part of the output from `ostree --version`, not $OSTREE_FEATURES.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #948
Approved by: cgwalters
2017-06-20 21:52:22 +00:00
Colin Walters
b69c6ba992 build-sys: Post-release version bump
Closes: #944
Approved by: jlebon
2017-06-19 15:51:27 +00:00
Colin Walters
2a082b20b8 main: DevelBuild=yes to ostree --version for devel builds
And use it in `test-symbols.sh`, to fix the `distcheck` case;
the previous change stopped distributing `libostree-devel.sym`
in release builds.

Closes: #944
Approved by: jlebon
2017-06-19 15:51:27 +00:00
Colin Walters
6729b7c264 Release 2017.7
Closes: #942
Approved by: jlebon
2017-06-19 14:54:59 +00:00
Colin Walters
a45dc0fd0b build-sys: Add "release build" flag, use for symbol versioning
I was trying to do a release and move the symbols from `-devel.sym` into
`-release.sym`, but it turns out that at least GNU binutils `ld` treats an empty
version script as a syntax error.  Fix this by adding a "release build"
flag, and only include `-devel` in non-release builds.

This would also make it easier to inject that flag into our `.pc` and
`ostree-version.h` and `ostree --version` metadata, but I didn't do that yet.

EDIT: Turns out a simpler fix is just to add an empty section. However I kept
this commit since it's a useful sanity check for whether we should include
`-devel.sym` in builds, and we may want to inject the metadata later.

Closes: #942
Approved by: jlebon
2017-06-19 14:54:59 +00:00
Colin Walters
2bab43fb22 lib: Split symbol versioning into -released and -devel
So far a lot of submitted PR have added symbols into the first
section.  Split the file into `-released` and `-devel` to make
this more obvious.

To further enforce things, we hardcode a checksum of the `-released`
file in `test-symbols.sh`.  Only release commits should update that
checksum.

Did you notice I like checksums?

Closes: #931
Approved by: pwithnall
2017-06-16 09:31:16 +00:00
Colin Walters
584735b1c9 build-sys: post-release version bump
Per request by flatpak.

Closes: #928
Approved by: alexlarsson
2017-06-14 14:51:25 +00:00
Colin Walters
e18cacb06e Don't install trivial-httpd man page if not enabled
I just noticed this scroll by in a file listing.

Closes: #905
Approved by: jlebon
2017-06-02 19:36:56 +00:00
Colin Walters
88792f0f22 Release 2017.6
There's already a lot queued.  In particular this brings some API
additions that rpm-ostree depends on.

Closes: #865
Approved by: jlebon
2017-05-17 21:08:37 +00:00
Colin Walters
30705889cb Switch to using a systemd generator for /var
If one wants to set up a mount for `/var` in `/etc/fstab`, it
won't be mounted since `ostree-prepare-root` set up a bind mount for
`/var` to `/sysroot/ostree/$stateroot/var`, and systemd will take
the already extant mount over what's in `/etc/fstab`.

There are a few options to fix this, but what I settled on is parsing
`/etc/fstab` in a generator (exactly like `systemd-fstab-generator` does),
except here we look for an explicit mount for `/var`, and if one *isn't* found,
synthesize the default ostree mount to the stateroot. Another nice property is
that if an admin creates a `var.mount` unit in `/etc` for example, that will
also override our mount.

Note that today ostree doesn't hard depend on systemd, so this behavior only
kicks in if we're built with systemd *and* libmount support (for parsing
`/etc/fstab`).  I didn't really test that case though.

Initially I started writing this as a "pure libc" program, but at one point
decided to use `libostree.so` to find the booted deployment. That didn't work
out because `/boot` wasn't necessarily mounted and hence we couldn't find the
bootloader config. A leftover artifact from this is that the generator code
calls into libostree via the "cmd private" infrastructure. But it's an easy way
to share code, and doesn't hurt.

Closes: #859
Approved by: jlebon
2017-05-16 16:13:05 +00:00
Philip Withnall
c9244b1bb2 build: Add --enable-experimental-api configure option for unstable APIs
There are currently no unstable APIs, but some will be added in
following commits. They will be built and exposed in the libostree
global symbol list iff configured with --enable-experimental-api.

Distributions should not package OSTree with --enable-experimental-api.
This is designed for previewing new APIs on controlled platforms; any of
the APIs hidden behind this option may be changed or removed at any
point.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #832
Approved by: cgwalters
2017-05-08 18:48:07 +00:00
Colin Walters
c7efe01520 Add --enable-installed-tests=exclusive, fix installed case
The major reason to do this is that running tests *both* installed
and uninstalled in our CI is a mostly pointless waste of time.
Particularly given we have a few expensive tests.

We *do* have tests that only run uninstalled (since they require
the source code) like `test-symbols.sh`.

Hence, add `--enable-installed-tests=exclusive` to mean *only* do installed for
most tests.

We'll still have uninstalled coverage via the Travis/Debian configs, and we
could perhaps do another build with a subset of uninstalled tests, but I'm not
really concerned about it.

I'd like to do a renewed push for the InstalledTests model since
I feel it's just fundamentally better.  (`g-d-t-r` kind of sucks,
but then so does the automake runner).

Also while we're here - fix the CI to use the correct context,
which started this mess.

Closes: #837
Approved by: dbnicholson
2017-05-08 18:34:10 +00:00
Colin Walters
f6f967f8d9 Bump release for 2017.5
This commit won't actually *be* 2017.5 since due to the way our infrastructure
works, we still want to increment git master to 2017.5.

See https://github.com/ostreedev/ostree/pull/800

Closes: #800
Approved by: jlebon
2017-04-18 18:21:13 +00:00
Colin Walters
8742287b11 Release 2017.4
Closes: #786
Approved by: jlebon
2017-04-12 18:41:22 +00:00
Colin Walters
562cb55f51 ci: Enable -Werror=unused-result with -Wp,-D_FORTIFY_SOURCE=2
(Also rename the other CI contexts to be more consistent)

We pass this right now. I just noticed an instance of this in bwrap, and I think
we should be trying to match the RPM build baseline.

Closes: #765
Approved by: jlebon
2017-03-28 18:56:18 +00:00
Colin Walters
94c47cde6a build: Various fixes for openssl build
This actually worked before because `pkg-config --cflags openssl`
is empty, and the linker was satisfying `-lssl -lcrypto` from our
indirect dependencies.

Also, in fact we *currently* just want `pkg-config libcrypto` i.e.
`-lcrypto`, since we aren't actually using openssl to speak TLS.

This doesn't actually matter on Fedora at least since they're both in the
`openssl-libs` package, but they are separate for a reason.

Closes: #749
Approved by: jlebon
2017-03-21 21:16:04 +00:00
Colin Walters
df5cbc9be9 core: Support building with OpenSSL for checksums
Add an OpenSSL backend to the checksum input stream, which is where we do a lot
of checksumming (object commit, static deltas).

The raw OpenSSL performance is
[approximately double](https://gist.github.com/cgwalters/169349fd1c06fd4fb4d3a7ce33303222) on
my laptop; not only does OpenSSL have e.g. hand-tuned x86_64 assembly, the
current implementation uses the
[Intel SHA extensions](https://en.wikipedia.org/wiki/Intel_SHA_extensions).

Another reason to do this is I was idly thinking about adding
[Curve25519](https://en.wikipedia.org/wiki/Curve25519) signatures (like e.g.
Alpine does) instead of/in addition to GPG.  The rationale for that is
that GPG is pretty heavyweight, both in code footprint and the simple
fact that EC keys are way smaller.

I didn't benchmark ostree with this; we have bigger performance problems
really like the fact we just malloc way too much.  But, it's a step
in the right direction I think in combination with the libcurl work
where we're linking to openssl anyways.

Closes: #738
Approved by: jlebon
2017-03-20 18:32:40 +00:00
Colin Walters
b825aac0ea Disable "ostree trivial-httpd" by default now
This goes farther along the path of deprecating it; consumers should
have been ported at this point.  Though probably a lot of people
may still use `rpm-ostree-toolbox`.

Closes: #723
Approved by: jlebon
2017-03-13 14:07:18 +00:00
Georges Basile Stavracas Neto
fda4a47cae libostree: add versioning macros
OSTree currently provides no way to inspect the versioning
information at run time, being only available at compile
time through pkg-config.

This is a problem for e.g. Flatpak, that needs to check
whether the 'update-frequency' option is available. Checking
at compile time isn't great since it's not looking for new
symbols, but only if an optional feature is present.

This commit, then, adds a new header that is generated
at compile time, exposing OSTree's versioning information.

Closes: #728
Approved by: cgwalters
2017-03-11 15:38:56 +00:00
Colin Walters
e02e900206 Release 2017.3
It's been almost a month, I think the current git is working well and
not too risky.  We have some new API additions which I think the
various consumers of them are going to want.

Closes: #726
Approved by: jlebon
2017-03-09 18:58:48 +00:00
Colin Walters
3219a5d0ee Allow and start using C99 declaration-after-statement
I've seen code in a few places that I think on balance is definitely better this
way.  Some of our functions have huge variable declaration sections.
This change includes one small example where we could start using declarations
after statements.

A concern I had was - how does this interact with `__attribute__((cleanup))` and
early returns? I tested it, and AFAICS the behavior is what you'd expect - the
cleanup function isn't called if its variable isn't reachable.

Closes: #718
Approved by: jlebon
2017-03-06 18:33:50 +00:00
Philip Withnall
f667a82fc1 build: Fix disabling --enable-man if xsltproc is not available
If --enable-man=maybe (the default), and xsltproc is not available, the
configuration code would check for it, correctly set enable_man=no, then
incorrectly overwrite that with enable_man=yes, which would result in
later trying to execute $(XSLTPROC) when it’s empty.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #720
Approved by: cgwalters
2017-03-06 13:48:17 +00:00
Colin Walters
cee57a0268 deploy/libmount: Fix build with old util-linux 2.23 (CentOS7)
https://github.com/ostreedev/ostree/pull/705 broke the build
on CentOS 7 which only has util-linux 2.23.

When I was thinking about this, I realized that there must really be a way to
make this safe even for older versions. Looking at that version of util-linux,
all we need to do is invert the order of frees so we `mnt_free_table()` *before*
`mnt_free_cache()`, like util-linux does:

https://github.com/karelzak/util-linux/blob/stable/v2.23/sys-utils/eject.c#L1131

We still use the `_unref()` versions if available.  I also fixed
the ordering there too for double plus redundant safety.

Closes: #712
Approved by: jlebon
2017-02-24 17:24:15 +00:00
Colin Walters
09b392675a main: Make ostree --version output YAML (and add gitrev)
I learned today that `docker version` does this and I really like
the idea.  While we have the patient open, also add the gitrev
with code taken from https://github.com/projectatomic/rpm-ostree/pull/584

Closes: #691
Approved by: giuseppe
2017-02-22 18:57:18 +00:00
Colin Walters
3ec509c89b build: Add --with-smack, use it to reset contexts for writing objects
At some point we'll want to follow what systemd is doing and add
better support for smack, along the lines of `OstreeSePolicy`.  However,
short term this patch fixes AGL which uses Smack.

See: https://jira.automotivelinux.org/browse/SPEC-386
See: https://github.com/ostreedev/ostree/pull/698

Closes: #698
Approved by: OYTIS
2017-02-22 14:37:19 +00:00
Colin Walters
da21d7350e Release 2017.2
We should get a release out to try to keep with at least a once-a-month cadence.
This one has some exciting stuff like libcurl and Rust, and various bugfixes.
Also importantly I want to cut this *before* we land some other bigger stuff, so
rpm-ostree can start using the reload_config API etc.

Closes: #685
Approved by: jlebon
2017-02-14 16:21:57 +00:00
Colin Walters
361aa449fb libcurl backend
For rpm-ostree, we already link to libcurl indirectly via librepo, and
only having one HTTP library in process makes sense.

Further, libcurl is (I think) more popular in the embedded space.  It
also supports HTTP/2.0 today, which is a *very* nice to have for OSTree.

This seems to be working fairly well for me in my local testing, but it's
obviously brand new nontrivial code, so it's going to need some soak time.

The ugliest part of this is having to vendor in the soup-url code. With
Oxidation we could follow the path of Firefox and use the
[Servo URL parser](https://github.com/servo/rust-url).  Having to redo
cookie parsing also sucked, and that would also be a good oxidation target.

But that's for the future.

Closes: #641
Approved by: jlebon
2017-02-09 16:37:45 +00:00
Colin Walters
d894f609db oxidation: Add implementation of bupsplit in Rust
This is an initial drop of "oxidation", or adding implementation
of components in Rust.  The bupsplit code is a good target - no
dependencies, just computation.

Translation into Rust had a few twists -

 - The C code relies a lot on overflowing unsigned ints, and
   also on the C promotion rules for e.g. `uint8_t -> int32_t`
 - There were some odd loops that I introduced bugs in while
   translating...in particular, the function always returns `len`,
   but I mistakenly translated to `len+1`, resulting in an OOB
   read on the C side, which was hard to debug.

On the plus side, an off-by-one array indexing in the Rust code paniced nicely.

In practice, we'll need a lot more build infrastructure to make this work, such
as using `cargo vendor` when producing build artifacts for example. Also, Cargo
is yet another thing we need to cache.

Where do we go with this? Well, I think we should merge this, it's not a lot of
code. We can just have it be an alternative CI target. Should we do a lot more
right now? Probably not immediately, but I find the medium/long term prospects
pretty exciting!

Closes: #656
Approved by: jlebon
2017-02-03 14:29:00 +00:00
Colin Walters
7803fe1d60 Rename to libOSTree
There are many motivating factors. The biggest is simply that at a practical
level, the command line is not sufficient to build a real system. The docs say
that it's a demo for the library. Let's make that more obvious, so people don't
try to use `ostree admin upgrade` for their real systems, and also don't use
e.g. `ostree commit` on the command line outside of test suites/quick hacking.

This change will also help clarify the role of rpm-ostree, which we will likely
be renamed to "nts". Then use of the term "ostree" will become much clearer. And
similarly for other people writing upgraders, they can say they use libostree.

I didn't try to change all of the docs and code at once, because it's going to
lead to conflicts.

The next big steps are:

  - Rename the github repo (github will inject a redirect)
  - Look at supporting a build where we don't do `ostree admin`, or at least
    it's only built for tests. We may want to split it off as a separate binary
    or so? That way people with their own upgraders don't need to ship it.

Closes: #659
Approved by: jlebon
2017-02-02 17:47:43 +00:00
Colin Walters
6517a8a27a Release 2017.1
Just bugfixes, but it's time to ship them.

Closes: #653
Approved by: jlebon
2017-01-23 20:37:28 +00:00
Colin Walters
c9d565a5a9 Release 2016.15
Closes: #632
Approved by: jlebon
2016-12-12 17:19:01 +00:00
Colin Walters
47b4dd1b38 Skip gjs-based tests if ASAN is enabled
Unfortunately, introspection uses dlopen(), which doesn't quite
work when the DSO is compiled with ASAN but the outer executable
isn't.

Trying to inject LD_PRELOAD=libasan means the outer executable has to
be leak free...which, yeah, I'm not going to get into running ASAN
today on gjs or pygobject.

So, let's skip those tests - ideally, we still run them in some other
context without the sanitizers.  The coverage we have from them is
middling anyways.

Closes: #622
Approved by: jlebon
2016-12-09 18:05:53 +00:00
Colin Walters
ef438c8d60 build: Error if glib isn't found
This is a bit extracted from my work on ASAN.

Closes: #625
Approved by: jlebon
2016-12-09 16:35:52 +00:00
Colin Walters
a2d627352d build: Add more default errors
Newer gcc has `-Wincompatible-pointer-types`, hooray!
Add a few others that we pass today.

Closes: #618
Approved by: jlebon
2016-12-07 16:44:15 +00:00
Colin Walters
7584dc0f25 Release 2016.14
Closes: #593
Approved by: jlebon
2016-11-23 16:20:49 +00:00
Colin Walters
36c8946870 Release 2016.13
Closes: #570
Approved by: jlebon
2016-11-10 17:24:39 +00:00
Colin Walters
d3f14f02e3 Release 2016.12
Closes: #540
Approved by: cgwalters
2016-10-21 19:24:31 +00:00
Colin Walters
a0e1344cf8 Release 2016.11
Closes: #524
Approved by: cgwalters
2016-10-07 19:21:41 +00:00
Colin Walters
54621d9e53 libglnx: Update to latest
This pulls in a new compilation flag for wrpseudo compatibility.  Also
note we need to add some includes since glnx-libcontainer went away,
and with it some includes for `sys/mount.h` etc.

Closes: #522
Approved by: cgwalters
2016-10-06 11:54:39 +00:00
Colin Walters
36e8ba124e Release 2016.10
Closes: #502
Approved by: cgwalters
2016-09-09 00:28:02 +00:00
Colin Walters
dd71999dc9 Release 2016.9
Closes: #481
Approved by: jlebon
2016-08-31 16:36:19 +00:00