IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
ostree-grub-generator can be used to customize
the generated grub.cfg file. Compile time
decision ostree-grub-generator vs grub2-mkconfig
can be overwritten with the OSTREE_GRUB2_EXEC
envvar - useful for auto tests and OS installers.
Why this alternative approach:
1) The current approach is less flexible than using a
custom 'ostree-grub-generator' script. Each system can
adjust this script for its needs, instead of using the
hardcoded values from ostree-bootloader-grub2.c.
2) Too much overhead on embedded to generate grub.cfg
via /etc/grub.d/ configuration files. It is still
possible to do so, even with this patch applied.
No need to install grub2 package on a target device.
3) The grub2-mkconfig code path has other issues:
https://bugzilla.gnome.org/show_bug.cgi?id=761180
Task: https://bugzilla.gnome.org/show_bug.cgi?id=762220Closes: #228
Approved by: cgwalters
test-sysroot.js runs libtestExec() twice, one of which is after
creating non-hidden directories in $(pwd), so this check needs to be
skipped the second time.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #234
Approved by: cgwalters
If we touch test-xattrs before sourcing libtest.sh, we get:
test tmpdir=/tmp/test-tmp-ostree_test-xattrs.sh.test-HSEXEY is not
empty; run this test via `make check TESTS=`, not directly
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #234
Approved by: cgwalters
This fixes the bug that in installed-tests that run testlib.sh under
"bash -c" (i.e. the C and JS tests), $(dirname $0) is "." and we can't do
the LD_PRELOAD correctly:
ERROR: ld.so: object './libreaddir-rand.so' from LD_PRELOAD cannot be
preloaded (cannot open shared object file): ignored.
Similarly, those tests can't copy gpghome correctly.
This also removes the confusing situation that SRCDIR in libtest.sh
(which is ${top_srcdir}/tests) does not mean the same thing as SRCDIR
in test-abi.sh (which is just ${top_srcdir}).
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #234
Approved by: cgwalters
It's not working for me in `make check` on a RHEL 7 Workstation,
apparently because no GPG agent is spawned. I'm guessing this has
something to do with the GPG version?
The downside of this is we will be less likely to notice if GPG
changes again and we start leaking agents like we're in The Matrix
Reloaded. But the real solution to that is containers anyways.
Closes: #233
Approved by: smcv
moreutils parallel isn't compatible with the command-line syntax
used here. Because it doesn't implement GNU-style --help and exits 1
when that option is given, this test was correctly skipped when
using moreutils parallel, but only by mistake.
moreutils parallel might conceivably gain --help and --version in
future, but hopefully nothing incompatible with GNU parallel is going
to gain a --gnu option.
Also use the --gnu option to force the new command-line semantics;
some versions optionally supported an incompatible command-line syntax
taken from moreutils parallel.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #232
Approved by: cgwalters
[smcv: split out from a larger commit, part of PR #231; add commit message]
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #232
Approved by: cgwalters
test-pull-untrusted.sh would pass when run as root, but fail when run
as testuser. It turned out that the way the files were stored in the
repo when running as a testuser were different, which meant that a
different .file object was chosen for corruption. Except that file
turned out to be a symlink, so the echo "broke" actually just wrote
to the no_such_file symlink target, thus keeping the actual symlink
file's checksum the same and causing the pull-local to pass when it
should have failed.
[smcv: split this out of a larger commit, part of PR #231]
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #232
Approved by: cgwalters
If installed-tests are disabled, it would normally be a static
(convenience) library, which isn't something we can LD_PRELOAD.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #232
Approved by: cgwalters
The "function foo()" syntax is bash-specific, and Colin indicated in
PR #226 that he prefers to require bash rather than trying to support
every POSIX shell.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #232
Approved by: cgwalters
Previously, the build-time tests would only pass if the g-i bindings to
OSTree were already installed, with a reasonably similar version.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #232
Approved by: cgwalters
The script created ./.testtmp but looked for ./.test, which isn't
going to work.
This means the various "ostree trivial-httpd --autoexit" processes
actually exit, because their web roots are cleaned up now.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #232
Approved by: cgwalters
Some autobuilder environments place the entire build chroot on tmpfs, so
even /var/tmp might not have this.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #232
Approved by: cgwalters
This is a follow up to #227 to allow ostree to open the editor also for
orphan commits when no subject or body is given on the cmdline.
Closes: #229
Approved by: cgwalters
The API supports this, and it's not hard for us to do in the command
line as well. One possible use case is separating "content
generation" in a separate server.
Related: https://github.com/ostreedev/ostree/pull/223Closes: #227
Approved by: jlebon
When I'm doing local development builds, it's quite common for me not
to want to accumulate history. There are also use cases for this on
build servers as well.
In particular, using this, one could write a build system that didn't
necessarily need to have access to (a copy of) the OSTree repository.
Instead, the build system would determine the last commit ID on the
branch, and pass that to a worker node, then sync the generated
content back.
The API supported generating custom commits that don't necessarily
reference the previous commit on the same branch, let's just expose
this in the command line for convenience.
I plan to also support this rpm-ostree.
Closes: #223
Approved by: jlebon
Just keeping my promise to write more documentation. There could be a
lot more to write here, but I'm trying to get a start done.
Closes: #222
Approved by: jlebon
On Debian and its derivatives, /bin/sh is a lightweight POSIX shell
(currently dash) which does not support the bash {foo,bar} syntax.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #226
Approved by: cgwalters
Now that OSTree is used as G_LOG_DOMAIN, set the main handler to match
so the appropriate messages are filtered. It would probably be more
appropriate to spell out "OSTree" in the code, but since G_LOG_DOMAIN is
being defined globally in the project, might as well reuse it here.
https://bugzilla.gnome.org/show_bug.cgi?id=764237Closes: #225
Approved by: cgwalters
This will allow ostree programs to filter log messages specifically for
OSTree instead of using the NULL domain for ostree debugging.
https://bugzilla.gnome.org/show_bug.cgi?id=764237Closes: #225
Approved by: cgwalters
If you have a repo where a needed object has been inadvertantly removed,
all you'll get is a "No such metadata object" error with no clue about
where it was referenced from.
Add some debug messages to provide clues about which objects are being
traversed and found.
https://bugzilla.gnome.org/show_bug.cgi?id=764006Closes: #224
Approved by: cgwalters
When prune fails, it can be really difficult to figure out why. This at
least lets you know which objects are being considered.
https://bugzilla.gnome.org/show_bug.cgi?id=764006Closes: #224
Approved by: cgwalters
This can be used as a fingerprint to determine whether two
OstreeSePolicy objects are equivalent.
Also add documentation for ostree_sepolicy_get_name().
Closes: #219
Approved by: cgwalters
The dirtree object is required for traversing, so don't use the
load_variant_if_exists() function. This will return a
G_IO_ERROR_NOT_FOUND to the caller rather than trying to ref a NULL
variant in ostree_repo_commit_traverse_iter_init_dirtree() if the object
is missing.
https://bugzilla.gnome.org/show_bug.cgi?id=764091
If a commit only pull has been done, then the commit object exists in
the object store in addition to the commitpartial file. Traversing this
partial commit will likely fail, but that's expected. If traverse
returns a G_IO_ERROR_NOT_FOUND in this case, continue with pruning.
https://bugzilla.gnome.org/show_bug.cgi?id=764091
I'm trying to improve the developer experience on OSTree-managed
systems, and I had an epiphany the other day - there's no reason we
have to be absolutely against mutating the current rootfs live. The
key should be making it easy to rollback/reset to a known good state.
I see this command as useful for two related but distinct workflows:
- `ostree admin unlock` will assume you're doing "development". The
semantics hare are that we mount an overlayfs on `/usr`, but the
overlay data is in `/var/tmp`, and is thus discarded on reboot.
- `ostree admin unlock --hotfix` first clones your current deployment,
then creates an overlayfs over `/usr` persistent
to this deployment. Persistent in that now the initramfs switchroot
tool knows how to mount it as well. In this model, if you want
to discard the hotfix, at the moment you roll back/reboot into
the clone.
Note originally, I tried using `rofiles-fuse` over `/usr` for this,
but then everything immediately explodes because the default (at least
CentOS 7) SELinux policy denies tons of things (including `sshd_t`
access to `fusefs_t`). Sigh.
So the switch to `overlayfs` came after experimentation. It still
seems to have some issues...specifically `unix_chkpwd` is broken,
possibly because it's setuid? Basically I can't ssh in anymore.
But I *can* `rpm -Uvh strace.rpm` which is handy.
NOTE: I haven't tested the hotfix path fully yet, specifically
the initramfs bits.
In some cases (such as `ostree-sysroot-cleanup.c`), the surrounding
code would be substantially cleaner if it was also ported to
fd-relative, but I'm going to do that in a separate patch.
That way these patches are easier to review for mechanical
correctness. I used an Emacs keyboard macro as the poor man's
[Coccinelle](http://coccinelle.lip6.fr/).
⚠️ There is a notable spiked pit trap here around
`posix_fallocate()` and `errno`. This has bit other projects,
see e.g.
7bb87460e6
Otherwise the port was straightforward.
Since we hard-depend on GLib 2.40, we can start using GSubprocess.
This is part of dropping our dependency on libgsystem, which is
deprecated in favor of libglnx (as well as migrating things to GLib).
The test tries to get a filesystem that supports xattrs by writing
to /var/tmp, but in some automated build environments the entire
build chroot is on a tmpfs.
Signed-off-by: Simon McVittie <smcv@debian.org>
