Commit Graph

2446 Commits

Author SHA1 Message Date
Dan Nicholson
31240982e7 core: Add verbose messages for pruning
When prune fails, it can be really difficult to figure out why. This at
least lets you know which objects are being considered.

https://bugzilla.gnome.org/show_bug.cgi?id=764006

Closes: #224
Approved by: cgwalters
2016-03-26 13:50:16 +00:00
Jonathan Lebon
b7a04d51f8 OstreeSePolicy: add ostree_sepolicy_get_csum()
This can be used as a fingerprint to determine whether two
OstreeSePolicy objects are equivalent.

Also add documentation for ostree_sepolicy_get_name().

Closes: #219
Approved by: cgwalters
2016-03-25 15:28:29 +00:00
Alexander Larsson
456f515522 Add --untrusted option to pull and pull-local
https://bugzilla.gnome.org/show_bug.cgi?id=764125

Closes: #221
Approved by: cgwalters
2016-03-25 12:56:55 +00:00
Alexander Larsson
ed1e0c6d04 pull: Add OSTREE_REPO_PULL_FLAGS_UNTRUSTED flag
If this is set we verify all objects we pull, even for local remotes,
and we avoid hard-linking into local source repos.

https://bugzilla.gnome.org/show_bug.cgi?id=764125

Closes: #221
Approved by: cgwalters
2016-03-25 12:56:55 +00:00
Colin Walters
f84c198006 tests: Add a test-abi
This would have caught a potential ABI regression in
https://bugzilla.gnome.org/show_bug.cgi?id=764056
(If we ran this test while building `--without-libarchive`)

Pull request: #218
Approved by: jlebon
2016-03-24 16:23:12 +00:00
Jonathan Lebon
309fe446c6 Merge pull request #220 from cgwalters/travis-stub
Add a stub .travis.yml
2016-03-24 11:49:41 -04:00
Colin Walters
9c195707c6 Add a stub .travis.yml
This is at the moment just so that we can use Homu.  In the future I'd
like to make travis just one of multiple PR testers we use.
2016-03-24 11:46:26 -04:00
Colin Walters
80698543c2 Release 2016.4 2016-03-23 15:45:59 -04:00
Dan Nicholson
7524e904b9 traverse: Require variant when traversing dirtree
The dirtree object is required for traversing, so don't use the
load_variant_if_exists() function. This will return a
G_IO_ERROR_NOT_FOUND to the caller rather than trying to ref a NULL
variant in ostree_repo_commit_traverse_iter_init_dirtree() if the object
is missing.

https://bugzilla.gnome.org/show_bug.cgi?id=764091
2016-03-23 15:36:04 -04:00
Colin Walters
7232b2940b tests: Add a commitpartial + prune test
Followup for previous commit.
2016-03-23 15:34:17 -04:00
Dan Nicholson
2ae7f619b2 prune: Don't fail on partial commits
If a commit only pull has been done, then the commit object exists in
the object store in addition to the commitpartial file. Traversing this
partial commit will likely fail, but that's expected. If traverse
returns a G_IO_ERROR_NOT_FOUND in this case, continue with pruning.

https://bugzilla.gnome.org/show_bug.cgi?id=764091
2016-03-23 15:34:17 -04:00
Alexander Larsson
ddf0a02f88 pull local: Don't import objects we already have
In particular, I noticed this because the pull failed when trying to
pull from a shallow repo which only had the new objects that was
needed.

https://bugzilla.gnome.org/show_bug.cgi?id=764059
2016-03-23 14:58:08 -04:00
Stef Walter
2454957e8d Fix building without libarchive
Although libarchive is an optional build option, the build
fails without it.

https://bugzilla.gnome.org/show_bug.cgi?id=764056
2016-03-23 13:55:34 -04:00
Colin Walters
09238da065 admin: Add an unlock command, and libostree API
I'm trying to improve the developer experience on OSTree-managed
systems, and I had an epiphany the other day - there's no reason we
have to be absolutely against mutating the current rootfs live.  The
key should be making it easy to rollback/reset to a known good state.

I see this command as useful for two related but distinct workflows:

 - `ostree admin unlock` will assume you're doing "development".  The
   semantics hare are that we mount an overlayfs on `/usr`, but the
   overlay data is in `/var/tmp`, and is thus discarded on reboot.
 - `ostree admin unlock --hotfix` first clones your current deployment,
   then creates an overlayfs over `/usr` persistent
   to this deployment.  Persistent in that now the initramfs switchroot
   tool knows how to mount it as well.  In this model, if you want
   to discard the hotfix, at the moment you roll back/reboot into
   the clone.

Note originally, I tried using `rofiles-fuse` over `/usr` for this,
but then everything immediately explodes because the default (at least
CentOS 7) SELinux policy denies tons of things (including `sshd_t`
access to `fusefs_t`).  Sigh.

So the switch to `overlayfs` came after experimentation.  It still
seems to have some issues...specifically `unix_chkpwd` is broken,
possibly because it's setuid?  Basically I can't ssh in anymore.

But I *can* `rpm -Uvh strace.rpm` which is handy.

NOTE: I haven't tested the hotfix path fully yet, specifically
the initramfs bits.
2016-03-23 11:09:09 -04:00
Colin Walters
0b1d301d81 libglnx porting: Use glnx_opendirat()
This unfortunately adds *more* `gs_file_get_path_cached()`, but we'll
fix that all in one go.
2016-03-23 10:26:01 -04:00
Colin Walters
18530894c7 libglnx porting: Use glnx_shutil_rm_rf_at()
In some cases (such as `ostree-sysroot-cleanup.c`), the surrounding
code would be substantially cleaner if it was also ported to
fd-relative, but I'm going to do that in a separate patch.

That way these patches are easier to review for mechanical
correctness.  I used an Emacs keyboard macro as the poor man's
[Coccinelle](http://coccinelle.lip6.fr/).
2016-03-23 10:26:01 -04:00
Colin Walters
d456fe5adb libglnx porting: Use glnx_set_error_from_errno
⚠️ There is a notable spiked pit trap here around
`posix_fallocate()` and `errno`.  This has bit other projects,
see e.g.
7bb87460e6

Otherwise the port was straightforward.
2016-03-23 10:26:01 -04:00
Colin Walters
614483ecd1 Use GSubprocess instead of GSSubprocess (libgsystem removal)
Since we hard-depend on GLib 2.40, we can start using GSubprocess.
This is part of dropping our dependency on libgsystem, which is
deprecated in favor of libglnx (as well as migrating things to GLib).
2016-03-23 10:26:01 -04:00
Colin Walters
afb6105a51 admin-switch: Add missing reboot argument
Spotted by jlebon in https://github.com/GNOME/ostree/pull/211
2016-03-23 09:42:17 -04:00
Simon McVittie
3f6f2e2a2f test-libarchive: fix underlinking
Signed-off-by: Simon McVittie <smcv@debian.org>
2016-03-21 13:03:06 -04:00
Simon McVittie
0a7e128782 Skip test_libarchive_ignore_device_file if we cannot write xattrs
The test tries to get a filesystem that supports xattrs by writing
to /var/tmp, but in some automated build environments the entire
build chroot is on a tmpfs.

Signed-off-by: Simon McVittie <smcv@debian.org>
2016-03-21 13:02:49 -04:00
Simon McVittie
35f412c86a tests/admin-test.sh: add #!/bin/sh
This is executable and appears to be intended to be executed directly,
so it should have a #! line.
2016-03-21 13:02:25 -04:00
Colin Walters
63e1c86dcd mkdocs: Fix the site name 2016-03-21 12:53:40 -04:00
Colin Walters
8894bb3949 deploy: Handle a read-only /boot
I'd like to encourage people to make OSTree-managed systems more
strictly read-only in multiple places.  Ideally everywhere is
read-only normally besides `/var/`, `/tmp/`, and `/run`.

`/boot` is a good example of something to make readonly.  Particularly
now that there's work on the `admin unlock` verb, we need to protect
the system better against things like `rpm -Uvh kernel.rpm` because
the RPM-packaged kernel won't understand how to do OSTree right.

In order to make this work of course, we *do* need to remount `/boot`
as writable when we're doing an upgrade that changes the kernel
configuration.  So the strategy is to detect whether it's read-only,
and if so, temporarily mount read-write, then remount read-only when
the upgrade is done.

We can generalize this in the future to also do `/etc` (and possibly
`/sysroot/ostree/` although that gets tricky).

One detail: In order to detect "is this path a mountpoint" is
nontrivial - I looked at copying the systemd code, but the right place
is to use `libmount` anyways.
2016-03-21 12:49:05 -04:00
Colin Walters
b842429bf2 manual: Migrate related projects wiki page into manual
This content currently lives here:
<https://wiki.gnome.org/Projects/OSTree/RelatedProjects>.  Moving it
into the manual in Markdown:

 - Makes it look better
 - It's more useful alongside the rest of the docs
 - Is much less crummy in general than the GNOME wiki
2016-03-18 13:11:54 -04:00
Alexander Larsson
cb60de0f95 Don't fail "ostree remote refs" if writing the summary cache is not permitted
It used to be allowed to run something like "ostree remote refs" on
a read-only (e.g. system) repo. However, the summary cache caused that to
break. This commit just makes it not save the cache if we get some kind
of permission error when writing it. It'll still work, even without the
cache.

https://bugzilla.gnome.org/show_bug.cgi?id=763855
2016-03-18 17:33:39 +01:00
Colin Walters
c58ad36840 libglnx porting: gs_transfer_out_value -> g_steal_pointer
It's a bit more verbose but...eh.
2016-03-18 12:08:19 -04:00
Colin Walters
b67f5364ac libglnx porting: xattr calls
These are straightforward as the libgsystem versions were already just
equivalent shims.
2016-03-18 12:08:19 -04:00
Colin Walters
684029daa3 libglnx porting: gs_free -> g_autofree
There were surprisingly few uses left.
2016-03-18 12:08:19 -04:00
Colin Walters
ac4c298061 libglnx porting: gs_fd_close -> glnx_fd_close
I'd like to eventually kill libgsystem.
2016-03-18 12:08:19 -04:00
Colin Walters
a02b425fc2 tests: Strengthen test tmpdir sanity check, be compat with ginsttest saving
GNOME Continuous uses ginstest-runner --report-directory, which causes
the tests to save their tmpdirs persistently.  This also means the
result directories didn't match the `/(var/)?tmp` regexp, which broke
the ostree tests in GContinuous.

Fix this by simply asserting that the tmpdir either has `.tmpdir` or
nothing.
2016-03-18 08:45:25 -04:00
Colin Walters
8057254b0b contrib/golang: Initial golang bindings
We were considering using this for Docker integration, but we may end
up going a different architectural path.  Anyways, it doesn't hurt to
have the bindings in here - they can do a few things.

I decided to fork some of the core code from
https://github.com/dradtke/gotk3 because...well, what we really need a
GIR-based core generator but I didn't want to start on the fully
correct thing until we knew we wanted it, and this was a quick hack.

Also, let's make a `contrib/` directory for things like this.
2016-03-17 09:02:24 -04:00
Colin Walters
f51d651b10 docs: Add a section on writing buildsystems
And add a test that is a demo buildsystem.
2016-03-16 17:15:58 -04:00
Micah Abbott
0b068c668a docs: Cleanup Markdown
I was going through the new version of the docs and noticed a few
problems.  Mostly URLs that aren't linked, extra whitespace, and a few
mis-spellings.

I ran the files through `aspell check` and made some manual changes
myself.

These changes were tested locally with `mkdocs serve`
2016-03-16 15:02:18 -04:00
Alexander Larsson
89624ee57d rofiles-fuse: Fix permission comparison
We want to allow write if the devinode is in the set,
not the other way around.

https://bugzilla.gnome.org/show_bug.cgi?id=763676
2016-03-16 16:30:53 +01:00
Alexander Larsson
9b919c8dd2 repo: Fix the skip-summary-if-summary.sig-is-same cache
This code was always downloading the summary even for a cache hit due
to a missing else.
2016-03-15 12:04:43 +01:00
Giuseppe Scrivano
2bb25a05b0 tests: add test for summary file caching
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2016-03-15 09:48:47 +01:00
Giuseppe Scrivano
cff4e48d02 prune: delete all cached summaries files
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2016-03-15 09:48:47 +01:00
Giuseppe Scrivano
2bf84d7e5d repo: use the skip summary download optimization for repo_remote_fetch_summary
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2016-03-15 09:48:47 +01:00
Giuseppe Scrivano
58b48424bc pull: cache summary and summary.sig
It allows an optimization to skip the download of the summary file
if its .sig file is unchanged.

Downloading the .sig file is much cheaper than downloading the summary
file from repositories with many branches.

https://bugzilla.gnome.org/show_bug.cgi?id=762973

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2016-03-15 09:48:47 +01:00
Giuseppe Scrivano
a98133072d libotutil: new function ot_openat_ignore_enoent
Refactor some common code

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2016-03-15 09:48:47 +01:00
Colin Walters
89514dd8ba docs: Reference the git docs on references 2016-03-09 14:07:52 -05:00
Colin Walters
6cc7238c4d build: Don't install test data without --enable-installed-tests
Otherwise $(installed_testdir) is empty so we try to put content in
`/`, which I noticed when trying to build an RPM (it works works fine
`sudo make install`).
2016-03-08 14:48:10 -05:00
Colin Walters
e2234e854d tests/basic: Fix race in timestamp test
%Z only uses seconds, so it's possible that we did the commit
in the same second, which made this test racy.

- Switch to full nanosecond precision using '%.Y' so it always differs
- Fix the inverted `cmp` usage
- Add a missing `ok`
2016-03-04 10:53:47 -05:00
Colin Walters
fea786cb2d lib: Add ostree_sysroot_load_if_changed() API
This will allow daemons like rpm-ostree to detect if there are any new
deployments efficiently, in combination with using inotify.  If there
are any changes, rpm-ostree wants publish them on DBus.

While we're here, add some changes to start doing unit C testing of
the sysroot API.
2016-03-03 21:56:23 -05:00
Colin Walters
ebd0370976 tests: Unify some tmpdir code, add ability for C to use libtest.sh
I want to be able to easily test the C API on actual data in an OSTree
repo.  The shell `libtest.sh` has code to generate it.  Bridge the two
worlds by introducing a little `libostreetest` library which has a C
API which spawns a shell that runs things in `libtest.sh`.

Yes, this is about as beautiful as it sounds, which is to say, it's
not.  But it works!

Note while we were here, I realized we were actually now creating
*two* tmpdirs per test in `make check` because the tap driver was
already doing that.  Unify it so we know the C code can rely on it.
2016-03-03 18:03:32 -05:00
Colin Walters
12db46e5af tests: More TAP fixups
Hopefully getting closer now.
2016-03-03 18:00:54 -05:00
Colin Walters
fbd9409ebb lib: Add ostree_sysroot_init_osname() API, bump mtime
And change the command line to use it.  rpm-ostree had a copy
of this code, and thus there's a clear reason to have an API.

While we're moving this into API, ensure the mtime on deploy is bumped
after an osname is created, so that daemons like rpm-ostree can notice
changes.  (In reality, creating the directory should do this, but
let's be double sure)
2016-03-03 14:21:57 -05:00
Colin Walters
7ace5d35bd docs/introduction: Note VMs vs baremetal 2016-03-03 14:20:44 -05:00
Colin Walters
0174224a2d tests: Convert two more exit 77 instances into TAP-compatible SKIP
Followup to https://github.com/GNOME/ostree/pull/194
2016-03-03 14:19:10 -05:00