Commit Graph

6569 Commits

Author SHA1 Message Date
Eric Curtin
a31f779871
Merge pull request #2967 from cgwalters/drop-trivial-httpd-entrypoint
More fully drop `trivial-httpd` entrypoint
2023-08-04 10:07:09 +01:00
Colin Walters
60b4655677 More fully drop trivial-httpd entrypoint
It's just part of the tests and we should no longer
support `ostree trivial-httpd`.

This is a followup cleanup to previous work.
2023-08-03 15:10:11 -04:00
Eric Curtin
09160c1a2b
Merge pull request #2962 from cgwalters/os-init-remount
os-init: Create a mount namespace
2023-08-02 20:41:32 +01:00
Colin Walters
ac42e29d66 os-init: Create a mount namespace
Today on anything using readonly sysroot `os-init` fails, because
we don't create a mount namespace if the `UNLOCKED` flag is specified
because we assume it's a readonly operation.

Since technically this is a mutation, let's just lock the sysroot
and use the tested path.
2023-08-02 14:32:22 -04:00
Joseph Marrero Corchado
113e575e8e
Merge pull request #2963 from cgwalters/more-gfileinfo-fix
composefs: Only call `_get_symlink_target()` on symlinks
2023-08-02 13:44:05 -04:00
Colin Walters
15cb0b47b1 composefs: Only call _get_symlink_target() on symlinks
This fixes a warning from newer glib that we're now seeing
in the Debian testing CI runs.
2023-08-01 21:29:04 -04:00
Colin Walters
f44909f8a2
Merge pull request #2960 from ostreedev/dependabot/submodules/libglnx-c02eb59
build(deps): bump libglnx from `07e3e49` to `c02eb59`
2023-07-31 11:04:26 -04:00
dependabot[bot]
a16a14a67b
build(deps): bump libglnx from 07e3e49 to c02eb59
Bumps libglnx from `07e3e49` to `c02eb59`.

---
updated-dependencies:
- dependency-name: libglnx
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-31 12:29:54 +00:00
Eric Curtin
fd968d5939
Merge pull request #2957 from cgwalters/transaction-test-suppress-global-sync
tests/destructive: Turn off global sync()
2023-07-31 10:55:39 +01:00
Colin Walters
6470429b2b tests/destructive: Turn off global sync()
Let's verify that things work with that off, as they should.

Previously:
cb73129483
"deploy: Add a 5s max timeout on global filesystem sync()"

But we may still have problems even with that, see
https://issues.redhat.com/browse/OCPBUGS-15917
where it might be that even a thread doesn't work because
we're locked in the kernel.
2023-07-28 17:59:28 -04:00
Eric Curtin
a2663e8041
Merge pull request #2956 from cgwalters/finalize-more-verbose
deploy: Be way more verbose about what we're doing
2023-07-28 16:16:57 +01:00
Colin Walters
3d881fee41 deploy: Be way more verbose about what we're doing
This will help us debug bugs like https://issues.redhat.com/browse/OCPBUGS-15917
in the future.
2023-07-27 14:08:15 -04:00
Eric Curtin
1aed5d7cf9
Merge pull request #2954 from cgwalters/harden-gvariant-get-data
Harden gvariant get data
2023-07-27 15:41:24 +01:00
Colin Walters
5b37259607 checksum-utils: Add an assertion that buf != NULL
Another hardening against https://bugzilla.redhat.com/show_bug.cgi?id=2217401
2023-07-26 18:09:28 -04:00
Colin Walters
0392b54602 core, switchroot: Harden a bit against g_variant_get_data() == NULL
I'm not totally sure this is the cause of
https://bugzilla.redhat.com/show_bug.cgi?id=2217401
but analyzing the code a bit it seems the most likely.
2023-07-26 18:09:28 -04:00
Eric Curtin
d7d661218e
Merge pull request #2953 from samcday/patch-1
docs: update boot loader spec link
2023-07-26 15:10:27 +01:00
Eric Curtin
66e425534e
Merge pull request #2930 from cgwalters/prepare-root-config3
prepare-root: Introduce ostree/prepare-root.conf && sysroot.readonly improvements
2023-07-26 10:17:35 +01:00
samcday
b5397887e3
docs: update boot loader spec link 2023-07-25 21:42:41 +02:00
Eric Curtin
af52a88d5f
Merge pull request #2952 from cgwalters/silence-variant-lookup
tree-wide: Consistently `(void)g_variant_lookup()`
2023-07-25 17:36:12 +01:00
Colin Walters
13e7ae907d tree-wide: Consistently (void)g_variant_lookup()
Coverity warns when we're checking the return value in most-but-not-all
instances.  The code is correct in these instances; we're initializing
the values to defaults.  So add a `(void)` cast like we are doing
in many other places.
2023-07-25 11:28:23 -04:00
Colin Walters
3465626015 prepare-root: Don't parse target root when composefs enabled
We shouldn't load anything from the target root filesystem *before*
verifying its integrity if composefs is enabled.

In effect, we want to force composefs users to migrate to
`/usr/lib/ostree/prepare-root.conf` which lives in the initramfs.
(But because we enable sysroot.readonly=true if composefs is enabled
 too, they don't actually need to)
2023-07-25 09:15:11 -04:00
Colin Walters
83d37d6d3c prepare-root: Default sysroot.readonly=true if composefs
Not because it's logically required or anything, but because
it's just a good idea.
2023-07-25 09:15:11 -04:00
Colin Walters
22b8e4f953 prepare-root: Introduce ostree/prepare-root.conf
Using the repository configuration for configuration of this
program was always a bit hacky.

But actually with composefs, we really must validate
the target root *before* we parse anything in it.

Let's add a config file for `ostree-prepare-root` that can live
in the initramfs, which will already have been verified.

In the future we'll also add configuration for composefs here.

We expect OS builders to drop this in `/usr/lib/ostree/prepare-root.conf`,
but system local configuration can live in `/etc`.
2023-07-25 09:15:09 -04:00
Eric Curtin
250c40a671
Merge pull request #2948 from cgwalters/composefs-more-cleanups
composefs: Use lowerdir in /run
2023-07-25 10:25:29 +01:00
Eric Curtin
3f594b04aa
Merge pull request #2951 from cgwalters/errprefix-sysroot
sysroot: Add a bit more error prefixing
2023-07-24 21:07:28 +01:00
Eric Curtin
5e2eedeec9
Merge pull request #2949 from cgwalters/kargs-cleanup
kernel-args: Move private functions out of public header
2023-07-24 21:06:59 +01:00
Colin Walters
cf525ee619 repo: Clarify when we fail to parse a remote
This would have directly pointed at the failing config file.
2023-07-24 08:54:29 -04:00
Colin Walters
70d790abea sysroot: Add a bit more error prefixing
While an error message I saw was pretty clear, this would
be even more explicit.
2023-07-24 08:48:51 -04:00
Eric Curtin
82da0e169b
Merge pull request #2950 from cgwalters/generator-cleanup
generator: Some cleanup
2023-07-24 10:52:41 +01:00
Colin Walters
d7fe9e54ed kernel-args: Move private functions out of public header
External users can't call `_` prefixed APIs, so move them
to a `-private.h`.
2023-07-23 13:22:14 -04:00
Colin Walters
303e7eb2e1 src/generator: Move all logic into libostree-1.so
This pushes down the code for parsing the `ostree=` cmdline
in the generator into code that's part of libostree-1.so.

This is prep for using logic shared in libotcore.la.

But in general it's just cleaner to also keep the binary
entrypoint to just be a trampoline into the C library.
2023-07-23 10:47:19 -04:00
Colin Walters
ec1109c7a9 generator: Stop creating /run/ostree-booted
This must have always been dead code.  We're trying to iterate
towards a place where it's only `ostree-prepare-root.c` which
parses the `ostree=` kernel argument, and canonically sets up
`/run/ostree-booted`.
2023-07-23 10:40:20 -04:00
Colin Walters
64afbcdeb0 composefs: Use lowerdir in /run
I just noticed that this was another constant string duplicated
between prepare-root.c and libostree-1.so, and I went to make
it a common `#define` in libotcore.la.

But then I thought "it's ugly to have this directory mixed into
the deployment namespace" because in some theoretical world
it could also be in the ostree commit, which would cause weird
behavior.

I think this is transient state that is better in `/run`, so move
it there.
2023-07-22 16:46:17 -04:00
Eric Curtin
4c0e5b1ef7
Merge pull request #2942 from ostreedev/android-bootloader-parsing
bootloader: fold all Android Bootloader specific logic into prepare-root
2023-07-20 21:58:11 +01:00
Colin Walters
a035c2e21c
Merge pull request #2946 from cgwalters/add-inode-fix-feature
Add an always-on `inode64` feature
2023-07-20 15:12:31 -04:00
Colin Walters
8ce7bbe199 Add an always-on inode64 feature
As I (and others) will be backporting the fix in
de6fddc6ad
pretty far, I want a way for sysadmins and OS builders to
be able to reliably see when their version of ostree has this fix
(Because comparing version numbers isn't portable).
2023-07-20 13:50:25 -04:00
Eric Curtin
c89baaed77 bootloader: fold all Android Bootloader specific logic into prepare-root
Now that we use androidboot.slot_suffix karg to determine whether we
boot into /ostree/root.a or /ostree/root.b, we can use ostree= karg
simply for parsing the stateroot, although we will still boot into
what's pointed to by /ostree/root.a or /ostree/root.b.
2023-07-20 12:31:01 +01:00
Joseph Marrero Corchado
559361655d
Merge pull request #2943 from cgwalters/mount-cleanup
prepare-root: Drop code mounting `/proc`
2023-07-19 10:35:27 -04:00
Joseph Marrero Corchado
253e7758d3
Merge pull request #2944 from cgwalters/prepare-root-more-cleanup
prepare-root: Drop more dead code
2023-07-19 10:34:46 -04:00
Colin Walters
e61226a8d7 prepare-root: Drop more dead code
Most of this was used for the old composefs signature model.  We
now reuse the core signature code and link to glib, so we don't
need reimplementations of hex strings and reading files.
2023-07-19 09:13:53 -04:00
Colin Walters
41cda3bd2a prepare-root: Drop code mounting /proc
This must be done by the init process here; it was always
dead code in the initramfs path.

We keep the copy of this code in the now-forked -static.c.
2023-07-19 09:12:10 -04:00
Eric Curtin
b258375f05
Merge pull request #2938 from cgwalters/dedup-ostree-parsing
generator: Deduplicate ostree= karg parsing
2023-07-18 14:35:45 +01:00
Eric Curtin
b548ff74a2
Merge pull request #2939 from cgwalters/ed25519-cleanups
sign-ed25519: Minor cleanups
2023-07-18 14:33:58 +01:00
Colin Walters
6966979c5e generator: Deduplicate ostree= karg parsing
Avoid having two copies of a regular expression for parsing
the `ostree=` kernel argument.  Because the `ostree-system-generator`
binary already has access to the internals because it's implemented
in the shared library, expose the sysroot version internally
and use that.

Motivated by an attempt to change one of these copies but not
the other.
2023-07-18 08:29:09 -04:00
Colin Walters
fc303da67d sign-ed25519: Don't set sk unless we've validated it
The semantics of this function now keep the key assigned
even if we fail to validate it, which is ugly.  Only assign
the key after verifying its length.
2023-07-18 08:25:36 -04:00
Colin Walters
3a18a5570d sign-ed25519: Add some comments for data structure
Like poor man's generics.
2023-07-18 07:55:14 -04:00
Colin Walters
fb40e55990 sign-ed25519: More verbose errors for invalid length
Add a helper to compare lengths which includes the found
and expected values.  Use it consistently.

The error message "Incorrect" is misleading; one might think
one had the *wrong* key.  "Ill-formed" makes it clearer that
we're not parsing it at all.
2023-07-18 07:55:14 -04:00
Colin Walters
1a2fac371b tests: Remove dead references to "SEED"
Nothing uses this.
2023-07-18 07:55:14 -04:00
Colin Walters
1c0fd7d458
Merge pull request #2937 from ericcurtin/ostree2androidboot.slot_suffix
android-boot: Remove dependency on ostree= karg, use androidboot.slot_suffix=
2023-07-17 09:46:02 -04:00
Eric Curtin
355cd72705 Remove steal_pointer and steal_pointer_impl as we link in glib now
These were necessary to keep initramfs small, but now we link in glib
anyway so these functions are now redundant.
2023-07-17 13:23:27 +01:00