Commit Graph

59 Commits

Author SHA1 Message Date
Colin Walters
1242704d68 build: Unify CPPFLAGS settings
The libostree core uses SYSCONFDIR now, so we should ensure it's used
consistently.  Someone else was seeing SYSCONFDIR not being defined
while compiling with a newer automake version, which may process
CPPFLAGS more precisely.
2014-09-08 11:47:58 -04:00
Colin Walters
f8f5da219e Add repository "summary" file and metalink support
For Fedora and potentially other distributions which use globally
distributed mirrors, metalink is a popular solution to redirect
clients to a dynamic set of mirrors.

In order to make metalink work though, it needs *one* file which can
be checksummed.  (Well, potentially we could explode all refs into the
metalink.xml, but that would be a lot more invasive, and a bit weird
as we'd end up checksumming the checksum file).

This commit adds a new command:

$ ostree summary -u

To regenerate the summary file.  Can only be run by one process at a
time.

After that's done, the metalink can be generated based on it, and the
client fetch code will parse and load it.

https://bugzilla.gnome.org/show_bug.cgi?id=729585
2014-09-03 13:21:52 -04:00
Colin Walters
b4d21e9406 deploy: Set the immutable bit on the deployment root
This prevents people from creating new directories there and expecting
them to be persisted.  The OSTree model has all local state to be in
/etc and /var.

This introduces a compile-time dependency on libe2fsprogs.

We're only doing this for the root directory at the moment.

https://bugzilla.gnome.org/show_bug.cgi?id=728006
2014-06-03 13:41:48 -04:00
Colin Walters
7ccfc93f71 build: Add missing DESTDIR
Hooray for read-only bind mounts and building as non-root.
2014-05-09 09:07:00 -04:00
Colin Walters
f47a20fb81 Support /etc/ostree/remotes.d
For many OS install scenarios, one runs through an installer which may
come with embedded data, and then the OS is configured post-install to
receive updates.

In this model, it'd be nice to avoid the post-install having to rewrite
the /ostree/repo/config file.

Additionally, it feels weird for admins to interact with "/ostree" -
let's make the system feel more like Unix and have our important
configuration in /etc.

https://bugzilla.gnome.org/show_bug.cgi?id=729343
2014-05-08 18:59:24 -04:00
Colin Walters
25ad4a9f65 pull: Add tls-client-cert-{path,key} (if we have new enough libsoup)
This is an actually working version of client-side certificates.
Depends on:
See: https://bugzilla.gnome.org/show_bug.cgi?id=334021

We detect whether libsoup is new enough for this.

https://bugzilla.gnome.org/show_bug.cgi?id=729356
2014-05-01 17:13:13 -04:00
Colin Walters
006e8f0073 deltas: Link to liblzma, add internal API to use it
For future static deltas work, we'll be linking to liblzma.  Since
it's fairly widespread, let's just make it a hard dependency.
2014-04-29 10:59:57 -04:00
Colin Walters
1bdabda5f3 Use external libgsystem 2014.2
It's been split off for a while, let's kill the code duplication.

Among other things, this fixes the systemd detection for the journal
logging.
2014-04-04 16:52:37 -04:00
Colin Walters
7baa600e23 Add an OstreeSysrootUpgrader API
This moves some utility code from the ostree tool into the shared
library, which will make it easier to consume by external tools.
2014-03-24 18:08:22 -04:00
Colin Walters
3337334be5 libostree: Split off SELinux OstreeSePolicy class
It's better if this is independent from the OstreeSysroot; for
example, a policy is active in a given deployment root at once, not
for a sysroot globally.

We can also collect SELinux-related API in one place.

Unfortunately at the moment there can be only one instance of this
class per process.
2014-02-19 08:43:45 -05:00
Colin Walters
2d6374822b Initial basic static delta code drop
This has a very basic level of functionality (deltas can be generated,
and applied offline).  There is only some stubbed out pull code to
fetch them via HTTP.

But, better to commit this now and improve it from a known starting
point, rather than have it languish in a branch.
2014-02-04 10:31:44 -05:00
Colin Walters
c7bcfc1c61 build: Look for /usr/bin/gpgv2 vs /usr/bin/gpgv
For some reason, RHEL has gpgv, but Fedora doesn't.  We need to detect
which to use, since presumably Debian only has gpgv.
2014-01-30 19:32:59 -05:00
Colin Walters
ebe6207847 build: Install README-gpg in /usr/share/ostree/trusted.gpg.d
Since this is what the current code actually reads.
2014-01-30 15:28:13 -05:00
Colin Walters
b2d0ba7ac1 deploy: Rework kernel arguments, add --karg-append to "admin deploy"
The "ordered hash" code was really just for kernel arguments.  And it
turns out it needs to be a multihash (for e.g. multiple console=
arguments).

So turn the OstreeOrderedHash into OstreeKernelArgs, and move the bits
to split key=value and such into there.

Now we're not making this public API yet - the public OstreeSysroot
just takes char **kargs.  To facilitate code reuse between ostree/ and
libostree/, make it a noinst libtool library.  It'll be duplicated in
the binary and library, but that's OK for now.  We can investigate
making OstreeKernelArgs public later.

https://bugzilla.gnome.org/show_bug.cgi?id=721136
2014-01-16 15:07:55 -05:00
Colin Walters
c65923e642 Add OstreeAsyncProgress, use it for ostree_repo_pull
Several APIs in libostree were moved there from the commandline code,
and have hardcoded g_print() for progress and notifications.  This
isn't useful for people who want to write PackageKit backends, custom
GUIs and the like.

From what I can tell, there isn't really a winning precedent in GLib
for progress notifications.

PackageKit has the model where the source has GObject properties that
change as async ops execute, which isn't bad...but I'd like something
a bit more general where say you can have multiple outstanding async
ops and sensibly track their state.

So, OstreeAsyncProgress is basically a threadsafe property bag with a
change notification signal.

Use this new API to move the GSConsole usage (i.e. g_print()) out from
libostree/ and into ostree/.
2013-10-24 14:27:13 -04:00
Colin Walters
6500026ba7 trivial: Add missing files to dist 2013-10-15 16:39:22 -04:00
Colin Walters
3b700ccb50 core: Add code to read/write "varints"
Adapted from Google protobufs.  For several cases, we want to support
e.g. file sizes up to guint64, but paying the cost of 8 bytes for each
number is too high.

This will be used for static deltas and sizes metadata.
2013-10-11 12:21:37 -04:00
Jeremy Whiting
7f9eefb62d pull: Verify commits with gpg signatures from detached metadata
This uses gpgv for verification against DATADIR/ostree/pubring.gpg by
default.  The keyring can be overridden by specifying OSTREE_GPG_HOME.

Add a unit test for commit signing with gpg key and verifying on pull;
to implement this we ship a test GPG key generated with no password
for Ostree Tester <test@test.com>.

Change all of the existing tests to disable GPG verification.
2013-09-29 14:49:47 -04:00
Jeremy Whiting
7d5aa74dae core: Use libgpgme to add GPG signatures to detached metadata for commit object
Add an optional dependency on gpgme to add GPG signatures into the
detached metadata, with the key "ostree.gpgsigs", as an "aay", an
array of signatures (treated as binary data).

The commit command gains a --gpg-sign=<key-id> argument.  Also add an
argument --gpg-homedir to set the GPG homedir where we look for
keyrings.
2013-09-28 16:12:35 -04:00
Colin Walters
ac0154713d libostree: Make OstreeBootloader private
It was only temporarily public while functionality was being merged
down; that's done now.
2013-09-15 20:26:13 -04:00
Colin Walters
c6292942ff libostree: Nearly complete move of API into OstreeSysroot
Move the deployment code too.
2013-09-15 20:16:20 -04:00
Colin Walters
95f07d486a libostree: Move a lot more sysroot API here
OstreeBootloader is temporarily public API.
2013-09-15 18:08:06 -04:00
Colin Walters
35bab87691 Move Deployment and BootconfigParser into libostree
As part of moving admin functionality there.  While we are doing this,
rename OtConfigParser to OstreeBootConfig parser since it's a better
name.
2013-09-15 15:06:31 -04:00
Colin Walters
af0f888057 libostree: Add new OstreeSysroot class
At the moment, just a container for a path, but we will start moving
admin functionality here.
2013-09-15 14:33:57 -04:00
Jasper St. Pierre
c817217ad8 repo: Move commit code to another file
ostree-repo.c is a bit too big, and most of the commit code is
fairly standalone.

https://bugzilla.gnome.org/show_bug.cgi?id=707644
2013-09-06 20:31:11 -04:00
Jasper St. Pierre
52dd6b0b74 libostree: Make introspectable again
At some point, the variable name for the headers changed and the
introspection build line forgot to be updated.

https://bugzilla.gnome.org/show_bug.cgi?id=707228
2013-09-01 11:19:15 -04:00
Sjoerd Simons
d1babde95e Fix make distcheck
make distcheck was unhappy for various reasons:
  * headers aren't data, so use _HEADERS otherwise compilation fails
  * Mark the gir & typelib data as cleanfiles so they aren't left around
    after make clean
  * Don't nuke the .la file. This breaks make uninstall, leave it up to
    distributions to not install .la files if they don't want them.

https://bugzilla.gnome.org/show_bug.cgi?id=705850
2013-08-17 14:57:05 -04:00
Colin Walters
17560a57bf Add gtk-doc support
Yes, it's really me.  Colin Walters.  Writing documentation.  You
don't need to do a DNA test.
2013-08-16 22:56:12 -04:00
Colin Walters
a5d43bb959 Install a shared library
This required a fair bit of surgery because previously ostree.h
included otutil.h, but that's supposed to be a private library.
2013-07-26 19:25:07 -04:00
Colin Walters
6fc9483887 lib: Use -export-symbol-regex
Just a small step towards being a better library.
2013-07-25 17:09:00 -04:00
Colin Walters
2535f32c56 libostree: Move pull code into here
More library work.
2013-07-09 20:14:53 -04:00
Colin Walters
5dd0d5da40 libostree: Move prune into OstreeRepo namespace
More library work.
2013-07-09 20:05:31 -04:00
Colin Walters
2aa0251b1b libostree: Rename ostree-traverse.h into OstreeRepo namespace
This operates on the repo, it might as well be methods on it.
2013-07-09 19:59:39 -04:00
Colin Walters
cb6b69616c libostree: Split off -refs.c
Continuing to break up ostree-repo.c.
2013-07-09 19:49:00 -04:00
Colin Walters
3b6a94d272 libostree: Split off libarchive code 2013-07-09 19:11:37 -04:00
Colin Walters
dbffd31017 libostree: Start splitting up the monstrous ostree-repo.c
Checkout now lives in its own file.
2013-07-09 19:02:38 -04:00
Colin Walters
26cef497a6 Remove built in "triggers"
Originally, the idea was that clients would replicate "OS/tree"s from
a build server, but we'd run things like "ldconfig" on the client.
This was to allow adding e.g. the nVidia binary driver.

However, the triggers were the only thing in the system at the moment
that really had expected knowledge of the *contents* of the OS, like
the location of binaries.

For now, it's architecturally cleaner if we move the burden of
triggers to the tree builder (e.g. gnome-ostree or RPM).  Eventually
we may want OSTree to assist with this type of thing (perhaps
something like RPM %ghost), but this is the right thing to do now.
2013-07-07 14:37:59 -04:00
Colin Walters
7e882cc2cf dracut: Add ostree-remount
Linux creates a copy of the soure mount flags when creating a bind
mount; if the source is read-only, then the bind mount is.

The problem is that systemd will remount the rootfs read/write, but
each mount (/home, /var etc.) will still be read-only.  We need to
remount every bind mount except for /usr to read-write too.

This only "worked" with the old ostree-switch-root because it
effectively force mounted the rootfs read-write always, ignoring the
"ro" flag.
2013-06-04 15:59:52 -04:00
Colin Walters
cf31942a69 core: Refactor diff to be an internal API
For future use by other code.
2012-08-31 17:39:04 -07:00
Colin Walters
c63cca53d7 build: Add --enable-triggers-only
For bootstrapping gnome-ostree, we need to install the triggers early
on, before we actually build the real ostree binary.
2012-08-26 13:58:23 -04:00
Colin Walters
464f4a81c9 Add libgsystem as git external
Don't replace ot_lfree and stuff yet though...to much code churn.
2012-07-15 11:59:05 -04:00
Colin Walters
78b0d99238 Support building with embedded glib 2012-06-14 13:45:59 -04:00
Colin Walters
19571c7652 build: Link with -Bsymbolic-functions
Avoids indirecting through PLT for internal calls, at the cost that we
can't use LD_PRELOAD to override internal functions (but we never
really want that, use a debugger).
2012-05-03 13:40:23 -04:00
Colin Walters
38ef75e6e0 core: Re-unify on one OSTREE_OBJECT_TYPE_FILE
Having the archived vs not distinction in the object system wasn't
useful in light of pack files.  In fact, we should probably move
towards generating a pack file per commit by default.
2012-04-11 22:27:59 -04:00
Colin Walters
f15c184584 core: Clean up checksumming
Don't expose GChecksum in APIs.  Add a new stream class which allows
us to pass an input stream somewhere, but gather a checksum as it's
read.

Move some bits of the internals towards binary csums.
2012-04-11 22:04:06 -04:00
Colin Walters
bae584c64a core: Associate branches with remotes, move trigger runs into checkout
Also add --atomic-retarget option to checkout. This does the magical
symlink dance to do atomic swaps between trees.
2012-04-03 23:46:34 -04:00
Colin Walters
d8173a5125 core: Move commit/dirtree traversal into library
So it can more easily be reused by other builtins.
2012-04-02 18:32:40 -04:00
Colin Walters
f44b8aca44 core: Add ostree-types.h
This allows us to have circular references between the headers.
2012-03-06 11:59:06 -05:00
Colin Walters
40226c2769 core: Move triggers into separate binary: ostree-run-triggers
I'm trying to keep ostree as being closer to just being the versioning
filesystem, so let's split out the triggers into a different binary
(although still namespaced ostree-).
2012-01-13 15:08:27 -05:00
Colin Walters
2b7a83d1cc core: Add new "mutable tree" class, use it for tar file import
The tar import code forced the resuscitation of a hackish "FileTree"
data type for representing an in-memory tree.  Split this out
into an OstreeMutableTree class for future use by any other in-memory
tree construction.
2011-12-21 13:34:10 -05:00