IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We were missing the simple, obvious API and CLI to go
from ostree commit -> composefs.
Internally, we had `ostree_repo_checkout_composefs`
with the right "shape" mostly, except it had more code
in the deploy path to turn that into a composefs.
Add a straightforward public API that does what
the deploy code did before, and then the old
API becomes an explicitly internal helper with an `_`
prefix.
Goals:
- Lead towards a composefs-oriented future
- This makes the composefs logic more testable directly
Signed-off-by: Colin Walters <walters@verbum.org>
If supported_out is passed to _ostree_ensure_fsverity and we
successfully exit early, for example because the file is a symlink, then
*supported_out is not initialized.
This is problematic in the case of ostree_sysroot_update_post_copy(),
because it passes in an uninitialized supported, and on successfull
return of _ostree_ensure_fsverity() it assumes that it is iniialized.
In case supported happened to be initialized to non-zero it will take
this branch:
if (!supported)
break; /* If not supported, skip rest */
Which means *all* further objects will not get fs-verity enabled.
Previously we were running clang-format across multiple operating
system versions and hence clang versions, and it turns out
clang has changed the preferred formatting multiple times.
We could *probably* dig in and try to pin things more strongly
but eh...for now let's arbitrarily just use whatever's in
the default GH Action ubuntu-latest runner as that should
be equally painful for everyone.
Signed-off-by: Colin Walters <walters@verbum.org>
HTTP servers derive Last-Modified from the modification time of the
file. When used in combination with a Cache-Control max-age value,
having the modification times match means that caches will consider them
expired at the same time. This helps make it more likely that clients
won't receive a cached summary and fresh signature or vice versa.
This makes more sense to do now that the summary and signature are
created in a temporary directory and renamed into place. In the old days
where they were created directly in the repo root, it would be strange
to change the summary mtime when it wasn't actually modified.
The skip shell function is for skipping an entire test plan. To skip a
single test result, a directive is needed[1]. Without this change, the
test suite errors claiming that 2 test plans were provided when fsverity
isn't available.
1. https://testanything.org/tap-specification.html#skipping-tests
The android bootloader is also split into two partitions, previously
that wasn't represented in the diagram.
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
otcore_get_ostree_target() should set is_aboot for android boot
systems, but currently it only does this on A/B boot systems, not
single-boot-partition systems. Fix this by setting it in the second
case.
We want to start switching things so that the toplevel `/ostree`
repository is mode 0700, to close off unprivileged code
from being able to access it. Previous deployment roots
may have setuid binaries, etc. The `/var/lib/containers/storage`
directory is mode 0700 for this reason I believe.
Closes: https://github.com/ostreedev/ostree/issues/3211
I want to add another variant here, and `--modern` is now old. Let's
acknowledge that we may want to make even more changes in the
future. So `--modern == --epoch=1` but I will add `--epoch=2` after
this.
If fs_verity_wanted == _OSTREE_FEATURE_YES we should fail if
!suported, but we were checking !supported where supported is a
pointer, not a boolean. This caused us to miss errors when the kernel
didn't support fs-verity that lead to lots of debugging.
Remove the unofficial acronym RHIVOS from both the README and docs
files. The acronym is associated with Red Hat In-Vehicle Operating
System but isn't officially recognized.
Co-Authored-By: Felicia Kleinfelt <fkleinfe@redhat.com>
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
This is stronger than the default (`replace`) because it tells systemd
to *stop everything* and go to `emergency.target`. In other codebases,
this has definitely helped me with the problem of "systemd keeps going
even after a failure".
Likely addresses #3219.
See also e.g. 3d2e165f97.
This can return NULL if there's no real policy.
Now obviously we need to update the Rust bindings too but...
I am having trouble doing that, we're pretty out of date with
upstream.
When we added the retry logic, the intention here was definitely
to do it not just for network errors but also e.g. HTTP 500s and
the like.
xref https://pagure.io/releng/issue/11439
where we rather painfully debugged that this was missing.
The combination of the "honor whiteout" and "union" flags
are intended to basically be "merge trees like overlayfs does".
But we were missing this case in order to support e.g. replacing
a symlink with a directory.
This fixes a bug in the (early) deployment pruning function which before
tried to access the boot directory without opening it first.
Signed-off-by: Rogerio Guerra Borin <rogerio.borin@toradex.com>