Commit Graph

6514 Commits

Author SHA1 Message Date
Eric Curtin
de81a7e71a
Merge pull request #2929 from cgwalters/prepare-root-drop-pivot
prepare-root: Drop dead `pivot_root` code
2023-07-15 17:33:56 +01:00
Eric Curtin
8302a8add0
Merge pull request #2927 from cgwalters/sysroot-errprefix-bootlinks
sysroot: Add some error prefixing for bootversion
2023-07-15 17:31:53 +01:00
Colin Walters
845d68d1d4
Merge pull request #2935 from cgwalters/prepare-root-config4
prepare-root: Refactor composefs config handling
2023-07-15 09:52:11 -04:00
Colin Walters
d4ca834b09 prepare-root: Refactor composefs config handling
- Convert the current enum into a struct, using `OtTristate` and
  two member variables (expected signature and digest)
- Factor out a helper function to parse this config
- Clean up the logging by consistently using `composefs:` as a prefix
- Add more assertions to more strictly verify our runtime state
  since this is security relevant
2023-07-14 14:37:03 -04:00
Eric Curtin
18d6f59793
Merge pull request #2934 from cgwalters/enable-composefs-default
build-sys: Enable composefs at *build time* by default
2023-07-14 16:40:42 +01:00
Colin Walters
592351d1b0 build-sys: Enable composefs at *build time* by default
There's no additional dependencies, and it's a small amount
of new code.

The riskiest thing is the changes to ostree-prepare-root, but
I believe that things are in a good state now there.

Again, this just enables it at *build time* - it's still
off at runtime by default.
2023-07-14 10:34:46 -04:00
Colin Walters
3d29f89c0e
Merge pull request #2928 from cgwalters/prepare-root-config
More prepare-root cleanups
2023-07-14 10:26:25 -04:00
Eric Curtin
c1ac6bc346
Merge pull request #2932 from cgwalters/aboot-fix-nullderef
mount: Fix gcc -fanalyzer warning for parsing androidboot.slot_suffix
2023-07-14 13:48:17 +01:00
Colin Walters
c078e8bea3 mount: Fix gcc -fanalyzer warning for parsing androidboot.slot_suffix
If the karg wasn't present, we'd do a NULL deref which is undefined
behavior.
2023-07-14 06:51:34 -04:00
Colin Walters
c4f1d18a30
Merge pull request #2920 from ostreedev/dependabot/submodules/composefs-1704f82
build(deps): bump composefs from `ac729b5` to `1704f82`
2023-07-13 17:53:10 -04:00
Colin Walters
0eda15ceff Use /run/ostree-booted metadata for sysroot-ro state passing
Just like we did with composefs, use the new metadata instead
of a "stamp file".
2023-07-13 13:58:25 -04:00
Colin Walters
79806a683e prepare-root: Drop dead pivot_root code
I think this was only ever used in the "static pid1" path which
is now split out into a separate file.

We always expect that e.g. systemd does the switchroot in
the initramfs, so drop this dead code.
2023-07-13 08:28:49 -04:00
Colin Walters
b8d66964a8 remount: Use new metadata in /run/ostree-booted for composefs
Since we now have a generalized more structured way of serializing
state in the initramfs instead of "stamp files", use it for
passing the composefs state.
2023-07-13 07:57:18 -04:00
Colin Walters
77acad246e remount: Don't overwrite /run/ostree-booted
Since it should always be written in the initramfs.
2023-07-13 07:28:39 -04:00
Colin Walters
93699cc546 prepare-root: Add metadata for composefs to /run/ostree-booted
Particularly for the signature case, having this metadata
acts as a reliable "proof of execution" of the signature verification
code (as opposed to parsing a log file or so).

Besides that, this is also just a stronger check for "we're using
composefs" instead of checking for "overlayfs on /".
2023-07-13 07:28:39 -04:00
Colin Walters
bafb551275 prepare-root: Use constant for ed25519 signature
Minor cleanup.
2023-07-13 07:28:39 -04:00
Colin Walters
6cdc5ce595
Merge pull request #2926 from cgwalters/otcore-cfs-constants
prepare-root: A few cleanups
2023-07-13 07:10:59 -04:00
Colin Walters
6769d66dcc sysroot: Add some error prefixing for bootversion
This came up in https://issues.redhat.com/browse/OCPBUGS-15955
and I'm 90% sure it's this readlink failing, but let's make
it extra clear.
2023-07-12 19:29:20 -04:00
Colin Walters
18cc447230 prepare-root: Drop unused verity flag querying
This logic got pushed down into libcomposefs.
2023-07-12 07:56:17 -04:00
Colin Walters
2b738a995d prepare-root: Use otutil and g_print
Now that we link to libotutil (and glib) we don't need separate
handling for conditionalizing on the presence of systemd.

Further, there's no value in `sd_journal_send(MESSAGE=)` over
just printing to stdout.
2023-07-12 07:56:17 -04:00
Colin Walters
1b7b4fbd2b Add an internal constant for the composefs image name
Just a minor cleanup.
2023-07-11 17:50:43 -04:00
Dan Nicholson
c0c2c9bd80
Merge pull request #2924 from cgwalters/drop-syntax-check
build: Drop `make syntax-check`
2023-07-11 13:31:14 -06:00
Colin Walters
6591210661 build: Drop make syntax-check
As of lately it emits a ton of errors from `grep` about having `*`
at the start of a line, but more generally it's only generally
found papercut-style issues that aren't worth carrying a distinct
checking system for.
2023-07-11 14:17:05 -04:00
Colin Walters
57fe33f07e
Merge pull request #2921 from alexlarsson/composefs-sign-v2
ostree-prepare-root: Validate ed25519 signatures when requested
2023-07-11 14:09:07 -04:00
Alexander Larsson
c29f4193cd ostree-prepare-root: Validate ed25519 signatures when requested
If requested, by specifying ot-composefs=signed=/path/to/pub.key then
the commit object is validated against the specified ed25519 public
key, and if valid, the composefs digest from the commit object is used
to ensure we boot the right digest.
2023-07-11 14:08:33 -04:00
Colin Walters
b8ff210941 Factor out a libotcore
This will contain logic shared between ostree-prepare-root
and libostree-1.so.  It will just link to libgio.so, so as
to avoid pulling in e.g. libcurl and other things.

In other words, `ostree-prepare-root` will not link to `libostree-1.so`,
but will pull in just what it needs from this library.
2023-07-11 14:08:32 -04:00
Colin Walters
265cf7d786 build-sys: Add libsodium to OT_DEP_CRYPTO
There's no reason to have these distinct really.  If we're using
libsodium, we want it in the same places we're using openssl.

Prep for further refactoring.
2023-07-08 15:42:12 -04:00
Colin Walters
a6d9c714c6
Merge pull request #2922 from alexlarsson/openssl-ed25519
Implement ed255519 using openssl too
2023-07-07 15:25:27 -04:00
Alexander Larsson
744967a6e4 libotutil: Link to crypto libs
The checksum utils uses the crypto lib, but we're not explicitly linking
to it. I think this is why the CI got this error when using openssl
on debian, during ostree binary linking:

/usr/bin/ld: ./.libs/libotutil.a(libotutil_la-ot-checksum-utils.o): undefined reference to symbol 'EVP_DigestInit_ex@@OPENSSL_3.0.0'
/usr/bin/ld: /lib/x86_64-linux-gnu/libcrypto.so.3: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
2023-07-07 20:19:59 +02:00
Alexander Larsson
474c2b100b CI: Enable --with-crypto=openssl on debian testing to test openssl signatures 2023-07-07 17:16:30 +02:00
Alexander Larsson
7b85adfbbd sign-ed25519: Implement sign and verify using openssl
libsodium is used if configured to keep the old behaviour, but if
it is not enabled, and openssl is used, then ed25519 is now supported.
2023-07-07 17:16:30 +02:00
Alexander Larsson
501575c1e4 sign-ed25519: Drop some uses of libsodium
This adds some defines for ed25519 key sizes and drops uses
of the libsodium defines for these, as well as replacing sodium_bin2hex
use with ot_bin2hex. Some code that wes optionally built before are now
always built.

The goal for this is to support both libsodium and openssl.

Also fixes return value of _load_pk_from_stream(). It used
to always return FALSE.
2023-07-07 17:16:30 +02:00
Colin Walters
5b7277513b
Merge pull request #2923 from alexlarsson/fix-composefs-test
tests: Fix composefs test
2023-07-07 11:12:52 -04:00
Alexander Larsson
62e4f37653 tests: Fix composefs test
- Was using the wrong metadata key
- We were missing setting the canonical commit args which assigns
  e.g. owner uid 0, which is important for reproducibility
- Use the new --print-hex to make things easier to read
2023-07-07 09:57:00 -04:00
Colin Walters
eb01112083 show: Add --print-hex
The default GVariant output for byte arrays is illegible to humans,
and byte arrays are super common for us.
2023-07-07 09:22:30 -04:00
Joseph Marrero Corchado
6056ec130f
Merge pull request #2913 from cgwalters/tmpfile-not-on-revokefs
fetcher: Always open tmpfiles in repo (except on FUSE)
2023-07-05 20:00:30 -04:00
dependabot[bot]
8a4a0c1673
build(deps): bump composefs from ac729b5 to 1704f82
Bumps [composefs](https://github.com/containers/composefs) from `ac729b5` to `1704f82`.
- [Release notes](https://github.com/containers/composefs/releases)
- [Commits](ac729b579d...1704f823db)

---
updated-dependencies:
- dependency-name: composefs
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-05 12:48:46 +00:00
Colin Walters
43fb278772
Merge pull request #2918 from ostreedev/dependabot/submodules/composefs-ac729b5
build(deps): bump composefs from `412cb5e` to `ac729b5`
2023-07-05 06:26:42 -04:00
Colin Walters
25120bd7ad
Merge pull request #2912 from cgwalters/itest-transactionality-debug
tests/inst: A few small patches
2023-07-05 05:47:05 -04:00
Colin Walters
6172018090
Merge pull request #1633 from cgwalters/pkglibexec-tests
Drop "ostree trivial-httpd" CLI, move to tests directory
2023-07-05 04:51:29 -04:00
Colin Walters
ba9c9dedff fetcher: Always open tmpfiles in repo (except on FUSE)
This reverts commit 4e61e6f7d0
and re-instates the fix for ensuring that we download temporary
files into the repository location.

However in order to ensure we don't re-introduce
https://github.com/ostreedev/ostree/issues/2900
we detect the case where we're writing to a FUSE mount
and keep the prior behavior.

I've verified that this works with flatpak.

Note a downside of this is the change needs to be triplicated
across the 3 http backends.

This then again
Closes: https://github.com/ostreedev/ostree/issues/2571
2023-07-05 04:27:36 -04:00
Colin Walters
9104c54f2b
Merge pull request #2905 from cgwalters/prepare-root-static-split
Separate prepare-root static path + link to glib
2023-07-04 09:05:31 -04:00
dependabot[bot]
01be14e6c0
build(deps): bump composefs from 412cb5e to ac729b5
Bumps [composefs](https://github.com/containers/composefs) from `412cb5e` to `ac729b5`.
- [Release notes](https://github.com/containers/composefs/releases)
- [Commits](412cb5e6aa...ac729b579d)

---
updated-dependencies:
- dependency-name: composefs
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-04 12:25:19 +00:00
Colin Walters
0c36e8143d Drop "ostree trivial-httpd" CLI, move to tests directory
See https://github.com/ostreedev/ostree/issues/1593

Basically this makes it easier for people packaging, as the trivial-httpd
is only for tests, and this way the binary will live with the tests.

Also at this point nothing should depend on `ostree trivial-httpd`.
2023-07-04 08:18:24 -04:00
Colin Walters
8ad8a79c2a
Merge pull request #2916 from cgwalters/release
Release 2023.5
2023-06-30 15:07:15 -04:00
Colin Walters
b2cfee722e
Merge pull request #2914 from cgwalters/doc-usergroups
docs: Update user and group section
2023-06-30 11:49:30 -04:00
Colin Walters
5aadb6ec26 configure: post-release version bump 2023-06-30 11:10:25 -04:00
Colin Walters
26b833e90a Release 2023.5 2023-06-30 11:07:18 -04:00
Colin Walters
7d192d079a
Merge pull request #2899 from ostreedev/dependabot/submodules/composefs-412cb5e
build(deps): bump composefs from `08bdb03` to `412cb5e`
2023-06-30 11:01:59 -04:00
Colin Walters
875915f6c9 prepare-root: Link to glib
Since we've split off the "prepare root as init" code
into a separate file, we can now use glib to parse
the config file again, which is a lot less hacky.

This is particularly motivated by composefs, where
we want to do more in the initramfs.  Future patches
may also link to parts of libostree.
2023-06-30 05:18:23 -04:00