7084 Commits

Author SHA1 Message Date
Dan Nicholson
e560092f54
Merge pull request #3307 from cgwalters/curl-reorder-teardown
curl: Make socket callback during cleanup into no-op
2024-09-18 21:36:13 -06:00
Colin Walters
05442f2a92
Merge pull request #3306 from cgwalters/curl-assert
curl: Assert that curl_multi_assign worked
2024-09-18 18:34:08 -04:00
Colin Walters
4d755a8522 curl: Make socket callback during cleanup into no-op
Because curl_multi_cleanup may invoke callbacks, we effectively have
some circular references going on here. See discussion in

https://github.com/curl/curl/issues/14860

Basically what we do is the socket callback libcurl may invoke into a no-op when
we detect we're finalizing. The data structures are owned by this object and
not by the callbacks, and will be destroyed below. Note that
e.g. g_hash_table_unref() may itself invoke callbacks, which is where
some data is cleaned up.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-18 17:41:41 -04:00
Colin Walters
472d9d493a curl: Assert that curl_multi_assign worked
ref https://github.com/ostreedev/ostree/issues/3299

This won't fix that issue, but *if* this assertion triggers
it should give us a better idea of the possible codepaths
where it is happening.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-18 13:22:55 -04:00
Colin Walters
2945165ffe
Merge pull request #3305 from dbnicholson/pages-fixes
workflow/docs: Fix deployments
2024-09-15 16:39:38 -04:00
Dan Nicholson
8d1373bdd7 workflow/docs: Fix deployments
A couple fixes to make PRs and non-PRs work correctly:

* In a conditional expression, `true` or `false` are returned unless you
  terminate both sides in a ternary. That was causing 2 strings to be
  suffixed with `false` instead of an empty string.
* For a PR, we do actually want to cancel in progress runs since there's
  no danger of breaking an in progress deployment.
* For PRs, just use the same `github-pages-pr` name for the artifact.
  The important part is that it's not called `github-pages` where an in
  progress deployment could pick it up. Otherwise it can use the same
  name all the time.
2024-09-15 14:01:19 -06:00
Colin Walters
558f260554
Merge pull request #3300 from travier/main-static-config-null
bootloader/grub2: Handle empty static configs
2024-09-15 13:01:52 -04:00
Colin Walters
6a337d6f8a
Merge pull request #3302 from HuijingHei/fix-version
spec: %autorelease can't be resolved by COPR
2024-09-15 13:01:38 -04:00
Colin Walters
1e430366b7
Merge pull request #3304 from dbnicholson/pages-redux
Redo pages workflow
2024-09-15 13:01:19 -04:00
Dan Nicholson
6d590db379 Redo pages workflow 2024-09-15 10:19:06 -06:00
HuijingHei
339fc34766
spec: %autorelease can't be resolved by COPR
Fix copr build error:
`line 11: Possible unexpanded macro in: Release: %autorelease`
2024-09-14 11:16:50 +08:00
Timothée Ravier
508a8b61ac bootloader/grub2: Handle empty static configs
In #3205, we introduced a check to skip re-generating the GRUB config if
we detect that static configs are in used by looking at bootupd's state.

Unfortunately this check is incomplete and does not account for present
but null entries in the JSON state file.

A proper fix would be to parse the JSON but this requires a larger code
change.

Fixes: https://github.com/ostreedev/ostree/issues/3295
Fixes: https://github.com/ostreedev/ostree/pull/3205
2024-09-14 00:34:24 +02:00
Timothée Ravier
b18e78bfb8
Merge pull request #3301 from travier/main-github-artifact-v4
github/workflows/tests: Update actions/upload-artifact to v4
2024-09-14 00:34:08 +02:00
Timothée Ravier
db4be85546 github/workflows/tests: Update actions/{upload,download}-artifact to v4
See: https://github.blog/changelog/2024-02-13-deprecation-notice-v1-and-v2-of-the-artifact-actions/
See: https://github.blog/news-insights/product-news/get-started-with-v4-of-github-actions-artifacts/
Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-13 14:45:34 -04:00
Eric Curtin
81867f0444
Merge pull request #3287 from cgwalters/fix-memleak
lib/traverse: Fix minor memory leak
2024-09-07 01:30:25 +01:00
Colin Walters
413b0ad00e
Merge pull request #3292 from dbnicholson/var-slave-shared
switchroot: Stop making /sysroot mount private
2024-09-06 19:35:19 -04:00
Colin Walters
bd5b4adccd lib/traverse: Fix minor memory leak
I was trying to check something with `-fsanitize=address`
and it warned about this memory leak. It's...subtle, basically
we were leaking when the same commit was added to the hash table.

But unfortunately fixing that then complicates ownership
over the return value; what we really want to use here is
`g_hash_table_steal_all_keys` but RHEL 9.4 is still rocking
`glib2-2.68.4` so we can't use it.

(Rust would mean we wouldn't have leaked anything here in the
 first place...)

Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-06 18:52:33 -04:00
Dan Nicholson
2973ec5910 switchroot: Stop making /sysroot mount private
Back in 2b8d586c5, /sysroot was changed to be a private mount so that
submounts of /var do not propagate back to the stateroot /var. That's
laudible, but it makes /sysroot different than every other shared mount
in the root namespace. In particular, it means that submounts of
/sysroot do not propagate into separate mount namespaces.

Rather than make /sysroot private, make /var a slave+shared mount so
that it receives mount events from /sysroot but not vice versa. That
achieves the same effect of preventing /var submount events from
propagating back to /sysroot while allowing /sysroot mount events to
propagate forward like every other system mount. See
mount_namespaces(7)[1] and the linux shared subtrees[2] documentation
for details on slave+shared mount propagation.

When /var is mounted in the initramfs, this is accomplished with
mount(2) syscalls. When /var is mounted after switching to the real
root, the mount propagation flags are applied as options in the
generated var.mount unit. This depends on a mount(8) feature that has
been present since util-linux 2.23. That's available in RHEL 7 and every
non-EOL Debian and Ubuntu release. Applying the propagation from
var.mount fixes a small race, too. Previously, if a /var submount was
added before /sysroot was made private, it would have propagated back
into /sysroot. That was possible since ostree-remount.service orders
itself after var.mount but not before any /var submounts.

1. https://man7.org/linux/man-pages/man7/mount_namespaces.7.html
2. https://docs.kernel.org/filesystems/sharedsubtree.html

Fixes: #2086
2024-09-06 15:49:49 -06:00
Dan Nicholson
fae8941196 tests: Add mount propagation test
This tests the current behavior of making /sysroot a private mount so
that submounts on /var do not propagate back to /sysroot. It also shows
how submounts of /sysroot do not propagate into separate mount
namespaces for the same reason.
2024-09-06 15:49:43 -06:00
Eric Curtin
fbb1cc7e38
Merge pull request #3290 from cgwalters/include-grub-stderr
grub2: Show output when run in systemd by default
2024-09-03 15:36:26 +01:00
Colin Walters
cdbe93dc9b grub2: Show output when run in systemd by default
xref https://github.com/coreos/rpm-ostree/issues/5071

Hiding errors by default is painful. At least as of
recently in Fedora it looks like the command is nice
and quiet by default, I only see

```
Generating grub configuration file ...
Adding boot menu entry for UEFI Firmware Settings ...
done
```

Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-03 08:55:35 -04:00
Eric Curtin
4207d92365
Merge pull request #3285 from cgwalters/drop-deploy-print
tests: Attempt to update auto-prune test
2024-08-30 21:40:33 +01:00
Colin Walters
4f46d06ba8 deploy: Log to journal for boot space, not stderr
bootc doesn't run as a systemd unit, and this pollutes stderr.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-08-30 15:00:27 -04:00
Eric Curtin
2b01c93cd9
Merge pull request #3283 from cgwalters/fix-more-coverity-dirname
sysroot: Make coverity happy with dirname+strdup
2024-08-16 00:26:52 -04:00
Colin Walters
62284ea3ec
Merge pull request #3284 from cgwalters/even-more-readlinkat
commit/payload-link: Ensure we don't overrun target_checksum size
2024-08-15 13:42:20 -04:00
Colin Walters
7683eb5aa4 commit/payload-link: Ensure we don't overrun target_checksum size
This is another warning from recently changed code from Coverity:

```
1. Defect type: OVERRUN
16. libostree-2024.7/src/libostree/ostree-repo-commit.c:823:7: overrun-buffer-arg: Overrunning array "target_checksum" of 65 bytes by passing it to a function which accesses it at byte offset 258 using argument "size" (which evaluates to 259). [Note: The source code implementation of the function has been overridden by a builtin model.]
```

I think this can only happen if the repository is corrupt; the
data shouldn't be that long. But fix this by passing the max
length we expect; this will ignore the rest currently.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-08-15 12:15:50 -04:00
Colin Walters
70430fe02b sysroot: Make coverity happy with dirname+strdup
Similar to d528083cae3492f9b9424f3c9830869af7b4cbd0 - I don't
believe we actually had a leak here because `dirname` always
returns the same start pointer, but this makes Coverity
happy.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-08-15 11:29:22 -04:00
Colin Walters
0d5e554b69
Merge pull request #3282 from cgwalters/drop-deploy-print
deploy: Log to journal for boot space, not stderr
2024-08-14 16:50:43 -04:00
Colin Walters
3d07a808ce deploy: Log to journal for boot space, not stderr
bootc doesn't run as a systemd unit, and this pollutes stderr.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-08-14 09:09:15 -04:00
Colin Walters
28c184f244
Merge pull request #3281 from cgwalters/fix-readlinkat-payload-link
repo: NUL terminate readlinkat result
2024-08-09 16:10:05 -04:00
Colin Walters
f08cea998e repo: NUL terminate readlinkat result
Coverity was correctly complaining about this.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-29 17:14:12 -04:00
Colin Walters
d260d918dd tests: Add a payload link unit test
Motivated by changing this code.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-29 17:08:03 -04:00
Colin Walters
5dac2adef6
Merge pull request #3280 from cgwalters/release
Release 2024.7
2024-07-19 07:10:51 -04:00
Colin Walters
68679e03b3 Post-release version bump
Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-18 17:55:21 -04:00
Colin Walters
4941d9cd0d Release 2024.7
Signed-off-by: Colin Walters <walters@verbum.org>
v2024.7
2024-07-18 17:55:21 -04:00
Colin Walters
4b96359e10
Merge pull request #3277 from cgwalters/karg-disable-composefs
prepare-root: Add ostree.prepare-root.composefs
2024-07-11 20:08:38 -04:00
Colin Walters
e226c87614 prepare-root: Add ostree.prepare-root.composefs
We have a use case for overriding the composefs state via
the kernel commandline; see e.g.
https://gitlab.com/fedora/bootc/tracker/-/issues/27

Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-11 17:04:09 -04:00
Colin Walters
5378fe2aa9
Merge pull request #3276 from cgwalters/parse-bool
keyfile-utils: Add API to parse tristate strings
2024-07-11 16:06:35 -04:00
Colin Walters
65ff404195 prepare-root: Gather kernel cmdline early
Prep for parsing the composefs config from the kernel cmdline.
No functional changes intended.
2024-07-10 17:52:28 -04:00
Colin Walters
26abca7126 keyfile-utils: Add API to parse tristate strings
Prep for using this in multiple places. Add unit tests.
2024-07-10 17:52:28 -04:00
Colin Walters
47edd1a2a9 keyfile-utils: Add API to parse tristate strings
Prep for using this in multiple places. Add unit tests.
2024-07-10 17:21:57 -04:00
Colin Walters
97fb11127b
Merge pull request #3275 from ueno/wip/dueno/glib-2.44
libostree: Remove compatibility code with GLib < 2.44
2024-07-10 08:27:45 -04:00
Daiki Ueno
a0bd18945f libostree: Remove compatibility code with GLib < 2.44
As the build system has required GLib 2.44 since commit
eb09207e1abd7499bd92866cce1de6148d659a4a, the manual expansion of
G_DECLARE_INTERFACE and G_DECLARE_FINAL_TYPE is no longer necessary.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
2024-07-10 10:22:07 +09:00
Colin Walters
d7eb9a1040
Merge pull request #3273 from cgwalters/drop-library-printf
sysroot: Use journal rather than printf()
2024-07-08 09:56:26 -04:00
Colin Walters
772801faf0 sysroot: Use journal rather than printf()
Fix the TODO here; this was making some bootc output
ugly.

Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-08 07:52:39 -04:00
Colin Walters
9b977e2828
Merge pull request #3265 from lukewarmtemp/2023.8-3-coverity-scan
2023.8-3 coverity scan
2024-06-27 13:05:53 -04:00
Luke Yang
e99693c787 prepare: Create global var for tmp_sysroot_etc
Coverity points out that ""/sysroot.tmp/etc"" could be a copy-paste
error. This is mistake from coverity, but to supress the warning,
we create a global var, tmp_sysroot_etc, which replaces all
instances of TMP_SYSROOT "/etc".
2024-06-20 15:09:11 -04:00
Luke Yang
d528083cae repo: Fix dir_or_file_path memory leak
Coverity points out that we have a memory leak from
`g_strdup(dir_or_file_path)`. Make the duplication of the string a
temporary variable that is freed using `g_autofree`.
2024-06-20 15:09:11 -04:00
Luke Yang
20d5bc8453 commit: Null terminate target_buf var
Coverity points out that we are passing an unterminated string to
sprintf(). Fix by using snprintf() which stores the content as a C
string.
2024-06-20 15:09:11 -04:00
Luke Yang
dc9eaef1e5 tree: Fix name memory leak
Coverity points out that we have a memory leak from `g_strdup(name)`.
`insert_child_mtree()` takes a const char * and duplicates it.
`name` can be passed directly to `insert_child_mtree()`.
2024-06-20 15:09:11 -04:00