Merge 42847b097a into 8aaea0c65d

Release 2024.10

Makefile-ostree.am

@@ -76,6 +76,7 @@ ostree_SOURCES += \
 	src/ostree/ot-admin-builtin-set-default.c \
 	src/ostree/ot-admin-builtin-instutil.c \
 	src/ostree/ot-admin-builtin-kargs.c \
+        src/ostree/ot-admin-builtin-metadata.c \
 	src/ostree/ot-admin-builtin-cleanup.c \
 	src/ostree/ot-admin-builtin-os-init.c \
 	src/ostree/ot-admin-builtin-set-origin.c \

configure.ac

@@ -1,7 +1,7 @@
 AC_PREREQ([2.63])
 dnl To perform a release, follow the instructions in `docs/CONTRIBUTING.md`.
 m4_define([year_version], [2024])
-m4_define([release_version], [10])
+m4_define([release_version], [11])
 m4_define([package_version], [year_version.release_version])
 AC_INIT([libostree], [package_version], [walters@verbum.org])
 is_release_build=no

man/ostree-prepare-root.xml

@@ -120,20 +120,25 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
             <varlistentry>
                 <term><varname>root.transient</varname></term>
                 <listitem><para>A boolean value; the default is <literal>false</literal>.
-                   If this is set to <literal>true</literal>, then the <literal>/</literal> filesystem will be a writable <literal>overlayfs</literal>,
-                   with the upper directory being a hidden directory (in the underlying system root filesystem) that will persist across reboots by default.
-                   However, changes will <emphasis>be discarded</emphasis> on OS updates!
+                   Setting this flag to <literal>true</literal> requires composefs (See <literal>composefs.enabled</literal>).
+                   When enabled, the root mount point <literal>/</literal> will be an overlayfs whose contents will be stored
+                   in a tmpfs, and hence discarded on OS upgrade or reboot.
                 </para>
                 <para>
-                   Enabling this option can be very useful for cases such as packages (dpkg/rpm/etc) that write content into <literal>/opt</literal>,
-                   particularly where they expect the target to be writable at runtime.  To make that work, ensure that your <literal>/opt</literal>
-                   directory is *not* a symlink to <literal>/var/opt</literal>, but is just an empty directory.
-                </para>
-                <para>
-                   Note the <literal>/usr</literal> mount point remains read-only by default.  This option is independent of <literal>etc.transient</literal> and <literal>sysroot.readonly</literal>;
+                   This option is independent of <literal>etc.transient</literal> and <literal>sysroot.readonly</literal>;
                    it is supported for example to have <literal>root.transient=true</literal> but <literal>etc.transient=false</literal> in which case changes to <literal>/etc</literal> continue
                    to persist across updates, with the default OSTree 3-way merge applied.
-                </para></listitem>
+                   Also related to persistence it is important to emphasize that <literal>/sysroot</literal> (the physical root filesystem) is still persistent
+                   by default; in-place OS upgrades can be applied.
+                </para>
+                <para>
+                  Enabling this option can make it significantly easier to adopt an image-based model in some circumstances.
+                  For example, if you have a configuration management system that is inspecting machine-specific state and
+                  e.g. dynamically installing packages or applying configuration, it can more easily be adapted to
+                  run on each boot, while still shifting a portion (or ideally most) image configuration to build time
+                  as part of the base image/commit.
+                </para>
+                </listitem>
             </varlistentry>
             <varlistentry>
                 <term><varname>composefs.enabled</varname></term>

src/libostree/ostree-deployment.c

@@ -18,6 +18,7 @@
 #include "config.h"
 
 #include "ostree-deployment-private.h"
+#include "ostree-sysroot-private.h"
 #include "ostree.h"
 #include "otutil.h"
 
@@ -476,3 +477,62 @@ ostree_deployment_is_finalization_locked (OstreeDeployment *self)
 {
   return self->finalization_locked;
 }
+
+/**
+ * ostree_deployment_set_ext_metadata:
+ * @self: Deployment
+ * @metadata_key: extended attribute(metadata) name/key to add.
+ * @metadata_value: extended attribute(metadata) value to add.
+ * @error: a #GError
+ *
+ */
+gboolean
+ostree_deployment_set_ext_metadata (OstreeDeployment *self, const char *metadata_key,
+                                    const char *metadata_value, GError **error)
+{
+  g_autofree char *backing_relpath = _ostree_sysroot_get_deployment_backing_relpath (self);
+  if (setxattr (backing_relpath, metadata_key, metadata_value, strlen (metadata_value), 0) < 0)
+    {
+      g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errno),
+                   "Failed to set deployment metadata %s on %s: %s", metadata_key, backing_relpath,
+                   g_strerror (errno));
+      return FALSE;
+    }
+  return TRUE;
+}
+
+/**
+ * ostree_deployment_get_ext_metadata:
+ * @self: Deployment
+ * @metadata_key: (nullable): key of extended attribute
+ * @error: a #GError
+ * Returns: The value of a extended attribute(metadata) checksum given the key.
+ */
+const char *
+ostree_deployment_get_ext_metadata (OstreeDeployment *self, const char *metadata_key,
+                                    GError **error)
+{
+  g_autofree char *backing_relpath = _ostree_sysroot_get_deployment_backing_relpath (self);
+  g_autofree char *metadata_value = NULL;
+  g_autofree int len = getxattr (backing_relpath, metadata_key, NULL, 0);
+  if (len < 0)
+    {
+      if (errno == ENODATA)
+        return NULL;
+      g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errno),
+                   "Failed to get deployment metadata %s on %s: %s", metadata_key, backing_relpath,
+                   g_strerror (errno));
+      return NULL;
+    }
+  metadata_value = g_malloc (len + 1);
+  len = getxattr (backing_relpath, metadata_key, metadata_value, len);
+  if (len < 0)
+    {
+      g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errno),
+                   "Failed to get deployment metadata %s on %s: %s", metadata_key, backing_relpath,
+                   g_strerror (errno));
+      return NULL;
+    }
+  metadata_value[len] = '\0';
+  return metadata_value;
+}

src/libostree/ostree-deployment.h

@@ -107,4 +107,12 @@ const char *ostree_deployment_unlocked_state_to_string (OstreeDeploymentUnlocked
 _OSTREE_PUBLIC
 OstreeDeploymentUnlockedState ostree_deployment_get_unlocked (OstreeDeployment *self);
 
+_OSTREE_PUBLIC
+gboolean ostree_deployment_set_ext_metadata (OstreeDeployment *self, const char *metadata_key,
+                                             const char *metadata_value, GError **error);
+
+_OSTREE_PUBLIC
+const char *ostree_deployment_get_ext_metadata (OstreeDeployment *self, const char *metadata_key,
+                                                GError **error);
+
 G_END_DECLS

src/ostree/ot-admin-builtin-metadata.c

@@ -0,0 +1,77 @@
+/*
+ * Copyright (C) 2015 Colin Walters <walters@verbum.org>
+ *
+ * SPDX-License-Identifier: LGPL-2.0+
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "config.h"
+
+#include "ot-admin-builtins.h"
+#include "ot-admin-functions.h"
+#include "otutil.h"
+
+static char **opt_set;
+static char **opt_get;
+
+static GOptionEntry options[]
+    = { { "set", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_set,
+          "Set deployment metadata, like DATE=030424; this overrides any metadata with the "
+          "same name",
+          "KEY=VALUE" },
+        { "get", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_get,
+          "Get the value of a deployment metadata.", "KEY" },
+        { NULL } };
+
+gboolean
+ot_admin_builtin_metadata (int argc, char **argv, OstreeCommandInvocation *invocation,
+                           GCancellable *cancellable, GError **error)
+{
+  gboolean ret = FALSE;
+  g_autoptr (GPtrArray) deployments = NULL;
+  OstreeDeployment *first_deployment = NULL;
+  g_autoptr (GOptionContext) context = NULL;
+  g_autoptr (OstreeSysroot) sysroot = NULL;
+
+  if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
+                                          OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, invocation, &sysroot,
+                                          cancellable, error))
+    goto out;
+
+  if (deployments->len == 0)
+    {
+      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Unable to find a deployment in sysroot");
+      goto out;
+    }
+
+  first_deployment = deployments->pdata[0];
+
+  if (opt_set)
+    {
+      char *key = strtok (*opt_set, "=");
+      char *value = strtok (NULL, "=");
+      // ^^ This needs error checking and probably is wrong... but builds!
+      ostree_deployment_set_ext_metadata (first_deployment, key, value, error);
+    }
+
+  if (opt_get)
+    {
+      ostree_deployment_get_ext_metadata (first_deployment, *opt_get, error);
+    }
+
+  ret = TRUE;
+out:
+  return ret;
+}

src/ostree/ot-admin-builtins.h

@@ -51,6 +51,7 @@ BUILTINPROTO (kargs);
 BUILTINPROTO (post_copy);
 BUILTINPROTO (lock_finalization);
 BUILTINPROTO (state_overlay);
+BUILTINPROTO (metadata);
 
 #undef BUILTINPROTO
 

src/ostree/ot-builtin-admin.c

@@ -70,6 +70,8 @@ static OstreeCommand admin_subcommands[] = {
   { "upgrade", OSTREE_BUILTIN_FLAG_NO_REPO, ot_admin_builtin_upgrade,
     "Construct new tree from current origin and deploy it, if it changed" },
   { "kargs", OSTREE_BUILTIN_FLAG_NO_REPO, ot_admin_builtin_kargs, "Change kernel arguments" },
+  { "deployment-metadata", OSTREE_BUILTIN_FLAG_NO_REPO, ot_admin_builtin_metadata,
+    "Set extended metadata for current the deployment" },
   { NULL, 0, NULL, NULL }
 };