ostree OSTree Developer Colin Walters walters@verbum.org ostree 1 ostree Manage multiple bootable versioned filesystem trees ostree COMMAND OPTIONS Description OSTree is a tool for managing multiple bootable versioned filesystem trees, or just "tree" for short. In the OSTree model, operating systems no longer live in the physical "/" root directory. Instead, they parallel install to the new toplevel /ostree directory. Each installed system gets its own /ostree/deploy/stateroot directory. (stateroot is the newer term for osname). Unlike rpm or dpkg, OSTree is only aware of complete filesystem trees. It has no built-in knowledge of what components went into creating the filesystem tree. It is possible to use OSTree in several modes; the most basic form is to replicate pre-built trees from a build server. Usually, these pre-built trees are derived from packages. You might also be using OSTree underneath a higher level tool which computes filesystem trees locally. It must be emphasized that OSTree only supports read-only trees. To change to a different tree (upgrade, downgrade, install software), a new tree is checked out, and a 3-way merge of configuration is performed. The currently running tree is not ever modified; the new tree will become active on a system reboot. To see the man page for a command run man ostree COMMAND or man ostree-admin COMMAND Options The following options are understood: For most commands, when run as non-root, repository is required. If ostree is run as root, it is assumed operations will be performed on the /sysroot/ostree/repo repository. Produce debug level output. Commands System administrators will primarily interact with OSTree via the subcommand ostree admin. ostree-admin-cleanup1  Delete untagged deployments and repository objects. ostree-admin-config-diff1  See changes to /etc as compared to the current default (from /usr/etc). ostree-admin-deploy1  Takes a particular commit or revision, and sets it up for the next boot. ostree-admin-init-fs1  Initialize a root filesystem in a specified path. ostree-admin-instutil1  Utility functions intended primarily for operating system installation programs ostree-admin-os-init1  Initialize the deployment location for an operating system with a specified name. ostree-admin-status1  Show and list the deployments. ostree-admin-switch1  Choose a different ref to track from the same remote as the current tree. ostree-admin-undeploy1  Remove the previously INDEX deployed tree from the bootloader configuration. ostree-admin-upgrade1  Download the latest version for the current ref, and deploy it. Both administrators and operating system builders may interact with OSTree via the regular filesystem manipulation commands. ostree-cat1  Concatenate contents of files ostree-checkout1  Check out a commit into a filesystem tree. ostree-checksum1  Gives checksum of any file. ostree-commit1  Given one or more trees, create a new commit using those contents. ostree-config1  Change settings. ostree-diff1  Concisely list differences between the given refs. ostree-fsck1  Check a repository for consistency. ostree-init1  Initialize a new repository. ostree-log1  Show revision log. ostree-ls1  List the contents of a given commit. ostree-prune1  Search for unreachable objects. ostree-pull-local1  Copy data from source-repo. ostree-pull1  Download data from remote repo. If you have libsoup. ostree-refs1  List refs. ostree-remote1  Manipulate remote archive configuration. ostree-reset1  Reset a ref to a previous commit. ostree-rev-parse1  Show the SHA256 corresponding to a given rev. ostree-show1  Given an OSTree SHA256 checksum, display its contents. ostree-static-delta1  Manage static delta files. ostree-summary1  Regenerate the repository summary metadata. ostree-trivial-httpd1  Simple webserver. Examples For specific examples, please see the man page regarding the specific ostree command. For example: man ostree init or man ostree-admin status GPG verification OSTree supports signing commits with GPG. Operations on the system repository by default use keyring files in /usr/share/ostree/trusted.gpg.d. Any public key in a keyring file in that directory will be trusted by the client. No private keys should be present in this directory. In addition to the system repository, OSTree supports two other paths. First, there is a gpgkeypath option for remotes, which must point to the filename of an ASCII-armored key. Second, there is support for a per-remote remotename.trustedkeys.gpg file stored in the toplevel of the repository (alongside objects/ and such). This is particularly useful when downloading content that may not be fully trusted (e.g. you want to inspect it but not deploy it as an OS), or use it for containers. This file is written via ostree remote add --gpg-import. See Also ostree.repo5