mirror of
https://github.com/ostreedev/ostree.git
synced 2024-12-23 21:35:26 +03:00
09238da065
I'm trying to improve the developer experience on OSTree-managed systems, and I had an epiphany the other day - there's no reason we have to be absolutely against mutating the current rootfs live. The key should be making it easy to rollback/reset to a known good state. I see this command as useful for two related but distinct workflows: - `ostree admin unlock` will assume you're doing "development". The semantics hare are that we mount an overlayfs on `/usr`, but the overlay data is in `/var/tmp`, and is thus discarded on reboot. - `ostree admin unlock --hotfix` first clones your current deployment, then creates an overlayfs over `/usr` persistent to this deployment. Persistent in that now the initramfs switchroot tool knows how to mount it as well. In this model, if you want to discard the hotfix, at the moment you roll back/reboot into the clone. Note originally, I tried using `rofiles-fuse` over `/usr` for this, but then everything immediately explodes because the default (at least CentOS 7) SELinux policy denies tons of things (including `sshd_t` access to `fusefs_t`). Sigh. So the switch to `overlayfs` came after experimentation. It still seems to have some issues...specifically `unix_chkpwd` is broken, possibly because it's setuid? Basically I can't ssh in anymore. But I *can* `rpm -Uvh strace.rpm` which is handy. NOTE: I haven't tested the hotfix path fully yet, specifically the initramfs bits.
117 lines
3.9 KiB
Plaintext
117 lines
3.9 KiB
Plaintext
# Makefile for C source code
|
|
#
|
|
# Copyright (C) 2011 Colin Walters <walters@verbum.org>
|
|
#
|
|
# This library is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU Lesser General Public
|
|
# License as published by the Free Software Foundation; either
|
|
# version 2 of the License, or (at your option) any later version.
|
|
#
|
|
# This library is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
# Lesser General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Lesser General Public
|
|
# License along with this library; if not, write to the
|
|
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
|
# Boston, MA 02111-1307, USA.
|
|
|
|
bin_PROGRAMS += ostree
|
|
|
|
ostree_SOURCES = src/ostree/main.c \
|
|
src/ostree/ot-builtin-admin.c \
|
|
src/ostree/ot-builtins.h \
|
|
src/ostree/ot-builtin-cat.c \
|
|
src/ostree/ot-builtin-config.c \
|
|
src/ostree/ot-builtin-checkout.c \
|
|
src/ostree/ot-builtin-checksum.c \
|
|
src/ostree/ot-builtin-commit.c \
|
|
src/ostree/ot-builtin-diff.c \
|
|
src/ostree/ot-builtin-export.c \
|
|
src/ostree/ot-builtin-fsck.c \
|
|
src/ostree/ot-builtin-gpg-sign.c \
|
|
src/ostree/ot-builtin-init.c \
|
|
src/ostree/ot-builtin-pull-local.c \
|
|
src/ostree/ot-builtin-log.c \
|
|
src/ostree/ot-builtin-ls.c \
|
|
src/ostree/ot-builtin-prune.c \
|
|
src/ostree/ot-builtin-refs.c \
|
|
src/ostree/ot-builtin-remote.c \
|
|
src/ostree/ot-builtin-reset.c \
|
|
src/ostree/ot-builtin-rev-parse.c \
|
|
src/ostree/ot-builtin-summary.c \
|
|
src/ostree/ot-builtin-show.c \
|
|
src/ostree/ot-builtin-static-delta.c \
|
|
src/ostree/ot-main.h \
|
|
src/ostree/ot-main.c \
|
|
src/ostree/ot-dump.h \
|
|
src/ostree/ot-dump.c \
|
|
src/ostree/ot-editor.c \
|
|
src/ostree/ot-editor.h \
|
|
src/ostree/parse-datetime.h \
|
|
src/ostree/parse-datetime.c \
|
|
$(NULL)
|
|
|
|
# Admin subcommand
|
|
ostree_SOURCES += \
|
|
src/ostree/ot-admin-builtin-init-fs.c \
|
|
src/ostree/ot-admin-builtin-diff.c \
|
|
src/ostree/ot-admin-builtin-deploy.c \
|
|
src/ostree/ot-admin-builtin-undeploy.c \
|
|
src/ostree/ot-admin-builtin-instutil.c \
|
|
src/ostree/ot-admin-builtin-cleanup.c \
|
|
src/ostree/ot-admin-builtin-os-init.c \
|
|
src/ostree/ot-admin-builtin-set-origin.c \
|
|
src/ostree/ot-admin-builtin-status.c \
|
|
src/ostree/ot-admin-builtin-switch.c \
|
|
src/ostree/ot-admin-builtin-upgrade.c \
|
|
src/ostree/ot-admin-builtin-unlock.c \
|
|
src/ostree/ot-admin-builtins.h \
|
|
src/ostree/ot-admin-instutil-builtin-selinux-ensure-labeled.c \
|
|
src/ostree/ot-admin-instutil-builtin-set-kargs.c \
|
|
src/ostree/ot-admin-instutil-builtin-grub2-generate.c \
|
|
src/ostree/ot-admin-instutil-builtins.h \
|
|
src/ostree/ot-admin-functions.h \
|
|
src/ostree/ot-admin-functions.c \
|
|
$(NULL)
|
|
|
|
# Remote subcommand
|
|
ostree_SOURCES += \
|
|
src/ostree/ot-remote-builtins.h \
|
|
src/ostree/ot-remote-builtin-add.c \
|
|
src/ostree/ot-remote-builtin-delete.c \
|
|
src/ostree/ot-remote-builtin-gpg-import.c \
|
|
src/ostree/ot-remote-builtin-list.c \
|
|
src/ostree/ot-remote-builtin-show-url.c \
|
|
src/ostree/ot-remote-builtin-refs.c \
|
|
src/ostree/ot-remote-builtin-summary.c \
|
|
$(NULL)
|
|
|
|
src/ostree/parse-datetime.c: src/ostree/parse-datetime.y Makefile
|
|
$(AM_V_GEN) $(YACC) $< -o $@
|
|
|
|
EXTRA_DIST += src/ostree/parse-datetime.y
|
|
CLEANFILES += src/ostree/parse-datetime.c
|
|
|
|
ostree_bin_shared_cflags = $(AM_CFLAGS) -I$(srcdir)/src/libotutil -I$(srcdir)/src/libostree -I$(srcdir)/src/ostree \
|
|
$(NULL)
|
|
ostree_bin_shared_ldadd = libglnx.la libbsdiff.la libotutil.la libostree-kernel-args.la libostree-1.la
|
|
|
|
ostree_CFLAGS = $(ostree_bin_shared_cflags) $(OT_INTERNAL_GIO_UNIX_CFLAGS) -I$(srcdir)/libglnx
|
|
ostree_LDADD = $(ostree_bin_shared_ldadd) $(OT_INTERNAL_GIO_UNIX_LIBS)
|
|
|
|
if USE_LIBSOUP
|
|
ostree_SOURCES += \
|
|
src/ostree/ot-builtin-pull.c \
|
|
src/ostree/ot-builtin-trivial-httpd.c \
|
|
$(NULL)
|
|
ostree_CFLAGS += $(OT_INTERNAL_SOUP_CFLAGS)
|
|
ostree_LDADD += $(OT_INTERNAL_SOUP_LIBS)
|
|
endif
|
|
|
|
if USE_LIBARCHIVE
|
|
ostree_CFLAGS += $(OT_DEP_LIBARCHIVE_CFLAGS)
|
|
ostree_LDADD += $(OT_DEP_LIBARCHIVE_LIBS)
|
|
endif
|