ostree/Makefile-libostree.am
Colin Walters 8894bb3949 deploy: Handle a read-only /boot
I'd like to encourage people to make OSTree-managed systems more
strictly read-only in multiple places.  Ideally everywhere is
read-only normally besides `/var/`, `/tmp/`, and `/run`.

`/boot` is a good example of something to make readonly.  Particularly
now that there's work on the `admin unlock` verb, we need to protect
the system better against things like `rpm -Uvh kernel.rpm` because
the RPM-packaged kernel won't understand how to do OSTree right.

In order to make this work of course, we *do* need to remount `/boot`
as writable when we're doing an upgrade that changes the kernel
configuration.  So the strategy is to detect whether it's read-only,
and if so, temporarily mount read-write, then remount read-only when
the upgrade is done.

We can generalize this in the future to also do `/etc` (and possibly
`/sysroot/ostree/` although that gets tricky).

One detail: In order to detect "is this path a mountpoint" is
nontrivial - I looked at copying the systemd code, but the right place
is to use `libmount` anyways.
2016-03-21 12:49:05 -04:00

199 lines
7.1 KiB
Plaintext

# Makefile for C source code
#
# Copyright (C) 2011,2014 Colin Walters <walters@verbum.org>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
include Makefile-libostree-defines.am
noinst_LTLIBRARIES += libostree-kernel-args.la libbupsplit.la
libostree_kernel_args_la_SOURCES = \
src/libostree/ostree-kernel-args.h \
src/libostree/ostree-kernel-args.c \
$(NULL)
libostree_kernel_args_la_CFLAGS = -I$(srcdir)/libglnx $(OT_INTERNAL_GIO_UNIX_CFLAGS)
libostree_kernel_args_la_LIBADD = $(OT_INTERNAL_GIO_UNIX_LIBS)
lib_LTLIBRARIES += libostree-1.la
libostreeincludedir = $(includedir)/ostree-1
libostreeinclude_HEADERS = $(libostree_public_headers)
ENUM_TYPES = \
$(srcdir)/src/libostree/ostree-fetcher.h \
$(NULL)
src/libostree/ostree-enumtypes.h: src/libostree/ostree-enumtypes.h.template $(ENUM_TYPES)
$(AM_V_GEN) $(GLIB_MKENUMS) \
--template $< \
$(ENUM_TYPES) > $@.tmp && mv $@.tmp $@
src/libostree/ostree-enumtypes.c: src/libostree/ostree-enumtypes.c.template $(ENUM_TYPES)
$(AM_V_GEN) $(GLIB_MKENUMS) \
--template $< \
--fhead "#include \"ostree-enumtypes.h\"" \
$(ENUM_TYPES) > $@.tmp && mv $@.tmp $@
ENUM_GENERATED = \
src/libostree/ostree-enumtypes.h \
src/libostree/ostree-enumtypes.c \
$(NULL)
BUILT_SOURCES += $(ENUM_GENERATED)
CLEANFILES += $(BUILT_SOURCES)
libbupsplit_la_SOURCES = \
src/libostree/bupsplit.h \
src/libostree/bupsplit.c \
$(NULL)
libostree_1_la_SOURCES = \
$(ENUM_GENERATED) \
src/libostree/ostree-async-progress.c \
src/libostree/ostree-cmdprivate.h \
src/libostree/ostree-cmdprivate.c \
src/libostree/ostree-core-private.h \
src/libostree/ostree-core.c \
src/libostree/ostree-checksum-input-stream.c \
src/libostree/ostree-checksum-input-stream.h \
src/libostree/ostree-chain-input-stream.c \
src/libostree/ostree-chain-input-stream.h \
src/libostree/ostree-lzma-common.c \
src/libostree/ostree-lzma-common.h \
src/libostree/ostree-lzma-compressor.c \
src/libostree/ostree-lzma-compressor.h \
src/libostree/ostree-lzma-decompressor.c \
src/libostree/ostree-lzma-decompressor.h \
src/libostree/ostree-rollsum.h \
src/libostree/ostree-rollsum.c \
src/libostree/ostree-varint.h \
src/libostree/ostree-varint.c \
src/libostree/ostree-linuxfsutil.h \
src/libostree/ostree-linuxfsutil.c \
src/libostree/ostree-diff.c \
src/libostree/ostree-mutable-tree.c \
src/libostree/ostree-repo.c \
src/libostree/ostree-repo-checkout.c \
src/libostree/ostree-repo-commit.c \
src/libostree/ostree-repo-libarchive.c \
src/libostree/ostree-repo-prune.c \
src/libostree/ostree-repo-refs.c \
src/libostree/ostree-repo-traverse.c \
src/libostree/ostree-repo-private.h \
src/libostree/ostree-repo-file.c \
src/libostree/ostree-repo-file-enumerator.c \
src/libostree/ostree-repo-file-enumerator.h \
src/libostree/ostree-sepolicy.c \
src/libostree/ostree-sysroot-private.h \
src/libostree/ostree-sysroot.c \
src/libostree/ostree-sysroot-cleanup.c \
src/libostree/ostree-sysroot-deploy.c \
src/libostree/ostree-sysroot-upgrader.c \
src/libostree/ostree-bootconfig-parser.c \
src/libostree/ostree-deployment.c \
src/libostree/ostree-bootloader.h \
src/libostree/ostree-bootloader.c \
src/libostree/ostree-bootloader-grub2.h \
src/libostree/ostree-bootloader-grub2.c \
src/libostree/ostree-bootloader-syslinux.h \
src/libostree/ostree-bootloader-syslinux.c \
src/libostree/ostree-bootloader-uboot.h \
src/libostree/ostree-bootloader-uboot.c \
src/libostree/ostree-repo-static-delta-core.c \
src/libostree/ostree-repo-static-delta-processing.c \
src/libostree/ostree-repo-static-delta-compilation.c \
src/libostree/ostree-repo-static-delta-compilation-analysis.c \
src/libostree/ostree-repo-static-delta-private.h \
src/libostree/ostree-gpg-verifier.c \
src/libostree/ostree-gpg-verifier.h \
src/libostree/ostree-gpg-verify-result.c \
src/libostree/ostree-gpg-verify-result-private.h \
$(NULL)
if USE_LIBARCHIVE
libostree_1_la_SOURCES += src/libostree/ostree-libarchive-input-stream.h \
src/libostree/ostree-libarchive-input-stream.c \
$(NULL)
endif
if HAVE_LIBSOUP_CLIENT_CERTS
libostree_1_la_SOURCES += \
src/libostree/ostree-tls-cert-interaction.c \
src/libostree/ostree-tls-cert-interaction.h \
$(NULL)
endif
libostree_1_la_CFLAGS = $(AM_CFLAGS) -I$(srcdir)/bsdiff -I$(srcdir)/libglnx -I$(srcdir)/src/libotutil -I$(srcdir)/src/libostree -I$(builddir)/src/libostree \
$(OT_INTERNAL_GIO_UNIX_CFLAGS) $(OT_INTERNAL_GPGME_CFLAGS) $(OT_DEP_LZMA_CFLAGS) $(OT_DEP_ZLIB_CFLAGS) \
-fvisibility=hidden '-D_OSTREE_PUBLIC=__attribute__((visibility("default"))) extern'
libostree_1_la_LDFLAGS = -version-number 1:0:0 -Bsymbolic-functions -Wl,--version-script=$(top_srcdir)/src/libostree/libostree.sym
libostree_1_la_LIBADD = libotutil.la libbupsplit.la libglnx.la libbsdiff.la libostree-kernel-args.la $(OT_INTERNAL_GIO_UNIX_LIBS) $(OT_INTERNAL_GPGME_LIBS) $(OT_DEP_LZMA_LIBS) $(OT_DEP_ZLIB_LIBS)
if USE_LIBARCHIVE
libostree_1_la_CFLAGS += $(OT_DEP_LIBARCHIVE_CFLAGS)
libostree_1_la_LIBADD += $(OT_DEP_LIBARCHIVE_LIBS)
endif
if USE_LIBSOUP
libostree_1_la_SOURCES += \
src/libostree/ostree-fetcher.h \
src/libostree/ostree-fetcher.c \
src/libostree/ostree-metalink.h \
src/libostree/ostree-metalink.c \
src/libostree/ostree-repo-pull.c \
$(NULL)
libostree_1_la_CFLAGS += $(OT_INTERNAL_SOUP_CFLAGS)
libostree_1_la_LIBADD += $(OT_INTERNAL_SOUP_LIBS)
endif
if USE_LIBMOUNT
libostree_1_la_CFLAGS += $(OT_DEP_LIBMOUNT_CFLAGS)
libostree_1_la_LIBADD += $(OT_DEP_LIBMOUNT_LIBS)
endif
if USE_SELINUX
libostree_1_la_CFLAGS += $(OT_DEP_SELINUX_CFLAGS)
libostree_1_la_LIBADD += $(OT_DEP_SELINUX_LIBS)
endif
if BUILDOPT_INTROSPECTION
OSTree-1.0.gir: libostree-1.la Makefile
OSTree_1_0_gir_EXPORT_PACKAGES = ostree-1
OSTree_1_0_gir_INCLUDES = Gio-2.0
OSTree_1_0_gir_CFLAGS = $(libostree_1_la_CFLAGS)
OSTree_1_0_gir_LIBS = libostree-1.la
OSTree_1_0_gir_SCANNERFLAGS = --warn-all --identifier-prefix=Ostree --symbol-prefix=ostree
OSTree_1_0_gir_FILES = $(libostreeinclude_HEADERS) $(filter-out %-private.h,$(libostree_1_la_SOURCES))
INTROSPECTION_GIRS += OSTree-1.0.gir
gir_DATA += OSTree-1.0.gir
typelib_DATA += OSTree-1.0.typelib
CLEANFILES += $(gir_DATA) $(typelib_DATA)
endif
pkgconfig_DATA += src/libostree/ostree-1.pc
gpgreadme_DATA = src/libostree/README-gpg
gpgreadmedir = $(pkgdatadir)/trusted.gpg.d
EXTRA_DIST += src/libostree/README-gpg src/libostree/bupsplit.h \
src/libostree/ostree-enumtypes.h.template \
src/libostree/ostree-enumtypes.c.template \
src/libostree/ostree-deployment-private.h
install-mkdir-remotes-d-hook:
mkdir -p $(DESTDIR)$(sysconfdir)/ostree/remotes.d
INSTALL_DATA_HOOKS += install-mkdir-remotes-d-hook