f81b9fa166
We've long struggled with semantics for `/var`. Our stance of "/var should start out empty and be managed by the OS" is a strict one, that pushes things closer to the original systemd upstream ideal of the "OS state is in /usr". However...well, a few things. First, we had some legacy bits here which were always populating the deployment `/var`. I don't think we need that if systemd is in use, so detect if the tree has `usr/lib/tmpfiles.d`, and don't create that stuff at `ostree admin stateroot-init` time if so. Building on that then, we have the stateroot `var` starting out actually empty. When we do a deployment, if the stateroot `var` is empty, make a copy (reflink if possible of course) of the commit's `/var` into it. This matches the semantics that Docker created with volumes, and this is sufficiently simple and easy to explain that I think it's closer to the right thing to do. Crucially...it's just really handy to have some pre-existing directories in `/var` in container images, because Docker (and podman/kube/etc) don't run systemd and hence don't run `tmpfiles.d` on startup. I really hit on the fact that we need `/var/tmp` in our container images by default for example. So there's still some overlap here with e.g. `/usr/lib/tmpfiles.d/var.conf` as shipped by systemd, but that's fine - they don't actually conflict per se. |
||
|---|---|---|
| .copr | ||
| .github | ||
| apidoc | ||
| bash | ||
| bsdiff@b817e9491c | ||
| build-aux | ||
| buildutil | ||
| ci | ||
| coccinelle | ||
| composefs@2d5cdcb917 | ||
| docs | ||
| libglnx@b415d04688 | ||
| man | ||
| manual-tests | ||
| rust-bindings | ||
| src | ||
| tests | ||
| .cci.jenkinsfile | ||
| .clang-format | ||
| .dir-locals.el | ||
| .editorconfig | ||
| .gitmodules | ||
| .lgtm.yml | ||
| .vimrc | ||
| autogen.sh | ||
| Cargo.toml | ||
| cfg.mk | ||
| configure.ac | ||
| CONTRIBUTING.md | ||
| COPYING | ||
| deny.toml | ||
| git.mk | ||
| GNUmakefile | ||
| Makefile-bash.am | ||
| Makefile-boot.am | ||
| Makefile-decls.am | ||
| Makefile-libostree-defines.am | ||
| Makefile-libostree.am | ||
| Makefile-man.am | ||
| Makefile-ostree.am | ||
| Makefile-otcore.am | ||
| Makefile-otutil.am | ||
| Makefile-switchroot.am | ||
| Makefile-tests.am | ||
| Makefile.am | ||
| mkdocs.yml | ||
| ostree.doap | ||
| README.md | ||
| TODO | ||
libostree
This project is now known as "libostree", though it is still appropriate to use the previous name: "OSTree" (or "ostree"). The focus is on projects which use libostree's shared library, rather than users directly invoking the command line tools (except for build systems). However, in most of the rest of the documentation, we will use the term "OSTree", since it's slightly shorter, and changing all documentation at once is impractical. We expect to transition to the new name over time.
As implied above, libostree is both a shared library and suite of command line tools that combines a "git-like" model for committing and downloading bootable filesystem trees, along with a layer for deploying them and managing the bootloader configuration.
The core OSTree model is like git in that it checksums individual files and has a content-addressed-object store. It's unlike git in that it "checks out" the files via hardlinks, and they thus need to be immutable to prevent corruption. Therefore, another way to think of OSTree is that it's just a more polished version of Linux VServer hardlinks.
Features:
- Transactional upgrades and rollback for the system
- Replicating content incrementally over HTTP via GPG signatures and "pinned TLS" support
- Support for parallel installing more than just 2 bootable roots
- Binary history on the server side (and client)
- Introspectable shared library API for build and deployment systems
- Flexible support for multiple branches and repositories, supporting projects like Flatpak which use libostree for applications, rather than hosts.
Documentation
For more information, see the project documentation or the project documentation website.
Operating systems and distributions using OSTree
Apertis uses libostree for their host system as well as Flatpak. See update documentation and apertis-update-manager
Endless OS uses libostree for their host system as well as Flatpak. See their eos-updater and deb-ostree-builder projects.
For Debian/apt, see also https://github.com/stb-tester/apt2ostree and the LWN article Merkle trees and build systems.
Fedora derivatives use rpm-ostree (noted below); there are 4 variants using OSTree:
Red Hat Enterprise Linux CoreOS is a derivative of Fedora CoreOS, used in OpenShift 4. The machine-config-operator manages upgrades. RHEL CoreOS is also the successor to RHEL Atomic Host, which uses rpm-ostree as well.
GNOME Continuous is where OSTree was born - as a high performance continuous delivery/testing system for GNOME.
GNOME OS is a testing OS that uses libostree for their host system as well as Flatpak.
Liri OS has the option to install their distribution using ostree.
Torizon OS is a Linux distribution for embedded systems that updates via OSTree images delivered via Uptane and aktualizr.
Distribution build tools
meta-updater is a layer available for OpenEmbedded systems.
QtOTA is Qt's over-the-air update framework which uses libostree.
The BuildStream build and integration tool supports importing and exporting from libostree repos.
fedora-iot/otto is a tool that helps ship ostree commits inside Docker/OCI containers and run a webserver to serve the commits.
Fedora coreos-assembler is the build tool used to generate Fedora CoreOS derivatives.
debos is a tool-chain for simplifying the process of building a Debian-based OS image.
gardenlinux/ostree-image-builder is a sample for building Debian-based OS images. It is not production ready but it might be useful to get started.
Projects linking to libostree
rpm-ostree is used by the Fedora-derived operating systems listed above. It is a full hybrid image/package system. By default it uses libostree to atomically replicate a base OS (all dependency resolution is done on the server), but it supports "package layering", where additional RPMs can be layered on top of the base. This brings a "best of both worlds"" model for image and package systems.
eos-updater is a daemon that implements updates on EndlessOS.
Flatpak uses libostree for desktop application containers. Unlike most of the other systems here, Flatpak does not use the "libostree host system" aspects (e.g. bootloader management), just the "git-like hardlink dedup". For example, Flatpak supports a per-user OSTree repository.
aktualizr is an Uptane-conformant software update client library intended for use in automotive and other security-sensitive embedded devices. It uses OSTree to manage the OS of the host device by default.
Language bindings
libostree is accessible via GObject Introspection; any language which has implemented the GI binding model should work. For example, Both pygobject and gjs are known to work and further are actually used in libostree's test suite today.
Some bindings take the approach of using GI as a lower level and write higher level manual bindings on top; this is more common for statically compiled languages. Here's a list of such bindings:
Building
Releases are available as GPG signed git tags, and most recent versions support extended validation using git-evtag.
However, in order to build from a git clone, you must update the submodules. If you're packaging OSTree and want a tarball, I recommend using a "recursive git archive" script. There are several available online; this code in OSTree is an example.
Once you have a git clone or recursive archive, building is the same as almost every autotools project:
git submodule update --init
env NOCONFIGURE=1 ./autogen.sh
./configure --prefix=...
make
make install DESTDIR=/path/to/dest
Contact and discussion forums
There is also an #ostree channel on Libera.Chat as
well as enabled Github discussions.
Contributing
See Contributing.
Licensing
The licensing for the code of libostree can be canonically found in the individual files; and the overall status in the COPYING file in the source. Currently, that's LGPLv2+. This also covers the man pages and API docs.
The license for the manual documentation in the doc/ directory is:
SPDX-License-Identifier: (CC-BY-SA-3.0 OR GFDL-1.3-or-later)
This is intended to allow use by Wikipedia and other projects.
In general, files should have a SPDX-License-Identifier and that is canonical.