| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|\ \
| |/
|/| |
|
| |
| |
| |
| |
| | |
This updates to the modern glib 0.14 and paves the way for
some reverse dependency testing by using ostree-ext's code.
|
|\ \
| |/
|/| |
bin/commit: Fix --tree=tar with --selinux-policy
|
|/
|
|
|
|
|
|
|
|
|
|
| |
The logic for `--selinux-policy` ended up in the `--tree=dir`
path, but there's no reason for that. Fix the imported
labeling with `--tree=tar`. Prep for use with containers.
We had this bug because the previous logic was trying to avoid
duplicating the code for generic `--selinux-policy` and
the case of `--selinux-policy-from-base --tree=dir`.
It's a bit more code, but it's cleaner if we dis-entangle them.
|
|\
| |
| | |
two small unit test patches
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Having to touch a global test counter when adding tests is
a recipe for conflicts between PRs.
The TAP protocol allows *ending* with the expected number of
tests, so the best way to do this is to have an explicit
API like our `tap_ok` which bumps a counter, then end with `tap_end`.
I ported one test as a demo.
|
|/
|
|
|
| |
We do this in other places; avoids touching two numbers when
adding tests. Let computers do the addition.
|
|\
| |
| | |
Release 2021.4
|
| | |
|
|/ |
|
|\
| |
| | |
Add support for "custom remotes"
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This will be helpful for the "ostree native container" work in
https://github.com/ostreedev/ostree-rs-ext/
Basically in order to reuse GPG/signapi verification, we need
to support adding a remote, even though it can't be used via
`ostree pull`. (At least, not until we merge ostree-rs-ext into ostree, but
even then I think the principle stands)
|
|\ \
| | |
| | | |
repo-pull: legacy_transaction_resuming flag ignored
|
| |/
| |
| |
| |
| |
| | |
for deltafiles the legacy_transaction_resuming flag is not used,
which will mark the commit as done, even if files are missing.
using already existing commitstate_is_partial function as fix
|
|\ \
| |/
|/| |
upgrade: Stabilize deployment staging
|
|/
|
|
|
|
|
|
|
|
| |
We're waaay overdue for this, it's been the default
in rpm-ostree for years, and solves several important bugs
around not capturing `/etc` while things are running.
Also, `ostree admin upgrade --stage` (should) become idempotent.
Closes: https://github.com/ostreedev/ostree/issues/2389
|
|\
| |
| | |
tests: fix bare mode unprivileged 'make check'
|
| |
| |
| |
| |
| |
| | |
There are some existing issues around fsck in unprivileged bare mode,
so this test does not really work at the moment. Leaving it as a FIXME
for the moment.
|
| |
| |
| |
| |
| | |
This avoids possible issues when trying to chmod, tweaking
permissions instead.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It cannot work to use `--no-xattrs` when SELinux is enabled
because we get a `security.selinux` attribute on created files
regardless. So just skip this test if true.
Also add some `ostree fsck`s in here which helped me debug
this.
|
|/ |
|
|\
| |
| | |
Add an API to verify a commit signature explicitly
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We have a bunch of APIs to do GPG verification of a commit,
but that doesn't generalize to signapi. Further, they
require the caller to check the signature status explicitly
which seems like a trap.
This much higher level API works with both GPG and signapi.
The intention is to use this in things that are doing "external
pulls" like the ostree-ext tar import support. There we will
get the commitmeta from the tarball and we want to verify it
at the same time we import the commit.
|
|\ \
| | |
| | | |
checkout: Also ignore xattrs for union in bare-user-only mode
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Followup to PRs related to https://github.com/ostreedev/ostree/issues/2410
Since the test suite now covers this the test was failing on
a Fedora SELinux enabled host where we see `security.selinux`
even if not in the commit.
|
|\ \ \
| | | |
| | | | |
checkout: Save errno when re-throwing
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I was seeing an `EPERM` here which was confusing.
It turned out the real error was `EEXIST`.
Since we're referring to the original error, but we do a
lot of computation in the middle, we need to save errno.
|
|\ \ \
| | | |
| | | | |
ci: Run GH action CI build+test as non-root
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
This is really the standard best practice, matching how
e.g. dpkg/rpm work, as well as most local development
environments (including mine) with e.g. `toolbox`.
|
|\ \ \
| |/ /
|/| | |
lib: Change read_commit_detached_metadata to be nullable
|
| |/
| |
| |
| | |
Hit this while working on some Rust code.
|
|\ \
| |/
|/| |
lib: improve transactions auto-cleanup logic
|
|/
|
|
|
|
|
|
|
|
| |
This fixes some aspects of OstreeRepoAutoTransaction and re-aligns
it with the logic in flatpak. Specifically:
* link to the underlying repo through refcounting
* bridge internal errors to warning messages
* verify the input pointer type
This is a preparation step before exposing this logic as a public API.
|
|\
| |
| | |
commit: automatically skip xattrs in bare-user-only mode
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
This detects bare-user-only mode and automatically enables a
commit modifier with relevant flags.
|
|/ |
|
|\
| |
| | |
bin/remote: Rename list-gpg-keys to gpg-list-keys
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As pointed out in the original review, `gpg-list-keys` fits better
alongside the existing `gpg-import`.
Changes were done with:
```
git grep -l list-gpg-keys | xargs sed -i 's/list-gpg-keys/gpg-list-keys/'
for src in $(git ls-files '*list-gpg-keys*'); do
dst=${src/list-gpg-keys/gpg-list-keys}
git mv "$src" "$dst"
done
```
|
|\
| |
| | |
lib/diff: ignore xattrs if disabled on either repos
|
|/
|
|
|
| |
This fixes the logic to detect whether xattrs should be automatically
ignored when diffing.
|
|\
| |
| | |
lib/commit: autofix permissions for bare-user-only
|
| |
| |
| |
| |
| | |
This tweaks commit logic to detect bare-user-only repositories and
canonicalize permissions automatically.
|
|\ \
| |/
|/| |
Remote GPG key info
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
If the key UID contains a valid email address, include the GPG WKD
update URLs in GVariant returned by ostree_repo_remote_get_gpg_keys().
|