| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
This is a one-time tree wide reformatting to ensure consistency
going forward.
|
| |
|
|
|
|
| |
I was looking at our `.gir` and noticed we had the cmdprivate bits
because the pattern for excluding headers is `-private.h`, which
didn't match `cmdprivate.h`.
|
| | |
|
| |
|
|
|
|
| |
Otherwise, this will segfault when callers don't need any exact errors.
Signed-off-by: Ryan Gonzalez <ryan.gonzalez@collabora.com>
|
| |
|
|
|
|
|
|
| |
Doing anything even somewhat sophisticated requires this;
turns out our own `ostree prune` CLI wants this, e.g.
https://github.com/ostreedev/ostree/issues/2337
Closes: https://github.com/ostreedev/ostree/issues/2286
|
| | |
|
| |
|
|
|
|
| |
Clients can use these during pull and avoid downloading the summary if
needed, or use the indexed-deltas instead of relying on the ones in
the summary which may be left out.
|
| |
|
|
|
| |
This ensures we're not racing with a prune operation that can be removing
the delta indexes we're relying on.
|
| |
|
|
|
|
| |
It is useful to be able to trigger this without having to regenerate
the summary. For example, if you are not using summaries, or ar generating
the summaries yourself.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When we update the summary file (and its list of deltas) we also update
all delta indexes. The index format is a single `a{sv}` variant identical
to the metadata-part of the summary with (currently) only the
`ostree.static-deltas` key.
Since we expect most delta indexes to change rarely, we avoid
unnecessary writes when reindexing. New indexes are compared to
existing ones and only the changed ones are written to disk. This
avoids unnecessary write load and mtime changes on the repo server.
|
| |
|
|
| |
This lists all the available delta indexes.
|
| | |
|
| |
|
|
|
| |
Fix/add the `Since` marker to the new static delta APIs, and update the
symbol versioning templates/comments.
|
| |
|
|
|
|
| |
- Remove some unused variables
- Switch to declare-and-initialize with others
- Fix some indentation from 4 spaces to 2 (GNU style)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new function `ostree_repo_static_delta_execute_offline_with_signature`
which takes a signature engine to verify the delta before applying it.
The `ostree_repo_static_delta_execute_offline` is just a wrapper to this
new function, passing a NULL signature engine.
When this function is called without signature engine, but with a sign
delta, it will only fails if `sign-verify-deltas` is set to true in repo
core options.
This commits move signature existence check and delta signature
verification to share common parts between existing APIs and the new
function.
Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
|
| |
|
|
|
|
|
| |
This checks if the static delta file is signed or not to be able to
correctly get the superblock to dump.
Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
|
| |
|
|
|
|
|
| |
This checks if the static delta file is signed or not to be able to
correctly get the superblock to apply.
Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
|
| |
|
|
|
|
|
| |
This retrieves the signatures and pass the static delta block as an array
of bytes to ostree_sign_data_verify().
Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
|
| |
|
|
|
|
|
| |
This loads and makes a digest for a delta superblock. The previous
code was used when generating the deltas section in the summary
file. This changes nothing, but is in preparation for using similar
formats in a separate delta index file.
|
| |
|
|
|
|
|
|
|
|
|
| |
ostree_repo_list_static_delta_names() tried to validate that
any second-level directory element was a directory, but there was
a cut-and-paste issue, and it used `dent->d_type` instead
of `sub_dent->d_type`.
This fixes the code, but all old ostree versions will break if
there are non-directories in a subdirectory of the deltas directory
in the repo, so be wary.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When writing a delta to a file this may not always be recorded
in the filename, and it's useful data.
Ref: https://mail.gnome.org/archives/ostree-list/2019-February/msg00000.html
This also required teaching `show` to accept a file path.
Note...for some reason `test-deltas.sh` breaks when run from
a tty - we get `SIGTTIN` which implies something is reading from
the tty but it wasn't obvious to me what.
Closes: #1823
Approved by: jlebon
|
| |
|
|
|
|
|
| |
Also some `glnx_fstatat_allow_noent()`. Not specifically prep for anything.
Closes: #1511
Approved by: jlebon
|
| |
|
|
|
|
|
|
| |
These show up in the RPM build, I didn't yet try to figure out why we're not
reproducing them outside of that.
Closes: #1510
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SPDX License List is a list of (common) open source
licenses that can be referred to by a “short identifier”.
It has several advantages compared to the common "license header texts"
usually found in source files.
Some of the advantages:
* It is precise; there is no ambiguity due to variations in license header
text
* It is language neutral
* It is easy to machine process
* It is concise
* It is simple and can be used without much cost in interpreted
environments like java Script, etc.
* An SPDX license identifier is immutable.
* It provides simple guidance for developers who want to make sure the
license for their code is respected
See http://spdx.org for further reading.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Closes: #1439
Approved by: cgwalters
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This ends up a lot better IMO. This commit is *mostly* just
`s/glnx_close_fd/glnx_autofd`, but there's also a number of hunks like:
```
- if (self->sysroot_fd != -1)
- {
- (void) close (self->sysroot_fd);
- self->sysroot_fd = -1;
- }
+ glnx_close_fd (&self->sysroot_fd);
```
Update submodule: libglnx
Closes: #1259
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Buried in this large patch is a logical fix:
```
- if (!map)
- return glnx_throw_errno_prefix (error, "mmap");
+ if (map == (void*)-1)
+ return glnx_null_throw_errno_prefix (error, "mmap");
```
Which would have helped me debug another patch I was working
on. But it turns out that actually correctly checking for
errors from `mmap()` triggers lots of other bugs - basically
because we sometimes handle zero-length variants (in detached
metadata). When we start actually returning errors due to
this, things break. (It wasn't a problem in practice before
because most things looked at the zero size, not the data).
Anyways there's a bigger picture issue here - a while ago
we made a fix to only use `mmap()` for reading metadata from disk
only if it was large enough (i.e. `>16k`). But that didn't
help various other paths in the pull code and others that were
directly doing the `mmap()`.
Fix this by having a proper low level fs helper that does "read all data from
fd+offset into GBytes", which handles the size check. Then the `GVariant` bits
are just a clean layer on top of this. (At the small cost of an additional
allocation)
Side note: I had to remind myself, but the reason we can't just use
`GMappedFile` here is it doesn't support passing an offset into `mmap()`.
Closes: #1251
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
| |
We added a `.dir-locals.el` in commit: 9a77017d87b74c5e2895cdd64ad098018929403f
There's no need to have it per-file, with that people might think
to add other editors, which is the wrong direction.
Closes: #1206
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a delta happens to have zero objects, we could end up doing
a divide-by-zero when inferring endianness. In practice,
a zero-object delta isn't possible to generate I think, but
let's make sure the code is defensive all the same.
Spotted by Coverity.
Coverity CID: 1452208
Closes: #1041
Approved by: pwithnall
|
| |
|
|
|
|
|
| |
Just noticed some of this while working on the previous tmpfile bits.
Closes: #973
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
I added `glnx_open_anonymous_tmpfile()`, but then later noticed
that the usage of this was really to be combined with `mmap()`,
and we had two versions of that in the delta code. Add a helper.
(Bigger picture...how is this different from glibc's "mmap() of /dev/zero"
approach for large chunks? One advantage is the storage can be "swapped" to
`/var/tmp`, but still deleted automatically, rather than requiring swap space)
Closes: #973
Approved by: jlebon
|
| |
|
|
|
|
|
| |
Just a few functions to keep up momentum.
Closes: #964
Approved by: jlebon
|
| |
|
|
|
|
|
| |
I had to run a sed job to add whitespace after, but otherwise this was easy.
Closes: #890
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
| |
Follow up to a previous patch that addressed a double-close; I
realized we already had a helper for doing "open dfd iter, do nothing
if we get ENOENT". Raise it to libotuil, and port all consumers.
Closes: #863
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It's just simpler, and I'm not sure people are going to care
much about the difference by default.
We already folded in the fallback sizes into the download totals, so folding in
the count makes things consistent; previously you could see e.g.
`3/3 parts, 100MB/150MB` and be confused.
Closes: #678
Approved by: giuseppe
|
| |
|
|
|
|
|
|
|
|
|
| |
Doing `g_variant_print (superblock)` is unreadable and not very useful,
since we show the checksums as byte arrays.
However, do show the checksums for fallback objects. This makes it easier to see
which objects are fallbacks (and inspect why).
Closes: #678
Approved by: giuseppe
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
I was having this thought today about making more of the OS readonly,
and ultimately if we got to the point where all ostree operations are
through the repo and sysroot dfds, we could have rpm-ostree be the
only process holding those fds open, and have a read-only bind mount
on top.
Anyways, we're not there, likely won't be soon, but this gets us
closer to being fully fd relative.
Closes: #628
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a follow up to conversation on list - in practice, if we're
backing away from summary signing, then it makes sense to remove the
special casing for checksums in deltas around summary signatures.
This is also related to the recent change to enable GPG checking for
commits in deltas - now we have a more coherent story between the
previous pull path and deltas.
I didn't do any performance checking, and while it's slightly annoying
that we're now doing sha256 on the delta content twice (once for the
part and once per object)...sha256 is pretty fast, I think most users
are I/O bound anyways, and it'd drop even farther if we started using
openssl.
Closes: #612
Approved by: jlebon
|
| |
|
|
|
|
|
|
| |
The pull one is the most likely to affect users. Otherwise mostly
just cleaning up `-fsanitize=address`.
Closes: #587
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
| |
If we can't figure out what endianness a delta is, we should just throw
ENDIAN_INVALID.
Resolves: #550
Closes: #553
Approved by: cgwalters
|
| |
|
|
|
|
|
|
|
|
| |
CLang finds these, whereas GCC treats having
`__attribute__((cleanup))` as a use.
This obsoletes https://github.com/ostreedev/ostree/pull/411
Closes: #548
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
| |
We make _ostree_parse_delta_name() a bit more defensive since it handles
user input.
Closes: #504
Closes: #505
Approved by: cgwalters
|
| |
|
|
|
|
|
|
|
|
|
| |
If a static delta is generated between 2 commits with the same content,
then the delta will contain 1 part with no checksums. While useless,
this is a valid delta that shouldn't raise an assertion. If the delta
part has no checksums, then there are no objects to recreate and the
processing can be skipped.
Closes: #420
Approved by: cgwalters
|
| |
|
|
|
| |
Closes: #379
Approved by: cgwalters
|
| |
|
|
|
|
|
|
|
|
| |
I often want to have "idempotent" systems that iterate to a known
state. If after generating a commit, the system is interrupted, I'd
like the next run to still generate a delta. But we don't want to
regenerate if one exists, hence this option.
Closes: #375
Approved by: jlebon
|
| |
|
|
|
| |
Closes: #359
Approved by: cgwalters
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Import `gs_file_enumerator_iterate()` for the next six months or
so...after RHEL 7.3 is released I'm strongly considering hard
requiring 2.46 or so.
Likely at some point we should figure out how to share more "glib
backport" code with NetworkManager at least.
Closes: #341
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have a lot of "allow_noent" type wrapper functions since
a common pattern is to allow files to not exist, but still
throw cleanly on other issues.
This is another instance of that, and cleans up duplicated error
handling code.
Part of this is prep for moving away from `GFile` consumers.
Closes: #319
Approved by: jlebon
|
| |
|
|
|
| |
Closes: #319
Approved by: jlebon
|
| |
|
|
|
|
|
|
| |
In some cases we use glnx_basename(), in others we already had a
`GFileInfo` around with the name.
Closes: #316
Approved by: jlebon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is similar to changes Krzesimir has been doing recently - we
really don't need the ergonomics of floating refs since we have
autocleanups.
We should continue to change most of our code to sink refs.
Specifically here it was pretty broken that the `_map()` API was
sinking but the other two weren't, and this broke some refactoring I
was trying to do later.
Closes: #317
Approved by: jlebon
|
