| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
| |
We're waaay overdue for this, it's been the default
in rpm-ostree for years, and solves several important bugs
around not capturing `/etc` while things are running.
Also, `ostree admin upgrade --stage` (should) become idempotent.
Closes: https://github.com/ostreedev/ostree/issues/2389
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `admin` commandline should be considered a demo; I just added
the `pin` command *mostly* so we could use it for unit tests, although
I can imagine other people using it.
But maintaining completions is a lot of overhead right now, let's not
do it for `admin`.
The other command line options that operate on repos we will definitely maintain
since they're used in releng contexts.
Closes: #1468
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `origin/unlocked` and `origin/override-commit` keys are examples of state
that's really transient; we don't want to maintain them across upgrades. Right
now there are bits for this in both `ostree admin upgrade` as well as in
rpm-ostree.
This new API will slightly clean up both cases, but it's really prep for adding
a concept of deployment "pinning" that will live in the new
`libostree-transient` group.
Closes: #1464
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SPDX License List is a list of (common) open source
licenses that can be referred to by a “short identifier”.
It has several advantages compared to the common "license header texts"
usually found in source files.
Some of the advantages:
* It is precise; there is no ambiguity due to variations in license header
text
* It is language neutral
* It is easy to machine process
* It is concise
* It is simple and can be used without much cost in interpreted
environments like java Script, etc.
* An SPDX license identifier is immutable.
* It provides simple guidance for developers who want to make sure the
license for their code is respected
See http://spdx.org for further reading.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Closes: #1439
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is similar idea as
https://github.com/projectatomic/rpm-ostree/pull/916/commits/5c0bf889155573feec108501ce849ac09a0c9567,
The duplicated description is now removed, and the description
of the command is now displayed beneath the Usage.
For example:
ostree cat -h will output the following:
"Usage:
ostree cat [OPTION?] COMMIT PATH...
Concatenate contents of files"
Closes: #1267
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a similar approach as
https://github.com/projectatomic/rpm-ostree/commit/12c34bb2491a07079c911ef26401fee939e5573c.
One thing to note is when we parse the admin related functions,
we still keep the old admin related flags, and added a new parameter
to represent the command struct.
This allows us to identify the caller of the function, making it
easier for us to possibly deduplicate the subcommand handling in
the future. A similar approach is done in rpm-ostree:
https://github.com/projectatomic/rpm-ostree/commit/83aeb018c1012c7a43783c09b74ec71bc9c45826
This also makes it easier for us to change the prototype of the function.
If we want to add something new in the future, we won't need to touch every prototype.
Closes: #1267
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
| |
We added a `.dir-locals.el` in commit: 9a77017d87b74c5e2895cdd64ad098018929403f
There's no need to have it per-file, with that people might think
to add other editors, which is the wrong direction.
Closes: #1206
Approved by: jlebon
|
|
|
|
|
|
|
|
|
| |
Followup from previous patch - we can now centralize the sysroot loading.
Besides the obvious cleanup value, this is also prep for dropping an
`ostree_sysroot_get_path()` user.
Closes: #1123
Approved by: jlebon
|
|
|
|
|
|
|
| |
Was pretty easy. Prep for future work.
Closes: #1123
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
| |
/* ATTENTION:
* Please remember to update the bash-completion script (bash/ostree) and
* man page (man/ostree-$COMMANDNAME.xml) when changing the option list.
*/
Closes: #1080
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
| |
Part of cleaning up our usage of libglnx; we want to use what's in GLib where we
can.
Had to change a few .c files to `#include ostree.h` early on to pick up
autoptrs for the core types.
Closes: #1040
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
| |
This makes it easier to script downloading updates in the background,
and only do deployments just before rebooting.
Partially addresses https://github.com/ostreedev/ostree/issues/640
Closes: #642
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
| |
We were leaking in a few places that I noticed in an ASAN run. Also,
this was one of the last non-autoptr cleanup sections we have in
`out:` cleanup sections, making us a lot closer to a potential
full-tree rewrite to `return FALSE`.
Closes: #624
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
| |
CLang finds these, whereas GCC treats having
`__attribute__((cleanup))` as a use.
This obsoletes https://github.com/ostreedev/ostree/pull/411
Closes: #548
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To GLnxConsoleRef. There were some subtleties here, for example we
used to reference `GSConsole` inside the progress changed function,
which at first seems like an ABI hazard, because e.g. rpm-ostree or
xdg-app could still be passing a `GSConsole` instance there. Luckily,
it turns out to be compatible to just start calling libglnx here.
Another issue was that due to libglnx's use of the cleanup function,
we needed to ensure we always called `ostree_async_progress_finish()`
*before* the cleanup function was invoked.
Closes: #280
Approved by: giuseppe
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm trying to improve the developer experience on OSTree-managed
systems, and I had an epiphany the other day - there's no reason we
have to be absolutely against mutating the current rootfs live. The
key should be making it easy to rollback/reset to a known good state.
I see this command as useful for two related but distinct workflows:
- `ostree admin unlock` will assume you're doing "development". The
semantics hare are that we mount an overlayfs on `/usr`, but the
overlay data is in `/var/tmp`, and is thus discarded on reboot.
- `ostree admin unlock --hotfix` first clones your current deployment,
then creates an overlayfs over `/usr` persistent
to this deployment. Persistent in that now the initramfs switchroot
tool knows how to mount it as well. In this model, if you want
to discard the hotfix, at the moment you roll back/reboot into
the clone.
Note originally, I tried using `rofiles-fuse` over `/usr` for this,
but then everything immediately explodes because the default (at least
CentOS 7) SELinux policy denies tons of things (including `sshd_t`
access to `fusefs_t`). Sigh.
So the switch to `overlayfs` came after experimentation. It still
seems to have some issues...specifically `unix_chkpwd` is broken,
possibly because it's setuid? Basically I can't ssh in anymore.
But I *can* `rpm -Uvh strace.rpm` which is handy.
NOTE: I haven't tested the hotfix path fully yet, specifically
the initramfs bits.
|
|
|
|
|
|
| |
Since we hard-depend on GLib 2.40, we can start using GSubprocess.
This is part of dropping our dependency on libgsystem, which is
deprecated in favor of libglnx (as well as migrating things to GLib).
|
|
|
|
|
|
|
|
|
|
|
| |
Adds an entry to the origin file to force the OstreeSysrootUpgrader to
pull and deploy the given checksum.
[origin]
override-commit=CHECKSUM
If the option is not given, any such entry is explicitly removed from
the origin file to ensure we upgrade to the latest available commit.
|
| |
|
| |
|
|
|
|
|
| |
For non-GIO object types, at least until autocleanup support for GObject
based types becomes more widespread.
|
|
|
|
|
| |
GLib 2.44 supplies all the necessary autocleanup macros for GIO types,
and libglnx backports the relevant macros for ostree.
|
| |
|
|
|
|
|
|
|
| |
Indicates the command requires superuser privilege. Fails early with
a more helpful message than would otherwise be returned by libostree.
Currently all admin commands except 'status' require superuser.
|
|
|
|
| |
Only OSTREE_ADMIN_BUILTIN_FLAG_NONE so far; does nothing.
|
|
|
|
|
| |
Replaces ot_common_pull_progress() in ostree binary, so it can be shared
with rpm-ostree.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor command-line parsing to better utilize GOptionContext. This
eliminates most of the manual parsing and global options are now shown
in the help output.
Here's a sample:
$ ostree admin --help
Usage:
ostree admin [OPTION...] --print-current-dir|COMMAND
Builtin "admin" Commands:
cleanup
config-diff
deploy
init-fs
instutil
os-init
status
switch
undeploy
upgrade
Help Options:
-h, --help Show help options
Application Options:
--sysroot=PATH Create a new OSTree sysroot at PATH
-v, --verbose Print debug information during command processing
--version Print version information and exit
https://bugzilla.gnome.org/show_bug.cgi?id=740295
|
|
|
|
|
|
|
|
|
| |
Corrections, clarifications, consistency.
Not a comprehensive overhaul of the manpages; they do still need work.
These are just flaws I've noted while studying the ostree command syntax.
https://bugzilla.gnome.org/show_bug.cgi?id=740097
|
|
|
|
| |
Otherwise we potentially get overlapped output.
|
| |
|
|
|
|
| |
This was unintentially dropped with the OstreeSysrootUpgrader rebase.
|
| |
|
|
|
|
|
| |
This moves some utility code from the ostree tool into the shared
library, which will make it easier to consume by external tools.
|
|
|
|
|
| |
The admin commands had this shared in tool common, but we want to
encourage external programs to do this as well.
|
| |
|
|
|
|
|
| |
1) We were ignoring the remote, which is broken
2) We were printing NULL later on
|
|
|
|
|
|
|
|
|
| |
We don't want to allow MITM attackers to intercept upgrade requests
and provide clients with older OS versions vulnerable to security
flaws.
Only "ostree admin upgrade" gets this behavior for now - whether we
want to do it for "ostree admin switch" is another question.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "ordered hash" code was really just for kernel arguments. And it
turns out it needs to be a multihash (for e.g. multiple console=
arguments).
So turn the OstreeOrderedHash into OstreeKernelArgs, and move the bits
to split key=value and such into there.
Now we're not making this public API yet - the public OstreeSysroot
just takes char **kargs. To facilitate code reuse between ostree/ and
libostree/, make it a noinst libtool library. It'll be duplicated in
the binary and library, but that's OK for now. We can investigate
making OstreeKernelArgs public later.
https://bugzilla.gnome.org/show_bug.cgi?id=721136
|
|
|
|
|
| |
Otherwise if the operation completes before anything happens, we hit
an assertion trying to end a status line when we didn't begin one.
|
|
|
|
|
|
|
|
|
| |
The libostree already treats passing NULL for osname as "booted
osname, if any". We should do the same inside the tools. The upgrade
builtin had this logic duplicated there; we should be able to safely
remove it.
https://bugzilla.gnome.org/show_bug.cgi?id=710970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Several APIs in libostree were moved there from the commandline code,
and have hardcoded g_print() for progress and notifications. This
isn't useful for people who want to write PackageKit backends, custom
GUIs and the like.
From what I can tell, there isn't really a winning precedent in GLib
for progress notifications.
PackageKit has the model where the source has GObject properties that
change as async ops execute, which isn't bad...but I'd like something
a bit more general where say you can have multiple outstanding async
ops and sensibly track their state.
So, OstreeAsyncProgress is basically a threadsafe property bag with a
change notification signal.
Use this new API to move the GSConsole usage (i.e. g_print()) out from
libostree/ and into ostree/.
|
|
|
|
|
|
|
|
|
| |
This commit changes the sysroot API so that one can create arbitrary
new deployment checkouts, then commit them as one step. This is to
enable things like an automatic bisection tool which say create 50
deployments at once, then when done clean them up.
This also moves some printfs from the library into src/ostree.
|
|
|
|
|
|
|
|
|
|
|
| |
This uses gpgv for verification against DATADIR/ostree/pubring.gpg by
default. The keyring can be overridden by specifying OSTREE_GPG_HOME.
Add a unit test for commit signing with gpg key and verifying on pull;
to implement this we ship a test GPG key generated with no password
for Ostree Tester <test@test.com>.
Change all of the existing tests to disable GPG verification.
|
|
|
|
| |
Obviously.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we have a real GObject for the sysroot, we have a convenient
place to keep track of 4 pieces of state:
* The current deployment list
* The current bootversion
* The current subbootversion
* The current booted deployment (if any)
Avoid requiring callers to pass all of this around and load it
piecemeal; instead the new thing is ostree_sysroot_load().
|
|
|
|
| |
Moving towards it being a full library.
|
|
|
|
| |
Move the deployment code too.
|
|
|
|
| |
OstreeBootloader is temporarily public API.
|