| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
This is a one-time tree wide reformatting to ensure consistency
going forward.
|
|
|
|
|
|
|
|
| |
My editor started following the configuration in .editorconfig and is
applying this rule to many files I'm editing. Let's just get this over
with and strip everything. This was done like so:
git ls-files | grep '\.[ch]$' | xargs sed -ri 's/\s+$//'
|
|
|
|
|
|
|
|
|
|
|
| |
update all existing deployments in place
Example:
$ sudo ostree admin kargs edit-in-place --append-if-missing=rw
See https://github.com/ostreedev/ostree/issues/2617
This will not add duplicate key, if there is `TESTARG=VAL1` in the
kernel arguments, `--append-if-missing=TESTARG=VAL2` will be ignored.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Quite a while ago we added staged deployments, which solved
a bunch of issues around the `/etc` merge. However...a persistent
problem since then is that any failures in that process that
happened in the *previous* boot are not very visible.
We ship custom code in `rpm-ostree status` to query the previous
journal. But that has a few problems - one is that on systems
that have been up a while, that failure message may even get
rotated out. And second, some systems may not even have a persistent
journal at all.
A general thing we do in e.g. Fedora CoreOS testing is to check
for systemd unit failures. We do that both in our automated tests,
and we even ship code that displays them on ssh logins. And beyond
that obviously a lot of other projects do the same; it's easy via
`systemctl --failed`.
So to make failures more visible, change our `ostree-finalize-staged.service`
to have an internal wrapper around the process that "catches" any
errors, and copies the error message into a file in `/boot/ostree`.
Then, a new `ostree-boot-complete.service` looks for this file on
startup and re-emits the error message, and fails.
It also deletes the file. The rationale is to avoid *continually*
warning. For example we need to handle the case when an upgrade
process creates a new staged deployment. Now, we could change the
ostree core code to delete the warning file when that happens instead,
but this is trying to be a conservative change.
This should make failures here much more visible as is.
|
| |
|
|
|
|
|
|
| |
- Use `REV` instead of `REF` in places where we meant it.
- Fix `commit --parent` actually taking a commit checksum and not a ref.
- Fix `ostree admin switch` using `REF` instead of `REFSPEC`.
|
|
|
|
|
|
|
|
|
| |
This adds subcommands that were missing from the ostree-admin man page,
and makes cosmetic fixes there and in the --help output to ensure
alphabetical order and remove trailing whitespace.
Closes: #1621
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add API to write a deployment state to `/run/ostree/staged-deployment`,
along with a systemd service which runs at shutdown time.
This is a big change to the ostree model for hosts,
but it closes a longstanding set of bugs; many, many people have
hit the "losing changes in /etc" problem. It also avoids
the other problem of racing with programs that modify `/etc`
such as LVM backups:
https://bugzilla.redhat.com/show_bug.cgi?id=1365297
We need this in particular to go to a full-on model for
automatically updated host systems where (like a dual-partition model)
everything is fully prepared and the reboot can be taken
asynchronously.
Closes: https://github.com/ostreedev/ostree/issues/545
Closes: #1503
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a "hidden command" flag, and use it for `admin instutil` since
I regret adding it, and people should be using the API.
Prep for adding another hidden command as part of staging deployments.
(Down the line we should investigate deduplicating the recursive
command parsing code)
Closes: #1535
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Example user story: Jane rebases her OS to a new major version N, and wants to
keep around N-1 even after a few upgrades for a while so she can easily roll
back. I plan to add `rpm-ostree rebase --pin` to opt-in to this for example.
Builds on the new `libostree-transient` group to store pinning state there.
Closes: https://github.com/ostreedev/ostree/issues/1460
Closes: #1464
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SPDX License List is a list of (common) open source
licenses that can be referred to by a “short identifier”.
It has several advantages compared to the common "license header texts"
usually found in source files.
Some of the advantages:
* It is precise; there is no ambiguity due to variations in license header
text
* It is language neutral
* It is easy to machine process
* It is concise
* It is simple and can be used without much cost in interpreted
environments like java Script, etc.
* An SPDX license identifier is immutable.
* It provides simple guidance for developers who want to make sure the
license for their code is respected
See http://spdx.org for further reading.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Closes: #1439
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a similar approach as
https://github.com/projectatomic/rpm-ostree/commit/12c34bb2491a07079c911ef26401fee939e5573c.
One thing to note is when we parse the admin related functions,
we still keep the old admin related flags, and added a new parameter
to represent the command struct.
This allows us to identify the caller of the function, making it
easier for us to possibly deduplicate the subcommand handling in
the future. A similar approach is done in rpm-ostree:
https://github.com/projectatomic/rpm-ostree/commit/83aeb018c1012c7a43783c09b74ec71bc9c45826
This also makes it easier for us to change the prototype of the function.
If we want to add something new in the future, we won't need to touch every prototype.
Closes: #1267
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added a description argument to all type
of commands. Now when we include -h or --help
for commands that contain subcommands, the description
for those subcommands are shown.
The added subcommands help will be provided to the following commands:
- ostree -h
- ostree admin -h
- ostree admin instutil -h
- ostree remote -h
- ostree static-delta -h
Closes: #1267
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
| |
We added a `.dir-locals.el` in commit: 9a77017d87b74c5e2895cdd64ad098018929403f
There's no need to have it per-file, with that people might think
to add other editors, which is the wrong direction.
Closes: #1206
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
| |
There's no need to load the sysroot for root commands which have
subcommands, like `ostree admin` and `ostree admin instutil`. Otherwise,
even just calling them without arguments will cause a failure. The
subcommands will have the appropriate flags set as needed.
Closes: #1126
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
| |
If we're freeing the segment, it's basically always better to use
`autoptr()`. Fewer lines, more reliable, etc.
Noticed an instance of this in the pull code while reviewing a different PR,
decided to do a grep for it and fix it tree wide.
Closes: #836
Approved by: pwithnall
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Should fix everything from
<https://kojipkgs.fedoraproject.org//packages/ostree/2017.2/3.fc25/data/logs/x86_64/build.log>
Anything that uses autocleanups should *always* be initialized directly I think,
even if a few lines down we directly assign, since this way it's more robust
against refactoring.
And the `freopen()` warnings are right - IMO we should *always* check return
values.
Closes: #711
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
| |
We were leaking in a few places that I noticed in an ASAN run. Also,
this was one of the last non-autoptr cleanup sections we have in
`out:` cleanup sections, making us a lot closer to a potential
full-tree rewrite to `return FALSE`.
Closes: #624
Approved by: jlebon
|
|
|
|
|
|
|
|
|
|
| |
Various places need to include libglnx.h for the autoptr backport
fallbacks to be there before ostree-autocleanups.h is included.
This fixes the build on centos7·
Closes: #309
Approved by: giuseppe
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm trying to improve the developer experience on OSTree-managed
systems, and I had an epiphany the other day - there's no reason we
have to be absolutely against mutating the current rootfs live. The
key should be making it easy to rollback/reset to a known good state.
I see this command as useful for two related but distinct workflows:
- `ostree admin unlock` will assume you're doing "development". The
semantics hare are that we mount an overlayfs on `/usr`, but the
overlay data is in `/var/tmp`, and is thus discarded on reboot.
- `ostree admin unlock --hotfix` first clones your current deployment,
then creates an overlayfs over `/usr` persistent
to this deployment. Persistent in that now the initramfs switchroot
tool knows how to mount it as well. In this model, if you want
to discard the hotfix, at the moment you roll back/reboot into
the clone.
Note originally, I tried using `rofiles-fuse` over `/usr` for this,
but then everything immediately explodes because the default (at least
CentOS 7) SELinux policy denies tons of things (including `sshd_t`
access to `fusefs_t`). Sigh.
So the switch to `overlayfs` came after experimentation. It still
seems to have some issues...specifically `unix_chkpwd` is broken,
possibly because it's setuid? Basically I can't ssh in anymore.
But I *can* `rpm -Uvh strace.rpm` which is handy.
NOTE: I haven't tested the hotfix path fully yet, specifically
the initramfs bits.
|
|
|
|
|
|
|
|
|
| |
When I was introducing the `_UNLOCKED` flag, I only audited
subcommands of `ostree admin`, but I missed that `ostree admin
instutil` also used the option parsing. Those are only used by
Anaconda today so we can ignore them for locking purposes.
Also, the usage help generation was grabbing the lock unnecessarily.
|
| |
|
| |
|
|
|
|
| |
Only OSTREE_ADMIN_BUILTIN_FLAG_NONE so far; does nothing.
|
|
|
|
|
|
|
|
| |
See projectatomic/rpm-ostree#42 for rationale. There are two high
level use cases:
- If the OS comes unconfigured, this is a way to point it at a repo of your choice.
- To switch between repositories while keeping the same branch easily.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor command-line parsing to better utilize GOptionContext. This
eliminates most of the manual parsing and global options are now shown
in the help output.
Here's a sample:
$ ostree admin --help
Usage:
ostree admin [OPTION...] --print-current-dir|COMMAND
Builtin "admin" Commands:
cleanup
config-diff
deploy
init-fs
instutil
os-init
status
switch
undeploy
upgrade
Help Options:
-h, --help Show help options
Application Options:
--sysroot=PATH Create a new OSTree sysroot at PATH
-v, --verbose Print debug information during command processing
--version Print version information and exit
https://bugzilla.gnome.org/show_bug.cgi?id=740295
|
|
|
|
|
|
|
| |
Add an option --print-current-dir that prints the current deployment
directory to stdout and exits.
https://bugzilla.gnome.org/show_bug.cgi?id=731051
|
|
|
|
|
|
|
|
| |
The standard convention is that the output of --help should go to standard
output (so that it can be piped to a pager and searched.) See, e.g., the
GNU coding standards.
https://bugzilla.gnome.org/show_bug.cgi?id=737194
|
|
|
|
|
|
|
| |
Only 'ostree admin' was appearing in the help message for commands
nested within ostree admin.
https://bugzilla.gnome.org/show_bug.cgi?id=737194
|
|
|
|
|
|
|
| |
'ostree admin <x> --help' and 'ostree admin instutil <x> --help' should
give help on the deepest subcommand, not on 'ostree admin'.
https://bugzilla.gnome.org/show_bug.cgi?id=737194
|
|
|
|
|
|
|
|
| |
'ostree admin' and 'ostree admin instuil' with no arguments were meant to fail,
but the logic was wrong; add an assertion on the return value from all ostree
commands to catch similar problems in the future.
https://bugzilla.gnome.org/show_bug.cgi?id=737194
|
|
|
|
|
|
|
|
|
|
| |
Using docker as a model, this update creates separate manpages
for each OSTree command, such that the main manpage is not
cluttered and the separate pages can provide more in-depth detail
and exanples that might be useful to a user. Each page includes
synopsis, description, example, and a list of options if needd.
This update also alphabetizes the usage error output for ostree
and ostree admin so that it matches the list on the manpage.
|
|
|
|
|
|
| |
There are going to be a few utilities that are only useful for
installers and disk image creation tools. Let's not expose them all
at the toplevel; instead, hide them under "instutil".
|
|
|
|
|
|
|
|
|
|
|
| |
Code like rpm-ostree generates disk images directly. In order to
ensure SELinux labeling is correct, it currently has a helper program
that runs over the deployment root, then over the whole disk and to
only set a label if none exist.
In order to make it easier to write installers such as Anaconda
without having them depend on rpm-ostree (or whatever other
build-server side program), pull in the helper code here.
|
|
|
|
|
| |
This is something I want to make easier, as it better showcases the
flexibility of OSTree.
|
|
|
|
|
| |
At the moment, just a container for a path, but we will start moving
admin functionality here.
|
|
|
|
|
|
|
|
|
|
| |
It turns out every builtin (with one special exception) that takes a
repo argument did the same thing; let's just centralize it. The
special exception was "ostree init --repo=foo" where foo is expected
to *not* actually be a repo. In that case, simply skip the
ostree_repo_check() invocation.
https://bugzilla.gnome.org/show_bug.cgi?id=706762
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Specifying global options after the command for a more natural:
# ostree commit --repo=/path/to/repo ...
* Support asking for --help without --repo
# ostree commit --help
* Support short form of -h
* Support specifying --repo without equals sign
# ostree --repo /path/to/repo commit ...
* Support global --help and -h
# ostree --help
* Ditto for ostree admin sub commands
* Removed some leaky code
https://bugzilla.gnome.org/show_bug.cgi?id=705903
|
|
|
|
|
| |
Pass through GCancellable, and just use GFile *sysroot, since that's
all OtAdminBuiltinOpts was.
|
|
|
|
|
| |
This required a fair bit of surgery because previously ostree.h
included otutil.h, but that's supposed to be a private library.
|
|
|
|
|
|
| |
Otherwise it's really easy to keep accumulating deployments. Also, we
may want to run this after rebooting, so we're back down to one
operating system.
|
|
|
|
|
| |
This is just cleaner, and makes the builtins slightly more of a
library, which in turn makes it easier to turn them into real API.
|
|
|
|
|
|
|
| |
Calling it "cleanup" is better since it does more than repo pruning.
We were also doing a prune twice; ot_admin_cleanup() already does one,
so drop the bits to do it in cleanup.c.
|
|
|
|
| |
Oops.
|
|
|
|
| |
A followup for the previous commit.
|
|
|
|
|
|
| |
It isn't useful at the moment, since the deploy stuff all changed. It
will make sense to bring back later, but for now let's not carry
broken untested code.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Originally, the idea was that clients would replicate "OS/tree"s from
a build server, but we'd run things like "ldconfig" on the client.
This was to allow adding e.g. the nVidia binary driver.
However, the triggers were the only thing in the system at the moment
that really had expected knowledge of the *contents* of the OS, like
the location of binaries.
For now, it's architecturally cleaner if we move the burden of
triggers to the tree builder (e.g. gnome-ostree or RPM). Eventually
we may want OSTree to assist with this type of thing (perhaps
something like RPM %ghost), but this is the right thing to do now.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
See https://wiki.gnome.org/OSTree/DeploymentModel2
This is a major rework of the on-disk filesystem layout, and the boot
process. OSTree now explicitly supports upgrading kernels, and these
upgrades are also atomic.
The core concept of the new model is the "deployment list", which is
an ordered list of bootable operating system trees. The deployment
list is reflected in the bootloader configuration; which has a kernel
argument that tells the initramfs (dracut) which operating system root
to use.
Invidiual notable changes that come along with this:
1) Operating systems should now come with their etc in usr/etc; OSTree
will perform a 3-way merge at deployment time, and place etc in
the actual root. This avoids the need for a bind mount, and is
just a lot cleaner.
2) OSTree no longer bind mounts /root, /home, and /tmp. It is expected
that the the OS/ has these as symbolic links into /var.
At the moment, OSTree only supports managing syslinux; other
bootloader backends will follow.
|
|
|
|
|
| |
When booted inside an ostree system, we want /sysroot/ostree, not
just /ostree by default.
|
|
|
|
|
| |
This is intended for use by QA tools that want to manipulate a
loopback-mounted disk image or the like.
|