| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
This is a one-time tree wide reformatting to ensure consistency
going forward.
|
| |
|
|
| |
This fixes the build with `clang-format`.
|
| |
|
|
|
| |
The default is still soup2, you can use --with-soup3 to enable
the soup3 backend instead.
|
| |\
| |
| | |
ostree-metadata commit API
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Rather than creating the `ostree-metadata` commit in the summary
builtin, do it in the new `ostree_repo_regenerate_metadata` API. The
commit contents are unchanged and the commit is generated before the
summary as before. To keep from triggering an extra summary update,
automatic summary updating is disabled in the transaction.
Since the summary builtin was already using the new API, it will
continue to generate the `ostree-metadata` commit when the repo has a
collection ID. However, the `ostree_repo_regenerate_summary` API will
still only generate the summary file as before.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Call `ostree_repo_regenerate_metadata` with the provided GPG and sign
keys to generate and sign the summary in one call. This changes the
handling when GPGME support is disabled but GPG keys are supplied.
Instead of silently ignoring the option, it will now error. IMO that's
better as callers would otherwise not know that the summary is not GPG
signed.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
My editor started following the configuration in .editorconfig and is
applying this rule to many files I'm editing. Let's just get this over
with and strip everything. This was done like so:
git ls-files | grep '\.[ch]$' | xargs sed -ri 's/\s+$//'
|
| |\ \
| | |
| | | |
Various CLI improvements
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
Like with commit metadata, it's useful to list and print metadata keys
are in a summary file. This adds helpers to do that.
|
| | | |
| | |
| | |
| | |
| | | |
While `--print-metadata-key` is very useful, it's not that helpful if
you don't know what the keys are.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The only other way to get the remote ref revision from the CLI is to
scrape the output of `ostree remote summary` or pull the commit. The
revision is already there in the summary's ref map, so might as well add
an option to show it.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Allow printing the revision along with the ref. This is very convenient
for looping over the refs in a shell as well as for quickly seeing which
refs are pointed to the same commit.
|
| | |/
| |
| |
| |
| | |
The output is much more readable sorted. I can't think of any reason
you'd want it unsorted (which is essentially dentry order).
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we calculate the reachability set in `ostree prune`, we do this
without any locking. This means that between the time we build the set
and when we call `ostree_repo_prune_from_reachable`, new content
might've been added. This then causes us to immediately prune that
content since it's not in the now outdated set.
Fix this by calculating the set under an exclusive lock.
I think this is what happened in
https://github.com/fedora-silverblue/issue-tracker/issues/405. While
the pruner was running, the `new-updates-sync` script[1] was importing
content into the repo. The newly imported commits were immediately
deleted by the many `ostree prune --commit-only` calls the pruner does,
breaking the refs.
[1] https://pagure.io/fedora-infra/ansible/blob/35b35127e444/f/roles/bodhi2/backend/files/new-updates-sync#_18
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This lowers down into the C library some logic we
have in the binary/app logic, in prep for having more Rust-native
CLI code in https://github.com/ostreedev/ostree-rs-ext/pull/412
Basically we want to *ensure* a mount namespace by invoking
`unshare()` if necessary, instead of requiring our callers
to do this dance.
This also helps fix e.g.
Closes: https://github.com/ostreedev/ostree/issues/2769
|
| |
|
|
|
|
| |
`ostree_async_progress_get_status()` returns an allocated string.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
|
| |
|
|
|
|
|
| |
Instead mention the formal name of the format accepted by
`g_variant_parse()`.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
|
| |
|
|
| |
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Introduces an intermediate format for overlayfs storage, where
.wh-ostree. prefixed files will be converted into char 0:0
whiteout devices used by overlayfs to mark deletions across layers.
The CI scripts now uses a volume for the scratch directories
previously in /var/tmp otherwise we cannot create whiteout
devices into an overlayfs mounted filesystem.
Related-Issue: #2712
|
| |
|
|
|
|
|
|
|
| |
Followup from discussion in
https://github.com/ostreedev/ostree/pull/2544#discussion_r958840936
This is more efficient; no need to have the kernel context switch
us in at shutdown time just so we can turn around and call
`exit()`.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If `/boot` is an automount, then the unit will be stopped as soon as the
automount expires. That's would defeat the purpose of using systemd to
delay finalizing the deployment until shutdown. This is not uncommon as
`systemd-gpt-auto-generator` will create an automount unit for `/boot`
when it's the EFI System Partition and there's no fstab entry.
To ensure that systemd doesn't stop the service early when the `/boot`
automount expires, introduce a new unit that holds `/boot` open until
it's sent `SIGTERM`. This uses a new `--hold` option for
`finalize-staged` that loads but doesn't lock the sysroot. A separate
unit is used since we want the process to remain active throughout the
finalization run in `ExecStop`. That wouldn't work if it was specified
in `ExecStart` in the same unit since it would be killed before the
`ExecStop` action was run.
Fixes: #2543
|
| |
|
|
|
|
|
| |
It can be useful to parse the options and initialize the sysroot without
actually loading it until later. Factor out the sysroot loading to a new
`ostree_admin_sysroot_load` and add a new
`OSTREE_ADMIN_BUILTIN_FLAG_NO_LOAD` flag to accommodate this.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In the current "ostree native container" flow, we're inserting
a commit object into the repo but with no refs.
We have hacks in a few places to find the commit digest via e.g.
`find repo/objects -name *.commit` but that's a horrible hack.
Add `ostree rev-parse --single` which will print the single commit,
and error out if there is not exactly one commit.
Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>
|
| |
|
|
| |
Prep for future changes.
|
| |
|
|
|
| |
Prep for fixing conflicts introduced by newer glibc.
cc https://github.com/ostreedev/ostree/issues/2685
|
| |
|
|
|
|
| |
Add func to set kernel arguments in place, instead of create new
deployment
Fix https://github.com/ostreedev/ostree/issues/2664
|
| |
|
|
|
|
|
|
|
|
|
| |
update all existing deployments in place
Example:
$ sudo ostree admin kargs edit-in-place --append-if-missing=rw
See https://github.com/ostreedev/ostree/issues/2617
This will not add duplicate key, if there is `TESTARG=VAL1` in the
kernel arguments, `--append-if-missing=TESTARG=VAL2` will be ignored.
|
| |
|
|
| |
General background cleanup.
|
| |
|
|
| |
General background cleanup.
|
| |
|
|
| |
General background cleanup.
|
| |\ |
|
| | |
| |
| |
| | |
General background cleanup.
|
| | |
| |
| |
| | |
General background cleanup.
|
| | |
| |
| |
| | |
General background cleanup.
|
| | |
| |
| |
| | |
General background cleanup.
|
| |/
|
|
|
| |
General background cleanup; motivated by a recent PR which
was using pre-C99 code as a base.
|
| |
|
|
| |
This cleans up error handling here.
|
| |
|
|
|
| |
The inner loop was way too long; split out most of the heavy
lifting around backrefs and tombstones into a helper function.
|
| |
|
|
|
| |
Could have done this in the previous change, but wanted to avoid
excessive diff noise.
|
| |
|
|
|
|
|
| |
We recently discovered `list_objects()` is inefficient with memory.
The more efficient `list_objects_set()` API isn't yet public, but
this fsck code actually just skips over non-commit objects, and
we already have an API to list just those.
|
| |
|
|
|
|
| |
I was looking at our `.gir` and noticed we had the cmdprivate bits
because the pattern for excluding headers is `-private.h`, which
didn't match `cmdprivate.h`.
|
| |
|
|
| |
Small fix for https://github.com/ostreedev/ostree/issues/2594
|
| |
|
|
| |
https://github.com/ostreedev/ostree/pull/2612
|
| |
|
|
| |
See https://github.com/ostreedev/ostree/issues/2586
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Quite a while ago we added staged deployments, which solved
a bunch of issues around the `/etc` merge. However...a persistent
problem since then is that any failures in that process that
happened in the *previous* boot are not very visible.
We ship custom code in `rpm-ostree status` to query the previous
journal. But that has a few problems - one is that on systems
that have been up a while, that failure message may even get
rotated out. And second, some systems may not even have a persistent
journal at all.
A general thing we do in e.g. Fedora CoreOS testing is to check
for systemd unit failures. We do that both in our automated tests,
and we even ship code that displays them on ssh logins. And beyond
that obviously a lot of other projects do the same; it's easy via
`systemctl --failed`.
So to make failures more visible, change our `ostree-finalize-staged.service`
to have an internal wrapper around the process that "catches" any
errors, and copies the error message into a file in `/boot/ostree`.
Then, a new `ostree-boot-complete.service` looks for this file on
startup and re-emits the error message, and fails.
It also deletes the file. The rationale is to avoid *continually*
warning. For example we need to handle the case when an upgrade
process creates a new staged deployment. Now, we could change the
ostree core code to delete the warning file when that happens instead,
but this is trying to be a conservative change.
This should make failures here much more visible as is.
|
| |
|
|
|
| |
This removes the old SoupURI copypasta from previous generation
of libsoup and opens up a path for a simple libsoup3 port.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Recently we have noticed exceedingly long execution times
for multiple invocations of ostree prune. This is a result of
calculating full reachability on each invocation.
The --commit-only flag provides an alternative strategy. It will only
traverse and delete commit objects to avoid the more expensive
reachability calculations. This allows us to chain multiple --commit-only
commands cheaply, and then follow with a more expensive ostree prune
invocation at the end to clean up orphaned meta and content objects.
|
| |
|
|
|
|
|
|
| |
The commit metadata `version` key is well established but getting it for
a remote commit is cumbersome since the commit object needs to be
fetched and loaded. Including it in the summary additional metadata
allows a much more convenient view of what each of the remote refs
represents.
|
