commit 9c65a4dd76b3ab4862810f129009da66ae338225 Author: CentOS Sources Date: Tue May 16 06:05:10 2023 +0000 import ostree-2022.2-6.el8 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..52ddd23 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/libostree-2022.2.tar.xz diff --git a/.ostree.metadata b/.ostree.metadata new file mode 100644 index 0000000..56ab50b --- /dev/null +++ b/.ostree.metadata @@ -0,0 +1 @@ +9f1cc3796da8b7892a8ef930a5086d4ff42c475f SOURCES/libostree-2022.2.tar.xz diff --git a/SOURCES/0001-Add-an-ostree-boot-complete.service-to-propagate-sta.patch b/SOURCES/0001-Add-an-ostree-boot-complete.service-to-propagate-sta.patch new file mode 100644 index 0000000..2cf14d7 --- /dev/null +++ b/SOURCES/0001-Add-an-ostree-boot-complete.service-to-propagate-sta.patch @@ -0,0 +1,374 @@ +From a6d45dc165e48e2a463880ebb90f34c2b9d3c4ce Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Fri, 22 Apr 2022 18:46:28 -0400 +Subject: [PATCH 1/6] Add an `ostree-boot-complete.service` to propagate + staging failures + +Quite a while ago we added staged deployments, which solved +a bunch of issues around the `/etc` merge. However...a persistent +problem since then is that any failures in that process that +happened in the *previous* boot are not very visible. + +We ship custom code in `rpm-ostree status` to query the previous +journal. But that has a few problems - one is that on systems +that have been up a while, that failure message may even get +rotated out. And second, some systems may not even have a persistent +journal at all. + +A general thing we do in e.g. Fedora CoreOS testing is to check +for systemd unit failures. We do that both in our automated tests, +and we even ship code that displays them on ssh logins. And beyond +that obviously a lot of other projects do the same; it's easy via +`systemctl --failed`. + +So to make failures more visible, change our `ostree-finalize-staged.service` +to have an internal wrapper around the process that "catches" any +errors, and copies the error message into a file in `/boot/ostree`. + +Then, a new `ostree-boot-complete.service` looks for this file on +startup and re-emits the error message, and fails. + +It also deletes the file. The rationale is to avoid *continually* +warning. For example we need to handle the case when an upgrade +process creates a new staged deployment. Now, we could change the +ostree core code to delete the warning file when that happens instead, +but this is trying to be a conservative change. + +This should make failures here much more visible as is. +--- + Makefile-boot.am | 2 + + Makefile-ostree.am | 1 + + src/boot/ostree-boot-complete.service | 33 +++++++++++ + src/libostree/ostree-cmdprivate.c | 1 + + src/libostree/ostree-cmdprivate.h | 1 + + src/libostree/ostree-impl-system-generator.c | 2 + + src/libostree/ostree-sysroot-deploy.c | 62 ++++++++++++++++++-- + src/libostree/ostree-sysroot-private.h | 7 +++ + src/libostree/ostree-sysroot.c | 2 + + src/ostree/ot-admin-builtin-boot-complete.c | 58 ++++++++++++++++++ + src/ostree/ot-admin-builtins.h | 1 + + src/ostree/ot-builtin-admin.c | 3 + + tests/kolainst/destructive/staged-deploy.sh | 12 ++++ + 13 files changed, 181 insertions(+), 4 deletions(-) + create mode 100644 src/boot/ostree-boot-complete.service + create mode 100644 src/ostree/ot-admin-builtin-boot-complete.c + +diff --git a/Makefile-boot.am b/Makefile-boot.am +index ec10a0d6..e42e5180 100644 +--- a/Makefile-boot.am ++++ b/Makefile-boot.am +@@ -38,6 +38,7 @@ endif + if BUILDOPT_SYSTEMD + systemdsystemunit_DATA = src/boot/ostree-prepare-root.service \ + src/boot/ostree-remount.service \ ++ src/boot/ostree-boot-complete.service \ + src/boot/ostree-finalize-staged.service \ + src/boot/ostree-finalize-staged.path \ + $(NULL) +@@ -64,6 +65,7 @@ endif + EXTRA_DIST += src/boot/dracut/module-setup.sh \ + src/boot/dracut/ostree.conf \ + src/boot/mkinitcpio \ ++ src/boot/ostree-boot-complete.service \ + src/boot/ostree-prepare-root.service \ + src/boot/ostree-finalize-staged.path \ + src/boot/ostree-remount.service \ +diff --git a/Makefile-ostree.am b/Makefile-ostree.am +index 82af1681..0fe2c5f8 100644 +--- a/Makefile-ostree.am ++++ b/Makefile-ostree.am +@@ -70,6 +70,7 @@ ostree_SOURCES += \ + src/ostree/ot-admin-builtin-diff.c \ + src/ostree/ot-admin-builtin-deploy.c \ + src/ostree/ot-admin-builtin-finalize-staged.c \ ++ src/ostree/ot-admin-builtin-boot-complete.c \ + src/ostree/ot-admin-builtin-undeploy.c \ + src/ostree/ot-admin-builtin-instutil.c \ + src/ostree/ot-admin-builtin-cleanup.c \ +diff --git a/src/boot/ostree-boot-complete.service b/src/boot/ostree-boot-complete.service +new file mode 100644 +index 00000000..5c09fdc9 +--- /dev/null ++++ b/src/boot/ostree-boot-complete.service +@@ -0,0 +1,33 @@ ++# Copyright (C) 2022 Red Hat, Inc. ++# ++# This library is free software; you can redistribute it and/or ++# modify it under the terms of the GNU Lesser General Public ++# License as published by the Free Software Foundation; either ++# version 2 of the License, or (at your option) any later version. ++# ++# This library is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# Lesser General Public License for more details. ++# ++# You should have received a copy of the GNU Lesser General Public ++# License along with this library. If not, see . ++ ++[Unit] ++Description=OSTree Complete Boot ++Documentation=man:ostree(1) ++# For now, this is the only condition on which we start, but it's ++# marked as a triggering condition in case in the future we want ++# to do something else. ++ConditionPathExists=|/boot/ostree/finalize-failure.stamp ++RequiresMountsFor=/boot ++# Ensure that we propagate the failure into the current boot before ++# any further finalization attempts. ++Before=ostree-finalize-staged.service ++ ++[Service] ++Type=oneshot ++# To write to /boot while keeping it read-only ++MountFlags=slave ++RemainAfterExit=yes ++ExecStart=/usr/bin/ostree admin boot-complete +diff --git a/src/libostree/ostree-cmdprivate.c b/src/libostree/ostree-cmdprivate.c +index c9a6e2e1..f6c114f4 100644 +--- a/src/libostree/ostree-cmdprivate.c ++++ b/src/libostree/ostree-cmdprivate.c +@@ -51,6 +51,7 @@ ostree_cmd__private__ (void) + _ostree_repo_static_delta_delete, + _ostree_repo_verify_bindings, + _ostree_sysroot_finalize_staged, ++ _ostree_sysroot_boot_complete, + }; + + return &table; +diff --git a/src/libostree/ostree-cmdprivate.h b/src/libostree/ostree-cmdprivate.h +index 46452ebd..17f943c8 100644 +--- a/src/libostree/ostree-cmdprivate.h ++++ b/src/libostree/ostree-cmdprivate.h +@@ -33,6 +33,7 @@ typedef struct { + gboolean (* ostree_static_delta_delete) (OstreeRepo *repo, const char *delta_id, GCancellable *cancellable, GError **error); + gboolean (* ostree_repo_verify_bindings) (const char *collection_id, const char *ref_name, GVariant *commit, GError **error); + gboolean (* ostree_finalize_staged) (OstreeSysroot *sysroot, GCancellable *cancellable, GError **error); ++ gboolean (* ostree_boot_complete) (OstreeSysroot *sysroot, GCancellable *cancellable, GError **error); + } OstreeCmdPrivateVTable; + + /* Note this not really "public", we just export the symbol, but not the header */ +diff --git a/src/libostree/ostree-impl-system-generator.c b/src/libostree/ostree-impl-system-generator.c +index 769f0cbd..92d71605 100644 +--- a/src/libostree/ostree-impl-system-generator.c ++++ b/src/libostree/ostree-impl-system-generator.c +@@ -134,6 +134,8 @@ require_internal_units (const char *normal_dir, + return FALSE; + if (symlinkat (SYSTEM_DATA_UNIT_PATH "/ostree-finalize-staged.path", normal_dir_dfd, "multi-user.target.wants/ostree-finalize-staged.path") < 0) + return glnx_throw_errno_prefix (error, "symlinkat"); ++ if (symlinkat (SYSTEM_DATA_UNIT_PATH "/ostree-boot-complete.service", normal_dir_dfd, "multi-user.target.wants/ostree-boot-complete.service") < 0) ++ return glnx_throw_errno_prefix (error, "symlinkat"); + + return TRUE; + #else +diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c +index b7cc232f..fc5916d8 100644 +--- a/src/libostree/ostree-sysroot-deploy.c ++++ b/src/libostree/ostree-sysroot-deploy.c +@@ -3255,10 +3255,10 @@ ostree_sysroot_stage_tree_with_options (OstreeSysroot *self, + } + + /* Invoked at shutdown time by ostree-finalize-staged.service */ +-gboolean +-_ostree_sysroot_finalize_staged (OstreeSysroot *self, +- GCancellable *cancellable, +- GError **error) ++static gboolean ++_ostree_sysroot_finalize_staged_inner (OstreeSysroot *self, ++ GCancellable *cancellable, ++ GError **error) + { + /* It's totally fine if there's no staged deployment; perhaps down the line + * though we could teach the ostree cmdline to tell systemd to activate the +@@ -3355,9 +3355,63 @@ _ostree_sysroot_finalize_staged (OstreeSysroot *self, + if (!ostree_sysroot_prepare_cleanup (self, cancellable, error)) + return FALSE; + ++ // Cleanup will have closed some FDs, re-ensure writability ++ if (!_ostree_sysroot_ensure_writable (self, error)) ++ return FALSE; ++ + return TRUE; + } + ++/* Invoked at shutdown time by ostree-finalize-staged.service */ ++gboolean ++_ostree_sysroot_finalize_staged (OstreeSysroot *self, ++ GCancellable *cancellable, ++ GError **error) ++{ ++ g_autoptr(GError) finalization_error = NULL; ++ if (!_ostree_sysroot_ensure_boot_fd (self, error)) ++ return FALSE; ++ if (!_ostree_sysroot_finalize_staged_inner (self, cancellable, &finalization_error)) ++ { ++ g_autoptr(GError) writing_error = NULL; ++ g_assert_cmpint (self->boot_fd, !=, -1); ++ if (!glnx_file_replace_contents_at (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH, ++ (guint8*)finalization_error->message, -1, ++ 0, cancellable, &writing_error)) ++ { ++ // We somehow failed to write the failure message...that's not great. Maybe ENOSPC on /boot. ++ g_printerr ("Failed to write %s: %s\n", _OSTREE_FINALIZE_STAGED_FAILURE_PATH, writing_error->message); ++ } ++ g_propagate_error (error, g_steal_pointer (&finalization_error)); ++ return FALSE; ++ } ++ return TRUE; ++} ++ ++/* Invoked at bootup time by ostree-boot-complete.service */ ++gboolean ++_ostree_sysroot_boot_complete (OstreeSysroot *self, ++ GCancellable *cancellable, ++ GError **error) ++{ ++ if (!_ostree_sysroot_ensure_boot_fd (self, error)) ++ return FALSE; ++ ++ glnx_autofd int failure_fd = -1; ++ if (!ot_openat_ignore_enoent (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH, &failure_fd, error)) ++ return FALSE; ++ // If we didn't find a failure log, then there's nothing to do right now. ++ // (Actually this unit shouldn't even be invoked, but we may do more in the future) ++ if (failure_fd == -1) ++ return TRUE; ++ g_autofree char *failure_data = glnx_fd_readall_utf8 (failure_fd, NULL, cancellable, error); ++ if (failure_data == NULL) ++ return glnx_prefix_error (error, "Reading from %s", _OSTREE_FINALIZE_STAGED_FAILURE_PATH); ++ // Remove the file; we don't want to continually error out. ++ (void) unlinkat (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH, 0); ++ return glnx_throw (error, "ostree-finalize-staged.service failed on previous boot: %s", failure_data); ++} ++ + /** + * ostree_sysroot_deployment_set_kargs: + * @self: Sysroot +diff --git a/src/libostree/ostree-sysroot-private.h b/src/libostree/ostree-sysroot-private.h +index cb34eeb3..a49a406c 100644 +--- a/src/libostree/ostree-sysroot-private.h ++++ b/src/libostree/ostree-sysroot-private.h +@@ -96,6 +96,9 @@ struct OstreeSysroot { + #define _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS "ostree/initramfs-overlays" + #define _OSTREE_SYSROOT_INITRAMFS_OVERLAYS "boot/" _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS + ++// Relative to /boot, consumed by ostree-boot-complete.service ++#define _OSTREE_FINALIZE_STAGED_FAILURE_PATH "ostree/finalize-failure.stamp" ++ + gboolean + _ostree_sysroot_ensure_writable (OstreeSysroot *self, + GError **error); +@@ -142,6 +145,10 @@ gboolean + _ostree_sysroot_finalize_staged (OstreeSysroot *self, + GCancellable *cancellable, + GError **error); ++gboolean ++_ostree_sysroot_boot_complete (OstreeSysroot *self, ++ GCancellable *cancellable, ++ GError **error); + + OstreeDeployment * + _ostree_sysroot_deserialize_deployment_from_variant (GVariant *v, +diff --git a/src/libostree/ostree-sysroot.c b/src/libostree/ostree-sysroot.c +index 266a2975..f083f950 100644 +--- a/src/libostree/ostree-sysroot.c ++++ b/src/libostree/ostree-sysroot.c +@@ -356,6 +356,8 @@ _ostree_sysroot_ensure_writable (OstreeSysroot *self, + ostree_sysroot_unload (self); + if (!ensure_sysroot_fd (self, error)) + return FALSE; ++ if (!_ostree_sysroot_ensure_boot_fd (self, error)) ++ return FALSE; + + return TRUE; + } +diff --git a/src/ostree/ot-admin-builtin-boot-complete.c b/src/ostree/ot-admin-builtin-boot-complete.c +new file mode 100644 +index 00000000..6e1052f5 +--- /dev/null ++++ b/src/ostree/ot-admin-builtin-boot-complete.c +@@ -0,0 +1,58 @@ ++/* ++ * Copyright (C) 2022 Red Hat, Inc. ++ * ++ * SPDX-License-Identifier: LGPL-2.0+ ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library. If not, see . ++ */ ++ ++#include "config.h" ++ ++#include ++ ++#include "ot-main.h" ++#include "ot-admin-builtins.h" ++#include "ot-admin-functions.h" ++#include "ostree.h" ++#include "otutil.h" ++ ++#include "ostree-cmdprivate.h" ++ ++static GOptionEntry options[] = { ++ { NULL } ++}; ++ ++gboolean ++ot_admin_builtin_boot_complete (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error) ++{ ++ /* Just a sanity check; we shouldn't be called outside of the service though. ++ */ ++ struct stat stbuf; ++ if (fstatat (AT_FDCWD, OSTREE_PATH_BOOTED, &stbuf, 0) < 0) ++ return TRUE; ++ // We must have been invoked via systemd which should have set up a mount namespace. ++ g_assert (getenv ("INVOCATION_ID")); ++ ++ g_autoptr(GOptionContext) context = g_option_context_new (""); ++ g_autoptr(OstreeSysroot) sysroot = NULL; ++ if (!ostree_admin_option_context_parse (context, options, &argc, &argv, ++ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, ++ invocation, &sysroot, cancellable, error)) ++ return FALSE; ++ ++ if (!ostree_cmd__private__()->ostree_boot_complete (sysroot, cancellable, error)) ++ return FALSE; ++ ++ return TRUE; ++} +diff --git a/src/ostree/ot-admin-builtins.h b/src/ostree/ot-admin-builtins.h +index d32b617e..8d9451be 100644 +--- a/src/ostree/ot-admin-builtins.h ++++ b/src/ostree/ot-admin-builtins.h +@@ -39,6 +39,7 @@ BUILTINPROTO(deploy); + BUILTINPROTO(cleanup); + BUILTINPROTO(pin); + BUILTINPROTO(finalize_staged); ++BUILTINPROTO(boot_complete); + BUILTINPROTO(unlock); + BUILTINPROTO(status); + BUILTINPROTO(set_origin); +diff --git a/src/ostree/ot-builtin-admin.c b/src/ostree/ot-builtin-admin.c +index e0d2a60c..af09a614 100644 +--- a/src/ostree/ot-builtin-admin.c ++++ b/src/ostree/ot-builtin-admin.c +@@ -43,6 +43,9 @@ static OstreeCommand admin_subcommands[] = { + { "finalize-staged", OSTREE_BUILTIN_FLAG_NO_REPO | OSTREE_BUILTIN_FLAG_HIDDEN, + ot_admin_builtin_finalize_staged, + "Internal command to run at shutdown time" }, ++ { "boot-complete", OSTREE_BUILTIN_FLAG_NO_REPO | OSTREE_BUILTIN_FLAG_HIDDEN, ++ ot_admin_builtin_boot_complete, ++ "Internal command to run at boot after an update was applied" }, + { "init-fs", OSTREE_BUILTIN_FLAG_NO_REPO, + ot_admin_builtin_init_fs, + "Initialize a root filesystem" }, diff --git a/SOURCES/0001-Support-overlayfs-whiteouts-on-checkout.patch b/SOURCES/0001-Support-overlayfs-whiteouts-on-checkout.patch new file mode 100644 index 0000000..0be0319 --- /dev/null +++ b/SOURCES/0001-Support-overlayfs-whiteouts-on-checkout.patch @@ -0,0 +1,515 @@ +From 0085494e350c72599fc5c0e00422885d80b3c660 Mon Sep 17 00:00:00 2001 +From: Miguel Angel Ajo +Date: Mon, 19 Sep 2022 17:15:24 +0200 +Subject: [PATCH] Support overlayfs whiteouts on checkout + +Introduces an intermediate format for overlayfs storage, where +.wh-ostree. prefixed files will be converted into char 0:0 +whiteout devices used by overlayfs to mark deletions across layers. + +The CI scripts now uses a volume for the scratch directories +previously in /var/tmp otherwise we cannot create whiteout +devices into an overlayfs mounted filesystem. + +Related-Issue: #2712 +(cherry picked from commit e234b630f85b97e48ecf45d5aaba9b1aa64e6b54) +--- + .github/workflows/tests.yml | 8 +- + Makefile-tests.am | 1 + + bash/ostree | 1 + + man/ostree-checkout.xml | 11 ++ + src/libostree/ostree-repo-checkout.c | 129 ++++++++++++++++++++- + src/libostree/ostree-repo.h | 5 +- + src/libostree/ostree-sysroot-deploy.c | 2 +- + src/ostree/ot-builtin-checkout.c | 7 +- + tests/archive-test.sh | 7 +- + tests/basic-test.sh | 29 ++++- + tests/kolainst/data-shared/libtest-core.sh | 7 ++ + tests/libtest.sh | 52 ++++++++- + tests/test-admin-deploy-whiteouts.sh | 42 +++++++ + 13 files changed, 292 insertions(+), 9 deletions(-) + create mode 100755 tests/test-admin-deploy-whiteouts.sh + +--- a/Makefile-tests.am ++++ b/Makefile-tests.am +@@ -107,6 +107,7 @@ _installed_or_uninstalled_test_scripts = \ + tests/test-admin-deploy-nomerge.sh \ + tests/test-admin-deploy-none.sh \ + tests/test-admin-deploy-bootid-gc.sh \ ++ tests/test-admin-deploy-whiteouts.sh \ + tests/test-osupdate-dtb.sh \ + tests/test-admin-instutil-set-kargs.sh \ + tests/test-admin-upgrade-not-backwards.sh \ +diff --git a/bash/ostree b/bash/ostree +index 46363315..6f3b86ea 100644 +--- a/bash/ostree ++++ b/bash/ostree +@@ -249,6 +249,7 @@ _ostree_checkout() { + --union-identical + --user-mode -U + --whiteouts ++ --process-passthrough-whiteouts + " + + local options_with_args=" +diff --git a/man/ostree-checkout.xml b/man/ostree-checkout.xml +index 4ed53a91..8f7d4f9b 100644 +--- a/man/ostree-checkout.xml ++++ b/man/ostree-checkout.xml +@@ -114,6 +114,17 @@ License along with this library. If not, see . + + + ++ ++ ++ ++ ++ Enable overlayfs whiteout extraction into 0:0 character devices. ++ Overlayfs whiteouts are encoded inside ostree as .ostree-wh.filename ++ and extracted as 0:0 character devices. This is useful to carry ++ container storage embedded into ostree. ++ ++ ++ + + + +diff --git a/src/libostree/ostree-repo-checkout.c b/src/libostree/ostree-repo-checkout.c +index 663292a9..7c7d0cc7 100644 +--- a/src/libostree/ostree-repo-checkout.c ++++ b/src/libostree/ostree-repo-checkout.c +@@ -35,6 +35,8 @@ + #define WHITEOUT_PREFIX ".wh." + #define OPAQUE_WHITEOUT_NAME ".wh..wh..opq" + ++#define OVERLAYFS_WHITEOUT_PREFIX ".ostree-wh." ++ + /* Per-checkout call state/caching */ + typedef struct { + GString *path_buf; /* buffer for real path if filtering enabled */ +@@ -582,6 +584,117 @@ checkout_file_hardlink (OstreeRepo *self, + return TRUE; + } + ++static gboolean ++_checkout_overlayfs_whiteout_at_no_overwrite (OstreeRepoCheckoutAtOptions *options, ++ int destination_dfd, ++ const char *destination_name, ++ GFileInfo *file_info, ++ GVariant *xattrs, ++ gboolean *found_exant_file, ++ GCancellable *cancellable, ++ GError **error) ++{ ++ if (found_exant_file != NULL) ++ *found_exant_file = FALSE; ++ guint32 file_mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode"); ++ if (mknodat(destination_dfd, destination_name, (file_mode & ~S_IFMT) | S_IFCHR, (dev_t)0) < 0) ++ { ++ if (errno == EEXIST && found_exant_file != NULL) ++ { ++ *found_exant_file = TRUE; ++ return TRUE; ++ } ++ return glnx_throw_errno_prefix (error, "Creating whiteout char device"); ++ } ++ if (options->mode != OSTREE_REPO_CHECKOUT_MODE_USER) ++ { ++ if (xattrs != NULL && ++ !glnx_dfd_name_set_all_xattrs(destination_dfd, destination_name, xattrs, ++ cancellable, error)) ++ return glnx_throw_errno_prefix (error, "Setting xattrs for whiteout char device"); ++ ++ if (TEMP_FAILURE_RETRY(fchownat(destination_dfd, destination_name, ++ g_file_info_get_attribute_uint32 (file_info, "unix::uid"), ++ g_file_info_get_attribute_uint32 (file_info, "unix::gid"), ++ AT_SYMLINK_NOFOLLOW) < 0)) ++ return glnx_throw_errno_prefix (error, "fchownat"); ++ if (TEMP_FAILURE_RETRY (fchmodat (destination_dfd, destination_name, file_mode & ~S_IFMT, 0)) < 0) ++ return glnx_throw_errno_prefix (error, "fchmodat %s to 0%o", destination_name, file_mode & ~S_IFMT); ++ } ++ ++ return TRUE; ++} ++ ++static gboolean ++_checkout_overlayfs_whiteout_at (OstreeRepo *repo, ++ OstreeRepoCheckoutAtOptions *options, ++ int destination_dfd, ++ const char *destination_name, ++ GFileInfo *file_info, ++ GVariant *xattrs, ++ GCancellable *cancellable, ++ GError **error) ++{ ++ gboolean found_exant_file = FALSE; ++ if (!_checkout_overlayfs_whiteout_at_no_overwrite(options, destination_dfd, destination_name, ++ file_info, xattrs,&found_exant_file, ++ cancellable, error)) ++ return FALSE; ++ ++ if (!found_exant_file) ++ return TRUE; ++ ++ guint32 uid = g_file_info_get_attribute_uint32 (file_info, "unix::uid"); ++ guint32 gid = g_file_info_get_attribute_uint32 (file_info, "unix::gid"); ++ guint32 file_mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode"); ++ ++ struct stat dest_stbuf; ++ ++ switch(options->overwrite_mode) ++ { ++ case OSTREE_REPO_CHECKOUT_OVERWRITE_NONE: ++ return FALSE; ++ case OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_FILES: ++ if (!ot_ensure_unlinked_at (destination_dfd, destination_name, error)) ++ return FALSE; ++ return _checkout_overlayfs_whiteout_at_no_overwrite(options, destination_dfd, destination_name, ++ file_info, xattrs, NULL, cancellable, error); ++ case OSTREE_REPO_CHECKOUT_OVERWRITE_ADD_FILES: ++ return TRUE; ++ ++ case OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_IDENTICAL: ++ if (!glnx_fstatat(destination_dfd, destination_name, &dest_stbuf, AT_SYMLINK_NOFOLLOW, ++ error)) ++ return FALSE; ++ if (!(repo->disable_xattrs || repo->mode == OSTREE_REPO_MODE_BARE_USER_ONLY)) ++ { ++ g_autoptr(GVariant) fs_xattrs; ++ if (!glnx_dfd_name_get_all_xattrs (destination_dfd, destination_name, ++ &fs_xattrs, cancellable, error)) ++ return FALSE; ++ if (!g_variant_equal(fs_xattrs, xattrs)) ++ return glnx_throw(error, "existing destination file %s xattrs don't match", ++ destination_name); ++ } ++ if (options->mode != OSTREE_REPO_CHECKOUT_MODE_USER) ++ { ++ if (gid != dest_stbuf.st_gid) ++ return glnx_throw(error, "existing destination file %s does not match gid %d", ++ destination_name, gid); ++ ++ if (uid != dest_stbuf.st_uid) ++ return glnx_throw(error, "existing destination file %s does not match uid %d", ++ destination_name, gid); ++ ++ if ((file_mode & ALLPERMS) != (dest_stbuf.st_mode & ALLPERMS)) ++ return glnx_throw(error, "existing destination file %s does not match mode %o", ++ destination_name, file_mode); ++ } ++ break; ++ } ++ return TRUE; ++} ++ + static gboolean + checkout_one_file_at (OstreeRepo *repo, + OstreeRepoCheckoutAtOptions *options, +@@ -603,7 +716,8 @@ checkout_one_file_at (OstreeRepo *repo, + + /* FIXME - avoid the GFileInfo here */ + g_autoptr(GFileInfo) source_info = NULL; +- if (!ostree_repo_load_file (repo, checksum, NULL, &source_info, NULL, ++ g_autoptr(GVariant) source_xattrs = NULL; ++ if (!ostree_repo_load_file (repo, checksum, NULL, &source_info, &source_xattrs, + cancellable, error)) + return FALSE; + +@@ -623,6 +737,7 @@ checkout_one_file_at (OstreeRepo *repo, + const gboolean is_unreadable = (!is_symlink && (source_mode & S_IRUSR) == 0); + const gboolean is_whiteout = (!is_symlink && options->process_whiteouts && + g_str_has_prefix (destination_name, WHITEOUT_PREFIX)); ++ const gboolean is_overlayfs_whiteout = (!is_symlink && g_str_has_prefix (destination_name, OVERLAYFS_WHITEOUT_PREFIX)); + const gboolean is_reg_zerosized = (!is_symlink && g_file_info_get_size (source_info) == 0); + const gboolean override_user_unreadable = (options->mode == OSTREE_REPO_CHECKOUT_MODE_USER && is_unreadable); + +@@ -643,6 +758,18 @@ checkout_one_file_at (OstreeRepo *repo, + + need_copy = FALSE; + } ++ else if (is_overlayfs_whiteout && options->process_passthrough_whiteouts) ++ { ++ const char *name = destination_name + (sizeof (OVERLAYFS_WHITEOUT_PREFIX) - 1); ++ ++ if (!name[0]) ++ return glnx_throw (error, "Invalid empty overlayfs whiteout '%s'", name); ++ ++ g_assert (name[0] != '/'); /* Sanity */ ++ ++ return _checkout_overlayfs_whiteout_at(repo, options, destination_dfd, name, ++ source_info, source_xattrs, cancellable, error); ++ } + else if (is_reg_zerosized || override_user_unreadable) + { + /* In https://github.com/ostreedev/ostree/commit/673cacd633f9d6b653cdea530657d3e780a41bbd we +diff --git a/src/libostree/ostree-repo.h b/src/libostree/ostree-repo.h +index 98571170..b3d7f986 100644 +--- a/src/libostree/ostree-repo.h ++++ b/src/libostree/ostree-repo.h +@@ -989,8 +989,9 @@ typedef struct { + gboolean force_copy; /* Since: 2017.6 */ + gboolean bareuseronly_dirs; /* Since: 2017.7 */ + gboolean force_copy_zerosized; /* Since: 2018.9 */ +- gboolean unused_bools[4]; +- /* 4 byte hole on 64 bit */ ++ gboolean process_passthrough_whiteouts; ++ gboolean unused_bools[3]; ++ /* 3 byte hole on 64 bit */ + + const char *subpath; + +diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c +index 404f336f..5c98103b 100644 +--- a/src/libostree/ostree-sysroot-deploy.c ++++ b/src/libostree/ostree-sysroot-deploy.c +@@ -641,7 +641,7 @@ checkout_deployment_tree (OstreeSysroot *sysroot, + return FALSE; + + /* Generate hardlink farm, then opendir it */ +- OstreeRepoCheckoutAtOptions checkout_opts = { 0, }; ++ OstreeRepoCheckoutAtOptions checkout_opts = { .process_passthrough_whiteouts = TRUE }; + if (!ostree_repo_checkout_at (repo, &checkout_opts, osdeploy_dfd, + checkout_target_name, csum, + cancellable, error)) +diff --git a/src/ostree/ot-builtin-checkout.c b/src/ostree/ot-builtin-checkout.c +index d69c8b0b..bfa43885 100644 +--- a/src/ostree/ot-builtin-checkout.c ++++ b/src/ostree/ot-builtin-checkout.c +@@ -37,6 +37,7 @@ static gboolean opt_union; + static gboolean opt_union_add; + static gboolean opt_union_identical; + static gboolean opt_whiteouts; ++static gboolean opt_process_passthrough_whiteouts; + static gboolean opt_from_stdin; + static char *opt_from_file; + static gboolean opt_disable_fsync; +@@ -77,6 +78,7 @@ static GOptionEntry options[] = { + { "union-add", 0, 0, G_OPTION_ARG_NONE, &opt_union_add, "Keep existing files/directories, only add new", NULL }, + { "union-identical", 0, 0, G_OPTION_ARG_NONE, &opt_union_identical, "When layering checkouts, error out if a file would be replaced with a different version, but add new files and directories", NULL }, + { "whiteouts", 0, 0, G_OPTION_ARG_NONE, &opt_whiteouts, "Process 'whiteout' (Docker style) entries", NULL }, ++ { "process-passthrough-whiteouts", 0, 0, G_OPTION_ARG_NONE, &opt_process_passthrough_whiteouts, "Enable overlayfs whiteout extraction into char 0:0 devices", NULL }, + { "allow-noent", 0, 0, G_OPTION_ARG_NONE, &opt_allow_noent, "Do nothing if specified path does not exist", NULL }, + { "from-stdin", 0, 0, G_OPTION_ARG_NONE, &opt_from_stdin, "Process many checkouts from standard input", NULL }, + { "from-file", 0, 0, G_OPTION_ARG_STRING, &opt_from_file, "Process many checkouts from input file", "FILE" }, +@@ -129,7 +131,8 @@ process_one_checkout (OstreeRepo *repo, + if (opt_disable_cache || opt_whiteouts || opt_require_hardlinks || + opt_union_add || opt_force_copy || opt_force_copy_zerosized || + opt_bareuseronly_dirs || opt_union_identical || +- opt_skiplist_file || opt_selinux_policy || opt_selinux_prefix) ++ opt_skiplist_file || opt_selinux_policy || opt_selinux_prefix || ++ opt_process_passthrough_whiteouts) + { + OstreeRepoCheckoutAtOptions checkout_options = { 0, }; + +@@ -162,6 +165,8 @@ process_one_checkout (OstreeRepo *repo, + } + if (opt_whiteouts) + checkout_options.process_whiteouts = TRUE; ++ if (opt_process_passthrough_whiteouts) ++ checkout_options.process_passthrough_whiteouts = TRUE; + if (subpath) + checkout_options.subpath = subpath; + +diff --git a/tests/archive-test.sh b/tests/archive-test.sh +index b6d84979..6b45790e 100644 +--- a/tests/archive-test.sh ++++ b/tests/archive-test.sh +@@ -71,6 +71,11 @@ mkdir -p test-overlays + date > test-overlays/overlaid-file + $OSTREE commit ${COMMIT_ARGS} -b test-base --base test2 --owner-uid 42 --owner-gid 42 test-overlays/ + $OSTREE ls -R test-base > ls.txt +-assert_streq "$(wc -l < ls.txt)" 14 ++if can_create_whiteout_devices; then ++ assert_streq "$(wc -l < ls.txt)" 17 ++else ++ assert_streq "$(wc -l < ls.txt)" 14 ++fi ++ + assert_streq "$(grep '42.*42' ls.txt | wc -l)" 2 + echo "ok commit overlay base" +diff --git a/tests/basic-test.sh b/tests/basic-test.sh +index 04506c3d..0878e6f6 100644 +--- a/tests/basic-test.sh ++++ b/tests/basic-test.sh +@@ -19,7 +19,7 @@ + + set -euo pipefail + +-echo "1..$((87 + ${extra_basic_tests:-0}))" ++echo "1..$((89 + ${extra_basic_tests:-0}))" + + CHECKOUT_U_ARG="" + CHECKOUT_H_ARGS="-H" +@@ -1187,3 +1187,30 @@ if test "$(id -u)" != "0"; then + else + echo "ok # SKIP not run when root" + fi ++ ++if ! skip_one_without_whiteouts_devices; then ++ cd ${test_tmpdir} ++ rm checkout-test2 -rf ++ $OSTREE checkout test2 checkout-test2 ++ ++ assert_not_has_file checkout-test2/whiteouts/whiteout ++ assert_not_has_file checkout-test2/whiteouts/whiteout2 ++ assert_has_file checkout-test2/whiteouts/.ostree-wh.whiteout ++ assert_has_file checkout-test2/whiteouts/.ostree-wh.whiteout2 ++ ++ echo "ok checkout: no whiteout passthrough by default" ++fi ++ ++if ! skip_one_without_whiteouts_devices; then ++ cd ${test_tmpdir} ++ rm checkout-test2 -rf ++ $OSTREE checkout --process-passthrough-whiteouts test2 checkout-test2 ++ ++ assert_not_has_file checkout-test2/whiteouts/.ostree-wh.whiteout ++ assert_not_has_file checkout-test2/whiteouts/.ostree-wh.whiteout2 ++ ++ assert_is_whiteout_device checkout-test2/whiteouts/whiteout ++ assert_is_whiteout_device checkout-test2/whiteouts/whiteout2 ++ ++ echo "ok checkout: whiteout with overlayfs passthrough processing" ++fi +diff --git a/tests/libtest.sh b/tests/libtest.sh +index 686f08dc..5830f210 100755 +--- a/tests/libtest.sh ++++ b/tests/libtest.sh +@@ -148,6 +148,20 @@ if ! have_selinux_relabel; then + fi + echo done + ++# whiteout char 0:0 devices can be created as regular users, but ++# cannot be created inside containers mounted via overlayfs ++can_create_whiteout_devices() { ++ mknod -m 000 ${test_tmpdir}/.test-whiteout c 0 0 || return 1 ++ rm -f ${test_tmpdir}/.test-whiteout ++ return 0 ++} ++ ++echo -n checking for overlayfs whiteouts... ++if ! can_create_whiteout_devices; then ++ export OSTREE_NO_WHITEOUTS=1 ++fi ++echo done ++ + if test -n "${OT_TESTS_DEBUG:-}"; then + set -x + fi +@@ -245,6 +259,15 @@ setup_test_repository () { + ln -s nonexistent baz/alink + mkdir baz/another/ + echo x > baz/another/y ++ ++ # if we are running inside a container we cannot test ++ # the overlayfs whiteout marker passthrough ++ if ! test -n "${OSTREE_NO_WHITEOUTS:-}"; then ++ mkdir whiteouts ++ touch whiteouts/.ostree-wh.whiteout ++ touch whiteouts/.ostree-wh.whiteout2 ++ chmod 755 whiteouts/.ostree-wh.whiteout2 ++ fi + umask "${oldumask}" + + cd ${test_tmpdir}/files +@@ -406,7 +429,7 @@ setup_os_repository () { + mkdir osdata + cd osdata + kver=3.6.0 +- mkdir -p usr/bin ${bootdir} usr/lib/modules/${kver} usr/share usr/etc ++ mkdir -p usr/bin ${bootdir} usr/lib/modules/${kver} usr/share usr/etc usr/container/layers/abcd + kernel_path=${bootdir}/vmlinuz + initramfs_path=${bootdir}/initramfs.img + # the HMAC file is only in /usr/lib/modules +@@ -449,6 +472,17 @@ EOF + mkdir -p usr/etc/testdirectory + echo "a default daemon file" > usr/etc/testdirectory/test + ++ # if we are running inside a container we cannot test ++ # the overlayfs whiteout marker passthrough ++ if ! test -n "${OSTREE_NO_WHITEOUTS:-}"; then ++ # overlayfs whiteout passhthrough marker files ++ touch usr/container/layers/abcd/.ostree-wh.whiteout ++ chmod 400 usr/container/layers/abcd/.ostree-wh.whiteout ++ ++ touch usr/container/layers/abcd/.ostree-wh.whiteout2 ++ chmod 777 usr/container/layers/abcd/.ostree-wh.whiteout2 ++ fi ++ + ${CMD_PREFIX} ostree --repo=${test_tmpdir}/testos-repo commit ${bootable_flag} --add-metadata-string version=1.0.9 -b testos/buildmain/x86_64-runtime -s "Build" + + # Ensure these commits have distinct second timestamps +@@ -588,6 +622,22 @@ skip_without_user_xattrs () { + fi + } + ++# Usage: if ! skip_one_without_whiteouts_devices; then ... more tests ...; fi ++skip_one_without_whiteouts_devices() { ++ if ! can_create_whiteout_devices; then ++ echo "ok # SKIP - this test requires whiteout device support (test outside containers)" ++ return 0 ++ else ++ return 1 ++ fi ++} ++ ++skip_without_whiteouts_devices () { ++ if ! can_create_whiteout_devices; then ++ skip "this test requires whiteout device support (test outside containers)" ++ fi ++} ++ + _have_systemd_and_libmount='' + have_systemd_and_libmount() { + if test "${_have_systemd_and_libmount}" = ''; then +diff --git a/tests/test-admin-deploy-whiteouts.sh b/tests/test-admin-deploy-whiteouts.sh +new file mode 100755 +index 00000000..66421949 +--- /dev/null ++++ b/tests/test-admin-deploy-whiteouts.sh +@@ -0,0 +1,42 @@ ++#!/bin/bash ++# ++# Copyright (C) 2022 Red Hat, Inc. ++# ++# SPDX-License-Identifier: LGPL-2.0+ ++# ++# This library is free software; you can redistribute it and/or ++# modify it under the terms of the GNU Lesser General Public ++# License as published by the Free Software Foundation; either ++# version 2 of the License, or (at your option) any later version. ++# ++# This library is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# Lesser General Public License for more details. ++# ++# You should have received a copy of the GNU Lesser General Public ++# License along with this library. If not, see . ++ ++set -euox pipefail ++ ++. $(dirname $0)/libtest.sh ++ ++skip_without_whiteouts_devices ++ ++# Exports OSTREE_SYSROOT so --sysroot not needed. ++setup_os_repository "archive" "syslinux" ++${CMD_PREFIX} ostree --repo=sysroot/ostree/repo pull-local --remote=testos testos-repo testos/buildmain/x86_64-runtime ++ ++echo "1..3" ++${CMD_PREFIX} ostree admin deploy --os=testos --karg=root=LABEL=foo --karg=testkarg=1 testos:testos/buildmain/x86_64-runtime ++origdeployment=$(${CMD_PREFIX} ostree admin --sysroot=sysroot --print-current-dir) ++ ++assert_is_whiteout_device "${origdeployment}"/usr/container/layers/abcd/whiteout ++echo "ok whiteout deployment" ++ ++assert_not_has_file "${origdeployment}"/usr/container/layers/abcd/.ostree-wh.whiteout ++echo "ok .ostree-wh.whiteout not created" ++ ++assert_file_has_mode "${origdeployment}"/usr/container/layers/abcd/whiteout 400 ++assert_file_has_mode "${origdeployment}"/usr/container/layers/abcd/whiteout2 777 ++echo "ok whiteout permissions are preserved" +-- +2.37.3 + diff --git a/SOURCES/0002-libarchive-Handle-archive_entry_symlink-returning-NU.patch b/SOURCES/0002-libarchive-Handle-archive_entry_symlink-returning-NU.patch new file mode 100644 index 0000000..7c283e9 --- /dev/null +++ b/SOURCES/0002-libarchive-Handle-archive_entry_symlink-returning-NU.patch @@ -0,0 +1,40 @@ +From e5b45f861a4d5738679f37d46ebca6e171bb3212 Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Mon, 4 Apr 2022 10:25:35 -0400 +Subject: [PATCH 2/6] libarchive: Handle `archive_entry_symlink()` returning + NULL + +The `archive_entry_symlink()` API can definitely return `NULL`, +reading through the libarchive sources. + +I hit this in the wild when using old ostree-ext to try to unpack +a chunked archive. + +I didn't try to characterize this more, and sorry no unit test right +now. +--- + src/libostree/ostree-repo-libarchive.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/libostree/ostree-repo-libarchive.c b/src/libostree/ostree-repo-libarchive.c +index 679aa44d..631c6d4b 100644 +--- a/src/libostree/ostree-repo-libarchive.c ++++ b/src/libostree/ostree-repo-libarchive.c +@@ -146,8 +146,12 @@ file_info_from_archive_entry (struct archive_entry *entry) + + g_autoptr(GFileInfo) info = _ostree_stbuf_to_gfileinfo (&stbuf); + if (S_ISLNK (stbuf.st_mode)) +- g_file_info_set_attribute_byte_string (info, "standard::symlink-target", +- archive_entry_symlink (entry)); ++ { ++ const char *target = archive_entry_symlink (entry); ++ if (target != NULL) ++ g_file_info_set_attribute_byte_string (info, "standard::symlink-target", ++ target); ++ } + + return g_steal_pointer (&info); + } +-- +2.31.1 + diff --git a/SOURCES/0003-repo-Factor-out-_ostree_repo_auto_transaction_new.patch b/SOURCES/0003-repo-Factor-out-_ostree_repo_auto_transaction_new.patch new file mode 100644 index 0000000..69c5548 --- /dev/null +++ b/SOURCES/0003-repo-Factor-out-_ostree_repo_auto_transaction_new.patch @@ -0,0 +1,82 @@ +From 4a997ae08605ebe6ca02d9f422082f954e667a6c Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Sat, 30 Apr 2022 12:20:11 +0100 +Subject: [PATCH 3/6] repo: Factor out _ostree_repo_auto_transaction_new() + +This will allow the direct allocation in +ostree_repo_prepare_transaction() to be replaced with a call to this +function, avoiding breaking encapsulation. + +Signed-off-by: Simon McVittie +(cherry picked from commit 540e60c3e3ace66dd4e6cf825488fc918260a642) +--- + src/libostree/ostree-repo-private.h | 4 ++++ + src/libostree/ostree-repo.c | 32 ++++++++++++++++++++++++----- + 2 files changed, 31 insertions(+), 5 deletions(-) + +diff --git a/src/libostree/ostree-repo-private.h b/src/libostree/ostree-repo-private.h +index 988c2179..96253e77 100644 +--- a/src/libostree/ostree-repo-private.h ++++ b/src/libostree/ostree-repo-private.h +@@ -554,4 +554,8 @@ GType _ostree_repo_auto_transaction_get_type (void); + + G_DEFINE_AUTOPTR_CLEANUP_FUNC (OstreeRepoAutoTransaction, _ostree_repo_auto_transaction_unref); + ++/* Internal function to break a circular dependency: ++ * should not be made into public API, even if the rest is */ ++OstreeRepoAutoTransaction *_ostree_repo_auto_transaction_new (OstreeRepo *repo); ++ + G_END_DECLS +diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c +index a27591b3..f6bffd60 100644 +--- a/src/libostree/ostree-repo.c ++++ b/src/libostree/ostree-repo.c +@@ -709,6 +709,32 @@ ostree_repo_auto_lock_cleanup (OstreeRepoAutoLock *auto_lock) + } + } + ++/** ++ * _ostree_repo_auto_transaction_new: ++ * @repo: (not nullable): an #OsreeRepo object ++ * @cancellable: Cancellable ++ * @error: a #GError ++ * ++ * Return a guard for a transaction in @repo. ++ * ++ * Do not call this function outside the OstreeRepo transaction implementation. ++ * Use _ostree_repo_auto_transaction_start() instead. ++ * ++ * Returns: (transfer full): an #OstreeRepoAutoTransaction guard on success, ++ * %NULL otherwise. ++ */ ++OstreeRepoAutoTransaction * ++_ostree_repo_auto_transaction_new (OstreeRepo *repo) ++{ ++ g_assert (repo != NULL); ++ ++ OstreeRepoAutoTransaction *txn = g_malloc(sizeof(OstreeRepoAutoTransaction)); ++ txn->atomic_refcount = 1; ++ txn->repo = g_object_ref (repo); ++ ++ return g_steal_pointer (&txn); ++} ++ + /** + * _ostree_repo_auto_transaction_start: + * @repo: (not nullable): an #OsreeRepo object +@@ -730,11 +756,7 @@ _ostree_repo_auto_transaction_start (OstreeRepo *repo, + if (!ostree_repo_prepare_transaction (repo, NULL, cancellable, error)) + return NULL; + +- OstreeRepoAutoTransaction *txn = g_malloc(sizeof(OstreeRepoAutoTransaction)); +- txn->atomic_refcount = 1; +- txn->repo = g_object_ref (repo); +- +- return g_steal_pointer (&txn); ++ return _ostree_repo_auto_transaction_new (repo); + } + + /** +-- +2.31.1 + diff --git a/SOURCES/0004-repo-Correctly-initialize-refcount-of-temporary-tran.patch b/SOURCES/0004-repo-Correctly-initialize-refcount-of-temporary-tran.patch new file mode 100644 index 0000000..3e8c33b --- /dev/null +++ b/SOURCES/0004-repo-Correctly-initialize-refcount-of-temporary-tran.patch @@ -0,0 +1,39 @@ +From 51c7960bea081446ad217e9725408ce5cb531157 Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Sat, 30 Apr 2022 12:53:42 +0100 +Subject: [PATCH 4/6] repo: Correctly initialize refcount of temporary + transaction + +Previously, the reference count was left uninitialized as a result of +bypassing the constructor, and the intended abort-on-error usually +wouldn't have happened. + +Fixes: 8a9737a "repo/private: move OstreeRepoAutoTransaction to a boxed type" +Resolves: https://github.com/ostreedev/ostree/issues/2592 +Signed-off-by: Simon McVittie +(cherry picked from commit 71304e854cdb344adb8b1ae7866929fbdde6c327) +--- + src/libostree/ostree-repo-commit.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c +index 5b16be5b..dba98c32 100644 +--- a/src/libostree/ostree-repo-commit.c ++++ b/src/libostree/ostree-repo-commit.c +@@ -1688,10 +1688,10 @@ ostree_repo_prepare_transaction (OstreeRepo *self, + g_debug ("Preparing transaction in repository %p", self); + + /* Set up to abort the transaction if we return early from this function. +- * This needs to be manually built here due to a circular dependency. */ +- g_autoptr(OstreeRepoAutoTransaction) txn = g_malloc(sizeof(OstreeRepoAutoTransaction)); ++ * We can't call _ostree_repo_auto_transaction_start() here, because that ++ * would be a circular dependency; use the lower-level version instead. */ ++ g_autoptr(OstreeRepoAutoTransaction) txn = _ostree_repo_auto_transaction_new (self); + g_assert (txn != NULL); +- txn->repo = self; + + memset (&self->txn.stats, 0, sizeof (OstreeRepoTransactionStats)); + +-- +2.31.1 + diff --git a/SOURCES/0005-deploy-Try-to-rebuild-policy-in-new-deployment-if-ne.patch b/SOURCES/0005-deploy-Try-to-rebuild-policy-in-new-deployment-if-ne.patch new file mode 100644 index 0000000..59f86fb --- /dev/null +++ b/SOURCES/0005-deploy-Try-to-rebuild-policy-in-new-deployment-if-ne.patch @@ -0,0 +1,172 @@ +From 62e62bcfd8a1770b906faed083d11e451a50f566 Mon Sep 17 00:00:00 2001 +From: Ondrej Mosnacek +Date: Wed, 9 Mar 2022 15:27:11 +0100 +Subject: [PATCH 5/6] deploy: Try to rebuild policy in new deployment if needed + +Whenever the user has SELinux enabled and has any local +modules/modifications installed, it is necessary to rebuild the policy +in the final deployment, otherwise ostree will leave the binary policy +files unchanged from last deployment as it detects difference against +the base content (in rpm-ostree case this is the RPM content). + +To avoid the situation where the policy binaries go stale once any local +customization of the policy is made, try to rebuild the policy as part +of sysroot_finalize_deployment(). Use the special +--rebuild-if-modules-changed switch, which detects if the input module +files have changed relative to last time the policy was built and skips +the most time-consuming part of the rebuild process if modules are +unchanged (thus making this a relatively cheap operation if the user +hasn't made any modifications to the shipped policy). + +As suggested by Jonathan Lebon, this uses bubblewrap (via +g_spawn_sync()) to perform the rebuild inside the deployment's +filesystem tree, which also means that ostree will have a runtime +dependency on bubblewrap. + +Partially addresses: https://github.com/coreos/fedora-coreos-tracker/issues/701 + +Signed-off-by: Ondrej Mosnacek +(cherry picked from commit edb4f3893474736156c654aa43bdbf3784991811) +--- + ci/gh-install.sh | 1 + + src/libostree/ostree-sysroot-deploy.c | 117 ++++++++++++++++++++++++++ + 2 files changed, 118 insertions(+) + +diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c +index fc5916d8..a44721d8 100644 +--- a/src/libostree/ostree-sysroot-deploy.c ++++ b/src/libostree/ostree-sysroot-deploy.c +@@ -2830,6 +2830,118 @@ get_var_dfd (OstreeSysroot *self, + return glnx_opendirat (base_dfd, base_path, TRUE, ret_fd, error); + } + ++#ifdef HAVE_SELINUX ++static void ++child_setup_fchdir (gpointer data) ++{ ++ int fd = (int) (uintptr_t) data; ++ int rc __attribute__((unused)); ++ ++ rc = fchdir (fd); ++} ++ ++/* ++ * Derived from rpm-ostree's rust/src/bwrap.rs ++ */ ++static gboolean ++run_in_deployment (int deployment_dfd, ++ const gchar * const *child_argv, ++ gsize child_argc, ++ gint *exit_status, ++ gchar **stdout, ++ GError **error) ++{ ++ static const gchar * const COMMON_ARGV[] = { ++ "/usr/bin/bwrap", ++ "--dev", "/dev", "--proc", "/proc", "--dir", "/run", "--dir", "/tmp", ++ "--chdir", "/", ++ "--die-with-parent", ++ "--unshare-pid", ++ "--unshare-uts", ++ "--unshare-ipc", ++ "--unshare-cgroup-try", ++ "--ro-bind", "/sys/block", "/sys/block", ++ "--ro-bind", "/sys/bus", "/sys/bus", ++ "--ro-bind", "/sys/class", "/sys/class", ++ "--ro-bind", "/sys/dev", "/sys/dev", ++ "--ro-bind", "/sys/devices", "/sys/devices", ++ "--bind", "usr", "/usr", ++ "--bind", "etc", "/etc", ++ "--bind", "var", "/var", ++ "--symlink", "/usr/lib", "/lib", ++ "--symlink", "/usr/lib32", "/lib32", ++ "--symlink", "/usr/lib64", "/lib64", ++ "--symlink", "/usr/bin", "/bin", ++ "--symlink", "/usr/sbin", "/sbin", ++ }; ++ static const gsize COMMON_ARGC = sizeof (COMMON_ARGV) / sizeof (*COMMON_ARGV); ++ ++ gsize i; ++ GPtrArray *args = g_ptr_array_sized_new (COMMON_ARGC + child_argc + 1); ++ g_autofree gchar **args_raw = NULL; ++ ++ for (i = 0; i < COMMON_ARGC; i++) ++ g_ptr_array_add (args, (gchar *) COMMON_ARGV[i]); ++ ++ for (i = 0; i < child_argc; i++) ++ g_ptr_array_add (args, (gchar *) child_argv[i]); ++ ++ g_ptr_array_add (args, NULL); ++ ++ args_raw = (gchar **) g_ptr_array_free (args, FALSE); ++ ++ return g_spawn_sync (NULL, args_raw, NULL, 0, &child_setup_fchdir, ++ (gpointer) (uintptr_t) deployment_dfd, ++ stdout, NULL, exit_status, error); ++} ++ ++/* ++ * Run semodule to check if the module content changed after merging /etc ++ * and rebuild the policy if needed. ++ */ ++static gboolean ++sysroot_finalize_selinux_policy (int deployment_dfd, GError **error) ++{ ++ struct stat stbuf; ++ gint exit_status; ++ g_autofree gchar *stdout = NULL; ++ ++ if (!glnx_fstatat_allow_noent (deployment_dfd, "etc/selinux/config", &stbuf, ++ AT_SYMLINK_NOFOLLOW, error)) ++ return FALSE; ++ ++ /* Skip the SELinux policy refresh if /etc/selinux/config doesn't exist. */ ++ if (errno != 0) ++ return TRUE; ++ ++ /* ++ * Skip the SELinux policy refresh if the --rebuild-if-modules-changed ++ * flag is not supported by semodule. ++ */ ++ static const gchar * const SEMODULE_HELP_ARGV[] = { ++ "semodule", "--help" ++ }; ++ static const gsize SEMODULE_HELP_ARGC = sizeof (SEMODULE_HELP_ARGV) / sizeof (*SEMODULE_HELP_ARGV); ++ if (!run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV, ++ SEMODULE_HELP_ARGC, &exit_status, &stdout, error)) ++ return FALSE; ++ if (!g_spawn_check_exit_status (exit_status, error)) ++ return FALSE; ++ if (!strstr(stdout, "--rebuild-if-modules-changed")) ++ return TRUE; ++ ++ static const gchar * const SEMODULE_REBUILD_ARGV[] = { ++ "semodule", "-N", "--rebuild-if-modules-changed" ++ }; ++ static const gsize SEMODULE_REBUILD_ARGC = sizeof (SEMODULE_REBUILD_ARGV) / sizeof (*SEMODULE_REBUILD_ARGV); ++ ++ if (!run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV, ++ SEMODULE_REBUILD_ARGC, &exit_status, NULL, error)) ++ return FALSE; ++ return g_spawn_check_exit_status (exit_status, error); ++} ++#endif /* HAVE_SELINUX */ ++ + static gboolean + sysroot_finalize_deployment (OstreeSysroot *self, + OstreeDeployment *deployment, +@@ -2866,6 +2978,11 @@ sysroot_finalize_deployment (OstreeSysroot *self, + return FALSE; + } + ++#ifdef HAVE_SELINUX ++ if (!sysroot_finalize_selinux_policy(deployment_dfd, error)) ++ return FALSE; ++#endif /* HAVE_SELINUX */ ++ + const char *osdeploypath = glnx_strjoina ("ostree/deploy/", ostree_deployment_get_osname (deployment)); + glnx_autofd int os_deploy_dfd = -1; + if (!glnx_opendirat (self->sysroot_fd, osdeploypath, TRUE, &os_deploy_dfd, error)) +-- +2.31.1 + diff --git a/SOURCES/0006-deploy-Be-a-bit-more-verbose-about-SELinux-bits.patch b/SOURCES/0006-deploy-Be-a-bit-more-verbose-about-SELinux-bits.patch new file mode 100644 index 0000000..f963cb5 --- /dev/null +++ b/SOURCES/0006-deploy-Be-a-bit-more-verbose-about-SELinux-bits.patch @@ -0,0 +1,35 @@ +From dd194eca7272afa457541abb2d8c25f90c4f478a Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Mon, 28 Mar 2022 17:46:59 -0400 +Subject: [PATCH 6/6] deploy: Be a bit more verbose about SELinux bits + +Let's log when we don't find the expected CLI argument which +will help debug things. + +(cherry picked from commit c58a4fe661d9d3bf2c515aa5605b1e094c0a62ca) +--- + src/libostree/ostree-sysroot-deploy.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c +index a44721d8..404f336f 100644 +--- a/src/libostree/ostree-sysroot-deploy.c ++++ b/src/libostree/ostree-sysroot-deploy.c +@@ -2926,9 +2926,12 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error) + SEMODULE_HELP_ARGC, &exit_status, &stdout, error)) + return FALSE; + if (!g_spawn_check_exit_status (exit_status, error)) +- return FALSE; ++ return glnx_prefix_error (error, "failed to run semodule"); + if (!strstr(stdout, "--rebuild-if-modules-changed")) +- return TRUE; ++ { ++ ot_journal_print (LOG_INFO, "semodule does not have --rebuild-if-modules-changed"); ++ return TRUE; ++ } + + static const gchar * const SEMODULE_REBUILD_ARGV[] = { + "semodule", "-N", "--rebuild-if-modules-changed" +-- +2.31.1 + diff --git a/SOURCES/0007-backport-GH2694-secure-execution-enablement-s390x.patch b/SOURCES/0007-backport-GH2694-secure-execution-enablement-s390x.patch new file mode 100644 index 0000000..3bf792d --- /dev/null +++ b/SOURCES/0007-backport-GH2694-secure-execution-enablement-s390x.patch @@ -0,0 +1,298 @@ +From 00697be199c08242e54c02e4557e20834030aaf3 Mon Sep 17 00:00:00 2001 +From: Nikita Dubrovskii +Date: Mon, 4 Apr 2022 16:09:50 +0200 +Subject: [PATCH 1/5] s390x: generate sd-boot at its own partition + +Signed-off-by: Nikita Dubrovskii +--- + src/libostree/ostree-bootloader-zipl.c | 36 ++++++++++++++++++++++---- + src/libostree/s390x-se-luks-gencpio | 4 +-- + 2 files changed, 33 insertions(+), 7 deletions(-) + +diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c +index 02c10826c3..fe024d8046 100644 +--- a/src/libostree/ostree-bootloader-zipl.c ++++ b/src/libostree/ostree-bootloader-zipl.c +@@ -21,12 +21,17 @@ + #include "ostree-bootloader-zipl.h" + #include "ostree-deployment-private.h" + #include "otutil.h" ++#include ++#include + #include + +-#define SECURE_EXECUTION_BOOT_IMAGE "/boot/sd-boot" ++#define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se" ++#define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se" ++#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot" + #define SECURE_EXECUTION_HOSTKEY_PATH "/etc/se-hostkeys/" + #define SECURE_EXECUTION_HOSTKEY_PREFIX "ibm-z-hostkey" + #define SECURE_EXECUTION_LUKS_ROOT_KEY "/etc/luks/root" ++#define SECURE_EXECUTION_LUKS_BOOT_KEY "/etc/luks/boot" + #define SECURE_EXECUTION_LUKS_CONFIG "/etc/crypttab" + #define SECURE_EXECUTION_RAMDISK_TOOL PKGLIBEXECDIR "/s390x-se-luks-gencpio" + +@@ -67,6 +72,25 @@ _ostree_bootloader_zipl_get_name (OstreeBootloader *bootloader) + return "zipl"; + } + ++static gboolean ++_ostree_secure_execution_mount(GError **error) ++{ ++ const char *device = realpath (SECURE_EXECUTION_PARTITION, NULL); ++ if (device == NULL) ++ return glnx_throw_errno_prefix(error, "s390x SE: resolving %s", SECURE_EXECUTION_PARTITION); ++ if (mount (device, SECURE_EXECUTION_MOUNTPOINT, "ext4", 0, NULL) < 0) ++ return glnx_throw_errno_prefix (error, "s390x SE: Mounting %s", device); ++ return TRUE; ++} ++ ++static gboolean ++_ostree_secure_execution_umount(GError **error) ++{ ++ if (umount (SECURE_EXECUTION_MOUNTPOINT) < 0) ++ return glnx_throw_errno_prefix (error, "s390x SE: Unmounting %s", SECURE_EXECUTION_MOUNTPOINT); ++ return TRUE; ++} ++ + static gboolean + _ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader, + int bootversion, +@@ -152,8 +176,8 @@ _ostree_secure_execution_get_bls_config (OstreeBootloaderZipl *self, + static gboolean + _ostree_secure_execution_luks_key_exists (void) + { +- return (access(SECURE_EXECUTION_LUKS_ROOT_KEY, F_OK) == 0 && +- access(SECURE_EXECUTION_LUKS_CONFIG, F_OK) == 0); ++ return (access(SECURE_EXECUTION_LUKS_CONFIG, F_OK) == 0 && ++ (access(SECURE_EXECUTION_LUKS_ROOT_KEY, F_OK) == 0 || access(SECURE_EXECUTION_LUKS_BOOT_KEY, F_OK) == 0)); + } + + static gboolean +@@ -250,7 +274,7 @@ static gboolean + _ostree_secure_execution_call_zipl (GError **error) + { + int status = 0; +- const char *const zipl_argv[] = {"zipl", "-V", "-t", "/boot", "-i", SECURE_EXECUTION_BOOT_IMAGE, NULL}; ++ const char *const zipl_argv[] = {"zipl", "-V", "-t", SECURE_EXECUTION_MOUNTPOINT, "-i", SECURE_EXECUTION_BOOT_IMAGE, NULL}; + if (!g_spawn_sync (NULL, (char**)zipl_argv, NULL, G_SPAWN_SEARCH_PATH, + NULL, NULL, NULL, NULL, &status, error)) + return glnx_prefix_error(error, "s390x SE: spawning zipl"); +@@ -274,9 +298,11 @@ _ostree_secure_execution_enable (OstreeBootloaderZipl *self, + g_autofree gchar* options = NULL; + + gboolean rc = ++ _ostree_secure_execution_mount (error) && + _ostree_secure_execution_get_bls_config (self, bootversion, &vmlinuz, &initramfs, &options, cancellable, error) && + _ostree_secure_execution_generate_sdboot (vmlinuz, initramfs, options, keys, error) && +- _ostree_secure_execution_call_zipl (error); ++ _ostree_secure_execution_call_zipl (error) && ++ _ostree_secure_execution_umount (error); + + return rc; + } +diff --git a/src/libostree/s390x-se-luks-gencpio b/src/libostree/s390x-se-luks-gencpio +index f0ad24eb32..7d62258a31 100755 +--- a/src/libostree/s390x-se-luks-gencpio ++++ b/src/libostree/s390x-se-luks-gencpio +@@ -12,11 +12,11 @@ gzip -cd ${old_initrd} | cpio -imd --quiet + + # Adding LUKS root key and crypttab config + mkdir -p etc/luks +-cp -f /etc/luks/root etc/luks/ ++cp -f /etc/luks/* etc/luks/ + cp -f /etc/crypttab etc/ + + # Creating new initramdisk image +-find . | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd} ++find . -mindepth 1 | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd} + + # Cleanup + rm -rf ${workdir} + +From 91e71022ebc2422f278c285e55f4c88d7f572eeb Mon Sep 17 00:00:00 2001 +From: Nikita Dubrovskii +Date: Mon, 23 May 2022 17:28:54 +0200 +Subject: [PATCH 2/5] s390x: ensure SecureExecution is enabled before sd-boot + generation + +Signed-off-by: Nikita Dubrovskii +--- + src/libostree/ostree-bootloader-zipl.c | 24 ++++++++++++++++++------ + 1 file changed, 18 insertions(+), 6 deletions(-) + +diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c +index fe024d8046..348dfe036d 100644 +--- a/src/libostree/ostree-bootloader-zipl.c ++++ b/src/libostree/ostree-bootloader-zipl.c +@@ -25,6 +25,7 @@ + #include + #include + ++#define SECURE_EXECUTION_SYSFS_FLAG "/sys/firmware/uv/prot_virt_guest" + #define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se" + #define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se" + #define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot" +@@ -109,6 +110,14 @@ _ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader, + return TRUE; + } + ++static gboolean _ostree_secure_execution_is_enabled (GCancellable *cancellable) { ++ gsize len = 0; ++ g_autofree char *data = glnx_file_get_contents_utf8_at (-1, SECURE_EXECUTION_SYSFS_FLAG, &len, cancellable, NULL); ++ if (!data) ++ return FALSE; ++ return strstr (data, "1") != NULL; ++} ++ + static gboolean + _ostree_secure_execution_get_keys (GPtrArray **keys, + GCancellable *cancellable, +@@ -329,12 +338,15 @@ _ostree_bootloader_zipl_post_bls_sync (OstreeBootloader *bootloader, + return TRUE; + + /* Try with Secure Execution */ +- g_autoptr(GPtrArray) keys = NULL; +- if (!_ostree_secure_execution_get_keys (&keys, cancellable, error)) +- return FALSE; +- if (keys && keys->len) +- return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error); +- ++ if ( _ostree_secure_execution_is_enabled (cancellable) ) ++ { ++ g_autoptr(GPtrArray) keys = NULL; ++ if (!_ostree_secure_execution_get_keys (&keys, cancellable, error)) ++ return FALSE; ++ if (!keys || keys->len == 0) ++ return glnx_throw (error, "s390x SE: no keys"); ++ return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error); ++ } + /* Fallback to non-SE setup */ + const char *const zipl_argv[] = {"zipl", NULL}; + int estatus; + +From 2e2854239189044cc1ffd100959b7c7bfe92b0f9 Mon Sep 17 00:00:00 2001 +From: Nikita Dubrovskii +Date: Tue, 24 May 2022 19:30:35 +0200 +Subject: [PATCH 3/5] s390x: fail on error during reading of SecureExecution + sysfs flag + +--- + src/libostree/ostree-bootloader-zipl.c | 24 ++++++++++++++++++------ + 1 file changed, 18 insertions(+), 6 deletions(-) + +diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c +index 348dfe036d..87b9b67aec 100644 +--- a/src/libostree/ostree-bootloader-zipl.c ++++ b/src/libostree/ostree-bootloader-zipl.c +@@ -110,12 +110,21 @@ _ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader, + return TRUE; + } + +-static gboolean _ostree_secure_execution_is_enabled (GCancellable *cancellable) { +- gsize len = 0; +- g_autofree char *data = glnx_file_get_contents_utf8_at (-1, SECURE_EXECUTION_SYSFS_FLAG, &len, cancellable, NULL); ++static gboolean _ostree_secure_execution_is_enabled (gboolean *out_enabled, ++ GCancellable *cancellable, ++ GError **error) ++{ ++ *out_enabled = FALSE; ++ glnx_autofd int fd = -1; ++ if (!ot_openat_ignore_enoent (AT_FDCWD, SECURE_EXECUTION_SYSFS_FLAG, &fd, error)) ++ return FALSE; ++ if (fd == -1) ++ return TRUE; //ENOENT --> SecureExecution is disabled ++ g_autofree char *data = glnx_fd_readall_utf8 (fd, NULL, cancellable, error); + if (!data) + return FALSE; +- return strstr (data, "1") != NULL; ++ *out_enabled = strstr (data, "1") != NULL; ++ return TRUE; + } + + static gboolean +@@ -338,13 +347,16 @@ _ostree_bootloader_zipl_post_bls_sync (OstreeBootloader *bootloader, + return TRUE; + + /* Try with Secure Execution */ +- if ( _ostree_secure_execution_is_enabled (cancellable) ) ++ gboolean se_enabled = FALSE; ++ if ( !_ostree_secure_execution_is_enabled (&se_enabled, cancellable, error)) ++ return FALSE; ++ if (se_enabled) + { + g_autoptr(GPtrArray) keys = NULL; + if (!_ostree_secure_execution_get_keys (&keys, cancellable, error)) + return FALSE; + if (!keys || keys->len == 0) +- return glnx_throw (error, "s390x SE: no keys"); ++ return glnx_throw (error, "s390x SE: no keys"); + return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error); + } + /* Fallback to non-SE setup */ + +From 89ed46e8a9f584e2a6c1966fbf4c99f0fe51424e Mon Sep 17 00:00:00 2001 +From: Nikita Dubrovskii +Date: Fri, 27 May 2022 09:13:18 +0200 +Subject: [PATCH 4/5] s390x: do not unpack existing initrd, just append LUKS + keys to its copy + +Signed-off-by: Nikita Dubrovskii +--- + src/libostree/s390x-se-luks-gencpio | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/libostree/s390x-se-luks-gencpio b/src/libostree/s390x-se-luks-gencpio +index 7d62258a31..f444198a40 100755 +--- a/src/libostree/s390x-se-luks-gencpio ++++ b/src/libostree/s390x-se-luks-gencpio +@@ -4,19 +4,19 @@ set -euo pipefail + + old_initrd=$1 + new_initrd=$2 ++currdir=$PWD + +-# Unpacking existing initramdisk ++# Copying existing initramdisk ++cp ${old_initrd} ${new_initrd} ++ ++# Appending LUKS root keys and crypttab config to the end of initrd + workdir=$(mktemp -d -p /tmp se-initramfs-XXXXXX) + cd ${workdir} +-gzip -cd ${old_initrd} | cpio -imd --quiet +- +-# Adding LUKS root key and crypttab config + mkdir -p etc/luks + cp -f /etc/luks/* etc/luks/ + cp -f /etc/crypttab etc/ +- +-# Creating new initramdisk image + find . -mindepth 1 | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd} + + # Cleanup ++cd ${currdir} + rm -rf ${workdir} + +From 2c8d5b95c7f2fee90e73bdd9222e002c44e797b7 Mon Sep 17 00:00:00 2001 +From: Nikita Dubrovskii +Date: Thu, 23 Jun 2022 15:54:04 +0200 +Subject: [PATCH 5/5] s390x: rename sd-boot to sdboot + +Signed-off-by: Nikita Dubrovskii +--- + src/libostree/ostree-bootloader-zipl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c +index 87b9b67aec..0ff350f942 100644 +--- a/src/libostree/ostree-bootloader-zipl.c ++++ b/src/libostree/ostree-bootloader-zipl.c +@@ -28,7 +28,7 @@ + #define SECURE_EXECUTION_SYSFS_FLAG "/sys/firmware/uv/prot_virt_guest" + #define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se" + #define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se" +-#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot" ++#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sdboot" + #define SECURE_EXECUTION_HOSTKEY_PATH "/etc/se-hostkeys/" + #define SECURE_EXECUTION_HOSTKEY_PREFIX "ibm-z-hostkey" + #define SECURE_EXECUTION_LUKS_ROOT_KEY "/etc/luks/root" diff --git a/SOURCES/0008-backport-GH2696-ed25519-verify-signatures-minimum-length.patch b/SOURCES/0008-backport-GH2696-ed25519-verify-signatures-minimum-length.patch new file mode 100644 index 0000000..041e33d --- /dev/null +++ b/SOURCES/0008-backport-GH2696-ed25519-verify-signatures-minimum-length.patch @@ -0,0 +1,32 @@ +From 56820e54392efc5dd59032f8872aaf219190ad4f Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Thu, 14 Jul 2022 14:42:19 -0400 +Subject: [PATCH] sign/ed25519: Verify signatures are minimum length + +The ed25519 signature verification code does not +check that the signature is a minimum/correct length. +As a result, if the signature is too short, libsodium will end up +reading a few bytes out of bounds. + +Reported-by: Demi Marie Obenour +Co-authored-by: Demi Marie Obenour + +Closes: https://github.com/ostreedev/ostree/security/advisories/GHSA-gqf4-p3gv-g8vw +--- + src/libostree/ostree-sign-ed25519.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/libostree/ostree-sign-ed25519.c b/src/libostree/ostree-sign-ed25519.c +index 809ffe8790..f271fd49e0 100644 +--- a/src/libostree/ostree-sign-ed25519.c ++++ b/src/libostree/ostree-sign-ed25519.c +@@ -209,6 +209,9 @@ gboolean ostree_sign_ed25519_data_verify (OstreeSign *self, + g_autoptr (GVariant) child = g_variant_get_child_value (signatures, i); + g_autoptr (GBytes) signature = g_variant_get_data_as_bytes(child); + ++ if (g_bytes_get_size (signature) != crypto_sign_BYTES) ++ return glnx_throw (error, "Invalid signature length of %" G_GSIZE_FORMAT " bytes, expected %" G_GSIZE_FORMAT, (gsize) g_bytes_get_size (signature), (gsize) crypto_sign_BYTES); ++ + g_autofree char * hex = g_malloc0 (crypto_sign_PUBLICKEYBYTES*2 + 1); + + g_debug("Read signature %d: %s", (gint)i, g_variant_print(child, TRUE)); diff --git a/SPECS/ostree.spec b/SPECS/ostree.spec new file mode 100644 index 0000000..ba12776 --- /dev/null +++ b/SPECS/ostree.spec @@ -0,0 +1,710 @@ +# Don't ship tests on RHEL > 7. +%if 0%{?rhel} > 7 + %bcond_with tests +%else + %bcond_without tests +%endif + +Summary: Tool for managing bootable, immutable filesystem trees +Name: ostree +Version: 2022.2 +Release: 6%{?dist} +Source0: https://github.com/ostreedev/%{name}/releases/download/v%{version}/libostree-%{version}.tar.xz +License: LGPLv2+ +URL: https://ostree.readthedocs.io/en/latest/ + +# We now track the rhel8 branch upstream, these are the patches +# since the 2022.2 release. +Patch0: 0001-Add-an-ostree-boot-complete.service-to-propagate-sta.patch +Patch1: 0002-libarchive-Handle-archive_entry_symlink-returning-NU.patch +Patch2: 0003-repo-Factor-out-_ostree_repo_auto_transaction_new.patch +Patch3: 0004-repo-Correctly-initialize-refcount-of-temporary-tran.patch +Patch4: 0005-deploy-Try-to-rebuild-policy-in-new-deployment-if-ne.patch +Patch5: 0006-deploy-Be-a-bit-more-verbose-about-SELinux-bits.patch +Patch6: 0007-backport-GH2694-secure-execution-enablement-s390x.patch +Patch7: 0008-backport-GH2696-ed25519-verify-signatures-minimum-length.patch +Patch8: 0001-Support-overlayfs-whiteouts-on-checkout.patch + +BuildRequires: make +BuildRequires: git +# We always run autogen.sh +BuildRequires: autoconf automake libtool +# For docs +BuildRequires: gtk-doc +# Core requirements +BuildRequires: pkgconfig(zlib) +BuildRequires: pkgconfig(libcurl) +BuildRequires: openssl-devel +# The tests still require soup +BuildRequires: pkgconfig(libsoup-2.4) +BuildRequires: libattr-devel +# Extras +BuildRequires: pkgconfig(libarchive) +BuildRequires: pkgconfig(liblzma) +BuildRequires: pkgconfig(libselinux) +BuildRequires: pkgconfig(mount) +BuildRequires: pkgconfig(fuse) +BuildRequires: pkgconfig(e2p) +BuildRequires: libcap-devel +BuildRequires: gpgme-devel +BuildRequires: pkgconfig(libsystemd) +BuildRequires: /usr/bin/g-ir-scanner +BuildRequires: dracut +BuildRequires: bison + +# Runtime requirements +Requires: dracut +Requires: /usr/bin/gpgv2 +Requires: systemd-units +Requires: %{name}-libs%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release} + +%description +libostree is a shared library designed primarily for +use by higher level tools to manage host systems (e.g. rpm-ostree), +as well as container tools like flatpak and the atomic CLI. + +%package libs +Summary: Development headers for %{name} + +%description libs +The %{name}-libs provides shared libraries for %{name}. + +%package devel +Summary: Development headers for %{name} +Requires: %{name}-libs%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release} + +%description devel +The %{name}-devel package includes the header files for the %{name} library. + +%ifnarch s390 s390x +%package grub2 +Summary: GRUB2 integration for OSTree +%ifnarch aarch64 %{arm} +Requires: grub2 +%else +Requires: grub2-efi +%endif +Requires: ostree + +%description grub2 +GRUB2 integration for OSTree +%endif + +%if %{with tests} +%package tests +Summary: Tests for the %{name} package +Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release} + +%description tests +This package contains tests that can be used to verify +the functionality of the installed %{name} package. +%endif + +%prep +%autosetup -Sgit -n libostree-%{version} + +%build +env NOCONFIGURE=1 ./autogen.sh +%configure --disable-silent-rules \ + --enable-gtk-doc \ + --with-selinux \ + --with-curl \ + --with-openssl \ + %{?with_tests:--enable-installed-tests=exclusive} \ + --with-dracut=yesbutnoconf +%make_build + +%install +%make_install INSTALL="install -p -c" +find %{buildroot} -name '*.la' -delete + +# Needed to enable the service at compose time currently +%post +%systemd_post ostree-remount.service + +%preun +%systemd_preun ostree-remount.service + +%files +%{!?_licensedir:%global license %%doc} +%license COPYING +%doc README.md +%{_bindir}/ostree +%{_bindir}/rofiles-fuse +%{_datadir}/ostree +%{_datadir}/bash-completion/completions/* +%dir %{_prefix}/lib/dracut/modules.d/98ostree +%{_prefix}/lib/systemd/system/ostree*.* +%{_prefix}/lib/dracut/modules.d/98ostree/* +%{_mandir}/man*/*.gz +%{_prefix}/lib/systemd/system-generators/ostree-system-generator +%exclude %{_sysconfdir}/grub.d/*ostree +%exclude %{_libexecdir}/libostree/grub2* +%exclude %{_libexecdir}/libostree/ostree-trivial-httpd +%{_prefix}/lib/tmpfiles.d/* +%{_prefix}/lib/ostree +# Moved in git master +%{_libexecdir}/libostree/* + +%files libs +%{_sysconfdir}/ostree +%{_libdir}/*.so.1* +%{_libdir}/girepository-1.0/OSTree-1.0.typelib + +%files devel +%{_libdir}/lib*.so +%{_includedir}/* +%{_libdir}/pkgconfig/* +%dir %{_datadir}/gtk-doc/html/ostree +%{_datadir}/gtk-doc/html/ostree +%{_datadir}/gir-1.0/OSTree-1.0.gir + +%ifnarch s390 s390x +%files grub2 +%{_sysconfdir}/grub.d/*ostree +%dir %{_libexecdir}/libostree +%{_libexecdir}/libostree/grub2* +%endif + +%if %{with tests} +%files tests +%{_libexecdir}/installed-tests +%{_datadir}/installed-tests +%{_libexecdir}/libostree/ostree-trivial-httpd +%endif + +%changelog +* Fri Oct 14 2022 Colin Walters - 2022.2-6 +- Backport https://github.com/ostreedev/ostree/commit/0085494e350c72599fc5c0e00422885d80b3c660 +- Resolves: rhbz#2134629 + +* Tue Aug 23 2022 Luca BRUNO - 2022.2-5 +- Backport enablement patches for Secure Execution on s390x + https://github.com/ostreedev/ostree/pull/2694 + Resolves: rhbz#2120522 +- Backport security fix to verify signatures are minimum length (advisory GHSA-gqf4-p3gv-g8vw) + https://github.com/ostreedev/ostree/pull/2696 + Resolves: rhbz#2119444 + +* Wed May 04 2022 Colin Walters - 2022.2-4 +- Backport patches from 2022.3, particularly SELinux + Resolves: rhbz#2057497 + +* Tue Apr 19 2022 Colin Walters - 2022.2-3 +- https://github.com/ostreedev/ostree/releases/tag/v2022.2 + Resolves: rhbz#2057497 + +* Mon Jan 10 2022 Colin Walters - 2022.1-2 +- Rebase to 2022.1 + Resolves: rhbz#2032593 + +* Wed Dec 15 2021 Colin Walters - 2021.6-2 +- Rebase to 2021.6 + Resolves: rhbz#2032593 + +* Tue Nov 30 2021 Colin Walters - 2021.3-2 +- Backport + https://github.com/ostreedev/ostree/pull/2453/commits/e6a560b40797324aa8b90e7100c6d50bff91f14d + Resolves: rhbz#2027788 + +* Tue Jul 20 2021 Luca BRUNO - 2021.3-1 +- New upstream version + https://github.com/ostreedev/ostree/releases/tag/v2021.3 + Resolves: rhbz#1981865 + +* Fri May 14 2021 Luca BRUNO - 2021.2-1 +- New upstream version 2021.2 + https://github.com/ostreedev/ostree/releases/tag/v2021.2 + +* Tue Nov 3 15:04:48 UTC 2020 Colin Walters - 2020.7-1 +- Update to 2020.7 + Resolves: #1894062 + +* Wed Sep 09 2020 Colin Walters - 2020.5-4 +- Backport patches for https://bugzilla.redhat.com/show_bug.cgi?id=1875567 + +* Mon Aug 24 2020 Colin Walters - 2020.5-3 +- Backport + https://github.com/ostreedev/ostree/pull/2179/commits/06ed04a816141914adb9bd3e32392801fce5bc8e + Resolves: #1867601 + +* Tue Aug 18 2020 Colin Walters - 2020.5-2 +- Update to https://github.com/ostreedev/ostree/releases/tag/v2020.5 + Specifically to fix readonly-sysroot for e.g. RHEL Edge and + older RHCOS versions +- Related: #1861507 + +* Tue Jul 28 2020 Colin Walters - 2020.4-1 +- https://github.com/ostreedev/ostree/releases/tag/v2020.4 +- We plan to use per-object-fsync for etcd in OpenShift 4 +- Resolves: #1861507 + +* Thu May 21 2020 Colin Walters - 2020.3-3 +- Backport https://github.com/ostreedev/ostree/pull/2108 + +* Fri May 15 2020 Colin Walters - 2020.3-2 +- https://github.com/ostreedev/ostree/releases/tag/v2020.3 + Resolves: #1836306 + +* Tue Dec 10 2019 Colin Walters - 2019.6-2 +- https://github.com/ostreedev/ostree/releases/tag/v2019.6 + +* Wed Oct 30 2019 Colin Walters - 2019.5-1 +- https://github.com/ostreedev/ostree/releases/tag/v2019.5 + +* Mon Oct 14 2019 Colin Walters - 2019.4-3 +- https://github.com/ostreedev/ostree/releases/tag/v2019.4 + +* Wed Apr 24 2019 Jonathan Lebon - 2019.2-1 +- https://github.com/ostreedev/ostree/releases/tag/v2019.2 + +* Sat Feb 09 2019 Dusty Mabe - 2019.1-5 +- Re-enable http2 in ostree build + +* Fri Feb 01 2019 Fedora Release Engineering - 2019.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Thu Jan 17 2019 Sinny Kumari - 2019.1-3 +- Backport patch to fix bare → bare imports +- Backport patch to Set xattr on correct fd for bare-user → bare-user imports + +* Fri Jan 11 2019 Colin Walters - 2019.1-2 +- https://github.com/ostreedev/ostree/releases/tag/v2019.1 + +* Fri Jan 11 2019 Colin Walters - 2018.9-2 +- Work around https://src.fedoraproject.org/rpms/nfs-utils/pull-request/7 + +* Thu Oct 25 2018 Colin Walters - 2018.9-1 +- https://github.com/ostreedev/ostree/releases/tag/v2018.9 + +* Wed Oct 17 2018 Jonathan Lebon +- Add conditional for tests and disable by default on RHEL > 7 + +* Wed Aug 22 2018 Colin Walters - 2018.8-1 +- https://github.com/ostreedev/ostree/releases/tag/v2018.8 + +* Sun Aug 12 2018 Peter Robinson 2018.7-2 +- Enable grub2 support on ARMv7 + +* Fri Jul 20 2018 Colin Walters - 2018.7-1 +- https://github.com/ostreedev/ostree/releases/tag/v2018.7 + +* Fri Jul 13 2018 Fedora Release Engineering - 2018.6-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Jul 04 2018 Jonathan Lebon - 2018.6-4 +- Backport patch to fix /var mountpoints + https://github.com/ostreedev/ostree/issues/1667 + +* Thu Jun 21 2018 Colin Walters - 2018.6-3 +- https://github.com/ostreedev/ostree/releases/tag/v2018.6 + +* Fri May 11 2018 Colin Walters - 2018.5-1 +- https://github.com/ostreedev/ostree/releases/tag/v2018.5 + +* Tue Apr 03 2018 Kalev Lember - 2018.3-2 +- Backport a patch to avoid writing to parent repo + +* Wed Mar 21 2018 Colin Walters - 2018.3-1 +- https://github.com/ostreedev/ostree/releases/tag/v2018.3 + +* Fri Mar 02 2018 Jonathan Lebon - 2018.2-2 +- Drop ostree-remount systemd service preset, already in fedora-release + https://bugzilla.redhat.com/show_bug.cgi?id=1550799 + +* Thu Feb 15 2018 Colin Walters - 2018.2-1 +- https://github.com/ostreedev/ostree/releases/tag/v2018.2 + +* Thu Feb 08 2018 Fedora Release Engineering - 2018.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Jan 15 2018 Colin Walters - 2018.1-1 +- https://github.com/ostreedev/ostree/releases/tag/v2018.1 + +* Wed Dec 20 2017 Colin Walters - 2017.15-1 +- https://github.com/ostreedev/ostree/releases/tag/v2017.15 +- Drop upstreamed patches; note this build disabled HTTP2 by + default for now since we are hitting it with koji. For more + information see https://github.com/ostreedev/ostree/issues/1362 + +* Mon Dec 18 2017 Jonathan Lebon - 2017.14-2 +- Backport patch to drop HTTP2 + +* Mon Dec 04 2017 Colin Walters - 2017.14-1 +- https://github.com/ostreedev/ostree/releases/tag/v2017.14 +- Update description + +* Mon Nov 27 2017 Colin Walters - 2017.13-4 +- Backport patch to drop curl low speed checks; requested by flatpak + +* Tue Nov 07 2017 Kalev Lember - 2017.13-3 +- Backport a patch to fix a gnome-software crash when installing flatpaks + (#1497642) + +* Thu Nov 02 2017 Colin Walters - 2017.13-2 +- https://github.com/ostreedev/ostree/releases/tag/v2017.13 + +* Tue Oct 03 2017 Jonathan Lebon - 2017.12-2 +- Let tests subpackage own ostree-trivial-httpd + +* Mon Oct 02 2017 Colin Walters - 2017.12-1 +- New upstream version +- https://github.com/ostreedev/ostree/releases/tag/v2017.12 + +* Thu Sep 14 2017 Colin Walters - 2017.11-1 +- New upstream version +- Add tests subpackage, prep for https://fedoraproject.org/wiki/CI + +* Tue Aug 22 2017 Ville Skyttä - 2017.10-3 +- Own the %%{_libexecdir}/libostree dir + +* Thu Aug 17 2017 Colin Walters - 2017.10-2 +- New upstream version + +* Sat Aug 12 2017 Ville Skyttä - 2017.9-5 +- Own the %%{_datadir}/ostree dir + +* Thu Aug 03 2017 Fedora Release Engineering - 2017.9-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Sun Jul 30 2017 Florian Weimer - 2017.9-3 +- Rebuild with binutils fix for ppc64le (#1475636) + +* Thu Jul 27 2017 Colin Walters - 2017.9-2 +- New upstream version + +* Thu Jul 27 2017 Fedora Release Engineering - 2017.8-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Jul 17 2017 Colin Walters - 2017.8-3 +- Switch to libcurl for F26+ + I think it works well; to recap the arguments below: + It has various advantages like HTTP2, plus now that NetworkManager + switched we are the last thing left in Fedora Atomic Host depending + on libsoup. + +* Thu Jul 06 2017 Colin Walters - 2017.8-2 +- New upstream version + +* Mon Jun 19 2017 Colin Walters - 2017.7-2 +- Update to new upstream + +* Fri Jun 02 2017 Colin Walters - 2017.6-4 +- Fix previous commit to actually work + +* Thu May 18 2017 Colin Walters - 2017.6-3 +- Enable curl+openssl on f27+ + It has various advantages like HTTP2, plus now that NetworkManager + switched we are the last thing left in Fedora Atomic Host depending + on libsoup. + +* Wed May 17 2017 Colin Walters - 2017.6-2 +- New upstream version + +* Wed Apr 19 2017 Colin Walters - 2017.5-2 +- New upstream version + +* Wed Apr 12 2017 Colin Walters - 2017.4-2 +- New upstream version + +* Fri Mar 10 2017 Colin Walters - 2017.3-2 +- New upstream version + +* Fri Mar 03 2017 Colin Walters - 2017.2-4 +- Add patch for ppc64le grub2 + +* Thu Feb 23 2017 Colin Walters - 2017.2-3 +- Backport libmount unref patch + +* Tue Feb 14 2017 Colin Walters - 2017.2-2 +- New upstream version + +* Sat Feb 11 2017 Fedora Release Engineering - 2017.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Feb 07 2017 Jonathan Lebon - 2017.1-4 +- Make ostree-grub2 require ostree + +* Tue Feb 07 2017 Colin Walters - 2017.1-3 +- Split off ostree-libs. This is the inverse of upstream + https://github.com/ostreedev/ostree/pull/659 + but renaming the package would be hard for low immediate gain. + With this at least, flatpak could theoretically depend just on libostree. + And similarly for rpm-ostree compose tree (when that gets split out). + +* Mon Jan 23 2017 Colin Walters - 2017.1-2 +- New upstream version + +* Wed Jan 18 2017 Colin Walters - 2016.15-2 +- Enable libmount for /boot readonly + +* Mon Dec 12 2016 walters@redhat.com - 2016.15-1 +- New upstream version + +* Sat Dec 10 2016 Igor Gnatenko - 2016.14-3 +- Rebuild for gpgme 1.18 + +* Tue Nov 29 2016 Kalev Lember - 2016.14-2 +- Backport a patch to remove an accidental print statement + +* Wed Nov 23 2016 walters@redhat.com - 2016.14-1 +- New upstream version + +* Tue Nov 15 2016 walters@redhat.com - 2016.13-2 +- New upstream version +- Require glib-networking to fix https://pagure.io/pungi-fedora/pull-request/103 + +* Sun Oct 23 2016 walters@verbum.org - 2016.12-1 +- New upstream release + +* Fri Oct 07 2016 walters@redhat.com - 2016.11-1 +- New upstream version + +* Tue Sep 20 2016 walters@redhat.com - 2016.10-8 +- Backport another patch for systemd journal + Resolves: #1265295 + +* Fri Sep 16 2016 walters@verbum.org - 2016.10-6 +- Set --with-dracut=yesbutnoconf + Resolves: #1331369 + +* Thu Sep 15 2016 walters@verbum.org - 2016.10-4 +- Backport patch to fix bug#1265295 + +* Mon Sep 12 2016 Kalev Lember - 2016.10-3 +- pull: Do allow executing deltas when mirroring into bare{,-user} + +* Fri Sep 09 2016 Kalev Lember - 2016.10-2 +- Drop libgsystem dependency + +* Thu Sep 08 2016 walters@redhat.com - 2016.10-1 +- New upstream version + +* Wed Aug 31 2016 Colin Walters - 2016.9-1 +- New upstream version + +* Tue Aug 09 2016 walters@redhat.com - 2016.8-1 +- New upstream version + +* Tue Aug 09 2016 Colin Walters - 2016.7-4 +- Add pending patch to fix date-based pruning + +* Fri Jul 08 2016 walters@redhat.com - 2016.7-1 +- New upstream version + +* Mon Jun 20 2016 Colin Walters - 2016.6-1 +- New upstream version + +* Sun May 8 2016 Peter Robinson 2016.5-3 +- aarch64 only has grub2-efi +- Use %%license + +* Fri Apr 15 2016 Colin Walters - 2016.5-2 +- New upstream version + +* Wed Mar 23 2016 Colin Walters - 2016.4-2 +- New upstream version + +* Fri Feb 26 2016 Colin Walters - 2016.3-1 +- New upstream version + +* Tue Feb 23 2016 Colin Walters - 2016.2-1 +- New upstream version + +* Thu Feb 04 2016 Fedora Release Engineering - 2016.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Jan 12 2016 Colin Walters - 2016.1-2 +- New upstream version + +* Fri Dec 04 2015 Colin Walters - 2015.11-2 +- New upstream version + +* Sun Nov 22 2015 Colin Walters - 2015.10-1 +- New upstream version + +* Thu Nov 12 2015 Matthew Barnes - 2015.9-3 +- Add ostree-tmp-chmod.service to fix /tmp permissions on existing installs. + Resolves: #1276775 + +* Fri Oct 30 2015 Colin Walters - 2015.9-2 +- Add patch to fix permissions of /tmp + Resolves: #1276775 + +* Wed Sep 23 2015 Colin Walters - 2015.9-1 +- New upstream version + +* Wed Aug 26 2015 Colin Walters - 2015.8-1 +- New upstream version + +* Thu Jun 18 2015 Fedora Release Engineering - 2015.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue Jun 02 2015 Colin Walters - 2015.7-1 +- New upstream version + +* Thu May 28 2015 Colin Walters - 2015.6-4 +- Add patch to ensure reliable bootloader ordering + See: #1225088 + +* Thu Apr 30 2015 Colin Walters - 2015.6-3 +- Close sysroot fd in finalize to fix Anaconda + https://bugzilla.redhat.com/show_bug.cgi?id=1217578 + +* Fri Apr 17 2015 Colin Walters - 2015.6-2 +- New upstream release + +* Sun Apr 12 2015 Colin Walters - 2015.5-4 +- (Really) Handle null epoch as well; this was injected for https://github.com/cgwalters/rpmdistro-gitoverlay + +* Tue Apr 07 2015 Colin Walters - 2015.5-2 +- New upstream release + +* Mon Mar 30 2015 Dan Horák - 2015.4-5 +- ExcludeArch is a build restriction and is global, switching to %%ifnarch + +* Fri Mar 27 2015 Colin Walters - 2015.4-4 +- Have grub2 subpackage match ExcludeArch with grub2 + +* Fri Mar 27 2015 Colin Walters - 2015.4-3 +- Handle null epoch as well; this was injected for https://github.com/cgwalters/rpmdistro-gitoverlay + +* Wed Mar 25 2015 Colin Walters - 2015.4-2 +- New upstream release + +* Mon Feb 16 2015 Colin Walters - 2015.3-3 +- Require latest libgsystem to ensure people have it + +* Fri Jan 23 2015 Colin Walters - 2015.3-2 +- New upstream release + +* Thu Jan 08 2015 Colin Walters - 2015.2-1 +- New upstream release + +* Sun Jan 04 2015 Colin Walters - 2014.13-2 +- Add patch to ensure correct xattrs on modified config files + Fixes: #1178208 + +* Wed Dec 17 2014 Colin Walters - 2014.13-1 +- New upstream release + +* Wed Nov 26 2014 Colin Walters - 2014.12-1 +- New upstream version + +* Thu Oct 30 2014 Colin Walters - 2014.11-1 +- New upstream release + +* Wed Oct 29 2014 Colin Walters - 2014.10.1.gedc3b9a-1 +- New upstream release + +* Fri Oct 24 2014 Colin Walters - 2014.9-2 +- New upstream release + +* Thu Oct 16 2014 Colin Walters +- New upstream release + +* Mon Sep 08 2014 Colin Walters - 2014.6-1 +- New upstream release + +* Sun Aug 17 2014 Fedora Release Engineering - 2014.5-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Tue Jul 22 2014 Kalev Lember - 2014.5-4 +- Rebuilt for gobject-introspection 1.41.4 + +* Wed Jun 25 2014 Colin Walters +- Rebuild to pick up new libsoup + +* Fri Jun 13 2014 Colin Walters - 2014.4-2 +- Include /etc/ostree, even though it is empty + +* Mon Jun 09 2014 Colin Walters - 2014.4-1 +- New upstream release + +* Sat Jun 07 2014 Fedora Release Engineering - 2014.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sun Apr 13 2014 Colin Walters - 2014.4-1 +- New upstream release + +* Mon Mar 31 2014 Colin Walters +- New git snapshot for rpm-ostree + +* Fri Mar 21 2014 Colin Walters - 2014.3-1 +- New upstream release + +* Fri Mar 14 2014 Colin Walters - 2014.2-3 +- Move trusted.gpg.d to main runtime package, where it should be + +* Fri Mar 07 2014 Colin Walters - 2014.2-2 +- Depend on gpgv2 +- Resolves: #1073813 + +* Sat Mar 01 2014 Colin Walters - 2014.2-1 +- New upstream release +- Depend on libselinux +- Explicitly depend on libarchive too, we were actually failing + to disable it before + +* Fri Jan 24 2014 Colin Walters - 2014.1-1 +- New upstream release + +* Mon Jan 13 2014 Colin Walters - 2013.7-2 +- Add preset file so ostree-remount is enabled by default, since + it needs to be. + +* Tue Oct 15 2013 Colin Walters - 2013.7-1 +- New upstream release +- Now LGPLv2+ only +- Enable libarchive since it might be useful for people +- Enable new gpgme dependency + +* Thu Sep 12 2013 Colin Walters - 2013.6-3 +- Enable introspection + +* Mon Sep 09 2013 Colin Walters - 2013.6-2 +- Tweak description + +* Mon Sep 09 2013 Colin Walters - 2013.6-1 +- New upstream release + +* Sat Aug 25 2013 Colin Walters - 2013.5-3 +- And actually while we are here, drop all the embedded dependency + goop from this spec file; it may live on in the EPEL branch. + +* Sat Aug 25 2013 Colin Walters - 2013.5-2 +- Drop requirement on linux-user-chroot + We now require triggers to be processed on the build server + by default, so ostree does not runtime-depend on linux-user-chroot. + +* Sat Aug 17 2013 Colin Walters - 2013.5-1 +- New upstream release +- Add devel package + +* Sat Aug 03 2013 Fedora Release Engineering - 2013.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jul 16 2013 Colin Walters - 2013.4-1 +- New upstream release + +* Sun Jul 07 2013 Colin Walters - 2013.3-1 +- New upstream release + +* Mon Apr 01 2013 Colin Walters - 2013.1-1 +- New upstream release + +* Thu Feb 14 2013 Fedora Release Engineering - 2012.13-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sun Dec 23 2012 Colin Walters - 2012.13-1 +- New upstream release + +* Tue Dec 18 2012 Colin Walters - 2012.12-2 +- Explicitly enable grub2 hook; otherwise we pick up whatever + the buildroot has, which is not what we want. + +* Mon Nov 19 2012 Colin Walters - 2012.12-1 +- Initial import; thanks to Michel Alexandre Salim for review + https://bugzilla.redhat.com/show_bug.cgi?id=819951 +