Compare commits
No commits in common. 'c8' and 'c9' have entirely different histories.
@ -1 +1 @@
|
|||||||
SOURCES/libostree-2022.2.tar.xz
|
SOURCES/libostree-2024.9.tar.xz
|
||||||
|
@ -1 +1 @@
|
|||||||
9f1cc3796da8b7892a8ef930a5086d4ff42c475f SOURCES/libostree-2022.2.tar.xz
|
b37cd0e29ac24260c9082b3f62a9c3b21a46a505 SOURCES/libostree-2024.9.tar.xz
|
||||||
|
@ -1,374 +0,0 @@
|
|||||||
From a6d45dc165e48e2a463880ebb90f34c2b9d3c4ce Mon Sep 17 00:00:00 2001
|
|
||||||
From: Colin Walters <walters@verbum.org>
|
|
||||||
Date: Fri, 22 Apr 2022 18:46:28 -0400
|
|
||||||
Subject: [PATCH 1/6] Add an `ostree-boot-complete.service` to propagate
|
|
||||||
staging failures
|
|
||||||
|
|
||||||
Quite a while ago we added staged deployments, which solved
|
|
||||||
a bunch of issues around the `/etc` merge. However...a persistent
|
|
||||||
problem since then is that any failures in that process that
|
|
||||||
happened in the *previous* boot are not very visible.
|
|
||||||
|
|
||||||
We ship custom code in `rpm-ostree status` to query the previous
|
|
||||||
journal. But that has a few problems - one is that on systems
|
|
||||||
that have been up a while, that failure message may even get
|
|
||||||
rotated out. And second, some systems may not even have a persistent
|
|
||||||
journal at all.
|
|
||||||
|
|
||||||
A general thing we do in e.g. Fedora CoreOS testing is to check
|
|
||||||
for systemd unit failures. We do that both in our automated tests,
|
|
||||||
and we even ship code that displays them on ssh logins. And beyond
|
|
||||||
that obviously a lot of other projects do the same; it's easy via
|
|
||||||
`systemctl --failed`.
|
|
||||||
|
|
||||||
So to make failures more visible, change our `ostree-finalize-staged.service`
|
|
||||||
to have an internal wrapper around the process that "catches" any
|
|
||||||
errors, and copies the error message into a file in `/boot/ostree`.
|
|
||||||
|
|
||||||
Then, a new `ostree-boot-complete.service` looks for this file on
|
|
||||||
startup and re-emits the error message, and fails.
|
|
||||||
|
|
||||||
It also deletes the file. The rationale is to avoid *continually*
|
|
||||||
warning. For example we need to handle the case when an upgrade
|
|
||||||
process creates a new staged deployment. Now, we could change the
|
|
||||||
ostree core code to delete the warning file when that happens instead,
|
|
||||||
but this is trying to be a conservative change.
|
|
||||||
|
|
||||||
This should make failures here much more visible as is.
|
|
||||||
---
|
|
||||||
Makefile-boot.am | 2 +
|
|
||||||
Makefile-ostree.am | 1 +
|
|
||||||
src/boot/ostree-boot-complete.service | 33 +++++++++++
|
|
||||||
src/libostree/ostree-cmdprivate.c | 1 +
|
|
||||||
src/libostree/ostree-cmdprivate.h | 1 +
|
|
||||||
src/libostree/ostree-impl-system-generator.c | 2 +
|
|
||||||
src/libostree/ostree-sysroot-deploy.c | 62 ++++++++++++++++++--
|
|
||||||
src/libostree/ostree-sysroot-private.h | 7 +++
|
|
||||||
src/libostree/ostree-sysroot.c | 2 +
|
|
||||||
src/ostree/ot-admin-builtin-boot-complete.c | 58 ++++++++++++++++++
|
|
||||||
src/ostree/ot-admin-builtins.h | 1 +
|
|
||||||
src/ostree/ot-builtin-admin.c | 3 +
|
|
||||||
tests/kolainst/destructive/staged-deploy.sh | 12 ++++
|
|
||||||
13 files changed, 181 insertions(+), 4 deletions(-)
|
|
||||||
create mode 100644 src/boot/ostree-boot-complete.service
|
|
||||||
create mode 100644 src/ostree/ot-admin-builtin-boot-complete.c
|
|
||||||
|
|
||||||
diff --git a/Makefile-boot.am b/Makefile-boot.am
|
|
||||||
index ec10a0d6..e42e5180 100644
|
|
||||||
--- a/Makefile-boot.am
|
|
||||||
+++ b/Makefile-boot.am
|
|
||||||
@@ -38,6 +38,7 @@ endif
|
|
||||||
if BUILDOPT_SYSTEMD
|
|
||||||
systemdsystemunit_DATA = src/boot/ostree-prepare-root.service \
|
|
||||||
src/boot/ostree-remount.service \
|
|
||||||
+ src/boot/ostree-boot-complete.service \
|
|
||||||
src/boot/ostree-finalize-staged.service \
|
|
||||||
src/boot/ostree-finalize-staged.path \
|
|
||||||
$(NULL)
|
|
||||||
@@ -64,6 +65,7 @@ endif
|
|
||||||
EXTRA_DIST += src/boot/dracut/module-setup.sh \
|
|
||||||
src/boot/dracut/ostree.conf \
|
|
||||||
src/boot/mkinitcpio \
|
|
||||||
+ src/boot/ostree-boot-complete.service \
|
|
||||||
src/boot/ostree-prepare-root.service \
|
|
||||||
src/boot/ostree-finalize-staged.path \
|
|
||||||
src/boot/ostree-remount.service \
|
|
||||||
diff --git a/Makefile-ostree.am b/Makefile-ostree.am
|
|
||||||
index 82af1681..0fe2c5f8 100644
|
|
||||||
--- a/Makefile-ostree.am
|
|
||||||
+++ b/Makefile-ostree.am
|
|
||||||
@@ -70,6 +70,7 @@ ostree_SOURCES += \
|
|
||||||
src/ostree/ot-admin-builtin-diff.c \
|
|
||||||
src/ostree/ot-admin-builtin-deploy.c \
|
|
||||||
src/ostree/ot-admin-builtin-finalize-staged.c \
|
|
||||||
+ src/ostree/ot-admin-builtin-boot-complete.c \
|
|
||||||
src/ostree/ot-admin-builtin-undeploy.c \
|
|
||||||
src/ostree/ot-admin-builtin-instutil.c \
|
|
||||||
src/ostree/ot-admin-builtin-cleanup.c \
|
|
||||||
diff --git a/src/boot/ostree-boot-complete.service b/src/boot/ostree-boot-complete.service
|
|
||||||
new file mode 100644
|
|
||||||
index 00000000..5c09fdc9
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/src/boot/ostree-boot-complete.service
|
|
||||||
@@ -0,0 +1,33 @@
|
|
||||||
+# Copyright (C) 2022 Red Hat, Inc.
|
|
||||||
+#
|
|
||||||
+# This library is free software; you can redistribute it and/or
|
|
||||||
+# modify it under the terms of the GNU Lesser General Public
|
|
||||||
+# License as published by the Free Software Foundation; either
|
|
||||||
+# version 2 of the License, or (at your option) any later version.
|
|
||||||
+#
|
|
||||||
+# This library is distributed in the hope that it will be useful,
|
|
||||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
||||||
+# Lesser General Public License for more details.
|
|
||||||
+#
|
|
||||||
+# You should have received a copy of the GNU Lesser General Public
|
|
||||||
+# License along with this library. If not, see <https://www.gnu.org/licenses/>.
|
|
||||||
+
|
|
||||||
+[Unit]
|
|
||||||
+Description=OSTree Complete Boot
|
|
||||||
+Documentation=man:ostree(1)
|
|
||||||
+# For now, this is the only condition on which we start, but it's
|
|
||||||
+# marked as a triggering condition in case in the future we want
|
|
||||||
+# to do something else.
|
|
||||||
+ConditionPathExists=|/boot/ostree/finalize-failure.stamp
|
|
||||||
+RequiresMountsFor=/boot
|
|
||||||
+# Ensure that we propagate the failure into the current boot before
|
|
||||||
+# any further finalization attempts.
|
|
||||||
+Before=ostree-finalize-staged.service
|
|
||||||
+
|
|
||||||
+[Service]
|
|
||||||
+Type=oneshot
|
|
||||||
+# To write to /boot while keeping it read-only
|
|
||||||
+MountFlags=slave
|
|
||||||
+RemainAfterExit=yes
|
|
||||||
+ExecStart=/usr/bin/ostree admin boot-complete
|
|
||||||
diff --git a/src/libostree/ostree-cmdprivate.c b/src/libostree/ostree-cmdprivate.c
|
|
||||||
index c9a6e2e1..f6c114f4 100644
|
|
||||||
--- a/src/libostree/ostree-cmdprivate.c
|
|
||||||
+++ b/src/libostree/ostree-cmdprivate.c
|
|
||||||
@@ -51,6 +51,7 @@ ostree_cmd__private__ (void)
|
|
||||||
_ostree_repo_static_delta_delete,
|
|
||||||
_ostree_repo_verify_bindings,
|
|
||||||
_ostree_sysroot_finalize_staged,
|
|
||||||
+ _ostree_sysroot_boot_complete,
|
|
||||||
};
|
|
||||||
|
|
||||||
return &table;
|
|
||||||
diff --git a/src/libostree/ostree-cmdprivate.h b/src/libostree/ostree-cmdprivate.h
|
|
||||||
index 46452ebd..17f943c8 100644
|
|
||||||
--- a/src/libostree/ostree-cmdprivate.h
|
|
||||||
+++ b/src/libostree/ostree-cmdprivate.h
|
|
||||||
@@ -33,6 +33,7 @@ typedef struct {
|
|
||||||
gboolean (* ostree_static_delta_delete) (OstreeRepo *repo, const char *delta_id, GCancellable *cancellable, GError **error);
|
|
||||||
gboolean (* ostree_repo_verify_bindings) (const char *collection_id, const char *ref_name, GVariant *commit, GError **error);
|
|
||||||
gboolean (* ostree_finalize_staged) (OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
|
|
||||||
+ gboolean (* ostree_boot_complete) (OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
|
|
||||||
} OstreeCmdPrivateVTable;
|
|
||||||
|
|
||||||
/* Note this not really "public", we just export the symbol, but not the header */
|
|
||||||
diff --git a/src/libostree/ostree-impl-system-generator.c b/src/libostree/ostree-impl-system-generator.c
|
|
||||||
index 769f0cbd..92d71605 100644
|
|
||||||
--- a/src/libostree/ostree-impl-system-generator.c
|
|
||||||
+++ b/src/libostree/ostree-impl-system-generator.c
|
|
||||||
@@ -134,6 +134,8 @@ require_internal_units (const char *normal_dir,
|
|
||||||
return FALSE;
|
|
||||||
if (symlinkat (SYSTEM_DATA_UNIT_PATH "/ostree-finalize-staged.path", normal_dir_dfd, "multi-user.target.wants/ostree-finalize-staged.path") < 0)
|
|
||||||
return glnx_throw_errno_prefix (error, "symlinkat");
|
|
||||||
+ if (symlinkat (SYSTEM_DATA_UNIT_PATH "/ostree-boot-complete.service", normal_dir_dfd, "multi-user.target.wants/ostree-boot-complete.service") < 0)
|
|
||||||
+ return glnx_throw_errno_prefix (error, "symlinkat");
|
|
||||||
|
|
||||||
return TRUE;
|
|
||||||
#else
|
|
||||||
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
index b7cc232f..fc5916d8 100644
|
|
||||||
--- a/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
+++ b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
@@ -3255,10 +3255,10 @@ ostree_sysroot_stage_tree_with_options (OstreeSysroot *self,
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Invoked at shutdown time by ostree-finalize-staged.service */
|
|
||||||
-gboolean
|
|
||||||
-_ostree_sysroot_finalize_staged (OstreeSysroot *self,
|
|
||||||
- GCancellable *cancellable,
|
|
||||||
- GError **error)
|
|
||||||
+static gboolean
|
|
||||||
+_ostree_sysroot_finalize_staged_inner (OstreeSysroot *self,
|
|
||||||
+ GCancellable *cancellable,
|
|
||||||
+ GError **error)
|
|
||||||
{
|
|
||||||
/* It's totally fine if there's no staged deployment; perhaps down the line
|
|
||||||
* though we could teach the ostree cmdline to tell systemd to activate the
|
|
||||||
@@ -3355,9 +3355,63 @@ _ostree_sysroot_finalize_staged (OstreeSysroot *self,
|
|
||||||
if (!ostree_sysroot_prepare_cleanup (self, cancellable, error))
|
|
||||||
return FALSE;
|
|
||||||
|
|
||||||
+ // Cleanup will have closed some FDs, re-ensure writability
|
|
||||||
+ if (!_ostree_sysroot_ensure_writable (self, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
+/* Invoked at shutdown time by ostree-finalize-staged.service */
|
|
||||||
+gboolean
|
|
||||||
+_ostree_sysroot_finalize_staged (OstreeSysroot *self,
|
|
||||||
+ GCancellable *cancellable,
|
|
||||||
+ GError **error)
|
|
||||||
+{
|
|
||||||
+ g_autoptr(GError) finalization_error = NULL;
|
|
||||||
+ if (!_ostree_sysroot_ensure_boot_fd (self, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ if (!_ostree_sysroot_finalize_staged_inner (self, cancellable, &finalization_error))
|
|
||||||
+ {
|
|
||||||
+ g_autoptr(GError) writing_error = NULL;
|
|
||||||
+ g_assert_cmpint (self->boot_fd, !=, -1);
|
|
||||||
+ if (!glnx_file_replace_contents_at (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH,
|
|
||||||
+ (guint8*)finalization_error->message, -1,
|
|
||||||
+ 0, cancellable, &writing_error))
|
|
||||||
+ {
|
|
||||||
+ // We somehow failed to write the failure message...that's not great. Maybe ENOSPC on /boot.
|
|
||||||
+ g_printerr ("Failed to write %s: %s\n", _OSTREE_FINALIZE_STAGED_FAILURE_PATH, writing_error->message);
|
|
||||||
+ }
|
|
||||||
+ g_propagate_error (error, g_steal_pointer (&finalization_error));
|
|
||||||
+ return FALSE;
|
|
||||||
+ }
|
|
||||||
+ return TRUE;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+/* Invoked at bootup time by ostree-boot-complete.service */
|
|
||||||
+gboolean
|
|
||||||
+_ostree_sysroot_boot_complete (OstreeSysroot *self,
|
|
||||||
+ GCancellable *cancellable,
|
|
||||||
+ GError **error)
|
|
||||||
+{
|
|
||||||
+ if (!_ostree_sysroot_ensure_boot_fd (self, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+
|
|
||||||
+ glnx_autofd int failure_fd = -1;
|
|
||||||
+ if (!ot_openat_ignore_enoent (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH, &failure_fd, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ // If we didn't find a failure log, then there's nothing to do right now.
|
|
||||||
+ // (Actually this unit shouldn't even be invoked, but we may do more in the future)
|
|
||||||
+ if (failure_fd == -1)
|
|
||||||
+ return TRUE;
|
|
||||||
+ g_autofree char *failure_data = glnx_fd_readall_utf8 (failure_fd, NULL, cancellable, error);
|
|
||||||
+ if (failure_data == NULL)
|
|
||||||
+ return glnx_prefix_error (error, "Reading from %s", _OSTREE_FINALIZE_STAGED_FAILURE_PATH);
|
|
||||||
+ // Remove the file; we don't want to continually error out.
|
|
||||||
+ (void) unlinkat (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH, 0);
|
|
||||||
+ return glnx_throw (error, "ostree-finalize-staged.service failed on previous boot: %s", failure_data);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/**
|
|
||||||
* ostree_sysroot_deployment_set_kargs:
|
|
||||||
* @self: Sysroot
|
|
||||||
diff --git a/src/libostree/ostree-sysroot-private.h b/src/libostree/ostree-sysroot-private.h
|
|
||||||
index cb34eeb3..a49a406c 100644
|
|
||||||
--- a/src/libostree/ostree-sysroot-private.h
|
|
||||||
+++ b/src/libostree/ostree-sysroot-private.h
|
|
||||||
@@ -96,6 +96,9 @@ struct OstreeSysroot {
|
|
||||||
#define _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS "ostree/initramfs-overlays"
|
|
||||||
#define _OSTREE_SYSROOT_INITRAMFS_OVERLAYS "boot/" _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS
|
|
||||||
|
|
||||||
+// Relative to /boot, consumed by ostree-boot-complete.service
|
|
||||||
+#define _OSTREE_FINALIZE_STAGED_FAILURE_PATH "ostree/finalize-failure.stamp"
|
|
||||||
+
|
|
||||||
gboolean
|
|
||||||
_ostree_sysroot_ensure_writable (OstreeSysroot *self,
|
|
||||||
GError **error);
|
|
||||||
@@ -142,6 +145,10 @@ gboolean
|
|
||||||
_ostree_sysroot_finalize_staged (OstreeSysroot *self,
|
|
||||||
GCancellable *cancellable,
|
|
||||||
GError **error);
|
|
||||||
+gboolean
|
|
||||||
+_ostree_sysroot_boot_complete (OstreeSysroot *self,
|
|
||||||
+ GCancellable *cancellable,
|
|
||||||
+ GError **error);
|
|
||||||
|
|
||||||
OstreeDeployment *
|
|
||||||
_ostree_sysroot_deserialize_deployment_from_variant (GVariant *v,
|
|
||||||
diff --git a/src/libostree/ostree-sysroot.c b/src/libostree/ostree-sysroot.c
|
|
||||||
index 266a2975..f083f950 100644
|
|
||||||
--- a/src/libostree/ostree-sysroot.c
|
|
||||||
+++ b/src/libostree/ostree-sysroot.c
|
|
||||||
@@ -356,6 +356,8 @@ _ostree_sysroot_ensure_writable (OstreeSysroot *self,
|
|
||||||
ostree_sysroot_unload (self);
|
|
||||||
if (!ensure_sysroot_fd (self, error))
|
|
||||||
return FALSE;
|
|
||||||
+ if (!_ostree_sysroot_ensure_boot_fd (self, error))
|
|
||||||
+ return FALSE;
|
|
||||||
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
diff --git a/src/ostree/ot-admin-builtin-boot-complete.c b/src/ostree/ot-admin-builtin-boot-complete.c
|
|
||||||
new file mode 100644
|
|
||||||
index 00000000..6e1052f5
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/src/ostree/ot-admin-builtin-boot-complete.c
|
|
||||||
@@ -0,0 +1,58 @@
|
|
||||||
+/*
|
|
||||||
+ * Copyright (C) 2022 Red Hat, Inc.
|
|
||||||
+ *
|
|
||||||
+ * SPDX-License-Identifier: LGPL-2.0+
|
|
||||||
+ *
|
|
||||||
+ * This library is free software; you can redistribute it and/or
|
|
||||||
+ * modify it under the terms of the GNU Lesser General Public
|
|
||||||
+ * License as published by the Free Software Foundation; either
|
|
||||||
+ * version 2 of the License, or (at your option) any later version.
|
|
||||||
+ *
|
|
||||||
+ * This library is distributed in the hope that it will be useful,
|
|
||||||
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
||||||
+ * Lesser General Public License for more details.
|
|
||||||
+ *
|
|
||||||
+ * You should have received a copy of the GNU Lesser General Public
|
|
||||||
+ * License along with this library. If not, see <https://www.gnu.org/licenses/>.
|
|
||||||
+ */
|
|
||||||
+
|
|
||||||
+#include "config.h"
|
|
||||||
+
|
|
||||||
+#include <stdlib.h>
|
|
||||||
+
|
|
||||||
+#include "ot-main.h"
|
|
||||||
+#include "ot-admin-builtins.h"
|
|
||||||
+#include "ot-admin-functions.h"
|
|
||||||
+#include "ostree.h"
|
|
||||||
+#include "otutil.h"
|
|
||||||
+
|
|
||||||
+#include "ostree-cmdprivate.h"
|
|
||||||
+
|
|
||||||
+static GOptionEntry options[] = {
|
|
||||||
+ { NULL }
|
|
||||||
+};
|
|
||||||
+
|
|
||||||
+gboolean
|
|
||||||
+ot_admin_builtin_boot_complete (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
|
|
||||||
+{
|
|
||||||
+ /* Just a sanity check; we shouldn't be called outside of the service though.
|
|
||||||
+ */
|
|
||||||
+ struct stat stbuf;
|
|
||||||
+ if (fstatat (AT_FDCWD, OSTREE_PATH_BOOTED, &stbuf, 0) < 0)
|
|
||||||
+ return TRUE;
|
|
||||||
+ // We must have been invoked via systemd which should have set up a mount namespace.
|
|
||||||
+ g_assert (getenv ("INVOCATION_ID"));
|
|
||||||
+
|
|
||||||
+ g_autoptr(GOptionContext) context = g_option_context_new ("");
|
|
||||||
+ g_autoptr(OstreeSysroot) sysroot = NULL;
|
|
||||||
+ if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
|
|
||||||
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
|
|
||||||
+ invocation, &sysroot, cancellable, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+
|
|
||||||
+ if (!ostree_cmd__private__()->ostree_boot_complete (sysroot, cancellable, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+
|
|
||||||
+ return TRUE;
|
|
||||||
+}
|
|
||||||
diff --git a/src/ostree/ot-admin-builtins.h b/src/ostree/ot-admin-builtins.h
|
|
||||||
index d32b617e..8d9451be 100644
|
|
||||||
--- a/src/ostree/ot-admin-builtins.h
|
|
||||||
+++ b/src/ostree/ot-admin-builtins.h
|
|
||||||
@@ -39,6 +39,7 @@ BUILTINPROTO(deploy);
|
|
||||||
BUILTINPROTO(cleanup);
|
|
||||||
BUILTINPROTO(pin);
|
|
||||||
BUILTINPROTO(finalize_staged);
|
|
||||||
+BUILTINPROTO(boot_complete);
|
|
||||||
BUILTINPROTO(unlock);
|
|
||||||
BUILTINPROTO(status);
|
|
||||||
BUILTINPROTO(set_origin);
|
|
||||||
diff --git a/src/ostree/ot-builtin-admin.c b/src/ostree/ot-builtin-admin.c
|
|
||||||
index e0d2a60c..af09a614 100644
|
|
||||||
--- a/src/ostree/ot-builtin-admin.c
|
|
||||||
+++ b/src/ostree/ot-builtin-admin.c
|
|
||||||
@@ -43,6 +43,9 @@ static OstreeCommand admin_subcommands[] = {
|
|
||||||
{ "finalize-staged", OSTREE_BUILTIN_FLAG_NO_REPO | OSTREE_BUILTIN_FLAG_HIDDEN,
|
|
||||||
ot_admin_builtin_finalize_staged,
|
|
||||||
"Internal command to run at shutdown time" },
|
|
||||||
+ { "boot-complete", OSTREE_BUILTIN_FLAG_NO_REPO | OSTREE_BUILTIN_FLAG_HIDDEN,
|
|
||||||
+ ot_admin_builtin_boot_complete,
|
|
||||||
+ "Internal command to run at boot after an update was applied" },
|
|
||||||
{ "init-fs", OSTREE_BUILTIN_FLAG_NO_REPO,
|
|
||||||
ot_admin_builtin_init_fs,
|
|
||||||
"Initialize a root filesystem" },
|
|
@ -1,515 +0,0 @@
|
|||||||
From 0085494e350c72599fc5c0e00422885d80b3c660 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Miguel Angel Ajo <majopela@redhat.com>
|
|
||||||
Date: Mon, 19 Sep 2022 17:15:24 +0200
|
|
||||||
Subject: [PATCH] Support overlayfs whiteouts on checkout
|
|
||||||
|
|
||||||
Introduces an intermediate format for overlayfs storage, where
|
|
||||||
.wh-ostree. prefixed files will be converted into char 0:0
|
|
||||||
whiteout devices used by overlayfs to mark deletions across layers.
|
|
||||||
|
|
||||||
The CI scripts now uses a volume for the scratch directories
|
|
||||||
previously in /var/tmp otherwise we cannot create whiteout
|
|
||||||
devices into an overlayfs mounted filesystem.
|
|
||||||
|
|
||||||
Related-Issue: #2712
|
|
||||||
(cherry picked from commit e234b630f85b97e48ecf45d5aaba9b1aa64e6b54)
|
|
||||||
---
|
|
||||||
.github/workflows/tests.yml | 8 +-
|
|
||||||
Makefile-tests.am | 1 +
|
|
||||||
bash/ostree | 1 +
|
|
||||||
man/ostree-checkout.xml | 11 ++
|
|
||||||
src/libostree/ostree-repo-checkout.c | 129 ++++++++++++++++++++-
|
|
||||||
src/libostree/ostree-repo.h | 5 +-
|
|
||||||
src/libostree/ostree-sysroot-deploy.c | 2 +-
|
|
||||||
src/ostree/ot-builtin-checkout.c | 7 +-
|
|
||||||
tests/archive-test.sh | 7 +-
|
|
||||||
tests/basic-test.sh | 29 ++++-
|
|
||||||
tests/kolainst/data-shared/libtest-core.sh | 7 ++
|
|
||||||
tests/libtest.sh | 52 ++++++++-
|
|
||||||
tests/test-admin-deploy-whiteouts.sh | 42 +++++++
|
|
||||||
13 files changed, 292 insertions(+), 9 deletions(-)
|
|
||||||
create mode 100755 tests/test-admin-deploy-whiteouts.sh
|
|
||||||
|
|
||||||
--- a/Makefile-tests.am
|
|
||||||
+++ b/Makefile-tests.am
|
|
||||||
@@ -107,6 +107,7 @@ _installed_or_uninstalled_test_scripts = \
|
|
||||||
tests/test-admin-deploy-nomerge.sh \
|
|
||||||
tests/test-admin-deploy-none.sh \
|
|
||||||
tests/test-admin-deploy-bootid-gc.sh \
|
|
||||||
+ tests/test-admin-deploy-whiteouts.sh \
|
|
||||||
tests/test-osupdate-dtb.sh \
|
|
||||||
tests/test-admin-instutil-set-kargs.sh \
|
|
||||||
tests/test-admin-upgrade-not-backwards.sh \
|
|
||||||
diff --git a/bash/ostree b/bash/ostree
|
|
||||||
index 46363315..6f3b86ea 100644
|
|
||||||
--- a/bash/ostree
|
|
||||||
+++ b/bash/ostree
|
|
||||||
@@ -249,6 +249,7 @@ _ostree_checkout() {
|
|
||||||
--union-identical
|
|
||||||
--user-mode -U
|
|
||||||
--whiteouts
|
|
||||||
+ --process-passthrough-whiteouts
|
|
||||||
"
|
|
||||||
|
|
||||||
local options_with_args="
|
|
||||||
diff --git a/man/ostree-checkout.xml b/man/ostree-checkout.xml
|
|
||||||
index 4ed53a91..8f7d4f9b 100644
|
|
||||||
--- a/man/ostree-checkout.xml
|
|
||||||
+++ b/man/ostree-checkout.xml
|
|
||||||
@@ -114,6 +114,17 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
|
|
||||||
</para></listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
+ <varlistentry>
|
|
||||||
+ <term><option>--process-passthrough-whiteouts</option></term>
|
|
||||||
+
|
|
||||||
+ <listitem><para>
|
|
||||||
+ Enable overlayfs whiteout extraction into 0:0 character devices.
|
|
||||||
+ Overlayfs whiteouts are encoded inside ostree as <literal>.ostree-wh.filename</literal>
|
|
||||||
+ and extracted as 0:0 character devices. This is useful to carry
|
|
||||||
+ container storage embedded into ostree.
|
|
||||||
+ </para></listitem>
|
|
||||||
+ </varlistentry>
|
|
||||||
+
|
|
||||||
<varlistentry>
|
|
||||||
<term><option>--allow-noent</option></term>
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-repo-checkout.c b/src/libostree/ostree-repo-checkout.c
|
|
||||||
index 663292a9..7c7d0cc7 100644
|
|
||||||
--- a/src/libostree/ostree-repo-checkout.c
|
|
||||||
+++ b/src/libostree/ostree-repo-checkout.c
|
|
||||||
@@ -35,6 +35,8 @@
|
|
||||||
#define WHITEOUT_PREFIX ".wh."
|
|
||||||
#define OPAQUE_WHITEOUT_NAME ".wh..wh..opq"
|
|
||||||
|
|
||||||
+#define OVERLAYFS_WHITEOUT_PREFIX ".ostree-wh."
|
|
||||||
+
|
|
||||||
/* Per-checkout call state/caching */
|
|
||||||
typedef struct {
|
|
||||||
GString *path_buf; /* buffer for real path if filtering enabled */
|
|
||||||
@@ -582,6 +584,117 @@ checkout_file_hardlink (OstreeRepo *self,
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static gboolean
|
|
||||||
+_checkout_overlayfs_whiteout_at_no_overwrite (OstreeRepoCheckoutAtOptions *options,
|
|
||||||
+ int destination_dfd,
|
|
||||||
+ const char *destination_name,
|
|
||||||
+ GFileInfo *file_info,
|
|
||||||
+ GVariant *xattrs,
|
|
||||||
+ gboolean *found_exant_file,
|
|
||||||
+ GCancellable *cancellable,
|
|
||||||
+ GError **error)
|
|
||||||
+{
|
|
||||||
+ if (found_exant_file != NULL)
|
|
||||||
+ *found_exant_file = FALSE;
|
|
||||||
+ guint32 file_mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode");
|
|
||||||
+ if (mknodat(destination_dfd, destination_name, (file_mode & ~S_IFMT) | S_IFCHR, (dev_t)0) < 0)
|
|
||||||
+ {
|
|
||||||
+ if (errno == EEXIST && found_exant_file != NULL)
|
|
||||||
+ {
|
|
||||||
+ *found_exant_file = TRUE;
|
|
||||||
+ return TRUE;
|
|
||||||
+ }
|
|
||||||
+ return glnx_throw_errno_prefix (error, "Creating whiteout char device");
|
|
||||||
+ }
|
|
||||||
+ if (options->mode != OSTREE_REPO_CHECKOUT_MODE_USER)
|
|
||||||
+ {
|
|
||||||
+ if (xattrs != NULL &&
|
|
||||||
+ !glnx_dfd_name_set_all_xattrs(destination_dfd, destination_name, xattrs,
|
|
||||||
+ cancellable, error))
|
|
||||||
+ return glnx_throw_errno_prefix (error, "Setting xattrs for whiteout char device");
|
|
||||||
+
|
|
||||||
+ if (TEMP_FAILURE_RETRY(fchownat(destination_dfd, destination_name,
|
|
||||||
+ g_file_info_get_attribute_uint32 (file_info, "unix::uid"),
|
|
||||||
+ g_file_info_get_attribute_uint32 (file_info, "unix::gid"),
|
|
||||||
+ AT_SYMLINK_NOFOLLOW) < 0))
|
|
||||||
+ return glnx_throw_errno_prefix (error, "fchownat");
|
|
||||||
+ if (TEMP_FAILURE_RETRY (fchmodat (destination_dfd, destination_name, file_mode & ~S_IFMT, 0)) < 0)
|
|
||||||
+ return glnx_throw_errno_prefix (error, "fchmodat %s to 0%o", destination_name, file_mode & ~S_IFMT);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ return TRUE;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static gboolean
|
|
||||||
+_checkout_overlayfs_whiteout_at (OstreeRepo *repo,
|
|
||||||
+ OstreeRepoCheckoutAtOptions *options,
|
|
||||||
+ int destination_dfd,
|
|
||||||
+ const char *destination_name,
|
|
||||||
+ GFileInfo *file_info,
|
|
||||||
+ GVariant *xattrs,
|
|
||||||
+ GCancellable *cancellable,
|
|
||||||
+ GError **error)
|
|
||||||
+{
|
|
||||||
+ gboolean found_exant_file = FALSE;
|
|
||||||
+ if (!_checkout_overlayfs_whiteout_at_no_overwrite(options, destination_dfd, destination_name,
|
|
||||||
+ file_info, xattrs,&found_exant_file,
|
|
||||||
+ cancellable, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+
|
|
||||||
+ if (!found_exant_file)
|
|
||||||
+ return TRUE;
|
|
||||||
+
|
|
||||||
+ guint32 uid = g_file_info_get_attribute_uint32 (file_info, "unix::uid");
|
|
||||||
+ guint32 gid = g_file_info_get_attribute_uint32 (file_info, "unix::gid");
|
|
||||||
+ guint32 file_mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode");
|
|
||||||
+
|
|
||||||
+ struct stat dest_stbuf;
|
|
||||||
+
|
|
||||||
+ switch(options->overwrite_mode)
|
|
||||||
+ {
|
|
||||||
+ case OSTREE_REPO_CHECKOUT_OVERWRITE_NONE:
|
|
||||||
+ return FALSE;
|
|
||||||
+ case OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_FILES:
|
|
||||||
+ if (!ot_ensure_unlinked_at (destination_dfd, destination_name, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ return _checkout_overlayfs_whiteout_at_no_overwrite(options, destination_dfd, destination_name,
|
|
||||||
+ file_info, xattrs, NULL, cancellable, error);
|
|
||||||
+ case OSTREE_REPO_CHECKOUT_OVERWRITE_ADD_FILES:
|
|
||||||
+ return TRUE;
|
|
||||||
+
|
|
||||||
+ case OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_IDENTICAL:
|
|
||||||
+ if (!glnx_fstatat(destination_dfd, destination_name, &dest_stbuf, AT_SYMLINK_NOFOLLOW,
|
|
||||||
+ error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ if (!(repo->disable_xattrs || repo->mode == OSTREE_REPO_MODE_BARE_USER_ONLY))
|
|
||||||
+ {
|
|
||||||
+ g_autoptr(GVariant) fs_xattrs;
|
|
||||||
+ if (!glnx_dfd_name_get_all_xattrs (destination_dfd, destination_name,
|
|
||||||
+ &fs_xattrs, cancellable, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ if (!g_variant_equal(fs_xattrs, xattrs))
|
|
||||||
+ return glnx_throw(error, "existing destination file %s xattrs don't match",
|
|
||||||
+ destination_name);
|
|
||||||
+ }
|
|
||||||
+ if (options->mode != OSTREE_REPO_CHECKOUT_MODE_USER)
|
|
||||||
+ {
|
|
||||||
+ if (gid != dest_stbuf.st_gid)
|
|
||||||
+ return glnx_throw(error, "existing destination file %s does not match gid %d",
|
|
||||||
+ destination_name, gid);
|
|
||||||
+
|
|
||||||
+ if (uid != dest_stbuf.st_uid)
|
|
||||||
+ return glnx_throw(error, "existing destination file %s does not match uid %d",
|
|
||||||
+ destination_name, gid);
|
|
||||||
+
|
|
||||||
+ if ((file_mode & ALLPERMS) != (dest_stbuf.st_mode & ALLPERMS))
|
|
||||||
+ return glnx_throw(error, "existing destination file %s does not match mode %o",
|
|
||||||
+ destination_name, file_mode);
|
|
||||||
+ }
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ return TRUE;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static gboolean
|
|
||||||
checkout_one_file_at (OstreeRepo *repo,
|
|
||||||
OstreeRepoCheckoutAtOptions *options,
|
|
||||||
@@ -603,7 +716,8 @@ checkout_one_file_at (OstreeRepo *repo,
|
|
||||||
|
|
||||||
/* FIXME - avoid the GFileInfo here */
|
|
||||||
g_autoptr(GFileInfo) source_info = NULL;
|
|
||||||
- if (!ostree_repo_load_file (repo, checksum, NULL, &source_info, NULL,
|
|
||||||
+ g_autoptr(GVariant) source_xattrs = NULL;
|
|
||||||
+ if (!ostree_repo_load_file (repo, checksum, NULL, &source_info, &source_xattrs,
|
|
||||||
cancellable, error))
|
|
||||||
return FALSE;
|
|
||||||
|
|
||||||
@@ -623,6 +737,7 @@ checkout_one_file_at (OstreeRepo *repo,
|
|
||||||
const gboolean is_unreadable = (!is_symlink && (source_mode & S_IRUSR) == 0);
|
|
||||||
const gboolean is_whiteout = (!is_symlink && options->process_whiteouts &&
|
|
||||||
g_str_has_prefix (destination_name, WHITEOUT_PREFIX));
|
|
||||||
+ const gboolean is_overlayfs_whiteout = (!is_symlink && g_str_has_prefix (destination_name, OVERLAYFS_WHITEOUT_PREFIX));
|
|
||||||
const gboolean is_reg_zerosized = (!is_symlink && g_file_info_get_size (source_info) == 0);
|
|
||||||
const gboolean override_user_unreadable = (options->mode == OSTREE_REPO_CHECKOUT_MODE_USER && is_unreadable);
|
|
||||||
|
|
||||||
@@ -643,6 +758,18 @@ checkout_one_file_at (OstreeRepo *repo,
|
|
||||||
|
|
||||||
need_copy = FALSE;
|
|
||||||
}
|
|
||||||
+ else if (is_overlayfs_whiteout && options->process_passthrough_whiteouts)
|
|
||||||
+ {
|
|
||||||
+ const char *name = destination_name + (sizeof (OVERLAYFS_WHITEOUT_PREFIX) - 1);
|
|
||||||
+
|
|
||||||
+ if (!name[0])
|
|
||||||
+ return glnx_throw (error, "Invalid empty overlayfs whiteout '%s'", name);
|
|
||||||
+
|
|
||||||
+ g_assert (name[0] != '/'); /* Sanity */
|
|
||||||
+
|
|
||||||
+ return _checkout_overlayfs_whiteout_at(repo, options, destination_dfd, name,
|
|
||||||
+ source_info, source_xattrs, cancellable, error);
|
|
||||||
+ }
|
|
||||||
else if (is_reg_zerosized || override_user_unreadable)
|
|
||||||
{
|
|
||||||
/* In https://github.com/ostreedev/ostree/commit/673cacd633f9d6b653cdea530657d3e780a41bbd we
|
|
||||||
diff --git a/src/libostree/ostree-repo.h b/src/libostree/ostree-repo.h
|
|
||||||
index 98571170..b3d7f986 100644
|
|
||||||
--- a/src/libostree/ostree-repo.h
|
|
||||||
+++ b/src/libostree/ostree-repo.h
|
|
||||||
@@ -989,8 +989,9 @@ typedef struct {
|
|
||||||
gboolean force_copy; /* Since: 2017.6 */
|
|
||||||
gboolean bareuseronly_dirs; /* Since: 2017.7 */
|
|
||||||
gboolean force_copy_zerosized; /* Since: 2018.9 */
|
|
||||||
- gboolean unused_bools[4];
|
|
||||||
- /* 4 byte hole on 64 bit */
|
|
||||||
+ gboolean process_passthrough_whiteouts;
|
|
||||||
+ gboolean unused_bools[3];
|
|
||||||
+ /* 3 byte hole on 64 bit */
|
|
||||||
|
|
||||||
const char *subpath;
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
index 404f336f..5c98103b 100644
|
|
||||||
--- a/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
+++ b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
@@ -641,7 +641,7 @@ checkout_deployment_tree (OstreeSysroot *sysroot,
|
|
||||||
return FALSE;
|
|
||||||
|
|
||||||
/* Generate hardlink farm, then opendir it */
|
|
||||||
- OstreeRepoCheckoutAtOptions checkout_opts = { 0, };
|
|
||||||
+ OstreeRepoCheckoutAtOptions checkout_opts = { .process_passthrough_whiteouts = TRUE };
|
|
||||||
if (!ostree_repo_checkout_at (repo, &checkout_opts, osdeploy_dfd,
|
|
||||||
checkout_target_name, csum,
|
|
||||||
cancellable, error))
|
|
||||||
diff --git a/src/ostree/ot-builtin-checkout.c b/src/ostree/ot-builtin-checkout.c
|
|
||||||
index d69c8b0b..bfa43885 100644
|
|
||||||
--- a/src/ostree/ot-builtin-checkout.c
|
|
||||||
+++ b/src/ostree/ot-builtin-checkout.c
|
|
||||||
@@ -37,6 +37,7 @@ static gboolean opt_union;
|
|
||||||
static gboolean opt_union_add;
|
|
||||||
static gboolean opt_union_identical;
|
|
||||||
static gboolean opt_whiteouts;
|
|
||||||
+static gboolean opt_process_passthrough_whiteouts;
|
|
||||||
static gboolean opt_from_stdin;
|
|
||||||
static char *opt_from_file;
|
|
||||||
static gboolean opt_disable_fsync;
|
|
||||||
@@ -77,6 +78,7 @@ static GOptionEntry options[] = {
|
|
||||||
{ "union-add", 0, 0, G_OPTION_ARG_NONE, &opt_union_add, "Keep existing files/directories, only add new", NULL },
|
|
||||||
{ "union-identical", 0, 0, G_OPTION_ARG_NONE, &opt_union_identical, "When layering checkouts, error out if a file would be replaced with a different version, but add new files and directories", NULL },
|
|
||||||
{ "whiteouts", 0, 0, G_OPTION_ARG_NONE, &opt_whiteouts, "Process 'whiteout' (Docker style) entries", NULL },
|
|
||||||
+ { "process-passthrough-whiteouts", 0, 0, G_OPTION_ARG_NONE, &opt_process_passthrough_whiteouts, "Enable overlayfs whiteout extraction into char 0:0 devices", NULL },
|
|
||||||
{ "allow-noent", 0, 0, G_OPTION_ARG_NONE, &opt_allow_noent, "Do nothing if specified path does not exist", NULL },
|
|
||||||
{ "from-stdin", 0, 0, G_OPTION_ARG_NONE, &opt_from_stdin, "Process many checkouts from standard input", NULL },
|
|
||||||
{ "from-file", 0, 0, G_OPTION_ARG_STRING, &opt_from_file, "Process many checkouts from input file", "FILE" },
|
|
||||||
@@ -129,7 +131,8 @@ process_one_checkout (OstreeRepo *repo,
|
|
||||||
if (opt_disable_cache || opt_whiteouts || opt_require_hardlinks ||
|
|
||||||
opt_union_add || opt_force_copy || opt_force_copy_zerosized ||
|
|
||||||
opt_bareuseronly_dirs || opt_union_identical ||
|
|
||||||
- opt_skiplist_file || opt_selinux_policy || opt_selinux_prefix)
|
|
||||||
+ opt_skiplist_file || opt_selinux_policy || opt_selinux_prefix ||
|
|
||||||
+ opt_process_passthrough_whiteouts)
|
|
||||||
{
|
|
||||||
OstreeRepoCheckoutAtOptions checkout_options = { 0, };
|
|
||||||
|
|
||||||
@@ -162,6 +165,8 @@ process_one_checkout (OstreeRepo *repo,
|
|
||||||
}
|
|
||||||
if (opt_whiteouts)
|
|
||||||
checkout_options.process_whiteouts = TRUE;
|
|
||||||
+ if (opt_process_passthrough_whiteouts)
|
|
||||||
+ checkout_options.process_passthrough_whiteouts = TRUE;
|
|
||||||
if (subpath)
|
|
||||||
checkout_options.subpath = subpath;
|
|
||||||
|
|
||||||
diff --git a/tests/archive-test.sh b/tests/archive-test.sh
|
|
||||||
index b6d84979..6b45790e 100644
|
|
||||||
--- a/tests/archive-test.sh
|
|
||||||
+++ b/tests/archive-test.sh
|
|
||||||
@@ -71,6 +71,11 @@ mkdir -p test-overlays
|
|
||||||
date > test-overlays/overlaid-file
|
|
||||||
$OSTREE commit ${COMMIT_ARGS} -b test-base --base test2 --owner-uid 42 --owner-gid 42 test-overlays/
|
|
||||||
$OSTREE ls -R test-base > ls.txt
|
|
||||||
-assert_streq "$(wc -l < ls.txt)" 14
|
|
||||||
+if can_create_whiteout_devices; then
|
|
||||||
+ assert_streq "$(wc -l < ls.txt)" 17
|
|
||||||
+else
|
|
||||||
+ assert_streq "$(wc -l < ls.txt)" 14
|
|
||||||
+fi
|
|
||||||
+
|
|
||||||
assert_streq "$(grep '42.*42' ls.txt | wc -l)" 2
|
|
||||||
echo "ok commit overlay base"
|
|
||||||
diff --git a/tests/basic-test.sh b/tests/basic-test.sh
|
|
||||||
index 04506c3d..0878e6f6 100644
|
|
||||||
--- a/tests/basic-test.sh
|
|
||||||
+++ b/tests/basic-test.sh
|
|
||||||
@@ -19,7 +19,7 @@
|
|
||||||
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
-echo "1..$((87 + ${extra_basic_tests:-0}))"
|
|
||||||
+echo "1..$((89 + ${extra_basic_tests:-0}))"
|
|
||||||
|
|
||||||
CHECKOUT_U_ARG=""
|
|
||||||
CHECKOUT_H_ARGS="-H"
|
|
||||||
@@ -1187,3 +1187,30 @@ if test "$(id -u)" != "0"; then
|
|
||||||
else
|
|
||||||
echo "ok # SKIP not run when root"
|
|
||||||
fi
|
|
||||||
+
|
|
||||||
+if ! skip_one_without_whiteouts_devices; then
|
|
||||||
+ cd ${test_tmpdir}
|
|
||||||
+ rm checkout-test2 -rf
|
|
||||||
+ $OSTREE checkout test2 checkout-test2
|
|
||||||
+
|
|
||||||
+ assert_not_has_file checkout-test2/whiteouts/whiteout
|
|
||||||
+ assert_not_has_file checkout-test2/whiteouts/whiteout2
|
|
||||||
+ assert_has_file checkout-test2/whiteouts/.ostree-wh.whiteout
|
|
||||||
+ assert_has_file checkout-test2/whiteouts/.ostree-wh.whiteout2
|
|
||||||
+
|
|
||||||
+ echo "ok checkout: no whiteout passthrough by default"
|
|
||||||
+fi
|
|
||||||
+
|
|
||||||
+if ! skip_one_without_whiteouts_devices; then
|
|
||||||
+ cd ${test_tmpdir}
|
|
||||||
+ rm checkout-test2 -rf
|
|
||||||
+ $OSTREE checkout --process-passthrough-whiteouts test2 checkout-test2
|
|
||||||
+
|
|
||||||
+ assert_not_has_file checkout-test2/whiteouts/.ostree-wh.whiteout
|
|
||||||
+ assert_not_has_file checkout-test2/whiteouts/.ostree-wh.whiteout2
|
|
||||||
+
|
|
||||||
+ assert_is_whiteout_device checkout-test2/whiteouts/whiteout
|
|
||||||
+ assert_is_whiteout_device checkout-test2/whiteouts/whiteout2
|
|
||||||
+
|
|
||||||
+ echo "ok checkout: whiteout with overlayfs passthrough processing"
|
|
||||||
+fi
|
|
||||||
diff --git a/tests/libtest.sh b/tests/libtest.sh
|
|
||||||
index 686f08dc..5830f210 100755
|
|
||||||
--- a/tests/libtest.sh
|
|
||||||
+++ b/tests/libtest.sh
|
|
||||||
@@ -148,6 +148,20 @@ if ! have_selinux_relabel; then
|
|
||||||
fi
|
|
||||||
echo done
|
|
||||||
|
|
||||||
+# whiteout char 0:0 devices can be created as regular users, but
|
|
||||||
+# cannot be created inside containers mounted via overlayfs
|
|
||||||
+can_create_whiteout_devices() {
|
|
||||||
+ mknod -m 000 ${test_tmpdir}/.test-whiteout c 0 0 || return 1
|
|
||||||
+ rm -f ${test_tmpdir}/.test-whiteout
|
|
||||||
+ return 0
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+echo -n checking for overlayfs whiteouts...
|
|
||||||
+if ! can_create_whiteout_devices; then
|
|
||||||
+ export OSTREE_NO_WHITEOUTS=1
|
|
||||||
+fi
|
|
||||||
+echo done
|
|
||||||
+
|
|
||||||
if test -n "${OT_TESTS_DEBUG:-}"; then
|
|
||||||
set -x
|
|
||||||
fi
|
|
||||||
@@ -245,6 +259,15 @@ setup_test_repository () {
|
|
||||||
ln -s nonexistent baz/alink
|
|
||||||
mkdir baz/another/
|
|
||||||
echo x > baz/another/y
|
|
||||||
+
|
|
||||||
+ # if we are running inside a container we cannot test
|
|
||||||
+ # the overlayfs whiteout marker passthrough
|
|
||||||
+ if ! test -n "${OSTREE_NO_WHITEOUTS:-}"; then
|
|
||||||
+ mkdir whiteouts
|
|
||||||
+ touch whiteouts/.ostree-wh.whiteout
|
|
||||||
+ touch whiteouts/.ostree-wh.whiteout2
|
|
||||||
+ chmod 755 whiteouts/.ostree-wh.whiteout2
|
|
||||||
+ fi
|
|
||||||
umask "${oldumask}"
|
|
||||||
|
|
||||||
cd ${test_tmpdir}/files
|
|
||||||
@@ -406,7 +429,7 @@ setup_os_repository () {
|
|
||||||
mkdir osdata
|
|
||||||
cd osdata
|
|
||||||
kver=3.6.0
|
|
||||||
- mkdir -p usr/bin ${bootdir} usr/lib/modules/${kver} usr/share usr/etc
|
|
||||||
+ mkdir -p usr/bin ${bootdir} usr/lib/modules/${kver} usr/share usr/etc usr/container/layers/abcd
|
|
||||||
kernel_path=${bootdir}/vmlinuz
|
|
||||||
initramfs_path=${bootdir}/initramfs.img
|
|
||||||
# the HMAC file is only in /usr/lib/modules
|
|
||||||
@@ -449,6 +472,17 @@ EOF
|
|
||||||
mkdir -p usr/etc/testdirectory
|
|
||||||
echo "a default daemon file" > usr/etc/testdirectory/test
|
|
||||||
|
|
||||||
+ # if we are running inside a container we cannot test
|
|
||||||
+ # the overlayfs whiteout marker passthrough
|
|
||||||
+ if ! test -n "${OSTREE_NO_WHITEOUTS:-}"; then
|
|
||||||
+ # overlayfs whiteout passhthrough marker files
|
|
||||||
+ touch usr/container/layers/abcd/.ostree-wh.whiteout
|
|
||||||
+ chmod 400 usr/container/layers/abcd/.ostree-wh.whiteout
|
|
||||||
+
|
|
||||||
+ touch usr/container/layers/abcd/.ostree-wh.whiteout2
|
|
||||||
+ chmod 777 usr/container/layers/abcd/.ostree-wh.whiteout2
|
|
||||||
+ fi
|
|
||||||
+
|
|
||||||
${CMD_PREFIX} ostree --repo=${test_tmpdir}/testos-repo commit ${bootable_flag} --add-metadata-string version=1.0.9 -b testos/buildmain/x86_64-runtime -s "Build"
|
|
||||||
|
|
||||||
# Ensure these commits have distinct second timestamps
|
|
||||||
@@ -588,6 +622,22 @@ skip_without_user_xattrs () {
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
+# Usage: if ! skip_one_without_whiteouts_devices; then ... more tests ...; fi
|
|
||||||
+skip_one_without_whiteouts_devices() {
|
|
||||||
+ if ! can_create_whiteout_devices; then
|
|
||||||
+ echo "ok # SKIP - this test requires whiteout device support (test outside containers)"
|
|
||||||
+ return 0
|
|
||||||
+ else
|
|
||||||
+ return 1
|
|
||||||
+ fi
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+skip_without_whiteouts_devices () {
|
|
||||||
+ if ! can_create_whiteout_devices; then
|
|
||||||
+ skip "this test requires whiteout device support (test outside containers)"
|
|
||||||
+ fi
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
_have_systemd_and_libmount=''
|
|
||||||
have_systemd_and_libmount() {
|
|
||||||
if test "${_have_systemd_and_libmount}" = ''; then
|
|
||||||
diff --git a/tests/test-admin-deploy-whiteouts.sh b/tests/test-admin-deploy-whiteouts.sh
|
|
||||||
new file mode 100755
|
|
||||||
index 00000000..66421949
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/tests/test-admin-deploy-whiteouts.sh
|
|
||||||
@@ -0,0 +1,42 @@
|
|
||||||
+#!/bin/bash
|
|
||||||
+#
|
|
||||||
+# Copyright (C) 2022 Red Hat, Inc.
|
|
||||||
+#
|
|
||||||
+# SPDX-License-Identifier: LGPL-2.0+
|
|
||||||
+#
|
|
||||||
+# This library is free software; you can redistribute it and/or
|
|
||||||
+# modify it under the terms of the GNU Lesser General Public
|
|
||||||
+# License as published by the Free Software Foundation; either
|
|
||||||
+# version 2 of the License, or (at your option) any later version.
|
|
||||||
+#
|
|
||||||
+# This library is distributed in the hope that it will be useful,
|
|
||||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
||||||
+# Lesser General Public License for more details.
|
|
||||||
+#
|
|
||||||
+# You should have received a copy of the GNU Lesser General Public
|
|
||||||
+# License along with this library. If not, see <https://www.gnu.org/licenses/>.
|
|
||||||
+
|
|
||||||
+set -euox pipefail
|
|
||||||
+
|
|
||||||
+. $(dirname $0)/libtest.sh
|
|
||||||
+
|
|
||||||
+skip_without_whiteouts_devices
|
|
||||||
+
|
|
||||||
+# Exports OSTREE_SYSROOT so --sysroot not needed.
|
|
||||||
+setup_os_repository "archive" "syslinux"
|
|
||||||
+${CMD_PREFIX} ostree --repo=sysroot/ostree/repo pull-local --remote=testos testos-repo testos/buildmain/x86_64-runtime
|
|
||||||
+
|
|
||||||
+echo "1..3"
|
|
||||||
+${CMD_PREFIX} ostree admin deploy --os=testos --karg=root=LABEL=foo --karg=testkarg=1 testos:testos/buildmain/x86_64-runtime
|
|
||||||
+origdeployment=$(${CMD_PREFIX} ostree admin --sysroot=sysroot --print-current-dir)
|
|
||||||
+
|
|
||||||
+assert_is_whiteout_device "${origdeployment}"/usr/container/layers/abcd/whiteout
|
|
||||||
+echo "ok whiteout deployment"
|
|
||||||
+
|
|
||||||
+assert_not_has_file "${origdeployment}"/usr/container/layers/abcd/.ostree-wh.whiteout
|
|
||||||
+echo "ok .ostree-wh.whiteout not created"
|
|
||||||
+
|
|
||||||
+assert_file_has_mode "${origdeployment}"/usr/container/layers/abcd/whiteout 400
|
|
||||||
+assert_file_has_mode "${origdeployment}"/usr/container/layers/abcd/whiteout2 777
|
|
||||||
+echo "ok whiteout permissions are preserved"
|
|
||||||
--
|
|
||||||
2.37.3
|
|
||||||
|
|
@ -1,40 +0,0 @@
|
|||||||
From e5b45f861a4d5738679f37d46ebca6e171bb3212 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Colin Walters <walters@verbum.org>
|
|
||||||
Date: Mon, 4 Apr 2022 10:25:35 -0400
|
|
||||||
Subject: [PATCH 2/6] libarchive: Handle `archive_entry_symlink()` returning
|
|
||||||
NULL
|
|
||||||
|
|
||||||
The `archive_entry_symlink()` API can definitely return `NULL`,
|
|
||||||
reading through the libarchive sources.
|
|
||||||
|
|
||||||
I hit this in the wild when using old ostree-ext to try to unpack
|
|
||||||
a chunked archive.
|
|
||||||
|
|
||||||
I didn't try to characterize this more, and sorry no unit test right
|
|
||||||
now.
|
|
||||||
---
|
|
||||||
src/libostree/ostree-repo-libarchive.c | 8 ++++++--
|
|
||||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-repo-libarchive.c b/src/libostree/ostree-repo-libarchive.c
|
|
||||||
index 679aa44d..631c6d4b 100644
|
|
||||||
--- a/src/libostree/ostree-repo-libarchive.c
|
|
||||||
+++ b/src/libostree/ostree-repo-libarchive.c
|
|
||||||
@@ -146,8 +146,12 @@ file_info_from_archive_entry (struct archive_entry *entry)
|
|
||||||
|
|
||||||
g_autoptr(GFileInfo) info = _ostree_stbuf_to_gfileinfo (&stbuf);
|
|
||||||
if (S_ISLNK (stbuf.st_mode))
|
|
||||||
- g_file_info_set_attribute_byte_string (info, "standard::symlink-target",
|
|
||||||
- archive_entry_symlink (entry));
|
|
||||||
+ {
|
|
||||||
+ const char *target = archive_entry_symlink (entry);
|
|
||||||
+ if (target != NULL)
|
|
||||||
+ g_file_info_set_attribute_byte_string (info, "standard::symlink-target",
|
|
||||||
+ target);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
return g_steal_pointer (&info);
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,82 +0,0 @@
|
|||||||
From 4a997ae08605ebe6ca02d9f422082f954e667a6c Mon Sep 17 00:00:00 2001
|
|
||||||
From: Simon McVittie <smcv@collabora.com>
|
|
||||||
Date: Sat, 30 Apr 2022 12:20:11 +0100
|
|
||||||
Subject: [PATCH 3/6] repo: Factor out _ostree_repo_auto_transaction_new()
|
|
||||||
|
|
||||||
This will allow the direct allocation in
|
|
||||||
ostree_repo_prepare_transaction() to be replaced with a call to this
|
|
||||||
function, avoiding breaking encapsulation.
|
|
||||||
|
|
||||||
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
||||||
(cherry picked from commit 540e60c3e3ace66dd4e6cf825488fc918260a642)
|
|
||||||
---
|
|
||||||
src/libostree/ostree-repo-private.h | 4 ++++
|
|
||||||
src/libostree/ostree-repo.c | 32 ++++++++++++++++++++++++-----
|
|
||||||
2 files changed, 31 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-repo-private.h b/src/libostree/ostree-repo-private.h
|
|
||||||
index 988c2179..96253e77 100644
|
|
||||||
--- a/src/libostree/ostree-repo-private.h
|
|
||||||
+++ b/src/libostree/ostree-repo-private.h
|
|
||||||
@@ -554,4 +554,8 @@ GType _ostree_repo_auto_transaction_get_type (void);
|
|
||||||
|
|
||||||
G_DEFINE_AUTOPTR_CLEANUP_FUNC (OstreeRepoAutoTransaction, _ostree_repo_auto_transaction_unref);
|
|
||||||
|
|
||||||
+/* Internal function to break a circular dependency:
|
|
||||||
+ * should not be made into public API, even if the rest is */
|
|
||||||
+OstreeRepoAutoTransaction *_ostree_repo_auto_transaction_new (OstreeRepo *repo);
|
|
||||||
+
|
|
||||||
G_END_DECLS
|
|
||||||
diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c
|
|
||||||
index a27591b3..f6bffd60 100644
|
|
||||||
--- a/src/libostree/ostree-repo.c
|
|
||||||
+++ b/src/libostree/ostree-repo.c
|
|
||||||
@@ -709,6 +709,32 @@ ostree_repo_auto_lock_cleanup (OstreeRepoAutoLock *auto_lock)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
+/**
|
|
||||||
+ * _ostree_repo_auto_transaction_new:
|
|
||||||
+ * @repo: (not nullable): an #OsreeRepo object
|
|
||||||
+ * @cancellable: Cancellable
|
|
||||||
+ * @error: a #GError
|
|
||||||
+ *
|
|
||||||
+ * Return a guard for a transaction in @repo.
|
|
||||||
+ *
|
|
||||||
+ * Do not call this function outside the OstreeRepo transaction implementation.
|
|
||||||
+ * Use _ostree_repo_auto_transaction_start() instead.
|
|
||||||
+ *
|
|
||||||
+ * Returns: (transfer full): an #OstreeRepoAutoTransaction guard on success,
|
|
||||||
+ * %NULL otherwise.
|
|
||||||
+ */
|
|
||||||
+OstreeRepoAutoTransaction *
|
|
||||||
+_ostree_repo_auto_transaction_new (OstreeRepo *repo)
|
|
||||||
+{
|
|
||||||
+ g_assert (repo != NULL);
|
|
||||||
+
|
|
||||||
+ OstreeRepoAutoTransaction *txn = g_malloc(sizeof(OstreeRepoAutoTransaction));
|
|
||||||
+ txn->atomic_refcount = 1;
|
|
||||||
+ txn->repo = g_object_ref (repo);
|
|
||||||
+
|
|
||||||
+ return g_steal_pointer (&txn);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/**
|
|
||||||
* _ostree_repo_auto_transaction_start:
|
|
||||||
* @repo: (not nullable): an #OsreeRepo object
|
|
||||||
@@ -730,11 +756,7 @@ _ostree_repo_auto_transaction_start (OstreeRepo *repo,
|
|
||||||
if (!ostree_repo_prepare_transaction (repo, NULL, cancellable, error))
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
- OstreeRepoAutoTransaction *txn = g_malloc(sizeof(OstreeRepoAutoTransaction));
|
|
||||||
- txn->atomic_refcount = 1;
|
|
||||||
- txn->repo = g_object_ref (repo);
|
|
||||||
-
|
|
||||||
- return g_steal_pointer (&txn);
|
|
||||||
+ return _ostree_repo_auto_transaction_new (repo);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,39 +0,0 @@
|
|||||||
From 51c7960bea081446ad217e9725408ce5cb531157 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Simon McVittie <smcv@collabora.com>
|
|
||||||
Date: Sat, 30 Apr 2022 12:53:42 +0100
|
|
||||||
Subject: [PATCH 4/6] repo: Correctly initialize refcount of temporary
|
|
||||||
transaction
|
|
||||||
|
|
||||||
Previously, the reference count was left uninitialized as a result of
|
|
||||||
bypassing the constructor, and the intended abort-on-error usually
|
|
||||||
wouldn't have happened.
|
|
||||||
|
|
||||||
Fixes: 8a9737a "repo/private: move OstreeRepoAutoTransaction to a boxed type"
|
|
||||||
Resolves: https://github.com/ostreedev/ostree/issues/2592
|
|
||||||
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
||||||
(cherry picked from commit 71304e854cdb344adb8b1ae7866929fbdde6c327)
|
|
||||||
---
|
|
||||||
src/libostree/ostree-repo-commit.c | 6 +++---
|
|
||||||
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
|
|
||||||
index 5b16be5b..dba98c32 100644
|
|
||||||
--- a/src/libostree/ostree-repo-commit.c
|
|
||||||
+++ b/src/libostree/ostree-repo-commit.c
|
|
||||||
@@ -1688,10 +1688,10 @@ ostree_repo_prepare_transaction (OstreeRepo *self,
|
|
||||||
g_debug ("Preparing transaction in repository %p", self);
|
|
||||||
|
|
||||||
/* Set up to abort the transaction if we return early from this function.
|
|
||||||
- * This needs to be manually built here due to a circular dependency. */
|
|
||||||
- g_autoptr(OstreeRepoAutoTransaction) txn = g_malloc(sizeof(OstreeRepoAutoTransaction));
|
|
||||||
+ * We can't call _ostree_repo_auto_transaction_start() here, because that
|
|
||||||
+ * would be a circular dependency; use the lower-level version instead. */
|
|
||||||
+ g_autoptr(OstreeRepoAutoTransaction) txn = _ostree_repo_auto_transaction_new (self);
|
|
||||||
g_assert (txn != NULL);
|
|
||||||
- txn->repo = self;
|
|
||||||
|
|
||||||
memset (&self->txn.stats, 0, sizeof (OstreeRepoTransactionStats));
|
|
||||||
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,172 +0,0 @@
|
|||||||
From 62e62bcfd8a1770b906faed083d11e451a50f566 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
||||||
Date: Wed, 9 Mar 2022 15:27:11 +0100
|
|
||||||
Subject: [PATCH 5/6] deploy: Try to rebuild policy in new deployment if needed
|
|
||||||
|
|
||||||
Whenever the user has SELinux enabled and has any local
|
|
||||||
modules/modifications installed, it is necessary to rebuild the policy
|
|
||||||
in the final deployment, otherwise ostree will leave the binary policy
|
|
||||||
files unchanged from last deployment as it detects difference against
|
|
||||||
the base content (in rpm-ostree case this is the RPM content).
|
|
||||||
|
|
||||||
To avoid the situation where the policy binaries go stale once any local
|
|
||||||
customization of the policy is made, try to rebuild the policy as part
|
|
||||||
of sysroot_finalize_deployment(). Use the special
|
|
||||||
--rebuild-if-modules-changed switch, which detects if the input module
|
|
||||||
files have changed relative to last time the policy was built and skips
|
|
||||||
the most time-consuming part of the rebuild process if modules are
|
|
||||||
unchanged (thus making this a relatively cheap operation if the user
|
|
||||||
hasn't made any modifications to the shipped policy).
|
|
||||||
|
|
||||||
As suggested by Jonathan Lebon, this uses bubblewrap (via
|
|
||||||
g_spawn_sync()) to perform the rebuild inside the deployment's
|
|
||||||
filesystem tree, which also means that ostree will have a runtime
|
|
||||||
dependency on bubblewrap.
|
|
||||||
|
|
||||||
Partially addresses: https://github.com/coreos/fedora-coreos-tracker/issues/701
|
|
||||||
|
|
||||||
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
|
|
||||||
(cherry picked from commit edb4f3893474736156c654aa43bdbf3784991811)
|
|
||||||
---
|
|
||||||
ci/gh-install.sh | 1 +
|
|
||||||
src/libostree/ostree-sysroot-deploy.c | 117 ++++++++++++++++++++++++++
|
|
||||||
2 files changed, 118 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
index fc5916d8..a44721d8 100644
|
|
||||||
--- a/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
+++ b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
@@ -2830,6 +2830,118 @@ get_var_dfd (OstreeSysroot *self,
|
|
||||||
return glnx_opendirat (base_dfd, base_path, TRUE, ret_fd, error);
|
|
||||||
}
|
|
||||||
|
|
||||||
+#ifdef HAVE_SELINUX
|
|
||||||
+static void
|
|
||||||
+child_setup_fchdir (gpointer data)
|
|
||||||
+{
|
|
||||||
+ int fd = (int) (uintptr_t) data;
|
|
||||||
+ int rc __attribute__((unused));
|
|
||||||
+
|
|
||||||
+ rc = fchdir (fd);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+/*
|
|
||||||
+ * Derived from rpm-ostree's rust/src/bwrap.rs
|
|
||||||
+ */
|
|
||||||
+static gboolean
|
|
||||||
+run_in_deployment (int deployment_dfd,
|
|
||||||
+ const gchar * const *child_argv,
|
|
||||||
+ gsize child_argc,
|
|
||||||
+ gint *exit_status,
|
|
||||||
+ gchar **stdout,
|
|
||||||
+ GError **error)
|
|
||||||
+{
|
|
||||||
+ static const gchar * const COMMON_ARGV[] = {
|
|
||||||
+ "/usr/bin/bwrap",
|
|
||||||
+ "--dev", "/dev", "--proc", "/proc", "--dir", "/run", "--dir", "/tmp",
|
|
||||||
+ "--chdir", "/",
|
|
||||||
+ "--die-with-parent",
|
|
||||||
+ "--unshare-pid",
|
|
||||||
+ "--unshare-uts",
|
|
||||||
+ "--unshare-ipc",
|
|
||||||
+ "--unshare-cgroup-try",
|
|
||||||
+ "--ro-bind", "/sys/block", "/sys/block",
|
|
||||||
+ "--ro-bind", "/sys/bus", "/sys/bus",
|
|
||||||
+ "--ro-bind", "/sys/class", "/sys/class",
|
|
||||||
+ "--ro-bind", "/sys/dev", "/sys/dev",
|
|
||||||
+ "--ro-bind", "/sys/devices", "/sys/devices",
|
|
||||||
+ "--bind", "usr", "/usr",
|
|
||||||
+ "--bind", "etc", "/etc",
|
|
||||||
+ "--bind", "var", "/var",
|
|
||||||
+ "--symlink", "/usr/lib", "/lib",
|
|
||||||
+ "--symlink", "/usr/lib32", "/lib32",
|
|
||||||
+ "--symlink", "/usr/lib64", "/lib64",
|
|
||||||
+ "--symlink", "/usr/bin", "/bin",
|
|
||||||
+ "--symlink", "/usr/sbin", "/sbin",
|
|
||||||
+ };
|
|
||||||
+ static const gsize COMMON_ARGC = sizeof (COMMON_ARGV) / sizeof (*COMMON_ARGV);
|
|
||||||
+
|
|
||||||
+ gsize i;
|
|
||||||
+ GPtrArray *args = g_ptr_array_sized_new (COMMON_ARGC + child_argc + 1);
|
|
||||||
+ g_autofree gchar **args_raw = NULL;
|
|
||||||
+
|
|
||||||
+ for (i = 0; i < COMMON_ARGC; i++)
|
|
||||||
+ g_ptr_array_add (args, (gchar *) COMMON_ARGV[i]);
|
|
||||||
+
|
|
||||||
+ for (i = 0; i < child_argc; i++)
|
|
||||||
+ g_ptr_array_add (args, (gchar *) child_argv[i]);
|
|
||||||
+
|
|
||||||
+ g_ptr_array_add (args, NULL);
|
|
||||||
+
|
|
||||||
+ args_raw = (gchar **) g_ptr_array_free (args, FALSE);
|
|
||||||
+
|
|
||||||
+ return g_spawn_sync (NULL, args_raw, NULL, 0, &child_setup_fchdir,
|
|
||||||
+ (gpointer) (uintptr_t) deployment_dfd,
|
|
||||||
+ stdout, NULL, exit_status, error);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+/*
|
|
||||||
+ * Run semodule to check if the module content changed after merging /etc
|
|
||||||
+ * and rebuild the policy if needed.
|
|
||||||
+ */
|
|
||||||
+static gboolean
|
|
||||||
+sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
|
|
||||||
+{
|
|
||||||
+ struct stat stbuf;
|
|
||||||
+ gint exit_status;
|
|
||||||
+ g_autofree gchar *stdout = NULL;
|
|
||||||
+
|
|
||||||
+ if (!glnx_fstatat_allow_noent (deployment_dfd, "etc/selinux/config", &stbuf,
|
|
||||||
+ AT_SYMLINK_NOFOLLOW, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+
|
|
||||||
+ /* Skip the SELinux policy refresh if /etc/selinux/config doesn't exist. */
|
|
||||||
+ if (errno != 0)
|
|
||||||
+ return TRUE;
|
|
||||||
+
|
|
||||||
+ /*
|
|
||||||
+ * Skip the SELinux policy refresh if the --rebuild-if-modules-changed
|
|
||||||
+ * flag is not supported by semodule.
|
|
||||||
+ */
|
|
||||||
+ static const gchar * const SEMODULE_HELP_ARGV[] = {
|
|
||||||
+ "semodule", "--help"
|
|
||||||
+ };
|
|
||||||
+ static const gsize SEMODULE_HELP_ARGC = sizeof (SEMODULE_HELP_ARGV) / sizeof (*SEMODULE_HELP_ARGV);
|
|
||||||
+ if (!run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV,
|
|
||||||
+ SEMODULE_HELP_ARGC, &exit_status, &stdout, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ if (!g_spawn_check_exit_status (exit_status, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ if (!strstr(stdout, "--rebuild-if-modules-changed"))
|
|
||||||
+ return TRUE;
|
|
||||||
+
|
|
||||||
+ static const gchar * const SEMODULE_REBUILD_ARGV[] = {
|
|
||||||
+ "semodule", "-N", "--rebuild-if-modules-changed"
|
|
||||||
+ };
|
|
||||||
+ static const gsize SEMODULE_REBUILD_ARGC = sizeof (SEMODULE_REBUILD_ARGV) / sizeof (*SEMODULE_REBUILD_ARGV);
|
|
||||||
+
|
|
||||||
+ if (!run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV,
|
|
||||||
+ SEMODULE_REBUILD_ARGC, &exit_status, NULL, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ return g_spawn_check_exit_status (exit_status, error);
|
|
||||||
+}
|
|
||||||
+#endif /* HAVE_SELINUX */
|
|
||||||
+
|
|
||||||
static gboolean
|
|
||||||
sysroot_finalize_deployment (OstreeSysroot *self,
|
|
||||||
OstreeDeployment *deployment,
|
|
||||||
@@ -2866,6 +2978,11 @@ sysroot_finalize_deployment (OstreeSysroot *self,
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#ifdef HAVE_SELINUX
|
|
||||||
+ if (!sysroot_finalize_selinux_policy(deployment_dfd, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+#endif /* HAVE_SELINUX */
|
|
||||||
+
|
|
||||||
const char *osdeploypath = glnx_strjoina ("ostree/deploy/", ostree_deployment_get_osname (deployment));
|
|
||||||
glnx_autofd int os_deploy_dfd = -1;
|
|
||||||
if (!glnx_opendirat (self->sysroot_fd, osdeploypath, TRUE, &os_deploy_dfd, error))
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,35 +0,0 @@
|
|||||||
From dd194eca7272afa457541abb2d8c25f90c4f478a Mon Sep 17 00:00:00 2001
|
|
||||||
From: Colin Walters <walters@verbum.org>
|
|
||||||
Date: Mon, 28 Mar 2022 17:46:59 -0400
|
|
||||||
Subject: [PATCH 6/6] deploy: Be a bit more verbose about SELinux bits
|
|
||||||
|
|
||||||
Let's log when we don't find the expected CLI argument which
|
|
||||||
will help debug things.
|
|
||||||
|
|
||||||
(cherry picked from commit c58a4fe661d9d3bf2c515aa5605b1e094c0a62ca)
|
|
||||||
---
|
|
||||||
src/libostree/ostree-sysroot-deploy.c | 7 +++++--
|
|
||||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
index a44721d8..404f336f 100644
|
|
||||||
--- a/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
+++ b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
@@ -2926,9 +2926,12 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
|
|
||||||
SEMODULE_HELP_ARGC, &exit_status, &stdout, error))
|
|
||||||
return FALSE;
|
|
||||||
if (!g_spawn_check_exit_status (exit_status, error))
|
|
||||||
- return FALSE;
|
|
||||||
+ return glnx_prefix_error (error, "failed to run semodule");
|
|
||||||
if (!strstr(stdout, "--rebuild-if-modules-changed"))
|
|
||||||
- return TRUE;
|
|
||||||
+ {
|
|
||||||
+ ot_journal_print (LOG_INFO, "semodule does not have --rebuild-if-modules-changed");
|
|
||||||
+ return TRUE;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
static const gchar * const SEMODULE_REBUILD_ARGV[] = {
|
|
||||||
"semodule", "-N", "--rebuild-if-modules-changed"
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,298 +0,0 @@
|
|||||||
From 00697be199c08242e54c02e4557e20834030aaf3 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
Date: Mon, 4 Apr 2022 16:09:50 +0200
|
|
||||||
Subject: [PATCH 1/5] s390x: generate sd-boot at its own partition
|
|
||||||
|
|
||||||
Signed-off-by: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
---
|
|
||||||
src/libostree/ostree-bootloader-zipl.c | 36 ++++++++++++++++++++++----
|
|
||||||
src/libostree/s390x-se-luks-gencpio | 4 +--
|
|
||||||
2 files changed, 33 insertions(+), 7 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
index 02c10826c3..fe024d8046 100644
|
|
||||||
--- a/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
+++ b/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
@@ -21,12 +21,17 @@
|
|
||||||
#include "ostree-bootloader-zipl.h"
|
|
||||||
#include "ostree-deployment-private.h"
|
|
||||||
#include "otutil.h"
|
|
||||||
+#include <sys/mount.h>
|
|
||||||
+#include <sys/stat.h>
|
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
-#define SECURE_EXECUTION_BOOT_IMAGE "/boot/sd-boot"
|
|
||||||
+#define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se"
|
|
||||||
+#define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se"
|
|
||||||
+#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot"
|
|
||||||
#define SECURE_EXECUTION_HOSTKEY_PATH "/etc/se-hostkeys/"
|
|
||||||
#define SECURE_EXECUTION_HOSTKEY_PREFIX "ibm-z-hostkey"
|
|
||||||
#define SECURE_EXECUTION_LUKS_ROOT_KEY "/etc/luks/root"
|
|
||||||
+#define SECURE_EXECUTION_LUKS_BOOT_KEY "/etc/luks/boot"
|
|
||||||
#define SECURE_EXECUTION_LUKS_CONFIG "/etc/crypttab"
|
|
||||||
#define SECURE_EXECUTION_RAMDISK_TOOL PKGLIBEXECDIR "/s390x-se-luks-gencpio"
|
|
||||||
|
|
||||||
@@ -67,6 +72,25 @@ _ostree_bootloader_zipl_get_name (OstreeBootloader *bootloader)
|
|
||||||
return "zipl";
|
|
||||||
}
|
|
||||||
|
|
||||||
+static gboolean
|
|
||||||
+_ostree_secure_execution_mount(GError **error)
|
|
||||||
+{
|
|
||||||
+ const char *device = realpath (SECURE_EXECUTION_PARTITION, NULL);
|
|
||||||
+ if (device == NULL)
|
|
||||||
+ return glnx_throw_errno_prefix(error, "s390x SE: resolving %s", SECURE_EXECUTION_PARTITION);
|
|
||||||
+ if (mount (device, SECURE_EXECUTION_MOUNTPOINT, "ext4", 0, NULL) < 0)
|
|
||||||
+ return glnx_throw_errno_prefix (error, "s390x SE: Mounting %s", device);
|
|
||||||
+ return TRUE;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static gboolean
|
|
||||||
+_ostree_secure_execution_umount(GError **error)
|
|
||||||
+{
|
|
||||||
+ if (umount (SECURE_EXECUTION_MOUNTPOINT) < 0)
|
|
||||||
+ return glnx_throw_errno_prefix (error, "s390x SE: Unmounting %s", SECURE_EXECUTION_MOUNTPOINT);
|
|
||||||
+ return TRUE;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static gboolean
|
|
||||||
_ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader,
|
|
||||||
int bootversion,
|
|
||||||
@@ -152,8 +176,8 @@ _ostree_secure_execution_get_bls_config (OstreeBootloaderZipl *self,
|
|
||||||
static gboolean
|
|
||||||
_ostree_secure_execution_luks_key_exists (void)
|
|
||||||
{
|
|
||||||
- return (access(SECURE_EXECUTION_LUKS_ROOT_KEY, F_OK) == 0 &&
|
|
||||||
- access(SECURE_EXECUTION_LUKS_CONFIG, F_OK) == 0);
|
|
||||||
+ return (access(SECURE_EXECUTION_LUKS_CONFIG, F_OK) == 0 &&
|
|
||||||
+ (access(SECURE_EXECUTION_LUKS_ROOT_KEY, F_OK) == 0 || access(SECURE_EXECUTION_LUKS_BOOT_KEY, F_OK) == 0));
|
|
||||||
}
|
|
||||||
|
|
||||||
static gboolean
|
|
||||||
@@ -250,7 +274,7 @@ static gboolean
|
|
||||||
_ostree_secure_execution_call_zipl (GError **error)
|
|
||||||
{
|
|
||||||
int status = 0;
|
|
||||||
- const char *const zipl_argv[] = {"zipl", "-V", "-t", "/boot", "-i", SECURE_EXECUTION_BOOT_IMAGE, NULL};
|
|
||||||
+ const char *const zipl_argv[] = {"zipl", "-V", "-t", SECURE_EXECUTION_MOUNTPOINT, "-i", SECURE_EXECUTION_BOOT_IMAGE, NULL};
|
|
||||||
if (!g_spawn_sync (NULL, (char**)zipl_argv, NULL, G_SPAWN_SEARCH_PATH,
|
|
||||||
NULL, NULL, NULL, NULL, &status, error))
|
|
||||||
return glnx_prefix_error(error, "s390x SE: spawning zipl");
|
|
||||||
@@ -274,9 +298,11 @@ _ostree_secure_execution_enable (OstreeBootloaderZipl *self,
|
|
||||||
g_autofree gchar* options = NULL;
|
|
||||||
|
|
||||||
gboolean rc =
|
|
||||||
+ _ostree_secure_execution_mount (error) &&
|
|
||||||
_ostree_secure_execution_get_bls_config (self, bootversion, &vmlinuz, &initramfs, &options, cancellable, error) &&
|
|
||||||
_ostree_secure_execution_generate_sdboot (vmlinuz, initramfs, options, keys, error) &&
|
|
||||||
- _ostree_secure_execution_call_zipl (error);
|
|
||||||
+ _ostree_secure_execution_call_zipl (error) &&
|
|
||||||
+ _ostree_secure_execution_umount (error);
|
|
||||||
|
|
||||||
return rc;
|
|
||||||
}
|
|
||||||
diff --git a/src/libostree/s390x-se-luks-gencpio b/src/libostree/s390x-se-luks-gencpio
|
|
||||||
index f0ad24eb32..7d62258a31 100755
|
|
||||||
--- a/src/libostree/s390x-se-luks-gencpio
|
|
||||||
+++ b/src/libostree/s390x-se-luks-gencpio
|
|
||||||
@@ -12,11 +12,11 @@ gzip -cd ${old_initrd} | cpio -imd --quiet
|
|
||||||
|
|
||||||
# Adding LUKS root key and crypttab config
|
|
||||||
mkdir -p etc/luks
|
|
||||||
-cp -f /etc/luks/root etc/luks/
|
|
||||||
+cp -f /etc/luks/* etc/luks/
|
|
||||||
cp -f /etc/crypttab etc/
|
|
||||||
|
|
||||||
# Creating new initramdisk image
|
|
||||||
-find . | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd}
|
|
||||||
+find . -mindepth 1 | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd}
|
|
||||||
|
|
||||||
# Cleanup
|
|
||||||
rm -rf ${workdir}
|
|
||||||
|
|
||||||
From 91e71022ebc2422f278c285e55f4c88d7f572eeb Mon Sep 17 00:00:00 2001
|
|
||||||
From: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
Date: Mon, 23 May 2022 17:28:54 +0200
|
|
||||||
Subject: [PATCH 2/5] s390x: ensure SecureExecution is enabled before sd-boot
|
|
||||||
generation
|
|
||||||
|
|
||||||
Signed-off-by: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
---
|
|
||||||
src/libostree/ostree-bootloader-zipl.c | 24 ++++++++++++++++++------
|
|
||||||
1 file changed, 18 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
index fe024d8046..348dfe036d 100644
|
|
||||||
--- a/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
+++ b/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
@@ -25,6 +25,7 @@
|
|
||||||
#include <sys/stat.h>
|
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
+#define SECURE_EXECUTION_SYSFS_FLAG "/sys/firmware/uv/prot_virt_guest"
|
|
||||||
#define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se"
|
|
||||||
#define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se"
|
|
||||||
#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot"
|
|
||||||
@@ -109,6 +110,14 @@ _ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader,
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static gboolean _ostree_secure_execution_is_enabled (GCancellable *cancellable) {
|
|
||||||
+ gsize len = 0;
|
|
||||||
+ g_autofree char *data = glnx_file_get_contents_utf8_at (-1, SECURE_EXECUTION_SYSFS_FLAG, &len, cancellable, NULL);
|
|
||||||
+ if (!data)
|
|
||||||
+ return FALSE;
|
|
||||||
+ return strstr (data, "1") != NULL;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static gboolean
|
|
||||||
_ostree_secure_execution_get_keys (GPtrArray **keys,
|
|
||||||
GCancellable *cancellable,
|
|
||||||
@@ -329,12 +338,15 @@ _ostree_bootloader_zipl_post_bls_sync (OstreeBootloader *bootloader,
|
|
||||||
return TRUE;
|
|
||||||
|
|
||||||
/* Try with Secure Execution */
|
|
||||||
- g_autoptr(GPtrArray) keys = NULL;
|
|
||||||
- if (!_ostree_secure_execution_get_keys (&keys, cancellable, error))
|
|
||||||
- return FALSE;
|
|
||||||
- if (keys && keys->len)
|
|
||||||
- return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error);
|
|
||||||
-
|
|
||||||
+ if ( _ostree_secure_execution_is_enabled (cancellable) )
|
|
||||||
+ {
|
|
||||||
+ g_autoptr(GPtrArray) keys = NULL;
|
|
||||||
+ if (!_ostree_secure_execution_get_keys (&keys, cancellable, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ if (!keys || keys->len == 0)
|
|
||||||
+ return glnx_throw (error, "s390x SE: no keys");
|
|
||||||
+ return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error);
|
|
||||||
+ }
|
|
||||||
/* Fallback to non-SE setup */
|
|
||||||
const char *const zipl_argv[] = {"zipl", NULL};
|
|
||||||
int estatus;
|
|
||||||
|
|
||||||
From 2e2854239189044cc1ffd100959b7c7bfe92b0f9 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
Date: Tue, 24 May 2022 19:30:35 +0200
|
|
||||||
Subject: [PATCH 3/5] s390x: fail on error during reading of SecureExecution
|
|
||||||
sysfs flag
|
|
||||||
|
|
||||||
---
|
|
||||||
src/libostree/ostree-bootloader-zipl.c | 24 ++++++++++++++++++------
|
|
||||||
1 file changed, 18 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
index 348dfe036d..87b9b67aec 100644
|
|
||||||
--- a/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
+++ b/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
@@ -110,12 +110,21 @@ _ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader,
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static gboolean _ostree_secure_execution_is_enabled (GCancellable *cancellable) {
|
|
||||||
- gsize len = 0;
|
|
||||||
- g_autofree char *data = glnx_file_get_contents_utf8_at (-1, SECURE_EXECUTION_SYSFS_FLAG, &len, cancellable, NULL);
|
|
||||||
+static gboolean _ostree_secure_execution_is_enabled (gboolean *out_enabled,
|
|
||||||
+ GCancellable *cancellable,
|
|
||||||
+ GError **error)
|
|
||||||
+{
|
|
||||||
+ *out_enabled = FALSE;
|
|
||||||
+ glnx_autofd int fd = -1;
|
|
||||||
+ if (!ot_openat_ignore_enoent (AT_FDCWD, SECURE_EXECUTION_SYSFS_FLAG, &fd, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ if (fd == -1)
|
|
||||||
+ return TRUE; //ENOENT --> SecureExecution is disabled
|
|
||||||
+ g_autofree char *data = glnx_fd_readall_utf8 (fd, NULL, cancellable, error);
|
|
||||||
if (!data)
|
|
||||||
return FALSE;
|
|
||||||
- return strstr (data, "1") != NULL;
|
|
||||||
+ *out_enabled = strstr (data, "1") != NULL;
|
|
||||||
+ return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
static gboolean
|
|
||||||
@@ -338,13 +347,16 @@ _ostree_bootloader_zipl_post_bls_sync (OstreeBootloader *bootloader,
|
|
||||||
return TRUE;
|
|
||||||
|
|
||||||
/* Try with Secure Execution */
|
|
||||||
- if ( _ostree_secure_execution_is_enabled (cancellable) )
|
|
||||||
+ gboolean se_enabled = FALSE;
|
|
||||||
+ if ( !_ostree_secure_execution_is_enabled (&se_enabled, cancellable, error))
|
|
||||||
+ return FALSE;
|
|
||||||
+ if (se_enabled)
|
|
||||||
{
|
|
||||||
g_autoptr(GPtrArray) keys = NULL;
|
|
||||||
if (!_ostree_secure_execution_get_keys (&keys, cancellable, error))
|
|
||||||
return FALSE;
|
|
||||||
if (!keys || keys->len == 0)
|
|
||||||
- return glnx_throw (error, "s390x SE: no keys");
|
|
||||||
+ return glnx_throw (error, "s390x SE: no keys");
|
|
||||||
return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error);
|
|
||||||
}
|
|
||||||
/* Fallback to non-SE setup */
|
|
||||||
|
|
||||||
From 89ed46e8a9f584e2a6c1966fbf4c99f0fe51424e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
Date: Fri, 27 May 2022 09:13:18 +0200
|
|
||||||
Subject: [PATCH 4/5] s390x: do not unpack existing initrd, just append LUKS
|
|
||||||
keys to its copy
|
|
||||||
|
|
||||||
Signed-off-by: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
---
|
|
||||||
src/libostree/s390x-se-luks-gencpio | 12 ++++++------
|
|
||||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/s390x-se-luks-gencpio b/src/libostree/s390x-se-luks-gencpio
|
|
||||||
index 7d62258a31..f444198a40 100755
|
|
||||||
--- a/src/libostree/s390x-se-luks-gencpio
|
|
||||||
+++ b/src/libostree/s390x-se-luks-gencpio
|
|
||||||
@@ -4,19 +4,19 @@ set -euo pipefail
|
|
||||||
|
|
||||||
old_initrd=$1
|
|
||||||
new_initrd=$2
|
|
||||||
+currdir=$PWD
|
|
||||||
|
|
||||||
-# Unpacking existing initramdisk
|
|
||||||
+# Copying existing initramdisk
|
|
||||||
+cp ${old_initrd} ${new_initrd}
|
|
||||||
+
|
|
||||||
+# Appending LUKS root keys and crypttab config to the end of initrd
|
|
||||||
workdir=$(mktemp -d -p /tmp se-initramfs-XXXXXX)
|
|
||||||
cd ${workdir}
|
|
||||||
-gzip -cd ${old_initrd} | cpio -imd --quiet
|
|
||||||
-
|
|
||||||
-# Adding LUKS root key and crypttab config
|
|
||||||
mkdir -p etc/luks
|
|
||||||
cp -f /etc/luks/* etc/luks/
|
|
||||||
cp -f /etc/crypttab etc/
|
|
||||||
-
|
|
||||||
-# Creating new initramdisk image
|
|
||||||
find . -mindepth 1 | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd}
|
|
||||||
|
|
||||||
# Cleanup
|
|
||||||
+cd ${currdir}
|
|
||||||
rm -rf ${workdir}
|
|
||||||
|
|
||||||
From 2c8d5b95c7f2fee90e73bdd9222e002c44e797b7 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
Date: Thu, 23 Jun 2022 15:54:04 +0200
|
|
||||||
Subject: [PATCH 5/5] s390x: rename sd-boot to sdboot
|
|
||||||
|
|
||||||
Signed-off-by: Nikita Dubrovskii <nikita@linux.ibm.com>
|
|
||||||
---
|
|
||||||
src/libostree/ostree-bootloader-zipl.c | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
index 87b9b67aec..0ff350f942 100644
|
|
||||||
--- a/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
+++ b/src/libostree/ostree-bootloader-zipl.c
|
|
||||||
@@ -28,7 +28,7 @@
|
|
||||||
#define SECURE_EXECUTION_SYSFS_FLAG "/sys/firmware/uv/prot_virt_guest"
|
|
||||||
#define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se"
|
|
||||||
#define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se"
|
|
||||||
-#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot"
|
|
||||||
+#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sdboot"
|
|
||||||
#define SECURE_EXECUTION_HOSTKEY_PATH "/etc/se-hostkeys/"
|
|
||||||
#define SECURE_EXECUTION_HOSTKEY_PREFIX "ibm-z-hostkey"
|
|
||||||
#define SECURE_EXECUTION_LUKS_ROOT_KEY "/etc/luks/root"
|
|
@ -1,32 +0,0 @@
|
|||||||
From 56820e54392efc5dd59032f8872aaf219190ad4f Mon Sep 17 00:00:00 2001
|
|
||||||
From: Colin Walters <walters@verbum.org>
|
|
||||||
Date: Thu, 14 Jul 2022 14:42:19 -0400
|
|
||||||
Subject: [PATCH] sign/ed25519: Verify signatures are minimum length
|
|
||||||
|
|
||||||
The ed25519 signature verification code does not
|
|
||||||
check that the signature is a minimum/correct length.
|
|
||||||
As a result, if the signature is too short, libsodium will end up
|
|
||||||
reading a few bytes out of bounds.
|
|
||||||
|
|
||||||
Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com>
|
|
||||||
Co-authored-by: Demi Marie Obenour <demi@invisiblethingslab.com>
|
|
||||||
|
|
||||||
Closes: https://github.com/ostreedev/ostree/security/advisories/GHSA-gqf4-p3gv-g8vw
|
|
||||||
---
|
|
||||||
src/libostree/ostree-sign-ed25519.c | 3 +++
|
|
||||||
1 file changed, 3 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-sign-ed25519.c b/src/libostree/ostree-sign-ed25519.c
|
|
||||||
index 809ffe8790..f271fd49e0 100644
|
|
||||||
--- a/src/libostree/ostree-sign-ed25519.c
|
|
||||||
+++ b/src/libostree/ostree-sign-ed25519.c
|
|
||||||
@@ -209,6 +209,9 @@ gboolean ostree_sign_ed25519_data_verify (OstreeSign *self,
|
|
||||||
g_autoptr (GVariant) child = g_variant_get_child_value (signatures, i);
|
|
||||||
g_autoptr (GBytes) signature = g_variant_get_data_as_bytes(child);
|
|
||||||
|
|
||||||
+ if (g_bytes_get_size (signature) != crypto_sign_BYTES)
|
|
||||||
+ return glnx_throw (error, "Invalid signature length of %" G_GSIZE_FORMAT " bytes, expected %" G_GSIZE_FORMAT, (gsize) g_bytes_get_size (signature), (gsize) crypto_sign_BYTES);
|
|
||||||
+
|
|
||||||
g_autofree char * hex = g_malloc0 (crypto_sign_PUBLICKEYBYTES*2 + 1);
|
|
||||||
|
|
||||||
g_debug("Read signature %d: %s", (gint)i, g_variant_print(child, TRUE));
|
|
@ -1,57 +0,0 @@
|
|||||||
From 9053aaffab2ec02ed377a82389422cc4e77dff8a Mon Sep 17 00:00:00 2001
|
|
||||||
From: Abylay Ospan <aospan@amazon.com>
|
|
||||||
Date: Tue, 6 Jun 2023 02:13:14 +0000
|
|
||||||
Subject: [PATCH 16/17] commit: fix ostree deployment on 64-bit inode fs
|
|
||||||
|
|
||||||
This commit addresses a bug that was causing ostree deployment
|
|
||||||
to become corrupted on the large fs, when any package was installed using
|
|
||||||
'rpm-ostree install'.
|
|
||||||
|
|
||||||
In such instances, multiple files were assigned the same inode. For
|
|
||||||
example, the '/home' directory and a regular file 'pkg-get' were
|
|
||||||
assigned the same inode (2147484070), making the deployment unusable.
|
|
||||||
|
|
||||||
A root cause analysis was performed, running the process under gdb,
|
|
||||||
which revealed a lossy conversion from guint64 to guint32, for example
|
|
||||||
6442451366 converted to 2147484070:
|
|
||||||
|
|
||||||
(gdb) p name
|
|
||||||
$10 = 0x7fe9224d2d70 "home"
|
|
||||||
|
|
||||||
(gdb) p inode
|
|
||||||
$73 = 6442451366
|
|
||||||
|
|
||||||
(gdb) s
|
|
||||||
device=66311, modifier=0x7fe914791840) at
|
|
||||||
src/libostree/ostree-repo-commit.c:1590
|
|
||||||
|
|
||||||
The conversion resulted in entirely independent files potentially
|
|
||||||
receiving the same inode.
|
|
||||||
|
|
||||||
The issue was discovered on PoC machine equipped with a large NVME
|
|
||||||
(3.4TB), but the bug can be easily reproduced using `cosa run -m 4000
|
|
||||||
--qemu-size +3TB', followed by installation of any package using
|
|
||||||
`rpm-ostree install`. The resulting deployment will be unusable due to
|
|
||||||
many files being "corrupted" by the aforementioned issue.
|
|
||||||
|
|
||||||
(cherry picked from commit de6fddc6adee09a93901243dc7074090828a1912)
|
|
||||||
---
|
|
||||||
src/libostree/ostree-repo-commit.c | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
|
|
||||||
index dba98c32..e224d1cb 100644
|
|
||||||
--- a/src/libostree/ostree-repo-commit.c
|
|
||||||
+++ b/src/libostree/ostree-repo-commit.c
|
|
||||||
@@ -1584,7 +1584,7 @@ static const char *
|
|
||||||
devino_cache_lookup (OstreeRepo *self,
|
|
||||||
OstreeRepoCommitModifier *modifier,
|
|
||||||
guint32 device,
|
|
||||||
- guint32 inode)
|
|
||||||
+ guint64 inode)
|
|
||||||
{
|
|
||||||
OstreeDevIno dev_ino_key;
|
|
||||||
OstreeDevIno *dev_ino_val;
|
|
||||||
--
|
|
||||||
2.40.1
|
|
||||||
|
|
@ -1,33 +0,0 @@
|
|||||||
From 8b86c6c0b520f6856f9f8dba09c97114113d3244 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Colin Walters <walters@verbum.org>
|
|
||||||
Date: Thu, 20 Jul 2023 09:13:43 -0400
|
|
||||||
Subject: [PATCH 17/17] Add an always-on `inode64` feature
|
|
||||||
|
|
||||||
As I (and others) will be backporting the fix in
|
|
||||||
https://github.com/ostreedev/ostree/pull/2874/commits/de6fddc6adee09a93901243dc7074090828a1912
|
|
||||||
pretty far, I want a way for sysadmins and OS builders to
|
|
||||||
be able to reliably see when their version of ostree has this fix
|
|
||||||
(Because comparing version numbers isn't portable).
|
|
||||||
---
|
|
||||||
configure.ac | 5 ++++-
|
|
||||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/configure.ac b/configure.ac
|
|
||||||
index 3bd735ed..b58d0a67 100644
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -82,7 +82,10 @@ AM_COND_IF([BUILDOPT_TSAN],
|
|
||||||
LT_PREREQ([2.2.4])
|
|
||||||
LT_INIT([disable-static])
|
|
||||||
|
|
||||||
-OSTREE_FEATURES=""
|
|
||||||
+dnl We have an always-on feature now to signify the fix for
|
|
||||||
+dnl https://github.com/ostreedev/ostree/pull/2874/commits/de6fddc6adee09a93901243dc7074090828a1912
|
|
||||||
+dnl "commit: fix ostree deployment on 64-bit inode fs"
|
|
||||||
+OSTREE_FEATURES="inode64"
|
|
||||||
AC_SUBST([OSTREE_FEATURES])
|
|
||||||
|
|
||||||
GLIB_TESTS
|
|
||||||
--
|
|
||||||
2.40.1
|
|
||||||
|
|
@ -1,27 +0,0 @@
|
|||||||
From 3443baa6e63b36d169f57027d7e80df614592c8e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Joseph Marrero <jmarrero@redhat.com>
|
|
||||||
Date: Fri, 4 Aug 2023 16:09:20 -0400
|
|
||||||
Subject: [PATCH] Backport: 7f70614a1ac1950ebde3df0e26cc9ab1d72b2f1f
|
|
||||||
|
|
||||||
---
|
|
||||||
src/libostree/ostree-sysroot-deploy.c | 3 +--
|
|
||||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
index 2454a587..4d6d796e 100644
|
|
||||||
--- a/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
+++ b/src/libostree/ostree-sysroot-deploy.c
|
|
||||||
@@ -1613,9 +1613,8 @@ static void *
|
|
||||||
sync_in_thread (void *ptr)
|
|
||||||
{
|
|
||||||
SyncData *syncdata = ptr;
|
|
||||||
- // Ensure that the caller is blocked waiting
|
|
||||||
- g_mutex_lock (&syncdata->mutex);
|
|
||||||
sync ();
|
|
||||||
+ g_mutex_lock (&syncdata->mutex);
|
|
||||||
// Signal success
|
|
||||||
syncdata->success = true;
|
|
||||||
g_cond_broadcast (&syncdata->cond);
|
|
||||||
--
|
|
||||||
2.41.0
|
|
||||||
|
|
@ -0,0 +1,81 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# Update an existing system to use a read only sysroot
|
||||||
|
# and https://bugzilla.redhat.com/show_bug.cgi?id=2060976
|
||||||
|
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
main() {
|
||||||
|
|
||||||
|
# Used to condition execution of this unit at the systemd level
|
||||||
|
local -r stamp_file="/var/lib/.ostree-readonly-sysroot"
|
||||||
|
|
||||||
|
if [[ -f "${stamp_file}" ]]; then
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
local -r ostree_sysroot_readonly="$(ostree config --repo=/sysroot/ostree/repo get "sysroot.readonly" &> /dev/null || echo "false")"
|
||||||
|
if [[ "${ostree_sysroot_readonly}" == "true" ]]; then
|
||||||
|
# Nothing to do
|
||||||
|
touch "${stamp_file}"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
local -r boot_entries="$(ls -A /boot/loader/entries/ | wc -l)"
|
||||||
|
|
||||||
|
# Ensure that we can read BLS entries to avoid touching systems where /boot
|
||||||
|
# is not mounted
|
||||||
|
if [[ "${boot_entries}" -eq 0 ]]; then
|
||||||
|
echo "No BLS entry found: Maybe /boot is not mounted?" 1>&2
|
||||||
|
echo "This is unexpected thus no migration will be performed" 1>&2
|
||||||
|
touch "${stamp_file}"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check if any existing deployment is still missing the rw karg
|
||||||
|
local rw_kargs_found=0
|
||||||
|
local count=0
|
||||||
|
for f in "/boot/loader/entries/"*; do
|
||||||
|
count="$(grep -c "^options .* rw" "${f}" || true)"
|
||||||
|
if [[ "${count}" -ge 1 ]]; then
|
||||||
|
rw_kargs_found=$((rw_kargs_found + 1))
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# Some deployments are still missing the rw karg. Let's try to update them
|
||||||
|
if [[ "${boot_entries}" -ne "${rw_kargs_found}" ]]; then
|
||||||
|
# work around https://github.com/ostreedev/ostree/issues/2734#issuecomment-2353739450
|
||||||
|
stateroot=$(ls /ostree/deploy | head -n1)
|
||||||
|
if ls /boot/loader/entries/ostree-*-$stateroot.conf &>/dev/null; then
|
||||||
|
echo "Enabling bootloader naming workaround" 1>&2
|
||||||
|
export OSTREE_SYSROOT_OPTS=bootloader-naming-1
|
||||||
|
fi
|
||||||
|
ostree admin kargs edit-in-place --append-if-missing=rw || \
|
||||||
|
echo "Failed to edit kargs in place with ostree" 1>&2
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Re-check if any existing deployment is still missing the rw karg
|
||||||
|
rw_kargs_found=0
|
||||||
|
count=0
|
||||||
|
for f in "/boot/loader/entries/"*; do
|
||||||
|
count="$(grep -c "^options .* rw" "${f}" || true)"
|
||||||
|
if [[ "${count}" -ge 1 ]]; then
|
||||||
|
rw_kargs_found=$((rw_kargs_found + 1))
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
unset count
|
||||||
|
|
||||||
|
# If all deployments are good, then we can set the sysroot.readonly option
|
||||||
|
# in the ostree repo config
|
||||||
|
if [[ "${boot_entries}" -eq "${rw_kargs_found}" ]]; then
|
||||||
|
echo "Setting up the sysroot.readonly option in the ostree repo config"
|
||||||
|
ostree config --repo=/sysroot/ostree/repo set "sysroot.readonly" "true"
|
||||||
|
touch "${stamp_file}"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If anything else before failed, we will retry on next boot
|
||||||
|
echo "Will retry next boot" 1>&2
|
||||||
|
exit 0
|
||||||
|
}
|
||||||
|
|
||||||
|
main "${@}"
|
@ -0,0 +1,15 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Read-Only Sysroot Migration
|
||||||
|
Documentation=https://ostreedev.github.io/ostree
|
||||||
|
ConditionPathExists=!/var/lib/.ostree-readonly-sysroot
|
||||||
|
ConditionPathExists=/run/ostree-booted
|
||||||
|
RequiresMountsFor=/sysroot /boot
|
||||||
|
ConditionPathIsReadWrite=/sysroot
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/usr/libexec/ostree-readonly-sysroot-migration
|
||||||
|
RemainAfterExit=yes
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
Loading…
Reference in new issue