Compare commits

..

No commits in common. 'c9' and 'i8c' have entirely different histories.
c9 ... i8c

2
.gitignore vendored

@ -1 +1 @@
SOURCES/libostree-2024.9.tar.xz SOURCES/libostree-2022.2.tar.xz

@ -1 +1 @@
b37cd0e29ac24260c9082b3f62a9c3b21a46a505 SOURCES/libostree-2024.9.tar.xz 9f1cc3796da8b7892a8ef930a5086d4ff42c475f SOURCES/libostree-2022.2.tar.xz

@ -0,0 +1,374 @@
From a6d45dc165e48e2a463880ebb90f34c2b9d3c4ce Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 22 Apr 2022 18:46:28 -0400
Subject: [PATCH 1/6] Add an `ostree-boot-complete.service` to propagate
staging failures
Quite a while ago we added staged deployments, which solved
a bunch of issues around the `/etc` merge. However...a persistent
problem since then is that any failures in that process that
happened in the *previous* boot are not very visible.
We ship custom code in `rpm-ostree status` to query the previous
journal. But that has a few problems - one is that on systems
that have been up a while, that failure message may even get
rotated out. And second, some systems may not even have a persistent
journal at all.
A general thing we do in e.g. Fedora CoreOS testing is to check
for systemd unit failures. We do that both in our automated tests,
and we even ship code that displays them on ssh logins. And beyond
that obviously a lot of other projects do the same; it's easy via
`systemctl --failed`.
So to make failures more visible, change our `ostree-finalize-staged.service`
to have an internal wrapper around the process that "catches" any
errors, and copies the error message into a file in `/boot/ostree`.
Then, a new `ostree-boot-complete.service` looks for this file on
startup and re-emits the error message, and fails.
It also deletes the file. The rationale is to avoid *continually*
warning. For example we need to handle the case when an upgrade
process creates a new staged deployment. Now, we could change the
ostree core code to delete the warning file when that happens instead,
but this is trying to be a conservative change.
This should make failures here much more visible as is.
---
Makefile-boot.am | 2 +
Makefile-ostree.am | 1 +
src/boot/ostree-boot-complete.service | 33 +++++++++++
src/libostree/ostree-cmdprivate.c | 1 +
src/libostree/ostree-cmdprivate.h | 1 +
src/libostree/ostree-impl-system-generator.c | 2 +
src/libostree/ostree-sysroot-deploy.c | 62 ++++++++++++++++++--
src/libostree/ostree-sysroot-private.h | 7 +++
src/libostree/ostree-sysroot.c | 2 +
src/ostree/ot-admin-builtin-boot-complete.c | 58 ++++++++++++++++++
src/ostree/ot-admin-builtins.h | 1 +
src/ostree/ot-builtin-admin.c | 3 +
tests/kolainst/destructive/staged-deploy.sh | 12 ++++
13 files changed, 181 insertions(+), 4 deletions(-)
create mode 100644 src/boot/ostree-boot-complete.service
create mode 100644 src/ostree/ot-admin-builtin-boot-complete.c
diff --git a/Makefile-boot.am b/Makefile-boot.am
index ec10a0d6..e42e5180 100644
--- a/Makefile-boot.am
+++ b/Makefile-boot.am
@@ -38,6 +38,7 @@ endif
if BUILDOPT_SYSTEMD
systemdsystemunit_DATA = src/boot/ostree-prepare-root.service \
src/boot/ostree-remount.service \
+ src/boot/ostree-boot-complete.service \
src/boot/ostree-finalize-staged.service \
src/boot/ostree-finalize-staged.path \
$(NULL)
@@ -64,6 +65,7 @@ endif
EXTRA_DIST += src/boot/dracut/module-setup.sh \
src/boot/dracut/ostree.conf \
src/boot/mkinitcpio \
+ src/boot/ostree-boot-complete.service \
src/boot/ostree-prepare-root.service \
src/boot/ostree-finalize-staged.path \
src/boot/ostree-remount.service \
diff --git a/Makefile-ostree.am b/Makefile-ostree.am
index 82af1681..0fe2c5f8 100644
--- a/Makefile-ostree.am
+++ b/Makefile-ostree.am
@@ -70,6 +70,7 @@ ostree_SOURCES += \
src/ostree/ot-admin-builtin-diff.c \
src/ostree/ot-admin-builtin-deploy.c \
src/ostree/ot-admin-builtin-finalize-staged.c \
+ src/ostree/ot-admin-builtin-boot-complete.c \
src/ostree/ot-admin-builtin-undeploy.c \
src/ostree/ot-admin-builtin-instutil.c \
src/ostree/ot-admin-builtin-cleanup.c \
diff --git a/src/boot/ostree-boot-complete.service b/src/boot/ostree-boot-complete.service
new file mode 100644
index 00000000..5c09fdc9
--- /dev/null
+++ b/src/boot/ostree-boot-complete.service
@@ -0,0 +1,33 @@
+# Copyright (C) 2022 Red Hat, Inc.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library. If not, see <https://www.gnu.org/licenses/>.
+
+[Unit]
+Description=OSTree Complete Boot
+Documentation=man:ostree(1)
+# For now, this is the only condition on which we start, but it's
+# marked as a triggering condition in case in the future we want
+# to do something else.
+ConditionPathExists=|/boot/ostree/finalize-failure.stamp
+RequiresMountsFor=/boot
+# Ensure that we propagate the failure into the current boot before
+# any further finalization attempts.
+Before=ostree-finalize-staged.service
+
+[Service]
+Type=oneshot
+# To write to /boot while keeping it read-only
+MountFlags=slave
+RemainAfterExit=yes
+ExecStart=/usr/bin/ostree admin boot-complete
diff --git a/src/libostree/ostree-cmdprivate.c b/src/libostree/ostree-cmdprivate.c
index c9a6e2e1..f6c114f4 100644
--- a/src/libostree/ostree-cmdprivate.c
+++ b/src/libostree/ostree-cmdprivate.c
@@ -51,6 +51,7 @@ ostree_cmd__private__ (void)
_ostree_repo_static_delta_delete,
_ostree_repo_verify_bindings,
_ostree_sysroot_finalize_staged,
+ _ostree_sysroot_boot_complete,
};
return &table;
diff --git a/src/libostree/ostree-cmdprivate.h b/src/libostree/ostree-cmdprivate.h
index 46452ebd..17f943c8 100644
--- a/src/libostree/ostree-cmdprivate.h
+++ b/src/libostree/ostree-cmdprivate.h
@@ -33,6 +33,7 @@ typedef struct {
gboolean (* ostree_static_delta_delete) (OstreeRepo *repo, const char *delta_id, GCancellable *cancellable, GError **error);
gboolean (* ostree_repo_verify_bindings) (const char *collection_id, const char *ref_name, GVariant *commit, GError **error);
gboolean (* ostree_finalize_staged) (OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
+ gboolean (* ostree_boot_complete) (OstreeSysroot *sysroot, GCancellable *cancellable, GError **error);
} OstreeCmdPrivateVTable;
/* Note this not really "public", we just export the symbol, but not the header */
diff --git a/src/libostree/ostree-impl-system-generator.c b/src/libostree/ostree-impl-system-generator.c
index 769f0cbd..92d71605 100644
--- a/src/libostree/ostree-impl-system-generator.c
+++ b/src/libostree/ostree-impl-system-generator.c
@@ -134,6 +134,8 @@ require_internal_units (const char *normal_dir,
return FALSE;
if (symlinkat (SYSTEM_DATA_UNIT_PATH "/ostree-finalize-staged.path", normal_dir_dfd, "multi-user.target.wants/ostree-finalize-staged.path") < 0)
return glnx_throw_errno_prefix (error, "symlinkat");
+ if (symlinkat (SYSTEM_DATA_UNIT_PATH "/ostree-boot-complete.service", normal_dir_dfd, "multi-user.target.wants/ostree-boot-complete.service") < 0)
+ return glnx_throw_errno_prefix (error, "symlinkat");
return TRUE;
#else
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index b7cc232f..fc5916d8 100644
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -3255,10 +3255,10 @@ ostree_sysroot_stage_tree_with_options (OstreeSysroot *self,
}
/* Invoked at shutdown time by ostree-finalize-staged.service */
-gboolean
-_ostree_sysroot_finalize_staged (OstreeSysroot *self,
- GCancellable *cancellable,
- GError **error)
+static gboolean
+_ostree_sysroot_finalize_staged_inner (OstreeSysroot *self,
+ GCancellable *cancellable,
+ GError **error)
{
/* It's totally fine if there's no staged deployment; perhaps down the line
* though we could teach the ostree cmdline to tell systemd to activate the
@@ -3355,9 +3355,63 @@ _ostree_sysroot_finalize_staged (OstreeSysroot *self,
if (!ostree_sysroot_prepare_cleanup (self, cancellable, error))
return FALSE;
+ // Cleanup will have closed some FDs, re-ensure writability
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
+
return TRUE;
}
+/* Invoked at shutdown time by ostree-finalize-staged.service */
+gboolean
+_ostree_sysroot_finalize_staged (OstreeSysroot *self,
+ GCancellable *cancellable,
+ GError **error)
+{
+ g_autoptr(GError) finalization_error = NULL;
+ if (!_ostree_sysroot_ensure_boot_fd (self, error))
+ return FALSE;
+ if (!_ostree_sysroot_finalize_staged_inner (self, cancellable, &finalization_error))
+ {
+ g_autoptr(GError) writing_error = NULL;
+ g_assert_cmpint (self->boot_fd, !=, -1);
+ if (!glnx_file_replace_contents_at (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH,
+ (guint8*)finalization_error->message, -1,
+ 0, cancellable, &writing_error))
+ {
+ // We somehow failed to write the failure message...that's not great. Maybe ENOSPC on /boot.
+ g_printerr ("Failed to write %s: %s\n", _OSTREE_FINALIZE_STAGED_FAILURE_PATH, writing_error->message);
+ }
+ g_propagate_error (error, g_steal_pointer (&finalization_error));
+ return FALSE;
+ }
+ return TRUE;
+}
+
+/* Invoked at bootup time by ostree-boot-complete.service */
+gboolean
+_ostree_sysroot_boot_complete (OstreeSysroot *self,
+ GCancellable *cancellable,
+ GError **error)
+{
+ if (!_ostree_sysroot_ensure_boot_fd (self, error))
+ return FALSE;
+
+ glnx_autofd int failure_fd = -1;
+ if (!ot_openat_ignore_enoent (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH, &failure_fd, error))
+ return FALSE;
+ // If we didn't find a failure log, then there's nothing to do right now.
+ // (Actually this unit shouldn't even be invoked, but we may do more in the future)
+ if (failure_fd == -1)
+ return TRUE;
+ g_autofree char *failure_data = glnx_fd_readall_utf8 (failure_fd, NULL, cancellable, error);
+ if (failure_data == NULL)
+ return glnx_prefix_error (error, "Reading from %s", _OSTREE_FINALIZE_STAGED_FAILURE_PATH);
+ // Remove the file; we don't want to continually error out.
+ (void) unlinkat (self->boot_fd, _OSTREE_FINALIZE_STAGED_FAILURE_PATH, 0);
+ return glnx_throw (error, "ostree-finalize-staged.service failed on previous boot: %s", failure_data);
+}
+
/**
* ostree_sysroot_deployment_set_kargs:
* @self: Sysroot
diff --git a/src/libostree/ostree-sysroot-private.h b/src/libostree/ostree-sysroot-private.h
index cb34eeb3..a49a406c 100644
--- a/src/libostree/ostree-sysroot-private.h
+++ b/src/libostree/ostree-sysroot-private.h
@@ -96,6 +96,9 @@ struct OstreeSysroot {
#define _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS "ostree/initramfs-overlays"
#define _OSTREE_SYSROOT_INITRAMFS_OVERLAYS "boot/" _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS
+// Relative to /boot, consumed by ostree-boot-complete.service
+#define _OSTREE_FINALIZE_STAGED_FAILURE_PATH "ostree/finalize-failure.stamp"
+
gboolean
_ostree_sysroot_ensure_writable (OstreeSysroot *self,
GError **error);
@@ -142,6 +145,10 @@ gboolean
_ostree_sysroot_finalize_staged (OstreeSysroot *self,
GCancellable *cancellable,
GError **error);
+gboolean
+_ostree_sysroot_boot_complete (OstreeSysroot *self,
+ GCancellable *cancellable,
+ GError **error);
OstreeDeployment *
_ostree_sysroot_deserialize_deployment_from_variant (GVariant *v,
diff --git a/src/libostree/ostree-sysroot.c b/src/libostree/ostree-sysroot.c
index 266a2975..f083f950 100644
--- a/src/libostree/ostree-sysroot.c
+++ b/src/libostree/ostree-sysroot.c
@@ -356,6 +356,8 @@ _ostree_sysroot_ensure_writable (OstreeSysroot *self,
ostree_sysroot_unload (self);
if (!ensure_sysroot_fd (self, error))
return FALSE;
+ if (!_ostree_sysroot_ensure_boot_fd (self, error))
+ return FALSE;
return TRUE;
}
diff --git a/src/ostree/ot-admin-builtin-boot-complete.c b/src/ostree/ot-admin-builtin-boot-complete.c
new file mode 100644
index 00000000..6e1052f5
--- /dev/null
+++ b/src/ostree/ot-admin-builtin-boot-complete.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2022 Red Hat, Inc.
+ *
+ * SPDX-License-Identifier: LGPL-2.0+
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "config.h"
+
+#include <stdlib.h>
+
+#include "ot-main.h"
+#include "ot-admin-builtins.h"
+#include "ot-admin-functions.h"
+#include "ostree.h"
+#include "otutil.h"
+
+#include "ostree-cmdprivate.h"
+
+static GOptionEntry options[] = {
+ { NULL }
+};
+
+gboolean
+ot_admin_builtin_boot_complete (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
+{
+ /* Just a sanity check; we shouldn't be called outside of the service though.
+ */
+ struct stat stbuf;
+ if (fstatat (AT_FDCWD, OSTREE_PATH_BOOTED, &stbuf, 0) < 0)
+ return TRUE;
+ // We must have been invoked via systemd which should have set up a mount namespace.
+ g_assert (getenv ("INVOCATION_ID"));
+
+ g_autoptr(GOptionContext) context = g_option_context_new ("");
+ g_autoptr(OstreeSysroot) sysroot = NULL;
+ if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
+ invocation, &sysroot, cancellable, error))
+ return FALSE;
+
+ if (!ostree_cmd__private__()->ostree_boot_complete (sysroot, cancellable, error))
+ return FALSE;
+
+ return TRUE;
+}
diff --git a/src/ostree/ot-admin-builtins.h b/src/ostree/ot-admin-builtins.h
index d32b617e..8d9451be 100644
--- a/src/ostree/ot-admin-builtins.h
+++ b/src/ostree/ot-admin-builtins.h
@@ -39,6 +39,7 @@ BUILTINPROTO(deploy);
BUILTINPROTO(cleanup);
BUILTINPROTO(pin);
BUILTINPROTO(finalize_staged);
+BUILTINPROTO(boot_complete);
BUILTINPROTO(unlock);
BUILTINPROTO(status);
BUILTINPROTO(set_origin);
diff --git a/src/ostree/ot-builtin-admin.c b/src/ostree/ot-builtin-admin.c
index e0d2a60c..af09a614 100644
--- a/src/ostree/ot-builtin-admin.c
+++ b/src/ostree/ot-builtin-admin.c
@@ -43,6 +43,9 @@ static OstreeCommand admin_subcommands[] = {
{ "finalize-staged", OSTREE_BUILTIN_FLAG_NO_REPO | OSTREE_BUILTIN_FLAG_HIDDEN,
ot_admin_builtin_finalize_staged,
"Internal command to run at shutdown time" },
+ { "boot-complete", OSTREE_BUILTIN_FLAG_NO_REPO | OSTREE_BUILTIN_FLAG_HIDDEN,
+ ot_admin_builtin_boot_complete,
+ "Internal command to run at boot after an update was applied" },
{ "init-fs", OSTREE_BUILTIN_FLAG_NO_REPO,
ot_admin_builtin_init_fs,
"Initialize a root filesystem" },

@ -0,0 +1,515 @@
From 0085494e350c72599fc5c0e00422885d80b3c660 Mon Sep 17 00:00:00 2001
From: Miguel Angel Ajo <majopela@redhat.com>
Date: Mon, 19 Sep 2022 17:15:24 +0200
Subject: [PATCH] Support overlayfs whiteouts on checkout
Introduces an intermediate format for overlayfs storage, where
.wh-ostree. prefixed files will be converted into char 0:0
whiteout devices used by overlayfs to mark deletions across layers.
The CI scripts now uses a volume for the scratch directories
previously in /var/tmp otherwise we cannot create whiteout
devices into an overlayfs mounted filesystem.
Related-Issue: #2712
(cherry picked from commit e234b630f85b97e48ecf45d5aaba9b1aa64e6b54)
---
.github/workflows/tests.yml | 8 +-
Makefile-tests.am | 1 +
bash/ostree | 1 +
man/ostree-checkout.xml | 11 ++
src/libostree/ostree-repo-checkout.c | 129 ++++++++++++++++++++-
src/libostree/ostree-repo.h | 5 +-
src/libostree/ostree-sysroot-deploy.c | 2 +-
src/ostree/ot-builtin-checkout.c | 7 +-
tests/archive-test.sh | 7 +-
tests/basic-test.sh | 29 ++++-
tests/kolainst/data-shared/libtest-core.sh | 7 ++
tests/libtest.sh | 52 ++++++++-
tests/test-admin-deploy-whiteouts.sh | 42 +++++++
13 files changed, 292 insertions(+), 9 deletions(-)
create mode 100755 tests/test-admin-deploy-whiteouts.sh
--- a/Makefile-tests.am
+++ b/Makefile-tests.am
@@ -107,6 +107,7 @@ _installed_or_uninstalled_test_scripts = \
tests/test-admin-deploy-nomerge.sh \
tests/test-admin-deploy-none.sh \
tests/test-admin-deploy-bootid-gc.sh \
+ tests/test-admin-deploy-whiteouts.sh \
tests/test-osupdate-dtb.sh \
tests/test-admin-instutil-set-kargs.sh \
tests/test-admin-upgrade-not-backwards.sh \
diff --git a/bash/ostree b/bash/ostree
index 46363315..6f3b86ea 100644
--- a/bash/ostree
+++ b/bash/ostree
@@ -249,6 +249,7 @@ _ostree_checkout() {
--union-identical
--user-mode -U
--whiteouts
+ --process-passthrough-whiteouts
"
local options_with_args="
diff --git a/man/ostree-checkout.xml b/man/ostree-checkout.xml
index 4ed53a91..8f7d4f9b 100644
--- a/man/ostree-checkout.xml
+++ b/man/ostree-checkout.xml
@@ -114,6 +114,17 @@ License along with this library. If not, see <https://www.gnu.org/licenses/>.
</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>--process-passthrough-whiteouts</option></term>
+
+ <listitem><para>
+ Enable overlayfs whiteout extraction into 0:0 character devices.
+ Overlayfs whiteouts are encoded inside ostree as <literal>.ostree-wh.filename</literal>
+ and extracted as 0:0 character devices. This is useful to carry
+ container storage embedded into ostree.
+ </para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><option>--allow-noent</option></term>
diff --git a/src/libostree/ostree-repo-checkout.c b/src/libostree/ostree-repo-checkout.c
index 663292a9..7c7d0cc7 100644
--- a/src/libostree/ostree-repo-checkout.c
+++ b/src/libostree/ostree-repo-checkout.c
@@ -35,6 +35,8 @@
#define WHITEOUT_PREFIX ".wh."
#define OPAQUE_WHITEOUT_NAME ".wh..wh..opq"
+#define OVERLAYFS_WHITEOUT_PREFIX ".ostree-wh."
+
/* Per-checkout call state/caching */
typedef struct {
GString *path_buf; /* buffer for real path if filtering enabled */
@@ -582,6 +584,117 @@ checkout_file_hardlink (OstreeRepo *self,
return TRUE;
}
+static gboolean
+_checkout_overlayfs_whiteout_at_no_overwrite (OstreeRepoCheckoutAtOptions *options,
+ int destination_dfd,
+ const char *destination_name,
+ GFileInfo *file_info,
+ GVariant *xattrs,
+ gboolean *found_exant_file,
+ GCancellable *cancellable,
+ GError **error)
+{
+ if (found_exant_file != NULL)
+ *found_exant_file = FALSE;
+ guint32 file_mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode");
+ if (mknodat(destination_dfd, destination_name, (file_mode & ~S_IFMT) | S_IFCHR, (dev_t)0) < 0)
+ {
+ if (errno == EEXIST && found_exant_file != NULL)
+ {
+ *found_exant_file = TRUE;
+ return TRUE;
+ }
+ return glnx_throw_errno_prefix (error, "Creating whiteout char device");
+ }
+ if (options->mode != OSTREE_REPO_CHECKOUT_MODE_USER)
+ {
+ if (xattrs != NULL &&
+ !glnx_dfd_name_set_all_xattrs(destination_dfd, destination_name, xattrs,
+ cancellable, error))
+ return glnx_throw_errno_prefix (error, "Setting xattrs for whiteout char device");
+
+ if (TEMP_FAILURE_RETRY(fchownat(destination_dfd, destination_name,
+ g_file_info_get_attribute_uint32 (file_info, "unix::uid"),
+ g_file_info_get_attribute_uint32 (file_info, "unix::gid"),
+ AT_SYMLINK_NOFOLLOW) < 0))
+ return glnx_throw_errno_prefix (error, "fchownat");
+ if (TEMP_FAILURE_RETRY (fchmodat (destination_dfd, destination_name, file_mode & ~S_IFMT, 0)) < 0)
+ return glnx_throw_errno_prefix (error, "fchmodat %s to 0%o", destination_name, file_mode & ~S_IFMT);
+ }
+
+ return TRUE;
+}
+
+static gboolean
+_checkout_overlayfs_whiteout_at (OstreeRepo *repo,
+ OstreeRepoCheckoutAtOptions *options,
+ int destination_dfd,
+ const char *destination_name,
+ GFileInfo *file_info,
+ GVariant *xattrs,
+ GCancellable *cancellable,
+ GError **error)
+{
+ gboolean found_exant_file = FALSE;
+ if (!_checkout_overlayfs_whiteout_at_no_overwrite(options, destination_dfd, destination_name,
+ file_info, xattrs,&found_exant_file,
+ cancellable, error))
+ return FALSE;
+
+ if (!found_exant_file)
+ return TRUE;
+
+ guint32 uid = g_file_info_get_attribute_uint32 (file_info, "unix::uid");
+ guint32 gid = g_file_info_get_attribute_uint32 (file_info, "unix::gid");
+ guint32 file_mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode");
+
+ struct stat dest_stbuf;
+
+ switch(options->overwrite_mode)
+ {
+ case OSTREE_REPO_CHECKOUT_OVERWRITE_NONE:
+ return FALSE;
+ case OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_FILES:
+ if (!ot_ensure_unlinked_at (destination_dfd, destination_name, error))
+ return FALSE;
+ return _checkout_overlayfs_whiteout_at_no_overwrite(options, destination_dfd, destination_name,
+ file_info, xattrs, NULL, cancellable, error);
+ case OSTREE_REPO_CHECKOUT_OVERWRITE_ADD_FILES:
+ return TRUE;
+
+ case OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_IDENTICAL:
+ if (!glnx_fstatat(destination_dfd, destination_name, &dest_stbuf, AT_SYMLINK_NOFOLLOW,
+ error))
+ return FALSE;
+ if (!(repo->disable_xattrs || repo->mode == OSTREE_REPO_MODE_BARE_USER_ONLY))
+ {
+ g_autoptr(GVariant) fs_xattrs;
+ if (!glnx_dfd_name_get_all_xattrs (destination_dfd, destination_name,
+ &fs_xattrs, cancellable, error))
+ return FALSE;
+ if (!g_variant_equal(fs_xattrs, xattrs))
+ return glnx_throw(error, "existing destination file %s xattrs don't match",
+ destination_name);
+ }
+ if (options->mode != OSTREE_REPO_CHECKOUT_MODE_USER)
+ {
+ if (gid != dest_stbuf.st_gid)
+ return glnx_throw(error, "existing destination file %s does not match gid %d",
+ destination_name, gid);
+
+ if (uid != dest_stbuf.st_uid)
+ return glnx_throw(error, "existing destination file %s does not match uid %d",
+ destination_name, gid);
+
+ if ((file_mode & ALLPERMS) != (dest_stbuf.st_mode & ALLPERMS))
+ return glnx_throw(error, "existing destination file %s does not match mode %o",
+ destination_name, file_mode);
+ }
+ break;
+ }
+ return TRUE;
+}
+
static gboolean
checkout_one_file_at (OstreeRepo *repo,
OstreeRepoCheckoutAtOptions *options,
@@ -603,7 +716,8 @@ checkout_one_file_at (OstreeRepo *repo,
/* FIXME - avoid the GFileInfo here */
g_autoptr(GFileInfo) source_info = NULL;
- if (!ostree_repo_load_file (repo, checksum, NULL, &source_info, NULL,
+ g_autoptr(GVariant) source_xattrs = NULL;
+ if (!ostree_repo_load_file (repo, checksum, NULL, &source_info, &source_xattrs,
cancellable, error))
return FALSE;
@@ -623,6 +737,7 @@ checkout_one_file_at (OstreeRepo *repo,
const gboolean is_unreadable = (!is_symlink && (source_mode & S_IRUSR) == 0);
const gboolean is_whiteout = (!is_symlink && options->process_whiteouts &&
g_str_has_prefix (destination_name, WHITEOUT_PREFIX));
+ const gboolean is_overlayfs_whiteout = (!is_symlink && g_str_has_prefix (destination_name, OVERLAYFS_WHITEOUT_PREFIX));
const gboolean is_reg_zerosized = (!is_symlink && g_file_info_get_size (source_info) == 0);
const gboolean override_user_unreadable = (options->mode == OSTREE_REPO_CHECKOUT_MODE_USER && is_unreadable);
@@ -643,6 +758,18 @@ checkout_one_file_at (OstreeRepo *repo,
need_copy = FALSE;
}
+ else if (is_overlayfs_whiteout && options->process_passthrough_whiteouts)
+ {
+ const char *name = destination_name + (sizeof (OVERLAYFS_WHITEOUT_PREFIX) - 1);
+
+ if (!name[0])
+ return glnx_throw (error, "Invalid empty overlayfs whiteout '%s'", name);
+
+ g_assert (name[0] != '/'); /* Sanity */
+
+ return _checkout_overlayfs_whiteout_at(repo, options, destination_dfd, name,
+ source_info, source_xattrs, cancellable, error);
+ }
else if (is_reg_zerosized || override_user_unreadable)
{
/* In https://github.com/ostreedev/ostree/commit/673cacd633f9d6b653cdea530657d3e780a41bbd we
diff --git a/src/libostree/ostree-repo.h b/src/libostree/ostree-repo.h
index 98571170..b3d7f986 100644
--- a/src/libostree/ostree-repo.h
+++ b/src/libostree/ostree-repo.h
@@ -989,8 +989,9 @@ typedef struct {
gboolean force_copy; /* Since: 2017.6 */
gboolean bareuseronly_dirs; /* Since: 2017.7 */
gboolean force_copy_zerosized; /* Since: 2018.9 */
- gboolean unused_bools[4];
- /* 4 byte hole on 64 bit */
+ gboolean process_passthrough_whiteouts;
+ gboolean unused_bools[3];
+ /* 3 byte hole on 64 bit */
const char *subpath;
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index 404f336f..5c98103b 100644
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -641,7 +641,7 @@ checkout_deployment_tree (OstreeSysroot *sysroot,
return FALSE;
/* Generate hardlink farm, then opendir it */
- OstreeRepoCheckoutAtOptions checkout_opts = { 0, };
+ OstreeRepoCheckoutAtOptions checkout_opts = { .process_passthrough_whiteouts = TRUE };
if (!ostree_repo_checkout_at (repo, &checkout_opts, osdeploy_dfd,
checkout_target_name, csum,
cancellable, error))
diff --git a/src/ostree/ot-builtin-checkout.c b/src/ostree/ot-builtin-checkout.c
index d69c8b0b..bfa43885 100644
--- a/src/ostree/ot-builtin-checkout.c
+++ b/src/ostree/ot-builtin-checkout.c
@@ -37,6 +37,7 @@ static gboolean opt_union;
static gboolean opt_union_add;
static gboolean opt_union_identical;
static gboolean opt_whiteouts;
+static gboolean opt_process_passthrough_whiteouts;
static gboolean opt_from_stdin;
static char *opt_from_file;
static gboolean opt_disable_fsync;
@@ -77,6 +78,7 @@ static GOptionEntry options[] = {
{ "union-add", 0, 0, G_OPTION_ARG_NONE, &opt_union_add, "Keep existing files/directories, only add new", NULL },
{ "union-identical", 0, 0, G_OPTION_ARG_NONE, &opt_union_identical, "When layering checkouts, error out if a file would be replaced with a different version, but add new files and directories", NULL },
{ "whiteouts", 0, 0, G_OPTION_ARG_NONE, &opt_whiteouts, "Process 'whiteout' (Docker style) entries", NULL },
+ { "process-passthrough-whiteouts", 0, 0, G_OPTION_ARG_NONE, &opt_process_passthrough_whiteouts, "Enable overlayfs whiteout extraction into char 0:0 devices", NULL },
{ "allow-noent", 0, 0, G_OPTION_ARG_NONE, &opt_allow_noent, "Do nothing if specified path does not exist", NULL },
{ "from-stdin", 0, 0, G_OPTION_ARG_NONE, &opt_from_stdin, "Process many checkouts from standard input", NULL },
{ "from-file", 0, 0, G_OPTION_ARG_STRING, &opt_from_file, "Process many checkouts from input file", "FILE" },
@@ -129,7 +131,8 @@ process_one_checkout (OstreeRepo *repo,
if (opt_disable_cache || opt_whiteouts || opt_require_hardlinks ||
opt_union_add || opt_force_copy || opt_force_copy_zerosized ||
opt_bareuseronly_dirs || opt_union_identical ||
- opt_skiplist_file || opt_selinux_policy || opt_selinux_prefix)
+ opt_skiplist_file || opt_selinux_policy || opt_selinux_prefix ||
+ opt_process_passthrough_whiteouts)
{
OstreeRepoCheckoutAtOptions checkout_options = { 0, };
@@ -162,6 +165,8 @@ process_one_checkout (OstreeRepo *repo,
}
if (opt_whiteouts)
checkout_options.process_whiteouts = TRUE;
+ if (opt_process_passthrough_whiteouts)
+ checkout_options.process_passthrough_whiteouts = TRUE;
if (subpath)
checkout_options.subpath = subpath;
diff --git a/tests/archive-test.sh b/tests/archive-test.sh
index b6d84979..6b45790e 100644
--- a/tests/archive-test.sh
+++ b/tests/archive-test.sh
@@ -71,6 +71,11 @@ mkdir -p test-overlays
date > test-overlays/overlaid-file
$OSTREE commit ${COMMIT_ARGS} -b test-base --base test2 --owner-uid 42 --owner-gid 42 test-overlays/
$OSTREE ls -R test-base > ls.txt
-assert_streq "$(wc -l < ls.txt)" 14
+if can_create_whiteout_devices; then
+ assert_streq "$(wc -l < ls.txt)" 17
+else
+ assert_streq "$(wc -l < ls.txt)" 14
+fi
+
assert_streq "$(grep '42.*42' ls.txt | wc -l)" 2
echo "ok commit overlay base"
diff --git a/tests/basic-test.sh b/tests/basic-test.sh
index 04506c3d..0878e6f6 100644
--- a/tests/basic-test.sh
+++ b/tests/basic-test.sh
@@ -19,7 +19,7 @@
set -euo pipefail
-echo "1..$((87 + ${extra_basic_tests:-0}))"
+echo "1..$((89 + ${extra_basic_tests:-0}))"
CHECKOUT_U_ARG=""
CHECKOUT_H_ARGS="-H"
@@ -1187,3 +1187,30 @@ if test "$(id -u)" != "0"; then
else
echo "ok # SKIP not run when root"
fi
+
+if ! skip_one_without_whiteouts_devices; then
+ cd ${test_tmpdir}
+ rm checkout-test2 -rf
+ $OSTREE checkout test2 checkout-test2
+
+ assert_not_has_file checkout-test2/whiteouts/whiteout
+ assert_not_has_file checkout-test2/whiteouts/whiteout2
+ assert_has_file checkout-test2/whiteouts/.ostree-wh.whiteout
+ assert_has_file checkout-test2/whiteouts/.ostree-wh.whiteout2
+
+ echo "ok checkout: no whiteout passthrough by default"
+fi
+
+if ! skip_one_without_whiteouts_devices; then
+ cd ${test_tmpdir}
+ rm checkout-test2 -rf
+ $OSTREE checkout --process-passthrough-whiteouts test2 checkout-test2
+
+ assert_not_has_file checkout-test2/whiteouts/.ostree-wh.whiteout
+ assert_not_has_file checkout-test2/whiteouts/.ostree-wh.whiteout2
+
+ assert_is_whiteout_device checkout-test2/whiteouts/whiteout
+ assert_is_whiteout_device checkout-test2/whiteouts/whiteout2
+
+ echo "ok checkout: whiteout with overlayfs passthrough processing"
+fi
diff --git a/tests/libtest.sh b/tests/libtest.sh
index 686f08dc..5830f210 100755
--- a/tests/libtest.sh
+++ b/tests/libtest.sh
@@ -148,6 +148,20 @@ if ! have_selinux_relabel; then
fi
echo done
+# whiteout char 0:0 devices can be created as regular users, but
+# cannot be created inside containers mounted via overlayfs
+can_create_whiteout_devices() {
+ mknod -m 000 ${test_tmpdir}/.test-whiteout c 0 0 || return 1
+ rm -f ${test_tmpdir}/.test-whiteout
+ return 0
+}
+
+echo -n checking for overlayfs whiteouts...
+if ! can_create_whiteout_devices; then
+ export OSTREE_NO_WHITEOUTS=1
+fi
+echo done
+
if test -n "${OT_TESTS_DEBUG:-}"; then
set -x
fi
@@ -245,6 +259,15 @@ setup_test_repository () {
ln -s nonexistent baz/alink
mkdir baz/another/
echo x > baz/another/y
+
+ # if we are running inside a container we cannot test
+ # the overlayfs whiteout marker passthrough
+ if ! test -n "${OSTREE_NO_WHITEOUTS:-}"; then
+ mkdir whiteouts
+ touch whiteouts/.ostree-wh.whiteout
+ touch whiteouts/.ostree-wh.whiteout2
+ chmod 755 whiteouts/.ostree-wh.whiteout2
+ fi
umask "${oldumask}"
cd ${test_tmpdir}/files
@@ -406,7 +429,7 @@ setup_os_repository () {
mkdir osdata
cd osdata
kver=3.6.0
- mkdir -p usr/bin ${bootdir} usr/lib/modules/${kver} usr/share usr/etc
+ mkdir -p usr/bin ${bootdir} usr/lib/modules/${kver} usr/share usr/etc usr/container/layers/abcd
kernel_path=${bootdir}/vmlinuz
initramfs_path=${bootdir}/initramfs.img
# the HMAC file is only in /usr/lib/modules
@@ -449,6 +472,17 @@ EOF
mkdir -p usr/etc/testdirectory
echo "a default daemon file" > usr/etc/testdirectory/test
+ # if we are running inside a container we cannot test
+ # the overlayfs whiteout marker passthrough
+ if ! test -n "${OSTREE_NO_WHITEOUTS:-}"; then
+ # overlayfs whiteout passhthrough marker files
+ touch usr/container/layers/abcd/.ostree-wh.whiteout
+ chmod 400 usr/container/layers/abcd/.ostree-wh.whiteout
+
+ touch usr/container/layers/abcd/.ostree-wh.whiteout2
+ chmod 777 usr/container/layers/abcd/.ostree-wh.whiteout2
+ fi
+
${CMD_PREFIX} ostree --repo=${test_tmpdir}/testos-repo commit ${bootable_flag} --add-metadata-string version=1.0.9 -b testos/buildmain/x86_64-runtime -s "Build"
# Ensure these commits have distinct second timestamps
@@ -588,6 +622,22 @@ skip_without_user_xattrs () {
fi
}
+# Usage: if ! skip_one_without_whiteouts_devices; then ... more tests ...; fi
+skip_one_without_whiteouts_devices() {
+ if ! can_create_whiteout_devices; then
+ echo "ok # SKIP - this test requires whiteout device support (test outside containers)"
+ return 0
+ else
+ return 1
+ fi
+}
+
+skip_without_whiteouts_devices () {
+ if ! can_create_whiteout_devices; then
+ skip "this test requires whiteout device support (test outside containers)"
+ fi
+}
+
_have_systemd_and_libmount=''
have_systemd_and_libmount() {
if test "${_have_systemd_and_libmount}" = ''; then
diff --git a/tests/test-admin-deploy-whiteouts.sh b/tests/test-admin-deploy-whiteouts.sh
new file mode 100755
index 00000000..66421949
--- /dev/null
+++ b/tests/test-admin-deploy-whiteouts.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+#
+# Copyright (C) 2022 Red Hat, Inc.
+#
+# SPDX-License-Identifier: LGPL-2.0+
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library. If not, see <https://www.gnu.org/licenses/>.
+
+set -euox pipefail
+
+. $(dirname $0)/libtest.sh
+
+skip_without_whiteouts_devices
+
+# Exports OSTREE_SYSROOT so --sysroot not needed.
+setup_os_repository "archive" "syslinux"
+${CMD_PREFIX} ostree --repo=sysroot/ostree/repo pull-local --remote=testos testos-repo testos/buildmain/x86_64-runtime
+
+echo "1..3"
+${CMD_PREFIX} ostree admin deploy --os=testos --karg=root=LABEL=foo --karg=testkarg=1 testos:testos/buildmain/x86_64-runtime
+origdeployment=$(${CMD_PREFIX} ostree admin --sysroot=sysroot --print-current-dir)
+
+assert_is_whiteout_device "${origdeployment}"/usr/container/layers/abcd/whiteout
+echo "ok whiteout deployment"
+
+assert_not_has_file "${origdeployment}"/usr/container/layers/abcd/.ostree-wh.whiteout
+echo "ok .ostree-wh.whiteout not created"
+
+assert_file_has_mode "${origdeployment}"/usr/container/layers/abcd/whiteout 400
+assert_file_has_mode "${origdeployment}"/usr/container/layers/abcd/whiteout2 777
+echo "ok whiteout permissions are preserved"
--
2.37.3

@ -0,0 +1,40 @@
From e5b45f861a4d5738679f37d46ebca6e171bb3212 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Mon, 4 Apr 2022 10:25:35 -0400
Subject: [PATCH 2/6] libarchive: Handle `archive_entry_symlink()` returning
NULL
The `archive_entry_symlink()` API can definitely return `NULL`,
reading through the libarchive sources.
I hit this in the wild when using old ostree-ext to try to unpack
a chunked archive.
I didn't try to characterize this more, and sorry no unit test right
now.
---
src/libostree/ostree-repo-libarchive.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/libostree/ostree-repo-libarchive.c b/src/libostree/ostree-repo-libarchive.c
index 679aa44d..631c6d4b 100644
--- a/src/libostree/ostree-repo-libarchive.c
+++ b/src/libostree/ostree-repo-libarchive.c
@@ -146,8 +146,12 @@ file_info_from_archive_entry (struct archive_entry *entry)
g_autoptr(GFileInfo) info = _ostree_stbuf_to_gfileinfo (&stbuf);
if (S_ISLNK (stbuf.st_mode))
- g_file_info_set_attribute_byte_string (info, "standard::symlink-target",
- archive_entry_symlink (entry));
+ {
+ const char *target = archive_entry_symlink (entry);
+ if (target != NULL)
+ g_file_info_set_attribute_byte_string (info, "standard::symlink-target",
+ target);
+ }
return g_steal_pointer (&info);
}
--
2.31.1

@ -0,0 +1,82 @@
From 4a997ae08605ebe6ca02d9f422082f954e667a6c Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Sat, 30 Apr 2022 12:20:11 +0100
Subject: [PATCH 3/6] repo: Factor out _ostree_repo_auto_transaction_new()
This will allow the direct allocation in
ostree_repo_prepare_transaction() to be replaced with a call to this
function, avoiding breaking encapsulation.
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 540e60c3e3ace66dd4e6cf825488fc918260a642)
---
src/libostree/ostree-repo-private.h | 4 ++++
src/libostree/ostree-repo.c | 32 ++++++++++++++++++++++++-----
2 files changed, 31 insertions(+), 5 deletions(-)
diff --git a/src/libostree/ostree-repo-private.h b/src/libostree/ostree-repo-private.h
index 988c2179..96253e77 100644
--- a/src/libostree/ostree-repo-private.h
+++ b/src/libostree/ostree-repo-private.h
@@ -554,4 +554,8 @@ GType _ostree_repo_auto_transaction_get_type (void);
G_DEFINE_AUTOPTR_CLEANUP_FUNC (OstreeRepoAutoTransaction, _ostree_repo_auto_transaction_unref);
+/* Internal function to break a circular dependency:
+ * should not be made into public API, even if the rest is */
+OstreeRepoAutoTransaction *_ostree_repo_auto_transaction_new (OstreeRepo *repo);
+
G_END_DECLS
diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c
index a27591b3..f6bffd60 100644
--- a/src/libostree/ostree-repo.c
+++ b/src/libostree/ostree-repo.c
@@ -709,6 +709,32 @@ ostree_repo_auto_lock_cleanup (OstreeRepoAutoLock *auto_lock)
}
}
+/**
+ * _ostree_repo_auto_transaction_new:
+ * @repo: (not nullable): an #OsreeRepo object
+ * @cancellable: Cancellable
+ * @error: a #GError
+ *
+ * Return a guard for a transaction in @repo.
+ *
+ * Do not call this function outside the OstreeRepo transaction implementation.
+ * Use _ostree_repo_auto_transaction_start() instead.
+ *
+ * Returns: (transfer full): an #OstreeRepoAutoTransaction guard on success,
+ * %NULL otherwise.
+ */
+OstreeRepoAutoTransaction *
+_ostree_repo_auto_transaction_new (OstreeRepo *repo)
+{
+ g_assert (repo != NULL);
+
+ OstreeRepoAutoTransaction *txn = g_malloc(sizeof(OstreeRepoAutoTransaction));
+ txn->atomic_refcount = 1;
+ txn->repo = g_object_ref (repo);
+
+ return g_steal_pointer (&txn);
+}
+
/**
* _ostree_repo_auto_transaction_start:
* @repo: (not nullable): an #OsreeRepo object
@@ -730,11 +756,7 @@ _ostree_repo_auto_transaction_start (OstreeRepo *repo,
if (!ostree_repo_prepare_transaction (repo, NULL, cancellable, error))
return NULL;
- OstreeRepoAutoTransaction *txn = g_malloc(sizeof(OstreeRepoAutoTransaction));
- txn->atomic_refcount = 1;
- txn->repo = g_object_ref (repo);
-
- return g_steal_pointer (&txn);
+ return _ostree_repo_auto_transaction_new (repo);
}
/**
--
2.31.1

@ -0,0 +1,39 @@
From 51c7960bea081446ad217e9725408ce5cb531157 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Sat, 30 Apr 2022 12:53:42 +0100
Subject: [PATCH 4/6] repo: Correctly initialize refcount of temporary
transaction
Previously, the reference count was left uninitialized as a result of
bypassing the constructor, and the intended abort-on-error usually
wouldn't have happened.
Fixes: 8a9737a "repo/private: move OstreeRepoAutoTransaction to a boxed type"
Resolves: https://github.com/ostreedev/ostree/issues/2592
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 71304e854cdb344adb8b1ae7866929fbdde6c327)
---
src/libostree/ostree-repo-commit.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
index 5b16be5b..dba98c32 100644
--- a/src/libostree/ostree-repo-commit.c
+++ b/src/libostree/ostree-repo-commit.c
@@ -1688,10 +1688,10 @@ ostree_repo_prepare_transaction (OstreeRepo *self,
g_debug ("Preparing transaction in repository %p", self);
/* Set up to abort the transaction if we return early from this function.
- * This needs to be manually built here due to a circular dependency. */
- g_autoptr(OstreeRepoAutoTransaction) txn = g_malloc(sizeof(OstreeRepoAutoTransaction));
+ * We can't call _ostree_repo_auto_transaction_start() here, because that
+ * would be a circular dependency; use the lower-level version instead. */
+ g_autoptr(OstreeRepoAutoTransaction) txn = _ostree_repo_auto_transaction_new (self);
g_assert (txn != NULL);
- txn->repo = self;
memset (&self->txn.stats, 0, sizeof (OstreeRepoTransactionStats));
--
2.31.1

@ -0,0 +1,172 @@
From 62e62bcfd8a1770b906faed083d11e451a50f566 Mon Sep 17 00:00:00 2001
From: Ondrej Mosnacek <omosnace@redhat.com>
Date: Wed, 9 Mar 2022 15:27:11 +0100
Subject: [PATCH 5/6] deploy: Try to rebuild policy in new deployment if needed
Whenever the user has SELinux enabled and has any local
modules/modifications installed, it is necessary to rebuild the policy
in the final deployment, otherwise ostree will leave the binary policy
files unchanged from last deployment as it detects difference against
the base content (in rpm-ostree case this is the RPM content).
To avoid the situation where the policy binaries go stale once any local
customization of the policy is made, try to rebuild the policy as part
of sysroot_finalize_deployment(). Use the special
--rebuild-if-modules-changed switch, which detects if the input module
files have changed relative to last time the policy was built and skips
the most time-consuming part of the rebuild process if modules are
unchanged (thus making this a relatively cheap operation if the user
hasn't made any modifications to the shipped policy).
As suggested by Jonathan Lebon, this uses bubblewrap (via
g_spawn_sync()) to perform the rebuild inside the deployment's
filesystem tree, which also means that ostree will have a runtime
dependency on bubblewrap.
Partially addresses: https://github.com/coreos/fedora-coreos-tracker/issues/701
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
(cherry picked from commit edb4f3893474736156c654aa43bdbf3784991811)
---
ci/gh-install.sh | 1 +
src/libostree/ostree-sysroot-deploy.c | 117 ++++++++++++++++++++++++++
2 files changed, 118 insertions(+)
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index fc5916d8..a44721d8 100644
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -2830,6 +2830,118 @@ get_var_dfd (OstreeSysroot *self,
return glnx_opendirat (base_dfd, base_path, TRUE, ret_fd, error);
}
+#ifdef HAVE_SELINUX
+static void
+child_setup_fchdir (gpointer data)
+{
+ int fd = (int) (uintptr_t) data;
+ int rc __attribute__((unused));
+
+ rc = fchdir (fd);
+}
+
+/*
+ * Derived from rpm-ostree's rust/src/bwrap.rs
+ */
+static gboolean
+run_in_deployment (int deployment_dfd,
+ const gchar * const *child_argv,
+ gsize child_argc,
+ gint *exit_status,
+ gchar **stdout,
+ GError **error)
+{
+ static const gchar * const COMMON_ARGV[] = {
+ "/usr/bin/bwrap",
+ "--dev", "/dev", "--proc", "/proc", "--dir", "/run", "--dir", "/tmp",
+ "--chdir", "/",
+ "--die-with-parent",
+ "--unshare-pid",
+ "--unshare-uts",
+ "--unshare-ipc",
+ "--unshare-cgroup-try",
+ "--ro-bind", "/sys/block", "/sys/block",
+ "--ro-bind", "/sys/bus", "/sys/bus",
+ "--ro-bind", "/sys/class", "/sys/class",
+ "--ro-bind", "/sys/dev", "/sys/dev",
+ "--ro-bind", "/sys/devices", "/sys/devices",
+ "--bind", "usr", "/usr",
+ "--bind", "etc", "/etc",
+ "--bind", "var", "/var",
+ "--symlink", "/usr/lib", "/lib",
+ "--symlink", "/usr/lib32", "/lib32",
+ "--symlink", "/usr/lib64", "/lib64",
+ "--symlink", "/usr/bin", "/bin",
+ "--symlink", "/usr/sbin", "/sbin",
+ };
+ static const gsize COMMON_ARGC = sizeof (COMMON_ARGV) / sizeof (*COMMON_ARGV);
+
+ gsize i;
+ GPtrArray *args = g_ptr_array_sized_new (COMMON_ARGC + child_argc + 1);
+ g_autofree gchar **args_raw = NULL;
+
+ for (i = 0; i < COMMON_ARGC; i++)
+ g_ptr_array_add (args, (gchar *) COMMON_ARGV[i]);
+
+ for (i = 0; i < child_argc; i++)
+ g_ptr_array_add (args, (gchar *) child_argv[i]);
+
+ g_ptr_array_add (args, NULL);
+
+ args_raw = (gchar **) g_ptr_array_free (args, FALSE);
+
+ return g_spawn_sync (NULL, args_raw, NULL, 0, &child_setup_fchdir,
+ (gpointer) (uintptr_t) deployment_dfd,
+ stdout, NULL, exit_status, error);
+}
+
+/*
+ * Run semodule to check if the module content changed after merging /etc
+ * and rebuild the policy if needed.
+ */
+static gboolean
+sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
+{
+ struct stat stbuf;
+ gint exit_status;
+ g_autofree gchar *stdout = NULL;
+
+ if (!glnx_fstatat_allow_noent (deployment_dfd, "etc/selinux/config", &stbuf,
+ AT_SYMLINK_NOFOLLOW, error))
+ return FALSE;
+
+ /* Skip the SELinux policy refresh if /etc/selinux/config doesn't exist. */
+ if (errno != 0)
+ return TRUE;
+
+ /*
+ * Skip the SELinux policy refresh if the --rebuild-if-modules-changed
+ * flag is not supported by semodule.
+ */
+ static const gchar * const SEMODULE_HELP_ARGV[] = {
+ "semodule", "--help"
+ };
+ static const gsize SEMODULE_HELP_ARGC = sizeof (SEMODULE_HELP_ARGV) / sizeof (*SEMODULE_HELP_ARGV);
+ if (!run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV,
+ SEMODULE_HELP_ARGC, &exit_status, &stdout, error))
+ return FALSE;
+ if (!g_spawn_check_exit_status (exit_status, error))
+ return FALSE;
+ if (!strstr(stdout, "--rebuild-if-modules-changed"))
+ return TRUE;
+
+ static const gchar * const SEMODULE_REBUILD_ARGV[] = {
+ "semodule", "-N", "--rebuild-if-modules-changed"
+ };
+ static const gsize SEMODULE_REBUILD_ARGC = sizeof (SEMODULE_REBUILD_ARGV) / sizeof (*SEMODULE_REBUILD_ARGV);
+
+ if (!run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV,
+ SEMODULE_REBUILD_ARGC, &exit_status, NULL, error))
+ return FALSE;
+ return g_spawn_check_exit_status (exit_status, error);
+}
+#endif /* HAVE_SELINUX */
+
static gboolean
sysroot_finalize_deployment (OstreeSysroot *self,
OstreeDeployment *deployment,
@@ -2866,6 +2978,11 @@ sysroot_finalize_deployment (OstreeSysroot *self,
return FALSE;
}
+#ifdef HAVE_SELINUX
+ if (!sysroot_finalize_selinux_policy(deployment_dfd, error))
+ return FALSE;
+#endif /* HAVE_SELINUX */
+
const char *osdeploypath = glnx_strjoina ("ostree/deploy/", ostree_deployment_get_osname (deployment));
glnx_autofd int os_deploy_dfd = -1;
if (!glnx_opendirat (self->sysroot_fd, osdeploypath, TRUE, &os_deploy_dfd, error))
--
2.31.1

@ -0,0 +1,35 @@
From dd194eca7272afa457541abb2d8c25f90c4f478a Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Mon, 28 Mar 2022 17:46:59 -0400
Subject: [PATCH 6/6] deploy: Be a bit more verbose about SELinux bits
Let's log when we don't find the expected CLI argument which
will help debug things.
(cherry picked from commit c58a4fe661d9d3bf2c515aa5605b1e094c0a62ca)
---
src/libostree/ostree-sysroot-deploy.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index a44721d8..404f336f 100644
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -2926,9 +2926,12 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
SEMODULE_HELP_ARGC, &exit_status, &stdout, error))
return FALSE;
if (!g_spawn_check_exit_status (exit_status, error))
- return FALSE;
+ return glnx_prefix_error (error, "failed to run semodule");
if (!strstr(stdout, "--rebuild-if-modules-changed"))
- return TRUE;
+ {
+ ot_journal_print (LOG_INFO, "semodule does not have --rebuild-if-modules-changed");
+ return TRUE;
+ }
static const gchar * const SEMODULE_REBUILD_ARGV[] = {
"semodule", "-N", "--rebuild-if-modules-changed"
--
2.31.1

@ -0,0 +1,298 @@
From 00697be199c08242e54c02e4557e20834030aaf3 Mon Sep 17 00:00:00 2001
From: Nikita Dubrovskii <nikita@linux.ibm.com>
Date: Mon, 4 Apr 2022 16:09:50 +0200
Subject: [PATCH 1/5] s390x: generate sd-boot at its own partition
Signed-off-by: Nikita Dubrovskii <nikita@linux.ibm.com>
---
src/libostree/ostree-bootloader-zipl.c | 36 ++++++++++++++++++++++----
src/libostree/s390x-se-luks-gencpio | 4 +--
2 files changed, 33 insertions(+), 7 deletions(-)
diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c
index 02c10826c3..fe024d8046 100644
--- a/src/libostree/ostree-bootloader-zipl.c
+++ b/src/libostree/ostree-bootloader-zipl.c
@@ -21,12 +21,17 @@
#include "ostree-bootloader-zipl.h"
#include "ostree-deployment-private.h"
#include "otutil.h"
+#include <sys/mount.h>
+#include <sys/stat.h>
#include <string.h>
-#define SECURE_EXECUTION_BOOT_IMAGE "/boot/sd-boot"
+#define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se"
+#define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se"
+#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot"
#define SECURE_EXECUTION_HOSTKEY_PATH "/etc/se-hostkeys/"
#define SECURE_EXECUTION_HOSTKEY_PREFIX "ibm-z-hostkey"
#define SECURE_EXECUTION_LUKS_ROOT_KEY "/etc/luks/root"
+#define SECURE_EXECUTION_LUKS_BOOT_KEY "/etc/luks/boot"
#define SECURE_EXECUTION_LUKS_CONFIG "/etc/crypttab"
#define SECURE_EXECUTION_RAMDISK_TOOL PKGLIBEXECDIR "/s390x-se-luks-gencpio"
@@ -67,6 +72,25 @@ _ostree_bootloader_zipl_get_name (OstreeBootloader *bootloader)
return "zipl";
}
+static gboolean
+_ostree_secure_execution_mount(GError **error)
+{
+ const char *device = realpath (SECURE_EXECUTION_PARTITION, NULL);
+ if (device == NULL)
+ return glnx_throw_errno_prefix(error, "s390x SE: resolving %s", SECURE_EXECUTION_PARTITION);
+ if (mount (device, SECURE_EXECUTION_MOUNTPOINT, "ext4", 0, NULL) < 0)
+ return glnx_throw_errno_prefix (error, "s390x SE: Mounting %s", device);
+ return TRUE;
+}
+
+static gboolean
+_ostree_secure_execution_umount(GError **error)
+{
+ if (umount (SECURE_EXECUTION_MOUNTPOINT) < 0)
+ return glnx_throw_errno_prefix (error, "s390x SE: Unmounting %s", SECURE_EXECUTION_MOUNTPOINT);
+ return TRUE;
+}
+
static gboolean
_ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader,
int bootversion,
@@ -152,8 +176,8 @@ _ostree_secure_execution_get_bls_config (OstreeBootloaderZipl *self,
static gboolean
_ostree_secure_execution_luks_key_exists (void)
{
- return (access(SECURE_EXECUTION_LUKS_ROOT_KEY, F_OK) == 0 &&
- access(SECURE_EXECUTION_LUKS_CONFIG, F_OK) == 0);
+ return (access(SECURE_EXECUTION_LUKS_CONFIG, F_OK) == 0 &&
+ (access(SECURE_EXECUTION_LUKS_ROOT_KEY, F_OK) == 0 || access(SECURE_EXECUTION_LUKS_BOOT_KEY, F_OK) == 0));
}
static gboolean
@@ -250,7 +274,7 @@ static gboolean
_ostree_secure_execution_call_zipl (GError **error)
{
int status = 0;
- const char *const zipl_argv[] = {"zipl", "-V", "-t", "/boot", "-i", SECURE_EXECUTION_BOOT_IMAGE, NULL};
+ const char *const zipl_argv[] = {"zipl", "-V", "-t", SECURE_EXECUTION_MOUNTPOINT, "-i", SECURE_EXECUTION_BOOT_IMAGE, NULL};
if (!g_spawn_sync (NULL, (char**)zipl_argv, NULL, G_SPAWN_SEARCH_PATH,
NULL, NULL, NULL, NULL, &status, error))
return glnx_prefix_error(error, "s390x SE: spawning zipl");
@@ -274,9 +298,11 @@ _ostree_secure_execution_enable (OstreeBootloaderZipl *self,
g_autofree gchar* options = NULL;
gboolean rc =
+ _ostree_secure_execution_mount (error) &&
_ostree_secure_execution_get_bls_config (self, bootversion, &vmlinuz, &initramfs, &options, cancellable, error) &&
_ostree_secure_execution_generate_sdboot (vmlinuz, initramfs, options, keys, error) &&
- _ostree_secure_execution_call_zipl (error);
+ _ostree_secure_execution_call_zipl (error) &&
+ _ostree_secure_execution_umount (error);
return rc;
}
diff --git a/src/libostree/s390x-se-luks-gencpio b/src/libostree/s390x-se-luks-gencpio
index f0ad24eb32..7d62258a31 100755
--- a/src/libostree/s390x-se-luks-gencpio
+++ b/src/libostree/s390x-se-luks-gencpio
@@ -12,11 +12,11 @@ gzip -cd ${old_initrd} | cpio -imd --quiet
# Adding LUKS root key and crypttab config
mkdir -p etc/luks
-cp -f /etc/luks/root etc/luks/
+cp -f /etc/luks/* etc/luks/
cp -f /etc/crypttab etc/
# Creating new initramdisk image
-find . | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd}
+find . -mindepth 1 | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd}
# Cleanup
rm -rf ${workdir}
From 91e71022ebc2422f278c285e55f4c88d7f572eeb Mon Sep 17 00:00:00 2001
From: Nikita Dubrovskii <nikita@linux.ibm.com>
Date: Mon, 23 May 2022 17:28:54 +0200
Subject: [PATCH 2/5] s390x: ensure SecureExecution is enabled before sd-boot
generation
Signed-off-by: Nikita Dubrovskii <nikita@linux.ibm.com>
---
src/libostree/ostree-bootloader-zipl.c | 24 ++++++++++++++++++------
1 file changed, 18 insertions(+), 6 deletions(-)
diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c
index fe024d8046..348dfe036d 100644
--- a/src/libostree/ostree-bootloader-zipl.c
+++ b/src/libostree/ostree-bootloader-zipl.c
@@ -25,6 +25,7 @@
#include <sys/stat.h>
#include <string.h>
+#define SECURE_EXECUTION_SYSFS_FLAG "/sys/firmware/uv/prot_virt_guest"
#define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se"
#define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se"
#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot"
@@ -109,6 +110,14 @@ _ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader,
return TRUE;
}
+static gboolean _ostree_secure_execution_is_enabled (GCancellable *cancellable) {
+ gsize len = 0;
+ g_autofree char *data = glnx_file_get_contents_utf8_at (-1, SECURE_EXECUTION_SYSFS_FLAG, &len, cancellable, NULL);
+ if (!data)
+ return FALSE;
+ return strstr (data, "1") != NULL;
+}
+
static gboolean
_ostree_secure_execution_get_keys (GPtrArray **keys,
GCancellable *cancellable,
@@ -329,12 +338,15 @@ _ostree_bootloader_zipl_post_bls_sync (OstreeBootloader *bootloader,
return TRUE;
/* Try with Secure Execution */
- g_autoptr(GPtrArray) keys = NULL;
- if (!_ostree_secure_execution_get_keys (&keys, cancellable, error))
- return FALSE;
- if (keys && keys->len)
- return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error);
-
+ if ( _ostree_secure_execution_is_enabled (cancellable) )
+ {
+ g_autoptr(GPtrArray) keys = NULL;
+ if (!_ostree_secure_execution_get_keys (&keys, cancellable, error))
+ return FALSE;
+ if (!keys || keys->len == 0)
+ return glnx_throw (error, "s390x SE: no keys");
+ return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error);
+ }
/* Fallback to non-SE setup */
const char *const zipl_argv[] = {"zipl", NULL};
int estatus;
From 2e2854239189044cc1ffd100959b7c7bfe92b0f9 Mon Sep 17 00:00:00 2001
From: Nikita Dubrovskii <nikita@linux.ibm.com>
Date: Tue, 24 May 2022 19:30:35 +0200
Subject: [PATCH 3/5] s390x: fail on error during reading of SecureExecution
sysfs flag
---
src/libostree/ostree-bootloader-zipl.c | 24 ++++++++++++++++++------
1 file changed, 18 insertions(+), 6 deletions(-)
diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c
index 348dfe036d..87b9b67aec 100644
--- a/src/libostree/ostree-bootloader-zipl.c
+++ b/src/libostree/ostree-bootloader-zipl.c
@@ -110,12 +110,21 @@ _ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader,
return TRUE;
}
-static gboolean _ostree_secure_execution_is_enabled (GCancellable *cancellable) {
- gsize len = 0;
- g_autofree char *data = glnx_file_get_contents_utf8_at (-1, SECURE_EXECUTION_SYSFS_FLAG, &len, cancellable, NULL);
+static gboolean _ostree_secure_execution_is_enabled (gboolean *out_enabled,
+ GCancellable *cancellable,
+ GError **error)
+{
+ *out_enabled = FALSE;
+ glnx_autofd int fd = -1;
+ if (!ot_openat_ignore_enoent (AT_FDCWD, SECURE_EXECUTION_SYSFS_FLAG, &fd, error))
+ return FALSE;
+ if (fd == -1)
+ return TRUE; //ENOENT --> SecureExecution is disabled
+ g_autofree char *data = glnx_fd_readall_utf8 (fd, NULL, cancellable, error);
if (!data)
return FALSE;
- return strstr (data, "1") != NULL;
+ *out_enabled = strstr (data, "1") != NULL;
+ return TRUE;
}
static gboolean
@@ -338,13 +347,16 @@ _ostree_bootloader_zipl_post_bls_sync (OstreeBootloader *bootloader,
return TRUE;
/* Try with Secure Execution */
- if ( _ostree_secure_execution_is_enabled (cancellable) )
+ gboolean se_enabled = FALSE;
+ if ( !_ostree_secure_execution_is_enabled (&se_enabled, cancellable, error))
+ return FALSE;
+ if (se_enabled)
{
g_autoptr(GPtrArray) keys = NULL;
if (!_ostree_secure_execution_get_keys (&keys, cancellable, error))
return FALSE;
if (!keys || keys->len == 0)
- return glnx_throw (error, "s390x SE: no keys");
+ return glnx_throw (error, "s390x SE: no keys");
return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error);
}
/* Fallback to non-SE setup */
From 89ed46e8a9f584e2a6c1966fbf4c99f0fe51424e Mon Sep 17 00:00:00 2001
From: Nikita Dubrovskii <nikita@linux.ibm.com>
Date: Fri, 27 May 2022 09:13:18 +0200
Subject: [PATCH 4/5] s390x: do not unpack existing initrd, just append LUKS
keys to its copy
Signed-off-by: Nikita Dubrovskii <nikita@linux.ibm.com>
---
src/libostree/s390x-se-luks-gencpio | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/libostree/s390x-se-luks-gencpio b/src/libostree/s390x-se-luks-gencpio
index 7d62258a31..f444198a40 100755
--- a/src/libostree/s390x-se-luks-gencpio
+++ b/src/libostree/s390x-se-luks-gencpio
@@ -4,19 +4,19 @@ set -euo pipefail
old_initrd=$1
new_initrd=$2
+currdir=$PWD
-# Unpacking existing initramdisk
+# Copying existing initramdisk
+cp ${old_initrd} ${new_initrd}
+
+# Appending LUKS root keys and crypttab config to the end of initrd
workdir=$(mktemp -d -p /tmp se-initramfs-XXXXXX)
cd ${workdir}
-gzip -cd ${old_initrd} | cpio -imd --quiet
-
-# Adding LUKS root key and crypttab config
mkdir -p etc/luks
cp -f /etc/luks/* etc/luks/
cp -f /etc/crypttab etc/
-
-# Creating new initramdisk image
find . -mindepth 1 | cpio --quiet -H newc -o | gzip -9 -n >> ${new_initrd}
# Cleanup
+cd ${currdir}
rm -rf ${workdir}
From 2c8d5b95c7f2fee90e73bdd9222e002c44e797b7 Mon Sep 17 00:00:00 2001
From: Nikita Dubrovskii <nikita@linux.ibm.com>
Date: Thu, 23 Jun 2022 15:54:04 +0200
Subject: [PATCH 5/5] s390x: rename sd-boot to sdboot
Signed-off-by: Nikita Dubrovskii <nikita@linux.ibm.com>
---
src/libostree/ostree-bootloader-zipl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libostree/ostree-bootloader-zipl.c b/src/libostree/ostree-bootloader-zipl.c
index 87b9b67aec..0ff350f942 100644
--- a/src/libostree/ostree-bootloader-zipl.c
+++ b/src/libostree/ostree-bootloader-zipl.c
@@ -28,7 +28,7 @@
#define SECURE_EXECUTION_SYSFS_FLAG "/sys/firmware/uv/prot_virt_guest"
#define SECURE_EXECUTION_PARTITION "/dev/disk/by-label/se"
#define SECURE_EXECUTION_MOUNTPOINT "/sysroot/se"
-#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sd-boot"
+#define SECURE_EXECUTION_BOOT_IMAGE SECURE_EXECUTION_MOUNTPOINT "/sdboot"
#define SECURE_EXECUTION_HOSTKEY_PATH "/etc/se-hostkeys/"
#define SECURE_EXECUTION_HOSTKEY_PREFIX "ibm-z-hostkey"
#define SECURE_EXECUTION_LUKS_ROOT_KEY "/etc/luks/root"

@ -0,0 +1,32 @@
From 56820e54392efc5dd59032f8872aaf219190ad4f Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 14 Jul 2022 14:42:19 -0400
Subject: [PATCH] sign/ed25519: Verify signatures are minimum length
The ed25519 signature verification code does not
check that the signature is a minimum/correct length.
As a result, if the signature is too short, libsodium will end up
reading a few bytes out of bounds.
Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com>
Co-authored-by: Demi Marie Obenour <demi@invisiblethingslab.com>
Closes: https://github.com/ostreedev/ostree/security/advisories/GHSA-gqf4-p3gv-g8vw
---
src/libostree/ostree-sign-ed25519.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/libostree/ostree-sign-ed25519.c b/src/libostree/ostree-sign-ed25519.c
index 809ffe8790..f271fd49e0 100644
--- a/src/libostree/ostree-sign-ed25519.c
+++ b/src/libostree/ostree-sign-ed25519.c
@@ -209,6 +209,9 @@ gboolean ostree_sign_ed25519_data_verify (OstreeSign *self,
g_autoptr (GVariant) child = g_variant_get_child_value (signatures, i);
g_autoptr (GBytes) signature = g_variant_get_data_as_bytes(child);
+ if (g_bytes_get_size (signature) != crypto_sign_BYTES)
+ return glnx_throw (error, "Invalid signature length of %" G_GSIZE_FORMAT " bytes, expected %" G_GSIZE_FORMAT, (gsize) g_bytes_get_size (signature), (gsize) crypto_sign_BYTES);
+
g_autofree char * hex = g_malloc0 (crypto_sign_PUBLICKEYBYTES*2 + 1);
g_debug("Read signature %d: %s", (gint)i, g_variant_print(child, TRUE));

@ -0,0 +1,57 @@
From 9053aaffab2ec02ed377a82389422cc4e77dff8a Mon Sep 17 00:00:00 2001
From: Abylay Ospan <aospan@amazon.com>
Date: Tue, 6 Jun 2023 02:13:14 +0000
Subject: [PATCH 16/17] commit: fix ostree deployment on 64-bit inode fs
This commit addresses a bug that was causing ostree deployment
to become corrupted on the large fs, when any package was installed using
'rpm-ostree install'.
In such instances, multiple files were assigned the same inode. For
example, the '/home' directory and a regular file 'pkg-get' were
assigned the same inode (2147484070), making the deployment unusable.
A root cause analysis was performed, running the process under gdb,
which revealed a lossy conversion from guint64 to guint32, for example
6442451366 converted to 2147484070:
(gdb) p name
$10 = 0x7fe9224d2d70 "home"
(gdb) p inode
$73 = 6442451366
(gdb) s
device=66311, modifier=0x7fe914791840) at
src/libostree/ostree-repo-commit.c:1590
The conversion resulted in entirely independent files potentially
receiving the same inode.
The issue was discovered on PoC machine equipped with a large NVME
(3.4TB), but the bug can be easily reproduced using `cosa run -m 4000
--qemu-size +3TB', followed by installation of any package using
`rpm-ostree install`. The resulting deployment will be unusable due to
many files being "corrupted" by the aforementioned issue.
(cherry picked from commit de6fddc6adee09a93901243dc7074090828a1912)
---
src/libostree/ostree-repo-commit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
index dba98c32..e224d1cb 100644
--- a/src/libostree/ostree-repo-commit.c
+++ b/src/libostree/ostree-repo-commit.c
@@ -1584,7 +1584,7 @@ static const char *
devino_cache_lookup (OstreeRepo *self,
OstreeRepoCommitModifier *modifier,
guint32 device,
- guint32 inode)
+ guint64 inode)
{
OstreeDevIno dev_ino_key;
OstreeDevIno *dev_ino_val;
--
2.40.1

@ -0,0 +1,33 @@
From 8b86c6c0b520f6856f9f8dba09c97114113d3244 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 20 Jul 2023 09:13:43 -0400
Subject: [PATCH 17/17] Add an always-on `inode64` feature
As I (and others) will be backporting the fix in
https://github.com/ostreedev/ostree/pull/2874/commits/de6fddc6adee09a93901243dc7074090828a1912
pretty far, I want a way for sysadmins and OS builders to
be able to reliably see when their version of ostree has this fix
(Because comparing version numbers isn't portable).
---
configure.ac | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 3bd735ed..b58d0a67 100644
--- a/configure.ac
+++ b/configure.ac
@@ -82,7 +82,10 @@ AM_COND_IF([BUILDOPT_TSAN],
LT_PREREQ([2.2.4])
LT_INIT([disable-static])
-OSTREE_FEATURES=""
+dnl We have an always-on feature now to signify the fix for
+dnl https://github.com/ostreedev/ostree/pull/2874/commits/de6fddc6adee09a93901243dc7074090828a1912
+dnl "commit: fix ostree deployment on 64-bit inode fs"
+OSTREE_FEATURES="inode64"
AC_SUBST([OSTREE_FEATURES])
GLIB_TESTS
--
2.40.1

@ -0,0 +1,27 @@
From 3443baa6e63b36d169f57027d7e80df614592c8e Mon Sep 17 00:00:00 2001
From: Joseph Marrero <jmarrero@redhat.com>
Date: Fri, 4 Aug 2023 16:09:20 -0400
Subject: [PATCH] Backport: 7f70614a1ac1950ebde3df0e26cc9ab1d72b2f1f
---
src/libostree/ostree-sysroot-deploy.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index 2454a587..4d6d796e 100644
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -1613,9 +1613,8 @@ static void *
sync_in_thread (void *ptr)
{
SyncData *syncdata = ptr;
- // Ensure that the caller is blocked waiting
- g_mutex_lock (&syncdata->mutex);
sync ();
+ g_mutex_lock (&syncdata->mutex);
// Signal success
syncdata->success = true;
g_cond_broadcast (&syncdata->cond);
--
2.41.0

@ -1,81 +0,0 @@
#!/bin/bash
# Update an existing system to use a read only sysroot
# and https://bugzilla.redhat.com/show_bug.cgi?id=2060976
set -euo pipefail
main() {
# Used to condition execution of this unit at the systemd level
local -r stamp_file="/var/lib/.ostree-readonly-sysroot"
if [[ -f "${stamp_file}" ]]; then
exit 0
fi
local -r ostree_sysroot_readonly="$(ostree config --repo=/sysroot/ostree/repo get "sysroot.readonly" &> /dev/null || echo "false")"
if [[ "${ostree_sysroot_readonly}" == "true" ]]; then
# Nothing to do
touch "${stamp_file}"
exit 0
fi
local -r boot_entries="$(ls -A /boot/loader/entries/ | wc -l)"
# Ensure that we can read BLS entries to avoid touching systems where /boot
# is not mounted
if [[ "${boot_entries}" -eq 0 ]]; then
echo "No BLS entry found: Maybe /boot is not mounted?" 1>&2
echo "This is unexpected thus no migration will be performed" 1>&2
touch "${stamp_file}"
exit 0
fi
# Check if any existing deployment is still missing the rw karg
local rw_kargs_found=0
local count=0
for f in "/boot/loader/entries/"*; do
count="$(grep -c "^options .* rw" "${f}" || true)"
if [[ "${count}" -ge 1 ]]; then
rw_kargs_found=$((rw_kargs_found + 1))
fi
done
# Some deployments are still missing the rw karg. Let's try to update them
if [[ "${boot_entries}" -ne "${rw_kargs_found}" ]]; then
# work around https://github.com/ostreedev/ostree/issues/2734#issuecomment-2353739450
stateroot=$(ls /ostree/deploy | head -n1)
if ls /boot/loader/entries/ostree-*-$stateroot.conf &>/dev/null; then
echo "Enabling bootloader naming workaround" 1>&2
export OSTREE_SYSROOT_OPTS=bootloader-naming-1
fi
ostree admin kargs edit-in-place --append-if-missing=rw || \
echo "Failed to edit kargs in place with ostree" 1>&2
fi
# Re-check if any existing deployment is still missing the rw karg
rw_kargs_found=0
count=0
for f in "/boot/loader/entries/"*; do
count="$(grep -c "^options .* rw" "${f}" || true)"
if [[ "${count}" -ge 1 ]]; then
rw_kargs_found=$((rw_kargs_found + 1))
fi
done
unset count
# If all deployments are good, then we can set the sysroot.readonly option
# in the ostree repo config
if [[ "${boot_entries}" -eq "${rw_kargs_found}" ]]; then
echo "Setting up the sysroot.readonly option in the ostree repo config"
ostree config --repo=/sysroot/ostree/repo set "sysroot.readonly" "true"
touch "${stamp_file}"
exit 0
fi
# If anything else before failed, we will retry on next boot
echo "Will retry next boot" 1>&2
exit 0
}
main "${@}"

@ -1,15 +0,0 @@
[Unit]
Description=Read-Only Sysroot Migration
Documentation=https://ostreedev.github.io/ostree
ConditionPathExists=!/var/lib/.ostree-readonly-sysroot
ConditionPathExists=/run/ostree-booted
RequiresMountsFor=/sysroot /boot
ConditionPathIsReadWrite=/sysroot
[Service]
Type=oneshot
ExecStart=/usr/libexec/ostree-readonly-sysroot-migration
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target

@ -1,4 +1,4 @@
# We haven't yet "productized" the tests # Don't ship tests on RHEL > 7.
%if 0%{?rhel} > 7 %if 0%{?rhel} > 7
%bcond_with tests %bcond_with tests
%else %else
@ -7,15 +7,29 @@
Summary: Tool for managing bootable, immutable filesystem trees Summary: Tool for managing bootable, immutable filesystem trees
Name: ostree Name: ostree
Version: 2024.9 Version: 2022.2
Release: 1%{?dist} Release: 8%{?dist}
Source0: https://github.com/ostreedev/%{name}/releases/download/v%{version}/libostree-%{version}.tar.xz Source0: https://github.com/ostreedev/%{name}/releases/download/v%{version}/libostree-%{version}.tar.xz
Source1: ostree-readonly-sysroot-migration
Source2: ostree-readonly-sysroot-migration.service
License: LGPLv2+ License: LGPLv2+
URL: https://ostree.readthedocs.io/en/latest/ URL: https://ostree.readthedocs.io/en/latest/
# We now track the rhel8 branch upstream, these are the patches
# since the 2022.2 release.
Patch0: 0001-Add-an-ostree-boot-complete.service-to-propagate-sta.patch
Patch1: 0002-libarchive-Handle-archive_entry_symlink-returning-NU.patch
Patch2: 0003-repo-Factor-out-_ostree_repo_auto_transaction_new.patch
Patch3: 0004-repo-Correctly-initialize-refcount-of-temporary-tran.patch
Patch4: 0005-deploy-Try-to-rebuild-policy-in-new-deployment-if-ne.patch
Patch5: 0006-deploy-Be-a-bit-more-verbose-about-SELinux-bits.patch
Patch6: 0007-backport-GH2694-secure-execution-enablement-s390x.patch
Patch7: 0008-backport-GH2696-ed25519-verify-signatures-minimum-length.patch
Patch8: 0001-Support-overlayfs-whiteouts-on-checkout.patch
# The original intention was to sync to the rhel8 branch upstream; that appears not to have happened
# Patches for https://bugzilla.redhat.com/show_bug.cgi?id=2224102
Patch16: 0016-commit-fix-ostree-deployment-on-64-bit-inode-fs.patch
Patch17: 0017-Add-an-always-on-inode64-feature.patch
Patch18: 0018-Backport-7f70614a1ac1950ebde3df0e26cc9ab1d72b2f1f.patch
BuildRequires: make BuildRequires: make
BuildRequires: git BuildRequires: git
# We always run autogen.sh # We always run autogen.sh
@ -26,7 +40,6 @@ BuildRequires: gtk-doc
BuildRequires: pkgconfig(zlib) BuildRequires: pkgconfig(zlib)
BuildRequires: pkgconfig(libcurl) BuildRequires: pkgconfig(libcurl)
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: pkgconfig(composefs)
# The tests still require soup # The tests still require soup
BuildRequires: pkgconfig(libsoup-2.4) BuildRequires: pkgconfig(libsoup-2.4)
BuildRequires: libattr-devel BuildRequires: libattr-devel
@ -49,7 +62,6 @@ Requires: dracut
Requires: /usr/bin/gpgv2 Requires: /usr/bin/gpgv2
Requires: systemd-units Requires: systemd-units
Requires: %{name}-libs%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release} Requires: %{name}-libs%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
Requires: composefs
%description %description
libostree is a shared library designed primarily for libostree is a shared library designed primarily for
@ -98,27 +110,17 @@ the functionality of the installed %{name} package.
%autosetup -Sgit -n libostree-%{version} %autosetup -Sgit -n libostree-%{version}
%build %build
# gobject introspection does not work with LTO. There is an effort to fix this
# in the appropriate project upstreams, so hopefully LTO can be enabled someday
# Disable LTO.
%define _lto_cflags %{nil}
env NOCONFIGURE=1 ./autogen.sh env NOCONFIGURE=1 ./autogen.sh
%configure --disable-silent-rules \ %configure --disable-silent-rules \
--enable-gtk-doc \ --enable-gtk-doc \
--with-selinux \ --with-selinux \
--with-curl \ --with-curl \
--with-openssl \ --with-openssl \
--with-composefs \
%{?with_tests:--enable-installed-tests=exclusive} \ %{?with_tests:--enable-installed-tests=exclusive} \
--with-dracut=yesbutnoconf --with-dracut=yesbutnoconf
%make_build %make_build
%install %install
install -m 644 -D %{SOURCE2} %{buildroot}/usr/lib/systemd/system/ostree-readonly-sysroot-migration.service
install -m 755 -D %{SOURCE1} %{buildroot}/usr/libexec/ostree-readonly-sysroot-migration
install -dm0755 %{buildroot}%{_unitdir}/multi-user.target.wants/
ln -sf ../ostree-readonly-sysroot-migration.service %{buildroot}%{_unitdir}/multi-user.target.wants/
%make_install INSTALL="install -p -c" %make_install INSTALL="install -p -c"
find %{buildroot} -name '*.la' -delete find %{buildroot} -name '*.la' -delete
@ -144,13 +146,11 @@ find %{buildroot} -name '*.la' -delete
%{_prefix}/lib/systemd/system-generators/ostree-system-generator %{_prefix}/lib/systemd/system-generators/ostree-system-generator
%exclude %{_sysconfdir}/grub.d/*ostree %exclude %{_sysconfdir}/grub.d/*ostree
%exclude %{_libexecdir}/libostree/grub2* %exclude %{_libexecdir}/libostree/grub2*
%exclude %{_libexecdir}/libostree/ostree-trivial-httpd
%{_prefix}/lib/tmpfiles.d/* %{_prefix}/lib/tmpfiles.d/*
%{_prefix}/lib/ostree %{_prefix}/lib/ostree
# Moved in git master # Moved in git master
%{_libexecdir}/libostree/* %{_libexecdir}/libostree/*
%{_prefix}/lib/systemd/system/ostree-readonly-sysroot-migration.service
%{_libexecdir}/ostree-readonly-sysroot-migration
%{_unitdir}/multi-user.target.wants/ostree-readonly-sysroot-migration.service
%files libs %files libs
%{_sysconfdir}/ostree %{_sysconfdir}/ostree
@ -176,254 +176,101 @@ find %{buildroot} -name '*.la' -delete
%files tests %files tests
%{_libexecdir}/installed-tests %{_libexecdir}/installed-tests
%{_datadir}/installed-tests %{_datadir}/installed-tests
%{_libexecdir}/libostree/ostree-trivial-httpd
%endif %endif
%changelog %changelog
* Thu Nov 21 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.9-1 * Tue Aug 08 2023 Joseph Marrero <jmarrero@fedoraproject.org> - 2022.2-8
- Rebase to 2024.9 - Backport for https://github.com/ostreedev/ostree/commit/7f70614a1ac1950ebde3df0e26cc9ab1d72b2f1f
Resolves: #RHEL-68351 - Resolves: rhbz#2229895
* Thu Oct 17 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.7-4
- Backport https://github.com/ostreedev/ostree/pull/3300
Resolves: #RHEL-62772
* Thu Sep 12 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.7-3
- Rebuild to pickup changes to ostree-readonly-sysroot-migration
Resolves: #RHEL-58437
* Wed Aug 14 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.7-2
- Backport https://github.com/ostreedev/ostree/pull/3281
Resolves: #RHEL-50680
* Fri Jul 26 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.7-1
- https://github.com/ostreedev/ostree/releases/tag/v2024.7
Resolves: #RHEL-50680
* Fri May 17 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.6-1
- https://github.com/ostreedev/ostree/releases/tag/v2024.6
Resolves: #RHEL-35886
* Thu Mar 14 2024 Colin Walters <walters@verbum.org> - 2024.5-2
- https://github.com/ostreedev/ostree/releases/tag/v2024.5
* Wed Feb 28 2024 Colin Walters <walters@verbum.org> - 2024.4-3
- Backport
https://github.com/ostreedev/ostree/pull/3205/commits/e47b37096343efa3bea8295f3f44c4dc90cc04e2
* Fri Feb 23 2024 Colin Walters <walters@verbum.org> - 2024.4-2
- https://github.com/ostreedev/ostree/releases/tag/v2024.4
* Wed Feb 14 2024 Colin Walters <walters@verbum.org> - 2024.3-2
- https://github.com/ostreedev/ostree/releases/tag/v2024.3
Resolves: #RHEL-19419
* Thu Feb 08 2024 Colin Walters <walters@verbum.org> - 2024.2-2
- https://github.com/ostreedev/ostree/releases/tag/v2024.2
* Sun Jan 21 2024 Colin Walters <walters@verbum.org> - 2024.1-2 * Wed Jul 26 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 2022.2-7
- https://github.com/ostreedev/ostree/releases/tag/v2024.1 - Rebuilt for MSVSphere 8.8
Resolves: #RHEL-19419
* Wed Dec 13 2023 Joseph Marrero <jmarrero@fedoraproject.org> - 2023.8-3 * Thu Jul 20 2023 Colin Walters <walters@verbum.org> - 2022.2-7
- https://github.com/ostreedev/ostree/releases/tag/v2023.8 - Backport for https://bugzilla.redhat.com/show_bug.cgi?id=2224102
Resolves: #RHEL-19419
* Wed Dec 06 2023 Colin Walters <walters@verbum.org> - 2023.8-2 * Fri Oct 14 2022 Colin Walters <walters@verbum.org> - 2022.2-6
- https://github.com/ostreedev/ostree/releases/tag/v2023.8 - Backport https://github.com/ostreedev/ostree/commit/0085494e350c72599fc5c0e00422885d80b3c660
Resolves: #RHEL-19419 - Resolves: rhbz#2134629
* Fri Oct 20 2023 Colin Walters <walters@verbum.org> - 2023.7-2 * Tue Aug 23 2022 Luca BRUNO <lucab@redhat.com> - 2022.2-5
- https://github.com/ostreedev/ostree/releases/tag/v2023.7 - Backport enablement patches for Secure Execution on s390x
Resolves: #RHEL-14381 https://github.com/ostreedev/ostree/pull/2694
Resolves: rhbz#2120522
- Backport security fix to verify signatures are minimum length (advisory GHSA-gqf4-p3gv-g8vw)
https://github.com/ostreedev/ostree/pull/2696
Resolves: rhbz#2119444
* Fri Aug 25 2023 Joseph Marrero <jmarrero@fedoraproject.org> - 2023.6-1 * Wed May 04 2022 Colin Walters <walters@verbum.org> - 2022.2-4
- https://github.com/ostreedev/ostree/releases/tag/v2023.6 - Backport patches from 2022.3, particularly SELinux
Resolves: rhbz#2234351 Resolves: rhbz#2057497
* Fri Aug 4 2023 Joseph Marrero <jmarrero@fedoraproject.org> - 2023.5-1 * Tue Apr 19 2022 Colin Walters <walters@verbum.org> - 2022.2-3
- https://github.com/ostreedev/ostree/releases/tag/v2023.5 - https://github.com/ostreedev/ostree/releases/tag/v2022.2
backport: https://github.com/ostreedev/ostree/commit/7f70614a1ac1950ebde3df0e26cc9ab1d72b2f1f Resolves: rhbz#2057497
Resolves: rhbz#2221997
* Wed Jun 28 2023 Joseph Marrero <jmarrero@fedoraproject.org> - 2023.4-2
- Add patch https://github.com/ostreedev/ostree/pull/2901
Resolves: rhbz#2216810
* Thu Jun 22 2023 Joseph Marrero <jmarrero@fedoraproject.org> - 2023.4-1
- https://github.com/ostreedev/ostree/releases/tag/v2023.4
Resolves: rhbz#2216810
* Tue Jun 13 2023 Joseph Marrero <jmarrero@fedoraproject.org> - 2023.3-1
- https://github.com/ostreedev/ostree/releases/tag/v2023.3
Resolves: rhbz#2211487
* Thu Mar 23 2023 Colin Walters <walters@verbum.org> - 2023.2-2
- https://github.com/ostreedev/ostree/releases/tag/v2023.2
Resolves: rhbz#2172898
* Thu Feb 23 2023 Colin Walters <walters@verbum.org> - 2023.1-2
- Update to 2023.1
Resolves: rhbz#2172898
xref https://issues.redhat.com/browse/COS-2069
* Thu Feb 9 2023 Sayan Paul <saypaul@redhat.com> - 2022.6-3
- Resolves: rhbz#2167344
* Wed Dec 14 2022 Sayan Paul <saypaul@redhat.com> - 2022.6-2
- Resolves: rhbz#2060976
* Thu Oct 13 2022 Luca BRUNO <lucab@redhat.com> - 2022.6-1
- New upstream version
https://github.com/ostreedev/ostree/releases/tag/v2022.6
Resolves: rhbz#2134054
* Mon Aug 22 2022 Luca BRUNO <lucab@redhat.com> - 2022.5-1
- New upstream version
https://github.com/ostreedev/ostree/releases/tag/v2022.5
Resolves: rhbz#2119815
* Thu May 05 2022 Colin Walters <walters@verbum.org> - 2022.3-2
- https://github.com/ostreedev/ostree/releases/tag/v2022.3
Resolves: rhbz#2081840
* Fri Apr 01 2022 Luca BRUNO <lucab@redhat.com> - 2022.2-1
- New upstream version
https://github.com/ostreedev/ostree/releases/tag/v2022.2
Resolves: rhbz#2070964
* Mon Jan 10 2022 Colin Walters <walters@verbum.org> - 2022.1-2 * Mon Jan 10 2022 Colin Walters <walters@verbum.org> - 2022.1-2
- Rebase to 2022.1 - Rebase to 2022.1
Resolves: rhbz#2039071 Resolves: rhbz#2032593
* Fri Nov 26 2021 Luca BRUNO <lucab@redhat.com> - 2021.6-1 * Wed Dec 15 2021 Colin Walters <walters@verbum.org> - 2021.6-2
- New upstream version - Rebase to 2021.6
https://github.com/ostreedev/ostree/releases/tag/v2021.6 Resolves: rhbz#2032593
Resolves: rhbz#2026931
* Tue Oct 19 2021 Colin Walters <walters@verbum.org> - 2021.5-3
- Pointless rebuild to re-trigger gating etc
* Wed Oct 06 2021 Colin Walters <walters@verbum.org> - 2021.5-2
- https://github.com/coreos/ostree/releases/tag/v2021.5
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2021.3-3
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Jul 28 2021 Florian Weimer <fweimer@redhat.com> - 2021.3-2 * Tue Nov 30 2021 Colin Walters <walters@verbum.org> - 2021.3-2
- Rebuild to pick up OpenSSL 3.0 Beta ABI (#1984097) - Backport
https://github.com/ostreedev/ostree/pull/2453/commits/e6a560b40797324aa8b90e7100c6d50bff91f14d
Resolves: rhbz#2027788
* Fri Jul 16 2021 Luca BRUNO <lucab@redhat.com> - 2021.3-1 * Tue Jul 20 2021 Luca BRUNO <lucab@redhat.com> - 2021.3-1
- New upstream version - New upstream version
https://github.com/ostreedev/ostree/releases/tag/v2021.3 https://github.com/ostreedev/ostree/releases/tag/v2021.3
Resolves: rhbz#1981859 Resolves: rhbz#1981865
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2021.2-2
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Fri May 14 2021 Luca BRUNO <lucab@redhat.com> - 2021.2-1 * Fri May 14 2021 Luca BRUNO <lucab@redhat.com> - 2021.2-1
- New upstream version 2021.2 - New upstream version 2021.2
https://github.com/ostreedev/ostree/releases/tag/v2021.2 https://github.com/ostreedev/ostree/releases/tag/v2021.2
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2020.8-3 * Tue Nov 3 15:04:48 UTC 2020 Colin Walters <walters@verbum.org> - 2020.7-1
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 - Update to 2020.7
Resolves: #1894062
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2020.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Nov 18 08:42:24 UTC 2020 Luca BRUNO <lucab@lucabruno.net> - 2020.8-1
- New upstream version
- https://github.com/ostreedev/ostree/releases/tag/v2020.8
* Fri Oct 30 2020 Jeff Law <law@redhat.com> - 2020.7-4
- Fix volatile issues exposed by gcc-11
* Thu Oct 15 2020 Jonathan Lebon <jonathan@jlebon.com> - 2020.7-3
- Backport https://github.com/ostreedev/ostree/pull/2219 for
https://bugzilla.redhat.com/show_bug.cgi?id=1888436
* Wed Oct 14 2020 Colin Walters <walters@verbum.org> - 2020.7-2
- https://github.com/ostreedev/ostree/releases/tag/v2020.7
* Wed Oct 07 2020 Jonathan Lebon <jonathan@jlebon.com> - 2020.6-5
- Backport https://github.com/ostreedev/ostree/pull/2211 for
https://bugzilla.redhat.com/show_bug.cgi?id=1886149
* Thu Sep 24 2020 Colin Walters <walters@verbum.org> - 2020.6-4
- Backport https://github.com/ostreedev/ostree/pull/2202
* Fri Sep 18 2020 Jonathan Lebon <jonathan@jlebon.com> - 2020.6-3 * Wed Sep 09 2020 Colin Walters <walters@verbum.org> - 2020.5-4
- Revert support for devicetrees - Backport patches for https://bugzilla.redhat.com/show_bug.cgi?id=1875567
https://github.com/ostreedev/ostree/issues/2154
https://bugzilla.redhat.com/show_bug.cgi?id=1880499
* Thu Sep 03 2020 Colin Walters <walters@verbum.org> - 2020.6-2 * Mon Aug 24 2020 Colin Walters <walters@verbum.org> - 2020.5-3
- https://github.com/ostreedev/ostree/releases/tag/v2020.6 - Backport
https://github.com/ostreedev/ostree/pull/2179/commits/06ed04a816141914adb9bd3e32392801fce5bc8e
Resolves: #1867601
* Tue Aug 18 2020 Colin Walters <walters@verbum.org> - 2020.5-2 * Tue Aug 18 2020 Colin Walters <walters@verbum.org> - 2020.5-2
- https://github.com/ostreedev/ostree/releases/tag/v2020.5 - Update to https://github.com/ostreedev/ostree/releases/tag/v2020.5
Specifically to fix readonly-sysroot for e.g. RHEL Edge and
* Sat Aug 01 2020 Colin Walters <walters@verbum.org> - 2020.4-4 older RHCOS versions
- Backport patch for https://bugzilla.redhat.com/show_bug.cgi?id=1862568 - Related: #1861507
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2020.4-3 * Tue Jul 28 2020 Colin Walters <walters@verbum.org> - 2020.4-1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 22 2020 Colin Walters <walters@verbum.org> - 2020.4-2
- https://github.com/ostreedev/ostree/releases/tag/v2020.4 - https://github.com/ostreedev/ostree/releases/tag/v2020.4
- We plan to use per-object-fsync for etcd in OpenShift 4
- Resolves: #1861507
* Tue Jun 30 2020 Jeff Law <law@redhat.com> - 2020.3-6 * Thu May 21 2020 Colin Walters <walters@verbum.org> - 2020.3-3
- Disable LTO - Backport https://github.com/ostreedev/ostree/pull/2108
* Thu Jun 18 2020 Jonathan Lebon <jonathan@jlebon.com> - 2020.3-5
- Backport patch to handle EOPNOTSUPP on NFS:
https://gitlab.gnome.org/GNOME/libglnx/-/merge_requests/18
* Thu May 21 2020 Jonathan Lebon <jonathan@jlebon.com> - 2020.3-4 * Fri May 15 2020 Colin Walters <walters@verbum.org> - 2020.3-2
- Backport patch to neuter sysroot.readonly for FCOS
https://github.com/coreos/fedora-coreos-tracker/issues/488
https://github.com/ostreedev/ostree/pull/2108
* Fri Apr 17 2020 Dusty Mabe <dusty@dustymabe.com> - 2020.3-3
- Backport patchset that should help us with concurrently pulling
https://github.com/ostreedev/ostree/pull/2077
* Sat Mar 14 2020 Colin Walters <walters@verbum.org> - 2020.3-2
- https://github.com/ostreedev/ostree/releases/tag/v2020.3 - https://github.com/ostreedev/ostree/releases/tag/v2020.3
Resolves: #1836306
* Fri Feb 21 2020 Colin Walters <walters@verbum.org> - 2020.2-2
- https://github.com/ostreedev/ostree/releases/tag/v2020.2
* Thu Feb 20 2020 Colin Walters <walters@verbum.org> - 2020.1-2
- https://github.com/ostreedev/ostree/releases/tag/v2020.1
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2019.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Tue Dec 10 2019 Colin Walters <walters@verbum.org> - 2019.6-2 * Tue Dec 10 2019 Colin Walters <walters@verbum.org> - 2019.6-2
- https://github.com/ostreedev/ostree/releases/tag/v2019.6 - https://github.com/ostreedev/ostree/releases/tag/v2019.6
* Wed Oct 30 2019 Colin Walters <walters@verbum.org> - 2019.5-2 * Wed Oct 30 2019 Colin Walters <walters@verbum.org> - 2019.5-1
- https://github.com/ostreedev/ostree/releases/tag/v2019.5 - https://github.com/ostreedev/ostree/releases/tag/v2019.5
* Thu Sep 26 2019 Jonathan Lebon <jonathan@jlebon.com> - 2019.4-2 * Mon Oct 14 2019 Colin Walters <walters@verbum.org> - 2019.4-3
- Revert ostree-grub2 patch to fix duplicate entries
https://github.com/ostreedev/ostree/pull/1929#issuecomment-539022174
* Thu Sep 26 2019 Jonathan Lebon <jonathan@jlebon.com> - 2019.4-2
- Backport patch to fix duplicate GRUB2 entries when using BLS
https://bugzilla.redhat.com/show_bug.cgi?id=1751272#c27
* Wed Sep 25 2019 Jonathan Lebon <jonathan@jlebon.com> - 2019.4-1
- https://github.com/ostreedev/ostree/releases/tag/v2019.4 - https://github.com/ostreedev/ostree/releases/tag/v2019.4
* Thu Aug 22 2019 Colin Walters <walters@verbum.org> - 2019.3-3
- https://github.com/ostreedev/ostree/releases/tag/v2019.3
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2019.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Apr 24 2019 Jonathan Lebon <jonathan@jlebon.com> - 2019.2-1 * Wed Apr 24 2019 Jonathan Lebon <jonathan@jlebon.com> - 2019.2-1
- https://github.com/ostreedev/ostree/releases/tag/v2019.2 - https://github.com/ostreedev/ostree/releases/tag/v2019.2

Loading…
Cancel
Save