packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update upstream source from tag 'upstream/2020.7' 

Update to upstream version '2020.7'
with Debian dir 1f935a3eaa
This commit is contained in:
Simon McVittie 2020-10-14 12:56:18 +01:00
parent b892da090e 803ac2144f
commit 08e0238ffb
73 changed files with 3205 additions and 784 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Makefile-libostree.am
View File

@ -182,9 +182,9 @@ libostree_1_la_SOURCES += \
endif # USE_GPGME
symbol_files = $(top_srcdir)/src/libostree/libostree-released.sym
#if BUILDOPT_IS_DEVEL_BUILD
#symbol_files += $(top_srcdir)/src/libostree/libostree-devel.sym
#endif
if BUILDOPT_IS_DEVEL_BUILD
symbol_files += $(top_srcdir)/src/libostree/libostree-devel.sym
endif
# http://blog.jgc.org/2007/06/escaping-comma-and-space-in-gnu-make.html
wl_versionscript_arg = -Wl,--version-script=
EXTRA_DIST += \

3
Makefile-tests.am
View File

@ -105,6 +105,7 @@ _installed_or_uninstalled_test_scripts = \
tests/test-admin-deploy-nomerge.sh \
tests/test-admin-deploy-none.sh \
tests/test-admin-deploy-bootid-gc.sh \
tests/test-osupdate-dtb.sh \
tests/test-admin-instutil-set-kargs.sh \
tests/test-admin-upgrade-not-backwards.sh \
tests/test-admin-pull-deploy-commit.sh \
@ -114,6 +115,8 @@ _installed_or_uninstalled_test_scripts = \
tests/test-reset-nonlinear.sh \
tests/test-oldstyle-partial.sh \
tests/test-delta.sh \
tests/test-delta-sign.sh \
tests/test-delta-ed25519.sh \
tests/test-xattrs.sh \
tests/test-auto-summary.sh \
tests/test-prune.sh \

288
Makefile.in
View File

@ -454,15 +454,16 @@ check_PROGRAMS = $(am__EXEEXT_12) $(am__EXEEXT_13) $(am__EXEEXT_14)
@USE_GPGME_FALSE@ src/libostree/ostree-gpg-verify-result-dummy.c \
@USE_GPGME_FALSE@ $(NULL)
@BUILDOPT_IS_DEVEL_BUILD_TRUE@am__append_26 = $(top_srcdir)/src/libostree/libostree-devel.sym
# Some change between rust-1.21.0-1.fc27 and rust-1.22.1-1.fc27.x86_64
@ENABLE_RUST_TRUE@am__append_26 = -ldl
@USE_LIBARCHIVE_TRUE@am__append_27 = $(OT_DEP_LIBARCHIVE_CFLAGS)
@USE_LIBARCHIVE_TRUE@am__append_28 = $(OT_DEP_LIBARCHIVE_LIBS)
@USE_AVAHI_TRUE@am__append_29 = $(OT_DEP_AVAHI_CFLAGS)
@USE_AVAHI_TRUE@am__append_30 = $(OT_DEP_AVAHI_LIBS)
@BUILDOPT_SYSTEMD_TRUE@am__append_31 = $(LIBSYSTEMD_CFLAGS)
@BUILDOPT_SYSTEMD_TRUE@am__append_32 = $(LIBSYSTEMD_LIBS)
@USE_CURL_OR_SOUP_TRUE@am__append_33 = \
@ENABLE_RUST_TRUE@am__append_27 = -ldl
@USE_LIBARCHIVE_TRUE@am__append_28 = $(OT_DEP_LIBARCHIVE_CFLAGS)
@USE_LIBARCHIVE_TRUE@am__append_29 = $(OT_DEP_LIBARCHIVE_LIBS)
@USE_AVAHI_TRUE@am__append_30 = $(OT_DEP_AVAHI_CFLAGS)
@USE_AVAHI_TRUE@am__append_31 = $(OT_DEP_AVAHI_LIBS)
@BUILDOPT_SYSTEMD_TRUE@am__append_32 = $(LIBSYSTEMD_CFLAGS)
@BUILDOPT_SYSTEMD_TRUE@am__append_33 = $(LIBSYSTEMD_LIBS)
@USE_CURL_OR_SOUP_TRUE@am__append_34 = \
@USE_CURL_OR_SOUP_TRUE@ src/libostree/ostree-fetcher.h \
@USE_CURL_OR_SOUP_TRUE@ src/libostree/ostree-fetcher-util.h \
@USE_CURL_OR_SOUP_TRUE@ src/libostree/ostree-fetcher-util.c \
@ -471,45 +472,45 @@ check_PROGRAMS = $(am__EXEEXT_12) $(am__EXEEXT_13) $(am__EXEEXT_14)
@USE_CURL_OR_SOUP_TRUE@ src/libostree/ostree-metalink.c \
@USE_CURL_OR_SOUP_TRUE@ $(NULL)
@USE_CURL_TRUE@am__append_34 = src/libostree/ostree-fetcher-curl.c \
@USE_CURL_TRUE@am__append_35 = src/libostree/ostree-fetcher-curl.c \
@USE_CURL_TRUE@ src/libostree/ostree-soup-uri.h src/libostree/ostree-soup-uri.c \
@USE_CURL_TRUE@ src/libostree/ostree-soup-form.c \
@USE_CURL_TRUE@ $(NULL)
@USE_CURL_TRUE@am__append_35 = $(OT_DEP_CURL_CFLAGS)
@USE_CURL_TRUE@am__append_36 = $(OT_DEP_CURL_LIBS)
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_37 = src/libostree/ostree-fetcher-soup.c
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_38 = $(OT_INTERNAL_SOUP_CFLAGS)
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_39 = $(OT_INTERNAL_SOUP_LIBS)
@USE_AVAHI_TRUE@@USE_CURL_FALSE@@USE_LIBSOUP_FALSE@am__append_40 = src/libostree/ostree-soup-uri.h \
@USE_CURL_TRUE@am__append_36 = $(OT_DEP_CURL_CFLAGS)
@USE_CURL_TRUE@am__append_37 = $(OT_DEP_CURL_LIBS)
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_38 = src/libostree/ostree-fetcher-soup.c
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_39 = $(OT_INTERNAL_SOUP_CFLAGS)
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_40 = $(OT_INTERNAL_SOUP_LIBS)
@USE_AVAHI_TRUE@@USE_CURL_FALSE@@USE_LIBSOUP_FALSE@am__append_41 = src/libostree/ostree-soup-uri.h \
@USE_AVAHI_TRUE@@USE_CURL_FALSE@@USE_LIBSOUP_FALSE@ src/libostree/ostree-soup-uri.c \
@USE_AVAHI_TRUE@@USE_CURL_FALSE@@USE_LIBSOUP_FALSE@ src/libostree/ostree-soup-form.c \
@USE_AVAHI_TRUE@@USE_CURL_FALSE@@USE_LIBSOUP_FALSE@ $(NULL)
@USE_LIBMOUNT_TRUE@am__append_41 = $(OT_DEP_LIBMOUNT_CFLAGS)
@USE_LIBMOUNT_TRUE@am__append_42 = $(OT_DEP_LIBMOUNT_LIBS)
@USE_SELINUX_TRUE@am__append_43 = $(OT_DEP_SELINUX_CFLAGS)
@USE_SELINUX_TRUE@am__append_44 = $(OT_DEP_SELINUX_LIBS)
@USE_LIBSODIUM_TRUE@am__append_45 = $(OT_DEP_LIBSODIUM_CFLAGS)
@USE_LIBSODIUM_TRUE@am__append_46 = $(OT_DEP_LIBSODIUM_LIBS)
@USE_LIBMOUNT_TRUE@am__append_42 = $(OT_DEP_LIBMOUNT_CFLAGS)
@USE_LIBMOUNT_TRUE@am__append_43 = $(OT_DEP_LIBMOUNT_LIBS)
@USE_SELINUX_TRUE@am__append_44 = $(OT_DEP_SELINUX_CFLAGS)
@USE_SELINUX_TRUE@am__append_45 = $(OT_DEP_SELINUX_LIBS)
@USE_LIBSODIUM_TRUE@am__append_46 = $(OT_DEP_LIBSODIUM_CFLAGS)
@USE_LIBSODIUM_TRUE@am__append_47 = $(OT_DEP_LIBSODIUM_LIBS)
# When compiling this is set via config.h, but g-ir-scanner can't use that
@BUILDOPT_INTROSPECTION_TRUE@@ENABLE_EXPERIMENTAL_API_TRUE@am__append_47 = -DOSTREE_ENABLE_EXPERIMENTAL_API=1
@BUILDOPT_INTROSPECTION_TRUE@am__append_48 = OSTree-1.0.gir
@BUILDOPT_INTROSPECTION_TRUE@@ENABLE_EXPERIMENTAL_API_TRUE@am__append_48 = -DOSTREE_ENABLE_EXPERIMENTAL_API=1
@BUILDOPT_INTROSPECTION_TRUE@am__append_49 = OSTree-1.0.gir
@BUILDOPT_INTROSPECTION_TRUE@am__append_50 = OSTree-1.0.typelib
@BUILDOPT_INTROSPECTION_TRUE@am__append_51 = $(gir_DATA) $(typelib_DATA)
@ENABLE_EXPERIMENTAL_API_TRUE@am__append_52 = \
@BUILDOPT_INTROSPECTION_TRUE@am__append_50 = OSTree-1.0.gir
@BUILDOPT_INTROSPECTION_TRUE@am__append_51 = OSTree-1.0.typelib
@BUILDOPT_INTROSPECTION_TRUE@am__append_52 = $(gir_DATA) $(typelib_DATA)
@ENABLE_EXPERIMENTAL_API_TRUE@am__append_53 = \
@ENABLE_EXPERIMENTAL_API_TRUE@ $(NULL)
@USE_GPGME_TRUE@am__append_53 = \
@USE_GPGME_TRUE@am__append_54 = \
@USE_GPGME_TRUE@ src/ostree/ot-builtin-gpg-sign.c \
@USE_GPGME_TRUE@ $(NULL)
@USE_GPGME_TRUE@am__append_54 = \
@USE_GPGME_TRUE@am__append_55 = \
@USE_GPGME_TRUE@ src/ostree/ot-remote-builtin-gpg-import.c \
@USE_GPGME_TRUE@ $(NULL)
@USE_CURL_OR_SOUP_TRUE@am__append_55 = src/ostree/ot-remote-builtin-add-cookie.c \
@USE_CURL_OR_SOUP_TRUE@am__append_56 = src/ostree/ot-remote-builtin-add-cookie.c \
@USE_CURL_OR_SOUP_TRUE@ src/ostree/ot-remote-builtin-delete-cookie.c \
@USE_CURL_OR_SOUP_TRUE@ src/ostree/ot-remote-builtin-list-cookies.c \
@USE_CURL_OR_SOUP_TRUE@ src/ostree/ot-remote-cookie-util.h \
@ -517,20 +518,20 @@ check_PROGRAMS = $(am__EXEEXT_12) $(am__EXEEXT_13) $(am__EXEEXT_14)
@USE_CURL_OR_SOUP_TRUE@ $(NULL) src/ostree/ot-builtin-pull.c
# Eventually once we stop things from using this, we should support disabling this
@USE_LIBSOUP_TRUE@am__append_56 = src/ostree/ot-builtin-trivial-httpd.c
@USE_LIBSOUP_TRUE@am__append_57 = ostree-trivial-httpd
@USE_LIBSOUP_TRUE@am__append_57 = src/ostree/ot-builtin-trivial-httpd.c
@USE_LIBSOUP_TRUE@am__append_58 = ostree-trivial-httpd
# This is necessary for the cookie jar bits
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_58 = $(OT_INTERNAL_SOUP_CFLAGS)
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_59 = $(OT_INTERNAL_SOUP_LIBS)
@USE_LIBARCHIVE_TRUE@am__append_60 = $(OT_DEP_LIBARCHIVE_CFLAGS)
@USE_LIBARCHIVE_TRUE@am__append_61 = $(OT_DEP_LIBARCHIVE_LIBS)
@USE_LIBSODIUM_TRUE@am__append_62 = $(OT_DEP_LIBSODIUM_CFLAGS)
@USE_LIBSODIUM_TRUE@am__append_63 = $(OT_DEP_LIBSODIUM_LIBS)
@BUILDOPT_SYSTEMD_TRUE@am__append_64 = ostree-remount
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_59 = $(OT_INTERNAL_SOUP_CFLAGS)
@USE_CURL_FALSE@@USE_LIBSOUP_TRUE@am__append_60 = $(OT_INTERNAL_SOUP_LIBS)
@USE_LIBARCHIVE_TRUE@am__append_61 = $(OT_DEP_LIBARCHIVE_CFLAGS)
@USE_LIBARCHIVE_TRUE@am__append_62 = $(OT_DEP_LIBARCHIVE_LIBS)
@USE_LIBSODIUM_TRUE@am__append_63 = $(OT_DEP_LIBSODIUM_CFLAGS)
@USE_LIBSODIUM_TRUE@am__append_64 = $(OT_DEP_LIBSODIUM_LIBS)
@BUILDOPT_SYSTEMD_TRUE@am__append_65 = ostree-remount
# It is built anyway as a side-effect of having the symlink in tests/,
# and if we declare it here, it gets cleaned up properly
@BUILDOPT_SYSTEMD_FALSE@am__append_65 = ostree-remount
@BUILDOPT_SYSTEMD_FALSE@am__append_66 = ostree-remount
# ostree-prepare-root can be used as init in a system without a populated /lib.
# To support this use case we need to link statically as we will be unable to
@ -542,66 +543,66 @@ check_PROGRAMS = $(am__EXEEXT_12) $(am__EXEEXT_13) $(am__EXEEXT_14)
# to get autotools to install this as an executable but without generating rules
# to make it itself which we have specified manually. See
# https://lists.gnu.org/archive/html/help-gnu-utils/2007-01/msg00007.html
@BUILDOPT_USE_STATIC_COMPILER_TRUE@am__append_66 = ostree-prepare-root
@BUILDOPT_USE_STATIC_COMPILER_FALSE@am__append_67 = ostree-prepare-root
@BUILDOPT_SYSTEMD_TRUE@am__append_68 = -DHAVE_SYSTEMD=1
@BUILDOPT_USE_STATIC_COMPILER_TRUE@am__append_67 = ostree-prepare-root
@BUILDOPT_USE_STATIC_COMPILER_FALSE@am__append_68 = ostree-prepare-root
@BUILDOPT_SYSTEMD_TRUE@am__append_69 = -DHAVE_SYSTEMD=1
# This is the "new mode" of using a generator for /var; see
# https://github.com/ostreedev/ostree/issues/855
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@am__append_69 = -DHAVE_SYSTEMD_AND_LIBMOUNT=1
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@am__append_70 = -DHAVE_SYSTEMD_AND_LIBMOUNT=1
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@am__append_71 = -DHAVE_SYSTEMD_AND_LIBMOUNT=1
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@systemdsystemgenerator_PROGRAMS = ostree-system-generator$(EXEEXT)
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@am__append_71 = $(systemdsystemgenerator_PROGRAMS)
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@am__append_72 = $(systemdsystemgenerator_PROGRAMS)
# Allow the distcheck install under $prefix test to pass
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@am__append_72 = --with-systemdsystemgeneratordir='$${libdir}/systemd/system-generators'
@BUILDOPT_FUSE_TRUE@am__append_73 = rofiles-fuse
@BUILDOPT_ASAN_TRUE@am__append_74 = OT_SKIP_READDIR_RAND=1 G_SLICE=always-malloc
@USE_GPGME_TRUE@am__append_75 = \
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@am__append_73 = --with-systemdsystemgeneratordir='$${libdir}/systemd/system-generators'
@BUILDOPT_FUSE_TRUE@am__append_74 = rofiles-fuse
@BUILDOPT_ASAN_TRUE@am__append_75 = OT_SKIP_READDIR_RAND=1 G_SLICE=always-malloc
@USE_GPGME_TRUE@am__append_76 = \
@USE_GPGME_TRUE@ tests/test-remote-gpg-import.sh \
@USE_GPGME_TRUE@ tests/test-gpg-signed-commit.sh \
@USE_GPGME_TRUE@ tests/test-admin-gpg.sh \
@USE_GPGME_TRUE@ $(NULL)
@ENABLE_EXPERIMENTAL_API_TRUE@am__append_76 = $(experimental_test_scripts)
@ENABLE_EXPERIMENTAL_API_FALSE@am__append_77 = $(experimental_test_scripts)
@BUILDOPT_FUSE_TRUE@am__append_78 = tests/test-rofiles-fuse.sh
@BUILDOPT_FUSE_TRUE@am__append_79 = tests/rofiles-fuse-symlink-stamp
@BUILDOPT_FUSE_FALSE@am__append_80 = tests/test-rofiles-fuse.sh
@USE_LIBSOUP_TRUE@am__append_81 = tests/test-remote-cookies.sh
@BUILDOPT_GJS_TRUE@am__append_82 = $(js_tests) $(js_installed_tests)
@BUILDOPT_GJS_FALSE@am__append_83 = $(js_tests)
@BUILDOPT_GJS_FALSE@am__append_84 = $(js_installed_tests)
@ENABLE_INSTALLED_TESTS_FALSE@am__append_85 = -rpath $(abs_builddir)
@USE_GPGME_TRUE@am__append_86 = \
@ENABLE_EXPERIMENTAL_API_TRUE@am__append_77 = $(experimental_test_scripts)
@ENABLE_EXPERIMENTAL_API_FALSE@am__append_78 = $(experimental_test_scripts)
@BUILDOPT_FUSE_TRUE@am__append_79 = tests/test-rofiles-fuse.sh
@BUILDOPT_FUSE_TRUE@am__append_80 = tests/rofiles-fuse-symlink-stamp
@BUILDOPT_FUSE_FALSE@am__append_81 = tests/test-rofiles-fuse.sh
@USE_LIBSOUP_TRUE@am__append_82 = tests/test-remote-cookies.sh
@BUILDOPT_GJS_TRUE@am__append_83 = $(js_tests) $(js_installed_tests)
@BUILDOPT_GJS_FALSE@am__append_84 = $(js_tests)
@BUILDOPT_GJS_FALSE@am__append_85 = $(js_installed_tests)
@ENABLE_INSTALLED_TESTS_FALSE@am__append_86 = -rpath $(abs_builddir)
@USE_GPGME_TRUE@am__append_87 = \
@USE_GPGME_TRUE@ tests/test-gpg-verify-result \
@USE_GPGME_TRUE@ $(NULL)
@USE_AVAHI_TRUE@am__append_87 = tests/test-repo-finder-avahi
@USE_LIBARCHIVE_TRUE@am__append_88 = tests/test-libarchive-import
@USE_GPGME_TRUE@am__append_89 = \
@USE_AVAHI_TRUE@am__append_88 = tests/test-repo-finder-avahi
@USE_LIBARCHIVE_TRUE@am__append_89 = tests/test-libarchive-import
@USE_GPGME_TRUE@am__append_90 = \
@USE_GPGME_TRUE@ tests/gpg-verify-data/README.md \
@USE_GPGME_TRUE@ $(NULL)
@ENABLE_INSTALLED_TESTS_EXCLUSIVE_FALSE@am__append_90 = $(_installed_or_uninstalled_test_scripts)
@ENABLE_INSTALLED_TESTS_EXCLUSIVE_FALSE@am__append_91 = $(_installed_or_uninstalled_test_programs)
@ENABLE_INSTALLED_TESTS_TRUE@am__append_92 = install-installed-tests-extra
@ENABLE_INSTALLED_TESTS_EXCLUSIVE_FALSE@am__append_91 = $(_installed_or_uninstalled_test_scripts)
@ENABLE_INSTALLED_TESTS_EXCLUSIVE_FALSE@am__append_92 = $(_installed_or_uninstalled_test_programs)
@ENABLE_INSTALLED_TESTS_TRUE@am__append_93 = install-installed-tests-extra
# Allow the distcheck install under $prefix test to pass
@BUILDOPT_SYSTEMD_TRUE@am__append_93 = --with-systemdsystemunitdir='$${libdir}/systemd/system'
@BUILDOPT_SYSTEMD_TRUE@am__append_94 = --with-systemdsystemunitdir='$${libdir}/systemd/system'
# We're using the system grub2-mkconfig generator
@BUILDOPT_BUILTIN_GRUB2_MKCONFIG_FALSE@am__append_94 = src/boot/grub2/grub2-15_ostree
@BUILDOPT_BUILTIN_GRUB2_MKCONFIG_FALSE@am__append_95 = install-grub2-config-hook
@BUILDOPT_BUILTIN_GRUB2_MKCONFIG_FALSE@am__append_95 = src/boot/grub2/grub2-15_ostree
@BUILDOPT_BUILTIN_GRUB2_MKCONFIG_FALSE@am__append_96 = install-grub2-config-hook
# We're using our internal generator
@BUILDOPT_BUILTIN_GRUB2_MKCONFIG_TRUE@am__append_96 = src/boot/grub2/ostree-grub-generator
@ENABLE_MAN_TRUE@@USE_LIBSOUP_TRUE@am__append_97 = ostree-trivial-httpd.1
@BUILDOPT_BUILTIN_GRUB2_MKCONFIG_TRUE@am__append_97 = src/boot/grub2/ostree-grub-generator
@ENABLE_MAN_TRUE@@USE_LIBSOUP_TRUE@am__append_98 = ostree-trivial-httpd.1
# We still want to distribute the source, even if we are not building it
@ENABLE_MAN_TRUE@@USE_LIBSOUP_FALSE@am__append_98 = man/ostree-trivial-httpd.xml
@BUILDOPT_FUSE_TRUE@@ENABLE_MAN_TRUE@am__append_99 = rofiles-fuse.1
@ENABLE_MAN_TRUE@@USE_GPGME_TRUE@am__append_100 = ostree-gpg-sign.1
@ENABLE_MAN_TRUE@am__append_101 = $(man1_MANS:.1=.xml) $(man5_MANS:.5=.xml)
@ENABLE_MAN_TRUE@am__append_102 = \
@ENABLE_MAN_TRUE@@USE_LIBSOUP_FALSE@am__append_99 = man/ostree-trivial-httpd.xml
@BUILDOPT_FUSE_TRUE@@ENABLE_MAN_TRUE@am__append_100 = rofiles-fuse.1
@ENABLE_MAN_TRUE@@USE_GPGME_TRUE@am__append_101 = ostree-gpg-sign.1
@ENABLE_MAN_TRUE@am__append_102 = $(man1_MANS:.1=.xml) $(man5_MANS:.5=.xml)
@ENABLE_MAN_TRUE@am__append_103 = \
@ENABLE_MAN_TRUE@ $(man1_MANS) \
@ENABLE_MAN_TRUE@ $(man5_MANS) \
@ENABLE_MAN_TRUE@ $(NULL)
@ -2055,13 +2056,15 @@ am__EXEEXT_25 = tests/test-basic.sh tests/test-basic-user.sh \
tests/test-admin-deploy-nomerge.sh \
tests/test-admin-deploy-none.sh \
tests/test-admin-deploy-bootid-gc.sh \
tests/test-osupdate-dtb.sh \
tests/test-admin-instutil-set-kargs.sh \
tests/test-admin-upgrade-not-backwards.sh \
tests/test-admin-pull-deploy-commit.sh \
tests/test-admin-pull-deploy-split.sh \
tests/test-admin-locking.sh tests/test-admin-deploy-clean.sh \
tests/test-reset-nonlinear.sh tests/test-oldstyle-partial.sh \
tests/test-delta.sh tests/test-xattrs.sh \
tests/test-delta.sh tests/test-delta-sign.sh \
tests/test-delta-ed25519.sh tests/test-xattrs.sh \
tests/test-auto-summary.sh tests/test-prune.sh \
tests/test-concurrency.py tests/test-refs.sh \
tests/test-demo-buildsystem.sh tests/test-switchroot.sh \
@ -2078,8 +2081,8 @@ am__EXEEXT_25 = tests/test-basic.sh tests/test-basic-user.sh \
tests/test-signed-commit.sh tests/test-signed-pull.sh \
tests/test-pre-signed-pull.sh \
tests/test-signed-pull-summary.sh $(am__EXEEXT_2) \
$(am__EXEEXT_20) $(am__EXEEXT_22) $(am__append_78) \
$(am__append_81) $(am__EXEEXT_24)
$(am__EXEEXT_20) $(am__EXEEXT_22) $(am__append_79) \
$(am__append_82) $(am__EXEEXT_24)
@ENABLE_INSTALLED_TESTS_EXCLUSIVE_FALSE@am__EXEEXT_26 = \
@ENABLE_INSTALLED_TESTS_EXCLUSIVE_FALSE@ $(am__EXEEXT_25)
am__EXEEXT_27 = $(am__EXEEXT_2) $(am__EXEEXT_26)
@ -2382,21 +2385,21 @@ AM_CFLAGS = -std=gnu99 -fno-strict-aliasing $(WARN_CFLAGS)
# Allow the distcheck install under $prefix test to pass
AM_DISTCHECK_CONFIGURE_FLAGS = --enable-gtk-doc --enable-man \
--disable-maintainer-mode $(NULL) $(am__append_72) \
$(am__append_93) \
--disable-maintainer-mode $(NULL) $(am__append_73) \
$(am__append_94) \
BASH_COMPLETIONSDIR='$${datadir}/bash-completion/completions'
SUBDIRS = . $(am__append_14)
NULL =
BUILT_SOURCES = $(nodist_libostree_1_la_SOURCES)
MANPAGES =
CLEANFILES = $(am__append_13) $(BUILT_SOURCES) $(am__append_51) \
CLEANFILES = $(am__append_13) $(BUILT_SOURCES) $(am__append_52) \
src/ostree/parse-datetime.c tests/libreaddir-rand.so \
tests/ostree-symlink-stamp \
tests/ostree-prepare-root-symlink-stamp \
tests/ostree-remount-symlink-stamp \
tests/rofiles-fuse-symlink-stamp tests/ostree \
tests/ostree-prepare-root tests/ostree-remount \
tests/rofiles-fuse $(am__append_102)
tests/rofiles-fuse $(am__append_103)
EXTRA_DIST = $(all_dist_test_scripts) $(all_dist_test_data) autogen.sh \
COPYING README.md $(am__append_15) libglnx/README.md \
libglnx/COPYING libglnx/libglnx.m4 $(NULL) \
@ -2412,9 +2415,9 @@ EXTRA_DIST = $(all_dist_test_scripts) $(all_dist_test_data) autogen.sh \
src/libostree/ostree-repo-deprecated.h \
src/libostree/ostree-version.h src/ostree/parse-datetime.y \
buildutil/tap-driver.sh buildutil/tap-test tests/glib.supp \
tests/ostree.supp $(NULL) $(am__append_77) $(am__append_80) \
$(am__append_83) tests/libtest.sh $(am__append_84) \
$(am__append_89) tests/libostreetest.h tests/libtest.sh \
tests/ostree.supp $(NULL) $(am__append_78) $(am__append_81) \
$(am__append_84) tests/libtest.sh $(am__append_85) \
$(am__append_90) tests/libostreetest.h tests/libtest.sh \
$(NULL) src/boot/dracut/module-setup.sh \
src/boot/dracut/ostree.conf src/boot/mkinitcpio/ostree \
src/boot/ostree-prepare-root.service \
@ -2422,25 +2425,25 @@ EXTRA_DIST = $(all_dist_test_scripts) $(all_dist_test_data) autogen.sh \
src/boot/ostree-remount.service \
src/boot/ostree-finalize-staged.service \
src/boot/grub2/grub2-15_ostree \
src/boot/grub2/ostree-grub-generator $(NULL) $(am__append_98) \
$(am__append_101)
src/boot/grub2/ostree-grub-generator $(NULL) $(am__append_99) \
$(am__append_102)
bin_SCRIPTS =
lib_LTLIBRARIES = libostree-1.la
pkglibexec_SCRIPTS = $(am__append_94)
pkglibexec_SCRIPTS = $(am__append_95)
noinst_LTLIBRARIES = $(am__append_1) libglnx.la libbsdiff.la \
libotutil.la $(am__append_18) libostreetest.la
privlibdir = $(pkglibdir)
privlib_LTLIBRARIES =
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = src/libostree/ostree-1.pc
INTROSPECTION_GIRS = $(am__append_48)
INTROSPECTION_GIRS = $(am__append_49)
girdir = $(datadir)/gir-1.0
gir_DATA = $(am__append_49)
gir_DATA = $(am__append_50)
typelibdir = $(libdir)/girepository-1.0
typelib_DATA = $(am__append_50)
typelib_DATA = $(am__append_51)
gsettings_SCHEMAS =
ostree_bootdir = $(prefix)/lib/ostree
ostree_boot_SCRIPTS = $(am__append_66) $(am__append_96)
ostree_boot_SCRIPTS = $(am__append_67) $(am__append_97)
# We should probably consider flipping the default for DEBUG. Also,
# include the builddir in $PATH so we find our just-built ostree
@ -2457,7 +2460,7 @@ AM_TESTS_ENVIRONMENT = G_TEST_SRCDIR="$(abs_srcdir)" \
pwd)$${LD_LIBRARY_PATH:+:$${LD_LIBRARY_PATH}} PATH=$$(cd \
$(top_builddir)/tests && pwd):$${PATH} \
OSTREE_FEATURES="$(OSTREE_FEATURES)" PYTHONUNBUFFERED=1 \
$(NULL) $(am__append_74)
$(NULL) $(am__append_75)
LOG_DRIVER = env AM_TAP_AWK='$(AWK)' $(SHELL) $(top_srcdir)/buildutil/tap-driver.sh
LOG_COMPILER = $(top_srcdir)/buildutil/tap-test
installed_test_LTLIBRARIES = $(am__append_12)
@ -2497,8 +2500,8 @@ all_test_ltlibs = $(test_ltlibraries) $(uninstalled_test_ltlibraries) $(installe
# This initializes some more variables
# This is a special facility to chain together hooks easily
INSTALL_DATA_HOOKS = install-mkdir-remotes-d-hook $(am__append_92) \
$(am__append_95)
INSTALL_DATA_HOOKS = install-mkdir-remotes-d-hook $(am__append_93) \
$(am__append_96)
ALL_LOCAL_RULES = tests/libreaddir-rand.so
shortened_sysconfdir = $$(echo "$(sysconfdir)" | sed -e 's|^$(prefix)||' -e 's|^/||')
OSTREE_GITREV = $(shell cd $(srcdir) && if command -v git >/dev/null 2>&1 && test -d .git; then git describe --abbrev=42 --tags --always HEAD; fi)
@ -2506,7 +2509,7 @@ ACLOCAL_AMFLAGS = -I buildutil -I libglnx ${ACLOCAL_FLAGS}
# Generated by coreos-assembler build-fast and kola
GITIGNOREFILES = aclocal.m4 build-aux/ buildutil/*.m4 config.h.in \
gtk-doc.make fastbuild-*.qcow2 _kola_temp/ $(am__append_71)
gtk-doc.make fastbuild-*.qcow2 _kola_temp/ $(am__append_72)
OT_INTERNAL_GIO_UNIX_CFLAGS = $(OT_DEP_GIO_UNIX_CFLAGS)
OT_INTERNAL_GIO_UNIX_LIBS = $(OT_DEP_GIO_UNIX_LIBS)
OT_INTERNAL_SOUP_CFLAGS = $(OT_DEP_SOUP_CFLAGS)
@ -2718,8 +2721,8 @@ libostree_1_la_SOURCES = src/libostree/ostree-async-progress.c \
src/libostree/ostree-kernel-args.c $(NULL) $(am__append_19) \
$(am__append_20) $(am__append_21) $(am__append_22) \
$(am__append_23) $(am__append_24) $(am__append_25) \
$(am__append_33) $(am__append_34) $(am__append_37) \
$(am__append_40) src/libostree/ostree-sign.c \
$(am__append_34) $(am__append_35) $(am__append_38) \
$(am__append_41) src/libostree/ostree-sign.c \
src/libostree/ostree-sign.h src/libostree/ostree-sign-dummy.c \
src/libostree/ostree-sign-dummy.h \
src/libostree/ostree-sign-ed25519.c \
@ -2727,10 +2730,8 @@ libostree_1_la_SOURCES = src/libostree/ostree-async-progress.c \
libostree_experimental_headers = \
$(NULL)
symbol_files = $(top_srcdir)/src/libostree/libostree-released.sym
#if BUILDOPT_IS_DEVEL_BUILD
#symbol_files += $(top_srcdir)/src/libostree/libostree-devel.sym
#endif
symbol_files = $(top_srcdir)/src/libostree/libostree-released.sym \
$(am__append_26)
# http://blog.jgc.org/2007/06/escaping-comma-and-space-in-gnu-make.html
wl_versionscript_arg = -Wl,--version-script=
libostree_1_la_CFLAGS = $(AM_CFLAGS) -I$(srcdir)/bsdiff \
@ -2740,17 +2741,17 @@ libostree_1_la_CFLAGS = $(AM_CFLAGS) -I$(srcdir)/bsdiff \
$(OT_DEP_LZMA_CFLAGS) $(OT_DEP_ZLIB_CFLAGS) \
$(OT_DEP_CRYPTO_CFLAGS) -fvisibility=hidden \
'-D_OSTREE_PUBLIC=__attribute__((visibility("default"))) \
extern' $(am__append_27) $(am__append_29) $(am__append_31) \
$(am__append_35) $(am__append_38) $(am__append_41) \
$(am__append_43) $(am__append_45)
extern' $(am__append_28) $(am__append_30) $(am__append_32) \
$(am__append_36) $(am__append_39) $(am__append_42) \
$(am__append_44) $(am__append_46)
libostree_1_la_LDFLAGS = -version-number 1:0:0 -Bsymbolic-functions $(addprefix $(wl_versionscript_arg),$(symbol_files))
libostree_1_la_LIBADD = libotutil.la libglnx.la libbsdiff.la \
$(OT_INTERNAL_GIO_UNIX_LIBS) $(OT_INTERNAL_GPGME_LIBS) \
$(OT_DEP_LZMA_LIBS) $(OT_DEP_ZLIB_LIBS) $(OT_DEP_CRYPTO_LIBS) \
$(am__append_26) $(bupsplitpath) $(am__append_28) \
$(am__append_30) $(am__append_32) $(am__append_36) \
$(am__append_39) $(am__append_42) $(am__append_44) \
$(am__append_46)
$(am__append_27) $(bupsplitpath) $(am__append_29) \
$(am__append_31) $(am__append_33) $(am__append_37) \
$(am__append_40) $(am__append_43) $(am__append_45) \
$(am__append_47)
EXTRA_libostree_1_la_DEPENDENCIES = $(symbol_files)
# XXX: work around clang being passed -fstack-clash-protection which it doesn't understand
@ -2760,7 +2761,7 @@ INTROSPECTION_SCANNER_ENV = CC=gcc
@BUILDOPT_INTROSPECTION_TRUE@OSTree_1_0_gir_INCLUDES = Gio-2.0
@BUILDOPT_INTROSPECTION_TRUE@OSTree_1_0_gir_CFLAGS = \
@BUILDOPT_INTROSPECTION_TRUE@ $(libostree_1_la_CFLAGS) \
@BUILDOPT_INTROSPECTION_TRUE@ $(am__append_47)
@BUILDOPT_INTROSPECTION_TRUE@ $(am__append_48)
@BUILDOPT_INTROSPECTION_TRUE@OSTree_1_0_gir_LIBS = libostree-1.la
@BUILDOPT_INTROSPECTION_TRUE@OSTree_1_0_gir_SCANNERFLAGS = --warn-all --identifier-prefix=Ostree --symbol-prefix=ostree $(GI_SCANNERFLAGS)
@BUILDOPT_INTROSPECTION_TRUE@OSTree_1_0_gir_FILES = $(libostreeinclude_HEADERS) $(filter-out %-private.h %/ostree-soup-uri.h $(libostree_experimental_headers),$(libostree_1_la_SOURCES))
@ -2789,8 +2790,8 @@ ostree_SOURCES = src/ostree/main.c src/ostree/ot-builtin-admin.c \
src/ostree/ot-builtin-static-delta.c src/ostree/ot-main.h \
src/ostree/ot-main.c src/ostree/ot-dump.h src/ostree/ot-dump.c \
src/ostree/ot-editor.c src/ostree/ot-editor.h \
src/ostree/parse-datetime.h $(NULL) $(am__append_52) \
$(am__append_53) src/ostree/ot-admin-builtin-init-fs.c \
src/ostree/parse-datetime.h $(NULL) $(am__append_53) \
$(am__append_54) src/ostree/ot-admin-builtin-init-fs.c \
src/ostree/ot-admin-builtin-diff.c \
src/ostree/ot-admin-builtin-deploy.c \
src/ostree/ot-admin-builtin-finalize-staged.c \
@ -2818,7 +2819,7 @@ ostree_SOURCES = src/ostree/main.c src/ostree/ot-builtin-admin.c \
src/ostree/ot-remote-builtin-show-url.c \
src/ostree/ot-remote-builtin-refs.c \
src/ostree/ot-remote-builtin-summary.c $(NULL) \
$(am__append_54) $(am__append_55) $(am__append_56)
$(am__append_55) $(am__append_56) $(am__append_57)
nodist_ostree_SOURCES = \
src/ostree/parse-datetime.c \
$(NULL)
@ -2830,11 +2831,11 @@ ostree_bin_shared_cflags = $(AM_CFLAGS) -I$(srcdir)/src/libotutil -I$(srcdir)/sr
ostree_bin_shared_ldadd = $(AM_LDFLAGS) libglnx.la libotutil.la libostree-1.la \
$(OT_INTERNAL_GIO_UNIX_LIBS)
ostree_CFLAGS = $(ostree_bin_shared_cflags) $(am__append_58) \
$(am__append_60) $(am__append_62)
ostree_CFLAGS = $(ostree_bin_shared_cflags) $(am__append_59) \
$(am__append_61) $(am__append_63)
ostree_LDADD = $(ostree_bin_shared_ldadd) libbsdiff.la \
$(LIBSYSTEMD_LIBS) $(am__append_59) $(am__append_61) \
$(am__append_63)
$(LIBSYSTEMD_LIBS) $(am__append_60) $(am__append_62) \
$(am__append_64)
@USE_LIBSOUP_TRUE@ostree_trivial_httpd_SOURCES = src/ostree/ostree-trivial-httpd.c
@USE_LIBSOUP_TRUE@ostree_trivial_httpd_CFLAGS = $(ostree_bin_shared_cflags) $(OT_INTERNAL_SOUP_CFLAGS)
@USE_LIBSOUP_TRUE@ostree_trivial_httpd_LDADD = $(ostree_bin_shared_ldadd) $(OT_INTERNAL_SOUP_LIBS)
@ -2843,8 +2844,8 @@ ostree_prepare_root_SOURCES = \
src/switchroot/ostree-prepare-root.c \
$(NULL)
ostree_prepare_root_CPPFLAGS = $(AM_CPPFLAGS) $(am__append_68) \
$(am__append_69)
ostree_prepare_root_CPPFLAGS = $(AM_CPPFLAGS) $(am__append_69) \
$(am__append_70)
@BUILDOPT_USE_STATIC_COMPILER_FALSE@ostree_prepare_root_CFLAGS = $(AM_CFLAGS) -Isrc/switchroot
ostree_remount_SOURCES = \
src/switchroot/ostree-mount-util.h \
@ -2853,7 +2854,7 @@ ostree_remount_SOURCES = \
ostree_remount_CPPFLAGS = $(AM_CPPFLAGS) \
$(OT_INTERNAL_GIO_UNIX_CFLAGS) -Isrc/switchroot \
-I$(srcdir)/libglnx $(am__append_70)
-I$(srcdir)/libglnx $(am__append_71)
ostree_remount_LDADD = $(AM_LDFLAGS) $(OT_INTERNAL_GIO_UNIX_LIBS) libglnx.la
@BUILDOPT_SYSTEMD_TRUE@ostree_prepare_root_LDADD = $(AM_LDFLAGS) $(LIBSYSTEMD_LIBS)
@BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE@ostree_system_generator_SOURCES = src/switchroot/ostree-mount-util.h \
@ -2870,7 +2871,7 @@ ostree_remount_LDADD = $(AM_LDFLAGS) $(OT_INTERNAL_GIO_UNIX_LIBS) libglnx.la
@BUILDOPT_FUSE_TRUE@rofiles_fuse_LDADD = libglnx.la $(BUILDOPT_FUSE_LIBS) $(OT_INTERNAL_GIO_UNIX_LIBS) libostree-1.la
uninstalled_test_data = tests/ostree-symlink-stamp \
tests/ostree-prepare-root-symlink-stamp \
tests/ostree-remount-symlink-stamp $(am__append_79)
tests/ostree-remount-symlink-stamp $(am__append_80)
dist_uninstalled_test_scripts = tests/test-symbols.sh tests/coccinelle.sh
# This logic implements ENABLE_INSTALLED_TESTS_EXCLUSIVE; see below.
@ -2878,10 +2879,10 @@ dist_uninstalled_test_scripts = tests/test-symbols.sh tests/coccinelle.sh
# tests *only* run installed, to avoid having to run them twice in CI.
# This overrides the glib-tap.mk emphasis on doing both, if we'd
# used e.g. `dist_test_scripts`.
dist_test_scripts = $(NULL) $(am__append_90)
dist_test_scripts = $(NULL) $(am__append_91)
test_programs = tests/test-bloom tests/test-repo-finder-config \
tests/test-repo-finder-mount $(NULL) $(am__append_87) \
$(am__append_91)
tests/test-repo-finder-mount $(NULL) $(am__append_88) \
$(am__append_92)
_installed_or_uninstalled_test_scripts = tests/test-basic.sh \
tests/test-basic-user.sh tests/test-basic-user-only.sh \
tests/test-basic-root.sh tests/test-pull-subpath.sh \
@ -2912,13 +2913,15 @@ _installed_or_uninstalled_test_scripts = tests/test-basic.sh \
tests/test-admin-deploy-nomerge.sh \
tests/test-admin-deploy-none.sh \
tests/test-admin-deploy-bootid-gc.sh \
tests/test-osupdate-dtb.sh \
tests/test-admin-instutil-set-kargs.sh \
tests/test-admin-upgrade-not-backwards.sh \
tests/test-admin-pull-deploy-commit.sh \
tests/test-admin-pull-deploy-split.sh \
tests/test-admin-locking.sh tests/test-admin-deploy-clean.sh \
tests/test-reset-nonlinear.sh tests/test-oldstyle-partial.sh \
tests/test-delta.sh tests/test-xattrs.sh \
tests/test-delta.sh tests/test-delta-sign.sh \
tests/test-delta-ed25519.sh tests/test-xattrs.sh \
tests/test-auto-summary.sh tests/test-prune.sh \
tests/test-concurrency.py tests/test-refs.sh \
tests/test-demo-buildsystem.sh tests/test-switchroot.sh \
@ -2934,9 +2937,9 @@ _installed_or_uninstalled_test_scripts = tests/test-basic.sh \
tests/test-pull-collections.sh tests/test-config.sh \
tests/test-signed-commit.sh tests/test-signed-pull.sh \
tests/test-pre-signed-pull.sh \
tests/test-signed-pull-summary.sh $(NULL) $(am__append_75) \
$(am__append_76) $(am__append_78) $(am__append_81) \
$(am__append_82)
tests/test-signed-pull-summary.sh $(NULL) $(am__append_76) \
$(am__append_77) $(am__append_79) $(am__append_82) \
$(am__append_83)
experimental_test_scripts = \
$(NULL)
@ -3015,7 +3018,7 @@ libreaddir_rand_la_LIBADD = \
$(NULL)
libreaddir_rand_la_LDFLAGS = $(AM_LDFLAGS) -avoid-version \
$(am__append_85)
$(am__append_86)
_installed_or_uninstalled_test_programs = tests/test-varint \
tests/test-ot-unix-utils tests/test-bsdiff \
tests/test-mutable-tree tests/test-keyfile-utils \
@ -3023,7 +3026,7 @@ _installed_or_uninstalled_test_programs = tests/test-varint \
tests/test-checksum tests/test-lzma tests/test-rollsum \
tests/test-basic-c tests/test-sysroot-c tests/test-pull-c \
tests/test-repo tests/test-include-ostree-h tests/test-kargs \
$(am__append_86) $(am__append_88)
$(am__append_87) $(am__append_89)
common_tests_cflags = $(ostree_bin_shared_cflags) $(OT_INTERNAL_GIO_UNIX_CFLAGS) -I$(srcdir)/libglnx
common_tests_ldadd = $(ostree_bin_shared_ldadd) $(OT_INTERNAL_GIO_UNIX_LIBS)
libostreetest_la_SOURCES = tests/libostreetest.c tests/test-mock-gio.c tests/test-mock-gio.h
@ -3144,8 +3147,8 @@ tests_test_lzma_LDADD = $(TESTS_LDADD) $(OT_DEP_LZMA_LIBS)
@ENABLE_MAN_TRUE@ ostree-pull.1 ostree-refs.1 ostree-remote.1 \
@ENABLE_MAN_TRUE@ ostree-reset.1 ostree-rev-parse.1 \
@ENABLE_MAN_TRUE@ ostree-show.1 ostree-sign.1 ostree-summary.1 \
@ENABLE_MAN_TRUE@ ostree-static-delta.1 $(am__append_97) \
@ENABLE_MAN_TRUE@ $(am__append_99) $(am__append_100)
@ENABLE_MAN_TRUE@ ostree-static-delta.1 $(am__append_98) \
@ENABLE_MAN_TRUE@ $(am__append_100) $(am__append_101)
@ENABLE_MAN_TRUE@man5_files = ostree.repo.5 ostree.repo-config.5
@ENABLE_MAN_TRUE@man1_MANS = $(addprefix man/,$(man1_files))
@ENABLE_MAN_TRUE@man5_MANS = $(addprefix man/,$(man5_files))
@ -8360,6 +8363,13 @@ tests/test-admin-deploy-bootid-gc.sh.log: tests/test-admin-deploy-bootid-gc.sh
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
tests/test-osupdate-dtb.sh.log: tests/test-osupdate-dtb.sh
@p='tests/test-osupdate-dtb.sh'; \
b='tests/test-osupdate-dtb.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
tests/test-admin-instutil-set-kargs.sh.log: tests/test-admin-instutil-set-kargs.sh
@p='tests/test-admin-instutil-set-kargs.sh'; \
b='tests/test-admin-instutil-set-kargs.sh'; \
@ -8423,6 +8433,20 @@ tests/test-delta.sh.log: tests/test-delta.sh
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
tests/test-delta-sign.sh.log: tests/test-delta-sign.sh
@p='tests/test-delta-sign.sh'; \
b='tests/test-delta-sign.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
tests/test-delta-ed25519.sh.log: tests/test-delta-ed25519.sh
@p='tests/test-delta-ed25519.sh'; \
b='tests/test-delta-ed25519.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
tests/test-xattrs.sh.log: tests/test-xattrs.sh
@p='tests/test-xattrs.sh'; \
b='tests/test-xattrs.sh'; \

39
README.md
View File

@ -1,9 +1,4 @@
libostree
---------
New! See the docs online at [Read The Docs (OSTree)](https://ostree.readthedocs.org/en/latest/ )
-----
# libostree
This project is now known as "libostree", though it is still appropriate to use
the previous name: "OSTree" (or "ostree"). The focus is on projects which use
@ -36,8 +31,12 @@ version of
projects like [flatpak](https://github.com/flatpak/flatpak) which
use libostree for applications, rather than hosts.
Operating systems and distributions using OSTree
---------------------
## Documentation
For more information, see the [project documentation](docs/index.md) or the
[project documentation website](https://ostreedev.github.io/ostree).
## Operating systems and distributions using OSTree
[Endless OS](https://endlessos.com/) uses libostree for their host system as
well as flatpak. See
@ -63,8 +62,7 @@ system for GNOME.
[Liri OS](https://liri.io/download/silverblue/) has the option to install
their distribution using ostree.
Distribution build tools
------------------------
## Distribution build tools
[meta-updater](https://github.com/advancedtelematic/meta-updater) is
a layer available for [OpenEmbedded](http://www.openembedded.org/wiki/Main_Page)
@ -79,8 +77,7 @@ integration tool supports importing and exporting from libostree repos.
Fedora [coreos-assembler](https://github.com/coreos/coreos-assembler) is
the build tool used to generate Fedora CoreOS derivatives.
Projects linking to libostree
-----------------------------
## Projects linking to libostree
[rpm-ostree](https://github.com/projectatomic/rpm-ostree) is used by the
Fedora-derived operating systems listed above. It is a full hybrid
@ -98,8 +95,7 @@ use the "libostree host system" aspects (e.g. bootloader management), just the
"git-like hardlink dedup". For example, flatpak supports a per-user OSTree
repository.
Language bindings
----
## Language bindings
libostree is accessible via [GObject Introspection](https://gi.readthedocs.io/en/latest/);
any language which has implemented the GI binding model should work.
@ -114,8 +110,7 @@ for statically compiled languages. Here's a list of such bindings:
- [ostree-go](https://github.com/ostreedev/ostree-go/)
- [ostree-rs](https://gitlab.com/fkrull/ostree-rs/)
Building
--------
## Building
Releases are available as GPG signed git tags, and most recent
versions support extended validation using
@ -139,19 +134,11 @@ make
make install DESTDIR=/path/to/dest
```
More documentation
------------------
New! See the docs online at [Read The Docs (OSTree)](https://ostree.readthedocs.org/en/latest/ )
Contributing
------------
## Contributing
See [Contributing](docs/CONTRIBUTING.md).
Licensing
-------
## Licensing
The licensing for the *code* of libostree can be canonically found in the individual files;
and the overall status in the [COPYING](https://github.com/ostreedev/ostree/blob/master/COPYING)

136
apidoc/html/ostree-OstreeRepo.html
View File

@ -914,11 +914,27 @@
<span class="returnvalue">gboolean</span>
</td>
<td class="function_name">
<a class="link" href="ostree-OstreeRepo.html#ostree-repo-static-delta-execute-offline-with-signature" title="ostree_repo_static_delta_execute_offline_with_signature ()">ostree_repo_static_delta_execute_offline_with_signature</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<span class="returnvalue">gboolean</span>
</td>
<td class="function_name">
<a class="link" href="ostree-OstreeRepo.html#ostree-repo-static-delta-execute-offline" title="ostree_repo_static_delta_execute_offline ()">ostree_repo_static_delta_execute_offline</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<span class="returnvalue">gboolean</span>
</td>
<td class="function_name">
<a class="link" href="ostree-OstreeRepo.html#ostree-repo-static-delta-verify-signature" title="ostree_repo_static_delta_verify_signature ()">ostree_repo_static_delta_verify_signature</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<span class="returnvalue">GHashTable</span> *
</td>
<td class="function_name">
@ -6472,6 +6488,8 @@ for input files</p></li>
<li class="listitem"><p>verbose: b: Print diagnostic messages. Default FALSE.</p></li>
<li class="listitem"><p>endianness: b: Deltas use host byte order by default; this option allows choosing (G_BIG_ENDIAN or G_LITTLE_ENDIAN)</p></li>
<li class="listitem"><p>filename: ay: Save delta superblock to this filename, and parts in the same directory. Default saves to repository.</p></li>
<li class="listitem"><p>sign-name: ay: Signature type to use.</p></li>
<li class="listitem"><p>sign-key-ids: as: Array of keys used to sign delta superblock.</p></li>
</ul></div>
<div class="refsect3">
<a name="ostree-repo-static-delta-generate.parameters"></a><h4>Parameters</h4>
@ -6528,6 +6546,69 @@ for input files</p></li>
</div>
<hr>
<div class="refsect2">
<a name="ostree-repo-static-delta-execute-offline-with-signature"></a><h3>ostree_repo_static_delta_execute_offline_with_signature ()</h3>
<pre class="programlisting"><span class="returnvalue">gboolean</span>
ostree_repo_static_delta_execute_offline_with_signature
(<em class="parameter"><code><a class="link" href="ostree-OstreeRepo.html#OstreeRepo" title="OstreeRepo"><span class="type">OstreeRepo</span></a> *self</code></em>,
<em class="parameter"><code><span class="type">GFile</span> *dir_or_file</code></em>,
<em class="parameter"><code><a class="link" href="ostree-Signature-management.html#OstreeSign" title="OstreeSign"><span class="type">OstreeSign</span></a> *sign</code></em>,
<em class="parameter"><code><span class="type">gboolean</span> skip_validation</code></em>,
<em class="parameter"><code><span class="type">GCancellable</span> *cancellable</code></em>,
<em class="parameter"><code><span class="type">GError</span> **error</code></em>);</pre>
<p>Given a directory representing an already-downloaded static delta
on disk, apply it, generating a new commit.
If sign is passed, the static delta signature is verified.
If sign-verify-deltas configuration option is set and static delta is signed,
signature verification will be mandatory before apply the static delta.
The directory must be named with the form "FROM-TO", where both are
checksums, and it must contain a file named "superblock", along with at least
one part.</p>
<div class="refsect3">
<a name="ostree-repo-static-delta-execute-offline-with-signature.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col width="150px" class="parameters_name">
<col class="parameters_description">
<col width="200px" class="parameters_annotations">
</colgroup>
<tbody>
<tr>
<td class="parameter_name"><p>self</p></td>
<td class="parameter_description"><p>Repo</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>dir_or_file</p></td>
<td class="parameter_description"><p>Path to a directory containing static delta data, or directly to the superblock</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>sign</p></td>
<td class="parameter_description"><p>Signature engine used to check superblock</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>skip_validation</p></td>
<td class="parameter_description"><p>If <code class="literal">TRUE</code>, assume data integrity</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>cancellable</p></td>
<td class="parameter_description"><p>Cancellable</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>error</p></td>
<td class="parameter_description"><p>Error</p></td>
<td class="parameter_annotations"> </td>
</tr>
</tbody>
</table></div>
</div>
<p class="since">Since: 2020.7</p>
</div>
<hr>
<div class="refsect2">
<a name="ostree-repo-static-delta-execute-offline"></a><h3>ostree_repo_static_delta_execute_offline ()</h3>
<pre class="programlisting"><span class="returnvalue">gboolean</span>
ostree_repo_static_delta_execute_offline
@ -6580,6 +6661,61 @@ must contain a file named "superblock", along with at least one part.</p>
</div>
<hr>
<div class="refsect2">
<a name="ostree-repo-static-delta-verify-signature"></a><h3>ostree_repo_static_delta_verify_signature ()</h3>
<pre class="programlisting"><span class="returnvalue">gboolean</span>
ostree_repo_static_delta_verify_signature
(<em class="parameter"><code><a class="link" href="ostree-OstreeRepo.html#OstreeRepo" title="OstreeRepo"><span class="type">OstreeRepo</span></a> *self</code></em>,
<em class="parameter"><code>const <span class="type">char</span> *delta_id</code></em>,
<em class="parameter"><code><a class="link" href="ostree-Signature-management.html#OstreeSign" title="OstreeSign"><span class="type">OstreeSign</span></a> *sign</code></em>,
<em class="parameter"><code><span class="type">char</span> **out_success_message</code></em>,
<em class="parameter"><code><span class="type">GError</span> **error</code></em>);</pre>
<p>Verify static delta file signature.</p>
<div class="refsect3">
<a name="ostree-repo-static-delta-verify-signature.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col width="150px" class="parameters_name">
<col class="parameters_description">
<col width="200px" class="parameters_annotations">
</colgroup>
<tbody>
<tr>
<td class="parameter_name"><p>self</p></td>
<td class="parameter_description"><p>Repo</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>delta_id</p></td>
<td class="parameter_description"><p>delta path</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>sign</p></td>
<td class="parameter_description"><p>Signature engine used to check superblock</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>out_success_message</p></td>
<td class="parameter_description"><p>success message</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>error</p></td>
<td class="parameter_description"><p>Error</p></td>
<td class="parameter_annotations"> </td>
</tr>
</tbody>
</table></div>
</div>
<div class="refsect3">
<a name="ostree-repo-static-delta-verify-signature.returns"></a><h4>Returns</h4>
<p> TRUE if the signature of static delta file is valid using the
signature engine provided, FALSE otherwise.</p>
</div>
<p class="since">Since: 2020.7</p>
</div>
<hr>
<div class="refsect2">
<a name="ostree-repo-traverse-new-reachable"></a><h3>ostree_repo_traverse_new_reachable ()</h3>
<pre class="programlisting"><span class="returnvalue">GHashTable</span> *
ostree_repo_traverse_new_reachable (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>

240
apidoc/html/ostree-Root-partition-mount-point.html
View File

@ -348,11 +348,35 @@
<span class="returnvalue">gboolean</span>
</td>
<td class="function_name">
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree-with-options" title="ostree_sysroot_stage_tree_with_options ()">ostree_sysroot_stage_tree_with_options</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<span class="returnvalue">gboolean</span>
</td>
<td class="function_name">
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-overlay-initrd" title="ostree_sysroot_stage_overlay_initrd ()">ostree_sysroot_stage_overlay_initrd</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<span class="returnvalue">gboolean</span>
</td>
<td class="function_name">
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree" title="ostree_sysroot_deploy_tree ()">ostree_sysroot_deploy_tree</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<span class="returnvalue">gboolean</span>
</td>
<td class="function_name">
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree-with-options" title="ostree_sysroot_deploy_tree_with_options ()">ostree_sysroot_deploy_tree_with_options</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<a class="link" href="ostree-ostree-deployment.html#OstreeDeployment" title="OstreeDeployment"><span class="returnvalue">OstreeDeployment</span></a> *
</td>
<td class="function_name">
@ -1728,8 +1752,7 @@ ostree_sysroot_stage_tree (<em class="parameter"><code><a class="link" href="ost
<em class="parameter"><code><a class="link" href="ostree-ostree-deployment.html#OstreeDeployment" title="OstreeDeployment"><span class="type">OstreeDeployment</span></a> **out_new_deployment</code></em>,
<em class="parameter"><code><span class="type">GCancellable</span> *cancellable</code></em>,
<em class="parameter"><code><span class="type">GError</span> **error</code></em>);</pre>
<p>Like <a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree" title="ostree_sysroot_deploy_tree ()"><code class="function">ostree_sysroot_deploy_tree()</code></a>, but "finalization" only occurs at OS
shutdown time.</p>
<p>Older version of <a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree-with-options" title="ostree_sysroot_stage_tree_with_options ()"><code class="function">ostree_sysroot_stage_tree_with_options()</code></a>.</p>
<div class="refsect3">
<a name="ostree-sysroot-stage-tree.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
@ -1791,6 +1814,132 @@ shutdown time.</p>
</div>
<hr>
<div class="refsect2">
<a name="ostree-sysroot-stage-tree-with-options"></a><h3>ostree_sysroot_stage_tree_with_options ()</h3>
<pre class="programlisting"><span class="returnvalue">gboolean</span>
ostree_sysroot_stage_tree_with_options
(<em class="parameter"><code><a class="link" href="ostree-Root-partition-mount-point.html#OstreeSysroot" title="OstreeSysroot"><span class="type">OstreeSysroot</span></a> *self</code></em>,
<em class="parameter"><code>const <span class="type">char</span> *osname</code></em>,
<em class="parameter"><code>const <span class="type">char</span> *revision</code></em>,
<em class="parameter"><code><span class="type">GKeyFile</span> *origin</code></em>,
<em class="parameter"><code><a class="link" href="ostree-ostree-deployment.html#OstreeDeployment" title="OstreeDeployment"><span class="type">OstreeDeployment</span></a> *merge_deployment</code></em>,
<em class="parameter"><code><span class="type">OstreeSysrootDeployTreeOpts</span> *opts</code></em>,
<em class="parameter"><code><a class="link" href="ostree-ostree-deployment.html#OstreeDeployment" title="OstreeDeployment"><span class="type">OstreeDeployment</span></a> **out_new_deployment</code></em>,
<em class="parameter"><code><span class="type">GCancellable</span> *cancellable</code></em>,
<em class="parameter"><code><span class="type">GError</span> **error</code></em>);</pre>
<p>Like <a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree" title="ostree_sysroot_deploy_tree ()"><code class="function">ostree_sysroot_deploy_tree()</code></a>, but "finalization" only occurs at OS
shutdown time.</p>
<div class="refsect3">
<a name="ostree-sysroot-stage-tree-with-options.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col width="150px" class="parameters_name">
<col class="parameters_description">
<col width="200px" class="parameters_annotations">
</colgroup>
<tbody>
<tr>
<td class="parameter_name"><p>self</p></td>
<td class="parameter_description"><p>Sysroot</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>osname</p></td>
<td class="parameter_description"><p>osname to use for merge deployment. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/allow-none"><span class="acronym">allow-none</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>revision</p></td>
<td class="parameter_description"><p>Checksum to add</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>origin</p></td>
<td class="parameter_description"><p>Origin to use for upgrades. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/allow-none"><span class="acronym">allow-none</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>merge_deployment</p></td>
<td class="parameter_description"><p>Use this deployment for merge path. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/allow-none"><span class="acronym">allow-none</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>opts</p></td>
<td class="parameter_description"><p>Options</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>out_new_deployment</p></td>
<td class="parameter_description"><p>The new deployment path. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/out"><span class="acronym">out</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>cancellable</p></td>
<td class="parameter_description"><p>Cancellable</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>error</p></td>
<td class="parameter_description"><p>Error</p></td>
<td class="parameter_annotations"> </td>
</tr>
</tbody>
</table></div>
</div>
<p class="since">Since: 2020.7</p>
</div>
<hr>
<div class="refsect2">
<a name="ostree-sysroot-stage-overlay-initrd"></a><h3>ostree_sysroot_stage_overlay_initrd ()</h3>
<pre class="programlisting"><span class="returnvalue">gboolean</span>
ostree_sysroot_stage_overlay_initrd (<em class="parameter"><code><a class="link" href="ostree-Root-partition-mount-point.html#OstreeSysroot" title="OstreeSysroot"><span class="type">OstreeSysroot</span></a> *self</code></em>,
<em class="parameter"><code><span class="type">int</span> fd</code></em>,
<em class="parameter"><code><span class="type">char</span> **out_checksum</code></em>,
<em class="parameter"><code><span class="type">GCancellable</span> *cancellable</code></em>,
<em class="parameter"><code><span class="type">GError</span> **error</code></em>);</pre>
<p>Stage an overlay initrd to be used in an upcoming deployment. Returns a checksum which
can be passed to <a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree-with-options" title="ostree_sysroot_deploy_tree_with_options ()"><code class="function">ostree_sysroot_deploy_tree_with_options()</code></a> or
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree-with-options" title="ostree_sysroot_stage_tree_with_options ()"><code class="function">ostree_sysroot_stage_tree_with_options()</code></a> via the <code class="literal">overlay_initrds</code> array option.</p>
<div class="refsect3">
<a name="ostree-sysroot-stage-overlay-initrd.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col width="150px" class="parameters_name">
<col class="parameters_description">
<col width="200px" class="parameters_annotations">
</colgroup>
<tbody>
<tr>
<td class="parameter_name"><p>self</p></td>
<td class="parameter_description"><p>Sysroot</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>fd</p></td>
<td class="parameter_description"><p>File descriptor to overlay initrd. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/transfer%20none"><span class="acronym">transfer none</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>out_checksum</p></td>
<td class="parameter_description"><p>Overlay initrd checksum. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/out"><span class="acronym">out</span></a>][<a href="http://foldoc.org/transfer%20full"><span class="acronym">transfer full</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>cancellable</p></td>
<td class="parameter_description"><p>Cancellable</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>error</p></td>
<td class="parameter_description"><p>Error</p></td>
<td class="parameter_annotations"> </td>
</tr>
</tbody>
</table></div>
</div>
<p class="since">Since: 2020.7</p>
</div>
<hr>
<div class="refsect2">
<a name="ostree-sysroot-deploy-tree"></a><h3>ostree_sysroot_deploy_tree ()</h3>
<pre class="programlisting"><span class="returnvalue">gboolean</span>
ostree_sysroot_deploy_tree (<em class="parameter"><code><a class="link" href="ostree-Root-partition-mount-point.html#OstreeSysroot" title="OstreeSysroot"><span class="type">OstreeSysroot</span></a> *self</code></em>,
@ -1802,12 +1951,7 @@ ostree_sysroot_deploy_tree (<em class="parameter"><code><a class="link" href="os
<em class="parameter"><code><a class="link" href="ostree-ostree-deployment.html#OstreeDeployment" title="OstreeDeployment"><span class="type">OstreeDeployment</span></a> **out_new_deployment</code></em>,
<em class="parameter"><code><span class="type">GCancellable</span> *cancellable</code></em>,
<em class="parameter"><code><span class="type">GError</span> **error</code></em>);</pre>
<p>Check out deployment tree with revision <em class="parameter"><code>revision</code></em>
, performing a 3
way merge with <em class="parameter"><code>provided_merge_deployment</code></em>
for configuration.</p>
<p>When booted into the sysroot, you should use the
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree" title="ostree_sysroot_stage_tree ()"><code class="function">ostree_sysroot_stage_tree()</code></a> API instead.</p>
<p>Older version of <a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree-with-options" title="ostree_sysroot_stage_tree_with_options ()"><code class="function">ostree_sysroot_stage_tree_with_options()</code></a>.</p>
<div class="refsect3">
<a name="ostree-sysroot-deploy-tree.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
@ -1865,6 +2009,86 @@ way merge with <em class="parameter"><code>provided_merge_deployment</code></em>
</tbody>
</table></div>
</div>
<p class="since">Since: 2018.5</p>
</div>
<hr>
<div class="refsect2">
<a name="ostree-sysroot-deploy-tree-with-options"></a><h3>ostree_sysroot_deploy_tree_with_options ()</h3>
<pre class="programlisting"><span class="returnvalue">gboolean</span>
ostree_sysroot_deploy_tree_with_options
(<em class="parameter"><code><a class="link" href="ostree-Root-partition-mount-point.html#OstreeSysroot" title="OstreeSysroot"><span class="type">OstreeSysroot</span></a> *self</code></em>,
<em class="parameter"><code>const <span class="type">char</span> *osname</code></em>,
<em class="parameter"><code>const <span class="type">char</span> *revision</code></em>,
<em class="parameter"><code><span class="type">GKeyFile</span> *origin</code></em>,
<em class="parameter"><code><a class="link" href="ostree-ostree-deployment.html#OstreeDeployment" title="OstreeDeployment"><span class="type">OstreeDeployment</span></a> *provided_merge_deployment</code></em>,
<em class="parameter"><code><span class="type">OstreeSysrootDeployTreeOpts</span> *opts</code></em>,
<em class="parameter"><code><a class="link" href="ostree-ostree-deployment.html#OstreeDeployment" title="OstreeDeployment"><span class="type">OstreeDeployment</span></a> **out_new_deployment</code></em>,
<em class="parameter"><code><span class="type">GCancellable</span> *cancellable</code></em>,
<em class="parameter"><code><span class="type">GError</span> **error</code></em>);</pre>
<p>Check out deployment tree with revision <em class="parameter"><code>revision</code></em>
, performing a 3
way merge with <em class="parameter"><code>provided_merge_deployment</code></em>
for configuration.</p>
<p>When booted into the sysroot, you should use the
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree" title="ostree_sysroot_stage_tree ()"><code class="function">ostree_sysroot_stage_tree()</code></a> API instead.</p>
<div class="refsect3">
<a name="ostree-sysroot-deploy-tree-with-options.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col width="150px" class="parameters_name">
<col class="parameters_description">
<col width="200px" class="parameters_annotations">
</colgroup>
<tbody>
<tr>
<td class="parameter_name"><p>self</p></td>
<td class="parameter_description"><p>Sysroot</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>osname</p></td>
<td class="parameter_description"><p>osname to use for merge deployment. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/allow-none"><span class="acronym">allow-none</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>revision</p></td>
<td class="parameter_description"><p>Checksum to add</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>origin</p></td>
<td class="parameter_description"><p>Origin to use for upgrades. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/allow-none"><span class="acronym">allow-none</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>provided_merge_deployment</p></td>
<td class="parameter_description"><p>Use this deployment for merge path. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/allow-none"><span class="acronym">allow-none</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>opts</p></td>
<td class="parameter_description"><p>Options. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/allow-none"><span class="acronym">allow-none</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>out_new_deployment</p></td>
<td class="parameter_description"><p>The new deployment path. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/out"><span class="acronym">out</span></a>]</span></td>
</tr>
<tr>
<td class="parameter_name"><p>cancellable</p></td>
<td class="parameter_description"><p>Cancellable</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>error</p></td>
<td class="parameter_description"><p>Error</p></td>
<td class="parameter_annotations"> </td>
</tr>
</tbody>
</table></div>
</div>
<p class="since">Since: 2020.7</p>
</div>
<hr>
<div class="refsect2">

79
apidoc/html/ostree-ostree-bootconfig-parser.html
View File

@ -102,6 +102,22 @@
<a class="link" href="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-get" title="ostree_bootconfig_parser_get ()">ostree_bootconfig_parser_get</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<span class="returnvalue">void</span>
</td>
<td class="function_name">
<a class="link" href="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-set-overlay-initrds" title="ostree_bootconfig_parser_set_overlay_initrds ()">ostree_bootconfig_parser_set_overlay_initrds</a> <span class="c_punctuation">()</span>
</td>
</tr>
<tr>
<td class="function_type">
<span class="returnvalue">char</span> **
</td>
<td class="function_name">
<a class="link" href="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-get-overlay-initrds" title="ostree_bootconfig_parser_get_overlay_initrds ()">ostree_bootconfig_parser_get_overlay_initrds</a> <span class="c_punctuation">()</span>
</td>
</tr>
</tbody>
</table></div>
</div>
@ -246,6 +262,69 @@ ostree_bootconfig_parser_set (<em class="parameter"><code><a class="link" href="
ostree_bootconfig_parser_get (<em class="parameter"><code><a class="link" href="ostree-ostree-bootconfig-parser.html#OstreeBootconfigParser" title="OstreeBootconfigParser"><span class="type">OstreeBootconfigParser</span></a> *self</code></em>,
<em class="parameter"><code>const <span class="type">char</span> *key</code></em>);</pre>
</div>
<hr>
<div class="refsect2">
<a name="ostree-bootconfig-parser-set-overlay-initrds"></a><h3>ostree_bootconfig_parser_set_overlay_initrds ()</h3>
<pre class="programlisting"><span class="returnvalue">void</span>
ostree_bootconfig_parser_set_overlay_initrds
(<em class="parameter"><code><a class="link" href="ostree-ostree-bootconfig-parser.html#OstreeBootconfigParser" title="OstreeBootconfigParser"><span class="type">OstreeBootconfigParser</span></a> *self</code></em>,
<em class="parameter"><code><span class="type">char</span> **initrds</code></em>);</pre>
<p>These are rendered as additional <code class="literal">initrd</code> keys in the final bootloader configs. The
base initrd is part of the primary keys.</p>
<div class="refsect3">
<a name="ostree-bootconfig-parser-set-overlay-initrds.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col width="150px" class="parameters_name">
<col class="parameters_description">
<col width="200px" class="parameters_annotations">
</colgroup>
<tbody>
<tr>
<td class="parameter_name"><p>self</p></td>
<td class="parameter_description"><p>Parser</p></td>
<td class="parameter_annotations"> </td>
</tr>
<tr>
<td class="parameter_name"><p>initrds</p></td>
<td class="parameter_description"><p>Array of overlay
initrds or <code class="literal">NULL</code> to unset. </p></td>
<td class="parameter_annotations"><span class="annotation">[<a href="http://foldoc.org/array"><span class="acronym">array</span></a> zero-terminated=1][<a href="http://foldoc.org/transfer%20none"><span class="acronym">transfer none</span></a>][<a href="http://foldoc.org/allow-none"><span class="acronym">allow-none</span></a>]</span></td>
</tr>
</tbody>
</table></div>
</div>
<p class="since">Since: 2020.7</p>
</div>
<hr>
<div class="refsect2">
<a name="ostree-bootconfig-parser-get-overlay-initrds"></a><h3>ostree_bootconfig_parser_get_overlay_initrds ()</h3>
<pre class="programlisting"><span class="returnvalue">char</span> **
ostree_bootconfig_parser_get_overlay_initrds
(<em class="parameter"><code><a class="link" href="ostree-ostree-bootconfig-parser.html#OstreeBootconfigParser" title="OstreeBootconfigParser"><span class="type">OstreeBootconfigParser</span></a> *self</code></em>);</pre>
<div class="refsect3">
<a name="ostree-bootconfig-parser-get-overlay-initrds.parameters"></a><h4>Parameters</h4>
<div class="informaltable"><table class="informaltable" width="100%" border="0">
<colgroup>
<col width="150px" class="parameters_name">
<col class="parameters_description">
<col width="200px" class="parameters_annotations">
</colgroup>
<tbody><tr>
<td class="parameter_name"><p>self</p></td>
<td class="parameter_description"><p>Parser</p></td>
<td class="parameter_annotations"> </td>
</tr></tbody>
</table></div>
</div>
<div class="refsect3">
<a name="ostree-bootconfig-parser-get-overlay-initrds.returns"></a><h4>Returns</h4>
<p>Array of initrds or <code class="literal">NULL</code>
if none are set. </p>
<p><span class="annotation">[<a href="http://foldoc.org/array"><span class="acronym">array</span></a> zero-terminated=1][<a href="http://foldoc.org/transfer%20none"><span class="acronym">transfer none</span></a>][<a href="http://foldoc.org/nullable"><span class="acronym">nullable</span></a>]</span></p>
</div>
<p class="since">Since: 2020.7</p>
</div>
</div>
<div class="refsect1">
<a name="ostree-ostree-bootconfig-parser.other_details"></a><h2>Types and Values</h2>

12
apidoc/html/ostree-ostree-deployment.html
View File

@ -574,6 +574,8 @@ ostree_deployment_unlocked_state_to_string
GKeyFile *origin;
OstreeDeploymentUnlockedState unlocked;
gboolean staged;
char **overlay_initrds;
char *overlay_initrds_id;
} OstreeDeployment;
</pre>
<div class="refsect3">
@ -635,6 +637,16 @@ ostree_deployment_unlocked_state_to_string
<td class="struct_member_description"><p>TRUE iff this deployment is staged</p></td>
<td class="struct_member_annotations"> </td>
</tr>
<tr>
<td class="struct_member_name"><p><span class="type">char</span> **<em class="structfield"><code><a name="OstreeDeployment.overlay-initrds"></a>overlay_initrds</code></em>;</p></td>
<td class="struct_member_description"><p>Checksums of staged additional initrds for this deployment</p></td>
<td class="struct_member_annotations"> </td>
</tr>
<tr>
<td class="struct_member_name"><p><span class="type">char</span> *<em class="structfield"><code><a name="OstreeDeployment.overlay-initrds-id"></a>overlay_initrds_id</code></em>;</p></td>
<td class="struct_member_description"><p>Unique ID generated from initrd checksums; used to compare deployments</p></td>
<td class="struct_member_annotations"> </td>
</tr>
</tbody>
</table></div>
</div>

11
apidoc/html/ostree.devhelp2
View File

@ -199,7 +199,9 @@
<keyword type="function" name="ostree_repo_list_commit_objects_starting_with ()" link="ostree-OstreeRepo.html#ostree-repo-list-commit-objects-starting-with"/>
<keyword type="function" name="ostree_repo_list_static_delta_names ()" link="ostree-OstreeRepo.html#ostree-repo-list-static-delta-names"/>
<keyword type="function" name="ostree_repo_static_delta_generate ()" link="ostree-OstreeRepo.html#ostree-repo-static-delta-generate"/>
<keyword type="function" name="ostree_repo_static_delta_execute_offline_with_signature ()" link="ostree-OstreeRepo.html#ostree-repo-static-delta-execute-offline-with-signature" since="2020.7"/>
<keyword type="function" name="ostree_repo_static_delta_execute_offline ()" link="ostree-OstreeRepo.html#ostree-repo-static-delta-execute-offline"/>
<keyword type="function" name="ostree_repo_static_delta_verify_signature ()" link="ostree-OstreeRepo.html#ostree-repo-static-delta-verify-signature" since="2020.7"/>
<keyword type="function" name="ostree_repo_traverse_new_reachable ()" link="ostree-OstreeRepo.html#ostree-repo-traverse-new-reachable"/>
<keyword type="function" name="ostree_repo_traverse_new_parents ()" link="ostree-OstreeRepo.html#ostree-repo-traverse-new-parents" since="2018.5"/>
<keyword type="function" name="ostree_repo_traverse_parents_get_commits ()" link="ostree-OstreeRepo.html#ostree-repo-traverse-parents-get-commits" since="2018.5"/>
@ -305,7 +307,10 @@
<keyword type="function" name="ostree_sysroot_write_deployments_with_options ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-write-deployments-with-options" since="2017.4"/>
<keyword type="function" name="ostree_sysroot_write_origin_file ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-write-origin-file"/>
<keyword type="function" name="ostree_sysroot_stage_tree ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree" since="2018.5"/>
<keyword type="function" name="ostree_sysroot_deploy_tree ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree"/>
<keyword type="function" name="ostree_sysroot_stage_tree_with_options ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree-with-options" since="2020.7"/>
<keyword type="function" name="ostree_sysroot_stage_overlay_initrd ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-overlay-initrd" since="2020.7"/>
<keyword type="function" name="ostree_sysroot_deploy_tree ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree" since="2018.5"/>
<keyword type="function" name="ostree_sysroot_deploy_tree_with_options ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree-with-options" since="2020.7"/>
<keyword type="function" name="ostree_sysroot_get_merge_deployment ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-get-merge-deployment"/>
<keyword type="function" name="ostree_sysroot_query_deployments_for ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-query-deployments-for" since="2017.7"/>
<keyword type="function" name="ostree_sysroot_origin_new_from_refspec ()" link="ostree-Root-partition-mount-point.html#ostree-sysroot-origin-new-from-refspec"/>
@ -388,6 +393,8 @@
<keyword type="function" name="ostree_bootconfig_parser_write_at ()" link="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-write-at"/>
<keyword type="function" name="ostree_bootconfig_parser_set ()" link="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-set"/>
<keyword type="function" name="ostree_bootconfig_parser_get ()" link="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-get"/>
<keyword type="function" name="ostree_bootconfig_parser_set_overlay_initrds ()" link="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-set-overlay-initrds" since="2020.7"/>
<keyword type="function" name="ostree_bootconfig_parser_get_overlay_initrds ()" link="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-get-overlay-initrds" since="2020.7"/>
<keyword type="struct" name="OstreeBootconfigParser" link="ostree-ostree-bootconfig-parser.html#OstreeBootconfigParser"/>
<keyword type="function" name="ostree_chain_input_stream_new ()" link="ostree-ostree-chain-input-stream.html#ostree-chain-input-stream-new"/>
<keyword type="struct" name="struct OstreeChainInputStream" link="ostree-ostree-chain-input-stream.html#OstreeChainInputStream"/>
@ -559,5 +566,7 @@
<keyword type="member" name="OstreeDeployment.origin" link="ostree-ostree-deployment.html#OstreeDeployment.origin"/>
<keyword type="member" name="OstreeDeployment.unlocked" link="ostree-ostree-deployment.html#OstreeDeployment.unlocked"/>
<keyword type="member" name="OstreeDeployment.staged" link="ostree-ostree-deployment.html#OstreeDeployment.staged"/>
<keyword type="member" name="OstreeDeployment.overlay-initrds" link="ostree-ostree-deployment.html#OstreeDeployment.overlay-initrds"/>
<keyword type="member" name="OstreeDeployment.overlay-initrds-id" link="ostree-ostree-deployment.html#OstreeDeployment.overlay-initrds-id"/>
</functions>
</book>

28
apidoc/html/reference.html
View File

@ -148,6 +148,10 @@
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-get-overlay-initrds" title="ostree_bootconfig_parser_get_overlay_initrds ()">ostree_bootconfig_parser_get_overlay_initrds</a>, function in <a class="link" href="ostree-ostree-bootconfig-parser.html" title="ostree-bootconfig-parser">ostree-bootconfig-parser</a>
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-new" title="ostree_bootconfig_parser_new ()">ostree_bootconfig_parser_new</a>, function in <a class="link" href="ostree-ostree-bootconfig-parser.html" title="ostree-bootconfig-parser">ostree-bootconfig-parser</a>
</dt>
<dd></dd>
@ -164,6 +168,10 @@
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-set-overlay-initrds" title="ostree_bootconfig_parser_set_overlay_initrds ()">ostree_bootconfig_parser_set_overlay_initrds</a>, function in <a class="link" href="ostree-ostree-bootconfig-parser.html" title="ostree-bootconfig-parser">ostree-bootconfig-parser</a>
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-ostree-bootconfig-parser.html#ostree-bootconfig-parser-write" title="ostree_bootconfig_parser_write ()">ostree_bootconfig_parser_write</a>, function in <a class="link" href="ostree-ostree-bootconfig-parser.html" title="ostree-bootconfig-parser">ostree-bootconfig-parser</a>
</dt>
<dd></dd>
@ -1462,10 +1470,18 @@ ostree_repo_set_collection_ref_immediate, function in ostree-misc-experimental
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-OstreeRepo.html#ostree-repo-static-delta-execute-offline-with-signature" title="ostree_repo_static_delta_execute_offline_with_signature ()">ostree_repo_static_delta_execute_offline_with_signature</a>, function in <a class="link" href="ostree-OstreeRepo.html" title="OstreeRepo: Content-addressed object store">OstreeRepo</a>
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-OstreeRepo.html#ostree-repo-static-delta-generate" title="ostree_repo_static_delta_generate ()">ostree_repo_static_delta_generate</a>, function in <a class="link" href="ostree-OstreeRepo.html" title="OstreeRepo: Content-addressed object store">OstreeRepo</a>
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-OstreeRepo.html#ostree-repo-static-delta-verify-signature" title="ostree_repo_static_delta_verify_signature ()">ostree_repo_static_delta_verify_signature</a>, function in <a class="link" href="ostree-OstreeRepo.html" title="OstreeRepo: Content-addressed object store">OstreeRepo</a>
</dt>
<dd></dd>
<dt>
ostree_repo_transaction_set_collection_ref, function in ostree-misc-experimental
</dt>
<dd></dd>
@ -1763,6 +1779,10 @@ ostree_repo_transaction_set_collection_ref, function in ostree-misc-experimental
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-deploy-tree-with-options" title="ostree_sysroot_deploy_tree_with_options ()">ostree_sysroot_deploy_tree_with_options</a>, function in <a class="link" href="ostree-Root-partition-mount-point.html" title="Root partition mount point">Root partition mount point</a>
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-ensure-initialized" title="ostree_sysroot_ensure_initialized ()">ostree_sysroot_ensure_initialized</a>, function in <a class="link" href="ostree-Root-partition-mount-point.html" title="Root partition mount point">Root partition mount point</a>
</dt>
<dd></dd>
@ -1879,10 +1899,18 @@ ostree_repo_transaction_set_collection_ref, function in ostree-misc-experimental
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-overlay-initrd" title="ostree_sysroot_stage_overlay_initrd ()">ostree_sysroot_stage_overlay_initrd</a>, function in <a class="link" href="ostree-Root-partition-mount-point.html" title="Root partition mount point">Root partition mount point</a>
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree" title="ostree_sysroot_stage_tree ()">ostree_sysroot_stage_tree</a>, function in <a class="link" href="ostree-Root-partition-mount-point.html" title="Root partition mount point">Root partition mount point</a>
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-stage-tree-with-options" title="ostree_sysroot_stage_tree_with_options ()">ostree_sysroot_stage_tree_with_options</a>, function in <a class="link" href="ostree-Root-partition-mount-point.html" title="Root partition mount point">Root partition mount point</a>
</dt>
<dd></dd>
<dt>
<a class="link" href="ostree-Root-partition-mount-point.html#ostree-sysroot-try-lock" title="ostree_sysroot_try_lock ()">ostree_sysroot_try_lock</a>, function in <a class="link" href="ostree-Root-partition-mount-point.html" title="Root partition mount point">Root partition mount point</a>
</dt>
<dd></dd>

7
apidoc/ostree-sections.txt
View File

@ -37,6 +37,8 @@ ostree_bootconfig_parser_write
ostree_bootconfig_parser_write_at
ostree_bootconfig_parser_set
ostree_bootconfig_parser_get
ostree_bootconfig_parser_set_overlay_initrds
ostree_bootconfig_parser_get_overlay_initrds
<SUBSECTION Standard>
OSTREE_BOOTCONFIG_PARSER
OSTREE_IS_BOOTCONFIG_PARSER
@ -412,7 +414,9 @@ ostree_repo_list_commit_objects_starting_with
ostree_repo_list_static_delta_names
OstreeStaticDeltaGenerateOpt
ostree_repo_static_delta_generate
ostree_repo_static_delta_execute_offline_with_signature
ostree_repo_static_delta_execute_offline
ostree_repo_static_delta_verify_signature
ostree_repo_traverse_new_reachable
ostree_repo_traverse_new_parents
ostree_repo_traverse_parents_get_commits
@ -543,7 +547,10 @@ ostree_sysroot_write_deployments
ostree_sysroot_write_deployments_with_options
ostree_sysroot_write_origin_file
ostree_sysroot_stage_tree
ostree_sysroot_stage_tree_with_options
ostree_sysroot_stage_overlay_initrd
ostree_sysroot_deploy_tree
ostree_sysroot_deploy_tree_with_options
ostree_sysroot_get_merge_deployment
ostree_sysroot_query_deployments_for
ostree_sysroot_origin_new_from_refspec

42
bash/ostree
View File

@ -1532,6 +1532,9 @@ _ostree_static_delta_apply_offline() {
"
local options_with_args="
--sign-type
--keys-file
--keys-dir
--repo
"
@ -1613,6 +1616,8 @@ _ostree_static_delta_generate() {
--repo
--set-endianness
--to
--sign
--sign-type
"
local options_with_args_glob=$( __ostree_to_extglob "$options_with_args" )
@ -1630,6 +1635,9 @@ _ostree_static_delta_generate() {
COMPREPLY=( $( compgen -W "l B" -- "$cur" ) )
return 0
;;
$options_with_args_glob )
return 0
;;
esac
case "$cur" in
@ -1704,6 +1712,40 @@ _ostree_static_delta_show() {
return 0
}
_ostree_static_delta_verify() {
local boolean_options="
$main_boolean_options
"
local options_with_args="
--sign-type
--keys-file
--keys-dir
--repo
"
local options_with_args_glob=$( __ostree_to_extglob "$options_with_args" )
case "$prev" in
--keys-file|--keys-dir|--repo)
__ostree_compreply_dirs_only
return 0
;;
$options_with_args_glob )
return 0
;;
esac
case "$cur" in
-*)
local all_options="$boolean_options $options_with_args"
__ostree_compreply_all_options
;;
esac
return 0
}
_ostree_static_delta() {
local subcommands="
apply-offline

25
configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for libostree 2020.6.
# Generated by GNU Autoconf 2.69 for libostree 2020.7.
#
# Report bugs to <walters@verbum.org>.
#
@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='libostree'
PACKAGE_TARNAME='libostree'
PACKAGE_VERSION='2020.6'
PACKAGE_STRING='libostree 2020.6'
PACKAGE_VERSION='2020.7'
PACKAGE_STRING='libostree 2020.7'
PACKAGE_BUGREPORT='walters@verbum.org'
PACKAGE_URL=''
@ -1561,7 +1561,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures libostree 2020.6 to adapt to many kinds of systems.
\`configure' configures libostree 2020.7 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1631,7 +1631,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of libostree 2020.6:";;
short | recursive ) echo "Configuration of libostree 2020.7:";;
esac
cat <<\_ACEOF
@ -1896,7 +1896,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
libostree configure 2020.6
libostree configure 2020.7
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@ -2368,7 +2368,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by libostree $as_me 2020.6, which was
It was created by libostree $as_me 2020.7, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@ -3236,7 +3236,7 @@ fi
# Define the identity of the package.
PACKAGE='libostree'
VERSION='2020.6'
VERSION='2020.7'
# Some tools Automake needs.
@ -5970,9 +5970,9 @@ test -n "$YACC" || YACC="yacc"
YEAR_VERSION=2020
RELEASE_VERSION=6
RELEASE_VERSION=7
PACKAGE_VERSION=2020.6
PACKAGE_VERSION=2020.7
if echo "$CFLAGS" | grep -q -E -e '-Werror($| )'; then :
@ -5983,6 +5983,7 @@ else
for flag in \
-pipe \
-Wall \
-Werror=shadow \
-Werror=empty-body \
-Werror=strict-prototypes \
-Werror=missing-prototypes \
@ -19025,7 +19026,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by libostree $as_me 2020.6, which was
This file was extended by libostree $as_me 2020.7, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -19091,7 +19092,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
libostree config.status 2020.6
libostree config.status 2020.7
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"

3
configure.ac
View File

@ -7,7 +7,7 @@ dnl Seed the release notes with `git-shortlog-with-prs <previous-release>..`. Th
dnl `git-evtag` to create the tag and push it. Finally, create a GitHub release and attach
dnl the tarball from `make dist`.
m4_define([year_version], [2020])
m4_define([release_version], [6])
m4_define([release_version], [7])
m4_define([package_version], [year_version.release_version])
AC_INIT([libostree], [package_version], [walters@verbum.org])
is_release_build=yes
@ -35,6 +35,7 @@ AS_IF([echo "$CFLAGS" | grep -q -E -e '-Werror($| )'], [], [
CC_CHECK_FLAGS_APPEND([WARN_CFLAGS], [CFLAGS], [\
-pipe \
-Wall \
-Werror=shadow \
-Werror=empty-body \
-Werror=strict-prototypes \
-Werror=missing-prototypes \

9
libglnx/glnx-fdio.c
View File

@ -303,8 +303,8 @@ glnx_open_anonymous_tmpfile_full (int flags,
}
/* A variant of `glnx_open_tmpfile_linkable_at()` which doesn't support linking.
* Useful for true temporary storage. The fd will be allocated in /var/tmp to
* ensure maximum storage space.
* Useful for true temporary storage. The fd will be allocated in `$TMPDIR` if
* set or `/var/tmp` otherwise.
*
* If you need the file on a specific filesystem use glnx_open_anonymous_tmpfile_full()
* which lets you pass a directory.
@ -314,7 +314,10 @@ glnx_open_anonymous_tmpfile (int flags,
GLnxTmpfile *out_tmpf,
GError **error)
{
return glnx_open_anonymous_tmpfile_full (flags, "/var/tmp", out_tmpf, error);
return glnx_open_anonymous_tmpfile_full (flags,
getenv("TMPDIR") ?: "/var/tmp",
out_tmpf,
error);
}
/* Use this after calling glnx_open_tmpfile_linkable_at() to give

14
libglnx/glnx-xattrs.c
View File

@ -283,7 +283,7 @@ set_all_xattrs_for_path (const char *path,
const guint8* value_data = g_variant_get_fixed_array (value, &value_len, 1);
if (lsetxattr (path, (char*)name, (char*)value_data, value_len, 0) < 0)
return glnx_throw_errno_prefix (error, "lsetxattr");
return glnx_throw_errno_prefix (error, "lsetxattr(%s)", name);
}
return TRUE;
@ -351,7 +351,7 @@ glnx_fd_set_all_xattrs (int fd,
const guint8* value_data = g_variant_get_fixed_array (value, &value_len, 1);
if (TEMP_FAILURE_RETRY (fsetxattr (fd, (char*)name, (char*)value_data, value_len, 0)) < 0)
return glnx_throw_errno_prefix (error, "fsetxattr");
return glnx_throw_errno_prefix (error, "Setting xattrs: fsetxattr(%s)", name);
}
return TRUE;
@ -378,11 +378,11 @@ glnx_lgetxattrat (int dfd,
ssize_t bytes_read, real_size;
if (TEMP_FAILURE_RETRY (bytes_read = lgetxattr (pathbuf, attribute, NULL, 0)) < 0)
return glnx_null_throw_errno_prefix (error, "lgetxattr");
return glnx_null_throw_errno_prefix (error, "lgetxattr(%s)", attribute);
g_autofree guint8 *buf = g_malloc (bytes_read);
if (TEMP_FAILURE_RETRY (real_size = lgetxattr (pathbuf, attribute, buf, bytes_read)) < 0)
return glnx_null_throw_errno_prefix (error, "lgetxattr");
return glnx_null_throw_errno_prefix (error, "lgetxattr(%s)", attribute);
return g_bytes_new_take (g_steal_pointer (&buf), real_size);
}
@ -403,11 +403,11 @@ glnx_fgetxattr_bytes (int fd,
ssize_t bytes_read, real_size;
if (TEMP_FAILURE_RETRY (bytes_read = fgetxattr (fd, attribute, NULL, 0)) < 0)
return glnx_null_throw_errno_prefix (error, "fgetxattr");
return glnx_null_throw_errno_prefix (error, "fgetxattr(%s)", attribute);
g_autofree guint8 *buf = g_malloc (bytes_read);
if (TEMP_FAILURE_RETRY (real_size = fgetxattr (fd, attribute, buf, bytes_read)) < 0)
return glnx_null_throw_errno_prefix (error, "fgetxattr");
return glnx_null_throw_errno_prefix (error, "fgetxattr(%s)", attribute);
return g_bytes_new_take (g_steal_pointer (&buf), real_size);
}
@ -437,7 +437,7 @@ glnx_lsetxattrat (int dfd,
snprintf (pathbuf, sizeof (pathbuf), "/proc/self/fd/%d/%s", dfd, subpath);
if (TEMP_FAILURE_RETRY (lsetxattr (subpath, attribute, value, len, flags)) < 0)
return glnx_throw_errno_prefix (error, "lsetxattr");
return glnx_throw_errno_prefix (error, "lsetxattr(%s)", attribute);
return TRUE;
}

2
man/ostree-checkout.xml
View File

@ -163,7 +163,7 @@ Boston, MA 02111-1307, USA.
<option>-z</option></term>
<listitem><para>
Do not hardlink zero-sized files.
This option does nothing; the functionality is now always on by default.
</para></listitem>
</varlistentry>

158
man/ostree-static-delta.xml
View File

@ -63,7 +63,10 @@ Boston, MA 02111-1307, USA.
<command>ostree static-delta generate</command> <arg choice="req">--to=REV</arg> <arg choice="opt" rep="repeat">OPTIONS</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>ostree static-delta apply-offline</command> <arg choice="req">PATH</arg>
<command>ostree static-delta apply-offline</command> <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="req">PATH</arg> <arg choice="opt" rep="repeat">KEY-ID</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>ostree static-delta verify</command> <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="req">STATIC-DELTA</arg> <arg choice="opt" rep="repeat">KEY-ID</arg>
</cmdsynopsis>
</refsynopsisdiv>
@ -113,6 +116,159 @@ Boston, MA 02111-1307, USA.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--sign-type</option>=ENGINE</term>
<listitem><para>
Use particular signature engine. Currently
available <arg choice="plain">ed25519</arg> and <arg choice="plain">dummy</arg>
signature types.
The default is <arg choice="plain">ed25519</arg>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--sign</option>="KEY-ID"</term>
<listitem><para>
There <literal>KEY-ID</literal> is:
<variablelist>
<varlistentry>
<term><option>for ed25519:</option></term>
<listitem><para>
<literal>base64</literal>-encoded secret key for signing.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>for dummy:</option></term>
<listitem><para>
ASCII-string used as secret key.
</para></listitem>
</varlistentry>
</variablelist>
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>'Apply-offline' Options</title>
<variablelist>
<varlistentry>
<term><option>KEY-ID</option></term>
<listitem><para>
<variablelist>
<varlistentry>
<term><option>for ed25519:</option></term>
<listitem><para>
<literal>base64</literal>-encoded public key for verifying.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>for dummy:</option></term>
<listitem><para>
ASCII-string used as public key.
</para></listitem>
</varlistentry>
</variablelist>
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--sign-type</option>=ENGINE</term>
<listitem><para>
Use particular signature engine. Currently
available <arg choice="plain">ed25519</arg> and <arg choice="plain">dummy</arg>
signature types.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--keys-file</option></term>
<listitem><para>
Read key(s) from file <filename>filename</filename>.
</para></listitem>
<listitem><para>
Valid for <literal>ed25519</literal> signature type.
For <literal>ed25519</literal> this file must contain <literal>base64</literal>-encoded
public key(s) per line for verifying.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--keys-dir</option></term>
<listitem><para>
Redefine the system path, where to search files and subdirectories with
well-known and revoked keys.
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>'Verify' Options</title>
<variablelist>
<varlistentry>
<term><option>KEY-ID</option></term>
<listitem><para>
<variablelist>
<varlistentry>
<term><option>for ed25519:</option></term>
<listitem><para>
<literal>base64</literal>-encoded public key for verifying.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>for dummy:</option></term>
<listitem><para>
ASCII-string used as public key.
</para></listitem>
</varlistentry>
</variablelist>
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--sign-type</option>=ENGINE</term>
<listitem><para>
Use particular signature engine. Currently
available <arg choice="plain">ed25519</arg> and <arg choice="plain">dummy</arg>
signature types.
The default is <arg choice="plain">ed25519</arg>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--keys-file</option></term>
<listitem><para>
Read key(s) from file <filename>filename</filename>.
</para></listitem>
<listitem><para>
Valid for <literal>ed25519</literal> signature type.
For <literal>ed25519</literal> this file must contain <literal>base64</literal>-encoded
public key(s) per line for verifying.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--keys-dir</option></term>
<listitem><para>
Redefine the system path, where to search files and subdirectories with
well-known and revoked keys.
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>

7
src/libostree/libostree-devel.sym
View File

@ -17,13 +17,6 @@
Boston, MA 02111-1307, USA.
***/
LIBOSTREE_2020.5 {
global:
/* Add symbols here, and uncomment the bits in
* Makefile-libostree.am to enable this too.
*/
} LIBOSTREE_2020.4;
/* Stub section for the stable release *after* this development one; don't
* edit this other than to update the year. This is just a copy/paste
* source. Replace $LASTSTABLE with the last stable version, and $NEWVERSION

21
src/libostree/libostree-released.sym
View File

@ -593,6 +593,9 @@ global:
ostree_sysroot_set_mount_namespace_in_use;
} LIBOSTREE_2019.6;
/* No new symbols in 2020.2 */
/* No new symbols in 2020.3 */
/* Add new symbols here. Release commits should copy this section into -released.sym. */
LIBOSTREE_2020.4 {
global:
@ -615,7 +618,23 @@ global:
ostree_sign_summary;
} LIBOSTREE_2020.1;
/* No new symbols in 2020.2 */
/* No new symbols in 2020.5 */
/* No new symbols in 2020.6 */
LIBOSTREE_2020.7 {
global:
/* Add symbols here, and uncomment the bits in
* Makefile-libostree.am to enable this too.
*/
ostree_repo_static_delta_execute_offline_with_signature;
ostree_repo_static_delta_verify_signature;
ostree_bootconfig_parser_get_overlay_initrds;
ostree_bootconfig_parser_set_overlay_initrds;
ostree_sysroot_deploy_tree_with_options;
ostree_sysroot_stage_tree_with_options;
ostree_sysroot_stage_overlay_initrd;
} LIBOSTREE_2020.4;
/* NOTE: Only add more content here in release commits! See the
* comments at the top of this file.

71
src/libostree/ostree-bootconfig-parser.c
View File

@ -30,6 +30,9 @@ struct _OstreeBootconfigParser
const char *separators;
GHashTable *options;
/* Additional initrds; the primary initrd is in options. */
char **overlay_initrds;
};
typedef GObjectClass OstreeBootconfigParserClass;
@ -50,6 +53,8 @@ ostree_bootconfig_parser_clone (OstreeBootconfigParser *self)
GLNX_HASH_TABLE_FOREACH_KV (self->options, const char*, k, const char*, v)
g_hash_table_replace (parser->options, g_strdup (k), g_strdup (v));
parser->overlay_initrds = g_strdupv (self->overlay_initrds);
return parser;
}
@ -76,6 +81,8 @@ ostree_bootconfig_parser_parse_at (OstreeBootconfigParser *self,
if (!contents)
return FALSE;
g_autoptr(GPtrArray) overlay_initrds = NULL;
g_auto(GStrv) lines = g_strsplit (contents, "\n", -1);
for (char **iter = lines; *iter; iter++)
{
@ -86,9 +93,20 @@ ostree_bootconfig_parser_parse_at (OstreeBootconfigParser *self,
char **items = NULL;
items = g_strsplit_set (line, self->separators, 2);
if (g_strv_length (items) == 2 && items[0][0] != '\0')
{
if (g_str_equal (items[0], "initrd") &&
g_hash_table_contains (self->options, "initrd"))
{
if (!overlay_initrds)
overlay_initrds = g_ptr_array_new_with_free_func (g_free);
g_ptr_array_add (overlay_initrds, items[1]);
g_free (items[0]);
}
else
{
g_hash_table_insert (self->options, items[0], items[1]);
g_free (items); /* Transfer ownership */
}
g_free (items); /* Free container; we stole the elements */
}
else
{
@ -97,6 +115,12 @@ ostree_bootconfig_parser_parse_at (OstreeBootconfigParser *self,
}
}
if (overlay_initrds)
{
g_ptr_array_add (overlay_initrds, NULL);
self->overlay_initrds = (char**)g_ptr_array_free (g_steal_pointer (&overlay_initrds), FALSE);
}
self->parsed = TRUE;
return TRUE;
@ -127,6 +151,41 @@ ostree_bootconfig_parser_get (OstreeBootconfigParser *self,
return g_hash_table_lookup (self->options, key);
}
/**
* ostree_bootconfig_parser_set_overlay_initrds:
* @self: Parser
* @initrds: (array zero-terminated=1) (transfer none) (allow-none): Array of overlay
* initrds or %NULL to unset.
*
* These are rendered as additional `initrd` keys in the final bootloader configs. The
* base initrd is part of the primary keys.
*
* Since: 2020.7
*/
void
ostree_bootconfig_parser_set_overlay_initrds (OstreeBootconfigParser *self,
char **initrds)
{
g_assert (g_hash_table_contains (self->options, "initrd"));
g_strfreev (self->overlay_initrds);
self->overlay_initrds = g_strdupv (initrds);
}
/**
* ostree_bootconfig_parser_get_overlay_initrds:
* @self: Parser
*
* Returns: (array zero-terminated=1) (transfer none) (nullable): Array of initrds or %NULL
* if none are set.
*
* Since: 2020.7
*/
char**
ostree_bootconfig_parser_get_overlay_initrds (OstreeBootconfigParser *self)
{
return self->overlay_initrds;
}
static void
write_key (OstreeBootconfigParser *self,
GString *buf,
@ -165,6 +224,15 @@ ostree_bootconfig_parser_write_at (OstreeBootconfigParser *self,
}
}
/* Write overlay initrds */
if (self->overlay_initrds && (g_strv_length (self->overlay_initrds) > 0))
{
/* we should've written the primary initrd already */
g_assert (g_hash_table_contains (keys_written, "initrd"));
for (char **it = self->overlay_initrds; it && *it; it++)
write_key (self, buf, "initrd", *it);
}
/* Write unknown fields */
GLNX_HASH_TABLE_FOREACH_KV (self->options, const char*, k, const char*, v)
{
@ -197,6 +265,7 @@ ostree_bootconfig_parser_finalize (GObject *object)
{
OstreeBootconfigParser *self = OSTREE_BOOTCONFIG_PARSER (object);
g_strfreev (self->overlay_initrds);
g_hash_table_unref (self->options);
G_OBJECT_CLASS (ostree_bootconfig_parser_parent_class)->finalize (object);

6
src/libostree/ostree-bootconfig-parser.h
View File

@ -73,5 +73,11 @@ _OSTREE_PUBLIC
const char *ostree_bootconfig_parser_get (OstreeBootconfigParser *self,
const char *key);
_OSTREE_PUBLIC
void ostree_bootconfig_parser_set_overlay_initrds (OstreeBootconfigParser *self,
char **initrds);
_OSTREE_PUBLIC
char** ostree_bootconfig_parser_get_overlay_initrds (OstreeBootconfigParser *self);
G_END_DECLS

2
src/libostree/ostree-core.c
View File

@ -2675,7 +2675,7 @@ _ostree_detached_metadata_append_gpg_sig (GVariant *existing_metadata,
_OSTREE_METADATA_GPGSIGS_NAME,
g_variant_builder_end (signature_builder));
return g_variant_dict_end (&metadata_dict);
return g_variant_ref_sink (g_variant_dict_end (&metadata_dict));
}
#endif /* OSTREE_DISABLE_GPGME */

9
src/libostree/ostree-deployment-private.h
View File

@ -37,6 +37,8 @@ G_BEGIN_DECLS
* @origin: How to construct an upgraded version of this tree
* @unlocked: The unlocked state
* @staged: TRUE iff this deployment is staged
* @overlay_initrds: Checksums of staged additional initrds for this deployment
* @overlay_initrds_id: Unique ID generated from initrd checksums; used to compare deployments
*/
struct _OstreeDeployment
{
@ -52,8 +54,15 @@ struct _OstreeDeployment
GKeyFile *origin;
OstreeDeploymentUnlockedState unlocked;
gboolean staged;
char **overlay_initrds;
char *overlay_initrds_id;
};
void _ostree_deployment_set_bootcsum (OstreeDeployment *self, const char *bootcsum);
void _ostree_deployment_set_overlay_initrds (OstreeDeployment *self,
char **overlay_initrds);
char** _ostree_deployment_get_overlay_initrds (OstreeDeployment *self);
G_END_DECLS

32
src/libostree/ostree-deployment.c
View File

@ -158,6 +158,34 @@ _ostree_deployment_set_bootcsum (OstreeDeployment *self,
self->bootcsum = g_strdup (bootcsum);
}
void
_ostree_deployment_set_overlay_initrds (OstreeDeployment *self,
char **overlay_initrds)
{
g_clear_pointer (&self->overlay_initrds, g_strfreev);
g_clear_pointer (&self->overlay_initrds_id, g_free);
if (!overlay_initrds || g_strv_length (overlay_initrds) == 0)
return;
/* Generate a unique ID representing this combination of overlay initrds. This is so that
* ostree_sysroot_write_deployments_with_options() can easily compare initrds when
* comparing deployments for whether a bootswap is necessary. We could be fancier here but
* meh... this works. */
g_autoptr(GString) id = g_string_new (NULL);
for (char **it = overlay_initrds; it && *it; it++)
g_string_append (id, *it);
self->overlay_initrds = g_strdupv (overlay_initrds);
self->overlay_initrds_id = g_string_free (g_steal_pointer (&id), FALSE);
}
char**
_ostree_deployment_get_overlay_initrds (OstreeDeployment *self)
{
return self->overlay_initrds;
}
/**
* ostree_deployment_clone:
* @self: Deployment
@ -175,6 +203,8 @@ ostree_deployment_clone (OstreeDeployment *self)
new_bootconfig = ostree_bootconfig_parser_clone (self->bootconfig);
ostree_deployment_set_bootconfig (ret, new_bootconfig);
_ostree_deployment_set_overlay_initrds (ret, self->overlay_initrds);
if (self->origin)
{
g_autoptr(GKeyFile) new_origin = NULL;
@ -238,6 +268,8 @@ ostree_deployment_finalize (GObject *object)
g_free (self->bootcsum);
g_clear_object (&self->bootconfig);
g_clear_pointer (&self->origin, g_key_file_unref);
g_strfreev (self->overlay_initrds);
g_free (self->overlay_initrds_id);
G_OBJECT_CLASS (ostree_deployment_parent_class)->finalize (object);
}

6
src/libostree/ostree-fetcher-curl.c
View File

@ -341,14 +341,14 @@ check_multi_info (OstreeFetcher *fetcher)
if (req->idx + 1 == req->mirrorlist->len)
{
g_autofree char *msg = g_strdup_printf ("Server returned HTTP %lu", response);
g_autofree char *response_msg = g_strdup_printf ("Server returned HTTP %lu", response);
g_task_return_new_error (task, G_IO_ERROR, giocode,
"%s", msg);
"%s", response_msg);
if (req->fetcher->remote_name &&
!((req->flags & OSTREE_FETCHER_REQUEST_OPTIONAL_CONTENT) > 0 &&
giocode == G_IO_ERROR_NOT_FOUND))
_ostree_fetcher_journal_failure (req->fetcher->remote_name,
eff_url, msg);
eff_url, response_msg);
}
else

24
src/libostree/ostree-repo-checkout.c
View File

@ -613,9 +613,12 @@ checkout_one_file_at (OstreeRepo *repo,
}
const gboolean is_symlink = (g_file_info_get_file_type (source_info) == G_FILE_TYPE_SYMBOLIC_LINK);
const guint32 source_mode = g_file_info_get_attribute_uint32 (source_info, "unix::mode");
const gboolean is_unreadable = (!is_symlink && (source_mode & S_IRUSR) == 0);
const gboolean is_whiteout = (!is_symlink && options->process_whiteouts &&
g_str_has_prefix (destination_name, WHITEOUT_PREFIX));
const gboolean is_reg_zerosized = (!is_symlink && g_file_info_get_size (source_info) == 0);
const gboolean override_user_unreadable = (options->mode == OSTREE_REPO_CHECKOUT_MODE_USER && is_unreadable);
/* First, see if it's a Docker whiteout,
* https://github.com/docker/docker/blob/1a714e76a2cb9008cd19609059e9988ff1660b78/pkg/archive/whiteouts.go
@ -634,8 +637,12 @@ checkout_one_file_at (OstreeRepo *repo,
need_copy = FALSE;
}
else if (options->force_copy_zerosized && is_reg_zerosized)
else if (is_reg_zerosized || override_user_unreadable)
{
/* In https://github.com/ostreedev/ostree/commit/673cacd633f9d6b653cdea530657d3e780a41bbd we
* made this an option, but in order to avoid hitting EMLINK, we now force copy zerosized
* files unconditionally.
*/
need_copy = TRUE;
}
else if (!options->force_copy)
@ -735,7 +742,7 @@ checkout_one_file_at (OstreeRepo *repo,
if (can_cache
&& !is_whiteout
&& !is_symlink
&& !is_reg_zerosized
&& !(is_reg_zerosized || override_user_unreadable)
&& need_copy
&& repo->mode == OSTREE_REPO_MODE_ARCHIVE
&& options->mode == OSTREE_REPO_CHECKOUT_MODE_USER)
@ -799,12 +806,21 @@ checkout_one_file_at (OstreeRepo *repo,
* succeeded at hardlinking above.
*/
if (options->no_copy_fallback)
g_assert (is_bare_user_symlink || is_reg_zerosized);
g_assert (is_bare_user_symlink || is_reg_zerosized || override_user_unreadable);
if (!ostree_repo_load_file (repo, checksum, &input, NULL, &xattrs,
cancellable, error))
return FALSE;
if (!create_file_copy_from_input_at (repo, options, state, checksum, source_info, xattrs, input,
GFileInfo *copy_source_info = source_info;
g_autoptr(GFileInfo) modified_info = NULL;
if (override_user_unreadable)
{
modified_info = g_file_info_dup (source_info);
g_file_info_set_attribute_uint32 (modified_info, "unix::mode", (source_mode | S_IRUSR));
copy_source_info = modified_info;
}
if (!create_file_copy_from_input_at (repo, options, state, checksum, copy_source_info, xattrs, input,
destination_dfd, destination_name,
cancellable, error))
return glnx_prefix_error (error, "Copy checkout of %s to %s", checksum, destination_name);

11
src/libostree/ostree-repo-commit.c
View File

@ -3943,11 +3943,9 @@ write_dfd_iter_to_mtree_internal (OstreeRepo *self,
GCancellable *cancellable,
GError **error)
{
g_autoptr(GFileInfo) child_info = NULL;
g_autoptr(GFileInfo) modified_info = NULL;
g_autoptr(GVariant) xattrs = NULL;
g_autofree guchar *child_file_csum = NULL;
g_autofree char *tmp_checksum = NULL;
g_autofree char *relpath = NULL;
OstreeRepoCommitFilterResult filter_result;
struct stat dir_stbuf;
@ -3955,12 +3953,11 @@ write_dfd_iter_to_mtree_internal (OstreeRepo *self,
if (!glnx_fstat (src_dfd_iter->fd, &dir_stbuf, error))
return FALSE;
child_info = _ostree_stbuf_to_gfileinfo (&dir_stbuf);
{
g_autoptr(GFileInfo) child_info = _ostree_stbuf_to_gfileinfo (&dir_stbuf);
if (modifier != NULL)
{
relpath = ptrarray_path_join (path);
filter_result = _ostree_repo_commit_modifier_apply (self, modifier, relpath, child_info, &modified_info);
}
else
@ -3968,6 +3965,7 @@ write_dfd_iter_to_mtree_internal (OstreeRepo *self,
filter_result = OSTREE_REPO_COMMIT_FILTER_ALLOW;
modified_info = g_object_ref (child_info);
}
}
if (filter_result == OSTREE_REPO_COMMIT_FILTER_ALLOW)
{
@ -3979,8 +3977,7 @@ write_dfd_iter_to_mtree_internal (OstreeRepo *self,
cancellable, error))
return FALSE;
g_free (tmp_checksum);
tmp_checksum = ostree_checksum_from_bytes (child_file_csum);
g_autofree char *tmp_checksum = ostree_checksum_from_bytes (child_file_csum);
ostree_mutable_tree_set_metadata_checksum (mtree, tmp_checksum);
}

4
src/libostree/ostree-repo-finder-avahi-parser.c
View File

@ -91,14 +91,14 @@ parse_txt_record (const guint8 *txt,
/* TODO: Docs. Return value is only valid as long as @txt is. Reference: RFC 6763, §6. */
GHashTable *
_ostree_txt_records_parse (AvahiStringList *txt)
_ostree_txt_records_parse (AvahiStringList *txt_list)
{
AvahiStringList *l;
g_autoptr(GHashTable) out = NULL;
out = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, (GDestroyNotify) g_bytes_unref);
for (l = txt; l != NULL; l = avahi_string_list_get_next (l))
for (l = txt_list; l != NULL; l = avahi_string_list_get_next (l))
{
const guint8 *txt;
gsize txt_len;

2
src/libostree/ostree-repo-finder-mount.c
View File

@ -336,7 +336,6 @@ ostree_repo_finder_mount_resolve_async (OstreeRepoFinder *finde
g_autoptr(GHashTable) repo_to_refs = NULL; /* (element-type UriAndKeyring GHashTable) */
GHashTable *supported_ref_to_checksum; /* (element-type OstreeCollectionRef utf8) */
GHashTableIter iter;
UriAndKeyring *repo;
g_autoptr(GError) local_error = NULL;
mount_name = g_mount_get_name (mount);
@ -525,6 +524,7 @@ G_GNUC_END_IGNORE_DEPRECATIONS
/* Aggregate the results. */
g_hash_table_iter_init (&iter, repo_to_refs);
UriAndKeyring *repo;
while (g_hash_table_iter_next (&iter, (gpointer *) &repo, (gpointer *) &supported_ref_to_checksum))
{
g_autoptr(OstreeRemote) remote = NULL;

2
src/libostree/ostree-repo-finder-override.c
View File

@ -151,7 +151,6 @@ ostree_repo_finder_override_resolve_async (OstreeRepoFinder *fi
GHashTable *supported_ref_to_checksum; /* (element-type OstreeCollectionRef utf8) */
GHashTableIter iter;
const gchar *remote_uri;
OstreeRemote *remote;
task = g_task_new (finder, cancellable, callback, user_data);
g_task_set_source_tag (task, ostree_repo_finder_override_resolve_async);
@ -242,6 +241,7 @@ ostree_repo_finder_override_resolve_async (OstreeRepoFinder *fi
/* Aggregate the results. */
g_hash_table_iter_init (&iter, repo_remote_to_refs);
OstreeRemote *remote;
while (g_hash_table_iter_next (&iter, (gpointer *) &remote, (gpointer *) &supported_ref_to_checksum))
g_ptr_array_add (results, ostree_repo_finder_result_new (remote, finder, priority, supported_ref_to_checksum, NULL, 0));

6
src/libostree/ostree-repo-libarchive.c
View File

@ -1161,16 +1161,16 @@ write_directory_to_libarchive_recurse (OstreeRepo *self,
{
guint8 buf[8192];
g_autoptr(GInputStream) file_in = NULL;
g_autoptr(GFileInfo) file_info = NULL;
g_autoptr(GFileInfo) regular_file_info = NULL;
const char *checksum;
checksum = ostree_repo_file_get_checksum ((OstreeRepoFile*)path);
if (!ostree_repo_load_file (self, checksum, &file_in, &file_info, NULL,
if (!ostree_repo_load_file (self, checksum, &file_in, &regular_file_info, NULL,
cancellable, error))
goto out;
archive_entry_set_size (entry, g_file_info_get_size (file_info));
archive_entry_set_size (entry, g_file_info_get_size (regular_file_info));
if (archive_write_header (a, entry) != ARCHIVE_OK)
{

2
src/libostree/ostree-repo-private.h
View File

@ -55,6 +55,8 @@ G_BEGIN_DECLS
#define OSTREE_SUMMARY_EXPIRES "ostree.summary.expires"
#define OSTREE_SUMMARY_COLLECTION_ID "ostree.summary.collection-id"
#define OSTREE_SUMMARY_COLLECTION_MAP "ostree.summary.collection-map"
#define OSTREE_SUMMARY_MODE "ostree.summary.mode"
#define OSTREE_SUMMARY_TOMBSTONE_COMMITS "ostree.summary.tombstone-commits"
#define _OSTREE_PAYLOAD_LINK_PREFIX "../"
#define _OSTREE_PAYLOAD_LINK_PREFIX_LEN (sizeof (_OSTREE_PAYLOAD_LINK_PREFIX) - 1)

660
src/libostree/ostree-repo-pull.c
View File

@ -1625,13 +1625,13 @@ scan_commit_object (OtPullData *pull_data,
}
if (pull_data->timestamp_check_from_rev)
{
g_autoptr(GVariant) commit = NULL;
g_autoptr(GVariant) timestamp_commit = NULL;
if (!ostree_repo_load_commit (pull_data->repo, pull_data->timestamp_check_from_rev,
&commit, NULL, error))
&timestamp_commit, NULL, error))
return glnx_prefix_error (error, "Reading %s for timestamp-check-from-rev",
pull_data->timestamp_check_from_rev);
guint64 ts = ostree_commit_get_timestamp (commit);
guint64 ts = ostree_commit_get_timestamp (timestamp_commit);
if (!_ostree_compare_timestamps (pull_data->timestamp_check_from_rev, ts, checksum, new_ts, error))
return FALSE;
}
@ -2001,6 +2001,8 @@ start_fetch (OtPullData *pull_data,
is_meta ? meta_fetch_on_complete : content_fetch_on_complete, fetch);
}
/* Deprecated: code should load options from the `summary` file rather than
* downloading the remotes `config` file, to save on network round trips. */
static gboolean
load_remote_repo_config (OtPullData *pull_data,
GKeyFile **out_keyfile,
@ -2513,10 +2515,7 @@ on_superblock_fetched (GObject *src,
const guchar *expected_summary_digest = g_hash_table_lookup (pull_data->summary_deltas_checksums, delta);
guint8 actual_summary_digest[OSTREE_SHA256_DIGEST_LEN];
g_auto(OtChecksum) hasher = { 0, };
ot_checksum_init (&hasher);
ot_checksum_update_bytes (&hasher, delta_superblock_data);
ot_checksum_get_digest (&hasher, actual_summary_digest, sizeof (actual_summary_digest));
ot_checksum_bytes (delta_superblock_data, actual_summary_digest);
#ifndef OSTREE_DISABLE_GPGME
/* At this point we've GPG verified the data, so in theory
@ -2626,54 +2625,180 @@ validate_variant_is_csum (GVariant *csum,
return ostree_validate_structureof_csum_v (csum, error);
}
static gboolean
_ostree_repo_verify_summary (OstreeRepo *self,
const char *name,
gboolean gpg_verify_summary,
GPtrArray *signapi_summary_verifiers,
GBytes *summary,
GBytes *signatures,
GCancellable *cancellable,
GError **error)
{
if (gpg_verify_summary)
{
if (summary == NULL)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
"GPG verification enabled, but no summary found (check that the configured URL in remote config is correct)");
return FALSE;
}
if (signatures == NULL)
{
g_set_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_NO_SIGNATURE,
"GPG verification enabled, but no summary signatures found (use gpg-verify-summary=false in remote config to disable)");
return FALSE;
}
/* Verify any summary signatures. */
if (summary != NULL && signatures != NULL)
{
g_autoptr(OstreeGpgVerifyResult) result = NULL;
result = ostree_repo_verify_summary (self,
name,
summary,
signatures,
cancellable,
error);
if (!ostree_gpg_verify_result_require_valid_signature (result, error))
return FALSE;
}
}
if (signapi_summary_verifiers)
{
if (summary == NULL)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
"Signature verification enabled, but no summary found (check that the configured URL in remote config is correct)");
return FALSE;
}
if (signatures == NULL)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
"Signature verification enabled, but no summary signatures found (use sign-verify-summary=false in remote config to disable)");
return FALSE;
}
/* Verify any summary signatures. */
if (summary != NULL && signatures != NULL)
{
g_autoptr(GVariant) sig_variant = NULL;
sig_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT,
signatures, FALSE);
if (!_sign_verify_for_remote (signapi_summary_verifiers, summary, sig_variant, NULL, error))
return FALSE;
}
}
return TRUE;
}
static gboolean
_ostree_repo_load_cache_summary_file (OstreeRepo *self,
const char *filename,
const char *extension,
GBytes **out_data,
GCancellable *cancellable,
GError **error)
{
const char *file = glnx_strjoina (_OSTREE_SUMMARY_CACHE_DIR, "/", filename, extension);
glnx_autofd int fd = -1;
g_autoptr(GBytes) data = NULL;
*out_data = NULL;
if (self->cache_dir_fd == -1)
return TRUE;
fd = openat (self->cache_dir_fd, file, O_CLOEXEC | O_RDONLY);
if (fd < 0)
{
if (errno == ENOENT)
return TRUE;
return glnx_throw_errno_prefix (error, "openat(%s)", file);
}
data = ot_fd_readall_or_mmap (fd, 0, error);
if (!data)
return FALSE;
*out_data =g_steal_pointer (&data);
return TRUE;
}
/* Load the summary from the cache if the provided .sig file is the same as the
cached version. */
static gboolean
_ostree_repo_load_cache_summary_if_same_sig (OstreeRepo *self,
const char *remote,
GBytes *summary_sig,
GBytes **summary,
GBytes **out_summary,
GCancellable *cancellable,
GError **error)
{
g_autoptr(GBytes) old_sig_contents = NULL;
*out_summary = NULL;
if (!_ostree_repo_load_cache_summary_file (self, remote, ".sig",
&old_sig_contents,
cancellable, error))
return FALSE;
if (old_sig_contents != NULL &&
g_bytes_compare (old_sig_contents, summary_sig) == 0)
{
g_autoptr(GBytes) summary_data = NULL;
if (!_ostree_repo_load_cache_summary_file (self, remote, NULL,
&summary_data,
cancellable, error))
return FALSE;
if (summary_data == NULL)
{
/* Cached signature without cached summary, remove the signature */
const char *summary_cache_sig_file = glnx_strjoina (_OSTREE_SUMMARY_CACHE_DIR, "/", remote, ".sig");
(void) unlinkat (self->cache_dir_fd, summary_cache_sig_file, 0);
}
else
*out_summary = g_steal_pointer (&summary_data);
}
return TRUE;
}
static gboolean
_ostree_repo_save_cache_summary_file (OstreeRepo *self,
const char *filename,
const char *extension,
GBytes *data,
GCancellable *cancellable,
GError **error)
{
const char *file = glnx_strjoina (_OSTREE_SUMMARY_CACHE_DIR, "/", filename, extension);
glnx_autofd int fd = -1;
if (self->cache_dir_fd == -1)
return TRUE;
const char *summary_cache_sig_file = glnx_strjoina (_OSTREE_SUMMARY_CACHE_DIR, "/", remote, ".sig");
glnx_autofd int prev_fd = -1;
if (!ot_openat_ignore_enoent (self->cache_dir_fd, summary_cache_sig_file, &prev_fd, error))
return FALSE;
if (prev_fd < 0)
return TRUE; /* Note early return */
g_autoptr(GBytes) old_sig_contents = ot_fd_readall_or_mmap (prev_fd, 0, error);
if (!old_sig_contents)
if (!glnx_shutil_mkdir_p_at (self->cache_dir_fd, _OSTREE_SUMMARY_CACHE_DIR, DEFAULT_DIRECTORY_MODE, cancellable, error))
return FALSE;
if (g_bytes_compare (old_sig_contents, summary_sig) == 0)
{
const char *summary_cache_file = glnx_strjoina (_OSTREE_SUMMARY_CACHE_DIR, "/", remote);
glnx_autofd int summary_fd = -1;
GBytes *summary_data;
summary_fd = openat (self->cache_dir_fd, summary_cache_file, O_CLOEXEC | O_RDONLY);
if (summary_fd < 0)
{
if (errno == ENOENT)
{
(void) unlinkat (self->cache_dir_fd, summary_cache_sig_file, 0);
return TRUE; /* Note early return */
}
return glnx_throw_errno_prefix (error, "openat(%s)", summary_cache_file);
}
summary_data = glnx_fd_readall_bytes (summary_fd, cancellable, error);
if (!summary_data)
if (!glnx_file_replace_contents_at (self->cache_dir_fd,
file,
g_bytes_get_data (data, NULL),
g_bytes_get_size (data),
self->disable_fsync ? GLNX_FILE_REPLACE_NODATASYNC : GLNX_FILE_REPLACE_DATASYNC_NEW,
cancellable, error))
return FALSE;
*summary = summary_data;
}
return TRUE;
}
@ -2686,28 +2811,12 @@ _ostree_repo_cache_summary (OstreeRepo *self,
GCancellable *cancellable,
GError **error)
{
if (self->cache_dir_fd == -1)
return TRUE;
if (!glnx_shutil_mkdir_p_at (self->cache_dir_fd, _OSTREE_SUMMARY_CACHE_DIR, DEFAULT_DIRECTORY_MODE, cancellable, error))
if (!_ostree_repo_save_cache_summary_file (self, remote, NULL,
summary, cancellable, error))
return FALSE;
const char *summary_cache_file = glnx_strjoina (_OSTREE_SUMMARY_CACHE_DIR, "/", remote);
if (!glnx_file_replace_contents_at (self->cache_dir_fd,
summary_cache_file,
g_bytes_get_data (summary, NULL),
g_bytes_get_size (summary),
self->disable_fsync ? GLNX_FILE_REPLACE_NODATASYNC : GLNX_FILE_REPLACE_DATASYNC_NEW,
cancellable, error))
return FALSE;
const char *summary_cache_sig_file = glnx_strjoina (_OSTREE_SUMMARY_CACHE_DIR, "/", remote, ".sig");
if (!glnx_file_replace_contents_at (self->cache_dir_fd,
summary_cache_sig_file,
g_bytes_get_data (summary_sig, NULL),
g_bytes_get_size (summary_sig),
self->disable_fsync ? GLNX_FILE_REPLACE_NODATASYNC : GLNX_FILE_REPLACE_DATASYNC_NEW,
cancellable, error))
if (!_ostree_repo_save_cache_summary_file (self, remote, ".sig",
summary_sig, cancellable, error))
return FALSE;
return TRUE;
@ -2717,6 +2826,8 @@ static OstreeFetcher *
_ostree_repo_remote_new_fetcher (OstreeRepo *self,
const char *remote_name,
gboolean gzip,
GVariant *extra_headers,
const char *append_user_agent,
OstreeFetcherSecurityState *out_state,
GError **error)
{
@ -2830,6 +2941,12 @@ _ostree_repo_remote_new_fetcher (OstreeRepo *self,
_ostree_fetcher_set_cookie_jar (fetcher, jar_path);
}
if (extra_headers)
_ostree_fetcher_set_extra_headers (fetcher, extra_headers);
if (append_user_agent)
_ostree_fetcher_set_extra_user_agent (fetcher, append_user_agent);
success = TRUE;
out:
@ -2977,127 +3094,43 @@ fetch_mirrorlist (OstreeFetcher *fetcher,
}
static gboolean
repo_remote_fetch_summary (OstreeRepo *self,
const char *name,
const char *metalink_url_string,
GVariant *options,
GBytes **out_summary,
GBytes **out_signatures,
gboolean *out_from_cache,
compute_effective_mirrorlist (OstreeRepo *self,
const char *remote_name_or_baseurl,
const char *url_override,
OstreeFetcher *fetcher,
guint n_network_retries,
GPtrArray **out_mirrorlist,
GCancellable *cancellable,
GError **error)
{
g_autoptr(OstreeFetcher) fetcher = NULL;
g_autoptr(GMainContext) mainctx = NULL;
gboolean ret = FALSE;
gboolean from_cache = FALSE;
const char *url_override = NULL;
g_autoptr(GVariant) extra_headers = NULL;
g_autoptr(GPtrArray) mirrorlist = NULL;
const char *append_user_agent = NULL;
guint n_network_retries = DEFAULT_N_NETWORK_RETRIES;
g_autofree char *baseurl = NULL;
if (options)
if (url_override != NULL)
baseurl = g_strdup (url_override);
else if (!ostree_repo_remote_get_url (self, remote_name_or_baseurl, &baseurl, error))
return FALSE;
if (g_str_has_prefix (baseurl, "mirrorlist="))
{
(void) g_variant_lookup (options, "override-url", "&s", &url_override);
(void) g_variant_lookup (options, "http-headers", "@a(ss)", &extra_headers);
(void) g_variant_lookup (options, "append-user-agent", "&s", &append_user_agent);
(void) g_variant_lookup (options, "n-network-retries", "&u", &n_network_retries);
}
mainctx = g_main_context_new ();
g_main_context_push_thread_default (mainctx);
fetcher = _ostree_repo_remote_new_fetcher (self, name, TRUE, NULL, error);
if (fetcher == NULL)
goto out;
if (extra_headers)
_ostree_fetcher_set_extra_headers (fetcher, extra_headers);
if (append_user_agent)
_ostree_fetcher_set_extra_user_agent (fetcher, append_user_agent);
{
g_autofree char *url_string = NULL;
if (metalink_url_string)
url_string = g_strdup (metalink_url_string);
else if (url_override)
url_string = g_strdup (url_override);
else if (!ostree_repo_remote_get_url (self, name, &url_string, error))
goto out;
if (metalink_url_string == NULL &&
g_str_has_prefix (url_string, "mirrorlist="))
{
if (!fetch_mirrorlist (fetcher, url_string + strlen ("mirrorlist="),
n_network_retries, &mirrorlist, cancellable, error))
goto out;
if (!fetch_mirrorlist (fetcher,
baseurl + strlen ("mirrorlist="),
n_network_retries,
out_mirrorlist,
cancellable, error))
return FALSE;
}
else
{
g_autoptr(OstreeFetcherURI) uri = _ostree_fetcher_uri_parse (url_string, error);
g_autoptr(OstreeFetcherURI) baseuri = _ostree_fetcher_uri_parse (baseurl, error);
if (!uri)
goto out;
if (!baseuri)
return FALSE;
mirrorlist =
*out_mirrorlist =
g_ptr_array_new_with_free_func ((GDestroyNotify) _ostree_fetcher_uri_free);
g_ptr_array_add (mirrorlist, g_steal_pointer (&uri));
g_ptr_array_add (*out_mirrorlist, g_steal_pointer (&baseuri));
}
}
/* FIXME: Send the ETag from the cache with the request for summary.sig to
* avoid downloading summary.sig unnecessarily. This wont normally provide
* any benefits (but wont do any harm) since summary.sig is typically 500B
* in size. But if a repository has multiple keys, the signature file will
* grow and this optimisation may be useful. */
if (!_ostree_preload_metadata_file (self,
fetcher,
mirrorlist,
"summary.sig",
metalink_url_string ? TRUE : FALSE,
n_network_retries,
out_signatures,
cancellable,
error))
goto out;
if (*out_signatures)
{
if (!_ostree_repo_load_cache_summary_if_same_sig (self,
name,
*out_signatures,
out_summary,
cancellable,
error))
goto out;
}
if (*out_summary)
from_cache = TRUE;
else
{
if (!_ostree_preload_metadata_file (self,
fetcher,
mirrorlist,
"summary",
metalink_url_string ? TRUE : FALSE,
n_network_retries,
out_summary,
cancellable,
error))
goto out;
}
ret = TRUE;
out:
if (mainctx)
g_main_context_pop_thread_default (mainctx);
*out_from_cache = from_cache;
return ret;
return TRUE;
}
/* Create the fetcher by unioning options from the remote config, plus
@ -3109,17 +3142,13 @@ reinitialize_fetcher (OtPullData *pull_data, const char *remote_name,
{
g_clear_object (&pull_data->fetcher);
pull_data->fetcher = _ostree_repo_remote_new_fetcher (pull_data->repo, remote_name, FALSE,
pull_data->extra_headers,
pull_data->append_user_agent,
&pull_data->fetcher_security_state,
error);
if (pull_data->fetcher == NULL)
return FALSE;
if (pull_data->extra_headers)
_ostree_fetcher_set_extra_headers (pull_data->fetcher, pull_data->extra_headers);
if (pull_data->append_user_agent)
_ostree_fetcher_set_extra_user_agent (pull_data->fetcher, pull_data->append_user_agent);
return TRUE;
}
@ -3362,7 +3391,7 @@ ostree_repo_pull_with_options (OstreeRepo *self,
const char *url_override = NULL;
gboolean inherit_transaction = FALSE;
g_autoptr(GHashTable) updated_requested_refs_to_fetch = NULL; /* (element-type OstreeCollectionRef utf8) */
int i;
gsize i;
g_autofree char **opt_localcache_repos = NULL;
g_autoptr(GVariantIter) ref_keyring_map_iter = NULL;
g_autoptr(GVariant) summary_bytes_v = NULL;
@ -3631,34 +3660,14 @@ ostree_repo_pull_with_options (OstreeRepo *self,
if (!metalink_url_str)
{
g_autofree char *baseurl = NULL;
if (url_override != NULL)
baseurl = g_strdup (url_override);
else if (!ostree_repo_remote_get_url (self, remote_name_or_baseurl, &baseurl, error))
goto out;
if (g_str_has_prefix (baseurl, "mirrorlist="))
{
if (!fetch_mirrorlist (pull_data->fetcher,
baseurl + strlen ("mirrorlist="),
if (!compute_effective_mirrorlist (self, remote_name_or_baseurl,
url_override,
pull_data->fetcher,
pull_data->n_network_retries,
&pull_data->meta_mirrorlist,
cancellable, error))
goto out;
}
else
{
g_autoptr(OstreeFetcherURI) baseuri = _ostree_fetcher_uri_parse (baseurl, error);
if (!baseuri)
goto out;
pull_data->meta_mirrorlist =
g_ptr_array_new_with_free_func ((GDestroyNotify) _ostree_fetcher_uri_free);
g_ptr_array_add (pull_data->meta_mirrorlist, g_steal_pointer (&baseuri));
}
}
else
{
g_autoptr(GBytes) summary_bytes = NULL;
@ -3716,28 +3725,14 @@ ostree_repo_pull_with_options (OstreeRepo *self,
}
else
{
if (g_str_has_prefix (contenturl, "mirrorlist="))
{
if (!fetch_mirrorlist (pull_data->fetcher,
contenturl + strlen ("mirrorlist="),
if (!compute_effective_mirrorlist (self, remote_name_or_baseurl,
contenturl,
pull_data->fetcher,
pull_data->n_network_retries,
&pull_data->content_mirrorlist,
cancellable, error))
goto out;
}
else
{
g_autoptr(OstreeFetcherURI) contenturi = _ostree_fetcher_uri_parse (contenturl, error);
if (!contenturi)
goto out;
pull_data->content_mirrorlist =
g_ptr_array_new_with_free_func ((GDestroyNotify) _ostree_fetcher_uri_free);
g_ptr_array_add (pull_data->content_mirrorlist,
g_steal_pointer (&contenturi));
}
}
}
/* FIXME: Do we want an analogue of this which supports collection IDs? */
@ -3764,30 +3759,6 @@ ostree_repo_pull_with_options (OstreeRepo *self,
if (!ostree_repo_open (pull_data->remote_repo_local, cancellable, error))
goto out;
}
else
{
if (!load_remote_repo_config (pull_data, &remote_config, cancellable, error))
goto out;
if (!ot_keyfile_get_value_with_default (remote_config, "core", "mode", "bare",
&remote_mode_str, error))
goto out;
if (!ostree_repo_mode_from_string (remote_mode_str, &pull_data->remote_mode, error))
goto out;
if (!ot_keyfile_get_boolean_with_default (remote_config, "core", "tombstone-commits", FALSE,
&pull_data->has_tombstone_commits, error))
goto out;
if (pull_data->remote_mode != OSTREE_REPO_MODE_ARCHIVE)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Can't pull from archives with mode \"%s\"",
remote_mode_str);
goto out;
}
}
}
/* Change some option defaults if we're actually pulling from a local
@ -3856,11 +3827,13 @@ ostree_repo_pull_with_options (OstreeRepo *self,
{
g_autoptr(GBytes) bytes_sig = NULL;
gsize i, n;
gsize n;
g_autoptr(GVariant) refs = NULL;
g_autoptr(GVariant) deltas = NULL;
g_autoptr(GVariant) additional_metadata = NULL;
gboolean summary_from_cache = FALSE;
gboolean remote_mode_loaded = FALSE;
gboolean tombstone_commits = FALSE;
if (summary_sig_bytes_v)
{
@ -4174,6 +4147,46 @@ ostree_repo_pull_with_options (OstreeRepo *self,
csum_data);
}
}
if (pull_data->summary &&
g_variant_lookup (additional_metadata, OSTREE_SUMMARY_MODE, "s", &remote_mode_str) &&
g_variant_lookup (additional_metadata, OSTREE_SUMMARY_TOMBSTONE_COMMITS, "b", &tombstone_commits))
{
if (!ostree_repo_mode_from_string (remote_mode_str, &pull_data->remote_mode, error))
goto out;
pull_data->has_tombstone_commits = tombstone_commits;
remote_mode_loaded = TRUE;
}
else if (pull_data->remote_repo_local == NULL)
{
/* Fall-back path which loads the necessary config from the remotes
* `config` file. Doing so is deprecated since it means an
* additional round trip to the remote for each pull. No need to do
* it for local pulls. */
if (!load_remote_repo_config (pull_data, &remote_config, cancellable, error))
goto out;
if (!ot_keyfile_get_value_with_default (remote_config, "core", "mode", "bare",
&remote_mode_str, error))
goto out;
if (!ostree_repo_mode_from_string (remote_mode_str, &pull_data->remote_mode, error))
goto out;
if (!ot_keyfile_get_boolean_with_default (remote_config, "core", "tombstone-commits", FALSE,
&pull_data->has_tombstone_commits, error))
goto out;
remote_mode_loaded = TRUE;
}
if (remote_mode_loaded && pull_data->remote_repo_local == NULL && pull_data->remote_mode != OSTREE_REPO_MODE_ARCHIVE)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Can't pull from archives with mode \"%s\"",
remote_mode_str);
goto out;
}
}
if (pull_data->is_mirror && !refs_to_fetch && !opt_collection_refs_set && !configured_branches)
@ -5234,7 +5247,7 @@ find_remotes_process_refs (OstreeRepo *self,
static void
find_remotes_cb (GObject *obj,
GAsyncResult *result,
GAsyncResult *async_result,
gpointer user_data)
{
OstreeRepo *self;
@ -5266,7 +5279,7 @@ find_remotes_cb (GObject *obj,
/* progress = data->progress; */
/* Finish finding the remotes. */
results = ostree_repo_finder_resolve_all_finish (result, &error);
results = ostree_repo_finder_resolve_all_finish (async_result, &error);
if (results == NULL)
{
@ -5359,8 +5372,8 @@ find_remotes_cb (GObject *obj,
/* Check the metadata in the summary file, especially whether it contains
* all the @refs we are interested in. */
summary_v = g_variant_new_from_bytes (OSTREE_SUMMARY_GVARIANT_FORMAT,
summary_bytes, FALSE);
summary_v = g_variant_ref_sink (g_variant_new_from_bytes (OSTREE_SUMMARY_GVARIANT_FORMAT,
summary_bytes, FALSE));
/* Check the summarys additional metadata and set up @commit_metadata
* and @refs_and_remotes_table with the refs listed in the summary file,
@ -5471,7 +5484,7 @@ find_remotes_cb (GObject *obj,
goto error;
fetcher = _ostree_repo_remote_new_fetcher (self, result->remote->name,
TRUE, NULL, &error);
TRUE, NULL, NULL, NULL, &error);
if (fetcher == NULL)
goto error;
@ -6093,95 +6106,107 @@ ostree_repo_remote_fetch_summary_with_options (OstreeRepo *self,
g_autoptr(GBytes) signatures = NULL;
gboolean gpg_verify_summary;
g_autoptr(GPtrArray) signapi_summary_verifiers = NULL;
gboolean ret = FALSE;
gboolean summary_is_from_cache;
gboolean summary_is_from_cache = FALSE;
g_autoptr(OstreeFetcher) fetcher = NULL;
g_autoptr(GMainContextPopDefault) mainctx = NULL;
const char *url_override = NULL;
g_autoptr(GVariant) extra_headers = NULL;
g_autoptr(GPtrArray) mirrorlist = NULL;
const char *append_user_agent = NULL;
guint n_network_retries = DEFAULT_N_NETWORK_RETRIES;
g_return_val_if_fail (OSTREE_REPO (self), FALSE);
g_return_val_if_fail (name != NULL, FALSE);
if (!ostree_repo_get_remote_option (self, name, "metalink", NULL,
&metalink_url_string, error))
goto out;
return FALSE;
if (!repo_remote_fetch_summary (self,
name,
metalink_url_string,
options,
&summary,
&signatures,
&summary_is_from_cache,
cancellable,
error))
goto out;
if (options)
{
(void) g_variant_lookup (options, "override-url", "&s", &url_override);
(void) g_variant_lookup (options, "http-headers", "@a(ss)", &extra_headers);
(void) g_variant_lookup (options, "append-user-agent", "&s", &append_user_agent);
(void) g_variant_lookup (options, "n-network-retries", "u", &n_network_retries);
}
if (!ostree_repo_remote_get_gpg_verify_summary (self, name, &gpg_verify_summary, error))
goto out;
if (gpg_verify_summary)
{
if (summary == NULL)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
"GPG verification enabled, but no summary found (check that the configured URL in remote config is correct)");
goto out;
}
if (signatures == NULL)
{
g_set_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_NO_SIGNATURE,
"GPG verification enabled, but no summary signatures found (use gpg-verify-summary=false in remote config to disable)");
goto out;
}
/* Verify any summary signatures. */
if (summary != NULL && signatures != NULL)
{
g_autoptr(OstreeGpgVerifyResult) result = NULL;
result = ostree_repo_verify_summary (self,
name,
summary,
signatures,
cancellable,
error);
if (!ostree_gpg_verify_result_require_valid_signature (result, error))
goto out;
}
}
return FALSE;
if (!_signapi_init_for_remote (self, name, NULL,
&signapi_summary_verifiers,
error))
goto out;
return FALSE;
if (signapi_summary_verifiers)
mainctx = _ostree_main_context_new_default ();
fetcher = _ostree_repo_remote_new_fetcher (self, name, TRUE, extra_headers, append_user_agent, NULL, error);
if (fetcher == NULL)
return FALSE;
if (metalink_url_string)
{
if (summary == NULL)
g_autoptr(OstreeFetcherURI) uri = _ostree_fetcher_uri_parse (metalink_url_string, error);
if (!uri)
return FALSE;
mirrorlist =
g_ptr_array_new_with_free_func ((GDestroyNotify) _ostree_fetcher_uri_free);
g_ptr_array_add (mirrorlist, g_steal_pointer (&uri));
}
else if (!compute_effective_mirrorlist (self, name, url_override,
fetcher, n_network_retries,
&mirrorlist, cancellable, error))
return FALSE;
/* FIXME: Send the ETag from the cache with the request for summary.sig to
* avoid downloading summary.sig unnecessarily. This wont normally provide
* any benefits (but wont do any harm) since summary.sig is typically 500B
* in size. But if a repository has multiple keys, the signature file will
* grow and this optimisation may be useful. */
if (!_ostree_preload_metadata_file (self,
fetcher,
mirrorlist,
"summary.sig",
metalink_url_string ? TRUE : FALSE,
n_network_retries,
&signatures,
cancellable,
error))
return FALSE;
if (signatures)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
"Signature verification enabled, but no summary found (check that the configured URL in remote config is correct)");
goto out;
if (!_ostree_repo_load_cache_summary_if_same_sig (self,
name,
signatures,
&summary,
cancellable,
error))
return FALSE;
}
if (signatures == NULL)
if (summary)
summary_is_from_cache = TRUE;
else
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
"Signature verification enabled, but no summary signatures found (use sign-verify-summary=false in remote config to disable)");
goto out;
if (!_ostree_preload_metadata_file (self,
fetcher,
mirrorlist,
"summary",
metalink_url_string ? TRUE : FALSE,
n_network_retries,
&summary,
cancellable,
error))
return FALSE;
}
/* Verify any summary signatures. */
if (summary != NULL && signatures != NULL)
{
g_autoptr(GVariant) sig_variant = NULL;
sig_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT,
signatures, FALSE);
if (!_sign_verify_for_remote (signapi_summary_verifiers, summary, sig_variant, NULL, error))
goto out;
}
}
if (!_ostree_repo_verify_summary (self, name,
gpg_verify_summary, signapi_summary_verifiers,
summary, signatures,
cancellable, error))
return FALSE;
if (!summary_is_from_cache && summary && signatures)
{
@ -6199,7 +6224,7 @@ ostree_repo_remote_fetch_summary_with_options (OstreeRepo *self,
else
{
g_propagate_error (error, g_steal_pointer (&temp_error));
goto out;
return FALSE;
}
}
}
@ -6210,10 +6235,7 @@ ostree_repo_remote_fetch_summary_with_options (OstreeRepo *self,
if (out_signatures != NULL)
*out_signatures = g_steal_pointer (&signatures);
ret = TRUE;
out:
return ret;
return TRUE;
}
#else /* HAVE_LIBCURL_OR_LIBSOUP */

87
src/libostree/ostree-repo-static-delta-compilation.c
View File

@ -36,6 +36,8 @@
#include "libglnx.h"
#include "ostree-varint.h"
#include "bsdiff/bsdiff.h"
#include "ostree-autocleanups.h"
#include "ostree-sign.h"
#define CONTENT_SIZE_SIMILARITY_THRESHOLD_PERCENT (30)
@ -1335,6 +1337,8 @@ get_fallback_headers (OstreeRepo *self,
* - verbose: b: Print diagnostic messages. Default FALSE.
* - endianness: b: Deltas use host byte order by default; this option allows choosing (G_BIG_ENDIAN or G_LITTLE_ENDIAN)
* - filename: ay: Save delta superblock to this filename, and parts in the same directory. Default saves to repository.
* - sign-name: ay: Signature type to use.
* - sign-key-ids: as: Array of keys used to sign delta superblock.
*/
gboolean
ostree_repo_static_delta_generate (OstreeRepo *self,
@ -1368,6 +1372,8 @@ ostree_repo_static_delta_generate (OstreeRepo *self,
g_autoptr(GPtrArray) builder_fallback_objects = g_ptr_array_new_with_free_func ((GDestroyNotify)g_variant_unref);
g_auto(GLnxTmpfile) descriptor_tmpf = { 0, };
g_autoptr(OtVariantBuilder) descriptor_builder = NULL;
const char *opt_sign_name;
const char **opt_key_ids;
if (!g_variant_lookup (params, "min-fallback-size", "u", &min_fallback_size))
min_fallback_size = 4;
@ -1407,6 +1413,12 @@ ostree_repo_static_delta_generate (OstreeRepo *self,
if (!g_variant_lookup (params, "filename", "^&ay", &opt_filename))
opt_filename = NULL;
if (!g_variant_lookup (params, "sign-name", "^&ay", &opt_sign_name))
opt_sign_name = NULL;
if (!g_variant_lookup (params, "sign-key-ids", "^a&s", &opt_key_ids))
opt_key_ids = NULL;
if (!ostree_repo_load_variant (self, OSTREE_OBJECT_TYPE_COMMIT, to,
&to_commit, error))
return FALSE;
@ -1442,7 +1454,7 @@ ostree_repo_static_delta_generate (OstreeRepo *self,
cancellable, error))
return FALSE;
if (!glnx_open_tmpfile_linkable_at (descriptor_dfd, ".", O_WRONLY | O_CLOEXEC,
if (!glnx_open_tmpfile_linkable_at (descriptor_dfd, ".", O_RDWR | O_CLOEXEC,
&descriptor_tmpf, error))
return FALSE;
@ -1586,12 +1598,85 @@ ostree_repo_static_delta_generate (OstreeRepo *self,
g_printerr ("bsdiff=%u objects\n", builder.n_bsdiff);
}
if (opt_sign_name != NULL && opt_key_ids != NULL)
{
g_autoptr(GBytes) tmpdata = NULL;
g_autoptr(OstreeSign) sign = NULL;
const gchar *signature_key = NULL;
g_autoptr(GVariantBuilder) signature_builder = NULL;
g_auto(GLnxTmpfile) descriptor_sign_tmpf = { 0, };
g_autoptr(OtVariantBuilder) descriptor_sign_builder = NULL;
lseek (descriptor_tmpf.fd, 0, SEEK_SET);
tmpdata = glnx_fd_readall_bytes (descriptor_tmpf.fd, cancellable, error);
if (!tmpdata)
return FALSE;
sign = ostree_sign_get_by_name (opt_sign_name, error);
if (sign == NULL)
return FALSE;
signature_key = ostree_sign_metadata_key (sign);
const gchar *signature_format = ostree_sign_metadata_format (sign);
signature_builder = g_variant_builder_new (G_VARIANT_TYPE (signature_format));
for (const char **iter = opt_key_ids; iter && *iter; iter++)
{
const char *keyid = *iter;
g_autoptr(GVariant) secret_key = NULL;
g_autoptr(GBytes) signature_bytes = NULL;
secret_key = g_variant_new_string (keyid);
if (!ostree_sign_set_sk (sign, secret_key, error))
return FALSE;
if (!ostree_sign_data (sign, tmpdata, &signature_bytes,
NULL, error))
return FALSE;
g_variant_builder_add (signature_builder, "@ay", ot_gvariant_new_ay_bytes (signature_bytes));
}
if (!glnx_open_tmpfile_linkable_at (descriptor_dfd, ".", O_WRONLY | O_CLOEXEC,
&descriptor_sign_tmpf, error))
return FALSE;
descriptor_sign_builder = ot_variant_builder_new (G_VARIANT_TYPE (OSTREE_STATIC_DELTA_SIGNED_FORMAT),
descriptor_sign_tmpf.fd);
if (!ot_variant_builder_add (descriptor_sign_builder, error, "t",
GUINT64_TO_BE (OSTREE_STATIC_DELTA_SIGNED_MAGIC)))
return FALSE;
if (!ot_variant_builder_add (descriptor_sign_builder, error, "@ay", ot_gvariant_new_ay_bytes (tmpdata)))
return FALSE;
if (!ot_variant_builder_open (descriptor_sign_builder, G_VARIANT_TYPE ("a{sv}"), error))
return FALSE;
if (!ot_variant_builder_add (descriptor_sign_builder, error, "{sv}",
signature_key, g_variant_builder_end(signature_builder)))
return FALSE;
if (!ot_variant_builder_close (descriptor_sign_builder, error))
return FALSE;
if (!ot_variant_builder_end (descriptor_sign_builder, error))
return FALSE;
if (fchmod (descriptor_sign_tmpf.fd, 0644) < 0)
return glnx_throw_errno_prefix (error, "fchmod");
if (!glnx_link_tmpfile_at (&descriptor_sign_tmpf, GLNX_LINK_TMPFILE_REPLACE,
descriptor_dfd, descriptor_name, error))
return FALSE;
}
else
{
if (fchmod (descriptor_tmpf.fd, 0644) < 0)
return glnx_throw_errno_prefix (error, "fchmod");
if (!glnx_link_tmpfile_at (&descriptor_tmpf, GLNX_LINK_TMPFILE_REPLACE,
descriptor_dfd, descriptor_name, error))
return FALSE;
}
return TRUE;
}

267
src/libostree/ostree-repo-static-delta-core.c
View File

@ -54,6 +54,28 @@ _ostree_static_delta_parse_checksum_array (GVariant *array,
return TRUE;
}
GVariant *
_ostree_repo_static_delta_superblock_digest (OstreeRepo *repo,
const char *from,
const char *to,
GCancellable *cancellable,
GError **error)
{
g_autofree char *superblock = _ostree_get_relative_static_delta_superblock_path ((from && from[0]) ? from : NULL, to);
glnx_autofd int superblock_file_fd = -1;
guint8 digest[OSTREE_SHA256_DIGEST_LEN];
if (!glnx_openat_rdonly (repo->repo_dir_fd, superblock, TRUE, &superblock_file_fd, error))
return NULL;
g_autoptr(GBytes) superblock_content = ot_fd_readall_or_mmap (superblock_file_fd, 0, error);
if (!superblock_content)
return NULL;
ot_checksum_bytes (superblock_content, digest);
return ot_gvariant_new_bytearray (digest, sizeof (digest));
}
/**
* ostree_repo_list_static_delta_names:
@ -109,7 +131,7 @@ ostree_repo_list_static_delta_names (OstreeRepo *self,
return FALSE;
if (sub_dent == NULL)
break;
if (dent->d_type != DT_DIR)
if (sub_dent->d_type != DT_DIR)
continue;
const char *name1 = dent->d_name;
@ -188,27 +210,126 @@ _ostree_repo_static_delta_part_have_all_objects (OstreeRepo *repo,
return TRUE;
}
static gboolean
_ostree_repo_static_delta_is_signed (OstreeRepo *self,
int fd,
GPtrArray **out_value,
GError **error)
{
g_autoptr(GVariant) delta = NULL;
g_autoptr(GVariant) delta_sign_magic = NULL;
g_autoptr(GVariant) delta_sign = NULL;
GVariantIter iter;
GVariant *item;
g_autoptr(GPtrArray) signatures = NULL;
gboolean ret = FALSE;
if (out_value)
*out_value = NULL;
if (!ot_variant_read_fd (fd, 0, (GVariantType*)OSTREE_STATIC_DELTA_SIGNED_FORMAT, TRUE, &delta, error))
return FALSE;
delta_sign_magic = g_variant_get_child_value (delta, 0);
if (delta_sign_magic == NULL)
return glnx_throw (error, "no signatures in static-delta");
if (GUINT64_FROM_BE (g_variant_get_uint64 (delta_sign_magic)) != OSTREE_STATIC_DELTA_SIGNED_MAGIC)
return glnx_throw (error, "no signatures in static-delta");
delta_sign = g_variant_get_child_value (delta, 2);
if (delta_sign == NULL)
return glnx_throw (error, "no signatures in static-delta");
if (out_value)
signatures = g_ptr_array_new_with_free_func (g_free);
/* Check if there are signatures in the superblock */
g_variant_iter_init (&iter, delta_sign);
while ((item = g_variant_iter_next_value (&iter)))
{
g_autoptr(GVariant) key_v = g_variant_get_child_value (item, 0);
const char *str = g_variant_get_string (key_v, NULL);
if (g_str_has_prefix (str, "ostree.sign."))
{
ret = TRUE;
if (signatures)
g_ptr_array_add (signatures, g_strdup (str + strlen ("ostree.sign.")));
}
g_variant_unref (item);
}
if (out_value && ret)
ot_transfer_out_value (out_value, &signatures);
return ret;
}
static gboolean
_ostree_repo_static_delta_verify_signature (OstreeRepo *self,
int fd,
OstreeSign *sign,
char **out_success_message,
GError **error)
{
g_autoptr(GVariant) delta = NULL;
if (!ot_variant_read_fd (fd, 0,
(GVariantType*)OSTREE_STATIC_DELTA_SIGNED_FORMAT,
TRUE, &delta, error))
return FALSE;
/* Check if there are signatures for signature engine */
const gchar *signature_key = ostree_sign_metadata_key(sign);
GVariantType *signature_format = (GVariantType *) ostree_sign_metadata_format(sign);
g_autoptr(GVariant) delta_meta = g_variant_get_child_value (delta, 2);
if (delta_meta == NULL)
return glnx_throw (error, "no metadata in static-delta superblock");
g_autoptr(GVariant) signatures = g_variant_lookup_value (delta_meta,
signature_key,
signature_format);
if (!signatures)
return glnx_throw (error, "no signature for '%s' in static-delta superblock", signature_key);
/* Get static delta superblock */
g_autoptr(GVariant) child = g_variant_get_child_value (delta, 1);
if (child == NULL)
return glnx_throw (error, "no metadata in static-delta superblock");
g_autoptr(GBytes) signed_data = g_variant_get_data_as_bytes(child);
return ostree_sign_data_verify (sign, signed_data, signatures, out_success_message, error);
}
/**
* ostree_repo_static_delta_execute_offline:
* ostree_repo_static_delta_execute_offline_with_signature:
* @self: Repo
* @dir_or_file: Path to a directory containing static delta data, or directly to the superblock
* @sign: Signature engine used to check superblock
* @skip_validation: If %TRUE, assume data integrity
* @cancellable: Cancellable
* @error: Error
*
* Given a directory representing an already-downloaded static delta
* on disk, apply it, generating a new commit. The directory must be
* named with the form "FROM-TO", where both are checksums, and it
* must contain a file named "superblock", along with at least one part.
* on disk, apply it, generating a new commit.
* If sign is passed, the static delta signature is verified.
* If sign-verify-deltas configuration option is set and static delta is signed,
* signature verification will be mandatory before apply the static delta.
* The directory must be named with the form "FROM-TO", where both are
* checksums, and it must contain a file named "superblock", along with at least
* one part.
*
* Since: 2020.7
*/
gboolean
ostree_repo_static_delta_execute_offline (OstreeRepo *self,
ostree_repo_static_delta_execute_offline_with_signature (OstreeRepo *self,
GFile *dir_or_file,
OstreeSign *sign,
gboolean skip_validation,
GCancellable *cancellable,
GError **error)
{
g_autofree char *basename = NULL;
g_autoptr(GVariant) meta = NULL;
const char *dir_or_file_path = gs_file_get_path_cached (dir_or_file);
@ -234,10 +355,44 @@ ostree_repo_static_delta_execute_offline (OstreeRepo *self,
if (meta_fd < 0)
return glnx_throw_errno_prefix (error, "openat(%s)", basename);
g_autoptr(GVariant) meta = NULL;
gboolean is_signed = _ostree_repo_static_delta_is_signed (self, meta_fd, NULL, NULL);
if (is_signed)
{
gboolean verify_deltas;
gboolean verified;
if (!ot_keyfile_get_boolean_with_default (self->config, "core", "sign-verify-deltas",
FALSE, &verify_deltas, error))
return FALSE;
if (verify_deltas && !sign)
return glnx_throw (error, "Key is mandatory to check delta signature");
if (sign)
{
verified = _ostree_repo_static_delta_verify_signature (self, meta_fd, sign, NULL, error);
if (*error)
return FALSE;
if (!verified)
return glnx_throw (error, "Delta signature verification failed");
}
g_autoptr(GVariant) delta = NULL;
if (!ot_variant_read_fd (meta_fd, 0, (GVariantType*)OSTREE_STATIC_DELTA_SIGNED_FORMAT,
TRUE, &delta, error))
return FALSE;
g_autoptr(GVariant) child = g_variant_get_child_value (delta, 1);
g_autoptr(GBytes) bytes = g_variant_get_data_as_bytes (child);
meta = g_variant_new_from_bytes ((GVariantType*)OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT,
bytes, FALSE);
}
else
{
if (!ot_variant_read_fd (meta_fd, 0, G_VARIANT_TYPE (OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT),
FALSE, &meta, error))
return FALSE;
}
/* Parsing OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT */
@ -280,9 +435,8 @@ ostree_repo_static_delta_execute_offline (OstreeRepo *self,
if (!have_to_commit)
{
g_autofree char *detached_path = _ostree_get_relative_static_delta_path (from_checksum, to_checksum, "commitmeta");
g_autoptr(GVariant) detached_data = NULL;
detached_data = g_variant_lookup_value (metadata, detached_path, G_VARIANT_TYPE("a{sv}"));
g_autoptr(GVariant) detached_data =
g_variant_lookup_value (metadata, detached_path, G_VARIANT_TYPE("a{sv}"));
if (detached_data && !ostree_repo_write_commit_detached_metadata (self,
to_checksum,
detached_data,
@ -386,6 +540,32 @@ ostree_repo_static_delta_execute_offline (OstreeRepo *self,
return TRUE;
}
/**
* ostree_repo_static_delta_execute_offline:
* @self: Repo
* @dir_or_file: Path to a directory containing static delta data, or directly to the superblock
* @skip_validation: If %TRUE, assume data integrity
* @cancellable: Cancellable
* @error: Error
*
* Given a directory representing an already-downloaded static delta
* on disk, apply it, generating a new commit. The directory must be
* named with the form "FROM-TO", where both are checksums, and it
* must contain a file named "superblock", along with at least one part.
*/
gboolean
ostree_repo_static_delta_execute_offline (OstreeRepo *self,
GFile *dir_or_file,
gboolean skip_validation,
GCancellable *cancellable,
GError **error)
{
return ostree_repo_static_delta_execute_offline_with_signature(self, dir_or_file, NULL,
skip_validation,
cancellable,
error);
}
gboolean
_ostree_static_delta_part_open (GInputStream *part_in,
GBytes *inline_part_bytes,
@ -726,6 +906,8 @@ _ostree_repo_static_delta_dump (OstreeRepo *self,
GError **error)
{
glnx_autofd int superblock_fd = -1;
g_autoptr(GVariant) delta = NULL;
g_autoptr(GVariant) delta_superblock = NULL;
if (strchr (delta_id, '/'))
{
@ -744,13 +926,28 @@ _ostree_repo_static_delta_dump (OstreeRepo *self,
return FALSE;
}
g_autoptr(GVariant) delta_superblock = NULL;
gboolean is_signed = _ostree_repo_static_delta_is_signed(self, superblock_fd, NULL, NULL);
if (is_signed)
{
if (!ot_variant_read_fd (superblock_fd, 0, (GVariantType*)OSTREE_STATIC_DELTA_SIGNED_FORMAT,
TRUE, &delta, error))
return FALSE;
g_autoptr(GVariant) child = g_variant_get_child_value (delta, 1);
g_autoptr(GBytes) bytes = g_variant_get_data_as_bytes(child);
delta_superblock = g_variant_new_from_bytes ((GVariantType*)OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT,
bytes, FALSE);
}
else
{
if (!ot_variant_read_fd (superblock_fd, 0,
(GVariantType*)OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT,
TRUE, &delta_superblock, error))
return FALSE;
}
g_print ("Delta: %s\n", delta_id);
g_print ("Signed: %s\n", is_signed ? "yes" : "no");
g_autoptr(GVariant) from_commit_v = NULL;
g_variant_get_child (delta_superblock, 2, "@ay", &from_commit_v);
g_autofree char *from_commit = NULL;
@ -873,3 +1070,51 @@ _ostree_repo_static_delta_dump (OstreeRepo *self,
return TRUE;
}
/**
* ostree_repo_static_delta_verify_signature:
* @self: Repo
* @delta_id: delta path
* @sign: Signature engine used to check superblock
* @out_success_message: success message
* @error: Error
*
* Verify static delta file signature.
*
* Returns: TRUE if the signature of static delta file is valid using the
* signature engine provided, FALSE otherwise.
*
* Since: 2020.7
*/
gboolean
ostree_repo_static_delta_verify_signature (OstreeRepo *self,
const char *delta_id,
OstreeSign *sign,
char **out_success_message,
GError **error)
{
g_autoptr(GVariant) delta_meta = NULL;
glnx_autofd int delta_fd = -1;
if (strchr (delta_id, '/'))
{
if (!glnx_openat_rdonly (AT_FDCWD, delta_id, TRUE, &delta_fd, error))
return FALSE;
}
else
{
g_autofree char *from = NULL;
g_autofree char *to = NULL;
if (!_ostree_parse_delta_name (delta_id, &from, &to, error))
return FALSE;
g_autofree char *delta_path = _ostree_get_relative_static_delta_superblock_path (from, to);
if (!glnx_openat_rdonly (self->repo_dir_fd, delta_path, TRUE, &delta_fd, error))
return FALSE;
}
if (!_ostree_repo_static_delta_is_signed (self, delta_fd, NULL, error))
return FALSE;
return _ostree_repo_static_delta_verify_signature (self, delta_fd, sign, out_success_message, error);
}

25
src/libostree/ostree-repo-static-delta-private.h
View File

@ -104,6 +104,25 @@ G_BEGIN_DECLS
*/
#define OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT "(a{sv}tayay" OSTREE_COMMIT_GVARIANT_STRING "aya" OSTREE_STATIC_DELTA_META_ENTRY_FORMAT "a" OSTREE_STATIC_DELTA_FALLBACK_FORMAT ")"
/**
* OSTREE_STATIC_DELTA_SIGNED_FORMAT
*
* magic: t magic number, 8 bytes for alignment
* superblock: ay delta supeblock variant
* signatures: a{sv}
*
* The signed static delta starts with the 'OSTSGNDT' magic number followed by
* the array of bytes containing the superblock used for the signature.
*
* Then, the signatures array contains the signatures of the superblock. A
* signature has the following form:
* type: signature key
* signature: variant depending on type used
*/
#define OSTREE_STATIC_DELTA_SIGNED_FORMAT "(taya{sv})"
#define OSTREE_STATIC_DELTA_SIGNED_MAGIC 0x4F535453474E4454 /* OSTSGNDT */
typedef enum {
OSTREE_STATIC_DELTA_OPEN_FLAGS_NONE = 0,
OSTREE_STATIC_DELTA_OPEN_FLAGS_SKIP_CHECKSUM = (1 << 0),
@ -190,6 +209,12 @@ _ostree_repo_static_delta_query_exists (OstreeRepo *repo,
gboolean *out_exists,
GCancellable *cancellable,
GError **error);
GVariant *
_ostree_repo_static_delta_superblock_digest (OstreeRepo *repo,
const char *from,
const char *to,
GCancellable *cancellable,
GError **error);
gboolean
_ostree_repo_static_delta_dump (OstreeRepo *repo,

57
src/libostree/ostree-repo.c
View File

@ -3782,14 +3782,14 @@ load_metadata_internal (OstreeRepo *self,
g_autofree char *commitpartial_path = _ostree_get_commitpartial_path (sha256);
*out_state = 0;
glnx_autofd int fd = -1;
if (!ot_openat_ignore_enoent (self->repo_dir_fd, commitpartial_path, &fd, error))
glnx_autofd int commitpartial_fd = -1;
if (!ot_openat_ignore_enoent (self->repo_dir_fd, commitpartial_path, &commitpartial_fd, error))
return FALSE;
if (fd != -1)
if (commitpartial_fd != -1)
{
*out_state |= OSTREE_REPO_COMMIT_STATE_PARTIAL;
char reason;
if (read (fd, &reason, 1) == 1)
if (read (commitpartial_fd, &reason, 1) == 1)
{
if (reason == 'f')
*out_state |= OSTREE_REPO_COMMIT_STATE_FSCK_PARTIAL;
@ -5793,25 +5793,18 @@ ostree_repo_regenerate_summary (OstreeRepo *self,
{
g_autofree char *from = NULL;
g_autofree char *to = NULL;
GVariant *digest;
if (!_ostree_parse_delta_name (delta_names->pdata[i], &from, &to, error))
return FALSE;
g_autofree char *superblock = _ostree_get_relative_static_delta_superblock_path ((from && from[0]) ? from : NULL, to);
glnx_autofd int superblock_file_fd = -1;
if (!glnx_openat_rdonly (self->repo_dir_fd, superblock, TRUE, &superblock_file_fd, error))
digest = _ostree_repo_static_delta_superblock_digest (self,
(from && from[0]) ? from : NULL,
to, cancellable, error);
if (digest == NULL)
return FALSE;
g_autoptr(GBytes) superblock_content = ot_fd_readall_or_mmap (superblock_file_fd, 0, error);
if (!superblock_content)
return FALSE;
g_auto(OtChecksum) hasher = { 0, };
ot_checksum_init (&hasher);
ot_checksum_update_bytes (&hasher, superblock_content);
guint8 digest[OSTREE_SHA256_DIGEST_LEN];
ot_checksum_get_digest (&hasher, digest, sizeof (digest));
g_variant_dict_insert_value (&deltas_builder, delta_names->pdata[i], ot_gvariant_new_bytearray (digest, sizeof (digest)));
g_variant_dict_insert_value (&deltas_builder, delta_names->pdata[i], digest);
}
if (delta_names->len > 0)
@ -5823,6 +5816,24 @@ ostree_repo_regenerate_summary (OstreeRepo *self,
g_variant_new_uint64 (GUINT64_TO_BE (g_get_real_time () / G_USEC_PER_SEC)));
}
{
g_autofree char *remote_mode_str = NULL;
if (!ot_keyfile_get_value_with_default (self->config, "core", "mode", "bare",
&remote_mode_str, error))
return FALSE;
g_variant_dict_insert_value (&additional_metadata_builder, OSTREE_SUMMARY_MODE,
g_variant_new_string (remote_mode_str));
}
{
gboolean tombstone_commits = FALSE;
if (!ot_keyfile_get_boolean_with_default (self->config, "core", "tombstone-commits", FALSE,
&tombstone_commits, error))
return FALSE;
g_variant_dict_insert_value (&additional_metadata_builder, OSTREE_SUMMARY_TOMBSTONE_COMMITS,
g_variant_new_boolean (tombstone_commits));
}
/* Add refs which have a collection specified, which could be in refs/mirrors,
* refs/heads, and/or refs/remotes. */
{
@ -5838,19 +5849,19 @@ ostree_repo_regenerate_summary (OstreeRepo *self,
collection_map = g_hash_table_new_full (g_str_hash, g_str_equal, NULL,
(GDestroyNotify) g_hash_table_unref);
const OstreeCollectionRef *ref;
const OstreeCollectionRef *c_ref;
const char *checksum;
while (g_hash_table_iter_next (&iter, (gpointer *) &ref, (gpointer *) &checksum))
while (g_hash_table_iter_next (&iter, (gpointer *) &c_ref, (gpointer *) &checksum))
{
GHashTable *ref_map = g_hash_table_lookup (collection_map, ref->collection_id);
GHashTable *ref_map = g_hash_table_lookup (collection_map, c_ref->collection_id);
if (ref_map == NULL)
{
ref_map = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, NULL);
g_hash_table_insert (collection_map, ref->collection_id, ref_map);
g_hash_table_insert (collection_map, c_ref->collection_id, ref_map);
}
g_hash_table_insert (ref_map, ref->ref_name, (gpointer) checksum);
g_hash_table_insert (ref_map, c_ref->ref_name, (gpointer) checksum);
}
g_autoptr(GVariantBuilder) collection_refs_builder = g_variant_builder_new (G_VARIANT_TYPE ("a{sa(s(taya{sv}))}"));

16
src/libostree/ostree-repo.h
View File

@ -32,6 +32,7 @@
#include "ostree-repo-finder.h"
#include "ostree-sepolicy.h"
#include "ostree-gpg-verify-result.h"
#include "ostree-sign.h"
G_BEGIN_DECLS
@ -1067,6 +1068,14 @@ gboolean ostree_repo_static_delta_generate (OstreeRepo *self,
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_repo_static_delta_execute_offline_with_signature (OstreeRepo *self,
GFile *dir_or_file,
OstreeSign *sign,
gboolean skip_validation,
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_repo_static_delta_execute_offline (OstreeRepo *self,
GFile *dir_or_file,
@ -1074,6 +1083,13 @@ gboolean ostree_repo_static_delta_execute_offline (OstreeRepo
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_repo_static_delta_verify_signature (OstreeRepo *self,
const char *delta_id,
OstreeSign *sign,
char **out_success_message,
GError **error);
_OSTREE_PUBLIC
GHashTable *ostree_repo_traverse_new_reachable (void);

2
src/libostree/ostree-sign.c
View File

@ -365,7 +365,7 @@ _sign_detached_metadata_append (OstreeSign *self,
signature_key,
g_variant_builder_end (signature_builder));
return g_variant_dict_end (&metadata_dict);
return g_variant_ref_sink (g_variant_dict_end (&metadata_dict));
}
/**

22
src/libostree/ostree-soup-uri.c
View File

@ -348,7 +348,7 @@ soup_uri_new_with_base (SoupURI *base, const char *uri_string)
{
SoupURI *uri, fixed_base;
const char *end, *hash, *colon, *at, *path, *question;
const char *p, *hostend;
const char *c, *hostend;
gboolean remove_dot_segments = TRUE;
int len;
@ -402,17 +402,17 @@ soup_uri_new_with_base (SoupURI *base, const char *uri_string)
}
/* Find scheme */
p = uri_string;
while (p < end && (g_ascii_isalpha (*p) ||
(p > uri_string && (g_ascii_isdigit (*p) ||
*p == '.' ||
*p == '+' ||
*p == '-'))))
p++;
c = uri_string;
while (c < end && (g_ascii_isalpha (*c) ||
(c > uri_string && (g_ascii_isdigit (*c) ||
*c == '.' ||
*c == '+' ||
*c == '-'))))
c++;
if (p > uri_string && *p == ':') {
uri->scheme = soup_uri_parse_scheme (uri_string, p - uri_string);
uri_string = p + 1;
if (c > uri_string && *c == ':') {
uri->scheme = soup_uri_parse_scheme (uri_string, c - uri_string);
uri_string = c + 1;
}
if (uri_string == end && !base && !uri->fragment) {

43
src/libostree/ostree-sysroot-cleanup.c
View File

@ -298,6 +298,8 @@ cleanup_old_deployments (OstreeSysroot *self,
g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
g_autoptr(GHashTable) active_boot_checksums =
g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
g_autoptr(GHashTable) active_overlay_initrds =
g_hash_table_new (g_str_hash, g_str_equal); /* borrows from deployment's bootconfig */
for (guint i = 0; i < self->deployments->len; i++)
{
OstreeDeployment *deployment = self->deployments->pdata[i];
@ -306,6 +308,11 @@ cleanup_old_deployments (OstreeSysroot *self,
/* Transfer ownership */
g_hash_table_replace (active_deployment_dirs, deployment_path, deployment_path);
g_hash_table_replace (active_boot_checksums, bootcsum, bootcsum);
OstreeBootconfigParser *bootconfig = ostree_deployment_get_bootconfig (deployment);
char **initrds = ostree_bootconfig_parser_get_overlay_initrds (bootconfig);
for (char **it = initrds; it && *it; it++)
g_hash_table_add (active_overlay_initrds, (char*)glnx_basename (*it));
}
/* Find all deployment directories, both active and inactive */
@ -349,6 +356,42 @@ cleanup_old_deployments (OstreeSysroot *self,
return FALSE;
}
/* Clean up overlay initrds */
glnx_autofd int overlays_dfd =
glnx_opendirat_with_errno (self->sysroot_fd, _OSTREE_SYSROOT_INITRAMFS_OVERLAYS, FALSE);
if (overlays_dfd < 0)
{
if (errno != ENOENT)
return glnx_throw_errno_prefix (error, "open(initrd_overlays)");
}
else
{
g_autoptr(GPtrArray) initrds_to_delete = g_ptr_array_new_with_free_func (g_free);
g_auto(GLnxDirFdIterator) dfd_iter = { 0, };
if (!glnx_dirfd_iterator_init_at (overlays_dfd, ".", TRUE, &dfd_iter, error))
return FALSE;
while (TRUE)
{
struct dirent *dent;
if (!glnx_dirfd_iterator_next_dent_ensure_dtype (&dfd_iter, &dent, cancellable, error))
return FALSE;
if (dent == NULL)
break;
/* there shouldn't be other file types there, but let's be conservative */
if (dent->d_type != DT_REG)
continue;
if (!g_hash_table_lookup (active_overlay_initrds, dent->d_name))
g_ptr_array_add (initrds_to_delete, g_strdup (dent->d_name));
}
for (guint i = 0; i < initrds_to_delete->len; i++)
{
if (!ot_ensure_unlinked_at (overlays_dfd, initrds_to_delete->pdata[i], error))
return FALSE;
}
}
return TRUE;
}

270
src/libostree/ostree-sysroot-deploy.c
View File

@ -272,13 +272,13 @@ checksum_dir_recurse (int dfd,
}
else
{
int fd;
glnx_autofd int fd = -1;
if (!ot_openat_ignore_enoent (dfditer.fd, d_name, &fd, error))
return FALSE;
if (fd != -1)
{
g_autoptr(GInputStream) in = g_unix_input_stream_new (fd, FALSE);
g_autoptr(GInputStream) in = g_unix_input_stream_new (glnx_steal_fd (&fd), TRUE);
if (!ot_gio_splice_update_checksum (NULL, in, checksum, cancellable, error))
return FALSE;
}
@ -313,7 +313,7 @@ copy_dir_recurse (int src_parent_dfd,
if (!dirfd_copy_attributes_and_xattrs (src_parent_dfd, name, src_dfd_iter.fd, dest_dfd,
flags, cancellable, error))
return FALSE;
return glnx_prefix_error (error, "Copying attributes of %s", name);
while (TRUE)
{
@ -340,7 +340,7 @@ copy_dir_recurse (int src_parent_dfd,
dest_dfd, dent->d_name,
sysroot_flags_to_copy_flags (GLNX_FILE_COPY_OVERWRITE, flags),
cancellable, error))
return FALSE;
return glnx_prefix_error (error, "Copying %s", dent->d_name);
}
}
@ -488,7 +488,7 @@ copy_modified_config_file (int orig_etc_fd,
new_etc_fd, path,
sysroot_flags_to_copy_flags (GLNX_FILE_COPY_OVERWRITE, flags),
cancellable, error))
return FALSE;
return glnx_prefix_error (error, "Copying %s", path);
}
else
{
@ -1028,7 +1028,8 @@ _ostree_kernel_layout_new (void)
/* See get_kernel_from_tree() below */
static gboolean
get_kernel_from_tree_usrlib_modules (int deployment_dfd,
get_kernel_from_tree_usrlib_modules (OstreeSysroot *sysroot,
int deployment_dfd,
OstreeKernelLayout **out_layout,
GCancellable *cancellable,
GError **error)
@ -1137,6 +1138,10 @@ get_kernel_from_tree_usrlib_modules (int deployment_dfd,
g_clear_object (&in);
glnx_close_fd (&fd);
/* Testing aid for https://github.com/ostreedev/ostree/issues/2154 */
const gboolean no_dtb = (sysroot->debug_flags & OSTREE_SYSROOT_DEBUG_TEST_NO_DTB) > 0;
if (!no_dtb)
{
/* Check for /usr/lib/modules/$kver/devicetree first, if it does not
* exist check for /usr/lib/modules/$kver/dtb/ directory.
*/
@ -1167,7 +1172,7 @@ get_kernel_from_tree_usrlib_modules (int deployment_dfd,
return FALSE;
}
}
}
g_clear_object (&in);
glnx_close_fd (&fd);
@ -1336,7 +1341,8 @@ get_kernel_from_tree_legacy_layouts (int deployment_dfd,
* initramfs there, so we need to look in /usr/lib/ostree-boot first.
*/
static gboolean
get_kernel_from_tree (int deployment_dfd,
get_kernel_from_tree (OstreeSysroot *sysroot,
int deployment_dfd,
OstreeKernelLayout **out_layout,
GCancellable *cancellable,
GError **error)
@ -1345,7 +1351,7 @@ get_kernel_from_tree (int deployment_dfd,
g_autoptr(OstreeKernelLayout) legacy_layout = NULL;
/* First, gather from usr/lib/modules/$kver if it exists */
if (!get_kernel_from_tree_usrlib_modules (deployment_dfd, &usrlib_modules_layout, cancellable, error))
if (!get_kernel_from_tree_usrlib_modules (sysroot, deployment_dfd, &usrlib_modules_layout, cancellable, error))
return FALSE;
/* Gather the legacy layout */
@ -1761,7 +1767,7 @@ install_deployment_kernel (OstreeSysroot *sysroot,
/* Find the kernel/initramfs/devicetree in the tree */
g_autoptr(OstreeKernelLayout) kernel_layout = NULL;
if (!get_kernel_from_tree (deployment_dfd, &kernel_layout,
if (!get_kernel_from_tree (sysroot, deployment_dfd, &kernel_layout,
cancellable, error))
return FALSE;
@ -1771,7 +1777,6 @@ install_deployment_kernel (OstreeSysroot *sysroot,
const char *osname = ostree_deployment_get_osname (deployment);
const char *bootcsum = ostree_deployment_get_bootcsum (deployment);
g_assert_cmpstr (kernel_layout->bootcsum, ==, bootcsum);
g_autofree char *bootcsumdir = g_strdup_printf ("ostree/%s-%s", osname, bootcsum);
g_autofree char *bootconfdir = g_strdup_printf ("loader.%d/entries", new_bootversion);
g_autofree char *bootconf_name = g_strdup_printf ("ostree-%d-%s.conf",
@ -1854,6 +1859,47 @@ install_deployment_kernel (OstreeSysroot *sysroot,
}
}
g_autoptr(GPtrArray) overlay_initrds = NULL;
for (char **it = _ostree_deployment_get_overlay_initrds (deployment); it && *it; it++)
{
char *checksum = *it;
/* Overlay initrds are not part of the bootcsum dir; they're not part of the tree
* proper. Instead they're in /boot/ostree/initramfs-overlays/ named by their csum.
* Doing it this way allows sharing the same bootcsum dir for multiple deployments
* with the only change being in overlay initrds (or conversely, the same overlay
* across different boocsums). Eventually, it'd be nice to have an OSTree repo in
* /boot itself and drop the boocsum dir concept entirely. */
g_autofree char *destpath =
g_strdup_printf ("/" _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS "/%s.img", checksum);
const char *rel_destpath = destpath + 1;
/* lazily allocate array and create dir so we don't pollute /boot if not needed */
if (overlay_initrds == NULL)
{
overlay_initrds = g_ptr_array_new_with_free_func (g_free);
if (!glnx_shutil_mkdir_p_at (boot_dfd, _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS,
0755, cancellable, error))
return FALSE;
}
if (!glnx_fstatat_allow_noent (boot_dfd, rel_destpath, NULL, 0, error))
return FALSE;
if (errno == ENOENT)
{
g_autofree char *srcpath =
g_strdup_printf (_OSTREE_SYSROOT_RUNSTATE_STAGED_INITRDS_DIR "/%s", checksum);
if (!install_into_boot (repo, sepolicy, AT_FDCWD, srcpath, boot_dfd, rel_destpath,
cancellable, error))
return FALSE;
}
/* these are used lower down to populate the bootconfig */
g_ptr_array_add (overlay_initrds, g_steal_pointer (&destpath));
}
g_autofree char *contents = NULL;
if (!glnx_fstatat_allow_noent (deployment_dfd, "usr/lib/os-release", &stbuf, 0, error))
return FALSE;
@ -1933,6 +1979,12 @@ install_deployment_kernel (OstreeSysroot *sysroot,
g_autofree char * initrd_boot_relpath =
g_strconcat ("/", bootcsumdir, "/", kernel_layout->initramfs_namever, NULL);
ostree_bootconfig_parser_set (bootconfig, "initrd", initrd_boot_relpath);
if (overlay_initrds)
{
g_ptr_array_add (overlay_initrds, NULL);
ostree_bootconfig_parser_set_overlay_initrds (bootconfig, (char**)overlay_initrds->pdata);
}
}
else
{
@ -1945,8 +1997,8 @@ install_deployment_kernel (OstreeSysroot *sysroot,
if (kernel_layout->devicetree_namever)
{
g_autofree char * boot_relpath = g_strconcat ("/", bootcsumdir, "/", kernel_layout->devicetree_namever, NULL);
ostree_bootconfig_parser_set (bootconfig, "devicetree", boot_relpath);
g_autofree char * dt_boot_relpath = g_strconcat ("/", bootcsumdir, "/", kernel_layout->devicetree_namever, NULL);
ostree_bootconfig_parser_set (bootconfig, "devicetree", dt_boot_relpath);
}
else if (kernel_layout->devicetree_srcpath)
{
@ -1954,8 +2006,8 @@ install_deployment_kernel (OstreeSysroot *sysroot,
* want to point to a whole directory of device trees.
* See: https://github.com/ostreedev/ostree/issues/1900
*/
g_autofree char * boot_relpath = g_strconcat ("/", bootcsumdir, "/", kernel_layout->devicetree_srcpath, NULL);
ostree_bootconfig_parser_set (bootconfig, "fdtdir", boot_relpath);
g_autofree char * dt_boot_relpath = g_strconcat ("/", bootcsumdir, "/", kernel_layout->devicetree_srcpath, NULL);
ostree_bootconfig_parser_set (bootconfig, "fdtdir", dt_boot_relpath);
}
/* Note this is parsed in ostree-impl-system-generator.c */
@ -2130,6 +2182,10 @@ deployment_bootconfigs_equal (OstreeRepo *repo,
if (strcmp (a_bootcsum, b_bootcsum) != 0)
return FALSE;
/* same initrd overlays? */
if (g_strcmp0 (a->overlay_initrds_id, b->overlay_initrds_id) != 0)
return FALSE;
/* same kargs? */
g_autofree char *a_boot_options_without_ostree = get_deployment_nonostree_kargs (a);
g_autofree char *b_boot_options_without_ostree = get_deployment_nonostree_kargs (b);
@ -2683,7 +2739,7 @@ sysroot_initialize_deployment (OstreeSysroot *self,
const char *osname,
const char *revision,
GKeyFile *origin,
char **override_kernel_argv,
OstreeSysrootDeployTreeOpts *opts,
OstreeDeployment **out_new_deployment,
GCancellable *cancellable,
GError **error)
@ -2711,12 +2767,13 @@ sysroot_initialize_deployment (OstreeSysroot *self,
return FALSE;
g_autoptr(OstreeKernelLayout) kernel_layout = NULL;
if (!get_kernel_from_tree (deployment_dfd, &kernel_layout,
if (!get_kernel_from_tree (self, deployment_dfd, &kernel_layout,
cancellable, error))
return FALSE;
_ostree_deployment_set_bootcsum (new_deployment, kernel_layout->bootcsum);
_ostree_deployment_set_bootconfig_from_kargs (new_deployment, override_kernel_argv);
_ostree_deployment_set_bootconfig_from_kargs (new_deployment, opts ? opts->override_kernel_argv : NULL);
_ostree_deployment_set_overlay_initrds (new_deployment, opts ? opts->overlay_initrds : NULL);
if (!prepare_deployment_etc (self, repo, new_deployment, deployment_dfd,
cancellable, error))
@ -2847,6 +2904,53 @@ sysroot_finalize_deployment (OstreeSysroot *self,
return TRUE;
}
/**
* ostree_sysroot_deploy_tree_with_options:
* @self: Sysroot
* @osname: (allow-none): osname to use for merge deployment
* @revision: Checksum to add
* @origin: (allow-none): Origin to use for upgrades
* @provided_merge_deployment: (allow-none): Use this deployment for merge path
* @opts: (allow-none): Options
* @out_new_deployment: (out): The new deployment path
* @cancellable: Cancellable
* @error: Error
*
* Check out deployment tree with revision @revision, performing a 3
* way merge with @provided_merge_deployment for configuration.
*
* When booted into the sysroot, you should use the
* ostree_sysroot_stage_tree() API instead.
*
* Since: 2020.7
*/
gboolean
ostree_sysroot_deploy_tree_with_options (OstreeSysroot *self,
const char *osname,
const char *revision,
GKeyFile *origin,
OstreeDeployment *provided_merge_deployment,
OstreeSysrootDeployTreeOpts *opts,
OstreeDeployment **out_new_deployment,
GCancellable *cancellable,
GError **error)
{
if (!_ostree_sysroot_ensure_writable (self, error))
return FALSE;
g_autoptr(OstreeDeployment) deployment = NULL;
if (!sysroot_initialize_deployment (self, osname, revision, origin, opts,
&deployment, cancellable, error))
return FALSE;
if (!sysroot_finalize_deployment (self, deployment, provided_merge_deployment,
cancellable, error))
return FALSE;
*out_new_deployment = g_steal_pointer (&deployment);
return TRUE;
}
/**
* ostree_sysroot_deploy_tree:
* @self: Sysroot
@ -2859,11 +2963,9 @@ sysroot_finalize_deployment (OstreeSysroot *self,
* @cancellable: Cancellable
* @error: Error
*
* Check out deployment tree with revision @revision, performing a 3
* way merge with @provided_merge_deployment for configuration.
* Older version of ostree_sysroot_stage_tree_with_options().
*
* When booted into the sysroot, you should use the
* ostree_sysroot_stage_tree() API instead.
* Since: 2018.5
*/
gboolean
ostree_sysroot_deploy_tree (OstreeSysroot *self,
@ -2876,20 +2978,10 @@ ostree_sysroot_deploy_tree (OstreeSysroot *self,
GCancellable *cancellable,
GError **error)
{
if (!_ostree_sysroot_ensure_writable (self, error))
return FALSE;
g_autoptr(OstreeDeployment) deployment = NULL;
if (!sysroot_initialize_deployment (self, osname, revision, origin, override_kernel_argv,
&deployment, cancellable, error))
return FALSE;
if (!sysroot_finalize_deployment (self, deployment, provided_merge_deployment,
cancellable, error))
return FALSE;
*out_new_deployment = g_steal_pointer (&deployment);
return TRUE;
OstreeSysrootDeployTreeOpts opts = { .override_kernel_argv = override_kernel_argv };
return ostree_sysroot_deploy_tree_with_options (self, osname, revision, origin,
provided_merge_deployment, &opts,
out_new_deployment, cancellable, error);
}
/* Serialize information about a deployment to a variant, used by the staging
@ -2951,6 +3043,63 @@ _ostree_sysroot_deserialize_deployment_from_variant (GVariant *v,
}
/**
* ostree_sysroot_stage_overlay_initrd:
* @self: Sysroot
* @fd: (transfer none): File descriptor to overlay initrd
* @out_checksum: (out) (transfer full): Overlay initrd checksum
* @cancellable: Cancellable
* @error: Error
*
* Stage an overlay initrd to be used in an upcoming deployment. Returns a checksum which
* can be passed to ostree_sysroot_deploy_tree_with_options() or
* ostree_sysroot_stage_tree_with_options() via the `overlay_initrds` array option.
*
* Since: 2020.7
*/
gboolean
ostree_sysroot_stage_overlay_initrd (OstreeSysroot *self,
int fd,
char **out_checksum,
GCancellable *cancellable,
GError **error)
{
g_return_val_if_fail (fd != -1, FALSE);
g_return_val_if_fail (out_checksum != NULL, FALSE);
if (!glnx_shutil_mkdir_p_at (AT_FDCWD, _OSTREE_SYSROOT_RUNSTATE_STAGED_INITRDS_DIR,
0755, cancellable, error))
return FALSE;
glnx_autofd int staged_initrds_dfd = -1;
if (!glnx_opendirat (AT_FDCWD, _OSTREE_SYSROOT_RUNSTATE_STAGED_INITRDS_DIR, FALSE,
&staged_initrds_dfd, error))
return FALSE;
g_auto(GLnxTmpfile) overlay_initrd = { 0, };
if (!glnx_open_tmpfile_linkable_at (staged_initrds_dfd, ".", O_WRONLY | O_CLOEXEC,
&overlay_initrd, error))
return FALSE;
char checksum[_OSTREE_SHA256_STRING_LEN+1];
{
g_autoptr(GOutputStream) output = g_unix_output_stream_new (overlay_initrd.fd, FALSE);
g_autoptr(GInputStream) input = g_unix_input_stream_new (fd, FALSE);
g_autofree guchar *digest = NULL;
if (!ot_gio_splice_get_checksum (output, input, &digest, cancellable, error))
return FALSE;
ot_bin2hex (checksum, (guint8*)digest, _OSTREE_SHA256_DIGEST_LEN);
}
if (!glnx_link_tmpfile_at (&overlay_initrd, GLNX_LINK_TMPFILE_REPLACE,
staged_initrds_dfd, checksum, error))
return FALSE;
*out_checksum = g_strdup (checksum);
return TRUE;
}
/**
* ostree_sysroot_stage_tree:
* @self: Sysroot
@ -2963,8 +3112,7 @@ _ostree_sysroot_deserialize_deployment_from_variant (GVariant *v,
* @cancellable: Cancellable
* @error: Error
*
* Like ostree_sysroot_deploy_tree(), but "finalization" only occurs at OS
* shutdown time.
* Older version of ostree_sysroot_stage_tree_with_options().
*
* Since: 2018.5
*/
@ -2978,6 +3126,41 @@ ostree_sysroot_stage_tree (OstreeSysroot *self,
OstreeDeployment **out_new_deployment,
GCancellable *cancellable,
GError **error)
{
OstreeSysrootDeployTreeOpts opts = { .override_kernel_argv = override_kernel_argv };
return ostree_sysroot_stage_tree_with_options (self, osname, revision, origin,
merge_deployment, &opts,
out_new_deployment, cancellable, error);
}
/**
* ostree_sysroot_stage_tree_with_options:
* @self: Sysroot
* @osname: (allow-none): osname to use for merge deployment
* @revision: Checksum to add
* @origin: (allow-none): Origin to use for upgrades
* @merge_deployment: (allow-none): Use this deployment for merge path
* @opts: Options
* @out_new_deployment: (out): The new deployment path
* @cancellable: Cancellable
* @error: Error
*
* Like ostree_sysroot_deploy_tree(), but "finalization" only occurs at OS
* shutdown time.
*
* Since: 2020.7
*/
gboolean
ostree_sysroot_stage_tree_with_options (OstreeSysroot *self,
const char *osname,
const char *revision,
GKeyFile *origin,
OstreeDeployment *merge_deployment,
OstreeSysrootDeployTreeOpts *opts,
OstreeDeployment **out_new_deployment,
GCancellable *cancellable,
GError **error)
{
if (!_ostree_sysroot_ensure_writable (self, error))
return FALSE;
@ -3009,8 +3192,8 @@ ostree_sysroot_stage_tree (OstreeSysroot *self,
} /* OSTREE_SYSROOT_DEBUG_TEST_STAGED_PATH */
g_autoptr(OstreeDeployment) deployment = NULL;
if (!sysroot_initialize_deployment (self, osname, revision, origin, override_kernel_argv,
&deployment, cancellable, error))
if (!sysroot_initialize_deployment (self, osname, revision, origin, opts, &deployment,
cancellable, error))
return FALSE;
/* Write out the origin file using the sepolicy from the non-merged root for
@ -3045,9 +3228,12 @@ ostree_sysroot_stage_tree (OstreeSysroot *self,
g_variant_builder_add (builder, "{sv}", "merge-deployment",
serialize_deployment_to_variant (merge_deployment));
if (override_kernel_argv)
if (opts && opts->override_kernel_argv)
g_variant_builder_add (builder, "{sv}", "kargs",
g_variant_new_strv ((const char *const*)override_kernel_argv, -1));
g_variant_new_strv ((const char *const*)opts->override_kernel_argv, -1));
if (opts && opts->overlay_initrds)
g_variant_builder_add (builder, "{sv}", "overlay-initrds",
g_variant_new_strv ((const char *const*)opts->overlay_initrds, -1));
const char *parent = dirname (strdupa (_OSTREE_SYSROOT_RUNSTATE_STAGED));
if (!glnx_shutil_mkdir_p_at (AT_FDCWD, parent, 0755, cancellable, error))

5
src/libostree/ostree-sysroot-private.h
View File

@ -38,6 +38,7 @@ typedef enum {
/* This is a temporary flag until we fully drop the explicit `systemctl start
* ostree-finalize-staged.service` so that tests can exercise the new path unit. */
OSTREE_SYSROOT_DEBUG_TEST_STAGED_PATH = 1 << 3,
OSTREE_SYSROOT_DEBUG_TEST_NO_DTB = 1 << 4, /* https://github.com/ostreedev/ostree/issues/2154 */
} OstreeSysrootDebugFlags;
typedef enum {
@ -83,10 +84,14 @@ struct OstreeSysroot {
/* We keep some transient state in /run */
#define _OSTREE_SYSROOT_RUNSTATE_STAGED "/run/ostree/staged-deployment"
#define _OSTREE_SYSROOT_RUNSTATE_STAGED_LOCKED "/run/ostree/staged-deployment-locked"
#define _OSTREE_SYSROOT_RUNSTATE_STAGED_INITRDS_DIR "/run/ostree/staged-initrds/"
#define _OSTREE_SYSROOT_DEPLOYMENT_RUNSTATE_DIR "/run/ostree/deployment-state/"
#define _OSTREE_SYSROOT_DEPLOYMENT_RUNSTATE_FLAG_DEVELOPMENT "unlocked-development"
#define _OSTREE_SYSROOT_DEPLOYMENT_RUNSTATE_FLAG_TRANSIENT "unlocked-transient"
#define _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS "ostree/initramfs-overlays"
#define _OSTREE_SYSROOT_INITRAMFS_OVERLAYS "boot/" _OSTREE_SYSROOT_BOOT_INITRAMFS_OVERLAYS
gboolean
_ostree_sysroot_ensure_writable (OstreeSysroot *self,
GError **error);

23
src/libostree/ostree-sysroot.c
View File

@ -190,6 +190,7 @@ ostree_sysroot_init (OstreeSysroot *self)
{ "test-fifreeze", OSTREE_SYSROOT_DEBUG_TEST_FIFREEZE },
{ "no-xattrs", OSTREE_SYSROOT_DEBUG_NO_XATTRS },
{ "test-staged-path", OSTREE_SYSROOT_DEBUG_TEST_STAGED_PATH },
{ "no-dtb", OSTREE_SYSROOT_DEBUG_TEST_NO_DTB },
};
self->debug_flags = g_parse_debug_string (g_getenv ("OSTREE_SYSROOT_DEBUG"),
@ -814,6 +815,24 @@ list_deployments_process_one_boot_entry (OstreeSysroot *self,
return FALSE;
ostree_deployment_set_bootconfig (deployment, config);
char **overlay_initrds = ostree_bootconfig_parser_get_overlay_initrds (config);
g_autoptr(GPtrArray) initrds_chksums = NULL;
for (char **it = overlay_initrds; it && *it; it++)
{
const char *basename = glnx_basename (*it);
if (strlen (basename) != (_OSTREE_SHA256_STRING_LEN + strlen (".img")))
return glnx_throw (error, "Malformed overlay initrd filename: %s", basename);
if (!initrds_chksums) /* lazy init */
initrds_chksums = g_ptr_array_new_full (g_strv_length (overlay_initrds), g_free);
g_ptr_array_add (initrds_chksums, g_strndup (basename, _OSTREE_SHA256_STRING_LEN));
}
if (initrds_chksums)
{
g_ptr_array_add (initrds_chksums, NULL);
_ostree_deployment_set_overlay_initrds (deployment, (char**)initrds_chksums->pdata);
}
g_ptr_array_add (inout_deployments, g_object_ref (deployment));
return TRUE;
@ -966,8 +985,10 @@ _ostree_sysroot_reload_staged (OstreeSysroot *self,
/* Parse it */
g_autoptr(GVariant) target = NULL;
g_autofree char **kargs = NULL;
g_autofree char **overlay_initrds = NULL;
g_variant_dict_lookup (staged_deployment_dict, "target", "@a{sv}", &target);
g_variant_dict_lookup (staged_deployment_dict, "kargs", "^a&s", &kargs);
g_variant_dict_lookup (staged_deployment_dict, "overlay-initrds", "^a&s", &overlay_initrds);
if (target)
{
g_autoptr(OstreeDeployment) staged =
@ -979,6 +1000,8 @@ _ostree_sysroot_reload_staged (OstreeSysroot *self,
if (!load_origin (self, staged, NULL, error))
return FALSE;
_ostree_deployment_set_overlay_initrds (staged, overlay_initrds);
self->staged_deployment = g_steal_pointer (&staged);
self->staged_deployment_data = g_steal_pointer (&staged_deployment_data);
/* We set this flag for ostree_deployment_is_staged() because that API

38
src/libostree/ostree-sysroot.h
View File

@ -186,6 +186,21 @@ gboolean ostree_sysroot_write_deployments_with_options (OstreeSysroot *self,
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_sysroot_stage_overlay_initrd (OstreeSysroot *self,
int fd,
char **out_checksum,
GCancellable *cancellable,
GError **error);
typedef struct {
gboolean unused_bools[8];
int unused_ints[8];
char **override_kernel_argv;
char **overlay_initrds;
gpointer unused_ptrs[6];
} OstreeSysrootDeployTreeOpts;
_OSTREE_PUBLIC
gboolean ostree_sysroot_deploy_tree (OstreeSysroot *self,
const char *osname,
@ -197,6 +212,17 @@ gboolean ostree_sysroot_deploy_tree (OstreeSysroot *self,
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_sysroot_deploy_tree_with_options (OstreeSysroot *self,
const char *osname,
const char *revision,
GKeyFile *origin,
OstreeDeployment *provided_merge_deployment,
OstreeSysrootDeployTreeOpts *opts,
OstreeDeployment **out_new_deployment,
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_sysroot_stage_tree (OstreeSysroot *self,
const char *osname,
@ -208,6 +234,18 @@ gboolean ostree_sysroot_stage_tree (OstreeSysroot *self,
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_sysroot_stage_tree_with_options (OstreeSysroot *self,
const char *osname,
const char *revision,
GKeyFile *origin,
OstreeDeployment *merge_deployment,
OstreeSysrootDeployTreeOpts *opts,
OstreeDeployment **out_new_deployment,
GCancellable *cancellable,
GError **error);
_OSTREE_PUBLIC
gboolean ostree_sysroot_deployment_set_mutable (OstreeSysroot *self,
OstreeDeployment *deployment,

6
src/libostree/ostree-version.h
View File

@ -43,7 +43,7 @@
*
* Since: 2017.4
*/
#define OSTREE_RELEASE_VERSION (6)
#define OSTREE_RELEASE_VERSION (7)
/**
* OSTREE_VERSION
@ -52,7 +52,7 @@
*
* Since: 2017.4
*/
#define OSTREE_VERSION (2020.6)
#define OSTREE_VERSION (2020.7)
/**
* OSTREE_VERSION_S:
@ -62,7 +62,7 @@
*
* Since: 2017.4
*/
#define OSTREE_VERSION_S "2020.6"
#define OSTREE_VERSION_S "2020.7"
#define OSTREE_ENCODE_VERSION(year,release) \
((year) << 16 | (release))

10
src/libotutil/ot-checksum-utils.c
View File

@ -275,3 +275,13 @@ ot_checksum_file_at (int dfd,
ot_checksum_get_hexdigest (&checksum, hexdigest, sizeof (hexdigest));
return g_strdup (hexdigest);
}
void
ot_checksum_bytes (GBytes *data,
guint8 out_digest[_OSTREE_SHA256_DIGEST_LEN])
{
g_auto(OtChecksum) hasher = { 0, };
ot_checksum_init (&hasher);
ot_checksum_update_bytes (&hasher, data);
ot_checksum_get_digest (&hasher, out_digest, _OSTREE_SHA256_DIGEST_LEN);
}

3
src/libotutil/ot-checksum-utils.h
View File

@ -96,4 +96,7 @@ char * ot_checksum_file_at (int dfd,
GCancellable *cancellable,
GError **error);
void ot_checksum_bytes (GBytes *data,
guint8 out_digest[_OSTREE_SHA256_DIGEST_LEN]);
G_END_DECLS

25
src/libotutil/otutil.h
View File

@ -52,6 +52,31 @@
#define ot_journal_print(...) {}
#endif
typedef GMainContext GMainContextPopDefault;
static inline void
_ostree_main_context_pop_default_destroy (void *p)
{
GMainContext *main_context = p;
if (main_context)
{
g_main_context_pop_thread_default (main_context);
g_main_context_unref (main_context);
}
}
static inline GMainContextPopDefault *
_ostree_main_context_new_default (void)
{
GMainContext *main_context = g_main_context_new ();
g_main_context_push_thread_default (main_context);
return main_context;
}
G_DEFINE_AUTOPTR_CLEANUP_FUNC (GMainContextPopDefault, _ostree_main_context_pop_default_destroy)
#include <ot-keyfile-utils.h>
#include <ot-gio-utils.h>
#include <ot-fs-utils.h>

64
src/ostree/ot-admin-builtin-deploy.c
View File

@ -44,6 +44,7 @@ static gboolean opt_kernel_proc_cmdline;
static char *opt_osname;
static char *opt_origin_path;
static gboolean opt_kernel_arg_none;
static char **opt_overlay_initrds;
static GOptionEntry options[] = {
{ "os", 0, 0, G_OPTION_ARG_STRING, &opt_osname, "Use a different operating system root than the current one", "OSNAME" },
@ -59,6 +60,7 @@ static GOptionEntry options[] = {
{ "karg", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_kernel_argv, "Set kernel argument, like root=/dev/sda1; this overrides any earlier argument with the same name", "NAME=VALUE" },
{ "karg-append", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_kernel_argv_append, "Append kernel argument; useful with e.g. console= that can be used multiple times", "NAME=VALUE" },
{ "karg-none", 0, 0, G_OPTION_ARG_NONE, &opt_kernel_arg_none, "Do not import kernel arguments", NULL },
{ "overlay-initrd", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_overlay_initrds, "Overlay iniramfs file", "FILE" },
{ NULL }
};
@ -167,24 +169,76 @@ ot_admin_builtin_deploy (int argc, char **argv, OstreeCommandInvocation *invocat
ostree_kernel_args_append_argv (kargs, opt_kernel_argv_append);
}
g_autoptr(OstreeDeployment) new_deployment = NULL;
g_autoptr(GPtrArray) overlay_initrd_chksums = NULL;
for (char **it = opt_overlay_initrds; it && *it; it++)
{
const char *path = *it;
glnx_autofd int fd = -1;
if (!glnx_openat_rdonly (AT_FDCWD, path, TRUE, &fd, error))
return FALSE;
g_autofree char *chksum = NULL;
if (!ostree_sysroot_stage_overlay_initrd (sysroot, fd, &chksum, cancellable, error))
return FALSE;
if (!overlay_initrd_chksums)
overlay_initrd_chksums = g_ptr_array_new_full (g_strv_length (opt_overlay_initrds), g_free);
g_ptr_array_add (overlay_initrd_chksums, g_steal_pointer (&chksum));
}
if (overlay_initrd_chksums)
g_ptr_array_add (overlay_initrd_chksums, NULL);
g_auto(GStrv) kargs_strv = kargs ? ostree_kernel_args_to_strv (kargs) : NULL;
OstreeSysrootDeployTreeOpts opts = {
.override_kernel_argv = kargs_strv,
.overlay_initrds = overlay_initrd_chksums ? (char**)overlay_initrd_chksums->pdata : NULL,
};
g_autoptr(OstreeDeployment) new_deployment = NULL;
if (opt_stage)
{
if (opt_retain_pending || opt_retain_rollback)
return glnx_throw (error, "--stage cannot currently be combined with --retain arguments");
if (opt_not_as_default)
return glnx_throw (error, "--stage cannot currently be combined with --not-as-default");
if (!ostree_sysroot_stage_tree (sysroot, opt_osname, revision, origin, merge_deployment,
kargs_strv, &new_deployment, cancellable, error))
/* use old API if we can to exercise it in CI */
if (!overlay_initrd_chksums)
{
if (!ostree_sysroot_stage_tree (sysroot, opt_osname, revision, origin,
merge_deployment, kargs_strv, &new_deployment,
cancellable, error))
return FALSE;
}
else
{
if (!ostree_sysroot_stage_tree_with_options (sysroot, opt_osname, revision,
origin, merge_deployment, &opts,
&new_deployment, cancellable, error))
return FALSE;
}
g_assert (new_deployment);
}
else
{
if (!ostree_sysroot_deploy_tree (sysroot, opt_osname, revision, origin, merge_deployment,
kargs_strv, &new_deployment, cancellable, error))
/* use old API if we can to exercise it in CI */
if (!overlay_initrd_chksums)
{
if (!ostree_sysroot_deploy_tree (sysroot, opt_osname, revision, origin,
merge_deployment, kargs_strv, &new_deployment,
cancellable, error))
return FALSE;
}
else
{
if (!ostree_sysroot_deploy_tree_with_options (sysroot, opt_osname, revision,
origin, merge_deployment, &opts,
&new_deployment, cancellable,
error))
return FALSE;
}
g_assert (new_deployment);
OstreeSysrootSimpleWriteDeploymentFlags flags = OSTREE_SYSROOT_SIMPLE_WRITE_DEPLOYMENT_FLAGS_NO_CLEAN;

6
src/ostree/ot-admin-builtin-set-origin.c
View File

@ -95,7 +95,7 @@ ot_admin_builtin_set_origin (int argc, char **argv, OstreeCommandInvocation *inv
{ char **iter;
g_autoptr(GVariantBuilder) optbuilder =
g_variant_builder_new (G_VARIANT_TYPE ("a{sv}"));
g_autoptr(GVariant) options = NULL;
g_autoptr(GVariant) remote_options = NULL;
for (iter = opt_set; iter && *iter; iter++)
{
@ -110,12 +110,12 @@ ot_admin_builtin_set_origin (int argc, char **argv, OstreeCommandInvocation *inv
subkey, g_variant_new_variant (g_variant_new_string (subvalue)));
}
options = g_variant_ref_sink (g_variant_builder_end (optbuilder));
remote_options = g_variant_ref_sink (g_variant_builder_end (optbuilder));
if (!ostree_repo_remote_change (repo, NULL,
OSTREE_REPO_REMOTE_CHANGE_ADD_IF_NOT_EXISTS,
remotename, url,
options,
remote_options,
cancellable, error))
goto out;
}

34
src/ostree/ot-builtin-checkout.c
View File

@ -84,7 +84,7 @@ static GOptionEntry options[] = {
{ "from-file", 0, 0, G_OPTION_ARG_STRING, &opt_from_file, "Process many checkouts from input file", "FILE" },
{ "fsync", 0, 0, G_OPTION_ARG_CALLBACK, parse_fsync_cb, "Specify how to invoke fsync()", "POLICY" },
{ "require-hardlinks", 'H', 0, G_OPTION_ARG_NONE, &opt_require_hardlinks, "Do not fall back to full copies if hardlinking fails", NULL },
{ "force-copy-zerosized", 'z', 0, G_OPTION_ARG_NONE, &opt_force_copy_zerosized, "Do not hardlink zero-sized files", NULL },
{ "force-copy-zerosized", 'z', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_NONE, &opt_force_copy_zerosized, "Do not hardlink zero-sized files", NULL },
{ "force-copy", 'C', 0, G_OPTION_ARG_NONE, &opt_force_copy, "Never hardlink (but may reflink if available)", NULL },
{ "bareuseronly-dirs", 'M', 0, G_OPTION_ARG_NONE, &opt_bareuseronly_dirs, "Suppress mode bits outside of 0775 for directories (suid, world writable, etc.)", NULL },
{ "skip-list", 0, 0, G_OPTION_ARG_FILENAME, &opt_skiplist_file, "File containing list of files to skip", "FILE" },
@ -135,14 +135,14 @@ process_one_checkout (OstreeRepo *repo,
opt_bareuseronly_dirs || opt_union_identical ||
opt_skiplist_file || opt_selinux_policy || opt_selinux_prefix)
{
OstreeRepoCheckoutAtOptions options = { 0, };
OstreeRepoCheckoutAtOptions checkout_options = { 0, };
/* do this early so option checking also catches force copy conflicts */
if (opt_selinux_policy)
opt_force_copy = TRUE;
if (opt_user_mode)
options.mode = OSTREE_REPO_CHECKOUT_MODE_USER;
checkout_options.mode = OSTREE_REPO_CHECKOUT_MODE_USER;
/* Can't union these */
if (opt_union && opt_union_add)
{
@ -173,9 +173,9 @@ process_one_checkout (OstreeRepo *repo,
goto out;
}
else if (opt_union)
options.overwrite_mode = OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_FILES;
checkout_options.overwrite_mode = OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_FILES;
else if (opt_union_add)
options.overwrite_mode = OSTREE_REPO_CHECKOUT_OVERWRITE_ADD_FILES;
checkout_options.overwrite_mode = OSTREE_REPO_CHECKOUT_OVERWRITE_ADD_FILES;
else if (opt_union_identical)
{
if (!opt_require_hardlinks)
@ -184,12 +184,12 @@ process_one_checkout (OstreeRepo *repo,
"--union-identical requires --require-hardlinks");
goto out;
}
options.overwrite_mode = OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_IDENTICAL;
checkout_options.overwrite_mode = OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_IDENTICAL;
}
if (opt_whiteouts)
options.process_whiteouts = TRUE;
checkout_options.process_whiteouts = TRUE;
if (subpath)
options.subpath = subpath;
checkout_options.subpath = subpath;
g_autoptr(OstreeSePolicy) policy = NULL;
if (opt_selinux_policy)
@ -203,8 +203,8 @@ process_one_checkout (OstreeRepo *repo,
policy = ostree_sepolicy_new_at (rootfs_dfd, cancellable, error);
if (!policy)
goto out;
options.sepolicy = policy;
options.sepolicy_prefix = opt_selinux_prefix;
checkout_options.sepolicy = policy;
checkout_options.sepolicy_prefix = opt_selinux_prefix;
}
g_autoptr(GHashTable) skip_list =
@ -214,16 +214,16 @@ process_one_checkout (OstreeRepo *repo,
if (!ot_parse_file_by_line (opt_skiplist_file, handle_skiplist_line, skip_list,
cancellable, error))
goto out;
options.filter = checkout_filter;
options.filter_user_data = skip_list;
checkout_options.filter = checkout_filter;
checkout_options.filter_user_data = skip_list;
}
options.no_copy_fallback = opt_require_hardlinks;
options.force_copy = opt_force_copy;
options.force_copy_zerosized = opt_force_copy_zerosized;
options.bareuseronly_dirs = opt_bareuseronly_dirs;
checkout_options.no_copy_fallback = opt_require_hardlinks;
checkout_options.force_copy = opt_force_copy;
checkout_options.force_copy_zerosized = opt_force_copy_zerosized;
checkout_options.bareuseronly_dirs = opt_bareuseronly_dirs;
if (!ostree_repo_checkout_at (repo, &options,
if (!ostree_repo_checkout_at (repo, &checkout_options,
AT_FDCWD, destination,
resolved_commit,
cancellable, error))

6
src/ostree/ot-builtin-commit.c
View File

@ -614,10 +614,10 @@ ostree_builtin_commit (int argc, char **argv, OstreeCommandInvocation *invocatio
if (opt_base)
{
g_autofree char *base_commit = NULL;
g_autoptr(GFile) root = NULL;
if (!ostree_repo_read_commit (repo, opt_base, &root, &base_commit, cancellable, error))
g_autoptr(GFile) base_root = NULL;
if (!ostree_repo_read_commit (repo, opt_base, &base_root, &base_commit, cancellable, error))
goto out;
OstreeRepoFile *rootf = (OstreeRepoFile*) root;
OstreeRepoFile *rootf = (OstreeRepoFile*) base_root;
mtree = ostree_mutable_tree_new_from_checksum (repo,
ostree_repo_file_tree_get_contents_checksum (rootf),

8
src/ostree/ot-builtin-config.c
View File

@ -134,7 +134,7 @@ ostree_builtin_config (int argc, char **argv, OstreeCommandInvocation *invocatio
else if (!strcmp (op, "get"))
{
GKeyFile *readonly_config = NULL;
g_autofree char *value = NULL;
g_autofree char *read_value = NULL;
if (opt_group)
{
if (argc < 3)
@ -160,11 +160,11 @@ ostree_builtin_config (int argc, char **argv, OstreeCommandInvocation *invocatio
}
readonly_config = ostree_repo_get_config (repo);
value = g_key_file_get_string (readonly_config, section, key, error);
if (value == NULL)
read_value = g_key_file_get_string (readonly_config, section, key, error);
if (read_value == NULL)
return FALSE;
g_print ("%s\n", value);
g_print ("%s\n", read_value);
}
else if (!strcmp (op, "unset"))
{

5
src/ostree/ot-builtin-gpg-sign.c
View File

@ -171,9 +171,8 @@ delete_signatures (OstreeRepo *repo,
while (!g_queue_is_empty (&signatures))
{
GVariant *child = g_queue_pop_head (&signatures);
g_variant_builder_add_value (&signature_builder, child);
g_variant_unref (child);
g_autoptr(GVariant) sigchild = g_queue_pop_head (&signatures);
g_variant_builder_add_value (&signature_builder, sigchild);
}
g_variant_dict_insert_value (&metadata_dict,

6
src/ostree/ot-builtin-pull.c
View File

@ -271,7 +271,7 @@ ostree_builtin_pull (int argc, char **argv, OstreeCommandInvocation *invocation,
{
GVariantBuilder builder;
g_autoptr(GVariant) options = NULL;
g_autoptr(GVariant) pull_options = NULL;
g_auto(GLnxConsoleRef) console = { 0, };
g_variant_builder_init (&builder, G_VARIANT_TYPE ("a{sv}"));
@ -378,9 +378,9 @@ ostree_builtin_pull (int argc, char **argv, OstreeCommandInvocation *invocation,
#endif /* OSTREE_DISABLE_GPGME */
}
options = g_variant_ref_sink (g_variant_builder_end (&builder));
pull_options = g_variant_ref_sink (g_variant_builder_end (&builder));
if (!ostree_repo_pull_with_options (repo, remote, options,
if (!ostree_repo_pull_with_options (repo, remote, pull_options,
progress, cancellable, error))
goto out;

6
src/ostree/ot-builtin-sign.c
View File

@ -167,7 +167,7 @@ ostree_builtin_sign (int argc, char **argv, OstreeCommandInvocation *invocation,
if ((n_key_ids == 0) || opt_filename)
{
g_autoptr (GVariantBuilder) builder = NULL;
g_autoptr (GVariant) options = NULL;
g_autoptr (GVariant) sign_options = NULL;
builder = g_variant_builder_new (G_VARIANT_TYPE ("a{sv}"));
/* Use custom directory with public and revoked keys instead of system-wide directories */
@ -176,9 +176,9 @@ ostree_builtin_sign (int argc, char **argv, OstreeCommandInvocation *invocation,
/* The last chance for verification source -- system files */
if (opt_filename)
g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (opt_filename));
options = g_variant_builder_end (builder);
sign_options = g_variant_builder_end (builder);
if (!ostree_sign_load_pk (sign, options, error))
if (!ostree_sign_load_pk (sign, sign_options, error))
goto out;
if (ostree_sign_commit_verify (sign,

194
src/ostree/ot-builtin-static-delta.c
View File

@ -40,6 +40,10 @@ static gboolean opt_swap_endianness;
static gboolean opt_inline;
static gboolean opt_disable_bsdiff;
static gboolean opt_if_not_exists;
static char **opt_key_ids;
static char *opt_sign_name;
static char *opt_keysfilename;
static char *opt_keysdir;
#define BUILTINPROTO(name) static gboolean ot_static_delta_builtin_ ## name (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
@ -48,6 +52,7 @@ BUILTINPROTO(show);
BUILTINPROTO(delete);
BUILTINPROTO(generate);
BUILTINPROTO(apply_offline);
BUILTINPROTO(verify);
#undef BUILTINPROTO
@ -67,6 +72,9 @@ static OstreeCommand static_delta_subcommands[] = {
{ "apply-offline", OSTREE_BUILTIN_FLAG_NONE,
ot_static_delta_builtin_apply_offline,
"Apply static delta file" },
{ "verify", OSTREE_BUILTIN_FLAG_NONE,
ot_static_delta_builtin_verify,
"Verify static delta signatures" },
{ NULL, 0, NULL, NULL }
};
@ -88,10 +96,20 @@ static GOptionEntry generate_options[] = {
{ "max-bsdiff-size", 0, 0, G_OPTION_ARG_STRING, &opt_max_bsdiff_size, "Maximum size in megabytes to consider bsdiff compression for input files", NULL},
{ "max-chunk-size", 0, 0, G_OPTION_ARG_STRING, &opt_max_chunk_size, "Maximum size of delta chunks in megabytes", NULL},
{ "filename", 0, 0, G_OPTION_ARG_FILENAME, &opt_filename, "Write the delta content to PATH (a directory). If not specified, the OSTree repository is used", "PATH"},
{ "sign", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_key_ids, "Sign the delta with", "KEY_ID"},
{ "sign-type", 0, 0, G_OPTION_ARG_STRING, &opt_sign_name, "Signature type to use (defaults to 'ed25519')", "NAME"},
#if defined(HAVE_LIBSODIUM)
{ "keys-file", 0, 0, G_OPTION_ARG_STRING, &opt_keysfilename, "Read key(s) from file", "NAME"},
#endif
{ NULL }
};
static GOptionEntry apply_offline_options[] = {
{ "sign-type", 0, 0, G_OPTION_ARG_STRING, &opt_sign_name, "Signature type to use (defaults to 'ed25519')", "NAME"},
#if defined(HAVE_LIBSODIUM)
{ "keys-file", 0, 0, G_OPTION_ARG_STRING, &opt_keysfilename, "Read key(s) from file", "NAME"},
{ "keys-dir", 0, 0, G_OPTION_ARG_STRING, &opt_keysdir, "Redefine system-wide directories with public and revoked keys for verification", "NAME"},
#endif
{ NULL }
};
@ -99,6 +117,15 @@ static GOptionEntry list_options[] = {
{ NULL }
};
static GOptionEntry verify_options[] = {
{ "sign-type", 0, 0, G_OPTION_ARG_STRING, &opt_sign_name, "Signature type to use (defaults to 'ed25519')", "NAME"},
#if defined(HAVE_LIBSODIUM)
{ "keys-file", 0, 0, G_OPTION_ARG_STRING, &opt_keysfilename, "Read key(s) from file", "NAME"},
{ "keys-dir", 0, 0, G_OPTION_ARG_STRING, &opt_keysdir, "Redefine system-wide directories with public and revoked keys for verification", "NAME"},
#endif
{ NULL }
};
static void
static_delta_usage (char **argv,
gboolean is_error)
@ -326,6 +353,60 @@ ot_static_delta_builtin_generate (int argc, char **argv, OstreeCommandInvocation
if (opt_endianness || opt_swap_endianness)
g_variant_builder_add (parambuilder, "{sv}", "endianness", g_variant_new_uint32 (endianness));
if (opt_key_ids || opt_keysfilename)
{
g_autoptr(GPtrArray) key_ids = g_ptr_array_new ();
for (char **iter = opt_key_ids; iter != NULL && *iter != NULL; ++iter)
g_ptr_array_add (key_ids, *iter);
if (opt_keysfilename)
{
g_autoptr (GFile) keyfile = NULL;
g_autoptr (GFileInputStream) key_stream_in = NULL;
g_autoptr (GDataInputStream) key_data_in = NULL;
if (!g_file_test (opt_keysfilename, G_FILE_TEST_IS_REGULAR))
{
g_warning ("Can't open file '%s' with keys", opt_keysfilename);
return glnx_throw (error, "File object '%s' is not a regular file", opt_keysfilename);
}
keyfile = g_file_new_for_path (opt_keysfilename);
key_stream_in = g_file_read (keyfile, NULL, error);
if (key_stream_in == NULL)
return FALSE;
key_data_in = g_data_input_stream_new (G_INPUT_STREAM(key_stream_in));
g_assert (key_data_in != NULL);
/* Use simple file format with just a list of base64 public keys per line */
while (TRUE)
{
gsize len = 0;
g_autofree char *line = g_data_input_stream_read_line (key_data_in, &len, NULL, error);
g_autoptr (GVariant) sk = NULL;
if (*error != NULL)
return FALSE;
if (line == NULL)
break;
// Pass the key as a string
g_ptr_array_add (key_ids, g_strdup (line));
}
}
g_autoptr(GVariant) key_ids_v = g_variant_new_strv ((const char *const *)key_ids->pdata,
key_ids->len);
g_variant_builder_add (parambuilder, "{s@v}", "sign-key-ids",
g_variant_new_variant (g_steal_pointer (&key_ids_v)));
}
opt_sign_name = opt_sign_name ?: OSTREE_SIGN_NAME_ED25519;
g_variant_builder_add (parambuilder, "{sv}", "sign-name",
g_variant_new_bytestring (opt_sign_name));
g_print ("Generating static delta:\n");
g_print (" From: %s\n", from_resolved ? from_resolved : "empty");
g_print (" To: %s\n", to_resolved);
@ -347,6 +428,9 @@ ot_static_delta_builtin_apply_offline (int argc, char **argv, OstreeCommandInvoc
{
g_autoptr(GOptionContext) context = NULL;
g_autoptr(OstreeRepo) repo = NULL;
g_autoptr (OstreeSign) sign = NULL;
char **key_ids;
int n_key_ids;
context = g_option_context_new ("");
if (!ostree_option_context_parse (context, apply_offline_options, &argc, &argv, invocation, &repo, cancellable, error))
@ -362,13 +446,59 @@ ot_static_delta_builtin_apply_offline (int argc, char **argv, OstreeCommandInvoc
return FALSE;
}
#if defined(HAVE_LIBSODIUM)
/* Initialize crypto system */
opt_sign_name = opt_sign_name ?: OSTREE_SIGN_NAME_ED25519;
#endif
if (opt_sign_name)
{
sign = ostree_sign_get_by_name (opt_sign_name, error);
if (!sign)
return glnx_throw (error, "Signing type %s is not supported", opt_sign_name);
key_ids = argv + 3;
n_key_ids = argc - 3;
for (int i = 0; i < n_key_ids; i++)
{
g_autoptr (GVariant) pk = g_variant_new_string(key_ids[i]);
if (!ostree_sign_add_pk(sign, pk, error))
return FALSE;
}
if ((n_key_ids == 0) || opt_keysfilename)
{
g_autoptr (GVariantBuilder) builder = g_variant_builder_new (G_VARIANT_TYPE ("a{sv}"));
g_autoptr (GVariant) options = NULL;
/* Use custom directory with public and revoked keys instead of system-wide directories */
if (opt_keysdir)
g_variant_builder_add (builder, "{sv}", "basedir", g_variant_new_string (opt_keysdir));
/* The last chance for verification source -- system files */
if (opt_keysfilename)
g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (opt_keysfilename));
options = g_variant_builder_end (builder);
if (!ostree_sign_load_pk (sign, options, error))
{
/* If it fails to load system default public keys, consider there no signature engine */
if (!opt_keysdir && !opt_keysfilename)
{
g_clear_error(error);
g_clear_object(&sign);
}
else
return FALSE;
}
}
}
const char *patharg = argv[2];
g_autoptr(GFile) path = g_file_new_for_path (patharg);
if (!ostree_repo_prepare_transaction (repo, NULL, cancellable, error))
return FALSE;
if (!ostree_repo_static_delta_execute_offline (repo, path, FALSE, cancellable, error))
if (!ostree_repo_static_delta_execute_offline_with_signature (repo, path, sign, FALSE, cancellable, error))
return FALSE;
if (!ostree_repo_commit_transaction (repo, NULL, cancellable, error))
@ -377,6 +507,68 @@ ot_static_delta_builtin_apply_offline (int argc, char **argv, OstreeCommandInvoc
return TRUE;
}
static gboolean
ot_static_delta_builtin_verify (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
{
g_autoptr (GOptionContext) context = g_option_context_new ("STATIC-DELTA-FILE [KEY-ID...]");
g_autoptr (OstreeRepo) repo = NULL;
gboolean verified;
char **key_ids;
int n_key_ids;
if (!ostree_option_context_parse (context, verify_options, &argc, &argv, invocation, &repo, cancellable, error))
return FALSE;
if (argc < 3)
{
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"DELTA must be specified");
return FALSE;
}
opt_sign_name = opt_sign_name ?: OSTREE_SIGN_NAME_ED25519;
const char *delta_id = argv[2];
g_autoptr (OstreeSign) sign = ostree_sign_get_by_name (opt_sign_name, error);
if (!sign)
{
g_print("Sign-type not supported\n");
return FALSE;
}
key_ids = argv + 3;
n_key_ids = argc - 3;
for (int i = 0; i < n_key_ids; i++)
{
g_autoptr (GVariant) pk = g_variant_new_string(key_ids[i]);
if (!ostree_sign_add_pk(sign, pk, error))
return FALSE;
}
if ((n_key_ids == 0) || opt_keysfilename)
{
g_autoptr (GVariantBuilder) builder = NULL;
g_autoptr (GVariant) options = NULL;
builder = g_variant_builder_new (G_VARIANT_TYPE ("a{sv}"));
/* Use custom directory with public and revoked keys instead of system-wide directories */
if (opt_keysdir)
g_variant_builder_add (builder, "{sv}", "basedir", g_variant_new_string (opt_keysdir));
/* The last chance for verification source -- system files */
if (opt_keysfilename)
g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (opt_keysfilename));
options = g_variant_builder_end (builder);
if (!ostree_sign_load_pk (sign, options, error))
return FALSE;
}
verified = ostree_repo_static_delta_verify_signature (repo, delta_id, sign, NULL, error);
g_print ("Verification %s\n", verified ? "OK" : "fails");
return verified;
}
gboolean
ostree_builtin_static_delta (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
{

21
src/ostree/ot-dump.c
View File

@ -322,10 +322,11 @@ ot_dump_summary_bytes (GBytes *summary_bytes,
collection_map = g_variant_lookup_value (exts, OSTREE_SUMMARY_COLLECTION_MAP, G_VARIANT_TYPE ("a{sa(s(taya{sv}))}"));
if (collection_map != NULL)
{
g_autoptr(GVariant) collection_refs = NULL;
g_variant_iter_init (&iter, collection_map);
while (g_variant_iter_loop (&iter, "{&s@a(s(taya{sv}))}", &collection_id, &refs))
dump_summary_refs (collection_id, refs);
while (g_variant_iter_loop (&iter, "{&s@a(s(taya{sv}))}", &collection_id, &collection_refs))
dump_summary_refs (collection_id, collection_refs);
}
/* Print out the additional metadata. */
@ -361,6 +362,22 @@ ot_dump_summary_bytes (GBytes *summary_bytes,
pretty_key = "Collection Map";
value_str = g_strdup ("(printed above)");
}
else if (g_strcmp0 (key, OSTREE_SUMMARY_MODE) == 0)
{
OstreeRepoMode repo_mode;
const char *repo_mode_str = g_variant_get_string (value, NULL);
pretty_key = "Repository Mode";
if (!ostree_repo_mode_from_string (repo_mode_str, &repo_mode, NULL))
value_str = g_strdup_printf ("Invalid (%s)", repo_mode_str);
else
value_str = g_strdup (repo_mode_str);
}
else if (g_strcmp0 (key, OSTREE_SUMMARY_TOMBSTONE_COMMITS) == 0)
{
pretty_key = "Has Tombstone Commits";
value_str = g_strdup (g_variant_get_boolean (value) ? "Yes" : "No");
}
else
{
value_str = g_variant_print (value, FALSE);

3
src/ostree/ot-remote-builtin-add.c
View File

@ -104,7 +104,6 @@ ot_remote_builtin_add (int argc, char **argv, OstreeCommandInvocation *invocatio
g_autoptr(GString) sign_verify = NULL;
const char *remote_name;
const char *remote_url;
char **iter;
g_autoptr(GVariantBuilder) optbuilder = NULL;
g_autoptr(GVariant) options = NULL;
gboolean ret = FALSE;
@ -161,7 +160,7 @@ ot_remote_builtin_add (int argc, char **argv, OstreeCommandInvocation *invocatio
g_variant_builder_add (optbuilder, "{s@v}",
"contenturl", g_variant_new_variant (g_variant_new_string (opt_contenturl)));
for (iter = opt_set; iter && *iter; iter++)
for (char **iter = opt_set; iter && *iter; iter++)
{
const char *keyvalue = *iter;
g_autofree char *subkey = NULL;

12
tests/basic-test.sh
View File

@ -750,15 +750,17 @@ rm files -rf && mkdir files
touch files/anemptyfile
touch files/anotheremptyfile
$CMD_PREFIX ostree --repo=repo commit --consume -b tree-with-empty-files --tree=dir=files
$CMD_PREFIX ostree --repo=repo checkout ${CHECKOUT_H_ARGS} tree-with-empty-files tree-with-empty-files
if files_are_hardlinked tree-with-empty-files/an{,other}emptyfile; then
fatal "--force-copy-zerosized failed"
fi
# And pass the now-defunct -z option to validate it does nothing
rm tree-with-empty-files -rf
$CMD_PREFIX ostree --repo=repo checkout ${CHECKOUT_H_ARGS} -z tree-with-empty-files tree-with-empty-files
if files_are_hardlinked tree-with-empty-files/an{,other}emptyfile; then
fatal "--force-copy-zerosized failed"
fi
rm tree-with-empty-files -rf
$CMD_PREFIX ostree --repo=repo checkout ${CHECKOUT_H_ARGS} tree-with-empty-files tree-with-empty-files
assert_files_hardlinked tree-with-empty-files/an{,other}emptyfile
rm tree-with-empty-files -rf
echo "ok checkout --force-copy-zerosized"
echo "ok checkout zero sized files are not hardlinked"
# These should merge, they're identical
$CMD_PREFIX ostree --repo=repo checkout ${CHECKOUT_H_ARGS} --union-identical -z tree-with-empty-files tree-with-empty-files

6
tests/libtest.sh
View File

@ -700,6 +700,12 @@ has_sign_ed25519 () {
return ${ret}
}
skip_without_sign_ed25519() {
if ! has_sign_ed25519; then
skip "no ed25519 support compiled in"
fi
}
# Keys for ed25519 signing tests
ED25519PUBLIC=
ED25519SEED=

8
tests/repo-finder-mount.c
View File

@ -93,16 +93,16 @@ main (int argc, char **argv)
g_ptr_array_add (refs, NULL); /* NULL terminator */
g_autoptr(GAsyncResult) result = NULL;
g_autoptr(GAsyncResult) async_result = NULL;
ostree_repo_finder_resolve_async (OSTREE_REPO_FINDER (finder),
(const OstreeCollectionRef * const *) refs->pdata,
parent_repo, NULL, result_cb, &result);
parent_repo, NULL, result_cb, &async_result);
while (result == NULL)
while (async_result == NULL)
g_main_context_iteration (context, TRUE);
g_autoptr(GPtrArray) results = ostree_repo_finder_resolve_finish (OSTREE_REPO_FINDER (finder),
result, &error);
async_result, &error);
g_assert_no_error (error);
/* Check that the results are correct: the invalid refs should have been

2
tests/test-basic-user.sh
View File

@ -75,6 +75,8 @@ $OSTREE fsck
rm test2-checkout -rf
$OSTREE checkout -U -H test2-unreadable test2-checkout
assert_file_has_mode test2-checkout/unreadable 400
# Should not be hardlinked
assert_streq $(stat -c "%h" test2-checkout/unreadable) 1
echo "ok bare-user handled unreadable file"
cd ${test_tmpdir}

322
tests/test-delta-ed25519.sh Executable file
View File

@ -0,0 +1,322 @@
#!/bin/bash
#
# Copyright (C) 2011,2013 Colin Walters <walters@verbum.org>
#
# SPDX-License-Identifier: LGPL-2.0+
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
set -euo pipefail
. $(dirname $0)/libtest.sh
skip_without_user_xattrs
skip_without_sign_ed25519
bindatafiles="bash true ostree"
echo '1..12'
mkdir repo
ostree_repo_init repo --mode=archive
mkdir files
for bin in ${bindatafiles}; do
cp $(which ${bin}) files
done
${CMD_PREFIX} ostree --repo=repo commit -b test -s test --tree=dir=files
function permuteFile() {
permutation=$(($1 % 2))
output=$2
case $permutation in
0) dd if=/dev/zero count=40 bs=1 >> $output;;
1) echo aheader | cat - $output >> $output.new && mv $output.new $output;;
esac
}
function permuteDirectory() {
permutation=$1
dir=$2
for x in ${dir}/*; do
for z in $(seq ${permutation}); do
permuteFile ${z} ${x}
done
done
}
get_assert_one_direntry_matching() {
local path=$1
local r=$2
local child=""
local bn
for p in ${path}/*; do
bn=$(basename $p)
if ! echo ${bn} | grep -q "$r"; then
continue
fi
if test -z "${child}"; then
child=${bn}
else
assert_not_reached "Expected only one child matching ${r} in ${path}";
fi
done
if test -z "${child}"; then
assert_not_reached "Failed to find child matching ${r}"
fi
echo ${child}
}
origrev=$(${CMD_PREFIX} ostree --repo=repo rev-parse test)
permuteDirectory 1 files
${CMD_PREFIX} ostree --repo=repo commit -b test -s test --tree=dir=files
newrev=$(${CMD_PREFIX} ostree --repo=repo rev-parse test)
# Test ostree sign with 'ed25519' module
gen_ed25519_keys
PUBLIC=${ED25519PUBLIC}
SEED=${ED25519SEED}
SECRET=${ED25519SECRET}
WRONG_PUBLIC="$(gen_ed25519_random_public)"
SECRETKEYS="$(mktemp -p ${test_tmpdir} ed25519_XXXXXX.ed25519)"
echo ${SECRET} > ${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --sign=${SECRET}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" > show-ed25519-key-signed-1.txt
assert_file_has_content show-ed25519-key-signed-1.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" "${WRONG_PUBLIC}" > show-ed25519-key-signed-2.txt
assert_file_has_content show-ed25519-key-signed-2.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" "${PUBLIC}" > show-ed25519-key-signed-3.txt
assert_file_has_content show-ed25519-key-signed-3.txt "Verification OK"
deltaprefix=$(get_assert_one_direntry_matching repo/deltas '.')
deltadir=$(get_assert_one_direntry_matching repo/deltas/${deltaprefix} '-')
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --sign=${SECRET}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" > show-ed25519-key-inline-signed-1.txt
assert_file_has_content show-ed25519-key-inline-signed-1.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" "${WRONG_PUBLIC}" > show-ed25519-key-inline-signed-2.txt
assert_file_has_content show-ed25519-key-inline-signed-2.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" "${PUBLIC}" > show-ed25519-key-inline-signed-3.txt
assert_file_has_content show-ed25519-key-inline-signed-3.txt "Verification OK"
echo 'ok verified with ed25519 (sign - key)'
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" > show-ed25519-keyfile-signed-1.txt
assert_file_has_content show-ed25519-keyfile-signed-1.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" "${WRONG_PUBLIC}" > show-ed25519-keyfile-signed-2.txt
assert_file_has_content show-ed25519-keyfile-signed-2.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" "${PUBLIC}" > show-ed25519-keyfile-signed-3.txt
assert_file_has_content show-ed25519-keyfile-signed-3.txt "Verification OK"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" > show-ed25519-keyfile-inline-signed-1.txt
assert_file_has_content show-ed25519-keyfile-inline-signed-1.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" "${WRONG_PUBLIC}" > show-ed25519-keyfile-inline-signed-2.txt
assert_file_has_content show-ed25519-keyfile-inline-signed-2.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" "${PUBLIC}" > show-ed25519-keyfile-inline-signed-3.txt
assert_file_has_content show-ed25519-keyfile-inline-signed-3.txt "Verification OK"
echo 'ok verified with ed25519 (keyfile - key)'
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --sign=${SECRET}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" > show-ed25519-key-bad-signed.txt && exit 1
assert_file_has_content show-ed25519-key-bad-signed.txt "Verification fails"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --sign=${SECRET}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" > show-ed25519-key-bad-inline-signed.txt && exit 1
assert_file_has_content show-ed25519-key-bad-inline-signed.txt "Verification fails"
echo 'ok Verification fails with ed25519 (sign - bad key)'
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" > show-ed25519-keyfile-bad-signed.txt && exit 1
assert_file_has_content show-ed25519-keyfile-bad-signed.txt "Verification fails"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" > show-ed25519-keyfile-bad-inline-signed.txt && exit 1
assert_file_has_content show-ed25519-keyfile-bad-inline-signed.txt "Verification fails"
echo 'ok Verification fails with ed25519 (keyfile - bad key)'
# Prepare files with public ed25519 signatures
PUBKEYS="$(mktemp -p ${test_tmpdir} ed25519_XXXXXX.ed25519)"
for((i=0;i<100;i++)); do
# Generate a list with some public signatures
gen_ed25519_random_public
done > ${PUBKEYS}
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --sign=${SECRET}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-file-bad-signed-1.txt && exit 1
assert_file_has_content show-ed25519-file-bad-signed-1.txt "Verification fails"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-file-bad-signed-2.txt && exit 1
assert_file_has_content show-ed25519-file-bad-signed-2.txt "Verification fails"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --sign=${SECRET}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-file-inline-bad-signed-1.txt && exit 1
assert_file_has_content show-ed25519-file-inline-bad-signed-1.txt "Verification fails"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-file-inline-bad-signed-2.txt && exit 1
assert_file_has_content show-ed25519-file-inline-bad-signed-2.txt "Verification fails"
echo 'ok Verification fails with ed25519 (sign - bad keys)'
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-file-bad-signed-3.txt && exit 1
assert_file_has_content show-ed25519-file-bad-signed-3.txt "Verification fails"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-file-bad-signed-4.txt && exit 1
assert_file_has_content show-ed25519-file-bad-signed-4.txt "Verification fails"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-file-inline-bad-signed-3.txt && exit 1
assert_file_has_content show-ed25519-file-inline-bad-signed-3.txt "Verification fails"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-file-inline-bad-signed-4.txt && exit 1
assert_file_has_content show-ed25519-file-inline-bad-signed-4.txt "Verification fails"
echo 'ok Verification fails with ed25519 (keyfile - bad keys)'
# Add correct key into the list
echo ${PUBLIC} >> ${PUBKEYS}
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --sign=${SECRET}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-file-signed-1.txt
assert_file_has_content show-ed25519-file-signed-1.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-file-signed-2.txt
assert_file_has_content show-ed25519-file-signed-2.txt "Verification OK"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --sign=${SECRET}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-file-inline-signed-1.txt
assert_file_has_content show-ed25519-file-inline-signed-1.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-file-inline-signed-2.txt
assert_file_has_content show-ed25519-file-inline-signed-2.txt "Verification OK"
echo 'ok verified with ed25519 (sign - file)'
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-file-signed-3.txt
assert_file_has_content show-ed25519-file-signed-3.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-file-signed-4.txt
assert_file_has_content show-ed25519-file-signed-4.txt "Verification OK"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-file-inline-signed-3.txt
assert_file_has_content show-ed25519-file-inline-signed-3.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-file-inline-signed-4.txt
assert_file_has_content show-ed25519-file-inline-signed-4.txt "Verification OK"
echo 'ok verified with ed25519 (keyfile - file)'
# Test ostree sign with multiple 'ed25519' keys
gen_ed25519_keys
PUBLIC2=${ED25519PUBLIC}
SEED2=${ED25519SEED}
SECRET2=${ED25519SECRET}
echo ${SECRET2} >> ${SECRETKEYS}
echo ${PUBLIC2} >> ${PUBKEYS}
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" > show-ed25519-multiplekeys-signed-1.txt
assert_file_has_content show-ed25519-multiplekeys-signed-1.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC2}" > show-ed25519-multiplekeys-signed-2.txt
assert_file_has_content show-ed25519-multiplekeys-signed-2.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" > show-ed25519-multiplekeys-bad-signed.txt && exit 1
assert_file_has_content show-ed25519-multiplekeys-bad-signed.txt "Verification fails"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-multiplekeys-signed-3.txt
assert_file_has_content show-ed25519-multiplekeys-signed-3.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-multiplekeys-signed-4.txt
assert_file_has_content show-ed25519-multiplekeys-signed-4.txt "Verification OK"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC}" > show-ed25519-multiplekeys-inline-signed-1.txt
assert_file_has_content show-ed25519-multiplekeys-inline-signed-1.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${PUBLIC2}" > show-ed25519-multiplekeys-inline-signed-2.txt
assert_file_has_content show-ed25519-multiplekeys-inline-signed-2.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} "${WRONG_PUBLIC}" > show-ed25519-multiplekeys-bad-inline-signed.txt && exit 1
assert_file_has_content show-ed25519-multiplekeys-bad-inline-signed.txt "Verification fails"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=ed25519 --keys-file=${SECRETKEYS}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} > show-ed25519-multiplekeys-inline-signed-3.txt
assert_file_has_content show-ed25519-multiplekeys-inline-signed-3.txt "Verification OK"
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=ed25519 ${origrev}-${newrev} --keys-file=${PUBKEYS} "${WRONG_PUBLIC}" > show-ed25519-multiplekeys-inline-signed-4.txt
assert_file_has_content show-ed25519-multiplekeys-inline-signed-4.txt "Verification OK"
echo 'ok verified with ed25519 (multiple keys)'
rm -rf repo2
ostree_repo_init repo2 --mode=bare-user
${CMD_PREFIX} ostree --repo=repo2 pull-local repo ${origrev}
${CMD_PREFIX} ostree --repo=repo2 ls ${origrev} >/dev/null
${CMD_PREFIX} ostree --repo=repo2 static-delta apply-offline --sign-type=ed25519 --keys-file=${PUBKEYS} repo/deltas/${deltaprefix}/${deltadir}
${CMD_PREFIX} ostree --repo=repo2 fsck
${CMD_PREFIX} ostree --repo=repo2 ls ${newrev} >/dev/null
echo 'ok apply offline with ed25519 (keyfile)'
mkdir -p ${test_tmpdir}/{trusted,revoked}.ed25519.d
rm -rf repo2
ostree_repo_init repo2 --mode=bare-user
echo ${PUBLIC} > ${test_tmpdir}/trusted.ed25519.d/correct
${CMD_PREFIX} ostree --repo=repo2 pull-local repo ${origrev}
${CMD_PREFIX} ostree --repo=repo2 ls ${origrev} >/dev/null
${CMD_PREFIX} ostree --repo=repo2 static-delta apply-offline --keys-dir=${test_tmpdir} repo/deltas/${deltaprefix}/${deltadir}
${CMD_PREFIX} ostree --repo=repo2 fsck
${CMD_PREFIX} ostree --repo=repo2 ls ${newrev} >/dev/null
echo 'ok apply offline with ed25519 (keydir)'
rm -rf repo2
ostree_repo_init repo2 --mode=bare-user
echo ${PUBLIC} > ${test_tmpdir}/revoked.ed25519.d/correct
${CMD_PREFIX} ostree --repo=repo2 pull-local repo ${origrev}
${CMD_PREFIX} ostree --repo=repo2 ls ${origrev} >/dev/null
if ${CMD_PREFIX} ostree --repo=repo2 static-delta apply-offline --keys-dir=${test_tmpdir} repo/deltas/${deltaprefix}/${deltadir}; then
exit 1
fi
rm -rf ${test_tmpdir}/{trusted,revoked}.ed25519.d
echo 'ok apply offline with ed25519 revoking key mechanism (keydir)'

174
tests/test-delta-sign.sh Executable file
View File

@ -0,0 +1,174 @@
#!/bin/bash
#
# Copyright (C) 2011,2013 Colin Walters <walters@verbum.org>
#
# SPDX-License-Identifier: LGPL-2.0+
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
set -euo pipefail
. $(dirname $0)/libtest.sh
skip_without_user_xattrs
bindatafiles="bash true ostree"
echo '1..7'
# This is explicitly opt in for testing
export OSTREE_DUMMY_SIGN_ENABLED=1
mkdir repo
ostree_repo_init repo --mode=archive
mkdir files
for bin in ${bindatafiles}; do
cp $(which ${bin}) files
done
${CMD_PREFIX} ostree --repo=repo commit -b test -s test --tree=dir=files
function permuteFile() {
permutation=$(($1 % 2))
output=$2
case $permutation in
0) dd if=/dev/zero count=40 bs=1 >> $output;;
1) echo aheader | cat - $output >> $output.new && mv $output.new $output;;
esac
}
function permuteDirectory() {
permutation=$1
dir=$2
for x in ${dir}/*; do
for z in $(seq ${permutation}); do
permuteFile ${z} ${x}
done
done
}
get_assert_one_direntry_matching() {
local path=$1
local r=$2
local child=""
local bn
for p in ${path}/*; do
bn=$(basename $p)
if ! echo ${bn} | grep -q "$r"; then
continue
fi
if test -z "${child}"; then
child=${bn}
else
assert_not_reached "Expected only one child matching ${r} in ${path}";
fi
done
if test -z "${child}"; then
assert_not_reached "Failed to find child matching ${r}"
fi
echo ${child}
}
origrev=$(${CMD_PREFIX} ostree --repo=repo rev-parse test)
permuteDirectory 1 files
${CMD_PREFIX} ostree --repo=repo commit -b test -s test --tree=dir=files
newrev=$(${CMD_PREFIX} ostree --repo=repo rev-parse test)
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev}
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} dummysign > show-not-signed.txt 2>&1 && exit 1
assert_file_has_content show-not-signed.txt "Verification fails"
assert_file_has_content show-not-signed.txt "no signatures in static-delta"
deltaprefix=$(get_assert_one_direntry_matching repo/deltas '.')
deltadir=$(get_assert_one_direntry_matching repo/deltas/${deltaprefix} '-')
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} dummysign > show-inline-not-signed.txt 2>&1 && exit 1
assert_file_has_content show-not-signed.txt "Verification fails"
assert_file_has_content show-not-signed.txt "no signatures in static-delta"
echo 'ok verify ok with unsigned deltas'
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=dummy --sign=dummysign
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} dummysign > show-dummy-signed.txt
assert_file_has_content show-dummy-signed.txt "Verification OK"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=dummy --sign=dummysign
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} dummysign > show-dummy-inline-signed.txt
assert_file_has_content show-dummy-inline-signed.txt "Verification OK"
echo 'ok verified with dummy'
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=dummy --sign=dummysign
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} badsign > show-dummy-bad-signed.txt && exit 1
assert_file_has_content show-dummy-bad-signed.txt "Verification fails"
rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=dummy --sign=dummysign
${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} badsign > show-dummy-bad-inline-signed.txt && exit 1
assert_file_has_content show-dummy-bad-inline-signed.txt "Verification fails"
echo 'ok verification failed with dummy and bad key'
rm -rf repo2
ostree_repo_init repo2 --mode=bare-user
${CMD_PREFIX} ostree --repo=repo2 pull-local repo ${origrev}
${CMD_PREFIX} ostree --repo=repo2 ls ${origrev} >/dev/null
${CMD_PREFIX} ostree --repo=repo2 static-delta apply-offline repo/deltas/${deltaprefix}/${deltadir}
${CMD_PREFIX} ostree --repo=repo2 fsck
${CMD_PREFIX} ostree --repo=repo2 ls ${newrev} >/dev/null
echo 'ok apply offline with no signature verification and no key'
rm -rf repo2
ostree_repo_init repo2 --mode=bare-user
${CMD_PREFIX} ostree --repo=repo2 config set core.sign-verify-deltas true
${CMD_PREFIX} ostree --repo=repo2 pull-local repo ${origrev}
${CMD_PREFIX} ostree --repo=repo2 ls ${origrev} >/dev/null
${CMD_PREFIX} ostree --repo=repo2 static-delta apply-offline repo/deltas/${deltaprefix}/${deltadir} 2> apply-offline-verification-no-key.txt && exit 1
assert_file_has_content apply-offline-verification-no-key.txt "Key is mandatory to check delta signature"
echo 'ok apply offline failed with signature verification forced and no key'
rm -rf repo2
ostree_repo_init repo2 --mode=bare-user
${CMD_PREFIX} ostree --repo=repo2 pull-local repo ${origrev}
${CMD_PREFIX} ostree --repo=repo2 ls ${origrev} >/dev/null
${CMD_PREFIX} ostree --repo=repo2 static-delta apply-offline --sign-type=dummy repo/deltas/${deltaprefix}/${deltadir} dummysign
${CMD_PREFIX} ostree --repo=repo2 fsck
${CMD_PREFIX} ostree --repo=repo2 ls ${newrev} >/dev/null
echo 'ok apply offline with dummy'
rm -rf repo2
ostree_repo_init repo2 --mode=bare-user
${CMD_PREFIX} ostree --repo=repo2 pull-local repo ${origrev}
${CMD_PREFIX} ostree --repo=repo2 ls ${origrev} >/dev/null
${CMD_PREFIX} ostree --repo=repo2 static-delta apply-offline --sign-type=dummy repo/deltas/${deltaprefix}/${deltadir} badsign 2> apply-offline-bad-key.txt && exit 1
assert_file_has_content apply-offline-bad-key.txt "signature: dummy: incorrect signature"
echo 'ok apply offline failed with dummy and bad key'

18
tests/test-libarchive.sh
View File

@ -37,7 +37,7 @@ mkdir foo
cd foo
mkdir -p usr/bin usr/lib
echo contents > usr/bin/foo
touch usr/bin/foo0
echo foo0 > usr/bin/foo0
ln usr/bin/foo usr/bin/bar
ln usr/bin/foo0 usr/bin/bar0
ln -s foo usr/bin/sl
@ -45,8 +45,8 @@ mkdir -p usr/local/bin
ln usr/bin/foo usr/local/bin/baz
ln usr/bin/foo0 usr/local/bin/baz0
ln usr/bin/sl usr/local/bin/slhl
touch usr/bin/setuidme
touch usr/bin/skipme
echo setuidme > usr/bin/setuidme
echo skipme > usr/bin/skipme
echo "a library" > usr/lib/libfoo.so
echo "another library" > usr/lib/libbar.so
@ -102,9 +102,9 @@ assert_valid_content () {
assert_file_has_content usr/bin/foo contents
assert_file_has_content usr/bin/bar contents
assert_file_has_content usr/local/bin/baz contents
assert_file_empty usr/bin/foo0
assert_file_empty usr/bin/bar0
assert_file_empty usr/local/bin/baz0
assert_file_has_content usr/bin/foo0 foo0
assert_file_has_content usr/bin/bar0 foo0
assert_file_has_content usr/local/bin/baz0 foo0
assert_file_has_content usr/lib/libfoo.so 'a library'
assert_file_has_content usr/lib/libbar.so 'another library'
@ -244,7 +244,7 @@ ${CMD_PREFIX} ostree --repo=repo2 commit \
--generate-sizes \
--tree=tar=foo.tar.gz
${CMD_PREFIX} ostree --repo=repo2 show --print-sizes test-tar > sizes.txt
assert_file_has_content sizes.txt 'Compressed size (needed/total): 0[  ]bytes/1.1[  ]kB'
assert_file_has_content sizes.txt 'Unpacked size (needed/total): 0[  ]bytes/900[  ]bytes'
assert_file_has_content sizes.txt 'Number of objects (needed/total): 0/12'
assert_file_has_content sizes.txt 'Compressed size (needed/total): 0[  ]bytes/1.2[  ]kB'
assert_file_has_content sizes.txt 'Unpacked size (needed/total): 0[  ]bytes/921[  ]bytes'
assert_file_has_content sizes.txt 'Number of objects (needed/total): 0/14'
echo "ok tar sizes metadata"

62
tests/test-osupdate-dtb.sh Executable file
View File

@ -0,0 +1,62 @@
#!/bin/bash
#
# Copyright (C) 2020 Red Hat, Inc.
#
# SPDX-License-Identifier: LGPL-2.0+
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
set -euo pipefail
. $(dirname $0)/libtest.sh
echo "1..1"
# Exports OSTREE_SYSROOT so --sysroot not needed.
kver="3.6.0"
modulesdir="usr/lib/modules/${kver}"
setup_os_repository "archive" "syslinux" ${modulesdir}
cd ${test_tmpdir}
os_repository_new_commit "test" "test with device tree directory"
devicetree_path=osdata/${modulesdir}/dtb/asoc-board.dtb
devicetree_overlay_path=osdata/${modulesdir}/dtb/overlays/overlay.dtbo
mkdir -p osdata/${modulesdir}/dtb
echo "a device tree" > ${devicetree_path}
mkdir -p osdata/${modulesdir}/dtb/overlays
echo "a device tree overlay" > ${devicetree_overlay_path}
${CMD_PREFIX} ostree --repo=testos-repo commit --tree=dir=osdata/ -b testos/buildmaster/x86_64-runtime
${CMD_PREFIX} ostree --repo=sysroot/ostree/repo pull-local --remote=testos testos-repo testos/buildmaster/x86_64-runtime
${CMD_PREFIX} ostree --repo=sysroot/ostree/repo remote add --set=gpg-verify=false testos file://$(pwd)/testos-repo testos/buildmaster/x86_64-runtime
${CMD_PREFIX} env OSTREE_SYSROOT_DEBUG=${OSTREE_SYSROOT_DEBUG},no-dtb ostree admin deploy --os=testos testos:testos/buildmaster/x86_64-runtime
assert_has_file sysroot/boot/ostree/testos-${bootcsum}/vmlinuz-3.6.0
assert_not_has_file sysroot/boot/ostree/testos-${bootcsum}/dtb/asoc-board.dtb 'a device tree'
assert_streq $(ls sysroot/boot/ostree | wc -l) 1
assert_streq $(find sysroot/boot/ostree -name '*.dtb' | wc -l) 0
${CMD_PREFIX} ostree --repo=testos-repo commit --tree=dir=osdata/ -b testos/buildmaster/x86_64-runtime
env OSTREE_SYSROOT_DEBUG=${OSTREE_SYSROOT_DEBUG},no-dtb ${CMD_PREFIX} ostree admin upgrade --os=testos
${CMD_PREFIX} ostree --repo=testos-repo commit --tree=dir=osdata/ -b testos/buildmaster/x86_64-runtime
${CMD_PREFIX} ostree admin upgrade --os=testos
assert_streq $(ls sysroot/boot/ostree | wc -l) 2
# Note that the bootcsum computed by the test suite doesn't include devicetree
# And currently we end up installing the dtb for the *previous* deployment
# too which is a bug - in the future this should be fixed to assert 1.
assert_streq $(find sysroot/boot/ostree -name '*.dtb' | wc -l) 2
echo "ok update with no dtb to dtb"

8
tests/test-repo-finder-config.c
View File

@ -230,7 +230,7 @@ test_repo_finder_config_mixed_configs (Fixture *fixture,
{
g_autoptr(OstreeRepoFinderConfig) finder = NULL;
g_autoptr(GMainContext) context = NULL;
g_autoptr(GAsyncResult) result = NULL;
g_autoptr(GAsyncResult) async_result = NULL;
g_autoptr(GPtrArray) results = NULL; /* (element-type OstreeRepoFinderResult) */
g_autoptr(GError) error = NULL;
gsize i;
@ -266,13 +266,13 @@ test_repo_finder_config_mixed_configs (Fixture *fixture,
/* Resolve the refs. */
ostree_repo_finder_resolve_async (OSTREE_REPO_FINDER (finder), refs,
fixture->parent_repo, NULL, result_cb, &result);
fixture->parent_repo, NULL, result_cb, &async_result);
while (result == NULL)
while (async_result == NULL)
g_main_context_iteration (context, TRUE);
results = ostree_repo_finder_resolve_finish (OSTREE_REPO_FINDER (finder),
result, &error);
async_result, &error);
g_assert_no_error (error);
g_assert_nonnull (results);
g_assert_cmpuint (results->len, ==, 3);

16
tests/test-repo-finder-mount.c
View File

@ -317,7 +317,7 @@ test_repo_finder_mount_mixed_mounts (Fixture *fixture,
g_autoptr(OstreeRepoFinderMount) finder = NULL;
g_autoptr(GVolumeMonitor) monitor = NULL;
g_autoptr(GMainContext) context = NULL;
g_autoptr(GAsyncResult) result = NULL;
g_autoptr(GAsyncResult) async_result = NULL;
g_autoptr(GPtrArray) results = NULL; /* (element-type OstreeRepoFinderResult) */
g_autoptr(GError) error = NULL;
g_autoptr(GList) mounts = NULL; /* (element-type OstreeMockMount) */
@ -395,13 +395,13 @@ test_repo_finder_mount_mixed_mounts (Fixture *fixture,
/* Resolve the refs. */
ostree_repo_finder_resolve_async (OSTREE_REPO_FINDER (finder), refs,
fixture->parent_repo,
NULL, result_cb, &result);
NULL, result_cb, &async_result);
while (result == NULL)
while (async_result == NULL)
g_main_context_iteration (context, TRUE);
results = ostree_repo_finder_resolve_finish (OSTREE_REPO_FINDER (finder),
result, &error);
async_result, &error);
g_assert_no_error (error);
g_assert_nonnull (results);
g_assert_cmpuint (results->len, ==, 4);
@ -466,7 +466,7 @@ test_repo_finder_mount_well_known (Fixture *fixture,
g_autoptr(OstreeRepoFinderMount) finder = NULL;
g_autoptr(GVolumeMonitor) monitor = NULL;
g_autoptr(GMainContext) context = NULL;
g_autoptr(GAsyncResult) result = NULL;
g_autoptr(GAsyncResult) async_result = NULL;
g_autoptr(GPtrArray) results = NULL; /* (element-type OstreeRepoFinderResult) */
g_autoptr(GError) error = NULL;
g_autoptr(GList) mounts = NULL; /* (element-type OstreeMockMount) */
@ -507,13 +507,13 @@ test_repo_finder_mount_well_known (Fixture *fixture,
/* Resolve the refs. */
ostree_repo_finder_resolve_async (OSTREE_REPO_FINDER (finder), refs,
fixture->parent_repo,
NULL, result_cb, &result);
NULL, result_cb, &async_result);
while (result == NULL)
while (async_result == NULL)
g_main_context_iteration (context, TRUE);
results = ostree_repo_finder_resolve_finish (OSTREE_REPO_FINDER (finder),
result, &error);
async_result, &error);
g_assert_no_error (error);
g_assert_nonnull (results);
g_assert_cmpuint (results->len, ==, 2);

2
tests/test-summary-view.sh
View File

@ -64,5 +64,5 @@ echo "ok view summary"
${OSTREE} summary --raw > raw-summary.txt
assert_file_has_content_literal raw-summary.txt "('main', ("
assert_file_has_content_literal raw-summary.txt "('other', ("
assert_file_has_content_literal raw-summary.txt "{'ostree.summary.last-modified': <uint64"
assert_file_has_content_literal raw-summary.txt "'ostree.summary.last-modified': <uint64"
echo "ok view summary raw"

2
tests/test-symbols.sh
View File

@ -66,7 +66,7 @@ echo 'ok documented symbols'
# ONLY update this checksum in release commits!
cat > released-sha256.txt <<EOF
1f83814b9a785f9f612ee8f707dadb86d0dcbdc22603937575b7beefb26b50cc ${released_syms}
540ee37ff081a8649fd1b1fa3cf1b80f7b8abb01f6ba71eead0b3b828d6cb696 ${released_syms}
EOF
sha256sum -c released-sha256.txt